[CODE]

2008-12-24,10:10:57

SysLog Scanner 1.0 - build 20080726
Arswp (http://www.arswp.com)

Windows XP Professional Service Pack 3 (build 2600) - Administrators



========================================
注册项

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2004-08-17 12:00 M:2008-04-13 19:14|(Verified)NVIDIA Corporation, 6.14.10.9136, C:2008-05-31 16:15 M:2006-07-12 13:19]
    <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r>  [(Verified)360安全中心, 2, 4, 2, 1002, C:2008-12-01 10:30 M:2008-12-01 10:30]
    <360Safetray><D:\360safe\safemon\360Tray.exe /start>  []
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2004-08-17 12:00 M:2008-04-13 19:14|(Verified)NVIDIA Corporation, 6.14.10.9136, C:2008-05-31 16:15 M:2006-07-12 13:19]

[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\system32\AURORA.SCR>  [Microsoft Corporation, 6.0.5308.17 (winmain_idx01.060217-2200), C:2008-05-31 16:21 M:2006-03-01 05:21]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载]
    <><F:\讯雷\Program\geturl.htm>  [N/A, C:2008-10-16 09:38 M:2008-07-28 15:43]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载全部链接]
    <><F:\讯雷\Program\getallurl.htm>  [N/A, C:2008-10-16 09:38 M:2007-12-10 14:17]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\导出到 Microsoft Office Excel(&X)]
    <><res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000>  []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\添加到QQ表情]
    <><D:\QQ\AddEmotion.htm>  [N/A, C:2008-05-14 10:29 M:2008-05-14 10:29]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2004-08-17 12:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2004-08-17 12:00 M:2008-04-13 19:13|(Verified)N/A, C:2004-08-17 12:00 M:2004-08-17 12:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2004-08-17 12:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2004-08-17 12:00 M:2008-04-13 19:13|(Verified)N/A, C:2007-10-17 00:34 M:2005-01-28 15:25]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2004-08-17 12:00 M:2008-04-13 19:14|Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200), C:2005-09-23 07:28 M:2005-09-23 07:28]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}]
    <启动迅雷5><F:\讯雷\Thunder.exe>  [Thunder Networking Technologies,LTD, 5, 6, 8, 19, C:2008-10-16 09:38 M:2008-08-12 17:41]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0A155D3C-68E2-4215-A47A-E800A446447A}]
    <浩方对战平台><F:\hf\Platform\GameClient.exe>  [(Verified)上海浩方在线信息技术有限公司, 5.1.0.1, C:2008-11-14 16:12 M:2008-11-14 16:12]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{95B3F550-91C4-4627-BCC4-521288C52977}]
    <PPLive><C:\Program Files\PPLive\PPLive.exe>  [(Verified)N/A, C:2007-12-04 19:49 M:2007-03-16 13:46]


========================================
启动项



========================================
计划任务

[SogouImeMgr.job]
    <C:\WINDOWS\tasks\SogouImeMgr.job --> "C:\PROGRA~1\SOGOUI~1\360~1.165\PinyinRepair.exe" /S > [(Verified)Sogou.com Inc., 3.6.0.1653, C:2008-09-17 10:07 M:2008-09-17 10:07]


========================================
组件


Shell Extension
[Display Panning CPL Extension]
    {42071714-76d4-11d1-8b24-00a0c9068ff3}  <deskpan.dll>  []
[HyperTerminal Icon Ext]
    {88895560-9AA2-1069-930E-00AA0030EBC8}  <C:\WINDOWS\system32\hticons.dll>  [(Verified)Hilgraeve, Inc., 5.1.2600.0, C:2007-09-15 12:13 M:2004-08-17 20:00]
[WinRAR shell extension]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <C:\Program Files\WinRAR\rarext.dll>  [N/A, C:2007-10-17 04:03 M:2007-09-23 18:59]
[Microsoft Office HTML Icon Handler]
    {42042206-2D85-11D3-8CFF-005004838597}  <C:\Program Files\Microsoft Office\OFFICE11\msohev.dll>  []
[NvCpl DesktopContext Class]
    {A70C977A-BF00-412C-90B7-034C51DA2439}  <C:\WINDOWS\system32\nvcpl.dll>  [(Verified)NVIDIA Corporation, 6.14.10.9136, C:2008-05-31 16:15 M:2006-07-12 13:19]
[Play on my TV helper]
    {FFB699E0-306A-11d3-8BD1-00104B6F7516}  <C:\WINDOWS\system32\nvcpl.dll>  [(Verified)NVIDIA Corporation, 6.14.10.9136, C:2008-05-31 16:15 M:2006-07-12 13:19]
[Desktop Explorer]
    {1CDB2949-8F65-4355-8456-263E7C208A5D}  <C:\WINDOWS\system32\nvshell.dll>  [N/A, C:2008-05-31 16:15 M:2006-07-12 13:19]
[Desktop Explorer Menu]
    {1E9B04FB-F9E5-4718-997B-B8DA88302A47}  <C:\WINDOWS\system32\nvshell.dll>  [N/A, C:2008-05-31 16:15 M:2006-07-12 13:19]
[nView Desktop Context Menu]
    {1E9B04FB-F9E5-4718-997B-B8DA88302A48}  <C:\WINDOWS\system32\nvshell.dll>  [N/A, C:2008-05-31 16:15 M:2006-07-12 13:19]
[ShellLink for Application References]
    {e82a2d71-5b2f-43a0-97b8-81be15854de8}  <C:\WINDOWS\system32\dfshim.dll>  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200), C:2005-09-23 07:28 M:2005-09-23 07:28]
[Shell Icon Handler for Application References]
    {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75}  <C:\WINDOWS\system32\dfshim.dll>  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200), C:2005-09-23 07:28 M:2005-09-23 07:28]
[RISING]
    {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}  <C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-05-31 19:23 M:2008-12-18 18:57]

Protocols
[Cor MIME Filter, CorFltr, CorFltr 1]
    {1E66F26B-79EE-11D2-8710-00C04F79ED0D}  <mscoree.dll>  [Microsoft Corporation, 2.0.50727.832 (QFE.050727-8300), C:2007-04-13 03:21 M:2007-04-13 03:21]
[]
    {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC}  <C:\WINDOWS\system32\KuGoo3DownXControl.ocx>  [酷狗, 5.2.4.4, C:2008-06-15 20:30 M:2008-11-24 12:19]

BrowserHelperObject
[Thunder Browser Helper]
    {889D2FEB-5411-4565-8998-1DD2C5261283}  <F:\讯雷\ComDlls\xunleiBHO_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2008-10-16 09:39 M:2008-06-13 09:43]
[卡卡上网安全助手]
    {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}  <C:\WINDOWS\system32\UrlFilter.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-12-24 08:17 M:2008-12-24 08:17]
[SafeMon Class]
    {B69F34DD-F0F9-42DC-9EDD-957187DA688D}  <D:\360safe\safemon\safemon.dll>  []

ActiveX Extension
[Thunder Agent Class]
    {485463B7-8FB2-4B3B-B29B-8B919B0EACCE}  <F:\讯雷\ComDlls\ThunderAgent_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 4, 23, C:2008-10-16 09:39 M:2008-11-13 10:18]
[StormPlayer Object]
    {6BE52E1D-E586-474F-A6E2-1A85A9B4D9FB}  <C:\Program Files\StormII\mps.dll>  [(Verified)北京暴风网际科技有限公司, 3, 8, 6, 22, C:2007-11-16 17:07 M:2008-06-18 14:50]
[MediaComm Class]
    {7670648D-461B-42AF-BDFE-46D26AF5EFF2}  <F:\讯雷\Components\InMedia\MediaAddin18.dll>  [(Verified)Thunder Networking Technologies,LTD, 3, 1, 6, 81, C:2008-11-24 22:55 M:2008-11-25 11:16]
[360SafeLive]
    {87515F61-A66C-4319-A0E0-D416CB8059E3}  <D:\360safe\live.dll>  [(Verified)360.cn, 1, 0, 1, 1029, C:2008-11-25 09:42 M:2008-11-25 09:42]
[RealPlayer G2 Control]
    {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA}  <C:\Program Files\StormII\Codec\rmoc3260.dll>  [(Verified)RealNetworks, Inc., 6.0.9.2568, C:2006-10-18 23:05 M:2006-10-18 23:05]
[Shockwave Flash Object]
    {D27CDB6E-AE6D-11CF-96B8-444553540000}  <C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx>  [(Verified)Adobe Systems, Inc., 10,0,12,36, C:2008-10-05 11:16 M:2008-10-05 11:16]
[QvodCtrl Class]
    {F3D0D36F-23F8-4682-A195-74C92B03D4AF}  <F:\播放器\QvodPlayer\QvodInsert.dll>  [Shenzhen QVOD Technology Co.,Ltd, 3, 0, 0, 56, C:2008-12-12 18:15 M:2008-12-12 18:15]
[XPPlayer Class]
    {F3E70CEA-956E-49CC-B444-73AFE593AD7F}  <C:\Program Files\Common Files\Thunder Network\KanKan\PPlayer.2.1.5853.212.(692).dll>  [Xunlei Networking Technologies,LTD, 2, 1, 5853, 212, C:2008-11-14 18:09 M:2008-11-13 10:54]

Context Menu
[QvodMenu]
    {9F44453E-1E46-4D5C-B57C-112FF2EDAE82}  <F:\播放器\QvodPlayer\QvodBand.dll>  [Shenzhen QVOD Technology Co.,Ltd, 3, 0, 0, 0, C:2008-10-31 18:47 M:2008-10-31 18:47]
[RisingRavExt]
    {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}  <C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-05-31 19:23 M:2008-12-18 18:57]
[WinRAR]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <C:\Program Files\WinRAR\rarext.dll>  [N/A, C:2007-10-17 04:03 M:2007-09-23 18:59]


========================================
服务

[Contrl Center of Storm Media / ccosm][Stopped/Disabled]
    <C:\Program Files\StormII\stormliv.exe /asservice>  [北京暴风网际科技有限公司, 3, 8, 6, 20, C:2007-11-16 17:07 M:2008-05-28 16:40]
[Help and Support / helpsvc][Stopped/Manual Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll">  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2004-08-17 12:00 M:2008-04-13 19:14]
[Human Interface Device Access / HidServ][Stopped/Disabled]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\hidserv.dll">  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2004-08-17 12:00 M:2008-04-13 19:14]
[Windows CardSpace / idsvc][/Manual Start]
    <"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe">  [Microsoft Corporation, 3.0.4506.30 (WAPRTM.004506-0030), C:2006-10-30 03:33 M:2006-10-30 03:33]
[NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
    <C:\WINDOWS\system32\mnmsrvc.exe>  []
[Net.Tcp Port Sharing Service / NetTcpPortSharing][Stopped/Disabled]
    <"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe">  [Microsoft Corporation, 3.0.4506.30 (WAPRTM.004506-0030), C:2006-10-30 03:34 M:2006-10-30 03:34]
[Qvod Terminal / Qvod Terminal][Stopped/Auto Start]
    <F:\播放器\QvodPlayer\QvodTerminal.exe>  [Shenzhen QVOD Technology Co.,Ltd, 3, 0, 0, 56, C:2008-12-11 12:50 M:2008-12-11 12:50]
[ServiceLayer / ServiceLayer][Stopped/Manual Start]
    <"C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe">  []

[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
    <%SystemRoot%\system32\nvsvc32.exe>  [(Verified)NVIDIA Corporation, 6.14.10.9136, C:2008-05-31 16:15 M:2006-07-12 13:19]
[Rav Process Communication Center / RavCCenter][Stopped/Auto Start]
    <D:\瑞星\Rising\Rav\CCENTER.EXE>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 19:00 M:2008-12-18 18:56]
[Rising RavTask Manager / RavTask][Running/Auto Start]
    <"D:\瑞星\Rising\Rav\RavTask.exe" RavTask>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 22, C:2008-12-18 19:00 M:2008-12-18 18:56]
[Rising Proxy  Service / RfwProxySrv][Running/Auto Start]
    <D:\瑞星\Rising\Rfw\rfwProxy.exe>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.38, C:2008-05-31 19:44 M:2008-12-09 16:27]
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
    <D:\瑞星\Rising\Rfw\rfwsrv.exe>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.77, C:2008-05-31 19:44 M:2008-10-15 18:48]
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
    <D:\瑞星\Rising\Rav\RavMonD.exe>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-18 19:00 M:2008-12-18 18:56]
[Rising Scan Service / RsScanSrv][Stopped/Auto Start]
    <D:\瑞星\Rising\Rav\ScanFrm.exe>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2008-12-18 19:00 M:2008-12-18 18:56]


========================================
驱动

[A320RAID / A320RAID][Stopped/Boot Start]
    <System32\Drivers\a320raid.sys>  [Adaptec, Inc., 3.00.00.63, C:2006-10-28 11:50 M:2005-10-25 01:29]
[ADPU320 / ADPU320][Stopped/Boot Start]
    <System32\Drivers\adpu320.sys>  [Adaptec, Inc., 7.0.000.000 (NT.040809-2325), C:2006-10-28 11:50 M:2005-05-21 20:43]
[ahci8086 / ahci8086][Running/Boot Start]
    <System32\Drivers\ahci8086.sys>  [ATI Technologies Inc.,  2.5.1540.28 built by: WinDDK, C:2006-10-28 11:50 M:2006-05-18 19:50]
[CSB6IDE / CSB6IDE][Running/Boot Start]
    <System32\Drivers\csb6ide.sys>  [ServerWorks Corporation, 1.00, C:2006-10-28 11:50 M:2002-06-27 17:26]
[EagleNT / EagleNT][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\drivers\EagleNT.sys>  []
[FASTTRAK / FASTTRAK][Running/Boot Start]
    <System32\Drivers\fasttrak.sys>  [Promise Technology, Inc.,  2.00.0.34, C:2006-10-28 11:50 M:2003-04-25 16:20]
[VIA Rhine-Family Fast-Ethernet Adapter Driver Service / FET5X86V][Stopped/Manual Start]
    <system32\DRIVERS\fetnd5bv.sys>  [VIA Technologies, Inc.              , 3.71.0.456, C:2008-05-31 16:16 M:2007-07-05 14:33]
[FTSATA2 / FTSATA2][Running/Boot Start]
    <System32\Drivers\ftsata2.sys>  [Promise Technology, Inc.,  1.00.0.36, C:2006-10-28 11:50 M:2005-01-21 13:35]
[IASTOR / IASTOR][Running/Boot Start]
    <System32\Drivers\iaStor.sys>  [Intel Corporation, 6.1.0.1002, C:2006-10-28 11:50 M:2006-06-14 13:56]
[IGALIVE / IGALIVE][Running/Auto Start]
    <\??\C:\Program Files\IGALIVE\IGALIVE.sys>  [N/A, C:2007-12-17 17:42 M:2007-12-17 17:42]
[ITERAID / ITERAID][Stopped/Boot Start]
    <System32\Drivers\iteraid.sys>  [Integrated Technology Express, Inc., v1.7.1.91 built by: WinDDK, C:2006-10-28 11:50 M:2005-08-04 13:51]
[JRAID / JRAID][Running/Boot Start]
    <System32\Drivers\JRAID.SYS>  [JMicron Technology Corp., 5.1.2600.1040 built by: WinDDK, C:2006-10-28 11:50 M:2006-02-15 10:13]
[M5228 / M5228][Stopped/Boot Start]
    <System32\Drivers\m5228.sys>  [ALi Corporation., 5.028, C:2006-10-28 11:50 M:2004-09-14 14:58]
[M5281 / M5281][Running/Boot Start]
    <System32\Drivers\m5281.sys>  [ALi Corporation, 5.029, C:2006-10-28 11:50 M:2005-03-07 13:23]
[M5289 / M5289][Running/Boot Start]
    <System32\Drivers\m5289.sys>  [ULi Electronics Inc., 5.030, C:2006-10-28 11:50 M:2005-07-04 14:21]
[npkcrypt / npkcrypt][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\npkcrypt.sys>  [INCA Internet Co., Ltd., 2005. 11. 1. 1, C:2008-05-31 20:11 M:2008-12-23 18:28]
[NVATABUS / NVATABUS][Running/Boot Start]
    <System32\Drivers\NVATABUS.SYS>  [NVIDIA Corporation, 5.10.2600.0654 built by: WinDDK, C:2006-10-28 11:50 M:2006-10-20 00:00]
[NVRAID / NVRAID][Running/Boot Start]
    <System32\Drivers\NVRAID.SYS>  [NVIDIA Corporation, 5.10.2600.0622 built by: WinDDK, C:2006-10-28 11:50 M:2005-08-12 14:31]
[QKeyServiceDisplay / QKeyService][Running/Boot Start]
    <system32\KeyCrypt.sys>  [ Tencent Technology (Shenzhen) Company Limited, 1, 0, 0, 9, C:2008-08-04 15:53 M:2008-03-12 18:00]
[SI3112R / SI3112R][Stopped/Boot Start]
    <System32\Drivers\SI3112r.sys>  [Silicon Image, Inc, 1, 0, 56, 0, C:2006-10-28 11:50 M:2006-01-12 11:56]
[SI3114R / SI3114R][Stopped/Boot Start]
    <SYSTEM32\Drivers\SI3114R.sys>  [Silicon Image, Inc, 1, 0, 15, 0, C:2006-10-28 11:50 M:2006-04-10 19:08]
[SI3114R5 / SI3114R5][Stopped/Boot Start]
    <System32\Drivers\Si3114r5.sys>  [Silicon Image, Inc, 1, 4, 3, 0, C:2006-10-28 11:50 M:2006-01-12 11:36]
[SI3124 / SI3124][Stopped/Boot Start]
    <SYSTEM32\Drivers\SI3124.sys>  [Silicon Image, Inc., 1, 3, 17, 0, C:2006-10-28 11:50 M:2005-11-29 10:15]
[SI3124R / SI3124R][Stopped/Boot Start]
    <SYSTEM32\Drivers\SI3124R.sys>  [Silicon Image, Inc, 1, 0, 0, 2, C:2006-10-28 11:50 M:2004-02-03 16:17]
[SI3124R5 / SI3124R5][Stopped/Boot Start]
    <SYSTEM32\Drivers\Si3124r5.sys>  [Silicon Image, Inc, 1, 4, 3, 0, C:2006-10-28 11:50 M:2006-01-12 11:38]
[SI3132 / SI3132][Stopped/Boot Start]
    <System32\Drivers\SI3132.sys>  [Silicon Image, Inc., 1, 0, 15, 0, C:2006-10-28 11:50 M:2006-03-16 14:03]
[SI3132R5 / SI3132R5][Stopped/Boot Start]
    <System32\Drivers\Si3132r5.sys>  [Silicon Image, Inc, 1, 4, 3, 0, C:2006-10-28 11:50 M:2006-01-12 11:41]
[SISRAID2 / SISRAID2][Stopped/Boot Start]
    <System32\Drivers\SiSRaid2.sys>  [Silicon Integrated Systems Corp, 2.03.00, C:2006-10-28 11:50 M:2005-01-11 17:58]
[SYMMPI / SYMMPI][Stopped/Boot Start]
    <System32\Drivers\symmpi.sys>  [LSI Logic, 1.21.10.00 built by: WinDDK, C:2006-10-28 11:50 M:2005-12-07 18:04]
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
    <system32\DRIVERS\tcpip.sys>  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-06-20 19:51 M:2008-06-20 19:51]
[TesSafe / TesSafe][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\TesSafe.sys>  [TENCENT, 0, 0, 6, 5, C:2008-08-08 17:26 M:2008-08-20 10:39]
[upperdev / upperdev][Stopped/Manual Start]
    <system32\DRIVERS\usbser_lowerflt.sys>  []
[VIAMRAID / VIAMRAID][Stopped/Boot Start]
    <System32\Drivers\viamraid.sys>  [VIA Technologies inc,.ltd, 5.1.2600.310, C:2006-10-28 11:50 M:2004-05-18 16:55]
[vmscsi / vmscsi][Stopped/Boot Start]
    <System32\Drivers\vmscsi.sys>  [VMware, Inc., 1, 2, 0, 0, C:2006-10-28 11:50 M:2004-01-31 15:13]

[360AntiArp / 360AntiArp][Running/System Start]
    <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys>  [(Verified)360安全中心, 1, 0, 1, 1007, C:2008-04-09 16:33 M:2008-04-09 16:33]
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
    <system32\drivers\ALCXWDM.SYS>  [(Verified)Realtek Semiconductor Corp., 5.10.00.6270 built by: WinDDK, C:2008-05-31 16:16 M:2007-10-26 11:20]
[AMD Processor Driver / AmdK8][Running/System Start]
    <System32\drivers\amdk8.sys>  [(Verified)Advanced Micro Devices, 1.3.2 (dnsrv(wmbla).060701-2226), C:2006-10-28 11:50 M:2006-07-01 22:43]
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Running/Manual Start]
    <system32\DRIVERS\fetnd5.sys>  [(Verified)VIA Technologies, Inc.              , 2.66, C:2008-05-31 16:15 M:2001-08-17 12:13]
[hookcont / hookcont][Running/System Start]
    <system32\drivers\HookCont.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 6, C:2008-12-18 19:00 M:2008-12-18 18:56]
[hooksys / hooksys][Running/System Start]
    <system32\drivers\HookSys.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 46, C:2008-12-18 19:00 M:2008-12-18 18:57]
[HookUrl / HookUrl][Running/Auto Start]
    <\??\D:\瑞星\Rising\Rfw\HookUrl.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.13, C:2008-05-31 19:44 M:2008-10-22 12:48]
[nv / nv][Running/Manual Start]
    <system32\DRIVERS\nv4_mini.sys>  [(Verified)NVIDIA Corporation, 6.14.10.9136, C:2008-05-31 16:15 M:2006-07-12 13:19]
[DDK PACKET Protocol / Packet][Stopped/Manual Start]
    <system32\DRIVERS\ProtoDrv.sys>  [(Verified)360安全中心, 1, 0, 1, 1001, C:2008-04-09 16:36 M:2008-04-09 16:36]
[PCCS Mode Change Filter Driver / pccsmcfd][Stopped/Manual Start]
    <system32\DRIVERS\pccsmcfd.sys>  [(Verified)Nokia, 6.85.3.0, C:2008-08-22 13:08 M:2007-09-17 14:53]
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
    <system32\DRIVERS\ptilink.sys>  [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:2004-08-17 12:00 M:2004-08-17 12:00]
[Rising  Rfwbase Driver / RfwBase][Running/Auto Start]
    <System32\DRIVERS\rfwbase.SYS>  [(Verified)Beijing Rising Technology Co., Ltd., 7.0.0.8, C:2008-05-31 19:44 M:2008-05-31 19:37]
[RsFwDrv / RsFwDrv][Running/System Start]
    <\??\D:\瑞星\Rising\Rfw\RsFwDrv.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.35, C:2008-05-31 19:44 M:2008-10-22 12:48]
[RsNTGDI / RsNTGDI][Running/Boot Start]
    <system32\Drivers\RsNTGdi.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-05-31 20:31 M:2008-12-18 18:56]
[SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
    <\??\C:\WINDOWS\system32\drivers\SafeBoxKrnl.sys>  [(Verified)360安全中心, 2, 2, 2, 1008, C:2008-11-15 11:33 M:2008-11-15 11:33]
[Secdrv / Secdrv][Stopped/Manual Start]
    <system32\DRIVERS\secdrv.sys>  [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:2004-08-17 12:00 M:2007-11-13 18:25]
[SISRAID4 / SISRAID4][Stopped/Boot Start]
    <System32\Drivers\SiSRaid4.sys>  [(Verified)Silicon Integrated Systems, 3.00.08 (NT.051206-1933), C:2006-10-28 11:50 M:2006-03-22 13:10]
[sym_hi / sym_hi][Running/Boot Start]
    <System32\Drivers\sym_hi.sys>  [(Verified)LSI Logic, 5.1.2462.0 (Lab01_N.010309-0027), C:2006-10-28 11:50 M:2001-08-17 14:07]
[sym_u3 / sym_u3][Running/Boot Start]
    <System32\Drivers\sym_u3.sys>  [(Verified)LSI Logic, 5.1.2462.0 (Lab01_N.010309-0027), C:2006-10-28 11:50 M:2001-08-17 14:07]
[ULSATA / ULSATA][Running/Boot Start]
    <System32\Drivers\ulsata.sys>  [(Verified)Promise Technology, Inc.,  1.1.0.31, C:2006-10-28 11:50 M:2006-10-04 14:53]
[ULSATA2 / ULSATA2][Running/Boot Start]
    <System32\Drivers\ulsata2.sys>  [(Verified)Promise Technology, Inc.,  1.0.0.38, C:2006-10-28 11:50 M:2006-10-04 14:53]
[VIA AGP Filter / viaagp1][Running/Boot Start]
    <system32\DRIVERS\viaagp1.sys>  [(Verified)VIA Technologies, Inc., 5.1.0.3442 built by: VIA, C:2008-05-31 16:15 M:2003-07-02 04:42]
[ViBus / ViBus][Running/Boot Start]
    <system32\DRIVERS\ViBus.sys>  [(Verified)VIA Technologies, Inc., 6.0.6000.223, C:2008-05-31 16:15 M:2007-10-18 18:28]
[videX32 / videX32][Running/Boot Start]
    <system32\DRIVERS\videX32.sys>  [(Verified)VIA Technologies, Inc., 6.0.6000.182, C:2008-05-31 16:15 M:2007-09-21 17:49]
[VIA SATA IDE Device Driver / ViPrt][Running/Boot Start]
    <system32\DRIVERS\ViPrt.sys>  [(Verified)VIA Technologies, Inc., 6.0.6000.223, C:2008-05-31 16:15 M:2007-10-18 18:28]


========================================
进程

[PID: 596 / SYSTEM]   \SystemRoot\System32\smss.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2004-08-17 12:00 M:2008-04-13 19:14]

[PID: 668 / SYSTEM]   \??\C:\WINDOWS\system32\csrss.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2004-08-17 12:00 M:2008-04-13 19:13]
    D:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-31 19:44 M:2008-08-07 12:15]
    D:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-31 19:44 M:2008-08-07 12:15]

[PID: 692 / SYSTEM]   \??\C:\WINDOWS\system32\winlogon.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2004-08-17 12:00 M:2008-04-13 19:14]
    D:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-31 19:44 M:2008-08-07 12:15]
    D:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-31 19:44 M:2008-08-07 12:15]

[PID: 736 / SYSTEM]   C:\WINDOWS\system32\services.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2004-08-17 12:00 M:2008-04-13 19:14]
    D:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-31 19:44 M:2008-08-07 12:15]
    D:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-31 19:44 M:2008-08-07 12:15]

[PID: 748 / SYSTEM]   C:\WINDOWS\system32\lsass.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2004-08-17 12:00 M:2008-04-13 19:14]
    D:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-31 19:44 M:2008-08-07 12:15]
    D:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-31 19:44 M:2008-08-07 12:15]

[PID: 904 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2004-08-17 12:00 M:2008-04-13 19:14]
    D:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-31 19:44 M:2008-08-07 12:15]
    D:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-31 19:44 M:2008-08-07 12:15]

[PID: 984 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2004-08-17 12:00 M:2008-04-13 19:14]
    D:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-31 19:44 M:2008-08-07 12:15]
    D:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-31 19:44 M:2008-08-07 12:15]
    C:\WINDOWS\system32\MSCOREE.DLL  [Microsoft Corporation, 2.0.50727.832 (QFE.050727-8300), C:2007-04-13 03:21 M:2007-04-13 03:21]
    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200), C:2005-09-23 07:28 M:2005-09-23 07:28]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll  [Microsoft Corporation, 8.00.50727.762, C:2006-12-01 22:54 M:2006-12-01 22:54]
    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll  [Microsoft Corporation, 2.0.50727.832 (QFE.050727-8300), C:2007-04-13 03:21 M:2007-04-13 03:21]

[PID: 1084 / SYSTEM]   D:\瑞星\Rising\Rav\CCENTER.EXE   [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\combase.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-18 19:00 M:2008-12-18 18:59]
    D:\瑞星\Rising\Rav\cnt09.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 37, C:2008-12-18 19:00 M:2008-12-18 18:59]
    D:\瑞星\Rising\Rav\cnt08.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-18 19:00 M:2008-12-18 18:59]
    D:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-31 19:44 M:2008-08-07 12:15]
    D:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-31 19:44 M:2008-08-07 12:15]

[PID: 1092 / SYSTEM]   C:\WINDOWS\System32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2004-08-17 12:00 M:2008-04-13 19:14]
    D:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-31 19:44 M:2008-08-07 12:15]
    D:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-31 19:44 M:2008-08-07 12:15]
    D:\瑞星\Rising\Rav\RavScrCh.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.43, C:2008-05-31 19:24 M:2008-12-23 15:34]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.6030.0, C:2006-07-11 18:35 M:2006-07-11 18:35]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.6030.0, C:2006-07-11 18:35 M:2006-07-11 18:35]

[PID: 1136 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2004-08-17 12:00 M:2008-04-13 19:14]
    D:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-31 19:44 M:2008-08-07 12:15]
    D:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-31 19:44 M:2008-08-07 12:15]

[PID: 1204 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2004-08-17 12:00 M:2008-04-13 19:14]
    D:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-31 19:44 M:2008-08-07 12:15]
    D:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-31 19:44 M:2008-08-07 12:15]

[PID: 1256 / LOCAL SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2004-08-17 12:00 M:2008-04-13 19:14]
    D:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-31 19:44 M:2008-08-07 12:15]
    D:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-31 19:44 M:2008-08-07 12:15]

[PID: 1352 / SYSTEM]   D:\瑞星\Rising\Rfw\rfwsrv.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.77, C:2008-05-31 19:44 M:2008-10-15 18:48]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.6030.0, C:2006-07-11 18:43 M:2006-07-11 18:43]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.6030.0, C:2006-07-11 18:35 M:2006-07-11 18:35]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.6030.0, C:2006-07-11 18:35 M:2006-07-11 18:35]
    D:\瑞星\Rising\Rfw\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-05-31 19:44 M:2008-08-07 12:16]
    D:\瑞星\Rising\Rfw\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-05-31 19:44 M:2008-08-07 12:16]
    D:\瑞星\Rising\Rfw\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-05-31 19:44 M:2008-08-07 12:16]
    D:\瑞星\Rising\Rfw\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-05-31 19:44 M:2008-08-07 12:16]
    D:\瑞星\Rising\Rfw\RfwRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.17, C:2008-05-31 19:44 M:2008-08-07 12:15]
    D:\瑞星\Rising\Rfw\rfwlog.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.16, C:2008-05-31 19:44 M:2008-08-07 12:15]
    D:\瑞星\Rising\Rfw\Rfwdrv.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.50, C:2008-05-31 19:44 M:2008-10-28 12:16]
    D:\瑞星\Rising\Rfw\ijt_ctrl.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.0, C:2008-05-31 19:44 M:2008-08-07 12:16]
    D:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-31 19:44 M:2008-08-07 12:15]
    D:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-31 19:44 M:2008-08-07 12:15]
    D:\瑞星\Rising\Rfw\unvdet.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.8, C:2008-05-31 19:44 M:2008-08-07 12:16]
    D:\瑞星\Rising\Rfw\mPorts.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.6, C:2008-05-31 19:44 M:2008-08-07 12:15]

[PID: 1416 / SYSTEM]   D:\瑞星\Rising\Rfw\rfwProxy.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.38, C:2008-05-31 19:44 M:2008-12-09 16:27]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.6030.0, C:2006-07-11 18:43 M:2006-07-11 18:43]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.6030.0, C:2006-07-11 18:35 M:2006-07-11 18:35]
    D:\瑞星\Rising\Rfw\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-05-31 19:44 M:2008-08-07 12:16]
    D:\瑞星\Rising\Rfw\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-05-31 19:44 M:2008-08-07 12:16]
    D:\瑞星\Rising\Rfw\RfwRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.17, C:2008-05-31 19:44 M:2008-08-07 12:15]
    D:\瑞星\Rising\Rfw\urlrule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1.0.0.15, C:2008-05-31 19:44 M:2008-08-07 12:16]
    D:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-31 19:44 M:2008-08-07 12:15]
    D:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-31 19:44 M:2008-08-07 12:15]
    D:\瑞星\Rising\Rfw\MonMid.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.6, C:2008-05-31 19:44 M:2008-08-07 12:16]

[PID: 1700 / SYSTEM]   D:\瑞星\Rising\Rfw\rfwstub.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.12, C:2008-05-31 19:44 M:2008-08-07 12:16]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.6030.0, C:2006-07-11 18:35 M:2006-07-11 18:35]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.6030.0, C:2006-07-11 18:35 M:2006-07-11 18:35]
    D:\瑞星\Rising\Rfw\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-05-31 19:44 M:2008-08-07 12:16]
    D:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-31 19:44 M:2008-08-07 12:15]
    D:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-31 19:44 M:2008-08-07 12:15]

[PID: 1792 / SYSTEM]   D:\瑞星\Rising\Rav\rsnetsvr.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-18 19:00 M:2008-12-18 18:59]
    D:\瑞星\Rising\Rav\NComm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.9, C:2008-12-18 19:00 M:2008-12-18 18:59]
    D:\瑞星\Rising\Rav\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\ProcComm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-18 19:00 M:2008-12-18 18:56]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.6030.0, C:2006-07-11 18:35 M:2006-07-11 18:35]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.6030.0, C:2006-07-11 18:35 M:2006-07-11 18:35]
    D:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-31 19:44 M:2008-08-07 12:15]
    D:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-31 19:44 M:2008-08-07 12:15]

[PID: 2012 / SYSTEM]   C:\WINDOWS\system32\spoolsv.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2004-08-17 12:00 M:2008-04-13 19:14]
    C:\WINDOWS\System32\spool\PRTPROCS\W32X86\filterpipelineprintproc.dll  [Microsoft Corporation, 6.0.5824.16384 (winmain(wmbla).060911-0725), C:2008-08-22 12:58 M:2006-10-14 16:43]
    D:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-31 19:44 M:2008-08-07 12:15]
    D:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-31 19:44 M:2008-08-07 12:15]

[PID: 204 / LOCAL SERVICE]   C:\WINDOWS\System32\alg.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2004-08-17 12:00 M:2008-04-13 19:13]
    D:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-31 19:44 M:2008-08-07 12:15]
    D:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-31 19:44 M:2008-08-07 12:15]

[PID: 272 / SYSTEM]   C:\WINDOWS\system32\nvsvc32.exe   [(Verified)NVIDIA Corporation, 6.14.10.9136, C:2008-05-31 16:15 M:2006-07-12 13:19]
    D:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-31 19:44 M:2008-08-07 12:15]
    D:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-31 19:44 M:2008-08-07 12:15]

[PID: 644 / SYSTEM]   D:\瑞星\Rising\Rav\RavTask.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 22, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\rsconf.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.13, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\proccomm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-18 19:00 M:2008-12-18 18:56]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.6030.0, C:2006-07-11 18:35 M:2006-07-11 18:35]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.6030.0, C:2006-07-11 18:35 M:2006-07-11 18:35]
    D:\瑞星\Rising\Rav\rsstub.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\rstask.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 33, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-31 19:44 M:2008-08-07 12:15]
    D:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-31 19:44 M:2008-08-07 12:15]

[PID: 1192 / SYSTEM]   D:\瑞星\Rising\Rav\ScanFrm.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2008-12-18 19:00 M:2008-12-18 18:56]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.6030.0, C:2006-07-11 18:35 M:2006-07-11 18:35]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.6030.0, C:2006-07-11 18:35 M:2006-07-11 18:35]
    D:\瑞星\Rising\Rav\combase.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-18 19:00 M:2008-12-18 18:59]
    D:\瑞星\Rising\Rav\moncomm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-18 19:00 M:2008-12-18 18:57]
    D:\瑞星\Rising\Rav\scansrvp.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\proccomm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\ScanSrv.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.9, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-31 19:44 M:2008-08-07 12:15]
    D:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-31 19:44 M:2008-08-07 12:15]
    D:\瑞星\Rising\Rav\ScanRavT.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.23, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\ScanBT.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.36, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\ScanStub.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.8, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\ScanAdd.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.14, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\RsLog.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.32, C:2008-12-18 19:00 M:2008-12-18 18:59]
    D:\瑞星\Rising\Rav\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.13, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\Scanner.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.32, C:2008-12-18 19:00 M:2008-12-18 18:57]
    D:\瑞星\Rising\Rav\recomp.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\refs.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\viruslib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\relibldr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\ffr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\nvfile.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\scanexec.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-18 19:00 M:2008-12-18 18:57]
    D:\瑞星\Rising\Rav\unexe.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\scanex.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 15, C:2008-12-18 19:00 M:2008-12-18 18:57]
    D:\瑞星\Rising\Rav\scansct.dll  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 19:00 M:2008-12-23 15:34]
    D:\瑞星\Rising\Rav\extmail.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 19:00 M:2008-12-18 18:57]
    D:\瑞星\Rising\Rav\extole.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\extfile.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\pearc.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-18 19:00 M:2008-12-18 18:57]
    D:\瑞星\Rising\Rav\scanpe.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-18 19:00 M:2008-12-18 18:57]
    D:\瑞星\Rising\Rav\ur000.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\revm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 19:00 M:2008-12-18 18:57]
    D:\瑞星\Rising\Rav\urutils.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-18 19:00 M:2008-12-18 18:57]
    D:\瑞星\Rising\Rav\ur001.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-18 19:00 M:2008-12-18 18:56]

[PID: 1216 / Administrator]   C:\WINDOWS\Explorer.EXE   [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2004-08-17 12:00 M:2008-04-13 19:14]
    D:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-31 19:44 M:2008-08-07 12:15]
    D:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-31 19:44 M:2008-08-07 12:15]
    C:\WINDOWS\system32\nvcpl.dll  [(Verified)NVIDIA Corporation, 6.14.10.9136, C:2008-05-31 16:15 M:2006-07-12 13:19]
    C:\WINDOWS\system32\NVRSZHC.DLL  [NVIDIA Corporation, 6.14.10.9136, C:2008-05-31 16:15 M:2006-07-12 13:19]
    C:\WINDOWS\system32\nvshell.dll  [N/A, C:2008-05-31 16:15 M:2006-07-12 13:19]
    C:\Program Files\WinRAR\rarext.dll  [N/A, C:2007-10-17 04:03 M:2007-09-23 18:59]
    C:\WINDOWS\system32\RavExt.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-05-31 19:23 M:2008-12-18 18:57]
    D:\瑞星\Rising\Rav\RavScrCh.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.43, C:2008-05-31 19:24 M:2008-12-23 15:34]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.6030.0, C:2006-07-11 18:35 M:2006-07-11 18:35]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.6030.0, C:2006-07-11 18:35 M:2006-07-11 18:35]
    C:\WINDOWS\system32\dfshim.dll  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200), C:2005-09-23 07:28 M:2005-09-23 07:28]
    C:\WINDOWS\system32\mscoree.dll  [Microsoft Corporation, 2.0.50727.832 (QFE.050727-8300), C:2007-04-13 03:21 M:2007-04-13 03:21]
    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Shfusion.dll  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200), C:2005-09-23 07:28 M:2005-09-23 07:28]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll  [Microsoft Corporation, 8.00.50727.762, C:2006-12-01 22:54 M:2006-12-01 22:54]
    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Fusion.dll  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200), C:2005-09-23 07:28 M:2005-09-23 07:28]
    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\culture.dll  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200), C:2005-09-23 07:28 M:2005-09-23 07:28]
    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\zh-CHS\ShFusRes.dll  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200), C:2005-12-13 18:19 M:2005-12-13 18:19]
    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll  [Microsoft Corporation, 2.0.50727.832 (QFE.050727-8300), C:2007-04-13 03:21 M:2007-04-13 03:21]

[PID: 1188 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2004-08-17 12:00 M:2008-04-13 19:14]
    D:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-31 19:44 M:2008-08-07 12:15]
    D:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-31 19:44 M:2008-08-07 12:15]

[PID: 2200 / Administrator]   D:\瑞星\Rising\Rfw\RfwMain.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.1.70, C:2008-05-31 19:44 M:2008-08-07 12:16]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.6030.0, C:2006-07-11 18:43 M:2006-07-11 18:43]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.6030.0, C:2006-07-11 18:35 M:2006-07-11 18:35]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.6030.0, C:2006-07-11 18:35 M:2006-07-11 18:35]
    D:\瑞星\Rising\Rfw\RsGuiLib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90, C:2008-05-31 19:44 M:2008-08-07 12:16]
    D:\瑞星\Rising\Rfw\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-05-31 19:44 M:2008-08-07 12:16]
    D:\瑞星\Rising\Rfw\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-05-31 19:44 M:2008-08-07 12:16]
    D:\瑞星\Rising\Rfw\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-05-31 19:44 M:2008-08-07 12:16]
    D:\瑞星\Rising\Rfw\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-05-31 19:44 M:2008-08-07 12:16]
    D:\瑞星\Rising\Rfw\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-05-31 19:44 M:2008-08-07 12:16]
    D:\瑞星\Rising\Rfw\RfwCtrl.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-31 19:44 M:2008-08-07 12:16]
    D:\瑞星\Rising\Rfw\RsXML.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-05-31 19:44 M:2008-08-07 12:16]
    D:\瑞星\Rising\Rfw\PngDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-05-31 19:44 M:2008-08-07 12:16]
    D:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-31 19:44 M:2008-08-07 12:15]
    D:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-31 19:44 M:2008-08-07 12:15]
    D:\瑞星\Rising\Rfw\RfwRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.17, C:2008-05-31 19:44 M:2008-08-07 12:15]

[PID: 3988 / SYSTEM]   D:\瑞星\Rising\Rav\RavMonD.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\combase.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-18 19:00 M:2008-12-18 18:59]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.6030.0, C:2006-07-11 18:35 M:2006-07-11 18:35]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.6030.0, C:2006-07-11 18:35 M:2006-07-11 18:35]
    D:\瑞星\Rising\Rav\moncomm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-18 19:00 M:2008-12-18 18:57]
    D:\瑞星\Rising\Rav\MonBase.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\Rslog.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.32, C:2008-12-18 19:00 M:2008-12-18 18:59]
    D:\瑞星\Rising\Rav\mondrv.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-18 19:00 M:2008-12-18 18:57]
    D:\瑞星\Rising\Rav\defmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 29, C:2008-12-18 19:00 M:2008-12-18 18:57]
    D:\瑞星\Rising\Rav\moncom08.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\MonRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\FileMon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 21, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\MailMon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 21, C:2008-12-18 19:00 M:2008-12-18 21:18]
    D:\瑞星\Rising\Rav\HookWeb.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-18 19:00 M:2008-12-18 18:59]
    D:\瑞星\Rising\Rav\proccomm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.13, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\Hooksys.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 18, C:2008-12-18 19:00 M:2008-12-18 18:57]
    D:\瑞星\Rising\Rav\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\HookCont.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 11, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\rsnetsvr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-18 19:00 M:2008-12-18 18:59]
    D:\瑞星\Rising\Rav\BACore.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 16, C:2008-12-18 19:00 M:2008-12-18 18:57]
    D:\瑞星\Rising\Rav\recomp.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\refs.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\RSStore.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 8, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\ScanAdd.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.14, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\Scanner.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.32, C:2008-12-18 19:00 M:2008-12-18 18:57]
    D:\瑞星\Rising\Rav\viruslib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\relibldr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\ffr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\nvfile.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\scanexec.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-18 19:00 M:2008-12-18 18:57]
    D:\瑞星\Rising\Rav\unexe.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\scanex.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 15, C:2008-12-18 19:00 M:2008-12-18 18:57]
    D:\瑞星\Rising\Rav\extfile.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\pearc.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-18 19:00 M:2008-12-18 18:57]
    D:\瑞星\Rising\Rav\scanpe.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-18 19:00 M:2008-12-18 18:57]
    D:\瑞星\Rising\Rav\ur000.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\revm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 19:00 M:2008-12-18 18:57]
    D:\瑞星\Rising\Rav\urutils.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-18 19:00 M:2008-12-18 18:57]
    D:\瑞星\Rising\Rav\ur001.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\extmail.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 19:00 M:2008-12-18 18:57]
    D:\瑞星\Rising\Rav\scansct.dll  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 19:00 M:2008-12-23 15:34]
    D:\瑞星\Rising\Rav\ur025.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-18 19:00 M:2008-12-18 18:56]
    D:\瑞星\Rising\Rav\ur027.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-18 19:00 M:2008-12-18 18:56]

[PID: 2356 / Administrator]   C:\Program Files\Rising\AntiSpyware\knownsvr.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.14, C:2008-08-06 08:29 M:2008-12-24 08:17]
    C:\Program Files\Rising\AntiSpyware\NComm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.11, C:2008-05-31 19:39 M:2008-12-24 08:17]
    C:\Program Files\Rising\AntiSpyware\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-08-06 08:29 M:2008-09-29 01:11]
    C:\Program Files\Rising\AntiSpyware\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-08-06 08:29 M:2008-09-03 09:33]

[PID: 3688 / Administrator]   F:\新建文件夹\arswp2\ArSwp.exe   [(Verified)ArSwp.com, 2, 8, 2, 1115, C:2008-12-24 09:59 M:2008-11-15 11:58]
    D:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-31 19:44 M:2008-08-07 12:15]
    D:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-31 19:44 M:2008-08-07 12:15]
    F:\新建文件夹\arswp2\plugin\ArFix.dll  [(Verified)ArSwp.Com, 2, 5, 0, 0, C:2008-12-24 09:59 M:2007-11-28 15:19]

[PID: 2620 / Administrator]   C:\WINDOWS\system32\wuauclt.exe   [(Verified)Microsoft Corporation, 7.2.6001.788 (winmain_oob/wu_wsuswlc(wmbla).081016-1330), C:2007-09-15 12:15 M:2008-10-16 14:09]
    D:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-31 19:44 M:2008-08-07 12:15]
    D:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-31 19:44 M:2008-08-07 12:15]


========================================
文件关联



========================================
AutoRun.INF



========================================
Winsock提供者



========================================
HOSTS

    127.0.0.1 localhost


[/CODE]