[CODE] 2009-02-02,10:47:05 SysLog Scanner 1.0 - build 20080726 Arswp (http://www.arswp.com) Windows XP Professional Service Pack 2 (build 2600) - Administrators ======================================== 注册项 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00|(Verified)NVIDIA Corporation, 6.14.10.6176, C:2008-11-11 12:01 M:2004-07-12 16:50] <"C:\Program Files\Rising\Rav\RsTray.exe" -system> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22, C:2008-12-18 18:52 M:2009-01-08 12:26] <"C:\Program Files\Rising\AntiSpyware\rstray.exe" /startup> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.16, C:2008-12-27 16:03 M:2008-12-27 16:03] [Vimicro, 3, 5, 930, 9, C:2008-11-11 12:01 M:2005-10-17 17:45] [ZSMCSNAP, 3, 6, 818, 7, C:2009-01-15 18:31 M:2006-08-30 10:58] [Vimicro, 4, 2, 1124, 6, C:2009-01-15 18:31 M:2006-06-28 17:54] <"C:\Program Files\Rising\RFW\RsTray.exe" -system> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22, C:2009-01-24 15:13 M:2009-01-24 15:11] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-27 16:03 M:2008-12-27 16:03] [HKEY_CURRENT_USER\Control Panel\Desktop] [Microsoft Corporation, 6.0.5308.17 (winmain_idx01.060217-2200), C:2008-11-11 12:05 M:2006-03-01 04:53] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{32CD708B-60A7-4C00-9377-D73EAA495F0F}> [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-11-11 17:26 M:2008-12-18 18:42] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用UUSee下载] <> [N/A, C:2008-05-14 11:27 M:2008-05-14 11:27] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用UUSee加速播放] <> [N/A, C:2008-05-14 11:27 M:2008-05-14 11:27] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用光影编辑和美化] <> [N/A, C:2009-01-26 10:13 M:2008-12-08 00:27] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载] <> [N/A, C:2008-04-29 20:20 M:2007-12-10 14:17] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载全部链接] <> [N/A, C:2008-04-29 20:20 M:2007-12-10 14:17] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\导出到 Microsoft Office Excel(&X)] <> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00|(Verified)N/A, C:2004-08-17 20:00 M:2004-08-17 20:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00|(Verified)N/A, C:2008-04-21 10:57 M:2005-01-28 15:25] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{998A88A0-A355-809B-831C-B83A80000991}] <很快视频搜索> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{998A88A0-A355-809B-831C-B83A80000992}] <启动UUSee 网络电视> [(Verified)版权所有 (C) 2005-2008 UUSee.com, 4, 0, 0, 100, C:2009-01-07 16:21 M:2009-01-07 16:21] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MenuExt\添加到QQ表情] <> [N/A, C:2009-01-25 17:13 M:2009-01-25 17:13] ======================================== 启动项 [QQ游戏启动加速程序] "C:\Program Files\Tencent\QQGAME\Accel.exe" > [(Verified)深圳市腾讯计算机系统有限公司, 2, 0, 103, 5, C:2009-01-06 15:55 M:2009-01-06 15:55] ======================================== 计划任务 ======================================== 组件 ShellExecuteHook [ShlExecHack Class] {32CD708B-60A7-4C00-9377-D73EAA495F0F} [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-11-11 17:26 M:2008-12-18 18:42] Shell Extension [Display Panning CPL Extension] {42071714-76d4-11d1-8b24-00a0c9068ff3} [] [HyperTerminal Icon Ext] {88895560-9AA2-1069-930E-00AA0030EBC8} [(Verified)Hilgraeve, Inc., 5.1.2600.0, C:2007-12-24 10:39 M:2004-08-17 20:00] [Microsoft Agent Character Property Sheet Handler] {143A62C8-C33B-11D1-84FE-00C04FA34A14} [Microsoft Corporation, 2.00.0.2115, C:1998-09-15 17:21 M:1998-09-15 17:21] [WinRAR shell extension] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2008-04-29 20:15 M:2007-09-23 18:59] [NvCpl DesktopContext Class] {A70C977A-BF00-412C-90B7-034C51DA2439} [(Verified)NVIDIA Corporation, 6.14.10.6176, C:2008-11-11 12:01 M:2004-07-12 16:50] [Play on my TV helper] {FFB699E0-306A-11d3-8BD1-00104B6F7516} [(Verified)NVIDIA Corporation, 6.14.10.6176, C:2008-11-11 12:01 M:2004-07-12 16:50] [RISING] {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-11-11 17:26 M:2008-12-18 18:42] Protocols [Microsoft Infotech Storage Protocol for IE 4.0] {0A9007C0-4076-11D3-8789-0000F8105754} [Microsoft Corporation, 05.02.9336.01, C:2000-04-19 18:47 M:2000-04-19 18:47] BrowserHelperObject [ThunderAtOnce Class] {01443AEC-0FD1-40fd-9C87-E93D1494C233} [(Verified)Thunder Networking Technologies,LTD, 1.0.5.16, C:2008-04-29 20:20 M:2007-12-10 14:17] [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2008-04-29 20:20 M:2008-04-29 14:42] [卡卡上网安全助手] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-12-27 16:03 M:2008-12-27 16:03] ActiveX Extension [ThunderAtOnce Class] {01443AEC-0FD1-40FD-9C87-E93D1494C233} [(Verified)Thunder Networking Technologies,LTD, 1.0.5.16, C:2008-04-29 20:20 M:2007-12-10 14:17] [Web Browser Applet Control] {08B0E5C0-4FCB-11CF-AAA5-00401C608501} [Microsoft Corporation, 5.00.3810, C:2008-04-21 10:57 M:2003-02-28 18:26] [GerneralPeerID Class] {0A47E819-F82E-4D5D-B806-6A9EA94D68CD} [Copyright 2007, 1, 0, 0, 1, C:2008-04-29 20:20 M:2008-01-24 10:22] [Player Class] {11F2A418-94B2-4e16-9B0C-B00C0435F903} [(Verified)Tencent, 7.30.4377.0, C:2008-01-08 16:51 M:2008-01-08 16:51] [InstallHelper Class] {1DABF8D5-8430-4985-9B7F-A30E53D709B3} [(Verified)Copyright (C) 2005 - 2009 TENCENT Inc. All Rights Reserved. 腾讯公司 版权所有 (C) 2005 - 2009, 7.30.4377.0, C:2008-01-08 16:51 M:2008-01-08 16:51] [iTrusPTA Class] {1E0DFFCF-27FF-4574-849B-55007349FEDA} [(Verified)Copyright 2001, 2, 5, 1, 509, C:2008-07-14 09:42 M:2008-07-14 09:42] [Thunder Agent Class] {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} [Thunder Networking Technologies,LTD, 5, 0, 4, 23, C:2008-04-29 20:20 M:2007-12-10 14:17] [XMP Class] {6483F145-A768-4C41-AACC-52D4D7845851} [Copyright XunLei 2007, 1, 0, 3, 37, C:2008-04-29 20:20 M:2008-01-24 10:22] [XDRM] {693571CB-54A3-4E90-9D52-EEAE1334E2D3} [Copyright XunLei 2007, 1, 0, 0, 6, C:2008-04-29 20:20 M:2008-01-24 10:22] [QQLiveFile Class] {6B232760-90F1-41c3-9902-C8552C1D8A72} [(Verified)Tencent, 7.30.4377.0, C:2008-01-08 16:51 M:2008-01-08 16:51] [MediaComm Class] {7670648D-461B-42AF-BDFE-46D26AF5EFF2} [Thunder Networking Technologies,LTD, 3, 1, 3, 72, C:2008-04-29 20:20 M:2008-01-24 10:22] [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2008-04-29 20:20 M:2008-04-29 14:42] [卡卡上网安全助手] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-12-27 16:03 M:2008-12-27 16:03] [UploadFilePartition Class] {A877BA28-1F7E-4876-B299-50B3199A1A5D} [(Verified)Tencent Inc., 1, 0, 1, 29, C:2008-07-15 17:10 M:2008-07-15 17:10] [CCTVUpdateInstall] {AC414988-E5BB-4C2C-873B-EA53D2F3D23A} [Copyright 2008, 1, 0, 0, 7, C:2008-12-11 18:12 M:2008-08-21 20:19] [Thunder DapCtrl] {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} [ShenZhen Thunder Networking Technologies Ltd., 1.4.19.22, C:2008-04-29 20:20 M:2008-01-24 10:22] [WebPlayer Class] {B965124A-7C58-45f8-91BF-28A981CE7594} [(Verified)Tencent, 7.30.4377.0, C:2008-01-08 16:51 M:2008-01-08 16:51] [KooPlayer Control] {C728DAB8-FDF5-4CD7-89DD-879D25794C77} [CCTV.COM, 1, 0, 0, 96, C:2008-12-11 18:12 M:2008-12-11 18:13] [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [(Verified)Adobe Systems, Inc., 10,0,12,36, C:2008-10-05 11:20 M:2008-10-05 11:20] [QQLive Class] {D9EBCF5D-3F8F-4b6a-89BA-70577BE73C62} [(Verified)Tencent, 7.30.4377.0, C:2008-01-08 16:51 M:2008-01-08 16:51] [PlayerCtrl Class] {E05BC2A3-9A46-4A32-80C9-023A473F5B23} [(Verified)深圳腾讯科技, 3, 1, 164, 203, C:2008-12-27 12:18 M:2008-12-27 12:18] [PasswordEditCtrl Class] {E787FD25-8D7C-4693-AE67-9406BC6E22DF} [(Verified)腾讯科技(深圳)有限公司, 1, 1, 0, 5, C:2008-04-29 20:16 M:2008-01-07 17:08] [UPlayer Control] {EAB7A1CC-C77B-45E5-9AC2-AD037D047BCC} [(Verified)UUSEE, 2008, 12, 25, 0, C:2009-01-07 16:21 M:2009-01-07 16:21] [Thunder DapPlayer] {EEDD6FF9-13DE-496B-9A1C-D78B3215E266} [ShenZhen Thunder Networking Technologies Ltd., 3, 0, 44, 68, C:2008-04-29 20:20 M:2008-01-24 10:22] [XPPlayer Class] {F3E70CEA-956E-49CC-B444-73AFE593AD7F} [(Verified)Thunder, 1.2.7.102, C:2008-04-29 20:20 M:2008-01-14 16:47] Context Menu [RisingRavExt] {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-11-11 17:26 M:2008-12-18 18:42] [WinRAR] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2008-04-29 20:15 M:2007-09-23 18:59] ======================================== 服务 [Help and Support / helpsvc][Stopped/Disabled] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00] [Human Interface Device Access / HidServ][Stopped/Disabled] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\hidserv.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00] [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Disabled] [] [System Restore Service / srservice][Stopped/Disabled] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "C:\WINDOWS\system32\srsvc.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00] [Contrl Center of Storm Media / ccosm][Running/Auto Start] [(Verified)北京暴风网际科技有限公司, 3, 8, 3, 15, C:2008-03-11 14:33 M:2008-03-11 14:33] [NVIDIA Display Driver Service / NVSvc][Running/Auto Start] <%SystemRoot%\system32\nvsvc32.exe> [(Verified)NVIDIA Corporation, 6.14.10.6176, C:2008-11-11 12:01 M:2004-07-12 16:50] [Rav Process Communication Center / RavCCenter][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 18:51 M:2008-12-18 18:40] [Rising RavTask Manager / RavTask][Running/Auto Start] <"C:\Program Files\Rising\Rav\RavTask.exe" RavTask> [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23, C:2008-12-18 18:51 M:2009-01-20 11:33] [Rfw Process Communication Center / RfwCCenter][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-01-24 15:12 M:2009-01-24 15:11] [Rising Personal Firewall Service / RfwService][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-01-24 15:13 M:2009-01-24 15:11] [Rising RfwTask Manager / RfwTask][Running/Auto Start] <"C:\Program Files\Rising\RFW\RavTask.exe" RfwTask> [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23, C:2009-01-24 15:13 M:2009-01-24 15:11] [Rising RealTime Monitor / RsRavMon][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-18 18:52 M:2008-12-18 18:40] [Rising Scan Service / RsScanSrv][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2008-12-18 18:51 M:2008-12-18 18:40] ======================================== 驱动 [SATALink driver accelerator / SiFilter][Running/Boot Start] [Silicon Image, Inc., 1.0.0.11, C:2008-04-29 21:07 M:2006-08-08 22:19] [System Restore Filter Driver / sr][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\sr.sys> [] [TCP/IP Protocol Driver / Tcpip][Running/System Start] [Microsoft Corporation, 5.1.2600.3394 (xpsp_sp2_qfe.080620-1259), C:2004-08-17 20:00 M:2008-06-20 18:44] [vmfilter303 / vmfilter303][Running/Manual Start] [Vimicro Corporation, 1.4.060423.01, C:2009-01-15 18:31 M:2006-04-25 10:57] [Kinstone USB PC Camera (Vimicro301 Neptune) / ZSMC303][Running/Manual Start] [Vimicro Corporation, 3, 6, 831, 17, C:2008-11-11 12:01 M:2006-08-31 10:30] [Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start] [(Verified)Realtek Semiconductor Corp., 5.10.00.6280 built by: WinDDK, C:2008-11-11 12:03 M:2008-01-24 16:36] [Intel(R) PRO Adapter Driver / E100B][Running/Manual Start] [(Verified)Intel Corporation, 5.41.22.0000 built by: WinDDK, C:2008-11-11 12:00 M:2001-08-31 15:38] [hookcont / hookcont][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 6, C:2008-12-18 18:52 M:2008-12-18 18:40] [hooksys / hooksys][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 47, C:2008-12-18 18:52 M:2008-12-24 16:40] [nv / nv][Running/Manual Start] [(Verified)NVIDIA Corporation, 6.14.10.6176, C:2008-11-11 12:00 M:2004-07-12 16:50] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:2004-08-17 20:00 M:2004-08-17 20:00] [Rising RfwBase Driver / RfwBase9][Running/Manual Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.2, C:2009-01-24 15:13 M:2009-01-24 15:11] [rfwtdi / rfwtdi][Running/Auto Start] <\??\C:\Program Files\Rising\RFW\rfwtdi.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.2, C:2009-01-24 15:13 M:2009-01-24 15:11] [rsfwdrv / rsfwdrv][Running/System Start] <\??\C:\Program Files\Rising\RFW\rsfwdrv.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.44, C:2009-01-24 15:13 M:2009-01-24 15:11] [RsNTGDI / RsNTGDI][Running/Boot Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 18:51 M:2008-12-18 18:40] [RsProtect / RsProtect][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 10, C:2008-12-22 11:37 M:2009-01-24 11:20] [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start] [(Verified)Realtek Semiconductor Corporation, 5.398.613.2003 built by: WinDDK, C:2007-12-24 10:36 M:2004-08-03 22:31] [Secdrv / Secdrv][Stopped/Manual Start] [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:2004-08-17 20:00 M:2007-11-13 18:25] [VMware Bridge Protocol / VMnetBridge][Running/Auto Start] [(Verified)VMware, Inc., 4.0.1.0, C:2009-01-31 16:21 M:2007-10-08 09:26] [VMware Network Application Interface / VMnetuserif][Running/Auto Start] [(Verified)VMware, Inc., 4.0.1.0, C:2009-01-31 16:21 M:2007-10-08 09:27] [VMware Virtualization Driver / vmx86][Running/Auto Start] [(Verified)VMware, Inc., 6.0.2, C:2009-01-31 16:21 M:2007-10-08 09:27] ======================================== 进程 [PID: 876 / SYSTEM] \SystemRoot\System32\smss.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00] [PID: 932 / SYSTEM] \??\C:\WINDOWS\system32\csrss.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00] [PID: 956 / SYSTEM] \??\C:\WINDOWS\system32\winlogon.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-04-21 11:10] [PID: 1000 / SYSTEM] C:\WINDOWS\system32\services.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-04-21 11:10] [PID: 1012 / SYSTEM] C:\WINDOWS\system32\lsass.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-04-21 11:10] [PID: 1176 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-04-21 11:10] [PID: 1256 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-04-21 11:10] [PID: 1412 / SYSTEM] C:\Program Files\Rising\Rav\CCENTER.EXE [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 18:51 M:2008-12-18 18:40] C:\Program Files\Rising\Rav\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-18 18:51 M:2008-12-18 18:49] C:\Program Files\Rising\Rav\cnt09.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 37, C:2008-12-18 18:51 M:2008-12-18 18:49] C:\Program Files\Rising\Rav\cnt08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-18 18:51 M:2008-12-18 18:49] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-04-21 11:10] [PID: 1432 / SYSTEM] C:\Program Files\Rising\RFW\CCENTER.EXE [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-01-24 15:12 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-01-24 15:12 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\cnt09.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 37, C:2009-01-24 15:12 M:2009-01-24 15:11] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-04-21 11:10] [PID: 1440 / SYSTEM] C:\WINDOWS\System32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00] C:\WINDOWS\System32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-04-21 11:10] [PID: 1656 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-04-21 11:10] [PID: 1796 / SYSTEM] C:\Program Files\Rising\RFW\rfwsrv.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-01-24 15:13 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-01-24 15:12 M:2009-01-24 15:11] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-27 16:03 M:2008-12-27 16:03] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 21:14 M:2003-03-18 21:14] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 05:42 M:2003-02-21 05:42] C:\Program Files\Rising\RFW\MonBase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2009-01-24 15:13 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\MonComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-01-24 15:13 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\rfwlog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2009-01-24 15:13 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\rfwrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25, C:2009-01-24 15:13 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\rfwsrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.75, C:2009-01-24 15:13 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-01-24 15:13 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\mPorts.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.0, C:2009-01-24 15:13 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\rfwdrvc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.3, C:2009-01-24 15:13 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\Rfwdrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.5, C:2009-01-24 15:13 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13, C:2009-01-24 15:13 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-01-24 15:13 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\urlrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1.0.0.18, C:2009-01-24 15:13 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-01-24 15:12 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-01-24 15:12 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-01-24 15:12 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-01-24 15:12 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\rfwproxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25, C:2009-01-24 15:13 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-01-24 15:13 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2009-01-24 15:13 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-01-24 15:12 M:2009-01-24 15:11] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-04-21 11:10] C:\Program Files\Rising\RFW\urllib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-01-24 15:13 M:2009-01-24 15:11] [PID: 1820 / SYSTEM] C:\Program Files\Rising\Rav\RavMonD.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-18 18:52 M:2008-12-18 18:40] C:\Program Files\Rising\Rav\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-18 18:51 M:2008-12-18 18:49] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 21:14 M:2003-03-18 21:14] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 05:42 M:2003-02-21 05:42] C:\Program Files\Rising\Rav\moncomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-18 18:51 M:2008-12-18 18:43] C:\Program Files\Rising\Rav\MonBase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2008-12-18 18:52 M:2008-12-18 18:40] C:\Program Files\Rising\Rav\Rslog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.32, C:2008-12-18 18:51 M:2008-12-18 18:49] C:\Program Files\Rising\Rav\mondrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-18 18:52 M:2008-12-18 18:45] C:\Program Files\Rising\Rav\defmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 29, C:2008-12-18 18:52 M:2008-12-18 18:46] C:\Program Files\Rising\Rav\moncom08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-18 18:51 M:2008-12-18 18:40] C:\Program Files\Rising\Rav\MonRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2008-12-18 18:52 M:2008-12-18 18:40] C:\Program Files\Rising\Rav\FileMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 21, C:2008-12-18 18:52 M:2008-12-18 18:40] C:\Program Files\Rising\Rav\MailMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23, C:2008-12-18 18:52 M:2009-01-07 10:40] C:\Program Files\Rising\Rav\HookWeb.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-18 18:52 M:2008-12-18 18:49] C:\Program Files\Rising\Rav\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-18 18:51 M:2008-12-18 18:40] C:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-18 18:51 M:2008-12-18 18:40] C:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2008-12-18 18:51 M:2009-01-14 17:11] C:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-18 18:51 M:2008-12-18 18:40] C:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-18 18:51 M:2008-12-18 18:40] C:\Program Files\Rising\Rav\Hooksys.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 18, C:2008-12-18 18:52 M:2008-12-18 18:45] C:\Program Files\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-12-18 18:51 M:2008-12-18 18:40] C:\Program Files\Rising\Rav\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-12-18 18:51 M:2008-12-18 18:40] C:\Program Files\Rising\Rav\HookCont.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 11, C:2008-12-18 18:52 M:2008-12-18 18:40] C:\Program Files\Rising\Rav\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13, C:2008-12-18 18:52 M:2008-12-25 18:16] C:\Program Files\Rising\Rav\BACore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 19, C:2008-12-18 18:52 M:2009-01-13 12:02] C:\Program Files\Rising\Rav\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 18:51 M:2008-12-18 18:40] C:\Program Files\Rising\Rav\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-18 18:51 M:2008-12-18 18:40] C:\Program Files\Rising\Rav\RSStore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2008-12-18 18:52 M:2009-01-04 12:13] C:\Program Files\Rising\Rav\ScanAdd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.14, C:2008-12-18 18:51 M:2008-12-18 18:40] C:\Program Files\Rising\Rav\Scanner.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.33, C:2008-12-18 18:51 M:2009-01-15 16:45] C:\Program Files\Rising\Rav\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-18 18:51 M:2008-12-25 18:17] C:\Program Files\Rising\Rav\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 18:51 M:2008-12-18 18:40] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-04-21 11:10] C:\Program Files\Rising\Rav\ffr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 18:51 M:2008-12-18 18:40] C:\Program Files\Rising\Rav\nvfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-18 18:51 M:2008-12-18 18:40] C:\Program Files\Rising\Rav\scanexec.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-18 18:51 M:2009-01-04 18:14] C:\Program Files\Rising\Rav\unexe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-18 18:51 M:2008-12-18 18:40] C:\Program Files\Rising\Rav\scanex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 17, C:2008-12-18 18:51 M:2009-01-09 18:14] C:\Program Files\Rising\Rav\pearc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-18 18:51 M:2008-12-18 18:45] C:\Program Files\Rising\Rav\scanpe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-18 18:51 M:2008-12-18 18:45] C:\Program Files\Rising\Rav\extfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-18 18:51 M:2008-12-25 18:17] C:\Program Files\Rising\Rav\ur000.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2008-12-18 18:51 M:2008-12-18 18:40] C:\Program Files\Rising\Rav\revm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 18:51 M:2008-12-18 18:45] C:\Program Files\Rising\Rav\urutils.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-18 18:51 M:2008-12-18 18:45] C:\Program Files\Rising\Rav\scriptci.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-18 18:51 M:2008-12-18 18:40] C:\Program Files\Rising\Rav\uroutine.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-18 18:51 M:2008-12-18 18:40] C:\Program Files\Rising\Rav\ur001.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-18 18:51 M:2008-12-18 18:40] C:\Program Files\Rising\Rav\scansct.dll [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 18:51 M:2008-12-23 20:05] C:\Program Files\Rising\Rav\extmail.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 18:51 M:2008-12-18 18:45] [PID: 1944 / SYSTEM] C:\WINDOWS\system32\spoolsv.exe [(Verified)Microsoft Corporation, 5.1.2600.2696 (xpsp.050610-1527), C:2004-08-17 20:00 M:2005-06-11 08:17] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-04-21 11:10] [PID: 296 / Administrator] C:\WINDOWS\Explorer.EXE [(Verified)Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311), C:2004-08-17 20:00 M:2007-06-13 21:10] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-04-21 11:10] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-27 16:03 M:2008-12-27 16:03] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-11-11 17:26 M:2008-12-18 18:42] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00] C:\Program Files\WinRAR\rarext.dll [N/A, C:2008-04-29 20:15 M:2007-09-23 18:59] C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2008-04-29 20:20 M:2008-04-29 14:42] C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll [Copyright ? 2007, 1, 0, 0, 17, C:2008-04-29 20:20 M:2008-01-24 10:22] C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll [Thunder Networking Technologies,LTD, 1, 0, 0, 16, C:2008-04-29 20:20 M:2008-01-24 10:22] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll [Microsoft Corporation, 5.1.3102.5581 (xpsp_sp3_qfe.080415-1416), C:2008-12-27 12:18 M:2008-12-27 12:18] [PID: 344 / SYSTEM] C:\Program Files\Rising\Rav\rsnetsvr.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-18 18:52 M:2009-01-09 18:14] C:\Program Files\Rising\Rav\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.9, C:2008-12-18 18:52 M:2008-12-18 18:50] C:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-18 18:51 M:2008-12-18 18:40] C:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-18 18:51 M:2008-12-18 18:40] C:\Program Files\Rising\Rav\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-18 18:51 M:2008-12-18 18:40] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 05:42 M:2003-02-21 05:42] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 21:14 M:2003-03-18 21:14] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-04-21 11:10] [PID: 536 / SYSTEM] C:\Program Files\StormII\stormliv.exe [(Verified)北京暴风网际科技有限公司, 3, 8, 3, 15, C:2008-03-11 14:33 M:2008-03-11 14:33] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-27 16:03 M:2008-12-27 16:03] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-04-21 11:10] [PID: 644 / Administrator] C:\Program Files\Rising\Rav\RsTray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22, C:2008-12-18 18:52 M:2009-01-08 12:26] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-04-21 11:10] C:\Program Files\Rising\Rav\ComServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.49, C:2008-12-18 18:52 M:2009-01-14 12:48] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 21:14 M:2003-03-18 21:14] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 05:42 M:2003-02-21 05:42] C:\Program Files\Rising\Rav\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 27, C:2008-12-18 18:51 M:2009-01-04 18:14] C:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-18 18:51 M:2008-12-18 18:40] C:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-18 18:51 M:2008-12-18 18:40] C:\Program Files\Rising\Rav\rsxml.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 18:51 M:2008-12-18 18:40] C:\Program Files\Rising\Rav\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-18 18:51 M:2008-12-18 18:40] C:\Program Files\Rising\Rav\MonState.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-18 18:52 M:2008-12-18 18:40] C:\Program Files\Rising\Rav\ScanEvnt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.12, C:2008-12-18 18:52 M:2008-12-18 18:40] C:\Program Files\Rising\Rav\rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 70, C:2008-12-18 18:51 M:2009-01-04 18:14] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2003-03-19 05:20 M:2003-03-19 05:20] C:\Program Files\Rising\Rav\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-18 18:51 M:2009-01-04 18:14] C:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-18 18:51 M:2008-12-18 18:40] C:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2008-12-18 18:51 M:2009-01-14 17:11] C:\Program Files\Rising\Rav\rspalvd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.21, C:2008-12-18 18:51 M:2008-12-31 12:31] C:\Program Files\Rising\Rav\ravbintl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 25, C:2008-12-18 18:52 M:2008-12-31 12:31] C:\Program Files\Rising\Rav\mruleui.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10, C:2008-12-18 18:52 M:2008-12-18 18:46] C:\Program Files\Rising\Rav\MonTray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.90, C:2008-12-18 18:52 M:2009-01-14 12:48] C:\Program Files\Rising\Rav\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-18 18:51 M:2008-12-18 18:40] C:\Program Files\Rising\Rav\RavITray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 19, C:2008-12-18 18:52 M:2008-12-18 18:40] C:\Program Files\Rising\Rav\ScanPrxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.14, C:2008-12-18 18:51 M:2009-01-20 11:33] C:\Program Files\Rising\Rav\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-18 18:52 M:2009-01-09 18:14] [PID: 652 / Administrator] C:\Program Files\Rising\AntiSpyware\rstray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.16, C:2008-12-27 16:03 M:2008-12-27 16:03] C:\Program Files\Rising\AntiSpyware\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-27 16:03 M:2009-01-09 10:57] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-04-21 11:10] C:\Program Files\Rising\AntiSpyware\RsXML.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-12-27 16:03 M:2008-12-27 16:03] C:\Program Files\Rising\AntiSpyware\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-12-27 16:03 M:2008-12-27 16:03] C:\Program Files\Rising\AntiSpyware\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2008-12-27 16:03 M:2008-12-27 16:03] C:\Program Files\Rising\AntiSpyware\ComServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.31, C:2008-12-27 16:03 M:2008-12-27 16:03] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-27 16:03 M:2008-12-27 16:03] C:\Program Files\Rising\AntiSpyware\rscommon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.1.1, C:2008-12-27 16:03 M:2008-12-27 16:03] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-27 16:03 M:2008-12-27 16:03] C:\Program Files\Rising\AntiSpyware\pngdll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-12-27 16:03 M:2008-12-27 16:03] C:\Program Files\Rising\AntiSpyware\runiep.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.42, C:2008-12-27 16:03 M:2008-12-27 16:03] C:\Program Files\Rising\AntiSpyware\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.11, C:2008-12-27 16:03 M:2008-12-27 16:03] C:\Program Files\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-12-18 18:51 M:2008-12-18 18:40] C:\Program Files\Rising\AntiSpyware\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-12-27 16:03 M:2008-12-27 16:03] [PID: 176 / Administrator] C:\WINDOWS\VM303_STI.EXE [Vimicro, 3, 5, 930, 9, C:2008-11-11 12:01 M:2005-10-17 17:45] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-27 16:03 M:2008-12-27 16:03] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-04-21 11:10] C:\WINDOWS\system32\msdmo.dll [(Verified)N/A, C:2004-08-17 20:00 M:2004-08-17 20:00] C:\WINDOWS\system32\VM303Prp.Ax [Vimicro, 3, 6, 411, 13, C:2008-11-11 12:01 M:2006-06-01 17:03] [PID: 816 / SYSTEM] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [(Verified)Microsoft Corporation, 7.00.9466, C:2003-06-19 23:25 M:2003-06-19 23:25] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-27 16:03 M:2008-12-27 16:03] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\2052\mdmui.dll [Microsoft Corporation, 7.00.9466, C:2002-01-29 15:06 M:2002-01-29 15:06] [PID: 1080 / Administrator] C:\WINDOWS\VMSnap3.EXE [ZSMCSNAP, 3, 6, 818, 7, C:2009-01-15 18:31 M:2006-08-30 10:58] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-27 16:03 M:2008-12-27 16:03] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-04-21 11:10] C:\WINDOWS\system32\msdmo.dll [(Verified)N/A, C:2004-08-17 20:00 M:2004-08-17 20:00] C:\WINDOWS\system32\VM303Prp.Ax [Vimicro, 3, 6, 411, 13, C:2008-11-11 12:01 M:2006-06-01 17:03] [PID: 1200 / SYSTEM] C:\WINDOWS\system32\nvsvc32.exe [(Verified)NVIDIA Corporation, 6.14.10.6176, C:2008-11-11 12:01 M:2004-07-12 16:50] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-27 16:03 M:2008-12-27 16:03] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-04-21 11:10] [PID: 1212 / Administrator] C:\WINDOWS\Domino.EXE [Vimicro, 4, 2, 1124, 6, C:2009-01-15 18:31 M:2006-06-28 17:54] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-27 16:03 M:2008-12-27 16:03] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-04-21 11:10] C:\WINDOWS\system32\msdmo.dll [(Verified)N/A, C:2004-08-17 20:00 M:2004-08-17 20:00] [PID: 1352 / SYSTEM] C:\Program Files\Rising\Rav\RavTask.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23, C:2008-12-18 18:51 M:2009-01-20 11:33] C:\Program Files\Rising\Rav\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-18 18:51 M:2009-01-04 18:14] C:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-18 18:51 M:2008-12-18 18:40] C:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2008-12-18 18:51 M:2009-01-14 17:11] C:\Program Files\Rising\Rav\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-18 18:51 M:2008-12-18 18:40] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 05:42 M:2003-02-21 05:42] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 21:14 M:2003-03-18 21:14] C:\Program Files\Rising\Rav\rsstub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-18 18:51 M:2008-12-18 18:40] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-04-21 11:10] C:\Program Files\Rising\Rav\rstask.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 36, C:2008-12-18 18:51 M:2009-01-20 11:33] [PID: 1376 / Administrator] C:\Program Files\Rising\RFW\RsTray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22, C:2009-01-24 15:13 M:2009-01-24 15:11] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-04-21 11:10] C:\Program Files\Rising\RFW\ComServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.49, C:2009-01-24 15:13 M:2009-01-24 15:11] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 21:14 M:2003-03-18 21:14] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 05:42 M:2003-02-21 05:42] C:\Program Files\Rising\RFW\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 27, C:2009-01-24 15:13 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-01-24 15:13 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-01-24 15:13 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\rsxml.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-01-24 15:13 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-01-24 15:12 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\MonState.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2009-01-24 15:13 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\rfwrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25, C:2009-01-24 15:13 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-01-24 15:13 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-01-24 15:13 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2009-01-24 15:13 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\rspalvd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.21, C:2009-01-24 15:13 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 70, C:2009-01-24 15:13 M:2009-01-24 15:11] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2003-03-19 05:20 M:2003-03-19 05:20] C:\Program Files\Rising\RFW\ravbintl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 25, C:2009-01-24 15:13 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13, C:2009-01-24 15:13 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-01-24 15:13 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\rfwtray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 1, 5, C:2009-01-24 15:13 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-01-24 15:13 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\rfwlog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2009-01-24 15:13 M:2009-01-24 15:11] [PID: 1504 / SYSTEM] C:\Program Files\Rising\RFW\RavTask.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23, C:2009-01-24 15:13 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-01-24 15:13 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-01-24 15:13 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2009-01-24 15:13 M:2009-01-24 15:11] C:\Program Files\Rising\RFW\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-01-24 15:12 M:2009-01-24 15:11] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 05:42 M:2003-02-21 05:42] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 21:14 M:2003-03-18 21:14] C:\Program Files\Rising\RFW\rsstub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-01-24 15:13 M:2009-01-24 15:11] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-04-21 11:10] C:\Program Files\Rising\RFW\rstask.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 36, C:2009-01-24 15:13 M:2009-01-24 15:11] [PID: 1548 / Administrator] C:\WINDOWS\system32\ctfmon.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-04-21 11:10] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-27 16:03 M:2008-12-27 16:03] [PID: 1564 / SYSTEM] C:\Program Files\Rising\Rav\ScanFrm.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2008-12-18 18:51 M:2008-12-18 18:40] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 21:14 M:2003-03-18 21:14] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 05:42 M:2003-02-21 05:42] C:\Program Files\Rising\Rav\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-18 18:51 M:2008-12-18 18:49] C:\Program Files\Rising\Rav\moncomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-18 18:51 M:2008-12-18 18:43] C:\Program Files\Rising\Rav\scansrvp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2008-12-18 18:51 M:2008-12-18 18:40] C:\Program Files\Rising\Rav\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-18 18:51 M:2008-12-18 18:40] C:\Program Files\Rising\Rav\ScanSrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.9, C:2008-12-18 18:51 M:2008-12-18 18:40] C:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-18 18:51 M:2008-12-18 18:40] C:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-18 18:51 M:2008-12-18 18:40] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-04-21 11:10] [PID: 1612 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-04-21 11:10] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll [Microsoft Corporation, 5.1.3102.5581 (xpsp_sp3_qfe.080415-1416), C:2008-12-27 12:18 M:2008-12-27 12:18] [PID: 2264 / LOCAL SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-04-21 11:10] [PID: 2584 / LOCAL SERVICE] C:\WINDOWS\System32\alg.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00] C:\WINDOWS\System32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-04-21 11:10] C:\WINDOWS\System32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-27 16:03 M:2008-12-27 16:03] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-27 16:03 M:2008-12-27 16:03] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-27 16:03 M:2008-12-27 16:03] [PID: 2100 / Administrator] C:\Program Files\Internet Explorer\iexplore.exe [(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2007-12-24 10:40 M:2004-08-17 20:00] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-27 16:03 M:2008-12-27 16:03] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-27 16:03 M:2008-12-27 16:03] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-27 16:03 M:2008-12-27 16:03] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-04-21 11:10] C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll [(Verified)Thunder Networking Technologies,LTD, 1.0.5.16, C:2008-04-29 20:20 M:2007-12-10 14:17] C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2008-04-29 20:20 M:2008-04-29 14:42] C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll [Copyright ? 2007, 1, 0, 0, 17, C:2008-04-29 20:20 M:2008-01-24 10:22] C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll [Thunder Networking Technologies,LTD, 1, 0, 0, 16, C:2008-04-29 20:20 M:2008-01-24 10:22] C:\WINDOWS\system32\UrlFilter.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-12-27 16:03 M:2008-12-27 16:03] C:\Program Files\Rising\AntiSpyware\UrlRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1.0.0.15, C:2008-12-27 16:03 M:2008-12-27 16:03] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00] C:\Program Files\Common Files\Microsoft Shared\INK\PENCHS.DLL [Microsoft Corporation, 1.0.1038.0, C:2001-02-07 02:17 M:2001-02-07 02:17] C:\Program Files\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.60, C:2008-11-11 17:26 M:2009-01-21 18:24] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 21:14 M:2003-03-18 21:14] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 05:42 M:2003-02-21 05:42] C:\WINDOWS\system32\Macromed\Flash\FlDbg10a.ocx [(Verified)Adobe Systems, Inc., 10,0,12,36, C:2008-10-05 11:20 M:2008-10-05 11:20] C:\WINDOWS\system32\JPWB.IME [常诚研制, 4.00.950, C:2008-04-29 20:15 M:2007-11-18 09:46] C:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll [Thunder Networking Technologies,LTD, 5, 0, 4, 23, C:2008-04-29 20:20 M:2007-12-10 14:17] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-11-11 17:26 M:2008-12-18 18:42] [PID: 3016 / Administrator] D:\Downloads\金宏旻\软件资料库\arswp2\arswp2\ArSwp.exe [(Verified)ArSwp.com, 2, 8, 2, 1115, C:2009-02-02 10:43 M:2008-11-15 11:58] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-27 16:03 M:2008-12-27 16:03] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-27 16:03 M:2008-12-27 16:03] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-27 16:03 M:2008-12-27 16:03] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2008-04-21 11:10] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 20:00 M:2004-08-17 20:00] C:\Program Files\Common Files\Microsoft Shared\INK\PENCHS.DLL [Microsoft Corporation, 1.0.1038.0, C:2001-02-07 02:17 M:2001-02-07 02:17] D:\Downloads\金宏旻\软件资料库\arswp2\arswp2\plugin\ArFix.dll [(Verified)ArSwp.Com, 2, 5, 0, 0, C:2009-02-02 10:43 M:2007-11-28 15:19] C:\Program Files\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.60, C:2008-11-11 17:26 M:2009-01-21 18:24] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 21:14 M:2003-03-18 21:14] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 05:42 M:2003-02-21 05:42] C:\WINDOWS\system32\Macromed\Flash\FlDbg10a.ocx [(Verified)Adobe Systems, Inc., 10,0,12,36, C:2008-10-05 11:20 M:2008-10-05 11:20] ======================================== 文件关联 ======================================== AutoRun.INF ======================================== Winsock提供者 ======================================== HOSTS 127.0.0.1 localhost [/CODE]