[CODE]

2008-10-18,18:33:15

SysLog Scanner 1.0 - build 20080726
Arswp (http://www.arswp.com)

Windows XP Professional Service Pack 2 (build 2600) - Administrators



========================================
注册项

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <RavTask><"F:\Program Files\Rising\Rav\RavTask.exe" -system>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.24, C:2007-10-26 21:49 M:2008-07-28 21:45]
    <!AVG Anti-Spyware><"D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized>  [(Verified)GRISOFT s.r.o., 7, 5, 1, 43, C:2006-10-07 20:20 M:2007-07-05 21:05]
    <RfwMain><"F:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.1.70, C:2008-05-28 07:48 M:2008-07-26 18:52]
    <Super Rabbit Memory><; D:\Program Files\Super Rabbit\MagicSet\memdef.exe /LOAD>  [, 4.1.0.0, C:2007-08-21 14:46 M:2007-08-21 14:46]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载]
    <><D:\Program Files\Thunder Network\Thunder\Program\geturl.htm>  [N/A, C:2008-05-28 05:58 M:2008-06-13 09:55]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载全部链接]
    <><D:\Program Files\Thunder Network\Thunder\Program\getallurl.htm>  [N/A, C:2008-05-28 05:58 M:2008-06-13 09:55]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\用比特精灵下载(&B)]
    <><D:\Program Files\BitSpirit\bsurl.htm>  [N/A, C:2007-02-19 21:31 M:2006-10-24 15:08]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection F:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-09-18 11:56 M:2004-08-04 08:52|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-09-18 11:54 M:2004-08-04 00:52|(Verified)N/A, C:2006-09-18 11:58 M:2004-08-04 00:48]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger><rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\msmsgs.inf,BLC.Install.PerUser>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-09-18 11:56 M:2004-08-04 08:52|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-09-18 11:54 M:2004-08-04 00:52|N/A, C:2006-09-18 11:59 M:2006-12-09 20:24]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection F:\WINDOWS\INF\wmp.inf,PerUserStub>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-09-18 11:56 M:2004-08-04 08:52|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-09-18 11:54 M:2004-08-04 00:52|(Verified)N/A, C:2006-09-18 11:59 M:2004-08-04 00:48]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <><F:\WINDOWS\system32\Rundll32.exe F:\WINDOWS\system32\mscories.dll,Install>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-09-18 11:56 M:2004-08-04 08:52|Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200), C:2005-09-23 07:28 M:2005-09-23 07:28]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}]
    <启动迅雷5><d:\Program Files\Thunder Network\Thunder\Thunder.exe>  [Thunder Networking Technologies,LTD, 5, 6, 8, 19, C:2008-05-28 05:58 M:2008-07-10 21:15]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\EPSON V5 2KMonitor]
    <PrintMonitor: EPSON V5 2KMonitor><EBPMON2.DLL>  [(Verified)SEIKO EPSON CORPORATION, 2, 24, 0, 0, C:2006-09-18 17:39 M:2002-04-17 11:24]


========================================
启动项

[多媒体键盘驱动]
    <F:\Documents and Settings\All Users\「开始」菜单\程序\启动\多媒体键盘驱动.lnk --> "F:\Program Files\MultiMedia Keyboard Drv\kb_2k.exe"  > [版权所有 (C) 2002, 1, 0, 0, 1, C:2006-09-18 16:59 M:2002-12-10 01:41]


========================================
计划任务



========================================
组件


Shell Extension
[Display Panning CPL Extension]
    {42071714-76d4-11d1-8b24-00a0c9068ff3}  <deskpan.dll>  []
[HyperTerminal Icon Ext]
    {88895560-9AA2-1069-930E-00AA0030EBC8}  <F:\WINDOWS\system32\hticons.dll>  [(Verified)Hilgraeve, Inc., 5.1.2600.0, C:2006-09-18 12:18 M:2004-06-06 06:13]
[WinRAR shell extension]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <F:\Program Files\WinRAR\rarext.dll>  [N/A, C:2006-09-18 16:09 M:2006-12-05 08:19]
[Fusion Cache]
    {1D2680C9-0E2A-469d-B787-065558BC7D43}  <F:\WINDOWS\system32\mscoree.dll>  [Microsoft Corporation, 2.0.50727.832 (QFE.050727-8300), C:2007-04-13 03:21 M:2007-04-13 03:21]
[ShellLink for Application References]
    {e82a2d71-5b2f-43a0-97b8-81be15854de8}  <F:\WINDOWS\system32\dfshim.dll>  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200), C:2005-09-23 07:28 M:2005-09-23 07:28]
[Shell Icon Handler for Application References]
    {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75}  <F:\WINDOWS\system32\dfshim.dll>  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200), C:2005-09-23 07:28 M:2005-09-23 07:28]
[RISING]
    {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}  <F:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2007-10-26 21:50 M:2008-07-28 21:40]

Protocols
[Cor MIME Filter, CorFltr, CorFltr 1]
    {1E66F26B-79EE-11D2-8710-00C04F79ED0D}  <mscoree.dll>  [Microsoft Corporation, 2.0.50727.832 (QFE.050727-8300), C:2007-04-13 03:21 M:2007-04-13 03:21]
[]
    {BBCA9F81-8F4F-11D2-90FF-0080C83D3571}  <F:\WINDOWS\wc98pp.dll>  [N/A, C:2007-04-10 09:45 M:2007-04-10 09:45]

ToolBar
[金山快译(&K)]
    {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C}  <F:\Program Files\Kingsoft\FastAIT 2006\IEBand.dll>  [金山软件股份有限公司, 4, 0, 1, 0, C:2005-09-22 16:20 M:2005-09-22 16:20]
[&Google]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F}  <f:\program files\google\googletoolbar2.dll>  [(Verified)Google Inc., 4, 0, 1606, 6690, C:2008-05-30 21:44 M:2008-05-30 21:44]

ActiveX Extension
[ThunderAtOnce Class]
    {01443AEC-0FD1-40FD-9C87-E93D1494C233}  <d:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 1.0.5.29, C:2008-05-28 05:58 M:2008-06-13 09:43]
[GerneralPeerID Class]
    {0A47E819-F82E-4D5D-B806-6A9EA94D68CD}  <d:\Program Files\Thunder Network\Thunder\Components\InMedia\peerid.dll>  [Copyright 2007, 1, 0, 0, 1, C:2008-05-28 05:58 M:2008-05-26 22:33]
[Airey Class]
    {1FED1242-3E89-4A67-ABD7-3B010227AF03}  <F:\WINDOWS\system32\winbdux.dll>  [Microsoft, 1.0.0.1, C:2008-09-09 16:06 M:2008-09-09 16:06]
[&Google]
    {2318C2B1-4965-11D4-9B18-009027A5CD4F}  <f:\program files\google\googletoolbar2.dll>  [(Verified)Google Inc., 4, 0, 1606, 6690, C:2008-05-30 21:44 M:2008-05-30 21:44]
[Thunder Agent Class]
    {485463B7-8FB2-4B3B-B29B-8B919B0EACCE}  <D:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 4, 23, C:2008-05-28 05:58 M:2008-06-13 09:43]
[XMP Class]
    {6483F145-A768-4C41-AACC-52D4D7845851}  <F:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work>  [Copyright XunLei 2007, 2, 1, 2, 77, C:2008-05-28 05:58 M:2008-08-04 12:58]
[XDRM]
    {693571CB-54A3-4E90-9D52-EEAE1334E2D3}  <F:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work>  [Copyright XunLei 2007, 1, 0, 0, 7, C:2008-05-28 05:58 M:2008-08-04 12:58]
[金山快译(&K)]
    {6C3797D2-3FEF-4CD4-B654-D3AE55B4128C}  <F:\Program Files\Kingsoft\FastAIT 2006\IEBand.dll>  [金山软件股份有限公司, 4, 0, 1, 0, C:2005-09-22 16:20 M:2005-09-22 16:20]
[MediaComm Class]
    {7670648D-461B-42AF-BDFE-46D26AF5EFF2}  <d:\Program Files\Thunder Network\Thunder\Components\InMedia\MediaAddin17.dll>  [Thunder Networking Technologies,LTD, 3, 1, 5, 78, C:2008-05-28 05:58 M:2008-05-26 22:33]
[Thunder Browser Helper]
    {889D2FEB-5411-4565-8998-1DD2C5261283}  <D:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2008-05-28 05:58 M:2008-06-13 09:43]
[LiveMediaOcx Control]
    {9242BB35-0DB0-43AC-8DFC-8EA07E63B92A}  <F:\PROGRA~1\Tencent\QQLive\QQLive.ocx>  [Tencent, 6.10.3612.6, C:2008-01-07 17:29 M:2008-01-07 17:29]
[Google Toolbar Helper]
    {AA58ED58-01DD-4D91-8333-CF10577473F7}  <f:\program files\google\googletoolbar2.dll>  [(Verified)Google Inc., 4, 0, 1606, 6690, C:2008-05-30 21:44 M:2008-05-30 21:44]
[DapCtrl Class]
    {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8}  <F:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.1.5803.60.(120).dll>  [ShenZhen Thunder Networking Technologies Ltd., 2, 1, 5803, 60, C:2008-09-19 22:38 M:2008-08-04 12:58]
[Google Toolbar Notifier BHO]
    {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}  <F:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll>  [(Verified)Google Inc., 2, 0, 301, 7164, C:2008-05-30 21:45 M:2008-05-30 21:45]
[Shockwave Flash Object]
    {D27CDB6E-AE6D-11CF-96B8-444553540000}  <F:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx>  [(Verified)Adobe Systems, Inc., 9,0,28,0, C:2006-11-09 14:46 M:2006-11-09 14:46]
[Thunder DapPlayer]
    {EEDD6FF9-13DE-496B-9A1C-D78B3215E266}  <d:\Program Files\Thunder Network\Thunder\Components\DownAndPlay\DapPlayer3.0.5712.71.120.dll>  [ShenZhen Thunder Networking Technologies Ltd., 3, 0, 5712, 71, C:2008-09-19 22:38 M:2008-08-04 12:58]
[XPPlayer Class]
    {F3E70CEA-956E-49CC-B444-73AFE593AD7F}  <F:\Program Files\Common Files\Thunder Network\KanKan\PPlayer.2.0.0.181.(121).dll>  [Xunlei Networking Technologies,LTD, 2, 0, 0, 181, C:2008-09-19 22:39 M:2008-08-04 12:58]

Context Menu
[AVG Anti-Spyware]
    {8934FCEF-F5B8-468f-951F-78A921CD3920}  <d:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll>  [(Verified)GRISOFT s.r.o., 7, 5, 1, 36, C:2006-10-06 19:40 M:2007-07-05 21:05]
[Quakecd]
    {683E1524-B938-4873-A395-7DD1C3AC3A5F}  <F:\PROGRA~1\Kingsoft\KnightV\Tools\KVD\kscdrush.dll>  [金山软件股份有限公司, 5, 0, 0, 0, C:2006-09-19 12:05 M:2003-06-20 06:04]
[RisingRav]
    {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}  <F:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2007-10-26 21:50 M:2008-07-28 21:40]
[WinRAR]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <F:\Program Files\WinRAR\rarext.dll>  [N/A, C:2006-09-18 16:09 M:2006-12-05 08:19]


========================================
服务

[Diskeeper / Diskeeper][Stopped/Auto Start]
    <"D:\Program Files\Executive Software\Diskeeper\DkService.exe">  []
[Logical Disk Manager / dmserver][Stopped/Auto Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\seplbgll.d1l">  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-09-18 11:56 M:2004-08-04 00:52]
[EPSON Printer Status Agent2 / EPSONStatusAgent2][Running/Auto Start]
    <F:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe>  [SEIKO EPSON CORPORATION, 2, 2, 0, 0, C:2006-09-18 17:41 M:2001-10-25 02:02]
[EQService / EQService][Stopped/Manual Start]
    <F:\Program Files\EQSecure\EQService.exe>  [EQSecure, 2008, 9, 1, 25, C:2008-05-27 16:36 M:2008-09-01 22:34]
[Human Interface Device Access / HidServ][Stopped/Disabled]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\hidserv.dll">  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-09-18 11:56 M:2004-08-04 00:52]
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
    <"F:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe">  [Macrovision Corporation, 11.50.42618, C:2005-11-14 01:06 M:2005-11-14 01:06]
[StarWind iSCSI Service / StarWindService][Stopped/Auto Start]
    <d:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe>  [Rocket Division Software, 2.6.1 Build 0x20050401, C:2005-04-02 09:51 M:2005-04-02 09:51]

[AVG Anti-Spyware Guard / AVG Anti-Spyware Guard][Running/Auto Start]
    <d:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe>  [(Verified)GRISOFT s.r.o., 7, 5, 1, 22, C:2006-09-28 22:13 M:2007-07-05 21:05]
[Contrl Center of Storm Media / ccosm][Running/Auto Start]
    <d:\Program Files\StormII\stormliv.exe /asservice>  [(Verified)北京暴风网际科技有限公司, 3, 8, 3, 15, C:2008-03-11 14:33 M:2008-03-11 14:33]
[Google Updater Service / gusvc][Stopped/Manual Start]
    <"F:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe">  [(Verified)Google, 2.0.734.29932.beta, C:2008-05-30 21:45 M:2008-05-30 21:45]
[Rising Proxy  Service / RfwProxySrv][Running/Auto Start]
    <F:\Program Files\Rising\Rfw\rfwProxy.exe>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.37, C:2008-05-28 07:48 M:2008-08-01 10:52]
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
    <F:\Program Files\Rising\Rfw\rfwsrv.exe>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.77, C:2008-05-28 07:48 M:2008-10-15 16:09]
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
    <"F:\Program Files\Rising\Rav\CCenter.exe">  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.33, C:2007-10-26 21:49 M:2008-07-28 23:30]
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
    <"F:\PROGRAM FILES\RISING\RAV\Ravmond.exe">  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.80, C:2007-10-26 21:50 M:2008-07-28 21:40]


========================================
驱动

[AVG Anti-Spyware Clean Driver / AvgAsCln][Running/System Start]
    <System32\DRIVERS\AvgAsCln.sys>  [GRISOFT, s.r.o., 1.0.0.14, C:2006-12-18 15:43 M:2006-09-06 00:03]
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
    <System32\DRIVERS\BaseTDI.SYS>  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 5, C:2006-09-19 10:11 M:2007-01-15 19:55]
[d343bus / d343bus][Running/Boot Start]
    <system32\DRIVERS\d343bus.sys>  [ , 3.43.0.0 built by: WinDDK, C:2007-05-11 15:32 M:2003-12-17 15:48]
[d343port / d343port][Running/Boot Start]
    <system32\DRIVERS\d343port.sys>  [ , 3.43.0.0 built by: WinDDK, C:2007-05-11 15:32 M:2003-12-17 13:48]
[EQSysSecure / EQSysSecure][Stopped/Manual Start]
    <\??\F:\WINDOWS\system32\drivers\EQSysSecure.sys>  [EQSecure, 4.32, C:2008-08-02 23:20 M:2008-09-17 09:24]
[iteio / iteio][Stopped/Manual Start]
    <\??\F:\WINDOWS\system32\drivers\iteio.sys>  []
[KSKNIGHT / KSKNIGHT][Stopped/Manual Start]
    <\??\F:\Program Files\Kingsoft\KnightV\KSKNIGHT.SYS>  [Kingsoft, 1.00, C:2006-09-19 12:05 M:2001-03-20 00:00]
[msfpfis64 / msfpfis64][Stopped/Auto Start]
    <\??\F:\WINDOWS\system32\drivers\msosmsfpfis64.sys>  []
[Netgroup Packet Filter / NPF][Stopped/Manual Start]
    <system32\drivers\npf.sys>  []
[npkcrypt / npkcrypt][Running/Auto Start]
    <\??\F:\Program Files\Tencent\QQ\npkcrypt.sys>  [INCA Internet Co., Ltd., 2005. 11. 1. 1, C:2007-02-02 19:04 M:2007-02-02 19:04]
[Ntpapi / Ntpapi][Stopped/Manual Start]
    <\??\F:\WINDOWS\system32\drivers\ntpapi.sys>  []
[ping / ping][Stopped/Auto Start]
    <\??\F:\WINDOWS\TEMP\tmpD.tmp>  []
[StarForce Protection Environment Driver v6 / prodrv06][Running/System Start]
    <\SystemRoot\System32\drivers\prodrv06.sys>  [Protection Technology, 6.49, C:2004-08-09 19:29 M:2004-08-09 19:29]
[StarForce Protection Helper Driver v2 / prohlp02][Running/Boot Start]
    <System32\drivers\prohlp02.sys>  [Protection Technology, 2.49, C:2004-08-09 19:33 M:2004-08-09 19:33]
[StarForce Protection Synchronization Driver v1 / prosync1][Running/Boot Start]
    <System32\drivers\prosync1.sys>  [Protection Technology, 1.6, C:2004-07-19 22:49 M:2004-07-19 22:49]
[qabrabc / qabrabc][Stopped/Manual Start]
    <\??\F:\WINDOWS\system32\drivers\qabrabc.sys>  []
[QKeyServiceDisplay / QKeyService][Running/Boot Start]
    <system32\KeyCrypt.sys>  [Tencent Technology (Shenzhen) Company Limited, 1.02, C:2007-06-19 00:37 M:2007-03-14 17:18]
[qnec / qnec][Stopped/Manual Start]
    <\??\F:\DOCUME~1\ZHANGY~1\LOCALS~1\Temp\_tmp.bat>  []
[QuakeDRV / QuakeDRV][Running/Boot Start]
    <system32\DRIVERS\quakedrv.sys>  [N/A, C:2006-09-18 20:32 M:2003-06-19 22:07]
[Driver for rockusb Device / rockusb][Stopped/Manual Start]
    <system32\DRIVERS\rockusb.sys>  [Fuzhou Rockchip Electronics Co,Ltd., 1.102, C:2006-03-22 19:57 M:2006-03-22 19:57]
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
    <system32\drivers\RsBoot.sys>  [Beijing Rising, 3, 0, 0, 19, C:2006-12-12 21:07 M:2007-02-27 20:19]
[rspp / rspp][Running/System Start]
    <\??\F:\WINDOWS\system32\Drivers\Rspp.sys>  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 7, C:2008-10-15 16:39 M:2008-10-15 16:39]
[StarForce Protection Helper Driver / sfhlp01][Running/Boot Start]
    <System32\drivers\sfhlp01.sys>  [Protection Technology, 1.5, C:2003-12-01 23:20 M:2003-12-01 23:20]
[sptd / sptd][Running/Boot Start]
    <System32\Drivers\sptd.sys>  [N/A, C:2007-01-19 13:28 M:2007-01-19 13:28]
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
    <system32\DRIVERS\tcpip.sys>  [Microsoft Corporation, 5.1.2600.3394 (xpsp_sp2_gdr.080620-1245), C:2006-09-18 11:56 M:2008-06-20 18:45]
[Motorola USB Modem Driver for MPT / usbsermpt][Stopped/Manual Start]
    <system32\DRIVERS\usbsermpt.sys>  [Microsoft Corporation, 5.00.2195.6655, C:2007-02-18 21:15 M:2007-02-18 21:15]
[wpizir78 / wpizir78][Stopped/Manual Start]
    <\??\F:\WINDOWS\system32\drivers\wpizir78.sys>  []
[USB PC Camera 301P / ZSMC301b][Running/Manual Start]
    <System32\Drivers\usbVM31b.sys>  [VM, 4.2.1010.41, C:2006-09-18 17:09 M:2004-03-22 16:22]
[~Fuck84 / ~Fuck84][Stopped/Manual Start]
    <\??\F:\DOCUME~1\ZHANGY~1\LOCALS~1\Temp\~Fuck84.tmp>  []

[AVG Anti-Spyware Driver / AVG Anti-Spyware Driver][Running/System Start]
    <\??\d:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys>  [(Verified)N/A, C:2006-09-28 22:13 M:2007-07-05 21:04]
[C-Media WDM Audio Interface / cmuda][Running/Manual Start]
    <system32\drivers\cmuda.sys>  [(Verified)C-Media Inc, 5.12.01.0050.1 (70), C:2005-12-15 13:57 M:2005-12-15 13:57]
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Running/Manual Start]
    <system32\DRIVERS\fetnd5a.sys>  [(Verified)VIA Technologies, Inc.              , 2.68.00.0299, C:2006-09-18 18:08 M:2001-10-23 00:31]
[HookCont / HookCont][Running/System Start]
    <\SystemRoot\system32\drivers\HookCont.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 7, C:2007-10-26 21:50 M:2008-07-28 21:45]
[HookNtos / HookNtos][Running/System Start]
    <\SystemRoot\system32\drivers\HookNtos.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 50, C:2007-10-26 21:50 M:2008-07-28 21:42]
[HookReg / HookReg][Running/System Start]
    <\SystemRoot\system32\drivers\HookReg.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 28, C:2007-10-26 21:50 M:2008-07-28 21:41]
[HookSys / HookSys][Running/System Start]
    <\SystemRoot\system32\drivers\HookSys.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 55, C:2007-10-26 21:50 M:2008-08-29 03:59]
[HookUrl / HookUrl][Running/Auto Start]
    <\??\F:\Program Files\Rising\Rfw\HookUrl.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.12, C:2008-05-28 07:48 M:2008-08-01 10:53]
[HSFHWBS2 / HSFHWBS2][Running/Manual Start]
    <system32\DRIVERS\HSFBS2S2.sys>  [(Verified)Conexant Systems, Inc., 7.12.09, C:2006-09-18 12:12 M:2004-08-03 22:41]
[HSF_DP / HSF_DP][Running/Manual Start]
    <system32\DRIVERS\HSFDPSP2.sys>  [(Verified)Conexant Systems, Inc., 7.12.09, C:2006-09-18 12:12 M:2004-08-03 22:41]
[KAVSafe / KAVSafe][Running/Auto Start]
    <\??\F:\WINDOWS\system32\Drivers\KAVSafe.sys>  [(Verified)Kingsoft Corporation, 2008,03,04,62, C:2008-05-28 06:54 M:2008-05-28 06:54]
[mdmxsdk / mdmxsdk][Running/Auto Start]
    <system32\DRIVERS\mdmxsdk.sys>  [(Verified)Conexant, 1.0.2.006, C:2006-09-18 12:12 M:2004-08-03 22:41]
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
    <system32\DRIVERS\ptilink.sys>  [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:2006-09-18 11:56 M:2004-06-06 06:13]
[Rising  Rfwbase Driver / RfwBase][Running/Auto Start]
    <System32\DRIVERS\rfwbase.SYS>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.10, C:2008-05-28 07:48 M:2008-08-01 10:51]
[RsFwDrv / RsFwDrv][Running/System Start]
    <\??\F:\Program Files\Rising\Rfw\RsFwDrv.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.34, C:2008-05-28 07:48 M:2008-08-01 10:52]
[RsNTGDI / RsNTGDI][Running/Boot Start]
    <system32\Drivers\RsNTGdi.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 3, C:2007-10-26 21:50 M:2008-07-28 23:32]
[S3SavageNB / S3SavageNB][Running/Manual Start]
    <system32\DRIVERS\s3gnbm.sys>  [(Verified)S3 Graphics, Inc., 6.14.10.0012-13.94.12, C:2006-09-18 12:13 M:2004-08-03 22:29]
[Secdrv / Secdrv][Running/Auto Start]
    <system32\DRIVERS\secdrv.sys>  [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:2006-09-18 11:56 M:2007-11-13 18:25]
[winachsf / winachsf][Running/Manual Start]
    <system32\DRIVERS\HSFCXTS2.sys>  [(Verified)Conexant Systems, Inc., 7.12.09 built by: WinDDK, C:2006-09-18 12:12 M:2004-08-03 22:41]


========================================
进程

[PID: 692 / SYSTEM]   \SystemRoot\System32\smss.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-09-18 11:56 M:2004-08-04 00:52]

[PID: 780 / SYSTEM]   \??\F:\WINDOWS\system32\csrss.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-09-18 11:54 M:2004-08-04 00:52]
    F:\WINDOWS\system32\gdipro.dll  []
    F:\WINDOWS\system32\sys05017.dll  []
    F:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-28 07:48 M:2008-07-26 18:52]
    F:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-28 07:48 M:2008-07-26 18:52]

[PID: 804 / SYSTEM]   \??\F:\WINDOWS\system32\winlogon.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-09-18 11:57 M:2004-08-04 00:52]
    F:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-28 07:48 M:2008-07-26 18:52]
    F:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-28 07:48 M:2008-07-26 18:52]

[PID: 848 / SYSTEM]   F:\WINDOWS\system32\services.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-09-18 11:56 M:2004-08-04 00:52]
    F:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-28 07:48 M:2008-07-26 18:52]
    F:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-28 07:48 M:2008-07-26 18:52]

[PID: 860 / SYSTEM]   F:\WINDOWS\system32\lsass.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-09-18 11:55 M:2004-08-04 00:52]
    F:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-28 07:48 M:2008-07-26 18:52]
    F:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-28 07:48 M:2008-07-26 18:52]

[PID: 1012 / SYSTEM]   F:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-09-18 11:56 M:2004-08-04 00:52]
    F:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-28 07:48 M:2008-07-26 18:52]
    F:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-28 07:48 M:2008-07-26 18:52]

[PID: 1100 / SYSTEM]   F:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-09-18 11:56 M:2004-08-04 00:52]
    F:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-28 07:48 M:2008-07-26 18:52]
    F:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-28 07:48 M:2008-07-26 18:52]

[PID: 1176 / SYSTEM]   F:\Program Files\Rising\Rav\CCenter.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.33, C:2007-10-26 21:49 M:2008-07-28 23:30]
    F:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-28 07:48 M:2008-07-26 18:52]
    F:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-28 07:48 M:2008-07-26 18:52]

[PID: 1196 / SYSTEM]   F:\WINDOWS\System32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-09-18 11:56 M:2004-08-04 00:52]
    F:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-28 07:48 M:2008-07-26 18:52]
    F:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-28 07:48 M:2008-07-26 18:52]

[PID: 1344 / NETWORK SERVICE]   F:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-09-18 11:56 M:2004-08-04 00:52]
    F:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-28 07:48 M:2008-07-26 18:52]
    F:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-28 07:48 M:2008-07-26 18:52]

[PID: 1368 / LOCAL SERVICE]   F:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-09-18 11:56 M:2004-08-04 00:52]
    F:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-28 07:48 M:2008-07-26 18:52]
    F:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-28 07:48 M:2008-07-26 18:52]

[PID: 1404 / SYSTEM]   F:\PROGRAM FILES\RISING\RAV\ravmond.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.80, C:2007-10-26 21:50 M:2008-07-28 21:40]
    F:\PROGRAM FILES\RISING\RAV\BWList.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.5, C:2007-10-26 21:49 M:2008-07-28 23:30]
    F:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2006-06-05 17:34 M:2006-06-05 17:34]
    F:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-05 10:31]
    F:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2006-06-05 17:34 M:2006-06-05 17:34]
    F:\WINDOWS\system32\MFC71CHS.DLL  [Microsoft Corporation, 7.10.3077.0, C:2006-06-05 17:34 M:2006-06-05 17:34]
    F:\PROGRAM FILES\RISING\RAV\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2007-10-26 21:50 M:2008-07-28 23:30]
    F:\PROGRAM FILES\RISING\RAV\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2007-10-26 21:50 M:2008-07-28 23:30]
    F:\PROGRAM FILES\RISING\RAV\RsLog.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.36, C:2007-10-26 21:50 M:2008-07-28 23:32]
    F:\PROGRAM FILES\RISING\RAV\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2007-10-26 21:49 M:2008-07-28 23:30]
    F:\PROGRAM FILES\RISING\RAV\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2007-10-26 21:49 M:2008-07-28 23:30]
    F:\PROGRAM FILES\RISING\RAV\MonRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.29, C:2007-10-26 21:50 M:2008-07-28 21:40]
    F:\PROGRAM FILES\RISING\RAV\Hooksys.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 12, C:2007-10-26 21:50 M:2008-07-28 21:40]
    F:\PROGRAM FILES\RISING\RAV\HookReg.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6, C:2007-10-26 21:50 M:2008-07-28 21:41]
    F:\PROGRAM FILES\RISING\RAV\HookNtos.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5, C:2007-10-26 21:50 M:2008-07-28 21:41]
    F:\PROGRAM FILES\RISING\RAV\rswalmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 24, C:2007-10-26 21:50 M:2008-07-28 21:42]
    F:\PROGRAM FILES\RISING\RAV\recomp.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 41, C:2007-10-26 21:49 M:2008-08-21 21:05]
    F:\PROGRAM FILES\RISING\RAV\refs.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18, C:2007-10-26 21:49 M:2008-07-28 23:31]
    F:\PROGRAM FILES\RISING\RAV\ffr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2007-10-26 21:49 M:2008-10-01 09:05]
    F:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-28 07:48 M:2008-07-26 18:52]
    F:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-28 07:48 M:2008-07-26 18:52]
    F:\Program Files\Rising\Rav\RsStore.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.9, C:2007-10-26 21:50 M:2008-07-28 23:32]
    F:\PROGRAM FILES\RISING\RAV\HookCont.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3, C:2007-10-26 21:50 M:2008-07-28 21:45]
    F:\Program Files\Rising\Rav\fakescan.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.14, C:2007-10-26 21:49 M:2008-07-28 23:32]
    F:\Program Files\Rising\Rav\Scanner.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.39, C:2007-10-26 21:49 M:2008-07-28 23:32]
    F:\PROGRAM FILES\RISING\RAV\viruslib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2007-10-26 21:49 M:2008-07-28 23:31]
    F:\PROGRAM FILES\RISING\RAV\relibldr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2007-10-26 21:49 M:2008-07-28 23:31]
    F:\PROGRAM FILES\RISING\RAV\HookWeb.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.3, C:2007-10-26 21:50 M:2008-07-28 21:45]
    F:\PROGRAM FILES\RISING\RAV\nvfile.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7, C:2007-10-26 21:49 M:2008-07-28 23:31]
    F:\PROGRAM FILES\RISING\RAV\scanexec.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 22, C:2007-10-26 21:49 M:2008-08-29 04:00]
    F:\PROGRAM FILES\RISING\RAV\unexe.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 6, C:2007-10-26 21:49 M:2008-07-28 23:31]
    F:\PROGRAM FILES\RISING\RAV\scanex.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 96, C:2007-10-26 21:49 M:2008-10-18 14:30]
    F:\PROGRAM FILES\RISING\RAV\pearc.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 8, C:2007-10-26 21:49 M:2008-07-28 23:31]
    F:\PROGRAM FILES\RISING\RAV\extfile.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 32, C:2007-10-26 21:49 M:2008-07-28 23:31]
    F:\PROGRAM FILES\RISING\RAV\scanpack.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10, C:2007-10-26 21:49 M:2008-07-28 23:31]
    F:\PROGRAM FILES\RISING\RAV\revm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11, C:2007-10-26 21:49 M:2008-07-28 23:31]
    F:\PROGRAM FILES\RISING\RAV\urutils.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7, C:2007-12-22 21:32 M:2008-07-28 23:31]
    F:\PROGRAM FILES\RISING\RAV\ur000.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 22, C:2007-12-22 21:32 M:2008-10-12 06:39]
    F:\PROGRAM FILES\RISING\RAV\scriptci.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 4, C:2007-10-26 21:49 M:2008-07-28 23:31]
    F:\PROGRAM FILES\RISING\RAV\ur001.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-01-09 09:36 M:2008-10-12 06:39]
    F:\PROGRAM FILES\RISING\RAV\uroutine.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2007-10-26 21:49 M:2008-07-28 23:31]
    F:\PROGRAM FILES\RISING\RAV\ur023.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 3, C:2008-04-29 06:29 M:2008-07-28 23:31]
    F:\PROGRAM FILES\RISING\RAV\scansct.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11, C:2007-10-26 21:49 M:2008-09-03 21:56]
    F:\PROGRAM FILES\RISING\RAV\extole.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 13, C:2007-10-26 21:49 M:2008-07-28 23:31]
    F:\PROGRAM FILES\RISING\RAV\posttrt.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 25, C:2007-10-26 21:49 M:2008-10-07 19:52]

[PID: 1416 / SYSTEM]   F:\Program Files\Rising\Rfw\rfwsrv.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.77, C:2008-05-28 07:48 M:2008-10-15 16:09]
    F:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2006-06-05 17:34 M:2006-06-05 17:34]
    F:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-05 10:31]
    F:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2006-06-05 17:34 M:2006-06-05 17:34]
    F:\WINDOWS\system32\MFC71CHS.DLL  [Microsoft Corporation, 7.10.3077.0, C:2006-06-05 17:34 M:2006-06-05 17:34]
    F:\Program Files\Rising\Rfw\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-05-28 07:48 M:2008-08-01 10:54]
    F:\Program Files\Rising\Rfw\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-05-28 07:48 M:2008-08-01 10:54]
    F:\Program Files\Rising\Rfw\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-05-28 07:48 M:2008-08-01 10:54]
    F:\Program Files\Rising\Rfw\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-05-28 07:48 M:2008-08-01 10:54]
    F:\Program Files\Rising\Rfw\RfwRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.17, C:2008-05-28 07:48 M:2008-08-01 10:52]
    F:\Program Files\Rising\Rfw\rfwlog.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.16, C:2008-05-28 07:48 M:2008-08-01 10:52]
    F:\Program Files\Rising\Rfw\Rfwdrv.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.48, C:2008-05-28 07:48 M:2008-07-26 18:52]
    F:\Program Files\Rising\Rfw\ijt_ctrl.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.0, C:2008-05-28 07:48 M:2008-07-26 18:52]
    F:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-28 07:48 M:2008-07-26 18:52]
    F:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-28 07:48 M:2008-07-26 18:52]
    F:\Program Files\Rising\Rfw\unvdet.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.8, C:2008-05-28 07:48 M:2008-08-01 10:53]
    F:\Program Files\Rising\Rfw\mPorts.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.6, C:2008-05-28 07:48 M:2008-08-01 10:52]

[PID: 1524 / SYSTEM]   F:\Program Files\Rising\Rfw\rfwProxy.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.37, C:2008-05-28 07:48 M:2008-08-01 10:52]
    F:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2006-06-05 17:34 M:2006-06-05 17:34]
    F:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-05 10:31]
    F:\WINDOWS\system32\MFC71CHS.DLL  [Microsoft Corporation, 7.10.3077.0, C:2006-06-05 17:34 M:2006-06-05 17:34]
    F:\Program Files\Rising\Rfw\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-05-28 07:48 M:2008-08-01 10:54]
    F:\Program Files\Rising\Rfw\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-05-28 07:48 M:2008-08-01 10:54]
    F:\Program Files\Rising\Rfw\RfwRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.17, C:2008-05-28 07:48 M:2008-08-01 10:52]
    F:\Program Files\Rising\Rfw\urlrule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1.0.0.15, C:2008-05-28 08:03 M:2008-08-01 10:52]
    F:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-28 07:48 M:2008-07-26 18:52]
    F:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-28 07:48 M:2008-07-26 18:52]
    F:\Program Files\Rising\Rfw\MonMid.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.6, C:2008-05-28 07:48 M:2008-08-01 10:52]

[PID: 1636 / zhangyuxuan]   F:\WINDOWS\Explorer.EXE   [(Verified)Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234), C:2006-09-18 11:55 M:2007-06-13 21:21]
    F:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-28 07:48 M:2008-07-26 18:52]
    F:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-28 07:48 M:2008-07-26 18:52]
    F:\Program Files\Rising\Rav\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2007-10-26 21:49 M:2008-07-28 23:30]
    F:\Program Files\WinRAR\rarext.dll  [N/A, C:2006-09-18 16:09 M:2006-12-05 08:19]
    F:\PROGRA~1\Kingsoft\KnightV\Tools\KVD\kscdrush.dll  [金山软件股份有限公司, 5, 0, 0, 0, C:2006-09-19 12:05 M:2003-06-20 06:04]
    d:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll  [(Verified)GRISOFT s.r.o., 7, 5, 1, 36, C:2006-10-06 19:40 M:2007-07-05 21:05]
    F:\WINDOWS\system32\RavExt.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2007-10-26 21:50 M:2008-07-28 21:40]

[PID: 1888 / SYSTEM]   F:\Program Files\Rising\Rfw\rfwstub.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.12, C:2008-05-28 07:48 M:2008-08-01 10:53]
    F:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2006-06-05 17:34 M:2006-06-05 17:34]
    F:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-05 10:31]
    F:\Program Files\Rising\Rfw\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-05-28 07:48 M:2008-08-01 10:54]
    F:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-28 07:48 M:2008-07-26 18:52]
    F:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-28 07:48 M:2008-07-26 18:52]

[PID: 292 / zhangyuxuan]   F:\Program Files\Rising\Rfw\RfwMain.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.1.70, C:2008-05-28 07:48 M:2008-07-26 18:52]
    F:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2006-06-05 17:34 M:2006-06-05 17:34]
    F:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-05 10:31]
    F:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2006-06-05 17:34 M:2006-06-05 17:34]
    F:\Program Files\Rising\Rfw\RsGuiLib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90, C:2008-05-28 07:48 M:2008-08-01 10:54]
    F:\WINDOWS\system32\MFC71CHS.DLL  [Microsoft Corporation, 7.10.3077.0, C:2006-06-05 17:34 M:2006-06-05 17:34]
    F:\Program Files\Rising\Rfw\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-05-28 07:48 M:2008-08-01 10:54]
    F:\Program Files\Rising\Rfw\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-05-28 07:48 M:2008-08-01 10:54]
    F:\Program Files\Rising\Rfw\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-05-28 07:48 M:2008-08-01 10:54]
    F:\Program Files\Rising\Rfw\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-05-28 07:48 M:2008-08-01 10:54]
    F:\Program Files\Rising\Rfw\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-05-28 07:48 M:2008-08-01 10:54]
    F:\Program Files\Rising\Rfw\RfwCtrl.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-28 07:48 M:2008-08-01 10:54]
    F:\Program Files\Rising\Rfw\RsXML.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-05-28 07:48 M:2008-08-01 10:54]
    F:\Program Files\Rising\Rfw\PngDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-05-28 07:48 M:2008-08-01 10:54]
    F:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-28 07:48 M:2008-07-26 18:52]
    F:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-28 07:48 M:2008-07-26 18:52]
    F:\Program Files\Rising\Rfw\RfwRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.17, C:2008-05-28 07:48 M:2008-08-01 10:52]

[PID: 324 / SYSTEM]   F:\WINDOWS\system32\spoolsv.exe   [(Verified)Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519), C:2006-09-18 11:56 M:2005-06-11 07:53]
    F:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-28 07:48 M:2008-07-26 18:52]
    F:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-28 07:48 M:2008-07-26 18:52]
    F:\WINDOWS\system32\EBPMON2.DLL  [(Verified)SEIKO EPSON CORPORATION, 2, 24, 0, 0, C:2006-09-18 17:39 M:2002-04-17 11:24]

[PID: 576 / SYSTEM]   d:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe   [(Verified)GRISOFT s.r.o., 7, 5, 1, 22, C:2006-09-28 22:13 M:2007-07-05 21:05]
    d:\Program Files\Grisoft\AVG Anti-Spyware 7.5\engine.dll  [(Verified)GRISOFT s.r.o., 4, 2, 0, 19, C:2006-10-06 18:53 M:2007-07-05 21:05]
    F:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-28 07:48 M:2008-07-26 18:52]
    F:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-28 07:48 M:2008-07-26 18:52]

[PID: 604 / SYSTEM]   d:\Program Files\StormII\stormliv.exe   [(Verified)北京暴风网际科技有限公司, 3, 8, 3, 15, C:2008-03-11 14:33 M:2008-03-11 14:33]
    d:\Program Files\StormII\MSVCP60.dll  [Microsoft Corporation, 6.02.3104.0, C:2007-09-21 19:43 M:2007-09-21 19:43]
    F:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-28 07:48 M:2008-07-26 18:52]
    F:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-28 07:48 M:2008-07-26 18:52]

[PID: 956 / SYSTEM]   F:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe   [SEIKO EPSON CORPORATION, 2, 2, 0, 0, C:2006-09-18 17:41 M:2001-10-25 02:02]
    F:\WINDOWS\system32\EBAPI2.DLL  [SEIKO EPSON CORPORATION, 1, 4, 0, 0, C:2006-09-18 17:41 M:2001-08-23 01:04]
    F:\Program Files\Common Files\EPSON\EBAPI\EBPLPT.DLL  [SEIKO EPSON CORPORATION, 2, 23, 0, 0, C:2006-09-18 17:41 M:2002-05-01 02:23]

[PID: 1500 / SYSTEM]   F:\WINDOWS\system32\tcpsvcs.exe   [(Verified)Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2006-09-18 11:56 M:2004-06-06 06:14]

[PID: 1400 / SYSTEM]   F:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-09-18 11:56 M:2004-08-04 00:52]

[PID: 2780 / LOCAL SERVICE]   F:\WINDOWS\System32\alg.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-09-18 11:54 M:2004-08-04 00:52]

[PID: 2964 / zhangyuxuan]   F:\Program Files\Rising\Rav\RavTask.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.24, C:2007-10-26 21:49 M:2008-07-28 21:45]
    F:\Program Files\Rising\Rav\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2007-10-26 21:49 M:2008-07-28 23:30]
    F:\Program Files\Rising\Rav\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2007-10-26 21:49 M:2008-07-28 23:30]
    F:\Program Files\Rising\Rav\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2007-10-26 21:49 M:2008-07-28 23:30]
    F:\Program Files\Rising\Rav\RSAPPMGR.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2007-10-26 21:50 M:2008-07-28 23:30]
    F:\Program Files\Rising\Rav\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2007-10-26 21:50 M:2008-07-28 23:30]

[PID: 2980 / zhangyuxuan]   F:\Program Files\Rising\Rav\Ravmon.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.01.27, C:2007-10-26 21:50 M:2008-08-29 03:59]
    F:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2006-06-05 17:34 M:2006-06-05 17:34]
    F:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-05 10:31]
    F:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2006-06-05 17:34 M:2006-06-05 17:34]
    F:\WINDOWS\system32\MFC71CHS.DLL  [Microsoft Corporation, 7.10.3077.0, C:2006-06-05 17:34 M:2006-06-05 17:34]
    F:\Program Files\Rising\Rav\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2007-10-26 21:49 M:2008-07-28 23:30]
    F:\Program Files\Rising\Rav\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2007-10-26 21:49 M:2008-07-28 23:30]
    F:\Program Files\Rising\Rav\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2007-10-26 21:49 M:2008-07-28 23:30]
    F:\Program Files\Rising\Rav\recomp.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 41, C:2007-10-26 21:49 M:2008-08-21 21:05]
    F:\Program Files\Rising\Rav\refs.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18, C:2007-10-26 21:49 M:2008-07-28 23:31]
    F:\Program Files\Rising\Rav\viruslib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2007-10-26 21:49 M:2008-07-28 23:31]
    F:\Program Files\Rising\Rav\relibldr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2007-10-26 21:49 M:2008-07-28 23:31]
    F:\Program Files\Rising\Rav\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2007-10-26 21:50 M:2008-07-28 23:30]
    F:\Program Files\Rising\Rav\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2007-10-26 21:50 M:2008-07-28 23:30]
    F:\Program Files\Rising\Rav\MonRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.29, C:2007-10-26 21:50 M:2008-07-28 21:40]
    F:\Program Files\Rising\Rav\PngDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2007-10-26 21:49 M:2008-07-28 23:31]
    F:\Program Files\Rising\Rav\Rsguilib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90, C:2007-10-26 21:49 M:2008-07-28 23:31]
    F:\Program Files\Rising\Rav\RsXML.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2007-10-26 21:49 M:2008-07-28 23:30]

[PID: 3556 / zhangyuxuan]   D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe   [(Verified)GRISOFT s.r.o., 7, 5, 1, 43, C:2006-10-07 20:20 M:2007-07-05 21:05]
    D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\engine.dll  [(Verified)GRISOFT s.r.o., 4, 2, 0, 19, C:2006-10-06 18:53 M:2007-07-05 21:05]
    F:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-28 07:48 M:2008-07-26 18:52]
    F:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-28 07:48 M:2008-07-26 18:52]

[PID: 3708 / zhangyuxuan]   F:\WINDOWS\system32\ctfmon.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-09-18 11:57 M:2004-08-04 00:52]
    F:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-28 07:48 M:2008-07-26 18:52]
    F:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-28 07:48 M:2008-07-26 18:52]

[PID: 3756 / zhangyuxuan]   F:\Program Files\MultiMedia Keyboard Drv\kb_2k.exe   [版权所有 (C) 2002, 1, 0, 0, 1, C:2006-09-18 16:59 M:2002-12-10 01:41]
    F:\Program Files\MultiMedia Keyboard Drv\sckbd.dll  [N/A, C:2006-09-18 16:59 M:2002-10-19 18:58]
    F:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-28 07:48 M:2008-07-26 18:52]
    F:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-28 07:48 M:2008-07-26 18:52]

[PID: 2612 / zhangyuxuan]   C:\Program Files\MwIE2007\MwIE.exe   [Copyright (C) 2007, 7, 0, 0, 0, C:2007-01-01 21:24 M:2007-01-01 21:24]
    F:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-05-28 07:48 M:2008-07-26 18:52]
    F:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-05-28 07:48 M:2008-07-26 18:52]
    F:\Program Files\Rising\Rav\RavScrCh.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2006-09-19 10:10 M:2008-07-28 21:45]
    D:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2008-05-28 05:58 M:2008-06-13 09:43]

[PID: 3544 / zhangyuxuan]   d:\Program Files\arswp\ArSwp.exe   [(Verified)ArSwp.com, 2, 8, 1, 815, C:2008-10-18 17:38 M:2008-08-15 22:25]
    d:\Program Files\arswp\plugin\ArFix.dll  [(Verified)ArSwp.Com, 2, 5, 0, 0, C:2008-10-18 17:38 M:2007-11-28 15:19]


========================================
文件关联



========================================
AutoRun.INF



========================================
Winsock提供者



[/CODE]