[CODE] 2009-05-09,19:14:08 SysLog Scanner 1.0 - build 20080726 Arswp (http://www.arswp.com) Windows XP Professional Service Pack 2 (build 2600) - Administrators ======================================== ע [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <"F:\laji\FlashGet\flashget3.exe" -minimize> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <"D:\ɱ\Rising\Ris\RsTray.exe" -system> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22, C:2009-05-04 16:16 M:2009-05-04 16:12] <; C:\WINDOWS\ATK0100\HControl.exe> [Copyright (c) 2003, 1043, 2, 15, 65, C:2008-07-22 09:11 M:2006-10-14 17:37] <; C:\WINDOWS\Domino.exe> [Copyright (C), 3, 6, 818, 7, C:2008-07-22 09:13 M:2007-10-13 14:40] <; C:\WINDOWS\system32\igfxpers.exe> [Intel Corporation, 6.14.10.4864, C:2008-07-22 09:11 M:2007-08-24 11:00] <; C:\Program Files\racer-ccn-racerpc-ha\racer.exe> [] <; "C:\AntiSpyware\rstray.exe" /startup> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.17, C:2009-05-01 19:41 M:2009-05-01 19:40] <; C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe> [] <; C:\WINDOWS\ZSSnp211.exe> [ZSMCSNAP, 3, 6, 818, 7, C:2008-07-22 09:13 M:2007-04-06 11:06] [(Verified)Realtek Semiconductor Corp., 2.1.8.7, C:2008-07-22 09:12 M:2008-01-29 15:47] [(Verified)Realtek Semiconductor Corp., 1.6.0.2, C:2008-07-22 09:12 M:2005-05-03 18:43] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] [(Verified)Beijing Rising Information Technology Co., Ltd., 19, 0, 0, 3, C:2009-05-01 19:41 M:2009-05-01 19:40] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{32CD708B-60A7-4C00-9377-D73EAA495F0F}> [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-05-04 16:16 M:2009-05-04 16:12] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&ʹQQ] <> [N/A, C:2008-11-21 15:47 M:2008-11-21 15:47] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&ʹQQȫ] <> [N/A, C:2008-11-21 15:47 M:2008-11-21 15:47] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\ Microsoft Office Excel(&X)] <> [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\ӵQQ] <> [N/A, C:2009-05-08 00:20 M:2009-05-08 00:20] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] [Intel Corporation, 6.14.10.4864, C:2008-07-22 09:11 M:2007-08-24 11:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)N/A, C:1980-01-01 00:00 M:2004-08-17 12:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)N/A, C:1980-01-01 00:00 M:2004-08-17 12:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)N/A, C:1980-01-01 00:00 M:2005-01-28 15:25] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MenuExt\ӵQQ] <> [N/A, C:2009-05-08 00:20 M:2009-05-08 00:20] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3D931C6E-C1DC-434c-BADB-39745693950B}] <><> [] ======================================== ======================================== ƻ ======================================== ShellExecuteHook [ShlExecHack Class] {32CD708B-60A7-4C00-9377-D73EAA495F0F} [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-05-04 16:16 M:2009-05-04 16:12] Shell Extension [Display Panning CPL Extension] {42071714-76d4-11d1-8b24-00a0c9068ff3} [] [HyperTerminal Icon Ext] {88895560-9AA2-1069-930E-00AA0030EBC8} [(Verified)Hilgraeve, Inc., 5.1.2600.0, C:2006-11-07 01:29 M:2004-08-17 20:00] [WinRAR shell extension] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2008-02-02 02:17 M:2007-09-21 16:56] [RISING] {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-05-04 16:16 M:2009-05-04 16:12] Protocols [] {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} [] BrowserHelperObject [QQCycloneHelper Class] {00000000-12C9-4305-82F9-43058F20E8D2} [(Verified)Tencent Technology (Shenzhen) Company Limited, 2, 0, 528, 204, C:2008-04-01 16:05 M:2008-04-01 16:05] [WebThunder Browser Helper] {00000AAA-A363-466E-BEF5-9BB68697AA7F} [] [WebDetectorBHO Class] {43BEAFD9-E005-483D-A367-146BA6C8A32E} [] [ȫ] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2009-05-01 19:41 M:2009-05-01 19:40] ActiveX Extension [QQCycloneHelper Class] {00000000-12C9-4305-82F9-43058F20E8D2} [(Verified)Tencent Technology (Shenzhen) Company Limited, 2, 0, 528, 204, C:2008-04-01 16:05 M:2008-04-01 16:05] [WebThunder Browser Helper] {00000AAA-A363-466E-BEF5-9BB68697AA7F} [] [WebDetectorBHO Class] {43BEAFD9-E005-483D-A367-146BA6C8A32E} [] [ȫ] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2009-05-01 19:41 M:2009-05-01 19:40] [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [(Verified)Adobe Systems, Inc., 10,0,22,87, C:2009-02-03 10:07 M:2009-02-03 10:07] [PlayerCtrl Class] {E05BC2A3-9A46-4A32-80C9-023A473F5B23} [(Verified)ѶƼ, 3, 1, 164, 203, C:2007-10-13 13:24 M:2007-10-13 13:24] Context Menu [RisingRavExt] {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-05-04 16:16 M:2009-05-04 16:12] [WinRAR] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2008-02-02 02:17 M:2007-09-21 16:56] ======================================== [Ris Process Communication Center / RisCCenter][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-05-04 16:16 M:2009-05-04 16:13] [Rising RisTask Manager / RisTask][Running/Auto Start] <"D:\ɱ\Rising\Ris\RavTask.exe" RisTask> [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24, C:2009-05-04 16:16 M:2009-05-04 16:13] [Rising RealTime Monitor / RsRavMon][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-05-04 16:16 M:2009-05-04 16:12] [Rising Scan Service / RsScanSrv][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2009-05-04 16:16 M:2009-05-04 16:12] ======================================== [aaatimeo / aaatimeo][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\aaatimeo.sys> [Microsoft Corporation, 5.00.1877.1, C:2008-02-04 20:55 M:2006-02-26 23:21] [AFAMgt / AFAMgt][Running/Boot Start] [Adaptec, Inc., 4.1.0.7427, C:2008-02-04 20:55 M:2006-03-28 22:43] [ahcix86 / ahcix86][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\ahcix86.sys> [ATI Technologies Inc., 2.5.1540.39 built by: WinDDK, C:2008-02-04 20:55 M:2007-03-07 18:47] [amdbusdr / amdbusdr][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\amdbusdr.sys> [AMD, 8.2.8, C:2008-02-04 20:55 M:2006-02-26 23:21] [AMD EIDE ЁE / amdeide][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\AmdEide.sys> [AMD, 8.2.8, C:2008-02-04 20:55 M:2006-02-26 23:21] [AMD K8 Processor Driver / AmdK8][Stopped/Manual Start] [Advanced Micro Devices, 1.3.2 (dnsrv(wmbla).060701-2226), C:2005-08-12 09:09 M:2006-07-01 22:43] [SiI-3112 SATALink Controller / ASH1205][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\ASH1205.sys> [Silicon Image, Inc., 1, 0, 0, 41, C:2008-02-04 20:55 M:2006-02-26 23:21] [askd / askd][Stopped/Manual Start] <\??\C:\WINDOWS\system32\drivers\askd.ahc> [N/A, C:2009-04-16 21:33 M:2009-05-08 22:01] [ata1200a / ata1200a][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\ata1200a.sys> [Adaptec, Inc., v1.3, C:2008-02-04 20:55 M:2006-02-26 23:21] [atiide / atiide][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\atiide.sys> [ATI Technologies Inc., 1.00.0000.3 built by: WinDDK, C:2008-02-04 20:55 M:2006-02-26 23:21] [Promise driver accelerator / bb-run][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\bb-run.sys> [Promise Technology, Inc., 1.0.1.2 built by: WinDDK, C:2008-02-04 20:55 M:2003-11-05 15:45] [DELL CERC SATA 1.5/6ch RAID Miniport Driver / cercsr6][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\cercsr6.sys> [Adaptec, Inc., 4.1.0.7010, C:2008-02-04 20:55 M:2006-03-28 22:43] [Cpq32fs2 / Cpq32fs2][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\Cpq32fs2.sys> [Hewlett-Packard Company, 5.24.00.0, C:2008-02-04 20:55 M:2002-11-18 23:47] [Promise Removable Disk Control Driver / dontgo][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\DontGo.sys> [Promise Technology, Inc., 1.0.0.3 built by: WinDDK, C:2008-02-04 20:55 M:2006-02-26 23:21] [fttxr52P / fttxr52P][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\fttxr52P.sys> [Promise Technology, Inc., 2.6.0.311 built by: WinDDK, C:2008-02-04 20:55 M:2005-11-09 01:07] [HpCISSm2 / HpCISSm2][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\HpCISSm2.sys> [Hewlett-Packard Company, 5.8.0.32 Build 1 (x86), C:2006-05-28 14:57 M:2006-06-16 18:17] [hptmv6 / hptmv6][Stopped/Boot Start] [HighPoint Technologies, Inc., v1.04, C:2008-02-04 20:55 M:2006-02-26 23:21] [ialm / ialm][Running/Manual Start] [Intel Corporation, 6.14.10.4864, C:2008-07-22 09:11 M:2007-08-24 11:22] [Intel RAID Controller / iaStor55][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\iaStor55.sys> [Intel Corporation, 5.5.0.1035, C:2008-02-04 20:55 M:2005-10-12 18:07] [ATK0100 ACPI UTILITY / MTsensor][Running/Manual Start] [1043, 2, 15, 46, C:2008-07-22 09:11 M:2005-02-17 23:07] [mv61xx / mv61xx][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\mv61xx.sys> [Marvell Semiconductor, Inc., 1.2.0.24 built by: WinDDK, C:2008-02-04 20:55 M:2007-02-09 20:24] [mvSata / mvSata][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\mvsata.sys> [Marvell Semiconductors Inc., 3, 4, 1, 2, C:2008-02-04 20:55 M:2004-09-24 06:34] [NetGroup Packet Filter Driver / NPF][Running/Manual Start] [CACE Technologies, 3, 2, 0, 29, C:2008-12-30 21:40 M:2008-12-30 21:40] [npkcrypt / npkcrypt][Stopped/Manual Start] <\??\C:\WINDOWS\system32\npkcrypt.sys> [] [npkycryp / npkycryp][Stopped/Manual Start] <\??\C:\WINDOWS\system32\npkycryp.sys> [] [nvgts / nvgts][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\nvgts.sys> [NVIDIA Corporation, 10.1.0.20 built by: WinDDK, C:2008-02-04 20:55 M:2007-09-11 23:18] [NVIDIA nForce RAID Driver / nvrd32][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\nvrd32.sys> [NVIDIA Corporation, 10.1.0.20 built by: WinDDK, C:2008-02-04 20:55 M:2007-09-11 15:18] [QKeyServiceDisplay / QKeyService][Running/Boot Start] [ Tencent Technology (Shenzhen) Company Limited, 1, 0, 0, 9, C:2008-10-16 11:19 M:2008-03-12 18:00] [ql2100 / ql2100][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\ql2100.sys> [QLogic Corporation, 7.05.05 (W2K), C:2006-08-31 00:17 M:2006-02-26 23:21] [ql2200 / ql2200][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\ql2200.sys> [QLogic Corporation, 8.1.5.12 (W2K IP), C:2006-08-31 00:17 M:2006-02-26 23:21] [rr172x / rr172x][Stopped/Boot Start] [HighPoint Technologies, Inc., v1.0, C:2008-02-04 20:55 M:2007-06-12 18:06] [rr174x / rr174x][Stopped/Boot Start] [HighPoint Technologies, Inc., v1.02, C:2008-02-04 20:55 M:2007-02-01 21:14] [rr2340 / rr2340][Stopped/Boot Start] [HighPoint Technologies, Inc., v1.4, C:2008-02-04 20:55 M:2007-07-02 23:14] [SATALink External Device Filter / SiRemFil][Running/Boot Start] [Silicon Image, Inc., 1, 1, 6, 0, C:2008-02-04 20:55 M:2006-10-18 20:20] [sisraidx / sisraidx][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\sisraidx.sys> [Silicon Integrated Systems Corp., 2.11.01 built by: WinDDK, C:2008-02-04 20:55 M:2007-01-12 21:36] [CP2101 USB Composite Device driver (WDM) / slabbus][Stopped/Manual Start] [MCCI, V4.20, C:2008-07-22 11:47 M:2004-03-25 18:37] [CP2101 USB to UART Bridge Controller Drivers / slabser][Stopped/Manual Start] [MCCI, V4.20, C:2008-07-22 11:46 M:2004-03-25 18:36] [smserial / smserial][Running/Manual Start] [Motorola Inc., SM56 Rel. 6.11 Build 13 Preview 01, C:2008-07-22 09:13 M:2007-10-13 14:40] [TCP/IP Protocol Driver / Tcpip][Running/System Start] [Microsoft Corporation, 5.1.2600.3394 (xpsp_sp2_gdr.080620-1245), C:2004-08-17 12:00 M:2008-06-20 18:45] [ViBus / ViBus][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\ViBus.sys> [VIA Technologies, Inc., 6.0.6000.212, C:2008-02-04 20:55 M:2007-03-26 21:26] [videX32 / videX32][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\videX32.sys> [VIA Technologies, Inc., 6.0.3790.160, C:2008-02-04 20:55 M:2006-10-18 03:22] [VIA SATA IDE Device Driver / ViPrt][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\ViPrt.sys> [VIA Technologies, Inc., 6.0.6000.212, C:2008-02-04 20:55 M:2007-03-26 21:26] [VIA SATA IDE Hot-plug Driver / xfilt][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\xfilt.sys> [VIA Technologies,Inc, 6.0.5728.160, C:2008-02-04 20:55 M:2006-10-19 00:39] [ZSMC USB PC Camera (ZS211) / ZSMC211][Running/Manual Start] [ZSMC.Corporation, 211, 0, 0, 0, C:2008-07-22 09:13 M:2007-06-13 09:24] [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start] [(Verified)Intel Corporation, 5.10.3523 built by: WinDDK, C:2006-11-07 01:20 M:2001-08-17 12:20] [AliIde / AliIde][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\aliide.sys> [(Verified)Acer Laboratories Inc., 1.20, C:2005-06-29 18:14 M:2005-06-16 08:58] [AMD AGP Bus Filter Driver / amdagp][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\amdagp.sys> [(Verified)Advanced Micro Devices, Inc., 5.00 (xpsp_sp2_rtm.040803-2158), C:2008-02-04 20:55 M:2004-08-03 23:07] [Atheros Wireless Network Adapter Service / AR5211][Stopped/Manual Start] [(Verified)Atheros Communications, Inc., 5.3.0.35, C:2008-07-22 09:12 M:2007-04-05 07:19] [CmdIde / CmdIde][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\cmdide.sys> [(Verified)CMD Technology, Inc., 2.0.7 (XPClient.010817-1148), C:2004-04-12 20:37 M:2001-08-31 15:29] [VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start] [(Verified)VIA Technologies, Inc. , 2.66, C:2006-11-07 01:20 M:2001-08-17 12:13] [Microsoft High Definition Audio UAA / HDAudBus][Running/Manual Start] [(Verified)Windows (R) Server 2003 DDK provider, 5.10.01.5013 built by: WinDDK, C:2005-01-07 17:07 M:2005-01-07 17:07] [hookcont / hookcont][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 6, C:2009-05-04 16:16 M:2009-05-04 16:13] [hooksys / hooksys][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 55, C:2009-05-04 16:16 M:2009-05-04 16:12] [Intel RAID Controller / iaStor70][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\iaStor70.sys> [(Verified)Intel Corporation, 7.0.0.1020, C:2008-02-04 20:55 M:2007-02-12 19:36] [Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start] [(Verified)Realtek Semiconductor Corp., 5.10.0.5559 built by: WinDDK, C:2008-07-22 09:12 M:2008-01-30 11:28] [nv / nv][Stopped/Manual Start] [(Verified)NVIDIA Corporation, 6.14.10.5673, C:2006-11-07 01:20 M:2004-08-03 22:29] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:2004-08-17 12:00 M:2004-08-17 12:00] [Rising RfwBase Driver / RfwBase9][Running/Manual Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.2, C:2009-05-04 16:16 M:2009-05-04 16:13] [rfwtdi / rfwtdi][Running/Auto Start] <\??\D:\ɱ\Rising\Ris\rfwtdi.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.7, C:2009-05-04 16:16 M:2009-05-04 16:13] [rimmptsk / rimmptsk][Running/Manual Start] [(Verified)REDC, 1.0.0.9, C:2008-07-22 09:11 M:2005-11-16 20:28] [rimsptsk / rimsptsk][Running/Manual Start] [(Verified)REDC, 1.00.02.05, C:2008-07-22 09:11 M:2005-12-22 17:02] [Ricoh xD-Picture Card Driver / rismxdp][Running/Manual Start] [(Verified)REDC, 1.00.02.08, C:2008-07-22 09:11 M:2005-11-01 18:08] [rsfwdrv / rsfwdrv][Running/System Start] <\??\D:\ɱ\Rising\Ris\rsfwdrv.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.47, C:2009-05-04 16:16 M:2009-05-04 16:13] [RsNTGDI / RsNTGDI][Running/Boot Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-05-04 16:16 M:2009-05-04 16:12] [Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver / RTLE8023xp][Running/Manual Start] [(Verified)Realtek Semiconductor Corporation , 5.684.1205.2007 built by: WinDDK, C:2008-07-22 09:12 M:2007-12-05 21:45] [Secdrv / Secdrv][Stopped/Manual Start] [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:2004-08-17 12:00 M:2007-11-13 18:25] [SIS AGP Bus Filter / sisagp][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\sisagp.sys> [(Verified)Silicon Integrated Systems Corporation, 5.12.01.2010 (xpsp_sp2_rtm.040803-2158), C:2008-02-04 20:55 M:2004-08-03 23:07] [TesDrvPt / TesDrvPt][Stopped/Manual Start] <\??\C:\WINDOWS\system32\TesDrvPt.sys> [(Verified)TENCENT, 1.0.4 built by: WinDDK, C:2008-11-18 12:20 M:2008-11-18 12:21] [TesSafe / TesSafe][Stopped/Manual Start] <\??\C:\WINDOWS\system32\TesSafe.sys> [(Verified)TENCENT, 0, 0, 9, 6, C:2008-10-16 11:19 M:2009-03-13 21:46] ======================================== [PID: 936 / SYSTEM] \SystemRoot\System32\smss.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] [PID: 996 / SYSTEM] \??\C:\WINDOWS\system32\csrss.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] [PID: 1024 / SYSTEM] \??\C:\WINDOWS\system32\winlogon.exe [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2006-09-24 16:42] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 1068 / SYSTEM] C:\WINDOWS\system32\services.exe [(Verified)Microsoft Corporation, 5.1.2600.3520 (xpsp_sp2_qfe.090206-1239), C:2004-08-17 12:00 M:2009-02-09 17:48] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 1080 / SYSTEM] C:\WINDOWS\system32\lsass.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 1244 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 1320 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 1460 / SYSTEM] D:\ɱ\Rising\Ris\CCENTER.EXE [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-05-04 16:16 M:2009-05-04 16:13] D:\ɱ\Rising\Ris\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-05-04 16:16 M:2009-05-04 16:13] D:\ɱ\Rising\Ris\cnt09.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 37, C:2009-05-04 16:16 M:2009-05-04 16:13] D:\ɱ\Rising\Ris\cnt08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2009-05-04 16:16 M:2009-05-04 16:13] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 1468 / SYSTEM] C:\WINDOWS\System32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\System32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 1516 / SYSTEM] D:\ɱ\Rising\Ris\RavTask.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24, C:2009-05-04 16:16 M:2009-05-04 16:13] D:\ɱ\Rising\Ris\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-05-04 16:16 M:2009-05-04 16:13] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:1980-01-01 00:00 M:2005-07-27 22:56] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:1980-01-01 00:00 M:2005-07-27 22:56] D:\ɱ\Rising\Ris\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.19, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\rstask.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 36, C:2009-05-04 16:16 M:2009-05-04 16:13] D:\ɱ\Rising\Ris\rsstub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-05-04 16:16 M:2009-05-04 16:13] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 1584 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 1716 / LOCAL SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 1792 / SYSTEM] D:\ɱ\Rising\Ris\RavMonD.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-05-04 16:16 M:2009-05-04 16:13] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:1980-01-01 00:00 M:2005-07-27 22:56] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:1980-01-01 00:00 M:2005-07-27 22:56] D:\ɱ\Rising\Ris\moncomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\MonBase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\Rslog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.36, C:2009-05-04 16:16 M:2009-05-04 16:13] D:\ɱ\Rising\Ris\mondrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\defmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 31, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\moncom08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-05-04 16:16 M:2009-05-04 16:13] D:\ɱ\Rising\Ris\MonRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\FileMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 27, C:2009-05-04 16:16 M:2009-05-04 16:13] D:\ɱ\Rising\Ris\MailMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24, C:2009-05-04 16:16 M:2009-05-04 16:13] D:\ɱ\Rising\Ris\HookWeb.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-05-04 16:16 M:2009-05-04 16:13] D:\ɱ\Rising\Ris\rfwlog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13, C:2009-05-04 16:16 M:2009-05-04 16:13] D:\ɱ\Rising\Ris\rfwrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25, C:2009-05-04 16:16 M:2009-05-04 16:13] D:\ɱ\Rising\Ris\rfwsrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.84, C:2009-05-04 16:16 M:2009-05-04 16:13] D:\ɱ\Rising\Ris\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\mPorts.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.0, C:2009-05-04 16:16 M:2009-05-04 16:13] D:\ɱ\Rising\Ris\rfwdrvc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.3, C:2009-05-04 16:16 M:2009-05-04 16:13] D:\ɱ\Rising\Ris\Rfwdrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.5, C:2009-05-04 16:16 M:2009-05-04 16:13] D:\ɱ\Rising\Ris\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14, C:2009-05-04 16:16 M:2009-05-04 16:13] D:\ɱ\Rising\Ris\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\urlrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1.0.0.18, C:2009-05-04 16:16 M:2009-05-04 16:13] D:\ɱ\Rising\Ris\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2009-05-04 16:16 M:2009-05-07 15:51] D:\ɱ\Rising\Ris\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2009-05-04 16:16 M:2009-05-07 15:51] D:\ɱ\Rising\Ris\rfwproxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25, C:2009-05-04 16:16 M:2009-05-04 16:13] D:\ɱ\Rising\Ris\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-05-04 16:16 M:2009-05-04 16:13] D:\ɱ\Rising\Ris\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.19, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\Hooksys.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 18, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2009-05-04 16:16 M:2009-05-04 16:13] D:\ɱ\Rising\Ris\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2009-05-04 16:16 M:2009-05-04 16:13] D:\ɱ\Rising\Ris\HookCont.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 12, C:2009-05-04 16:16 M:2009-05-04 16:13] D:\ɱ\Rising\Ris\BACore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 22, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\RSStore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-05-04 16:16 M:2009-05-04 16:29] D:\ɱ\Rising\Ris\ScanAdd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.17, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\Scanner.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.38, C:2009-05-04 16:16 M:2009-05-04 16:29] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] D:\ɱ\Rising\Ris\ffr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\nvfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\scanexec.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\unexe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\scanex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 36, C:2009-05-04 16:16 M:2009-05-04 16:29] D:\ɱ\Rising\Ris\pearc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\scanpe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-05-04 16:16 M:2009-05-04 16:29] D:\ɱ\Rising\Ris\ur000.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13, C:2009-05-04 16:16 M:2009-05-04 16:29] D:\ɱ\Rising\Ris\urutils.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\revm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-05-04 16:16 M:2009-05-05 15:12] D:\ɱ\Rising\Ris\urllib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-05-04 16:16 M:2009-05-04 16:13] D:\ɱ\Rising\Ris\extfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\scansct.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\extmail.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\scriptci.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\ur023.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6, C:2009-05-04 16:16 M:2009-05-04 16:29] [PID: 1920 / SYSTEM] C:\WINDOWS\system32\spoolsv.exe [(Verified)Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519), C:2004-08-17 12:00 M:2005-06-11 07:53] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 236 / Administrator] C:\WINDOWS\Explorer.EXE [(Verified)Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234), C:2004-08-17 12:00 M:2007-06-13 21:21] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-05-04 16:16 M:2009-05-04 16:12] C:\Program Files\WinRAR\rarext.dll [N/A, C:2008-02-02 02:17 M:2007-09-21 16:56] [PID: 512 / Administrator] D:\ɱ\Rising\Ris\RsTray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22, C:2009-05-04 16:16 M:2009-05-04 16:12] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] D:\ɱ\Rising\Ris\ComServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.49, C:2009-05-04 16:16 M:2009-05-04 16:12] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:1980-01-01 00:00 M:2005-07-27 22:56] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:1980-01-01 00:00 M:2005-07-27 22:56] D:\ɱ\Rising\Ris\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\rsxml.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-05-04 16:16 M:2009-05-04 16:13] D:\ɱ\Rising\Ris\MonState.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\ScanEvnt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.14, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 73, C:2009-05-04 16:16 M:2009-05-04 16:12] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2008-07-22 09:51 M:2008-07-22 09:50] D:\ɱ\Rising\Ris\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.19, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\rfwrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25, C:2009-05-04 16:16 M:2009-05-04 16:13] D:\ɱ\Rising\Ris\rspalvd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.24, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14, C:2009-05-04 16:16 M:2009-05-04 16:13] D:\ɱ\Rising\Ris\ravbintl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\mruleui.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\MonTray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.1.0, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\RavITray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\ScanPrxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.17, C:2009-05-04 16:16 M:2009-05-04 16:29] D:\ɱ\Rising\Ris\rfwtray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 1, 11, C:2009-05-04 16:16 M:2009-05-04 16:13] D:\ɱ\Rising\Ris\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\rfwlog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13, C:2009-05-04 16:16 M:2009-05-04 16:13] [PID: 520 / Administrator] C:\WINDOWS\RTHDCPL.EXE [(Verified)Realtek Semiconductor Corp., 2.1.8.7, C:2008-07-22 09:12 M:2008-01-29 15:47] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 536 / Administrator] C:\WINDOWS\system32\ctfmon.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 668 / Administrator] D:\ɱ\Rising\Ris\rsnetsvr.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 15, C:2009-05-04 16:16 M:2009-05-04 16:13] D:\ɱ\Rising\Ris\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.12, C:2009-05-04 16:16 M:2009-05-04 16:13] D:\ɱ\Rising\Ris\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-05-04 16:16 M:2009-05-04 16:13] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:1980-01-01 00:00 M:2005-07-27 22:56] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:1980-01-01 00:00 M:2005-07-27 22:56] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 796 / Administrator] C:\Program Files\racer-ccn-racerpc-ha\racer.exe [Putian Runway, 3,3,130,306, C:2008-12-30 21:40 M:2008-12-30 21:40] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\Program Files\racer-ccn-racerpc-ha\rwxre.dll [Putian Runway, 3,3,130,306, C:2008-12-30 21:40 M:2008-12-30 21:40] C:\Program Files\racer-ccn-racerpc-ha\nspr4.dll [Netscape Communications Corporation, 4.6.1, C:2008-12-30 21:40 M:2008-12-30 21:40] C:\Program Files\racer-ccn-racerpc-ha\xpcom_core.dll [Mozilla Foundation, Personal, C:2008-12-30 21:40 M:2008-12-30 21:40] C:\Program Files\racer-ccn-racerpc-ha\plc4.dll [Netscape Communications Corporation, 4.6.1, C:2008-12-30 21:40 M:2008-12-30 21:40] C:\Program Files\racer-ccn-racerpc-ha\plds4.dll [Netscape Communications Corporation, 4.6.1, C:2008-12-30 21:40 M:2008-12-30 21:40] C:\Program Files\racer-ccn-racerpc-ha\nss3.dll [Netscape Communications Corporation, 3.10.2, C:2008-12-30 21:40 M:2008-12-30 21:40] C:\Program Files\racer-ccn-racerpc-ha\softokn3.dll [Netscape Communications Corporation, 3.10.2, C:2008-12-30 21:40 M:2008-12-30 21:40] C:\Program Files\racer-ccn-racerpc-ha\js3250.dll [Netscape Communications Corporation, 4.0, C:2008-12-30 21:40 M:2008-12-30 21:40] C:\Program Files\racer-ccn-racerpc-ha\gkgfx.dll [Mozilla Foundation, Personal, C:2008-12-30 21:40 M:2008-12-30 21:40] C:\Program Files\racer-ccn-racerpc-ha\xpcom_compat.dll [Mozilla Foundation, Personal, C:2008-12-30 21:40 M:2008-12-30 21:40] C:\Program Files\racer-ccn-racerpc-ha\smime3.dll [Netscape Communications Corporation, 3.10.2, C:2008-12-30 21:40 M:2008-12-30 21:40] C:\Program Files\racer-ccn-racerpc-ha\ssl3.dll [Netscape Communications Corporation, 3.10.2, C:2008-12-30 21:40 M:2008-12-30 21:40] C:\Program Files\racer-ccn-racerpc-ha\components\racer_base_comp.dll [Putian Runway, 3,3,130,306, C:2008-12-30 21:40 M:2008-12-30 21:40] C:\Program Files\racer-ccn-racerpc-ha\racer_base.dll [Putian Runway, 3,3,130,306, C:2008-12-30 21:40 M:2008-12-30 21:40] C:\Program Files\racer-ccn-racerpc-ha\kbdhook.dll [Putian Runway, 3,3,130,306, C:2008-12-30 21:40 M:2008-12-30 21:40] C:\Program Files\racer-ccn-racerpc-ha\components\jar50.dll [Mozilla Foundation, Personal, C:2008-12-30 21:40 M:2008-12-30 21:40] C:\Program Files\racer-ccn-racerpc-ha\components\gklayout.dll [Mozilla Foundation, Personal, C:2008-12-30 21:40 M:2008-12-30 21:40] C:\Program Files\racer-ccn-racerpc-ha\nssckbi.dll [Netscape Communications Corporation, 1.53, C:2008-12-30 21:40 M:2008-12-30 21:40] C:\Program Files\racer-ccn-racerpc-ha\components\racer_ad_comp.dll [Putian Runway, 3,3,130,306, C:2008-12-30 21:40 M:2008-12-30 21:40] C:\Program Files\racer-ccn-racerpc-ha\components\racer_access_pppoe.dll [Putian Runway, 3,3,130,325, C:2008-12-30 21:40 M:2008-12-30 21:40] C:\Program Files\racer-ccn-racerpc-ha\pppoe.dll [Ƽ޹˾, 9, 0, 22, 50, C:2008-12-30 21:40 M:2008-12-30 21:40] C:\Program Files\racer-ccn-racerpc-ha\components\racer_nss4_comp.dll [Putian Runway, 3,3,130,306, C:2008-12-30 21:40 M:2008-12-30 21:40] C:\Program Files\racer-ccn-racerpc-ha\nss4.dll [Ƽ޹˾, 1, 0, 0, 4, C:2008-12-30 21:40 M:2008-12-30 21:40] C:\Program Files\racer-ccn-racerpc-ha\wpcap.dll [CACE Technologies, 3, 2, 0, 29, C:2008-12-30 21:40 M:2008-12-30 21:40] C:\Program Files\racer-ccn-racerpc-ha\packet.dll [CACE Technologies, 3, 2, 0, 29, C:2008-12-30 21:40 M:2008-12-30 21:40] C:\Program Files\racer-ccn-racerpc-ha\WanPacket.dll [CACE Technologies, 3, 2, 0, 29, C:2008-12-30 21:40 M:2008-12-30 21:40] C:\Program Files\racer-ccn-racerpc-ha\plugins\NPSWF32.dll [(Verified)N/A, C:2008-12-30 21:40 M:2008-12-30 21:40] [PID: 1272 / Administrator] C:\AntiSpyware\ras.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.7, C:2009-05-01 19:41 M:2009-05-01 19:40] C:\AntiSpyware\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2009-05-01 19:41 M:2009-05-01 19:40] C:\AntiSpyware\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2009-05-01 19:41 M:2009-05-01 19:40] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\AntiSpyware\KakaMgr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.28, C:2009-05-01 19:41 M:2009-05-01 19:40] C:\AntiSpyware\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2009-05-01 19:41 M:2009-05-01 19:40] C:\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-05-01 19:41 M:2009-05-01 19:40] C:\AntiSpyware\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2009-05-01 19:41 M:2009-05-01 19:40] C:\AntiSpyware\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2009-05-01 19:41 M:2009-05-01 19:40] C:\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-05-01 19:41 M:2009-05-01 19:40] C:\AntiSpyware\dbmgr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.4, C:2009-05-01 19:41 M:2009-05-01 19:40] C:\AntiSpyware\RSXML.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2009-05-01 19:41 M:2009-05-01 19:40] C:\AntiSpyware\pweb.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.21, C:2009-05-01 19:41 M:2009-05-01 19:40] C:\AntiSpyware\pscan.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.64, C:2009-05-01 19:41 M:2009-05-01 19:40] C:\AntiSpyware\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.11, C:2009-05-01 19:41 M:2009-05-01 19:40] C:\AntiSpyware\pset.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.12, C:2009-05-01 19:41 M:2009-05-01 19:40] C:\AntiSpyware\pdefend.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.14, C:2009-05-01 19:41 M:2009-05-01 19:40] C:\AntiSpyware\ptools.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.16, C:2009-05-01 19:41 M:2009-05-01 19:40] C:\AntiSpyware\psysinfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.57, C:2009-05-01 19:41 M:2009-05-01 19:40] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-05-04 16:16 M:2009-05-04 16:12] C:\AntiSpyware\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2009-05-01 19:41 M:2009-05-01 19:40] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-17 12:00] [PID: 1376 / Administrator] C:\AntiSpyware\knownsvr.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.14, C:2009-05-01 19:41 M:2009-05-01 19:40] C:\AntiSpyware\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.11, C:2009-05-01 19:41 M:2009-05-01 19:40] C:\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-05-01 19:41 M:2009-05-01 19:40] C:\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-05-01 19:41 M:2009-05-01 19:40] [PID: 556 / LOCAL SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 888 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll [Microsoft Corporation, 5.1.3102.5581 (xpsp_sp3_qfe.080415-1416), C:2008-12-19 12:31 M:2008-12-19 12:32] [PID: 896 / SYSTEM] D:\ɱ\Rising\Ris\ScanFrm.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2009-05-04 16:16 M:2009-05-04 16:12] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:1980-01-01 00:00 M:2005-07-27 22:56] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:1980-01-01 00:00 M:2005-07-27 22:56] D:\ɱ\Rising\Ris\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-05-04 16:16 M:2009-05-04 16:13] D:\ɱ\Rising\Ris\moncomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\scansrvp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.12, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-05-04 16:16 M:2009-05-04 16:13] D:\ɱ\Rising\Ris\ScanSrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.10, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-05-04 16:16 M:2009-05-04 16:12] D:\ɱ\Rising\Ris\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-05-04 16:16 M:2009-05-04 16:12] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 2460 / LOCAL SERVICE] C:\WINDOWS\System32\alg.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\System32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 3920 / Administrator] C:\WINDOWS\system32\rundll32.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\PROGRA~1\RACER-~1\pppoe.dll [Ƽ޹˾, 9, 0, 22, 50, C:2008-12-30 21:40 M:2008-12-30 21:40] [PID: 756 / Administrator] C:\Program Files\Internet Explorer\IEXPLORE.EXE [(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-11-07 01:31 M:2004-08-17 20:00] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\WINDOWS\system32\browselc.dll [Microsoft Corporation, 6.00.2600.0000, C:1980-01-01 00:00 M:2001-09-29 14:39] C:\Program Files\Tencent\QQDownload2\QQIEHelper01.dll [(Verified)Tencent Technology (Shenzhen) Company Limited, 2, 0, 528, 204, C:2008-04-01 16:05 M:2008-04-01 16:05] C:\WINDOWS\system32\UrlFilter.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2009-05-01 19:41 M:2009-05-01 19:40] C:\AntiSpyware\UrlRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1.0.0.15, C:2009-05-01 19:41 M:2009-05-01 19:40] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-17 12:00] D:\ɱ\Rising\Ris\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.70, C:2009-05-04 16:16 M:2009-05-04 16:13] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:1980-01-01 00:00 M:2005-07-27 22:56] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:1980-01-01 00:00 M:2005-07-27 22:56] C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx [(Verified)Adobe Systems, Inc., 10,0,22,87, C:2009-02-03 10:07 M:2009-02-03 10:07] [PID: 956 / Administrator] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX01.609\arswp2\ArSwp.exe [(Verified)ArSwp.com, 2, 8, 2, 1115, C:2009-05-09 19:09 M:2008-11-15 11:58] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-17 12:00] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX01.609\arswp2\plugin\ArFix.dll [(Verified)ArSwp.Com, 2, 5, 0, 0, C:2009-05-09 19:09 M:2007-11-28 15:19] ======================================== ļ ======================================== AutoRun.INF ======================================== Winsockṩ ======================================== HOSTS 127.0.0.1 localhost [/CODE]