[CODE]

2008-12-05,12:49:44

SysLog Scanner 1.0 - build 20080726
Arswp (http://www.arswp.com)

Windows XP Professional Service Pack 2 (build 2600) - Administrators



========================================
Registries

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)NVIDIA Corporation, 6.14.10.9371, C:2007-11-29 15:17 M:2006-10-22 12:22]
    <CorelDRAW Graphics Suite 11b><D:\Program Files\Corel\Corel Graphics 12\Languages\CS\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=040508 serial=DR12WRD-7258123-YPN lang=CS>  [N/A, C:1601-01-01 08:00 M:1601-01-01 08:00]
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  [N/A, C:1601-01-01 08:00 M:1601-01-01 08:00]
    <nwiz><nwiz.exe /install>  [N/A, C:2007-11-29 15:17 M:2006-07-12 13:19]
    <NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)NVIDIA Corporation, 6.14.10.9371, C:2007-11-29 15:17 M:2006-10-22 12:22]
    <SoundMan><SOUNDMAN.EXE>  [(Verified)Realtek Semiconductor Corp., 5, 1, 0, 56, C:2008-11-13 16:13 M:2006-08-03 05:12]
    <RisTray><"E:\其它\Rising\Ris\RsTray.exe" -system>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.21, C:2008-12-04 15:47 M:2008-12-05 09:53]
    <runeip><"C:\Program Files\Rising\AntiSpyware\rstray.exe" /startup>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.16, C:2008-12-05 11:37 M:2008-12-05 11:36]
    <ms08_067_patch><"C:\WINDOWS\system32\nap32.exe" /run>  [Beijing Rising Information Technology Co., Ltd., 1.0.0.1, C:2008-12-05 11:39 M:2008-12-05 11:38]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [(Verified)RealNetworks, Inc., 0.1.1.68, C:2008-05-06 11:48 M:2008-12-05 11:44]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [N/A, C:2004-08-17 12:00 M:2008-12-05 10:06]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_Dlls><kmon.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-11 09:12 M:2008-12-05 11:36]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&ICQ Toolbar Search]
    <><res://E:\其它\ICQToolbar\toolbaru.dll/SEARCH.HTML>  []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Windows Live Search]
    <><res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm>  []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\Add to Windows &Live Favorites]
    <><http://favorites.live.com/quickadd.aspx>  []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用WEB迅雷下载]
    <><E:\Program Files\迅雷\GetUrl.htm>  [N/A, C:2008-07-01 17:40 M:2008-07-01 17:40]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用WEB迅雷下载全部链接]
    <><E:\Program Files\迅雷\GetAllUrl.htm>  [N/A, C:2008-07-01 17:40 M:2008-07-01 17:40]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载]
    <><D:\Program Files\Thunder Network\Thunder\Program\geturl.htm>  []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载全部链接]
    <><D:\Program Files\Thunder Network\Thunder\Program\getallurl.htm>  []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\在Foxmail中添加该RSS频道/频道组]
    <><res://C:\WINDOWS\system32\fmrsslink.dll/201>  []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\导出到 Microsoft Office Excel(&X)]
    <><res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000>  []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\添加到QQ表情]
    <><D:\Program Files\Tencent\QQ\AddEmotion.htm>  []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\添加到百度搜藏]
    <><http://cang.baidu.com/-/add.html>  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)N/A, C:2004-08-17 12:00 M:2004-08-17 12:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)N/A, C:2004-08-17 12:00 M:2004-08-17 12:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)N/A, C:2007-10-17 00:34 M:2005-01-28 15:25]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200), C:2005-09-23 07:28 M:2005-09-23 07:28]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}]
    <启动迅雷5><D:\Program Files\Thunder Network\Thunder\Thunder.exe>  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{962EFB8E-2683-42d4-AC74-AAA4C759B9C6}]
    <启动WEB迅雷><http://my.xunlei.com>  []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\Canon BJ Language Monitor i355]
    <PrintMonitor: Canon BJ Language Monitor i355><CNMLM55.DLL>  [(Verified)CANON INC., 1.90.3.90, C:2007-11-30 11:23 M:2005-11-30 05:00]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\Canon BJ Language Monitor PIXMA iP1000]
    <PrintMonitor: Canon BJ Language Monitor PIXMA iP1000><CNMLM6e.DLL>  [(Verified)CANON INC., 1.80.2.50, C:2008-10-29 10:23 M:2004-04-23 13:00]


========================================
Startup Folders



========================================
Task

[SogouImeMgr.job]
    <C:\WINDOWS\tasks\SogouImeMgr.job --> "C:\PROGRA~1\SOGOUI~1\360~1.165\PinyinRepair.exe" /S > [(Verified)Sogou.com Inc., 3.6.0.1653, C:2008-09-17 10:07 M:2008-09-17 10:07]


========================================
Components


Shell Extension
[Display Panning CPL Extension]
    {42071714-76d4-11d1-8b24-00a0c9068ff3}  <deskpan.dll>  []
[HyperTerminal Icon Ext]
    {88895560-9AA2-1069-930E-00AA0030EBC8}  <C:\WINDOWS\system32\hticons.dll>  [(Verified)Hilgraeve, Inc., 5.1.2600.0, C:2007-09-15 12:13 M:2004-08-17 20:00]
[Microsoft Agent Character Property Sheet Handler]
    {143A62C8-C33B-11D1-84FE-00C04FA34A14}  <C:\WINDOWS\msagent\AgentPsh.dll>  [Microsoft Corporation, 2.00.0.2115, C:1998-09-15 17:21 M:1998-09-15 17:21]
[WinRAR shell extension]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <C:\Program Files\WinRAR\rarext.dll>  [N/A, C:2007-10-17 04:03 M:2007-09-23 18:59]
[NvCpl DesktopContext Class]
    {A70C977A-BF00-412C-90B7-034C51DA2439}  <C:\WINDOWS\system32\nvcpl.dll>  [(Verified)NVIDIA Corporation, 6.14.10.9371, C:2007-11-29 15:17 M:2006-10-22 12:22]
[Desktop Explorer]
    {1CDB2949-8F65-4355-8456-263E7C208A5D}  <D:\WINDOWS\system32\nvshell.dll>  []
[Desktop Explorer Menu]
    {1E9B04FB-F9E5-4718-997B-B8DA88302A47}  <D:\WINDOWS\system32\nvshell.dll>  []
[nView Desktop Context Menu]
    {1E9B04FB-F9E5-4718-997B-B8DA88302A48}  <D:\WINDOWS\system32\nvshell.dll>  []
[mp3infp]
    {DDB066B3-8D19-11d2-8763-006052014B08}  <C:\WINDOWS\system32\mp3infp.dll>  [win32lab.com, 2.54.5.0, C:2007-03-18 22:41 M:2007-03-18 22:41]
[Shell Extensions for RealOne Player]
    {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}  <e:\Program Files\Real\RealPlayer\rpshell.dll>  [(Verified)RealNetworks, Inc., 1.0.2.67, C:2008-05-06 11:48 M:2008-12-05 11:44]
[Play on my TV helper]
    {FFB699E0-306A-11d3-8BD1-00104B6F7516}  <C:\WINDOWS\system32\nvcpl.dll>  [(Verified)NVIDIA Corporation, 6.14.10.9371, C:2007-11-29 15:17 M:2006-10-22 12:22]
[ShellLink for Application References]
    {e82a2d71-5b2f-43a0-97b8-81be15854de8}  <C:\WINDOWS\system32\dfshim.dll>  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200), C:2005-09-23 07:28 M:2005-09-23 07:28]
[Shell Icon Handler for Application References]
    {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75}  <C:\WINDOWS\system32\dfshim.dll>  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200), C:2005-09-23 07:28 M:2005-09-23 07:28]
[RISING]
    {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}  <C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-04 15:47 M:2008-12-05 09:53]

Protocols
[Cor MIME Filter, CorFltr, CorFltr 1]
    {1E66F26B-79EE-11D2-8710-00C04F79ED0D}  <mscoree.dll>  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200), C:2005-09-23 07:28 M:2005-09-23 07:28]

ToolBar
[百度工具栏]
    {B580CF65-E151-49C3-B73F-70B13FCA8E86}  <C:\PROGRA~1\baidu\bar\baidubar.dll>  [(Verified)Baidu.com, Inc., 2, 0, 2, 181, C:2008-03-27 10:05 M:2008-11-07 03:34]
[ICQ  Toolbar]
    {855F3B16-6D32-4fe6-8A56-BBB695989046}  <E:\其它\ICQToolbar\toolbaru.dll>  []
[瑞星卡卡工具条(&R)]
    {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C}  <C:\WINDOWS\system32\KakaTool.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 3, C:2008-12-05 11:37 M:2008-12-05 11:36]

ActiveX Extension
[WebThunder Browser Helper]
    {00000AAA-A363-466E-BEF5-9BB68697AA7F}  <E:\Program Files\迅雷\WebThunderBHO_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 75, C:2008-09-28 09:34 M:2008-07-01 17:40]
[ThunderAtOnce Class]
    {01443AEC-0FD1-40FD-9C87-E93D1494C233}  <D:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll>  []
[Web Browser Applet Control]
    {08B0E5C0-4FCB-11CF-AAA5-00401C608501}  <C:\WINDOWS\system32\msjava.dll>  [Microsoft Corporation, 5.00.3810, C:2007-10-17 00:35 M:2003-02-28 18:26]
[]
    {1C88DCB3-CC6B-4DDA-8213-7AD7022A34E1}  <C:\Program Files\Internet Explorer\67u1NtMe.2ys>  []
[Recorder Control]
    {2423AB16-9F42-457B-A337-FE3B11964DB0}  <C:\PROGRA~1\bluesky\BLUESK~1\recorder.ocx>  [Bluesky Studio (http://www.bluesky.cn), 1, 0, 1, 1, C:2007-07-29 18:41 M:2007-07-29 18:41]
[BlueskyVideo Control]
    {2EA6D939-4445-43F1-A12B-8CB3DDA8B855}  <C:\PROGRA~1\bluesky\BLUESK~1\v2.ocx>  [Bluesky Studio (http://www.bluesky.cn), 8, 1, 6, 4, C:2007-12-24 09:59 M:2007-12-24 09:59]
[WebThunder DapPlayer]
    {2EEDA47E-8D5C-4d7e-B4B6-E16E19218555}  <E:\Program Files\迅雷\DownAndPlay\DapPlayer3.0.5712.71.822.dll>  [ShenZhen Thunder Networking Technologies Ltd., 3, 0, 5712, 71, C:2008-10-18 08:42 M:2008-07-01 17:40]
[Ppd Control]
    {2F2BA87D-385E-4922-B41C-06E190B06AA9}  <C:\PROGRA~1\bluesky\BLUESK~1\ppd.ocx>  [Bluesky Studio(http://www.bluesky.cn), 1, 0, 1, 7, C:2008-01-25 15:49 M:2007-07-29 18:16]
[Share Control]
    {3072B1F1-0C4D-4E76-A7C6-FBAF129DBCC9}  <C:\PROGRA~1\bluesky\BLUESK~1\share.ocx>  [Bluesky Studio (http://www.bluesky.cn), 8, 1, 3, 0, C:2008-01-18 23:33 M:2008-01-18 23:33]
[Thunder Agent Class]
    {485463B7-8FB2-4B3B-B29B-8B919B0EACCE}  <D:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll>  []
[Traceppd Control]
    {5910C66C-F9BA-4306-8175-C098B7F0ED62}  <C:\PROGRA~1\bluesky\BLUESK~1\traceppd.ocx>  [BlueskyStudio(http://www.bluesky.cn), 1, 0, 0, 9, C:2008-01-25 15:49 M:2007-07-29 18:35]
[]
    {5A041F13-A111-12A5-B0CF-F99818AA68A5}  <C:\WINDOWS\system32\archibidll.dll>  [N/A, C:2004-08-08 17:37 M:2004-08-08 17:37]
[PP Control]
    {616DACC1-C5E6-4646-B36A-3FA4FC726BAD}  <C:\PROGRA~1\bluesky\BLUESK~1\ppc.ocx>  [Bluesky Studio (http://www.bluesky.cn), 2, 2, 3, 4, C:2007-11-22 23:29 M:2007-11-22 23:29]
[XMP Class]
    {6483F145-A768-4C41-AACC-52D4D7845851}  <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work>  [Copyright XunLei 2007, 2, 1, 0, 64, C:2007-12-28 11:40 M:2008-07-01 17:40]
[XDRM]
    {693571CB-54A3-4E90-9D52-EEAE1334E2D3}  <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work>  [Copyright XunLei 2007, 1, 0, 0, 7, C:2007-12-28 11:40 M:2008-07-01 17:40]
[Videohelp Control]
    {75B75D86-D88B-4BEA-BC59-BFD9D7300518}  <C:\PROGRA~1\bluesky\BLUESK~1\VIDEOH~1.OCX>  [Bluesky Studio(http://www.bluesky.cn), 1, 0, 0, 4, C:2008-01-25 15:49 M:2007-04-17 10:27]
[MediaComm Class]
    {7670648D-461B-42AF-BDFE-46D26AF5EFF2}  <D:\Program Files\Thunder Network\Thunder\Components\InMedia\MediaAddin17.dll>  []
[BandIE Class]
    {77FEF28E-EB96-44FF-B511-3185DEA48697}  <C:\PROGRA~1\baidu\bar\baidubar.dll>  [(Verified)Baidu.com, Inc., 2, 0, 2, 181, C:2008-03-27 10:05 M:2008-11-07 03:34]
[ICQ  Toolbar]
    {855F3B16-6D32-4FE6-8A56-BBB695989046}  <E:\其它\ICQToolbar\toolbaru.dll>  []
[360SafeLive]
    {87515F61-A66C-4319-A0E0-D416CB8059E3}  <D:\Backup\我的文档\360safe\live.dll>  []
[Filetran Control]
    {88734439-46D0-42C0-A13F-7E881EE550CF}  <C:\PROGRA~1\bluesky\BLUESK~1\filetran.ocx>  [Bluesky Studio(http://www.bluesky.cn), 1, 1, 0, 1, C:2007-10-09 12:10 M:2007-10-09 12:10]
[Thunder Browser Helper]
    {889D2FEB-5411-4565-8998-1DD2C5261283}  <D:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll>  []
[Chat Control]
    {94EFE58C-E678-4808-AD65-24CE4B94C1FE}  <C:\PROGRA~1\bluesky\BLUESK~1\chat.ocx>  [Bluesky Studio(http://www.bluesky.cn), 1, 0, 0, 8, C:2007-11-27 10:59 M:2007-11-27 10:59]
[卡卡上网安全助手]
    {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}  <C:\WINDOWS\system32\UrlFilter.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-12-05 11:37 M:2008-12-05 11:36]
[Blueskyvoice Control]
    {991481A7-4669-4e15-8C24-100404E1F5CB}  <C:\PROGRA~1\bluesky\BLUESK~1\BLUESK~1.OCX>  [Bluesky Studio (http://www.bluesky.cn), 8, 1, 3, 3, C:2007-11-20 18:01 M:2007-11-20 18:01]
[Display Control]
    {A1D97DB3-E564-4743-B2E7-6F5182CBF406}  <C:\PROGRA~1\bluesky\BLUESK~1\display.ocx>  [Bluesky Studio (http://www.bluesky.cn), 1, 0, 1, 6, C:2008-01-25 15:49 M:2007-09-21 15:56]
[Tracechat Control]
    {A40335C4-D3D1-4E7B-9130-039CDA5B603C}  <C:\PROGRA~1\bluesky\BLUESK~1\TRACEC~1.OCX>  [Bluesky Studio(http://www.bluesky.cn), 1, 0, 0, 6, C:2007-07-29 18:54 M:2007-07-29 18:54]
[Imgsend Control]
    {AA1561BF-D290-4060-919B-499849629205}  <C:\PROGRA~1\bluesky\BLUESK~1\imgsend.ocx>  [Bluesky Studio (http://www.bluesky.cn), 1, 0, 0, 1, C:2008-01-25 15:49 M:2008-01-20 12:54]
[DapCtrl Class]
    {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8}  <C:\Program Files\Common Files\Thunder Network\KanKan\dapctrl.2.1.5801.53.(822).dll>  [ShenZhen Thunder Networking Technologies Ltd., 2, 1, 5801, 53, C:2008-10-18 08:42 M:2008-07-01 17:40]
[PPChat Control]
    {AFB97F16-B7E8-4EB1-8133-FBD5AA2EBB3B}  <C:\PROGRA~1\bluesky\BLUESK~1\ppchat.ocx>  [Bluesky Studio(http://www.bluesky.cn), 1, 0, 0, 6, C:2008-01-25 15:49 M:2007-10-09 12:43]
[百度工具栏]
    {B580CF65-E151-49C3-B73F-70B13FCA8E86}  <C:\PROGRA~1\baidu\bar\baidubar.dll>  [(Verified)Baidu.com, Inc., 2, 0, 2, 181, C:2008-03-27 10:05 M:2008-11-07 03:34]
[Blueskyvoice Control]
    {BA0F088C-72C1-475a-92F8-42391DEF6961}  <C:\PROGRA~1\bluesky\BLUESK~1\BLUESK~2.OCX>  [蓝天工作室(http://www.bluesky.cn), 2, 6, 0, 1, C:2007-09-17 15:50 M:2007-09-17 15:50]
[Client Control]
    {C7B0C764-5D4E-433E-A854-591F28520577}  <C:\PROGRA~1\bluesky\BLUESK~1\client.ocx>  [BlueskyStudio(http://www.bluesky.cn), 1, 0, 0, 4, C:2007-07-29 18:01 M:2007-07-29 18:01]
[Play Control]
    {CC20DDA1-9A21-4DEC-B5BE-E61E0351FCA9}  <C:\PROGRA~1\bluesky\BLUESK~1\play.ocx>  [Bluesky Studio (http://www.bluesky.cn), 1, 0, 1, 7, C:2008-01-25 15:49 M:2007-10-17 12:00]
[RealPlayer G2 Control]
    {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA}  <C:\WINDOWS\system32\rmoc3260.dll>  [RealNetworks, Inc., 6.0.9.2237, C:2008-05-06 11:49 M:2008-05-06 11:49]
[Shockwave Flash Object]
    {D27CDB6E-AE6D-11CF-96B8-444553540000}  <C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx>  [(Verified)Adobe Systems, Inc., 10,0,12,36, C:2008-10-05 11:16 M:2008-10-05 11:16]
[瑞星卡卡工具条(&R)]
    {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C}  <C:\WINDOWS\system32\KakaTool.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 3, C:2008-12-05 11:37 M:2008-12-05 11:36]
[Thunder DapPlayer]
    {EEDD6FF9-13DE-496B-9A1C-D78B3215E266}  <D:\Program Files\Thunder Network\Thunder\Components\DownAndPlay\DapPlayer3.0.5712.71.707.dll>  []
[XPPlayer Class]
    {F3E70CEA-956E-49CC-B444-73AFE593AD7F}  <C:\Program Files\Common Files\Thunder Network\KanKan\PPlayer.2.0.0.164.(822).dll>  [Thunder, 2, 0, 0, 164, C:2008-10-18 08:42 M:2008-07-01 17:40]

Context Menu
[mp3infp]
    {DDB066B3-8D19-11d2-8763-006052014B08}  <C:\WINDOWS\system32\mp3infp.dll>  [win32lab.com, 2.54.5.0, C:2007-03-18 22:41 M:2007-03-18 22:41]
[RisingRavExt]
    {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}  <C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-04 15:47 M:2008-12-05 09:53]
[WinRAR]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <C:\Program Files\WinRAR\rarext.dll>  [N/A, C:2007-10-17 04:03 M:2007-09-23 18:59]


========================================
Services

[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
    <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe">  [Adobe Systems, 2.67.010, C:2009-01-23 16:44 M:2007-05-11 00:46]
[Human Interface Device Access / HidServ][Stopped/Disabled]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\hidserv.dll">  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
[P4P Service / P4P Service][Running/Auto Start]
    <C:\Program Files\Common Files\Sogou PXP\p2psvr.exe>  [Sohu.com Inc., 2, 0, 0, 20, C:2006-08-03 11:04 M:2006-08-03 11:04]
[Rising Proxy  Service / RfwProxySrv][Stopped/Auto Start]
    <D:\Program Files\Rising\Rfw\rfwProxy.exe>  []
[Rising Personal Firewall Service / RfwService][Stopped/Auto Start]
    <D:\Program Files\Rising\Rfw\rfwsrv.exe>  []

[Contrl Center of Storm Media / ccosm][Running/Auto Start]
    <C:\Program Files\StormII\stormliv.exe /asservice>  [(Verified)北京暴风网际科技有限公司, 3, 8, 3, 15, C:2008-03-11 14:33 M:2008-03-11 14:33]
[DCOM Server Process Launcher / DcomLaunch][Running/Auto Start]
    <%SystemRoot%\system32\svchost -k DcomLaunch --> "%SystemRoot%\system32\rpcss.dll">  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|N/A, C:2004-08-17 12:00 M:2005-07-26 12:39]
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
    <%SystemRoot%\system32\nvsvc32.exe>  [(Verified)NVIDIA Corporation, 6.14.10.9371, C:2007-11-29 15:17 M:2006-10-22 12:22]
[Ris Process Communication Center / RisCCenter][Stopped/Auto Start]
    <E:\其它\Rising\Ris\CCENTER.EXE>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-04 15:47 M:2008-12-04 15:46]
[Rising RisTask Manager / RisTask][Running/Auto Start]
    <"E:\其它\Rising\Ris\RavTask.exe" RisTask>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 22, C:2008-12-04 15:47 M:2008-12-04 15:46]
[Remote Procedure Call (RPC) / RpcSs][Running/Auto Start]
    <%SystemRoot%\system32\svchost -k rpcss --> "c:\windows\system32\rpcss.dll">  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|N/A, C:2004-08-17 12:00 M:2005-07-26 12:39]
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
    <E:\其它\Rising\Ris\RavMonD.exe>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-04 15:47 M:2008-12-04 15:46]
[Rising Scan Service / RsScanSrv][Stopped/Auto Start]
    <E:\其它\Rising\Ris\ScanFrm.exe>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2008-12-04 15:47 M:2008-12-04 15:46]


========================================
Drivers

[6457aed / 6457aed][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\6457aed.sys>  []
[aliimz / aliimz][Stopped/Manual Start]
    <System32\Drivers\aliimz.sys>  []
[b71fe93 / b71fe93][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\b71fe93.sys>  []
[BdGuard / BdGuard][Running/Boot Start]
    <system32\drivers\BDGuard.SYS>  [Copyright (C) 2005, 1, 0, 12, 0, C:2008-04-17 14:50 M:2008-04-17 14:50]
[e2eCap - WDM Video Capture / E2ECAP][Stopped/Auto Start]
    <system32\DRIVERS\e2ecap.sys>  [e2eSoft, 3, 1, 128, 0, C:2008-03-29 12:49 M:2007-08-24 11:38]
[f28907d / f28907d][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\f28907d.sys>  []
[GMSIPCI / GMSIPCI][Stopped/Manual Start]
    <\??\H:\INSTALL\GMSIPCI.SYS>  []
[HBKernel32 Driver / HBKernel32][Stopped/Boot Start]
    <system32\drivers\HBKernel32.sys>  [N/A, C:2008-12-04 12:44 M:2008-12-05 09:50]
[Microsoft HID Class Driver / HidUsb][Stopped/System Start]
    <system32\drivers\HidUsb.sys>  []
[HookUrl / HookUrl][Stopped/Auto Start]
    <\??\D:\Program Files\Rising\Rfw\HookUrl.sys>  []
[Mouse HID Driver / MouHid][Stopped/System Start]
    <system32\drivers\MouHid.sys>  []
[npkcrypt / npkcrypt][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\npkcrypt.sys>  []
[npkycryp / npkycryp][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\npkycryp.sys>  []
[Padus ASPI Shell / pfc][Running/Manual Start]
    <system32\drivers\pfc.sys>  [Padus, Inc., 2, 5, 0, 200, C:2008-01-24 10:23 M:2003-08-11 10:07]
[rspp / rspp][Running/Disabled]
    <\??\C:\WINDOWS\system32\Drivers\Rspp.sys>  []
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
    <system32\DRIVERS\tcpip.sys>  [N/A, C:2004-08-17 12:00 M:2008-06-20 18:45]
[ViBus / ViBus][Stopped/Manual Start]
    <system32\drivers\ViBus.sys>  [VIA Technologies, Inc., 6.0.6000.212, C:2007-10-19 04:44 M:2007-03-26 21:26]

[9158cap, WDM Video Capture / 9158CAP][Running/Auto Start]
    <system32\DRIVERS\9158cap.sys>  [(Verified)www.9158.com, 1.000, C:2008-07-21 23:54 M:2007-12-03 10:23]
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
    <system32\drivers\ALCXWDM.SYS>  [(Verified)Realtek Semiconductor Corp., 5.10.00.6170 built by: WinDDK, C:2008-11-13 16:13 M:2006-09-20 15:01]
[hookcont / hookcont][Running/System Start]
    <system32\drivers\HookCont.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 6, C:2008-12-04 15:47 M:2008-12-04 15:46]
[hooksys / hooksys][Running/System Start]
    <system32\drivers\HookSys.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 45, C:2008-12-04 15:47 M:2008-12-05 09:52]
[nv / nv][Running/Manual Start]
    <system32\DRIVERS\nv4_mini.sys>  [(Verified)NVIDIA Corporation, 6.14.10.9371, C:2007-11-29 15:16 M:2006-10-22 12:22]
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
    <system32\DRIVERS\ptilink.sys>  [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:2004-08-17 12:00 M:2004-08-17 12:00]
[PxHelp20 / PxHelp20][Running/Boot Start]
    <System32\Drivers\PxHelp20.sys>  [(Verified)Sonic Solutions, 3.00.56a, C:2008-03-08 15:13 M:2006-08-29 12:28]
[Rising  Rfwbase Driver / RfwBase][Stopped/Auto Start]
    <System32\DRIVERS\rfwbase.SYS>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.2, C:2008-03-01 10:13 M:2008-12-04 15:46]
[Rising RfwBase Driver / RfwBase9][Running/Manual Start]
    <system32\DRIVERS\rfwbase.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.2, C:2008-03-01 10:13 M:2008-12-04 15:46]
[rfwtdi / rfwtdi][Running/Auto Start]
    <\??\E:\其它\Rising\Ris\rfwtdi.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.2, C:2008-12-04 15:47 M:2008-12-04 15:46]
[rsfwdrv / RsFwDrv][Running/System Start]
    <\??\E:\其它\Rising\Ris\rsfwdrv.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.40, C:2008-12-04 15:47 M:2008-12-05 09:53]
[RsNTGDI / RsNTGDI][Running/Boot Start]
    <system32\Drivers\RsNTGdi.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-04 15:47 M:2008-12-04 15:46]
[Realtek 10/100/1000 PCI NIC Family NDIS XP Driver / RTL8023xp][Running/Manual Start]
    <system32\DRIVERS\Rtnicxp.sys>  [(Verified)Realtek Semiconductor Corporation                           , 5,659,1012,2006 built by: WinDDK, C:2007-11-30 08:56 M:2006-10-13 16:16]
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start]
    <system32\DRIVERS\RTL8139.SYS>  [(Verified)Realtek Semiconductor Corporation, 5.398.613.2003 built by: WinDDK, C:2007-11-29 17:02 M:2004-08-03 22:31]
[Secdrv / Secdrv][Stopped/Manual Start]
    <system32\DRIVERS\secdrv.sys>  [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:2004-08-17 12:00 M:2007-11-13 18:25]
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1][Stopped/Manual Start]
    <system32\DRIVERS\SONYPVU1.SYS>  [(Verified)Sony Corporation, 1.3.0526.0 (XPClient.010817-1148), C:2008-03-04 15:24 M:2001-08-17 13:56]
[TesSafe / TesSafe][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\TesSafe.sys>  [(Verified)TENCENT, 0, 0, 9, 0, C:2007-12-05 15:24 M:2008-12-02 14:10]
[TSKSP / TSKSP][Stopped/Manual Start]
    <\??\E:\QQ游戏\QQ医生 2.0Beta3\TSKSP.sys>  [(Verified)Tencent, 2008, 9, 27, 17, C:2008-09-27 18:41 M:2008-09-27 18:41]
[VMware Pointing Device / vmmouse][Running/Manual Start]
    <system32\DRIVERS\vmmouse.sys>  [(Verified)VMware, Inc., 12.2.0.0, C:2007-11-29 15:16 M:2005-12-16 02:32]


========================================
Running Processes

[PID: 836 / SYSTEM]   \SystemRoot\System32\smss.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]

[PID: 900 / SYSTEM]   \??\C:\WINDOWS\system32\csrss.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\csrss.dll  [N/A, C:2008-12-04 12:41 M:2005-07-26 12:39]
    C:\WINDOWS\system32\sh05004.dll  [N/A, C:2004-08-17 12:00 M:2005-07-26 12:39]

[PID: 924 / SYSTEM]   \??\C:\WINDOWS\system32\winlogon.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-10-17 02:36]
    C:\WINDOWS\system32\SOGOUPY.IME  [(Verified)Sogou.com Inc., 3.6.0.1653, C:2008-09-17 10:07 M:2008-09-17 10:07]

[PID: 968 / SYSTEM]   C:\WINDOWS\system32\services.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-10-17 02:36]

[PID: 980 / SYSTEM]   C:\WINDOWS\system32\lsass.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-10-17 02:36]

[PID: 1160 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-10-17 02:36]
    c:\windows\system32\rpcss.dll  [N/A, C:2004-08-17 12:00 M:2005-07-26 12:39]

[PID: 1232 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-10-17 02:36]
    c:\windows\system32\rpcss.dll  [N/A, C:2004-08-17 12:00 M:2005-07-26 12:39]

[PID: 1376 / SYSTEM]   E:\其它\Rising\Ris\CCENTER.EXE   [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\combase.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\cnt09.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 34, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\cnt08.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-04 15:47 M:2008-12-04 15:46]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-10-17 02:36]

[PID: 1384 / SYSTEM]   C:\WINDOWS\System32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\System32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-10-17 02:36]

[PID: 1628 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-10-17 02:36]

[PID: 1676 / LOCAL SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-10-17 02:36]

[PID: 1744 / SYSTEM]   E:\其它\Rising\Ris\RavMonD.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\combase.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10, C:2008-12-04 15:47 M:2008-12-04 15:46]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2007-02-24 10:01 M:2007-02-24 10:01]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2007-02-24 10:01 M:2007-02-24 10:01]
    E:\其它\Rising\Ris\moncomm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-04 15:47 M:2008-12-05 09:54]
    E:\其它\Rising\Ris\MonBase.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\Rslog.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.32, C:2008-12-04 15:47 M:2008-12-05 09:53]
    E:\其它\Rising\Ris\mondrv.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-04 15:47 M:2008-12-05 09:52]
    E:\其它\Rising\Ris\defmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 25, C:2008-12-04 15:47 M:2008-12-05 09:53]
    E:\其它\Rising\Ris\moncom08.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\MonRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\FileMon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 21, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\MailMon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 18, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\HookWeb.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\rfwlog.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\rfwrule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\rfwsrv.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.60, C:2008-12-04 15:47 M:2008-12-05 09:53]
    E:\其它\Rising\Ris\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\mPorts.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.0, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\rfwdrvc.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.3, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\Rfwdrv.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.5, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\urlrule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1.0.0.15, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\rfwproxy.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.10, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\proccomm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.13, C:2008-12-04 15:47 M:2008-12-05 09:53]
    E:\其它\Rising\Ris\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\Hooksys.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 18, C:2008-12-04 15:47 M:2008-12-05 09:52]
    E:\其它\Rising\Ris\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\HookCont.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 11, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\rsnetsvr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2008-12-04 15:47 M:2008-12-04 15:46]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-10-17 02:36]
    E:\其它\Rising\Ris\BACore.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 16, C:2008-12-04 15:47 M:2008-12-05 09:53]
    E:\其它\Rising\Ris\recomp.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\refs.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\RSStore.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 8, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\ScanAdd.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.14, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\Scanner.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.32, C:2008-12-04 15:47 M:2008-12-05 09:54]
    E:\其它\Rising\Ris\viruslib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\relibldr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-04 15:47 M:2008-12-04 15:46]
    C:\WINDOWS\system32\SOGOUPY.IME  [(Verified)Sogou.com Inc., 3.6.0.1653, C:2008-09-17 10:07 M:2008-09-17 10:07]
    E:\其它\Rising\Ris\ffr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\nvfile.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-04 15:47 M:2008-12-05 09:53]
    E:\其它\Rising\Ris\scanexec.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-04 15:47 M:2008-12-05 09:53]
    E:\其它\Rising\Ris\unexe.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\scanex.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 15, C:2008-12-04 15:47 M:2008-12-05 09:53]
    E:\其它\Rising\Ris\pearc.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\scanpe.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-04 15:47 M:2008-12-05 09:53]
    E:\其它\Rising\Ris\ur000.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\extfile.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\revm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-04 15:47 M:2008-12-05 09:53]
    E:\其它\Rising\Ris\urutils.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-04 15:47 M:2008-12-05 09:53]
    E:\其它\Rising\Ris\ur001.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\extmail.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-04 15:47 M:2008-12-05 09:53]
    E:\其它\Rising\Ris\scansct.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\scriptci.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\uroutine.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\posttrt.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-04 15:47 M:2008-12-04 15:46]

[PID: 1940 / SYSTEM]   C:\WINDOWS\system32\spoolsv.exe   [(Verified)Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519), C:2004-08-17 12:00 M:2005-06-11 07:53]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-10-17 02:36]
    C:\WINDOWS\system32\CNMLM55.DLL  [(Verified)CANON INC., 1.90.3.90, C:2007-11-30 11:23 M:2005-11-30 05:00]
    C:\WINDOWS\system32\CNMLM6e.DLL  [(Verified)CANON INC., 1.80.2.50, C:2008-10-29 10:23 M:2004-04-23 13:00]
    C:\WINDOWS\System32\spool\PRTPROCS\W32X86\CNMPD55.DLL  [(Verified)CANON INC., 1.90.3.90, C:2007-11-30 11:23 M:2005-11-30 05:00]
    C:\WINDOWS\System32\spool\PRTPROCS\W32X86\CNMPD6e.DLL  [(Verified)CANON INC., 1.80.2.50, C:2008-10-29 10:23 M:2004-04-23 13:00]

[PID: 232 / Administrator]   C:\WINDOWS\Explorer.exe   [(Verified)Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234), C:2004-08-17 12:00 M:2007-06-13 21:21]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-10-17 02:36]
    C:\WINDOWS\system32\SOGOUPY.IME  [(Verified)Sogou.com Inc., 3.6.0.1653, C:2008-09-17 10:07 M:2008-09-17 10:07]
    C:\Program Files\WinRAR\rarext.dll  [N/A, C:2007-10-17 04:03 M:2007-09-23 18:59]
    C:\WINDOWS\system32\RavExt.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-04 15:47 M:2008-12-05 09:53]
    C:\WINDOWS\system32\shdoclc.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-16 16:38]
    C:\WINDOWS\system32\mp3infp.dll  [win32lab.com, 2.54.5.0, C:2007-03-18 22:41 M:2007-03-18 22:41]
    C:\WINDOWS\system32\nvcpl.dll  [(Verified)NVIDIA Corporation, 6.14.10.9371, C:2007-11-29 15:17 M:2006-10-22 12:22]
    C:\WINDOWS\system32\NVRSZHC.DLL  [NVIDIA Corporation, 6.14.10.9136, C:2007-11-29 15:17 M:2006-07-12 13:19]
    C:\WINDOWS\system32\nvapi.dll  [(Verified)N/A, C:2007-11-29 15:17 M:2006-10-22 12:22]
    E:\Program Files\Tencent\QQ\qdshm.dll  [(Verified)Copyright 2004, 1, 0, 101, 20, C:2008-05-14 20:49 M:2008-05-14 20:49]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\MSVCR80.dll  [Microsoft Corporation, 8.00.50727.163, C:2006-06-05 14:14 M:2006-06-05 14:14]

[PID: 340 / SYSTEM]   C:\Program Files\StormII\stormliv.exe   [(Verified)北京暴风网际科技有限公司, 3, 8, 3, 15, C:2008-03-11 14:33 M:2008-03-11 14:33]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-10-17 02:36]

[PID: 404 / SYSTEM]   C:\WINDOWS\system32\nvsvc32.exe   [(Verified)NVIDIA Corporation, 6.14.10.9371, C:2007-11-29 15:17 M:2006-10-22 12:22]
    C:\WINDOWS\system32\nvapi.dll  [(Verified)N/A, C:2007-11-29 15:17 M:2006-10-22 12:22]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-10-17 02:36]
    C:\WINDOWS\system32\SOGOUPY.IME  [(Verified)Sogou.com Inc., 3.6.0.1653, C:2008-09-17 10:07 M:2008-09-17 10:07]

[PID: 448 / SYSTEM]   C:\Program Files\Common Files\Sogou PXP\p2psvr.exe   [Sohu.com Inc., 2, 0, 0, 20, C:2006-08-03 11:04 M:2006-08-03 11:04]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-10-17 02:36]
    C:\Program Files\P4P\p4pipc.dll  [Sohu.com Inc., 1, 0, 0, 11, C:2006-06-06 14:11 M:2006-06-06 14:11]

[PID: 508 / SYSTEM]   E:\其它\Rising\Ris\RavTask.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 22, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\rsconf.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.13, C:2008-12-04 15:47 M:2008-12-05 09:53]
    E:\其它\Rising\Ris\proccomm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-04 15:47 M:2008-12-04 15:46]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2007-02-24 10:01 M:2007-02-24 10:01]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2007-02-24 10:01 M:2007-02-24 10:01]
    E:\其它\Rising\Ris\rsstub.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-04 15:47 M:2008-12-04 15:46]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-10-17 02:36]
    E:\其它\Rising\Ris\rstask.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 33, C:2008-12-04 15:47 M:2008-12-05 09:53]

[PID: 624 / SYSTEM]   E:\其它\Rising\Ris\ScanFrm.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2008-12-04 15:47 M:2008-12-04 15:46]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2007-02-24 10:01 M:2007-02-24 10:01]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2007-02-24 10:01 M:2007-02-24 10:01]
    E:\其它\Rising\Ris\combase.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\moncomm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-04 15:47 M:2008-12-05 09:54]
    E:\其它\Rising\Ris\scansrvp.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\proccomm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\ScanSrv.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.9, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-04 15:47 M:2008-12-04 15:46]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-10-17 02:36]
    C:\WINDOWS\system32\SOGOUPY.IME  [(Verified)Sogou.com Inc., 3.6.0.1653, C:2008-09-17 10:07 M:2008-09-17 10:07]
    E:\其它\Rising\Ris\ScanRavT.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.23, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\ScanBT.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.36, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\ScanStub.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.8, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\RsLog.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.32, C:2008-12-04 15:47 M:2008-12-05 09:53]
    E:\其它\Rising\Ris\ScanAdd.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.14, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.13, C:2008-12-04 15:47 M:2008-12-05 09:53]
    E:\其它\Rising\Ris\Scanner.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.32, C:2008-12-04 15:47 M:2008-12-05 09:54]
    E:\其它\Rising\Ris\recomp.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\refs.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\viruslib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\relibldr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\mvengine.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-04 15:47 M:2008-12-05 09:53]
    E:\其它\Rising\Ris\SysMail.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.5, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\posttrt.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\ffr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\nvfile.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-04 15:47 M:2008-12-05 09:53]
    E:\其它\Rising\Ris\scanexec.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-04 15:47 M:2008-12-05 09:53]
    E:\其它\Rising\Ris\unexe.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\scanex.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 15, C:2008-12-04 15:47 M:2008-12-05 09:53]
    E:\其它\Rising\Ris\pearc.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\scanpe.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-04 15:47 M:2008-12-05 09:53]
    E:\其它\Rising\Ris\ur000.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\extfile.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\revm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-04 15:47 M:2008-12-05 09:53]
    E:\其它\Rising\Ris\urutils.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-04 15:47 M:2008-12-05 09:53]
    E:\其它\Rising\Ris\ur001.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\extole.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\extmail.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-04 15:47 M:2008-12-05 09:53]
    E:\其它\Rising\Ris\scansct.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\scriptci.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\uroutine.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\ur023.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\scanmac.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-04 15:47 M:2008-12-05 09:53]
    E:\其它\Rising\Ris\ur025.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\ur004.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\rsstore.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 8, C:2008-12-04 15:47 M:2008-12-04 15:46]

[PID: 292 / LOCAL SERVICE]   C:\WINDOWS\System32\alg.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\System32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-10-17 02:36]

[PID: 324 / SYSTEM]   E:\其它\Rising\Ris\rsnetsvr.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 8, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\NComm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.6, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\ProcComm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-04 15:47 M:2008-12-04 15:46]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2007-02-24 10:01 M:2007-02-24 10:01]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2007-02-24 10:01 M:2007-02-24 10:01]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-10-17 02:36]
    C:\WINDOWS\system32\SOGOUPY.IME  [(Verified)Sogou.com Inc., 3.6.0.1653, C:2008-09-17 10:07 M:2008-09-17 10:07]

[PID: 2300 / Administrator]   C:\WINDOWS\SOUNDMAN.EXE   [(Verified)Realtek Semiconductor Corp., 5, 1, 0, 56, C:2008-11-13 16:13 M:2006-08-03 05:12]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-10-17 02:36]
    C:\WINDOWS\system32\SOGOUPY.IME  [(Verified)Sogou.com Inc., 3.6.0.1653, C:2008-09-17 10:07 M:2008-09-17 10:07]

[PID: 2312 / Administrator]   E:\其它\Rising\Ris\RsTray.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.21, C:2008-12-04 15:47 M:2008-12-05 09:53]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-10-17 02:36]
    C:\WINDOWS\system32\SOGOUPY.IME  [(Verified)Sogou.com Inc., 3.6.0.1653, C:2008-09-17 10:07 M:2008-09-17 10:07]
    E:\其它\Rising\Ris\ComServ.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.49, C:2008-12-04 15:47 M:2008-12-05 09:53]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2007-02-24 10:01 M:2007-02-24 10:01]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2007-02-24 10:01 M:2007-02-24 10:01]
    E:\其它\Rising\Ris\rslang.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 26, C:2008-12-04 15:47 M:2008-12-05 09:53]
    E:\其它\Rising\Ris\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\rsxml.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\ProcComm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\MonState.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\ScanEvnt.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.12, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\rsvrinfo.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\recomp.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\refs.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\viruslib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\relibldr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\rsguilib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 69, C:2008-12-04 15:47 M:2008-12-05 09:53]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2008-12-03 14:06 M:2008-11-18 16:32]
    C:\Program Files\Samsung\Samsung PC Studio 3\MFC71CHS.DLL  [Microsoft Corporation, 7.10.3077.0, C:2008-03-17 09:37 M:2005-11-19 19:16]
    E:\其它\Rising\Ris\rsconf.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.13, C:2008-12-04 15:47 M:2008-12-05 09:53]
    E:\其它\Rising\Ris\rfwrule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\rspalvd.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.19, C:2008-12-04 15:47 M:2008-12-05 09:53]
    E:\其它\Rising\Ris\rsnetsvr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\ravbintl.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24, C:2008-12-04 15:47 M:2008-12-05 09:53]
    E:\其它\Rising\Ris\mruleui.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10, C:2008-12-04 15:47 M:2008-12-05 09:53]
    E:\其它\Rising\Ris\MonTray.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.85, C:2008-12-04 15:47 M:2008-12-05 09:53]
    E:\其它\Rising\Ris\PngDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\RavITray.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 19, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\ScanPrxy.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.13, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\rfwtray.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 99, C:2008-12-04 15:47 M:2008-12-05 09:53]
    E:\其它\Rising\Ris\rfwlog.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2008-12-04 15:47 M:2008-12-04 15:46]

[PID: 2372 / Administrator]   C:\Program Files\Rising\AntiSpyware\rstray.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.16, C:2008-12-05 11:37 M:2008-12-05 11:36]
    C:\Program Files\Rising\AntiSpyware\rsmginfo.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 8, C:2008-12-05 11:37 M:2008-12-05 11:36]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-10-17 02:36]
    C:\Program Files\Rising\AntiSpyware\RsXML.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-12-05 11:37 M:2008-12-05 11:36]
    C:\Program Files\Rising\AntiSpyware\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2008-12-05 11:37 M:2008-12-05 11:36]
    C:\Program Files\Rising\AntiSpyware\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2008-12-05 11:37 M:2008-12-05 11:36]
    C:\WINDOWS\system32\SOGOUPY.IME  [(Verified)Sogou.com Inc., 3.6.0.1653, C:2008-09-17 10:07 M:2008-09-17 10:07]
    C:\Program Files\Rising\AntiSpyware\ComServ.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.31, C:2008-12-05 11:37 M:2008-12-05 11:36]
    C:\Program Files\Rising\AntiSpyware\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-05 11:37 M:2008-12-05 11:36]
    C:\Program Files\Rising\AntiSpyware\rscommon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.1.1, C:2008-12-05 11:37 M:2008-12-05 11:36]
    C:\Program Files\Rising\AntiSpyware\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-05 11:37 M:2008-12-05 11:36]
    C:\Program Files\Rising\AntiSpyware\pngdll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-12-05 11:37 M:2008-12-05 11:36]
    C:\Program Files\Rising\AntiSpyware\runiep.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.41, C:2008-12-05 11:37 M:2008-12-05 11:36]
    C:\Program Files\Rising\AntiSpyware\NComm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.6, C:2008-12-05 11:37 M:2008-12-05 11:36]
    C:\Program Files\Rising\AntiSpyware\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-12-05 11:37 M:2008-12-05 11:36]
    C:\Program Files\Rising\AntiSpyware\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-12-05 11:37 M:2008-12-05 11:36]

[PID: 2476 / Administrator]   C:\Program Files\Common Files\Real\Update_OB\realsched.exe   [(Verified)RealNetworks, Inc., 0.1.1.68, C:2008-05-06 11:48 M:2008-12-05 11:44]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-10-17 02:36]
    C:\WINDOWS\system32\SOGOUPY.IME  [(Verified)Sogou.com Inc., 3.6.0.1653, C:2008-09-17 10:07 M:2008-09-17 10:07]

[PID: 2520 / Administrator]   E:\Program Files\Windows Live\Messenger\msnmsgr.exe   [(Verified)Microsoft Corporation, 8.5.1302.1018, C:2008-11-25 10:43 M:2007-10-18 11:35]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\MSVCR80.dll  [Microsoft Corporation, 8.00.50727.163, C:2006-06-05 14:14 M:2006-06-05 14:14]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-10-17 02:36]
    C:\WINDOWS\system32\SOGOUPY.IME  [(Verified)Sogou.com Inc., 3.6.0.1653, C:2008-09-17 10:07 M:2008-09-17 10:07]
    C:\WINDOWS\system32\msdmo.dll  [(Verified)N/A, C:2004-08-17 12:00 M:2004-08-17 12:00]

[PID: 3288 / Administrator]   E:\Program Files\迅雷\WebThunder.exe   [(Verified)深圳市迅雷网络技术有限公司, 1, 13, 1, 224, C:2008-10-17 10:27 M:2008-10-17 10:27]
    E:\Program Files\迅雷\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2008-07-01 17:40 M:2008-07-01 17:40]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-10-17 02:36]
    C:\WINDOWS\system32\SOGOUPY.IME  [(Verified)Sogou.com Inc., 3.6.0.1653, C:2008-09-17 10:07 M:2008-09-17 10:07]
    E:\Program Files\迅雷\TaskManager.dll  [Thunder Networking Technologies,LTD, 1, 3, 1, 56, C:2008-07-01 17:40 M:2008-07-01 17:40]
    E:\Program Files\迅雷\download_interface.dll  [Thunder Networking Technologies,LTD, 2, 21, 2, 217, C:2008-07-01 17:40 M:2008-07-01 17:40]
    E:\Program Files\迅雷\stlport_vc646.dll  [STLport Consulting, Inc., 4.6.2003.1031, C:2008-07-01 17:40 M:2008-07-01 17:40]
    E:\Program Files\迅雷\asyn_dns.dll  [Thunder Networking Technologies,LTD, 2, 21, 2, 217, C:2008-07-01 17:40 M:2008-07-01 17:40]
    E:\Program Files\迅雷\streammedialib.dll  [Copyright 2007, 1, 3, 2, 124, C:2008-07-01 17:40 M:2008-07-01 17:40]
    E:\Program Files\迅雷\al.dll  [Copyright 2008, 1, 0, 1, 3, C:2008-07-01 17:40 M:2008-07-01 17:40]
    E:\Program Files\迅雷\bd.dll  [Thunder Networking Technologies,LTD, 1, 0, 2, 6, C:2008-07-01 17:40 M:2008-07-01 17:40]
    E:\Program Files\迅雷\RegisterDll.dll  [Thunder Networking Technologies,LTD, 2, 16, 5, 63, C:2008-07-01 17:40 M:2008-07-01 17:40]
    E:\Program Files\迅雷\CacheServer.dll  [版权所有 (C) 2007, 1, 0, 0, 1, C:2008-07-01 17:40 M:2008-07-01 17:40]
    C:\WINDOWS\system32\shdoclc.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-16 16:38]
    E:\Program Files\迅雷\XLSafe\SafeInfo.dll  [深圳市迅雷网络技术有限公司, 1, 0, 1, 2, C:2008-07-01 17:40 M:2008-07-01 17:40]
    E:\Program Files\迅雷\XLSafe\RMFScan.dll  [N/A, C:2008-07-01 17:40 M:2008-07-01 17:40]
    E:\Program Files\迅雷\XLNet.Dll  [Thunder Networking Technologies,LTD, 1, 3, 4, 18, C:2008-07-01 17:40 M:2008-07-01 17:40]
    E:\其它\Rising\Ris\RavScrCh.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.35, C:2008-12-04 15:47 M:2008-12-05 09:53]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2007-02-24 10:01 M:2007-02-24 10:01]
    E:\Program Files\迅雷\DownAndPlay\WebDownAndPlay.dll  [ShenZhen Thunder Networking Technologies Ltd., 1, 0, 4, 22, C:2008-07-01 17:40 M:2008-07-01 17:40]
    E:\Program Files\迅雷\XLStatistic\XLStatisticAddin.dll  [深圳市迅雷网络技术有限公司, 1, 4, 1, 5, C:2008-07-01 17:40 M:2008-07-01 17:40]
    C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx  [(Verified)Adobe Systems, Inc., 10,0,12,36, C:2008-10-05 11:16 M:2008-10-05 11:16]

[PID: 3328 / Administrator]   C:\Program Files\Rising\AntiSpyware\knownsvr.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.13, C:2008-12-05 11:37 M:2008-12-05 11:36]
    C:\Program Files\Rising\AntiSpyware\NComm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.6, C:2008-12-05 11:37 M:2008-12-05 11:36]
    C:\Program Files\Rising\AntiSpyware\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-05 11:37 M:2008-12-05 11:36]
    C:\Program Files\Rising\AntiSpyware\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-05 11:37 M:2008-12-05 11:36]

[PID: 3968 / Administrator]   E:\其它\Rising\Ris\rsmain.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2008-12-04 15:47 M:2008-12-04 15:46]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2007-02-24 10:01 M:2007-02-24 10:01]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-10-17 02:36]
    E:\其它\Rising\Ris\rspalmgr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.29, C:2008-12-04 15:47 M:2008-12-05 09:53]
    E:\其它\Rising\Ris\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\RSXML.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-04 15:47 M:2008-12-04 15:46]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2007-02-24 10:01 M:2007-02-24 10:01]
    E:\其它\Rising\Ris\RsGuiLib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 69, C:2008-12-04 15:47 M:2008-12-05 09:53]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2008-12-03 14:06 M:2008-11-18 16:32]
    C:\Program Files\Samsung\Samsung PC Studio 3\MFC71CHS.DLL  [Microsoft Corporation, 7.10.3077.0, C:2008-03-17 09:37 M:2005-11-19 19:16]
    E:\其它\Rising\Ris\rslang.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 26, C:2008-12-04 15:47 M:2008-12-05 09:53]
    E:\其它\Rising\Ris\ravbmenu.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14, C:2008-12-04 15:47 M:2008-12-05 09:53]
    E:\其它\Rising\Ris\rsconf.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\rspalvd.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.19, C:2008-12-04 15:47 M:2008-12-05 09:53]
    E:\其它\Rising\Ris\ravppops.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\ravbintl.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24, C:2008-12-04 15:47 M:2008-12-05 09:53]
    E:\其它\Rising\Ris\ravpsafe.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\MonState.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\ScanPrxy.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.13, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\psafecfg.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.16, C:2008-12-04 15:47 M:2008-12-05 09:54]
    E:\其它\Rising\Ris\rfwrule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\rfwLog.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\rfw.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 1, 43, C:2008-12-04 15:47 M:2008-12-05 09:53]
    E:\其它\Rising\Ris\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.13, C:2008-12-04 15:47 M:2008-12-05 09:53]
    E:\其它\Rising\Ris\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\ProcComm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\ravxpage.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 78, C:2008-12-04 15:47 M:2008-12-05 09:53]
    E:\其它\Rising\Ris\ravxmons.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\ravptool.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2008-12-04 15:47 M:2008-12-05 09:53]
    C:\WINDOWS\system32\SOGOUPY.IME  [(Verified)Sogou.com Inc., 3.6.0.1653, C:2008-09-17 10:07 M:2008-09-17 10:07]
    E:\其它\Rising\Ris\PngDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\mPorts.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.0, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\rsvrinfo.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\recomp.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\refs.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\viruslib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-04 15:47 M:2008-12-04 15:46]
    E:\其它\Rising\Ris\relibldr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-04 15:47 M:2008-12-04 15:46]

[PID: 668 / Administrator]   C:\Program Files\Rising\AntiSpyware\ras.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.7, C:2008-12-05 11:37 M:2008-12-05 11:36]
    C:\Program Files\Rising\AntiSpyware\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2008-12-05 11:37 M:2008-12-05 11:36]
    C:\Program Files\Rising\AntiSpyware\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2008-12-05 11:37 M:2008-12-05 11:36]
    C:\Program Files\Samsung\Samsung PC Studio 3\MFC71CHS.DLL  [Microsoft Corporation, 7.10.3077.0, C:2008-03-17 09:37 M:2005-11-19 19:16]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-10-17 02:36]
    C:\Program Files\Rising\AntiSpyware\KakaMgr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.27, C:2008-12-05 11:37 M:2008-12-05 11:36]
    C:\Program Files\Rising\AntiSpyware\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2008-12-05 11:37 M:2008-12-05 11:36]
    C:\Program Files\Rising\AntiSpyware\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-05 11:37 M:2008-12-05 11:36]
    C:\Program Files\Rising\AntiSpyware\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-12-05 11:37 M:2008-12-05 11:36]
    C:\Program Files\Rising\AntiSpyware\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-12-05 11:37 M:2008-12-05 11:36]
    C:\Program Files\Rising\AntiSpyware\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-05 11:37 M:2008-12-05 11:36]
    C:\Program Files\Rising\AntiSpyware\dbmgr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.4, C:2008-12-05 11:37 M:2008-12-05 11:36]
    C:\Program Files\Rising\AntiSpyware\RSXML.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-12-05 11:37 M:2008-12-05 11:36]
    C:\Program Files\Rising\AntiSpyware\pweb.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.19, C:2008-12-05 11:37 M:2008-12-05 11:36]
    C:\Program Files\Rising\AntiSpyware\pscan.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.58, C:2008-12-05 11:37 M:2008-12-05 11:36]
    C:\Program Files\Rising\AntiSpyware\NComm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.6, C:2008-12-05 11:37 M:2008-12-05 11:36]
    C:\Program Files\Rising\AntiSpyware\pset.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.12, C:2008-12-05 11:37 M:2008-12-05 11:36]
    C:\Program Files\Rising\AntiSpyware\pdefend.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.14, C:2008-12-05 11:37 M:2008-12-05 11:36]
    C:\Program Files\Rising\AntiSpyware\ptools.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.15, C:2008-12-05 11:37 M:2008-12-05 11:36]
    C:\Program Files\Rising\AntiSpyware\psysinfo.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.56, C:2008-12-05 11:37 M:2008-12-05 11:36]
    C:\Program Files\Rising\AntiSpyware\PngDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-12-05 11:37 M:2008-12-05 11:36]
    C:\WINDOWS\system32\SOGOUPY.IME  [(Verified)Sogou.com Inc., 3.6.0.1653, C:2008-09-17 10:07 M:2008-09-17 10:07]
    C:\WINDOWS\system32\shdoclc.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-16 16:38]
    E:\其它\Rising\Ris\RavScrCh.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.35, C:2008-12-04 15:47 M:2008-12-05 09:53]
    C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx  [(Verified)Adobe Systems, Inc., 10,0,12,36, C:2008-10-05 11:16 M:2008-10-05 11:16]

[PID: 4000 / Administrator]   C:\Program Files\Internet Explorer\IEXPLORE.EXE   [(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2007-09-15 12:14 M:2004-08-17 20:00]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-10-17 02:36]
    C:\WINDOWS\system32\SOGOUPY.IME  [(Verified)Sogou.com Inc., 3.6.0.1653, C:2008-09-17 10:07 M:2008-09-17 10:07]
    C:\PROGRA~1\baidu\bar\baidubar.dll  [(Verified)Baidu.com, Inc., 2, 0, 2, 181, C:2008-03-27 10:05 M:2008-11-07 03:34]
    C:\Program Files\Windows Live Toolbar\zh-cn\mtbres.dll.mui  [Microsoft Corporation, 03.00.0001.2012, C:2007-10-19 11:55 M:2007-10-19 11:55]
    C:\Program Files\Windows Live Toolbar\mtbres.dll  [Microsoft Corporation, 03.01.0000.0146, C:2007-10-19 11:18 M:2007-10-19 11:18]
    C:\Program Files\Windows Live Toolbar\Tem.dll  [Microsoft Corporation, 03.01.0000.0146, C:2007-10-19 11:18 M:2007-10-19 11:18]
    C:\Program Files\Windows Live Toolbar\zh-cn\searchboxRes.dll.mui  [Microsoft Corporation, 03.00.0001.2012, C:2007-10-19 11:55 M:2007-10-19 11:55]
    C:\Program Files\Windows Live Toolbar\searchboxRes.dll  [Microsoft Corporation, 03.01.0000.0146, C:2007-10-19 11:18 M:2007-10-19 11:18]
    C:\Program Files\Windows Live Toolbar\Components\zh-cn\hvres.dll.mui  [Microsoft Corporation, 03.00.0001.2012, C:2007-10-19 12:07 M:2007-10-19 12:07]
    C:\Program Files\Windows Live Toolbar\Components\hvres.dll  [Microsoft Corporation, 03.01.0000.0146, C:2007-10-19 11:18 M:2007-10-19 11:18]
    C:\Program Files\Windows Live Toolbar\zh-cn\CMRes.dll.mui  [Microsoft Corporation, 03.00.0001.2032, C:2007-10-19 11:55 M:2007-10-19 11:55]
    C:\Program Files\Windows Live Toolbar\CMRes.dll  [Microsoft Corporation, 03.01.0000.0146, C:2007-10-19 11:18 M:2007-10-19 11:18]
    C:\Program Files\Windows Live Toolbar\zh-cn\msn_slrs.DLL.mui  [Microsoft Corporation, 03.00.0001.2012, C:2007-10-19 11:55 M:2007-10-19 11:55]
    C:\Program Files\Windows Live Toolbar\msn_slrs.DLL  [Microsoft Corporation, 03.01.0000.0146, C:2007-10-19 11:18 M:2007-10-19 11:18]
    C:\Program Files\Windows Live Toolbar\Components\zh-cn\MSNExtensionRes.dll.mui  [Microsoft Corporation, 03.00.0001.2012, C:2007-10-19 13:06 M:2007-10-19 13:06]
    C:\Program Files\Windows Live Toolbar\Components\MSNExtensionRes.dll  [Microsoft Corporation, 03.01.0000.0146, C:2007-10-19 11:23 M:2007-10-19 11:23]
    C:\Program Files\Windows Live Toolbar\Components\zh-cn\SmaMenRes.dll.mui  [Microsoft Corporation。, 03.00.0001.2012, C:2007-10-19 13:21 M:2007-10-19 13:21]
    C:\Program Files\Windows Live Toolbar\Components\SmaMenRes.dll  [Microsoft Corporation., 03.01.0000.0146, C:2007-10-19 11:23 M:2007-10-19 11:23]
    C:\Program Files\Windows Live Toolbar\zh-cn\CBRes.dll.mui  [Microsoft Corporation, 03.01.0000.0146, C:2007-10-19 11:55 M:2007-10-19 11:55]
    C:\Program Files\Windows Live Toolbar\CBRes.dll  [Microsoft Corporation, 03.01.0000.0146, C:2007-10-19 11:18 M:2007-10-19 11:18]
    C:\Program Files\Windows Live Toolbar\Components\msnHiliteViewer.dll  [Microsoft Corporation, 03.01.0000.0146, C:2007-10-19 11:18 M:2007-10-19 11:18]
    C:\WINDOWS\system32\KakaTool.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 3, C:2008-12-05 11:37 M:2008-12-05 11:36]
    C:\Program Files\Rising\AntiSpyware\syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-05 11:37 M:2008-12-05 11:36]
    C:\Program Files\Rising\AntiSpyware\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-05 11:37 M:2008-12-05 11:36]
    C:\WINDOWS\system32\shdoclc.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-16 16:38]
    E:\其它\Rising\Ris\RavScrCh.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.35, C:2008-12-04 15:47 M:2008-12-05 09:53]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2007-02-24 10:01 M:2007-02-24 10:01]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2007-02-24 10:01 M:2007-02-24 10:01]
    C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx  [(Verified)Adobe Systems, Inc., 10,0,12,36, C:2008-10-05 11:16 M:2008-10-05 11:16]
    C:\WINDOWS\system32\mscoree.dll  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200), C:2005-09-23 07:28 M:2005-09-23 07:28]
    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200), C:2005-09-23 07:28 M:2005-09-23 07:28]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\MSVCR80.dll  [Microsoft Corporation, 8.00.50727.163, C:2006-06-05 14:14 M:2006-06-05 14:14]

[PID: 2916 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-10-17 02:36]

[PID: 3032 / Administrator]   C:\Program Files\WinRAR\WinRAR.exe   [N/A, C:2007-10-17 04:03 M:2007-09-23 18:59]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-10-17 02:36]
    C:\WINDOWS\system32\SOGOUPY.IME  [(Verified)Sogou.com Inc., 3.6.0.1653, C:2008-09-17 10:07 M:2008-09-17 10:07]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\MSVCR80.dll  [Microsoft Corporation, 8.00.50727.163, C:2006-06-05 14:14 M:2006-06-05 14:14]

[PID: 2400 / Administrator]   C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX01.125\SysLog-0804\SysLog.exe   [N/A, C:2008-12-05 12:48 M:2008-08-04 21:19]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-10-17 02:36]
    C:\WINDOWS\system32\SOGOUPY.IME  [(Verified)Sogou.com Inc., 3.6.0.1653, C:2008-09-17 10:07 M:2008-09-17 10:07]


========================================
File Link

[.vbs] <"C:\Program Files\Xing\XingMPEG Player\xmplayer.exe" %1> [Xing Technology Corporation, 3.30, C:2008-01-25 14:34 M:1998-04-24 11:25]


========================================
Autorun



========================================
Winsock Providers



[/CODE]