[CODE]

2008-12-14,00:20:59

SysLog Scanner 1.0 - build 20080726
Arswp (http://www.arswp.com)

Windows XP Professional Service Pack 2 (build 2600) - Administrators



========================================
注册项

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <RavTask><"D:\Program Files\Rising\Rav\RavTask.exe" -system>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.24, C:2008-03-10 19:57 M:2008-08-09 21:02]
    <NvCplDaemon><RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00|(Verified)NVIDIA Corporation, 6.14.10.8391, C:2006-02-13 22:05 M:2006-02-13 22:05]
    <runeip><; "D:\Program Files\Rising\AntiSpyware\rstray.exe" /startup>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.16, C:2008-08-07 20:40 M:2008-09-12 10:12]
    <RfwMain><; "D:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.1.70, C:2008-12-08 11:36 M:2008-12-08 11:32]
    <NeroFilterCheck><D:\WINDOWS\system32\NeroCheck.exe>  [Ahead Software Gmbh, 1, 0, 0, 2, C:2008-12-13 17:20 M:2001-07-09 10:50]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><D:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-03-10 19:57 M:2008-08-09 21:02]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&使用BitComet下载]
    <><res://D:\Program Files\BitComet\BitComet.exe/AddLink.htm>  []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&使用BitComet下载全部链接]
    <><res://D:\Program Files\BitComet\BitComet.exe/AddAllLink.htm>  []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&使用BitComet下载本页视频]
    <><res://D:\Program Files\BitComet\BitComet.exe/AddVideo.htm>  []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\Add to Google Photos Screensa&ver]
    <><res://D:\WINDOWS\system32\GPhotos.scr/200>  []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载]
    <><D:\Program Files\Thunder Network\Thunder\Program\geturl.htm>  [N/A, C:2008-12-08 22:13 M:2008-07-28 15:43]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载全部链接]
    <><D:\Program Files\Thunder Network\Thunder\Program\getallurl.htm>  [N/A, C:2008-12-08 22:13 M:2007-12-10 14:17]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\导出到 Microsoft Office Excel(&X)]
    <><res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000>  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection D:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00|(Verified)Microsoft Corporation, 7.00.6000.16762 (vista_gdr.081013-1507), C:2006-03-21 09:00 M:2008-10-17 05:04|(Verified)N/A, C:2006-03-21 09:00 M:2006-03-21 09:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection D:\WINDOWS\INF\wmp10.inf,PerUserStub>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00|(Verified)Microsoft Corporation, 7.00.6000.16762 (vista_gdr.081013-1507), C:2006-03-21 09:00 M:2008-10-17 05:04|(Verified)N/A, C:2007-10-14 12:59 M:2005-01-28 16:25]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}]
    <启动迅雷5><D:\Program Files\Thunder Network\Thunder\Thunder.exe>  [(Verified)Thunder Networking Technologies,LTD, 5, 6, 8, 19, C:2008-12-08 22:13 M:2008-12-01 17:44]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A}]
    <BitComet><res://D:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206>  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
    <><>  []


========================================
启动项



========================================
计划任务



========================================
组件


ShellExecuteHook
[ShlExecHack Class]
    {32CD708B-60A7-4C00-9377-D73EAA495F0F}  <D:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-03-10 19:57 M:2008-08-09 21:02]

Shell Extension
[Display Panning CPL Extension]
    {42071714-76d4-11d1-8b24-00a0c9068ff3}  <deskpan.dll>  []
[HyperTerminal Icon Ext]
    {88895560-9AA2-1069-930E-00AA0030EBC8}  <D:\WINDOWS\system32\hticons.dll>  [(Verified)Hilgraeve, Inc., 5.1.2600.0, C:2007-10-14 12:44 M:2006-03-21 09:00]
[NvCpl DesktopContext Class]
    {A70C977A-BF00-412C-90B7-034C51DA2439}  <D:\WINDOWS\system32\nvcpl.dll>  [(Verified)NVIDIA Corporation, 6.14.10.8391, C:2006-02-13 22:05 M:2006-02-13 22:05]
[Desktop Explorer]
    {1CDB2949-8F65-4355-8456-263E7C208A5D}  <D:\WINDOWS\system32\nvshell.dll>  [N/A, C:2006-02-13 22:05 M:2006-02-13 22:05]
[Desktop Explorer Menu]
    {1E9B04FB-F9E5-4718-997B-B8DA88302A47}  <D:\WINDOWS\system32\nvshell.dll>  [N/A, C:2006-02-13 22:05 M:2006-02-13 22:05]
[nView Desktop Context Menu]
    {1E9B04FB-F9E5-4718-997B-B8DA88302A48}  <D:\WINDOWS\system32\nvshell.dll>  [N/A, C:2006-02-13 22:05 M:2006-02-13 22:05]
[WinRAR shell extension]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <D:\Program Files\WinRAR\rarext.dll>  [N/A, C:2007-12-19 22:51 M:2008-09-30 21:14]
[RISING]
    {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}  <D:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-03-10 19:57 M:2008-08-09 21:02]
[Play on my TV helper]
    {FFB699E0-306A-11d3-8BD1-00104B6F7516}  <D:\WINDOWS\system32\nvcpl.dll>  [(Verified)NVIDIA Corporation, 6.14.10.8391, C:2006-02-13 22:05 M:2006-02-13 22:05]

Protocols
[IEProtocolHandler Class]
    {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}  <D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL>  [(Verified)Skype Technologies, 1, 0, 29, 0, C:2008-11-07 14:31 M:2008-11-07 14:31]

BrowserHelperObject
[ThunderAtOnce Class]
    {01443AEC-0FD1-40fd-9C87-E93D1494C233}  <D:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 1.0.5.34, C:2008-12-08 22:14 M:2008-09-06 10:36]
[Adobe PDF Reader Link Helper]
    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}  <D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll>  [(Verified)Adobe Systems Incorporated, 8.0.0.2006102200, C:2006-10-22 23:08 M:2006-10-22 23:08]
[Skype add-on (mastermind)]
    {22BF413B-C6D2-4d91-82A9-A0F997BA588C}  <D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll>  [(Verified)Skype Technologies S.A., 2, 2, 0, 205, C:2008-11-07 14:31 M:2008-11-07 14:31]
[BitComet Helper]
    {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}  <D:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll>  [(Verified)BitComet, 20080807, C:2008-08-11 17:12 M:2008-08-11 17:12]
[Thunder Browser Helper]
    {889D2FEB-5411-4565-8998-1DD2C5261283}  <D:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 120, C:2008-12-08 22:14 M:2008-09-19 16:44]
[卡卡上网安全助手]
    {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}  <D:\WINDOWS\system32\urlFilter.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-08-07 20:40 M:2008-08-07 20:39]

ActiveX Extension
[ThunderAtOnce Class]
    {01443AEC-0FD1-40FD-9C87-E93D1494C233}  <D:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 1.0.5.34, C:2008-12-08 22:14 M:2008-09-06 10:36]
[Adobe PDF Reader Link Helper]
    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}  <D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll>  [(Verified)Adobe Systems Incorporated, 8.0.0.2006102200, C:2006-10-22 23:08 M:2006-10-22 23:08]
[Web Browser Applet Control]
    {08B0E5C0-4FCB-11CF-AAA5-00401C608501}  <D:\WINDOWS\system32\msjava.dll>  [Microsoft Corporation, 5.00.3810, C:2007-10-14 12:58 M:2003-02-28 19:26]
[Skype add-on (mastermind)]
    {22BF413B-C6D2-4D91-82A9-A0F997BA588C}  <D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll>  [(Verified)Skype Technologies S.A., 2, 2, 0, 205, C:2008-11-07 14:31 M:2008-11-07 14:31]
[RealPlayer RAM Download Handler]
    {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93}  <D:\Program Files\StormII\Codec\rmoc3260.dll>  [(Verified)RealNetworks, Inc., 6.0.9.2568, C:2006-10-19 00:05 M:2006-10-19 00:05]
[BitComet Helper]
    {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}  <D:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll>  [(Verified)BitComet, 20080807, C:2008-08-11 17:12 M:2008-08-11 17:12]
[Thunder Agent Class]
    {485463B7-8FB2-4B3B-B29B-8B919B0EACCE}  <D:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 6, 0, 5, 47, C:2008-12-08 22:14 M:2008-11-07 17:13]
[PowerPlayer Control]
    {5EC7C511-CD0F-42E6-830C-1BD9882F3458}  <D:\PROGRA~1\9PTV\Kernel\PPStream\POWERP~1.DLL>  []
[XMP Class]
    {6483F145-A768-4C41-AACC-52D4D7845851}  <D:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work>  [Xunlei Networking Technologies,LTD, 2, 1, 9, 100, C:2008-01-25 11:14 M:2008-12-01 17:43]
[XDRM]
    {693571CB-54A3-4E90-9D52-EEAE1334E2D3}  <D:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work>  [Copyright XunLei 2007, 1, 0, 0, 7, C:2008-01-25 11:14 M:2008-07-01 18:40]
[StormPlayer Object]
    {6BE52E1D-E586-474F-A6E2-1A85A9B4D9FB}  <D:\Program Files\StormII\mps.dll>  [(Verified)北京暴风网际科技有限公司, 3, 8, 12, 1, C:2008-12-01 23:11 M:2008-12-01 23:11]
[MediaComm Class]
    {7670648D-461B-42AF-BDFE-46D26AF5EFF2}  <D:\Program Files\Thunder Network\Thunder\Components\InMedia\MediaAddin18.dll>  [(Verified)Thunder Networking Technologies,LTD, 3, 1, 6, 81, C:2008-12-08 22:13 M:2008-11-10 10:30]
[Skype add-on (button)]
    {77BF5300-1474-4EC7-9980-D32B190E9B07}  <D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll>  [(Verified)Skype Technologies S.A., 2, 2, 0, 205, C:2008-11-07 14:31 M:2008-11-07 14:31]
[DLoader Class]
    {78ABDC59-D8E7-44D3-9A76-9A0918C52B4A}  <D:\WINDOWS\Downloaded Program Files\downloader.dll>  [(Verified)Sina Com, 1, 0, 0, 14, C:2008-07-28 15:29 M:2008-07-28 15:29]
[Thunder Browser Helper]
    {889D2FEB-5411-4565-8998-1DD2C5261283}  <D:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 120, C:2008-12-08 22:14 M:2008-09-19 16:44]
[卡卡上网安全助手]
    {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}  <D:\WINDOWS\system32\urlFilter.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-08-07 20:40 M:2008-08-07 20:39]
[DapCtrl Class]
    {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8}  <D:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.5807.112.(332).dll>  [(Verified)ShenZhen Thunder Networking Technologies Ltd., 2, 3, 5807, 112, C:2008-12-10 21:18 M:2008-11-28 14:10]
[KooPlayer Control]
    {C728DAB8-FDF5-4CD7-89DD-879D25794C77}  <D:\WINDOWS\system32\CCTVKO~1.OCX>  [(Verified)Koos, 1, 0, 0, 88, C:2008-01-25 20:12 M:2008-02-06 14:47]
[RealPlayer G2 Control]
    {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA}  <D:\Program Files\StormII\Codec\rmoc3260.dll>  [(Verified)RealNetworks, Inc., 6.0.9.2568, C:2006-10-19 00:05 M:2006-10-19 00:05]
[Shockwave Flash Object]
    {D27CDB6E-AE6D-11CF-96B8-444553540000}  <D:\WINDOWS\system32\Macromed\Flash\FlDbg10a.ocx>  [(Verified)Adobe Systems, Inc., 10,0,12,36, C:2008-10-05 12:20 M:2008-10-05 12:20]
[PasswordEditCtrl Class]
    {E787FD25-8D7C-4693-AE67-9406BC6E22DF}  <D:\WINDOWS\system32\qqedit\qqedit.dll>  [(Verified)腾讯科技（深圳）有限公司, 1, 1, 0, 4, C:2007-08-14 19:27 M:2007-08-14 19:27]
[QvodCtrl Class]
    {F3D0D36F-23F8-4682-A195-74C92B03D4AF}  <D:\Program Files\QvodPlayer\QvodInsert.dll>  []
[XPPlayer Class]
    {F3E70CEA-956E-49CC-B444-73AFE593AD7F}  <D:\Program Files\Common Files\Thunder Network\KanKan\PPlayer.2.1.5880.234.(333).dll>  [(Verified)Xunlei Networking Technologies,LTD, 2, 1, 5880, 234, C:2008-12-10 21:18 M:2008-12-01 17:42]

Context Menu
[RisingRavExt]
    {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}  <D:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-03-10 19:57 M:2008-08-09 21:02]
[WinRAR]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <D:\Program Files\WinRAR\rarext.dll>  [N/A, C:2007-12-19 22:51 M:2008-09-30 21:14]


========================================
服务

[Human Interface Device Access / HidServ][Stopped/Disabled]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\hidserv.dll">  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]

[Contrl Center of Storm Media / ccosm][Running/Auto Start]
    <D:\Program Files\StormII\stormliv.exe /asservice>  [(Verified)北京暴风网际科技有限公司, 3, 8, 3, 15, C:2008-03-11 15:33 M:2008-03-11 15:33]
[Google Updater Service / gusvc][Stopped/Manual Start]
    <"D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe">  [(Verified)Google, 2.0.711.37800.beta, C:2007-12-23 00:31 M:2007-01-04 10:40]
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
    <%SystemRoot%\system32\nvsvc32.exe>  [(Verified)NVIDIA Corporation, 6.14.10.8391, C:2006-02-13 22:05 M:2006-02-13 22:05]
[Rising Proxy  Service / RfwProxySrv][Running/Auto Start]
    <D:\Program Files\Rising\Rfw\rfwProxy.exe>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.38, C:2008-12-08 11:36 M:2008-12-09 17:23]
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
    <D:\Program Files\Rising\Rfw\rfwsrv.exe>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.77, C:2008-12-08 11:36 M:2008-12-08 12:15]
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
    <"D:\Program Files\Rising\Rav\CCenter.exe">  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.33, C:2008-03-10 19:57 M:2008-08-09 21:03]
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
    <"D:\PROGRAM FILES\RISING\RAV\Ravmond.exe">  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.80, C:2008-03-10 19:57 M:2008-08-09 21:02]


========================================
驱动

[npkcrypt / npkcrypt][Stopped/Manual Start]
    <\??\D:\WINDOWS\system32\npkcrypt.sys>  []
[npkycryp / npkycryp][Stopped/Manual Start]
    <\??\D:\WINDOWS\system32\npkycryp.sys>  []
[USB PC Camera (SNPSTD3) / SNPSTD3][Stopped/Manual Start]
    <system32\DRIVERS\snpstd3.sys>  [Sonix Co. Ltd., 1, 3, 2, 3, C:2008-03-30 15:44 M:2006-09-15 11:41]
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
    <system32\DRIVERS\tcpip.sys>  [Microsoft Corporation, 5.1.2600.3394 (xpsp_sp2_gdr.080620-1245), C:2006-03-21 09:00 M:2008-06-20 19:45]

[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
    <system32\drivers\ALCXWDM.SYS>  [(Verified)Realtek Semiconductor Corp., 5.10.5870 built by: WinDDK, C:2007-10-14 13:44 M:2005-06-21 07:08]
[HookCont / HookCont][Running/System Start]
    <\SystemRoot\system32\drivers\HookCont.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 7, C:2008-03-10 19:57 M:2008-08-09 21:02]
[HookNtos / HookNtos][Running/System Start]
    <\SystemRoot\system32\drivers\HookNtos.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 52, C:2008-03-10 19:57 M:2008-10-24 12:25]
[HookReg / HookReg][Running/System Start]
    <\SystemRoot\system32\drivers\HookReg.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 29, C:2008-03-10 19:57 M:2008-11-05 08:55]
[HookSys / HookSys][Running/System Start]
    <\SystemRoot\system32\drivers\HookSys.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 55, C:2008-03-10 19:57 M:2008-09-03 19:50]
[HookUrl / HookUrl][Running/Auto Start]
    <\??\D:\Program Files\Rising\Rfw\HookUrl.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.13, C:2008-12-08 11:36 M:2008-12-08 12:15]
[ATK0110 ACPI UTILITY / MTsensor][Running/Manual Start]
    <system32\DRIVERS\ASACPI.sys>  [(Verified)1043, 2, 15, 37, C:2007-10-14 13:35 M:2004-08-13 19:56]
[nv / nv][Running/Manual Start]
    <system32\DRIVERS\nv4_mini.sys>  [(Verified)NVIDIA Corporation, 6.14.10.8391, C:2006-02-13 22:05 M:2006-02-13 22:05]
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
    <system32\DRIVERS\ptilink.sys>  [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:2006-03-21 09:00 M:2006-03-21 09:00]
[PxHelp20 / PxHelp20][Running/Boot Start]
    <System32\Drivers\PxHelp20.sys>  [(Verified)Sonic Solutions, 3.00.67a, C:2008-04-08 08:16 M:2008-04-08 08:16]
[Rising  Rfwbase Driver / RfwBase][Running/Auto Start]
    <System32\DRIVERS\rfwbase.SYS>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.10, C:2008-12-08 11:36 M:2008-12-08 11:32]
[RsFwDrv / RsFwDrv][Running/System Start]
    <\??\D:\Program Files\Rising\Rfw\RsFwDrv.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.35, C:2008-12-08 11:36 M:2008-12-08 12:14]
[RsNTGDI / RsNTGDI][Running/Boot Start]
    <system32\Drivers\RsNTGdi.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 3, C:2008-03-10 19:57 M:2008-08-09 21:05]
[Secdrv / Secdrv][Stopped/Manual Start]
    <system32\DRIVERS\secdrv.sys>  [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:2006-03-21 09:00 M:2007-11-13 19:25]
[viamraid / viamraid][Running/Boot Start]
    <system32\DRIVERS\viamraid.sys>  [(Verified)VIA Technologies inc,.ltd, 5.1.2600.430, C:2007-10-14 13:46 M:2005-04-26 20:22]
[NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller / yukonwxp][Running/Manual Start]
    <system32\DRIVERS\yk51x86.sys>  [(Verified)Marvell, 7.14.1.3 built by: WinDDK, C:2004-06-16 08:14 M:2004-06-16 08:14]


========================================
进程

[PID: 392 / SYSTEM]   \SystemRoot\System32\smss.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]

[PID: 472 / SYSTEM]   \??\D:\WINDOWS\system32\csrss.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-12-08 11:36 M:2008-12-08 11:33]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-12-08 11:36 M:2008-12-08 11:33]

[PID: 496 / SYSTEM]   \??\D:\WINDOWS\system32\winlogon.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]
    D:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-12-08 11:36 M:2008-12-08 11:33]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-12-08 11:36 M:2008-12-08 11:33]

[PID: 540 / SYSTEM]   D:\WINDOWS\system32\services.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]
    D:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-12-08 11:36 M:2008-12-08 11:33]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-12-08 11:36 M:2008-12-08 11:33]

[PID: 552 / SYSTEM]   D:\WINDOWS\system32\lsass.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]
    D:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-12-08 11:36 M:2008-12-08 11:33]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-12-08 11:36 M:2008-12-08 11:33]

[PID: 704 / SYSTEM]   D:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]
    D:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-12-08 11:36 M:2008-12-08 11:33]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-12-08 11:36 M:2008-12-08 11:33]

[PID: 764 / NETWORK SERVICE]   D:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]
    D:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-12-08 11:36 M:2008-12-08 11:33]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-12-08 11:36 M:2008-12-08 11:33]

[PID: 832 / SYSTEM]   D:\Program Files\Rising\Rav\CCenter.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.33, C:2008-03-10 19:57 M:2008-08-09 21:03]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-12-08 11:36 M:2008-12-08 11:33]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-12-08 11:36 M:2008-12-08 11:33]
    D:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]

[PID: 848 / SYSTEM]   D:\WINDOWS\System32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]
    D:\WINDOWS\System32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-12-08 11:36 M:2008-12-08 11:33]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-12-08 11:36 M:2008-12-08 11:33]

[PID: 904 / NETWORK SERVICE]   D:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]
    D:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-12-08 11:36 M:2008-12-08 11:33]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-12-08 11:36 M:2008-12-08 11:33]

[PID: 996 / LOCAL SERVICE]   D:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]
    D:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-12-08 11:36 M:2008-12-08 11:33]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-12-08 11:36 M:2008-12-08 11:33]

[PID: 1112 / SYSTEM]   D:\PROGRAM FILES\RISING\RAV\ravmond.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.80, C:2008-03-10 19:57 M:2008-08-09 21:02]
    D:\PROGRAM FILES\RISING\RAV\BWList.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.5, C:2008-03-10 19:57 M:2008-08-09 21:03]
    D:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2004-10-16 22:47 M:2004-10-16 22:45]
    D:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2004-10-16 22:47 M:2004-10-16 22:45]
    D:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2004-10-16 22:47 M:2004-10-16 22:45]
    D:\PROGRAM FILES\RISING\RAV\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-03-10 19:57 M:2008-08-09 21:03]
    D:\PROGRAM FILES\RISING\RAV\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-03-10 19:57 M:2008-08-09 21:03]
    D:\PROGRAM FILES\RISING\RAV\RsLog.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.36, C:2008-03-10 19:57 M:2008-08-09 21:06]
    D:\PROGRAM FILES\RISING\RAV\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-03-10 19:57 M:2008-08-09 21:03]
    D:\PROGRAM FILES\RISING\RAV\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-03-10 19:57 M:2008-08-09 21:03]
    D:\PROGRAM FILES\RISING\RAV\MonRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.29, C:2008-03-10 19:57 M:2008-08-09 21:02]
    D:\PROGRAM FILES\RISING\RAV\Hooksys.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 12, C:2008-03-10 19:57 M:2008-08-09 21:02]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-12-08 11:36 M:2008-12-08 11:33]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-12-08 11:36 M:2008-12-08 11:33]
    D:\PROGRAM FILES\RISING\RAV\HookReg.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6, C:2008-03-10 19:57 M:2008-08-09 21:02]
    D:\PROGRAM FILES\RISING\RAV\HookNtos.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5, C:2008-03-10 19:57 M:2008-08-09 21:02]
    D:\PROGRAM FILES\RISING\RAV\rswalmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 24, C:2008-03-10 19:57 M:2008-08-09 21:02]
    D:\PROGRAM FILES\RISING\RAV\recomp.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 41, C:2008-03-10 19:57 M:2008-08-20 20:16]
    D:\PROGRAM FILES\RISING\RAV\refs.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18, C:2008-03-10 19:57 M:2008-08-09 21:03]
    D:\PROGRAM FILES\RISING\RAV\ffr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-03-10 19:57 M:2008-10-24 12:25]
    D:\Program Files\Rising\Rav\RsStore.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.9, C:2008-03-10 19:57 M:2008-08-09 21:05]
    D:\PROGRAM FILES\RISING\RAV\HookCont.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3, C:2008-03-10 19:57 M:2008-08-09 21:02]
    D:\Program Files\Rising\Rav\fakescan.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.14, C:2008-03-10 19:57 M:2008-08-09 21:06]
    D:\Program Files\Rising\Rav\Scanner.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.39, C:2008-03-10 19:57 M:2008-08-09 21:06]
    D:\PROGRAM FILES\RISING\RAV\viruslib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2008-03-10 19:57 M:2008-08-09 21:03]
    D:\PROGRAM FILES\RISING\RAV\relibldr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-03-10 19:57 M:2008-08-09 21:03]
    D:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]
    D:\PROGRAM FILES\RISING\RAV\HookWeb.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.3, C:2008-03-10 19:57 M:2008-08-09 21:02]
    D:\PROGRAM FILES\RISING\RAV\nvfile.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7, C:2008-03-10 19:57 M:2008-08-09 21:03]
    D:\PROGRAM FILES\RISING\RAV\extfile.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 32, C:2008-03-10 19:57 M:2008-08-09 21:03]
    D:\PROGRAM FILES\RISING\RAV\scanexec.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 22, C:2008-03-10 19:57 M:2008-09-03 19:50]
    D:\PROGRAM FILES\RISING\RAV\pearc.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 8, C:2008-03-10 19:57 M:2008-08-09 21:03]
    D:\PROGRAM FILES\RISING\RAV\unexe.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 6, C:2008-03-10 19:57 M:2008-08-09 21:03]
    D:\PROGRAM FILES\RISING\RAV\scanex.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 1, 0, C:2008-03-10 19:57 M:2008-12-04 19:34]
    D:\PROGRAM FILES\RISING\RAV\scanpack.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10, C:2008-03-10 19:57 M:2008-08-09 21:03]
    D:\PROGRAM FILES\RISING\RAV\revm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11, C:2008-03-10 19:57 M:2008-08-09 21:03]
    D:\PROGRAM FILES\RISING\RAV\urutils.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7, C:2008-03-10 21:07 M:2008-08-09 21:03]
    D:\PROGRAM FILES\RISING\RAV\ur000.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 22, C:2008-03-10 21:07 M:2008-10-24 12:25]
    D:\PROGRAM FILES\RISING\RAV\scriptci.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 4, C:2008-03-10 19:57 M:2008-08-09 21:03]
    D:\PROGRAM FILES\RISING\RAV\ur001.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-03-10 21:07 M:2008-10-24 12:25]
    D:\PROGRAM FILES\RISING\RAV\scansct.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11, C:2008-03-10 19:57 M:2008-09-03 19:50]
    D:\PROGRAM FILES\RISING\RAV\extole.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 13, C:2008-03-10 19:57 M:2008-08-09 21:03]
    D:\PROGRAM FILES\RISING\RAV\extmail.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10, C:2008-03-10 19:57 M:2008-08-09 21:03]

[PID: 1128 / SYSTEM]   D:\Program Files\Rising\Rfw\rfwsrv.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.77, C:2008-12-08 11:36 M:2008-12-08 12:15]
    D:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2004-10-16 22:47 M:2004-10-16 22:45]
    D:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2004-10-16 22:47 M:2004-10-16 22:45]
    D:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2004-10-16 22:47 M:2004-10-16 22:45]
    D:\Program Files\Rising\Rfw\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-12-08 11:36 M:2008-12-08 11:32]
    D:\Program Files\Rising\Rfw\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-12-08 11:36 M:2008-12-08 11:32]
    D:\Program Files\Rising\Rfw\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-12-08 11:36 M:2008-12-08 11:32]
    D:\Program Files\Rising\Rfw\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-12-08 11:36 M:2008-12-08 11:32]
    D:\Program Files\Rising\Rfw\RfwRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.17, C:2008-12-08 11:36 M:2008-12-08 11:33]
    D:\Program Files\Rising\Rfw\rfwlog.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.16, C:2008-12-08 11:36 M:2008-12-08 11:33]
    D:\Program Files\Rising\Rfw\Rfwdrv.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.50, C:2008-12-08 11:36 M:2008-12-08 12:15]
    D:\Program Files\Rising\Rfw\ijt_ctrl.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.0, C:2008-12-08 11:36 M:2008-12-08 11:32]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-12-08 11:36 M:2008-12-08 11:33]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-12-08 11:36 M:2008-12-08 11:33]
    D:\Program Files\Rising\Rfw\unvdet.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.8, C:2008-12-08 11:36 M:2008-12-08 11:32]
    D:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]
    D:\Program Files\Rising\Rfw\mPorts.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.6, C:2008-12-08 11:36 M:2008-12-08 11:33]

[PID: 1184 / SYSTEM]   D:\Program Files\Rising\Rfw\rfwProxy.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.38, C:2008-12-08 11:36 M:2008-12-09 17:23]
    D:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2004-10-16 22:47 M:2004-10-16 22:45]
    D:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2004-10-16 22:47 M:2004-10-16 22:45]
    D:\Program Files\Rising\Rfw\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-12-08 11:36 M:2008-12-08 11:32]
    D:\Program Files\Rising\Rfw\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-12-08 11:36 M:2008-12-08 11:32]
    D:\Program Files\Rising\Rfw\RfwRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.17, C:2008-12-08 11:36 M:2008-12-08 11:33]
    D:\Program Files\Rising\Rfw\urlrule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1.0.0.15, C:2008-12-08 11:36 M:2008-12-08 11:33]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-12-08 11:36 M:2008-12-08 11:33]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-12-08 11:36 M:2008-12-08 11:33]
    D:\Program Files\Rising\Rfw\MonMid.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.6, C:2008-12-08 11:36 M:2008-12-08 11:33]
    D:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]

[PID: 1408 / SYSTEM]   D:\Program Files\Rising\Rfw\rfwstub.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.12, C:2008-12-08 11:36 M:2008-12-08 11:32]
    D:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2004-10-16 22:47 M:2004-10-16 22:45]
    D:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2004-10-16 22:47 M:2004-10-16 22:45]
    D:\Program Files\Rising\Rfw\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-12-08 11:36 M:2008-12-08 11:32]
    D:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-12-08 11:36 M:2008-12-08 11:33]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-12-08 11:36 M:2008-12-08 11:33]

[PID: 1488 / Administrator]   D:\WINDOWS\Explorer.EXE   [(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]
    D:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]
    D:\WINDOWS\system32\RavExt.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-03-10 19:57 M:2008-08-09 21:02]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-12-08 11:36 M:2008-12-08 11:33]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-12-08 11:36 M:2008-12-08 11:33]
    D:\Program Files\Rising\Rav\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-03-10 19:57 M:2008-08-09 21:03]
    D:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 120, C:2008-12-08 22:14 M:2008-09-19 16:44]
    D:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_01.dll  [Thunder Networking Technologies,LTD, 1, 0, 0, 20, C:2008-12-10 21:17 M:2008-12-01 17:43]
    D:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_01.dll  [Thunder Networking Technologies,LTD, 1, 0, 0, 16, C:2008-12-10 21:17 M:2008-12-01 17:43]
    D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS  [Adobe Systems, Inc., 8.0.0.0, C:2006-11-17 00:37 M:2006-11-17 00:37]
    D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll  [Adobe Systems, Inc., 8.1.0.0, C:2007-05-10 22:54 M:2007-05-10 22:54]
    D:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll  [Microsoft Corporation, 8.00.50727.762, C:2006-12-01 23:54 M:2006-12-01 23:54]
    D:\Program Files\HighMAT CD Writing Wizard\HMTCD.dll  [Copyright (C) Microsoft Corp, 2003, 1.1.1905.1, C:2003-09-23 09:40 M:2003-09-23 09:40]
    D:\Program Files\Common Files\Ahead\Lib\AdvrCntr.dll  [Ahead Software AG, 1,0,13, 2107, C:2008-12-13 17:20 M:2004-03-16 17:32]
    D:\Program Files\WinRAR\rarext.dll  [N/A, C:2007-12-19 22:51 M:2008-09-30 21:14]
    D:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll  [(Verified)Thunder Networking Technologies,LTD, 1.0.5.34, C:2008-12-08 22:14 M:2008-09-06 10:36]
    D:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2004-10-16 22:47 M:2004-10-16 22:45]
    D:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2004-10-16 22:47 M:2004-10-16 22:45]

[PID: 1692 / SYSTEM]   D:\PROGRAM FILES\RISING\RAV\RavStub.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.10, C:2008-03-10 19:57 M:2008-08-09 21:02]
    D:\PROGRAM FILES\RISING\RAV\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-03-10 19:57 M:2008-08-09 21:03]
    D:\PROGRAM FILES\RISING\RAV\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-03-10 19:57 M:2008-08-09 21:03]
    D:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-03-10 19:57 M:2008-08-09 21:03]
    D:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-12-08 11:36 M:2008-12-08 11:33]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-12-08 11:36 M:2008-12-08 11:33]

[PID: 1760 / Administrator]   D:\Program Files\Rising\Rfw\RfwMain.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.1.70, C:2008-12-08 11:36 M:2008-12-08 11:32]
    D:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2004-10-16 22:47 M:2004-10-16 22:45]
    D:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2004-10-16 22:47 M:2004-10-16 22:45]
    D:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2004-10-16 22:47 M:2004-10-16 22:45]
    D:\Program Files\Rising\Rfw\RsGuiLib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90, C:2008-12-08 11:36 M:2008-12-08 11:32]
    D:\Program Files\Rising\Rfw\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-12-08 11:36 M:2008-12-08 11:32]
    D:\Program Files\Rising\Rfw\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-12-08 11:36 M:2008-12-08 11:32]
    D:\Program Files\Rising\Rfw\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-12-08 11:36 M:2008-12-08 11:32]
    D:\Program Files\Rising\Rfw\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-12-08 11:36 M:2008-12-08 11:32]
    D:\Program Files\Rising\Rfw\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-12-08 11:36 M:2008-12-08 11:32]
    D:\Program Files\Rising\Rfw\RfwCtrl.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-12-08 11:36 M:2008-12-08 11:32]
    D:\Program Files\Rising\Rfw\RsXML.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-12-08 11:36 M:2008-12-08 11:32]
    D:\Program Files\Rising\Rfw\PngDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-12-08 11:36 M:2008-12-08 11:32]
    D:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-12-08 11:36 M:2008-12-08 11:33]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-12-08 11:36 M:2008-12-08 11:33]
    D:\Program Files\Rising\Rfw\RfwRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.17, C:2008-12-08 11:36 M:2008-12-08 11:33]

[PID: 1880 / SYSTEM]   D:\WINDOWS\system32\spoolsv.exe   [(Verified)Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519), C:2006-03-21 09:00 M:2005-06-11 08:53]
    D:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-12-08 11:36 M:2008-12-08 11:33]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-12-08 11:36 M:2008-12-08 11:33]

[PID: 816 / Administrator]   D:\Program Files\Rising\Rav\RavTask.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.24, C:2008-03-10 19:57 M:2008-08-09 21:02]
    D:\Program Files\Rising\Rav\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-03-10 19:57 M:2008-08-09 21:03]
    D:\Program Files\Rising\Rav\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-03-10 19:57 M:2008-08-09 21:03]
    D:\Program Files\Rising\Rav\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-03-10 19:57 M:2008-08-09 21:03]
    D:\Program Files\Rising\Rav\RSAPPMGR.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-03-10 19:57 M:2008-08-09 21:03]
    D:\Program Files\Rising\Rav\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-03-10 19:57 M:2008-08-09 21:03]
    D:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]

[PID: 932 / Administrator]   D:\Program Files\Rising\Rav\Ravmon.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.01.27, C:2008-03-10 19:57 M:2008-09-03 19:50]
    D:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2004-10-16 22:47 M:2004-10-16 22:45]
    D:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2004-10-16 22:47 M:2004-10-16 22:45]
    D:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2004-10-16 22:47 M:2004-10-16 22:45]
    D:\Program Files\Rising\Rav\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-03-10 19:57 M:2008-08-09 21:03]
    D:\Program Files\Rising\Rav\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-03-10 19:57 M:2008-08-09 21:03]
    D:\Program Files\Rising\Rav\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-03-10 19:57 M:2008-08-09 21:03]
    D:\Program Files\Rising\Rav\recomp.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 41, C:2008-03-10 19:57 M:2008-08-20 20:16]
    D:\Program Files\Rising\Rav\refs.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18, C:2008-03-10 19:57 M:2008-08-09 21:03]
    D:\Program Files\Rising\Rav\viruslib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2008-03-10 19:57 M:2008-08-09 21:03]
    D:\Program Files\Rising\Rav\relibldr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-03-10 19:57 M:2008-08-09 21:03]
    D:\Program Files\Rising\Rav\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-03-10 19:57 M:2008-08-09 21:03]
    D:\Program Files\Rising\Rav\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-03-10 19:57 M:2008-08-09 21:03]
    D:\Program Files\Rising\Rav\MonRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.29, C:2008-03-10 19:57 M:2008-08-09 21:02]
    D:\Program Files\Rising\Rav\PngDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-03-10 19:57 M:2008-08-09 21:03]
    D:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]
    D:\Program Files\Rising\Rav\Rsguilib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90, C:2008-03-10 19:57 M:2008-08-09 21:03]
    D:\Program Files\Rising\Rav\RsXML.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-03-10 19:57 M:2008-08-09 21:03]

[PID: 992 / SYSTEM]   D:\Program Files\StormII\stormliv.exe   [(Verified)北京暴风网际科技有限公司, 3, 8, 3, 15, C:2008-03-11 15:33 M:2008-03-11 15:33]
    D:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]

[PID: 1164 / Administrator]   D:\WINDOWS\system32\ctfmon.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]
    D:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-12-08 11:36 M:2008-12-08 11:33]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-12-08 11:36 M:2008-12-08 11:33]

[PID: 1424 / SYSTEM]   D:\WINDOWS\system32\nvsvc32.exe   [(Verified)NVIDIA Corporation, 6.14.10.8391, C:2006-02-13 22:05 M:2006-02-13 22:05]
    D:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]

[PID: 2280 / SYSTEM]   D:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]
    D:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]

[PID: 3108 / LOCAL SERVICE]   D:\WINDOWS\System32\alg.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]
    D:\WINDOWS\System32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]

[PID: 3384 / SYSTEM]   D:\WINDOWS\System32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]
    D:\WINDOWS\System32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]

[PID: 2088 / SYSTEM]   D:\WINDOWS\system32\msiexec.exe   [(Verified)Microsoft Corporation, 3.1.4000.1823, C:2006-03-21 09:00 M:2005-05-03 13:58]
    D:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]

[PID: 1528 / SYSTEM]   D:\WINDOWS\system32\wuauclt.exe   [(Verified)Microsoft Corporation, 7.2.6001.788 (winmain_oob/wu_wsuswlc(wmbla).081016-1330), C:2007-10-14 12:46 M:2008-10-16 14:09]
    D:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-12-08 11:36 M:2008-12-08 11:33]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-12-08 11:36 M:2008-12-08 11:33]

[PID: 3232 / Administrator]   E:\windows清理助手\setup.exe   [www.arswp.com                                               , 2.8.2.1115          , C:2008-12-07 19:14 M:2008-12-07 19:15]
    D:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]

[PID: 1060 / Administrator]   D:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-E19HP.tmp\is-CI7KH.tmp   [, 51.46.0.0, C:2008-12-14 00:18 M:2008-12-14 00:18]
    D:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]

[PID: 1232 / Administrator]   D:\Program Files\arswp\ArSwp.exe   [(Verified)ArSwp.com, 2, 8, 2, 1115, C:2008-12-07 19:17 M:2008-11-15 11:58]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-12-08 11:36 M:2008-12-08 11:33]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-12-08 11:36 M:2008-12-08 11:33]
    D:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-03-21 09:00 M:2006-03-21 09:00]
    D:\Program Files\arswp\plugin\ArFix.dll  [(Verified)ArSwp.Com, 2, 5, 0, 0, C:2008-12-07 19:17 M:2007-11-28 15:19]


========================================
文件关联



========================================
AutoRun.INF



========================================
Winsock提供者



========================================
HOSTS

    127.0.0.1 localhost


[/CODE]