[CODE]

2008-12-06,09:23:43

SysLog Scanner 1.0 - build 20080726
Arswp (http://www.arswp.com)

Windows XP Professional Service Pack 2 (build 2600) - Administrators



========================================
注册项

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <PPS Accelerator><C:\Program Files\PPStream\ppsap.exe>  [(Verified)PPStream Inc, 1, 0, 11, 139, C:2008-07-14 23:35 M:2008-08-07 15:31]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <RTHDCPL><RTHDCPL.EXE>  [(Verified)Realtek Semiconductor Corp., 2.1.6.2, C:2008-01-13 13:12 M:2007-09-27 14:20]
    <Alcmtr><ALCMTR.EXE>  [(Verified)Realtek Semiconductor Corp., 1.6.0.2, C:2008-01-13 13:12 M:2005-05-03 18:43]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.24, C:2008-07-15 16:24 M:2008-07-26 20:12]
    <RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.1.70, C:2008-07-15 16:35 M:2008-07-25 13:05]
    <hxgame-update><C:\Program Files\hxupdate\hxgame-update.exe>  [N/A, C:2007-10-24 08:39 M:2007-10-30 22:35]
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  [N/A, ]
    <vmware-tray><; "C:\Program Files\VMware\VMware Workstation\vmware-tray.exe">  []

[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\system32\梦幻水~1.SCR>  [N/A, C:2008-07-14 23:36 M:2006-06-09 14:34]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-07-15 16:24 M:2008-07-28 23:44]
    <{EA44A26D-DDC8-46C0-AFE1-A529FE014E3F}><EA44A26D.dll>  []
    <{D82C0336-583E-468B-B46A-0897FAB9D5A2}><D82C0336.dll>  []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载]
    <><C:\Program Files\Thunder\Program\geturl.htm>  [N/A, C:2008-07-14 23:35 M:2007-12-10 14:17]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载全部链接]
    <><C:\Program Files\Thunder\Program\getallurl.htm>  [N/A, C:2008-07-14 23:35 M:2007-12-10 14:17]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\导出到 Microsoft Office Excel(&X)]
    <><res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000>  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    <WinlogonNotify: AtiExtEvent><Ati2evxx.dll>  [(Verified)ATI Technologies Inc., 6.14.10.4162, C:2008-01-13 13:13 M:2007-03-15 09:49]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)Microsoft Corporation, 7.00.5730.13 (longhorn(wmbla).070711-1130), C:2004-08-17 12:00 M:2007-08-13 18:39|(Verified)N/A, C:1980-01-01 00:00 M:2004-08-17 12:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)Microsoft Corporation, 7.00.5730.13 (longhorn(wmbla).070711-1130), C:2004-08-17 12:00 M:2007-08-13 18:39|(Verified)N/A, C:1980-01-01 00:00 M:2004-08-17 12:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)Microsoft Corporation, 7.00.5730.13 (longhorn(wmbla).070711-1130), C:2004-08-17 12:00 M:2007-08-13 18:39|(Verified)N/A, C:1980-01-01 00:00 M:2005-01-28 15:25]


========================================
启动项

[Adobe Reader Speed Launch]
    <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Reader Speed Launch.lnk --> "C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe"  > [Adobe Systems Incorporated, 7.0.5.2005092300, C:2005-09-23 23:05 M:2005-09-23 23:05]
[启动AspWebserver2005]
    <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\启动AspWebserver2005.Lnk --> "F:\qq盗号软件\小旋风AspWebServer\main.box"  > [N/A, C:2005-05-06 20:14 M:2005-05-06 20:14]


========================================
计划任务

[SogouImeMgr.job]
    <C:\WINDOWS\tasks\SogouImeMgr.job --> "C:\PROGRA~1\SOGOUI~1\360~1.165\PinyinRepair.exe" /S > [(Verified)Sogou.com Inc., 3.6.0.1653, C:2008-09-17 10:07 M:2008-09-17 10:07]


========================================
组件


ShellExecuteHook
[ShlExecHack Class]
    {32CD708B-60A7-4C00-9377-D73EAA495F0F}  <C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-07-15 16:24 M:2008-07-28 23:44]
[]
    {EA44A26D-DDC8-46C0-AFE1-A529FE014E3F}  <EA44A26D.dll>  []
[]
    {D82C0336-583E-468B-B46A-0897FAB9D5A2}  <D82C0336.dll>  []

Shell Extension
[Display Panning CPL Extension]
    {42071714-76d4-11d1-8b24-00a0c9068ff3}  <deskpan.dll>  []
[HyperTerminal Icon Ext]
    {88895560-9AA2-1069-930E-00AA0030EBC8}  <C:\WINDOWS\system32\hticons.dll>  [(Verified)Hilgraeve, Inc., 5.1.2600.0, C:2006-11-07 01:29 M:2004-08-17 20:00]
[WinRAR shell extension]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <C:\Program Files\WinRAR\rarext.dll>  [N/A, C:2008-02-02 02:17 M:2007-09-21 16:56]
[RISING]
    {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}  <C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-07-15 16:24 M:2008-07-28 23:44]

Protocols
[]
    {BBCA9F81-8F4F-11D2-90FF-0080C83D3571}  <C:\WINDOWS\wc98pp.dll>  [N/A, C:2007-11-21 00:44 M:2007-11-21 00:44]

BrowserHelperObject
[ThunderAtOnce Class]
    {01443AEC-0FD1-40fd-9C87-E93D1494C233}  <C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 1.0.5.16, C:2008-07-14 23:35 M:2007-12-10 14:17]
[Yahoo! Toolbar Helper]
    {02478D38-C3F9-4EFB-9B51-7695ECA05670}  <C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll>  [(Verified)Yahoo! Inc., 2006, 10, 26, 1, C:2008-07-15 22:57 M:2006-10-26 11:28]
[AcroIEHlprObj Class]
    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}  <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll>  [(Verified)Adobe Systems Incorporated, 7.0.5.2005092300, C:2005-09-23 21:12 M:2005-09-23 21:12]
[Thunder Browser Helper]
    {889D2FEB-5411-4565-8998-1DD2C5261283}  <C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 61, C:2008-07-14 23:35 M:2008-01-14 20:11]
[urlmon Class]
    {FFFFEECE-FF18-8222-2FB0-2935B9EA0723}  <C:\WINDOWS\system32\1031\urlmon.dll>  []

UrlSeachHook
[Yahoo! 导航条]
    {EF99BD32-C1FB-11D2-892F-0090271D4F88}  <C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll>  [(Verified)Yahoo! Inc., 2006, 10, 26, 1, C:2008-07-15 22:57 M:2006-10-26 11:28]

ToolBar
[Yahoo! 导航条]
    {EF99BD32-C1FB-11D2-892F-0090271D4F88}  <C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll>  [(Verified)Yahoo! Inc., 2006, 10, 26, 1, C:2008-07-15 22:57 M:2006-10-26 11:28]

ActiveX Extension
[ThunderAtOnce Class]
    {01443AEC-0FD1-40FD-9C87-E93D1494C233}  <C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 1.0.5.16, C:2008-07-14 23:35 M:2007-12-10 14:17]
[Yahoo! Toolbar Helper]
    {02478D38-C3F9-4EFB-9B51-7695ECA05670}  <C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll>  [(Verified)Yahoo! Inc., 2006, 10, 26, 1, C:2008-07-15 22:57 M:2006-10-26 11:28]
[Installation Support]
    {0291E591-EA41-4C82-8106-3DC6CE7F7664}  <C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll>  [(Verified)Yahoo! Inc., 2007, 11, 28, 1, C:2007-11-29 05:55 M:2007-11-29 05:55]
[AcroIEHlprObj Class]
    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}  <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll>  [(Verified)Adobe Systems Incorporated, 7.0.5.2005092300, C:2005-09-23 21:12 M:2005-09-23 21:12]
[Installation Support]
    {30528230-99F7-4BB4-88D8-FA1D4F56A2AB}  <C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll>  [(Verified)Yahoo! Inc., 2007, 11, 28, 1, C:2007-11-29 05:55 M:2007-11-29 05:55]
[Thunder Agent Class]
    {485463B7-8FB2-4B3B-B29B-8B919B0EACCE}  <C:\Program Files\Thunder\ComDlls\ThunderAgent_Now.dll>  [Thunder Networking Technologies,LTD, 5, 0, 4, 23, C:2008-07-14 23:35 M:2007-12-10 14:17]
[PowerPlayer Control]
    {5EC7C511-CD0F-42E6-830C-1BD9882F3458}  <C:\PROGRA~1\PPStream\110~2.261\POWERP~1.DLL>  [(Verified)PPStream Inc., 2,2,66,6805, C:2007-08-19 11:59 M:2007-08-19 11:59]
[StormPlayer Object]
    {6BE52E1D-E586-474F-A6E2-1A85A9B4D9FB}  <C:\Program Files\StormII\mps.dll>  [(Verified)北京暴风网际科技有限公司, 3, 8, 6, 23, C:2008-01-25 14:35 M:2008-07-02 15:44]
[Thunder Browser Helper]
    {889D2FEB-5411-4565-8998-1DD2C5261283}  <C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 61, C:2008-07-14 23:35 M:2008-01-14 20:11]
[RealPlayer G2 Control]
    {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA}  <C:\Program Files\StormII\Codec\rmoc3260.dll>  [(Verified)RealNetworks, Inc., 6.0.9.2568, C:2006-10-18 23:05 M:2006-10-18 23:05]
[Shockwave Flash Object]
    {D27CDB6E-AE6D-11CF-96B8-444553540000}  <C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx>  [(Verified)Adobe Systems, Inc., 9,0,115,0, C:2007-11-21 08:04 M:2007-11-21 08:04]
[TimwpDll.TimwpCheck]
    {ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4}  <D:\PROGRA~1\Tencent\QQ\Timwp.dll>  [(Verified)TENCENT, 8,0,713,1791, C:2008-04-07 14:07 M:2008-01-25 17:14]
[Yahoo! 导航条]
    {EF99BD32-C1FB-11D2-892F-0090271D4F88}  <C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll>  [(Verified)Yahoo! Inc., 2006, 10, 26, 1, C:2008-07-15 22:57 M:2006-10-26 11:28]
[urlmon Class]
    {FFFFEECE-FF18-8222-2FB0-2935B9EA0723}  <C:\WINDOWS\system32\1031\urlmon.dll>  []

Context Menu
[RisingRavExt]
    {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}  <C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-07-15 16:24 M:2008-07-28 23:44]
[WinRAR]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <C:\Program Files\WinRAR\rarext.dll>  [N/A, C:2008-02-02 02:17 M:2007-09-21 16:56]


========================================
服务

[Contrl Center of Storm Media / ccosm][Running/Auto Start]
    <C:\Program Files\StormII\stormliv.exe /asservice>  [北京暴风网际科技有限公司, 3, 8, 6, 20, C:2008-01-11 11:41 M:2008-05-28 16:40]
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
    <"C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe">  [Macrovision Corporation, 10.50.125, C:2004-10-22 03:24 M:2004-10-22 03:24]
[Autoupdate For Windows / Wuauclt][Stopped/Auto Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\system32\Wuauclt.dll">  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
[XLink LPD / XLink LPD][Stopped/Auto Start]
    <E:\迅雷默认下载点\lpd.exe>  [N/A, C:2008-08-10 13:30 M:2005-02-10 13:30]

[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
    <%SystemRoot%\system32\Ati2evxx.exe>  [(Verified)ATI Technologies Inc., 6.14.10.4163, C:2008-01-13 13:13 M:2007-03-15 09:48]
[Rising Proxy  Service / RfwProxySrv][Running/Auto Start]
    <C:\Program Files\Rising\Rfw\rfwProxy.exe>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.37, C:2008-07-15 16:35 M:2008-07-30 20:09]
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
    <C:\Program Files\Rising\Rfw\rfwsrv.exe>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.77, C:2008-07-15 16:35 M:2007-10-23 16:15]
[Remote Packet Capture Protocol v.0 (experimental) / rpcapd][Stopped/Manual Start]
    <"%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini">  [(Verified)CACE Technologies, 4.0.0.1040, C:2007-11-07 04:22 M:2007-11-07 04:22]
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
    <"C:\Program Files\Rising\Rav\CCenter.exe">  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.33, C:2008-07-15 16:24 M:2008-07-28 23:44]
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
    <"C:\PROGRAM FILES\RISING\RAV\Ravmond.exe">  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.80, C:2008-07-15 16:24 M:2008-07-28 23:44]
[VMware Authorization Service / VMAuthdService][Running/Auto Start]
    <F:\xuniji1\vmware-authd.exe>  [(Verified)VMware, Inc., 5.5.3 build-34685, C:2006-11-13 13:00 M:2006-11-13 13:00]
[VMware DHCP Service / VMnetDHCP][Running/Auto Start]
    <C:\WINDOWS\system32\vmnetdhcp.exe>  [(Verified)VMware, Inc., 5.5.3 build-34685, C:2008-07-16 22:17 M:2006-11-13 13:00]
[VMware Virtual Mount Manager Extended / vmount2][Running/Auto Start]
    <"C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe">  [(Verified)VMware, Inc., 5.5.3 build-34685, C:2006-11-13 12:43 M:2006-11-13 12:43]
[VMware NAT Service / VMware NAT Service][Running/Auto Start]
    <C:\WINDOWS\system32\vmnat.exe>  [(Verified)VMware, Inc., 5.5.3 build-34685, C:2008-07-16 22:17 M:2006-11-13 13:01]


========================================
驱动

[aaatimeo / aaatimeo][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\aaatimeo.sys>  [Microsoft Corporation, 5.00.1877.1, C:2008-03-23 03:35 M:2006-02-26 23:21]
[AFAMgt / AFAMgt][Running/Boot Start]
    <system32\DRIVERS\afamgt.sys>  [Adaptec, Inc., 4.1.0.7427, C:2008-03-23 03:35 M:2006-03-28 22:43]
[ahcix86 / ahcix86][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\ahcix86.sys>  [ATI Technologies Inc.,  2.5.1540.39 built by: WinDDK, C:2008-03-23 03:35 M:2007-03-07 18:47]
[amdbusdr / amdbusdr][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\amdbusdr.sys>  [AMD, 8.2.8, C:2008-03-23 03:35 M:2006-02-26 23:21]
[AMD EIDE 驱动程衼E / amdeide][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\AmdEide.sys>  [AMD, 8.2.8, C:2008-03-23 03:35 M:2006-02-26 23:21]
[AMD K8 Processor Driver / AmdK8][Stopped/Manual Start]
    <System32\DRIVERS\amdk8.sys>  [Advanced Micro Devices, 1.3.2 (dnsrv(wmbla).060701-2226), C:2005-08-12 09:09 M:2006-07-01 22:43]
[SiI-3112 SATALink  Controller / ASH1205][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\ASH1205.sys>  [Silicon Image, Inc., 1, 0, 0, 41, C:2008-03-23 03:35 M:2006-02-26 23:21]
[ata1200a / ata1200a][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\ata1200a.sys>  [Adaptec, Inc., v1.3, C:2008-03-23 03:35 M:2006-02-26 23:21]
[atiide / atiide][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\atiide.sys>  [ATI Technologies Inc., 1.00.0000.3 built by: WinDDK, C:2008-03-23 03:35 M:2006-02-26 23:21]
[Promise driver accelerator / bb-run][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\bb-run.sys>  [Promise Technology, Inc.,  1.0.1.2 built by: WinDDK, C:2008-03-23 03:35 M:2003-11-05 15:45]
[DELL CERC SATA 1.5/6ch RAID Miniport Driver / cercsr6][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\cercsr6.sys>  [Adaptec, Inc., 4.1.0.7010, C:2008-03-23 03:35 M:2006-03-28 22:43]
[Cpq32fs2 / Cpq32fs2][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\Cpq32fs2.sys>  [Hewlett-Packard Company, 5.24.00.0, C:2008-03-23 03:35 M:2002-11-18 23:47]
[Promise Removable Disk Control Driver / dontgo][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\DontGo.sys>  [Promise Technology, Inc.,  1.0.0.3 built by: WinDDK, C:2008-03-23 03:35 M:2006-02-26 23:21]
[fttxr52P / fttxr52P][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\fttxr52P.sys>  [Promise Technology, Inc.,  2.6.0.311 built by: WinDDK, C:2008-03-23 03:35 M:2005-11-09 01:07]
[HpCISSm2 / HpCISSm2][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\HpCISSm2.sys>  [Hewlett-Packard Company, 5.8.0.32 Build 1 (x86), C:2006-05-28 14:57 M:2006-06-16 18:17]
[hptmv6 / hptmv6][Stopped/Boot Start]
    <system32\DRIVERS\hptmv6.sys>  [HighPoint Technologies, Inc., v1.04, C:2008-03-23 03:35 M:2006-02-26 23:21]
[Intel  RAID Controller / iaStor55][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\iaStor55.sys>  [Intel Corporation, 5.5.0.1035, C:2008-03-23 03:35 M:2005-10-12 18:07]
[mv61xx / mv61xx][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\mv61xx.sys>  [Marvell Semiconductor, Inc.,  1.2.0.24  built by: WinDDK, C:2008-03-23 03:35 M:2007-02-09 20:24]
[mvSata / mvSata][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\mvsata.sys>  [Marvell Semiconductors Inc., 3, 4, 1, 2, C:2008-03-23 03:35 M:2004-09-24 06:34]
[nvgts / nvgts][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\nvgts.sys>  [NVIDIA Corporation, 10.1.0.20 built by: WinDDK, C:2008-03-23 03:35 M:2007-09-11 23:18]
[NVIDIA nForce RAID Driver / nvrd32][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\nvrd32.sys>  [NVIDIA Corporation, 10.1.0.20 built by: WinDDK, C:2008-03-23 03:35 M:2007-09-11 15:18]
[ql2100 / ql2100][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\ql2100.sys>  [QLogic Corporation, 7.05.05 (W2K), C:2006-08-31 00:17 M:2006-02-26 23:21]
[ql2200 / ql2200][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\ql2200.sys>  [QLogic Corporation, 8.1.5.12 (W2K IP), C:2006-08-31 00:17 M:2006-02-26 23:21]
[rr172x / rr172x][Stopped/Boot Start]
    <system32\DRIVERS\rr172x.sys>  [HighPoint Technologies, Inc., v1.0, C:2008-03-23 03:35 M:2007-06-12 18:06]
[rr174x / rr174x][Stopped/Boot Start]
    <system32\DRIVERS\rr174x.sys>  [HighPoint Technologies, Inc., v1.02, C:2008-03-23 03:35 M:2007-02-01 21:14]
[rr2340 / rr2340][Stopped/Boot Start]
    <system32\DRIVERS\rr2340.sys>  [HighPoint Technologies, Inc., v1.4, C:2008-03-23 03:35 M:2007-07-02 23:14]
[SATALink External Device Filter / SiRemFil][Running/Boot Start]
    <system32\DRIVERS\SiRemFil.sys>  [Silicon Image, Inc., 1, 1, 6, 0, C:2008-03-23 03:35 M:2006-10-18 20:20]
[sisraidx / sisraidx][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\sisraidx.sys>  [Silicon Integrated Systems Corp., 2.11.01 built by: WinDDK, C:2008-03-23 03:35 M:2007-01-12 21:36]
[smserial / smserial][Running/Manual Start]
    <system32\DRIVERS\smserial.sys>  [Motorola Inc., SM56 Rel. 6.11 Build 12 Preview 02, C:2008-01-13 13:12 M:2006-11-02 15:41]
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
    <system32\DRIVERS\tcpip.sys>  [Microsoft Corporation, 5.1.2600.3244 (xpsp_sp2_gdr.071030-1259), C:2004-08-17 12:00 M:2007-10-31 01:20]
[ViBus / ViBus][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\ViBus.sys>  [VIA Technologies, Inc., 6.0.6000.212, C:2008-03-23 03:35 M:2007-03-26 21:26]
[videX32 / videX32][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\videX32.sys>  [VIA Technologies, Inc., 6.0.3790.160, C:2008-03-23 03:35 M:2006-10-18 03:22]
[VIA SATA IDE Device Driver / ViPrt][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\ViPrt.sys>  [VIA Technologies, Inc., 6.0.6000.212, C:2008-03-23 03:35 M:2007-03-26 21:26]
[VIA SATA IDE Hot-plug Driver / xfilt][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\xfilt.sys>  [VIA Technologies,Inc, 6.0.5728.160, C:2008-03-23 03:35 M:2006-10-19 00:39]
[Xlnfs / Xlnfs][Running/Auto Start]
    <\SystemRoot\System32\Drivers\xlnfsXP.sys>  [N/A, C:2008-08-10 13:30 M:2006-09-26 17:41]

[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
    <system32\drivers\ac97intc.sys>  [(Verified)Intel Corporation, 5.10.3523 built by: WinDDK, C:2006-11-07 01:20 M:2001-08-17 12:20]
[Lenovo Virtual Power Controller Driver / ACPIVPC][Running/Manual Start]
    <system32\DRIVERS\AcpiVpc.sys>  [(Verified)Lenovo Corporation, 5.1.2601.0, C:2008-01-13 13:12 M:2005-10-11 12:02]
[AliIde / AliIde][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\aliide.sys>  [(Verified)Acer Laboratories Inc., 1.20, C:2005-06-29 18:14 M:2005-06-16 08:58]
[AMD AGP Bus Filter Driver / amdagp][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\amdagp.sys>  [(Verified)Advanced Micro Devices, Inc., 5.00 (xpsp_sp2_rtm.040803-2158), C:2008-03-23 03:35 M:2004-08-03 23:07]
[ati2mtag / ati2mtag][Running/Manual Start]
    <system32\DRIVERS\ati2mtag.sys>  [(Verified)ATI Technologies Inc., 6.14.10.6683, C:2008-01-13 13:13 M:2007-03-15 09:57]
[AuthenTec TruePrint USB Driver (AES2500) / ATSWPDRV][Running/Manual Start]
    <system32\DRIVERS\ATSwpDrv.sys>  [(Verified)AuthenTec, Inc., 6.0705.8.0, C:2006-03-30 15:39 M:2006-03-30 15:39]
[Broadcom NetXtreme Gigabit Ethernet / b57w2k][Running/Manual Start]
    <system32\DRIVERS\b57xp32.sys>  [(Verified)Broadcom Corporation, 9.25.0.0 built by: WinDDK, C:2008-01-13 13:12 M:2006-03-09 17:20]
[CmdIde / CmdIde][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\cmdide.sys>  [(Verified)CMD Technology, Inc., 2.0.7 (XPClient.010817-1148), C:2004-04-12 20:37 M:2001-08-31 15:29]
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
    <system32\DRIVERS\fetnd5.sys>  [(Verified)VIA Technologies, Inc.              , 2.66, C:2006-11-07 01:20 M:2001-08-17 12:13]
[VMware hcmon / hcmon][Running/Auto Start]
    <\??\C:\WINDOWS\system32\Drivers\hcmon.sys>  [(Verified)VMware, Inc., 5.5.3, C:2006-11-13 13:01 M:2006-11-13 13:01]
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start]
    <system32\DRIVERS\HDAudBus.sys>  [(Verified)Windows (R) Server 2003 DDK provider, 5.10.01.5013 built by: WinDDK, C:2005-01-07 17:07 M:2005-01-07 17:07]
[HookCont / HookCont][Running/System Start]
    <\SystemRoot\system32\drivers\HookCont.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 7, C:2008-07-15 16:24 M:2008-07-28 23:44]
[HookNtos / HookNtos][Running/System Start]
    <\SystemRoot\system32\drivers\HookNtos.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 52, C:2008-07-15 16:24 M:2007-10-23 15:28]
[HookReg / HookReg][Running/System Start]
    <\SystemRoot\system32\drivers\HookReg.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 29, C:2008-07-15 16:24 M:2007-11-04 19:39]
[HookSys / HookSys][Running/System Start]
    <\SystemRoot\system32\drivers\HookSys.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 55, C:2008-07-15 16:24 M:2007-08-27 17:05]
[HookUrl / HookUrl][Running/Auto Start]
    <\??\C:\Program Files\Rising\Rfw\HookUrl.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.13, C:2008-07-15 16:35 M:2007-10-23 16:15]
[Intel RAID  Controller / iaStor70][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\iaStor70.sys>  [(Verified)Intel Corporation, 7.0.0.1020, C:2008-03-23 03:35 M:2007-02-12 19:36]
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
    <system32\drivers\RtkHDAud.sys>  [(Verified)Realtek Semiconductor Corp., 5.10.0.5490 built by: WinDDK, C:2008-01-13 13:12 M:2007-10-02 16:32]
[NPF / NPF][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\drivers\2.tmp>  [(Verified)CACE Technologies, 4.0.0.1040, C:2008-12-05 15:40 M:2008-12-05 15:40]
[nv / nv][Stopped/Manual Start]
    <system32\DRIVERS\nv4_mini.sys>  [(Verified)NVIDIA Corporation, 6.14.10.5673, C:2006-11-07 01:20 M:2004-08-03 22:29]
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
    <system32\DRIVERS\ptilink.sys>  [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:2004-08-17 12:00 M:2004-08-17 12:00]
[Rising  Rfwbase Driver / RfwBase][Running/Auto Start]
    <System32\DRIVERS\rfwbase.SYS>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.10, C:2008-07-15 16:35 M:2008-07-30 20:09]
[RsFwDrv / RsFwDrv][Running/System Start]
    <\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.35, C:2008-07-15 16:35 M:2007-10-23 16:15]
[RsNTGDI / RsNTGDI][Running/Boot Start]
    <system32\Drivers\RsNTGdi.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 3, C:2008-07-15 16:24 M:2008-07-28 23:44]
[Secdrv / Secdrv][Stopped/Manual Start]
    <system32\DRIVERS\secdrv.sys>  [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:2004-08-17 12:00 M:2007-11-13 18:25]
[SIS AGP Bus Filter / sisagp][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\sisagp.sys>  [(Verified)Silicon Integrated Systems Corporation, 5.12.01.2010 (xpsp_sp2_rtm.040803-2158), C:2008-03-23 03:35 M:2004-08-03 23:07]
[tifm21 / tifm21][Running/Manual Start]
    <system32\drivers\tifm21.sys>  [(Verified)Texas Instruments, 2.0.0.6, C:2008-01-13 13:12 M:2006-07-06 13:44]
[VMware Virtual Ethernet Adapter Driver / VMnetAdapter][Stopped/Manual Start]
    <system32\DRIVERS\vmnetadapter.sys>  [(Verified)VMware, Inc., 4.0.0.0, C:2006-11-13 13:01 M:2006-11-13 13:01]
[VMware Bridge Protocol / VMnetBridge][Running/Auto Start]
    <system32\DRIVERS\vmnetbridge.sys>  [(Verified)VMware, Inc., 4.0.0.0, C:2006-11-13 13:01 M:2006-11-13 13:01]
[VMware Network Application Interface / VMnetuserif][Running/Auto Start]
    <\??\C:\WINDOWS\system32\drivers\vmnetuserif.sys>  [(Verified)VMware, Inc., 4.0.0.0, C:2008-07-16 22:17 M:2006-11-13 13:01]
[VMware vmx86 / vmx86][Running/Auto Start]
    <\??\C:\WINDOWS\system32\Drivers\vmx86.sys>  [(Verified)VMware, Inc., 5.5.3, C:2006-11-13 13:01 M:2006-11-13 13:01]
[Vstor2 Virtual Storage Driver / vstor2][Running/Auto Start]
    <\??\C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys>  [(Verified)VMware, Inc., 5.5.3 build-34685, C:2006-11-13 12:43 M:2006-11-13 12:43]
[Intel(R) PRO/Wireless 3945ABG Adapter Driver / w39n51][Running/Manual Start]
    <system32\DRIVERS\w39n51.sys>  [(Verified)Intel? Corporation, 10, 1, 1, 3, C:2008-01-13 13:12 M:2006-04-04 03:17]


========================================
进程

[PID: 944 / SYSTEM]   \SystemRoot\System32\smss.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]

[PID: 1020 / SYSTEM]   \??\C:\WINDOWS\system32\csrss.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-15 16:35 M:2008-07-25 13:05]

[PID: 1052 / SYSTEM]   \??\C:\WINDOWS\system32\winlogon.exe   [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2006-09-24 16:42]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\WINDOWS\system32\Ati2evxx.dll  [(Verified)ATI Technologies Inc., 6.14.10.4162, C:2008-01-13 13:13 M:2007-03-15 09:49]
    C:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\WINDOWS\system32\xnp.dll  [N/A, C:2008-08-10 13:30 M:2006-03-27 18:15]
    C:\WINDOWS\system32\OmniSDK.dll  [XLink Technology, Inc., 1, 0, 0, 1, C:2008-08-10 13:30 M:2003-07-17 19:36]

[PID: 1096 / SYSTEM]   C:\WINDOWS\system32\services.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-15 16:35 M:2008-07-25 13:05]

[PID: 1108 / SYSTEM]   C:\WINDOWS\system32\lsass.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-15 16:35 M:2008-07-25 13:05]

[PID: 1276 / SYSTEM]   C:\WINDOWS\system32\Ati2evxx.exe   [(Verified)ATI Technologies Inc., 6.14.10.4163, C:2008-01-13 13:13 M:2007-03-15 09:48]
    C:\WINDOWS\system32\Ati2edxx.dll  [(Verified)ATI Technologies, Inc., 6, 14, 10, 2511, C:2008-01-13 13:13 M:2007-03-15 09:50]
    C:\WINDOWS\system32\atipdlxx.dll  [(Verified)ATI Technologies, Inc., 6, 14, 10, 2516, C:2008-01-13 13:13 M:2007-03-15 09:50]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-15 16:35 M:2008-07-25 13:05]

[PID: 1312 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-15 16:35 M:2008-07-25 13:05]

[PID: 1396 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-15 16:35 M:2008-07-25 13:05]

[PID: 1516 / SYSTEM]   C:\Program Files\Rising\Rav\CCenter.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.33, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]

[PID: 1532 / SYSTEM]   C:\WINDOWS\System32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\System32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-15 16:35 M:2008-07-25 13:05]

[PID: 1956 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-15 16:35 M:2008-07-25 13:05]

[PID: 2028 / LOCAL SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-15 16:35 M:2008-07-25 13:05]

[PID: 168 / SYSTEM]   C:\PROGRAM FILES\RISING\RAV\ravmond.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.80, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\PROGRAM FILES\RISING\RAV\BWList.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.5, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2008-07-15 16:24 M:2008-07-15 16:20]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:1980-01-01 00:00 M:2005-07-27 22:56]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:1980-01-01 00:00 M:2005-07-27 22:56]
    C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\PROGRAM FILES\RISING\RAV\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\PROGRAM FILES\RISING\RAV\RsLog.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.36, C:2008-07-15 16:24 M:2008-07-26 20:14]
    C:\PROGRAM FILES\RISING\RAV\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\PROGRAM FILES\RISING\RAV\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\PROGRAM FILES\RISING\RAV\MonRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.29, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\PROGRAM FILES\RISING\RAV\Hooksys.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 12, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\PROGRAM FILES\RISING\RAV\HookReg.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\PROGRAM FILES\RISING\RAV\HookNtos.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\PROGRAM FILES\RISING\RAV\rswalmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 24, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\PROGRAM FILES\RISING\RAV\recomp.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 41, C:2008-07-15 16:24 M:2007-08-20 20:28]
    C:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\PROGRAM FILES\RISING\RAV\refs.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\PROGRAM FILES\RISING\RAV\ffr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-07-15 16:24 M:2007-10-23 16:52]
    C:\Program Files\Rising\Rav\RsStore.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.9, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\PROGRAM FILES\RISING\RAV\HookCont.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\Program Files\Rising\Rav\fakescan.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.14, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\Program Files\Rising\Rav\Scanner.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.39, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\PROGRAM FILES\RISING\RAV\viruslib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\PROGRAM FILES\RISING\RAV\relibldr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\PROGRAM FILES\RISING\RAV\HookWeb.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.3, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\PROGRAM FILES\RISING\RAV\extfile.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 32, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\PROGRAM FILES\RISING\RAV\pearc.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 8, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\PROGRAM FILES\RISING\RAV\nvfile.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\PROGRAM FILES\RISING\RAV\scanexec.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 22, C:2008-07-15 16:24 M:2007-08-27 17:05]
    C:\PROGRAM FILES\RISING\RAV\unexe.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 6, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\PROGRAM FILES\RISING\RAV\scanex.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 1, 0, C:2008-07-15 16:24 M:2008-12-02 22:09]
    C:\PROGRAM FILES\RISING\RAV\scanpack.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\PROGRAM FILES\RISING\RAV\revm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\PROGRAM FILES\RISING\RAV\urutils.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7, C:2008-07-15 16:30 M:2008-07-28 23:44]
    C:\PROGRAM FILES\RISING\RAV\scriptci.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 4, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\PROGRAM FILES\RISING\RAV\uroutine.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\PROGRAM FILES\RISING\RAV\posttrt.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 25, C:2008-07-15 16:24 M:2007-10-23 16:52]
    C:\PROGRAM FILES\RISING\RAV\ur000.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 22, C:2008-07-15 16:30 M:2007-10-23 15:28]
    C:\PROGRAM FILES\RISING\RAV\ur023.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 3, C:2008-07-15 16:30 M:2008-07-28 23:44]
    C:\PROGRAM FILES\RISING\RAV\ur001.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-07-15 16:30 M:2007-10-23 15:28]
    C:\PROGRAM FILES\RISING\RAV\extole.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 13, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\PROGRAM FILES\RISING\RAV\scansct.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11, C:2008-07-15 16:24 M:2007-09-03 18:15]
    C:\PROGRAM FILES\RISING\RAV\extmail.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10, C:2008-07-15 16:24 M:2008-07-28 23:44]

[PID: 148 / SYSTEM]   C:\Program Files\Rising\Rfw\rfwsrv.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.77, C:2008-07-15 16:35 M:2007-10-23 16:15]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2008-07-15 16:24 M:2008-07-15 16:20]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:1980-01-01 00:00 M:2005-07-27 22:56]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:1980-01-01 00:00 M:2005-07-27 22:56]
    C:\Program Files\Rising\Rfw\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-15 16:35 M:2008-07-30 20:09]
    C:\Program Files\Rising\Rfw\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-15 16:35 M:2008-07-30 20:09]
    C:\Program Files\Rising\Rfw\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-07-15 16:35 M:2008-07-30 20:09]
    C:\Program Files\Rising\Rfw\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-07-15 16:35 M:2008-07-30 20:09]
    C:\Program Files\Rising\Rfw\RfwRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.17, C:2008-07-15 16:35 M:2008-07-30 20:09]
    C:\Program Files\Rising\Rfw\rfwlog.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.16, C:2008-07-15 16:35 M:2008-07-30 20:09]
    C:\Program Files\Rising\Rfw\Rfwdrv.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.50, C:2008-07-15 16:35 M:2007-10-30 22:55]
    C:\Program Files\Rising\Rfw\ijt_ctrl.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.0, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\Program Files\Rising\Rfw\unvdet.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.8, C:2008-07-15 16:35 M:2008-07-30 20:09]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\Program Files\Rising\Rfw\mPorts.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.6, C:2008-07-15 16:35 M:2008-07-30 20:09]

[PID: 200 / SYSTEM]   C:\Program Files\Rising\Rfw\rfwProxy.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.37, C:2008-07-15 16:35 M:2008-07-30 20:09]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2008-07-15 16:24 M:2008-07-15 16:20]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:1980-01-01 00:00 M:2005-07-27 22:56]
    C:\Program Files\Rising\Rfw\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-15 16:35 M:2008-07-30 20:09]
    C:\Program Files\Rising\Rfw\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-15 16:35 M:2008-07-30 20:09]
    C:\Program Files\Rising\Rfw\RfwRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.17, C:2008-07-15 16:35 M:2008-07-30 20:09]
    C:\Program Files\Rising\Rfw\urlrule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1.0.0.15, C:2008-07-15 16:37 M:2008-07-30 20:09]
    C:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\Program Files\Rising\Rfw\MonMid.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.6, C:2008-07-15 16:35 M:2008-07-30 20:09]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]

[PID: 328 / SYSTEM]   C:\WINDOWS\system32\Ati2evxx.exe   [(Verified)ATI Technologies Inc., 6.14.10.4163, C:2008-01-13 13:13 M:2007-03-15 09:48]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\WINDOWS\system32\Ati2edxx.dll  [(Verified)ATI Technologies, Inc., 6, 14, 10, 2511, C:2008-01-13 13:13 M:2007-03-15 09:50]
    C:\WINDOWS\system32\atipdlxx.dll  [(Verified)ATI Technologies, Inc., 6, 14, 10, 2516, C:2008-01-13 13:13 M:2007-03-15 09:50]
    C:\WINDOWS\system32\ati2evxx.dll  [(Verified)ATI Technologies Inc., 6.14.10.4162, C:2008-01-13 13:13 M:2007-03-15 09:49]
    C:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-15 16:35 M:2008-07-25 13:05]

[PID: 752 / SYSTEM]   C:\Program Files\Rising\Rfw\rfwstub.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.12, C:2008-07-15 16:35 M:2008-07-30 20:09]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:1980-01-01 00:00 M:2005-07-27 22:56]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:1980-01-01 00:00 M:2005-07-27 22:56]
    C:\Program Files\Rising\Rfw\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-07-15 16:35 M:2008-07-30 20:09]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-15 16:35 M:2008-07-25 13:05]

[PID: 1560 / SYSTEM]   C:\PROGRAM FILES\RISING\RAV\RavStub.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.10, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\PROGRAM FILES\RISING\RAV\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\PROGRAM FILES\RISING\RAV\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-15 16:35 M:2008-07-25 13:05]

[PID: 1624 / 123]   C:\WINDOWS\Explorer.EXE   [(Verified)Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234), C:2004-08-17 12:00 M:2007-06-13 21:21]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\WINDOWS\system32\RavExt.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll  [Adobe Systems, Inc., 7.0.0.0, C:2004-12-14 03:20 M:2004-12-14 03:20]
    C:\WINDOWS\system32\xnp.dll  [N/A, C:2008-08-10 13:30 M:2006-03-27 18:15]
    C:\WINDOWS\system32\OmniSDK.dll  [XLink Technology, Inc., 1, 0, 0, 1, C:2008-08-10 13:30 M:2003-07-17 19:36]
    C:\WINDOWS\system32\browselc.dll  [Microsoft Corporation, 6.00.2600.0000, C:1980-01-01 00:00 M:2001-09-29 14:39]
    C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll  [(Verified)Thunder Networking Technologies,LTD, 1.0.5.16, C:2008-07-14 23:35 M:2007-12-10 14:17]
    C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll  [(Verified)Adobe Systems Incorporated, 7.0.5.2005092300, C:2005-09-23 21:12 M:2005-09-23 21:12]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:1980-01-01 00:00 M:2005-07-27 22:56]
    C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 61, C:2008-07-14 23:35 M:2008-01-14 20:11]
    D:\Program Files\Tencent\QQ\qdshm.dll  [(Verified)Copyright 2004, 1, 0, 101, 20, C:2008-04-07 13:55 M:2008-01-25 16:32]
    C:\Program Files\WinRAR\rarext.dll  [N/A, C:2008-02-02 02:17 M:2007-09-21 16:56]
    C:\Program Files\Rising\Rav\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\WINDOWS\system32\SOGOUPY.IME  [(Verified)Sogou.com Inc., 3.6.0.1653, C:2008-09-17 10:07 M:2008-09-17 10:07]

[PID: 1796 / 123]   C:\Program Files\Rising\Rfw\RfwMain.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.1.70, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2008-07-15 16:24 M:2008-07-15 16:20]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:1980-01-01 00:00 M:2005-07-27 22:56]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:1980-01-01 00:00 M:2005-07-27 22:56]
    C:\Program Files\Rising\Rfw\RsGuiLib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90, C:2008-07-15 16:35 M:2008-07-30 20:09]
    C:\Program Files\Rising\Rfw\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-15 16:35 M:2008-07-30 20:09]
    C:\Program Files\Rising\Rfw\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-15 16:35 M:2008-07-30 20:09]
    C:\Program Files\Rising\Rfw\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-07-15 16:35 M:2008-07-30 20:09]
    C:\Program Files\Rising\Rfw\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-07-15 16:35 M:2008-07-30 20:09]
    C:\Program Files\Rising\Rfw\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-07-15 16:35 M:2008-07-30 20:09]
    C:\Program Files\Rising\Rfw\RfwCtrl.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-15 16:35 M:2008-07-30 20:09]
    C:\Program Files\Rising\Rfw\RsXML.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-07-15 16:35 M:2008-07-30 20:09]
    C:\Program Files\Rising\Rfw\PngDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-07-15 16:35 M:2008-07-30 20:09]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\Program Files\Rising\Rfw\RfwRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.17, C:2008-07-15 16:35 M:2008-07-30 20:09]

[PID: 1860 / SYSTEM]   C:\WINDOWS\system32\spoolsv.exe   [(Verified)Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519), C:2004-08-17 12:00 M:2005-06-11 07:53]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\WINDOWS\system32\xpp.dll  [XLink Technology, Inc., 1, 0, 0, 1, C:2008-08-10 13:30 M:1999-02-02 11:10]
    C:\WINDOWS\system32\OmniSDK.dll  [XLink Technology, Inc., 1, 0, 0, 1, C:2008-08-10 13:30 M:2003-07-17 19:36]

[PID: 1436 / SYSTEM]   C:\Program Files\StormII\stormliv.exe   [北京暴风网际科技有限公司, 3, 8, 6, 20, C:2008-01-11 11:41 M:2008-05-28 16:40]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]

[PID: 1644 / LOCAL SERVICE]   C:\WINDOWS\system32\wdfmgr.exe   [(Verified)Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act), C:2005-01-28 13:44 M:2005-01-28 13:44]

[PID: 1868 / SYSTEM]   F:\xuniji1\vmware-authd.exe   [(Verified)VMware, Inc., 5.5.3 build-34685, C:2006-11-13 13:00 M:2006-11-13 13:00]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:1980-01-01 00:00 M:2005-07-27 22:56]
    C:\WINDOWS\system32\xnp.dll  [N/A, C:2008-08-10 13:30 M:2006-03-27 18:15]
    C:\WINDOWS\system32\OmniSDK.dll  [XLink Technology, Inc., 1, 0, 0, 1, C:2008-08-10 13:30 M:2003-07-17 19:36]

[PID: 2168 / SYSTEM]   C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe   [(Verified)VMware, Inc., 5.5.3 build-34685, C:2006-11-13 12:43 M:2006-11-13 12:43]
    C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2006-11-13 12:43 M:2006-11-13 12:43]
    C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmxScsiLib.dll  [(Verified)VMware, Inc., 5.5.3 build-34685, C:2006-11-13 12:43 M:2006-11-13 12:43]
    C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2006-11-13 12:43 M:2006-11-13 12:43]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]

[PID: 2456 / SYSTEM]   C:\WINDOWS\system32\vmnat.exe   [(Verified)VMware, Inc., 5.5.3 build-34685, C:2008-07-16 22:17 M:2006-11-13 13:01]

[PID: 2624 / SYSTEM]   C:\WINDOWS\system32\vmnetdhcp.exe   [(Verified)VMware, Inc., 5.5.3 build-34685, C:2008-07-16 22:17 M:2006-11-13 13:00]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:1980-01-01 00:00 M:2005-07-27 22:56]

[PID: 2892 / LOCAL SERVICE]   C:\WINDOWS\System32\alg.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\System32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]

[PID: 3920 / 123]   C:\WINDOWS\RTHDCPL.EXE   [(Verified)Realtek Semiconductor Corp., 2.1.6.2, C:2008-01-13 13:12 M:2007-09-27 14:20]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]

[PID: 3936 / 123]   C:\Program Files\Rising\Rav\RavTask.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.24, C:2008-07-15 16:24 M:2008-07-26 20:12]
    C:\Program Files\Rising\Rav\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\Program Files\Rising\Rav\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\Program Files\Rising\Rav\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\Program Files\Rising\Rav\RSAPPMGR.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\Program Files\Rising\Rav\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]

[PID: 4016 / 123]   C:\WINDOWS\system32\ctfmon.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-15 16:35 M:2008-07-25 13:05]

[PID: 4024 / 123]   C:\Program Files\Rising\Rav\Ravmon.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.01.27, C:2008-07-15 16:24 M:2007-08-27 17:05]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2008-07-15 16:24 M:2008-07-15 16:20]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:1980-01-01 00:00 M:2005-07-27 22:56]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:1980-01-01 00:00 M:2005-07-27 22:56]
    C:\Program Files\Rising\Rav\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\Program Files\Rising\Rav\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\Program Files\Rising\Rav\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\Program Files\Rising\Rav\recomp.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 41, C:2008-07-15 16:24 M:2007-08-20 20:28]
    C:\Program Files\Rising\Rav\refs.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\Program Files\Rising\Rav\viruslib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\Program Files\Rising\Rav\relibldr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\Program Files\Rising\Rav\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\Program Files\Rising\Rav\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\Program Files\Rising\Rav\MonRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.29, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\Program Files\Rising\Rav\PngDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-07-15 16:24 M:2008-07-26 20:13]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\Program Files\Rising\Rav\Rsguilib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90, C:2008-07-15 16:24 M:2008-07-26 20:13]
    C:\Program Files\Rising\Rav\RsXML.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-07-15 16:24 M:2008-07-28 23:44]

[PID: 4040 / 123]   C:\Program Files\PPStream\ppsap.exe   [(Verified)PPStream Inc, 1, 0, 11, 139, C:2008-07-14 23:35 M:2008-08-07 15:31]
    C:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\Program Files\PPStream\1.0.11.139\vodnet.dll  [PPStream Inc., 1, 0, 11, 139, C:2008-08-06 11:23 M:2008-08-06 11:23]
    C:\Program Files\PPStream\1.0.11.139\vodres.dll  [PPStream Inc., 1, 0, 11, 139, C:2008-08-06 11:23 M:2008-08-06 11:23]
    C:\Program Files\PPStream\1.0.11.139\ppssg.dll  [PPStream Inc., 1, 0, 11, 139, C:2008-08-06 11:23 M:2008-08-06 11:23]
    C:\Program Files\PPStream\1.1.0.2618\fds.dll  [PPStream Inc., 1, 0, 0, 82, C:2007-08-19 11:57 M:2007-08-19 11:57]

[PID: 3064 / 123]   C:\Program Files\Internet Explorer\iexplore.exe   [(Verified)Microsoft Corporation, 7.00.5730.13 (longhorn(wmbla).070711-1130), C:2006-11-07 01:31 M:2007-08-13 18:43]
    C:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll  [(Verified)Yahoo! Inc., 2006, 10, 26, 1, C:2008-07-15 22:57 M:2006-10-26 11:28]
    C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll  [(Verified)Thunder Networking Technologies,LTD, 1.0.5.16, C:2008-07-14 23:35 M:2007-12-10 14:17]
    C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll  [(Verified)Adobe Systems Incorporated, 7.0.5.2005092300, C:2005-09-23 21:12 M:2005-09-23 21:12]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:1980-01-01 00:00 M:2005-07-27 22:56]
    C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 61, C:2008-07-14 23:35 M:2008-01-14 20:11]
    C:\Program Files\Yahoo!\Companion\Installs\cpn\pubmod.dll  [(Verified)Yahoo! Inc., 2005, 12, 16, 1, C:2008-07-15 22:57 M:2006-11-01 12:40]
    C:\Program Files\Yahoo!\Companion\Installs\cpn\ypubc.dll  [(Verified)Yahoo! Inc., 2006.1.25.01, C:2008-07-15 22:57 M:2006-11-01 12:40]
    C:\Program Files\Yahoo!\Companion\Installs\cpn\YMERemote.dll  [(Verified)Yahoo! Inc., 2006, 7, 27, 1, C:2008-07-15 22:57 M:2006-10-25 17:07]
    C:\Program Files\Rising\Rav\RavScrCh.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-07-15 16:24 M:2008-07-28 23:44]
    C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx  [(Verified)Adobe Systems, Inc., 9,0,115,0, C:2007-11-21 08:04 M:2007-11-21 08:04]
    C:\WINDOWS\system32\SOGOUPY.IME  [(Verified)Sogou.com Inc., 3.6.0.1653, C:2008-09-17 10:07 M:2008-09-17 10:07]

[PID: 2652 / 123]   F:\红头发BIJI\sreng2\SREngLdr.EXE   []
    C:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-15 16:35 M:2008-07-25 13:05]

[PID: 2288 / 123]   F:\红头发BIJI\sreng2\SRE9b4eb966.EXE   [Smallfrogs Studio, 2.7.0.1210, C:2008-12-06 09:18 M:2008-12-06 09:18]
    C:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    F:\红头发BIJI\sreng2\Upload\3rdUpd.DLL  [Smallfrogs Studio, 2, 1, 0, 15, C:2008-12-06 09:05 M:2007-06-24 18:46]

[PID: 3836 / 123]   F:\红头发BIJI\sreng2\小狮子.EXE   [Smallfrogs Studio, 2.7.0.1210, C:2008-12-06 09:05 M:2008-10-19 15:54]
    C:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-15 16:35 M:2008-07-25 13:05]

[PID: 3904 / 123]   C:\DOCUME~1\123\LOCALS~1\Temp\SRE4.EXE   [Smallfrogs Studio, 2.7.0.1210, C:2008-12-06 09:19 M:2008-12-06 09:19]
    C:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\WINDOWS\system32\xnp.dll  [N/A, C:2008-08-10 13:30 M:2006-03-27 18:15]
    C:\WINDOWS\system32\OmniSDK.dll  [XLink Technology, Inc., 1, 0, 0, 1, C:2008-08-10 13:30 M:2003-07-17 19:36]

[PID: 2340 / 123]   C:\WINDOWS\system32\NOTEPAD.EXE   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-15 16:35 M:2008-07-25 13:05]
    C:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-15 16:35 M:2008-07-25 13:05]

[PID: 1756 / 123]   C:\Program Files\arswp\ArSwp.exe   [(Verified)ArSwp.com, 2, 8, 2, 1115, C:2008-12-06 09:05 M:2008-11-15 11:58]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\Program Files\arswp\plugin\ArFix.dll  [(Verified)ArSwp.Com, 2, 5, 0, 0, C:2008-12-06 09:05 M:2007-11-28 15:19]


========================================
文件关联



========================================
AutoRun.INF



========================================
Winsock提供者



========================================
HOSTS

    127.0.0.1 www.360.cn
    127.0.0.1 www.360safe.cn
    127.0.0.1 www.360safe.com
    127.0.0.1 www.chinakv.com
    127.0.0.1 www.rising.com.cn
    127.0.0.1 rising.com.cn
    127.0.0.1 dl.jiangmin.com
    127.0.0.1 jiangmin.com
    127.0.0.1 www.jiangmin.com
    127.0.0.1 www.duba.net
    127.0.0.1 www.eset.com.cn
    127.0.0.1 www.nod32.com
    127.0.0.1 shadu.duba.net
    127.0.0.1 union.kingsoft.com
    127.0.0.1 www.kaspersky.com.cn
    127.0.0.1 kaspersky.com.cn
    127.0.0.1 virustotal.com
    127.0.0.1 www.kaspersky.com
    127.0.0.1 www.cnnod32.cn
    127.0.0.1 www.lanniao.org
    127.0.0.1 www.nod32club.com
    127.0.0.1 www.dswlab.com
    127.0.0.1 bbs.sucop.com
    127.0.0.1 www.virustotal.com
    127.0.0.1 tool.ikaka.com
    127.0.0.1 360.qihoo.com


[/CODE]