[CODE] 2009-01-28,14:28:23 SysLog Scanner 1.0 - build 20080726 Arswp (http://www.arswp.com) Windows XP Professional Service Pack 2 (build 2600) - Administrators ======================================== 注册项 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [(Verified)Lenovo Group Limited, 3.55, C:1980-01-01 00:00 M:2005-07-13 03:55] [(Verified)Intel Corporation, 3.0.0.4436, C:1980-01-01 00:00 M:2005-11-28 13:55] [N/A, C:2007-07-18 12:45 M:2006-03-09 16:14] [(Verified)Analog Devices, Inc., 6, 0, 0, 20, C:1980-01-01 00:00 M:2005-05-20 08:11] [Analog Devices, Inc., 5, 2, 0, 8, C:2007-07-18 14:33 M:2005-05-06 14:06] [(Verified)N/A, C:1980-01-01 00:00 M:2004-08-17 21:00] <"C:\Program Files\Rising\Rav\RsTray.exe" -system> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22, C:2008-12-18 18:48 M:2009-01-08 14:05] <"C:\Program Files\Rising\AntiSpyware\rstray.exe" /startup> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.16, C:2008-12-22 17:35 M:2008-12-22 17:34] <"D:\Rising\Rfw\RsTray.exe" -system> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22, C:2008-12-25 17:38 M:2009-01-08 16:08] <"C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"> [(Verified)Adobe Systems Incorporated, 9.0.0.2008061200, C:2008-06-12 02:38 M:2008-06-12 02:38] <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [奇虎网, 2, 0, 0, 1009, C:2008-03-20 01:54 M:2008-03-20 01:54] <360Safetray> [(Verified)360安全中心, 5, 0, 0, 1008, C:2009-01-06 12:21 M:2009-01-06 12:21] [N/A, C:2008-07-11 20:01 M:2006-04-15 21:57] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-22 17:35 M:2008-12-22 17:34] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\Google 搜索(&G)] <> [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\导出到 Microsoft Excel(&x)] <> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-17 21:00|(Verified)Microsoft Corporation, 7.00.6000.16762 (vista_gdr.081013-1507), C:1980-01-01 00:00 M:2008-10-17 04:38|(Verified)N/A, C:1980-01-01 00:00 M:2004-08-17 21:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-17 21:00|(Verified)Microsoft Corporation, 7.00.6000.16762 (vista_gdr.081013-1507), C:1980-01-01 00:00 M:2008-10-17 04:38|(Verified)N/A, C:1980-01-01 00:00 M:2004-08-17 21:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-17 21:00|(Verified)Microsoft Corporation, 7.00.6000.16762 (vista_gdr.081013-1507), C:1980-01-01 00:00 M:2008-10-17 04:38|(Verified)N/A, C:2007-07-18 14:25 M:2004-08-11 21:16] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] <> [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-17 21:00|Microsoft Corporation, 1.1.4322.573, C:2003-02-20 19:09 M:2003-02-20 19:09] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}] <启动迅雷5> [(Verified)Thunder Networking Technologies,LTD, 5, 6, 8, 19, C:2008-12-29 17:14 M:2008-12-18 16:44] ======================================== 启动项 [AutoCAD 启动加速器] "C:\Program Files\Common Files\Autodesk Shared\acstart16.exe" > [(Verified)Autodesk, Inc, 16.1.63.0, C:2004-02-25 09:35 M:2004-02-25 09:35] ======================================== 计划任务 [PMTask.job] "C:\PROGRA~1\ThinkPad\UTILIT~1\PWMIDTSK.EXE" > [N/A, C:2007-07-18 14:53 M:2006-03-23 01:13] ======================================== 组件 Shell Extension [Display Panning CPL Extension] {42071714-76d4-11d1-8b24-00a0c9068ff3} [] [HyperTerminal Icon Ext] {88895560-9AA2-1069-930E-00AA0030EBC8} [(Verified)Hilgraeve, Inc., 5.1.2600.0, C:2004-09-03 10:47 M:2004-08-17 21:00] [Fusion Cache] {1D2680C9-0E2A-469d-B787-065558BC7D43} [Microsoft Corporation, 2.0.50727.253 (QFE.050727-2500), C:2006-12-22 12:28 M:2006-12-22 12:28] [DriveLetterAccess] {5CA3D70E-1895-11CF-8E15-001234567890} [Sonic Solutions, 5.10.15a, C:2007-07-18 14:46 M:2005-08-01 05:10] [SafeGuard PrivateDisk extension] {F6A51CCC-6AA6-46ad-B726-97466F0A38BF} [Utimaco Safeware AG, 1.10.2.1, C:2005-11-15 13:13 M:2005-11-15 13:13] [WinRAR shell extension] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2007-07-19 13:06 M:2007-09-23 18:59] [Shell Extensions for RealOne Player] {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} [(Verified)RealNetworks, Inc., 1.0.2.67, C:2007-07-19 13:10 M:2008-12-22 17:39] [AutoCAD 数字签名图标覆盖处理程序] {36A21736-36C2-4C11-8ACB-D4136F2B57BD} [(Verified)Autodesk, 16.1.63.0, C:2004-02-25 09:35 M:2004-02-25 09:35] [Autodesk Drawing Preview] {AC1DB655-4F9A-4c39-8AD2-A65324A4C446} [(Verified)Autodesk, 16.1.63.0, C:2004-02-25 09:35 M:2004-02-25 09:35] [Autodesk DWF Preview] {6DEA92E9-8682-4b6a-97DE-354772FE5727} [(Verified)Autodesk, 16.1.63.0, C:2004-02-25 09:34 M:2004-02-25 09:34] [Wincph CopyHook Shell Extension for Lock Folders] {F73AEB04-E39A-11D5-BAA0-B4E736240D62} [N/A, C:2008-07-11 20:01 M:2005-07-24 23:12] [RISING] {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-18 18:27 M:2008-12-18 18:34] Protocols [Cor MIME Filter, CorFltr, CorFltr 1] {1E66F26B-79EE-11D2-8710-00C04F79ED0D} [Microsoft Corporation, 2.0.50727.253 (QFE.050727-2500), C:2006-12-22 12:28 M:2006-12-22 12:28] [Microsoft HTML About Pluggable Protocol] {3050F406-98B5-11CF-BB82-00AA00BDCE0B} [Microsoft Corporation, 7.00.6000.16788 (vista_gdr.081211-1619), C:1980-01-01 00:00 M:2008-12-13 14:36] [Microsoft PKM KnowledgePluggable Class] {CD00020A-8B95-11D1-82DB-00C04FB1625D} [Microsoft Corporation, 10.145.3722.0, C:2001-01-21 19:25 M:2001-01-21 19:25] [] {BBCA9F81-8F4F-11D2-90FF-0080C83D3571} [N/A, C:2009-01-09 10:51 M:2009-01-09 10:51] [Microsoft HTML Javascript Pluggable Protocol] {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} [Microsoft Corporation, 7.00.6000.16788 (vista_gdr.081211-1619), C:1980-01-01 00:00 M:2008-12-13 14:36] [Microsoft HTML Mailto Pluggable Protocol] {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} [Microsoft Corporation, 7.00.6000.16788 (vista_gdr.081211-1619), C:1980-01-01 00:00 M:2008-12-13 14:36] [Microsoft Infotech Storage Protocol for IE 4.0] {0A9007C0-4076-11D3-8789-0000F8105754} [Microsoft Corporation, 05.02.9336.01, C:2000-04-19 18:47 M:2000-04-19 18:47] [Microsoft HTML Resource Pluggable Protocol] {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} [Microsoft Corporation, 7.00.6000.16788 (vista_gdr.081211-1619), C:1980-01-01 00:00 M:2008-12-13 14:36] [Microsoft HTML Resource Pluggable Protocol] {76E67A63-06E9-11D2-A840-006008059382} <%SystemRoot%\system32\mshtml.dll> [Microsoft Corporation, 7.00.6000.16788 (vista_gdr.081211-1619), C:1980-01-01 00:00 M:2008-12-13 14:36] BrowserHelperObject [ThunderAtOnce Class] {01443AEC-0FD1-40fd-9C87-E93D1494C233} [(Verified)Thunder Networking Technologies,LTD, 1.0.5.34, C:2008-12-29 17:14 M:2008-11-15 12:15] [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 120, C:2008-12-29 17:14 M:2008-11-15 12:15] ActiveX Extension [ThunderAtOnce Class] {01443AEC-0FD1-40FD-9C87-E93D1494C233} [(Verified)Thunder Networking Technologies,LTD, 1.0.5.34, C:2008-12-29 17:14 M:2008-11-15 12:15] [DriveLetterAccess] {5CA3D70E-1895-11CF-8E15-001234567890} [Sonic Solutions, 5.10.15a, C:2007-07-18 14:46 M:2005-08-01 05:10] [360SafeLive] {87515F61-A66C-4319-A0E0-D416CB8059E3} [(Verified)360.cn, 1, 0, 1, 1029, C:2008-11-25 09:42 M:2008-11-25 09:42] [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 120, C:2008-12-29 17:14 M:2008-11-15 12:15] [SafeMon Class] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [(Verified)360.CN, 5, 0, 0, 1004, C:2008-12-31 02:23 M:2008-12-31 02:23] [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [(Verified)Adobe Systems, Inc., 10,0,12,36, C:2008-10-05 11:16 M:2008-10-05 11:16] Context Menu [RisingRavExt] {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-18 18:27 M:2008-12-18 18:34] [SGPDMenu] {F6A51CCC-6AA6-46ad-B726-97466F0A38BF} [Utimaco Safeware AG, 1.10.2.1, C:2005-11-15 13:13 M:2005-11-15 13:13] [WinRAR] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2007-07-19 13:06 M:2007-09-23 18:59] ======================================== 服务 [Ac Profile Manager Service / AcPrfMgrSvc][Running/Auto Start] [N/A, C:2007-07-18 14:53 M:2006-01-31 22:23] [Access Connections Main Service / AcSvc][Running/Auto Start] [Lenovo, 4, 11, 0, 0, C:2007-07-18 14:53 M:2006-01-31 22:24] [ASP.NET State Service / aspnet_state][Stopped/Manual Start] <%SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe> [Microsoft Corporation, 1.1.4322.2032, C:2004-07-15 01:49 M:2004-07-15 01:49] [Diskeeper / Diskeeper][Running/Auto Start] [Diskeeper Corporation, 9.0.537.0, C:2006-03-01 11:50 M:2006-03-01 11:50] [Human Interface Device Access / HidServ][Stopped/Disabled] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\hidserv.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-17 21:00] [InstallDriver Table Manager / IDriverT][Stopped/Manual Start] <"C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe"> [Macrovision Corporation, 10.50.125, C:2004-10-22 03:24 M:2004-10-22 03:24] [IPS 核心服务 / IPSSVC][Running/Auto Start] <%SystemRoot%\system32\IPSSVC.EXE> [Lenovo Group Limited, 2, 0, 0, 0, C:2007-07-18 12:43 M:2006-03-23 02:03] [Machine Debug Manager / MDM][Running/Auto Start] <"C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe"> [Microsoft Corporation, 7.00.9064.9150, C:2001-02-23 10:07 M:2001-02-23 10:07] [IBM KCU Service / TpKmpSVC][Running/Auto Start] [N/A, C:2007-07-18 14:31 M:2005-06-06 21:26] [TVT Backup Service / TVT Backup Service][Running/Auto Start] <"C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe"> [Copyright 2002, 3,0,27,0, C:2005-12-21 18:20 M:2005-12-21 18:20] [TVT Scheduler / TVT Scheduler][Running/Auto Start] <"C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe"> [Copyright 2004, 3,0,9,0, C:2005-12-21 18:34 M:2005-12-21 18:34] [ThinkVantage System Update / UCLauncherService][Running/Auto Start] [N/A, C:2005-08-01 17:32 M:2005-08-01 17:32] [Windows Media Connect (WMC) / WmcCds][/Manual Start] [Microsoft Corporation, 5.1.2600.1 built by: DNSRV(bld4act), C:2004-08-11 00:46 M:2004-08-11 00:46] [Windows Media Connect (WMC) 帮助程序 / WmcCdsLs][Stopped/Manual Start] [Microsoft Corporation, 5.1.2600.1 built by: DNSRV(bld4act), C:2004-08-10 21:50 M:2004-08-10 21:50] [Autodesk Licensing Service / Autodesk Licensing Service][Stopped/Manual Start] <"C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"> [(Verified)Autodesk, Inc., 2.51.000, C:2007-07-20 09:44 M:2007-07-20 09:44] [Contrl Center of Storm Media / ccosm][Running/Auto Start] [(Verified)北京暴风网际科技有限公司, 3, 8, 12, 12, C:2008-12-17 17:41 M:2008-12-17 17:41] [ThinkPad PM Service / IBMPMSVC][Running/Auto Start] <%SystemRoot%\system32\ibmpmsvc.exe> [(Verified)N/A, C:1980-01-01 00:00 M:2005-11-11 01:33] [Rav Process Communication Center / RavCCenter][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 18:47 M:2008-12-18 18:45] [Rising RavTask Manager / RavTask][Running/Auto Start] <"C:\Program Files\Rising\Rav\RavTask.exe" RavTask> [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23, C:2008-12-18 18:47 M:2009-01-20 14:12] [Rfw Process Communication Center / RfwCCenter][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-25 17:38 M:2008-12-25 17:37] [Rising Personal Firewall Service / RfwService][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-25 17:38 M:2008-12-25 17:37] [Rising RfwTask Manager / RfwTask][Running/Auto Start] <"D:\Rising\Rfw\RavTask.exe" RfwTask> [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23, C:2008-12-25 17:38 M:2009-01-20 14:12] [Rising RealTime Monitor / RsRavMon][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-18 18:48 M:2008-12-18 18:36] [Rising Scan Service / RsScanSrv][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2008-12-18 18:47 M:2008-12-18 18:35] ======================================== 驱动 [ANC / ANC][Running/System Start] [IBM Corp., 8.3, C:2007-07-18 14:53 M:2005-11-08 09:27] [DLABOIOM / DLABOIOM][Running/Auto Start] [Sonic Solutions, 5.10.15a, C:2007-07-18 14:46 M:2005-08-01 05:10] [DLACDBHM / DLACDBHM][Running/System Start] [Sonic Solutions, 5.10.05a, C:2007-07-18 14:46 M:2005-07-07 09:03] [DLADResN / DLADResN][Running/Auto Start] [Sonic Solutions, 5.10.15a, C:2007-07-18 14:46 M:2005-08-01 05:10] [DLAIFS_M / DLAIFS_M][Running/Auto Start] [Sonic Solutions, 5.10.15a, C:2007-07-18 14:46 M:2005-08-01 05:10] [DLAOPIOM / DLAOPIOM][Running/Auto Start] [Sonic Solutions, 5.10.15a, C:2007-07-18 14:46 M:2005-08-01 05:10] [DLAPoolM / DLAPoolM][Running/Auto Start] [Sonic Solutions, 5.10.15a, C:2007-07-18 14:46 M:2005-08-01 05:10] [DLARTL_N / DLARTL_N][Running/System Start] [Sonic Solutions, 5.10.05a, C:2007-07-18 14:46 M:2005-07-07 09:02] [DLAUDFAM / DLAUDFAM][Running/Auto Start] [Sonic Solutions, 5.10.15a, C:2007-07-18 14:46 M:2005-08-01 05:10] [DLAUDF_M / DLAUDF_M][Running/Auto Start] [Sonic Solutions, 5.10.15a, C:2007-07-18 14:46 M:2005-08-01 05:10] [DRVMCDB / DRVMCDB][Running/Boot Start] [Sonic Solutions, 3.30.00Q, C:2007-07-18 14:46 M:2005-07-28 03:30] [DRVNDDM / DRVNDDM][Running/Auto Start] [Sonic Solutions, 5.10.04a, C:2007-07-18 14:46 M:2005-07-07 05:10] [EagleNT / EagleNT][Stopped/Manual Start] <\??\C:\WINDOWS\system32\drivers\EagleNT.sys> [] [IBM eGatherer / EGATHDRV][Running/Auto Start] <\??\C:\WINDOWS\SYSTEM32\EGATHDRV.SYS> [IBM Corporation, 2.05, C:2007-07-18 14:51 M:2009-01-28 11:27] [gwiopm / gwiopm][Stopped/Manual Start] <\??\D:\工具软件\优化大师\wom63_v1009\gwiopm.sys> [N/A, C:2007-07-24 16:12 M:2004-10-07 11:39] [ibmfilter / ibmfilter][Running/Auto Start] <\??\C:\WINDOWS\system32\drivers\ibmfilter.sys> [IBM, 4.01 built by: WinDDK, C:2005-12-21 17:14 M:2005-12-21 17:14] [IBMTPCHK / IBMTPCHK][Running/System Start] <\??\C:\WINDOWS\system32\Drivers\IBMBLDID.sys> [N/A, C:2007-07-18 14:53 M:2006-01-13 00:33] [ndqjjaj / ndqjjaj][Stopped/Boot Start] <\SystemRoot\System32\drivers\ndqjjaj.sys> [] [npkcrypt / npkcrypt][Running/Auto Start] <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys> [INCA Internet Co., Ltd., 2005. 11. 1. 1, C:2007-02-02 19:04 M:2007-02-02 19:04] [pmem / pmem][Running/Auto Start] <\??\C:\WINDOWS\System32\drivers\pmemnt.sys> [Microsoft Corporation, 4.00, C:2000-05-31 20:29 M:2000-05-31 20:29] [PrivateDisk / PrivateDisk][Running/Auto Start] <\??\C:\Program Files\IBM ThinkVantage\SafeGuard PrivateDisk\PrivateDiskM.sys> [Utimaco Safeware AG, 1.10.2.1, C:2005-11-15 13:11 M:2005-11-15 13:11] [IPS 帮助器驱动程序 / PROCDD][Running/Auto Start] [Lenovo Group Limited, 2, 0, 0, 0, C:2007-07-18 12:43 M:2006-03-23 02:03] [IBM PSA Access Driver / psadd][Stopped/Manual Start] <\??\C:\WINDOWS\system32\Drivers\psadd.sys> [Lenovo, 5.2.3670.1, C:2007-07-18 14:51 M:2007-07-18 14:51] [PxHelp20 / PxHelp20][Running/Boot Start] [Sonic Solutions, 2.03.28a, C:2005-10-27 04:12 M:2005-10-27 04:12] [RsAntiSpyware / RsAntiSpyware][Running/Boot Start] [Beijing Rising Technology Co., Ltd., 3, 0, 0, 28, C:2007-07-20 10:15 M:2007-07-20 11:51] [Smapint / Smapint][Running/System Start] [Microsoft Corporation, 4.00, C:2007-07-18 14:31 M:2006-01-17 01:52] [smi2 / smi2][Running/Auto Start] <\??\C:\Program Files\SMI2\smi2.sys> [IBM Corp., 1, 1, 1, 0, C:2005-12-21 16:45 M:2005-12-21 16:45] [TDSMAPI / TDSMAPI][Running/System Start] [N/A, C:2007-07-18 14:31 M:2006-01-17 01:52] [TPPWRIF / TPPWRIF][Running/System Start] [N/A, C:2007-07-18 14:53 M:2006-03-23 01:13] [TSMAPIP / TSMAPIP][Running/System Start] [N/A, C:2007-07-18 14:30 M:2006-02-27 02:52] [yshield / yshield][Running/Boot Start] [INTER CHINA NETWORK SOFTWARE LTD, 1, 0, 0, 1005, C:2008-10-24 10:24 M:2007-10-19 10:29] [360procmon / 360procmon][Running/Manual Start] <\??\D:\工具软件\360safe\safemon\360procmon.sys> [(Verified)版权所有 (C) 2006-2008 360.cn, 1, 0, 0, 1001, C:2008-09-28 00:56 M:2008-09-28 00:56] [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start] [(Verified)Intel Corporation, 5.10.3523 built by: WinDDK, C:2004-09-03 10:44 M:2001-08-17 12:20] [ADI UAA Function Driver for High Definition Audio Service / ADIHdAudAddService][Running/Manual Start] [(Verified)Analog Devices, Inc., 5.10.01.4310 built by: WinDDK, C:1980-01-01 00:00 M:2006-01-31 10:19] [AEAudio Service / AEAudioService][Running/Manual Start] [(Verified)Andrea Electronics Corporation, 4.0.1.20, C:1980-01-01 00:00 M:2005-06-07 13:53] [AliIde / AliIde][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\aliide.sys> [(Verified)Acer Laboratories Inc., 1.20, C:2004-09-03 13:07 M:2001-08-17 13:51] [AMD AGP Bus Filter Driver / amdagp][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\amdagp.sys> [(Verified)Advanced Micro Devices, Inc., 5.00 (xpsp_sp2_rtm.040803-2158), C:2004-09-03 12:40 M:2004-08-03 23:07] [asc / asc][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\asc.sys> [(Verified)Advanced System Products, Inc., 2.9I-MS (XPClient.010817-1148), C:2004-09-03 13:05 M:2001-08-17 13:52] [asc3550 / asc3550][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\asc3550.sys> [(Verified)Advanced System Products, Inc., 3.1E-MS (XPClient.010817-1148), C:2004-09-03 13:05 M:2001-08-17 13:51] [Broadcom NetXtreme Gigabit Ethernet / b57w2k][Running/Manual Start] [(Verified)Broadcom Corporation, 8.48.0.0 built by: WinDDK, C:1980-01-01 00:00 M:2005-10-26 10:01] [CmdIde / CmdIde][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\cmdide.sys> [(Verified)CMD Technology, Inc., 2.0.7 (XPClient.010817-1148), C:2004-09-03 13:08 M:2001-08-31 15:29] [dac2w2k / dac2w2k][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\dac2w2k.sys> [(Verified)Mylex Corporation, 6.00-21 (XPClient.010817-1148), C:2004-09-03 13:04 M:2001-08-17 13:52] [Intel(R) PRO Adapter Driver / E100B][Stopped/Manual Start] [(Verified)Intel Corporation, 5.41.22.0000 built by: WinDDK, C:2004-09-03 10:45 M:2001-08-31 15:38] [Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start] [(Verified)Windows (R) Server 2003 DDK provider, 5.10.01.5013 built by: WinDDK, C:1980-01-01 00:00 M:2005-01-07 17:07] [hookcont / hookcont][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 6, C:2008-12-18 18:48 M:2008-12-18 18:45] [hooksys / hooksys][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 47, C:2008-12-18 18:48 M:2008-12-24 15:53] [HSF_DPV / HSF_DPV][Running/Manual Start] [(Verified)Conexant Systems, Inc., 7.39.00 built by: WinDDK, C:2007-07-18 14:33 M:2005-12-06 11:21] [HSXHWAZL / HSXHWAZL][Running/Manual Start] [(Verified)Conexant Systems, Inc., 7.39.00 built by: WinDDK, C:2007-07-18 14:33 M:2005-12-06 11:20] [ialm / ialm][Running/Manual Start] [(Verified)Intel Corporation, 6.14.10.4436, C:1980-01-01 00:00 M:2005-11-28 14:20] [Intel AHCI Controller / iaStor][Running/Boot Start] [(Verified)Intel Corporation, 5.5.0.1035, C:2005-10-12 12:07 M:2005-10-12 12:07] [IBMPMDRV / IBMPMDRV][Running/Manual Start] [(Verified)Lenovo., 1.33, C:1980-01-01 00:00 M:2005-11-11 01:33] [mdmxsdk / mdmxsdk][Running/Auto Start] [(Verified)Conexant, 1.0.2.010, C:2007-07-18 14:33 M:2005-10-05 15:57] [mraid35x / mraid35x][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\mraid35x.sys> [(Verified)American Megatrends Inc., 6.19 (XPClient.010817-1148), C:2004-09-03 12:57 M:2001-08-17 13:52] [nv / nv][Stopped/Manual Start] [(Verified)NVIDIA Corporation, 6.14.10.5673, C:2004-09-03 10:45 M:2004-08-03 22:29] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:1980-01-01 00:00 M:2004-08-17 21:00] [ql1080 / ql1080][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\ql1080.sys> [(Verified)QLogic Corporation, 3.04, C:2004-09-03 13:01 M:2001-08-17 13:52] [ql12160 / ql12160][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\ql12160.sys> [(Verified)QLogic Corporation, 7.13.02 (W64), C:2004-09-03 13:01 M:2001-08-17 13:52] [ql1280 / ql1280][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\ql1280.sys> [(Verified)QLogic Corporation, 7.13.01 (W2K), C:2004-09-03 13:01 M:2001-08-17 13:52] [Rising RfwBase Driver / RfwBase9][Running/Manual Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.2, C:2008-12-25 17:38 M:2008-12-25 17:37] [rfwtdi / rfwtdi][Running/Auto Start] <\??\D:\Rising\Rfw\rfwtdi.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.2, C:2008-12-25 17:38 M:2008-12-25 17:37] [rsfwdrv / rsfwdrv][Running/System Start] <\??\D:\Rising\Rfw\rsfwdrv.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.44, C:2008-12-25 17:38 M:2009-01-19 14:17] [RsNTGDI / RsNTGDI][Running/Boot Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 18:47 M:2008-12-18 18:38] [SafeBoxKrnl / SafeBoxKrnl][Running/System Start] <\??\C:\WINDOWS\system32\Drivers\safeboxkrnl.sys> [(Verified)360安全中心, 2, 3, 0, 1007, C:2009-01-12 18:48 M:2009-01-12 18:48] [SIS AGP Bus Filter / sisagp][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\sisagp.sys> [(Verified)Silicon Integrated Systems Corporation, 5.12.01.2010 (xpsp_sp2_rtm.040803-2158), C:2004-09-03 12:50 M:2004-08-03 23:07] [Sparrow / Sparrow][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\sparrow.sys> [(Verified)Adaptec, Inc., v2.0a (ReleaseBinaries.001205-1804), C:2004-09-03 12:53 M:2001-08-17 14:07] [symc810 / symc810][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\symc810.sys> [(Verified)Symbios Logic Inc., 5.1.2409.1 (ReleaseBinaries.001205-1804), C:2004-09-03 13:00 M:2001-08-17 14:07] [symc8xx / symc8xx][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\symc8xx.sys> [(Verified)LSI Logic, 5.1.2409.1 (ReleaseBinaries.001205-1804), C:2004-09-03 12:59 M:2001-08-17 14:07] [sym_hi / sym_hi][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\sym_hi.sys> [(Verified)LSI Logic, 5.1.2462.0 (Lab01_N.010309-0027), C:2004-09-03 12:57 M:2001-08-17 14:07] [sym_u3 / sym_u3][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\sym_u3.sys> [(Verified)LSI Logic, 5.1.2462.0 (Lab01_N.010309-0027), C:2004-09-03 13:00 M:2001-08-17 14:07] [PS/2 TrackPoint Driver / Tp4Track][Running/Manual Start] [(Verified)Lenovo Group Limited, 3.55, C:1980-01-01 00:00 M:2005-07-13 03:55] [ultra / ultra][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\ultra.sys> [(Verified)Promise Technology, Inc., 1.43 (第 0603 版), C:2004-09-03 13:05 M:2001-08-17 13:52] [winachsf / winachsf][Running/Manual Start] [(Verified)Conexant Systems, Inc., 7.39.00 built by: WinDDK, C:2007-07-18 14:33 M:2005-12-06 11:20] ======================================== 进程 [PID: 856 / SYSTEM] \SystemRoot\System32\smss.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-17 21:00] [PID: 928 / SYSTEM] \??\C:\WINDOWS\system32\csrss.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-17 21:00] [PID: 952 / SYSTEM] \??\C:\WINDOWS\system32\winlogon.exe [(Verified)Microsoft Corporation, 5.1.2600.2645 (xpsp.050331-1524), C:1980-01-01 00:00 M:2005-04-02 02:33] [PID: 996 / SYSTEM] C:\WINDOWS\system32\services.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-17 21:00] [PID: 1008 / SYSTEM] C:\WINDOWS\system32\lsass.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-17 21:00] C:\Program Files\IBM ThinkVantage\Client Security Solution\csspwntfye.dll [(Verified)Lenovo Group Limited, 6.01.0044.00, C:2005-12-21 18:07 M:2005-12-21 18:07] C:\Program Files\IBM ThinkVantage\Client Security Solution\cssuserdatadispatcher.dll [(Verified)Lenovo Group Limited, 6.01.0044.00, C:2005-12-21 18:08 M:2005-12-21 18:08] C:\Program Files\IBM ThinkVantage\Client Security Solution\ibmtsp.dll [(Verified)IBM, 1,1,2,009, C:2005-12-21 17:17 M:2005-12-21 17:17] C:\Program Files\IBM ThinkVantage\Client Security Solution\tcsrpc.dll [(Verified)IBM, 1,1,2,009, C:2005-12-21 17:17 M:2005-12-21 17:17] [PID: 1192 / SYSTEM] C:\WINDOWS\system32\ibmpmsvc.exe [(Verified)N/A, C:1980-01-01 00:00 M:2005-11-11 01:33] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-22 17:35 M:2008-12-22 17:34] [PID: 1248 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-17 21:00] [PID: 1344 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-17 21:00] [PID: 1480 / SYSTEM] C:\Program Files\Rising\Rav\CCENTER.EXE [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 18:47 M:2008-12-18 18:45] C:\Program Files\Rising\Rav\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-18 18:47 M:2008-12-18 18:45] C:\Program Files\Rising\Rav\cnt09.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 37, C:2008-12-18 18:47 M:2008-12-18 18:45] C:\Program Files\Rising\Rav\cnt08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-18 18:47 M:2008-12-18 18:45] [PID: 1500 / SYSTEM] D:\Rising\Rfw\CCENTER.EXE [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-25 17:38 M:2008-12-25 17:37] D:\Rising\Rfw\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-25 17:38 M:2008-12-25 17:37] D:\Rising\Rfw\cnt09.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 37, C:2008-12-25 17:38 M:2008-12-25 17:37] [PID: 1508 / SYSTEM] C:\WINDOWS\System32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-17 21:00] [PID: 1616 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-17 21:00] [PID: 1756 / LOCAL SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-17 21:00] [PID: 1812 / SYSTEM] D:\Rising\Rfw\rfwsrv.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-25 17:38 M:2008-12-25 17:37] D:\Rising\Rfw\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-25 17:38 M:2008-12-25 17:37] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 21:14 M:2003-03-18 21:14] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 05:42 M:2003-02-21 05:42] D:\Rising\Rfw\MonBase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2008-12-25 17:38 M:2008-12-25 17:37] D:\Rising\Rfw\MonComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-25 17:38 M:2008-12-25 17:37] D:\Rising\Rfw\rfwlog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2008-12-25 17:38 M:2008-12-25 17:37] D:\Rising\Rfw\rfwrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25, C:2008-12-25 17:38 M:2008-12-25 17:37] D:\Rising\Rfw\rfwsrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.75, C:2008-12-25 17:38 M:2009-01-08 16:08] D:\Rising\Rfw\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-25 17:38 M:2008-12-25 17:37] D:\Rising\Rfw\mPorts.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.0, C:2008-12-25 17:38 M:2008-12-25 17:37] D:\Rising\Rfw\rfwdrvc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.3, C:2008-12-25 17:38 M:2008-12-25 17:37] D:\Rising\Rfw\Rfwdrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.5, C:2008-12-25 17:38 M:2008-12-25 17:37] D:\Rising\Rfw\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13, C:2008-12-25 17:38 M:2008-12-25 17:38] D:\Rising\Rfw\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-25 17:38 M:2008-12-25 17:37] D:\Rising\Rfw\urlrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1.0.0.18, C:2008-12-25 17:38 M:2008-12-25 17:37] D:\Rising\Rfw\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-25 17:38 M:2008-12-25 17:37] D:\Rising\Rfw\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-25 17:38 M:2008-12-25 17:37] D:\Rising\Rfw\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-25 17:38 M:2008-12-25 17:37] D:\Rising\Rfw\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-25 17:38 M:2008-12-25 17:37] D:\Rising\Rfw\rfwproxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25, C:2008-12-25 17:38 M:2009-01-15 09:20] D:\Rising\Rfw\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-25 17:38 M:2008-12-25 17:37] D:\Rising\Rfw\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2008-12-25 17:38 M:2009-01-15 09:20] D:\Rising\Rfw\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-25 17:38 M:2008-12-25 17:37] D:\Rising\Rfw\urllib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-25 17:38 M:2008-12-25 17:37] [PID: 1840 / SYSTEM] C:\Program Files\Rising\Rav\RavMonD.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-18 18:48 M:2008-12-18 18:36] C:\Program Files\Rising\Rav\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-18 18:47 M:2008-12-18 18:45] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 21:14 M:2003-03-18 21:14] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 05:42 M:2003-02-21 05:42] C:\Program Files\Rising\Rav\moncomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-18 18:47 M:2008-12-18 18:34] C:\Program Files\Rising\Rav\MonBase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2008-12-18 18:48 M:2008-12-18 18:36] C:\Program Files\Rising\Rav\Rslog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.32, C:2008-12-18 18:47 M:2008-12-18 18:45] C:\Program Files\Rising\Rav\mondrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-18 18:48 M:2008-12-18 18:36] C:\Program Files\Rising\Rav\defmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 29, C:2008-12-18 18:48 M:2008-12-18 18:36] C:\Program Files\Rising\Rav\moncom08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-18 18:47 M:2008-12-18 18:45] C:\Program Files\Rising\Rav\MonRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2008-12-18 18:48 M:2008-12-18 18:36] C:\Program Files\Rising\Rav\FileMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 21, C:2008-12-18 18:48 M:2008-12-18 18:45] C:\Program Files\Rising\Rav\MailMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23, C:2008-12-18 18:48 M:2009-01-06 16:42] C:\Program Files\Rising\Rav\HookWeb.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-18 18:48 M:2008-12-18 18:45] C:\Program Files\Rising\Rav\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-18 18:47 M:2008-12-18 18:45] C:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2008-12-18 18:47 M:2009-01-15 09:18] C:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-18 18:47 M:2008-12-18 18:34] C:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-18 18:47 M:2008-12-18 18:34] C:\Program Files\Rising\Rav\Hooksys.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 18, C:2008-12-18 18:48 M:2008-12-18 18:36] C:\Program Files\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-12-18 18:47 M:2008-12-18 18:45] C:\Program Files\Rising\Rav\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-12-18 18:47 M:2008-12-18 18:45] C:\Program Files\Rising\Rav\HookCont.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 11, C:2008-12-18 18:48 M:2008-12-18 18:45] C:\Program Files\Rising\Rav\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13, C:2008-12-18 18:48 M:2008-12-25 17:15] C:\Program Files\Rising\Rav\BACore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 19, C:2008-12-18 18:48 M:2009-01-15 09:18] C:\Program Files\Rising\Rav\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\RSStore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2008-12-18 18:48 M:2009-01-04 17:08] C:\Program Files\Rising\Rav\ScanAdd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.14, C:2008-12-18 18:47 M:2008-12-18 18:34] C:\Program Files\Rising\Rav\Scanner.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.33, C:2008-12-18 18:47 M:2009-01-15 14:17] C:\Program Files\Rising\Rav\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-18 18:47 M:2008-12-25 17:15] C:\Program Files\Rising\Rav\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\extfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-18 18:47 M:2008-12-25 17:15] C:\Program Files\Rising\Rav\ffr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\nvfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\scanexec.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-18 18:47 M:2009-01-04 17:08] C:\Program Files\Rising\Rav\unexe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\scanex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 17, C:2008-12-18 18:47 M:2009-01-09 14:11] C:\Program Files\Rising\Rav\pearc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\scanpe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\ur000.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\revm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\urutils.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\ur001.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\scansct.dll [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 18:47 M:2008-12-23 17:51] C:\Program Files\Rising\Rav\extmail.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\ur023.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\extole.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\ur025.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-18 18:47 M:2008-12-18 18:35] [PID: 2016 / SYSTEM] C:\WINDOWS\system32\spoolsv.exe [(Verified)Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519), C:1980-01-01 00:00 M:2005-06-11 07:53] [PID: 188 / SYSTEM] C:\Program Files\Rising\Rav\rsnetsvr.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-18 18:48 M:2009-01-09 14:11] C:\Program Files\Rising\Rav\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.9, C:2008-12-18 18:48 M:2008-12-18 18:46] C:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-18 18:47 M:2008-12-18 18:34] C:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-18 18:47 M:2008-12-18 18:34] C:\Program Files\Rising\Rav\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-18 18:47 M:2008-12-18 18:45] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 05:42 M:2003-02-21 05:42] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 21:14 M:2003-03-18 21:14] [PID: 640 / 联想电脑] C:\WINDOWS\Explorer.EXE [(Verified)Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234), C:1980-01-01 00:00 M:2007-06-13 21:21] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\WINDOWS\system32\AcSignIcon.dll [(Verified)Autodesk, 16.1.63.0, C:2004-02-25 09:35 M:2004-02-25 09:35] C:\Program Files\Common Files\Microsoft Shared\Ink\PENCHS.DLL [Microsoft Corporation, 1.0.1038.0, C:2001-02-07 02:17 M:2001-02-07 02:17] C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll [(Verified)Autodesk, 16.1.63.0, C:2004-02-25 09:35 M:2004-02-25 09:35] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll [(Verified)Adobe Systems, Inc., 9.0.0.2008061100, C:2008-06-11 22:49 M:2008-06-11 22:49] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll [Microsoft Corporation, 8.00.50727.762, C:2006-12-01 22:54 M:2006-12-01 22:54] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS [Adobe Systems, Inc., 9.0.0.0, C:2008-06-22 22:23 M:2008-06-22 22:23] C:\WINDOWS\system32\igfxpph.dll [(Verified)Intel Corporation, 3.0.0.4436, C:1980-01-01 00:00 M:2005-11-28 13:54] C:\WINDOWS\system32\hccutils.DLL [(Verified)Intel Corporation, 3.0.0.4436, C:1980-01-01 00:00 M:2005-11-28 13:50] C:\WINDOWS\system32\igfxres.dll [(Verified)Intel Corporation, 3.0.0.4436, C:2007-07-18 14:38 M:2005-11-28 13:56] C:\WINDOWS\system32\igfxress.dll [(Verified)Intel Corporation, 3.0.0.4436, C:1980-01-01 00:00 M:2005-11-28 13:55] C:\WINDOWS\system32\igfxsrvc.dll [(Verified)Intel Corporation, 3.0.0.4436, C:1980-01-01 00:00 M:2005-11-28 13:51] C:\WINDOWS\system32\PROCHLP.DLL [Lenovo Group Limited, 2, 0, 0, 0, C:2007-07-18 12:43 M:2006-03-23 02:03] D:\工具软件\360safe\safemon\safemon.dll [(Verified)360.CN, 5, 0, 0, 1004, C:2008-12-31 02:23 M:2008-12-31 02:23] D:\Program Files\ComDlls\xunleiBHO_Now.dll [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 120, C:2008-12-29 17:14 M:2008-11-15 12:15] D:\Program Files\Components\ResWorker\DsBho_00.dll [Thunder Networking Technologies,LTD, 1, 0, 0, 20, C:2008-12-29 17:14 M:2008-12-18 16:43] D:\Program Files\Components\ResWorker\DataProcessor_00.dll [Thunder Networking Technologies,LTD, 1, 0, 0, 16, C:2008-12-29 17:14 M:2008-12-18 16:43] C:\Program Files\WinRAR\rarext.dll [N/A, C:2007-07-19 13:06 M:2007-09-23 18:59] C:\Program Files\IBM ThinkVantage\SafeGuard PrivateDisk\pdshell.dll [Utimaco Safeware AG, 1.10.2.1, C:2005-11-15 13:13 M:2005-11-15 13:13] C:\Program Files\IBM ThinkVantage\SafeGuard PrivateDisk\PDLib.dll [Utimaco Safeware AG, 1.10.2.1, C:2005-11-15 13:32 M:2005-11-15 13:32] C:\Program Files\IBM ThinkVantage\SafeGuard PrivateDisk\PDLib0804.dll [Utimaco Safeware AG, 1.10.2.1, C:2005-11-15 13:21 M:2005-11-15 13:21] C:\Program Files\IBM ThinkVantage\SafeGuard PrivateDisk\PDShell0804.dll [Utimaco Safeware AG, 1.10.2.1, C:2005-11-15 13:26 M:2005-11-15 13:26] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-18 18:27 M:2008-12-18 18:34] [PID: 660 / 联想电脑] C:\WINDOWS\system32\ctfmon.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-17 21:00] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-22 17:35 M:2008-12-22 17:34] [PID: 824 / 联想电脑] C:\WINDOWS\system32\tp4serv.exe [(Verified)Lenovo Group Limited, 3.55, C:1980-01-01 00:00 M:2005-07-13 03:55] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\WINDOWS\system32\tp4uires.dll [N/A, C:2007-07-18 14:20 M:2005-07-13 03:55] [PID: 832 / 联想电脑] C:\WINDOWS\system32\igfxtray.exe [(Verified)Intel Corporation, 3.0.0.4436, C:1980-01-01 00:00 M:2005-11-28 13:55] C:\WINDOWS\system32\hccutils.DLL [(Verified)Intel Corporation, 3.0.0.4436, C:1980-01-01 00:00 M:2005-11-28 13:50] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\WINDOWS\system32\igfxsrvc.dll [(Verified)Intel Corporation, 3.0.0.4436, C:1980-01-01 00:00 M:2005-11-28 13:51] C:\WINDOWS\system32\igfxres.dll [(Verified)Intel Corporation, 3.0.0.4436, C:2007-07-18 14:38 M:2005-11-28 13:56] C:\WINDOWS\system32\igfxress.dll [(Verified)Intel Corporation, 3.0.0.4436, C:1980-01-01 00:00 M:2005-11-28 13:55] [PID: 840 / 联想电脑] C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe [N/A, C:2007-07-18 12:45 M:2006-03-09 16:14] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\WINDOWS\system32\Oemdspif.dll [(Verified)Intel Corporation, 3.0.0.4436, C:1980-01-01 00:00 M:2005-11-28 13:56] C:\WINDOWS\system32\igfxdev.dll [(Verified)Intel Corporation, 3.0.0.4436, C:1980-01-01 00:00 M:2005-11-28 13:51] C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\tpfnf7.dll [N/A, C:2007-07-18 12:45 M:2005-10-28 20:29] [PID: 848 / 联想电脑] C:\Program Files\Analog Devices\Core\smax4pnp.exe [(Verified)Analog Devices, Inc., 6, 0, 0, 20, C:1980-01-01 00:00 M:2005-05-20 08:11] C:\Program Files\Analog Devices\Core\SMWDMIF.dll [(Verified)Analog Devices, Inc., 6, 0, 4200, 014, C:1980-01-01 00:00 M:2006-01-31 10:25] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-22 17:35 M:2008-12-22 17:34] [PID: 1084 / 联想电脑] C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe [N/A, C:2007-07-18 12:45 M:2005-07-05 14:57] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-22 17:35 M:2008-12-22 17:34] [PID: 1168 / 联想电脑] C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe [Lenovo Group Limited, 1.16, C:2007-07-18 12:45 M:2005-10-26 00:44] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-22 17:35 M:2008-12-22 17:34] [PID: 1424 / 联想电脑] C:\Program Files\Rising\Rav\RsTray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22, C:2008-12-18 18:48 M:2009-01-08 14:05] C:\Program Files\Rising\Rav\ComServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.49, C:2008-12-18 18:48 M:2009-01-15 09:18] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 21:14 M:2003-03-18 21:14] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 05:42 M:2003-02-21 05:42] C:\Program Files\Rising\Rav\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 27, C:2008-12-18 18:47 M:2009-01-04 17:08] C:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-18 18:47 M:2008-12-18 18:34] C:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-18 18:47 M:2008-12-18 18:34] C:\Program Files\Common Files\Microsoft Shared\Ink\PENCHS.DLL [Microsoft Corporation, 1.0.1038.0, C:2001-02-07 02:17 M:2001-02-07 02:17] C:\Program Files\Rising\Rav\rsxml.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 18:47 M:2008-12-18 18:34] C:\Program Files\Rising\Rav\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-18 18:47 M:2008-12-18 18:45] C:\Program Files\Rising\Rav\MonState.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-18 18:48 M:2008-12-18 18:36] C:\Program Files\Rising\Rav\ScanEvnt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.12, C:2008-12-18 18:48 M:2008-12-18 18:36] C:\Program Files\Rising\Rav\rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 70, C:2008-12-18 18:47 M:2009-01-04 17:08] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 22:20 M:2003-03-18 22:20] C:\WINDOWS\system32\MFC71CHS.DLL [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 20:44 M:2003-03-18 20:44] C:\Program Files\Rising\Rav\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-18 18:47 M:2009-01-04 17:08] C:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2008-12-18 18:47 M:2009-01-15 09:18] C:\Program Files\Rising\Rav\rspalvd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.21, C:2008-12-18 18:47 M:2008-12-31 09:58] C:\Program Files\Rising\Rav\ravbintl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 25, C:2008-12-18 18:48 M:2008-12-31 14:07] C:\Program Files\Rising\Rav\mruleui.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10, C:2008-12-18 18:48 M:2008-12-18 18:36] C:\Program Files\Rising\Rav\MonTray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.90, C:2008-12-18 18:48 M:2009-01-15 09:18] C:\Program Files\Rising\Rav\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-18 18:47 M:2008-12-18 18:34] C:\Program Files\Rising\Rav\RavITray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 19, C:2008-12-18 18:48 M:2008-12-18 18:37] C:\Program Files\Rising\Rav\ScanPrxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.14, C:2008-12-18 18:47 M:2009-01-20 14:12] C:\Program Files\Rising\Rav\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-18 18:48 M:2009-01-09 14:11] [PID: 1436 / 联想电脑] C:\Program Files\Rising\AntiSpyware\rstray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.16, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\Program Files\Rising\AntiSpyware\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-22 17:35 M:2009-01-09 14:17] C:\Program Files\Rising\AntiSpyware\RsXML.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2007-09-15 18:14 M:2008-12-22 17:34] C:\Program Files\Rising\AntiSpyware\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2007-09-15 18:14 M:2008-12-22 17:34] C:\Program Files\Rising\AntiSpyware\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2007-09-15 18:14 M:2008-12-22 17:34] C:\Program Files\Rising\AntiSpyware\ComServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.31, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\Program Files\Rising\AntiSpyware\rscommon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.1.1, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\Program Files\Common Files\Microsoft Shared\Ink\PENCHS.DLL [Microsoft Corporation, 1.0.1038.0, C:2001-02-07 02:17 M:2001-02-07 02:17] C:\Program Files\Rising\AntiSpyware\MSVCP60.dll [Microsoft Corporation, 6.00.8972.0, C:2007-11-06 09:00 M:2008-12-22 17:34] C:\Program Files\Rising\AntiSpyware\pngdll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\Program Files\Rising\AntiSpyware\runiep.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.42, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\Program Files\Rising\AntiSpyware\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.11, C:2008-01-22 13:37 M:2008-12-22 17:34] C:\Program Files\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-12-18 18:47 M:2008-12-18 18:45] C:\Program Files\Rising\AntiSpyware\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-12-22 17:35 M:2008-12-22 17:34] [PID: 1456 / 联想电脑] D:\Rising\Rfw\RsTray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22, C:2008-12-25 17:38 M:2009-01-08 16:08] D:\Rising\Rfw\ComServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.49, C:2008-12-25 17:38 M:2009-01-15 09:20] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 21:14 M:2003-03-18 21:14] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 05:42 M:2003-02-21 05:42] D:\Rising\Rfw\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 27, C:2008-12-25 17:38 M:2009-01-04 17:00] D:\Rising\Rfw\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-25 17:38 M:2008-12-25 17:37] D:\Rising\Rfw\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-25 17:38 M:2008-12-25 17:37] C:\Program Files\Common Files\Microsoft Shared\Ink\PENCHS.DLL [Microsoft Corporation, 1.0.1038.0, C:2001-02-07 02:17 M:2001-02-07 02:17] D:\Rising\Rfw\rsxml.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-25 17:38 M:2008-12-25 17:37] D:\Rising\Rfw\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-25 17:38 M:2008-12-25 17:37] D:\Rising\Rfw\MonState.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-25 17:38 M:2008-12-25 17:37] D:\Rising\Rfw\rfwrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25, C:2008-12-25 17:38 M:2008-12-25 17:37] D:\Rising\Rfw\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-25 17:38 M:2009-01-04 17:00] D:\Rising\Rfw\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-25 17:38 M:2008-12-25 17:37] D:\Rising\Rfw\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2008-12-25 17:38 M:2009-01-15 09:20] D:\Rising\Rfw\rspalvd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.21, C:2008-12-25 17:38 M:2008-12-31 09:57] D:\Rising\Rfw\rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 70, C:2008-12-25 17:38 M:2009-01-04 17:00] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 22:20 M:2003-03-18 22:20] C:\WINDOWS\system32\MFC71CHS.DLL [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 20:44 M:2003-03-18 20:44] D:\Rising\Rfw\ravbintl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 25, C:2008-12-25 17:38 M:2008-12-31 14:07] D:\Rising\Rfw\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13, C:2008-12-25 17:38 M:2008-12-25 17:38] D:\Rising\Rfw\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-25 17:38 M:2009-01-09 14:12] D:\Rising\Rfw\rfwtray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 1, 5, C:2008-12-25 17:38 M:2008-12-25 17:37] D:\Rising\Rfw\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-25 17:38 M:2008-12-25 17:37] D:\Rising\Rfw\rfwlog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2008-12-25 17:38 M:2008-12-25 17:37] [PID: 1880 / SYSTEM] C:\WINDOWS\system32\IPSSVC.EXE [Lenovo Group Limited, 2, 0, 0, 0, C:2007-07-18 12:43 M:2006-03-23 02:03] C:\WINDOWS\system32\PROCHLP.DLL [Lenovo Group Limited, 2, 0, 0, 0, C:2007-07-18 12:43 M:2006-03-23 02:03] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\Program Files\Lenovo\AwayTask\AwayDB.DLL [Lenovo Group Limited, 2, 0, 0, 0, C:2007-07-18 12:43 M:2006-03-23 02:03] [PID: 2000 / SYSTEM] C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe [N/A, C:2007-07-18 14:53 M:2006-01-31 22:23] C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll [N/A, C:2007-07-18 14:53 M:2006-01-31 21:59] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 21:14 M:2003-03-18 21:14] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 05:42 M:2003-02-21 05:42] C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgr.dll [N/A, C:2007-07-18 14:53 M:2006-01-31 22:00] C:\Program Files\ThinkPad\ConnectUtilities\AcCryptHlpr.dll [N/A, C:2007-07-18 14:53 M:2006-01-31 21:59] C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll [N/A, C:2007-07-18 14:53 M:2006-01-31 21:59] C:\Program Files\ThinkPad\ConnectUtilities\ACON.dll [N/A, C:2007-07-18 14:53 M:2006-01-31 22:22] C:\Program Files\ThinkPad\ConnectUtilities\ACTurinSupport.dll [N/A, C:2007-07-18 14:53 M:2006-01-31 22:19] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\Program Files\ThinkPad\ConnectUtilities\AcLocMigrator.dll [N/A, C:2007-07-18 14:53 M:2006-01-31 22:23] C:\Program Files\ThinkPad\ConnectUtilities\ThinQCon.dll [N/A, C:2007-07-18 14:53 M:2006-01-31 22:14] [PID: 468 / SYSTEM] D:\Program Files\stormliv.exe [(Verified)北京暴风网际科技有限公司, 3, 8, 12, 12, C:2008-12-17 17:41 M:2008-12-17 17:41] D:\Program Files\MFC42.DLL [Microsoft Corporation, 6.00.8665.0, C:2007-11-14 17:28 M:2007-11-14 17:28] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-22 17:35 M:2008-12-22 17:34] D:\Program Files\bfoptdll.dll [(Verified)北京暴风网际科技有限公司, 3, 8, 7, 16, C:2008-08-01 20:11 M:2008-08-01 20:11] D:\Program Files\box\BoxLog.dll [(Verified)北京暴风网际科技有限公司, 3, 8, 12, 12, C:2008-12-13 12:10 M:2008-12-13 12:10] [PID: 604 / SYSTEM] C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [Diskeeper Corporation, 9.0.537.0, C:2006-03-01 11:50 M:2006-03-01 11:50] C:\Program Files\Diskeeper Corporation\Diskeeper\DkLib.dll [Diskeeper Corporation, 9.0.537.0, C:2006-03-01 11:29 M:2006-03-01 11:29] C:\Program Files\Diskeeper Corporation\Diskeeper\Tab.dll [Executive Software International, Inc., 1.0.34.0, C:2005-05-06 15:33 M:2005-05-06 15:33] C:\Program Files\Diskeeper Corporation\Diskeeper\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 04:42 M:2003-02-21 04:42] C:\Program Files\Diskeeper Corporation\Diskeeper\GetFATExtents.dll [Diskeeper Corporation, 9.0.537.0, C:2006-03-01 11:40 M:2006-03-01 11:40] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\Program Files\Diskeeper Corporation\Diskeeper\2052\DkRes.dll [Diskeeper Corporation, 9.0.537.0, C:2006-03-01 13:56 M:2006-03-01 13:56] C:\Program Files\Diskeeper Corporation\Diskeeper\DkTabProvider.dll [Diskeeper Corporation, 9.0.537.0, C:2006-03-01 11:47 M:2006-03-01 11:47] [PID: 1232 / SYSTEM] C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [Microsoft Corporation, 7.00.9064.9150, C:2001-02-23 10:07 M:2001-02-23 10:07] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-22 17:35 M:2008-12-22 17:34] [PID: 2896 / SYSTEM] C:\Program Files\Rising\Rav\RavTask.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23, C:2008-12-18 18:47 M:2009-01-20 14:12] C:\Program Files\Rising\Rav\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-18 18:47 M:2009-01-04 17:08] C:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2008-12-18 18:47 M:2009-01-15 09:18] C:\Program Files\Rising\Rav\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-18 18:47 M:2008-12-18 18:45] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 05:42 M:2003-02-21 05:42] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 21:14 M:2003-03-18 21:14] C:\Program Files\Rising\Rav\rsstub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-18 18:47 M:2008-12-18 18:45] C:\Program Files\Rising\Rav\rstask.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 36, C:2008-12-18 18:47 M:2009-01-20 14:12] [PID: 2952 / SYSTEM] D:\Rising\Rfw\RavTask.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23, C:2008-12-25 17:38 M:2009-01-20 14:12] D:\Rising\Rfw\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-25 17:38 M:2009-01-04 17:00] D:\Rising\Rfw\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-25 17:38 M:2008-12-25 17:37] D:\Rising\Rfw\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2008-12-25 17:38 M:2009-01-15 09:20] D:\Rising\Rfw\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-25 17:38 M:2008-12-25 17:37] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 05:42 M:2003-02-21 05:42] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 21:14 M:2003-03-18 21:14] D:\Rising\Rfw\rsstub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-25 17:38 M:2008-12-25 17:37] D:\Rising\Rfw\rstask.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 36, C:2008-12-25 17:38 M:2009-01-20 14:12] [PID: 3052 / SYSTEM] C:\Program Files\Rising\Rav\ScanFrm.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 21:14 M:2003-03-18 21:14] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 05:42 M:2003-02-21 05:42] C:\Program Files\Rising\Rav\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-18 18:47 M:2008-12-18 18:45] C:\Program Files\Rising\Rav\moncomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-18 18:47 M:2008-12-18 18:34] C:\Program Files\Rising\Rav\scansrvp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2008-12-18 18:47 M:2008-12-18 18:34] C:\Program Files\Rising\Rav\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-18 18:47 M:2008-12-18 18:45] C:\Program Files\Rising\Rav\ScanSrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.9, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-18 18:47 M:2008-12-18 18:34] C:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-18 18:47 M:2008-12-18 18:34] C:\Program Files\Rising\Rav\ScanRavT.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.23, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\ScanBT.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.38, C:2008-12-18 18:47 M:2009-01-20 14:12] C:\Program Files\Rising\Rav\ScanStub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.8, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\RsLog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.32, C:2008-12-18 18:47 M:2008-12-18 18:45] C:\Program Files\Rising\Rav\ScanAdd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.14, C:2008-12-18 18:47 M:2008-12-18 18:34] C:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2008-12-18 18:47 M:2009-01-15 09:18] C:\Program Files\Rising\Rav\Scanner.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.33, C:2008-12-18 18:47 M:2009-01-15 14:17] C:\Program Files\Rising\Rav\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-18 18:47 M:2008-12-25 17:15] C:\Program Files\Rising\Rav\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\mvengine.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\posttrt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\SysMail.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.5, C:2008-12-18 18:47 M:2008-12-18 18:34] C:\Program Files\Rising\Rav\ffr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\nvfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\scanexec.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-18 18:47 M:2009-01-04 17:08] C:\Program Files\Rising\Rav\unexe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\scanex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 17, C:2008-12-18 18:47 M:2009-01-09 14:11] C:\Program Files\Rising\Rav\pearc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\scanpe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\ur000.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\extfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-18 18:47 M:2008-12-25 17:15] C:\Program Files\Rising\Rav\revm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\urutils.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\ur025.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\ur001.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\scansct.dll [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 18:47 M:2008-12-23 17:51] C:\Program Files\Rising\Rav\extmail.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\extole.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\ur023.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\scriptci.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\uroutine.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\ur004.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\ur027.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-18 18:47 M:2008-12-18 18:35] [PID: 3076 / SYSTEM] C:\WINDOWS\system32\TpKmpSVC.exe [N/A, C:2007-07-18 14:31 M:2005-06-06 21:26] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-22 17:35 M:2008-12-22 17:34] [PID: 3260 / SYSTEM] C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe [Copyright 2002, 3,0,27,0, C:2005-12-21 18:20 M:2005-12-21 18:20] C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rr_res.dll [Copyright (C) 2003, 3,0,29,0, C:2005-12-21 18:15 M:2005-12-21 18:15] C:\Program Files\IBM ThinkVantage\Rescue and Recovery\pui.dll [International Business Machines Corporation, 1, 0, 0, 6, C:2005-12-21 18:20 M:2005-12-21 18:20] C:\Program Files\IBM ThinkVantage\Rescue and Recovery\ui.dll [Copyright (C) 2003, 3,0,29,0, C:2005-12-21 18:19 M:2005-12-21 18:19] C:\Program Files\IBM ThinkVantage\Rescue and Recovery\CDRecord.dll [N/A, C:2005-12-21 18:23 M:2005-12-21 18:23] C:\Program Files\IBM ThinkVantage\Rescue and Recovery\zlib.dll [(C) 1995-2002 Jean-loup Gailly & Mark Adler, 1.1.4.0, C:2005-12-21 18:19 M:2005-12-21 18:19] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\WINDOWS\system32\PROCHLP.DLL [Lenovo Group Limited, 2, 0, 0, 0, C:2007-07-18 12:43 M:2006-03-23 02:03] [PID: 3336 / SYSTEM] C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe [Copyright 2004, 3,0,9,0, C:2005-12-21 18:34 M:2005-12-21 18:34] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-22 17:35 M:2008-12-22 17:34] [PID: 3356 / SYSTEM] C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe [N/A, C:2005-08-01 17:32 M:2005-08-01 17:32] C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherCommon.dll [N/A, C:2005-08-01 17:32 M:2005-08-01 17:32] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-22 17:35 M:2008-12-22 17:34] [PID: 3448 / LOCAL SERVICE] C:\WINDOWS\system32\wdfmgr.exe [(Verified)Microsoft Corporation, 5.2.3790.1230 built by: DNSRV(bld4act), C:2004-08-10 22:05 M:2004-08-10 22:05] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-22 17:35 M:2008-12-22 17:34] [PID: 3628 / SYSTEM] C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe [Lenovo, 4, 11, 0, 0, C:2007-07-18 14:53 M:2006-01-31 22:24] C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll [N/A, C:2007-07-18 14:53 M:2006-01-31 21:59] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 21:14 M:2003-03-18 21:14] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 05:42 M:2003-02-21 05:42] C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgr.dll [N/A, C:2007-07-18 14:53 M:2006-01-31 22:00] C:\Program Files\ThinkPad\ConnectUtilities\AcCryptHlpr.dll [N/A, C:2007-07-18 14:53 M:2006-01-31 21:59] C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll [N/A, C:2007-07-18 14:53 M:2006-01-31 21:59] C:\Program Files\ThinkPad\ConnectUtilities\ACON.dll [N/A, C:2007-07-18 14:53 M:2006-01-31 22:22] C:\Program Files\ThinkPad\ConnectUtilities\ACTurinSupport.dll [N/A, C:2007-07-18 14:53 M:2006-01-31 22:19] C:\Program Files\ThinkPad\ConnectUtilities\AcSvcHlpr.dll [N/A, C:2007-07-18 14:53 M:2006-01-31 22:24] C:\Program Files\ThinkPad\ConnectUtilities\AcAdaptersInfo.dll [N/A, C:2007-07-18 14:53 M:2006-01-31 22:23] C:\Program Files\ThinkPad\ConnectUtilities\ANCA.dll [IBM Corp., 8.3, C:2007-07-18 14:53 M:2005-12-27 20:22] C:\Program Files\ThinkPad\ConnectUtilities\ANC.dll [IBM Corp., 8.3, C:2007-07-18 14:53 M:2005-12-27 20:22] C:\Program Files\ThinkPad\ConnectUtilities\AcSvcStub.dll [N/A, C:2007-07-18 14:53 M:2006-01-31 22:02] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\WINDOWS\system32\PROCHLP.DLL [Lenovo Group Limited, 2, 0, 0, 0, C:2007-07-18 12:43 M:2006-03-23 02:03] [PID: 2804 / SYSTEM] C:\Program Files\IBM ThinkVantage\Common\Logger\logmon.exe [N/A, C:2005-12-21 18:27 M:2005-12-21 18:27] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-22 17:35 M:2008-12-22 17:34] [PID: 684 / LOCAL SERVICE] C:\WINDOWS\System32\alg.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-17 21:00] C:\WINDOWS\System32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-22 17:35 M:2008-12-22 17:34] [PID: 720 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-17 21:00] [PID: 3716 / 联想电脑] C:\WINDOWS\system32\conime.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-17 21:00] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-22 17:35 M:2008-12-22 17:34] D:\工具软件\360safe\safemon\safemon.dll [(Verified)360.CN, 5, 0, 0, 1004, C:2008-12-31 02:23 M:2008-12-31 02:23] C:\WINDOWS\system32\PROCHLP.DLL [Lenovo Group Limited, 2, 0, 0, 0, C:2007-07-18 12:43 M:2006-03-23 02:03] [PID: 3864 / 联想电脑] D:\工具软件\黄山软件\Behead.exe [版权所有 (C) 黄山软件, 3, 0, 0, 0, C:2008-04-16 11:30 M:2008-03-26 10:21] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-22 17:35 M:2008-12-22 17:34] D:\工具软件\360safe\safemon\safemon.dll [(Verified)360.CN, 5, 0, 0, 1004, C:2008-12-31 02:23 M:2008-12-31 02:23] C:\WINDOWS\system32\PROCHLP.DLL [Lenovo Group Limited, 2, 0, 0, 0, C:2007-07-18 12:43 M:2006-03-23 02:03] C:\Program Files\Common Files\Microsoft Shared\Ink\PENCHS.DLL [Microsoft Corporation, 1.0.1038.0, C:2001-02-07 02:17 M:2001-02-07 02:17] C:\WINDOWS\system32\mshtml.dll [Microsoft Corporation, 7.00.6000.16788 (vista_gdr.081211-1619), C:1980-01-01 00:00 M:2008-12-13 14:36] C:\WINDOWS\system32\AcSignIcon.dll [(Verified)Autodesk, 16.1.63.0, C:2004-02-25 09:35 M:2004-02-25 09:35] [PID: 1948 / 联想电脑] D:\Program Files\arswp\ArSwp.exe [(Verified)ArSwp.com, 2, 8, 2, 1115, C:2009-01-19 14:29 M:2008-11-15 11:58] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-22 17:35 M:2008-12-22 17:34] D:\工具软件\360safe\safemon\safemon.dll [(Verified)360.CN, 5, 0, 0, 1004, C:2008-12-31 02:23 M:2008-12-31 02:23] C:\WINDOWS\system32\PROCHLP.DLL [Lenovo Group Limited, 2, 0, 0, 0, C:2007-07-18 12:43 M:2006-03-23 02:03] C:\WINDOWS\system32\AcSignIcon.dll [(Verified)Autodesk, 16.1.63.0, C:2004-02-25 09:35 M:2004-02-25 09:35] C:\Program Files\Common Files\Microsoft Shared\Ink\PENCHS.DLL [Microsoft Corporation, 1.0.1038.0, C:2001-02-07 02:17 M:2001-02-07 02:17] D:\Program Files\arswp\plugin\ArFix.dll [(Verified)ArSwp.Com, 2, 5, 0, 0, C:2009-01-19 14:29 M:2007-11-28 15:19] [PID: 3244 / 联想电脑] C:\Program Files\Rising\Rav\RsMain.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2008-12-18 18:48 M:2008-12-18 18:37] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 05:42 M:2003-02-21 05:42] C:\Program Files\Rising\Rav\rspalmgr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.29, C:2008-12-18 18:47 M:2008-12-18 18:34] C:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-18 18:47 M:2008-12-18 18:34] C:\Program Files\Rising\Rav\RSXML.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 18:47 M:2008-12-18 18:34] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 21:14 M:2003-03-18 21:14] C:\Program Files\Rising\Rav\RsGuiLib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 70, C:2008-12-18 18:47 M:2009-01-04 17:08] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 22:20 M:2003-03-18 22:20] C:\WINDOWS\system32\MFC71CHS.DLL [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 20:44 M:2003-03-18 20:44] C:\Program Files\Rising\Rav\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 27, C:2008-12-18 18:47 M:2009-01-04 17:08] C:\Program Files\Rising\Rav\ravbmenu.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 15, C:2008-12-18 18:48 M:2009-01-04 17:08] C:\Program Files\Rising\Rav\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-18 18:47 M:2009-01-04 17:08] C:\Program Files\Rising\Rav\rspalvd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.21, C:2008-12-18 18:47 M:2008-12-31 09:58] C:\Program Files\Rising\Rav\ravppops.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-18 18:48 M:2008-12-18 18:37] C:\Program Files\Rising\Rav\ravbintl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 25, C:2008-12-18 18:48 M:2008-12-31 14:07] C:\Program Files\Rising\Rav\ravpsafe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.24, C:2008-12-18 18:48 M:2008-12-31 14:07] C:\Program Files\Rising\Rav\MonState.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-18 18:48 M:2008-12-18 18:36] C:\Program Files\Rising\Rav\ScanPrxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.14, C:2008-12-18 18:47 M:2009-01-20 14:12] C:\Program Files\Rising\Rav\psafecfg.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2008-12-18 18:47 M:2009-01-15 09:18] C:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-18 18:47 M:2008-12-18 18:35] C:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2008-12-18 18:47 M:2009-01-15 09:18] C:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-18 18:47 M:2008-12-18 18:34] C:\Program Files\Rising\Rav\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-18 18:47 M:2008-12-18 18:45] C:\Program Files\Rising\Rav\ravxpage.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 81, C:2008-12-18 18:48 M:2008-12-31 14:07] C:\Program Files\Rising\Rav\ravxmons.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24, C:2008-12-18 18:48 M:2008-12-18 18:36] C:\Program Files\Rising\Rav\ravptool.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.20, C:2008-12-18 18:48 M:2008-12-30 09:05] C:\Program Files\Rising\Rav\log2file.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.5, C:2008-12-18 18:48 M:2009-01-04 17:08] C:\Program Files\Rising\Rav\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-18 18:47 M:2008-12-18 18:34] C:\Program Files\Common Files\Microsoft Shared\Ink\PENCHS.DLL [Microsoft Corporation, 1.0.1038.0, C:2001-02-07 02:17 M:2001-02-07 02:17] C:\Program Files\Rising\Rav\htmllib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-18 18:48 M:2008-12-18 18:37] C:\WINDOWS\system32\AcSignIcon.dll [(Verified)Autodesk, 16.1.63.0, C:2004-02-25 09:35 M:2004-02-25 09:35] [PID: 1116 / 联想电脑] C:\WINDOWS\system32\cleanmgr.exe [(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-17 21:00] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-22 17:35 M:2008-12-22 17:34] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-22 17:35 M:2008-12-22 17:34] D:\工具软件\360safe\safemon\safemon.dll [(Verified)360.CN, 5, 0, 0, 1004, C:2008-12-31 02:23 M:2008-12-31 02:23] C:\WINDOWS\system32\PROCHLP.DLL [Lenovo Group Limited, 2, 0, 0, 0, C:2007-07-18 12:43 M:2006-03-23 02:03] C:\WINDOWS\system32\AcSignIcon.dll [(Verified)Autodesk, 16.1.63.0, C:2004-02-25 09:35 M:2004-02-25 09:35] ======================================== 文件关联 ======================================== AutoRun.INF ======================================== Winsock提供者 ======================================== HOSTS 127.0.0.1 localhost [/CODE]