[CODE]

2008-12-18,10:59:37

SysLog Scanner 1.0 - build 20080726
Arswp (http://www.arswp.com)

Windows XP Professional Service Pack 2 (build 2600) - Administrators



========================================
Registries

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)NVIDIA Corporation, 6.14.10.9136, C:2008-06-23 11:56 M:2006-07-12 13:19]
    <nwiz><nwiz.exe /install>  [N/A, C:2008-06-23 11:56 M:2006-07-12 13:19]
    <NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)NVIDIA Corporation, 6.14.10.9136, C:2008-06-23 11:56 M:2006-07-12 13:19]
    <ToolBoxFX><"C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /systrayIcon:on /fl:on /fr:on /appData:on>  [HP, 2.2.170.0, C:2006-06-15 08:43 M:2006-06-15 08:43]
    <HP Software Update><C:\Program Files\HP\HP Software Update\HPWuSchd2.exe>  [Hewlett-Packard Co., 50.0.146.000, C:2005-02-16 23:11 M:2005-02-16 23:11]
    <SigmatelSysTrayApp><stsystra.exe>  [SigmaTel, Inc., 1.0.4991.0  nd444 cp1, C:2008-06-23 13:00 M:2006-03-20 16:00]
    <RavTask><"D:\Rising\Rav\RavTask.exe" -system>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.24, C:2008-06-23 14:40 M:2008-11-21 09:21]
    <Adobe Reader Speed Launcher><"D:\Adobe\Reader 8.0\Reader\Reader_sl.exe">  [(Verified)Adobe Systems Incorporated, 8.0.0.0, C:2008-01-11 22:16 M:2008-01-11 22:16]
    <runeip><"C:\Program Files\Rising\AntiSpyware\rstray.exe" /startup>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.16, C:2008-08-06 08:54 M:2008-09-12 09:17]
    <PTransferTry><"E:\系统2005(V2.0)\PTransferTry.exe">  [中共中央组织部；北京万里红科技有限公司, 1.0.0.348, C:2008-01-11 15:00 M:2008-01-11 15:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    <KKDelay><C:\Program Files\Rising\AntiSpyware\RunOnce.exe>  [(Verified)Beijing Rising Information Technology Co., Ltd., 19, 0, 0, 3, C:2008-06-23 14:40 M:2008-08-06 08:54]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_Dlls><kmon.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29]

[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\system32\Clock.SCR>  [N/A, C:2005-11-04 19:49 M:2005-11-04 19:49]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-06-23 14:40 M:2008-11-21 09:21]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Windows Live Search]
    <><res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm>  []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&使用快车(FlashGet)下载]
    <><C:\Program Files\FlashGet\jc_link.htm>  []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&使用快车(FlashGet)下载全部链接]
    <><C:\Program Files\FlashGet\jc_all.htm>  []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\Add to Windows &Live Favorites]
    <><http://favorites.live.com/quickadd.aspx>  []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\导出到 Microsoft Office Excel(&X)]
    <><res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000>  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)N/A, C:2004-08-17 12:00 M:2004-08-17 12:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)N/A, C:2004-08-17 12:00 M:2004-08-17 12:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)N/A, C:2006-11-02 23:38 M:2006-11-02 23:38]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|Microsoft Corporation, 1.1.4322.573, C:2003-02-20 19:09 M:2003-02-20 19:09]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\HP Standard TCP/IP Port]
    <PrintMonitor: HP Standard TCP/IP Port><HpTcpMon.dll>  [Hewlett Packard, 6.01.00.007, C:2005-06-21 09:26 M:2005-06-21 09:26]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
    <><>  []


========================================
Startup Folders



========================================
Task

[SogouImeMgr.job]
    <C:\WINDOWS\tasks\SogouImeMgr.job --> "C:\PROGRA~1\SOGOUI~1\360~1.165\PinyinRepair.exe" /S > [(Verified)Sogou.com Inc., 3.6.0.1653, C:2008-09-17 10:07 M:2008-09-17 10:07]


========================================
Components


ShellExecuteHook
[ShlExecHack Class]
    {32CD708B-60A7-4C00-9377-D73EAA495F0F}  <C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-06-23 14:40 M:2008-11-21 09:21]

Shell Extension
[Display Panning CPL Extension]
    {42071714-76d4-11d1-8b24-00a0c9068ff3}  <deskpan.dll>  []
[HyperTerminal Icon Ext]
    {88895560-9AA2-1069-930E-00AA0030EBC8}  <C:\WINDOWS\system32\hticons.dll>  [(Verified)Hilgraeve, Inc., 5.1.2600.0, C:2006-08-28 12:17 M:2004-08-17 20:00]
[NvCpl DesktopContext Class]
    {A70C977A-BF00-412C-90B7-034C51DA2439}  <C:\WINDOWS\system32\nvcpl.dll>  [(Verified)NVIDIA Corporation, 6.14.10.9136, C:2008-06-23 11:56 M:2006-07-12 13:19]
[Play on my TV helper]
    {FFB699E0-306A-11d3-8BD1-00104B6F7516}  <C:\WINDOWS\system32\nvcpl.dll>  [(Verified)NVIDIA Corporation, 6.14.10.9136, C:2008-06-23 11:56 M:2006-07-12 13:19]
[Desktop Explorer]
    {1CDB2949-8F65-4355-8456-263E7C208A5D}  <C:\WINDOWS\system32\nvshell.dll>  [N/A, C:2008-06-23 11:56 M:2006-07-12 13:19]
[Desktop Explorer Menu]
    {1E9B04FB-F9E5-4718-997B-B8DA88302A47}  <C:\WINDOWS\system32\nvshell.dll>  [N/A, C:2008-06-23 11:56 M:2006-07-12 13:19]
[nView Desktop Context Menu]
    {1E9B04FB-F9E5-4718-997B-B8DA88302A48}  <C:\WINDOWS\system32\nvshell.dll>  [N/A, C:2008-06-23 11:56 M:2006-07-12 13:19]
[Fusion Cache]
    {1D2680C9-0E2A-469d-B787-065558BC7D43}  <C:\WINDOWS\system32\mscoree.dll>  [Microsoft Corporation, 1.1.4322.573, C:2003-02-20 19:06 M:2003-02-20 19:06]
[RISING]
    {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}  <C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-06-23 14:40 M:2008-11-21 09:21]
[WinRAR shell extension]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <d:\WinRAR\rarext.dll>  [N/A, C:2008-07-03 14:18 M:2007-09-23 18:59]

Protocols
[Cor MIME Filter, CorFltr, CorFltr 1]
    {1E66F26B-79EE-11D2-8710-00C04F79ED0D}  <C:\WINDOWS\system32\mscoree.dll>  [Microsoft Corporation, 1.1.4322.573, C:2003-02-20 19:06 M:2003-02-20 19:06]
[]
    {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC}  <C:\WINDOWS\system32\KuGoo3DownXControl.ocx>  [酷狗, 5.2.4.4, C:2008-09-18 12:56 M:2008-11-26 08:43]

BrowserHelperObject
[Adobe PDF Reader Link Helper]
    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}  <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll>  [(Verified)Adobe Systems Incorporated, 8.0.0.2006102200, C:2006-10-22 23:08 M:2006-10-22 23:08]
[卡卡上网安全助手]
    {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}  <C:\WINDOWS\system32\urlFilter.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-08-06 08:54 M:2008-08-06 08:54]

ActiveX Extension
[Adobe PDF Reader Link Helper]
    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}  <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll>  [(Verified)Adobe Systems Incorporated, 8.0.0.2006102200, C:2006-10-22 23:08 M:2006-10-22 23:08]
[IndiDocX.ctlIndiDoc]
    {43B180A2-396A-45CE-86D1-9680E4A9952C}  <C:\Program Files\IndiDocX\IndiDocX.ocx>  [北京慧点科技开发有限公司, 4.01.0012, C:2007-10-22 14:34 M:2007-10-22 14:34]
[卡卡上网安全助手]
    {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}  <C:\WINDOWS\system32\urlFilter.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-08-06 08:54 M:2008-08-06 08:54]
[Shockwave Flash Object]
    {D27CDB6E-AE6D-11CF-96B8-444553540000}  <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx>  [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32]
[PlayerCtrl Class]
    {E05BC2A3-9A46-4A32-80C9-023A473F5B23}  <D:\Tencent\QQMusic\QzoneMusic.dll>  [(Verified)深圳腾讯科技, 3, 1, 163, 202, C:2008-05-19 10:09 M:2008-05-19 10:09]

Context Menu
[RisingRavExt]
    {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}  <C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-06-23 14:40 M:2008-11-21 09:21]
[WinRAR]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <d:\WinRAR\rarext.dll>  [N/A, C:2008-07-03 14:18 M:2007-09-23 18:59]


========================================
Services

[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
    <%SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe>  [Microsoft Corporation, 1.1.4322.573, C:2003-02-20 19:19 M:2003-02-20 19:19]

[Contrl Center of Storm Media / ccosm][Running/Auto Start]
    <d:\StormII\stormliv.exe /asservice>  [(Verified)北京暴风网际科技有限公司, 3, 8, 10, 15, C:2007-11-12 11:47 M:2008-10-16 17:07]
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
    <%SystemRoot%\system32\nvsvc32.exe>  [(Verified)NVIDIA Corporation, 6.14.10.9136, C:2008-06-23 11:56 M:2006-07-12 13:19]
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
    <"D:\Rising\Rav\CCenter.exe">  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.33, C:2008-06-23 14:40 M:2008-11-21 09:21]
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
    <"D:\RISING\RAV\Ravmond.exe">  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.80, C:2008-06-23 14:40 M:2008-11-21 09:21]


========================================
Drivers

[A320RAID / A320RAID][Stopped/Boot Start]
    <System32\Drivers\a320raid.sys>  [Adaptec, Inc., 3.00.00.63, C:2006-10-28 11:50 M:2005-10-25 01:29]
[ADPU320 / ADPU320][Stopped/Boot Start]
    <System32\Drivers\adpu320.sys>  [Adaptec, Inc., 7.0.000.000 (NT.040809-2325), C:2006-10-28 11:50 M:2005-05-21 20:43]
[ahci8086 / ahci8086][Running/Boot Start]
    <System32\Drivers\ahci8086.sys>  [ATI Technologies Inc.,  2.5.1540.28 built by: WinDDK, C:2006-10-28 11:50 M:2006-05-18 19:50]
[AmdK8 Compatible Device / AmdK8][Stopped/Manual Start]
    <System32\drivers\amdk8.sys>  [Advanced Micro Devices, 1.3.1 (dnsrv(wmbla).060510-1126), C:2006-10-28 11:50 M:2006-05-10 17:27]
[CSB6IDE / CSB6IDE][Running/Boot Start]
    <System32\Drivers\csb6ide.sys>  [ServerWorks Corporation, 1.00, C:2006-10-28 11:50 M:2002-06-27 17:26]
[FASTTRAK / FASTTRAK][Running/Boot Start]
    <System32\Drivers\fasttrak.sys>  [Promise Technology, Inc.,  2.00.0.34, C:2006-10-28 11:50 M:2003-04-25 16:20]
[FTSATA2 / FTSATA2][Running/Boot Start]
    <System32\Drivers\ftsata2.sys>  [Promise Technology, Inc.,  1.00.0.36, C:2006-10-28 11:50 M:2005-01-21 13:35]
[IASTOR / IASTOR][Running/Boot Start]
    <System32\Drivers\iaStor.sys>  [Intel Corporation, 6.1.0.1002, C:2006-10-28 11:50 M:2006-06-14 13:56]
[ITERAID / ITERAID][Stopped/Boot Start]
    <System32\Drivers\iteraid.sys>  [Integrated Technology Express, Inc., v1.7.1.91 built by: WinDDK, C:2006-10-28 11:50 M:2005-08-04 13:51]
[JRAID / JRAID][Running/Boot Start]
    <System32\Drivers\JRAID.SYS>  [JMicron Technology Corp., 5.1.2600.1040 built by: WinDDK, C:2006-10-28 11:50 M:2006-02-15 10:13]
[M5228 / M5228][Stopped/Boot Start]
    <System32\Drivers\m5228.sys>  [ALi Corporation., 5.028, C:2006-10-28 11:50 M:2004-09-14 14:58]
[M5281 / M5281][Running/Boot Start]
    <System32\Drivers\m5281.sys>  [ALi Corporation, 5.029, C:2006-10-28 11:50 M:2005-03-07 13:23]
[M5289 / M5289][Running/Boot Start]
    <System32\Drivers\m5289.sys>  [ULi Electronics Inc., 5.030, C:2006-10-28 11:50 M:2005-07-04 14:21]
[npkcusb / npkcusb][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\npkcusb.sys>  []
[NVATABUS / NVATABUS][Running/Boot Start]
    <System32\Drivers\NVATABUS.SYS>  [NVIDIA Corporation, 5.10.2600.0654 built by: WinDDK, C:2006-10-28 11:50 M:2006-10-20 00:00]
[NVRAID / NVRAID][Running/Boot Start]
    <System32\Drivers\NVRAID.SYS>  [NVIDIA Corporation, 5.10.2600.0622 built by: WinDDK, C:2006-10-28 11:50 M:2005-08-12 14:31]
[SI3112R / SI3112R][Stopped/Boot Start]
    <System32\Drivers\SI3112r.sys>  [Silicon Image, Inc, 1, 0, 56, 0, C:2006-10-28 11:50 M:2006-01-12 11:56]
[SI3114R / SI3114R][Stopped/Boot Start]
    <SYSTEM32\Drivers\SI3114R.sys>  [Silicon Image, Inc, 1, 0, 15, 0, C:2006-10-28 11:50 M:2006-04-10 19:08]
[SI3114R5 / SI3114R5][Stopped/Boot Start]
    <System32\Drivers\Si3114r5.sys>  [Silicon Image, Inc, 1, 4, 3, 0, C:2006-10-28 11:50 M:2006-01-12 11:36]
[SI3124 / SI3124][Stopped/Boot Start]
    <SYSTEM32\Drivers\SI3124.sys>  [Silicon Image, Inc., 1, 3, 17, 0, C:2006-10-28 11:50 M:2005-11-29 10:15]
[SI3124R / SI3124R][Stopped/Boot Start]
    <SYSTEM32\Drivers\SI3124R.sys>  [Silicon Image, Inc, 1, 0, 0, 2, C:2006-10-28 11:50 M:2004-02-03 16:17]
[SI3124R5 / SI3124R5][Stopped/Boot Start]
    <SYSTEM32\Drivers\Si3124r5.sys>  [Silicon Image, Inc, 1, 4, 3, 0, C:2006-10-28 11:50 M:2006-01-12 11:38]
[SI3132 / SI3132][Stopped/Boot Start]
    <System32\Drivers\SI3132.sys>  [Silicon Image, Inc., 1, 0, 15, 0, C:2006-10-28 11:50 M:2006-03-16 14:03]
[SI3132R5 / SI3132R5][Stopped/Boot Start]
    <System32\Drivers\Si3132r5.sys>  [Silicon Image, Inc, 1, 4, 3, 0, C:2006-10-28 11:50 M:2006-01-12 11:41]
[SISRAID2 / SISRAID2][Stopped/Boot Start]
    <System32\Drivers\SiSRaid2.sys>  [Silicon Integrated Systems Corp, 2.03.00, C:2006-10-28 11:50 M:2005-01-11 17:58]
[SYMMPI / SYMMPI][Stopped/Boot Start]
    <System32\Drivers\symmpi.sys>  [LSI Logic, 1.21.10.00 built by: WinDDK, C:2006-10-28 11:50 M:2005-12-07 18:04]
[VIAMRAID / VIAMRAID][Stopped/Boot Start]
    <System32\Drivers\viamraid.sys>  [VIA Technologies inc,.ltd, 5.1.2600.310, C:2006-10-28 11:50 M:2004-05-18 16:55]
[vmscsi / vmscsi][Stopped/Boot Start]
    <System32\Drivers\vmscsi.sys>  [VMware, Inc., 1, 2, 0, 0, C:2006-10-28 11:50 M:2004-01-31 15:13]

[Intel(R) PRO/1000 PCI Express Network Connection Driver / e1express][Running/Manual Start]
    <system32\DRIVERS\e1e5132.sys>  [(Verified)Intel Corporation, 9.7.34.0 built by: WinDDK, C:2008-06-23 11:56 M:2007-02-01 11:37]
[VIA Rhine Family Fast Ethernet Adapter Driver Service / FETNDISB][Stopped/Manual Start]
    <system32\DRIVERS\fetnd5b.sys>  [(Verified)VIA Technologies, Inc.              , 3.13.00.0348, C:2006-05-29 23:18 M:2002-12-25 10:09]
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start]
    <system32\DRIVERS\HDAudBus.sys>  [(Verified)Windows (R) Server 2003 DDK provider, 5.10.01.5013 built by: WinDDK, C:2005-01-07 17:07 M:2005-01-07 17:07]
[HookCont / HookCont][Running/System Start]
    <\SystemRoot\system32\drivers\HookCont.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 7, C:2008-06-23 14:40 M:2008-11-21 09:21]
[HookNtos / HookNtos][Running/System Start]
    <\SystemRoot\system32\drivers\HookNtos.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 52, C:2008-06-23 14:40 M:2008-11-21 09:21]
[HookReg / HookReg][Running/System Start]
    <\SystemRoot\system32\drivers\HookReg.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 29, C:2008-06-23 14:40 M:2008-11-21 09:21]
[HookSys / HookSys][Running/System Start]
    <\SystemRoot\system32\drivers\HookSys.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 55, C:2008-06-23 14:40 M:2008-11-21 09:21]
[HPFXBULK / HPFXBULK][Running/Manual Start]
    <system32\drivers\hpfxbulk.sys>  [(Verified)Hewlett Packard, 1, 0, 0, 10, C:2006-06-12 18:36 M:2006-06-12 18:36]
[nv / nv][Running/Manual Start]
    <system32\DRIVERS\nv4_mini.sys>  [(Verified)NVIDIA Corporation, 6.14.10.9136, C:2008-06-23 11:56 M:2006-07-12 13:19]
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
    <system32\DRIVERS\ptilink.sys>  [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:2004-08-17 12:00 M:2004-08-17 12:00]
[RsNTGDI / RsNTGDI][Running/Boot Start]
    <system32\Drivers\RsNTGdi.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 3, C:2008-06-23 14:40 M:2008-11-21 09:22]
[Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver / RTL8023xp][Running/Manual Start]
    <system32\DRIVERS\Rtlnicxp.sys>  [(Verified)Realtek Semiconductor Corporation                           , 5.620.1202.2004 built by: WinDDK, C:2008-12-12 16:54 M:2004-12-02 16:36]
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start]
    <system32\DRIVERS\RTL8139.SYS>  [(Verified)Realtek Semiconductor Corporation, 5.398.613.2003 built by: WinDDK, C:2008-12-12 16:28 M:2004-08-03 22:31]
[Secdrv / Secdrv][Stopped/Manual Start]
    <system32\DRIVERS\secdrv.sys>  [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:2004-08-17 12:00 M:2007-11-13 18:25]
[SISRAID4 / SISRAID4][Stopped/Boot Start]
    <System32\Drivers\SiSRaid4.sys>  [(Verified)Silicon Integrated Systems, 3.00.08 (NT.051206-1933), C:2006-10-28 11:50 M:2006-03-22 13:10]
[SigmaTel High Definition Audio CODEC / STHDA][Running/Manual Start]
    <system32\drivers\sthda.sys>  [(Verified)SigmaTel, Inc., 5.10.4991.0  nd444 cp1, C:2008-06-23 12:59 M:2006-03-20 16:06]
[sym_hi / sym_hi][Running/Boot Start]
    <System32\Drivers\sym_hi.sys>  [(Verified)LSI Logic, 5.1.2462.0 (Lab01_N.010309-0027), C:2006-10-28 11:50 M:2001-08-17 14:07]
[sym_u3 / sym_u3][Running/Boot Start]
    <System32\Drivers\sym_u3.sys>  [(Verified)LSI Logic, 5.1.2462.0 (Lab01_N.010309-0027), C:2006-10-28 11:50 M:2001-08-17 14:07]
[ULSATA / ULSATA][Running/Boot Start]
    <System32\Drivers\ulsata.sys>  [(Verified)Promise Technology, Inc.,  1.1.0.31, C:2006-10-28 11:50 M:2006-10-04 14:53]
[ULSATA2 / ULSATA2][Running/Boot Start]
    <System32\Drivers\ulsata2.sys>  [(Verified)Promise Technology, Inc.,  1.0.0.38, C:2006-10-28 11:50 M:2006-10-04 14:53]


========================================
Running Processes

[PID: 656 / SYSTEM]   \SystemRoot\System32\smss.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]

[PID: 720 / SYSTEM]   \??\C:\WINDOWS\system32\csrss.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]

[PID: 744 / SYSTEM]   \??\C:\WINDOWS\system32\winlogon.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32]

[PID: 788 / SYSTEM]   C:\WINDOWS\system32\services.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32]

[PID: 800 / SYSTEM]   C:\WINDOWS\system32\lsass.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32]

[PID: 960 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32]

[PID: 1052 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32]

[PID: 1284 / SYSTEM]   D:\Rising\Rav\CCenter.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.33, C:2008-06-23 14:40 M:2008-11-21 09:21]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32]

[PID: 1300 / SYSTEM]   C:\WINDOWS\System32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\System32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32]

[PID: 1400 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32]

[PID: 1548 / LOCAL SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32]

[PID: 1592 / SYSTEM]   D:\RISING\RAV\ravmond.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.80, C:2008-06-23 14:40 M:2008-11-21 09:21]
    D:\RISING\RAV\BWList.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.5, C:2008-06-23 14:40 M:2008-11-21 09:21]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2008-06-23 14:40 M:2008-06-23 14:38]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2007-02-24 10:01 M:2007-02-24 10:01]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2007-02-24 10:01 M:2007-02-24 10:01]
    D:\RISING\RAV\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-06-23 14:40 M:2008-07-28 14:44]
    D:\RISING\RAV\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-06-23 14:40 M:2008-07-28 14:44]
    D:\RISING\RAV\RsLog.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.36, C:2008-06-23 14:40 M:2008-11-21 09:23]
    D:\RISING\RAV\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-06-23 14:40 M:2008-11-21 09:21]
    D:\RISING\RAV\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-06-23 14:40 M:2008-11-21 09:21]
    D:\RISING\RAV\MonRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.29, C:2008-06-23 14:40 M:2008-11-21 09:21]
    D:\RISING\RAV\Hooksys.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 12, C:2008-06-23 14:40 M:2008-11-21 09:21]
    D:\RISING\RAV\HookReg.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6, C:2008-06-23 14:40 M:2008-11-21 09:21]
    D:\RISING\RAV\HookNtos.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5, C:2008-06-23 14:40 M:2008-11-21 09:21]
    D:\RISING\RAV\rswalmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 24, C:2008-06-23 14:40 M:2008-11-21 09:21]
    D:\RISING\RAV\recomp.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 41, C:2008-06-23 14:40 M:2008-09-06 09:30]
    D:\RISING\RAV\refs.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18, C:2008-06-23 14:40 M:2008-07-28 14:44]
    D:\RISING\RAV\ffr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-06-23 14:40 M:2008-09-27 09:31]
    D:\Rising\Rav\RsStore.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.9, C:2008-06-23 14:40 M:2008-11-21 09:22]
    D:\RISING\RAV\HookCont.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3, C:2008-06-23 14:40 M:2008-11-21 09:21]
    D:\Rising\Rav\fakescan.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.14, C:2008-06-23 14:40 M:2008-11-21 09:23]
    D:\Rising\Rav\Scanner.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.39, C:2008-06-23 14:40 M:2008-11-21 09:23]
    D:\RISING\RAV\viruslib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2008-06-23 14:40 M:2008-07-28 14:44]
    D:\RISING\RAV\relibldr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-06-23 14:40 M:2008-07-28 14:44]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32]
    D:\RISING\RAV\HookWeb.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.3, C:2008-06-23 14:40 M:2008-11-21 09:21]
    D:\RISING\RAV\extfile.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 32, C:2008-06-23 14:40 M:2008-07-28 14:44]
    D:\RISING\RAV\pearc.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 8, C:2008-06-23 14:40 M:2008-07-28 14:44]
    D:\RISING\RAV\nvfile.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7, C:2008-06-23 14:40 M:2008-07-28 14:44]
    D:\RISING\RAV\scanexec.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 22, C:2008-06-23 14:40 M:2008-09-06 09:30]
    D:\RISING\RAV\unexe.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 6, C:2008-06-23 14:40 M:2008-07-28 14:44]
    D:\RISING\RAV\scanex.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 1, 1, C:2008-06-23 14:40 M:2008-12-18 08:32]
    D:\RISING\RAV\scanpack.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10, C:2008-06-23 14:40 M:2008-07-28 14:44]
    D:\RISING\RAV\revm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11, C:2008-06-23 14:40 M:2008-07-28 14:44]
    D:\RISING\RAV\urutils.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7, C:2008-06-23 14:40 M:2008-07-28 14:44]
    D:\RISING\RAV\ur000.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 22, C:2008-06-23 14:40 M:2008-10-21 09:22]
    D:\RISING\RAV\scriptci.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 4, C:2008-06-23 14:40 M:2008-07-28 14:44]
    D:\RISING\RAV\ur023.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 3, C:2008-06-23 14:40 M:2008-07-28 14:44]
    D:\RISING\RAV\uroutine.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2008-06-23 14:40 M:2008-07-28 14:44]
    D:\RISING\RAV\ur001.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-06-23 14:40 M:2008-10-21 09:22]
    D:\RISING\RAV\scansct.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11, C:2008-06-23 14:40 M:2008-09-06 09:30]
    D:\RISING\RAV\extmail.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10, C:2008-06-23 14:40 M:2008-07-28 14:44]

[PID: 1820 / SYSTEM]   C:\WINDOWS\system32\spoolsv.exe   [(Verified)Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519), C:2004-08-17 12:00 M:2005-06-11 07:53]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32]
    C:\WINDOWS\system32\HpTcpMon.dll  [Hewlett Packard, 6.01.00.007, C:2005-06-21 09:26 M:2005-06-21 09:26]
    C:\WINDOWS\system32\hpzjrd01.dll  [Hewlett Packard, 2.01.00.004, C:2005-08-12 08:40 M:2005-08-12 08:40]
    C:\WINDOWS\system32\HPTcpMUI.dll  [Microsoft Corporation, 6.01.00.007, C:2005-06-21 09:29 M:2005-06-21 09:29]
    C:\WINDOWS\system32\hptcpmib.dll  [Hewlett Packard, 6.01.00.007, C:2005-06-21 09:25 M:2005-06-21 09:25]
    C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpzpp43e.DLL  [(Verified)Hewlett-Packard Corporation, 60.053.644.00, C:2008-06-23 12:35 M:2006-04-25 06:07]

[PID: 2012 / SYSTEM]   D:\RISING\RAV\RavStub.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.10, C:2008-06-23 14:40 M:2008-11-21 09:21]
    D:\RISING\RAV\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-06-23 14:40 M:2008-11-21 09:21]
    D:\RISING\RAV\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-06-23 14:40 M:2008-11-21 09:21]
    D:\RISING\RAV\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-06-23 14:40 M:2008-11-21 09:21]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32]

[PID: 392 / yuan]   C:\WINDOWS\Explorer.EXE   [(Verified)Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234), C:2004-08-17 12:00 M:2007-06-13 21:21]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29]
    C:\WINDOWS\system32\RavExt.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-06-23 14:40 M:2008-11-21 09:21]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\MSVCR80.dll  [Microsoft Corporation, 8.00.50727.163, C:2006-06-05 14:14 M:2006-06-05 14:14]
    C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll  [Adobe Systems, Inc., 8.1.0.0, C:2007-05-10 22:54 M:2007-05-10 22:54]
    C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS  [Adobe Systems, Inc., 8.0.0.0, C:2006-11-17 00:37 M:2006-11-17 00:37]
    C:\WINDOWS\system32\nvcpl.dll  [(Verified)NVIDIA Corporation, 6.14.10.9136, C:2008-06-23 11:56 M:2006-07-12 13:19]
    C:\WINDOWS\system32\NVRSZHC.DLL  [NVIDIA Corporation, 6.14.10.9136, C:2008-06-23 11:56 M:2006-07-12 13:19]
    C:\WINDOWS\system32\nvshell.dll  [N/A, C:2008-06-23 11:56 M:2006-07-12 13:19]
    d:\WinRAR\rarext.dll  [N/A, C:2008-07-03 14:18 M:2007-09-23 18:59]
    D:\Rising\Rav\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-06-23 14:40 M:2008-11-21 09:21]

[PID: 480 / SYSTEM]   d:\StormII\stormliv.exe   [(Verified)北京暴风网际科技有限公司, 3, 8, 10, 15, C:2007-11-12 11:47 M:2008-10-16 17:07]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32]
    d:\StormII\bfoptdll.dll  [(Verified)北京暴风网际科技有限公司, 3, 8, 7, 16, C:2008-11-07 08:27 M:2008-08-01 20:11]
    d:\StormII\box\BoxLog.dll  [(Verified)北京暴风网际科技有限公司, 3, 8, 11, 3, C:2008-11-07 08:27 M:2008-11-03 10:35]

[PID: 552 / SYSTEM]   C:\WINDOWS\system32\nvsvc32.exe   [(Verified)NVIDIA Corporation, 6.14.10.9136, C:2008-06-23 11:56 M:2006-07-12 13:19]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32]

[PID: 608 / SYSTEM]   C:\WINDOWS\system32\tlntsvr.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29]

[PID: 1388 / yuan]   C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe   [HP, 2.2.170.0, C:2006-06-15 08:43 M:2006-06-15 08:43]
    C:\WINDOWS\system32\mscoree.dll  [Microsoft Corporation, 1.1.4322.573, C:2003-02-20 19:06 M:2003-02-20 19:06]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29]
    C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll  [Microsoft Corporation, 1.1.4322.573, C:2003-02-20 19:08 M:2003-02-20 19:08]
    C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 04:42 M:2003-02-21 04:42]
    C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll  [Microsoft Corporation, 1.1.4322.573, C:2003-02-20 19:06 M:2003-02-20 19:06]
    c:\windows\microsoft.net\framework\v1.1.4322\mscorlib.dll  [Microsoft Corporation, 1.1.4322.573, C:2003-02-21 07:26 M:2003-02-21 07:26]
    c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_b0e4ee37\mscorlib.dll  [N/A, C:2008-06-23 12:34 M:2008-06-23 12:34]
    C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll  [Microsoft Corporation, 1.1.4322.573, C:2003-02-20 19:09 M:2003-02-20 19:09]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32]
    c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll  [Microsoft Corporation, 1.1.4322.573, C:2008-06-23 12:33 M:2008-06-23 12:33]
    c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_11580ef6\system.windows.forms.dll  [N/A, C:2008-06-23 12:34 M:2008-06-23 12:34]
    c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll  [Microsoft Corporation, 1.1.4322.573, C:2008-06-23 12:33 M:2008-06-23 12:33]
    c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_b9347579\system.dll  [N/A, C:2008-06-23 12:34 M:2008-06-23 12:34]
    C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSCORJIT.DLL  [Microsoft Corporation, 1.1.4322.573, C:2003-02-20 19:06 M:2003-02-20 19:06]
    c:\program files\hp\toolboxfx\bin\hptools.dll  [ , 2.2.170.0, C:2006-06-15 08:42 M:2006-06-15 08:42]
    c:\program files\hp\toolboxfx\bin\appconstants.dll  [ , 2.2.170.0, C:2006-06-15 08:42 M:2006-06-15 08:42]
    c:\program files\hp\toolboxfx\bin\hpapptools.dll  [ , 2.2.170.0, C:2006-06-15 08:42 M:2006-06-15 08:42]
    c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll  [Microsoft Corporation, 1.1.4322.573, C:2008-06-23 12:33 M:2008-06-23 12:33]
    c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_9d82628e\system.xml.dll  [N/A, C:2008-06-23 12:34 M:2008-06-23 12:34]
    c:\program files\hp\toolboxfx\bin\hptoolkit.dll  [ , 2.2.170.0, C:2006-06-15 08:42 M:2006-06-15 08:42]
    c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll  [Microsoft Corporation, 1.1.4322.573, C:2008-06-23 12:33 M:2008-06-23 12:33]
    c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_68d5515d\system.drawing.dll  [N/A, C:2008-06-23 12:34 M:2008-06-23 12:34]
    c:\program files\hp\toolboxfx\bin\enumeration.dll  [ , 2.2.170.0, C:2006-06-15 08:42 M:2006-06-15 08:42]
    c:\windows\assembly\gac\system.runtime.serialization.formatters.soap\1.0.5000.0__b03f5f7f11d50a3a\system.runtime.serialization.formatters.soap.dll  [Microsoft Corporation, 1.1.4322.573, C:2008-06-23 12:33 M:2008-06-23 12:33]
    c:\program files\hp\toolboxfx\bin\hpstreamsinterface.dll  [ , 2.2.170.0, C:2006-06-15 08:42 M:2006-06-15 08:42]
    C:\WINDOWS\system32\FXCompChannel.dll  [Hewlett-Packard, 01.02.10, C:2006-01-24 11:53 M:2006-01-24 11:53]
    c:\program files\hp\toolboxfx\bin\alerts.dll  [ , 2.2.170.0, C:2006-06-15 08:43 M:2006-06-15 08:43]
    c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll  [Microsoft Corporation, 1.1.4322.573, C:2008-06-23 12:33 M:2008-06-23 12:33]
    C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\WMINet_Utils.dll  [Microsoft Corporation, 1.1.4322.573, C:2003-02-20 20:10 M:2003-02-20 20:10]
    c:\program files\hp\toolboxfx\bin\hpfaxutilities.dll  [ , 2.2.170.0, C:2006-06-15 08:43 M:2006-06-15 08:43]
    c:\program files\hp\toolboxfx\bin\namedpipechannel.dll  [ , 2.2.170.0, C:2006-06-15 08:42 M:2006-06-15 08:42]
    c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll  [Microsoft Corporation, 1.1.4322.573, C:2008-06-23 12:33 M:2008-06-23 12:33]
    C:\Program Files\HP\ToolBoxFX\bin\nativeutils.dll  [N/A, C:2006-06-15 08:42 M:2006-06-15 08:42]

[PID: 1584 / yuan]   C:\Program Files\HP\HP Software Update\HPWuSchd2.exe   [Hewlett-Packard Co., 50.0.146.000, C:2005-02-16 23:11 M:2005-02-16 23:11]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32]

[PID: 696 / yuan]   C:\WINDOWS\stsystra.exe   [SigmaTel, Inc., 1.0.4991.0  nd444 cp1, C:2008-06-23 13:00 M:2006-03-20 16:00]
    C:\WINDOWS\system32\STLang.dll  [SigmaTel, Inc., 1.6.4947.0  nd229 cp1, C:2008-06-23 13:00 M:2006-03-20 20:54]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32]
    C:\WINDOWS\system32\stacapi.dll  [(Verified)SigmaTel, Inc., 1.0.4991.0  nd444 cp1, C:2008-06-23 12:59 M:2006-03-20 16:02]

[PID: 1724 / yuan]   D:\RISING\RAV\RavMon.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.01.27, C:2008-06-23 14:40 M:2008-11-21 09:21]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2008-06-23 14:40 M:2008-06-23 14:38]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2007-02-24 10:01 M:2007-02-24 10:01]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2007-02-24 10:01 M:2007-02-24 10:01]
    D:\RISING\RAV\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-06-23 14:40 M:2008-11-21 09:21]
    D:\RISING\RAV\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-06-23 14:40 M:2008-11-21 09:21]
    D:\RISING\RAV\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-06-23 14:40 M:2008-11-21 09:21]
    D:\RISING\RAV\recomp.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 41, C:2008-06-23 14:40 M:2008-09-06 09:30]
    D:\RISING\RAV\refs.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18, C:2008-06-23 14:40 M:2008-07-28 14:44]
    D:\RISING\RAV\viruslib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2008-06-23 14:40 M:2008-07-28 14:44]
    D:\RISING\RAV\relibldr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-06-23 14:40 M:2008-07-28 14:44]
    D:\RISING\RAV\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-06-23 14:40 M:2008-07-28 14:44]
    D:\RISING\RAV\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-06-23 14:40 M:2008-07-28 14:44]
    D:\RISING\RAV\MonRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.29, C:2008-06-23 14:40 M:2008-11-21 09:21]
    D:\RISING\RAV\PngDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-06-23 14:40 M:2008-11-21 09:22]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32]
    D:\RISING\RAV\Rsguilib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90, C:2008-06-23 14:40 M:2008-11-21 09:22]
    D:\RISING\RAV\RsXML.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-06-23 14:40 M:2008-11-21 09:21]

[PID: 2112 / LOCAL SERVICE]   C:\WINDOWS\System32\alg.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\System32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32]
    C:\WINDOWS\System32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29]

[PID: 2104 / yuan]   D:\Rising\Rav\RavTask.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.24, C:2008-06-23 14:40 M:2008-11-21 09:21]
    D:\Rising\Rav\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-06-23 14:40 M:2008-11-21 09:21]
    D:\Rising\Rav\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-06-23 14:40 M:2008-11-21 09:21]
    D:\Rising\Rav\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-06-23 14:40 M:2008-11-21 09:21]
    D:\Rising\Rav\RSAPPMGR.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-06-23 14:40 M:2008-07-28 14:44]
    D:\Rising\Rav\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-06-23 14:40 M:2008-07-28 14:44]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32]

[PID: 2556 / yuan]   C:\Program Files\Rising\AntiSpyware\rstray.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.16, C:2008-08-06 08:54 M:2008-09-12 09:17]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29]
    C:\Program Files\Rising\AntiSpyware\rsmginfo.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 8, C:2008-08-06 08:54 M:2008-08-06 08:54]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32]
    C:\Program Files\Rising\AntiSpyware\RsXML.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-06-23 14:40 M:2008-08-06 08:54]
    C:\Program Files\Rising\AntiSpyware\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2008-06-23 14:40 M:2008-08-06 08:53]
    C:\Program Files\Rising\AntiSpyware\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2008-06-23 14:40 M:2008-08-06 08:53]
    C:\Program Files\Rising\AntiSpyware\ComServ.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.31, C:2008-08-06 08:54 M:2008-08-06 08:53]
    C:\Program Files\Rising\AntiSpyware\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-08-06 08:54 M:2008-09-03 09:42]
    C:\Program Files\Rising\AntiSpyware\rscommon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.1.1, C:2008-08-06 08:54 M:2008-08-06 08:54]
    C:\Program Files\Rising\AntiSpyware\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-08-06 08:54 M:2008-09-29 09:25]
    C:\Program Files\Rising\AntiSpyware\pngdll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-08-06 08:54 M:2008-08-06 08:53]
    C:\Program Files\Rising\AntiSpyware\runiep.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.41, C:2008-08-06 08:54 M:2008-11-05 08:19]
    C:\Program Files\Rising\AntiSpyware\NComm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.6, C:2008-06-23 14:40 M:2008-08-06 08:53]
    D:\Rising\Rav\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-06-23 14:40 M:2008-11-21 09:21]
    C:\Program Files\Rising\AntiSpyware\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-10-06 17:03 M:2008-10-06 17:03]
    C:\WINDOWS\system32\RavExt.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-06-23 14:40 M:2008-11-21 09:21]

[PID: 2584 / yuan]   E:\系统2005(V2.0)\PTransferTry.exe   [中共中央组织部；北京万里红科技有限公司, 1.0.0.348, C:2008-01-11 15:00 M:2008-01-11 15:00]
    E:\系统2005(V2.0)\ksys.dll  [Basesoft Co. Ltd., 4.1.3.0376, C:2007-03-06 11:17 M:2007-03-06 11:17]
    E:\系统2005(V2.0)\KCI.dll  [Basesoft Co. Ltd., 4.1.3.0376, C:2007-03-06 11:17 M:2007-03-06 11:17]
    E:\系统2005(V2.0)\qtintf70.dll  [Borland Software Corporation, 7.0.4.258, C:2002-08-20 16:40 M:2002-08-20 16:40]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29]
    C:\Program Files\Rising\AntiSpyware\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-08-06 08:54 M:2008-09-29 09:25]
    C:\Program Files\Rising\AntiSpyware\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-08-06 08:54 M:2008-09-03 09:42]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32]
    C:\WINDOWS\system32\kbodbc32.dll  [北京人大金仓信息技术有限公司, 4.1.4.0402, C:2008-12-01 08:35 M:2007-10-26 13:03]

[PID: 2716 / yuan]   C:\WINDOWS\system32\ctfmon.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29]
    C:\Program Files\Rising\AntiSpyware\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-08-06 08:54 M:2008-09-29 09:25]
    C:\Program Files\Rising\AntiSpyware\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-08-06 08:54 M:2008-09-03 09:42]

[PID: 2832 / yuan]   C:\WINDOWS\system32\conime.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29]
    C:\Program Files\Rising\AntiSpyware\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-08-06 08:54 M:2008-09-29 09:25]
    C:\Program Files\Rising\AntiSpyware\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-08-06 08:54 M:2008-09-03 09:42]

[PID: 3256 / yuan]   E:\系统2005(V2.0)\kingbaseES\4.1\bin\kdb.exe   [Basesoft Co. Ltd., 4.1.3.0385, C:2007-10-26 12:54 M:2007-10-26 12:54]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29]
    C:\Program Files\Rising\AntiSpyware\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-08-06 08:54 M:2008-09-29 09:25]
    C:\Program Files\Rising\AntiSpyware\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-08-06 08:54 M:2008-09-03 09:42]

[PID: 3464 / yuan]   E:\系统2005(V2.0)\kingbaseES\4.1\bin\kdb.exe   [Basesoft Co. Ltd., 4.1.3.0385, C:2007-10-26 12:54 M:2007-10-26 12:54]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29]
    C:\Program Files\Rising\AntiSpyware\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-08-06 08:54 M:2008-09-29 09:25]
    C:\Program Files\Rising\AntiSpyware\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-08-06 08:54 M:2008-09-03 09:42]

[PID: 3484 / yuan]   E:\系统2005(V2.0)\kingbaseES\4.1\bin\kdb.exe   [Basesoft Co. Ltd., 4.1.3.0385, C:2007-10-26 12:54 M:2007-10-26 12:54]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29]
    C:\Program Files\Rising\AntiSpyware\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-08-06 08:54 M:2008-09-29 09:25]
    C:\Program Files\Rising\AntiSpyware\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-08-06 08:54 M:2008-09-03 09:42]

[PID: 4044 / yuan]   E:\系统2005(V2.0)\kingbaseES\4.1\bin\kdb.exe   [Basesoft Co. Ltd., 4.1.3.0385, C:2007-10-26 12:54 M:2007-10-26 12:54]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29]
    C:\Program Files\Rising\AntiSpyware\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-08-06 08:54 M:2008-09-29 09:25]
    C:\Program Files\Rising\AntiSpyware\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-08-06 08:54 M:2008-09-03 09:42]

[PID: 692 / NETWORK SERVICE]   C:\WINDOWS\system32\wbem\wmiprvse.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-08-28 12:16 M:2004-08-17 20:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29]
    C:\Program Files\Rising\AntiSpyware\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-08-06 08:54 M:2008-09-29 09:25]
    C:\Program Files\Rising\AntiSpyware\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-08-06 08:54 M:2008-09-03 09:42]

[PID: 3372 / yuan]   D:\GreenBrowser\GreenBrowser.exe   [MoreQuick.com, 4, 8, 1211, 0, C:2008-12-18 10:20 M:2008-12-11 14:14]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29]
    C:\Program Files\Rising\AntiSpyware\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-08-06 08:54 M:2008-09-29 09:25]
    C:\Program Files\Rising\AntiSpyware\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-08-06 08:54 M:2008-09-03 09:42]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32]
    C:\WINDOWS\system32\shdoclc.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-16 16:38]
    D:\Rising\Rav\RavScrCh.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-06-23 14:40 M:2008-11-21 09:21]
    C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx  [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32]
    C:\WINDOWS\system32\SOGOUPY.IME  [(Verified)Sogou.com Inc., 3.6.0.1653, C:2008-09-17 10:07 M:2008-09-17 10:07]
    C:\Program Files\SogouInput\3.6.0.1653\ZipLib.dll  [(Verified)Sogou.com Inc., 3.6.0.1653, C:2008-09-17 10:07 M:2008-09-17 10:07]
    C:\WINDOWS\system32\CHENHU5.IME  [chenhu, 5.8, C:2008-06-23 15:17 M:2007-09-06 17:09]

[PID: 2868 / yuan]   C:\Program Files\SogouInput\3.6.0.1653\ImeUtil.exe   [(Verified)Sogou.com Inc., 3.6.0.1653, C:2008-09-17 10:07 M:2008-09-17 10:07]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29]
    C:\Program Files\Rising\AntiSpyware\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-08-06 08:54 M:2008-09-29 09:25]
    C:\Program Files\Rising\AntiSpyware\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-08-06 08:54 M:2008-09-03 09:42]

[PID: 3280 / yuan]   E:\yuan\SysLog-0804\SysLog.exe   [N/A, C:2008-12-02 15:36 M:2008-08-04 21:19]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-06 08:54 M:2008-11-07 12:29]
    C:\Program Files\Rising\AntiSpyware\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-08-06 08:54 M:2008-09-29 09:25]
    C:\Program Files\Rising\AntiSpyware\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-08-06 08:54 M:2008-09-03 09:42]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32]

[PID: 2536 / yuan]   C:\Program Files\Rising\AntiSpyware\Ras.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.7, C:2008-06-23 14:40 M:2008-08-06 08:54]
    C:\Program Files\Rising\AntiSpyware\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2008-06-23 14:40 M:2008-08-06 08:53]
    C:\Program Files\Rising\AntiSpyware\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2008-06-23 14:40 M:2008-08-06 08:53]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2007-05-13 18:32]
    C:\Program Files\Rising\AntiSpyware\KakaMgr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.27, C:2008-08-06 08:54 M:2008-09-22 16:35]
    C:\Program Files\Rising\AntiSpyware\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2008-06-23 14:40 M:2008-08-06 08:53]
    C:\Program Files\Rising\AntiSpyware\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-08-06 08:54 M:2008-09-03 09:42]
    D:\Rising\Rav\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-06-23 14:40 M:2008-11-21 09:21]
    C:\Program Files\Rising\AntiSpyware\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-10-06 17:03 M:2008-10-06 17:03]
    C:\Program Files\Rising\AntiSpyware\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-08-06 08:54 M:2008-09-29 09:25]
    C:\Program Files\Rising\AntiSpyware\dbmgr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.4, C:2008-08-06 08:54 M:2008-08-06 08:53]
    C:\Program Files\Rising\AntiSpyware\RSXML.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-06-23 14:40 M:2008-08-06 08:54]
    C:\Program Files\Rising\AntiSpyware\pweb.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.19, C:2008-08-06 08:54 M:2008-11-25 08:05]
    C:\Program Files\Rising\AntiSpyware\pscan.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.59, C:2008-08-06 08:54 M:2008-12-12 07:52]
    C:\Program Files\Rising\AntiSpyware\NComm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.6, C:2008-06-23 14:40 M:2008-08-06 08:53]
    C:\Program Files\Rising\AntiSpyware\pset.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.12, C:2008-08-06 08:54 M:2008-09-22 16:35]
    C:\Program Files\Rising\AntiSpyware\pdefend.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.14, C:2008-08-06 08:54 M:2008-11-05 08:19]
    C:\Program Files\Rising\AntiSpyware\ptools.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.16, C:2008-08-06 08:54 M:2008-12-05 14:32]
    C:\Program Files\Rising\AntiSpyware\psysinfo.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.56, C:2008-08-06 08:54 M:2008-09-04 08:10]
    C:\WINDOWS\system32\RavExt.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-06-23 14:40 M:2008-11-21 09:21]
    C:\Program Files\Rising\AntiSpyware\PngDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-08-06 08:54 M:2008-08-06 08:53]
    C:\WINDOWS\system32\shdoclc.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-16 16:38]


========================================
File Link



========================================
Autorun



========================================
Winsock Providers



========================================
HOSTS

    127.0.0.1 localhost


[/CODE]