[CODE] 2009-04-16,19:25:47 SysLog Scanner 1.0 - build 20080726 Arswp (http://www.arswp.com) Windows XP Professional Service Pack 3 (build 2600) - Administrators ======================================== 注册项 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <"C:\Program Files\Rising\Rav\RsTray.exe" -system> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22, C:2008-12-25 19:10 M:2009-01-08 15:46] <"C:\Program Files\Rising\RFW\RsTray.exe" -system> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22, C:2008-12-25 19:21 M:2009-01-08 12:01] <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)360安全中心, 2, 5, 2, 1004, C:2009-03-26 20:50 M:2009-03-26 20:50] [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2008-07-14 18:14 M:2008-04-13 19:14|NVIDIA Corporation, 6.14.11.8206, C:2008-12-25 13:24 M:2009-02-09 13:18] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载] <> [N/A, C:2008-12-25 17:58 M:2008-12-24 13:09] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载全部链接] <> [N/A, C:2008-12-25 17:58 M:2008-12-24 13:09] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\添加到QQ表情] <> [N/A, C:2008-06-30 17:14 M:2008-06-30 17:14] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2008-07-14 18:14 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-07-14 18:12 M:2008-04-13 19:13|(Verified)N/A, C:2008-07-14 18:15 M:2008-04-13 18:57] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2008-07-14 18:14 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-07-14 18:12 M:2008-04-13 19:13|(Verified)N/A, C:2008-07-14 18:16 M:2008-04-13 18:57] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2008-07-14 18:14 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-07-14 18:12 M:2008-04-13 19:13|(Verified)N/A, C:2008-07-14 19:27 M:2005-01-28 15:25] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}] <启动迅雷5> [(Verified)Thunder Networking Technologies,LTD, 5, 6, 8, 19, C:2008-12-25 17:58 M:2008-12-24 12:53] ======================================== 启动项 ======================================== 计划任务 ======================================== 组件 Shell Extension [Display Panning CPL Extension] {42071714-76d4-11d1-8b24-00a0c9068ff3} [] [Microsoft Agent Character Property Sheet Handler] {143A62C8-C33B-11D1-84FE-00C04FA34A14} [Microsoft Corporation, 2.00.0.2115, C:1998-09-15 17:21 M:1998-09-15 17:21] [WinRAR shell extension] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2008-07-14 19:14 M:2007-09-23 18:59] [Desktop Explorer] {1CDB2949-8F65-4355-8456-263E7C208A5D} [N/A, C:2008-12-25 13:26 M:2009-02-09 13:18] [Desktop Explorer Menu] {1E9B04FB-F9E5-4718-997B-B8DA88302A47} [N/A, C:2008-12-25 13:26 M:2009-02-09 13:18] [nView Desktop Context Menu] {1E9B04FB-F9E5-4718-997B-B8DA88302A48} [N/A, C:2008-12-25 13:26 M:2009-02-09 13:18] [RISING] {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-25 19:10 M:2008-12-25 19:09] [NvCpl DesktopContext Class] {A70C977A-BF00-412C-90B7-034C51DA2439} [NVIDIA Corporation, 6.14.11.8206, C:2008-12-25 13:24 M:2009-02-09 13:18] [Play on my TV helper] {FFB699E0-306A-11d3-8BD1-00104B6F7516} [NVIDIA Corporation, 6.14.11.8206, C:2008-12-25 13:24 M:2009-02-09 13:18] BrowserHelperObject [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 120, C:2008-12-25 17:58 M:2008-12-24 12:54] ActiveX Extension [WangWangX Class] {5D09DD40-CDC4-4C56-B615-0D1E3B357C2B} [(Verified)Alibaba software (Shanghai) Corporation., 1.0.0.1, C:2008-09-22 21:48 M:2009-03-16 14:07] [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 120, C:2008-12-25 17:58 M:2008-12-24 12:54] [ThunderAtOnce Class] {D13424D4-2159-46EC-A46D-17BD39FDC3ED} [] [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [(Verified)Adobe Systems, Inc., 10,0,12,36, C:2008-10-05 11:20 M:2008-10-05 11:20] [PlayerCtrl Class] {E05BC2A3-9A46-4A32-80C9-023A473F5B23} [(Verified)深圳腾讯科技, 3, 1, 164, 203, C:2007-10-13 13:24 M:2007-10-13 13:24] Context Menu [OpenFolder] {0DE1378D-F811-40E6-B60A-1CC56F57D3E9} [(Verified)Alibaba software (Shanghai) Corporation., 1.0.0.1, C:2008-09-22 21:48 M:2008-09-22 21:48] [RisingRavExt] {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-25 19:10 M:2008-12-25 19:09] [WinRAR] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2008-07-14 19:14 M:2007-09-23 18:59] ======================================== 服务 [EQService / EQService][Stopped/Manual Start] [EQSecure, 2008, 11, 30, 26, C:2008-11-30 21:28 M:2008-11-30 21:28] [GP_CLT_Service / GP_CLT_Service][Running/Auto Start] [版权所有 (C) 2007, 1, 0, 1, 8, C:2008-12-25 22:33 M:2008-12-25 22:33] [Human Interface Device Access / HidServ][Stopped/Disabled] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\hidserv.dll"> [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-07-14 18:14 M:2008-04-13 19:14] [NVIDIA Display Driver Service / NVSvc][Running/Auto Start] <%SystemRoot%\system32\nvsvc32.exe> [NVIDIA Corporation, 6.14.11.8206, C:2008-12-25 13:24 M:2009-02-09 13:18] [Contrl Center of Storm Media / ccosm][Running/Auto Start] [(Verified)北京暴风网际科技有限公司, 3, 9, 1, 15, C:2008-03-11 14:33 M:2009-01-14 12:18] [Rav Process Communication Center / RavCCenter][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-25 19:10 M:2008-12-25 19:09] [Rising RavTask Manager / RavTask][Running/Auto Start] <"C:\Program Files\Rising\Rav\RavTask.exe" RavTask> [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24, C:2008-12-25 19:10 M:2009-04-13 18:21] [Rfw Process Communication Center / RfwCCenter][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-25 19:21 M:2008-12-25 19:20] [Rising Personal Firewall Service / RfwService][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-25 19:21 M:2008-12-25 19:20] [Rising RfwTask Manager / RfwTask][Running/Auto Start] <"C:\Program Files\Rising\RFW\RavTask.exe" RfwTask> [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24, C:2008-12-25 19:21 M:2009-04-13 19:25] [Rising RealTime Monitor / RsRavMon][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-25 19:10 M:2008-12-25 19:09] [Rising Scan Service / RsScanSrv][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2008-12-25 19:10 M:2008-12-25 19:09] ======================================== 驱动 [360procmon / 360procmon][Stopped/Manual Start] <\??\D:\Program Files\360safe\safemon\360procmon.sys> [] [CNLTF A380 PC Camera / A0380VID][Stopped/Manual Start] [CNLTF., 1.2.5.0124, C:2008-12-29 02:41 M:2007-02-05 15:33] [EagleNT / EagleNT][Stopped/Manual Start] <\??\C:\WINDOWS\system32\drivers\EagleNT.sys> [] [EQSysSecure / EQSysSecure][Stopped/Manual Start] <\??\C:\WINDOWS\system32\drivers\EQSysSecure.sys> [EQSecure, 4.32, C:2009-01-14 13:01 M:2008-12-05 20:36] [Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start] [Realtek Semiconductor Corp., 5.10.0.5730 built by: WinDDK, C:2008-12-25 13:24 M:2008-10-31 11:38] [nv / nv][Running/Manual Start] [NVIDIA Corporation, 6.14.11.8206, C:2008-12-25 13:24 M:2009-02-09 13:18] [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start] [NVIDIA Corporation, 10.3.0.16 built by: WinDDK, C:2008-03-28 10:43 M:2007-12-07 15:27] [SATALink driver accelerator / SiFilter][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\SiWinAcc.sys> [Silicon Image, Inc., 1.0.0.11, C:2008-01-23 17:20 M:2006-08-08 22:19] [System Restore Filter Driver / sr][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\sr.sys> [] [TCP/IP Protocol Driver / Tcpip][Running/System Start] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-07-14 18:14 M:2008-06-20 19:51] [Virtual Audio Input / vad_hw][Running/Manual Start] [luckyju, 1.1.0001.0 built by: WinDDK, C:2008-10-26 15:01 M:2008-10-26 15:01] [viamraid / viamraid][Stopped/Boot Start] [VIA Technologies inc,.ltd, 5.1.6000.562, C:2008-01-23 17:20 M:2007-07-17 13:35] [AMD Processor Driver / AmdK8][Running/System Start] [(Verified)Advanced Micro Devices, 1.3.2 (dnsrv(wmbla).060701-2226), C:2008-01-02 16:33 M:2006-07-01 22:43] [AMD Low Level Device Driver / AmdLLD][Running/Manual Start] [(Verified)AMD, Inc., 1.0.1.0, C:2008-12-25 13:28 M:2007-06-29 14:47] [CIDC USB KEY Driver / CIDCUSB][Stopped/Manual Start] [(Verified)CIDC., 1, 0, 4, 6, C:2007-05-08 18:43 M:2008-12-25 22:33] [Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start] [(Verified)Windows (R) Server 2003 DDK provider, 5.10.01.5013 built by: WinDDK, C:2008-04-13 17:36 M:2008-04-13 19:25] [hookcont / hookcont][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 6, C:2008-12-25 19:10 M:2008-12-25 19:09] [hooksys / hooksys][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 53, C:2008-12-25 19:10 M:2009-03-30 12:09] [Intel AHCI Controller / iaStor7][Running/Boot Start] [(Verified)Intel Corporation, 7.8.0.1012, C:2008-01-23 17:20 M:2007-09-29 23:03] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:2008-07-14 18:14 M:2001-09-05 20:00] [Rising RfwBase Driver / RfwBase9][Running/Manual Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.2, C:2008-12-25 19:21 M:2008-12-25 19:20] [rfwtdi / rfwtdi][Running/Auto Start] <\??\C:\Program Files\Rising\RFW\rfwtdi.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-25 19:21 M:2009-04-13 19:25] [rsfwdrv / rsfwdrv][Running/System Start] <\??\C:\Program Files\Rising\RFW\rsfwdrv.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.46, C:2008-12-25 19:21 M:2009-03-11 14:51] [RsNTGDI / RsNTGDI][Running/Boot Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-25 19:10 M:2008-12-25 19:09] [RsProtect / RsProtect][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 8, C:2008-12-29 02:29 M:2008-12-29 02:29] [Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver / RTLE8023xp][Running/Manual Start] [(Verified)Realtek Semiconductor Corporation , 5.686.0103.2008 built by: WinDDK, C:2008-12-25 13:24 M:2008-01-03 22:10] [SafeBoxKrnl / SafeBoxKrnl][Running/System Start] <\??\C:\WINDOWS\system32\drivers\SafeBoxKrnl.sys> [(Verified)360安全中心, 2, 3, 0, 1010, C:2009-03-03 18:15 M:2009-03-03 18:15] [Secdrv / Secdrv][Stopped/Manual Start] [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:2008-07-14 18:14 M:2008-04-13 09:39] ======================================== 进程 [PID: 884 / SYSTEM] \SystemRoot\System32\smss.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-07-14 18:14 M:2008-04-13 19:14] [PID: 940 / SYSTEM] \??\C:\WINDOWS\system32\csrss.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-07-14 18:12 M:2008-04-13 19:13] [PID: 964 / SYSTEM] \??\C:\WINDOWS\system32\winlogon.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2008-07-14 18:15 M:2008-04-13 19:14] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-07-14 18:14 M:2008-07-14 19:50] [PID: 1008 / SYSTEM] C:\WINDOWS\system32\services.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-07-14 18:14 M:2008-04-13 19:14] [PID: 1020 / SYSTEM] C:\WINDOWS\system32\lsass.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2008-07-14 18:13 M:2008-04-13 19:14] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-07-14 18:14 M:2008-07-14 19:50] [PID: 1188 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-07-14 18:14 M:2008-04-13 19:14] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-07-14 18:14 M:2008-07-14 19:50] [PID: 1268 / ] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-07-14 18:14 M:2008-04-13 19:14] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-07-14 18:14 M:2008-07-14 19:50] [PID: 1424 / SYSTEM] C:\Program Files\Rising\Rav\CCENTER.EXE [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\Program Files\Rising\Rav\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\Program Files\Rising\Rav\cnt09.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 37, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\Program Files\Rising\Rav\cnt08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-07-14 18:14 M:2008-07-14 19:50] [PID: 1456 / SYSTEM] C:\Program Files\Rising\RFW\CCENTER.EXE [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-25 19:21 M:2008-12-25 19:20] C:\Program Files\Rising\RFW\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-25 19:21 M:2008-12-25 19:20] C:\Program Files\Rising\RFW\cnt09.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 37, C:2008-12-25 19:21 M:2008-12-25 19:20] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-07-14 18:14 M:2008-07-14 19:50] [PID: 1464 / SYSTEM] C:\WINDOWS\System32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-07-14 18:14 M:2008-04-13 19:14] C:\WINDOWS\System32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-07-14 18:14 M:2008-07-14 19:50] [PID: 1528 / SYSTEM] C:\Program Files\Rising\Rav\RavTask.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24, C:2008-12-25 19:10 M:2009-04-13 18:21] C:\Program Files\Rising\Rav\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2008-12-25 17:58 M:2008-11-15 12:59] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-12-25 17:58 M:2008-11-15 12:59] C:\Program Files\Rising\Rav\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-25 19:10 M:2009-03-19 15:46] C:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2008-12-25 19:10 M:2009-01-14 17:20] C:\Program Files\Rising\Rav\rstask.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 36, C:2008-12-25 19:10 M:2009-01-20 12:46] C:\Program Files\Rising\Rav\rsstub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-07-14 18:14 M:2008-07-14 19:50] [PID: 1552 / SYSTEM] C:\Program Files\Rising\RFW\RavTask.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24, C:2008-12-25 19:21 M:2009-04-13 19:25] C:\Program Files\Rising\RFW\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-25 19:21 M:2008-12-25 19:20] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2008-12-25 17:58 M:2008-11-15 12:59] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-12-25 17:58 M:2008-11-15 12:59] C:\Program Files\Rising\RFW\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-25 19:21 M:2009-03-19 13:46] C:\Program Files\Rising\RFW\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-25 19:21 M:2008-12-25 19:20] C:\Program Files\Rising\RFW\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2008-12-25 19:21 M:2009-01-14 17:06] C:\Program Files\Rising\RFW\rstask.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 36, C:2008-12-25 19:21 M:2009-01-20 12:01] C:\Program Files\Rising\RFW\rsstub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-25 19:21 M:2008-12-25 19:20] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-07-14 18:14 M:2008-07-14 19:50] [PID: 1596 / ] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-07-14 18:14 M:2008-04-13 19:14] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-07-14 18:14 M:2008-07-14 19:50] [PID: 1868 / SYSTEM] d:\Program Files\StormII\stormliv.exe [(Verified)北京暴风网际科技有限公司, 3, 9, 1, 15, C:2008-03-11 14:33 M:2009-01-14 12:18] d:\Program Files\StormII\MSVCP60.dll [Microsoft Corporation, 6.02.3104.0, C:2007-09-21 19:43 M:2007-09-21 19:43] d:\Program Files\StormII\P2PCLient.dll [(Verified)Copyright (C) 2008, 3, 8, 12, 25, C:2009-03-14 19:46 M:2008-12-24 18:00] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-07-14 18:14 M:2008-07-14 19:50] d:\Program Files\StormII\bfoptdll.dll [北京暴风网际科技有限公司, 3, 8, 7, 16, C:2008-08-01 20:11 M:2008-08-01 20:11] d:\Program Files\StormII\box\BoxLog.dll [(Verified)北京暴风网际科技有限公司, 3, 9, 2, 19, C:2009-01-14 13:04 M:2009-02-27 11:26] [PID: 1996 / SYSTEM] C:\WINDOWS\system32\GP_CLT_Service.exe [版权所有 (C) 2007, 1, 0, 1, 8, C:2008-12-25 22:33 M:2008-12-25 22:33] [PID: 136 / SYSTEM] C:\WINDOWS\system32\nvsvc32.exe [NVIDIA Corporation, 6.14.11.8206, C:2008-12-25 13:24 M:2009-02-09 13:18] C:\WINDOWS\system32\nvapi.dll [NVIDIA Corporation, 6.14.11.8206, C:2008-12-25 13:24 M:2009-02-09 13:18] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-07-14 18:14 M:2008-07-14 19:50] [PID: 228 / SYSTEM] C:\Program Files\Rising\Rav\ScanFrm.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-12-25 17:58 M:2008-11-15 12:59] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2008-12-25 17:58 M:2008-11-15 12:59] C:\Program Files\Rising\Rav\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\Program Files\Rising\Rav\moncomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\Program Files\Rising\Rav\scansrvp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.12, C:2008-12-25 19:10 M:2009-04-13 18:27] C:\Program Files\Rising\Rav\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\Program Files\Rising\Rav\ScanSrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.10, C:2008-12-25 19:10 M:2009-04-13 18:27] C:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-25 19:10 M:2009-03-02 14:19] C:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-07-14 18:14 M:2008-07-14 19:50] C:\Program Files\Rising\Rav\ScanRavT.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25, C:2008-12-25 19:10 M:2009-04-13 18:27] C:\Program Files\Rising\Rav\ScanBT.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.44, C:2008-12-25 19:10 M:2009-04-13 18:27] C:\Program Files\Rising\Rav\ScanStub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.9, C:2008-12-25 19:10 M:2009-04-13 18:27] C:\Program Files\Rising\Rav\RsLog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.34, C:2008-12-25 19:10 M:2009-03-09 15:17] C:\Program Files\Rising\Rav\ScanAdd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.17, C:2008-12-25 19:10 M:2009-04-13 18:27] C:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2008-12-25 19:10 M:2009-01-14 17:20] C:\Program Files\Rising\Rav\Scanner.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.36, C:2008-12-25 19:10 M:2009-04-13 18:27] C:\Program Files\Rising\Rav\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-25 19:10 M:2009-02-19 19:12] C:\Program Files\Rising\Rav\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\Program Files\Rising\Rav\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-25 19:10 M:2008-12-25 22:36] C:\Program Files\Rising\Rav\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\Program Files\Rising\Rav\mvengine.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\Program Files\Rising\Rav\posttrt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\Program Files\Rising\Rav\ffr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-25 19:10 M:2009-02-18 13:47] C:\Program Files\Rising\Rav\nvfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-25 19:10 M:2008-12-25 19:09] [PID: 224 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-07-14 18:14 M:2008-04-13 19:14] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-07-14 18:14 M:2008-07-14 19:50] [PID: 284 / ] C:\WINDOWS\system32\wdfmgr.exe [(Verified)Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act), C:2008-07-14 19:27 M:2005-01-28 01:36] [PID: 828 / Administrator] C:\WINDOWS\Explorer.EXE [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-07-14 18:13 M:2008-04-13 19:14] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-07-14 18:14 M:2008-07-14 19:50] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-05-24 18:34 M:2008-01-17 15:15] C:\WINDOWS\system32\nvcpl.dll [NVIDIA Corporation, 6.14.11.8206, C:2008-12-25 13:24 M:2009-02-09 13:18] C:\WINDOWS\system32\NVRSZHC.DLL [NVIDIA Corporation, 6.14.11.8206, C:2008-10-07 13:33 M:2009-02-09 13:18] C:\WINDOWS\system32\nvapi.dll [NVIDIA Corporation, 6.14.11.8206, C:2008-12-25 13:24 M:2009-02-09 13:18] C:\WINDOWS\system32\nvshell.dll [N/A, C:2008-12-25 13:26 M:2009-02-09 13:18] d:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 120, C:2008-12-25 17:58 M:2008-12-24 12:54] d:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_01.dll [Thunder Networking Technologies,LTD, 1, 0, 0, 20, C:2009-01-24 00:34 M:2009-01-12 19:45] d:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_01.dll [Thunder Networking Technologies,LTD, 1, 0, 0, 16, C:2009-01-24 00:34 M:2009-01-12 19:45] C:\Program Files\WinRAR\rarext.dll [N/A, C:2008-07-14 19:14 M:2007-09-23 18:59] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\Documents and Settings\AliIMExt.dll [(Verified)Alibaba software (Shanghai) Corporation., 1.0.0.1, C:2008-09-22 21:48 M:2008-09-22 21:48] [PID: 864 / Administrator] C:\WINDOWS\system32\GP_CLT.exe [Copyright (C) 2007, 2, 0, 0, 7, C:2008-12-25 22:33 M:2008-12-25 22:33] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-07-14 18:14 M:2008-07-14 19:50] C:\WINDOWS\system32\GP_IFD.dll [CIDC., 1, 0, 17, 45, C:2008-12-25 22:33 M:2008-12-25 22:33] C:\WINDOWS\system32\GP_COS.dll [Copyright (C) 2008, 2, 0, 1, 15, C:2008-12-25 22:33 M:2008-12-25 22:33] C:\WINDOWS\system32\GP_RES.dll [Copyright (C) 2008, 2, 0, 1, 9, C:2008-12-25 22:33 M:2008-12-25 22:33] [PID: 2092 / Administrator] C:\WINDOWS\system32\ctfmon.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2008-07-14 18:15 M:2008-04-13 19:13] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-07-14 18:14 M:2008-07-14 19:50] [PID: 2480 / Administrator] C:\PROGRAM FILES\RISING\RAV\RSTRAY.EXE [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22, C:2008-12-25 19:10 M:2009-01-08 15:46] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-07-14 18:14 M:2008-07-14 19:50] C:\PROGRAM FILES\RISING\RAV\ComServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.49, C:2008-12-25 19:10 M:2009-01-14 14:21] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-12-25 17:58 M:2008-11-15 12:59] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2008-12-25 17:58 M:2008-11-15 12:59] C:\PROGRAM FILES\RISING\RAV\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28, C:2008-12-25 19:10 M:2009-03-02 14:19] C:\PROGRAM FILES\RISING\RAV\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-25 19:10 M:2009-03-02 14:19] C:\PROGRAM FILES\RISING\RAV\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\PROGRAM FILES\RISING\RAV\rsxml.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\PROGRAM FILES\RISING\RAV\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\PROGRAM FILES\RISING\RAV\MonState.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\PROGRAM FILES\RISING\RAV\ScanEvnt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.14, C:2008-12-25 19:10 M:2009-04-13 18:25] C:\PROGRAM FILES\RISING\RAV\rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 73, C:2008-12-25 19:10 M:2009-04-13 18:21] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2008-12-25 18:00 M:2008-12-25 18:00] C:\PROGRAM FILES\RISING\RAV\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-25 19:10 M:2009-03-19 15:46] C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\PROGRAM FILES\RISING\RAV\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2008-12-25 19:10 M:2009-01-14 17:20] C:\PROGRAM FILES\RISING\RAV\rspalvd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.24, C:2008-12-25 19:10 M:2009-03-16 12:08] C:\PROGRAM FILES\RISING\RAV\ravbintl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28, C:2008-12-25 19:10 M:2009-03-11 15:45] C:\PROGRAM FILES\RISING\RAV\mruleui.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\PROGRAM FILES\RISING\RAV\MonTray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.1.0, C:2008-12-25 19:10 M:2009-04-13 18:25] C:\PROGRAM FILES\RISING\RAV\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\PROGRAM FILES\RISING\RAV\RavITray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23, C:2008-12-25 19:10 M:2009-03-25 19:19] C:\PROGRAM FILES\RISING\RAV\ScanPrxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.16, C:2008-12-25 19:10 M:2009-04-13 18:27] C:\PROGRAM FILES\RISING\RAV\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-25 19:10 M:2009-01-09 14:24] [PID: 2500 / SYSTEM] C:\PROGRAM FILES\RISING\RAV\RSNETSVR.EXE [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 15, C:2008-12-25 19:10 M:2009-03-16 12:08] C:\PROGRAM FILES\RISING\RAV\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.12, C:2008-12-25 19:10 M:2009-03-16 12:08] C:\PROGRAM FILES\RISING\RAV\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\PROGRAM FILES\RISING\RAV\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-25 19:10 M:2009-03-02 14:19] C:\PROGRAM FILES\RISING\RAV\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2008-12-25 17:58 M:2008-11-15 12:59] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-12-25 17:58 M:2008-11-15 12:59] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-07-14 18:14 M:2008-07-14 19:50] [PID: 3244 / SYSTEM] C:\Program Files\Rising\Rav\RavMonD.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\Program Files\Rising\Rav\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-12-25 17:58 M:2008-11-15 12:59] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2008-12-25 17:58 M:2008-11-15 12:59] C:\Program Files\Rising\Rav\moncomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\Program Files\Rising\Rav\MonBase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6, C:2008-12-25 19:10 M:2009-02-23 17:25] C:\Program Files\Rising\Rav\Rslog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.34, C:2008-12-25 19:10 M:2009-03-09 15:17] C:\Program Files\Rising\Rav\mondrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2008-12-25 19:10 M:2009-03-16 12:08] C:\Program Files\Rising\Rav\defmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 31, C:2008-12-25 19:10 M:2009-03-24 18:25] C:\Program Files\Rising\Rav\moncom08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\Program Files\Rising\Rav\MonRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\Program Files\Rising\Rav\FileMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 22, C:2008-12-25 19:10 M:2009-03-02 14:18] C:\Program Files\Rising\Rav\MailMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24, C:2008-12-25 19:10 M:2009-02-16 16:47] C:\Program Files\Rising\Rav\HookWeb.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\Program Files\Rising\Rav\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2008-12-25 19:10 M:2009-01-14 17:20] C:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-25 19:10 M:2009-03-02 14:19] C:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\Program Files\Rising\Rav\Hooksys.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 18, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\Program Files\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\Program Files\Rising\Rav\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\Program Files\Rising\Rav\HookCont.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 12, C:2008-12-25 19:10 M:2009-02-17 18:13] C:\Program Files\Rising\Rav\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14, C:2008-12-25 19:10 M:2009-03-16 12:08] C:\Program Files\Rising\Rav\BACore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 22, C:2008-12-25 19:10 M:2009-03-30 12:09] C:\Program Files\Rising\Rav\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-25 19:10 M:2009-02-19 19:12] C:\Program Files\Rising\Rav\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\Program Files\Rising\Rav\RSStore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10, C:2008-12-25 19:10 M:2009-04-13 18:25] C:\Program Files\Rising\Rav\ScanAdd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.17, C:2008-12-25 19:10 M:2009-04-13 18:27] C:\Program Files\Rising\Rav\Scanner.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.36, C:2008-12-25 19:10 M:2009-04-13 18:27] C:\Program Files\Rising\Rav\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-25 19:10 M:2008-12-25 22:36] C:\Program Files\Rising\Rav\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-07-14 18:14 M:2008-07-14 19:50] C:\Program Files\Rising\Rav\ffr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-25 19:10 M:2009-02-18 13:47] C:\Program Files\Rising\Rav\nvfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\Program Files\Rising\Rav\scanexec.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2008-12-25 19:10 M:2009-02-18 13:47] C:\Program Files\Rising\Rav\unexe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\Program Files\Rising\Rav\scanex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 34, C:2008-12-25 19:10 M:2009-04-15 21:00] C:\Program Files\Rising\Rav\scansct.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-25 19:10 M:2009-02-18 13:47] C:\Program Files\Rising\Rav\pearc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\Program Files\Rising\Rav\scanpe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-25 19:10 M:2009-04-13 18:21] C:\Program Files\Rising\Rav\ur000.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-25 19:10 M:2009-04-13 18:21] C:\Program Files\Rising\Rav\urutils.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\Program Files\Rising\Rav\extfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13, C:2008-12-25 19:10 M:2009-02-17 18:13] C:\Program Files\Rising\Rav\revm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-25 19:10 M:2009-03-31 16:29] C:\Program Files\Rising\Rav\ur025.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-25 19:10 M:2008-12-25 19:09] C:\Program Files\Rising\Rav\ur001.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-25 19:10 M:2009-03-04 15:22] C:\Program Files\Rising\Rav\extmail.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2008-12-25 19:10 M:2009-04-14 15:38] [PID: 2536 / Administrator] C:\PROGRAM FILES\RISING\RFW\RSTRAY.EXE [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22, C:2008-12-25 19:21 M:2009-01-08 12:01] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-07-14 18:14 M:2008-07-14 19:50] C:\PROGRAM FILES\RISING\RFW\ComServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.49, C:2008-12-25 19:21 M:2009-01-14 17:06] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-12-25 17:58 M:2008-11-15 12:59] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2008-12-25 17:58 M:2008-11-15 12:59] C:\PROGRAM FILES\RISING\RFW\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28, C:2008-12-25 19:21 M:2009-03-02 16:28] C:\PROGRAM FILES\RISING\RFW\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-25 19:21 M:2009-03-02 16:28] C:\PROGRAM FILES\RISING\RFW\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-25 19:21 M:2008-12-25 19:20] C:\PROGRAM FILES\RISING\RFW\rsxml.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-25 19:21 M:2008-12-25 19:20] C:\PROGRAM FILES\RISING\RFW\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-25 19:21 M:2008-12-25 19:20] C:\PROGRAM FILES\RISING\RFW\MonState.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-25 19:21 M:2008-12-25 19:20] C:\PROGRAM FILES\RISING\RFW\rfwrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25, C:2008-12-25 19:21 M:2008-12-25 19:20] C:\PROGRAM FILES\RISING\RFW\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-25 19:21 M:2009-03-19 13:46] C:\PROGRAM FILES\RISING\RFW\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-25 19:21 M:2008-12-25 19:20] C:\PROGRAM FILES\RISING\RFW\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2008-12-25 19:21 M:2009-01-14 17:06] C:\PROGRAM FILES\RISING\RFW\rspalvd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.24, C:2008-12-25 19:21 M:2009-03-16 15:43] C:\PROGRAM FILES\RISING\RFW\rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 73, C:2008-12-25 19:21 M:2009-04-13 19:25] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2008-12-25 18:00 M:2008-12-25 18:00] C:\PROGRAM FILES\RISING\RFW\ravbintl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28, C:2008-12-25 19:21 M:2009-03-11 14:51] C:\PROGRAM FILES\RISING\RFW\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14, C:2008-12-25 19:21 M:2009-03-16 15:43] C:\PROGRAM FILES\RISING\RFW\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-25 19:21 M:2009-01-09 13:25] C:\PROGRAM FILES\RISING\RFW\rfwtray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 1, 9, C:2008-12-25 19:21 M:2009-02-19 16:22] C:\PROGRAM FILES\RISING\RFW\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-25 19:21 M:2008-12-25 19:20] C:\PROGRAM FILES\RISING\RFW\rfwlog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2008-12-25 19:21 M:2008-12-25 19:20] [PID: 2692 / SYSTEM] C:\Program Files\Rising\RFW\rfwsrv.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-25 19:21 M:2008-12-25 19:20] C:\Program Files\Rising\RFW\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-25 19:21 M:2008-12-25 19:20] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-12-25 17:58 M:2008-11-15 12:59] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2008-12-25 17:58 M:2008-11-15 12:59] C:\Program Files\Rising\RFW\MonBase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6, C:2008-12-25 19:21 M:2009-02-24 12:04] C:\Program Files\Rising\RFW\MonComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-25 19:21 M:2008-12-25 19:20] C:\Program Files\Rising\RFW\rfwlog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2008-12-25 19:21 M:2008-12-25 19:20] C:\Program Files\Rising\RFW\rfwrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25, C:2008-12-25 19:21 M:2008-12-25 19:20] C:\Program Files\Rising\RFW\rfwsrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.80, C:2008-12-25 19:21 M:2009-02-17 15:18] C:\Program Files\Rising\RFW\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-25 19:21 M:2008-12-25 19:20] C:\Program Files\Rising\RFW\mPorts.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.0, C:2008-12-25 19:21 M:2008-12-25 19:20] C:\Program Files\Rising\RFW\rfwdrvc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.3, C:2008-12-25 19:21 M:2008-12-25 19:20] C:\Program Files\Rising\RFW\Rfwdrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.5, C:2008-12-25 19:21 M:2008-12-25 19:20] C:\Program Files\Rising\RFW\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14, C:2008-12-25 19:21 M:2009-03-16 15:43] C:\Program Files\Rising\RFW\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-25 19:21 M:2009-03-02 16:28] C:\Program Files\Rising\RFW\urlrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1.0.0.18, C:2008-12-25 19:21 M:2008-12-25 22:50] C:\Program Files\Rising\RFW\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-25 22:51 M:2009-02-19 16:23] C:\Program Files\Rising\RFW\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-25 22:51 M:2008-12-25 22:50] C:\Program Files\Rising\RFW\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-25 22:51 M:2008-12-25 22:50] C:\Program Files\Rising\RFW\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-25 22:51 M:2008-12-25 22:50] C:\Program Files\Rising\RFW\rfwproxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25, C:2008-12-25 19:21 M:2009-01-13 17:23] C:\Program Files\Rising\RFW\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-25 19:21 M:2008-12-25 19:20] C:\Program Files\Rising\RFW\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2008-12-25 19:21 M:2009-01-14 17:06] C:\Program Files\Rising\RFW\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-25 19:21 M:2008-12-25 19:20] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-07-14 18:14 M:2008-07-14 19:50] C:\Program Files\Rising\RFW\urllib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-25 22:51 M:2008-12-25 22:50] [PID: 2464 / Administrator] C:\Documents and Settings\AliUpdate.exe [(Verified)Alibaba software (Shanghai) Corporation., 1.0.0.1, C:2009-03-25 10:53 M:2009-03-16 14:06] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-07-14 18:14 M:2008-07-14 19:50] [PID: 2144 / SYSTEM] C:\WINDOWS\system32\wbem\wmiprvse.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-14 18:25 M:2008-04-13 19:14] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-07-14 18:14 M:2008-07-14 19:50] [PID: 1108 / Administrator] D:\Program Files\arswp\ArSwp.exe [(Verified)ArSwp.com, 2, 8, 2, 1115, C:2008-12-25 21:34 M:2008-11-15 11:58] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-07-14 18:14 M:2008-07-14 19:50] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-05-24 18:34 M:2008-01-17 15:15] D:\Program Files\arswp\plugin\ArFix.dll [(Verified)ArSwp.Com, 2, 5, 0, 0, C:2008-12-25 21:34 M:2007-11-28 15:19] C:\WINDOWS\system32\MSISIP.DLL [Microsoft Corporation, 4.5.6001.22159 (vistasp1_ldr.080415-1732), C:2008-07-14 18:13 M:2008-05-19 06:33] ======================================== 文件关联 ======================================== AutoRun.INF ======================================== Winsock提供者 ======================================== HOSTS 127.0.0.1 localhost [/CODE]