[CODE] 2009-01-30,16:03:42 SysLog Scanner 1.0 - build 20080726 Arswp (http://www.arswp.com) Windows XP Professional Service Pack 2 (build 2600) - Administrators ======================================== 注册项 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2004-08-17 12:00 M:2004-08-17 12:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|NVIDIA Corporation, 6.14.11.6928, C:2008-07-16 15:01 M:2007-12-18 19:55] <"C:\Program Files\Rising\Rav\RsTray.exe" -system> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22, C:2009-01-29 20:10 M:2009-01-29 20:09] <"C:\Program Files\Rising\AntiSpyware\rstray.exe" /startup> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.16, C:2009-01-29 20:18 M:2009-01-29 20:18] <"C:\Program Files\Rising\RFW\RsTray.exe" -system> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22, C:2009-01-30 00:00 M:2009-01-30 00:02] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] [(Verified)Beijing Rising Information Technology Co., Ltd., 19, 0, 0, 3, C:2009-01-29 20:18 M:2009-01-29 20:18] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-01-29 20:18 M:2009-01-29 20:18] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] <1BCB7596> [] <71F8DFFE> [] <92F5BA84> [] [] <32278C48> [] <6AB311B0> [] [] <6523EDE4> [] <0C71D401> [] [] <03630379> [] [] <08B01218> [] <831CF66A> [] <7479EA0C> [] <394D6EBF> [] <6A99D8F9> [] [] <12065401><> [] <3029B202><> [] <4D125883><> [] <21BE1304><> [] <34FD0D74><> [] <> [] <> [] <> [] <> [] <> [] <8A48C53E><> [] <8F88FB99><> [] <91E8DFC3><> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{1BCB7596-72B2-45E4-9C14-7F59BA29C853}> [] <{71F8DFFE-368A-4629-8E72-2A8CF4CD490C}> [] <{92F5BA84-97F1-4528-AB0B-5A9F83DE02C0}> [] <{32278C48-E70D-4C0A-BA87-A8A4EFEE76DB}> [] <{BAE9055B-33C9-44A6-9795-F18FB7F2C4B9}> [] <{6AB311B0-3E7A-47DE-A6C8-AFB1F35FF194}> [] <{FFB511BC-BD59-4300-9EA0-53535F8E16C1}> [] <{6523EDE4-3353-48A2-9A7F-3CC4E30D3345}> [] <{0C71D401-6991-442B-9763-1A07CB6E731E}> [] <{DF2167C8-C8F4-4E07-A9B5-BEE153A40581}> [] <{03630379-EDFC-49A5-AA3F-E63ABD41E8BA}> [] <{F3B664C7-AFB0-4DE7-8E81-5A018D2BC545}> [] <{08B01218-C8D2-45E0-A795-E2571B8C7803}> [] <{831CF66A-A82A-4757-B730-825120DD8C9A}> [] <{7479EA0C-EBEF-41B4-9AA6-BBB6BCA0CBB4}> [] <{394D6EBF-CC14-4FA3-A973-E339FCBCC9D4}> [] <{6A99D8F9-8967-446E-B16F-C2E9D6C13494}> [] <{C34E7E84-A239-45CE-B471-6DB714F91811}> [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载] <> [N/A, C:2007-12-10 14:17 M:2007-12-10 14:17] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载全部链接] <> [N/A, C:2007-12-10 14:17 M:2007-12-10 14:17] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\导出到 Microsoft Office Excel(&X)] <> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)N/A, C:1980-01-01 00:00 M:2004-08-17 12:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)N/A, C:1980-01-01 00:00 M:2004-08-17 12:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)N/A, C:1980-01-01 00:00 M:2005-01-28 15:25] ======================================== 启动项 ======================================== 计划任务 [SogouImeMgr.job] "C:\PROGRA~1\SOGOUI~1\400~1.208\PinyinRepair.exe" /S > [(Verified)Sogou.com Inc., 4.0.0.2088, C:2009-01-21 18:21 M:2009-01-21 18:21] ======================================== 组件 ShellServiceObjectDelayLoad [] {1BCB7596-72B2-45E4-9C14-7F59BA29C853} [] [] {71F8DFFE-368A-4629-8E72-2A8CF4CD490C} [] [] {92F5BA84-97F1-4528-AB0B-5A9F83DE02C0} [] [] {BAE9055B-33C9-44A6-9795-F18FB7F2C4B9} [] [] {32278C48-E70D-4C0A-BA87-A8A4EFEE76DB} [] [] {6AB311B0-3E7A-47DE-A6C8-AFB1F35FF194} [] [] {FFB511BC-BD59-4300-9EA0-53535F8E16C1} [] [] {6523EDE4-3353-48A2-9A7F-3CC4E30D3345} [] [] {0C71D401-6991-442B-9763-1A07CB6E731E} [] [] {DF2167C8-C8F4-4E07-A9B5-BEE153A40581} [] [] {03630379-EDFC-49A5-AA3F-E63ABD41E8BA} [] [] {F3B664C7-AFB0-4DE7-8E81-5A018D2BC545} [] [] {08B01218-C8D2-45E0-A795-E2571B8C7803} [] [] {831CF66A-A82A-4757-B730-825120DD8C9A} [] [] {7479EA0C-EBEF-41B4-9AA6-BBB6BCA0CBB4} [] [] {394D6EBF-CC14-4FA3-A973-E339FCBCC9D4} [] [] {6A99D8F9-8967-446E-B16F-C2E9D6C13494} [] [] {C34E7E84-A239-45CE-B471-6DB714F91811} [] ShellExecuteHook [] {1BCB7596-72B2-45E4-9C14-7F59BA29C853} [] [] {71F8DFFE-368A-4629-8E72-2A8CF4CD490C} [] [] {92F5BA84-97F1-4528-AB0B-5A9F83DE02C0} [] [] {32278C48-E70D-4C0A-BA87-A8A4EFEE76DB} [] [] {BAE9055B-33C9-44A6-9795-F18FB7F2C4B9} [] [] {6AB311B0-3E7A-47DE-A6C8-AFB1F35FF194} [] [] {FFB511BC-BD59-4300-9EA0-53535F8E16C1} [] [] {6523EDE4-3353-48A2-9A7F-3CC4E30D3345} [] [] {0C71D401-6991-442B-9763-1A07CB6E731E} [] [] {DF2167C8-C8F4-4E07-A9B5-BEE153A40581} [] [] {03630379-EDFC-49A5-AA3F-E63ABD41E8BA} [] [] {F3B664C7-AFB0-4DE7-8E81-5A018D2BC545} [] [] {08B01218-C8D2-45E0-A795-E2571B8C7803} [] [] {831CF66A-A82A-4757-B730-825120DD8C9A} [] [] {7479EA0C-EBEF-41B4-9AA6-BBB6BCA0CBB4} [] [] {394D6EBF-CC14-4FA3-A973-E339FCBCC9D4} [] [] {6A99D8F9-8967-446E-B16F-C2E9D6C13494} [] [] {C34E7E84-A239-45CE-B471-6DB714F91811} [] Shell Extension [Display Panning CPL Extension] {42071714-76d4-11d1-8b24-00a0c9068ff3} [] [HyperTerminal Icon Ext] {88895560-9AA2-1069-930E-00AA0030EBC8} [(Verified)Hilgraeve, Inc., 5.1.2600.0, C:2006-11-07 01:29 M:2004-08-17 20:00] [WinRAR shell extension] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2008-02-02 02:17 M:2007-09-21 16:56] [NvCpl DesktopContext Class] {A70C977A-BF00-412C-90B7-034C51DA2439} [NVIDIA Corporation, 6.14.11.6928, C:2008-07-16 15:01 M:2007-12-18 19:55] [Play on my TV helper] {FFB699E0-306A-11d3-8BD1-00104B6F7516} [NVIDIA Corporation, 6.14.11.6928, C:2008-07-16 15:01 M:2007-12-18 19:55] [Desktop Explorer] {1CDB2949-8F65-4355-8456-263E7C208A5D} [N/A, C:2008-07-16 15:02 M:2007-12-18 19:55] [Desktop Explorer Menu] {1E9B04FB-F9E5-4718-997B-B8DA88302A47} [N/A, C:2008-07-16 15:02 M:2007-12-18 19:55] [nView Desktop Context Menu] {1E9B04FB-F9E5-4718-997B-B8DA88302A48} [N/A, C:2008-07-16 15:02 M:2007-12-18 19:55] [RISING] {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-01-29 20:10 M:2009-01-29 20:09] BrowserHelperObject [ThunderAtOnce Class] {01443AEC-0FD1-40fd-9C87-E93D1494C233} [(Verified)Thunder Networking Technologies,LTD, 1.0.5.16, C:2008-07-16 15:06 M:2007-12-10 14:17] [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 55, C:2008-07-16 15:06 M:2007-12-17 20:44] [卡卡上网安全助手] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2009-01-29 20:18 M:2009-01-29 20:18] ActiveX Extension [ThunderAtOnce Class] {01443AEC-0FD1-40FD-9C87-E93D1494C233} [(Verified)Thunder Networking Technologies,LTD, 1.0.5.16, C:2008-07-16 15:06 M:2007-12-10 14:17] [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 55, C:2008-07-16 15:06 M:2007-12-17 20:44] [卡卡上网安全助手] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2009-01-29 20:18 M:2009-01-29 20:18] [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [(Verified)Adobe Systems, Inc., 9,0,115,0, C:2007-11-21 08:04 M:2007-11-21 08:04] Context Menu [RisingRavExt] {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-01-29 20:10 M:2009-01-29 20:09] [WinRAR] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2008-02-02 02:17 M:2007-09-21 16:56] ======================================== 服务 [NVIDIA Display Driver Service / NVSvc][Running/Auto Start] <%SystemRoot%\system32\nvsvc32.exe> [NVIDIA Corporation, 6.14.11.6928, C:2008-07-16 15:01 M:2007-12-18 19:55] [Contrl Center of Storm Media / ccosm][Stopped/Disabled] [(Verified)北京暴风网际科技有限公司, 3, 8, 3, 15, C:2008-03-11 14:33 M:2008-03-11 14:33] [Rav Process Communication Center / RavCCenter][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-01-29 20:10 M:2009-01-29 20:09] [Rising RavTask Manager / RavTask][Running/Auto Start] <"C:\Program Files\Rising\Rav\RavTask.exe" RavTask> [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23, C:2009-01-29 20:10 M:2009-01-29 20:21] [Rfw Process Communication Center / RfwCCenter][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-01-30 00:00 M:2009-01-29 23:59] [Rising Personal Firewall Service / RfwService][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-01-30 00:00 M:2009-01-29 23:59] [Rising RfwTask Manager / RfwTask][Running/Auto Start] <"C:\Program Files\Rising\RFW\RavTask.exe" RfwTask> [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23, C:2009-01-30 00:00 M:2009-01-30 00:02] [Rising RealTime Monitor / RsRavMon][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-01-29 20:10 M:2009-01-29 20:09] [Rising Scan Service / RsScanSrv][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2009-01-29 20:10 M:2009-01-29 20:09] ======================================== 驱动 [aaatimeo / aaatimeo][Running/Boot Start] [Microsoft Corporation, 5.00.1877.1, C:1980-01-01 00:00 M:2006-02-26 23:21] [AFAMgt / AFAMgt][Running/Boot Start] [Adaptec, Inc., 4.1.0.7427, C:1980-01-01 00:00 M:2006-03-28 22:43] [ahcix86 / ahcix86][Running/Boot Start] [ATI Technologies Inc., 2.5.1540.39 built by: WinDDK, C:1980-01-01 00:00 M:2007-03-07 18:47] [AliIde / AliIde][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\aliide.sys> [ALi Corporation, v1.51, C:1980-01-01 00:00 M:2006-02-26 23:21] [amdbusdr / amdbusdr][Running/Boot Start] [AMD, 8.2.8, C:1980-01-01 00:00 M:2006-02-26 23:21] [AMD EIDE 驱动程衼E / amdeide][Running/Boot Start] [AMD, 8.2.8, C:1980-01-01 00:00 M:2006-02-26 23:21] [AMD K8 Processor Driver / AmdK8][Stopped/Manual Start] [Advanced Micro Devices, 1.3.2 (dnsrv(wmbla).060701-2226), C:1980-01-01 00:00 M:2006-07-01 22:43] [SiI-3112 SATALink Controller / ASH1205][Running/Boot Start] [Silicon Image, Inc., 1, 0, 0, 41, C:1980-01-01 00:00 M:2006-02-26 23:21] [ata1200a / ata1200a][Running/Boot Start] [Adaptec, Inc., v1.3, C:1980-01-01 00:00 M:2006-02-26 23:21] [atiide / atiide][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\atiide.sys> [ATI Technologies Inc., 1.00.0000.3 built by: WinDDK, C:1980-01-01 00:00 M:2006-02-26 23:21] [Promise driver accelerator / bb-run][Running/Boot Start] [Promise Technology, Inc., 1.0.1.2 built by: WinDDK, C:1980-01-01 00:00 M:2003-11-05 15:45] [DELL CERC SATA 1.5/6ch RAID Miniport Driver / cercsr6][Running/Boot Start] [Adaptec, Inc., 4.1.0.7010, C:1980-01-01 00:00 M:2006-03-28 22:43] [Cpq32fs2 / Cpq32fs2][Running/Boot Start] [Hewlett-Packard Company, 5.24.00.0, C:1980-01-01 00:00 M:2002-11-18 23:47] [Promise Removable Disk Control Driver / dontgo][Running/Boot Start] [Promise Technology, Inc., 1.0.0.3 built by: WinDDK, C:1980-01-01 00:00 M:2006-02-26 23:21] [fttxr52P / fttxr52P][Running/Boot Start] [Promise Technology, Inc., 2.6.0.311 built by: WinDDK, C:1980-01-01 00:00 M:2005-11-09 01:07] [HpCISSm2 / HpCISSm2][Running/Boot Start] [Hewlett-Packard Company, 5.8.0.32 Build 1 (x86), C:1980-01-01 00:00 M:2006-06-16 18:17] [hptmv6 / hptmv6][Stopped/Boot Start] [HighPoint Technologies, Inc., v1.04, C:1980-01-01 00:00 M:2006-02-26 23:21] [Intel RAID Controller / iaStor55][Running/Boot Start] [Intel Corporation, 5.5.0.1035, C:1980-01-01 00:00 M:2005-10-12 18:07] [jqbemrnvyycb / jqbemrnvyycb][/Boot Start] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\uyysbawadeaf> [] [mv61xx / mv61xx][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\mv61xx.sys> [Marvell Semiconductor, Inc., 1.2.0.24 built by: WinDDK, C:1980-01-01 00:00 M:2007-02-09 20:24] [mvSata / mvSata][Running/Boot Start] [Marvell Semiconductors Inc., 3, 4, 1, 2, C:1980-01-01 00:00 M:2004-09-24 06:34] [nv / nv][Running/Manual Start] [NVIDIA Corporation, 6.14.11.6928, C:1980-01-01 00:00 M:2007-12-18 19:55] [nvgts / nvgts][Running/Boot Start] [NVIDIA Corporation, 10.1.0.20 built by: WinDDK, C:1980-01-01 00:00 M:2007-09-11 23:18] [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start] [NVIDIA Corporation, 10.1.0.20 built by: WinDDK, C:1980-01-01 00:00 M:2007-09-11 15:18] [ql2100 / ql2100][Running/Boot Start] [QLogic Corporation, 7.05.05 (W2K), C:1980-01-01 00:00 M:2006-02-26 23:21] [ql2200 / ql2200][Running/Boot Start] [QLogic Corporation, 8.1.5.12 (W2K IP), C:1980-01-01 00:00 M:2006-02-26 23:21] [rr172x / rr172x][Stopped/Boot Start] [HighPoint Technologies, Inc., v1.0, C:1980-01-01 00:00 M:2007-06-12 18:06] [rr174x / rr174x][Stopped/Boot Start] [HighPoint Technologies, Inc., v1.02, C:1980-01-01 00:00 M:2007-02-01 21:14] [rr2340 / rr2340][Stopped/Boot Start] [HighPoint Technologies, Inc., v1.4, C:1980-01-01 00:00 M:2007-07-02 23:14] [SATALink External Device Filter / SiRemFil][Running/Boot Start] [Silicon Image, Inc., 1, 1, 6, 0, C:1980-01-01 00:00 M:2006-10-18 20:20] [sisraidx / sisraidx][Running/Boot Start] [Silicon Integrated Systems Corp., 2.11.01 built by: WinDDK, C:1980-01-01 00:00 M:2007-01-12 21:36] [ViBus / ViBus][Running/Boot Start] [VIA Technologies, Inc., 6.0.6000.212, C:1980-01-01 00:00 M:2007-03-26 21:26] [videX32 / videX32][Running/Boot Start] [VIA Technologies, Inc., 6.0.3790.160, C:1980-01-01 00:00 M:2006-10-18 03:22] [VIA SATA IDE Device Driver / ViPrt][Running/Boot Start] [VIA Technologies, Inc., 6.0.6000.212, C:1980-01-01 00:00 M:2007-03-26 21:26] [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start] [VIA Technologies,Inc, 6.0.5728.160, C:1980-01-01 00:00 M:2006-10-19 00:39] [yxmsrjlmqrep / yxmsrjlmqrep][Stopped/Manual Start] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ctppfawjbzqo> [] [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start] [(Verified)Intel Corporation, 5.10.3523 built by: WinDDK, C:1980-01-01 00:00 M:2001-08-17 12:20] [AMD AGP Bus Filter Driver / amdagp][Running/Boot Start] [(Verified)Advanced Micro Devices, Inc., 5.00 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-03 23:07] [CmdIde / CmdIde][Running/Boot Start] [(Verified)CMD Technology, Inc., 2.0.7 (XPClient.010817-1148), C:1980-01-01 00:00 M:2001-08-31 15:29] [VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start] [(Verified)VIA Technologies, Inc. , 2.66, C:1980-01-01 00:00 M:2001-08-17 12:13] [Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start] [(Verified)Windows (R) Server 2003 DDK provider, 5.10.01.5013 built by: WinDDK, C:1980-01-01 00:00 M:2005-01-07 17:07] [hookcont / hookcont][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 6, C:2009-01-29 20:10 M:2009-01-29 20:09] [hooksys / hooksys][Stopped/Disabled] [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 47, C:2009-01-29 20:10 M:2009-01-29 20:09] [Intel RAID Controller / iaStor70][Running/Boot Start] [(Verified)Intel Corporation, 7.0.0.1020, C:1980-01-01 00:00 M:2007-02-12 19:36] [Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start] [(Verified)Realtek Semiconductor Corp., 5.10.0.5559 built by: WinDDK, C:2008-07-16 15:01 M:2008-01-30 11:28] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:1980-01-01 00:00 M:2004-08-17 12:00] [Rising RfwBase Driver / RfwBase9][Running/Manual Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.2, C:2009-01-30 00:00 M:2009-01-29 23:59] [rfwtdi / rfwtdi][Running/Auto Start] <\??\C:\Program Files\Rising\RFW\rfwtdi.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.2, C:2009-01-30 00:00 M:2009-01-29 23:59] [rsfwdrv / rsfwdrv][Running/System Start] <\??\C:\Program Files\Rising\RFW\rsfwdrv.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.44, C:2009-01-30 00:00 M:2009-01-30 00:02] [RsNTGDI / RsNTGDI][Running/Boot Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-01-29 20:10 M:2009-01-29 20:09] [Realtek 10/100/1000 PCI NIC Family NDIS XP Driver / RTL8023xp][Running/Manual Start] [(Verified)Realtek Semiconductor Corporation , 5,663,1212,2006 built by: WinDDK, C:1980-01-01 00:00 M:2006-12-14 16:44] [Secdrv / Secdrv][Stopped/Manual Start] [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:1980-01-01 00:00 M:2007-11-13 18:25] [SIS AGP Bus Filter / sisagp][Running/Boot Start] [(Verified)Silicon Integrated Systems Corporation, 5.12.01.2010 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-03 23:07] [TesDrvPt / TesDrvPt][Stopped/Manual Start] <\??\C:\WINDOWS\system32\TesDrvPt.sys> [(Verified)TENCENT, 1.0.4 built by: WinDDK, C:2009-01-30 00:08 M:2009-01-30 00:08] [TesSafe / TesSafe][Stopped/Manual Start] <\??\C:\WINDOWS\system32\TesSafe.sys> [(Verified)TENCENT, 0, 0, 9, 2, C:2009-01-30 00:08 M:2009-01-30 00:11] ======================================== 进程 [PID: 728 / SYSTEM] \SystemRoot\System32\smss.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] [PID: 796 / SYSTEM] \??\C:\WINDOWS\system32\csrss.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] [PID: 820 / SYSTEM] \??\C:\WINDOWS\system32\winlogon.exe [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2006-09-24 16:42] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\WINDOWS\system32\SOGOUPY.IME [(Verified)Sogou.com Inc., 4.0.0.2088, C:2009-01-21 18:22 M:2009-01-21 18:22] [PID: 864 / SYSTEM] C:\WINDOWS\system32\services.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 876 / SYSTEM] C:\WINDOWS\system32\lsass.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 1048 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 1096 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 1208 / SYSTEM] C:\Program Files\Rising\Rav\CCENTER.EXE [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\cnt09.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 37, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\cnt08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 1224 / SYSTEM] C:\Program Files\Rising\RFW\CCENTER.EXE [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\Program Files\Rising\RFW\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\Program Files\Rising\RFW\cnt09.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 37, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 1232 / SYSTEM] C:\WINDOWS\System32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\System32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 1324 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 1420 / LOCAL SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 1456 / SYSTEM] C:\Program Files\Rising\RFW\rfwsrv.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\Program Files\Rising\RFW\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:1980-01-01 00:00 M:2005-07-27 22:56] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:1980-01-01 00:00 M:2005-07-27 22:56] C:\Program Files\Rising\RFW\MonBase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\Program Files\Rising\RFW\MonComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\Program Files\Rising\RFW\rfwlog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\Program Files\Rising\RFW\rfwrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\Program Files\Rising\RFW\rfwsrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.75, C:2009-01-30 00:00 M:2009-01-30 00:02] C:\Program Files\Rising\RFW\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\Program Files\Rising\RFW\mPorts.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.0, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\Program Files\Rising\RFW\rfwdrvc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.3, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\Program Files\Rising\RFW\Rfwdrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.5, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\Program Files\Rising\RFW\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\Program Files\Rising\RFW\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\Program Files\Rising\RFW\urlrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1.0.0.18, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\Program Files\Rising\RFW\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\Program Files\Rising\RFW\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\Program Files\Rising\RFW\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\Program Files\Rising\RFW\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\Program Files\Rising\RFW\rfwproxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25, C:2009-01-30 00:00 M:2009-01-30 00:02] C:\Program Files\Rising\RFW\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\Program Files\Rising\RFW\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2009-01-30 00:00 M:2009-01-30 00:02] C:\Program Files\Rising\RFW\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\WINDOWS\system32\SOGOUPY.IME [(Verified)Sogou.com Inc., 4.0.0.2088, C:2009-01-21 18:22 M:2009-01-21 18:22] [PID: 1700 / SYSTEM] C:\WINDOWS\system32\spoolsv.exe [(Verified)Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519), C:2004-08-17 12:00 M:2005-06-11 07:53] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 1760 / SYSTEM] C:\Program Files\Rising\Rav\rsnetsvr.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.9, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:1980-01-01 00:00 M:2005-07-27 22:56] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:1980-01-01 00:00 M:2005-07-27 22:56] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\WINDOWS\system32\SOGOUPY.IME [(Verified)Sogou.com Inc., 4.0.0.2088, C:2009-01-21 18:22 M:2009-01-21 18:22] [PID: 1952 / Administrator] C:\WINDOWS\Explorer.EXE [(Verified)Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234), C:2004-08-17 12:00 M:2007-06-13 21:21] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\WINDOWS\system32\SOGOUPY.IME [(Verified)Sogou.com Inc., 4.0.0.2088, C:2009-01-21 18:22 M:2009-01-21 18:22] C:\WINDOWS\system32\browselc.dll [Microsoft Corporation, 6.00.2600.0000, C:1980-01-01 00:00 M:2001-09-29 14:39] C:\Program Files\WinRAR\rarext.dll [N/A, C:2008-02-02 02:17 M:2007-09-21 16:56] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-01-29 20:10 M:2009-01-29 20:09] [PID: 1840 / SYSTEM] C:\WINDOWS\system32\nvsvc32.exe [NVIDIA Corporation, 6.14.11.6928, C:2008-07-16 15:01 M:2007-12-18 19:55] C:\WINDOWS\system32\nvapi.dll [NVIDIA Corporation, 6.14.11.6928, C:2008-07-16 15:01 M:2007-12-18 19:55] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\WINDOWS\system32\SOGOUPY.IME [(Verified)Sogou.com Inc., 4.0.0.2088, C:2009-01-21 18:22 M:2009-01-21 18:22] [PID: 1904 / SYSTEM] C:\Program Files\Rising\Rav\RavTask.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23, C:2009-01-29 20:10 M:2009-01-29 20:21] C:\Program Files\Rising\Rav\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2009-01-29 20:10 M:2009-01-29 20:21] C:\Program Files\Rising\Rav\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:1980-01-01 00:00 M:2005-07-27 22:56] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:1980-01-01 00:00 M:2005-07-27 22:56] C:\Program Files\Rising\Rav\rsstub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\Program Files\Rising\Rav\rstask.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 36, C:2009-01-29 20:10 M:2009-01-29 20:21] [PID: 1920 / SYSTEM] C:\Program Files\Rising\RFW\RavTask.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23, C:2009-01-30 00:00 M:2009-01-30 00:02] C:\Program Files\Rising\RFW\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\Program Files\Rising\RFW\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\Program Files\Rising\RFW\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2009-01-30 00:00 M:2009-01-30 00:02] C:\Program Files\Rising\RFW\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:1980-01-01 00:00 M:2005-07-27 22:56] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:1980-01-01 00:00 M:2005-07-27 22:56] C:\Program Files\Rising\RFW\rsstub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\Program Files\Rising\RFW\rstask.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 36, C:2009-01-30 00:00 M:2009-01-30 00:02] [PID: 168 / SYSTEM] C:\Program Files\Rising\Rav\ScanFrm.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:1980-01-01 00:00 M:2005-07-27 22:56] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:1980-01-01 00:00 M:2005-07-27 22:56] C:\Program Files\Rising\Rav\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\moncomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\scansrvp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\ScanSrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.9, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\WINDOWS\system32\SOGOUPY.IME [(Verified)Sogou.com Inc., 4.0.0.2088, C:2009-01-21 18:22 M:2009-01-21 18:22] C:\Program Files\Rising\Rav\ScanRavT.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.23, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\ScanBT.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.38, C:2009-01-29 20:10 M:2009-01-29 20:21] C:\Program Files\Rising\Rav\ScanStub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.8, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\RsLog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.32, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\ScanAdd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.14, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2009-01-29 20:10 M:2009-01-29 20:21] C:\Program Files\Rising\Rav\Scanner.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.33, C:2009-01-29 20:10 M:2009-01-29 20:21] C:\Program Files\Rising\Rav\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\mvengine.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\posttrt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\ffr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\nvfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\scanexec.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\unexe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\scanex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 17, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\pearc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\scanpe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\ur000.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\revm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\extfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-01-29 20:10 M:2009-01-29 20:09] [PID: 156 / LOCAL SERVICE] C:\WINDOWS\system32\wdfmgr.exe [(Verified)Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act), C:2005-01-28 13:44 M:2005-01-28 13:44] [PID: 1316 / LOCAL SERVICE] C:\WINDOWS\System32\alg.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\System32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 2724 / Administrator] C:\Program Files\Rising\Rav\RsTray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\WINDOWS\system32\SOGOUPY.IME [(Verified)Sogou.com Inc., 4.0.0.2088, C:2009-01-21 18:22 M:2009-01-21 18:22] C:\Program Files\Rising\Rav\ComServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.49, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:1980-01-01 00:00 M:2005-07-27 22:56] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:1980-01-01 00:00 M:2005-07-27 22:56] C:\Program Files\Rising\Rav\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 27, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\rsxml.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\MonState.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\ScanEvnt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.12, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 70, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2009-01-29 20:10 M:2009-01-29 20:21] C:\Program Files\Rising\Rav\rspalvd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.21, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\ravbintl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 25, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\mruleui.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\MonTray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.90, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\RavITray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 19, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\Rav\ScanPrxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.14, C:2009-01-29 20:10 M:2009-01-29 20:21] C:\Program Files\Rising\Rav\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-01-29 20:10 M:2009-01-29 20:09] [PID: 2732 / Administrator] C:\Program Files\Rising\AntiSpyware\rstray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.16, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\WINDOWS\system32\SOGOUPY.IME [(Verified)Sogou.com Inc., 4.0.0.2088, C:2009-01-21 18:22 M:2009-01-21 18:22] C:\Program Files\Rising\AntiSpyware\RsXML.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\ComServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.31, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\rscommon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.1.1, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\pngdll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\runiep.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.42, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.11, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\AntiSpyware\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2009-01-29 20:18 M:2009-01-29 20:18] [PID: 2752 / Administrator] C:\Program Files\Rising\RFW\RsTray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22, C:2009-01-30 00:00 M:2009-01-30 00:02] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\WINDOWS\system32\SOGOUPY.IME [(Verified)Sogou.com Inc., 4.0.0.2088, C:2009-01-21 18:22 M:2009-01-21 18:22] C:\Program Files\Rising\RFW\ComServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.49, C:2009-01-30 00:00 M:2009-01-30 00:02] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:1980-01-01 00:00 M:2005-07-27 22:56] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:1980-01-01 00:00 M:2005-07-27 22:56] C:\Program Files\Rising\RFW\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 27, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\Program Files\Rising\RFW\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\Program Files\Rising\RFW\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\Program Files\Rising\RFW\rsxml.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\Program Files\Rising\RFW\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\Program Files\Rising\RFW\MonState.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\Program Files\Rising\RFW\rfwrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\Program Files\Rising\RFW\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\Program Files\Rising\RFW\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\Program Files\Rising\RFW\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2009-01-30 00:00 M:2009-01-30 00:02] C:\Program Files\Rising\RFW\rspalvd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.21, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\Program Files\Rising\RFW\rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 70, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\RFW\ravbintl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 25, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\Program Files\Rising\RFW\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\Program Files\Rising\RFW\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-01-30 00:00 M:2009-01-30 00:02] C:\Program Files\Rising\RFW\rfwtray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 1, 5, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\Program Files\Rising\RFW\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-01-30 00:00 M:2009-01-29 23:59] C:\Program Files\Rising\RFW\rfwlog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2009-01-30 00:00 M:2009-01-29 23:59] [PID: 2772 / Administrator] C:\WINDOWS\system32\CTFMON.EXE [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 3084 / SYSTEM] C:\WINDOWS\system32\wuauclt.exe [(Verified)Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740), C:2006-11-07 01:31 M:2007-07-30 19:19] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 2120 / Administrator] C:\Program Files\Rising\AntiSpyware\ras.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.7, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\Program Files\Rising\AntiSpyware\KakaMgr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.28, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\AntiSpyware\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\dbmgr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.4, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\RSXML.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\pweb.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.21, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\pscan.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.60, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.11, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\pset.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.12, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\pdefend.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.14, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\ptools.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.16, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\psysinfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.57, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\WINDOWS\system32\SOGOUPY.IME [(Verified)Sogou.com Inc., 4.0.0.2088, C:2009-01-21 18:22 M:2009-01-21 18:22] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2008-02-21 19:48] C:\Program Files\Rising\AntiSpyware\engine.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 19, 0, 0, 26, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\zip.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 0, C:2009-01-29 20:18 M:2009-01-29 20:18] [PID: 2208 / Administrator] C:\Program Files\Rising\AntiSpyware\knownsvr.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.14, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.11, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 3852 / Administrator] C:\Program Files\Rising\AntiSpyware\Ras.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.7, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\Program Files\Rising\AntiSpyware\KakaMgr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.28, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2009-01-29 20:10 M:2009-01-29 20:09] C:\Program Files\Rising\AntiSpyware\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\RSXML.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\pwiz.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.15, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\WINDOWS\system32\SOGOUPY.IME [(Verified)Sogou.com Inc., 4.0.0.2088, C:2009-01-21 18:22 M:2009-01-21 18:22] C:\Program Files\Rising\AntiSpyware\engine.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 19, 0, 0, 26, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\zip.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 0, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\psysinfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.57, C:2009-01-29 20:18 M:2009-01-29 20:18] [PID: 3272 / Administrator] C:\Program Files\arswp\ArSwp.exe [(Verified)ArSwp.com, 2, 8, 2, 1115, C:2009-01-30 10:50 M:2008-11-15 11:58] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-01-29 20:18 M:2009-01-29 20:18] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\WINDOWS\system32\SOGOUPY.IME [(Verified)Sogou.com Inc., 4.0.0.2088, C:2009-01-21 18:22 M:2009-01-21 18:22] C:\Program Files\arswp\plugin\ArFix.dll [(Verified)ArSwp.Com, 2, 5, 0, 0, C:2009-01-30 10:50 M:2007-11-28 15:19] ======================================== 文件关联 ======================================== AutoRun.INF ======================================== Winsock提供者 ======================================== HOSTS 127.0.0.1 v.onondown.com.cn 127.0.0.2 ymsdasdw1.cn 127.0.0.3 h96b.info 127.0.0.0 fuck.zttwp.cn 127.0.0.0 www.hackerbf.cn 127.0.0.0 ww.popdm.cn 127.1.1.1 bbt.etimes888.com 127.1.1.1 219.147.13.53 127.1.1.1 20068080.cn 127.1.1.1 l.neter888.cn 127.1.1.1 stat.untang.com 127.1.1.1 www.ikdy.cn 127.0.0.0 geekbyfeng.cn 127.0.0.0 121.14.101.68 127.0.0.0 ppp.etimes888.com 127.0.0.0 www.bypk.com 127.0.0.0 CSC3-2004-crl.verisign.com 127.0.0.1 va9sdhun23.cn 127.0.0.0 udp.hjob123.com 127.1.1.1 999.hfdy2828.com 127.1.1.1 www.hfdy2929.com 127.1.1.1 www.xiazaide1.cn 127.1.1.1 www.vuf51579.cn 127.1.1.1 wm.eo2q.cn 127.1.1.1 d.www-263.com 127.1.1.1 www.ssy1688.cn 127.1.1.1 121.12.173.218 127.1.1.1 qq.18i16.net 127.1.1.1 a.baidu-6661.com 127.1.1.1 www.vuf51579.cn 127.1.1.1 www.1079223105.cn 127.1.1.1 home.xzx6.cn 127.1.1.1 top.fgc3.cn 127.1.1.1 165.246.44.228 127.1.1.1 wwww.ttfafa.com 127.1.1.1 pa.tt-09.com 127.0.0.2 bnasnd83nd.cn 127.0.0.0 www.gamehacker.com.cn 127.0.0.0 gamehacker.com.cn 127.1.1.1 www.cctv-100008.cn 127.1.1.1 222.73.208.141 127.0.0.3 adlaji.cn 127.1.1.1 aiyyw.com 127.0.0.1 858656.com 127.1.1.1 bnasnd83nd.cn 127.0.0.1 my123.com 127.0.0.0 user1.12-27.net 127.0.0.1 8749.com 127.0.0.0 fengent.cn 127.0.0.1 4199.com 127.0.0.1 user1.16-22.net 127.0.0.1 7379.com 127.0.0.1 2be37c5f.3f6e2cc5f0b.com 127.0.0.1 7255.com 127.0.0.1 user1.23-12.net 127.0.0.1 3448.com 127.0.0.1 www.guccia.net 127.0.0.1 7939.com 127.0.0.1 a.o1o1o1.nEt 127.0.0.1 8009.com 127.0.0.1 user1.12-73.cn 127.0.0.1 piaoxue.com 127.0.0.1 3n8nlasd.cn 127.0.0.1 kzdh.com 127.0.0.0 www.sony888.cn 127.0.0.1 about.blank.la 127.0.0.0 user1.asp-33.cn 127.0.0.1 6781.com 127.0.0.0 www.netkwek.cn 127.0.0.1 7322.com 127.0.0.0 ymsdkad6.cn 127.0.0.1 localhost 127.0.0.0 www.lkwueir.cn 127.0.0.1 06.jacai.com 127.0.1.1 user1.23-17.net 127.0.0.1 1.jopenkk.com 127.0.0.0 upa.luzhiai.net 127.0.0.1 1.jopenqc.com 127.0.0.0 www.guccia.net 127.0.0.1 1.joppnqq.com 127.0.0.0 4m9mnlmi.cn 127.0.0.1 1.xqhgm.com 127.0.0.0 mm119mkssd.cn 127.0.0.1 100.332233.com 127.0.0.0 61.128.171.115:8080 127.0.0.1 121.11.90.79 127.0.0.0 www.1119111.com 127.0.0.1 121565.net 127.0.0.0 win.nihao69.cn 127.0.0.1 125.90.88.38 127.0.0.1 16888.6to23.com 127.0.0.1 2.joppnqq.com 127.0.0.0 puc.lianxiac.net 127.0.0.1 204.177.92.68 127.0.0.0 pud.lianxiac.net 127.0.0.1 210.74.145.236 127.0.0.0 210.76.0.133 127.0.0.1 219.129.239.220 127.0.0.0 61.166.32.2 127.0.0.1 219.153.40.221 127.0.0.0 218.92.186.27 127.0.0.1 219.153.46.27 127.0.0.0 www.fsfsfag.cn 127.0.0.1 219.153.52.123 127.0.0.0 ovo.ovovov.cn 127.0.0.1 221.195.42.71 127.0.0.0 dw.com.com 127.0.0.1 222.73.218.115 127.0.0.1 203.110.168.233:80 127.0.0.1 3.joppnqq.com 127.0.0.1 203.110.168.221:80 127.0.0.1 363xx.com 127.0.0.1 www1.ip10086.com.cm 127.0.0.1 4199.com 127.0.0.1 blog.ip10086.com.cn 127.0.0.1 43242.com 127.0.0.1 www.ccji68.cn 127.0.0.1 5.xqhgm.com 127.0.0.0 t.myblank.cn 127.0.0.1 520.mm5208.com 127.0.0.0 x.myblank.cn 127.0.0.1 59.34.131.54 127.0.0.1 210.51.45.5 127.0.0.1 59.34.198.228 127.0.0.1 www.ew1q.cn 127.0.0.1 59.34.198.88 127.0.0.1 59.34.198.97 127.0.0.1 60.190.114.101 127.0.0.1 60.190.218.34 127.0.0.0 qq-xing.com.cn 127.0.0.1 60.191.124.252 127.0.0.1 61.145.117.212 127.0.0.1 61.157.109.222 127.0.0.1 75.126.3.216 127.0.0.1 220.250.64.21 127.0.0.1 75.126.3.217 127.0.0.1 75.126.3.218 127.0.0.0 59.125.231.177:17777 127.0.0.1 75.126.3.220 127.0.0.1 75.126.3.221 127.0.0.1 75.126.3.222 127.0.0.1 772630.com 127.0.0.1 832823.cn 127.0.0.1 8749.com 127.0.0.1 888.jopenqc.com 127.0.0.1 89382.cn 127.0.0.1 8v8.biz 127.0.0.1 97725.com 127.0.0.1 9gg.biz 127.0.0.1 www.9000music.com 127.0.0.1 test.591jx.com 127.0.0.1 a.topxxxx.cn 127.0.0.1 picon.chinaren.com 127.0.0.1 www.5566.net 127.0.0.1 p.qqkx.com 127.0.0.1 news.netandtv.com 127.0.0.1 z.neter888.cn 127.0.0.1 b.myblank.cn 127.0.0.1 wvw.wokutu.com 127.0.0.1 unionch.qyule.com 127.0.0.1 www.qyule.com 127.0.0.1 it.itjc.cn 127.0.0.1 www.linkwww.com 127.0.0.1 vod.kaicn.com 127.0.0.1 www.tx8688.com 127.0.0.1 b.neter888.cn 127.0.0.1 promote.huanqiu.com 127.0.0.1 www.huanqiu.com 127.0.0.1 www.haokanla.com 127.0.0.1 play.unionsky.cn 127.0.0.1 www.52v.com 127.0.0.1 www.gghka.cn 127.0.0.1 icon.ajiang.net 127.0.0.1 new.ete.cn 127.0.0.1 www.stiae.cn 127.0.0.1 o.neter888.cn 127.0.0.1 comm.jinti.com 127.0.0.1 www.google-analytics.com 127.0.0.1 hz.mmstat.com 127.0.0.1 www.game175.cn 127.0.0.1 x.neter888.cn 127.0.0.1 z.neter888.cn 127.0.0.1 p.etimes888.com 127.0.0.1 hx.etimes888.com 127.0.0.1 abc.qqkx.com 127.0.0.1 dm.popdm.cn 127.0.0.1 www.yl9999.com 127.0.0.1 www.dajiadoushe.cn 127.0.0.1 v.onondown.com.cn 127.0.0.1 www.interoo.net 127.0.0.1 bally1.bally-bally.net 127.0.0.1 www.bao5605509.cn 127.0.0.1 www.rty456.cn 127.0.0.1 www.werqwer.cn 127.0.0.1 1.360-1.cn 127.0.0.1 user1.23-16.net 127.0.0.1 www.guccia.net 127.0.0.1 www.interoo.net 127.0.0.1 upa.netsool.net 127.0.0.1 js.users.51.la 127.0.0.1 vip2.51.la 127.0.0.1 web.51.la 127.0.0.1 qq.gong2008.com 127.0.0.1 2008tl.copyip.com 127.0.0.1 tla.laozihuolaile.cn 127.0.0.1 www.tx6868.cn 127.0.0.1 p001.tiloaiai.com 127.0.0.1 s1.tl8tl.com 127.0.0.1 s1.gong2008.com 127.0.0.1 4b3ce56f9g.3f6e2cc5f0b.com 127.0.0.1 2be37c5f.3f6e2cc5f0b.com [/CODE]