[CODE] 2009-04-26,03:12:53 SysLog Scanner 1.0 - build 20080726 Arswp (http://www.arswp.com) Windows XP Professional Service Pack 3 (build 2600) - Administrators ======================================== ×¢²áÏî [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <%systemroot%\system32\RTRsca.exe> [N/A, C:2009-04-24 12:26 M:2009-04-23 09:56] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2004-08-17 20:00 M:2008-04-13 19:14|(Verified)NVIDIA Corporation, 6.14.11.7519, C:2008-11-25 19:11 M:2009-03-23 02:23] <; RTHDCPL.EXE> [N/A, ] <"E:\ÈðÐÇ\Rising\Ris\RsTray.exe" -system> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22, C:2009-03-20 17:20 M:2009-03-20 17:19] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-03 21:15 M:2008-12-03 21:14] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] <> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2004-08-17 20:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339), C:2004-08-17 20:00 M:2009-03-08 04:32|(Verified)N/A, C:2004-08-17 20:00 M:2004-08-17 20:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2004-08-17 20:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339), C:2004-08-17 20:00 M:2009-03-08 04:32|(Verified)N/A, C:2008-04-21 10:57 M:2005-01-28 15:25] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}] <Æô¶¯Ñ¸À×5> [(Verified)ShenZhen Thunder Networking Technologies,LTD, 5,8,13,699, C:2009-03-25 21:24 M:2009-04-09 10:37] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MenuExt\Ìí¼Óµ½QQ±íÇé] <> [N/A, C:2009-04-24 13:04 M:2009-04-24 13:04] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\RsAutorunsDisabled] <><> [] ======================================== Æô¶¯Ïî ======================================== ¼Æ»®ÈÎÎñ ======================================== ×é¼þ Shell Extension [HyperTerminal Icon Ext] {88895560-9AA2-1069-930E-00AA0030EBC8} [(Verified)Hilgraeve, Inc., 5.1.2600.0, C:2007-12-24 10:39 M:2004-08-17 20:00] [WinRAR shell extension] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2008-04-29 20:15 M:2008-09-30 21:14] [NvCpl DesktopContext Class] {A70C977A-BF00-412C-90B7-034C51DA2439} [(Verified)NVIDIA Corporation, 6.14.11.7519, C:2008-11-25 19:11 M:2009-03-23 02:23] [Play on my TV helper] {FFB699E0-306A-11d3-8BD1-00104B6F7516} [(Verified)NVIDIA Corporation, 6.14.11.7519, C:2008-11-25 19:11 M:2009-03-23 02:23] [RISING] {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-03-20 17:20 M:2009-03-20 17:19] BrowserHelperObject [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 120, C:2009-03-25 21:24 M:2009-04-09 10:34] [IeControler Class] {9AFD91F9-6B03-4D22-A1E1-67D224CB7AB1} [] [ChinaVnet Class] {D6FD53F5-D461-4af4-9C8D-7CADC342EFC8} [Copyright 2004, 2008, 2, 29, 16, C:2009-04-01 15:35 M:2008-04-19 15:45] ActiveX Extension [ThunderAtOnce Class] {01443AEC-0FD1-40FD-9C87-E93D1494C233} [(Verified)Thunder Networking Technologies,LTD, 1.0.5.34, C:2009-03-25 21:24 M:2009-04-09 10:33] [Thunder Agent Class] {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} [(Verified)Thunder Networking Technologies,LTD, 6, 0, 5, 49, C:2009-03-25 21:24 M:2009-04-09 10:33] [XMP Class] {6483F145-A768-4C41-AACC-52D4D7845851} [ShenZhen Thunder Networking Technologies,LTD, 2, 1, 9, 102, C:2008-04-29 20:20 M:2009-04-09 10:31] [XDownloaddManager Class] {802F530B-A8F6-4631-AE49-6BACAAC6373E} [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 120, C:2009-03-25 21:24 M:2009-04-09 10:34] [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 120, C:2009-03-25 21:24 M:2009-04-09 10:34] [OFrameObject Class] {9701758C-4373-482E-B13C-776C048EC890} [(Verified)ShenZhen Thunder Networking Technologies,LTD, 2, 3, 5810, 141, C:2009-04-24 13:09 M:2009-04-09 10:33] [¿¨¿¨ÉÏÍø°²È«ÖúÊÖ] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-12-03 21:15 M:2008-12-03 21:14] [IeControler Class] {9AFD91F9-6B03-4D22-A1E1-67D224CB7AB1} [] [DapCtrl Class] {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} [(Verified)ShenZhen Thunder Networking Technologies,LTD, 2, 3, 5810, 141, C:2009-04-24 13:09 M:2009-04-09 10:33] [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [(Verified)Adobe Systems, Inc., 10,0,22,87, C:2009-02-03 10:07 M:2009-02-03 10:07] [ChinaVnet Class] {D6FD53F5-D461-4AF4-9C8D-7CADC342EFC8} [Copyright 2004, 2008, 2, 29, 16, C:2009-04-01 15:35 M:2008-04-19 15:45] [Microsoft Silverlight] {DFEAF541-F3E1-4C24-ACAC-99C30715084A} [(Verified) Microsoft Corporation, 2.0.40115.0, C:2009-01-15 01:35 M:2009-01-15 01:35] [XPPlayer Class] {F3E70CEA-956E-49CC-B444-73AFE593AD7F} [(Verified)ShenZhen Thunder Networking Technologies,LTD, 2, 1, 58110, 250, C:2009-04-24 13:09 M:2009-04-09 10:33] [WangWangX Class] {5D09DD40-CDC4-4C56-B615-0D1E3B357C2B} [(Verified)Alibaba software (Shanghai) Corporation., 1.0.0.1, C:2009-02-19 20:10 M:2009-03-16 14:07] Context Menu [OpenFolder] {0DE1378D-F811-40E6-B60A-1CC56F57D3E9} [(Verified)Alibaba software (Shanghai) Corporation., 1.0.0.1, C:2009-02-19 20:10 M:2009-02-19 20:10] [QvodMenu] {9F44453E-1E46-4D5C-B57C-112FF2EDAE82} [Shenzhen QVOD Technology Co.,Ltd, 3, 0, 0, 0, C:2008-10-31 18:47 M:2008-10-31 18:47] [RisingRavExt] {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-03-20 17:20 M:2009-03-20 17:19] [WinRAR] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2008-04-29 20:15 M:2008-09-30 21:14] ======================================== ·þÎñ [Adobe LM Service / Adobe LM Service][Stopped/Manual Start] <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"> [Adobe Systems, 2.67.010, C:2009-02-06 12:50 M:2009-02-06 12:50] [Help and Support / helpsvc][Stopped/Disabled] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll"> [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2004-08-17 20:00 M:2008-04-13 19:14] [Human Interface Device Access / HidServ][Stopped/Disabled] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\hidserv.dll"> [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2004-08-17 20:00 M:2008-04-13 19:14] [Jumpstart Wifi Protected Setup / jswpsapi][Stopped/Manual Start] [Atheros Communications, Inc., 2.0.0.409, C:2009-04-01 15:35 M:2008-02-01 16:27] [Qvod Terminal / Qvod Terminal][Running/Auto Start] [Shenzhen QVOD Technology Co.,Ltd, 3, 0, 0, 57, C:2009-03-04 10:36 M:2009-03-04 10:36] [NVIDIA Display Driver Service / NVSvc][Running/Auto Start] <%SystemRoot%\system32\nvsvc32.exe> [(Verified)NVIDIA Corporation, 6.14.11.7519, C:2008-11-25 19:11 M:2009-03-23 02:23] [Ris Process Communication Center / RisCCenter][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-03-20 17:20 M:2009-03-20 17:19] [Rising RisTask Manager / RisTask][Running/Auto Start] <"E:\ÈðÐÇ\Rising\Ris\RavTask.exe" RisTask> [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24, C:2009-03-20 17:20 M:2009-04-18 21:11] [Rising RealTime Monitor / RsRavMon][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-03-20 17:20 M:2009-03-20 17:19] [Rising Scan Service / RsScanSrv][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2009-03-20 17:20 M:2009-03-20 17:19] ======================================== Çý¶¯ [EagleNT / EagleNT][Stopped/Manual Start] <\??\C:\WINDOWS\system32\drivers\EagleNT.sys> [] [Netgroup Packet Filter / NPF][Stopped/Manual Start] [Politecnico di Torino, 3, 0, 0, 18, C:2009-04-01 15:36 M:2005-10-28 15:10] [SATALink driver accelerator / SiFilter][Running/Boot Start] [Silicon Image, Inc., 1.0.0.11, C:2008-04-29 21:07 M:2006-08-08 22:19] [System Restore Filter Driver / sr][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\sr.sys> [] [TCP/IP Protocol Driver / Tcpip][Running/System Start] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2004-08-17 20:00 M:2008-06-20 19:51] [Intel(R) PRO Network Connection Driver / E100B][Stopped/Manual Start] [(Verified)Intel Corporation, 8.0.47.0 built by: WinDDK, C:2008-11-25 19:12 M:2007-11-16 11:55] [Microsoft ÓÃÓÚ High Definition Audio µÄ UAA ×ÜÏßÇý¶¯³ÌÐò / HDAudBus][Running/Manual Start] [(Verified)Windows (R) Server 2003 DDK provider, 5.10.01.5013 built by: WinDDK, C:2008-04-21 11:08 M:2008-04-13 09:36] [hookcont / hookcont][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 6, C:2009-04-18 20:58 M:2009-04-18 20:54] [hooksys / hooksys][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 53, C:2009-04-18 20:58 M:2009-04-18 21:10] [Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start] [(Verified)Realtek Semiconductor Corp., 5.10.0.5605 built by: WinDDK, C:2008-11-25 19:11 M:2008-04-17 16:33] [jswscimd Service / JSWSCIMD][Running/Manual Start] [(Verified)Atheros Communications, Inc., 1.0.0.39, C:2009-04-01 15:35 M:2007-08-28 21:46] [nv / nv][Running/Manual Start] [(Verified)NVIDIA Corporation, 6.14.11.7519, C:2008-11-25 19:11 M:2009-03-23 02:23] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:2004-08-17 20:00 M:2004-08-17 20:00] [Rising RfwBase Driver / RfwBase9][Running/Manual Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.2, C:2009-03-20 17:20 M:2009-03-20 17:19] [rfwtdi / rfwtdi][Running/Auto Start] <\??\E:\ÈðÐÇ\Rising\Ris\rfwtdi.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.7, C:2009-03-20 17:20 M:2009-04-18 21:11] [rsfwdrv / rsfwdrv][Running/System Start] <\??\E:\ÈðÐÇ\Rising\Ris\rsfwdrv.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.46, C:2009-03-20 17:20 M:2009-04-18 21:10] [RsNTGDI / RsNTGDI][Running/Boot Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-04-18 20:58 M:2009-04-18 20:54] [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start] [(Verified)Realtek Semiconductor Corporation, 5.398.613.2003 built by: WinDDK, C:2007-12-24 10:36 M:2004-08-03 22:31] [Secdrv / Secdrv][Stopped/Manual Start] [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:2004-08-17 20:00 M:2007-11-13 18:25] [TesDrvPt / TesDrvPt][Stopped/Manual Start] <\??\C:\WINDOWS\system32\TesDrvPt.sys> [(Verified)TENCENT, 1.0.4 built by: WinDDK, C:2008-12-17 01:19 M:2008-12-17 01:19] [TesSafe / TesSafe][Stopped/Manual Start] <\??\C:\WINDOWS\system32\TesSafe.sys> [(Verified)TENCENT, 0, 1, 0, 0, C:2008-11-28 18:05 M:2009-04-19 21:33] [VMware Pointing Device / vmmouse][Running/Manual Start] [(Verified)VMware, Inc., 12.4.0.2, C:2008-11-25 19:11 M:2007-05-02 10:21] ======================================== ½ø³Ì [PID: 856 / SYSTEM] \SystemRoot\System32\smss.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2004-08-17 20:00 M:2008-04-13 19:14] [PID: 916 / SYSTEM] \??\C:\WINDOWS\system32\csrss.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2004-08-17 20:00 M:2008-04-13 19:13] [PID: 940 / SYSTEM] \??\C:\WINDOWS\system32\winlogon.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2004-08-17 20:00 M:2008-04-13 19:14] [PID: 984 / SYSTEM] C:\WINDOWS\system32\services.exe [(Verified)Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316), C:2004-08-17 20:00 M:2009-02-09 19:14] [PID: 996 / SYSTEM] C:\WINDOWS\system32\lsass.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2004-08-17 20:00 M:2008-04-13 19:14] [PID: 1156 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2004-08-17 20:00 M:2008-04-13 19:14] [PID: 1236 / ] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2004-08-17 20:00 M:2008-04-13 19:14] [PID: 1392 / SYSTEM] E:\ÈðÐÇ\Rising\Ris\CCENTER.EXE [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\cnt09.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 37, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\cnt08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2009-03-20 17:20 M:2009-03-20 17:19] [PID: 1400 / SYSTEM] C:\WINDOWS\System32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2004-08-17 20:00 M:2008-04-13 19:14] [PID: 1452 / SYSTEM] E:\ÈðÐÇ\Rising\Ris\RavTask.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24, C:2009-03-20 17:20 M:2009-04-18 21:11] E:\ÈðÐÇ\Rising\Ris\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-03-20 17:20 M:2009-03-20 17:19] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 05:42 M:2003-02-21 05:42] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 21:14 M:2003-03-18 21:14] E:\ÈðÐÇ\Rising\Ris\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-03-20 17:20 M:2009-04-18 21:11] E:\ÈðÐÇ\Rising\Ris\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.19, C:2009-03-20 17:20 M:2009-04-22 19:07] E:\ÈðÐÇ\Rising\Ris\rstask.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 36, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\rsstub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-03-20 17:20 M:2009-03-20 17:19] [PID: 1480 / ] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2004-08-17 20:00 M:2008-04-13 19:14] [PID: 1680 / SYSTEM] E:\ÈðÐÇ\Rising\Ris\RavMonD.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-03-20 17:20 M:2009-03-20 17:19] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 21:14 M:2003-03-18 21:14] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 05:42 M:2003-02-21 05:42] E:\ÈðÐÇ\Rising\Ris\moncomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\MonBase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\Rslog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.36, C:2009-03-20 17:20 M:2009-04-22 16:40] E:\ÈðÐÇ\Rising\Ris\mondrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2009-03-20 17:20 M:2009-04-18 21:10] E:\ÈðÐÇ\Rising\Ris\defmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 31, C:2009-03-20 17:20 M:2009-04-18 21:11] E:\ÈðÐÇ\Rising\Ris\moncom08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\MonRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\FileMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 27, C:2009-03-20 17:20 M:2009-04-23 13:40] E:\ÈðÐÇ\Rising\Ris\MailMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\HookWeb.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\rfwlog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13, C:2009-03-20 17:20 M:2009-04-22 16:39] E:\ÈðÐÇ\Rising\Ris\rfwrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\rfwsrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.84, C:2009-03-20 17:20 M:2009-04-23 13:39] E:\ÈðÐÇ\Rising\Ris\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\mPorts.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.0, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\rfwdrvc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.3, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\Rfwdrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.5, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14, C:2009-03-20 17:20 M:2009-04-18 21:11] E:\ÈðÐÇ\Rising\Ris\urlrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1.0.0.18, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\rfwproxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.19, C:2009-03-20 17:20 M:2009-04-22 19:07] E:\ÈðÐÇ\Rising\Ris\Hooksys.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 18, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\HookCont.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 12, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\BACore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 22, C:2009-03-20 17:20 M:2009-04-18 21:11] E:\ÈðÐÇ\Rising\Ris\RSStore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10, C:2009-03-20 17:20 M:2009-04-18 21:11] E:\ÈðÐÇ\Rising\Ris\ScanAdd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.17, C:2009-03-20 17:20 M:2009-04-18 21:11] E:\ÈðÐÇ\Rising\Ris\Scanner.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.36, C:2009-03-20 17:20 M:2009-04-18 21:11] E:\ÈðÐÇ\Rising\Ris\extfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\ffr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\scanexec.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\unexe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\scanex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 34, C:2009-03-20 17:20 M:2009-04-18 21:11] E:\ÈðÐÇ\Rising\Ris\pearc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\scanpe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-03-20 17:20 M:2009-04-18 21:11] E:\ÈðÐÇ\Rising\Ris\ur000.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-03-20 17:20 M:2009-04-18 21:11] E:\ÈðÐÇ\Rising\Ris\urutils.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\revm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-03-20 17:20 M:2009-04-18 21:11] E:\ÈðÐÇ\Rising\Ris\ur025.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\scansct.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\ur001.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\extmail.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2009-03-20 17:20 M:2009-04-18 21:11] E:\ÈðÐÇ\Rising\Ris\scriptci.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\uroutine.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\extole.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\ur023.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2009-03-20 17:20 M:2009-04-18 21:11] [PID: 1852 / SYSTEM] C:\WINDOWS\system32\nvsvc32.exe [(Verified)NVIDIA Corporation, 6.14.11.7519, C:2008-11-25 19:11 M:2009-03-23 02:23] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-03 21:15 M:2008-12-03 21:14] C:\WINDOWS\system32\nvapi.dll [(Verified)NVIDIA Corporation, 6.14.11.7519, C:2008-11-25 19:11 M:2009-03-23 02:23] [PID: 1876 / SYSTEM] E:\н¨Îļþ¼Ð (2)\QvodPlayer\QvodTerminal.exe [Shenzhen QVOD Technology Co.,Ltd, 3, 0, 0, 57, C:2009-03-04 10:36 M:2009-03-04 10:36] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-03 21:15 M:2008-12-03 21:14] [PID: 1992 / SYSTEM] E:\ÈðÐÇ\Rising\Ris\ScanFrm.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2009-03-20 17:20 M:2009-03-20 17:19] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 21:14 M:2003-03-18 21:14] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 05:42 M:2003-02-21 05:42] E:\ÈðÐÇ\Rising\Ris\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\moncomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\scansrvp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.12, C:2009-03-20 17:20 M:2009-04-18 21:11] E:\ÈðÐÇ\Rising\Ris\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\ScanSrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.10, C:2009-03-20 17:20 M:2009-04-18 21:11] E:\ÈðÐÇ\Rising\Ris\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-03-20 17:20 M:2009-03-20 17:19] [PID: 320 / Administrator] C:\WINDOWS\Explorer.EXE [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2004-08-17 20:00 M:2008-04-13 19:14] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-03 21:15 M:2008-12-03 21:14] C:\WINDOWS\system32\nvcpl.dll [(Verified)NVIDIA Corporation, 6.14.11.7519, C:2008-11-25 19:11 M:2009-03-23 02:23] C:\WINDOWS\system32\nvapi.dll [(Verified)NVIDIA Corporation, 6.14.11.7519, C:2008-11-25 19:11 M:2009-03-23 02:23] C:\Program Files\WinRAR\rarext.dll [N/A, C:2008-04-29 20:15 M:2008-09-30 21:14] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-03-20 17:20 M:2009-03-20 17:19] [PID: 548 / SYSTEM] E:\ÈðÐÇ\Rising\Ris\rsnetsvr.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 15, C:2009-03-20 17:20 M:2009-04-18 21:11] E:\ÈðÐÇ\Rising\Ris\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.12, C:2009-03-20 17:20 M:2009-04-18 21:11] E:\ÈðÐÇ\Rising\Ris\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-03-20 17:20 M:2009-03-20 17:19] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 05:42 M:2003-02-21 05:42] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 21:14 M:2003-03-18 21:14] [PID: 776 / Administrator] E:\ÈðÐÇ\Rising\Ris\RsTray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\ComServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.49, C:2009-03-20 17:20 M:2009-03-20 17:19] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 21:14 M:2003-03-18 21:14] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 05:42 M:2003-02-21 05:42] E:\ÈðÐÇ\Rising\Ris\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\rsxml.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\MonState.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\ScanEvnt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.14, C:2009-03-20 17:20 M:2009-04-18 21:11] E:\ÈðÐÇ\Rising\Ris\rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 73, C:2009-03-20 17:20 M:2009-04-18 21:11] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2003-03-19 05:20 M:2003-03-19 05:20] E:\ÈðÐÇ\Rising\Ris\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-03-20 17:20 M:2009-04-18 21:11] E:\ÈðÐÇ\Rising\Ris\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.19, C:2009-03-20 17:20 M:2009-04-22 19:07] E:\ÈðÐÇ\Rising\Ris\rfwrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\rspalvd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.24, C:2009-03-20 17:20 M:2009-04-18 21:11] E:\ÈðÐÇ\Rising\Ris\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14, C:2009-03-20 17:20 M:2009-04-18 21:11] E:\ÈðÐÇ\Rising\Ris\ravbintl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28, C:2009-03-20 17:20 M:2009-04-18 21:11] E:\ÈðÐÇ\Rising\Ris\mruleui.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\MonTray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.1.0, C:2009-03-20 17:20 M:2009-04-18 21:11] E:\ÈðÐÇ\Rising\Ris\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\RavITray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23, C:2009-03-20 17:20 M:2009-04-18 21:11] E:\ÈðÐÇ\Rising\Ris\ScanPrxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.16, C:2009-03-20 17:20 M:2009-04-18 21:11] E:\ÈðÐÇ\Rising\Ris\rfwtray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 1, 9, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-03-20 17:20 M:2009-03-20 17:19] E:\ÈðÐÇ\Rising\Ris\rfwlog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13, C:2009-03-20 17:20 M:2009-04-22 16:39] [PID: 1000 / ] C:\WINDOWS\System32\alg.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2004-08-17 20:00 M:2008-04-13 19:13] C:\WINDOWS\System32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-03 21:15 M:2008-12-03 21:14] [PID: 2528 / Administrator] C:\Program Files\Rising\AntiSpyware\knownsvr.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.14, C:2008-12-03 21:15 M:2008-12-05 23:37] C:\Program Files\Rising\AntiSpyware\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.11, C:2008-12-03 21:15 M:2008-12-19 00:01] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-03 21:15 M:2008-12-03 21:14] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-03 21:15 M:2009-03-02 19:55] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-03 21:15 M:2008-12-03 21:14] [PID: 4032 / Administrator] E:\åÛÓÎ\Maxthon2\Maxthon.exe [(Verified)Maxthon International ltd., 2, 5, 1, 4751, C:2009-01-22 13:29 M:2009-01-22 13:29] E:\åÛÓÎ\Maxthon2\mxpp.dll [(Verified)Maxthon International ltd., 1, 0, 0, 276, C:2009-01-22 10:04 M:2009-01-22 10:04] E:\åÛÓÎ\Maxthon2\MxSk.dll [(Verified)Maxthon, 1, 0, 0, 426, C:2009-01-22 10:04 M:2009-01-22 10:04] E:\åÛÓÎ\Maxthon2\MxProxy2.dll [(Verified)Maxthon International ltd., 1, 0, 0, 4121, C:2009-01-22 10:04 M:2009-01-22 10:04] E:\åÛÓÎ\Maxthon2\MxUI.dll [Maxthon International Ltd., 3, 3, 1, 8, C:2008-12-30 10:13 M:2008-12-30 10:13] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-03 21:15 M:2008-12-03 21:14] E:\åÛÓÎ\Maxthon2\mxtool.dll [(Verified)Copyright 2005, 1, 0, 0, 1, C:2009-01-22 10:04 M:2009-01-22 10:04] E:\åÛÓÎ\Maxthon2\maxzlib.dll [(Verified)(C) 1995-2004 Jean-loup Gailly & Mark Adler, 1.2.3, C:2009-01-22 10:03 M:2009-01-22 10:03] E:\åÛÓÎ\Maxthon2\Modules\MxWebBoost\MxWebBoost.dll [(Verified)Maxthon, 1,0,2,1267, C:2008-11-12 10:59 M:2008-11-12 10:59] E:\åÛÓÎ\Maxthon2\mxdb.dll [(Verified)Max, 3, 5, 3, 125, C:2009-01-22 10:03 M:2009-01-22 10:03] E:\åÛÓÎ\Maxthon2\Modules\MxHistory\MxHistory.dll [(Verified)Maxthon International ltd., 1, 0, 0, 302, C:2009-01-22 10:04 M:2009-01-22 10:04] E:\åÛÓÎ\Maxthon2\MxFav.dll [(Verified)Maxthon International ltd., 2, 0, 0, 19, C:2009-01-22 10:03 M:2009-01-22 10:03] E:\åÛÓÎ\Maxthon2\Modules\MxPageSearch\MxPageSearch.dll [(Verified)Maxthon International ltd., 1,0,0,1892, C:2008-11-12 10:59 M:2008-11-12 10:59] C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx [(Verified)Adobe Systems, Inc., 10,0,22,87, C:2009-02-03 10:07 M:2009-02-03 10:07] [PID: 2552 / Administrator] E:\ÇåÀí\arswp\ArSwp.exe [(Verified)ArSwp.com, 2, 8, 2, 1115, C:2009-03-23 02:56 M:2008-11-15 11:58] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-03 21:15 M:2008-12-03 21:14] E:\ÇåÀí\arswp\plugin\ArFix.dll [(Verified)ArSwp.Com, 2, 5, 0, 0, C:2009-03-23 02:56 M:2007-11-28 15:19] [PID: 3652 / SYSTEM] C:\WINDOWS\system32\wuauclt.exe [(Verified)Microsoft Corporation, 7.2.6001.788 (winmain_oob/wu_wsuswlc(wmbla).081016-1330), C:2007-12-24 10:41 M:2008-10-16 14:09] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-03 21:15 M:2008-12-03 21:14] ======================================== Îļþ¹ØÁª ======================================== AutoRun.INF ======================================== WinsockÌṩÕß ======================================== HOSTS 127.0.0.1 localhost [/CODE]