[CODE] 2008-12-24,02:04:41 SysLog Scanner 1.0 - build 20080726 Arswp (http://www.arswp.com) Windows XP Professional Service Pack 2 (build 2600) - Administrators ======================================== 注册项 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup> [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.1.70, C:2008-02-11 01:23 M:2008-07-25 16:14] <"C:\Program Files\Rising\Rav\RsTray.exe" -system> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.21, C:2008-12-19 17:10 M:2008-12-19 17:06] <360Safetray> [(Verified)奇虎网, 5, 0, 0, 1002, C:2008-08-25 14:12 M:2008-08-25 14:12] <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)360安全中心, 2, 4, 2, 1002, C:2008-12-01 10:30 M:2008-12-01 10:30] [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|NVIDIA Corporation, 6.14.11.6906, C:2007-11-06 17:30 M:2007-11-06 17:30] [HKEY_CURRENT_USER\Control Panel\Desktop] [北京首都在线网络技术有限公司, 5, 0, 0, 91, C:2008-11-28 14:58 M:2008-11-28 14:58] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载] <> [N/A, C:2008-02-11 01:24 M:2008-11-15 13:01] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载全部链接] <> [N/A, C:2008-02-11 01:24 M:2008-11-15 13:01] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\导出到 Microsoft Office Excel(&X)] <> [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\添加到QQ表情] <> [N/A, C:2008-09-17 04:08 M:2008-09-17 04:08] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)N/A, C:1980-01-01 00:00 M:2004-08-17 12:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)N/A, C:1980-01-01 00:00 M:2004-08-17 12:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)N/A, C:1980-01-01 00:00 M:2006-11-02 23:38] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}] <启动迅雷5> [(Verified)Thunder Networking Technologies,LTD, 5, 6, 8, 19, C:2008-02-11 01:24 M:2008-12-18 16:44] ======================================== 启动项 ======================================== 计划任务 ======================================== 组件 Shell Extension [Display Panning CPL Extension] {42071714-76d4-11d1-8b24-00a0c9068ff3} [] [HyperTerminal Icon Ext] {88895560-9AA2-1069-930E-00AA0030EBC8} [(Verified)Hilgraeve, Inc., 5.1.2600.0, C:2006-11-07 01:29 M:2004-08-17 20:00] [NvCpl DesktopContext Class] {A70C977A-BF00-412C-90B7-034C51DA2439} [NVIDIA Corporation, 6.14.11.6906, C:2007-11-06 17:30 M:2007-11-06 17:30] [Play on my TV helper] {FFB699E0-306A-11d3-8BD1-00104B6F7516} [NVIDIA Corporation, 6.14.11.6906, C:2007-11-06 17:30 M:2007-11-06 17:30] [Desktop Explorer] {1CDB2949-8F65-4355-8456-263E7C208A5D} [N/A, C:2007-11-06 17:30 M:2007-11-06 17:30] [Desktop Explorer Menu] {1E9B04FB-F9E5-4718-997B-B8DA88302A47} [N/A, C:2007-11-06 17:30 M:2007-11-06 17:30] [nView Desktop Context Menu] {1E9B04FB-F9E5-4718-997B-B8DA88302A48} [N/A, C:2007-11-06 17:30 M:2007-11-06 17:30] [WinRAR shell extension] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2008-10-28 22:47 M:2008-09-30 21:14] [RISING] {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-02-11 01:20 M:2008-12-19 17:06] BrowserHelperObject [ThunderAtOnce Class] {01443AEC-0FD1-40fd-9C87-E93D1494C233} [(Verified)Thunder Networking Technologies,LTD, 1.0.5.34, C:2008-02-11 01:24 M:2008-11-15 12:15] [超级兔子上网精灵] {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} [Xiang Feng Technology, 3, 5, 0, 1660, C:2008-04-09 18:03 M:2008-04-09 18:03] [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 120, C:2008-02-11 01:24 M:2008-11-15 12:15] [SafeMon Class] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [(Verified)360.CN, 4, 2, 0, 1007, C:2008-12-10 01:14 M:2008-12-10 01:14] ToolBar [超级兔子上网精灵] {43869BB3-22FD-4F15-9B46-238106BA2F4E} [Xiang Feng Technology, 3, 5, 0, 1660, C:2008-04-09 18:03 M:2008-04-09 18:03] ActiveX Extension [ThunderAtOnce Class] {01443AEC-0FD1-40FD-9C87-E93D1494C233} [(Verified)Thunder Networking Technologies,LTD, 1.0.5.34, C:2008-02-11 01:24 M:2008-11-15 12:15] [Web Browser Applet Control] {08B0E5C0-4FCB-11CF-AAA5-00401C608501} [Microsoft Corporation, 5.00.3810, C:2007-01-03 20:03 M:2003-02-28 18:26] [iTrusPTA Class] {1E0DFFCF-27FF-4574-849B-55007349FEDA} [(Verified)Copyright 2001, 2, 5, 1, 509, C:2007-04-19 18:43 M:2008-04-29 10:36] [RealPlayer RAM Download Handler] {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} [(Verified)RealNetworks, Inc., 6.0.9.2568, C:2006-10-18 23:05 M:2006-10-18 23:05] [超级兔子上网精灵] {43869BB3-22FD-4F15-9B46-238106BA2F4E} [Xiang Feng Technology, 3, 5, 0, 1660, C:2008-04-09 18:03 M:2008-04-09 18:03] [Thunder Agent Class] {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} [(Verified)Thunder Networking Technologies,LTD, 6, 0, 5, 47, C:2008-02-11 01:24 M:2008-11-15 12:15] [EditCtrl Class] {488A4255-3236-44B3-8F27-FA1AECAA8844} [(Verified)Copyright 2007, 2, 1, 2, 1, C:2007-04-19 18:46 M:2008-05-20 10:51] [InfoSecNetSign Class] {62B938C4-4190-4F37-8CF0-A92B0A91CC77} [Infosec Technologies Co., Ltd., 1, 2, 0, 1, C:2008-02-15 02:10 M:2002-06-19 18:52] [XMP Class] {6483F145-A768-4C41-AACC-52D4D7845851} [Xunlei Networking Technologies,LTD, 2, 1, 9, 100, C:2008-02-11 01:24 M:2008-12-18 16:43] [XDRM] {693571CB-54A3-4E90-9D52-EEAE1334E2D3} [Copyright XunLei 2007, 1, 0, 0, 7, C:2008-02-11 01:24 M:2008-11-13 10:54] [StormPlayer Object] {6BE52E1D-E586-474F-A6E2-1A85A9B4D9FB} [(Verified)北京暴风网际科技有限公司, 3, 8, 12, 1, C:2008-12-01 22:11 M:2008-12-01 22:11] [WangWangObj Class] {6E213FC7-DD5A-4115-B7E6-D4C7838C361E} [(Verified)阿里巴巴软件(上海)有限公司, 1, 0, 0, 5, C:2008-08-09 18:28 M:2008-03-18 12:14] [超级兔子上网精灵] {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} [Xiang Feng Technology, 3, 5, 0, 1660, C:2008-04-09 18:03 M:2008-04-09 18:03] [MediaComm Class] {7670648D-461B-42AF-BDFE-46D26AF5EFF2} [(Verified)Thunder Networking Technologies,LTD, 3, 1, 6, 81, C:2008-11-21 12:18 M:2008-11-25 11:16] [360SafeLive] {87515F61-A66C-4319-A0E0-D416CB8059E3} [(Verified)360.cn, 1, 0, 1, 1029, C:2008-11-25 09:42 M:2008-11-25 09:42] [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 120, C:2008-02-11 01:24 M:2008-11-15 12:15] [UTPKES Control] {94BE7FE8-CF75-4FD3-8A41-9D5FE7135511} [广州科友科技股份有限公司, 1.0.0.2, C:2006-05-30 23:17 M:2006-06-13 09:41] [UploadFilePartition Class] {A877BA28-1F7E-4876-B299-50B3199A1A5D} [(Verified)Tencent Inc., 1, 0, 1, 29, C:2007-12-27 10:56 M:2008-04-28 15:09] [DapCtrl Class] {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} [(Verified)ShenZhen Thunder Networking Technologies Ltd., 2, 3, 5808, 119, C:2008-12-23 22:57 M:2008-12-15 17:51] [SafeMon Class] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [(Verified)360.CN, 4, 2, 0, 1007, C:2008-12-10 01:14 M:2008-12-10 01:14] [Tencent Safety Online Base Module] {C09B522F-8AED-4E21-A65C-DC1AB652BAEE} [(Verified)Tencent Corporation, 2007, 4, 10, 12, C:2006-12-17 16:10 M:2006-12-17 16:10] [RealPlayer G2 Control] {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} [RealNetworks, 6.0.8.1839, C:2007-04-06 16:45 M:2007-04-06 16:45] [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [(Verified)Adobe Systems, Inc., 10,0,12,36, C:2008-10-05 11:20 M:2008-10-05 11:20] [PlayerCtrl Class] {E05BC2A3-9A46-4A32-80C9-023A473F5B23} [(Verified)深圳腾讯科技, 3, 1, 163, 202, C:2007-05-20 16:38 M:2007-05-20 16:38] [PasswordEditCtrl Class] {E787FD25-8D7C-4693-AE67-9406BC6E22DF} [(Verified)腾讯科技(深圳)有限公司, 1, 1, 0, 5, C:2008-01-07 17:08 M:2008-01-07 17:08] [XPPlayer Class] {F3E70CEA-956E-49CC-B444-73AFE593AD7F} [(Verified)Xunlei Networking Technologies,LTD, 2, 1, 5880, 242, C:2008-12-23 22:57 M:2008-12-17 16:39] [Iesign Control] {F3E92562-1B4D-4BFA-B2D4-E9BCABE3B5A1} [csii, 1, 0, 0, 1, C:2006-05-30 23:17 M:2006-06-13 09:57] Context Menu [Cover Designer] {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} <> [] [RisingRavExt] {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-02-11 01:20 M:2008-12-19 17:06] [WinRAR] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2008-10-28 22:47 M:2008-09-30 21:14] [{7138527F-430B-45B0-B164-9AA396644263}] {7138527F-430B-45B0-B164-9AA396644263} [Copyright 2007, 1, 0, 0, 1, C:2008-11-29 17:22 M:2008-11-29 17:22] ======================================== 服务 [Update For Windows / Autoupdate][Stopped/Auto Start] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\system32\Autoupdate.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] [Canon Camera Access Library 8 / CCALib8][Running/Auto Start] [Canon Inc., 8, 4, 0, 1, C:2007-01-31 14:55 M:2007-01-31 14:55] [HD_CertService / HD_CertService][Running/Auto Start] [版权所有 (C) 2007, 1, 0, 0, 4, C:2008-02-15 02:10 M:2007-05-15 10:37] [Human Interface Device Access / HidServ][Stopped/Disabled] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\hidserv.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] [NVIDIA Display Driver Service / NVSvc][Running/Auto Start] <%SystemRoot%\system32\nvsvc32.exe> [NVIDIA Corporation, 6.14.11.6906, C:2007-11-06 17:30 M:2007-11-06 17:30] [AVG Anti-Spyware Guard / AVG Anti-Spyware Guard][Running/Auto Start] [(Verified)GRISOFT s.r.o., 7, 5, 1, 22, C:2007-05-31 00:31 M:2008-02-13 00:53] [Contrl Center of Storm Media / ccosm][Running/Auto Start] [(Verified)北京暴风网际科技有限公司, 3, 8, 10, 15, C:2008-01-11 11:41 M:2008-10-16 17:07] [Rav Process Communication Center / RavCCenter][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-19 17:10 M:2008-12-19 17:06] [Rising RavTask Manager / RavTask][Running/Auto Start] <"C:\Program Files\Rising\Rav\RavTask.exe" RavTask> [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 22, C:2008-12-19 17:10 M:2008-12-19 17:06] [Rising Proxy Service / RfwProxySrv][Running/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.38, C:2008-02-11 01:23 M:2008-12-08 16:27] [Rising Personal Firewall Service / RfwService][Running/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.77, C:2008-02-11 01:23 M:2008-10-15 23:14] [Rising RealTime Monitor / RsRavMon][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-19 17:10 M:2008-12-19 17:06] [Rising Scan Service / RsScanSrv][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2008-12-19 17:10 M:2008-12-19 17:06] ======================================== 驱动 [USB2.0 PC Camera / A0380VID][Running/Manual Start] [CNLTF., 1.2.53.1031, C:2008-02-11 02:51 M:2007-11-01 11:43] [AMD K8 Processor Driver / AmdK8][Stopped/Manual Start] [Advanced Micro Devices, 1.1.0 (srv03_sp1_rtm.050324-1447), C:2005-08-12 09:09 M:2005-05-21 20:43] [aupt001 / aupt001][Stopped/Manual Start] <\??\C:\WINDOWS\system32\drivers\aupt001.sys> [] [EagleNT / EagleNT][Stopped/Manual Start] <\??\C:\WINDOWS\system32\drivers\EagleNT.sys> [] [isliy / isliy][Stopped/Disabled] <\??\C:\WINDOWS\system32\drivers\isliy.sys> [] [npkcrypt / npkcrypt][Stopped/Manual Start] <\??\C:\WINDOWS\system32\npkcrypt.sys> [] [npkycryp / npkycryp][Stopped/Manual Start] <\??\C:\WINDOWS\system32\npkycryp.sys> [] [nv / nv][Running/Manual Start] [NVIDIA Corporation, 6.14.11.6906, C:2006-11-07 01:20 M:2007-11-06 17:30] [TCP/IP Protocol Driver / Tcpip][Running/System Start] [Microsoft Corporation, 5.1.2600.3394 (xpsp_sp2_gdr.080620-1245), C:2004-08-17 12:00 M:2008-06-20 18:45] [TesSafe / TesSafe][Stopped/Manual Start] <\??\C:\WINDOWS\system32\TesSafe.sys> [TENCENT, 0, 0, 6, 0, C:2008-06-11 17:31 M:2008-11-20 10:32] [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start] [(Verified)Intel Corporation, 5.10.3523 built by: WinDDK, C:2006-11-07 01:20 M:2001-08-17 12:20] [AliIde / AliIde][Running/Boot Start] [(Verified)Acer Laboratories Inc., 1.20, C:2005-06-29 18:14 M:2005-06-16 08:58] [AVG Anti-Spyware Driver / AVG Anti-Spyware Driver][Running/System Start] <\??\d:\Program Files\AVG Anti-Spyware\guard.sys> [(Verified)N/A, C:2007-05-31 00:10 M:2008-02-13 00:53] [AVG Anti-Spyware Clean Driver / AvgAsCln][Running/System Start] [(Verified)GRISOFT, s.r.o., 1.0.0.14, C:2008-02-13 00:37 M:2007-05-31 00:10] [中国华大智能密码钥匙驱动程序 / CIDCUSB][Stopped/Manual Start] [(Verified)CIDC., 1, 0, 4, 4, C:2007-05-08 18:43 M:2007-03-01 09:30] [CmdIde / CmdIde][Running/Boot Start] [(Verified)CMD Technology, Inc., 2.0.7 (XPClient.010817-1148), C:2004-04-12 20:37 M:2001-08-31 15:29] [VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start] [(Verified)VIA Technologies, Inc. , 2.66, C:2006-11-07 01:20 M:2001-08-17 12:13] [Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start] [(Verified)Windows (R) Server 2003 DDK provider, 5.10.01.5013 built by: WinDDK, C:2005-01-07 17:07 M:2005-01-07 17:07] [hookcont / hookcont][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 6, C:2008-12-19 17:10 M:2008-12-19 17:06] [hooksys / hooksys][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 46, C:2008-12-19 17:10 M:2008-12-19 17:07] [HookUrl / HookUrl][Running/Auto Start] <\??\C:\Program Files\Rising\Rfw\HookUrl.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.13, C:2008-02-11 01:23 M:2008-10-20 15:07] [Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start] [(Verified)Realtek Semiconductor Corp., 5.10.0.5377 built by: WinDDK, C:2008-02-11 00:55 M:2007-03-02 17:27] [pepbus / pepbus][Running/Boot Start] [(Verified)Pepstyle International Limited., 1.01, C:2008-02-17 05:36 M:2007-11-20 17:54] [pepscsi / pepscsi][Stopped/Manual Start] [(Verified)Pepstyle International Limited., 1.04, C:2008-02-17 05:36 M:2007-11-20 17:54] [PEP_HKA / PEP_HKA][Running/Boot Start] [(Verified)Pepstyle International Limited., 1, 0, 0, 0, C:2008-02-17 05:36 M:2007-11-12 16:19] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:2004-08-17 12:00 M:2004-08-17 12:00] [Rising Rfwbase Driver / RfwBase][Running/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.10, C:2008-02-11 01:23 M:2008-07-29 16:21] [RsFwDrv / RsFwDrv][Running/System Start] <\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.35, C:2008-02-11 01:23 M:2008-10-20 15:05] [RsNTGDI / RsNTGDI][Running/Boot Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-19 17:10 M:2008-12-19 17:06] [RsProtect / RsProtect][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 8, C:2008-12-20 06:54 M:2008-12-21 19:41] [Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver / RTLE8023xp][Running/Manual Start] [(Verified)Realtek Semiconductor Corporation , 5.664.0205.2007 built by: WinDDK, C:2008-02-11 00:56 M:2007-02-08 00:43] [SafeBoxKrnl / SafeBoxKrnl][Running/System Start] <\??\C:\WINDOWS\system32\drivers\SafeBoxKrnl.sys> [(Verified)360安全中心, 2, 2, 2, 1008, C:2008-11-15 11:33 M:2008-11-15 11:33] [Secdrv / Secdrv][Stopped/Manual Start] [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:2004-08-17 12:00 M:2007-11-13 18:25] ======================================== 进程 [PID: 612 / SYSTEM] \SystemRoot\System32\smss.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] [PID: 676 / SYSTEM] \??\C:\WINDOWS\system32\csrss.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-02-11 01:23 M:2008-07-25 16:13] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-02-11 01:23 M:2008-07-25 16:13] [PID: 700 / SYSTEM] \??\C:\WINDOWS\system32\winlogon.exe [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2006-09-24 16:42] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-02-11 01:23 M:2008-07-25 16:13] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-02-11 01:23 M:2008-07-25 16:13] [PID: 744 / SYSTEM] C:\WINDOWS\system32\services.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-02-11 01:23 M:2008-07-25 16:13] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-02-11 01:23 M:2008-07-25 16:13] [PID: 756 / SYSTEM] C:\WINDOWS\system32\lsass.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-02-11 01:23 M:2008-07-25 16:13] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-02-11 01:23 M:2008-07-25 16:13] [PID: 928 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-02-11 01:23 M:2008-07-25 16:13] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-02-11 01:23 M:2008-07-25 16:13] [PID: 996 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-02-11 01:23 M:2008-07-25 16:13] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-02-11 01:23 M:2008-07-25 16:13] [PID: 1104 / SYSTEM] C:\Program Files\Rising\Rav\CCENTER.EXE [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-19 17:10 M:2008-12-19 17:09] C:\Program Files\Rising\Rav\cnt09.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 37, C:2008-12-19 17:10 M:2008-12-19 17:09] C:\Program Files\Rising\Rav\cnt08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-19 17:10 M:2008-12-19 17:09] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-02-11 01:23 M:2008-07-25 16:13] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-02-11 01:23 M:2008-07-25 16:13] [PID: 1112 / SYSTEM] C:\WINDOWS\System32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\System32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-02-11 01:23 M:2008-07-25 16:13] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-02-11 01:23 M:2008-07-25 16:13] [PID: 1156 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-02-11 01:23 M:2008-07-25 16:13] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-02-11 01:23 M:2008-07-25 16:13] [PID: 1284 / LOCAL SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-02-11 01:23 M:2008-07-25 16:13] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-02-11 01:23 M:2008-07-25 16:13] [PID: 1320 / SYSTEM] C:\Program Files\Rising\Rav\RavMonD.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-19 17:10 M:2008-12-19 17:09] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\Program Files\Rising\Rav\moncomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\MonBase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\Rslog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.32, C:2008-12-19 17:10 M:2008-12-19 17:09] C:\Program Files\Rising\Rav\mondrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-19 17:10 M:2008-12-19 17:07] C:\Program Files\Rising\Rav\defmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 29, C:2008-12-19 17:10 M:2008-12-19 17:07] C:\Program Files\Rising\Rav\moncom08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\MonRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\FileMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 21, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\MailMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 21, C:2008-12-19 17:10 M:2008-12-19 17:09] C:\Program Files\Rising\Rav\HookWeb.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-19 17:10 M:2008-12-19 17:09] C:\Program Files\Rising\Rav\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.13, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-02-11 01:23 M:2008-07-25 16:13] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-02-11 01:23 M:2008-07-25 16:13] C:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\Hooksys.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 18, C:2008-12-19 17:10 M:2008-12-19 17:07] C:\Program Files\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\HookCont.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 11, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-19 17:10 M:2008-12-19 17:09] C:\Program Files\Rising\Rav\BACore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 16, C:2008-12-19 17:10 M:2008-12-19 17:07] C:\Program Files\Rising\Rav\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\RSStore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 8, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\ScanAdd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.14, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\Scanner.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.32, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\Program Files\Rising\Rav\ffr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\nvfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\scanexec.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\unexe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\scanex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 15, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\pearc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\scanpe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\ur000.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\extfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\revm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\urutils.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\ur023.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\ur001.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\scansct.dll [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-19 17:10 M:2008-12-23 15:59] C:\Program Files\Rising\Rav\scriptci.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\ur004.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\ur025.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\extmail.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\posttrt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-19 17:10 M:2008-12-19 17:06] [PID: 1332 / SYSTEM] C:\Program Files\Rising\Rfw\rfwsrv.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.77, C:2008-02-11 01:23 M:2008-10-15 23:14] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2008-02-11 01:20 M:2008-02-11 01:19] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\Program Files\Rising\Rfw\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-02-11 01:23 M:2008-07-29 16:21] C:\Program Files\Rising\Rfw\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-02-11 01:23 M:2008-07-29 16:21] C:\Program Files\Rising\Rfw\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-02-11 01:23 M:2008-07-29 16:21] C:\Program Files\Rising\Rfw\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-02-11 01:23 M:2008-07-29 16:21] C:\Program Files\Rising\Rfw\RfwRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.17, C:2008-02-11 01:23 M:2008-07-29 16:21] C:\Program Files\Rising\Rfw\rfwlog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.16, C:2008-02-11 01:23 M:2008-07-29 16:21] C:\Program Files\Rising\Rfw\Rfwdrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.50, C:2008-02-11 01:23 M:2008-10-28 18:58] C:\Program Files\Rising\Rfw\ijt_ctrl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.0, C:2008-02-11 01:23 M:2008-07-25 16:14] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-02-11 01:23 M:2008-07-25 16:13] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-02-11 01:23 M:2008-07-25 16:13] C:\Program Files\Rising\Rfw\unvdet.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.8, C:2008-02-11 01:23 M:2008-07-30 20:40] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\Program Files\Rising\Rfw\mPorts.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.6, C:2008-02-11 01:23 M:2008-07-29 16:21] [PID: 1376 / SYSTEM] C:\Program Files\Rising\Rfw\rfwProxy.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.38, C:2008-02-11 01:23 M:2008-12-08 16:27] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2008-02-11 01:20 M:2008-02-11 01:19] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\Program Files\Rising\Rfw\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-02-11 01:23 M:2008-07-29 16:21] C:\Program Files\Rising\Rfw\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-02-11 01:23 M:2008-07-29 16:21] C:\Program Files\Rising\Rfw\RfwRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.17, C:2008-02-11 01:23 M:2008-07-29 16:21] C:\Program Files\Rising\Rfw\urlrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1.0.0.15, C:2008-05-12 17:12 M:2008-07-29 16:21] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-02-11 01:23 M:2008-07-25 16:13] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-02-11 01:23 M:2008-07-25 16:13] C:\Program Files\Rising\Rfw\MonMid.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.6, C:2008-02-11 01:23 M:2008-07-29 16:21] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 1612 / SYSTEM] C:\Program Files\Rising\Rfw\rfwstub.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.12, C:2008-02-11 01:23 M:2008-07-30 20:40] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\Program Files\Rising\Rfw\RSCOMMON.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-02-11 01:23 M:2008-07-29 16:21] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-02-11 01:23 M:2008-07-25 16:13] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-02-11 01:23 M:2008-07-25 16:13] [PID: 1752 / SYSTEM] C:\Program Files\Rising\Rav\rsnetsvr.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-19 17:10 M:2008-12-19 17:09] C:\Program Files\Rising\Rav\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.9, C:2008-12-19 17:10 M:2008-12-19 17:09] C:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-02-11 01:23 M:2008-07-25 16:13] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-02-11 01:23 M:2008-07-25 16:13] [PID: 260 / XiaoBin] C:\Program Files\Rising\Rfw\RfwMain.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.1.70, C:2008-02-11 01:23 M:2008-07-25 16:14] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2008-02-11 01:20 M:2008-02-11 01:19] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\Program Files\Rising\Rfw\RsGuiLib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90, C:2008-02-11 01:23 M:2008-07-30 20:40] C:\Program Files\Rising\Rfw\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-02-11 01:23 M:2008-07-29 16:21] C:\Program Files\Rising\Rfw\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-02-11 01:23 M:2008-07-29 16:21] C:\Program Files\Rising\Rfw\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-02-11 01:23 M:2008-07-29 16:21] C:\Program Files\Rising\Rfw\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-02-11 01:23 M:2008-07-29 16:21] C:\Program Files\Rising\Rfw\RSCOMMON.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-02-11 01:23 M:2008-07-29 16:21] C:\Program Files\Rising\Rfw\RfwCtrl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-02-11 01:23 M:2008-07-29 16:21] C:\Program Files\Rising\Rfw\RsXML.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-02-11 01:23 M:2008-07-29 16:21] C:\Program Files\Rising\Rfw\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-02-11 01:23 M:2008-07-30 20:40] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-02-11 01:23 M:2008-07-25 16:13] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-02-11 01:23 M:2008-07-25 16:13] C:\Program Files\Rising\Rfw\RfwRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.17, C:2008-02-11 01:23 M:2008-07-29 16:21] [PID: 460 / LOCAL SERVICE] C:\WINDOWS\System32\SCardSvr.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\System32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-02-11 01:23 M:2008-07-25 16:13] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-02-11 01:23 M:2008-07-25 16:13] [PID: 948 / XiaoBin] C:\Program Files\Rising\Rav\RsTray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.21, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\Program Files\Rising\Rav\ComServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.49, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\Program Files\Rising\Rav\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 26, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\rsxml.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\MonState.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\ScanEvnt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.12, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\rsvrinfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 69, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2008-02-11 01:20 M:2008-02-11 01:19] C:\Program Files\Rising\Rav\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.13, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\rspalvd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.19, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\ravbintl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24, C:2008-12-19 17:10 M:2008-12-19 17:07] C:\Program Files\Rising\Rav\mruleui.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10, C:2008-12-19 17:10 M:2008-12-19 17:07] C:\Program Files\Rising\Rav\MonTray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.85, C:2008-12-19 17:10 M:2008-12-19 17:07] C:\Program Files\Rising\Rav\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\RavITray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 19, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\ScanPrxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.13, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10, C:2008-12-19 17:10 M:2008-12-19 17:07] [PID: 1136 / XiaoBin] C:\WINDOWS\system32\ctfmon.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-02-11 01:23 M:2008-07-25 16:13] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-02-11 01:23 M:2008-07-25 16:13] [PID: 1460 / SYSTEM] d:\Program Files\AVG Anti-Spyware\guard.exe [(Verified)GRISOFT s.r.o., 7, 5, 1, 22, C:2007-05-31 00:31 M:2008-02-13 00:53] d:\Program Files\AVG Anti-Spyware\engine.dll [(Verified)GRISOFT s.r.o., 4, 2, 0, 19, C:2007-06-07 22:49 M:2008-02-13 00:53] [PID: 1592 / SYSTEM] d:\Program Files\暴风影音\stormliv.exe [(Verified)北京暴风网际科技有限公司, 3, 8, 10, 15, C:2008-01-11 11:41 M:2008-10-16 17:07] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] d:\Program Files\暴风影音\bfoptdll.dll [(Verified)北京暴风网际科技有限公司, 3, 8, 7, 16, C:2008-11-06 02:23 M:2008-08-01 20:11] d:\Program Files\暴风影音\box\BoxLog.dll [(Verified)北京暴风网际科技有限公司, 3, 8, 11, 3, C:2008-11-06 02:23 M:2008-11-03 10:35] [PID: 1816 / SYSTEM] C:\Program Files\95599 Certificate Tools\CIDC\HD_CertService.exe [版权所有 (C) 2007, 1, 0, 0, 4, C:2008-02-15 02:10 M:2007-05-15 10:37] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 2052 / XiaoBin] C:\Program Files\95599 Certificate Tools\CIDC\RegCertTool.exe [CIDC, 1, 0, 0, 12, C:2008-02-15 02:10 M:2007-05-11 11:51] C:\WINDOWS\system32\HDIFD20B.dll [CIDC., 1, 0, 17, 29, C:2008-02-15 02:10 M:2007-04-29 11:25] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] D:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1007, C:2008-12-10 01:14 M:2008-12-10 01:14] [PID: 2068 / SYSTEM] C:\WINDOWS\system32\nvsvc32.exe [NVIDIA Corporation, 6.14.11.6906, C:2007-11-06 17:30 M:2007-11-06 17:30] C:\WINDOWS\system32\nvapi.dll [NVIDIA Corporation, 6.14.11.6906, C:2007-11-06 17:30 M:2007-11-06 17:30] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 2156 / SYSTEM] C:\Program Files\Rising\Rav\RavTask.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 22, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.13, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\Program Files\Rising\Rav\rsstub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\Program Files\Rising\Rav\rstask.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 33, C:2008-12-19 17:10 M:2008-12-19 17:06] [PID: 2332 / SYSTEM] C:\Program Files\Rising\Rav\ScanFrm.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\Program Files\Rising\Rav\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-19 17:10 M:2008-12-19 17:09] C:\Program Files\Rising\Rav\moncomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\scansrvp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\ScanSrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.9, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-19 17:10 M:2008-12-19 17:06] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 2360 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 2516 / SYSTEM] C:\Program Files\Canon\CAL\CALMAIN.exe [Canon Inc., 8, 4, 0, 1, C:2007-01-31 14:55 M:2007-01-31 14:55] [PID: 3988 / XiaoBin] D:\Program Files\arswp\ArSwp.exe [(Verified)ArSwp.com, 2, 8, 2, 1115, C:2008-12-21 17:51 M:2008-11-15 11:58] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-02-11 01:23 M:2008-07-25 16:13] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-02-11 01:23 M:2008-07-25 16:13] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] D:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1007, C:2008-12-10 01:14 M:2008-12-10 01:14] D:\Program Files\arswp\plugin\ArFix.dll [(Verified)ArSwp.Com, 2, 5, 0, 0, C:2008-12-21 17:51 M:2007-11-28 15:19] C:\WINDOWS\system32\Macromed\Flash\FlDbg10a.ocx [(Verified)Adobe Systems, Inc., 10,0,12,36, C:2008-10-05 11:20 M:2008-10-05 11:20] [PID: 1568 / XiaoBin] C:\Program Files\Internet Explorer\iexplore.exe [(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-11-07 01:31 M:2004-08-17 20:00] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-02-11 01:23 M:2008-07-25 16:13] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-02-11 01:23 M:2008-07-25 16:13] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] D:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1007, C:2008-12-10 01:14 M:2008-12-10 01:14] C:\WINDOWS\system32\browselc.dll [Microsoft Corporation, 6.00.2600.0000, C:1980-01-01 00:00 M:2001-09-29 14:39] D:\Program Files\Super Rabbit\MagicSet\haokanbar.dll [Xiang Feng Technology, 3, 5, 0, 1660, C:2008-04-09 18:03 M:2008-04-09 18:03] d:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll [(Verified)Thunder Networking Technologies,LTD, 1.0.5.34, C:2008-02-11 01:24 M:2008-11-15 12:15] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-05 10:31] d:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 120, C:2008-02-11 01:24 M:2008-11-15 12:15] d:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_01.dll [Thunder Networking Technologies,LTD, 1, 0, 0, 20, C:2008-12-23 22:57 M:2008-12-18 16:43] d:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_01.dll [Thunder Networking Technologies,LTD, 1, 0, 0, 16, C:2008-12-23 22:57 M:2008-12-18 16:43] C:\WINDOWS\system32\Macromed\Flash\FlDbg10a.ocx [(Verified)Adobe Systems, Inc., 10,0,12,36, C:2008-10-05 11:20 M:2008-10-05 11:20] C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xmvsource.dll_1_work [XunLei, 1, 0, 0, 5, C:2008-02-11 01:24 M:2008-11-13 10:54] [PID: 3832 / XiaoBin] C:\Program Files\Internet Explorer\IEXPLORE.EXE [(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-11-07 01:31 M:2004-08-17 20:00] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-02-11 01:23 M:2008-07-25 16:13] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-02-11 01:23 M:2008-07-25 16:13] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] D:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1007, C:2008-12-10 01:14 M:2008-12-10 01:14] C:\WINDOWS\system32\browselc.dll [Microsoft Corporation, 6.00.2600.0000, C:1980-01-01 00:00 M:2001-09-29 14:39] D:\Program Files\Super Rabbit\MagicSet\haokanbar.dll [Xiang Feng Technology, 3, 5, 0, 1660, C:2008-04-09 18:03 M:2008-04-09 18:03] d:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll [(Verified)Thunder Networking Technologies,LTD, 1.0.5.34, C:2008-02-11 01:24 M:2008-11-15 12:15] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-05 10:31] d:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 120, C:2008-02-11 01:24 M:2008-11-15 12:15] d:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_01.dll [Thunder Networking Technologies,LTD, 1, 0, 0, 20, C:2008-12-23 22:57 M:2008-12-18 16:43] d:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_01.dll [Thunder Networking Technologies,LTD, 1, 0, 0, 16, C:2008-12-23 22:57 M:2008-12-18 16:43] [PID: 2428 / XiaoBin] C:\WINDOWS\explorer.exe [(Verified)Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234), C:2004-08-17 12:00 M:2007-06-13 21:21] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] D:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1007, C:2008-12-10 01:14 M:2008-12-10 01:14] ======================================== 文件关联 ======================================== AutoRun.INF ======================================== Winsock提供者 ======================================== HOSTS 127.0.0.1 localhost [/CODE]