[CODE] 2008-12-29,20:32:07 SysLog Scanner 1.0 - build 20080726 Arswp (http://www.arswp.com) Windows XP Professional Service Pack 3 (build 2600) - Administrators ======================================== 注册项 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <"E:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun> [(Verified)DT Soft Ltd, 4.30.0.0, C:2008-07-17 20:20 M:2008-07-17 20:20] <; "e:\Program Files\Tencent\QQDownload\QQDownload.exe" autostart> [(Verified)Tencent Technology (Shenzhen) Company Limited, 1, 9, 252, 252, C:2007-10-10 13:43 M:2007-12-11 11:53] <金山清理专家实时保护><"e:\Program Files\Kingsoft Antispy\monitor\kastray.exe"> [(Verified)Kingsoft Corporation, 2008,11,14,88, C:2008-11-14 12:16 M:2008-11-14 12:16] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2008-04-13 19:14 M:2008-04-13 19:14|NVIDIA Corporation, 6.14.11.6375, C:2008-07-12 13:28 M:2007-10-04 17:14] <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)360安全中心, 2, 4, 2, 1002, C:2008-12-01 10:30 M:2008-12-01 10:30] [N/A, C:2008-07-12 13:30 M:2007-12-05 01:41] [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2008-04-13 19:14 M:2008-04-13 19:14|NVIDIA Corporation, 6.14.11.6375, C:2008-07-12 13:28 M:2007-10-04 17:14] <360Safetray> [(Verified)奇虎网, 5, 0, 0, 1002, C:2008-08-25 14:12 M:2008-08-25 14:12] <"C:\Program Files\Java\jre6\bin\jusched.exe"> [(Verified)Sun Microsystems, Inc., 6.0.110.3, C:2008-11-22 10:35 M:2008-11-10 05:43] <"e:\Program Files\Rising\Rav\RsTray.exe" -system> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.21, C:2008-12-19 00:20 M:2008-12-18 21:14] <"f:\Program Files\Rising\AntiSpyware\rstray.exe" /startup> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.16, C:2008-12-19 00:37 M:2008-12-19 00:37] <; "F:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"> [(Verified)Adobe Systems Incorporated, 9.0.0.2008061200, C:2008-06-12 02:38 M:2008-06-12 02:38] <; C:\WINDOWS\FixCamera.exe> [Copyright (C) 2005, 1, 0, 0, 3, C:2008-07-12 13:33 M:2005-12-06 13:08] <; C:\WINDOWS\vsnpstd3.exe> [Copyright 2002-2005, 1, 0, 2, 2, C:2008-07-12 13:33 M:2005-09-05 15:55] <; C:\WINDOWS\tsnpstd3.exe> [版权所有 (C) 2005, 1, 1, 3, 1, C:2008-07-12 13:33 M:2005-11-04 15:05] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-19 00:37 M:2008-12-19 00:37] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{32CD708B-60A7-4C00-9377-D73EAA495F0F}> [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-10-25 16:30 M:2008-12-19 00:18] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&U使用纳米机器人下载并收藏] <> [N/A, C:2008-06-17 13:59 M:2008-06-17 13:59] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&使用快车(FlashGet)下载] <> [N/A, C:2008-11-13 19:53 M:2006-10-27 11:43] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&使用快车(FlashGet)下载全部链接] <> [N/A, C:2008-11-13 19:53 M:2000-02-06 11:06] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&使用超级旋风下载] <> [N/A, C:2008-08-27 17:09 M:2008-11-21 15:47] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&使用超级旋风下载全部链接] <> [N/A, C:2007-01-16 17:34 M:2008-11-21 15:47] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&使用超级旋风下载本页视频] <> [N/A, C:2008-09-27 18:34 M:2008-09-27 18:34] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\Add to QQ Customized Emoticons] <><> [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\Add to QQ Customized Panel] <><> [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\Send Picture with QQ MMS] <><> [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用 Mega 管理器下载链接...] <><> [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载] <> [N/A, C:2008-07-12 13:28 M:2007-12-10 14:17] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载全部链接] <> [N/A, C:2008-07-12 13:28 M:2007-12-10 14:17] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\导出到 Microsoft Office Excel(&X)] <> [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\添加到QQ表情] <> [N/A, C:2008-06-30 17:14 M:2008-06-30 17:14] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2008-04-13 19:14 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 19:13 M:2008-04-13 19:13|(Verified)N/A, C:2008-04-13 18:57 M:2008-04-13 18:57] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2008-04-13 19:14 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 19:13 M:2008-04-13 19:13|(Verified)N/A, C:2008-04-13 18:57 M:2008-04-13 18:57] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}] <启动迅雷5> [Thunder Networking Technologies,LTD, 5, 6, 8, 19, C:2008-07-12 13:28 M:2008-04-28 11:20] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{95B3F550-91C4-4627-BCC4-521288C52977}] [(Verified)N/A, C:2008-07-12 13:28 M:2007-03-16 13:46] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{D6E814A0-E0C5-11d4-8D29-0050BA6940E3}] <快车> [FlashGet.com, 1, 8, 2, 1001, C:2008-11-13 19:53 M:2007-03-21 15:40] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MenuExt\添加到QQ表情] <> [N/A, C:2008-12-20 21:48 M:2008-12-20 21:48] ======================================== 启动项 ======================================== 计划任务 ======================================== 组件 ShellExecuteHook [ShlExecHack Class] {32CD708B-60A7-4C00-9377-D73EAA495F0F} [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-10-25 16:30 M:2008-12-19 00:18] Shell Extension [Display Panning CPL Extension] {42071714-76d4-11d1-8b24-00a0c9068ff3} [] [Microsoft Agent Character Property Sheet Handler] {143A62C8-C33B-11D1-84FE-00C04FA34A14} [Microsoft Corporation, 2.00.0.2115, C:1998-09-15 17:21 M:1998-09-15 17:21] [WinRAR shell extension] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2008-07-12 13:28 M:2007-09-26 10:42] [Desktop Explorer] {1CDB2949-8F65-4355-8456-263E7C208A5D} [N/A, C:2008-07-12 13:30 M:2007-12-05 01:41] [Desktop Explorer Menu] {1E9B04FB-F9E5-4718-997B-B8DA88302A47} [N/A, C:2008-07-12 13:30 M:2007-12-05 01:41] [nView Desktop Context Menu] {1E9B04FB-F9E5-4718-997B-B8DA88302A48} [N/A, C:2008-07-12 13:30 M:2007-12-05 01:41] [NvCpl DesktopContext Class] {A70C977A-BF00-412C-90B7-034C51DA2439} [NVIDIA Corporation, 6.14.11.6375, C:2008-07-12 13:28 M:2007-10-04 17:14] [Play on my TV helper] {FFB699E0-306A-11d3-8BD1-00104B6F7516} [NVIDIA Corporation, 6.14.11.6375, C:2008-07-12 13:28 M:2007-10-04 17:14] [7-Zip Shell Extension] {23170F69-40C1-278A-1000-000100020000} [Igor Pavlov, 4.60 beta, C:2008-08-19 17:21 M:2008-08-19 17:21] [PicaView] {68f32140-2ca3-11d0-acc1-444553540000} [ACD Systems, Ltd., 2, 0, 0, 78, C:2004-02-22 23:10 M:2004-02-22 23:10] [RISING] {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-10-25 16:30 M:2008-12-19 00:18] [EditPlus 3] {36D94110-787C-4828-9C1B-0DAFEBC36069} [(Verified)N/A, C:2008-12-19 22:58 M:2008-12-02 13:22] Protocols [] {BBCA9F81-8F4F-11D2-90FF-0080C83D3571} [N/A, C:2008-11-10 17:44 M:2008-11-10 17:44] BrowserHelperObject [QQCycloneHelper Class] {00000000-12C9-4305-82F9-43058F20E8D2} [(Verified)腾讯公司, 1, 9, 252, 252, C:2007-12-11 11:53 M:2007-12-11 11:53] [ThunderAtOnce Class] {01443AEC-0FD1-40fd-9C87-E93D1494C233} [(Verified)Thunder Networking Technologies,LTD, 1.0.5.29, C:2008-07-12 13:28 M:2008-04-07 15:40] [Adobe PDF Link Helper] {18DF081C-E8AD-4283-A596-FA578C2EBDC3} [(Verified)Adobe Systems Incorporated, 9.0.0.2008061100, C:2008-06-11 22:33 M:2008-06-11 22:33] [FGCatchUrl] {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} [(Verified)www.flashget.com, 1, 8, 1, 1006, C:2008-11-13 19:53 M:2007-01-29 17:46] [Java(tm) Plug-In SSV Helper] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [(Verified)Sun Microsystems, Inc., 6.0.110.3, C:2008-11-22 10:35 M:2008-11-10 05:43] [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2008-07-12 13:28 M:2008-04-29 14:42] [卡卡上网安全助手] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-12-19 00:37 M:2008-12-19 00:37] [SafeMon Class] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42] [kingsoft browser shield] {D963BE1A-6B35-47DB-B002-49FAE71D85CC} [(Verified)Kingsoft Corporation, 2008,04,15,2, C:2008-10-30 10:47 M:2008-10-30 10:47] [Java(tm) Plug-In 2 SSV Helper] {DBC80044-A445-435b-BC74-9C25C1C588A9} [Sun Microsystems, Inc., 6.0.110.3, C:2008-11-22 10:35 M:2008-11-10 05:43] [JQSIEStartDetectorImpl Class] {E7E6F031-17CE-4C07-BC86-EABFE594F69C} [Sun Microsystems, Inc., 6.0.110.3, C:2008-11-22 10:35 M:2008-11-10 05:43] [FlashGet GetFlash Class] {F156768E-81EF-470C-9057-481BA8380DBA} [(Verified)www.flashget.com, 1, 8, 1, 1002, C:2008-11-13 19:53 M:2007-01-15 11:40] ToolBar [瑞星卡卡工具条(&R)] {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 3, C:2008-12-19 00:37 M:2008-12-19 00:37] ActiveX Extension [QQCycloneHelper Class] {00000000-12C9-4305-82F9-43058F20E8D2} [(Verified)腾讯公司, 1, 9, 252, 252, C:2007-12-11 11:53 M:2007-12-11 11:53] [ThunderAtOnce Class] {01443AEC-0FD1-40FD-9C87-E93D1494C233} [(Verified)Thunder Networking Technologies,LTD, 1.0.5.29, C:2008-07-12 13:28 M:2008-04-07 15:40] [Adobe PDF Link Helper] {18DF081C-E8AD-4283-A596-FA578C2EBDC3} [(Verified)Adobe Systems Incorporated, 9.0.0.2008061100, C:2008-06-11 22:33 M:2008-06-11 22:33] [FGCatchUrl] {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} [(Verified)www.flashget.com, 1, 8, 1, 1006, C:2008-11-13 19:53 M:2007-01-29 17:46] [IEBuddyExtControl Class] {3AECD3C1-7085-4731-96DC-47B6CF7EF749} [(Verified)Kingsoft Corporation, 2008,11,14,84, C:2008-11-14 08:52 M:2008-11-14 08:52] [Thunder Agent Class] {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} [Thunder Networking Technologies,LTD, 5, 0, 4, 23, C:2008-07-12 13:28 M:2007-12-10 14:17] [StormPlayer Object] {6BE52E1D-E586-474F-A6E2-1A85A9B4D9FB} [(Verified)北京暴风网际科技有限公司, 3, 8, 3, 27, C:2008-07-12 13:28 M:2008-03-25 15:10] [Java(tm) Plug-In SSV Helper] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [(Verified)Sun Microsystems, Inc., 6.0.110.3, C:2008-11-22 10:35 M:2008-11-10 05:43] [360SafeLive] {87515F61-A66C-4319-A0E0-D416CB8059E3} [(Verified)360.cn, 1, 0, 1, 1029, C:2008-11-25 09:42 M:2008-11-25 09:42] [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2008-07-12 13:28 M:2008-04-29 14:42] [卡卡上网安全助手] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-12-19 00:37 M:2008-12-19 00:37] [SafeMon Class] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42] [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [(Verified)Adobe Systems, Inc., 10,0,12,36, C:2008-10-05 11:16 M:2008-10-05 11:16] [kingsoft browser shield] {D963BE1A-6B35-47DB-B002-49FAE71D85CC} [(Verified)Kingsoft Corporation, 2008,04,15,2, C:2008-10-30 10:47 M:2008-10-30 10:47] [瑞星卡卡工具条(&R)] {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 3, C:2008-12-19 00:37 M:2008-12-19 00:37] [Java(tm) Plug-In 2 SSV Helper] {DBC80044-A445-435B-BC74-9C25C1C588A9} [Sun Microsystems, Inc., 6.0.110.3, C:2008-11-22 10:35 M:2008-11-10 05:43] [PlayerCtrl Class] {E05BC2A3-9A46-4A32-80C9-023A473F5B23} [(Verified)深圳腾讯科技, 3, 1, 164, 203, C:2008-12-20 21:48 M:2008-12-20 21:48] [JQSIEStartDetectorImpl Class] {E7E6F031-17CE-4C07-BC86-EABFE594F69C} [Sun Microsystems, Inc., 6.0.110.3, C:2008-11-22 10:35 M:2008-11-10 05:43] [FlashGet GetFlash Class] {F156768E-81EF-470C-9057-481BA8380DBA} [(Verified)www.flashget.com, 1, 8, 1, 1002, C:2008-11-13 19:53 M:2007-01-15 11:40] [FGCatchUrl] {FB5DA724-162B-11D3-8B9B-AA70B4B0B524} [(Verified)www.flashget.com, 1, 8, 1, 1006, C:2008-11-13 19:53 M:2007-01-29 17:46] Context Menu [7-Zip] {23170F69-40C1-278A-1000-000100020000} [Igor Pavlov, 4.60 beta, C:2008-08-19 17:21 M:2008-08-19 17:21] [EditPlus 3] {36D94110-787C-4828-9C1B-0DAFEBC36069} [(Verified)N/A, C:2008-12-19 22:58 M:2008-12-02 13:22] [ewido anti-spyware] {8934FCEF-F5B8-468f-951F-78A921CD3920} [Anti-Malware Development a.s., 4, 0, 0, 172, C:2008-12-18 23:53 M:2008-12-19 00:25] [NamipanExt] {5696473A-FC50-4CA7-B87A-AF60201B04DD} [N/A, C:2008-06-17 13:59 M:2008-06-17 13:59] [RisingRavExt] {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-10-25 16:30 M:2008-12-19 00:18] [WinRAR] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2008-07-12 13:28 M:2007-09-26 10:42] ======================================== 服务 [ewido anti-spyware 4.0 guard / ewido anti-spyware 4.0 guard][Stopped/Manual Start] [Anti-Malware Development a.s., 4, 0, 0, 172, C:2008-12-18 23:53 M:2006-06-16 22:38] [Human Interface Device Access / HidServ][Stopped/Disabled] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\hidserv.dll"> [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-13 19:14 M:2008-04-13 19:14] [Windows CardSpace / idsvc][/Manual Start] <"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"> [Microsoft Corporation, 3.0.4506.648 (Winfxred.004506-0648), C:2007-10-11 09:55 M:2007-10-11 09:55] [mezo / mezo][Stopped/Auto Start] [N/A, C:2008-12-29 20:18 M:2008-12-29 20:18] [Net.Tcp Port Sharing Service / NetTcpPortSharing][Stopped/Disabled] <"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"> [Microsoft Corporation, 3.0.4506.648 (Winfxred.004506-0648), C:2007-10-11 09:55 M:2007-10-11 09:55] [NVIDIA Display Driver Service / NVSvc][Running/Auto Start] <%SystemRoot%\system32\nvsvc32.exe> [NVIDIA Corporation, 6.14.11.6375, C:2008-07-12 13:28 M:2007-10-04 17:14] [OracleDBConsoleorcl / OracleDBConsoleorcl][Stopped/Manual Start] [Oracle Corporation, 10.2.0.3.1, C:2008-12-27 15:00 M:2007-09-13 01:03] [OracleDBConsolestore / OracleDBConsolestore][Stopped/Manual Start] [Oracle Corporation, 10.2.0.3.1, C:2008-12-27 15:00 M:2007-09-13 01:03] [OracleJobSchedulerORCL / OracleJobSchedulerORCL][Stopped/Disabled] [N/A, C:2008-12-27 14:55 M:2007-10-03 15:45] [OracleJobSchedulerSTORE / OracleJobSchedulerSTORE][Stopped/Disabled] [N/A, C:2008-12-27 14:55 M:2007-10-03 15:45] [OracleOraDb11g_home1TNSListener / OracleOraDb11g_home1TNSListener][Stopped/Manual Start] [N/A, ] [OracleServiceORCL / OracleServiceORCL][Stopped/Manual Start] [Oracle Corporation, 11.1.0.6.0 Production, C:2008-12-27 14:51 M:2007-10-03 17:42] [OracleServiceSTORE / OracleServiceSTORE][Stopped/Manual Start] [Oracle Corporation, 11.1.0.6.0 Production, C:2008-12-27 14:51 M:2007-10-03 17:42] [Widows Help System / WiHelp32][Stopped/Auto Start] [] [Contrl Center of Storm Media / ccosm][Stopped/Manual Start] [(Verified)北京暴风网际科技有限公司, 3, 8, 3, 15, C:2008-07-12 13:28 M:2008-03-11 14:33] [Java Quick Starter / JavaQuickStarterService][Stopped/Manual Start] <"C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"> [(Verified)Sun Microsystems, Inc., 6.0.110.3, C:2008-11-22 10:35 M:2008-11-10 05:43|N/A, C:2008-11-22 10:35 M:2008-11-10 03:39] [Kingsoft Basic Service / kaccore][Running/Manual Start] <"C:\Program Files\Kingsoft\KAC\Service\kaccore.exe"> [(Verified)Kingsoft Corporation, 2008,12,24,397, C:2008-11-03 08:49 M:2008-12-28 19:17] [Rav Process Communication Center / RavCCenter][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-19 00:20 M:2008-12-18 21:14] [Rising RavTask Manager / RavTask][Running/Auto Start] <"e:\Program Files\Rising\Rav\RavTask.exe" RavTask> [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 22, C:2008-12-19 00:20 M:2008-12-18 21:14] [Rising RealTime Monitor / RsRavMon][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-19 00:20 M:2008-12-18 21:14] [Rising Scan Service / RsScanSrv][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2008-12-19 00:20 M:2008-12-18 21:14] ======================================== 驱动 [NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller / AtcL002][Running/Manual Start] [Atheros Communications, Inc., 2.5.6000.5 built by: WinDDK, C:2008-07-12 13:28 M:2007-08-17 20:01] [Rising TDI Base Driver / BaseTDI][Running/Auto Start] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 5, C:2008-10-25 16:30 M:2008-10-25 16:35] [ewido anti-spyware 4.0 driver / ewido anti-spyware 4.0 driver][Running/System Start] <\??\H:\QQDownload\Ewido Security Suite Plus v4.0.172c 汉化绿色特别版+Ewido病毒库升级程序 最好的防杀木马软件\guard.sys> [N/A, C:2008-12-18 23:53 M:2006-06-16 22:38] [ATK0110 ACPI UTILITY / MTsensor][Running/Manual Start] [1043, 2, 15, 37, C:2008-07-12 13:28 M:2004-08-13 10:56] [nv / nv][Running/Manual Start] [NVIDIA Corporation, 6.14.11.6375, C:2008-07-12 13:28 M:2007-10-04 17:14] [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start] [NVIDIA Corporation, 10.3.0.16 built by: WinDDK, C:2008-03-28 10:43 M:2007-12-07 15:27] [RsAntiSpyware / RsAntiSpyware][Running/Boot Start] [Beijing Rising Technology Co., Ltd., 3, 0, 0, 28, C:2008-10-26 00:33 M:2008-10-26 00:33] [StarForce Protection Environment Driver (version 1.x) / sfdrv01][Running/Boot Start] [Protection Technology, 1.32, C:2005-03-04 01:53 M:2005-03-04 01:53] [StarForce Protection Synchronization Driver (version 2.x) / sfsync02][Running/Boot Start] [Protection Technology, 2.7, C:2004-12-03 18:20 M:2004-12-03 18:20] [SATALink driver accelerator / SiFilter][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\SiWinAcc.sys> [Silicon Image, Inc., 1.0.0.11, C:2008-01-23 17:20 M:2006-08-08 22:19] [SKNFW / SKNFW][Running/System Start] <\??\C:\WINDOWS\system32\Drivers\SKNFW.sys> [N/A, C:2008-11-14 16:20 M:2007-12-17 10:14] [SkyProcs / SkyProcs][Running/Manual Start] <\??\E:\PROGRA~1\SkyNet\Firewall\SkyProcs.sys> [N/A, C:2008-11-14 16:20 M:2006-03-28 15:17] [USB PC Camera (SNPSTD3) / SNPSTD3][Running/Manual Start] [Copyright 2001-2004, 1, 2, 1, 1, C:2008-07-12 13:33 M:2005-11-07 18:38] [sptd / sptd][Running/Boot Start] [N/A, C:2008-10-25 16:07 M:2008-10-25 16:07] [TCP/IP Protocol Driver / Tcpip][Running/System Start] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-24 09:11 M:2008-06-20 19:51] [TorjanFW / TorjanFW][Stopped/Manual Start] <\??\C:\WINDOWS\system32\drivers\TFW.SYS> [] [viamraid / viamraid][Stopped/Boot Start] [VIA Technologies inc,.ltd, 5.1.6000.562, C:2008-01-23 17:20 M:2007-07-17 13:35] [Creative AudioPCI (ES1371,ES1373) (WDM) / es1371][Stopped/Manual Start] [(Verified)Creative Technology Ltd., 5.1.2501.0 built by: WinDDK, C:2008-04-24 15:32 M:2001-08-17 04:19] [Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start] [(Verified)Windows (R) Server 2003 DDK provider, 5.10.01.5013 built by: WinDDK, C:2008-04-13 09:36 M:2008-04-13 09:36] [hookcont / hookcont][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 6, C:2008-12-19 00:20 M:2008-12-18 21:14] [hooksys / hooksys][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 47, C:2008-12-19 00:20 M:2008-12-24 20:25] [Intel AHCI Controller / iaStor7][Running/Boot Start] [(Verified)Intel Corporation, 7.8.0.1012, C:2008-01-23 17:20 M:2007-09-29 23:03] [Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start] [(Verified)Realtek Semiconductor Corp., 5.10.0.5506 built by: WinDDK, C:2008-07-12 13:28 M:2007-11-01 14:38] [AMD PCNET Compatable Adapter Driver / PCnet][Stopped/Manual Start] [(Verified)AMD Inc., 4.38.00 built by: WinDDK, C:2008-04-24 15:32 M:2001-08-17 04:11] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:2004-08-17 20:00 M:2004-08-17 20:00] [RsNTGDI / RsNTGDI][Running/Boot Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-10-25 16:43 M:2008-12-18 21:14] [SafeBoxKrnl / SafeBoxKrnl][Running/System Start] <\??\C:\WINDOWS\system32\drivers\SafeBoxKrnl.sys> [(Verified)360安全中心, 2, 2, 2, 1008, C:2008-11-15 11:33 M:2008-11-15 11:33] [Secdrv / Secdrv][Stopped/Manual Start] [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:2008-04-13 09:39 M:2008-04-13 09:39] [StarForce Protection Environment Driver (version 1.x.a) / sfdrv01a][Running/Boot Start] [(Verified)Protection Technology (StarForce), 1.47, C:2006-07-05 20:46 M:2006-07-05 20:46] [StarForce Protection Helper Driver (version 2.x) / sfhlp02][Running/Boot Start] [(Verified)Protection Technology (StarForce), 2.8, C:2006-06-14 22:56 M:2006-06-14 22:56] [StarForce Protection Synchronization Driver (version 4.x) / sfsync04][Running/Boot Start] [(Verified)Protection Technology (StarForce), 4.14, C:2006-06-15 00:00 M:2006-06-15 00:00] ======================================== 进程 [PID: 640 / SYSTEM] \SystemRoot\System32\smss.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-13 19:14 M:2008-04-13 19:14] [PID: 716 / SYSTEM] \??\C:\WINDOWS\system32\csrss.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-13 19:13 M:2008-04-13 19:13] [PID: 740 / SYSTEM] \??\C:\WINDOWS\system32\winlogon.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2008-04-13 19:14 M:2008-04-13 19:14] C:\WINDOWS\system32\sfc_os.dll [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-24 09:11 M:2008-04-24 09:11] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] [PID: 784 / SYSTEM] C:\WINDOWS\system32\services.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-13 19:14 M:2008-04-13 19:14] [PID: 796 / SYSTEM] C:\WINDOWS\system32\lsass.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2008-04-13 19:14 M:2008-04-13 19:14] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] [PID: 968 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-13 19:14 M:2008-04-13 19:14] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] [PID: 1040 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-13 19:14 M:2008-04-13 19:14] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] [PID: 1148 / SYSTEM] e:\Program Files\Rising\Rav\CCENTER.EXE [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-19 00:20 M:2008-12-18 21:14] e:\Program Files\Rising\Rav\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-19 00:20 M:2008-12-19 00:19] e:\Program Files\Rising\Rav\cnt09.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 37, C:2008-12-19 00:20 M:2008-12-19 00:19] e:\Program Files\Rising\Rav\cnt08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-19 00:20 M:2008-12-19 00:19] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] [PID: 1156 / SYSTEM] C:\WINDOWS\System32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-13 19:14 M:2008-04-13 19:14] C:\WINDOWS\System32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] H:\app\Administrator\product\11.1.0\db_2\bin\oci.dll [Oracle Corporation, 11.1.0.1.0, C:2008-12-27 15:00 M:2007-10-03 18:38] C:\WINDOWS\System32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-10-05 15:39 M:2004-10-05 15:39] [PID: 1264 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-13 19:14 M:2008-04-13 19:14] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] [PID: 1372 / LOCAL SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-13 19:14 M:2008-04-13 19:14] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] [PID: 1412 / SYSTEM] e:\Program Files\Rising\Rav\RavMonD.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-19 00:20 M:2008-12-18 21:14] e:\Program Files\Rising\Rav\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-19 00:20 M:2008-12-19 00:19] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-19 03:14 M:2003-03-19 03:14] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-10-05 15:39 M:2004-10-05 15:39] e:\Program Files\Rising\Rav\moncomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-19 00:20 M:2008-12-19 00:18] e:\Program Files\Rising\Rav\MonBase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2008-12-19 00:20 M:2008-12-18 21:14] e:\Program Files\Rising\Rav\Rslog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.32, C:2008-12-19 00:20 M:2008-12-19 00:19] e:\Program Files\Rising\Rav\mondrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-19 00:20 M:2008-12-19 00:18] e:\Program Files\Rising\Rav\defmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 29, C:2008-12-19 00:20 M:2008-12-19 00:18] e:\Program Files\Rising\Rav\moncom08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-19 00:20 M:2008-12-18 21:14] e:\Program Files\Rising\Rav\MonRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2008-12-19 00:20 M:2008-12-18 21:14] e:\Program Files\Rising\Rav\FileMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 21, C:2008-12-19 00:20 M:2008-12-18 21:14] e:\Program Files\Rising\Rav\MailMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 21, C:2008-10-25 16:30 M:2008-12-19 00:19] e:\Program Files\Rising\Rav\HookWeb.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-19 00:20 M:2008-12-19 00:19] e:\Program Files\Rising\Rav\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-19 00:20 M:2008-12-18 21:14] e:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-19 00:20 M:2008-12-18 21:14] e:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.13, C:2008-12-19 00:20 M:2008-12-18 21:14] e:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-19 00:20 M:2008-12-18 21:14] e:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-19 00:20 M:2008-12-18 21:14] e:\Program Files\Rising\Rav\Hooksys.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 18, C:2008-12-19 00:20 M:2008-12-19 00:18] e:\Program Files\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-12-19 00:20 M:2008-12-18 21:14] e:\Program Files\Rising\Rav\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-12-19 00:20 M:2008-12-18 21:14] e:\Program Files\Rising\Rav\HookCont.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 11, C:2008-12-19 00:20 M:2008-12-18 21:14] e:\Program Files\Rising\Rav\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13, C:2008-12-19 00:20 M:2008-12-25 22:21] e:\Program Files\Rising\Rav\BACore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 17, C:2008-12-19 00:20 M:2008-12-26 20:59] C:\WINDOWS\system32\sfc_os.dll [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-24 09:11 M:2008-04-24 09:11] e:\Program Files\Rising\Rav\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-19 00:20 M:2008-12-18 21:14] e:\Program Files\Rising\Rav\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-19 00:20 M:2008-12-18 21:14] e:\Program Files\Rising\Rav\RSStore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 8, C:2008-12-19 00:20 M:2008-12-18 21:14] e:\Program Files\Rising\Rav\ScanAdd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.14, C:2008-12-19 00:20 M:2008-12-18 21:14] e:\Program Files\Rising\Rav\Scanner.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.32, C:2008-12-19 00:20 M:2008-12-19 00:18] e:\Program Files\Rising\Rav\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-19 00:20 M:2008-12-25 22:21] e:\Program Files\Rising\Rav\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-19 00:20 M:2008-12-18 21:14] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] e:\Program Files\Rising\Rav\ffr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-19 00:20 M:2008-12-18 21:14] e:\Program Files\Rising\Rav\nvfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-19 00:20 M:2008-12-18 21:14] e:\Program Files\Rising\Rav\extfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-19 00:20 M:2008-12-25 22:21] e:\Program Files\Rising\Rav\pearc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-19 00:20 M:2008-12-19 00:18] e:\Program Files\Rising\Rav\scanexec.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-19 00:20 M:2008-12-19 00:18] e:\Program Files\Rising\Rav\unexe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-19 00:20 M:2008-12-18 21:14] e:\Program Files\Rising\Rav\scanex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 15, C:2008-12-19 00:20 M:2008-12-19 00:18] e:\Program Files\Rising\Rav\extmail.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-19 00:20 M:2008-12-19 00:18] e:\Program Files\Rising\Rav\scanpe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-19 00:20 M:2008-12-19 00:18] e:\Program Files\Rising\Rav\ur000.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2008-12-19 00:20 M:2008-12-18 21:14] e:\Program Files\Rising\Rav\revm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-19 00:20 M:2008-12-19 00:18] e:\Program Files\Rising\Rav\urutils.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-19 00:20 M:2008-12-19 00:18] e:\Program Files\Rising\Rav\scriptci.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2008-12-19 00:20 M:2008-12-18 21:14] e:\Program Files\Rising\Rav\uroutine.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-19 00:20 M:2008-12-18 21:14] e:\Program Files\Rising\Rav\scansct.dll [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-19 00:20 M:2008-12-23 19:39] e:\Program Files\Rising\Rav\ur027.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-19 00:20 M:2008-12-18 21:14] e:\Program Files\Rising\Rav\posttrt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-19 00:20 M:2008-12-18 21:14] [PID: 1432 / SYSTEM] C:\WINDOWS\system32\spoolsv.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2008-04-13 19:14 M:2008-04-13 19:14] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] C:\WINDOWS\system32\sfc_os.dll [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-24 09:11 M:2008-04-24 09:11] C:\WINDOWS\System32\spool\PRTPROCS\W32X86\filterpipelineprintproc.dll [Microsoft Corporation, 6.0.6000.16438 (winmain(wmbla).070123-1305), C:2008-10-25 17:31 M:2007-03-22 20:24] [PID: 1632 / SYSTEM] e:\Program Files\Rising\Rav\rsnetsvr.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-19 00:20 M:2008-12-19 00:19] e:\Program Files\Rising\Rav\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.9, C:2008-12-19 00:20 M:2008-12-19 00:19] e:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-19 00:20 M:2008-12-18 21:14] e:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-19 00:20 M:2008-12-18 21:14] e:\Program Files\Rising\Rav\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-19 00:20 M:2008-12-18 21:14] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-10-05 15:39 M:2004-10-05 15:39] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-19 03:14 M:2003-03-19 03:14] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] [PID: 1824 / NETWORK SERVICE] C:\WINDOWS\system32\msdtc.exe [(Verified)Microsoft Corporation, 2001.12.4414.700, C:2008-04-24 15:33 M:2008-04-13 19:14] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-19 00:37 M:2008-12-19 00:37] H:\app\Administrator\product\11.1.0\db_2\bin\oci.dll [Oracle Corporation, 11.1.0.1.0, C:2008-12-27 15:00 M:2007-10-03 18:38] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-10-05 15:39 M:2004-10-05 15:39] [PID: 1908 / SYSTEM] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [(Verified)Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400), C:2007-10-24 01:47 M:2007-10-24 01:47] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-19 00:37 M:2008-12-19 00:37] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] [PID: 1940 / SYSTEM] C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [(Verified)Microsoft Corporation, 2005.090.1399.00, C:2005-10-14 02:51 M:2005-10-14 02:51] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-19 00:37 M:2008-12-19 00:37] C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\Resources\1033\sqlevn70.RLL [Microsoft Corporation, 2005.090.1399.00, C:2005-10-13 23:39 M:2005-10-13 23:39] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-10-25 16:30 M:2008-12-19 00:18] [PID: 2008 / SYSTEM] C:\WINDOWS\system32\nvsvc32.exe [NVIDIA Corporation, 6.14.11.6375, C:2008-07-12 13:28 M:2007-10-04 17:14] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-19 00:37 M:2008-12-19 00:37] C:\WINDOWS\system32\nvapi.dll [NVIDIA Corporation, 6.14.11.6375, C:2008-07-12 13:28 M:2007-10-04 17:14] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] [PID: 2028 / SYSTEM] e:\Program Files\Rising\Rav\RavTask.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 22, C:2008-12-19 00:20 M:2008-12-18 21:14] e:\Program Files\Rising\Rav\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-19 00:20 M:2008-12-18 21:14] e:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-19 00:20 M:2008-12-18 21:14] e:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.13, C:2008-12-19 00:20 M:2008-12-18 21:14] e:\Program Files\Rising\Rav\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-19 00:20 M:2008-12-18 21:14] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-10-05 15:39 M:2004-10-05 15:39] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-19 03:14 M:2003-03-19 03:14] e:\Program Files\Rising\Rav\rsstub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-19 00:20 M:2008-12-18 21:14] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] e:\Program Files\Rising\Rav\rstask.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 33, C:2008-12-19 00:20 M:2008-12-18 21:14] [PID: 180 / SYSTEM] e:\Program Files\Rising\Rav\ScanFrm.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2008-12-19 00:20 M:2008-12-18 21:14] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-19 03:14 M:2003-03-19 03:14] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-10-05 15:39 M:2004-10-05 15:39] e:\Program Files\Rising\Rav\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-12-19 00:20 M:2008-12-19 00:19] e:\Program Files\Rising\Rav\moncomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-12-19 00:20 M:2008-12-19 00:18] e:\Program Files\Rising\Rav\scansrvp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2008-12-19 00:20 M:2008-12-18 21:14] e:\Program Files\Rising\Rav\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-19 00:20 M:2008-12-18 21:14] e:\Program Files\Rising\Rav\ScanSrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.9, C:2008-12-19 00:20 M:2008-12-18 21:14] e:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-19 00:20 M:2008-12-18 21:14] e:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-19 00:20 M:2008-12-18 21:14] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] [PID: 188 / SYSTEM] C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [(Verified)Microsoft Corporation, 2005.090.1399.00, C:2005-10-14 02:51 M:2005-10-14 02:51] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-19 00:37 M:2008-12-19 00:37] [PID: 272 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-13 19:14 M:2008-04-13 19:14] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] [PID: 364 / SYSTEM] C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe [(Verified)Microsoft Corporation, 12.0.5626.1, C:2005-08-26 16:00 M:2005-08-26 16:00] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-19 00:37 M:2008-12-19 00:37] [PID: 1348 / Administrator] C:\WINDOWS\Explorer.EXE [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 19:14 M:2008-04-13 19:14] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-19 00:37 M:2008-12-19 00:37] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-10-25 16:30 M:2008-12-19 00:18] D:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42] C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll [(Verified)Thunder Networking Technologies,LTD, 1.0.5.29, C:2008-07-12 13:28 M:2008-04-07 15:40] C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2008-07-12 13:28 M:2008-04-29 14:42] C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll [Thunder Networking Technologies,LTD, 1, 0, 0, 19, C:2008-07-12 13:28 M:2008-04-23 18:43] C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll [Thunder Networking Technologies,LTD, 1, 0, 0, 16, C:2008-07-12 13:28 M:2008-04-23 18:43] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS [Adobe Systems, Inc., 9.0.0.0, C:2008-06-22 22:23 M:2008-06-22 22:23] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 18:53 M:2008-04-13 18:53] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll [(Verified)Adobe Systems, Inc., 9.0.0.2008061100, C:2008-06-11 22:49 M:2008-06-11 22:49] C:\Program Files\WinRAR\rarext.dll [N/A, C:2008-07-12 13:28 M:2007-09-26 10:42] E:\Program Files\NamiRobot\Data\NamipanExt1.dll [N/A, C:2008-06-17 13:59 M:2008-06-17 13:59] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-10-05 15:39 M:2004-10-05 15:39] H:\QQDownload\Ewido Security Suite Plus v4.0.172c 汉化绿色特别版+Ewido病毒库升级程序 最好的防杀木马软件\context.dll [Anti-Malware Development a.s., 4, 0, 0, 172, C:2008-12-18 23:53 M:2008-12-19 00:25] g:\Program Files\EditPlus 3\eppshell.dll [(Verified)N/A, C:2008-12-19 22:58 M:2008-12-02 13:22] e:\Program Files\7-Zip\7-zip.dll [Igor Pavlov, 4.60 beta, C:2008-08-19 17:21 M:2008-08-19 17:21] C:\WINDOWS\system32\nvcpl.dll [NVIDIA Corporation, 6.14.11.6375, C:2008-07-12 13:28 M:2007-10-04 17:14] C:\WINDOWS\system32\nvapi.dll [NVIDIA Corporation, 6.14.11.6375, C:2008-07-12 13:28 M:2007-10-04 17:14] C:\WINDOWS\system32\nvshell.dll [N/A, C:2008-07-12 13:30 M:2007-12-05 01:41] [PID: 2260 / Administrator] C:\WINDOWS\system32\RUNDLL32.EXE [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2008-04-13 19:14 M:2008-04-13 19:14] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] C:\WINDOWS\system32\NvMcTray.dll [NVIDIA Corporation, 6.14.11.6375, C:2008-07-12 13:28 M:2007-10-04 17:14] C:\WINDOWS\system32\nvapi.dll [NVIDIA Corporation, 6.14.11.6375, C:2008-07-12 13:28 M:2007-10-04 17:14] [PID: 2276 / Administrator] C:\Program Files\Java\jre6\bin\jusched.exe [(Verified)Sun Microsystems, Inc., 6.0.110.3, C:2008-11-22 10:35 M:2008-11-10 05:43] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] [PID: 2288 / Administrator] E:\Program Files\Rising\Rav\RsTray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.21, C:2008-12-19 00:20 M:2008-12-18 21:14] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] E:\Program Files\Rising\Rav\ComServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.49, C:2008-12-19 00:20 M:2008-12-18 21:14] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-19 03:14 M:2003-03-19 03:14] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-10-05 15:39 M:2004-10-05 15:39] E:\Program Files\Rising\Rav\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 26, C:2008-12-19 00:20 M:2008-12-19 00:18] E:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-19 00:20 M:2008-12-18 21:14] E:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-19 00:20 M:2008-12-18 21:14] E:\Program Files\Rising\Rav\rsxml.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-19 00:20 M:2008-12-18 21:14] E:\Program Files\Rising\Rav\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2008-12-19 00:20 M:2008-12-18 21:14] E:\Program Files\Rising\Rav\MonState.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2008-12-19 00:20 M:2008-12-18 21:14] E:\Program Files\Rising\Rav\ScanEvnt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.12, C:2008-12-19 00:20 M:2008-12-18 21:14] E:\Program Files\Rising\Rav\rsvrinfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2008-12-19 00:20 M:2008-12-18 21:14] E:\Program Files\Rising\Rav\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-19 00:20 M:2008-12-18 21:14] E:\Program Files\Rising\Rav\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2008-12-19 00:20 M:2008-12-18 21:14] E:\Program Files\Rising\Rav\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-19 00:20 M:2008-12-25 22:21] E:\Program Files\Rising\Rav\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-19 00:20 M:2008-12-18 21:14] E:\Program Files\Rising\Rav\rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 69, C:2008-12-19 00:20 M:2008-12-19 00:18] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2008-10-25 16:59 M:2008-10-25 16:50] E:\Program Files\Rising\Rav\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2008-12-19 00:20 M:2008-12-18 21:14] E:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2008-12-19 00:20 M:2008-12-18 21:14] E:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.13, C:2008-12-19 00:20 M:2008-12-18 21:14] E:\Program Files\Rising\Rav\rspalvd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.19, C:2008-12-19 00:20 M:2008-12-19 00:18] E:\Program Files\Rising\Rav\ravbintl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24, C:2008-12-19 00:20 M:2008-12-19 00:18] E:\Program Files\Rising\Rav\mruleui.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10, C:2008-12-19 00:20 M:2008-12-19 00:18] E:\Program Files\Rising\Rav\MonTray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.85, C:2008-12-19 00:20 M:2008-12-19 00:18] E:\Program Files\Rising\Rav\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2008-12-19 00:20 M:2008-12-18 21:14] E:\Program Files\Rising\Rav\RavITray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 19, C:2008-12-19 00:20 M:2008-12-18 21:14] E:\Program Files\Rising\Rav\ScanPrxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.13, C:2008-12-19 00:20 M:2008-12-18 21:14] E:\Program Files\Rising\Rav\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10, C:2008-12-19 00:20 M:2008-12-19 00:18] [PID: 2296 / Administrator] F:\Program Files\Rising\AntiSpyware\rstray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.16, C:2008-12-19 00:37 M:2008-12-19 00:37] F:\Program Files\Rising\AntiSpyware\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 8, C:2008-12-19 00:37 M:2008-12-19 00:37] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] F:\Program Files\Rising\AntiSpyware\RsXML.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-12-19 00:37 M:2008-12-19 00:37] F:\Program Files\Rising\AntiSpyware\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-12-19 00:37 M:2008-12-19 00:37] F:\Program Files\Rising\AntiSpyware\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2008-12-19 00:37 M:2008-12-19 00:37] F:\Program Files\Rising\AntiSpyware\ComServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.31, C:2008-12-19 00:37 M:2008-12-19 00:37] F:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-19 00:37 M:2008-12-19 00:37] F:\Program Files\Rising\AntiSpyware\rscommon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.1.1, C:2008-12-19 00:37 M:2008-12-19 00:37] F:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-19 00:37 M:2008-12-19 00:37] F:\Program Files\Rising\AntiSpyware\pngdll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-12-19 00:37 M:2008-12-19 00:37] F:\Program Files\Rising\AntiSpyware\runiep.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.42, C:2008-12-19 00:37 M:2008-12-19 00:43] F:\Program Files\Rising\AntiSpyware\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.11, C:2008-12-19 00:37 M:2008-12-19 00:43] e:\Program Files\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-12-19 00:20 M:2008-12-18 21:14] F:\Program Files\Rising\AntiSpyware\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-12-19 00:37 M:2008-12-19 00:37] [PID: 2312 / Administrator] C:\WINDOWS\system32\ctfmon.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2008-04-13 19:13 M:2008-04-13 19:13] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] D:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42] [PID: 2352 / Administrator] E:\Program Files\DAEMON Tools Lite\daemon.exe [(Verified)DT Soft Ltd, 4.30.0.0, C:2008-07-17 20:20 M:2008-07-17 20:20] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] D:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42] E:\Program Files\DAEMON Tools Lite\DaemonPlugin.dll [(Verified)DT Soft Ltd, 4.12.0.0, C:2008-07-17 20:20 M:2008-07-17 20:20] E:\Program Files\DAEMON Tools Lite\daemon.dll [(Verified)DT Soft Ltd., 4.30.0.0, C:2008-07-14 15:20 M:2008-07-14 15:20] E:\Program Files\DAEMON Tools Lite\imgengine.dll [(Verified)DT Soft Ltd., 1.16.0.0, C:2008-07-14 09:22 M:2008-07-14 09:22] E:\Program Files\DAEMON Tools Lite\pfctoc.dll [Padus(R), Inc., 1, 0, 0, 12, C:2007-11-09 18:39 M:2007-11-09 18:39] E:\Program Files\DAEMON Tools Lite\Lang\CHS.dll [N/A, C:2008-07-17 20:20 M:2008-07-17 20:20] E:\Program Files\DAEMON Tools Lite\Lang\ENU.dll [N/A, C:2008-07-17 20:20 M:2008-07-17 20:20] E:\Program Files\DAEMON Tools Lite\Plugins\ISOmaker.dll [DT Soft Ltd, 1.0.0.0, C:2008-06-18 20:51 M:2008-06-18 20:51] [PID: 2640 / Administrator] E:\Program Files\Kingsoft Antispy\monitor\kastray.exe [(Verified)Kingsoft Corporation, 2008,11,14,88, C:2008-11-14 12:16 M:2008-11-14 12:16] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] D:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42] E:\Program Files\Kingsoft Antispy\monitor\kaspop.dll [(Verified)Kingsoft Corporation, 2008,11,14,93, C:2008-11-14 17:35 M:2008-11-14 17:35] [PID: 2708 / SYSTEM] C:\Program Files\Kingsoft\KAC\Service\kaccore.exe [(Verified)Kingsoft Corporation, 2008,12,24,397, C:2008-11-03 08:49 M:2008-12-28 19:17] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] C:\Program Files\Kingsoft\KAC\Service\corehelper.dll [(Verified)Kingsoft Corporation, 2008,10,20,303, C:2008-10-20 17:35 M:2008-10-20 17:35] [PID: 3136 / Administrator] E:\PROGRA~1\KINGSO~1\monitor\kudiskmon.exe [(Verified)Kingsoft Corporation, 2008,11,10,55, C:2008-11-12 22:15 M:2008-11-12 22:15] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] D:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42] [PID: 3272 / SYSTEM] C:\WINDOWS\System32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-13 19:14 M:2008-04-13 19:14] C:\WINDOWS\System32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] [PID: 1208 / Administrator] E:\Program Files\China Mobile\Fetion\FetionFX.exe [China Mobile, 3.3.0370.0, C:2008-07-30 13:26 M:2008-07-30 13:26] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-19 00:37 M:2008-12-19 00:37] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\32e6f703c114f3a971cbe706586e3655\mscorlib.ni.dll [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400), C:2008-10-25 18:06 M:2008-10-25 18:06] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] D:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\ba0e3a22211ba7343e0116b051f2965a\System.ni.dll [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400), C:2008-10-25 18:06 M:2008-10-25 18:06] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e83aac37b2623f1a24c70979f31dd56\System.Drawing.ni.dll [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400), C:2008-10-25 18:08 M:2008-10-25 18:08] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3d8c79c45aa674e43f075e2e66b8caf5\System.Windows.Forms.ni.dll [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400), C:2008-10-25 18:08 M:2008-10-25 18:08] E:\Program Files\China Mobile\Fetion\ImpsControls.dll [China Mobile, 3.0.0.0, C:2008-07-30 13:26 M:2008-07-30 13:26] E:\Program Files\China Mobile\Fetion\ImpsPcBase.dll [China Mobile, 3.0.0.0, C:2008-07-30 13:26 M:2008-07-30 13:26] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\c98cb65a79cfccb44ea727ebe4593ede\System.Xml.ni.dll [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400), C:2008-10-25 18:08 M:2008-10-25 18:08] E:\Program Files\China Mobile\Fetion\ImpsClientBase.dll [China Mobile, 3.0.0.0, C:2008-07-30 13:26 M:2008-07-30 13:26] E:\Program Files\China Mobile\Fetion\ImpsClientUtils.dll [China Mobile, 3.0.0.0, C:2008-07-30 13:26 M:2008-07-30 13:26] E:\Program Files\China Mobile\Fetion\ImpsClientResource.dll [China Mobile, 3.0.0.0, C:2008-07-30 13:26 M:2008-07-30 13:26] E:\Program Files\China Mobile\Fetion\ImpsClientCore.dll [China Mobile, 3.0.0.0, C:2008-07-30 13:26 M:2008-07-30 13:26] E:\Program Files\China Mobile\Fetion\ImpsBase.dll [China Mobile, 3.0.0.0, C:2008-07-30 13:26 M:2008-07-30 13:26] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\eee9b48577689e92db5a7b5c5de98d9b\System.Configuration.ni.dll [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400), C:2008-10-25 19:11 M:2008-10-25 19:11] C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_zh-CHS_b77a5c561934e089\System.Windows.Forms.resources.dll [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400), C:2008-10-25 17:32 M:2008-10-25 17:32] E:\Program Files\China Mobile\Fetion\NCindy.dll [China Mobile, 3.0.0.0, C:2008-07-30 13:26 M:2008-07-30 13:26] C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_zh-CHS_b77a5c561934e089\mscorlib.resources.dll [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400), C:2008-10-25 17:32 M:2008-10-25 17:32] E:\Program Files\China Mobile\Fetion\Interop.DynamicGifCtlLib.dll [ , 1.0.0.0, C:2008-07-30 13:23 M:2008-07-30 13:23] E:\Program Files\China Mobile\Fetion\ImpsPcCommLayer.dll [China Mobile, 3.0.0.0, C:2008-07-30 13:26 M:2008-07-30 13:26] E:\Program Files\China Mobile\Fetion\ImpsClientData.dll [China Mobile, 3.0.0.0, C:2008-07-30 13:26 M:2008-07-30 13:26] C:\WINDOWS\assembly\GAC_MSIL\System.resources\2.0.0.0_zh-CHS_b77a5c561934e089\System.resources.dll [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400), C:2008-10-25 17:32 M:2008-10-25 17:32] E:\Program Files\China Mobile\Fetion\SQLite.Interop.DLL [Released to the public domain, 1.0.44.0, C:2008-07-30 13:23 M:2008-07-30 13:23] E:\Program Files\China Mobile\Fetion\sensmon.dll [China Mobile, 1.0.0.1, C:2008-07-30 13:23 M:2008-07-30 13:23] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 18:53 M:2008-04-13 18:53] e:\Program Files\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.48, C:2008-10-25 16:30 M:2008-12-26 21:00] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-19 03:14 M:2003-03-19 03:14] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-10-05 15:39 M:2004-10-05 15:39] [PID: 1284 / Administrator] D:\Program Files\Tencent\QQ2009\Bin\QQ.exe [(Verified)Tencent, 1, 20, 346, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Bin\Common.dll [(Verified)Tencent, 1, 15, 305, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.DLL [Microsoft Corporation, 8.00.50727.762, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Bin\KernelUtil.dll [(Verified)Tencent, 1, 15, 305, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-19 00:37 M:2008-12-19 00:37] f:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-19 00:37 M:2008-12-19 00:37] f:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-19 00:37 M:2008-12-19 00:37] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] D:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42] D:\Program Files\Tencent\QQ2009\Bin\GF.dll [(Verified)Tencent, 1, 15, 305, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Bin\AppUtil.dll [(Verified)Tencent, 1, 20, 346, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Bin\MainFrame.dll [(Verified)Tencent, 1, 20, 346, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Bin\TaskTray.dll [(Verified)Tencent, 1, 20, 346, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] d:\Program Files\Tencent\QQ2009\Bin\TXPFProxy.dll [(Verified)N/A, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Bin\AppMisc.dll [(Verified)Tencent, 1, 20, 346, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Bin\ChatFrame.dll [(Verified)Tencent, 1, 20, 346, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Bin\ConfigCenter.dll [(Verified)Tencent, 1, 20, 346, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Bin\CustomFace.dll [(Verified)Tencent, 1, 20, 346, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Bin\IM.dll [(Verified)Tencent, 1, 15, 305, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Bin\KernelMisc.dll [(Verified)Tencent, 1, 15, 305, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Bin\LongCnn.dll [(Verified)Tencent, 1, 15, 305, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Bin\ContactInfoFrame.dll [(Verified)Tencent, 1, 20, 346, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Bin\MsgMgr.dll [(Verified)Tencent, 1, 20, 346, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Bin\SkinMgr.dll [(Verified)TODO: , 1, 20, 346, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Bin\QInterLive.dll [(Verified)TODO: , 1, 20, 346, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Bin\AppCtrl.dll [(Verified)TODO: , 1, 20, 346, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Bin\SystemMsg.dll [(Verified)Tencent, 1, 20, 346, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] C:\Program Files\Common Files\Tencent\TXSSO\Bin\SSOPlatform.dll [(Verified)Tencent, 1.0.1.14, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Plugin\Com.Tencent.AudioVideo\Bin\AudioVideo.dll [(Verified)Tencent, 1, 20, 346, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Plugin\Com.Tencent.PaiPai\Bin\PaiPai.dll [(Verified)TODO: , 1, 20, 346, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Plugin\Com.Tencent.Weather\Bin\Weather.dll [(Verified)TODO: , 1, 20, 346, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Plugin\Com.Tencent.Soso\Bin\Soso.dll [(Verified)TODO: , 1, 20, 346, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Plugin\Com.Tencent.QQShow\Bin\FlashAvatarDll.dll [(Verified)TODO: , 1.0.0.1, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Plugin\Com.Tencent.SoBar\Bin\SoBar.dll [(Verified)TODO: , 1, 20, 346, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Plugin\Com.Tencent.Qzone\Bin\Qzone.dll [(Verified)Tencent, 1, 20, 346, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Plugin\Com.Tencent.MMOG\Bin\MMOG.dll [(Verified)TODO: , 1, 20, 346, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx [(Verified)Adobe Systems, Inc., 10,0,12,36, C:2008-10-05 11:16 M:2008-10-05 11:16] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 18:53 M:2008-04-13 18:53] C:\WINDOWS\system32\msdmo.dll [(Verified)N/A, C:2008-04-13 19:13 M:2008-04-13 19:13] D:\Program Files\Tencent\QQ2009\Plugin\com.tencent.paipaigift\Bin\PaiPaiGift.dll [(Verified)TODO: , 1, 20, 346, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Plugin\com.tencent.qqchat\Bin\QQChat.dll [(Verified)TODO: , 1, 20, 346, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Plugin\com.tencent.qqgame\Bin\QQGame.dll [(Verified)TODO: , 1, 20, 346, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Plugin\com.tencent.qqlive\Bin\QQLive.dll [(Verified)TODO: , 1, 20, 346, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Plugin\com.tencent.qqmusic\Bin\QQMusic.dll [(Verified)TODO: , 1, 20, 346, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Plugin\com.tencent.qqshow\Bin\QQShow.dll [(Verified)Tencent, 1, 20, 346, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Plugin\com.tencent.taotao\Bin\taotao.dll [(Verified)TODO: , 1, 20, 346, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Plugin\com.tencent.paycenter\Bin\PayCenter.dll [(Verified)Tencent, 1, 20, 346, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Plugin\com.tencent.qqpet\Bin\QQPet.dll [(Verified)TODO: , 1, 20, 346, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Plugin\com.tencent.wenwen\Bin\WenWen.dll [(Verified)TODO: , 1, 20, 346, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Plugin\com.tencent.wireless\Bin\Wireless.dll [(Verified)TODO: , 1, 20, 346, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Plugin\com.tencent.mail\Bin\Mail.dll [(Verified)TODO: , 1, 20, 346, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Plugin\com.tencent.qbar\Bin\QBar.dll [(Verified)TODO: , 1, 20, 346, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Plugin\com.tencent.advertisement\Bin\Advertisement.dll [(Verified)Tencent, 1, 20, 346, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Bin\vqqsdl.dll [(Verified)Tencent Technology (Shenzhen) Company Limited, 5, 0, 3, 21, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Plugin\com.tencent.today\Bin\Today.dll [(Verified)Tencent, 1, 20, 346, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] D:\Program Files\Tencent\QQ2009\Plugin\com.tencent.qqring\Bin\QQRing.dll [(Verified)TODO: , 1, 20, 346, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] C:\WINDOWS\system32\GOOGLEPINYIN.IME [Google Inc., C:2008-10-17 16:38 M:2008-10-17 16:38] D:\Program Files\Tencent\QQ2009\Plugin\com.tencent.filetransfer\Bin\FileTransfer.dll [(Verified)Tencent, 1, 20, 346, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] e:\Program Files\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.48, C:2008-10-25 16:30 M:2008-12-26 21:00] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-19 03:14 M:2003-03-19 03:14] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-10-05 15:39 M:2004-10-05 15:39] C:\Program Files\Microsoft Silverlight\npctrl.1.0.30716.0.dll [(Verified) Microsoft Corporation, 1.0.30716.0, C:2008-07-15 22:32 M:2008-07-15 22:32] [PID: 1308 / Administrator] C:\Program Files\Internet Explorer\iexplore.exe [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 15:34 M:2008-04-13 19:14] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-19 00:37 M:2008-12-19 00:37] f:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-19 00:37 M:2008-12-19 00:37] f:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-19 00:37 M:2008-12-19 00:37] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] D:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42] e:\Program Files\Tencent\QQDownload\QQIEHelper02.dll [(Verified)腾讯公司, 1, 9, 252, 252, C:2007-12-11 11:53 M:2007-12-11 11:53] C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll [(Verified)Thunder Networking Technologies,LTD, 1.0.5.29, C:2008-07-12 13:28 M:2008-04-07 15:40] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [(Verified)Adobe Systems Incorporated, 9.0.0.2008061100, C:2008-06-11 22:33 M:2008-06-11 22:33] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [(Verified)Adobe Systems Incorporated, 9.0.0.2008061100, C:2008-06-11 22:33 M:2008-06-11 22:33] C:\Program Files\Java\jre6\bin\ssv.dll [(Verified)Sun Microsystems, Inc., 6.0.110.3, C:2008-11-22 10:35 M:2008-11-10 05:43] C:\Program Files\Java\jre6\bin\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2008-11-22 10:35 M:2008-11-22 10:35] C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2008-07-12 13:28 M:2008-04-29 14:42] C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll [Thunder Networking Technologies,LTD, 1, 0, 0, 19, C:2008-07-12 13:28 M:2008-04-23 18:43] C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll [Thunder Networking Technologies,LTD, 1, 0, 0, 16, C:2008-07-12 13:28 M:2008-04-23 18:43] C:\WINDOWS\system32\UrlFilter.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-12-19 00:37 M:2008-12-19 00:37] f:\Program Files\Rising\AntiSpyware\UrlRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1.0.0.15, C:2008-12-19 00:37 M:2008-12-19 00:37] E:\PROGRA~1\KINGSO~1\KASBrowserShield.DLL [(Verified)Kingsoft Corporation, 2008,04,15,2, C:2008-10-30 10:47 M:2008-10-30 10:47] E:\PROGRA~1\KINGSO~1\IEBuddy.dll [(Verified)Kingsoft Corporation, 2008,10,31,32, C:2008-10-31 17:29 M:2008-10-31 17:29] E:\PROGRA~1\KINGSO~1\IEBuddyExt.DLL [(Verified)Kingsoft Corporation, 2008,11,14,84, C:2008-11-14 08:52 M:2008-11-14 08:52] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL [Microsoft Corporation, 8.00.50727.762, C:2008-12-20 21:48 M:2008-12-20 21:48] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80CHS.DLL [Microsoft Corporation, 8.00.50727.762, C:2008-12-20 21:48 M:2008-12-20 21:48] E:\PROGRA~1\KINGSO~1\kis.dll [(Verified)Kingsoft Corporation, 2008,08,12,55, C:2008-10-30 10:47 M:2008-10-30 10:47] E:\PROGRA~1\KINGSO~1\KANTray.dll [(Verified)Kingsoft Corporation, 2008,06,24,415, C:2008-10-30 10:47 M:2008-10-30 10:47] E:\PROGRA~1\KINGSO~1\KAVAFish.DLL [(Verified)Kingsoft Corporation, 2008,11,14,94, C:2008-11-14 17:49 M:2008-11-14 17:49] C:\Program Files\Java\jre6\bin\jp2ssv.dll [Sun Microsystems, Inc., 6.0.110.3, C:2008-11-22 10:35 M:2008-11-10 05:43] C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [Sun Microsystems, Inc., 6.0.110.3, C:2008-11-22 10:35 M:2008-11-10 05:43] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 18:53 M:2008-04-13 18:53] e:\Program Files\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.48, C:2008-10-25 16:30 M:2008-12-26 21:00] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-19 03:14 M:2003-03-19 03:14] C:\WINDOWS\system32\GOOGLEPINYIN.IME [Google Inc., C:2008-10-17 16:38 M:2008-10-17 16:38] [PID: 2620 / Administrator] d:\Program Files\Tencent\QQ2009\Bin\TXPlatform.exe [(Verified)Tencent, 1, 15, 305, 0, C:2008-12-20 21:48 M:2008-12-20 21:48] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-19 00:37 M:2008-12-19 00:37] f:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-19 00:37 M:2008-12-19 00:37] f:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-19 00:37 M:2008-12-19 00:37] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] D:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42] d:\Program Files\Tencent\QQ2009\Bin\TXPFProxy.dll [(Verified)N/A, C:2008-12-20 21:48 M:2008-12-20 21:48] [PID: 1120 / SYSTEM] C:\WINDOWS\system32\cmd.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-13 19:13 M:2008-04-13 19:13] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-19 00:37 M:2008-12-19 00:37] f:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-19 00:37 M:2008-12-19 00:37] f:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-19 00:37 M:2008-12-19 00:37] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-10-25 16:30 M:2008-12-19 00:18] [PID: 3748 / SYSTEM] C:\WINDOWS\system32\cmd.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-13 19:13 M:2008-04-13 19:13] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-19 00:37 M:2008-12-19 00:37] f:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-19 00:37 M:2008-12-19 00:37] f:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-19 00:37 M:2008-12-19 00:37] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-10-25 16:30 M:2008-12-19 00:18] [PID: 3880 / SYSTEM] C:\WINDOWS\system32\cmd.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-13 19:13 M:2008-04-13 19:13] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-19 00:37 M:2008-12-19 00:37] f:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-19 00:37 M:2008-12-19 00:37] f:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-19 00:37 M:2008-12-19 00:37] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-10-25 16:30 M:2008-12-19 00:18] [PID: 4052 / Administrator] C:\Documents and Settings\Administrator\桌面\XDelBox1[1].8剑盟版\XDelBox.exe [草莽书生, 1.8.0.0, C:2008-12-28 17:44 M:2008-10-06 20:56] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-19 00:37 M:2008-12-19 00:37] f:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-19 00:37 M:2008-12-19 00:37] f:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-19 00:37 M:2008-12-19 00:37] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] D:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 18:53 M:2008-04-13 18:53] e:\Program Files\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.48, C:2008-10-25 16:30 M:2008-12-26 21:00] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-19 03:14 M:2003-03-19 03:14] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-10-05 15:39 M:2004-10-05 15:39] C:\WINDOWS\system32\GOOGLEPINYIN.IME [Google Inc., C:2008-10-17 16:38 M:2008-10-17 16:38] [PID: 148 / SYSTEM] C:\WINDOWS\system32\cmd.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-13 19:13 M:2008-04-13 19:13] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-19 00:37 M:2008-12-19 00:37] f:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-19 00:37 M:2008-12-19 00:37] f:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-19 00:37 M:2008-12-19 00:37] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-10-25 16:30 M:2008-12-19 00:18] [PID: 2224 / Administrator] D:\222\sreng2\SREngLdr.EXE [Smallfrogs Studio, 2.6.12.1018, C:2008-10-25 15:07 M:2008-07-06 15:58] [PID: 1128 / Administrator] D:\222\sreng2\SRE7f32c210.EXE [Smallfrogs Studio, 2.6.12.1018, C:2008-12-29 20:31 M:2008-12-29 20:31] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] D:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42] D:\222\sreng2\Upload\3rdUpd.DLL [Smallfrogs Studio, 2, 1, 0, 15, C:2008-10-25 15:07 M:2007-06-24 18:46] C:\WINDOWS\system32\sfc_os.dll [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-24 09:11 M:2008-04-24 09:11] [PID: 3160 / Administrator] E:\Program Files\arswp\ArSwp.exe [(Verified)ArSwp.com, 2, 8, 2, 1115, C:2008-12-20 21:34 M:2008-11-15 11:58] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-19 00:37 M:2008-12-19 00:37] f:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-19 00:37 M:2008-12-19 00:37] f:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-19 00:37 M:2008-12-19 00:37] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] D:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42] E:\Program Files\arswp\plugin\ArFix.dll [(Verified)ArSwp.Com, 2, 5, 0, 0, C:2008-12-20 21:34 M:2007-11-28 15:19] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 18:53 M:2008-04-13 18:53] [PID: 3764 / Administrator] E:\PROGRA~1\KINGSO~1\kasmain.exe [(Verified)Kingsoft Corporation, 2008,11,21,104, C:2008-11-18 16:48 M:2008-12-29 20:07] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL [Microsoft Corporation, 8.00.50727.762, C:2008-12-20 21:48 M:2008-12-20 21:48] E:\PROGRA~1\KINGSO~1\kis.dll [(Verified)Kingsoft Corporation, 2008,08,12,55, C:2008-10-30 10:47 M:2008-10-30 10:47] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-19 00:37 M:2008-12-19 00:37] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80CHS.DLL [Microsoft Corporation, 8.00.50727.762, C:2008-12-20 21:48 M:2008-12-20 21:48] f:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-19 00:37 M:2008-12-19 00:37] f:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-19 00:37 M:2008-12-19 00:37] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-24 09:11 M:2008-04-24 09:11] D:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42] E:\PROGRA~1\KINGSO~1\KAVDevC.dll [(Verified)Kingsoft Corporation, 2008,04,28,112, C:2008-10-30 10:47 M:2008-10-30 10:47] E:\PROGRA~1\KINGSO~1\infoc.dll [(Verified)Kingsoft Corporation, 1, 0, 0, 96, C:2008-10-30 10:47 M:2008-10-30 10:47] E:\PROGRA~1\KINGSO~1\KAO\KAOExtend.dll [(Verified)Copyright (C) 1998-2008 Kingsoft Corporation, 2008,06,16,525, C:2008-10-30 10:47 M:2008-10-30 10:47] E:\PROGRA~1\KINGSO~1\KAEAutorunEx.DLL [(Verified)Kingsoft Corporation, 2008,05,15,287, C:2008-10-30 10:47 M:2008-10-30 10:47] E:\PROGRA~1\KINGSO~1\RICHED20.DLL [Microsoft Corporation, 5.30.23.1221, C:2008-10-30 10:47 M:2008-10-30 10:47] E:\PROGRA~1\KINGSO~1\UpLive.DLL [(Verified)Kingsoft Corporation, 2008,11,27,113, C:2008-10-30 17:41 M:2008-12-29 20:07] E:\PROGRA~1\KINGSO~1\kacc.dll [(Verified)Kingsoft Corporation, 1, 0, 0, 1, C:2008-10-30 10:37 M:2008-10-30 10:37] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-13 18:53 M:2008-04-13 18:53] e:\Program Files\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.48, C:2008-10-25 16:30 M:2008-12-26 21:00] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-19 03:14 M:2003-03-19 03:14] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-10-05 15:39 M:2004-10-05 15:39] ======================================== 文件关联 ======================================== AutoRun.INF ======================================== Winsock提供者 ======================================== HOSTS 127.0.0.1 localhost [/CODE]