[CODE]

2009-05-22,23:55:16

SysLog Scanner 1.0 - build 20080726
Arswp (http://www.arswp.com)

Windows XP Professional Service Pack 3 (build 2600) - Administrators



========================================
×¢²áÏî

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <PPS Accelerator><D:\Downloads\PPSÍøÂçµçÊÓ\PPStream\ppsap.exe>  [(Verified)PPStream Inc, 1, 0, 11, 171, C:2007-01-01 03:18 M:2008-12-11 18:06]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    <FlashPlayerUpdate><C:\WINDOWS\system32\Macromed\Flash\FlashUtil10a.exe>  [(Verified)Adobe Systems, Inc., 10,0,12,36, C:2009-01-14 20:36 M:2009-01-14 20:36]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00|NVIDIA Corporation, 6.14.11.8120, C:2009-04-09 14:33 M:2008-12-26 00:08]
    <RavTray><"D:\Downloads\ÈðÐÇ\Rising\Rav\RsTray.exe" -system>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22, C:2009-04-07 13:22 M:2009-04-07 13:21]
    <runeip><"D:\Downloads\ÈðÐÇ¿¨¿¨\rstray.exe" /startup>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.17, C:2009-04-07 15:19 M:2009-05-22 17:21]
    <RFWTray><"D:\Downloads\ÈðÐÇ·À»ðÇ½\Rising\Rfw\RsTray.exe" -system>  []
    <RfwMain><"D:\Downloads\ÈðÐÇ·À»ðÇ½\Rising\Rfw\rfwmain.exe" -Startup>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.1.70, C:2009-05-22 23:43 M:2009-05-22 23:42]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_Dlls><kmon.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-04-09 15:20 M:2009-04-09 15:19]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Ê¹ÓÃ³¬¼¶Ðý·çÏÂÔØ]
    <><D:\Downloads\³¬¼¶Ðý·ç\geturl.htm>  [N/A, C:2008-11-21 15:47 M:2008-11-21 15:47]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Ê¹ÓÃ³¬¼¶Ðý·çÏÂÔØÈ«²¿Á´½Ó]
    <><D:\Downloads\³¬¼¶Ðý·ç\getAllurl.htm>  [N/A, C:2008-11-21 15:47 M:2008-11-21 15:47]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Ê¹ÓÃ³¬¼¶Ðý·çÏÂÔØ±¾Ò³ÊÓÆµ]
    <><D:\Downloads\³¬¼¶Ðý·ç\geturlflv.htm>  [N/A, C:2008-09-27 18:34 M:2008-09-27 18:34]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00|(Verified)Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339), C:2008-04-14 20:00 M:2009-03-08 04:32|(Verified)N/A, C:2008-04-14 20:00 M:2008-04-14 20:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MenuExt\Ìí¼Óµ½QQ±íÇé]
    <><D:\Downloads\qq\Bin\AddEmotion.htm>  [N/A, C:2009-04-11 12:00 M:2009-04-11 12:00]


========================================
Æô¶¯Ïî



========================================
¼Æ»®ÈÎÎñ

[GoogleUpdateTaskMachine.job]
    <C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job --> "C:\Program Files\Google\Update\GoogleUpdate.exe" /c > [(Verified)Google Inc., 1.2.131.7, C:2009-04-09 20:19 M:2009-04-09 20:19]


========================================
×é¼þ


Shell Extension
[Display Panning CPL Extension]
    {42071714-76d4-11d1-8b24-00a0c9068ff3}  <deskpan.dll>  []
[HyperTerminal Icon Ext]
    {88895560-9AA2-1069-930E-00AA0030EBC8}  <C:\WINDOWS\system32\hticons.dll>  [(Verified)Hilgraeve, Inc., 5.1.2600.0, C:2009-01-15 01:20 M:2008-04-14 20:00]
[Microsoft Agent Character Property Sheet Handler]
    {143A62C8-C33B-11D1-84FE-00C04FA34A14}  <C:\WINDOWS\msagent\AgentPsh.dll>  [Microsoft Corporation, 2.00.0.2115, C:1998-09-15 17:21 M:1998-09-15 17:21]
[WinRAR shell extension]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <C:\Program Files\WinRAR\rarext.dll>  [N/A, C:2009-04-09 14:37 M:2008-09-30 21:14]
[Desktop Explorer]
    {1CDB2949-8F65-4355-8456-263E7C208A5D}  <C:\WINDOWS\system32\nvshell.dll>  [N/A, C:2009-04-09 14:35 M:2008-12-26 00:08]
[Desktop Explorer Menu]
    {1E9B04FB-F9E5-4718-997B-B8DA88302A47}  <C:\WINDOWS\system32\nvshell.dll>  [N/A, C:2009-04-09 14:35 M:2008-12-26 00:08]
[nView Desktop Context Menu]
    {1E9B04FB-F9E5-4718-997B-B8DA88302A48}  <C:\WINDOWS\system32\nvshell.dll>  [N/A, C:2009-04-09 14:35 M:2008-12-26 00:08]
[RISING]
    {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}  <C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-04-09 15:07 M:2009-04-09 15:06]

Protocols
[]
    {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC}  <C:\WINDOWS\system32\KuGoo3DownXControl.ocx>  [¿á¹·, 5.2.4.4, C:2009-04-09 19:39 M:2008-11-20 08:33]

BrowserHelperObject
[QQCycloneHelper Class]
    {00000000-12C9-4305-82F9-43058F20E8D2}  <D:\Downloads\³¬¼¶Ðý·ç\QQIEHelper01.dll>  [(Verified)Tencent Technology (Shenzhen) Company Limited, 1, 9, 266, 266, C:2008-03-06 14:36 M:2008-03-06 14:36]

ActiveX Extension
[QQCycloneHelper Class]
    {00000000-12C9-4305-82F9-43058F20E8D2}  <D:\Downloads\³¬¼¶Ðý·ç\QQIEHelper01.dll>  [(Verified)Tencent Technology (Shenzhen) Company Limited, 1, 9, 266, 266, C:2008-03-06 14:36 M:2008-03-06 14:36]
[iTrusPTA Class]
    {1E0DFFCF-27FF-4574-849B-55007349FEDA}  <C:\WINDOWS\system32\aliedit\pta.dll>  [(Verified)Copyright 2001, 2, 5, 1, 509, C:2009-04-09 14:49 M:2009-03-02 19:56]
[QQRightClick Class]
    {4836C333-208E-4BCE-B30B-00B9545B0F6E}  <D:\Downloads\³¬¼¶Ðý·ç\QQIEHelper01.dll>  [(Verified)Tencent Technology (Shenzhen) Company Limited, 1, 9, 266, 266, C:2008-03-06 14:36 M:2008-03-06 14:36]
[EditCtrl Class]
    {488A4255-3236-44B3-8F27-FA1AECAA8844}  <C:\WINDOWS\system32\aliedit\aliedit.dll>  [(Verified)Copyright 2008, 2, 1, 2, 4, C:2009-04-09 14:49 M:2009-03-02 19:54]
[BOC ProcessProtect Class]
    {776B71E2-B4CC-4C94-BC7C-09103AA690B6}  <ProcessProtection.dll>  [(Verified)www.ISRA.org.cn, 1, 2, 2, 5, C:2009-04-09 14:53 M:2008-10-14 16:26]
[QQDownload Class]
    {8AC3BC28-E145-4385-A694-8AAC128ACB16}  <D:\Downloads\³¬¼¶Ðý·ç\QQIEHelper01.dll>  [(Verified)Tencent Technology (Shenzhen) Company Limited, 1, 9, 266, 266, C:2008-03-06 14:36 M:2008-03-06 14:36]
[¿¨¿¨ÉÏÍø°²È«ÖúÊÖ]
    {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}  <C:\WINDOWS\system32\UrlFilter.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2009-04-09 15:20 M:2009-04-09 15:19]
[QQPlayerCtrl Class]
    {CD108273-D434-43E6-AA90-1469F97EB398}  <D:\Downloads\qq\Plugin\Com.Tencent.QQMusic\bin\QQMusic\QzoneMusic.dll>  [(Verified)ÉîÛÚÌÚÑ¶¿Æ¼¼, 3, 1, 164, 203, C:2009-04-11 12:00 M:2009-04-11 12:00]
[Shockwave Flash Object]
    {D27CDB6E-AE6D-11CF-96B8-444553540000}  <C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx>  [(Verified)Adobe Systems, Inc., 10,0,12,36, C:2009-01-14 20:36 M:2009-01-14 20:36]
[PlayerCtrl Class]
    {E05BC2A3-9A46-4A32-80C9-023A473F5B23}  <D:\Downloads\qq\Plugin\Com.Tencent.QQMusic\bin\QQMusic\QzoneMusic.dll>  [(Verified)ÉîÛÚÌÚÑ¶¿Æ¼¼, 3, 1, 164, 203, C:2009-04-11 12:00 M:2009-04-11 12:00]
[BOC Edit Class]
    {E61E8363-041F-455C-8AD0-8A61F1D8E540}  <KeyboardProtection.dll>  [(Verified)www.ISRA.org.cn, 1, 1, 7, 14, C:2009-04-09 14:53 M:2008-10-14 16:24]
[Google Update Plugin]
    {EC025568-79FC-4196-9E4F-66F702CF4F16}  <C:\Program Files\Google\Update\1.2.145.5\npGoogleOneClick8.dll>  [(Verified)Google Inc., 1.2.145.5, C:2009-05-22 23:42 M:2009-05-22 23:42]

Context Menu
[RisingRavExt]
    {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}  <C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-04-09 15:07 M:2009-04-09 15:06]
[WinRAR]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <C:\Program Files\WinRAR\rarext.dll>  [N/A, C:2009-04-09 14:37 M:2008-09-30 21:14]


========================================
·þÎñ

[Contrl Center of Storm Media / ccosm][Running/Auto Start]
    <D:\Downloads\±©·çÓ°Òô\stormliv.exe /asservice>  [±±¾©±©·çÍø¼Ê¿Æ¼¼ÓÐÏÞ¹«Ë¾, 3, 8, 12, 12, C:2008-12-01 19:24 M:2008-12-24 17:44]
[Human Interface Device Access / HidServ][Stopped/Disabled]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\hidserv.dll">  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-14 20:00 M:2008-04-14 20:00]
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
    <%SystemRoot%\system32\nvsvc32.exe>  [NVIDIA Corporation, 6.14.11.8120, C:2009-04-09 14:33 M:2008-12-26 00:08]
[Rfw Process Communication Center / RfwCCenter][Stopped/Auto Start]
    <D:\Downloads\ÈðÐÇ·À»ðÇ½\Rising\Rfw\CCENTER.EXE>  []
[Rising RfwTask Manager / RfwTask][Stopped/Auto Start]
    <"D:\Downloads\ÈðÐÇ·À»ðÇ½\Rising\Rfw\RavTask.exe" RfwTask>  []

[Google ¸üÐÂ·þ„Õ (gupdate1c9b90d819cf852) / gupdate1c9b90d819cf852][Stopped/Auto Start]
    <"C:\Program Files\Google\Update\GoogleUpdate.exe" /svc>  [(Verified)Google Inc., 1.2.131.7, C:2009-04-09 20:19 M:2009-04-09 20:19]
[Rav Process Communication Center / RavCCenter][Stopped/Auto Start]
    <D:\Downloads\ÈðÐÇ\Rising\Rav\CCENTER.EXE>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-04-07 13:22 M:2009-04-07 13:21]
[Rising RavTask Manager / RavTask][Running/Auto Start]
    <"D:\Downloads\ÈðÐÇ\Rising\Rav\RavTask.exe" RavTask>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24, C:2009-04-07 13:22 M:2009-05-22 17:20]
[Rising Proxy  Service / RfwProxySrv][Stopped/Auto Start]
    <D:\Downloads\ÈðÐÇ·À»ðÇ½\Rising\Rfw\rfwProxy.exe>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.38, C:2009-05-22 23:43 M:2009-05-22 23:45]
[Rising Personal Firewall Service / RfwService][Stopped/Auto Start]
    <D:\Downloads\ÈðÐÇ·À»ðÇ½\Rising\Rfw\rfwsrv.exe>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.77, C:2009-05-22 23:43 M:2009-05-22 23:42]
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
    <D:\Downloads\ÈðÐÇ\Rising\Rav\RavMonD.exe>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-04-07 13:22 M:2009-05-22 17:20]
[Rising Scan Service / RsScanSrv][Stopped/Auto Start]
    <D:\Downloads\ÈðÐÇ\Rising\Rav\ScanFrm.exe>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2009-04-07 13:22 M:2009-05-22 17:19]


========================================
Çý¶¯

[EagleNT / EagleNT][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\drivers\EagleNT.sys>  []
[nv / nv][Running/Manual Start]
    <system32\DRIVERS\nv4_mini.sys>  [NVIDIA Corporation, 6.14.11.8120, C:2009-04-09 14:33 M:2008-12-26 00:08]
[Protector / Protector][Running/System Start]
    <system32\drivers\Protector.sys>  [N/A, C:2009-04-09 14:53 M:2008-01-03 11:38]
[ProtectorA / ProtectorA][Running/System Start]
    <\??\C:\WINDOWS\system32\drivers\ProtectorA.sys>  [N/A, C:2009-04-09 14:53 M:2008-10-14 11:51]
[rfwtdi / rfwtdi][Stopped/Auto Start]
    <\??\D:\Downloads\ÈðÐÇ·À»ðÇ½\Rising\Rfw\rfwtdi.sys>  []
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
    <system32\DRIVERS\tcpip.sys>  [Microsoft Corporation, 5.1.2600.5649 (xpsp_sp3_qfe.080728-1259), C:2009-01-14 20:38 M:2009-01-14 20:38]

[Microsoft ÓÃÓÚ High Definition Audio µÄ UAA ×ÜÏßÇý¶¯³ÌÐò / HDAudBus][Running/Manual Start]
    <system32\DRIVERS\HDAudBus.sys>  [(Verified)Windows (R) Server 2003 DDK provider, 5.10.01.5013 built by: WinDDK, C:2008-04-14 20:00 M:2008-04-14 20:00]
[hookcont / hookcont][Running/System Start]
    <system32\drivers\HookCont.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 6, C:2009-04-09 15:07 M:2009-04-09 15:06]
[hooksys / hooksys][Running/System Start]
    <system32\drivers\HookSys.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 53, C:2009-04-09 15:07 M:2009-04-09 15:06]
[HookUrl / HookUrl][Stopped/Auto Start]
    <\??\D:\Downloads\ÈðÐÇ·À»ðÇ½\Rising\Rfw\HookUrl.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.13, C:2009-05-22 23:43 M:2009-05-22 23:42]
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
    <system32\drivers\RtkHDAud.sys>  [(Verified)Realtek Semiconductor Corp., 5.10.0.5764 built by: WinDDK, C:2009-04-09 14:33 M:2008-12-23 18:12]
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
    <system32\DRIVERS\ptilink.sys>  [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:2008-04-14 20:00 M:2008-04-14 20:00]
[Rising  Rfwbase Driver / RfwBase][Stopped/Auto Start]
    <System32\DRIVERS\rfwbase.SYS>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.2, C:2009-04-10 18:34 M:2009-04-10 18:32]
[Rising RfwBase Driver / RfwBase9][Running/Manual Start]
    <system32\DRIVERS\rfwbase.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.2, C:2009-04-10 18:34 M:2009-04-10 18:32]
[RsFwDrv / RsFwDrv][Stopped/System Start]
    <\??\D:\Downloads\ÈðÐÇ·À»ðÇ½\Rising\Rfw\RsFwDrv.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.35, C:2009-05-22 23:43 M:2009-05-22 23:42]
[RsNTGDI / RsNTGDI][Running/Boot Start]
    <system32\Drivers\RsNTGdi.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-04-09 15:07 M:2009-04-09 15:06]
[Realtek 10/100/1000 PCI NIC Family NDIS XP Driver / RTL8023xp][Running/Manual Start]
    <system32\DRIVERS\Rtnicxp.sys>  [(Verified)Realtek Semiconductor Corporation                           , 5.681.1120.2007 built by: WinDDK, C:2009-04-09 14:34 M:2007-11-20 19:09]
[Secdrv / Secdrv][Stopped/Manual Start]
    <system32\DRIVERS\secdrv.sys>  [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:2008-04-14 20:00 M:2008-04-14 20:00]


========================================
½ø³Ì

[PID: 944 / SYSTEM]   \SystemRoot\System32\smss.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-14 20:00 M:2008-04-14 20:00]

[PID: 1004 / SYSTEM]   \??\C:\WINDOWS\system32\csrss.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-14 20:00 M:2008-04-14 20:00]

[PID: 1028 / SYSTEM]   \??\C:\WINDOWS\system32\winlogon.exe   [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2008-04-24 00:14 M:2008-04-24 00:14]
    C:\WINDOWS\system32\sfc_os.dll  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2009-01-14 20:38 M:2009-01-14 20:38]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 19:13 M:2008-04-13 19:13]

[PID: 1072 / SYSTEM]   C:\WINDOWS\system32\services.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-14 20:00 M:2008-04-14 20:00]

[PID: 1084 / SYSTEM]   C:\WINDOWS\system32\lsass.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2008-04-14 20:00 M:2008-04-14 20:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 19:13 M:2008-04-13 19:13]

[PID: 1244 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-14 20:00 M:2008-04-14 20:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 19:13 M:2008-04-13 19:13]

[PID: 1312 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-14 20:00 M:2008-04-14 20:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 19:13 M:2008-04-13 19:13]

[PID: 1436 / SYSTEM]   D:\Downloads\ÈðÐÇ\Rising\Rav\CCENTER.EXE   [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\combase.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\cnt09.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 37, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\cnt08.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2009-04-07 13:22 M:2009-04-07 13:21]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 19:13 M:2008-04-13 19:13]

[PID: 1444 / SYSTEM]   C:\WINDOWS\System32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-14 20:00 M:2008-04-14 20:00]
    C:\WINDOWS\System32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 19:13 M:2008-04-13 19:13]
    C:\WINDOWS\System32\sfc_os.dll  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2009-01-14 20:38 M:2009-01-14 20:38]

[PID: 1512 / SYSTEM]   D:\Downloads\ÈðÐÇ\Rising\Rav\RavTask.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24, C:2009-04-07 13:22 M:2009-05-22 17:20]
    D:\Downloads\ÈðÐÇ\Rising\Rav\proccomm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-04-07 13:22 M:2009-04-07 13:21]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2009-01-15 02:03 M:2009-01-15 02:03]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2009-01-15 02:03 M:2009-01-15 02:03]
    D:\Downloads\ÈðÐÇ\Rising\Rav\rsconf.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.19, C:2009-04-07 13:22 M:2009-05-22 17:20]
    D:\Downloads\ÈðÐÇ\Rising\Rav\rstask.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 36, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\rsstub.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-04-07 13:22 M:2009-04-07 13:21]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 19:13 M:2008-04-13 19:13]

[PID: 1680 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-14 20:00 M:2008-04-14 20:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 19:13 M:2008-04-13 19:13]

[PID: 1844 / LOCAL SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-14 20:00 M:2008-04-14 20:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 19:13 M:2008-04-13 19:13]

[PID: 1896 / SYSTEM]   D:\Downloads\ÈðÐÇ\Rising\Rav\RavMonD.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-04-07 13:22 M:2009-05-22 17:20]
    D:\Downloads\ÈðÐÇ\Rising\Rav\combase.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-04-07 13:22 M:2009-04-07 13:21]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2009-01-15 02:03 M:2009-01-15 02:03]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2009-01-15 02:03 M:2009-01-15 02:03]
    D:\Downloads\ÈðÐÇ\Rising\Rav\moncomm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13, C:2009-04-07 13:22 M:2009-05-22 17:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\MonBase.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\Rslog.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.36, C:2009-04-07 13:22 M:2009-05-22 17:20]
    D:\Downloads\ÈðÐÇ\Rising\Rav\mondrv.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\defmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 31, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\moncom08.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\MonRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\FileMon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28, C:2009-04-07 13:22 M:2009-05-22 17:20]
    D:\Downloads\ÈðÐÇ\Rising\Rav\MailMon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\HookWeb.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\proccomm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.19, C:2009-04-07 13:22 M:2009-05-22 17:20]
    D:\Downloads\ÈðÐÇ\Rising\Rav\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\Hooksys.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 18, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\HookCont.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 12, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\rsnetsvr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\BACore.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 22, C:2009-04-07 13:22 M:2009-04-07 13:21]
    C:\WINDOWS\system32\sfc_os.dll  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2009-01-14 20:38 M:2009-01-14 20:38]
    D:\Downloads\ÈðÐÇ\Rising\Rav\recomp.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\refs.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\RSStore.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-04-07 13:22 M:2009-05-22 17:20]
    D:\Downloads\ÈðÐÇ\Rising\Rav\ScanAdd.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.17, C:2009-04-07 13:22 M:2009-05-22 17:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\Scanner.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.38, C:2009-04-07 13:22 M:2009-05-22 17:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\viruslib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2009-04-07 13:22 M:2009-05-22 17:20]
    D:\Downloads\ÈðÐÇ\Rising\Rav\relibldr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6, C:2009-04-07 13:22 M:2009-05-22 17:20]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 19:13 M:2008-04-13 19:13]
    D:\Downloads\ÈðÐÇ\Rising\Rav\extfile.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14, C:2009-04-07 13:22 M:2009-05-22 17:20]
    D:\Downloads\ÈðÐÇ\Rising\Rav\ffr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\nvfile.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\scanexec.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\unexe.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\scanex.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 41, C:2009-04-07 13:22 M:2009-05-22 17:20]
    D:\Downloads\ÈðÐÇ\Rising\Rav\scansct.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\pearc.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\scanpe.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14, C:2009-04-07 13:22 M:2009-05-22 17:20]
    D:\Downloads\ÈðÐÇ\Rising\Rav\ur000.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13, C:2009-04-07 13:22 M:2009-05-22 17:20]
    D:\Downloads\ÈðÐÇ\Rising\Rav\urutils.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\revm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2009-04-07 13:22 M:2009-05-22 17:20]
    D:\Downloads\ÈðÐÇ\Rising\Rav\ur025.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\extmail.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2009-04-07 13:22 M:2009-05-22 17:20]
    D:\Downloads\ÈðÐÇ\Rising\Rav\ur001.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2009-04-07 13:22 M:2009-04-07 13:21]

[PID: 2036 / SYSTEM]   C:\WINDOWS\system32\spoolsv.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2008-04-14 20:00 M:2008-04-14 20:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 19:13 M:2008-04-13 19:13]
    C:\WINDOWS\system32\sfc_os.dll  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2009-01-14 20:38 M:2009-01-14 20:38]

[PID: 180 / SYSTEM]   D:\Downloads\ÈðÐÇ\Rising\Rav\rsnetsvr.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 15, C:2009-04-07 13:22 M:2009-05-22 17:19]
    D:\Downloads\ÈðÐÇ\Rising\Rav\NComm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.12, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\ProcComm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-04-07 13:22 M:2009-04-07 13:21]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2009-01-15 02:03 M:2009-01-15 02:03]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2009-01-15 02:03 M:2009-01-15 02:03]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 19:13 M:2008-04-13 19:13]

[PID: 1384 / Administrator]   C:\WINDOWS\Explorer.EXE   [(Verified)Microsoft Corporation, 6.00.2900.5634 (xpsp_sp3_qfe.080703-1303), C:2009-01-14 20:35 M:2009-01-14 20:35]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 19:13 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-04-09 15:20 M:2009-04-09 15:19]
    C:\WINDOWS\system32\browselc.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-10-28 19:26 M:2008-10-28 19:26]
    C:\Program Files\WinRAR\rarext.dll  [N/A, C:2009-04-09 14:37 M:2008-09-30 21:14]
    C:\WINDOWS\system32\RavExt.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-04-09 15:07 M:2009-04-09 15:06]
    C:\WINDOWS\system32\nvapi.dll  [NVIDIA Corporation, 6.14.11.8120, C:2009-04-09 14:33 M:2008-12-26 00:08]

[PID: 1572 / SYSTEM]   D:\Downloads\±©·çÓ°Òô\stormliv.exe   [±±¾©±©·çÍø¼Ê¿Æ¼¼ÓÐÏÞ¹«Ë¾, 3, 8, 12, 12, C:2008-12-01 19:24 M:2008-12-24 17:44]
    D:\Downloads\±©·çÓ°Òô\MSVCP60.dll  [Microsoft Corporation, 6.02.3104.0, C:2008-08-26 11:12 M:2008-08-26 11:12]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-04-09 15:20 M:2009-04-09 15:19]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 19:13 M:2008-04-13 19:13]
    D:\Downloads\±©·çÓ°Òô\bfoptdll.dll  [±±¾©±©·çÍø¼Ê¿Æ¼¼ÓÐÏÞ¹«Ë¾, 3, 8, 7, 16, C:2008-08-01 20:11 M:2008-08-01 20:11]
    D:\Downloads\±©·çÓ°Òô\box\BoxLog.dll  [±±¾©±©·çÍø¼Ê¿Æ¼¼ÓÐÏÞ¹«Ë¾, 3, 8, 12, 12, C:2008-12-01 21:46 M:2008-12-24 17:38]

[PID: 1696 / SYSTEM]   C:\WINDOWS\system32\nvsvc32.exe   [NVIDIA Corporation, 6.14.11.8120, C:2009-04-09 14:33 M:2008-12-26 00:08]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-04-09 15:20 M:2009-04-09 15:19]
    C:\WINDOWS\system32\nvapi.dll  [NVIDIA Corporation, 6.14.11.8120, C:2009-04-09 14:33 M:2008-12-26 00:08]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 19:13 M:2008-04-13 19:13]

[PID: 684 / SYSTEM]   D:\Downloads\ÈðÐÇ\Rising\Rav\ScanFrm.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2009-04-07 13:22 M:2009-05-22 17:19]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2009-01-15 02:03 M:2009-01-15 02:03]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2009-01-15 02:03 M:2009-01-15 02:03]
    D:\Downloads\ÈðÐÇ\Rising\Rav\combase.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\moncomm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13, C:2009-04-07 13:22 M:2009-05-22 17:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\scansrvp.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.12, C:2009-04-07 13:22 M:2009-05-22 17:20]
    D:\Downloads\ÈðÐÇ\Rising\Rav\proccomm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\ScanSrv.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.10, C:2009-04-07 13:22 M:2009-05-22 17:20]
    D:\Downloads\ÈðÐÇ\Rising\Rav\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-04-07 13:22 M:2009-04-07 13:21]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 19:13 M:2008-04-13 19:13]
    D:\Downloads\ÈðÐÇ\Rising\Rav\ScanRavT.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25, C:2009-04-07 13:22 M:2009-05-22 17:20]
    D:\Downloads\ÈðÐÇ\Rising\Rav\ScanBT.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.46, C:2009-04-07 13:22 M:2009-05-22 17:20]
    D:\Downloads\ÈðÐÇ\Rising\Rav\ScanStub.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.9, C:2009-04-07 13:22 M:2009-05-22 17:20]
    D:\Downloads\ÈðÐÇ\Rising\Rav\RsLog.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.36, C:2009-04-07 13:22 M:2009-05-22 17:20]
    D:\Downloads\ÈðÐÇ\Rising\Rav\ScanAdd.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.17, C:2009-04-07 13:22 M:2009-05-22 17:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.19, C:2009-04-07 13:22 M:2009-05-22 17:20]
    D:\Downloads\ÈðÐÇ\Rising\Rav\Scanner.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.38, C:2009-04-07 13:22 M:2009-05-22 17:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\recomp.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\refs.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\viruslib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2009-04-07 13:22 M:2009-05-22 17:20]
    D:\Downloads\ÈðÐÇ\Rising\Rav\relibldr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6, C:2009-04-07 13:22 M:2009-05-22 17:20]
    D:\Downloads\ÈðÐÇ\Rising\Rav\ffr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\nvfile.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\scanexec.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\unexe.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\scanex.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 41, C:2009-04-07 13:22 M:2009-05-22 17:20]
    D:\Downloads\ÈðÐÇ\Rising\Rav\pearc.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\scanpe.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14, C:2009-04-07 13:22 M:2009-05-22 17:20]
    D:\Downloads\ÈðÐÇ\Rising\Rav\ur000.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13, C:2009-04-07 13:22 M:2009-05-22 17:20]
    D:\Downloads\ÈðÐÇ\Rising\Rav\urutils.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\revm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2009-04-07 13:22 M:2009-05-22 17:20]
    D:\Downloads\ÈðÐÇ\Rising\Rav\extfile.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14, C:2009-04-07 13:22 M:2009-05-22 17:20]

[PID: 696 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-14 20:00 M:2008-04-14 20:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 19:13 M:2008-04-13 19:13]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5660_x-ww_e0385ec6\gdiplus.dll  [Microsoft Corporation, 5.1.3102.5660 (xpsp_sp3_qfe.080820-1303), C:2009-01-15 01:15 M:2009-01-14 20:34]

[PID: 3536 / Administrator]   D:\Downloads\ÈðÐÇ\Rising\Rav\RsTray.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22, C:2009-04-07 13:22 M:2009-04-07 13:21]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 19:13 M:2008-04-13 19:13]
    D:\Downloads\ÈðÐÇ\Rising\Rav\ComServ.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.49, C:2009-04-07 13:22 M:2009-04-07 13:21]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2009-01-15 02:03 M:2009-01-15 02:03]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2009-01-15 02:03 M:2009-01-15 02:03]
    D:\Downloads\ÈðÐÇ\Rising\Rav\rslang.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\rsxml.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\ProcComm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\MonState.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\ScanEvnt.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.14, C:2009-04-07 13:22 M:2009-05-22 17:20]
    D:\Downloads\ÈðÐÇ\Rising\Rav\rsguilib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 75, C:2009-04-07 13:22 M:2009-05-22 17:20]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2008-06-03 17:44 M:2008-06-03 17:44]
    D:\Downloads\ÈðÐÇ\Rising\Rav\rsconf.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.19, C:2009-04-07 13:22 M:2009-05-22 17:20]
    D:\Downloads\ÈðÐÇ\Rising\Rav\rspalvd.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.26, C:2009-04-07 13:22 M:2009-05-22 17:20]
    D:\Downloads\ÈðÐÇ\Rising\Rav\ravbintl.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 29, C:2009-04-07 13:22 M:2009-05-22 17:20]
    D:\Downloads\ÈðÐÇ\Rising\Rav\mruleui.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\MonTray.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.1.2, C:2009-04-07 13:22 M:2009-05-22 17:20]
    D:\Downloads\ÈðÐÇ\Rising\Rav\PngDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\RavITray.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ\Rising\Rav\ScanPrxy.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.17, C:2009-04-07 13:22 M:2009-05-22 17:20]
    D:\Downloads\ÈðÐÇ\Rising\Rav\rsmginfo.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-04-07 13:22 M:2009-04-07 13:21]

[PID: 3652 / Administrator]   D:\Downloads\ÈðÐÇ¿¨¿¨\rstray.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.17, C:2009-04-07 15:19 M:2009-05-22 17:21]
    D:\Downloads\ÈðÐÇ¿¨¿¨\rsmginfo.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-04-07 15:19 M:2009-05-22 17:15]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 19:13 M:2008-04-13 19:13]
    D:\Downloads\ÈðÐÇ¿¨¿¨\RsXML.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2009-04-07 15:19 M:2009-05-22 17:15]
    D:\Downloads\ÈðÐÇ¿¨¿¨\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2009-04-07 15:19 M:2009-05-22 17:15]
    D:\Downloads\ÈðÐÇ¿¨¿¨\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2009-04-07 15:19 M:2009-05-22 17:15]
    D:\Downloads\ÈðÐÇ¿¨¿¨\ComServ.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.31, C:2009-04-07 15:19 M:2009-05-22 17:15]
    D:\Downloads\ÈðÐÇ¿¨¿¨\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-04-07 15:19 M:2009-05-22 17:15]
    D:\Downloads\ÈðÐÇ¿¨¿¨\rscommon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.1.1, C:2009-04-07 15:19 M:2009-05-22 17:15]
    D:\Downloads\ÈðÐÇ¿¨¿¨\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-04-07 15:19 M:2009-05-22 17:15]
    D:\Downloads\ÈðÐÇ¿¨¿¨\pngdll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2009-04-07 15:19 M:2009-05-22 17:15]
    D:\Downloads\ÈðÐÇ¿¨¿¨\runiep.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.43, C:2009-04-07 15:19 M:2009-05-22 17:21]
    D:\Downloads\ÈðÐÇ¿¨¿¨\NComm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.11, C:2009-04-07 15:19 M:2009-05-22 17:15]
    D:\Downloads\ÈðÐÇ\Rising\Rav\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2009-04-07 13:22 M:2009-04-07 13:21]
    D:\Downloads\ÈðÐÇ¿¨¿¨\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2009-04-07 15:19 M:2009-05-22 17:15]

[PID: 3864 / LOCAL SERVICE]   C:\WINDOWS\System32\alg.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2008-04-14 20:00 M:2008-04-14 20:00]
    C:\WINDOWS\System32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 19:13 M:2008-04-13 19:13]
    C:\WINDOWS\System32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-04-09 15:20 M:2009-04-09 15:19]

[PID: 3940 / Administrator]   C:\WINDOWS\system32\ctfmon.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 19:13 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-04-09 15:20 M:2009-04-09 15:19]

[PID: 2092 / SYSTEM]   C:\WINDOWS\System32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-14 20:00 M:2008-04-14 20:00]
    C:\WINDOWS\System32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 19:13 M:2008-04-13 19:13]

[PID: 596 / Administrator]   D:\Downloads\PPSÍøÂçµçÊÓ\PPStream\ppsap.exe   [(Verified)PPStream Inc, 1, 0, 11, 171, C:2007-01-01 03:18 M:2008-12-11 18:06]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-04-09 15:20 M:2009-04-09 15:19]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 19:13 M:2008-04-13 19:13]
    d:\Downloads\PPSÍøÂçµçÊÓ\PPStream\Vodnet.dll  [(Verified)PPStream Inc., 1, 0, 11, 203, C:2009-03-03 11:43 M:2009-03-03 11:43]
    d:\Downloads\PPSÍøÂçµçÊÓ\PPStream\vodres.dll  [(Verified)PPStream Inc., 1, 0, 11, 202, C:2009-02-27 17:54 M:2009-02-27 17:54]
    d:\Downloads\PPSÍøÂçµçÊÓ\PPStream\ppssg.dll  [(Verified)PPStream Inc., 1, 0, 11, 192, C:2009-02-23 11:55 M:2009-02-23 11:55]
    d:\Downloads\PPSÍøÂçµçÊÓ\PPStream\fds.dll  [(Verified)PPStream Inc., 1, 0, 0, 101, C:2009-03-18 17:42 M:2009-03-18 17:42]

[PID: 2544 / Administrator]   C:\WINDOWS\system32\conime.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 19:13 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-04-09 15:20 M:2009-04-09 15:19]
    D:\Downloads\ÈðÐÇ¿¨¿¨\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-04-07 15:19 M:2009-05-22 17:15]
    D:\Downloads\ÈðÐÇ¿¨¿¨\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-04-07 15:19 M:2009-05-22 17:15]

[PID: 1076 / SYSTEM]   C:\Program Files\Google\Update\GoogleUpdate.exe   [(Verified)Google Inc., 1.2.131.7, C:2009-04-09 20:19 M:2009-04-09 20:19]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-04-09 15:20 M:2009-04-09 15:19]
    D:\Downloads\ÈðÐÇ¿¨¿¨\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-04-07 15:19 M:2009-05-22 17:15]
    D:\Downloads\ÈðÐÇ¿¨¿¨\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-04-07 15:19 M:2009-05-22 17:15]
    C:\Program Files\Google\Update\1.2.145.5\goopdate.dll  [(Verified)Google Inc., 1.2.145.5, C:2009-05-22 23:42 M:2009-05-22 23:42]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 19:13 M:2008-04-13 19:13]

[PID: 3044 / Administrator]   E:\ÐÂ½¨ÎÄ¼þ¼Ð (4)\ÐÂ½¨ÎÄ¼þ¼Ð\arswp2\ArSwp.exe   [(Verified)ArSwp.com, 2, 8, 2, 1115, C:2009-04-04 13:44 M:2008-11-15 11:58]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-04-09 15:20 M:2009-04-09 15:19]
    D:\Downloads\ÈðÐÇ¿¨¿¨\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-04-07 15:19 M:2009-05-22 17:15]
    D:\Downloads\ÈðÐÇ¿¨¿¨\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-04-07 15:19 M:2009-05-22 17:15]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 19:13 M:2008-04-13 19:13]
    E:\ÐÂ½¨ÎÄ¼þ¼Ð (4)\ÐÂ½¨ÎÄ¼þ¼Ð\arswp2\plugin\ArFix.dll  [(Verified)ArSwp.Com, 2, 5, 0, 0, C:2009-04-04 13:44 M:2007-11-28 15:19]


========================================
ÎÄ¼þ¹ØÁª

[.log] <"C:\WINDOWS\notepad2.exe" "%1"> [(c) Florian Balmer 2004, 1, 1, 0, 8, C:2007-05-15 21:28 M:2007-05-15 21:28]


========================================
AutoRun.INF



========================================
WinsockÌá¹©Õß



========================================
HOSTS

    127.0.0.1 localhost


[/CODE]