[CODE] 2009-02-03,11:53:53 SysLog Scanner 1.0 - build 20080726 Arswp (http://www.arswp.com) Windows XP Professional Service Pack 3 (build 2600) - Administrators ======================================== 注册项 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <"D:\WangWang\WangWang.exe"> [(Verified)阿里巴巴软件(上海)有限公司, 5, 7, 0, 5, C:2009-02-03 08:39 M:2008-05-07 15:19] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <"D:\杀毒软件\Rising\Rav\RsTray.exe" -system> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22, C:2008-12-21 18:08 M:2009-01-09 00:53] <"D:\kaka\rstray.exe" /startup> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.16, C:2009-02-04 09:27 M:2009-02-04 09:26] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] [(Verified)Beijing Rising Information Technology Co., Ltd., 19, 0, 0, 3, C:2009-02-04 09:27 M:2009-02-04 09:26] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-02-04 09:27 M:2009-02-04 09:26] [HKEY_CURRENT_USER\Control Panel\Desktop] [Microsoft Corporation, 6.0.5308.17 (winmain_idx01.060217-2200), C:2008-07-09 16:39 M:2006-03-01 04:53] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs] [Microsoft Corporation, 6.00.2900.5583 (xpsp_sp3_gdr.080417-1430), C:2008-06-12 10:00 M:2008-06-12 10:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{32CD708B-60A7-4C00-9377-D73EAA495F0F}> [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-02-03 08:03 M:2009-02-03 08:06] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] <{1E796980-9CC5-11D1-A83F-00C04FC99D61}><> [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载] <> [N/A, C:2008-07-10 19:28 M:2007-12-10 14:17] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载全部链接] <> [N/A, C:2008-07-10 19:28 M:2007-12-10 14:17] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\导出到 Microsoft Office Excel(&X)] <> [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\添加到QQ表情] <> [N/A, C:2008-11-29 16:39 M:2008-05-23 06:45] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] [ATI Technologies Inc., 6.14.10.4177, C:2008-11-29 16:35 M:2008-05-12 23:44] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00|(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00|(Verified)N/A, C:2008-04-14 20:00 M:2008-04-14 20:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00|(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00|(Verified)N/A, C:2008-04-14 20:00 M:2008-04-14 20:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{95B3F550-91C4-4627-BCC4-521288C52977}] [(Verified)N/A, C:2008-11-29 16:39 M:2007-03-16 13:46] ======================================== 启动项 ======================================== 计划任务 ======================================== 组件 ShellExecuteHook [ShlExecHack Class] {32CD708B-60A7-4C00-9377-D73EAA495F0F} [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-02-03 08:03 M:2009-02-03 08:06] Shell Extension [Display Panning CPL Extension] {42071714-76d4-11d1-8b24-00a0c9068ff3} [] [Windows Script Host 的 Shell extensions] {60254CA5-953B-11CF-8C96-00AA00B8708C} [Microsoft Corporation, 5.7.0.18066, C:2008-04-14 20:00 M:2008-05-09 18:53] [Microsoft Agent Character Property Sheet Handler] {143A62C8-C33B-11D1-84FE-00C04FA34A14} [Microsoft Corporation, 2.00.0.2115, C:1998-09-15 17:21 M:1998-09-15 17:21] [WinRAR shell extension] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2008-11-29 16:39 M:2007-09-23 18:59] [RISING] {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-02-03 08:03 M:2009-02-03 08:06] Protocols [Microsoft HTML About Pluggable Protocol] {3050F406-98B5-11CF-BB82-00AA00BDCE0B} <%SystemRoot%\system32\mshtml.dll> [Microsoft Corporation, 6.00.2900.5583 (xpsp_sp3_gdr.080417-1430), C:2008-06-12 10:00 M:2008-06-12 10:00] [Microsoft HTML Javascript Pluggable Protocol] {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} <%SystemRoot%\system32\mshtml.dll> [Microsoft Corporation, 6.00.2900.5583 (xpsp_sp3_gdr.080417-1430), C:2008-06-12 10:00 M:2008-06-12 10:00] [Microsoft HTML Mailto Pluggable Protocol] {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} <%SystemRoot%\system32\mshtml.dll> [Microsoft Corporation, 6.00.2900.5583 (xpsp_sp3_gdr.080417-1430), C:2008-06-12 10:00 M:2008-06-12 10:00] [Microsoft HTML Resource Pluggable Protocol] {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} <%SystemRoot%\system32\mshtml.dll> [Microsoft Corporation, 6.00.2900.5583 (xpsp_sp3_gdr.080417-1430), C:2008-06-12 10:00 M:2008-06-12 10:00] [Microsoft HTML Resource Pluggable Protocol] {76E67A63-06E9-11D2-A840-006008059382} <%SystemRoot%\system32\mshtml.dll> [Microsoft Corporation, 6.00.2900.5583 (xpsp_sp3_gdr.080417-1430), C:2008-06-12 10:00 M:2008-06-12 10:00] BrowserHelperObject [ThunderAtOnce Class] {01443AEC-0FD1-40fd-9C87-E93D1494C233} [(Verified)Thunder Networking Technologies,LTD, 1.0.5.29, C:2008-07-10 19:28 M:2008-04-07 15:40] [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2008-07-10 19:28 M:2008-04-29 14:42] [卡卡上网安全助手] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2009-02-04 09:27 M:2009-02-04 09:26] ActiveX Extension [ThunderAtOnce Class] {01443AEC-0FD1-40FD-9C87-E93D1494C233} [(Verified)Thunder Networking Technologies,LTD, 1.0.5.29, C:2008-07-10 19:28 M:2008-04-07 15:40] [Thunder Agent Class] {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} [(Verified)Thunder Networking Technologies,LTD, 5, 0, 4, 23, C:2008-07-10 19:28 M:2008-05-26 11:09] [EditCtrl Class] {488A4255-3236-44B3-8F27-FA1AECAA8844} [(Verified)Copyright 2007, 2, 1, 2, 1, C:2008-05-20 10:51 M:2008-05-20 10:51] [XMP Class] {6483F145-A768-4C41-AACC-52D4D7845851} [Copyright XunLei 2007, 2, 1, 0, 64, C:2008-06-23 18:46 M:2008-06-11 16:11] [XDRM] {693571CB-54A3-4E90-9D52-EEAE1334E2D3} [Copyright XunLei 2007, 1, 0, 0, 7, C:2008-06-23 18:46 M:2008-06-11 16:11] [CCtInf Class] {6DBB2904-082D-4DB0-944A-21C22BA121F4} [Copyright 2006, 1, 0, 0, 3, C:2006-09-19 16:31 M:2006-09-19 16:31] [WangWangObj Class] {6E213FC7-DD5A-4115-B7E6-D4C7838C361E} [(Verified)阿里巴巴软件(上海)有限公司, 1, 0, 0, 5, C:2009-02-03 08:39 M:2008-03-18 12:14] [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2008-07-10 19:28 M:2008-04-29 14:42] [卡卡上网安全助手] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2009-02-04 09:27 M:2009-02-04 09:26] [DapCtrl Class] {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} [ShenZhen Thunder Networking Technologies Ltd., 2, 1, 5802, 54, C:2008-11-29 16:35 M:2008-06-11 16:11] [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32] [Thunder DapPlayer] {EEDD6FF9-13DE-496B-9A1C-D78B3215E266} [ShenZhen Thunder Networking Technologies Ltd., 3, 0, 5712, 71, C:2008-07-10 19:28 M:2008-06-11 16:11] [XPPlayer Class] {F3E70CEA-956E-49CC-B444-73AFE593AD7F} [Thunder, 2, 0, 0, 166, C:2008-11-29 16:35 M:2008-06-11 16:11] Context Menu [RisingRavExt] {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-02-03 08:03 M:2009-02-03 08:06] [WinRAR] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2008-11-29 16:39 M:2007-09-23 18:59] ======================================== 服务 [Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start] <%SystemRoot%\system32\Ati2evxx.exe> [ATI Technologies Inc., 6.14.10.4197, C:2008-11-29 16:35 M:2008-05-12 23:43] [Human Interface Device Access / HidServ][Stopped/Disabled] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\hidserv.dll"> [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-14 20:00 M:2008-04-14 20:00] [Network Location Awareness (NLA) / Nla][Running/Manual Start] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\mswsock.dll"> [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-14 20:00 M:2008-04-14 20:00|Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] [Rav Process Communication Center / RavCCenter][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-02-03 08:11 M:2009-02-03 08:10] [Rising RavTask Manager / RavTask][Running/Auto Start] <"D:\杀毒软件\Rising\Rav\RavTask.exe" RavTask> [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23, C:2009-02-03 08:11 M:2009-02-03 08:10] [Rising RealTime Monitor / RsRavMon][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-02-03 08:11 M:2009-02-03 08:06] [Rising Scan Service / RsScanSrv][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2008-12-21 18:08 M:2008-12-21 18:07] ======================================== 驱动 [AFD / AFD][Running/System Start] <\SystemRoot\System32\drivers\afd.sys> [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-20 19:40] [ati2mtag / ati2mtag][Running/Manual Start] [ATI Technologies Inc., 6.14.10.6806, C:2008-11-29 16:35 M:2008-05-13 00:30] [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start] [NVIDIA Corporation, 10.3.0.21 built by: WinDDK, C:2008-05-31 17:38 M:2008-01-25 20:01] [SATALink driver accelerator / SiFilter][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\SiWinAcc.sys> [Silicon Image, Inc., 1.0.0.11, C:2008-01-23 17:20 M:2006-08-08 22:19] [TCP/IP Protocol Driver / Tcpip][Running/System Start] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-06-12 10:01 M:2008-07-09 07:44] [viamraid / viamraid][Stopped/Boot Start] [VIA Technologies inc,.ltd, 5.1.6000.574, C:2008-01-23 17:20 M:2008-01-22 14:02] [ATI Function Driver for HDMI Service / AtiHdmiService][Running/Manual Start] [(Verified)ATI Research Inc., 5.00.50000.05, C:2008-11-29 16:35 M:2008-05-21 07:53] [Intel(R) PRO/1000 PCI Express Network Connection Driver / e1express][Running/Manual Start] [(Verified)Intel Corporation, 9.12.18.0 built by: WinDDK, C:2008-11-29 16:35 M:2008-02-06 18:39] [Creative AudioPCI (ES1371,ES1373) (WDM) / es1371][Stopped/Manual Start] [(Verified)Creative Technology Ltd., 5.1.2501.0 built by: WinDDK, C:2008-06-23 13:45 M:2001-08-17 04:19] [Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start] [(Verified)Windows (R) Server 2003 DDK provider, 5.10.01.5013 built by: WinDDK, C:2008-04-14 20:00 M:2008-04-14 20:00] [hookcont / hookcont][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 6, C:2009-02-03 08:11 M:2009-02-03 08:10] [hooksys / hooksys][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 47, C:2009-02-03 08:11 M:2009-02-03 08:06] [Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start] [(Verified)Realtek Semiconductor Corp., 5.10.0.5506 built by: WinDDK, C:2008-11-29 16:35 M:2007-11-01 14:38] [AMD PCNET Compatable Adapter Driver / PCnet][Stopped/Manual Start] [(Verified)AMD Inc., 4.38.00 built by: WinDDK, C:2008-06-23 13:45 M:2001-08-17 04:11] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:2008-04-14 20:00 M:2008-04-14 20:00] [RsNTGDI / RsNTGDI][Running/Boot Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-02-03 08:03 M:2009-02-03 08:07] [Secdrv / Secdrv][Stopped/Manual Start] [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:2008-04-14 20:00 M:2008-04-14 20:00] ======================================== 进程 [PID: 640 / SYSTEM] \SystemRoot\System32\smss.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-14 20:00 M:2008-04-14 20:00] [PID: 696 / SYSTEM] \??\C:\WINDOWS\system32\csrss.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-14 20:00 M:2008-04-14 20:00] [PID: 736 / SYSTEM] \??\C:\WINDOWS\system32\winlogon.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2008-04-14 20:00 M:2008-04-14 20:00] C:\WINDOWS\system32\sfc_os.dll [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-06-12 10:01 M:2008-06-12 10:01] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-06-12 10:01 M:2008-06-12 10:01] C:\WINDOWS\system32\Ati2evxx.dll [ATI Technologies Inc., 6.14.10.4177, C:2008-11-29 16:35 M:2008-05-12 23:44] C:\WINDOWS\system32\DNSAPI.dll [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] [PID: 780 / SYSTEM] C:\WINDOWS\system32\services.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-14 20:00 M:2008-04-14 20:00] [PID: 792 / SYSTEM] C:\WINDOWS\system32\lsass.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2008-04-14 20:00 M:2008-04-14 20:00] C:\WINDOWS\system32\DNSAPI.dll [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-06-12 10:01 M:2008-06-12 10:01] C:\WINDOWS\system32\mswsock.dll [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] [PID: 952 / SYSTEM] C:\WINDOWS\system32\Ati2evxx.exe [ATI Technologies Inc., 6.14.10.4197, C:2008-11-29 16:35 M:2008-05-12 23:43] C:\WINDOWS\system32\Ati2edxx.dll [ATI Technologies, Inc., 6, 14, 10, 2513, C:2008-11-29 16:35 M:2008-05-12 23:45] C:\WINDOWS\system32\atipdlxx.dll [ATI Technologies, Inc., 6, 14, 10, 2533, C:2008-11-29 16:35 M:2008-05-12 23:45] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-06-12 10:01 M:2008-06-12 10:01] [PID: 972 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-14 20:00 M:2008-04-14 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-06-12 10:01 M:2008-06-12 10:01] [PID: 1056 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-14 20:00 M:2008-04-14 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-06-12 10:01 M:2008-06-12 10:01] C:\WINDOWS\system32\mswsock.dll [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] C:\WINDOWS\system32\DNSAPI.dll [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] [PID: 1188 / SYSTEM] D:\杀毒软件\Rising\Rav\CCENTER.EXE [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-02-03 08:11 M:2009-02-03 08:10] D:\杀毒软件\Rising\Rav\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-21 18:08 M:2008-12-21 18:07] D:\杀毒软件\Rising\Rav\cnt09.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 37, C:2008-12-21 18:08 M:2008-12-21 18:07] D:\杀毒软件\Rising\Rav\cnt08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-21 18:08 M:2008-12-21 18:07] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-06-12 10:01 M:2008-06-12 10:01] [PID: 1208 / SYSTEM] C:\WINDOWS\System32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-14 20:00 M:2008-04-14 20:00] C:\WINDOWS\System32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-06-12 10:01 M:2008-06-12 10:01] c:\windows\system32\DNSAPI.dll [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] C:\WINDOWS\system32\mswsock.dll [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] C:\WINDOWS\system32\WININET.dll [Microsoft Corporation, 6.00.2900.5583 (xpsp_sp3_gdr.080417-1430), C:2008-06-12 10:00 M:2008-06-12 10:00] C:\WINDOWS\System32\sfc_os.dll [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-06-12 10:01 M:2008-06-12 10:01] [PID: 1260 / SYSTEM] C:\WINDOWS\system32\Ati2evxx.exe [ATI Technologies Inc., 6.14.10.4197, C:2008-11-29 16:35 M:2008-05-12 23:43] C:\WINDOWS\system32\Ati2edxx.dll [ATI Technologies, Inc., 6, 14, 10, 2513, C:2008-11-29 16:35 M:2008-05-12 23:45] C:\WINDOWS\system32\atipdlxx.dll [ATI Technologies, Inc., 6, 14, 10, 2533, C:2008-11-29 16:35 M:2008-05-12 23:45] C:\WINDOWS\system32\ati2evxx.dll [ATI Technologies Inc., 6.14.10.4177, C:2008-11-29 16:35 M:2008-05-12 23:44] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-06-12 10:01 M:2008-06-12 10:01] [PID: 1344 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-14 20:00 M:2008-04-14 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-06-12 10:01 M:2008-06-12 10:01] c:\windows\system32\DNSAPI.dll [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] C:\WINDOWS\system32\mswsock.dll [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] [PID: 1356 / LOCAL SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-14 20:00 M:2008-04-14 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-06-12 10:01 M:2008-06-12 10:01] C:\WINDOWS\system32\mswsock.dll [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] [PID: 1592 / SYSTEM] D:\杀毒软件\Rising\Rav\RavMonD.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-21 18:08 M:2008-12-21 18:07] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 10:42 M:2003-02-21 10:42] D:\杀毒软件\Rising\Rav\moncomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-21 18:08 M:2008-12-21 18:07] D:\杀毒软件\Rising\Rav\MonBase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2008-12-21 18:08 M:2008-12-21 18:06] D:\杀毒软件\Rising\Rav\Rslog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.32, C:2009-02-03 08:11 M:2009-02-03 08:10] D:\杀毒软件\Rising\Rav\mondrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-21 18:08 M:2008-12-21 18:07] D:\杀毒软件\Rising\Rav\defmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 29, C:2008-12-21 18:08 M:2008-12-21 18:07] D:\杀毒软件\Rising\Rav\moncom08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-21 18:08 M:2008-12-21 18:07] D:\杀毒软件\Rising\Rav\MonRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2009-02-03 08:11 M:2009-02-03 08:07] D:\杀毒软件\Rising\Rav\FileMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 21, C:2008-12-21 18:08 M:2008-12-21 18:06] D:\杀毒软件\Rising\Rav\MailMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23, C:2008-12-21 18:08 M:2009-01-07 01:13] D:\杀毒软件\Rising\Rav\HookWeb.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-02-03 08:11 M:2009-02-03 08:10] D:\杀毒软件\Rising\Rav\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-21 18:08 M:2008-12-21 18:07] D:\杀毒软件\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-21 18:08 M:2008-12-21 18:07] D:\杀毒软件\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-21 18:08 M:2008-12-21 18:07] D:\杀毒软件\Rising\Rav\Hooksys.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 18, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2009-02-03 08:11 M:2009-02-03 08:10] D:\杀毒软件\Rising\Rav\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2009-02-03 08:11 M:2009-02-03 08:10] D:\杀毒软件\Rising\Rav\HookCont.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 11, C:2009-02-03 08:11 M:2009-02-03 08:10] D:\杀毒软件\Rising\Rav\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13, C:2008-12-21 18:08 M:2008-12-25 14:44] D:\杀毒软件\Rising\Rav\BACore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 19, C:2008-12-21 18:08 M:2009-01-15 00:27] C:\WINDOWS\system32\sfc_os.dll [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-06-12 10:01 M:2008-06-12 10:01] D:\杀毒软件\Rising\Rav\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\RSStore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2009-02-03 08:11 M:2009-02-03 08:08] D:\杀毒软件\Rising\Rav\ScanAdd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.14, C:2008-12-21 18:08 M:2008-12-21 18:07] D:\杀毒软件\Rising\Rav\Scanner.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.33, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-02-03 08:11 M:2009-02-03 08:06] C:\WINDOWS\system32\mswsock.dll [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-06-12 10:01 M:2008-06-12 10:01] D:\杀毒软件\Rising\Rav\ffr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\nvfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\scanexec.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\unexe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\scanex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 17, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\pearc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\scanpe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-21 18:08 M:2008-12-21 18:07] D:\杀毒软件\Rising\Rav\ur000.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2008-12-21 18:08 M:2008-12-21 18:07] D:\杀毒软件\Rising\Rav\revm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\urutils.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-21 18:08 M:2008-12-21 18:07] D:\杀毒软件\Rising\Rav\ur001.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-21 18:08 M:2008-12-21 18:07] D:\杀毒软件\Rising\Rav\scansct.dll [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\extmail.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\ur007.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-21 18:08 M:2008-12-21 18:07] D:\杀毒软件\Rising\Rav\extfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-02-03 08:11 M:2009-02-03 08:06] [PID: 1764 / Administrator] C:\WINDOWS\Explorer.EXE [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00] C:\WINDOWS\system32\WININET.dll [Microsoft Corporation, 6.00.2900.5583 (xpsp_sp3_gdr.080417-1430), C:2008-06-12 10:00 M:2008-06-12 10:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-06-12 10:01 M:2008-06-12 10:01] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-02-03 08:03 M:2009-02-03 08:06] C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll [(Verified)Thunder Networking Technologies,LTD, 1.0.5.29, C:2008-07-10 19:28 M:2008-04-07 15:40] C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2008-07-10 19:28 M:2008-04-29 14:42] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 18:53 M:2008-04-13 18:53] C:\Program Files\WinRAR\rarext.dll [N/A, C:2008-11-29 16:39 M:2007-09-23 18:59] C:\WINDOWS\system32\msdmo.dll [(Verified)N/A, C:2008-04-14 20:00 M:2008-04-14 20:00] [PID: 1828 / SYSTEM] D:\杀毒软件\Rising\Rav\rsnetsvr.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-21 18:08 M:2009-01-12 01:27] D:\杀毒软件\Rising\Rav\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.9, C:2008-12-21 18:08 M:2008-12-21 18:07] C:\WINDOWS\system32\WININET.dll [Microsoft Corporation, 6.00.2900.5583 (xpsp_sp3_gdr.080417-1430), C:2008-06-12 10:00 M:2008-06-12 10:00] D:\杀毒软件\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-21 18:08 M:2008-12-21 18:07] D:\杀毒软件\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-21 18:08 M:2008-12-21 18:07] D:\杀毒软件\Rising\Rav\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-21 18:08 M:2008-12-21 18:07] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 10:42 M:2003-02-21 10:42] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-06-12 10:01 M:2008-06-12 10:01] C:\WINDOWS\system32\mswsock.dll [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] C:\WINDOWS\system32\DNSAPI.dll [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] [PID: 1872 / SYSTEM] C:\WINDOWS\system32\spoolsv.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2008-04-14 20:00 M:2008-04-14 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-06-12 10:01 M:2008-06-12 10:01] C:\WINDOWS\system32\DNSAPI.dll [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] C:\WINDOWS\system32\sfc_os.dll [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-06-12 10:01 M:2008-06-12 10:01] C:\WINDOWS\System32\mswsock.dll [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] [PID: 1472 / SYSTEM] D:\杀毒软件\Rising\Rav\RavTask.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23, C:2009-02-03 08:11 M:2009-02-03 08:10] D:\杀毒软件\Rising\Rav\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-21 18:08 M:2009-01-05 10:54] D:\杀毒软件\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-21 18:08 M:2008-12-21 18:07] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 10:42 M:2003-02-21 10:42] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-05 10:31] D:\杀毒软件\Rising\Rav\rsstub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-21 18:08 M:2008-12-21 18:07] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-06-12 10:01 M:2008-06-12 10:01] D:\杀毒软件\Rising\Rav\rstask.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 36, C:2008-12-21 18:08 M:2009-01-21 00:29] [PID: 1708 / SYSTEM] D:\杀毒软件\Rising\Rav\ScanFrm.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2008-12-21 18:08 M:2008-12-21 18:07] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 10:42 M:2003-02-21 10:42] D:\杀毒软件\Rising\Rav\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-21 18:08 M:2008-12-21 18:07] D:\杀毒软件\Rising\Rav\moncomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-21 18:08 M:2008-12-21 18:07] D:\杀毒软件\Rising\Rav\scansrvp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2008-12-21 18:08 M:2008-12-21 18:07] D:\杀毒软件\Rising\Rav\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-21 18:08 M:2008-12-21 18:07] D:\杀毒软件\Rising\Rav\ScanSrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.9, C:2008-12-21 18:08 M:2008-12-21 18:07] D:\杀毒软件\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-21 18:08 M:2008-12-21 18:07] D:\杀毒软件\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-21 18:08 M:2008-12-21 18:07] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-06-12 10:01 M:2008-06-12 10:01] D:\杀毒软件\Rising\Rav\ScanRavT.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.23, C:2008-12-21 18:08 M:2008-12-21 18:07] D:\杀毒软件\Rising\Rav\ScanBT.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.38, C:2008-12-21 18:08 M:2009-01-21 00:29] D:\杀毒软件\Rising\Rav\ScanStub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.8, C:2008-12-21 18:08 M:2008-12-21 18:07] D:\杀毒软件\Rising\Rav\ScanAdd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.14, C:2008-12-21 18:08 M:2008-12-21 18:07] C:\WINDOWS\system32\sfc_os.dll [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-06-12 10:01 M:2008-06-12 10:01] D:\杀毒软件\Rising\Rav\RsLog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.32, C:2009-02-03 08:11 M:2009-02-03 08:10] D:\杀毒软件\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\Scanner.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.33, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\ffr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\nvfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\scanexec.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\unexe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\scanex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 17, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\extfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\scansct.dll [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\mvengine.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\posttrt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\pearc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\scanpe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-21 18:08 M:2008-12-21 18:07] D:\杀毒软件\Rising\Rav\ur000.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2008-12-21 18:08 M:2008-12-21 18:07] D:\杀毒软件\Rising\Rav\revm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\urutils.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-21 18:08 M:2008-12-21 18:07] [PID: 520 / LOCAL SERVICE] C:\WINDOWS\System32\alg.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2008-04-14 20:00 M:2008-04-14 20:00] C:\WINDOWS\System32\MSWSOCK.DLL [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] C:\WINDOWS\System32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-06-12 10:01 M:2008-06-12 10:01] [PID: 924 / Administrator] D:\杀毒软件\Rising\Rav\RsTray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22, C:2008-12-21 18:08 M:2009-01-09 00:53] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-06-12 10:01 M:2008-06-12 10:01] D:\杀毒软件\Rising\Rav\ComServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.49, C:2008-12-21 18:08 M:2009-01-15 00:27] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 10:42 M:2003-02-21 10:42] D:\杀毒软件\Rising\Rav\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 27, C:2008-12-21 18:08 M:2009-01-05 10:54] D:\杀毒软件\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-21 18:08 M:2008-12-21 18:07] D:\杀毒软件\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-21 18:08 M:2008-12-21 18:07] D:\杀毒软件\Rising\Rav\rsxml.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-21 18:08 M:2008-12-21 18:07] D:\杀毒软件\Rising\Rav\MonState.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-21 18:08 M:2008-12-21 18:06] D:\杀毒软件\Rising\Rav\ScanEvnt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.12, C:2008-12-21 18:08 M:2008-12-21 18:07] D:\杀毒软件\Rising\Rav\rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 70, C:2009-02-03 08:11 M:2009-02-03 08:06] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2009-02-03 08:03 M:2009-02-03 07:58] D:\杀毒软件\Rising\Rav\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-21 18:08 M:2009-01-05 10:54] D:\杀毒软件\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\rspalvd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.21, C:2008-12-21 18:08 M:2008-12-31 01:17] D:\杀毒软件\Rising\Rav\ravbintl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 25, C:2008-12-21 18:08 M:2009-01-01 01:32] C:\WINDOWS\system32\WININET.dll [Microsoft Corporation, 6.00.2900.5583 (xpsp_sp3_gdr.080417-1430), C:2008-06-12 10:00 M:2008-06-12 10:00] D:\杀毒软件\Rising\Rav\mruleui.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10, C:2008-12-21 18:08 M:2008-12-21 18:07] D:\杀毒软件\Rising\Rav\MonTray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.90, C:2008-12-21 18:08 M:2009-01-15 00:27] D:\杀毒软件\Rising\Rav\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-02-03 08:11 M:2009-02-03 08:06] D:\杀毒软件\Rising\Rav\RavITray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 19, C:2008-12-21 18:08 M:2008-12-21 18:07] D:\杀毒软件\Rising\Rav\ScanPrxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.14, C:2008-12-21 18:08 M:2009-01-21 00:29] D:\杀毒软件\Rising\Rav\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-21 18:08 M:2009-01-12 01:27] C:\WINDOWS\System32\mswsock.dll [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] C:\WINDOWS\system32\DNSAPI.dll [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] [PID: 2160 / Administrator] C:\WINDOWS\system32\ctfmon.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-06-12 10:01 M:2008-06-12 10:01] [PID: 196 / Administrator] D:\Program Files\Tencent\QQ\QQ.exe [(Verified)TENCENT, 8,0,830,1811, C:2008-11-29 16:39 M:2008-05-27 09:43] D:\Program Files\Tencent\QQ\QQBaseClassInDll.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-11-29 16:39 M:2008-05-27 09:43] D:\Program Files\Tencent\QQ\QQHelperDll.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-11-29 16:39 M:2008-05-27 09:44] D:\Program Files\Tencent\QQ\BasicCtrlDll.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-11-29 16:39 M:2008-05-27 09:46] C:\WINDOWS\system32\WININET.dll [Microsoft Corporation, 6.00.2900.5583 (xpsp_sp3_gdr.080417-1430), C:2008-06-12 10:00 M:2008-06-12 10:00] D:\Program Files\Tencent\QQ\MSIMG32.dll [N/A, C:2008-11-29 16:39 M:2000-01-01 00:00] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-06-12 10:01 M:2008-06-12 10:01] D:\Program Files\Tencent\QQ\FinePlus.dll [N/A, C:2008-11-29 16:39 M:2000-01-01 00:00] D:\Program Files\Tencent\QQ\fphelper.dll [N/A, C:2008-11-29 16:39 M:2000-01-01 00:00] D:\Program Files\Tencent\QQ\QQAPI.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-11-29 16:39 M:2008-05-27 09:43] D:\Program Files\Tencent\QQ\LoginCtrl.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-11-29 16:39 M:2008-05-27 09:42] D:\Program Files\Tencent\QQ\LoginCtrlRes.dll [TENCENT, 8,0,713,1791, C:2008-11-29 16:39 M:2008-01-26 15:39] D:\Program Files\Tencent\QQ\QQRes.dll [(Verified)TENCENT, 8, 0, 830, 1811, C:2008-11-29 16:39 M:2008-05-27 09:44] D:\Program Files\Tencent\QQ\QQMainFrame.dll [(Verified)N/A, C:2008-11-29 16:39 M:2008-05-27 09:44] D:\Program Files\Tencent\QQ\QQPlugin.dll [(Verified)N/A, C:2008-11-29 16:39 M:2008-05-27 09:44] D:\Program Files\Tencent\QQ\UnReadMsgMgr.dll [(Verified)N/A, C:2008-11-29 16:39 M:2008-05-27 09:46] D:\Program Files\Tencent\QQ\CQQApplication.dll [(Verified)N/A, C:2008-11-29 16:39 M:2008-05-27 09:42] D:\Program Files\Tencent\QQ\FlashAvatarDll.dll [(Verified)版权所有 (C) 2005, 1, 4, 0, 1, C:2008-11-29 16:39 M:2008-05-27 09:42] D:\Program Files\Tencent\QQ\NewSkin.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-11-29 16:39 M:2008-05-27 09:43] D:\Program Files\Tencent\QQ\MailSummary.dll [(Verified)TENCENT, 8,0,773,1801, C:2008-11-29 16:39 M:2008-05-27 09:43] C:\WINDOWS\System32\mswsock.dll [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] C:\WINDOWS\system32\DNSAPI.dll [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] D:\Program Files\Tencent\QQ\QQSpace.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-11-29 16:39 M:2008-05-27 09:45] C:\WINDOWS\system32\msdmo.dll [(Verified)N/A, C:2008-04-14 20:00 M:2008-04-14 20:00] D:\Program Files\Tencent\QQ\QQKnowledgeSearch.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-11-29 16:39 M:2008-05-27 09:44] D:\Program Files\Tencent\QQ\OEMApplication.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-11-29 16:39 M:2008-05-27 09:43] D:\Program Files\Tencent\QQ\QQGroupMng.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-11-29 16:39 M:2008-05-27 14:13] D:\Program Files\Tencent\QQ\QQAvatar.dll [(Verified)N/A, C:2008-11-29 16:39 M:2008-05-27 09:43] D:\Program Files\Tencent\QQ\QQAllInOne.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-11-29 16:39 M:2008-05-27 09:43] D:\Program Files\Tencent\QQ\SCCore.dll [(Verified)TENCENT, 1, 6, 0, 2, C:2008-11-29 16:39 M:2008-05-27 09:45] D:\Program Files\Tencent\QQ\CameraDll.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-11-29 16:39 M:2008-05-27 09:46] D:\Program Files\Tencent\QQ\QQPet.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-11-29 16:39 M:2008-05-27 09:44] D:\Program Files\Tencent\QQ\QRingMng.dll [(Verified)N/A, C:2008-11-29 16:39 M:2008-05-27 09:45] D:\Program Files\Tencent\QQ\UserDefinedHead.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-11-29 16:39 M:2008-05-27 09:46] D:\Program Files\Tencent\QQ\videodevice.dll [(Verified)Tencent, 2, 1, 0, 0, C:2008-11-29 16:39 M:2008-05-27 09:47] D:\Program Files\Tencent\QQ\inplus.dll [(Verified)Tencent, 2, 1, 0, 0, C:2008-11-29 16:39 M:2008-05-27 09:46] C:\WINDOWS\system32\quartz.dll [Microsoft Corporation, 6.05.2600.5596, C:2008-06-12 10:00 M:2008-06-12 10:00] C:\Program Files\MYMPC\codecs\VSFilter.dll [Gabest, 1, 0, 1, 2, C:2008-11-29 16:39 M:2005-03-21 17:47] C:\Program Files\MYMPC\codecs\OggSplitter.ax [Gabest, 1, 0, 0, 0, C:2008-11-29 16:39 M:2004-12-21 00:14] C:\WINDOWS\system32\RealMediaSplitter.ax [Gabest, 1, 0, 1, 0, C:2008-07-08 17:14 M:2005-02-27 21:48] C:\Program Files\MYMPC\codecs\ffdshow.ax [Copyright ? 2002-2005 Milan ?utka, 1.0.2.2605, C:2008-11-29 16:39 M:2005-12-09 14:25] C:\WINDOWS\system32\l3codecx.ax [(Verified)Fraunhofer Institut Integrierte Schaltungen IIS, 1, 5, 0, 50, C:2008-04-14 20:00 M:2008-04-14 20:00] C:\WINDOWS\system32\ac3filter.cpl [版权所有(C) 2002-2004 by Alexander Vigovsky, 1.01a, C:2008-07-08 17:14 M:2004-05-29 18:11] D:\Program Files\Tencent\QQ\QQConfigPlugin.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-11-29 16:39 M:2008-05-27 09:43] D:\Program Files\Tencent\QQ\QQCustomFace.dll [(Verified)N/A, C:2008-11-29 16:39 M:2008-05-27 09:44] D:\Program Files\Tencent\QQ\ImageOle.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-11-29 16:39 M:2008-05-27 09:46] D:\Program Files\Tencent\QQ\QQSceneMng.dll [(Verified)N/A, C:2008-11-29 16:39 M:2008-05-27 09:44] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 18:53 M:2008-04-13 18:53] D:\杀毒软件\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.60, C:2009-02-03 08:11 M:2009-02-03 08:10] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 10:42 M:2003-02-21 10:42] C:\WINDOWS\system32\jscript.dll [Microsoft Corporation, 5.7.0.18066, C:2008-04-14 20:00 M:2008-05-09 18:53] C:\WINDOWS\system32\vbscript.dll [Microsoft Corporation, 5.7.0.18066, C:2008-04-14 20:00 M:2008-05-09 18:53] D:\Program Files\Tencent\QQ\QQLiveQMng.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-11-29 16:39 M:2008-05-27 09:44] D:\Program Files\Tencent\QQ\LongConnection.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-11-29 16:39 M:2008-05-27 09:47] D:\Program Files\Tencent\QQ\PhoneAPI.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-11-29 16:39 M:2008-05-27 09:43] D:\Program Files\Tencent\QQ\DialerAllinOne.dll [(Verified)tencent, 1, 4, 0, 0, C:2008-11-29 16:39 M:2008-05-27 09:42] D:\Program Files\Tencent\QQ\BQQApplication.dll [(Verified)N/A, C:2008-11-29 16:39 M:2008-05-27 09:42] D:\Program Files\Tencent\QQ\QQSysMsgMng.dll [(Verified)N/A, C:2008-11-29 16:39 M:2008-05-27 09:45] D:\Program Files\Tencent\QQ\PersonalDesktop.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-11-29 16:39 M:2008-05-27 09:47] D:\Program Files\Tencent\QQ\GroupConnection.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-11-29 16:39 M:2008-05-27 09:46] D:\Program Files\Tencent\QQ\QQOneClick.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-11-29 16:39 M:2008-05-27 09:44] D:\Program Files\Tencent\QQ\CommercesMng.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-11-29 16:39 M:2008-05-27 09:42] D:\Program Files\Tencent\QQ\QQAddr.dll [(Verified)深圳市腾讯计算机系统有限公司, 5, 0, 101, 330, C:2008-11-29 16:39 M:2008-05-27 09:47] C:\WINDOWS\system32\mshtml.dll [Microsoft Corporation, 6.00.2900.5583 (xpsp_sp3_gdr.080417-1430), C:2008-06-12 10:00 M:2008-06-12 10:00] D:\Program Files\Tencent\QQ\AddrSearch.dll [(Verified)腾讯科技(深圳)有限公司, 2, 0, 1, 10, C:2008-11-29 16:39 M:2008-05-27 09:42] D:\Program Files\Tencent\QQ\QQMsgFriendMng.dll [(Verified)N/A, C:2008-11-29 16:39 M:2008-05-27 09:44] D:\Program Files\Tencent\QQ\QQZip.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-11-29 16:39 M:2008-05-27 09:47] C:\WINDOWS\system32\UNISPIM6.IME [(Verified)北京紫光华宇软件股份有限公司, 6.1.0.6240, C:2009-02-03 08:31 M:2008-08-07 10:01] [PID: 2156 / Administrator] D:\kaka\rstray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.16, C:2009-02-04 09:27 M:2009-02-04 09:26] D:\kaka\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-02-04 09:27 M:2009-02-04 09:26] C:\WINDOWS\system32\WININET.dll [Microsoft Corporation, 6.00.2900.5583 (xpsp_sp3_gdr.080417-1430), C:2008-06-12 10:00 M:2008-06-12 10:00] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-06-12 10:01 M:2008-06-12 10:01] D:\kaka\RsXML.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2009-02-04 09:27 M:2009-02-04 09:26] D:\kaka\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2009-02-04 09:27 M:2009-02-04 09:26] D:\kaka\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2009-02-04 09:27 M:2009-02-04 09:26] D:\kaka\ComServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.31, C:2009-02-04 09:27 M:2009-02-04 09:26] D:\kaka\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-02-04 09:27 M:2009-02-04 09:26] D:\kaka\rscommon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.1.1, C:2009-02-04 09:27 M:2009-02-04 09:26] D:\kaka\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-02-04 09:27 M:2009-02-04 09:26] D:\kaka\pngdll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2009-02-04 09:27 M:2009-02-04 09:26] D:\kaka\runiep.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.42, C:2009-02-04 09:27 M:2009-02-04 09:26] D:\kaka\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.11, C:2009-02-04 09:27 M:2009-02-04 09:26] D:\杀毒软件\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2009-02-03 08:11 M:2009-02-03 08:10] D:\kaka\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2009-02-04 09:27 M:2009-02-04 09:26] C:\WINDOWS\System32\mswsock.dll [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] C:\WINDOWS\system32\DNSAPI.dll [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] [PID: 1952 / Administrator] D:\kaka\knownsvr.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.14, C:2009-02-04 09:27 M:2009-02-04 09:26] D:\kaka\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.11, C:2009-02-04 09:27 M:2009-02-04 09:26] C:\WINDOWS\system32\WININET.dll [Microsoft Corporation, 6.00.2900.5583 (xpsp_sp3_gdr.080417-1430), C:2008-06-12 10:00 M:2008-06-12 10:00] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-02-04 09:27 M:2009-02-04 09:26] D:\kaka\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-02-04 09:27 M:2009-02-04 09:26] D:\kaka\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-02-04 09:27 M:2009-02-04 09:26] [PID: 2528 / Administrator] C:\WINDOWS\hh.exe [(Verified)Microsoft Corporation, 5.2.3790.2453 (srv03_sp1_qfe.050525-1536), C:2008-04-14 20:00 M:2008-04-14 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-06-12 10:01 M:2008-06-12 10:01] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-02-04 09:27 M:2009-02-04 09:26] D:\kaka\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-02-04 09:27 M:2009-02-04 09:26] D:\kaka\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-02-04 09:27 M:2009-02-04 09:26] C:\WINDOWS\system32\WININET.dll [Microsoft Corporation, 6.00.2900.5583 (xpsp_sp3_gdr.080417-1430), C:2008-06-12 10:00 M:2008-06-12 10:00] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 18:53 M:2008-04-13 18:53] C:\WINDOWS\system32\mshtml.dll [Microsoft Corporation, 6.00.2900.5583 (xpsp_sp3_gdr.080417-1430), C:2008-06-12 10:00 M:2008-06-12 10:00] D:\杀毒软件\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.60, C:2009-02-03 08:11 M:2009-02-03 08:10] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 10:42 M:2003-02-21 10:42] C:\WINDOWS\system32\jscript.dll [Microsoft Corporation, 5.7.0.18066, C:2008-04-14 20:00 M:2008-05-09 18:53] C:\WINDOWS\system32\vbscript.dll [Microsoft Corporation, 5.7.0.18066, C:2008-04-14 20:00 M:2008-05-09 18:53] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-02-03 08:03 M:2009-02-03 08:06] [PID: 3964 / Administrator] D:\TheWorld 2.0\TheWorld.exe [(Verified)Phoenix Studio, 2, 4, 0, 2, C:2009-01-20 10:57 M:2009-01-20 10:57] C:\WINDOWS\system32\WININET.dll [Microsoft Corporation, 6.00.2900.5583 (xpsp_sp3_gdr.080417-1430), C:2008-06-12 10:00 M:2008-06-12 10:00] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-02-04 09:27 M:2009-02-04 09:26] D:\kaka\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-02-04 09:27 M:2009-02-04 09:26] D:\kaka\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-02-04 09:27 M:2009-02-04 09:26] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-06-12 10:01 M:2008-06-12 10:01] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 18:53 M:2008-04-13 18:53] C:\WINDOWS\system32\vbscript.dll [Microsoft Corporation, 5.7.0.18066, C:2008-04-14 20:00 M:2008-05-09 18:53] C:\WINDOWS\system32\mshtml.dll [Microsoft Corporation, 6.00.2900.5583 (xpsp_sp3_gdr.080417-1430), C:2008-06-12 10:00 M:2008-06-12 10:00] D:\杀毒软件\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.60, C:2009-02-03 08:11 M:2009-02-03 08:10] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 10:42 M:2003-02-21 10:42] C:\WINDOWS\system32\jscript.dll [Microsoft Corporation, 5.7.0.18066, C:2008-04-14 20:00 M:2008-05-09 18:53] C:\WINDOWS\system32\mswsock.dll [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] C:\WINDOWS\system32\DNSAPI.dll [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32] [PID: 2616 / Administrator] D:\arswp\ArSwp.exe [(Verified)ArSwp.com, 2, 8, 2, 1115, C:2009-02-03 11:49 M:2008-11-15 11:58] C:\WINDOWS\system32\WININET.dll [Microsoft Corporation, 6.00.2900.5583 (xpsp_sp3_gdr.080417-1430), C:2008-06-12 10:00 M:2008-06-12 10:00] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-02-04 09:27 M:2009-02-04 09:26] D:\kaka\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-02-04 09:27 M:2009-02-04 09:26] D:\kaka\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-02-04 09:27 M:2009-02-04 09:26] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-06-12 10:01 M:2008-06-12 10:01] C:\WINDOWS\system32\mswsock.dll [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] C:\WINDOWS\system32\DNSAPI.dll [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 18:53 M:2008-04-13 18:53] C:\WINDOWS\system32\mshtml.dll [Microsoft Corporation, 6.00.2900.5583 (xpsp_sp3_gdr.080417-1430), C:2008-06-12 10:00 M:2008-06-12 10:00] D:\arswp\plugin\ArFix.dll [(Verified)ArSwp.Com, 2, 5, 0, 0, C:2009-02-03 11:49 M:2007-11-28 15:19] D:\杀毒软件\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.60, C:2009-02-03 08:11 M:2009-02-03 08:10] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 10:42 M:2003-02-21 10:42] C:\WINDOWS\system32\jscript.dll [Microsoft Corporation, 5.7.0.18066, C:2008-04-14 20:00 M:2008-05-09 18:53] C:\WINDOWS\system32\vbscript.dll [Microsoft Corporation, 5.7.0.18066, C:2008-04-14 20:00 M:2008-05-09 18:53] C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32] ======================================== 文件关联 [.vbs] <%SystemRoot%\System32\WScript.exe "%1" %*> [Microsoft Corporation, 5.7.0.18066, C:2008-04-14 20:00 M:2008-05-08 19:24] [.js] <%SystemRoot%\System32\WScript.exe "%1" %*> [Microsoft Corporation, 5.7.0.18066, C:2008-04-14 20:00 M:2008-05-08 19:24] ======================================== AutoRun.INF ======================================== Winsock提供者 MSAFD Tcpip [TCP/IP] <%SystemRoot%\system32\mswsock.dll> [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] MSAFD Tcpip [UDP/IP] <%SystemRoot%\system32\mswsock.dll> [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] MSAFD Tcpip [RAW/IP] <%SystemRoot%\system32\mswsock.dll> [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] MSAFD NetBIOS [\Device\NetBT_Tcpip_{79241F1B-B63D-4239-9DC0-66D32D7A3059}] SEQPACKET 0 <%SystemRoot%\system32\mswsock.dll> [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] MSAFD NetBIOS [\Device\NetBT_Tcpip_{79241F1B-B63D-4239-9DC0-66D32D7A3059}] DATAGRAM 0 <%SystemRoot%\system32\mswsock.dll> [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] MSAFD NetBIOS [\Device\NetBT_Tcpip_{F6C60E97-F8D3-4E62-9FA2-A9D685B07D97}] SEQPACKET 1 <%SystemRoot%\system32\mswsock.dll> [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] MSAFD NetBIOS [\Device\NetBT_Tcpip_{F6C60E97-F8D3-4E62-9FA2-A9D685B07D97}] DATAGRAM 1 <%SystemRoot%\system32\mswsock.dll> [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] MSAFD NetBIOS [\Device\NetBT_Tcpip_{90284CC5-9E19-496E-A350-36F5EAF0B47E}] SEQPACKET 2 <%SystemRoot%\system32\mswsock.dll> [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] MSAFD NetBIOS [\Device\NetBT_Tcpip_{90284CC5-9E19-496E-A350-36F5EAF0B47E}] DATAGRAM 2 <%SystemRoot%\system32\mswsock.dll> [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] MSAFD NetBIOS [\Device\NetBT_Tcpip_{416F85E2-F61E-433B-A5CC-F657DA01380E}] SEQPACKET 3 <%SystemRoot%\system32\mswsock.dll> [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] MSAFD NetBIOS [\Device\NetBT_Tcpip_{416F85E2-F61E-433B-A5CC-F657DA01380E}] DATAGRAM 3 <%SystemRoot%\system32\mswsock.dll> [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] MSAFD NetBIOS [\Device\NetBT_Tcpip_{87A8F269-50E0-465D-B976-65A5AEE9B592}] SEQPACKET 4 <%SystemRoot%\system32\mswsock.dll> [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] MSAFD NetBIOS [\Device\NetBT_Tcpip_{87A8F269-50E0-465D-B976-65A5AEE9B592}] DATAGRAM 4 <%SystemRoot%\system32\mswsock.dll> [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-21 01:46] ======================================== HOSTS 127.0.0.1 localhost 127.0.0.1 858656.com 127.0.0.1 my123.com 127.0.0.1 8749.com 127.0.0.1 4199.com 127.0.0.1 7379.com 127.0.0.1 7255.com 127.0.0.1 3448.com 127.0.0.1 7939.com 127.0.0.1 8009.com 127.0.0.1 piaoxue.com 127.0.0.1 kzdh.com 127.0.0.1 about.blank.la 127.0.0.1 6781.com 127.0.0.1 7322.com 127.0.0.1 9991.com [/CODE]