[CODE] 2008-12-31,17:41:33 SysLog Scanner 1.0 - build 20080726 Arswp (http://www.arswp.com) Windows XP Professional Service Pack 2 (build 2600) - Administrators ======================================== 注册项 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00|(Verified)NVIDIA Corporation, 6.14.11.6921, C:2008-05-10 12:57 M:2007-12-05 09:41] <360Safetray> [(Verified)奇虎网, 5, 0, 0, 1002, C:2008-08-25 14:12 M:2008-08-25 14:12] <%systemroot%\system32\dumprep 0 -k> [N/A, ] <"C:\Program Files\Rising\Rav\RsTray.exe" -system> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.21, C:2008-12-16 18:52 M:2008-12-16 18:49] <"C:\Program Files\Rising\Rfw\RsTray.exe" -system> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.21, C:2008-12-16 19:08 M:2008-12-16 19:06] [HKEY_CURRENT_USER\Control Panel\Desktop] [Microsoft Corporation, 6.0.5308.17 (winmain_idx01.060217-2200), C:2008-05-10 13:01 M:2006-03-01 05:21] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&使用快车(FlashGet)下载] <> [N/A, C:2008-03-06 12:31 M:2007-05-19 00:13] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&使用快车(FlashGet)下载全部链接] <> [N/A, C:2008-03-06 12:31 M:2007-05-19 00:13] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\导出到 Microsoft Office Excel(&X)] <> [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\添加到QQ表情] <> [N/A, C:2008-01-25 11:25 M:2008-01-25 11:25] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00|(Verified)N/A, C:2004-08-17 20:00 M:2004-08-17 20:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00|(Verified)N/A, C:2004-08-17 20:00 M:2004-08-17 20:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00|(Verified)N/A, C:2008-03-06 12:18 M:2005-01-28 15:25] ======================================== 启动项 [QQ游戏启动加速程序] "C:\Program Files\Tencent\QQGame\Accel.exe" > [(Verified)深圳市腾讯计算机系统有限公司, 2, 0, 103, 5, C:2008-03-18 18:09 M:2008-03-18 18:09] ======================================== 计划任务 ======================================== 组件 Shell Extension [Display Panning CPL Extension] {42071714-76d4-11d1-8b24-00a0c9068ff3} [] [HyperTerminal Icon Ext] {88895560-9AA2-1069-930E-00AA0030EBC8} [(Verified)Hilgraeve, Inc., 5.1.2600.0, C:2008-03-06 11:25 M:2004-08-17 20:00] [Microsoft Agent Character Property Sheet Handler] {143A62C8-C33B-11D1-84FE-00C04FA34A14} [Microsoft Corporation, 2.00.0.2115, C:1998-09-15 17:21 M:1998-09-15 17:21] [WinRAR shell extension] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2008-03-06 12:30 M:2007-09-23 18:59] [NvCpl DesktopContext Class] {A70C977A-BF00-412C-90B7-034C51DA2439} [(Verified)NVIDIA Corporation, 6.14.11.6921, C:2008-05-10 12:57 M:2007-12-05 09:41] [Play on my TV helper] {FFB699E0-306A-11d3-8BD1-00104B6F7516} [(Verified)NVIDIA Corporation, 6.14.11.6921, C:2008-05-10 12:57 M:2007-12-05 09:41] [Shell Extensions for RealOne Player] {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} [(Verified)RealNetworks, Inc., 1.0.1.2777, C:2008-05-10 14:02 M:2008-05-10 14:02] [ScriptDropShellExt] {97C1D2CE-3AB4-4459-9142-D50D9338CB9A} [Copyright 2001, 0, 5, 0, 1, C:2001-09-05 12:17 M:2001-09-05 12:17] [RISING] {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-16 18:52 M:2008-12-16 18:49] BrowserHelperObject [FGCatchUrl] {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} [www.flashget.com, 1, 8, 4, 1007, C:2008-03-06 12:31 M:2007-08-06 17:11] [VnetCookie Class] {4E83D567-4697-4F7B-B1F0-A513B01DB89A} [Copyright 2004, 2005, 4, 6, 1, C:2008-05-10 13:09 M:2006-04-26 18:31] [SafeMon Class] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [(Verified)360.CN, 4, 2, 0, 1005, C:2008-05-27 18:20 M:2008-07-10 17:42] [FlashGet GetFlash Class] {F156768E-81EF-470C-9057-481BA8380DBA} [www.flashget.com, 1, 8, 4, 1003, C:2008-03-06 12:31 M:2007-05-19 00:13] UrlSeachHook [Bhotest.bhoSearch] {9F6E4456-7942-4AA7-9AD2-547C2BEA32B6} [Copyright 2007, 1, 0, 0, 1, C:2004-08-17 20:00 M:2004-08-17 20:00] ActiveX Extension [FGCatchUrl] {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} [www.flashget.com, 1, 8, 4, 1007, C:2008-03-06 12:31 M:2007-08-06 17:11] [VnetCookie Class] {4E83D567-4697-4F7B-B1F0-A513B01DB89A} [Copyright 2004, 2005, 4, 6, 1, C:2008-05-10 13:09 M:2006-04-26 18:31] [SafeMon Class] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [(Verified)360.CN, 4, 2, 0, 1005, C:2008-05-27 18:20 M:2008-07-10 17:42] [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [(Verified)Adobe Systems, Inc., 10,0,12,36, C:2008-10-05 11:16 M:2008-10-05 11:16] [FlashGet GetFlash Class] {F156768E-81EF-470C-9057-481BA8380DBA} [www.flashget.com, 1, 8, 4, 1003, C:2008-03-06 12:31 M:2007-05-19 00:13] Context Menu [RisingRavExt] {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-16 18:52 M:2008-12-16 18:49] [WinRAR] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2008-03-06 12:30 M:2007-09-23 18:59] ======================================== 服务 [Human Interface Device Access / HidServ][Stopped/Disabled] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\hidserv.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00] [System Restore Service / srservice][Stopped/Disabled] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "C:\WINDOWS\system32\srsvc.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00] [NVIDIA Display Driver Service / NVSvc][Running/Auto Start] <%SystemRoot%\system32\nvsvc32.exe> [(Verified)NVIDIA Corporation, 6.14.11.6921, C:2008-05-10 12:57 M:2007-12-05 09:41] [Rav Process Communication Center / RavCCenter][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-16 18:52 M:2008-12-16 18:49] [Rising RavTask Manager / RavTask][Running/Auto Start] <"C:\Program Files\Rising\Rav\RavTask.exe" RavTask> [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 22, C:2008-12-16 18:52 M:2008-12-16 18:49] [Rfw Process Communication Center / RfwCCenter][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-16 19:08 M:2008-12-16 19:07] [Rising Personal Firewall Service / RfwService][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-16 19:09 M:2008-12-16 19:07] [Rising RfwTask Manager / RfwTask][Running/Auto Start] <"C:\Program Files\Rising\Rfw\RavTask.exe" RfwTask> [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 22, C:2008-12-16 19:09 M:2008-12-16 19:07] [Rising RealTime Monitor / RsRavMon][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-16 18:52 M:2008-12-16 18:49] [Rising Scan Service / RsScanSrv][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2008-12-16 18:52 M:2008-12-16 18:49] ======================================== 驱动 [Netgroup Packet Filter / NPF][Stopped/Manual Start] [Politecnico di Torino, 3, 0, 0, 18, C:2008-05-20 19:01 M:2005-10-28 15:10] [SATALink driver accelerator / SiFilter][Running/Boot Start] [Silicon Image, Inc., 1.0.0.11, C:2008-03-06 14:31 M:2006-08-08 22:19] [System Restore Filter Driver / sr][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\sr.sys> [] [XDva219 / XDva219][Stopped/Manual Start] <\??\C:\WINDOWS\system32\XDva219.sys> [] [Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start] [(Verified)Realtek Semiconductor Corp., 5.10.00.6280 built by: WinDDK, C:2008-05-10 12:59 M:2008-01-24 16:36] [AMD Processor Driver / AmdK8][Running/System Start] [(Verified)Advanced Micro Devices, 1.3.2 (dnsrv(wmbla).060701-2226), C:2008-05-10 12:57 M:2006-07-01 22:43] [VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Running/Manual Start] [(Verified)VIA Technologies, Inc. , 2.66, C:2008-05-10 12:57 M:2001-08-17 12:13] [hookcont / hookcont][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 6, C:2008-12-16 18:52 M:2008-12-16 18:49] [hooksys / hooksys][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 47, C:2008-12-16 18:52 M:2008-12-24 19:53] [nv / nv][Running/Manual Start] [(Verified)NVIDIA Corporation, 6.14.11.6921, C:2008-05-10 12:57 M:2007-12-05 09:41] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:2004-08-17 20:00 M:2004-08-17 20:00] [Rising RfwBase Driver / RfwBase9][Running/Manual Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.2, C:2008-12-16 19:08 M:2008-12-16 19:06] [rfwtdi / rfwtdi][Running/Auto Start] <\??\C:\Program Files\Rising\Rfw\rfwtdi.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.2, C:2008-12-16 19:09 M:2008-12-16 19:06] [rsfwdrv / rsfwdrv][Running/System Start] <\??\C:\Program Files\Rising\Rfw\rsfwdrv.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.43, C:2008-12-16 19:08 M:2008-12-19 19:01] [RsNTGDI / RsNTGDI][Running/Boot Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-16 18:52 M:2008-12-16 18:49] [RsProtect / RsProtect][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 8, C:2008-12-16 20:34 M:2008-12-16 20:34] [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start] [(Verified)Realtek Semiconductor Corporation, 5.398.613.2003 built by: WinDDK, C:2008-03-06 11:23 M:2004-08-03 22:31] [Secdrv / Secdrv][Stopped/Manual Start] [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:2004-08-17 20:00 M:2007-11-13 18:25] [VIA AGP Filter / viaagp1][Running/Boot Start] [(Verified)VIA Technologies, Inc., 5.1.0.3442 built by: VIA, C:2008-05-10 12:57 M:2003-07-02 04:42] [videX32 / videX32][Running/Boot Start] [(Verified)VIA Technologies, Inc., 6.0.6000.182, C:2008-05-10 12:57 M:2007-09-21 17:49] ======================================== 进程 [PID: 896 / SYSTEM] \SystemRoot\System32\smss.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00] [PID: 980 / SYSTEM] \??\C:\WINDOWS\system32\csrss.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00] [PID: 1008 / SYSTEM] \??\C:\WINDOWS\system32\winlogon.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-03-06 12:28] [PID: 1052 / SYSTEM] C:\WINDOWS\system32\services.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-03-06 12:28] [PID: 1064 / SYSTEM] C:\WINDOWS\system32\lsass.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-03-06 12:28] [PID: 1220 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-03-06 12:28] [PID: 1308 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-03-06 12:28] [PID: 1500 / SYSTEM] C:\Program Files\Rising\Rav\CCENTER.EXE [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-16 18:52 M:2008-12-16 18:51] C:\Program Files\Rising\Rav\cnt09.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 37, C:2008-12-16 18:52 M:2008-12-16 18:51] C:\Program Files\Rising\Rav\cnt08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-16 18:52 M:2008-12-16 18:51] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-03-06 12:28] [PID: 1520 / SYSTEM] C:\Program Files\Rising\Rfw\CCENTER.EXE [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-16 19:08 M:2008-12-16 19:07] C:\Program Files\Rising\Rfw\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-16 19:08 M:2008-12-16 19:07] C:\Program Files\Rising\Rfw\cnt09.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 37, C:2008-12-16 19:08 M:2008-12-16 19:07] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-03-06 12:28] [PID: 1528 / SYSTEM] C:\WINDOWS\System32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00] C:\WINDOWS\System32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-03-06 12:28] [PID: 1632 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-03-06 12:28] [PID: 1776 / SYSTEM] C:\Program Files\Rising\Rfw\rfwsrv.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-16 19:09 M:2008-12-16 19:07] C:\Program Files\Rising\Rfw\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-16 19:08 M:2008-12-16 19:07] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-05-10 13:17 M:2007-09-18 03:33] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2008-05-10 13:17 M:2007-09-18 03:33] C:\Program Files\Rising\Rfw\MonBase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2008-12-16 19:09 M:2008-12-16 19:06] C:\Program Files\Rising\Rfw\MonComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-16 19:09 M:2008-12-16 19:07] C:\Program Files\Rising\Rfw\rfwlog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2008-12-16 19:08 M:2008-12-16 19:06] C:\Program Files\Rising\Rfw\rfwrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25, C:2008-12-16 19:08 M:2008-12-16 19:06] C:\Program Files\Rising\Rfw\rfwsrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.75, C:2008-12-16 19:09 M:2008-12-31 13:55] C:\Program Files\Rising\Rfw\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-16 19:09 M:2008-12-16 19:06] C:\Program Files\Rising\Rfw\mPorts.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.0, C:2008-12-16 19:08 M:2008-12-16 19:06] C:\Program Files\Rising\Rfw\rfwdrvc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.3, C:2008-12-16 19:09 M:2008-12-16 19:06] C:\Program Files\Rising\Rfw\Rfwdrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.5, C:2008-12-16 19:09 M:2008-12-16 19:06] C:\Program Files\Rising\Rfw\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13, C:2008-12-16 19:08 M:2008-12-25 13:50] C:\Program Files\Rising\Rfw\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-16 19:09 M:2008-12-16 19:06] C:\Program Files\Rising\Rfw\urlrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1.0.0.18, C:2008-12-16 19:09 M:2008-12-25 13:50] C:\Program Files\Rising\Rfw\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-25 13:51 M:2008-12-25 13:50] C:\Program Files\Rising\Rfw\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-25 13:51 M:2008-12-25 13:50] C:\Program Files\Rising\Rfw\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-25 13:51 M:2008-12-25 13:50] C:\Program Files\Rising\Rfw\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-25 13:51 M:2008-12-25 13:50] C:\Program Files\Rising\Rfw\rfwproxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.23, C:2008-12-16 19:09 M:2008-12-25 13:50] C:\Program Files\Rising\Rfw\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-05-10 13:20 M:2008-12-16 19:06] C:\Program Files\Rising\Rfw\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.13, C:2008-05-10 13:20 M:2008-12-16 19:06] C:\Program Files\Rising\Rfw\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-16 19:08 M:2008-12-16 19:07] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-03-06 12:28] [PID: 1816 / SYSTEM] C:\Program Files\Rising\Rav\RavMonD.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-16 18:52 M:2008-12-16 18:51] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-05-10 13:17 M:2007-09-18 03:33] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2008-05-10 13:17 M:2007-09-18 03:33] C:\Program Files\Rising\Rav\moncomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\MonBase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\Rslog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.32, C:2008-12-16 18:52 M:2008-12-16 18:51] C:\Program Files\Rising\Rav\mondrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-16 18:52 M:2008-12-16 18:50] C:\Program Files\Rising\Rav\defmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 29, C:2008-12-16 18:52 M:2008-12-17 19:11] C:\Program Files\Rising\Rav\moncom08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\MonRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\FileMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 21, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\MailMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 21, C:2008-12-16 18:52 M:2008-12-18 21:26] C:\Program Files\Rising\Rav\HookWeb.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-16 18:52 M:2008-12-18 13:58] C:\Program Files\Rising\Rav\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.13, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\Hooksys.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 18, C:2008-12-16 18:52 M:2008-12-16 18:50] C:\Program Files\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\HookCont.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 11, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13, C:2008-12-16 18:52 M:2008-12-25 16:05] C:\Program Files\Rising\Rav\BACore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 17, C:2008-12-16 18:52 M:2008-12-26 12:43] C:\Program Files\Rising\Rav\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\RSStore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 8, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\ScanAdd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.14, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\Scanner.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.32, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-16 18:52 M:2008-12-25 16:06] C:\Program Files\Rising\Rav\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-03-06 12:28] C:\Program Files\Rising\Rav\ffr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\nvfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\scanexec.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\unexe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\scanex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 16, C:2008-12-16 18:52 M:2008-12-30 19:10] C:\Program Files\Rising\Rav\pearc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-16 18:52 M:2008-12-18 17:42] C:\Program Files\Rising\Rav\scanpe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\extfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-16 18:52 M:2008-12-25 16:06] C:\Program Files\Rising\Rav\ur000.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\revm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\urutils.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-16 18:52 M:2008-12-18 17:42] C:\Program Files\Rising\Rav\scansct.dll [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-16 18:52 M:2008-12-23 18:27] C:\Program Files\Rising\Rav\extmail.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-16 18:52 M:2008-12-16 18:49] [PID: 1928 / SYSTEM] C:\WINDOWS\system32\spoolsv.exe [(Verified)Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519), C:2004-08-17 20:00 M:2005-06-11 07:53] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-03-06 12:28] [PID: 324 / Administrator] C:\WINDOWS\Explorer.EXE [(Verified)Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234), C:2004-08-17 20:00 M:2007-06-13 21:21] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-03-06 12:28] D:\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-05-27 18:20 M:2008-07-10 17:42] [PID: 392 / SYSTEM] C:\Program Files\Rising\Rav\rsnetsvr.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-16 18:52 M:2008-12-17 19:11] C:\Program Files\Rising\Rav\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.9, C:2008-12-16 18:52 M:2008-12-17 19:11] C:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2008-05-10 13:17 M:2007-09-18 03:33] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-05-10 13:17 M:2007-09-18 03:33] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-03-06 12:28] [PID: 636 / SYSTEM] C:\WINDOWS\system32\nvsvc32.exe [(Verified)NVIDIA Corporation, 6.14.11.6921, C:2008-05-10 12:57 M:2007-12-05 09:41] C:\WINDOWS\system32\nvapi.dll [(Verified)NVIDIA Corporation, 6.14.11.6921, C:2008-05-10 12:57 M:2007-12-05 09:41] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-03-06 12:28] [PID: 668 / SYSTEM] C:\Program Files\Rising\Rav\RavTask.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 22, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.13, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2008-05-10 13:17 M:2007-09-18 03:33] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-05-10 13:17 M:2007-09-18 03:33] C:\Program Files\Rising\Rav\rsstub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-03-06 12:28] C:\Program Files\Rising\Rav\rstask.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 33, C:2008-12-16 18:52 M:2008-12-16 18:49] [PID: 708 / SYSTEM] C:\Program Files\Rising\Rfw\RavTask.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 22, C:2008-12-16 19:09 M:2008-12-16 19:07] C:\Program Files\Rising\Rfw\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-16 19:09 M:2008-12-16 19:06] C:\Program Files\Rising\Rfw\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-05-10 13:20 M:2008-12-16 19:06] C:\Program Files\Rising\Rfw\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.13, C:2008-05-10 13:20 M:2008-12-16 19:06] C:\Program Files\Rising\Rfw\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-16 19:08 M:2008-12-16 19:07] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2008-05-10 13:17 M:2007-09-18 03:33] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-05-10 13:17 M:2007-09-18 03:33] C:\Program Files\Rising\Rfw\rsstub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-16 19:09 M:2008-12-16 19:07] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-03-06 12:28] C:\Program Files\Rising\Rfw\rstask.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 33, C:2008-12-16 19:09 M:2008-12-16 19:07] [PID: 748 / SYSTEM] C:\Program Files\Rising\Rav\ScanFrm.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-05-10 13:17 M:2007-09-18 03:33] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2008-05-10 13:17 M:2007-09-18 03:33] C:\Program Files\Rising\Rav\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-16 18:52 M:2008-12-16 18:51] C:\Program Files\Rising\Rav\moncomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\scansrvp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\ScanSrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.9, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-03-06 12:28] [PID: 1592 / Administrator] D:\360safe\safemon\360tray.exe [(Verified)奇虎网, 5, 0, 0, 1002, C:2008-08-25 14:12 M:2008-08-25 14:12] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-03-06 12:28] D:\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-05-27 18:20 M:2008-07-10 17:42] D:\360safe\safemon\SafeKrnl.dll [(Verified)奇虎网, 4, 3, 0, 1003, C:2008-08-26 16:55 M:2008-08-26 16:55] D:\360safe\AntiAdwa.dll [(Verified)360Safe.com, 4, 2, 0, 1001, C:2008-06-13 20:16 M:2008-06-13 20:16] D:\360safe\live.dll [(Verified)360.cn, 1, 0, 1, 1029, C:2008-11-25 09:42 M:2008-11-25 09:42] [PID: 1700 / Administrator] C:\Program Files\Rising\Rav\RsTray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.21, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-03-06 12:28] C:\Program Files\Rising\Rav\ComServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.49, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-05-10 13:17 M:2007-09-18 03:33] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2008-05-10 13:17 M:2007-09-18 03:33] C:\Program Files\Rising\Rav\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 26, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\rsxml.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\MonState.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\ScanEvnt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.12, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\rsvrinfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-16 18:52 M:2008-12-25 16:06] C:\Program Files\Rising\Rav\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 69, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2008-05-10 13:17 M:2007-09-18 03:33] C:\Program Files\Rising\Rav\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.13, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\rspalvd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.21, C:2008-12-16 18:52 M:2008-12-30 19:10] C:\Program Files\Rising\Rav\ravbintl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 25, C:2008-12-16 18:52 M:2008-12-31 13:54] C:\Program Files\Rising\Rav\mruleui.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10, C:2008-12-16 18:52 M:2008-12-16 18:50] C:\Program Files\Rising\Rav\MonTray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.88, C:2008-12-16 18:52 M:2008-12-29 16:39] C:\Program Files\Rising\Rav\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\RavITray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 19, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\ScanPrxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.13, C:2008-12-16 18:52 M:2008-12-16 18:49] C:\Program Files\Rising\Rav\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10, C:2008-12-17 19:12 M:2008-12-17 19:12] [PID: 1732 / Administrator] C:\Program Files\Rising\Rfw\RsTray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.21, C:2008-12-16 19:08 M:2008-12-16 19:06] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-03-06 12:28] C:\Program Files\Rising\Rfw\ComServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.49, C:2008-12-16 19:08 M:2008-12-16 19:06] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-05-10 13:17 M:2007-09-18 03:33] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2008-05-10 13:17 M:2007-09-18 03:33] C:\Program Files\Rising\Rfw\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 26, C:2008-12-16 19:09 M:2008-12-16 19:06] C:\Program Files\Rising\Rfw\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-16 19:09 M:2008-12-16 19:06] C:\Program Files\Rising\Rfw\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-16 19:09 M:2008-12-16 19:06] C:\Program Files\Rising\Rfw\rsxml.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-16 19:09 M:2008-12-16 19:06] C:\Program Files\Rising\Rfw\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-16 19:08 M:2008-12-16 19:07] C:\Program Files\Rising\Rfw\MonState.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-16 19:09 M:2008-12-16 19:07] C:\Program Files\Rising\Rfw\rfwrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25, C:2008-12-16 19:08 M:2008-12-16 19:06] C:\Program Files\Rising\Rfw\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-16 19:09 M:2008-12-16 19:06] C:\Program Files\Rising\Rfw\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-05-10 13:20 M:2008-12-16 19:06] C:\Program Files\Rising\Rfw\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.13, C:2008-05-10 13:20 M:2008-12-16 19:06] C:\Program Files\Rising\Rfw\rspalvd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.21, C:2008-12-16 19:09 M:2008-12-30 19:09] C:\Program Files\Rising\Rfw\rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 69, C:2008-12-16 19:09 M:2008-12-16 19:06] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2008-05-10 13:17 M:2007-09-18 03:33] C:\Program Files\Rising\Rfw\ravbintl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 25, C:2008-12-16 19:09 M:2008-12-31 13:55] C:\Program Files\Rising\Rfw\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13, C:2008-12-16 19:08 M:2008-12-25 13:50] C:\Program Files\Rising\Rfw\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10, C:2008-12-17 19:13 M:2008-12-17 19:13] C:\Program Files\Rising\Rfw\rfwtray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 1, 5, C:2008-12-16 19:08 M:2008-12-25 13:50] C:\Program Files\Rising\Rfw\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-05-10 13:20 M:2008-12-16 19:06] C:\Program Files\Rising\Rfw\rfwlog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2008-12-16 19:08 M:2008-12-16 19:06] [PID: 1752 / Administrator] C:\WINDOWS\system32\ctfmon.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-03-06 12:28] [PID: 584 / LOCAL SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-03-06 12:28] [PID: 728 / LOCAL SERVICE] C:\WINDOWS\System32\alg.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00] C:\WINDOWS\System32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-03-06 12:28] [PID: 3516 / SYSTEM] C:\WINDOWS\system32\wuauclt.exe [(Verified)Microsoft Corporation, 5.4.3790.2180 (xpsp_sp2_rtm.040803-2158), C:2008-03-06 11:26 M:2004-08-17 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-03-06 12:28] [PID: 3700 / Administrator] D:\arswp2\ArSwp.exe [(Verified)ArSwp.com, 2, 8, 2, 1115, C:2008-11-15 11:58 M:2008-11-15 11:58] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-03-06 12:28] D:\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-05-27 18:20 M:2008-07-10 17:42] D:\arswp2\plugin\ArFix.dll [(Verified)ArSwp.Com, 2, 5, 0, 0, C:2007-11-28 15:19 M:2007-11-28 15:19] ======================================== 文件关联 ======================================== AutoRun.INF ======================================== Winsock提供者 ======================================== HOSTS 127.0.0.1 localhost [/CODE]