[CODE] 2008-12-02,15:37:27 SysLog Scanner 1.0 - build 20080726 Arswp (http://www.arswp.com) Windows XP Professional Service Pack 2 (build 2600) - Administrators ======================================== Registries [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)NVIDIA Corporation, 6.14.10.9136, C:2008-06-23 11:56 M:2006-07-12 13:19] [N/A, C:2008-06-23 11:56 M:2006-07-12 13:19] [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)NVIDIA Corporation, 6.14.10.9136, C:2008-06-23 11:56 M:2006-07-12 13:19] <"C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /systrayIcon:on /fl:on /fr:on /appData:on> [HP, 2.2.170.0, C:2006-06-15 08:43 M:2006-06-15 08:43] [Hewlett-Packard Co., 50.0.146.000, C:2005-02-16 23:11 M:2005-02-16 23:11] [SigmaTel, Inc., 1.0.4991.0 nd444 cp1, C:2008-06-23 13:00 M:2006-03-20 16:00] <"D:\Rising\Rav\RavTask.exe" -system> [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.24, C:2008-06-23 14:40 M:2008-11-21 09:21] [] <"D:\Adobe\Reader 8.0\Reader\Reader_sl.exe"> [(Verified)Adobe Systems Incorporated, 8.0.0.0, C:2008-01-11 22:16 M:2008-01-11 22:16] <"C:\Program Files\Rising\AntiSpyware\rstray.exe" /startup> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.16, C:2008-08-06 08:54 M:2008-09-12 09:17] <"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -systray -startup> [(Verified)Google, 2.4.1368.5602.beta, C:2008-09-18 12:56 M:2008-10-18 13:15] <"E:\系统2005(V2.0)\PTransferTry.exe"> [中共中央组织部;北京万里红科技有限公司, 1.0.0.348, C:2008-01-11 15:00 M:2008-01-11 15:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] [(Verified)Beijing Rising Information Technology Co., Ltd., 19, 0, 0, 3, C:2008-06-23 14:40 M:2008-08-06 08:54] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29] [HKEY_CURRENT_USER\Control Panel\Desktop] [N/A, C:2005-11-04 19:49 M:2005-11-04 19:49] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{32CD708B-60A7-4C00-9377-D73EAA495F0F}> [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-06-23 14:40 M:2008-11-21 09:21] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Windows Live Search] <> [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&使用快车(FlashGet)下载] <> [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&使用快车(FlashGet)下载全部链接] <> [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\Add to Windows &Live Favorites] <> [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用WEB迅雷下载] <> [N/A, C:2008-07-01 17:40 M:2008-07-01 17:40] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用WEB迅雷下载全部链接] <> [N/A, C:2008-07-01 17:40 M:2008-07-01 17:40] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\导出到 Microsoft Office Excel(&X)] <> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)N/A, C:2004-08-17 12:00 M:2004-08-17 12:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)N/A, C:2004-08-17 12:00 M:2004-08-17 12:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)N/A, C:2006-11-02 23:38 M:2006-11-02 23:38] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] <> [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|Microsoft Corporation, 1.1.4322.573, C:2003-02-20 19:09 M:2003-02-20 19:09] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{962EFB8E-2683-42d4-AC74-AAA4C759B9C6}] <启动WEB迅雷> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\auto.exe] <> [N/A, C:1601-01-01 08:00 M:1601-01-01 08:00] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\HP Standard TCP/IP Port] [Hewlett Packard, 6.01.00.007, C:2005-06-21 09:26 M:2005-06-21 09:26] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] <><> [] ======================================== Startup Folders [.vbs] < C:\Documents and Settings\All Users\「开始」菜单\程序\启动\.vbs > [N/A, C:2008-11-19 17:20 M:2008-11-19 17:20] ======================================== Task [SogouImeMgr.job] "C:\PROGRA~1\SOGOUI~1\360~1.165\PinyinRepair.exe" /S > [(Verified)Sogou.com Inc., 3.6.0.1653, C:2008-09-17 10:07 M:2008-09-17 10:07] ======================================== Components ShellExecuteHook [ShlExecHack Class] {32CD708B-60A7-4C00-9377-D73EAA495F0F} [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-06-23 14:40 M:2008-11-21 09:21] Shell Extension [Display Panning CPL Extension] {42071714-76d4-11d1-8b24-00a0c9068ff3} [] [HyperTerminal Icon Ext] {88895560-9AA2-1069-930E-00AA0030EBC8} [(Verified)Hilgraeve, Inc., 5.1.2600.0, C:2006-08-28 12:17 M:2004-08-17 20:00] [NvCpl DesktopContext Class] {A70C977A-BF00-412C-90B7-034C51DA2439} [(Verified)NVIDIA Corporation, 6.14.10.9136, C:2008-06-23 11:56 M:2006-07-12 13:19] [Play on my TV helper] {FFB699E0-306A-11d3-8BD1-00104B6F7516} [(Verified)NVIDIA Corporation, 6.14.10.9136, C:2008-06-23 11:56 M:2006-07-12 13:19] [Desktop Explorer] {1CDB2949-8F65-4355-8456-263E7C208A5D} [N/A, C:2008-06-23 11:56 M:2006-07-12 13:19] [Desktop Explorer Menu] {1E9B04FB-F9E5-4718-997B-B8DA88302A47} [N/A, C:2008-06-23 11:56 M:2006-07-12 13:19] [nView Desktop Context Menu] {1E9B04FB-F9E5-4718-997B-B8DA88302A48} [N/A, C:2008-06-23 11:56 M:2006-07-12 13:19] [Fusion Cache] {1D2680C9-0E2A-469d-B787-065558BC7D43} [Microsoft Corporation, 1.1.4322.573, C:2003-02-20 19:06 M:2003-02-20 19:06] [RISING] {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-06-23 14:40 M:2008-11-21 09:21] [WinRAR shell extension] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2008-07-03 14:18 M:2007-09-23 18:59] Protocols [Cor MIME Filter, CorFltr, CorFltr 1] {1E66F26B-79EE-11D2-8710-00C04F79ED0D} [Microsoft Corporation, 1.1.4322.573, C:2003-02-20 19:06 M:2003-02-20 19:06] [] {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} [酷狗, 5.2.4.4, C:2008-09-18 12:56 M:2008-11-26 08:43] BrowserHelperObject [WebThunder Browser Helper] {00000AAA-A363-466E-BEF5-9BB68697AA7F} [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 75, C:2008-06-23 14:48 M:2008-07-01 17:40] [Adobe PDF Reader Link Helper] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [(Verified)Adobe Systems Incorporated, 8.0.0.2006102200, C:2006-10-22 23:08 M:2006-10-22 23:08] [BandIE Class] {77FEF28E-EB96-44FF-B511-3185DEA48697} [(Verified)Baidu.com, Inc., 2, 0, 2, 181, C:2008-06-23 15:18 M:2008-11-07 03:34] [卡卡上网安全助手] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-08-06 08:54 M:2008-08-06 08:54] [Google Toolbar Notifier BHO] {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [(Verified)Google Inc., 4, 1, 805, 4472, C:2008-10-18 13:15 M:2008-10-18 13:15] ToolBar [百度工具栏] {B580CF65-E151-49C3-B73F-70B13FCA8E86} [(Verified)Baidu.com, Inc., 2, 0, 2, 181, C:2008-06-23 15:18 M:2008-11-07 03:34] ActiveX Extension [WebThunder Browser Helper] {00000AAA-A363-466E-BEF5-9BB68697AA7F} [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 75, C:2008-06-23 14:48 M:2008-07-01 17:40] [Adobe PDF Reader Link Helper] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [(Verified)Adobe Systems Incorporated, 8.0.0.2006102200, C:2006-10-22 23:08 M:2006-10-22 23:08] [InstallHelper Class] {1DABF8D5-8430-4985-9B7F-A30E53D709B3} [Copyright (C) 2005 - 2007 TENCENT Inc. All Rights Reserved. 腾讯公司 版权所有 (C) 2005 - 2007, 6.10.3612.6, C:2008-01-07 17:34 M:2008-01-07 17:34] [iTrusPTA Class] {1E0DFFCF-27FF-4574-849B-55007349FEDA} [(Verified)Copyright 2001, 2, 5, 1, 509, C:2007-04-19 18:43 M:2008-07-14 09:42] [WebThunder DapPlayer] {2EEDA47E-8D5C-4d7e-B4B6-E16E19218555} [ShenZhen Thunder Networking Technologies Ltd., 3, 0, 5712, 71, C:2008-10-22 10:19 M:2008-07-01 17:40] [IndiDocX.ctlIndiDoc] {43B180A2-396A-45CE-86D1-9680E4A9952C} [北京慧点科技开发有限公司, 4.01.0012, C:2007-10-22 14:34 M:2007-10-22 14:34] [EditCtrl Class] {488A4255-3236-44B3-8F27-FA1AECAA8844} [(Verified)Copyright 2008, 2, 1, 2, 1, C:2008-06-30 14:41 M:2008-07-14 09:42] [XMP Class] {6483F145-A768-4C41-AACC-52D4D7845851} [Copyright XunLei 2007, 2, 1, 0, 64, C:2008-06-23 14:48 M:2008-07-01 17:40] [XDRM] {693571CB-54A3-4E90-9D52-EEAE1334E2D3} [Copyright XunLei 2007, 1, 0, 0, 7, C:2008-06-23 14:48 M:2008-07-01 17:40] [WangWangObj Class] {6E213FC7-DD5A-4115-B7E6-D4C7838C361E} [(Verified)阿里巴巴软件(上海)有限公司, 1, 0, 0, 5, C:2008-06-30 14:41 M:2008-03-18 12:14] [AxInputControl Class] {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} [Copyright 2003, 1, 0, 0, 12, C:2005-07-25 15:51 M:2005-07-25 15:51] [BandIE Class] {77FEF28E-EB96-44FF-B511-3185DEA48697} [(Verified)Baidu.com, Inc., 2, 0, 2, 181, C:2008-06-23 15:18 M:2008-11-07 03:34] [AxSubmitControl Class] {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} [Copyright 2003, 1, 0, 0, 5, C:2005-01-26 00:36 M:2005-01-26 00:36] [LiveMediaOcx Control] {9242BB35-0DB0-43AC-8DFC-8EA07E63B92A} [Tencent, 6.10.3612.6, C:2008-01-07 17:29 M:2008-01-07 17:29] [卡卡上网安全助手] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-08-06 08:54 M:2008-08-06 08:54] [VqqSpeedDlProxy Class] {9ADACAA6-533E-4383-AFA7-F0A66650B6D8} [Tencent Technology (Shenzhen) Company Limited, 3, 0, 0, 11, C:2007-09-06 15:16 M:2007-09-06 15:16] [DapCtrl Class] {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} [ShenZhen Thunder Networking Technologies Ltd., 2, 1, 5801, 53, C:2008-10-22 10:19 M:2008-07-01 17:40] [Google Toolbar Notifier BHO] {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [(Verified)Google Inc., 4, 1, 805, 4472, C:2008-10-18 13:15 M:2008-10-18 13:15] [百度工具栏] {B580CF65-E151-49C3-B73F-70B13FCA8E86} [(Verified)Baidu.com, Inc., 2, 0, 2, 181, C:2008-06-23 15:18 M:2008-11-07 03:34] [RealPlayer G2 Control] {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} [(Verified)RealNetworks, Inc., 6.0.9.2568, C:2006-10-18 23:05 M:2006-10-18 23:05] [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32] [PlayerCtrl Class] {E05BC2A3-9A46-4A32-80C9-023A473F5B23} [(Verified)深圳腾讯科技, 3, 1, 163, 202, C:2008-05-19 10:09 M:2008-05-19 10:09] [PasswordEditCtrl Class] {E787FD25-8D7C-4693-AE67-9406BC6E22DF} [(Verified)腾讯科技(深圳)有限公司, 1, 1, 0, 5, C:2008-01-07 17:08 M:2008-01-07 17:08] [XPPlayer Class] {F3E70CEA-956E-49CC-B444-73AFE593AD7F} [Thunder, 2, 0, 0, 164, C:2008-10-22 10:19 M:2008-07-01 17:40] Context Menu [RisingRavExt] {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-06-23 14:40 M:2008-11-21 09:21] [WinRAR] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2008-07-03 14:18 M:2007-09-23 18:59] ======================================== Services [ASP.NET State Service / aspnet_state][Stopped/Manual Start] <%SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe> [Microsoft Corporation, 1.1.4322.573, C:2003-02-20 19:19 M:2003-02-20 19:19] [Contrl Center of Storm Media / ccosm][Running/Auto Start] [(Verified)北京暴风网际科技有限公司, 3, 8, 10, 15, C:2007-11-12 11:47 M:2008-10-16 17:07] [Google Updater Service / gusvc][Running/Auto Start] <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"> [(Verified)Google, 2.4.1368.5602.beta, C:2008-09-18 12:56 M:2008-10-18 13:15] [NVIDIA Display Driver Service / NVSvc][Running/Auto Start] <%SystemRoot%\system32\nvsvc32.exe> [(Verified)NVIDIA Corporation, 6.14.10.9136, C:2008-06-23 11:56 M:2006-07-12 13:19] [Rising Process Communication Center / RsCCenter][Running/Auto Start] <"D:\Rising\Rav\CCenter.exe"> [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.33, C:2008-06-23 14:40 M:2008-11-21 09:21] [Rising RealTime Monitor / RsRavMon][Stopped/Auto Start] <"D:\RISING\RAV\Ravmond.exe"> [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.80, C:2008-06-23 14:40 M:2008-11-21 09:21] ======================================== Drivers [A320RAID / A320RAID][Stopped/Boot Start] [Adaptec, Inc., 3.00.00.63, C:2006-10-28 11:50 M:2005-10-25 01:29] [ADPU320 / ADPU320][Stopped/Boot Start] [Adaptec, Inc., 7.0.000.000 (NT.040809-2325), C:2006-10-28 11:50 M:2005-05-21 20:43] [ahci8086 / ahci8086][Running/Boot Start] [ATI Technologies Inc., 2.5.1540.28 built by: WinDDK, C:2006-10-28 11:50 M:2006-05-18 19:50] [AmdK8 Compatible Device / AmdK8][Stopped/Manual Start] [Advanced Micro Devices, 1.3.1 (dnsrv(wmbla).060510-1126), C:2006-10-28 11:50 M:2006-05-10 17:27] [BdGuard / BdGuard][Running/Boot Start] [Copyright (C) 2005, 1, 0, 12, 0, C:2008-06-23 15:27 M:2008-06-23 15:27] [CSB6IDE / CSB6IDE][Running/Boot Start] [ServerWorks Corporation, 1.00, C:2006-10-28 11:50 M:2002-06-27 17:26] [FASTTRAK / FASTTRAK][Running/Boot Start] [Promise Technology, Inc., 2.00.0.34, C:2006-10-28 11:50 M:2003-04-25 16:20] [FTSATA2 / FTSATA2][Running/Boot Start] [Promise Technology, Inc., 1.00.0.36, C:2006-10-28 11:50 M:2005-01-21 13:35] [IASTOR / IASTOR][Running/Boot Start] [Intel Corporation, 6.1.0.1002, C:2006-10-28 11:50 M:2006-06-14 13:56] [ITERAID / ITERAID][Stopped/Boot Start] [Integrated Technology Express, Inc., v1.7.1.91 built by: WinDDK, C:2006-10-28 11:50 M:2005-08-04 13:51] [JRAID / JRAID][Running/Boot Start] [JMicron Technology Corp., 5.1.2600.1040 built by: WinDDK, C:2006-10-28 11:50 M:2006-02-15 10:13] [M5228 / M5228][Stopped/Boot Start] [ALi Corporation., 5.028, C:2006-10-28 11:50 M:2004-09-14 14:58] [M5281 / M5281][Running/Boot Start] [ALi Corporation, 5.029, C:2006-10-28 11:50 M:2005-03-07 13:23] [M5289 / M5289][Running/Boot Start] [ULi Electronics Inc., 5.030, C:2006-10-28 11:50 M:2005-07-04 14:21] [npkcusb / npkcusb][Stopped/Manual Start] <\??\C:\WINDOWS\system32\npkcusb.sys> [] [NVATABUS / NVATABUS][Running/Boot Start] [NVIDIA Corporation, 5.10.2600.0654 built by: WinDDK, C:2006-10-28 11:50 M:2006-10-20 00:00] [NVRAID / NVRAID][Running/Boot Start] [NVIDIA Corporation, 5.10.2600.0622 built by: WinDDK, C:2006-10-28 11:50 M:2005-08-12 14:31] [SI3112R / SI3112R][Stopped/Boot Start] [Silicon Image, Inc, 1, 0, 56, 0, C:2006-10-28 11:50 M:2006-01-12 11:56] [SI3114R / SI3114R][Stopped/Boot Start] [Silicon Image, Inc, 1, 0, 15, 0, C:2006-10-28 11:50 M:2006-04-10 19:08] [SI3114R5 / SI3114R5][Stopped/Boot Start] [Silicon Image, Inc, 1, 4, 3, 0, C:2006-10-28 11:50 M:2006-01-12 11:36] [SI3124 / SI3124][Stopped/Boot Start] [Silicon Image, Inc., 1, 3, 17, 0, C:2006-10-28 11:50 M:2005-11-29 10:15] [SI3124R / SI3124R][Stopped/Boot Start] [Silicon Image, Inc, 1, 0, 0, 2, C:2006-10-28 11:50 M:2004-02-03 16:17] [SI3124R5 / SI3124R5][Stopped/Boot Start] [Silicon Image, Inc, 1, 4, 3, 0, C:2006-10-28 11:50 M:2006-01-12 11:38] [SI3132 / SI3132][Stopped/Boot Start] [Silicon Image, Inc., 1, 0, 15, 0, C:2006-10-28 11:50 M:2006-03-16 14:03] [SI3132R5 / SI3132R5][Stopped/Boot Start] [Silicon Image, Inc, 1, 4, 3, 0, C:2006-10-28 11:50 M:2006-01-12 11:41] [SISRAID2 / SISRAID2][Stopped/Boot Start] [Silicon Integrated Systems Corp, 2.03.00, C:2006-10-28 11:50 M:2005-01-11 17:58] [SYMMPI / SYMMPI][Stopped/Boot Start] [LSI Logic, 1.21.10.00 built by: WinDDK, C:2006-10-28 11:50 M:2005-12-07 18:04] [VIAMRAID / VIAMRAID][Stopped/Boot Start] [VIA Technologies inc,.ltd, 5.1.2600.310, C:2006-10-28 11:50 M:2004-05-18 16:55] [vmscsi / vmscsi][Stopped/Boot Start] [VMware, Inc., 1, 2, 0, 0, C:2006-10-28 11:50 M:2004-01-31 15:13] [Intel(R) PRO/1000 PCI Express Network Connection Driver / e1express][Running/Manual Start] [(Verified)Intel Corporation, 9.7.34.0 built by: WinDDK, C:2008-06-23 11:56 M:2007-02-01 11:37] [VIA Rhine Family Fast Ethernet Adapter Driver Service / FETNDISB][Stopped/Manual Start] [(Verified)VIA Technologies, Inc. , 3.13.00.0348, C:2006-05-29 23:18 M:2002-12-25 10:09] [Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start] [(Verified)Windows (R) Server 2003 DDK provider, 5.10.01.5013 built by: WinDDK, C:2005-01-07 17:07 M:2005-01-07 17:07] [HookCont / HookCont][Running/System Start] <\SystemRoot\system32\drivers\HookCont.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 7, C:2008-06-23 14:40 M:2008-11-21 09:21] [HookNtos / HookNtos][Running/System Start] <\SystemRoot\system32\drivers\HookNtos.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 52, C:2008-06-23 14:40 M:2008-11-21 09:21] [HookReg / HookReg][Running/System Start] <\SystemRoot\system32\drivers\HookReg.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 29, C:2008-06-23 14:40 M:2008-11-21 09:21] [HookSys / HookSys][Running/System Start] <\SystemRoot\system32\drivers\HookSys.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 55, C:2008-06-23 14:40 M:2008-11-21 09:21] [HPFXBULK / HPFXBULK][Running/Manual Start] [(Verified)Hewlett Packard, 1, 0, 0, 10, C:2006-06-12 18:36 M:2006-06-12 18:36] [nv / nv][Running/Manual Start] [(Verified)NVIDIA Corporation, 6.14.10.9136, C:2008-06-23 11:56 M:2006-07-12 13:19] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:2004-08-17 12:00 M:2004-08-17 12:00] [RsNTGDI / RsNTGDI][Running/Boot Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 3, C:2008-06-23 14:40 M:2008-11-21 09:22] [Secdrv / Secdrv][Stopped/Manual Start] [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:2004-08-17 12:00 M:2007-11-13 18:25] [SISRAID4 / SISRAID4][Stopped/Boot Start] [(Verified)Silicon Integrated Systems, 3.00.08 (NT.051206-1933), C:2006-10-28 11:50 M:2006-03-22 13:10] [SigmaTel High Definition Audio CODEC / STHDA][Running/Manual Start] [(Verified)SigmaTel, Inc., 5.10.4991.0 nd444 cp1, C:2008-06-23 12:59 M:2006-03-20 16:06] [sym_hi / sym_hi][Running/Boot Start] [(Verified)LSI Logic, 5.1.2462.0 (Lab01_N.010309-0027), C:2006-10-28 11:50 M:2001-08-17 14:07] [sym_u3 / sym_u3][Running/Boot Start] [(Verified)LSI Logic, 5.1.2462.0 (Lab01_N.010309-0027), C:2006-10-28 11:50 M:2001-08-17 14:07] [ULSATA / ULSATA][Running/Boot Start] [(Verified)Promise Technology, Inc., 1.1.0.31, C:2006-10-28 11:50 M:2006-10-04 14:53] [ULSATA2 / ULSATA2][Running/Boot Start] [(Verified)Promise Technology, Inc., 1.0.0.38, C:2006-10-28 11:50 M:2006-10-04 14:53] ======================================== Running Processes [PID: 588 / SYSTEM] \SystemRoot\System32\smss.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] [PID: 644 / SYSTEM] \??\C:\WINDOWS\system32\csrss.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] [PID: 676 / SYSTEM] \??\C:\WINDOWS\system32\winlogon.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32] [PID: 720 / SYSTEM] C:\WINDOWS\system32\services.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32] [PID: 732 / SYSTEM] C:\WINDOWS\system32\lsass.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32] [PID: 892 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32] [PID: 984 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32] [PID: 1080 / SYSTEM] D:\Rising\Rav\CCenter.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.33, C:2008-06-23 14:40 M:2008-11-21 09:21] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32] [PID: 1096 / SYSTEM] C:\WINDOWS\System32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\System32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32] [PID: 1180 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32] [PID: 1304 / LOCAL SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32] [PID: 1392 / SYSTEM] D:\RISING\RAV\ravmond.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.80, C:2008-06-23 14:40 M:2008-11-21 09:21] D:\RISING\RAV\BWList.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.5, C:2008-06-23 14:40 M:2008-11-21 09:21] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2008-06-23 14:40 M:2008-06-23 14:38] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2007-02-24 10:01 M:2007-02-24 10:01] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2007-02-24 10:01 M:2007-02-24 10:01] D:\RISING\RAV\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-06-23 14:40 M:2008-07-28 14:44] D:\RISING\RAV\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-06-23 14:40 M:2008-07-28 14:44] D:\RISING\RAV\RsLog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.36, C:2008-06-23 14:40 M:2008-11-21 09:23] D:\RISING\RAV\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-06-23 14:40 M:2008-11-21 09:21] D:\RISING\RAV\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-06-23 14:40 M:2008-11-21 09:21] D:\RISING\RAV\MonRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.29, C:2008-06-23 14:40 M:2008-11-21 09:21] D:\RISING\RAV\Hooksys.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 12, C:2008-06-23 14:40 M:2008-11-21 09:21] D:\RISING\RAV\HookReg.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6, C:2008-06-23 14:40 M:2008-11-21 09:21] D:\RISING\RAV\HookNtos.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5, C:2008-06-23 14:40 M:2008-11-21 09:21] D:\RISING\RAV\rswalmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 24, C:2008-06-23 14:40 M:2008-11-21 09:21] D:\RISING\RAV\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 41, C:2008-06-23 14:40 M:2008-09-06 09:30] D:\RISING\RAV\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18, C:2008-06-23 14:40 M:2008-07-28 14:44] D:\RISING\RAV\ffr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-06-23 14:40 M:2008-09-27 09:31] D:\Rising\Rav\RsStore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.9, C:2008-06-23 14:40 M:2008-11-21 09:22] D:\RISING\RAV\HookCont.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3, C:2008-06-23 14:40 M:2008-11-21 09:21] D:\Rising\Rav\fakescan.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.14, C:2008-06-23 14:40 M:2008-11-21 09:23] D:\Rising\Rav\Scanner.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.39, C:2008-06-23 14:40 M:2008-11-21 09:23] D:\RISING\RAV\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2008-06-23 14:40 M:2008-07-28 14:44] D:\RISING\RAV\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-06-23 14:40 M:2008-07-28 14:44] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32] D:\RISING\RAV\HookWeb.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.3, C:2008-06-23 14:40 M:2008-11-21 09:21] D:\RISING\RAV\extfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 32, C:2008-06-23 14:40 M:2008-07-28 14:44] D:\RISING\RAV\pearc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 8, C:2008-06-23 14:40 M:2008-07-28 14:44] D:\RISING\RAV\nvfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7, C:2008-06-23 14:40 M:2008-07-28 14:44] D:\RISING\RAV\scanexec.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 22, C:2008-06-23 14:40 M:2008-09-06 09:30] D:\RISING\RAV\unexe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 6, C:2008-06-23 14:40 M:2008-07-28 14:44] D:\RISING\RAV\scanex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 99, C:2008-06-23 14:40 M:2008-11-19 14:24] D:\RISING\RAV\scanpack.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10, C:2008-06-23 14:40 M:2008-07-28 14:44] D:\RISING\RAV\revm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11, C:2008-06-23 14:40 M:2008-07-28 14:44] D:\RISING\RAV\urutils.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7, C:2008-06-23 14:40 M:2008-07-28 14:44] D:\RISING\RAV\ur000.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 22, C:2008-06-23 14:40 M:2008-10-21 09:22] D:\RISING\RAV\scansct.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11, C:2008-06-23 14:40 M:2008-09-06 09:30] D:\RISING\RAV\scriptci.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 4, C:2008-06-23 14:40 M:2008-07-28 14:44] D:\RISING\RAV\ur023.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 3, C:2008-06-23 14:40 M:2008-07-28 14:44] D:\RISING\RAV\uroutine.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2008-06-23 14:40 M:2008-07-28 14:44] D:\RISING\RAV\ur001.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-06-23 14:40 M:2008-10-21 09:22] D:\RISING\RAV\extole.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 13, C:2008-06-23 14:40 M:2008-07-28 14:44] D:\RISING\RAV\extmail.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10, C:2008-06-23 14:40 M:2008-07-28 14:44] [PID: 1544 / SYSTEM] C:\WINDOWS\system32\spoolsv.exe [(Verified)Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519), C:2004-08-17 12:00 M:2005-06-11 07:53] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32] C:\WINDOWS\system32\HpTcpMon.dll [Hewlett Packard, 6.01.00.007, C:2005-06-21 09:26 M:2005-06-21 09:26] C:\WINDOWS\system32\hpzjrd01.dll [Hewlett Packard, 2.01.00.004, C:2005-08-12 08:40 M:2005-08-12 08:40] C:\WINDOWS\system32\HPTcpMUI.dll [Microsoft Corporation, 6.01.00.007, C:2005-06-21 09:29 M:2005-06-21 09:29] C:\WINDOWS\system32\hptcpmib.dll [Hewlett Packard, 6.01.00.007, C:2005-06-21 09:25 M:2005-06-21 09:25] C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpzpp43e.DLL [(Verified)Hewlett-Packard Corporation, 60.053.644.00, C:2008-06-23 12:35 M:2006-04-25 06:07] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\hpzst43e.dll [(Verified)Hewlett-Packard Corporation, 60.053.644.00, C:2008-06-23 12:35 M:2006-04-25 02:31] [PID: 1724 / SYSTEM] D:\RISING\RAV\RavStub.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.10, C:2008-06-23 14:40 M:2008-11-21 09:21] D:\RISING\RAV\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-06-23 14:40 M:2008-11-21 09:21] D:\RISING\RAV\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-06-23 14:40 M:2008-11-21 09:21] D:\RISING\RAV\RSCOMMON.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-06-23 14:40 M:2008-11-21 09:21] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32] [PID: 1928 / yuan] C:\WINDOWS\Explorer.EXE [(Verified)Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234), C:2004-08-17 12:00 M:2007-06-13 21:21] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-16 16:38] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS [Adobe Systems, Inc., 8.0.0.0, C:2006-11-17 00:37 M:2006-11-17 00:37] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll [Adobe Systems, Inc., 8.1.0.0, C:2007-05-10 22:54 M:2007-05-10 22:54] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\MSVCR80.dll [Microsoft Corporation, 8.00.50727.163, C:2006-06-05 14:14 M:2006-06-05 14:14] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-06-23 14:40 M:2008-11-21 09:21] d:\WinRAR\rarext.dll [N/A, C:2008-07-03 14:18 M:2007-09-23 18:59] D:\Rising\Rav\RSCOMMON.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-06-23 14:40 M:2008-11-21 09:21] C:\WINDOWS\system32\nvcpl.dll [(Verified)NVIDIA Corporation, 6.14.10.9136, C:2008-06-23 11:56 M:2006-07-12 13:19] C:\WINDOWS\system32\NVRSZHC.DLL [NVIDIA Corporation, 6.14.10.9136, C:2008-06-23 11:56 M:2006-07-12 13:19] C:\WINDOWS\system32\nvshell.dll [N/A, C:2008-06-23 11:56 M:2006-07-12 13:19] [PID: 2004 / SYSTEM] d:\StormII\stormliv.exe [(Verified)北京暴风网际科技有限公司, 3, 8, 10, 15, C:2007-11-12 11:47 M:2008-10-16 17:07] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32] d:\StormII\bfoptdll.dll [(Verified)北京暴风网际科技有限公司, 3, 8, 7, 16, C:2008-11-07 08:27 M:2008-08-01 20:11] d:\StormII\box\BoxLog.dll [(Verified)北京暴风网际科技有限公司, 3, 8, 11, 3, C:2008-11-07 08:27 M:2008-11-03 10:35] [PID: 256 / SYSTEM] C:\WINDOWS\system32\nvsvc32.exe [(Verified)NVIDIA Corporation, 6.14.10.9136, C:2008-06-23 11:56 M:2006-07-12 13:19] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32] [PID: 200 / yuan] C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe [HP, 2.2.170.0, C:2006-06-15 08:43 M:2006-06-15 08:43] C:\WINDOWS\system32\mscoree.dll [Microsoft Corporation, 1.1.4322.573, C:2003-02-20 19:06 M:2003-02-20 19:06] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll [Microsoft Corporation, 1.1.4322.573, C:2003-02-20 19:08 M:2003-02-20 19:08] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 04:42 M:2003-02-21 04:42] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll [Microsoft Corporation, 1.1.4322.573, C:2003-02-20 19:06 M:2003-02-20 19:06] c:\windows\microsoft.net\framework\v1.1.4322\mscorlib.dll [Microsoft Corporation, 1.1.4322.573, C:2003-02-21 07:26 M:2003-02-21 07:26] c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_b0e4ee37\mscorlib.dll [N/A, C:2008-06-23 12:34 M:2008-06-23 12:34] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll [Microsoft Corporation, 1.1.4322.573, C:2003-02-20 19:09 M:2003-02-20 19:09] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32] c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll [Microsoft Corporation, 1.1.4322.573, C:2008-06-23 12:33 M:2008-06-23 12:33] c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_11580ef6\system.windows.forms.dll [N/A, C:2008-06-23 12:34 M:2008-06-23 12:34] c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll [Microsoft Corporation, 1.1.4322.573, C:2008-06-23 12:33 M:2008-06-23 12:33] c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_b9347579\system.dll [N/A, C:2008-06-23 12:34 M:2008-06-23 12:34] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSCORJIT.DLL [Microsoft Corporation, 1.1.4322.573, C:2003-02-20 19:06 M:2003-02-20 19:06] c:\program files\hp\toolboxfx\bin\hptools.dll [ , 2.2.170.0, C:2006-06-15 08:42 M:2006-06-15 08:42] c:\program files\hp\toolboxfx\bin\appconstants.dll [ , 2.2.170.0, C:2006-06-15 08:42 M:2006-06-15 08:42] c:\program files\hp\toolboxfx\bin\hpapptools.dll [ , 2.2.170.0, C:2006-06-15 08:42 M:2006-06-15 08:42] c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll [Microsoft Corporation, 1.1.4322.573, C:2008-06-23 12:33 M:2008-06-23 12:33] c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_zh-chs_b77a5c561934e089\mscorlib.resources.dll [Microsoft Corporation, 1.1.4322.573, C:2008-06-23 12:34 M:2008-06-23 12:34] c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_9d82628e\system.xml.dll [N/A, C:2008-06-23 12:34 M:2008-06-23 12:34] c:\program files\hp\toolboxfx\bin\hptoolkit.dll [ , 2.2.170.0, C:2006-06-15 08:42 M:2006-06-15 08:42] c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll [Microsoft Corporation, 1.1.4322.573, C:2008-06-23 12:33 M:2008-06-23 12:33] c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_68d5515d\system.drawing.dll [N/A, C:2008-06-23 12:34 M:2008-06-23 12:34] c:\program files\hp\toolboxfx\bin\enumeration.dll [ , 2.2.170.0, C:2006-06-15 08:42 M:2006-06-15 08:42] c:\windows\assembly\gac\system.runtime.serialization.formatters.soap\1.0.5000.0__b03f5f7f11d50a3a\system.runtime.serialization.formatters.soap.dll [Microsoft Corporation, 1.1.4322.573, C:2008-06-23 12:33 M:2008-06-23 12:33] c:\program files\hp\toolboxfx\bin\hpstreamsinterface.dll [ , 2.2.170.0, C:2006-06-15 08:42 M:2006-06-15 08:42] C:\WINDOWS\system32\FXCompChannel.dll [Hewlett-Packard, 01.02.10, C:2006-01-24 11:53 M:2006-01-24 11:53] c:\program files\hp\toolboxfx\bin\alerts.dll [ , 2.2.170.0, C:2006-06-15 08:43 M:2006-06-15 08:43] c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll [Microsoft Corporation, 1.1.4322.573, C:2008-06-23 12:33 M:2008-06-23 12:33] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\WMINet_Utils.dll [Microsoft Corporation, 1.1.4322.573, C:2003-02-20 20:10 M:2003-02-20 20:10] c:\program files\hp\toolboxfx\bin\hpfaxutilities.dll [ , 2.2.170.0, C:2006-06-15 08:43 M:2006-06-15 08:43] c:\program files\hp\toolboxfx\bin\namedpipechannel.dll [ , 2.2.170.0, C:2006-06-15 08:42 M:2006-06-15 08:42] c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll [Microsoft Corporation, 1.1.4322.573, C:2008-06-23 12:33 M:2008-06-23 12:33] C:\Program Files\HP\ToolBoxFX\bin\nativeutils.dll [N/A, C:2006-06-15 08:42 M:2006-06-15 08:42] c:\program files\hp\toolboxfx\bin\zh-chs\hpapptools.resources.dll [ , 1.0.2290.39206, C:2006-05-05 12:58 M:2006-05-05 12:58] c:\program files\hp\toolboxfx\bin\zh-chs\alerts.resources.dll [ , 1.0.2290.39213, C:2006-05-05 12:57 M:2006-05-05 12:57] [PID: 216 / yuan] D:\RISING\RAV\RavMon.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.01.27, C:2008-06-23 14:40 M:2008-11-21 09:21] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2008-06-23 14:40 M:2008-06-23 14:38] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2007-02-24 10:01 M:2007-02-24 10:01] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2007-02-24 10:01 M:2007-02-24 10:01] D:\RISING\RAV\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-06-23 14:40 M:2008-11-21 09:21] D:\RISING\RAV\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-06-23 14:40 M:2008-11-21 09:21] D:\RISING\RAV\RSCOMMON.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-06-23 14:40 M:2008-11-21 09:21] D:\RISING\RAV\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 41, C:2008-06-23 14:40 M:2008-09-06 09:30] D:\RISING\RAV\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18, C:2008-06-23 14:40 M:2008-07-28 14:44] D:\RISING\RAV\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2008-06-23 14:40 M:2008-07-28 14:44] D:\RISING\RAV\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-06-23 14:40 M:2008-07-28 14:44] D:\RISING\RAV\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-06-23 14:40 M:2008-07-28 14:44] D:\RISING\RAV\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-06-23 14:40 M:2008-07-28 14:44] D:\RISING\RAV\MonRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.29, C:2008-06-23 14:40 M:2008-11-21 09:21] D:\RISING\RAV\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-06-23 14:40 M:2008-11-21 09:22] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32] D:\RISING\RAV\Rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90, C:2008-06-23 14:40 M:2008-11-21 09:22] D:\RISING\RAV\RsXML.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-06-23 14:40 M:2008-11-21 09:21] [PID: 1364 / LOCAL SERVICE] C:\WINDOWS\System32\alg.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\System32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32] C:\WINDOWS\System32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29] [PID: 2140 / yuan] C:\WINDOWS\stsystra.exe [SigmaTel, Inc., 1.0.4991.0 nd444 cp1, C:2008-06-23 13:00 M:2006-03-20 16:00] C:\WINDOWS\system32\STLang.dll [SigmaTel, Inc., 1.6.4947.0 nd229 cp1, C:2008-06-23 13:00 M:2006-03-20 20:54] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32] C:\WINDOWS\system32\stacapi.dll [(Verified)SigmaTel, Inc., 1.0.4991.0 nd444 cp1, C:2008-06-23 12:59 M:2006-03-20 16:02] [PID: 2272 / yuan] D:\Rising\Rav\RavTask.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.24, C:2008-06-23 14:40 M:2008-11-21 09:21] D:\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-06-23 14:40 M:2008-11-21 09:21] D:\Rising\Rav\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-06-23 14:40 M:2008-11-21 09:21] D:\Rising\Rav\RSCOMMON.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-06-23 14:40 M:2008-11-21 09:21] D:\Rising\Rav\RSAPPMGR.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-06-23 14:40 M:2008-07-28 14:44] D:\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-06-23 14:40 M:2008-07-28 14:44] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32] [PID: 2320 / yuan] C:\Program Files\Rising\AntiSpyware\rstray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.16, C:2008-08-06 08:54 M:2008-09-12 09:17] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29] C:\Program Files\Rising\AntiSpyware\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 8, C:2008-08-06 08:54 M:2008-08-06 08:54] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32] C:\Program Files\Rising\AntiSpyware\RsXML.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-06-23 14:40 M:2008-08-06 08:54] C:\Program Files\Rising\AntiSpyware\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-06-23 14:40 M:2008-08-06 08:53] C:\Program Files\Rising\AntiSpyware\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2008-06-23 14:40 M:2008-08-06 08:53] C:\Program Files\Rising\AntiSpyware\ComServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.31, C:2008-08-06 08:54 M:2008-08-06 08:53] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-08-06 08:54 M:2008-09-03 09:42] C:\Program Files\Rising\AntiSpyware\rscommon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.1.1, C:2008-08-06 08:54 M:2008-08-06 08:54] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-08-06 08:54 M:2008-09-29 09:25] C:\Program Files\Rising\AntiSpyware\pngdll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-08-06 08:54 M:2008-08-06 08:53] C:\Program Files\Rising\AntiSpyware\runiep.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.41, C:2008-08-06 08:54 M:2008-11-05 08:19] C:\Program Files\Rising\AntiSpyware\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.6, C:2008-06-23 14:40 M:2008-08-06 08:53] D:\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-06-23 14:40 M:2008-11-21 09:21] C:\Program Files\Rising\AntiSpyware\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-10-06 17:03 M:2008-10-06 17:03] C:\Program Files\Rising\AntiSpyware\pscan.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.58, C:2008-08-06 08:54 M:2008-11-06 16:22] C:\Program Files\Rising\AntiSpyware\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2008-06-23 14:40 M:2008-08-06 08:53] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-06-23 14:40 M:2008-11-21 09:21] [PID: 2428 / yuan] E:\系统2005(V2.0)\PTransferTry.exe [中共中央组织部;北京万里红科技有限公司, 1.0.0.348, C:2008-01-11 15:00 M:2008-01-11 15:00] E:\系统2005(V2.0)\ksys.dll [Basesoft Co. Ltd., 4.1.3.0376, C:2007-03-06 11:17 M:2007-03-06 11:17] E:\系统2005(V2.0)\KCI.dll [Basesoft Co. Ltd., 4.1.3.0376, C:2007-03-06 11:17 M:2007-03-06 11:17] E:\系统2005(V2.0)\qtintf70.dll [Borland Software Corporation, 7.0.4.258, C:2002-08-20 16:40 M:2002-08-20 16:40] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32] C:\WINDOWS\system32\kbodbc32.dll [北京人大金仓信息技术有限公司, 4.1.4.0402, C:2008-12-01 08:35 M:2007-10-26 13:03] [PID: 2468 / yuan] C:\WINDOWS\system32\ctfmon.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29] [PID: 2660 / yuan] C:\WINDOWS\system32\conime.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29] [PID: 2840 / yuan] E:\系统2005(V2.0)\kingbaseES\4.1\bin\kdb.exe [Basesoft Co. Ltd., 4.1.3.0385, C:2007-10-26 12:54 M:2007-10-26 12:54] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29] [PID: 3084 / yuan] E:\系统2005(V2.0)\kingbaseES\4.1\bin\kdb.exe [Basesoft Co. Ltd., 4.1.3.0385, C:2007-10-26 12:54 M:2007-10-26 12:54] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-08-06 08:54 M:2008-09-29 09:25] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-08-06 08:54 M:2008-09-03 09:42] [PID: 3148 / yuan] E:\系统2005(V2.0)\kingbaseES\4.1\bin\kdb.exe [Basesoft Co. Ltd., 4.1.3.0385, C:2007-10-26 12:54 M:2007-10-26 12:54] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-08-06 08:54 M:2008-09-29 09:25] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-08-06 08:54 M:2008-09-03 09:42] [PID: 3396 / yuan] E:\系统2005(V2.0)\kingbaseES\4.1\bin\kdb.exe [Basesoft Co. Ltd., 4.1.3.0385, C:2007-10-26 12:54 M:2007-10-26 12:54] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-08-06 08:54 M:2008-09-29 09:25] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-08-06 08:54 M:2008-09-03 09:42] [PID: 3740 / NETWORK SERVICE] C:\WINDOWS\system32\wbem\wmiprvse.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-08-28 12:16 M:2004-08-17 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-08-06 08:54 M:2008-09-29 09:25] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-08-06 08:54 M:2008-09-03 09:42] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\KTIG6U2.dll [(Verified)KONICA MINOLTA BUSINESS TECHNOLOGIES, INC., 02.57.00.00, C:2006-06-15 09:31 M:2006-06-15 09:31] [PID: 3864 / yuan] C:\WINDOWS\system32\taskmgr.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-08-06 08:54 M:2008-09-29 09:25] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-08-06 08:54 M:2008-09-03 09:42] [PID: 3476 / SYSTEM] C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [(Verified)Google, 2.4.1368.5602.beta, C:2008-09-18 12:56 M:2008-10-18 13:15] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-08-06 08:54 M:2008-09-29 09:25] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-08-06 08:54 M:2008-09-03 09:42] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32] [PID: 2264 / yuan] C:\Program Files\Rising\AntiSpyware\ras.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.7, C:2008-06-23 14:40 M:2008-08-06 08:54] C:\Program Files\Rising\AntiSpyware\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2008-06-23 14:40 M:2008-08-06 08:53] C:\Program Files\Rising\AntiSpyware\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2008-06-23 14:40 M:2008-08-06 08:53] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32] C:\Program Files\Rising\AntiSpyware\KakaMgr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.27, C:2008-08-06 08:54 M:2008-09-22 16:35] C:\Program Files\Rising\AntiSpyware\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-06-23 14:40 M:2008-08-06 08:53] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-08-06 08:54 M:2008-09-03 09:42] D:\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-06-23 14:40 M:2008-11-21 09:21] C:\Program Files\Rising\AntiSpyware\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-10-06 17:03 M:2008-10-06 17:03] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-08-06 08:54 M:2008-09-29 09:25] C:\Program Files\Rising\AntiSpyware\dbmgr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.4, C:2008-08-06 08:54 M:2008-08-06 08:53] C:\Program Files\Rising\AntiSpyware\RSXML.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-06-23 14:40 M:2008-08-06 08:54] C:\Program Files\Rising\AntiSpyware\pweb.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.19, C:2008-08-06 08:54 M:2008-11-25 08:05] C:\Program Files\Rising\AntiSpyware\pscan.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.58, C:2008-08-06 08:54 M:2008-11-06 16:22] C:\Program Files\Rising\AntiSpyware\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.6, C:2008-06-23 14:40 M:2008-08-06 08:53] C:\Program Files\Rising\AntiSpyware\pset.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.12, C:2008-08-06 08:54 M:2008-09-22 16:35] C:\Program Files\Rising\AntiSpyware\pdefend.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.14, C:2008-08-06 08:54 M:2008-11-05 08:19] C:\Program Files\Rising\AntiSpyware\ptools.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.15, C:2008-08-06 08:54 M:2008-08-06 08:53] C:\Program Files\Rising\AntiSpyware\psysinfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.56, C:2008-08-06 08:54 M:2008-09-04 08:10] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-06-23 14:40 M:2008-11-21 09:21] C:\Program Files\Rising\AntiSpyware\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-08-06 08:54 M:2008-08-06 08:53] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-16 16:38] D:\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-06-23 14:40 M:2008-11-21 09:21] C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32] C:\Program Files\Rising\AntiSpyware\engine.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 19, 0, 0, 26, C:2008-06-23 14:40 M:2008-08-06 08:53] C:\Program Files\Rising\AntiSpyware\zip.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 0, C:2008-06-23 14:40 M:2008-08-06 08:54] C:\Program Files\Rising\AntiSpyware\SecScan.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 17, C:2008-06-23 14:40 M:2008-11-10 12:37] C:\Program Files\Rising\AntiSpyware\SecEx.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 11, C:2008-06-23 14:40 M:2008-08-06 08:54] C:\Program Files\Rising\AntiSpyware\kengine.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-08-06 08:54 M:2008-09-03 09:42] C:\Program Files\Rising\AntiSpyware\posttrt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 24, C:2008-08-06 08:54 M:2008-08-06 08:53] C:\Program Files\Rising\AntiSpyware\kscanex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 2, C:2008-08-06 08:54 M:2008-08-06 08:53] C:\Program Files\Rising\AntiSpyware\rsdialog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6, C:2008-06-23 14:40 M:2008-08-06 08:54] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\MSVCR80.dll [Microsoft Corporation, 8.00.50727.163, C:2006-06-05 14:14 M:2006-06-05 14:14] [PID: 648 / yuan] C:\Program Files\Rising\AntiSpyware\knownsvr.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.13, C:2008-08-06 08:54 M:2008-12-01 12:05] C:\Program Files\Rising\AntiSpyware\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.6, C:2008-06-23 14:40 M:2008-08-06 08:53] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-08-06 08:54 M:2008-09-29 09:25] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-08-06 08:54 M:2008-09-03 09:42] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32] [PID: 2448 / yuan] C:\Program Files\Internet Explorer\IEXPLORE.EXE [(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-08-28 12:18 M:2004-08-17 20:00] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-08-06 08:54 M:2008-09-29 09:25] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-08-06 08:54 M:2008-09-03 09:42] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32] d:\WebThunder\WebThunderBHO_Now.dll [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 75, C:2008-06-23 14:48 M:2008-07-01 17:40] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [(Verified)Adobe Systems Incorporated, 8.0.0.2006102200, C:2006-10-22 23:08 M:2006-10-22 23:08] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\MSVCR80.dll [Microsoft Corporation, 8.00.50727.163, C:2006-06-05 14:14 M:2006-06-05 14:14] C:\PROGRA~1\baidu\bar\baidubar.dll [(Verified)Baidu.com, Inc., 2, 0, 2, 181, C:2008-06-23 15:18 M:2008-11-07 03:34] C:\WINDOWS\system32\urlFilter.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-08-06 08:54 M:2008-08-06 08:54] C:\Program Files\Rising\AntiSpyware\UrlRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1.0.0.15, C:2008-08-06 08:54 M:2008-08-06 08:54] C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll [(Verified)Google Inc., 4, 1, 805, 4472, C:2008-10-18 13:15 M:2008-10-18 13:15] C:\Program Files\Windows Live Toolbar\zh-cn\mtbres.dll.mui [Microsoft Corporation, 03.00.0001.2012, C:2007-10-19 11:55 M:2007-10-19 11:55] C:\Program Files\Windows Live Toolbar\mtbres.dll [Microsoft Corporation, 03.01.0000.0146, C:2007-10-19 11:18 M:2007-10-19 11:18] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-16 16:38] D:\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-06-23 14:40 M:2008-11-21 09:21] C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32] C:\WINDOWS\system32\mscoree.dll [Microsoft Corporation, 1.1.4322.573, C:2003-02-20 19:06 M:2003-02-20 19:06] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorie.dll [Microsoft Corporation, 1.1.4322.573, C:2003-02-20 19:09 M:2003-02-20 19:09] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 04:42 M:2003-02-21 04:42] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorld.dll [Microsoft Corporation, 1.1.4322.573, C:2003-02-20 19:09 M:2003-02-20 19:09] [PID: 3492 / yuan] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe [(Verified)Microsoft Corporation, 4.200.520.1, C:2007-09-20 10:35 M:2007-09-20 10:35] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-08-06 08:54 M:2008-09-29 09:25] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-08-06 08:54 M:2008-09-03 09:42] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32] [PID: 3364 / yuan] C:\Documents and Settings\yuan\桌面\sreng2\SREngLdr.EXE [Smallfrogs Studio, 2.7.0.1210, C:2008-12-02 15:36 M:2008-10-19 15:54] [PID: 3784 / yuan] C:\Documents and Settings\yuan\桌面\sreng2\SRE46903132.EXE [Smallfrogs Studio, 2.7.0.1210, C:2008-12-02 15:36 M:2008-12-02 15:36] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32] C:\Documents and Settings\yuan\桌面\sreng2\Upload\3rdUpd.DLL [Smallfrogs Studio, 2, 1, 0, 15, C:2008-12-02 15:36 M:2007-06-24 18:46] [PID: 1456 / yuan] C:\Documents and Settings\yuan\桌面\SysLog-0804\SysLog.exe [N/A, C:2008-12-02 15:36 M:2008-08-04 21:19] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-08-06 08:54 M:2008-09-29 09:25] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-08-06 08:54 M:2008-09-03 09:42] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32] ======================================== File Link ======================================== Autorun ======================================== Winsock Providers ======================================== HOSTS 127.0.0.1 localhost [/CODE]