[CODE] 2009-06-01,00:41:39 SysLog Scanner 1.0 - build 20080726 Arswp (http://www.arswp.com) Windows XP Home Edition Service Pack 3 (build 2600) - Administrators ======================================== 注册项 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [(Verified)Intel Corporation, 3.0.0.4342, C:2008-12-18 19:17 M:2005-06-21 23:48] [(Verified)Intel Corporation, 3.0.0.4342, C:2008-12-18 19:17 M:2005-06-21 23:44] <"D:\Program Files\Rising\Rav\RsTray.exe" -system> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22, C:2008-12-18 19:55 M:2009-01-08 13:20] <"D:\Program Files\Rising\RFW\RsTray.exe" -system> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22, C:2008-12-18 19:56 M:2009-01-08 17:24] [Microsoft Corporation, 6.0.0.2524, C:2006-03-20 16:10 M:2006-03-20 16:10] [HKEY_CURRENT_USER\Control Panel\Desktop] [版权所有 (C) 2003, 1, 0, 0, 1, C:2008-07-27 00:23 M:2005-05-16 01:57] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\Save Page As PDF ...] <> [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载] <> [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载全部链接] <> [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\导出到 Microsoft Office Excel(&X)] <> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] [(Verified)Intel Corporation, 3.0.0.4342, C:2008-12-18 19:17 M:2005-06-21 23:44] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2008-12-18 18:53 M:2008-04-18 20:00|(Verified)Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339), C:2008-12-18 18:52 M:2009-03-08 04:32|(Verified)N/A, C:2008-12-18 18:53 M:2008-04-18 20:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2008-12-18 18:53 M:2008-04-18 20:00|(Verified)Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339), C:2008-12-18 18:52 M:2009-03-08 04:32|(Verified)N/A, C:2008-12-18 19:26 M:2005-01-28 15:25] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}] <启动迅雷5> [(Verified)深圳市迅雷网络技术有限公司, 5,8,14,706, C:2009-05-27 20:53 M:2009-05-04 13:17] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\HP LaserJet P1006 Language Monitor] [(Verified)Software 2000 Limited, 2.6, C:2008-12-19 00:58 M:2007-09-10 15:12] ======================================== 启动项 ======================================== 计划任务 ======================================== 组件 Shell Extension [HyperTerminal Icon Ext] {88895560-9AA2-1069-930E-00AA0030EBC8} [(Verified)Hilgraeve, Inc., 5.1.2600.0, C:2008-12-18 19:04 M:2008-04-18 20:00] [WinRAR shell extension] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2008-12-18 19:16 M:2008-09-30 21:14] [UltraISO] {AD392E40-428C-459F-961E-9B147782D099} [EZB Systems, Inc., 1, 0, 0, 2, C:2008-12-18 19:23 M:2007-07-17 10:53] [RISING] {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-18 19:55 M:2008-12-18 19:52] [Sorcerer Shell Extension] {BAF55D20-7BC0-4bcc-A91F-A5223FFFDC9D} [(Verified)Software 2000 Limited, 2.6, C:2008-12-19 00:58 M:2007-09-10 15:12] [EncryptFile] {D55189EB-2826-4834-8E59-582B05CA99CA} [Wopti, 1.0.8.1023, C:2008-12-09 16:48 M:2008-10-23 15:23] Protocols [Microsoft Infotech Storage Protocol for IE 4.0] {0A9007C0-4076-11D3-8789-0000F8105754} [Microsoft Corporation, 05.02.9336.01, C:2000-04-19 18:47 M:2000-04-19 18:47] BrowserHelperObject [ThunderAtOnce Class] {01443AEC-0FD1-40fd-9C87-E93D1494C233} [(Verified)Thunder Networking Technologies,LTD, 1.0.5.34, C:2009-04-22 17:18 M:2008-09-06 10:36] [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 120, C:2009-04-22 17:18 M:2008-09-19 16:44] [NitroPDFBHO Class] {CF070CB8-F02F-4af4-A7B7-8D45CAD4BB54} [(Verified)Nitro PDF, 2, 1, 25, 0, C:2008-12-22 13:07 M:2008-12-22 13:07] ActiveX Extension [ThunderAtOnce Class] {01443AEC-0FD1-40FD-9C87-E93D1494C233} [(Verified)Thunder Networking Technologies,LTD, 1.0.5.34, C:2009-04-22 17:18 M:2008-09-06 10:36] [Thunder Agent Class] {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} [] [DeviceEnum Class] {54BE6B6F-3056-470B-97E1-BB92E051B6C4} [(Verified)Hewlett-Packard, 4.0.12.0, C:2008-06-19 16:24 M:2008-06-19 16:24] [XMP Class] {6483F145-A768-4C41-AACC-52D4D7845851} [深圳市迅雷网络技术有限公司, 2, 1, 9, 102, C:2008-12-18 23:05 M:2009-05-04 13:14] [XDRM] {693571CB-54A3-4E90-9D52-EEAE1334E2D3} [Copyright XunLei 2007, 1, 0, 0, 6, C:2009-04-22 16:59 M:2007-10-26 12:50] [GMNRev Class] {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} [(Verified)Hewlett-Packard, 8.7.13.0, C:2008-07-29 14:47 M:2008-07-29 14:47] [MediaComm Class] {7670648D-461B-42AF-BDFE-46D26AF5EFF2} [(Verified)深圳市迅雷网络技术有限公司, 3, 1, 7, 82, C:2009-05-27 20:53 M:2009-05-04 13:15] [XDownloaddManager Class] {802F530B-A8F6-4631-AE49-6BACAAC6373E} [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 120, C:2009-04-22 17:18 M:2008-09-19 16:44] [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 120, C:2009-04-22 17:18 M:2008-09-19 16:44] [OFrameObject Class] {9701758C-4373-482E-B13C-776C048EC890} [(Verified)ShenZhen Thunder Networking Technologies Ltd., 2, 3, 5901, 169, C:2009-05-27 19:44 M:2009-05-21 17:03] [CCTVUpdateInstall] {AC414988-E5BB-4C2C-873B-EA53D2F3D23A} [(Verified)CCTV International Networks Co.,Ltd, 1, 0, 0, 9, C:2009-02-26 08:55 M:2009-04-26 16:56] [DapCtrl Class] {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} [(Verified)ShenZhen Thunder Networking Technologies Ltd., 2, 3, 5901, 169, C:2009-05-27 19:44 M:2009-05-21 17:03] [NitroPDFBHO Class] {CF070CB8-F02F-4AF4-A7B7-8D45CAD4BB54} [(Verified)Nitro PDF, 2, 1, 25, 0, C:2008-12-22 13:07 M:2008-12-22 13:07] [RealPlayer G2 Control] {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} [(Verified)RealNetworks, Inc., 6.0.9.3084, C:2009-01-23 18:21 M:2007-12-08 00:31] [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [(Verified)Adobe Systems, Inc., 10,0,22,87, C:2009-02-03 10:07 M:2009-02-03 10:07] [Microsoft Silverlight] {DFEAF541-F3E1-4C24-ACAC-99C30715084A} [(Verified) Microsoft Corporation, 2.0.40115.0, C:2009-01-15 01:35 M:2009-01-15 01:35] [NitroPDFButton Class] {F1C0FD6C-A6A0-49A7-A932-71A56461867F} [(Verified)Nitro PDF, 2, 1, 25, 0, C:2008-12-22 13:07 M:2008-12-22 13:07] [XPPlayer Class] {F3E70CEA-956E-49CC-B444-73AFE593AD7F} [(Verified)ShenZhen Thunder Networking Technologies Ltd., 2, 1, 59010, 253, C:2009-05-27 19:44 M:2009-05-21 17:03] Context Menu [EncryptFile] {D55189EB-2826-4834-8E59-582B05CA99CA} [Wopti, 1.0.8.1023, C:2008-12-09 16:48 M:2008-10-23 15:23] [RisingRavExt] {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-18 19:55 M:2008-12-18 19:52] [WinRAR] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2008-12-18 19:16 M:2008-09-30 21:14] [UltraISO] {AD392E40-428C-459F-961E-9B147782D099} [EZB Systems, Inc., 1, 0, 0, 2, C:2008-12-18 19:23 M:2007-07-17 10:53] ======================================== 服务 [Application Management / AppMgmt][Stopped/Manual Start] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\appmgmts.dll"> [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-12-18 18:53 M:2008-04-18 20:00] [Canon Camera Access Library 8 / CCALib8][Running/Auto Start] [Canon Inc., 8, 4, 0, 1, C:2007-01-31 14:55 M:2007-01-31 14:55] [FLEXnet Licensing Service / FLEXnet Licensing Service][Stopped/Manual Start] [Macrovision Europe Ltd., 11.03.005, C:2008-12-18 23:59 M:2007-08-07 17:55] [Human Interface Device Access / HidServ][Stopped/Disabled] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\hidserv.dll"> [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-12-18 18:53 M:2008-04-18 20:00] [Rav Process Communication Center / RavCCenter][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 19:55 M:2008-12-18 19:53] [Rising RavTask Manager / RavTask][Running/Auto Start] <"D:\Program Files\Rising\Rav\RavTask.exe" RavTask> [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24, C:2008-12-18 19:55 M:2009-04-16 21:22] [Rfw Process Communication Center / RfwCCenter][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 19:56 M:2008-12-18 19:55] [Rising Personal Firewall Service / RfwService][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-18 19:56 M:2008-12-18 19:55] [Rising RfwTask Manager / RfwTask][Running/Auto Start] <"D:\Program Files\Rising\RFW\RavTask.exe" RfwTask> [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24, C:2008-12-18 19:56 M:2009-04-16 21:24] [Rising RealTime Monitor / RsRavMon][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 19:55 M:2009-05-14 18:05] [Rising Scan Service / RsScanSrv][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2008-12-18 19:55 M:2008-12-18 19:52] ======================================== 驱动 [ISO DVD/CD-ROM Device Driver / ISODrive][Running/System Start] <\??\C:\Program Files\UltraISO\drivers\ISODrive.sys> [EZB Systems, Inc., 3.12 built by: WinDDK, C:2008-12-18 19:23 M:2008-05-24 21:09] [TCP/IP Protocol Driver / Tcpip][Running/System Start] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-12-18 18:53 M:2008-06-20 19:51] [aeaudio / aeaudio][Running/Manual Start] [(Verified)Andrea Electronics Corporation, 1.0.0.2 (STUB), C:2008-12-18 19:18 M:2002-04-01 13:15] [Broadcom 440x 10/100 Integrated Controller XP Driver / bcm4sbxp][Running/Manual Start] [(Verified)Broadcom Corporation, 3.63.0.0 built by: WinDDK, C:2008-12-18 19:19 M:2003-06-30 18:11] [hookcont / hookcont][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 6, C:2008-12-18 19:55 M:2008-12-18 19:53] [hooksys / hooksys][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 55, C:2008-12-18 19:55 M:2009-05-24 11:59] [ialm / ialm][Running/Manual Start] [(Verified)Intel Corporation, 6.14.10.4342, C:2008-12-18 19:17 M:2005-06-22 00:12] [OMCI WDM Device Driver / omci][Running/System Start] [(Verified)Dell Inc., 7.6.0.(BLD_732), C:2009-03-22 18:28 M:2008-08-21 06:38] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:2008-12-18 18:53 M:2008-04-18 20:00] [Rising RfwBase Driver / RfwBase9][Running/Manual Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.2, C:2008-12-18 19:56 M:2008-12-18 19:55] [rfwtdi / rfwtdi][Running/Auto Start] <\??\D:\Program Files\Rising\RFW\rfwtdi.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.7, C:2008-12-18 19:56 M:2009-04-17 18:25] [Feitian ROCKEY4 Device Service / ROCKEYNT][Running/Manual Start] [(Verified)Feitian Technologies Co., Ltd., 5.0.4.0211, C:2008-12-18 22:56 M:2008-12-18 22:56] [rsfwdrv / rsfwdrv][Running/System Start] <\??\D:\Program Files\Rising\RFW\rsfwdrv.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.47, C:2008-12-18 19:56 M:2009-04-27 15:55] [RsNTGDI / RsNTGDI][Running/Boot Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 19:55 M:2008-12-18 19:53] [Secdrv / Secdrv][Stopped/Manual Start] [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:2008-12-18 18:53 M:2008-04-18 20:00] [smwdm / smwdm][Running/Manual Start] [(Verified)Analog Devices, Inc., 5.12.01.3555, C:2008-12-18 19:18 M:2003-02-28 09:17] ======================================== 进程 [PID: 1088 / SYSTEM] \SystemRoot\System32\smss.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-12-18 18:53 M:2008-04-18 20:00] [PID: 1152 / SYSTEM] \??\C:\WINDOWS\system32\csrss.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-12-18 18:53 M:2008-04-18 20:00] [PID: 1176 / SYSTEM] \??\C:\WINDOWS\system32\winlogon.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2008-12-18 18:53 M:2008-04-18 20:00] [PID: 1220 / SYSTEM] C:\WINDOWS\system32\services.exe [(Verified)Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234), C:2008-12-18 18:53 M:2009-02-09 19:21] [PID: 1232 / SYSTEM] C:\WINDOWS\system32\lsass.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2008-12-18 18:53 M:2008-04-18 20:00] [PID: 1396 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-12-18 18:53 M:2008-04-18 20:00] [PID: 1472 / ] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-12-18 18:53 M:2008-04-18 20:00] [PID: 1652 / SYSTEM] D:\Program Files\Rising\Rav\CCENTER.EXE [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 19:55 M:2008-12-18 19:53] D:\Program Files\Rising\Rav\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-18 19:55 M:2008-12-18 19:53] D:\Program Files\Rising\Rav\cnt09.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 37, C:2008-12-18 19:55 M:2008-12-18 19:53] D:\Program Files\Rising\Rav\cnt08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-18 19:55 M:2008-12-18 19:53] [PID: 1672 / SYSTEM] D:\Program Files\Rising\RFW\CCENTER.EXE [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 19:56 M:2008-12-18 19:55] D:\Program Files\Rising\RFW\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-18 19:56 M:2008-12-18 19:55] D:\Program Files\Rising\RFW\cnt09.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 37, C:2008-12-18 19:56 M:2008-12-18 19:55] [PID: 1680 / SYSTEM] C:\WINDOWS\System32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-12-18 18:53 M:2008-04-18 20:00] D:\Program Files\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.74, C:2008-12-18 19:55 M:2009-05-24 12:05] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-12-18 19:55 M:2008-12-18 19:52] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2008-12-18 19:55 M:2008-12-18 19:52] [PID: 1736 / SYSTEM] D:\Program Files\Rising\Rav\RavTask.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24, C:2008-12-18 19:55 M:2009-04-16 21:22] D:\Program Files\Rising\Rav\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-18 19:55 M:2008-12-18 19:53] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2008-12-18 19:55 M:2008-12-18 19:52] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-12-18 19:55 M:2008-12-18 19:52] D:\Program Files\Rising\Rav\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-18 19:55 M:2009-03-19 12:33] D:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-18 19:55 M:2008-12-18 19:52] D:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.19, C:2008-12-18 19:55 M:2009-04-22 18:00] D:\Program Files\Rising\Rav\rstask.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 39, C:2008-12-18 19:55 M:2009-05-31 17:12] D:\Program Files\Rising\Rav\rsstub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-18 19:55 M:2008-12-18 19:53] [PID: 1768 / SYSTEM] D:\Program Files\Rising\RFW\RavTask.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24, C:2008-12-18 19:56 M:2009-04-16 21:24] D:\Program Files\Rising\RFW\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-18 19:56 M:2008-12-18 19:55] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2008-12-18 19:55 M:2008-12-18 19:52] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-12-18 19:55 M:2008-12-18 19:52] D:\Program Files\Rising\RFW\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-18 19:56 M:2009-03-19 17:53] D:\Program Files\Rising\RFW\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-18 19:56 M:2008-12-18 19:55] D:\Program Files\Rising\RFW\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.19, C:2008-12-18 19:56 M:2009-04-23 20:57] D:\Program Files\Rising\RFW\rstask.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 39, C:2008-12-18 19:56 M:2009-05-31 17:11] D:\Program Files\Rising\RFW\rsstub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-18 19:56 M:2008-12-18 19:55] [PID: 1824 / ] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-12-18 18:53 M:2008-04-18 20:00] [PID: 1964 / ] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-12-18 18:53 M:2008-04-18 20:00] [PID: 2016 / SYSTEM] D:\Program Files\Rising\RFW\rfwsrv.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-18 19:56 M:2008-12-18 19:55] D:\Program Files\Rising\RFW\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-18 19:56 M:2008-12-18 19:55] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-12-18 19:55 M:2008-12-18 19:52] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2008-12-18 19:55 M:2008-12-18 19:52] D:\Program Files\Rising\RFW\MonBase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6, C:2008-12-18 19:56 M:2009-02-25 19:02] D:\Program Files\Rising\RFW\MonComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13, C:2008-12-18 19:56 M:2009-05-21 01:03] D:\Program Files\Rising\RFW\rfwlog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13, C:2008-12-18 19:56 M:2009-04-23 20:57] D:\Program Files\Rising\RFW\rfwrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25, C:2008-12-18 19:56 M:2009-05-11 18:26] D:\Program Files\Rising\RFW\rfwsrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.87, C:2008-12-18 19:56 M:2009-05-25 08:50] D:\Program Files\Rising\RFW\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-18 19:56 M:2008-12-18 19:55] D:\Program Files\Rising\RFW\mPorts.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.0, C:2008-12-18 19:56 M:2008-12-18 19:55] D:\Program Files\Rising\RFW\rfwdrvc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.3, C:2008-12-18 19:56 M:2008-12-18 19:55] D:\Program Files\Rising\RFW\Rfwdrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.5, C:2008-12-18 19:56 M:2008-12-18 19:55] D:\Program Files\Rising\RFW\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14, C:2008-12-18 19:56 M:2009-03-17 12:18] D:\Program Files\Rising\RFW\urlrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1.0.0.18, C:2008-12-18 19:56 M:2008-12-25 19:28] D:\Program Files\Rising\RFW\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-25 19:29 M:2009-02-25 19:02] D:\Program Files\Rising\RFW\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-18 19:56 M:2009-03-03 17:46] D:\Program Files\Rising\RFW\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-25 19:29 M:2008-12-25 19:28] D:\Program Files\Rising\RFW\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2008-12-25 19:29 M:2009-05-08 22:21] D:\Program Files\Rising\RFW\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6, C:2008-12-25 19:29 M:2009-05-25 08:50] D:\Program Files\Rising\RFW\rfwproxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25, C:2008-12-18 19:56 M:2009-04-27 15:55] D:\Program Files\Rising\RFW\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-18 19:56 M:2008-12-18 19:55] D:\Program Files\Rising\RFW\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.19, C:2008-12-18 19:56 M:2009-04-23 20:57] D:\Program Files\Rising\RFW\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-18 19:56 M:2008-12-18 19:55] D:\Program Files\Rising\RFW\urllib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-25 19:29 M:2008-12-25 19:28] [PID: 116 / SYSTEM] D:\Program Files\Rising\Rav\RavMonD.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 19:55 M:2009-05-14 18:05] D:\Program Files\Rising\Rav\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-18 19:55 M:2008-12-18 19:53] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-12-18 19:55 M:2008-12-18 19:52] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2008-12-18 19:55 M:2008-12-18 19:52] D:\Program Files\Rising\Rav\moncomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13, C:2008-12-18 19:55 M:2009-05-24 12:05] D:\Program Files\Rising\Rav\MonBase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6, C:2008-12-18 19:55 M:2009-02-25 19:01] D:\Program Files\Rising\Rav\Rslog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-18 19:55 M:2009-05-31 17:12] D:\Program Files\Rising\Rav\mondrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2008-12-18 19:55 M:2009-03-16 15:38] D:\Program Files\Rising\Rav\defmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 31, C:2008-12-18 19:55 M:2009-03-24 22:15] D:\Program Files\Rising\Rav\moncom08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-18 19:55 M:2008-12-18 19:53] D:\Program Files\Rising\Rav\MonRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2008-12-18 19:55 M:2008-12-18 19:52] D:\Program Files\Rising\Rav\FileMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28, C:2008-12-18 19:55 M:2009-05-24 12:05] D:\Program Files\Rising\Rav\MailMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24, C:2008-12-18 19:55 M:2009-02-25 19:01] D:\Program Files\Rising\Rav\HookWeb.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-18 19:55 M:2008-12-18 19:53] D:\Program Files\Rising\Rav\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-18 19:55 M:2008-12-18 19:53] D:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-18 19:55 M:2008-12-18 19:52] D:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.19, C:2008-12-18 19:55 M:2009-04-22 18:00] D:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-18 19:55 M:2009-03-02 21:16] D:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-18 19:55 M:2008-12-18 19:52] D:\Program Files\Rising\Rav\Hooksys.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 18, C:2008-12-18 19:55 M:2008-12-18 19:52] D:\Program Files\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-12-18 19:55 M:2008-12-18 19:53] D:\Program Files\Rising\Rav\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-12-18 19:55 M:2008-12-18 19:53] D:\Program Files\Rising\Rav\HookCont.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 12, C:2008-12-18 19:55 M:2009-02-25 19:01] D:\Program Files\Rising\Rav\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14, C:2008-12-18 19:55 M:2009-03-16 15:38] D:\Program Files\Rising\Rav\BACore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 22, C:2008-12-18 19:55 M:2009-04-16 21:22] D:\Program Files\Rising\Rav\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-18 19:55 M:2009-02-25 19:02] D:\Program Files\Rising\Rav\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-18 19:55 M:2008-12-18 19:52] D:\Program Files\Rising\Rav\RSStore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-18 19:55 M:2009-05-14 18:05] D:\Program Files\Rising\Rav\ScanAdd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.19, C:2008-12-18 19:55 M:2009-05-31 17:13] D:\Program Files\Rising\Rav\Scanner.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.38, C:2008-12-18 19:55 M:2009-04-30 00:54] D:\Program Files\Rising\Rav\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2008-12-18 19:55 M:2009-05-08 22:18] D:\Program Files\Rising\Rav\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6, C:2008-12-18 19:55 M:2009-05-24 12:05] D:\Program Files\Rising\Rav\ffr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-18 19:55 M:2009-02-25 19:02] D:\Program Files\Rising\Rav\nvfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-18 19:55 M:2008-12-18 19:52] D:\Program Files\Rising\Rav\extfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14, C:2008-12-18 19:55 M:2009-05-24 12:05] D:\Program Files\Rising\Rav\scanexec.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2008-12-18 19:55 M:2009-02-25 19:02] D:\Program Files\Rising\Rav\unexe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-18 19:55 M:2008-12-18 19:52] D:\Program Files\Rising\Rav\scanex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 41, C:2008-12-18 19:55 M:2009-05-24 12:05] D:\Program Files\Rising\Rav\extmail.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2008-12-18 19:55 M:2009-04-16 21:22] D:\Program Files\Rising\Rav\scansct.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-18 19:55 M:2009-02-25 19:02] D:\Program Files\Rising\Rav\pearc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-18 19:55 M:2008-12-18 19:52] D:\Program Files\Rising\Rav\scanpe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14, C:2008-12-18 19:55 M:2009-05-24 12:05] D:\Program Files\Rising\Rav\ur000.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13, C:2008-12-18 19:55 M:2009-04-30 00:54] D:\Program Files\Rising\Rav\urutils.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-18 19:55 M:2008-12-18 19:52] D:\Program Files\Rising\Rav\revm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2008-12-18 19:55 M:2009-05-14 18:05] [PID: 156 / SYSTEM] C:\WINDOWS\system32\spoolsv.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2008-12-18 18:53 M:2008-04-18 20:00] C:\WINDOWS\system32\HP1006LM.DLL [(Verified)Software 2000 Limited, 2.6, C:2008-12-19 00:58 M:2007-09-10 15:12] C:\WINDOWS\System32\spool\PRTPROCS\W32X86\HP1006S.DLL [(Verified)Hewlett-Packard , 1.0.2, C:2008-12-19 00:58 M:2007-09-10 15:12] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HP1006MT.DLL [(Verified)Software 2000 Limited, 4.0.0.47, C:2008-12-19 00:58 M:2007-09-10 15:12] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HP1006MP.DLL [(Verified)Software 2000 Limited, 4.0.0.47, C:2008-12-19 00:58 M:2007-09-10 15:12] [PID: 440 / SYSTEM] D:\Program Files\Rising\Rav\rsnetsvr.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 15, C:2008-12-18 19:55 M:2009-03-16 15:38] D:\Program Files\Rising\Rav\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.12, C:2008-12-18 19:55 M:2009-03-16 15:38] D:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-18 19:55 M:2008-12-18 19:52] D:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-18 19:55 M:2009-03-02 21:16] D:\Program Files\Rising\Rav\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-18 19:55 M:2008-12-18 19:53] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2008-12-18 19:55 M:2008-12-18 19:52] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-12-18 19:55 M:2008-12-18 19:52] [PID: 904 / ] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-12-18 18:53 M:2008-04-18 20:00] [PID: 956 / SYSTEM] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [(Verified)Microsoft Corporation, 7.00.9466, C:2003-06-19 23:25 M:2003-06-19 23:25] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\2052\mdmui.dll [Microsoft Corporation, 7.00.9466, C:2002-01-29 15:06 M:2002-01-29 15:06] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MSDBG2.DLL [Microsoft Corporation, 7.00.9466, C:2002-01-05 08:03 M:2002-01-05 08:03] [PID: 1064 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-12-18 18:53 M:2008-04-18 20:00] [PID: 1068 / SYSTEM] D:\Program Files\Rising\Rav\ScanFrm.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2008-12-18 19:55 M:2008-12-18 19:52] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-12-18 19:55 M:2008-12-18 19:52] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2008-12-18 19:55 M:2008-12-18 19:52] D:\Program Files\Rising\Rav\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-18 19:55 M:2008-12-18 19:53] D:\Program Files\Rising\Rav\moncomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13, C:2008-12-18 19:55 M:2009-05-24 12:05] D:\Program Files\Rising\Rav\scansrvp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.13, C:2008-12-18 19:55 M:2009-05-31 17:13] D:\Program Files\Rising\Rav\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-18 19:55 M:2008-12-18 19:53] D:\Program Files\Rising\Rav\ScanSrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.10, C:2008-12-18 19:55 M:2009-04-16 21:22] D:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-18 19:55 M:2009-03-02 21:16] D:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-18 19:55 M:2008-12-18 19:52] D:\Program Files\Rising\Rav\ScanRavT.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.26, C:2008-12-18 19:55 M:2009-05-31 17:13] D:\Program Files\Rising\Rav\ScanBT.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.47, C:2008-12-18 19:55 M:2009-05-31 17:13] D:\Program Files\Rising\Rav\ScanStub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.9, C:2008-12-18 19:55 M:2009-04-16 21:22] D:\Program Files\Rising\Rav\RsLog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-18 19:55 M:2009-05-31 17:12] D:\Program Files\Rising\Rav\ScanAdd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.19, C:2008-12-18 19:55 M:2009-05-31 17:13] D:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-18 19:55 M:2008-12-18 19:52] D:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.19, C:2008-12-18 19:55 M:2009-04-22 18:00] D:\Program Files\Rising\Rav\Scanner.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.38, C:2008-12-18 19:55 M:2009-04-30 00:54] D:\Program Files\Rising\Rav\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-18 19:55 M:2009-02-25 19:02] D:\Program Files\Rising\Rav\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-18 19:55 M:2008-12-18 19:52] D:\Program Files\Rising\Rav\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2008-12-18 19:55 M:2009-05-08 22:18] D:\Program Files\Rising\Rav\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6, C:2008-12-18 19:55 M:2009-05-24 12:05] D:\Program Files\Rising\Rav\ffr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-18 19:55 M:2009-02-25 19:02] D:\Program Files\Rising\Rav\nvfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-18 19:55 M:2008-12-18 19:52] D:\Program Files\Rising\Rav\scanexec.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2008-12-18 19:55 M:2009-02-25 19:02] D:\Program Files\Rising\Rav\unexe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-18 19:55 M:2008-12-18 19:52] D:\Program Files\Rising\Rav\scanex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 41, C:2008-12-18 19:55 M:2009-05-24 12:05] D:\Program Files\Rising\Rav\extfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14, C:2008-12-18 19:55 M:2009-05-24 12:05] D:\Program Files\Rising\Rav\pearc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-18 19:55 M:2008-12-18 19:52] D:\Program Files\Rising\Rav\scanpe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14, C:2008-12-18 19:55 M:2009-05-24 12:05] D:\Program Files\Rising\Rav\ur000.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13, C:2008-12-18 19:55 M:2009-04-30 00:54] D:\Program Files\Rising\Rav\urutils.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-18 19:55 M:2008-12-18 19:52] D:\Program Files\Rising\Rav\revm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2008-12-18 19:55 M:2009-05-14 18:05] D:\Program Files\Rising\Rav\scansct.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-18 19:55 M:2009-02-25 19:02] [PID: 1784 / SYSTEM] C:\Program Files\Canon\CAL\CALMAIN.exe [Canon Inc., 8, 4, 0, 1, C:2007-01-31 14:55 M:2007-01-31 14:55] [PID: 412 / ] C:\WINDOWS\System32\alg.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2008-12-18 18:52 M:2008-04-18 20:00] [PID: 1908 / SYSTEM] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HP1006MC.EXE [(Verified)Software 2000 Limited, 4.0.0.47, C:2008-12-19 00:58 M:2007-09-10 15:12] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HP1006MP.DLL [(Verified)Software 2000 Limited, 4.0.0.47, C:2008-12-19 00:58 M:2007-09-10 15:12] [PID: 380 / 刘兆阳] C:\WINDOWS\Explorer.EXE [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-12-18 18:53 M:2008-04-18 20:00] D:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 120, C:2009-04-22 17:18 M:2008-09-19 16:44] C:\Program Files\WinRAR\rarext.dll [N/A, C:2008-12-18 19:16 M:2008-09-30 21:14] C:\Program Files\UltraISO\isoshell.dll [EZB Systems, Inc., 1, 0, 0, 2, C:2008-12-18 19:23 M:2007-07-17 10:53] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-18 19:55 M:2008-12-18 19:52] D:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll [(Verified)Thunder Networking Technologies,LTD, 1.0.5.34, C:2009-04-22 17:18 M:2008-09-06 10:36] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-12-18 19:55 M:2008-12-18 19:52] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2008-12-18 19:55 M:2008-12-18 19:52] D:\PROGRA~1\优化大师\WOPTIE~1.DLL [Wopti, 1.0.8.1023, C:2008-12-09 16:48 M:2008-10-23 15:23] [PID: 408 / 刘兆阳] C:\WINDOWS\system32\hkcmd.exe [(Verified)Intel Corporation, 3.0.0.4342, C:2008-12-18 19:17 M:2005-06-21 23:44] C:\WINDOWS\system32\hccutils.DLL [(Verified)Intel Corporation, 3.0.0.4342, C:2008-12-18 19:17 M:2005-06-21 23:43] C:\WINDOWS\system32\igfxdev.dll [(Verified)Intel Corporation, 3.0.0.4342, C:2008-12-18 19:17 M:2005-06-21 23:43] C:\WINDOWS\system32\igfxsrvc.dll [(Verified)Intel Corporation, 3.0.0.4342, C:2008-12-18 19:17 M:2005-06-21 23:44] C:\WINDOWS\system32\igfxhk.dll [(Verified)Intel Corporation, 3.0.0.4342, C:2008-12-18 19:17 M:2005-06-21 23:44] C:\WINDOWS\system32\igfxres.dll [(Verified)Intel Corporation, 3.0.0.4342, C:2008-12-18 19:21 M:2005-06-21 23:49] [PID: 1144 / 刘兆阳] D:\Program Files\Rising\Rav\RsTray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22, C:2008-12-18 19:55 M:2009-01-08 13:20] D:\Program Files\Rising\Rav\ComServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.49, C:2008-12-18 19:55 M:2009-01-15 10:55] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-12-18 19:55 M:2008-12-18 19:52] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2008-12-18 19:55 M:2008-12-18 19:52] D:\Program Files\Rising\Rav\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28, C:2008-12-18 19:55 M:2009-03-02 21:16] D:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-18 19:55 M:2009-03-02 21:16] D:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-18 19:55 M:2008-12-18 19:52] D:\Program Files\Rising\Rav\rsxml.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 19:55 M:2008-12-18 19:52] D:\Program Files\Rising\Rav\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-18 19:55 M:2008-12-18 19:53] D:\Program Files\Rising\Rav\MonState.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-18 19:55 M:2008-12-18 19:52] D:\Program Files\Rising\Rav\ScanEvnt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.14, C:2008-12-18 19:55 M:2009-04-16 21:22] D:\Program Files\Rising\Rav\rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 75, C:2008-12-18 19:55 M:2009-05-11 16:54] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2008-12-18 19:55 M:2008-12-18 19:52] D:\Program Files\Rising\Rav\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-18 19:55 M:2009-03-19 12:33] D:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-18 19:55 M:2008-12-18 19:52] D:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.19, C:2008-12-18 19:55 M:2009-04-22 18:00] D:\Program Files\Rising\Rav\rspalvd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.26, C:2008-12-18 19:55 M:2009-05-11 16:54] D:\Program Files\Rising\Rav\ravbintl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 29, C:2008-12-18 19:55 M:2009-05-11 16:54] D:\Program Files\Rising\Rav\mruleui.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10, C:2008-12-18 19:55 M:2008-12-18 19:52] D:\Program Files\Rising\Rav\MonTray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.1.4, C:2008-12-18 19:55 M:2009-05-31 17:12] D:\Program Files\Rising\Rav\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-18 19:55 M:2008-12-18 19:52] D:\Program Files\Rising\Rav\RavITray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23, C:2008-12-18 19:55 M:2009-04-16 21:22] D:\Program Files\Rising\Rav\ScanPrxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.17, C:2008-12-18 19:55 M:2009-04-30 00:54] D:\Program Files\Rising\Rav\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-18 19:55 M:2009-01-09 13:16] [PID: 1060 / 刘兆阳] D:\Program Files\Rising\RFW\RsTray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22, C:2008-12-18 19:56 M:2009-01-08 17:24] D:\Program Files\Rising\RFW\ComServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.49, C:2008-12-18 19:56 M:2009-01-15 10:54] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-12-18 19:55 M:2008-12-18 19:52] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2008-12-18 19:55 M:2008-12-18 19:52] D:\Program Files\Rising\RFW\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28, C:2008-12-18 19:56 M:2009-03-03 17:46] D:\Program Files\Rising\RFW\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-18 19:56 M:2009-03-03 17:46] D:\Program Files\Rising\RFW\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-18 19:56 M:2008-12-18 19:55] D:\Program Files\Rising\RFW\rsxml.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-18 19:56 M:2008-12-18 19:55] D:\Program Files\Rising\RFW\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-18 19:56 M:2008-12-18 19:55] D:\Program Files\Rising\RFW\MonState.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-18 19:56 M:2008-12-18 19:55] D:\Program Files\Rising\RFW\rfwrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25, C:2008-12-18 19:56 M:2009-05-11 18:26] D:\Program Files\Rising\RFW\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-18 19:56 M:2009-03-19 17:53] D:\Program Files\Rising\RFW\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-18 19:56 M:2008-12-18 19:55] D:\Program Files\Rising\RFW\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.19, C:2008-12-18 19:56 M:2009-04-23 20:57] D:\Program Files\Rising\RFW\rspalvd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.26, C:2008-12-18 19:56 M:2009-05-11 18:26] D:\Program Files\Rising\RFW\rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 75, C:2008-12-18 19:56 M:2009-05-11 18:26] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2008-12-18 19:55 M:2008-12-18 19:52] D:\Program Files\Rising\RFW\ravbintl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 29, C:2008-12-18 19:56 M:2009-05-11 18:26] D:\Program Files\Rising\RFW\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14, C:2008-12-18 19:56 M:2009-03-17 12:18] D:\Program Files\Rising\RFW\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-18 19:56 M:2009-01-09 13:15] D:\Program Files\Rising\RFW\rfwtray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 1, 11, C:2008-12-18 19:56 M:2009-04-27 15:55] D:\Program Files\Rising\RFW\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-18 19:56 M:2008-12-18 19:55] D:\Program Files\Rising\RFW\rfwlog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13, C:2008-12-18 19:56 M:2009-04-23 20:57] [PID: 2212 / 刘兆阳] C:\WINDOWS\system32\ctfmon.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2008-12-18 18:53 M:2008-04-18 20:00] [PID: 2304 / 刘兆阳] C:\Program Files\Internet Explorer\IEXPLORE.EXE [(Verified)Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339), C:2008-12-18 19:05 M:2009-03-08 14:09] [PID: 2472 / 刘兆阳] C:\Program Files\Internet Explorer\IEXPLORE.EXE [(Verified)Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339), C:2008-12-18 19:05 M:2009-03-08 14:09] D:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll [(Verified)Thunder Networking Technologies,LTD, 1.0.5.34, C:2009-04-22 17:18 M:2008-09-06 10:36] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-12-18 19:55 M:2008-12-18 19:52] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2008-12-18 19:55 M:2008-12-18 19:52] D:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 120, C:2009-04-22 17:18 M:2008-09-19 16:44] C:\Program Files\Nitro PDF\PDF Download\NitroPDF.dll [(Verified)Nitro PDF, 2, 1, 25, 0, C:2008-12-22 13:07 M:2008-12-22 13:07] D:\Program Files\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.74, C:2008-12-18 19:55 M:2009-05-24 12:05] C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx [(Verified)Adobe Systems, Inc., 10,0,22,87, C:2009-02-03 10:07 M:2009-02-03 10:07] [PID: 2720 / 刘兆阳] C:\Program Files\WinRAR\WinRAR.exe [N/A, C:2008-12-18 19:16 M:2008-09-30 21:14] [PID: 3108 / 刘兆阳] E:\Temp\Rar$EX00.500\arswp\ArSwp.exe [(Verified)ArSwp.com, 2, 8, 2, 1115, C:2009-06-01 00:40 M:2008-11-15 11:58] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\PDM.DLL [Microsoft Corporation, 7.00.9466, C:2002-01-05 15:05 M:2002-01-05 15:05] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\2052\mdmui.dll [Microsoft Corporation, 7.00.9466, C:2002-01-29 15:06 M:2002-01-29 15:06] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MSDBG2.DLL [Microsoft Corporation, 7.00.9466, C:2002-01-05 08:03 M:2002-01-05 08:03] E:\Temp\Rar$EX00.500\arswp\plugin\ArFix.dll [(Verified)ArSwp.Com, 2, 5, 0, 0, C:2009-06-01 00:40 M:2007-11-28 15:19] ======================================== 文件关联 ======================================== AutoRun.INF ======================================== Winsock提供者 ======================================== HOSTS 127.0.0.1 localhost [/CODE]