[CODE]

2008-08-20,17:57:02

SysLog Scanner 1.0 - build 20080726
Arswp (http://www.arswp.com)

Windows XP Professional Service Pack 3 (build 2600) - Administrators



========================================
注册项

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)NVIDIA Corporation, 6.14.10.5216, C:2003-10-06 13:16 M:2003-10-06 13:16]
    <SoundMAXPnP><C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe>  [Analog Devices, Inc., 4, 0, 4, 11, C:2008-07-16 17:30 M:2003-05-29 16:28]
    <SoundMAX><"C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray>  [Analog Devices, Inc., 4, 0, 4, 25, C:2008-07-16 17:30 M:2003-05-30 09:42]
    <360Safebox><"D:\360Safebox\safeboxTray.exe" /r>  [(Verified)360安全中心, 2, 3, 0, 1001, C:2008-08-15 21:41 M:2008-08-15 21:41]
    <360Safetray><D:\360safe\safemon\360tray.exe /start>  [(Verified)奇虎网, 5, 0, 0, 1001, C:2008-07-16 22:02 M:2008-07-16 22:02]
    <runeip><"D:\卡卡安全助手\rstray.exe" /startup>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.15, C:2008-07-16 18:17 M:2008-07-30 21:20]
    <RfwMain><"D:\Rising\Rfw\rfwmain.exe" -Startup>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.1.70, C:2008-07-16 18:23 M:2008-07-25 14:56]
    <RavTask><"D:\Rising\Rav\RavTask.exe" -system>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.24, C:2008-07-16 21:42 M:2008-07-26 20:24]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <Shell><Explorer.exe>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:14]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:14]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_Dlls><kmon.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 25, C:2008-07-16 18:17 M:2008-08-15 22:09]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:14]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager]
    <BootExecute><autocheck autochk *>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs]
    <advapi32><advapi32.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    <comdlg32><comdlg32.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    <gdi32><gdi32.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    <imagehlp><imagehlp.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    <kernel32><kernel32.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    <lz32><lz32.dll>  [(Verified)Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2006-09-03 16:00 M:2006-09-03 16:00]
    <ole32><ole32.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    <oleaut32><oleaut32.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512, C:2006-09-03 16:00 M:2008-04-13 19:13]
    <olecli32><olecli32.dll>  [(Verified)Microsoft Corporation, 1.07 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    <olecnv32><olecnv32.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    <olesvr32><olesvr32.dll>  [(Verified)Microsoft Corporation, 1.09 (XPClient.010817-1148), C:2006-09-03 16:00 M:2006-09-03 16:00]
    <olethk32><olethk32.dll>  [(Verified)Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148), C:2006-09-03 16:00 M:2006-09-03 16:00]
    <rpcrt4><rpcrt4.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    <shell32><shell32.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    <url><url.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    <urlmon><urlmon.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    <user32><user32.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    <version><version.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    <wininet><wininet.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5583 (xpsp_sp3_gdr.080417-1430), C:2006-09-03 16:00 M:2008-04-21 14:43]
    <wldap32><wldap32.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    <WebCheck><%SystemRoot%\system32\webcheck.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    <SysTray><C:\WINDOWS\system32\stobject.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-07-16 21:42 M:2008-07-30 20:57]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载]
    <><D:\Thunder\Program\GetUrl.htm>  [N/A, C:2008-07-16 18:46 M:2008-07-28 15:43]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载全部链接]
    <><D:\Thunder\Program\GetAllUrl.htm>  [N/A, C:2008-07-16 18:46 M:2007-12-10 14:17]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\添加到QQ表情]
    <><F:\QQ\AddEmotion.htm>  [N/A, C:2008-06-30 17:14 M:2008-06-30 17:14]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    <WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    <WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    <WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
    <WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2008-07-16 18:04 M:2008-04-13 19:13]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    <WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    <WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    <WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    <WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    <WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    <WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:14]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
    <浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:14]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-07-16 17:03 M:2008-04-13 19:14]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13|(Verified)N/A, C:2006-09-03 16:00 M:2006-09-03 16:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13|(Verified)N/A, C:2006-09-03 16:00 M:2006-09-03 16:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13|(Verified)N/A, C:2008-07-16 17:06 M:2005-01-28 15:25]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-07-16 17:03 M:2008-04-13 19:14]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    <Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:14]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\BJ Language Monitor]
    <PrintMonitor: BJ Language Monitor><cnbjmon.dll>  [(Verified)Microsoft Corporation, 5.1.2600.2082 (xpsp(skatari).040213-0952), C:2004-08-17 00:38 M:2008-04-13 19:13]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\Canon BJ Language Monitor PIXMA iP1000]
    <PrintMonitor: Canon BJ Language Monitor PIXMA iP1000><CNMLM6e.DLL>  [(Verified)CANON INC., 1.80.2.50, C:2008-07-16 19:17 M:2004-04-23 13:00]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\Local Port]
    <PrintMonitor: Local Port><localspl.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\PJL Language Monitor]
    <PrintMonitor: PJL Language Monitor><pjlmon.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2004-08-17 00:39 M:2008-04-13 19:13]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\Standard TCP/IP Port]
    <PrintMonitor: Standard TCP/IP Port><tcpmon.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\USB Monitor]
    <PrintMonitor: USB Monitor><usbmon.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]


========================================
启动项



========================================
计划任务



========================================
组件


ShellServiceObjectDelayLoad
[PostBootReminder 对象]
    {7849596a-48ea-486e-8937-a2a3009f31a9}  <%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[烧 CD 的 ShellFolder]
    {fbeb8a05-beee-4442-804e-409d6c4515e9}  <%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[WebCheck]
    {E6FB5E20-DE35-11CF-9C87-00AA005127ED}  <%SystemRoot%\system32\webcheck.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[SysTray]
    {35CEC8A3-2BE6-11D2-8773-92E220524153}  <C:\WINDOWS\system32\stobject.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]

ShredTaskScheduler
[Browseui 预加载程序]
    {438755C2-A8BA-11D1-B96B-00A0C90312E1}  <%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[组件类别缓存程序]
    {8C7461EF-2B13-11d2-BE35-3078302C2030}  <%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]

ShellExecuteHook
[URL 执行挂钩]
    {AEB6717E-7E19-11d0-97EE-00C04FD91972}  <shell32.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[ShlExecHack Class]
    {32CD708B-60A7-4C00-9377-D73EAA495F0F}  <C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-07-16 21:42 M:2008-07-30 20:57]

Shell Extension
[Multimedia File Property Sheet]
    {00022613-0000-0000-C000-000000000046}  <mmsys.cpl>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:14]
[ICM 扫描仪管理]
    {176d6597-26d3-11d1-b350-080036a75b03}  <icmui.dll>  [(Verified)Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2006-09-03 16:00 M:2006-09-03 16:00]
[NTFS Security Page]
    {1F2E5C40-9550-11CE-99D2-00AA006E086C}  <rshx32.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[OLE Docfile Property Page]
    {3EA48300-8CF6-101B-84FB-666CCB9BCD32}  <docprop.dll>  [(Verified)Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2006-09-03 16:00 M:2006-09-03 16:00]
[Shell extensions for sharing]
    {40dd6e20-7c17-11ce-a804-00aa003ca9f6}  <ntshrui.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[PlusPack CPL Extension]
    {41E300E0-78B6-11ce-849B-444553540000}  <%SystemRoot%\system32\themeui.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Display Adapter CPL Extension]
    {42071712-76d4-11d1-8b24-00a0c9068ff3}  <deskadp.dll>  [(Verified)Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148), C:2006-09-03 16:00 M:2006-09-03 16:00]
[Display Monitor CPL Extension]
    {42071713-76d4-11d1-8b24-00a0c9068ff3}  <deskmon.dll>  [(Verified)Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148), C:2006-09-03 16:00 M:2006-09-03 16:00]
[DS Security Page]
    {4E40F770-369C-11d0-8922-00A024AB2DBB}  <dssec.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Compatibility Page]
    {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}  <SlayerXP.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Shell Scrap DataHandler]
    {56117100-C0CD-101B-81E2-00AA004AE837}  <shscrap.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Disk Copy Extension]
    {59099400-57FF-11CE-BD94-0020AF85B590}  <diskcopy.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Shell extensions for Microsoft Windows Network objects]
    {59be4990-f85c-11ce-aff7-00aa003ca9f6}  <ntlanui2.dll>  [(Verified)Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2006-09-03 16:00 M:2006-09-03 16:00]
[ICM 监视器管理]
    {5DB2625A-54DF-11D0-B6C4-0800091AA605}  <%SystemRoot%\System32\icmui.dll>  [(Verified)Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2006-09-03 16:00 M:2006-09-03 16:00]
[ICM 打印机管理]
    {675F097E-4C4D-11D0-B6C1-0800091AA605}  <%SystemRoot%\system32\icmui.dll>  [(Verified)Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2006-09-03 16:00 M:2006-09-03 16:00]
[Web Printer Shell Extension]
    {77597368-7b15-11d0-a0c2-080036af3f03}  <printui.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Disk Quota UI]
    {7988B573-EC89-11cf-9C00-00AA00A14F56}  <dskquoui.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[公文包]
    {85BBD920-42A0-1069-A2E4-08002B30309D}  <syncui.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[HyperTerminal Icon Ext]
    {88895560-9AA2-1069-930E-00AA0030EBC8}  <C:\WINDOWS\system32\hticons.dll>  [(Verified)Hilgraeve, Inc., 5.1.2600.0, C:2008-07-16 17:02 M:2006-09-03 16:00]
[字体]
    {BD84B380-8CA2-1069-AB1D-08000948F534}  <fontext.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[ICC 配置文件]
    {DBCE2480-C732-101B-BE72-BA78E9AD5B27}  <%SystemRoot%\system32\icmui.dll>  [(Verified)Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2006-09-03 16:00 M:2006-09-03 16:00]
[Printers Security Page]
    {F37C5810-4D3F-11d0-B4BF-00AA00BBB723}  <rshx32.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Shell extensions for sharing]
    {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}  <ntshrui.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Display TroubleShoot CPL Extension]
    {f92e8c40-3d33-11d2-b1aa-080036a75b03}  <deskperf.dll>  [(Verified)Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2006-09-03 16:00 M:2006-09-03 16:00]
[Crypto PKO Extension]
    {7444C717-39BF-11D1-8CD9-00C04FC29D45}  <C:\WINDOWS\system32\cryptext.dll>  [(Verified)Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Crypto Sign Extension]
    {7444C719-39BF-11D1-8CD9-00C04FC29D45}  <C:\WINDOWS\system32\cryptext.dll>  [(Verified)Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
[网络连接]
    {7007ACC7-3202-11D1-AAD2-00805FC1270E}  <C:\WINDOWS\system32\NETSHELL.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
[网络连接]
    {992CFFA0-F557-101A-88EC-00DD010CCC48}  <C:\WINDOWS\system32\NETSHELL.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
[扫描仪和照相机]
    {E211B736-43FD-11D1-9EFB-0000F8757FCD}  <wiashext.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
[扫描仪和照相机]
    {FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}  <wiashext.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
[扫描仪和照相机]
    {905667aa-acd6-11d2-8080-00805f6596d2}  <wiashext.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
[扫描仪和照相机]
    {3F953603-1008-4f6e-A73A-04AAC7A992F1}  <wiashext.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
[扫描仪和照相机]
    {83bbcbf3-b28a-4919-a5aa-73027445d672}  <wiashext.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Remote Sessions CPL Extension]
    {F0152790-D56E-4445-850E-4F3117DB740C}  <C:\WINDOWS\system32\remotepg.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-07-16 17:02 M:2008-04-13 19:13]
[Windows Script Host 的 Shell extensions]
    {60254CA5-953B-11CF-8C96-00AA00B8708C}  <C:\WINDOWS\system32\wshext.dll>  [(Verified)Microsoft Corporation, 5.7.0.18066, C:2006-09-03 16:00 M:2008-05-09 18:53]
[Microsoft 数据链接]
    {2206CDB2-19C1-11D1-89E0-00C04FD7A829}  <C:\Program Files\Common Files\System\Ole DB\oledb32.dll>  [(Verified)Microsoft Corporation, 2.81.1132.0 (xpsp.080413-0852), C:2008-07-16 17:03 M:2008-04-13 19:13]
[Tasks Folder Icon Handler]
    {DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}  <C:\WINDOWS\system32\mstask.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:03 M:2008-04-13 19:13]
[Tasks Folder Shell Extension]
    {797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}  <C:\WINDOWS\system32\mstask.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:03 M:2008-04-13 19:13]
[任务计划]
    {D6277990-4C6A-11CF-8D87-00AA0060F5BF}  <C:\WINDOWS\system32\mstask.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:03 M:2008-04-13 19:13]
[Set Program Access and Defaults]
    {2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}  <%SystemRoot%\system32\shdocvw.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Auto Update Property Sheet Extension]
    {5F327514-6C5E-4d60-8F16-D07FA08A78ED}  <C:\WINDOWS\system32\wuaucpl.cpl>  [(Verified)Microsoft Corporation, 5.4.3790.5512 (xpsp.080413-0852), C:2008-07-16 17:03 M:2008-04-13 19:14]
[搜索]
    {2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}  <%SystemRoot%\system32\shdocvw.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[帮助和支持]
    {2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}  <%SystemRoot%\system32\shdocvw.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[帮助和支持]
    {2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}  <%SystemRoot%\system32\shdocvw.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[运行...]
    {2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}  <%SystemRoot%\system32\shdocvw.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Internet]
    {2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}  <%SystemRoot%\system32\shdocvw.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[电子邮件]
    {2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}  <%SystemRoot%\system32\shdocvw.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[字体]
    {D20EA4E1-3957-11d2-A40B-0C5020524152}  <%SystemRoot%\system32\shdocvw.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[管理工具]
    {D20EA4E1-3957-11d2-A40B-0C5020524153}  <%SystemRoot%\system32\shdocvw.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Previous Versions Property Page]
    {596AB062-B4D2-4215-9F74-E9109B0A8153}  <C:\WINDOWS\system32\twext.dll>  [(Verified)Microsoft Corporation, 6.00.3800.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Previous Versions]
    {9DB7A13C-F208-4981-8353-73CC61AE2783}  <C:\WINDOWS\system32\twext.dll>  [(Verified)Microsoft Corporation, 6.00.3800.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Audio Media Properties Handler]
    {875CB1A1-0F29-45de-A1AE-CFB4950D0B78}  <%SystemRoot%\system32\shmedia.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Video Media Properties Handler]
    {40C3D757-D6E4-4b49-BB41-0E5BBEA28817}  <%SystemRoot%\system32\shmedia.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Wav Properties Handler]
    {E4B29F9D-D390-480b-92FD-7DDB47101D71}  <%SystemRoot%\system32\shmedia.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Avi Properties Handler]
    {87D62D94-71B3-4b9a-9489-5FE6850DC73E}  <%SystemRoot%\system32\shmedia.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Midi Properties Handler]
    {A6FD9E45-6E44-43f9-8644-08598F5A74D9}  <%SystemRoot%\system32\shmedia.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Video Thumbnail Extractor]
    {c5a40261-cd64-4ccf-84cb-c394da41d590}  <%SystemRoot%\system32\shmedia.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Microsoft Internet 工具栏]
    {5E6AB780-7743-11CF-A12B-00AA004AE837}  <%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[下载状态]
    {22BF0C20-6DA7-11D0-B373-00A0C9034938}  <%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[补充的外壳文件夹]
    {91EA3F8B-C99B-11d0-9815-00C04FD91972}  <%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[补充的外壳文件夹 2]
    {6413BA2C-B461-11d1-A18A-080036B11A03}  <%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[BandProxy]
    {F61FFEC1-754F-11d0-80CA-00AA005B4383}  <%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Microsoft BrowserBand]
    {7BA4C742-9E81-11CF-99D3-00AA004AE837}  <%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[搜索区]
    {30D02401-6A81-11d0-8274-00C04FD5AE38}  <%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[窗格中的搜索]
    {169A0691-8DF9-11d1-A1C4-00C04FD75D13}  <%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Web 搜索]
    {07798131-AF23-11d1-9111-00A0C98BA67D}  <%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[注册数目路选项实用程序]
    {AF4F6510-F982-11d0-8595-00AA004CD6D8}  <%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[地址(&A)]
    {01E04581-4EEE-11d0-BFE9-00AA005B4383}  <%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[地址 EditBox]
    {A08C11D2-A228-11d0-825B-00AA005B4383}  <%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Microsoft AutoComplete]
    {00BB2763-6A77-11D0-A535-00C04FD7D062}  <%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[TridentImageExtractor]
    {7376D660-C583-11d0-A3A5-00C04FD706EC}  <%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[MRU 自动完成列表]
    {6756A641-DE71-11d0-831B-00AA005B4383}  <%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[自定义 MRU 自动完成列表]
    {6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}  <%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[可访问的]
    {7e653215-fa25-46bd-a339-34a2790f3cb7}  <%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[跟踪弹出栏]
    {acf35015-526e-4230-9596-becbe19f0ac9}  <%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Microsoft 历史自动完成列表]
    {00BB2764-6A77-11D0-A535-00C04FD7D062}  <%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Microsoft 外壳文件夹自动完成列表]
    {03C036F1-A186-11D0-824A-00AA005B4383}  <%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Microsoft 多个自动完成列表容器]
    {00BB2765-6A77-11D0-A535-00C04FD7D062}  <%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Shell Band Site Menu]
    {ECD4FC4E-521C-11D0-B792-00A0C90312E1}  <%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[外壳 DeskBarApp]
    {3CCF8A41-5C85-11d0-9796-00AA00B90ADF}  <%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[外壳 DeskBar]
    {ECD4FC4C-521C-11D0-B792-00A0C90312E1}  <%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[外壳 Rebar BandSite]
    {ECD4FC4D-521C-11D0-B792-00A0C90312E1}  <%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[用户帮助]
    {DD313E04-FEFF-11d1-8ECD-0000F87A470C}  <%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[全局文件夹设置]
    {EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}  <%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Favorites Band]
    {EFA24E61-B078-11d0-89E4-00C04FC9E26E}  <%SystemRoot%\system32\shdocvw.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Shell Automation Inproc Service]
    {0A89A860-D7B1-11CE-8350-444553540000}  <%SystemRoot%\system32\shdocvw.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Shell DocObject Viewer]
    {E7E4BC40-E76A-11CE-A9BB-00AA004AE837}  <%SystemRoot%\system32\shdocvw.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Microsoft Browser Architecture]
    {A5E46E3A-8849-11D1-9D8C-00C04FC99D61}  <%SystemRoot%\system32\shdocvw.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[InternetShortcut]
    {FBF23B40-E3F0-101B-8488-00AA003E56F8}  <shdocvw.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Microsoft Url History 服务]
    {3C374A40-BAE4-11CF-BF7D-00AA006946EE}  <%SystemRoot%\system32\shdocvw.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[历史记录]
    {FF393560-C2A7-11CF-BFF4-444553540000}  <%SystemRoot%\system32\shdocvw.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Internet 临时文件]
    {7BD29E00-76C1-11CF-9DD0-00A0C9034933}  <%SystemRoot%\system32\shdocvw.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Internet 临时文件]
    {7BD29E01-76C1-11CF-9DD0-00A0C9034933}  <%SystemRoot%\system32\shdocvw.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Microsoft Url 搜索挂接]
    {CFBFAE00-17A6-11D0-99CB-00C04FD64497}  <%SystemRoot%\system32\shdocvw.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[IE4 套件初始屏幕]
    {A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}  <%SystemRoot%\system32\shdocvw.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[CDF Extension Copy Hook]
    {67EA19A0-CCEF-11d0-8024-00C04FD75D13}  <%SystemRoot%\system32\shdocvw.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[ISFBand OC]
    {131A6951-7F78-11D0-A979-00C04FD705A2}  <%SystemRoot%\system32\shdocvw.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Search Assistant OC]
    {9461b922-3c5a-11d2-bf8b-00c04fb93661}  <%SystemRoot%\system32\shdocvw.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Internet]
    {3DC7A020-0ACD-11CF-A9BB-00AA004AE837}  <%SystemRoot%\system32\shdocvw.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Internet Name Space]
    {871C5380-42A0-1069-A2EA-08002B30309D}  <%SystemRoot%\system32\shdocvw.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[浏览器栏]
    {EFA24E64-B078-11d0-89E4-00C04FC9E26E}  <%SystemRoot%\system32\shdocvw.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Sendmail service]
    {9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}  <C:\WINDOWS\system32\sendmail.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Sendmail service]
    {9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}  <C:\WINDOWS\system32\sendmail.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[ActiveX 高速缓存文件夹]
    {88C6C381-2E85-11D0-94DE-444553540000}  <%SystemRoot%\system32\occache.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[WebCheck]
    {E6FB5E20-DE35-11CF-9C87-00AA005127ED}  <%SystemRoot%\system32\webcheck.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Subscription Mgr]
    {ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}  <%SystemRoot%\system32\webcheck.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[预订文件夹]
    {F5175861-2688-11d0-9C5E-00AA00A45957}  <%SystemRoot%\system32\webcheck.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[WebCheckWebCrawler]
    {08165EA0-E946-11CF-9C87-00AA005127ED}  <%SystemRoot%\system32\webcheck.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[WebCheckChannelAgent]
    {E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}  <%SystemRoot%\system32\webcheck.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[TrayAgent]
    {E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}  <%SystemRoot%\system32\webcheck.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Code Download Agent]
    {7D559C10-9FE9-11d0-93F7-00AA0059CE02}  <%SystemRoot%\system32\webcheck.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[ConnectionAgent]
    {E6CC6978-6B6E-11D0-BECA-00C04FD940BE}  <%SystemRoot%\system32\webcheck.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[PostAgent]
    {D8BD2030-6FC9-11D0-864F-00AA006809D9}  <%SystemRoot%\system32\webcheck.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[WebCheck SyncMgr Handler]
    {7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}  <%SystemRoot%\system32\webcheck.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Shell Application Manager]
    {352EC2B7-8B9A-11D1-B8AE-006008059382}  <%SystemRoot%\system32\appwiz.cpl>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:14]
[Installed Apps Enumerator]
    {0B124F8F-91F0-11D1-B8B5-006008059382}  <%SystemRoot%\system32\appwiz.cpl>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:14]
[Darwin App Publisher]
    {CFCCC7A0-A282-11D1-9082-006008059382}  <%SystemRoot%\system32\appwiz.cpl>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:14]
[Shell Image Verbs]
    {e84fda7c-1d6a-45f6-b725-cb260c236066}  <%SystemRoot%\system32\shimgvw.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Shell Image Data Factory]
    {66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}  <%SystemRoot%\system32\shimgvw.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[GDI+ 文件缩略图解压缩程序]
    {3F30C968-480A-4C6C-862D-EFC0897BB84B}  <C:\WINDOWS\system32\shimgvw.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[摘要信息缩略图处理程序(DOCFILES)]
    {9DBD2C50-62AD-11d0-B806-00C04FD706EC}  <C:\WINDOWS\system32\shimgvw.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[HTML 缩略图的解压缩程序]
    {EAB841A0-9550-11cf-8C16-00805F1408F3}  <C:\WINDOWS\system32\shimgvw.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Shell Image Property Handler]
    {eb9b1153-3b57-4e68-959a-a3266bc3d7fe}  <%SystemRoot%\system32\shimgvw.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[网络出版向导]
    {CC6EEFFB-43F6-46c5-9619-51D571967F7D}  <%SystemRoot%\system32\netplwiz.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[通过 Web 订购照片]
    {add36aa8-751a-4579-a266-d66f5202ccbb}  <%SystemRoot%\system32\netplwiz.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[外壳出版向导对象]
    {6b33163c-76a5-4b6c-bf21-45de9cd503a1}  <%SystemRoot%\system32\netplwiz.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[获取 Passport 向导]
    {58f1f272-9240-4f51-b6d4-fd63d1618591}  <%SystemRoot%\system32\netplwiz.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[压缩(zipped)文件夹]
    {E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31}  <%SystemRoot%\system32\zipfldr.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Compressed (zipped) Folder Right Drag Handler]
    {BD472F60-27FA-11cf-B8B4-444553540000}  <%SystemRoot%\system32\zipfldr.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Compressed (zipped) Folder SendTo Target]
    {888DCA60-FC0A-11CF-8F0F-00C04FD7D062}  <%SystemRoot%\system32\zipfldr.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[频道文件]
    {f39a0dc0-9cc8-11d0-a599-00c04fd64433}  <%SystemRoot%\system32\cdfview.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[频道快捷方式]
    {f3aa0dc0-9cc8-11d0-a599-00c04fd64434}  <%SystemRoot%\system32\cdfview.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[频道句柄对象]
    {f3ba0dc0-9cc8-11d0-a599-00c04fd64435}  <%SystemRoot%\system32\cdfview.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Channel Menu]
    {f3da0dc0-9cc8-11d0-a599-00c04fd64437}  <%SystemRoot%\system32\cdfview.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Channel Properties]
    {f3ea0dc0-9cc8-11d0-a599-00c04fd64438}  <%SystemRoot%\system32\cdfview.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Extensions Manager Folder]
    {692F0339-CBAA-47e6-B5B5-3B84DB604E87}  <C:\WINDOWS\system32\extmgr.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[FTP Folders Webview]
    {63da6ec0-2e98-11cf-8d82-444553540000}  <C:\WINDOWS\system32\msieftp.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Microsoft DocProp Shell Ext]
    {883373C3-BF89-11D1-BE35-080036B11A03}  <C:\WINDOWS\system32\docprop2.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Microsoft DocProp Inplace Edit Box Control]
    {A9CF0EAE-901A-4739-A481-E35B73E47F6D}  <C:\WINDOWS\system32\docprop2.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Microsoft DocProp Inplace ML Edit Box Control]
    {8EE97210-FD1F-4B19-91DA-67914005F020}  <C:\WINDOWS\system32\docprop2.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Microsoft DocProp Inplace Droplist Combo Control]
    {0EEA25CC-4362-4A12-850B-86EE61B0D3EB}  <C:\WINDOWS\system32\docprop2.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Microsoft DocProp Inplace Calendar Control]
    {6A205B57-2567-4A2C-B881-F787FAB579A3}  <C:\WINDOWS\system32\docprop2.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Microsoft DocProp Inplace Time Control]
    {28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}  <C:\WINDOWS\system32\docprop2.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Directory Query UI]
    {8A23E65E-31C2-11d0-891C-00A024AB2DBB}  <%SystemRoot%\system32\dsquery.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Shell properties for a DS object]
    {9E51E0D0-6E0F-11d2-9601-00C04FA31A86}  <%SystemRoot%\system32\dsquery.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Directory Object Find]
    {163FDC20-2ABC-11d0-88F0-00A024AB2DBB}  <%SystemRoot%\system32\dsquery.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Directory Start/Search Find]
    {F020E586-5264-11d1-A532-0000F8757D7E}  <%SystemRoot%\system32\dsquery.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Directory Property UI]
    {0D45D530-764B-11d0-A1CA-00AA00C16E65}  <%SystemRoot%\system32\dsuiext.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Directory Context Menu Verbs]
    {62AE1F9A-126A-11D0-A14B-0800361B1103}  <%SystemRoot%\system32\dsuiext.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[MyDocs Copy Hook]
    {ECF03A33-103D-11d2-854D-006008059367}  <%SystemRoot%\system32\mydocs.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[MyDocs Drop Target]
    {ECF03A32-103D-11d2-854D-006008059367}  <%SystemRoot%\system32\mydocs.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[MyDocs Properties]
    {4a7ded0a-ad25-11d0-98a8-0800361b1103}  <%SystemRoot%\system32\mydocs.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Offline Files Menu]
    {750fdf0e-2a26-11d1-a3ea-080036587f03}  <%SystemRoot%\System32\cscui.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Offline Files Folder Options]
    {10CFC467-4392-11d2-8DB4-00C04FA31A66}  <%SystemRoot%\System32\cscui.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[脱机文件夹]
    {AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}  <%SystemRoot%\System32\cscui.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Microsoft Agent Character Property Sheet Handler]
    {143A62C8-C33B-11D1-84FE-00C04FA34A14}  <C:\WINDOWS\msagent\agentpsh.dll>  [(Verified)Microsoft Corporation, 2.00.0.3427, C:2006-09-03 16:00 M:2008-04-13 19:13]
[DfsShell]
    {ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}  <C:\WINDOWS\system32\dfsshlex.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
[%DESC_PublishDropTarget%]
    {60fd46de-f830-4894-a628-6fa81bc0190d}  <%SystemRoot%\system32\photowiz.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
[MMC Icon Handler]
    {7A80E4A8-8005-11D2-BCF8-00C04F72C717}  <%SystemRoot%\System32\mmcshext.dll>  [(Verified)Microsoft Corporation, 5.2.3790.4136 (srv03_sp2_qfe.070821-1204), C:2006-09-03 16:00 M:2008-04-13 19:13]
[.CAB file viewer]
    {0CD7A5C0-9F37-11CE-AE65-08002B2E1262}  <cabview.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[用户(&P)...]
    {32714800-2E5F-11d0-8B85-00AA0044F941}  <C:\Program Files\Outlook Express\wabfind.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-07-16 17:03 M:2008-04-13 19:13]
[Windows Media Player Play as Playlist Context Menu Handler]
    {8DD448E6-C188-4aed-AF92-44956194EB1F}  <C:\WINDOWS\system32\wmpshell.dll>  [(Verified)Microsoft Corporation, 10.00.00.3802, C:2006-09-03 16:00 M:2005-01-28 15:25]
[Windows Media Player Burn Audio CD Context Menu Handler]
    {CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}  <C:\WINDOWS\system32\wmpshell.dll>  [(Verified)Microsoft Corporation, 10.00.00.3802, C:2006-09-03 16:00 M:2005-01-28 15:25]
[Windows Media Player Add to Playlist Context Menu Handler]
    {F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}  <C:\WINDOWS\system32\wmpshell.dll>  [(Verified)Microsoft Corporation, 10.00.00.3802, C:2006-09-03 16:00 M:2005-01-28 15:25]
[Portable Media Devices]
    {640167b4-59b0-47a6-b335-a6b3c0695aea}  <%SystemRoot%\system32\Audiodev.dll>  [(Verified)Microsoft Corporation, 5.2.3802.3802 built by: dnsrv(bld4act), C:2005-01-28 15:25 M:2005-01-28 15:25]
[Portable Media Devices Menu]
    {cc86590a-b60a-48e6-996b-41d25ed39a1e}  <%SystemRoot%\system32\Audiodev.dll>  [(Verified)Microsoft Corporation, 5.2.3802.3802 built by: dnsrv(bld4act), C:2005-01-28 15:25 M:2005-01-28 15:25]
[Shell Search Band]
    {21569614-B795-46b1-85F4-E737A8DC09AD}  <%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[桌面浏览器]
    {1CDB2949-8F65-4355-8456-263E7C208A5D}  <C:\WINDOWS\system32\nvshell.dll>  [(Verified)NVIDIA Corporation, 6.14.10.5216, C:2003-10-06 13:16 M:2003-10-06 13:16]
[Desktop Explorer Menu]
    {1E9B04FB-F9E5-4718-997B-B8DA88302A47}  <C:\WINDOWS\system32\nvshell.dll>  [(Verified)NVIDIA Corporation, 6.14.10.5216, C:2003-10-06 13:16 M:2003-10-06 13:16]
[WinRAR shell extension]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <D:\WinRAR\rarext.dll>  [N/A, C:2008-07-16 17:52 M:2007-09-23 18:59]
[EncryptFile]
    {D55189EB-2826-4834-8E59-582B05CA99CA}  <D:\Wopti\WoptiEncryptModule.dll>  [(Verified)共软网络, 1.0.8.530, C:2008-07-16 18:37 M:2008-06-02 11:10]
[RISING]
    {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}  <C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-07-16 21:42 M:2008-07-30 20:57]

Protocols
[AP Class Install Handler filter]
    {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1}  <C:\WINDOWS\system32\urlmon.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[AP lzdhtml encoding/decoding Filter]
    {8f6b0360-b80d-11d0-a9b3-006097942311}  <C:\WINDOWS\system32\urlmon.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[WebView MIME Filter]
    {733AC4CB-F1A4-11d0-B951-00A0C90312E1}  <%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Microsoft HTML About Pluggable Protocol]
    {3050F406-98B5-11CF-BB82-00AA00BDCE0B}  <%SystemRoot%\system32\mshtml.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5583 (xpsp_sp3_gdr.080417-1430), C:2006-09-03 16:00 M:2008-04-21 12:13]
[CDL: Asychronous Pluggable Protocol Handler]
    {3dd53d40-7b8b-11D0-b013-00aa0059ce02}  <C:\WINDOWS\system32\urlmon.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[DVD: 可插入协议]
    {12D51199-0DB5-46FE-A120-47A3D7D937CC}  <C:\WINDOWS\system32\msvidctl.dll>  [(Verified)Microsoft Corporation, 6.05.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
[file:, local: Asychronous Pluggable Protocol Handler]
    {79eac9e7-baf9-11ce-8c82-00aa004ba90b}  <C:\WINDOWS\system32\urlmon.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[ftp: Asychronous Pluggable Protocol Handler]
    {79eac9e3-baf9-11ce-8c82-00aa004ba90b}  <C:\WINDOWS\system32\urlmon.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[gopher: Asychronous Pluggable Protocol Handler]
    {79eac9e4-baf9-11ce-8c82-00aa004ba90b}  <C:\WINDOWS\system32\urlmon.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[http: Asychronous Pluggable Protocol Handler]
    {79eac9e2-baf9-11ce-8c82-00aa004ba90b}  <C:\WINDOWS\system32\urlmon.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[https: Asychronous Pluggable Protocol Handler]
    {79eac9e5-baf9-11ce-8c82-00aa004ba90b}  <C:\WINDOWS\system32\urlmon.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Microsoft InfoTech Protocols for IE 4.0]
    {9D148291-B9C8-11D0-A4CC-0000F80149F6}  <C:\WINDOWS\system32\itss.dll>  [(Verified)Microsoft Corporation, 5.2.3790.4186 (srv03_sp2_qfe.071108-1306), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Microsoft HTML Javascript Pluggable Protocol]
    {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B}  <%SystemRoot%\system32\mshtml.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5583 (xpsp_sp3_gdr.080417-1430), C:2006-09-03 16:00 M:2008-04-21 12:13]
[Microsoft HTML Mailto Pluggable Protocol]
    {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B}  <%SystemRoot%\system32\mshtml.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5583 (xpsp_sp3_gdr.080417-1430), C:2006-09-03 16:00 M:2008-04-21 12:13]
[MHTML Asychronous Pluggable Protocol Handler]
    {05300401-BCBC-11d0-85E3-00C04FD85AB4}  <%SystemRoot%\system32\inetcomm.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5579 (xpsp_sp3_gdr.080411-1536), C:2008-07-16 17:03 M:2008-04-12 03:04]
[mk: Asychronous Pluggable Protocol Handler]
    {79eac9e6-baf9-11ce-8c82-00aa004ba90b}  <C:\WINDOWS\system32\urlmon.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Microsoft HTML Resource Pluggable Protocol]
    {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B}  <%SystemRoot%\system32\mshtml.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5583 (xpsp_sp3_gdr.080417-1430), C:2006-09-03 16:00 M:2008-04-21 12:13]
[Microsoft HTML Resource Pluggable Protocol]
    {76E67A63-06E9-11D2-A840-006008059382}  <%SystemRoot%\system32\mshtml.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5583 (xpsp_sp3_gdr.080417-1430), C:2006-09-03 16:00 M:2008-04-21 12:13]
[TV: 可插入协议]
    {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E}  <C:\WINDOWS\system32\msvidctl.dll>  [(Verified)Microsoft Corporation, 6.05.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
[WiaProtocol Class]
    {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE}  <C:\WINDOWS\system32\wiascr.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]

BrowserHelperObject
[ThunderAtOnce Class]
    {01443AEC-0FD1-40fd-9C87-E93D1494C233}  <D:\Thunder\ComDlls\TDAtOnce_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 1.0.5.29, C:2008-07-16 18:46 M:2008-06-13 09:43]
[Thunder Browser Helper]
    {889D2FEB-5411-4565-8998-1DD2C5261283}  <D:\Thunder\ComDlls\xunleiBHO_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2008-07-16 18:46 M:2008-06-13 09:43]
[卡卡上网安全助手]
    {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}  <C:\WINDOWS\system32\UrlFilter.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-07-16 18:17 M:2008-07-25 17:54]
[SafeMon Class]
    {B69F34DD-F0F9-42DC-9EDD-957187DA688D}  <D:\360safe\safemon\safemon.dll>  [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42]
[kingsoft browser shield]
    {D963BE1A-6B35-47DB-B002-49FAE71D85CC}  <D:\Kingsoft Antispy\KASBrowserShield.DLL>  [(Verified)Kingsoft Corporation, 2008,04,15,2, C:2008-07-17 10:04 M:2008-06-17 08:59]

UrlSeachHook
[Microsoft Url 搜索挂接]
    {CFBFAE00-17A6-11D0-99CB-00C04FD64497}  <%SystemRoot%\system32\shdocvw.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]

ActiveX Extension
[ThunderAtOnce Class]
    {01443AEC-0FD1-40FD-9C87-E93D1494C233}  <D:\Thunder\ComDlls\TDAtOnce_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 1.0.5.29, C:2008-07-16 18:46 M:2008-06-13 09:43]
[IEBuddyExtControl Class]
    {3AECD3C1-7085-4731-96DC-47B6CF7EF749}  <D:\Kingsoft Antispy\IEBuddyExt.DLL>  [(Verified)Kingsoft Corporation, 2008,06,24,415, C:2008-07-17 10:04 M:2008-07-17 10:06]
[Thunder Agent Class]
    {485463B7-8FB2-4B3B-B29B-8B919B0EACCE}  <D:\Thunder\ComDlls\ThunderAgent_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 4, 23, C:2008-07-16 18:46 M:2008-06-13 09:43]
[Microsoft Terminal Services Client Control (redist)]
    {4eb89ff4-7f78-4a0f-8b8d-2bf02e94e4b2}  <%systemroot%\system32\mstscax.dll>  [(Verified)Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840), C:2008-07-16 17:02 M:2008-04-13 19:13]
[Microsoft Terminal Services Client Control (redist)]
    {4EDCB26C-D24C-4e72-AF07-B576699AC0DE}  <%systemroot%\system32\mstscax.dll>  [(Verified)Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840), C:2008-07-16 17:02 M:2008-04-13 19:13]
[WangWangObj Class]
    {6E213FC7-DD5A-4115-B7E6-D4C7838C361E}  <D:\WangWang\WangWangX6.dll>  [(Verified)阿里巴巴软件(上海)有限公司, 1, 0, 0, 5, C:2008-07-16 19:44 M:2008-03-18 12:14]
[Microsoft Terminal Services Client Control (redist)]
    {7390f3d8-0439-4c05-91e3-cf5cb290c3d0}  <%systemroot%\system32\mstscax.dll>  [(Verified)Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840), C:2008-07-16 17:02 M:2008-04-13 19:13]
[Microsoft Terminal Services Client Control (redist)]
    {7584c670-2274-4efb-b00b-d6aaba6d3850}  <%systemroot%\system32\mstscax.dll>  [(Verified)Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840), C:2008-07-16 17:02 M:2008-04-13 19:13]
[MediaComm Class]
    {7670648D-461B-42AF-BDFE-46D26AF5EFF2}  <D:\Thunder\Components\InMedia\MediaAddin17.dll>  [Thunder Networking Technologies,LTD, 3, 1, 5, 78, C:2008-07-16 18:46 M:2008-07-12 09:53]
[360SafeLive]
    {87515F61-A66C-4319-A0E0-D416CB8059E3}  <D:\360safe\live.dll>  [(Verified)360.cn, 1, 0, 1, 1028, C:2008-07-16 22:00 M:2008-07-16 22:00]
[Thunder Browser Helper]
    {889D2FEB-5411-4565-8998-1DD2C5261283}  <D:\Thunder\ComDlls\xunleiBHO_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2008-07-16 18:46 M:2008-06-13 09:43]
[Microsoft Terminal Services Client Control (redist)]
    {9059f30f-4eb1-4bd2-9fdc-36f43a218f4a}  <%systemroot%\system32\mstscax.dll>  [(Verified)Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840), C:2008-07-16 17:02 M:2008-04-13 19:13]
[卡卡上网安全助手]
    {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}  <C:\WINDOWS\system32\UrlFilter.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-07-16 18:17 M:2008-07-25 17:54]
[SafeMon Class]
    {B69F34DD-F0F9-42DC-9EDD-957187DA688D}  <D:\360safe\safemon\safemon.dll>  [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42]
[Shockwave Flash Object]
    {D27CDB6E-AE6D-11CF-96B8-444553540000}  <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx>  [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32]
[kingsoft browser shield]
    {D963BE1A-6B35-47DB-B002-49FAE71D85CC}  <D:\Kingsoft Antispy\KASBrowserShield.DLL>  [(Verified)Kingsoft Corporation, 2008,04,15,2, C:2008-07-17 10:04 M:2008-06-17 08:59]

Context Menu
[EncryptFile]
    {D55189EB-2826-4834-8E59-582B05CA99CA}  <D:\Wopti\WoptiEncryptModule.dll>  [(Verified)共软网络, 1.0.8.530, C:2008-07-16 18:37 M:2008-06-02 11:10]
[Offline Files]
    {750fdf0e-2a26-11d1-a3ea-080036587f03}  <%SystemRoot%\System32\cscui.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Open With]
    {09799AFB-AD67-11d1-ABCD-00C04FC30936}  <%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Open With EncryptionMenu]
    {A470F8CF-A1E8-4f65-8335-227475AA5C46}  <%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[RisingRavExt]
    {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}  <C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-07-16 21:42 M:2008-07-30 20:57]
[WinRAR]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <D:\WinRAR\rarext.dll>  [N/A, C:2008-07-16 17:52 M:2007-09-23 18:59]
[Send To]
    {7BA4C740-9E81-11CF-99D3-00AA004AE837}  <%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Sharing]
    {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}  <ntshrui.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]


========================================
服务

[SoundMAX Agent Service / SoundMAX Agent Service (default)][Running/Auto Start]
    <C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe>  [Analog Devices, Inc., 3, 2, 6, 0, C:2008-07-16 17:30 M:2002-09-20 15:50]

[Alerter / Alerter][Stopped/Disabled]
    <%SystemRoot%\system32\svchost.exe -k LocalService --> "%SystemRoot%\system32\alrsvc.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Application Layer Gateway Service / ALG][Running/Manual Start]
    <%SystemRoot%\System32\alg.exe>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Application Management / AppMgmt][Stopped/Manual Start]
    <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\appmgmts.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Windows Audio / AudioSrv][Running/Auto Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\audiosrv.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Background Intelligent Transfer Service / BITS][Stopped/Manual Start]
    <%SystemRoot%\system32\svchost.exe -k netsvcs --> "C:\WINDOWS\system32\qmgr.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 6.7.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:03 M:2008-04-13 19:13]
[Computer Browser / Browser][Stopped/Auto Start]
    <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\browser.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Contrl Center of Storm Media / ccosm][Running/Auto Start]
    <D:\StormII\stormliv.exe /asservice>  [(Verified)北京暴风网际科技有限公司, 3, 8, 8, 1, C:2008-03-11 14:33 M:2008-08-01 20:11]
[Indexing Service / CiSvc][Stopped/Manual Start]
    <%SystemRoot%\system32\cisvc.exe>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
[ClipBook / ClipSrv][Stopped/Disabled]
    <%SystemRoot%\system32\clipsrv.exe>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[COM+ System Application / COMSysApp][Stopped/Manual Start]
    <C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:14]
[Cryptographic Services / CryptSvc][Running/Auto Start]
    <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\cryptsvc.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
[DCOM 服务器进程启动器 / DcomLaunch][Running/Auto Start]
    <%SystemRoot%\system32\svchost -k DcomLaunch --> "%SystemRoot%\system32\rpcss.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
[DHCP Client / Dhcp][Running/Auto Start]
    <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\dhcpcsvc.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Logical Disk Manager Administrative Service / dmadmin][Stopped/Manual Start]
    <%SystemRoot%\System32\dmadmin.exe /com>  [(Verified)Microsoft Corp., Veritas Software, 2600.5512.503.0, C:2006-09-03 16:00 M:2008-04-13 19:14]
[Logical Disk Manager / dmserver][Running/Auto Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\dmserver.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corp., 2600.5512.503.0, C:2006-09-03 16:00 M:2008-04-13 19:13]
[DNS Client / Dnscache][Running/Auto Start]
    <%SystemRoot%\system32\svchost.exe -k NetworkService --> "%SystemRoot%\System32\dnsrslvr.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Wired AutoConfig / Dot3svc][Stopped/Manual Start]
    <%SystemRoot%\System32\svchost.exe -k dot3svc --> "%SystemRoot%\System32\dot3svc.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2008-07-16 18:04 M:2008-04-13 19:13]
[Extensible Authentication Protocol Service / EapHost][Stopped/Manual Start]
    <%SystemRoot%\System32\svchost.exe -k eapsvcs --> "%SystemRoot%\System32\eapsvc.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2008-07-16 18:04 M:2008-04-13 19:13]
[Error Reporting Service / ERSvc][Running/Auto Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\ersvc.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Event Log / Eventlog][Running/Auto Start]
    <%SystemRoot%\system32\services.exe>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14]
[COM+ Event System / EventSystem][Running/Manual Start]
    <C:\WINDOWS\system32\svchost.exe -k netsvcs --> "C:\WINDOWS\system32\es.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 2001.12.4414.706, C:2006-09-03 16:00 M:2008-07-08 04:26]
[Fast User Switching Compatibility / FastUserSwitchingCompatibility][Running/Manual Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\shsvcs.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Help and Support / helpsvc][Running/Auto Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:03 M:2008-04-13 19:13]
[Health Key and Certificate Management Service / hkmsvc][Stopped/Manual Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\kmsvc.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2008-07-16 18:04 M:2008-04-13 19:13]
[HTTP SSL / HTTPFilter][Stopped/Manual Start]
    <%SystemRoot%\System32\svchost.exe -k HTTPFilter --> "%SystemRoot%\System32\w3ssl.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 6.0.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
[IMAPI CD-Burning COM Service / ImapiService][Stopped/Disabled]
    <C:\WINDOWS\system32\imapi.exe>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:14]
[Kingsoft Uplive Service / kaccore][Running/Auto Start]
    <"C:\Program Files\Kingsoft\KAC\Service\kaccore.exe">  [(Verified)Kingsoft Corporation, 2008,08,15,204, C:2008-08-19 00:08 M:2008-08-15 16:32]
[Server / lanmanserver][Stopped/Disabled]
    <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\srvsvc.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Workstation / lanmanworkstation][Running/Auto Start]
    <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\wkssvc.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
[TCP/IP NetBIOS Helper / LmHosts][Running/Auto Start]
    <%SystemRoot%\system32\svchost.exe -k LocalService --> "%SystemRoot%\System32\lmhsvc.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Messenger / Messenger][Stopped/Disabled]
    <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\msgsvc.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
[NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
    <C:\WINDOWS\system32\mnmsrvc.exe>  [(Verified)Microsoft Corporation, 5.1.2600.5512, C:2008-07-16 17:03 M:2008-04-13 19:14]
[Distributed Transaction Coordinator / MSDTC][Stopped/Manual Start]
    <C:\WINDOWS\system32\msdtc.exe>  [(Verified)Microsoft Corporation, 2001.12.4414.700, C:2008-07-16 17:02 M:2008-04-13 19:14]
[Windows Installer / MSIServer][Stopped/Manual Start]
    <C:\WINDOWS\system32\msiexec.exe /V>  [(Verified)Microsoft Corporation, 3.1.4001.5512, C:2006-09-03 16:00 M:2008-04-13 19:14]
[Network Access Protection Agent / napagent][Stopped/Manual Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\qagentrt.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2008-07-16 18:04 M:2008-04-13 19:13]
[Network DDE / NetDDE][Stopped/Disabled]
    <%SystemRoot%\system32\netdde.exe>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:14]
[Network DDE DSDM / NetDDEdsdm][Stopped/Disabled]
    <%SystemRoot%\system32\netdde.exe>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:14]
[Net Logon / Netlogon][Stopped/Manual Start]
    <%SystemRoot%\system32\lsass.exe>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:14]
[Network Connections / Netman][Running/Manual Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\netman.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Network Location Awareness (NLA) / Nla][Running/Manual Start]
    <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\mswsock.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-21 01:46]
[NT LM Security Support Provider / NtLmSsp][Stopped/Manual Start]
    <%SystemRoot%\system32\lsass.exe>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:14]
[Removable Storage / NtmsSvc][Stopped/Manual Start]
    <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\system32\ntmssvc.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2400.5512, C:2006-09-03 16:00 M:2008-04-13 19:13]
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
    <%SystemRoot%\system32\nvsvc32.exe>  [(Verified)NVIDIA Corporation, 6.14.10.5216, C:2003-10-06 13:16 M:2003-10-06 13:16]
[Plug and Play / PlugPlay][Running/Auto Start]
    <%SystemRoot%\system32\services.exe>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14]
[IPSEC Services / PolicyAgent][Running/Auto Start]
    <%SystemRoot%\system32\lsass.exe>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:14]
[Protected Storage / ProtectedStorage][Running/Auto Start]
    <%SystemRoot%\system32\lsass.exe>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:14]
[Remote Access Auto Connection Manager / RasAuto][Stopped/Manual Start]
    <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\rasauto.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Remote Access Connection Manager / RasMan][Running/Manual Start]
    <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\rasmans.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Remote Desktop Help Session Manager / RDSessMgr][Stopped/Manual Start]
    <C:\WINDOWS\system32\sessmgr.exe>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-07-16 17:02 M:2008-04-13 19:14]
[Routing and Remote Access / RemoteAccess][Stopped/Disabled]
    <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\mprdim.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Remote Registry / RemoteRegistry][Running/Auto Start]
    <%SystemRoot%\system32\svchost.exe -k LocalService --> "%SystemRoot%\system32\regsvc.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Rising Proxy  Service / RfwProxySrv][Running/Auto Start]
    <D:\Rising\Rfw\rfwProxy.exe>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.37, C:2008-07-16 18:23 M:2008-07-30 20:56]
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
    <D:\Rising\Rfw\rfwsrv.exe>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.76, C:2008-07-16 18:23 M:2008-07-25 14:56]
[Remote Procedure Call (RPC) Locator / RpcLocator][Stopped/Manual Start]
    <%SystemRoot%\system32\locator.exe>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:14]
[Remote Procedure Call (RPC) / RpcSs][Running/Auto Start]
    <%SystemRoot%\system32\svchost -k rpcss --> "%SystemRoot%\system32\rpcss.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
    <"D:\Rising\Rav\CCenter.exe">  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.33, C:2008-07-16 21:42 M:2008-07-30 20:57]
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
    <"D:\RISING\RAV\Ravmond.exe">  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.80, C:2008-07-16 21:42 M:2008-07-30 20:57]
[QoS RSVP / RSVP][Stopped/Manual Start]
    <%SystemRoot%\system32\rsvp.exe>  [(Verified)Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2006-09-03 16:00 M:2006-09-03 16:00]
[Security Accounts Manager / SamSs][Running/Auto Start]
    <%SystemRoot%\system32\lsass.exe>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:14]
[Smart Card / SCardSvr][Stopped/Manual Start]
    <%SystemRoot%\System32\SCardSvr.exe>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:14]
[Task Scheduler / Schedule][Running/Auto Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\system32\schedsvc.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:03 M:2008-04-13 19:13]
[Secondary Logon / seclogon][Running/Auto Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\seclogon.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
[System Event Notification / SENS][Running/Auto Start]
    <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\system32\sens.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Windows Firewall/Internet Connection Sharing (ICS) / SharedAccess][Running/Auto Start]
    <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\ipnathlp.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Shell Hardware Detection / ShellHWDetection][Running/Auto Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\shsvcs.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Print Spooler / Spooler][Running/Auto Start]
    <%SystemRoot%\system32\spoolsv.exe>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:14]
[System Restore Service / srservice][Stopped/Auto Start]
    <%SystemRoot%\system32\svchost.exe -k netsvcs --> "C:\WINDOWS\system32\srsvc.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:03 M:2008-04-13 19:13]
[SSDP Discovery Service / SSDPSRV][Running/Manual Start]
    <%SystemRoot%\system32\svchost.exe -k LocalService --> "%SystemRoot%\System32\ssdpsrv.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Windows Image Acquisition (WIA) / stisvc][Stopped/Manual Start]
    <%SystemRoot%\system32\svchost.exe -k imgsvc --> "%SystemRoot%\system32\wiaservc.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
[MS Software Shadow Copy Provider / SwPrv][Stopped/Manual Start]
    <C:\WINDOWS\system32\dllhost.exe /Processid:{5B3C630D-FF3B-4765-B8A3-8951CDA77220}>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:14]
[Performance Logs and Alerts / SysmonLog][Stopped/Manual Start]
    <%SystemRoot%\system32\smlogsvc.exe>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:14]
[Telephony / TapiSrv][Running/Manual Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\tapisrv.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Terminal Services / TermService][Running/Manual Start]
    <%SystemRoot%\System32\svchost -k DComLaunch --> "%SystemRoot%\System32\termsrv.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-07-16 17:02 M:2008-04-13 19:13]
[Themes / Themes][Running/Auto Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\shsvcs.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Telnet / TlntSvr][Stopped/Disabled]
    <C:\WINDOWS\system32\tlntsvr.exe>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:14]
[Distributed Link Tracking Client / TrkWks][Running/Auto Start]
    <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\system32\trkwks.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Windows User Mode Driver Framework / UMWdf][Stopped/Manual Start]
    <C:\WINDOWS\system32\wdfmgr.exe>  [(Verified)Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act), C:2005-01-28 01:36 M:2005-01-28 01:36]
[Universal Plug and Play Device Host / upnphost][Stopped/Manual Start]
    <%SystemRoot%\system32\svchost.exe -k LocalService --> "%SystemRoot%\System32\upnphost.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Uninterruptible Power Supply / UPS][Stopped/Manual Start]
    <%SystemRoot%\System32\ups.exe>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:14]
[Volume Shadow Copy / VSS][Stopped/Manual Start]
    <%SystemRoot%\System32\vssvc.exe>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:14]
[Windows Time / W32Time][Running/Auto Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "C:\WINDOWS\system32\w32time.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
[WebClient / WebClient][Running/Auto Start]
    <%SystemRoot%\system32\svchost.exe -k LocalService --> "%SystemRoot%\System32\webclnt.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Windows Management Instrumentation / winmgmt][Running/Auto Start]
    <%systemroot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\system32\wbem\WMIsvc.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:02 M:2008-04-13 19:13]
[Portable Media Serial Number Service / WmdmPmSN][Stopped/Manual Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "C:\WINDOWS\system32\MsPMSNSv.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 10.0.3790.3802, C:2006-09-03 16:00 M:2005-01-28 08:53]
[Windows Management Instrumentation Driver Extensions / Wmi][Stopped/Manual Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\advapi32.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
[WMI Performance Adapter / WmiApSrv][Stopped/Manual Start]
    <C:\WINDOWS\system32\wbem\wmiapsrv.exe>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:02 M:2008-04-13 19:14]
[Security Center / wscsvc][Running/Auto Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SYSTEMROOT%\system32\wscsvc.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
[Automatic Updates / wuauserv][Running/Auto Start]
    <%systemRoot%\System32\svchost.exe -k netsvcs --> "C:\WINDOWS\system32\wuauserv.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.4.3790.5512 (xpsp.080413-0852), C:2008-07-16 17:03 M:2008-04-13 19:13]
[Wireless Zero Configuration / WZCSVC][Running/Auto Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\wzcsvc.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2004-08-17 00:39 M:2008-04-13 19:13]
[Network Provisioning Service / xmlprov][Stopped/Manual Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\xmlprov.dll">  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]


========================================
驱动

[360TimeProt / 360TimeProt][Running/Auto Start]
    <\??\C:\WINDOWS\system32\drivers\360TimeProt.sys>  [N/A, C:2008-07-16 20:31 M:2008-07-16 20:31]
[C / cnmpar21][Running/Auto Start]
    <\??\C:\BJPrinter\CNMWINDOWS\Canon PIXMA iP1000 Installer\Inst2\cnmpar21.sys>  [CANON INC., 4.30.0.1, C:2008-07-16 19:17 M:2002-02-02 00:29]
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
    <system32\DRIVERS\tcpip.sys>  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-20 19:51]

[Microsoft ACPI Driver / ACPI][Running/Boot Start]
    <system32\DRIVERS\ACPI.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 18:47]
[aeaudio / aeaudio][Running/Manual Start]
    <system32\drivers\aeaudio.sys>  [(Verified)Andrea Electronics Corporation, 3.0.2.32, C:2008-07-16 17:30 M:2003-03-13 18:34]
[Microsoft Kernel Acoustic Echo Canceller / aec][Stopped/Manual Start]
    <system32\drivers\aec.sys>  [(Verified)Microsoft Corporation, 5.1.2601.3142, C:2008-07-16 17:16 M:2008-04-13 09:39]
[AFD / AFD][Running/System Start]
    <\SystemRoot\System32\drivers\afd.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-20 19:40]
[Intel AGP Bus Filter / agp440][Running/Boot Start]
    <system32\DRIVERS\agp440.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-07-16 16:59 M:2008-04-13 11:36]
[RAS Asynchronous Media Driver / AsyncMac][Stopped/Manual Start]
    <system32\DRIVERS\asyncmac.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 11:57]
[标准 IDE/ESDI 硬盘控制器 / atapi][Running/Boot Start]
    <system32\DRIVERS\atapi.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 11:40]
[ATM ARP Client Protocol / Atmarpc][Stopped/Manual Start]
    <system32\DRIVERS\atmarpc.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 11:51]
[音频存根驱动程序 / audstub][Running/Manual Start]
    <system32\DRIVERS\audstub.sys>  [(Verified)Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148), C:2008-07-16 17:01 M:2001-08-17 13:59]
[CD-ROM Driver / Cdrom][Running/System Start]
    <system32\DRIVERS\cdrom.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 11:40]
[磁盘驱动器 / Disk][Running/Boot Start]
    <system32\DRIVERS\disk.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 11:40]
[dmboot / dmboot][Stopped/Disabled]
    <System32\drivers\dmboot.sys>  [(Verified)Microsoft Corp., Veritas Software, 2600.5512.503.0, C:2006-09-03 16:00 M:2008-04-13 18:54]
[Logical Disk Manager Driver / dmio][Running/Boot Start]
    <System32\drivers\dmio.sys>  [(Verified)Microsoft Corp., Veritas Software, 2600.5512.503.0, C:2006-09-03 16:00 M:2008-04-13 18:54]
[dmload / dmload][Running/Boot Start]
    <System32\drivers\dmload.sys>  [(Verified)Microsoft Corp., Veritas Software., 2600.0.503.0, C:2006-09-03 16:00 M:2006-09-03 16:00]
[Microsoft Kernel DLS Syntheiszer / DMusic][Stopped/Manual Start]
    <system32\drivers\DMusic.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:31 M:2008-04-13 11:45]
[Microsoft Kernel DRM Audio Descrambler / drmkaud][Stopped/Manual Start]
    <system32\drivers\drmkaud.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:31 M:2008-04-13 11:45]
[3Com 3C2000x EtherLink XL Adapter / EL2000][Running/Manual Start]
    <system32\DRIVERS\EL2K_XP.sys>  [(Verified)3Com Corporation, 1.00.00.0046 built by: WinDDK, C:2003-07-31 17:53 M:2003-07-31 17:53]
[Floppy Disk Controller Driver / Fdc][Running/Manual Start]
    <system32\DRIVERS\fdc.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 11:40]
[软盘驱动程序 / Flpydisk][Running/Manual Start]
    <system32\DRIVERS\flpydisk.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 11:40]
[FltMgr / FltMgr][Running/Boot Start]
    <system32\drivers\fltmgr.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-07-16 17:03 M:2008-04-13 11:33]
[FsVga / FsVga][Running/System Start]
    <system32\DRIVERS\fsvga.sys>  [(Verified)Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148), C:2001-08-31 23:43 M:2006-09-03 16:00]
[Volume Manager Driver / Ftdisk][Running/Boot Start]
    <system32\DRIVERS\ftdisk.sys>  [(Verified)Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148), C:2006-09-03 16:00 M:2006-09-03 16:00]
[Generic Packet Classifier / Gpc][Running/Manual Start]
    <system32\DRIVERS\msgpc.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 11:56]
[HookCont / HookCont][Running/System Start]
    <\SystemRoot\system32\drivers\HookCont.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 7, C:2008-07-16 21:42 M:2008-07-30 20:57]
[HookNtos / HookNtos][Running/System Start]
    <\SystemRoot\system32\drivers\HookNtos.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 50, C:2008-07-16 21:42 M:2008-07-30 20:57]
[HookReg / HookReg][Running/System Start]
    <\SystemRoot\system32\drivers\HookReg.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 28, C:2008-07-16 21:42 M:2008-07-30 20:57]
[HookSys / HookSys][Running/System Start]
    <\SystemRoot\system32\drivers\HookSys.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 54, C:2008-07-16 21:42 M:2008-07-30 20:57]
[HookUrl / HookUrl][Running/Auto Start]
    <\??\D:\Rising\Rfw\HookUrl.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.12, C:2008-07-16 18:23 M:2008-07-30 20:56]
[HTTP / HTTP][Running/Manual Start]
    <System32\Drivers\HTTP.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2004-08-04 07:00 M:2008-04-13 11:53]
[i8042 键盘及 PS/2 鼠标端口驱动程序 / i8042prt][Running/System Start]
    <system32\DRIVERS\i8042prt.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 18:52]
[CD 烧制筛选驱动器 / Imapi][Stopped/System Start]
    <system32\DRIVERS\imapi.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2004-08-04 07:00 M:2008-04-13 11:41]
[IntelIde / IntelIde][Running/Boot Start]
    <system32\DRIVERS\intelide.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:00 M:2008-04-13 18:54]
[Intel Processor Driver / intelppm][Running/System Start]
    <system32\DRIVERS\intelppm.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2004-08-17 00:29 M:2008-04-13 18:54]
[IPv6 Windows Firewall Driver / Ip6Fw][Stopped/Manual Start]
    <system32\drivers\ip6fw.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 11:53]
[IP Traffic Filter Driver / IpFilterDriver][Stopped/Manual Start]
    <system32\DRIVERS\ipfltdrv.sys>  [(Verified)Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2006-09-03 16:00 M:2006-09-03 16:00]
[IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start]
    <system32\DRIVERS\ipinip.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 11:57]
[IP Network Address Translator / IpNat][Running/Manual Start]
    <system32\DRIVERS\ipnat.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 11:57]
[IPSEC driver / IPSec][Running/System Start]
    <system32\DRIVERS\ipsec.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 12:19]
[IR Enumerator Service / IRENUM][Stopped/Manual Start]
    <system32\DRIVERS\irenum.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2008-07-16 16:57 M:2008-04-13 11:54]
[PnP ISA/EISA Bus Driver / isapnp][Running/Boot Start]
    <system32\DRIVERS\isapnp.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 18:54]
[KAVBootC / KAVBootC][Running/Boot Start]
    <system32\Drivers\KAVBootC.sys>  [(Verified)Kingsoft Corporation, 2008,04,28,85, C:2008-07-16 18:25 M:2008-06-17 08:59]
[KAVSafe / KAVSafe][Running/Auto Start]
    <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys>  [(Verified)Kingsoft Corporation, 2008,04,28,65, C:2008-07-16 18:25 M:2008-06-17 08:59]
[Keyboard Class Driver / Kbdclass][Running/System Start]
    <system32\DRIVERS\kbdclass.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 18:55]
[Microsoft Kernel Wave Audio Mixer / kmixer][Running/Manual Start]
    <system32\drivers\kmixer.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:31 M:2008-04-13 11:45]
[MidiSyn / MidiSyn][Stopped/Manual Start]
    <system32\drivers\MidiSyn.sys>  [(Verified)Analog Devices Inc, 3, 3, 7, 3, C:2008-07-16 17:31 M:2002-09-20 10:53]
[Mouse Class Driver / Mouclass][Running/System Start]
    <system32\DRIVERS\mouclass.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2004-08-17 00:23 M:2008-04-13 18:48]
[WebDav Client Redirector / MRxDAV][Running/Manual Start]
    <system32\DRIVERS\mrxdav.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 11:32]
[MRXSMB / MRxSmb][Running/System Start]
    <system32\DRIVERS\mrxsmb.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 12:17]
[Microsoft Streaming Service Proxy / MSKSSRV][Stopped/Manual Start]
    <system32\drivers\MSKSSRV.sys>  [(Verified)Microsoft Corporation, 5.3.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:31 M:2008-04-13 11:39]
[Microsoft Streaming Clock Proxy / MSPCLOCK][Stopped/Manual Start]
    <system32\drivers\MSPCLOCK.sys>  [(Verified)Microsoft Corporation, 5.3.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:31 M:2008-04-13 11:39]
[Microsoft Streaming Quality Manager Proxy / MSPQM][Stopped/Manual Start]
    <system32\drivers\MSPQM.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:31 M:2008-04-13 11:39]
[Microsoft System Management BIOS Driver / mssmbios][Running/Manual Start]
    <system32\DRIVERS\mssmbios.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2004-08-04 07:07 M:2008-04-13 11:36]
[Remote Access NDIS TAPI Driver / NdisTapi][Running/Manual Start]
    <system32\DRIVERS\ndistapi.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 11:57]
[NDIS 用户模式 I/O 协议 / Ndisuio][Running/Manual Start]
    <system32\DRIVERS\ndisuio.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2004-08-04 07:03 M:2008-04-13 11:56]
[Remote Access NDIS WAN Driver / NdisWan][Running/Manual Start]
    <system32\DRIVERS\ndiswan.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 12:20]
[NetBIOS Interface / NetBIOS][Running/System Start]
    <system32\DRIVERS\netbios.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 11:56]
[NetBios over Tcpip / NetBT][Running/System Start]
    <system32\DRIVERS\netbt.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 12:21]
[nv / nv][Running/Manual Start]
    <system32\DRIVERS\nv4_mini.sys>  [(Verified)NVIDIA Corporation, 6.14.10.5216, C:2003-10-06 13:16 M:2003-10-06 13:16]
[IPX Traffic Filter Driver / NwlnkFlt][Stopped/Manual Start]
    <system32\DRIVERS\nwlnkflt.sys>  [(Verified)Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2006-09-03 16:00 M:2006-09-03 16:00]
[IPX Traffic Forwarder Driver / NwlnkFwd][Stopped/Manual Start]
    <system32\DRIVERS\nwlnkfwd.sys>  [(Verified)Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2006-09-03 16:00 M:2006-09-03 16:00]
[Parallel port driver / Parport][Running/Manual Start]
    <system32\DRIVERS\parport.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2004-08-17 00:22 M:2008-04-13 18:57]
[PCI Bus Driver / PCI][Running/Boot Start]
    <system32\DRIVERS\pci.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 18:57]
[WAN Miniport (PPTP) / PptpMiniport][Running/Manual Start]
    <system32\DRIVERS\raspptp.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 12:19]
[QoS Packet Scheduler / PSched][Running/Manual Start]
    <system32\DRIVERS\psched.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 11:56]
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
    <system32\DRIVERS\ptilink.sys>  [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:2006-09-03 16:00 M:2006-09-03 16:00]
[Remote Access Auto Connection Driver / RasAcd][Running/System Start]
    <system32\DRIVERS\rasacd.sys>  [(Verified)Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2006-09-03 16:00 M:2006-09-03 16:00]
[WAN Miniport (L2TP) / Rasl2tp][Running/Manual Start]
    <system32\DRIVERS\rasl2tp.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 12:19]
[远程访问 PPPOE 驱动程序 / RasPppoe][Running/Manual Start]
    <system32\DRIVERS\raspppoe.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 11:57]
[Direct Parallel / Raspti][Running/Manual Start]
    <system32\DRIVERS\raspti.sys>  [(Verified)Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2006-09-03 16:00 M:2006-09-03 16:00]
[Rdbss / Rdbss][Running/System Start]
    <system32\DRIVERS\rdbss.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 12:28]
[RDPCDD / RDPCDD][Running/System Start]
    <System32\DRIVERS\RDPCDD.sys>  [(Verified)Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2006-09-03 16:00 M:2006-09-03 16:00]
[Terminal Server Device Redirector Driver / rdpdr][Running/Manual Start]
    <system32\DRIVERS\rdpdr.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-07-16 17:01 M:2008-04-13 11:32]
[Digital CD Audio Playback Filter Driver / redbook][Running/System Start]
    <system32\DRIVERS\redbook.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:00 M:2008-04-13 18:51]
[Rising  Rfwbase Driver / RfwBase][Running/Auto Start]
    <System32\DRIVERS\rfwbase.SYS>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.10, C:2008-07-16 18:23 M:2008-07-30 20:56]
[RsFwDrv / RsFwDrv][Running/System Start]
    <\??\D:\Rising\Rfw\RsFwDrv.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.34, C:2008-07-16 18:23 M:2008-07-30 20:56]
[RsNTGDI / RsNTGDI][Running/Boot Start]
    <system32\Drivers\RsNTGdi.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 3, C:2008-07-16 21:42 M:2008-07-30 20:58]
[SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
    <\??\D:\360Safebox\SafeBoxKrnl.sys>  [(Verified)360安全中心, 2, 2, 2, 1006, C:2008-07-11 17:06 M:2008-07-11 17:06]
[Secdrv / Secdrv][Stopped/Manual Start]
    <system32\DRIVERS\secdrv.sys>  [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:2006-09-03 16:00 M:2007-11-13 18:25]
[Serenum Filter Driver / serenum][Running/Manual Start]
    <system32\DRIVERS\serenum.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 11:40]
[Serial port driver / Serial][Running/System Start]
    <system32\DRIVERS\serial.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 18:52]
[smwdm / smwdm][Running/Manual Start]
    <system32\drivers\smwdm.sys>  [(Verified)Analog Devices, Inc., 5.12.01.3630, C:2008-07-16 17:30 M:2003-06-02 13:42]
[Microsoft Kernel Audio Splitter / splitter][Stopped/Manual Start]
    <system32\drivers\splitter.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:31 M:2008-04-13 11:45]
[System Restore Filter Driver / sr][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\sr.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:03 M:2008-04-13 18:57]
[Srv / Srv][Stopped/Manual Start]
    <system32\DRIVERS\srv.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 12:15]
[Software Bus Driver / swenum][Running/Manual Start]
    <system32\DRIVERS\swenum.sys>  [(Verified)Microsoft Corporation, 5.3.2600.5512 (xpsp.080413-2108), C:2004-08-04 06:58 M:2008-04-13 11:39]
[Microsoft Kernel GS Wavetable Synthesizer / swmidi][Stopped/Manual Start]
    <system32\drivers\swmidi.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:31 M:2008-04-13 11:45]
[Microsoft Kernel System Audio Device / sysaudio][Running/Manual Start]
    <system32\drivers\sysaudio.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:31 M:2008-04-13 12:15]
[Terminal Device Driver / TermDD][Running/System Start]
    <system32\DRIVERS\termdd.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-07-16 17:01 M:2008-04-13 19:14]
[TSKSP / TSKSP][Stopped/Manual Start]
    <\??\D:\QQ医生 1.6Beta\TSKSP.sys>  [(Verified)Tencent, 2008, 6, 4, 10, C:2008-06-06 17:10 M:2008-06-06 17:10]
[Microcode Update Driver / Update][Running/Manual Start]
    <system32\DRIVERS\update.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 11:39]
[Microsoft USB 2.0 Enhanced Host Controller Miniport Driver / usbehci][Running/Manual Start]
    <system32\DRIVERS\usbehci.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 11:45]
[USB2 Enabled Hub / usbhub][Running/Manual Start]
    <system32\DRIVERS\usbhub.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 11:45]
[Microsoft USB PRINTER Class / usbprint][Stopped/Manual Start]
    <system32\DRIVERS\usbprint.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2008-07-16 19:17 M:2008-04-13 11:47]
[USB 大容量存储设备 / USBSTOR][Stopped/Manual Start]
    <system32\DRIVERS\USBSTOR.SYS>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:37 M:2008-04-13 11:45]
[Microsoft USB Universal Host Controller Miniport Driver / usbuhci][Running/Manual Start]
    <system32\DRIVERS\usbuhci.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 11:45]
[VGA 显示控制器。 / VgaSave][Running/System Start]
    <\SystemRoot\System32\drivers\vga.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 11:44]
[Remote Access IP ARP Driver / Wanarp][Running/Manual Start]
    <system32\DRIVERS\wanarp.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 11:57]
[Microsoft WINMM WDM Audio Compatibility Driver / wdmaud][Running/Manual Start]
    <system32\drivers\wdmaud.sys>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:31 M:2008-04-13 12:17]


========================================
进程

[PID: 584 / SYSTEM]   \SystemRoot\System32\smss.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14]
    C:\WINDOWS\system32\ntdll.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]

[PID: 744 / SYSTEM]   \??\C:\WINDOWS\system32\csrss.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ntdll.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\CSRSRV.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\basesrv.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\winsrv.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\GDI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\KERNEL32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USER32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\LPK.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USP10.dll  [(Verified)Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ADVAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RPCRT4.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\Secur32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\sxs.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-16 18:23 M:2008-07-25 14:56]
    C:\WINDOWS\system32\SHELL32.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msvcrt.dll  [(Verified)Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHLWAPI.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\comctl32.dll  [(Verified)Microsoft Corporation, 5.82 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\imm32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-16 18:23 M:2008-07-25 14:56]

[PID: 832 / SYSTEM]   \??\C:\WINDOWS\system32\winlogon.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:14]
    C:\WINDOWS\system32\ntdll.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kernel32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ADVAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RPCRT4.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\Secur32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\AUTHZ.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msvcrt.dll  [(Verified)Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\CRYPT32.dll  [(Verified)Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSASN1.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USER32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\GDI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\NDdeApi.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\PROFMAP.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\NETAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USERENV.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\PSAPI.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\REGAPI.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SETUPAPI.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\VERSION.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WINSTA.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WINTRUST.dll  [(Verified)Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMAGEHLP.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WS2_32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WS2HELP.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMM32.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\LPK.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USP10.dll  [(Verified)Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSGINA.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\COMCTL32.dll  [(Verified)Microsoft Corporation, 5.82 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ODBC32.dll  [(Verified)Microsoft Corporation, 3.525.1132.0 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\comdlg32.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHELL32.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHLWAPI.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll  [(Verified)Microsoft Corporation, 6.0 (xpsp.080413-2105), C:2008-04-13 19:11 M:2008-04-13 19:11]
    C:\WINDOWS\system32\odbcint.dll  [(Verified)Microsoft Corporation, 3.525.1117.0 built by: (_sqlbld), C:2006-09-03 16:00 M:2007-03-28 05:51]
    C:\WINDOWS\system32\SHSVCS.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\sfc.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\sfc_os.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ole32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\Apphelp.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msctfime.ime  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:12]
    C:\WINDOWS\system32\WINSCARD.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WTSAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\sxs.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\uxtheme.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-16 18:23 M:2008-07-25 14:56]
    D:\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-16 18:23 M:2008-07-25 14:56]
    C:\WINDOWS\system32\WINMM.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\cscdll.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\dimsntfy.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2008-07-16 18:04 M:2008-04-13 19:13]
    C:\WINDOWS\system32\rsaenh.dll  [(Verified)Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711), C:2006-09-03 16:00 M:2008-04-13 10:37]
    C:\WINDOWS\system32\WlNotify.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MPR.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WINSPOOL.DRV  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:14]
    C:\WINDOWS\system32\SAMLIB.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msv1_0.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\iphlpapi.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\wldap32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RASAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\rasman.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\TAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\rtutils.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\cscui.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\xpsp2res.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 11:35]
    C:\WINDOWS\system32\COMRes.dll  [(Verified)Microsoft Corporation, 2001.12.4414.700, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\OLEAUT32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\CLBCATQ.DLL  [(Verified)Microsoft Corporation, 2001.12.4414.700, C:2008-07-16 17:02 M:2008-04-13 19:13]
    C:\WINDOWS\system32\NTMARTA.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\wdmaud.drv  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2004-08-17 00:39 M:2008-04-13 19:14]
    C:\WINDOWS\system32\msacm32.drv  [(Verified)Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2006-09-03 16:00 M:2006-09-03 16:00]
    C:\WINDOWS\system32\MSACM32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\midimap.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]

[PID: 924 / SYSTEM]   C:\WINDOWS\system32\services.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14]
    C:\WINDOWS\system32\ntdll.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kernel32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ADVAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RPCRT4.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\Secur32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msvcrt.dll  [(Verified)Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\NCObjAPI.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSVCP60.dll  [(Verified)Microsoft Corporation, 6.02.3104.0, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SCESRV.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\AUTHZ.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USER32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\GDI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USERENV.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\umpnpmgr.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WINSTA.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\NETAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ShimEng.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\AppPatch\AcAdProc.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2008-07-16 18:04 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMM32.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\LPK.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USP10.dll  [(Verified)Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\Apphelp.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\VERSION.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\eventlog.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\PSAPI.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WS2_32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WS2HELP.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\wtsapi32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-16 18:23 M:2008-07-25 14:56]
    C:\WINDOWS\system32\SHELL32.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHLWAPI.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll  [(Verified)Microsoft Corporation, 6.0 (xpsp.080413-2105), C:2008-04-13 19:11 M:2008-04-13 19:11]
    C:\WINDOWS\system32\comctl32.dll  [(Verified)Microsoft Corporation, 5.82 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-16 18:23 M:2008-07-25 14:56]

[PID: 936 / SYSTEM]   C:\WINDOWS\system32\lsass.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:14]
    C:\WINDOWS\system32\ntdll.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kernel32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ADVAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RPCRT4.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\Secur32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\LSASRV.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MPR.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USER32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\GDI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSASN1.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msvcrt.dll  [(Verified)Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\NETAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\NTDSAPI.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\DNSAPI.dll  [(Verified)Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-21 01:46]
    C:\WINDOWS\system32\WS2_32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WS2HELP.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WLDAP32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SAMLIB.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SAMSRV.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\cryptdll.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ShimEng.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\AppPatch\AcGenral.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WINMM.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ole32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\OLEAUT32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSACM32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\VERSION.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHELL32.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHLWAPI.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USERENV.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\UxTheme.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMM32.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\LPK.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USP10.dll  [(Verified)Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll  [(Verified)Microsoft Corporation, 6.0 (xpsp.080413-2105), C:2008-04-13 19:11 M:2008-04-13 19:11]
    C:\WINDOWS\system32\comctl32.dll  [(Verified)Microsoft Corporation, 5.82 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msprivs.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 09:23]
    C:\WINDOWS\system32\kerberos.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msv1_0.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\iphlpapi.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\netlogon.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\w32time.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSVCP60.dll  [(Verified)Microsoft Corporation, 6.02.3104.0, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\schannel.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\CRYPT32.dll  [(Verified)Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\wdigest.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\rsaenh.dll  [(Verified)Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711), C:2006-09-03 16:00 M:2008-04-13 10:37]
    C:\WINDOWS\system32\setupapi.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\scecli.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-16 18:23 M:2008-07-25 14:56]
    D:\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-16 18:23 M:2008-07-25 14:56]
    C:\WINDOWS\system32\ipsecsvc.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\AUTHZ.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\oakley.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WINIPSEC.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\pstorsvc.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\mswsock.dll  [(Verified)Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-21 01:46]
    C:\WINDOWS\system32\psbase.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\hnetcfg.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\wshtcpip.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\dssenh.dll  [(Verified)Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711), C:2006-09-03 16:00 M:2008-04-13 10:37]

[PID: 1148 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14]
    C:\WINDOWS\system32\ntdll.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kernel32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ADVAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RPCRT4.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\Secur32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ShimEng.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\AppPatch\AcGenral.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USER32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\GDI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WINMM.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ole32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msvcrt.dll  [(Verified)Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\OLEAUT32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSACM32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\VERSION.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHELL32.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHLWAPI.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USERENV.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\UxTheme.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMM32.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\LPK.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USP10.dll  [(Verified)Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll  [(Verified)Microsoft Corporation, 6.0 (xpsp.080413-2105), C:2008-04-13 19:11 M:2008-04-13 19:11]
    C:\WINDOWS\system32\comctl32.dll  [(Verified)Microsoft Corporation, 5.82 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\NTMARTA.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SAMLIB.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WLDAP32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\rpcss.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\WS2_32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\WS2HELP.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\xpsp2res.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 11:35]
    D:\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-16 18:23 M:2008-07-25 14:56]
    D:\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-16 18:23 M:2008-07-25 14:56]
    C:\WINDOWS\system32\CLBCATQ.DLL  [(Verified)Microsoft Corporation, 2001.12.4414.700, C:2008-07-16 17:02 M:2008-04-13 19:13]
    C:\WINDOWS\system32\COMRes.dll  [(Verified)Microsoft Corporation, 2001.12.4414.700, C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\termsrv.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-07-16 17:02 M:2008-04-13 19:13]
    c:\windows\system32\ICAAPI.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-07-16 17:02 M:2008-04-13 19:13]
    c:\windows\system32\SETUPAPI.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WINTRUST.dll  [(Verified)Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\CRYPT32.dll  [(Verified)Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSASN1.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMAGEHLP.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\AUTHZ.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\mstlsapi.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\ACTIVEDS.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\adsldpc.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\NETAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\ATL.DLL  [(Verified)Microsoft Corporation, 3.05.2284, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\REGAPI.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\rsaenh.dll  [(Verified)Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711), C:2006-09-03 16:00 M:2008-04-13 10:37]

[PID: 1232 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14]
    C:\WINDOWS\system32\ntdll.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kernel32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ADVAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RPCRT4.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\Secur32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ShimEng.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\AppPatch\AcGenral.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USER32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\GDI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WINMM.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ole32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msvcrt.dll  [(Verified)Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\OLEAUT32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSACM32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\VERSION.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHELL32.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHLWAPI.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USERENV.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\UxTheme.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMM32.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\LPK.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USP10.dll  [(Verified)Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll  [(Verified)Microsoft Corporation, 6.0 (xpsp.080413-2105), C:2008-04-13 19:11 M:2008-04-13 19:11]
    C:\WINDOWS\system32\comctl32.dll  [(Verified)Microsoft Corporation, 5.82 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\rpcss.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\WS2_32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\WS2HELP.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\xpsp2res.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 11:35]
    C:\WINDOWS\system32\rsaenh.dll  [(Verified)Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711), C:2006-09-03 16:00 M:2008-04-13 10:37]
    C:\WINDOWS\system32\mswsock.dll  [(Verified)Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-21 01:46]
    C:\WINDOWS\system32\hnetcfg.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\wshtcpip.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\DNSAPI.dll  [(Verified)Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-21 01:46]
    C:\WINDOWS\system32\iphlpapi.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\winrnr.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WLDAP32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\rasadhlp.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-16 18:23 M:2008-07-25 14:56]
    D:\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-16 18:23 M:2008-07-25 14:56]
    C:\WINDOWS\system32\CLBCATQ.DLL  [(Verified)Microsoft Corporation, 2001.12.4414.700, C:2008-07-16 17:02 M:2008-04-13 19:13]
    C:\WINDOWS\system32\COMRes.dll  [(Verified)Microsoft Corporation, 2001.12.4414.700, C:2006-09-03 16:00 M:2008-04-13 19:13]

[PID: 1288 / SYSTEM]   D:\Rising\Rav\CCenter.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.33, C:2008-07-16 21:42 M:2008-07-30 20:57]
    C:\WINDOWS\system32\ntdll.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kernel32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RPCRT4.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ADVAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\Secur32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USER32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\GDI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMM32.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\LPK.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USP10.dll  [(Verified)Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-16 18:23 M:2008-07-25 14:56]
    C:\WINDOWS\system32\SHELL32.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msvcrt.dll  [(Verified)Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHLWAPI.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll  [(Verified)Microsoft Corporation, 6.0 (xpsp.080413-2105), C:2008-04-13 19:11 M:2008-04-13 19:11]
    C:\WINDOWS\system32\comctl32.dll  [(Verified)Microsoft Corporation, 5.82 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-16 18:23 M:2008-07-25 14:56]
    C:\WINDOWS\system32\uxtheme.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]

[PID: 1304 / SYSTEM]   C:\WINDOWS\System32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14]
    C:\WINDOWS\system32\ntdll.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kernel32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ADVAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RPCRT4.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\Secur32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\ShimEng.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\AppPatch\AcGenral.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USER32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\GDI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\WINMM.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ole32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msvcrt.dll  [(Verified)Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\OLEAUT32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\MSACM32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\VERSION.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHELL32.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHLWAPI.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USERENV.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\UxTheme.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMM32.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\LPK.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\USP10.dll  [(Verified)Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll  [(Verified)Microsoft Corporation, 6.0 (xpsp.080413-2105), C:2008-04-13 19:11 M:2008-04-13 19:11]
    C:\WINDOWS\system32\comctl32.dll  [(Verified)Microsoft Corporation, 5.82 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\NTMARTA.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\SAMLIB.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WLDAP32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\xpsp2res.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 11:35]
    c:\windows\system32\shsvcs.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\WINSTA.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\NETAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\dhcpcsvc.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\DNSAPI.dll  [(Verified)Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-21 01:46]
    c:\windows\system32\WS2_32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\WS2HELP.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\iphlpapi.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\wzcsvc.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2004-08-17 00:39 M:2008-04-13 19:13]
    c:\windows\system32\rtutils.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\WMI.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\CRYPT32.dll  [(Verified)Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSASN1.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\EapolQec.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2008-07-16 18:04 M:2008-04-13 19:13]
    c:\windows\system32\ATL.DLL  [(Verified)Microsoft Corporation, 3.05.2284, C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\QUtil.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2008-07-16 18:04 M:2008-04-13 19:13]
    c:\windows\system32\MSVCP60.dll  [(Verified)Microsoft Corporation, 6.02.3104.0, C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\dot3api.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2008-07-16 18:04 M:2008-04-13 19:13]
    c:\windows\system32\WTSAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\ESENT.dll  [(Verified)Microsoft Corporation, 5.1.2468.0 (Lab03_N(jliem).010306-1456), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\rsaenh.dll  [(Verified)Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711), C:2006-09-03 16:00 M:2008-04-13 10:37]
    C:\WINDOWS\System32\CLBCATQ.DLL  [(Verified)Microsoft Corporation, 2001.12.4414.700, C:2008-07-16 17:02 M:2008-04-13 19:13]
    C:\WINDOWS\System32\COMRes.dll  [(Verified)Microsoft Corporation, 2001.12.4414.700, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\rastls.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\CRYPTUI.dll  [(Verified)Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WININET.dll  [(Verified)Microsoft Corporation, 6.00.2900.5583 (xpsp_sp3_gdr.080417-1430), C:2006-09-03 16:00 M:2008-04-21 14:43]
    C:\WINDOWS\system32\WINTRUST.dll  [(Verified)Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMAGEHLP.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\MPRAPI.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\ACTIVEDS.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\adsldpc.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\SETUPAPI.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\RASAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\rasman.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\TAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\SCHANNEL.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\WinSCard.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\PSAPI.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-16 18:23 M:2008-07-25 14:56]
    D:\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-16 18:23 M:2008-07-25 14:56]
    C:\WINDOWS\System32\raschap.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msv1_0.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\mswsock.dll  [(Verified)Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-21 01:46]
    C:\WINDOWS\System32\hnetcfg.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\wshtcpip.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\schedsvc.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:03 M:2008-04-13 19:13]
    c:\windows\system32\NTDSAPI.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\MSIDLE.DLL  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\audiosrv.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\wkssvc.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\cryptsvc.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\certcli.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\ersvc.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\es.dll  [(Verified)Microsoft Corporation, 2001.12.4414.706, C:2006-09-03 16:00 M:2008-07-08 04:26]
    c:\windows\system32\dmserver.dll  [(Verified)Microsoft Corp., 2600.5512.503.0, C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\pchealth\helpctr\binaries\pchsvc.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:03 M:2008-04-13 19:13]
    c:\windows\system32\netman.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\netshell.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\credui.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\dot3dlg.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2008-07-16 18:04 M:2008-04-13 19:13]
    c:\windows\system32\OneX.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2008-07-16 18:04 M:2008-04-13 19:13]
    c:\windows\system32\eappcfg.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2008-07-16 18:04 M:2008-04-13 19:13]
    c:\windows\system32\eappprxy.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2008-07-16 18:04 M:2008-04-13 19:13]
    c:\windows\system32\WZCSAPI.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2004-08-17 00:39 M:2008-04-13 19:13]
    c:\windows\system32\seclogon.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\sens.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\srsvc.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:03 M:2008-04-13 19:13]
    c:\windows\system32\POWRPROF.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\trkwks.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\w32time.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\wbem\wmisvc.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:02 M:2008-04-13 19:13]
    C:\WINDOWS\system32\VSSAPI.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\wuauserv.dll  [(Verified)Microsoft Corporation, 5.4.3790.5512 (xpsp.080413-0852), C:2008-07-16 17:03 M:2008-04-13 19:13]
    C:\WINDOWS\system32\wuaueng.dll  [(Verified)Microsoft Corporation, 5.4.3790.5512 (xpsp.080413-0852), C:2008-07-16 17:03 M:2008-04-13 19:13]
    C:\WINDOWS\System32\ADVPACK.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\Cabinet.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\mspatcha.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\sfc.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\sfc_os.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\SHFOLDER.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\WINHTTP.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\WINSPOOL.DRV  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:14]
    c:\windows\system32\ipnathlp.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\AUTHZ.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\wscsvc.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\msi.dll  [(Verified)Microsoft Corporation, 3.1.4001.5512, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\wbem\wbemcomn.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:02 M:2008-04-13 19:13]
    C:\WINDOWS\System32\Wbem\wbemcore.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:02 M:2008-04-13 19:13]
    C:\WINDOWS\System32\Wbem\esscli.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:02 M:2008-04-13 19:13]
    C:\WINDOWS\System32\Wbem\FastProx.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:02 M:2008-04-13 19:13]
    C:\WINDOWS\System32\SXS.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\comsvcs.dll  [(Verified)Microsoft Corporation, 2001.12.4414.702, C:2008-07-16 17:02 M:2008-04-13 19:13]
    C:\WINDOWS\system32\colbact.DLL  [(Verified)Microsoft Corporation, 2001.12.4414.700, C:2008-07-16 17:02 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MTXCLU.DLL  [(Verified)Microsoft Corporation, 2001.12.4414.700, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WSOCK32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\CLUSAPI.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\RESUTILS.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\wbem\wmiutils.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:02 M:2008-04-13 19:13]
    C:\WINDOWS\system32\wbem\repdrvfs.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:02 M:2008-04-13 19:13]
    C:\WINDOWS\system32\wbem\wmiprvsd.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:02 M:2008-04-13 19:13]
    C:\WINDOWS\system32\NCObjAPI.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\rasadhlp.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\wbem\wbemess.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:02 M:2008-04-13 19:13]
    C:\WINDOWS\system32\netcfgx.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\wbem\ncprov.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:02 M:2008-04-13 19:13]
    C:\WINDOWS\System32\rasmans.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\WINIPSEC.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\tapisrv.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\rastapi.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\unimdm.tsp  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:14]
    C:\WINDOWS\System32\uniplat.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\kmddsp.tsp  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:14]
    C:\WINDOWS\System32\ndptsp.tsp  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:14]
    C:\WINDOWS\System32\ipconf.tsp  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:14]
    C:\WINDOWS\System32\h323.tsp  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:14]
    C:\WINDOWS\System32\hidphone.tsp  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:14]
    C:\WINDOWS\System32\HID.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2004-08-17 00:38 M:2008-04-13 19:13]
    C:\WINDOWS\System32\rasppp.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\ntlsapi.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kerberos.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\cryptdll.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\RASQEC.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2008-07-16 18:04 M:2008-04-13 19:13]
    C:\WINDOWS\system32\upnp.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SSDPAPI.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\RASDLG.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\Apphelp.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\wups.dll  [(Verified)Microsoft Corporation, 5.4.3790.5512 (xpsp.080413-0852), C:2008-07-16 17:03 M:2008-04-13 19:13]
    C:\WINDOWS\system32\wbem\wbemsvc.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:02 M:2008-04-13 19:13]

[PID: 1388 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14]
    C:\WINDOWS\system32\ntdll.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kernel32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ADVAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RPCRT4.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\Secur32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ShimEng.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\AppPatch\AcGenral.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USER32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\GDI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WINMM.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ole32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msvcrt.dll  [(Verified)Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\OLEAUT32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSACM32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\VERSION.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHELL32.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHLWAPI.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USERENV.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\UxTheme.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMM32.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\LPK.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USP10.dll  [(Verified)Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll  [(Verified)Microsoft Corporation, 6.0 (xpsp.080413-2105), C:2008-04-13 19:11 M:2008-04-13 19:11]
    C:\WINDOWS\system32\comctl32.dll  [(Verified)Microsoft Corporation, 5.82 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\dnsrslvr.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\DNSAPI.dll  [(Verified)Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-21 01:46]
    c:\windows\system32\WS2_32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\WS2HELP.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\iphlpapi.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-16 18:23 M:2008-07-25 14:56]
    D:\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-16 18:23 M:2008-07-25 14:56]
    C:\WINDOWS\system32\rsaenh.dll  [(Verified)Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711), C:2006-09-03 16:00 M:2008-04-13 10:37]
    C:\WINDOWS\system32\mswsock.dll  [(Verified)Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-21 01:46]
    C:\WINDOWS\system32\hnetcfg.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\wshtcpip.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]

[PID: 1420 / LOCAL SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:14]
    C:\WINDOWS\system32\ntdll.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kernel32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ADVAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RPCRT4.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\Secur32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ShimEng.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\AppPatch\AcGenral.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USER32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\GDI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WINMM.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ole32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msvcrt.dll  [(Verified)Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\OLEAUT32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSACM32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\VERSION.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHELL32.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHLWAPI.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USERENV.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\UxTheme.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMM32.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\LPK.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USP10.dll  [(Verified)Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll  [(Verified)Microsoft Corporation, 6.0 (xpsp.080413-2105), C:2008-04-13 19:11 M:2008-04-13 19:11]
    C:\WINDOWS\system32\comctl32.dll  [(Verified)Microsoft Corporation, 5.82 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\NTMARTA.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SAMLIB.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WLDAP32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\xpsp2res.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 11:35]
    c:\windows\system32\lmhsvc.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\iphlpapi.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\WS2_32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\WS2HELP.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-16 18:23 M:2008-07-25 14:56]
    D:\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-16 18:23 M:2008-07-25 14:56]
    c:\windows\system32\webclnt.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WININET.dll  [(Verified)Microsoft Corporation, 6.00.2900.5583 (xpsp_sp3_gdr.080417-1430), C:2006-09-03 16:00 M:2008-04-21 14:43]
    C:\WINDOWS\system32\CRYPT32.dll  [(Verified)Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSASN1.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\wsock32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\regsvc.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    c:\windows\system32\ssdpsrv.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\hnetcfg.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\CLBCATQ.DLL  [(Verified)Microsoft Corporation, 2001.12.4414.700, C:2008-07-16 17:02 M:2008-04-13 19:13]
    C:\WINDOWS\system32\COMRes.dll  [(Verified)Microsoft Corporation, 2001.12.4414.700, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\mswsock.dll  [(Verified)Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-21 01:46]
    C:\WINDOWS\System32\wshtcpip.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]

[PID: 1472 / SYSTEM]   D:\RISING\RAV\ravmond.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.80, C:2008-07-16 21:42 M:2008-07-30 20:57]
    C:\WINDOWS\system32\ntdll.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kernel32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\RISING\RAV\BWList.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.5, C:2008-07-16 21:42 M:2008-07-30 20:57]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2008-07-16 18:23 M:2008-07-16 18:22]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2008-07-16 18:23 M:2008-07-16 18:22]
    C:\WINDOWS\system32\GDI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USER32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHLWAPI.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ADVAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RPCRT4.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\Secur32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msvcrt.dll  [(Verified)Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHELL32.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\OLEAUT32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ole32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2008-07-16 18:23 M:2008-07-16 18:22]
    C:\WINDOWS\system32\WSOCK32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WS2_32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WS2HELP.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMM32.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\LPK.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USP10.dll  [(Verified)Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll  [(Verified)Microsoft Corporation, 6.0 (xpsp.080413-2105), C:2008-04-13 19:11 M:2008-04-13 19:11]
    C:\WINDOWS\system32\comctl32.dll  [(Verified)Microsoft Corporation, 5.82 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\RISING\RAV\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\RISING\RAV\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\RISING\RAV\RsLog.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.36, C:2008-07-16 21:42 M:2008-07-26 20:24]
    D:\RISING\RAV\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\RISING\RAV\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\RISING\RAV\MonRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.29, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\RISING\RAV\Hooksys.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 12, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-16 18:23 M:2008-07-25 14:56]
    D:\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-16 18:23 M:2008-07-25 14:56]
    D:\RISING\RAV\HookReg.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\RISING\RAV\HookNtos.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\RISING\RAV\rswalmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 24, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\RISING\RAV\recomp.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 41, C:2008-07-16 21:42 M:2008-08-20 15:44]
    D:\RISING\RAV\refs.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\RISING\RAV\ffr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 16, C:2008-07-16 21:42 M:2008-07-30 20:57]
    C:\WINDOWS\system32\sfc.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\sfc_os.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WINTRUST.dll  [(Verified)Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\CRYPT32.dll  [(Verified)Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSASN1.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMAGEHLP.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rav\RsStore.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.9, C:2008-07-16 21:42 M:2008-07-30 20:58]
    D:\RISING\RAV\HookCont.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\Rising\Rav\fakescan.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.14, C:2008-07-16 21:42 M:2008-07-30 20:58]
    D:\Rising\Rav\Scanner.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.39, C:2008-07-16 21:42 M:2008-07-30 20:58]
    C:\WINDOWS\system32\VERSION.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\RISING\RAV\viruslib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\RISING\RAV\relibldr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-07-16 21:42 M:2008-07-30 20:57]
    C:\WINDOWS\system32\mswsock.dll  [(Verified)Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-21 01:46]
    C:\WINDOWS\system32\hnetcfg.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\wshtcpip.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\uxtheme.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msctfime.ime  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:12]
    D:\RISING\RAV\HookWeb.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.3, C:2008-07-16 21:42 M:2008-07-30 20:57]
    C:\WINDOWS\system32\CLBCATQ.DLL  [(Verified)Microsoft Corporation, 2001.12.4414.700, C:2008-07-16 17:02 M:2008-04-13 19:13]
    C:\WINDOWS\system32\COMRes.dll  [(Verified)Microsoft Corporation, 2001.12.4414.700, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\xpsp2res.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 11:35]
    D:\RISING\RAV\nvfile.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\RISING\RAV\extfile.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 32, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\RISING\RAV\pearc.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 8, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\RISING\RAV\scanexec.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\RISING\RAV\unexe.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 6, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\RISING\RAV\scanex.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 89, C:2008-07-16 21:42 M:2008-08-20 15:44]
    C:\WINDOWS\system32\Wtsapi32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WINSTA.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\NETAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\RISING\RAV\scansct.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\RISING\RAV\scanpack.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\RISING\RAV\revm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\RISING\RAV\urutils.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\RISING\RAV\ur000.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 19, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\RISING\RAV\extmail.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\RISING\RAV\scriptci.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 4, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\RISING\RAV\ur023.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 3, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\RISING\RAV\uroutine.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\RISING\RAV\extole.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 13, C:2008-07-16 21:42 M:2008-07-30 20:57]

[PID: 1488 / SYSTEM]   D:\Rising\Rfw\rfwsrv.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.76, C:2008-07-16 18:23 M:2008-07-25 14:56]
    C:\WINDOWS\system32\ntdll.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kernel32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RPCRT4.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ADVAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\Secur32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\VERSION.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WS2_32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msvcrt.dll  [(Verified)Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WS2HELP.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2008-07-16 18:23 M:2008-07-16 18:22]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2008-07-16 18:23 M:2008-07-16 18:22]
    C:\WINDOWS\system32\GDI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USER32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHLWAPI.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHELL32.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ole32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\OLEAUT32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2008-07-16 18:23 M:2008-07-16 18:22]
    C:\WINDOWS\system32\IMM32.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\LPK.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USP10.dll  [(Verified)Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 25, C:2008-07-16 18:17 M:2008-08-15 22:09]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll  [(Verified)Microsoft Corporation, 6.0 (xpsp.080413-2105), C:2008-04-13 19:11 M:2008-04-13 19:11]
    C:\WINDOWS\system32\urlmon.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rfw\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-16 18:23 M:2008-07-30 20:56]
    D:\Rising\Rfw\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-16 18:23 M:2008-07-30 20:56]
    C:\WINDOWS\system32\USERENV.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rfw\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-07-16 18:23 M:2008-07-30 20:56]
    D:\Rising\Rfw\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-07-16 18:23 M:2008-07-30 20:56]
    D:\Rising\Rfw\RfwRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.17, C:2008-07-16 18:23 M:2008-07-30 20:56]
    D:\Rising\Rfw\rfwlog.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.16, C:2008-07-16 18:23 M:2008-07-30 20:56]
    D:\Rising\Rfw\Rfwdrv.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.48, C:2008-07-16 18:23 M:2008-07-25 14:56]
    C:\WINDOWS\system32\psapi.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rfw\ijt_ctrl.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.0, C:2008-07-16 18:23 M:2008-07-25 14:56]
    D:\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-16 18:23 M:2008-07-25 14:56]
    D:\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-16 18:23 M:2008-07-25 14:56]
    D:\Rising\Rfw\unvdet.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.8, C:2008-07-16 18:23 M:2008-07-30 20:56]
    C:\WINDOWS\system32\sfc.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\sfc_os.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WINTRUST.dll  [(Verified)Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\CRYPT32.dll  [(Verified)Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSASN1.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMAGEHLP.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\netapi32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\Iphlpapi.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\uxtheme.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rfw\mPorts.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.6, C:2008-07-16 18:23 M:2008-07-30 20:56]
    C:\WINDOWS\system32\perfproc.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\CLBCATQ.DLL  [(Verified)Microsoft Corporation, 2001.12.4414.700, C:2008-07-16 17:02 M:2008-04-13 19:13]
    C:\WINDOWS\system32\COMRes.dll  [(Verified)Microsoft Corporation, 2001.12.4414.700, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\xpsp2res.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 11:35]

[PID: 1548 / SYSTEM]   D:\Rising\Rfw\rfwProxy.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.37, C:2008-07-16 18:23 M:2008-07-30 20:56]
    C:\WINDOWS\system32\ntdll.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kernel32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RPCRT4.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ADVAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\Secur32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2008-07-16 18:23 M:2008-07-16 18:22]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2008-07-16 18:23 M:2008-07-16 18:22]
    C:\WINDOWS\system32\GDI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USER32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHLWAPI.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msvcrt.dll  [(Verified)Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\OLEAUT32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ole32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WS2_32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WS2HELP.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMM32.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\LPK.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USP10.dll  [(Verified)Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 25, C:2008-07-16 18:17 M:2008-08-15 22:09]
    C:\WINDOWS\system32\urlmon.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\VERSION.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll  [(Verified)Microsoft Corporation, 6.0 (xpsp.080413-2105), C:2008-04-13 19:11 M:2008-04-13 19:11]
    C:\WINDOWS\system32\psapi.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rfw\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-16 18:23 M:2008-07-30 20:56]
    D:\Rising\Rfw\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-16 18:23 M:2008-07-30 20:56]
    C:\WINDOWS\system32\USERENV.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rfw\RfwRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.17, C:2008-07-16 18:23 M:2008-07-30 20:56]
    D:\Rising\Rfw\urlrule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1.0.0.15, C:2008-07-16 18:23 M:2008-07-30 20:56]
    C:\WINDOWS\system32\mswsock.dll  [(Verified)Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-21 01:46]
    C:\WINDOWS\system32\hnetcfg.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\wshtcpip.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-16 18:23 M:2008-07-25 14:56]
    C:\WINDOWS\system32\SHELL32.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-16 18:23 M:2008-07-25 14:56]
    D:\Rising\Rfw\MonMid.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.6, C:2008-07-16 18:23 M:2008-07-30 20:56]
    C:\WINDOWS\system32\uxtheme.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\perfproc.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]

[PID: 1836 / SYSTEM]   D:\Rising\Rfw\rfwstub.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.12, C:2008-07-16 18:23 M:2008-07-30 20:56]
    C:\WINDOWS\system32\ntdll.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kernel32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\VERSION.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USER32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\GDI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ADVAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RPCRT4.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\Secur32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2008-07-16 18:23 M:2008-07-16 18:22]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2008-07-16 18:23 M:2008-07-16 18:22]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.dll  [(Verified)Microsoft Corporation, 6.0 (xpsp.080413-2105), C:2008-04-13 19:11 M:2008-04-13 19:11]
    C:\WINDOWS\system32\msvcrt.dll  [(Verified)Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHLWAPI.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMM32.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\LPK.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USP10.dll  [(Verified)Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 25, C:2008-07-16 18:17 M:2008-08-15 22:09]
    C:\WINDOWS\system32\urlmon.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ole32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rfw\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-07-16 18:23 M:2008-07-30 20:56]
    C:\WINDOWS\system32\uxtheme.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-16 18:23 M:2008-07-25 14:56]
    C:\WINDOWS\system32\SHELL32.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-16 18:23 M:2008-07-25 14:56]

[PID: 412 / SYSTEM]   D:\RISING\RAV\RavStub.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.10, C:2008-07-16 21:42 M:2008-07-30 20:57]
    C:\WINDOWS\system32\ntdll.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kernel32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\NETAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ADVAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RPCRT4.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\Secur32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msvcrt.dll  [(Verified)Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USER32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\GDI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\COMCTL32.dll  [(Verified)Microsoft Corporation, 5.82 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMM32.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\LPK.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USP10.dll  [(Verified)Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\RISING\RAV\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\RISING\RAV\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\RISING\RAV\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-07-16 21:42 M:2008-07-30 20:57]
    C:\WINDOWS\system32\VERSION.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\uxtheme.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-16 18:23 M:2008-07-25 14:56]
    C:\WINDOWS\system32\SHELL32.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHLWAPI.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll  [(Verified)Microsoft Corporation, 6.0 (xpsp.080413-2105), C:2008-04-13 19:11 M:2008-04-13 19:11]
    D:\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-16 18:23 M:2008-07-25 14:56]

[PID: 536 / SYSTEM]   C:\WINDOWS\system32\spoolsv.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:14]
    C:\WINDOWS\system32\ntdll.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kernel32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ADVAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RPCRT4.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\Secur32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\GDI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USER32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msvcrt.dll  [(Verified)Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ShimEng.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\AppPatch\AcGenral.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WINMM.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ole32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\OLEAUT32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSACM32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\VERSION.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHELL32.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHLWAPI.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USERENV.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\UxTheme.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMM32.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\LPK.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USP10.dll  [(Verified)Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll  [(Verified)Microsoft Corporation, 6.0 (xpsp.080413-2105), C:2008-04-13 19:11 M:2008-04-13 19:11]
    C:\WINDOWS\system32\comctl32.dll  [(Verified)Microsoft Corporation, 5.82 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-16 18:23 M:2008-07-25 14:56]
    D:\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-16 18:23 M:2008-07-25 14:56]
    C:\WINDOWS\system32\SPOOLSS.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WS2_32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WS2HELP.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\DNSAPI.dll  [(Verified)Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-21 01:46]
    C:\WINDOWS\system32\iphlpapi.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\rasadhlp.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\localspl.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\sfc_os.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WINTRUST.dll  [(Verified)Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\CRYPT32.dll  [(Verified)Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSASN1.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMAGEHLP.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\winspool.drv  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:14]
    C:\WINDOWS\system32\netapi32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\cnbjmon.dll  [(Verified)Microsoft Corporation, 5.1.2600.2082 (xpsp(skatari).040213-0952), C:2004-08-17 00:38 M:2008-04-13 19:13]
    C:\WINDOWS\system32\CNMLM6e.DLL  [(Verified)CANON INC., 1.80.2.50, C:2008-07-16 19:17 M:2004-04-23 13:00]
    C:\WINDOWS\system32\PSAPI.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\pjlmon.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2004-08-17 00:39 M:2008-04-13 19:13]
    C:\WINDOWS\system32\tcpmon.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\usbmon.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\spool\PRTPROCS\W32X86\CNMPD6e.DLL  [(Verified)CANON INC., 1.80.2.50, C:2008-07-16 19:17 M:2004-04-23 13:00]
    C:\WINDOWS\System32\mswsock.dll  [(Verified)Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-21 01:46]
    C:\WINDOWS\System32\winrnr.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WLDAP32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\win32spl.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\NETRAP.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\NTDSAPI.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\CLBCATQ.DLL  [(Verified)Microsoft Corporation, 2001.12.4414.700, C:2008-07-16 17:02 M:2008-04-13 19:13]
    C:\WINDOWS\system32\COMRes.dll  [(Verified)Microsoft Corporation, 2001.12.4414.700, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\xpsp2res.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 11:35]
    C:\WINDOWS\system32\inetpp.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]

[PID: 652 / SYSTEM]   D:\StormII\stormliv.exe   [(Verified)北京暴风网际科技有限公司, 3, 8, 8, 1, C:2008-03-11 14:33 M:2008-08-01 20:11]
    C:\WINDOWS\system32\ntdll.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kernel32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHLWAPI.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ADVAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RPCRT4.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\Secur32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\GDI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USER32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msvcrt.dll  [(Verified)Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WS2_32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WS2HELP.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\StormII\MSVCP60.dll  [(Verified)Microsoft Corporation, 6.02.3104.0, C:2007-09-21 19:43 M:2007-09-21 19:43]
    C:\WINDOWS\system32\MFC42.DLL  [(Verified)Microsoft Corporation, 6.02.4131.0, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\comdlg32.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.dll  [(Verified)Microsoft Corporation, 6.0 (xpsp.080413-2105), C:2008-04-13 19:11 M:2008-04-13 19:11]
    C:\WINDOWS\system32\SHELL32.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ole32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\OLEAUT32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USERENV.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\VERSION.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SETUPAPI.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WININET.dll  [(Verified)Microsoft Corporation, 6.00.2900.5583 (xpsp_sp3_gdr.080417-1430), C:2006-09-03 16:00 M:2008-04-21 14:43]
    C:\WINDOWS\system32\CRYPT32.dll  [(Verified)Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSASN1.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMM32.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\LPK.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USP10.dll  [(Verified)Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 25, C:2008-07-16 18:17 M:2008-08-15 22:09]
    C:\WINDOWS\system32\MFC42LOC.DLL  [(Verified)Microsoft Corporation, 6.00.8665.0, C:2006-09-03 16:00 M:2006-09-03 16:00]
    C:\WINDOWS\system32\urlmon.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\uxtheme.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\xpsp2res.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 11:35]
    C:\WINDOWS\system32\mswsock.dll  [(Verified)Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-21 01:46]
    C:\WINDOWS\system32\hnetcfg.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\wshtcpip.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\CLBCATQ.DLL  [(Verified)Microsoft Corporation, 2001.12.4414.700, C:2008-07-16 17:02 M:2008-04-13 19:13]
    C:\WINDOWS\system32\COMRes.dll  [(Verified)Microsoft Corporation, 2001.12.4414.700, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msxml3.dll  [(Verified)Microsoft Corporation, 8.90.1101.0, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\DNSAPI.dll  [(Verified)Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-21 01:46]
    C:\WINDOWS\system32\iphlpapi.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\winrnr.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WLDAP32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\rasadhlp.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\StormII\bfoptdll.dll  [(Verified)北京暴风网际科技有限公司, 3, 8, 7, 16, C:2008-08-02 10:04 M:2008-08-01 20:11]
    C:\WINDOWS\system32\mlang.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\StormII\box\BoxLog.dll  [(Verified)北京暴风网际科技有限公司, 3, 8, 8, 1, C:2008-08-02 10:04 M:2008-08-01 20:09]
    D:\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-16 18:23 M:2008-07-25 14:56]
    D:\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-16 18:23 M:2008-07-25 14:56]
    C:\WINDOWS\system32\cryptdll.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\quartz.dll  [(Verified)Microsoft Corporation, 6.05.2600.5596, C:2006-09-03 16:00 M:2008-05-07 13:10]
    C:\WINDOWS\system32\WINMM.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\devenum.dll  [(Verified)Microsoft Corporation, 6.05.2600.5512, C:2006-09-03 16:00 M:2008-04-13 19:13]

[PID: 736 / SYSTEM]   C:\Program Files\Kingsoft\KAC\Service\kaccore.exe   [(Verified)Kingsoft Corporation, 2008,08,15,204, C:2008-08-19 00:08 M:2008-08-15 16:32]
    C:\WINDOWS\system32\ntdll.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kernel32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RPCRT4.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ADVAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\Secur32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USER32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\GDI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHELL32.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msvcrt.dll  [(Verified)Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHLWAPI.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ole32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\OLEAUT32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\NETAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USERENV.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\PSAPI.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WS2_32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WS2HELP.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMM32.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\LPK.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USP10.dll  [(Verified)Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 25, C:2008-07-16 18:17 M:2008-08-15 22:09]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll  [(Verified)Microsoft Corporation, 6.0 (xpsp.080413-2105), C:2008-04-13 19:11 M:2008-04-13 19:11]
    C:\WINDOWS\system32\comctl32.dll  [(Verified)Microsoft Corporation, 5.82 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\urlmon.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\VERSION.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\uxtheme.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\Program Files\Kingsoft\KAC\Service\corehelper.dll  [(Verified)Kingsoft Corporation, 2008,08,15,204, C:2008-08-19 00:08 M:2008-08-15 16:32]
    C:\WINDOWS\system32\CLBCATQ.DLL  [(Verified)Microsoft Corporation, 2001.12.4414.700, C:2008-07-16 17:02 M:2008-04-13 19:13]
    C:\WINDOWS\system32\COMRes.dll  [(Verified)Microsoft Corporation, 2001.12.4414.700, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\hnetcfg.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\xpsp2res.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 11:35]
    C:\WINDOWS\system32\mswsock.dll  [(Verified)Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-21 01:46]
    C:\WINDOWS\System32\wshtcpip.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WININET.dll  [(Verified)Microsoft Corporation, 6.00.2900.5583 (xpsp_sp3_gdr.080417-1430), C:2006-09-03 16:00 M:2008-04-21 14:43]
    C:\WINDOWS\system32\CRYPT32.dll  [(Verified)Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSASN1.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RASAPI32.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\rasman.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\TAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\rtutils.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WINMM.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msv1_0.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\iphlpapi.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\sensapi.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\wsock32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-16 18:23 M:2008-07-25 14:56]
    D:\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-16 18:23 M:2008-07-25 14:56]
    C:\WINDOWS\system32\DNSAPI.dll  [(Verified)Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-21 01:46]
    C:\WINDOWS\system32\rasadhlp.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\Program Files\Kingsoft\KAC\KSA\ksaengine.dll  [(Verified)Kingsoft Corporation, 2008,08,15,133, C:2008-08-19 00:09 M:2008-08-15 16:33]
    C:\Program Files\Kingsoft\KAC\KSA\tuotu_p2sp.dll  [N/A, C:2008-08-19 00:09 M:2008-08-15 16:30]
    C:\WINDOWS\System32\winrnr.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WLDAP32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msxml3.dll  [(Verified)Microsoft Corporation, 8.90.1101.0, C:2006-09-03 16:00 M:2008-04-13 19:13]

[PID: 760 / SYSTEM]   C:\WINDOWS\system32\nvsvc32.exe   [(Verified)NVIDIA Corporation, 6.14.10.5216, C:2003-10-06 13:16 M:2003-10-06 13:16]
    C:\WINDOWS\system32\ntdll.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kernel32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USER32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\GDI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ADVAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RPCRT4.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\Secur32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USERENV.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msvcrt.dll  [(Verified)Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMM32.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\LPK.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USP10.dll  [(Verified)Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 25, C:2008-07-16 18:17 M:2008-08-15 22:09]
    C:\WINDOWS\system32\urlmon.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ole32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHLWAPI.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\VERSION.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll  [(Verified)Microsoft Corporation, 6.0 (xpsp.080413-2105), C:2008-04-13 19:11 M:2008-04-13 19:11]
    C:\WINDOWS\system32\wtsapi32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WINSTA.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\NETAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\COMCTL32.dll  [(Verified)Microsoft Corporation, 5.82 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\uxtheme.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msctfime.ime  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:12]
    C:\WINDOWS\system32\msv1_0.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\iphlpapi.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WS2_32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WS2HELP.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\Apphelp.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-16 18:23 M:2008-07-25 14:56]
    C:\WINDOWS\system32\SHELL32.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-16 18:23 M:2008-07-25 14:56]

[PID: 856 / SYSTEM]   C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe   [Analog Devices, Inc., 3, 2, 6, 0, C:2008-07-16 17:30 M:2002-09-20 15:50]
    C:\WINDOWS\system32\ntdll.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kernel32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ADVAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RPCRT4.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\Secur32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHELL32.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\GDI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USER32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msvcrt.dll  [(Verified)Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHLWAPI.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMM32.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\LPK.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USP10.dll  [(Verified)Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 25, C:2008-07-16 18:17 M:2008-08-15 22:09]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll  [(Verified)Microsoft Corporation, 6.0 (xpsp.080413-2105), C:2008-04-13 19:11 M:2008-04-13 19:11]
    C:\WINDOWS\system32\comctl32.dll  [(Verified)Microsoft Corporation, 5.82 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\urlmon.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ole32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\VERSION.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-16 18:23 M:2008-07-25 14:56]
    D:\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-16 18:23 M:2008-07-25 14:56]

[PID: 1616 / LOCAL SERVICE]   C:\WINDOWS\System32\alg.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ntdll.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kernel32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msvcrt.dll  [(Verified)Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\ATL.DLL  [(Verified)Microsoft Corporation, 3.05.2284, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USER32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\GDI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ADVAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RPCRT4.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\Secur32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ole32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\OLEAUT32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\WSOCK32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\WS2_32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\WS2HELP.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\MSWSOCK.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-21 01:46]
    C:\WINDOWS\System32\ShimEng.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\AppPatch\AcGenral.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\WINMM.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\MSACM32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\VERSION.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHELL32.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHLWAPI.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USERENV.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\UxTheme.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMM32.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\LPK.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\USP10.dll  [(Verified)Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 25, C:2008-07-16 18:17 M:2008-08-15 22:09]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll  [(Verified)Microsoft Corporation, 6.0 (xpsp.080413-2105), C:2008-04-13 19:11 M:2008-04-13 19:11]
    C:\WINDOWS\system32\comctl32.dll  [(Verified)Microsoft Corporation, 5.82 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\urlmon.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\CLBCATQ.DLL  [(Verified)Microsoft Corporation, 2001.12.4414.700, C:2008-07-16 17:02 M:2008-04-13 19:13]
    C:\WINDOWS\System32\COMRes.dll  [(Verified)Microsoft Corporation, 2001.12.4414.700, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\xpsp2res.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 11:35]
    C:\WINDOWS\system32\hnetcfg.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\wshtcpip.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-16 18:23 M:2008-07-25 14:56]
    D:\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-16 18:23 M:2008-07-25 14:56]

[PID: 2060 / Administrator]   C:\WINDOWS\Explorer.EXE   [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:14]
    C:\WINDOWS\system32\ntdll.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kernel32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ADVAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RPCRT4.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\Secur32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\BROWSEUI.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\GDI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USER32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msvcrt.dll  [(Verified)Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ole32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHLWAPI.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\OLEAUT32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHDOCVW.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\CRYPT32.dll  [(Verified)Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSASN1.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\CRYPTUI.dll  [(Verified)Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\NETAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\VERSION.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WININET.dll  [(Verified)Microsoft Corporation, 6.00.2900.5583 (xpsp_sp3_gdr.080417-1430), C:2006-09-03 16:00 M:2008-04-21 14:43]
    C:\WINDOWS\system32\WINTRUST.dll  [(Verified)Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMAGEHLP.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WLDAP32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHELL32.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\UxTheme.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ShimEng.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\AppPatch\AcGenral.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WINMM.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSACM32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USERENV.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMM32.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\LPK.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USP10.dll  [(Verified)Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 25, C:2008-07-16 18:17 M:2008-08-15 22:09]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll  [(Verified)Microsoft Corporation, 6.0 (xpsp.080413-2105), C:2008-04-13 19:11 M:2008-04-13 19:11]
    C:\WINDOWS\system32\comctl32.dll  [(Verified)Microsoft Corporation, 5.82 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\urlmon.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msctfime.ime  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:12]
    C:\WINDOWS\system32\appHelp.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\CLBCATQ.DLL  [(Verified)Microsoft Corporation, 2001.12.4414.700, C:2008-07-16 17:02 M:2008-04-13 19:13]
    C:\WINDOWS\system32\COMRes.dll  [(Verified)Microsoft Corporation, 2001.12.4414.700, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\cscui.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\CSCDLL.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\themeui.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSIMG32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\xpsp2res.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 11:35]
    C:\WINDOWS\system32\msutb.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSCTF.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\LINKINFO.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ntshrui.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ATL.DLL  [(Verified)Microsoft Corporation, 3.05.2284, C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-16 18:23 M:2008-07-25 14:56]
    D:\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-16 18:23 M:2008-07-25 14:56]
    C:\WINDOWS\system32\WINSTA.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\webcheck.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WSOCK32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WS2_32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WS2HELP.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SETUPAPI.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\stobject.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\BatMeter.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\POWRPROF.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WTSAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\360safe\safemon\safemon.dll  [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42]
    C:\WINDOWS\system32\PSAPI.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\NETSHELL.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\credui.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\dot3api.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2008-07-16 18:04 M:2008-04-13 19:13]
    C:\WINDOWS\system32\rtutils.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\dot3dlg.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2008-07-16 18:04 M:2008-04-13 19:13]
    C:\WINDOWS\system32\OneX.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2008-07-16 18:04 M:2008-04-13 19:13]
    C:\WINDOWS\system32\eappcfg.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2008-07-16 18:04 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSVCP60.dll  [(Verified)Microsoft Corporation, 6.02.3104.0, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\eappprxy.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2008-07-16 18:04 M:2008-04-13 19:13]
    C:\WINDOWS\system32\iphlpapi.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\wdmaud.drv  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2004-08-17 00:39 M:2008-04-13 19:14]
    C:\WINDOWS\system32\msacm32.drv  [(Verified)Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2006-09-03 16:00 M:2006-09-03 16:00]
    C:\WINDOWS\system32\midimap.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WZCSAPI.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2004-08-17 00:39 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RASDLG.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MPRAPI.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ACTIVEDS.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\adsldpc.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SAMLIB.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RASAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\rasman.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\TAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msv1_0.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\wzcdlg.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WINHTTP.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\rsaenh.dll  [(Verified)Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711), C:2006-09-03 16:00 M:2008-04-13 10:37]
    C:\WINDOWS\system32\SXS.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MPR.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\drprov.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\ntlanman.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\NETUI0.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\NETUI1.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\NETRAP.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\davclnt.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\shdoclc.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 18:53]
    C:\WINDOWS\system32\browselc.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 18:50]
    D:\Thunder\ComDlls\TDAtOnce_Now.dll  [(Verified)Thunder Networking Technologies,LTD, 1.0.5.29, C:2008-07-16 18:46 M:2008-06-13 09:43]
    D:\Thunder\ComDlls\xunleiBHO_Now.dll  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2008-07-16 18:46 M:2008-06-13 09:43]
    C:\WINDOWS\system32\OLEACC.dll  [(Verified)Microsoft Corporation, 4.2.5406.0 (xpclient.010817-1148), C:2006-09-03 16:00 M:2006-09-03 16:00]
    D:\Thunder\Components\ResWorker\DsBho_01.dll  [Thunder Networking Technologies,LTD, 1, 0, 0, 20, C:2008-07-31 08:25 M:2008-08-18 19:31]
    D:\Thunder\Components\ResWorker\DataProcessor_01.dll  [Thunder Networking Technologies,LTD, 1, 0, 0, 16, C:2008-07-31 08:25 M:2008-08-18 19:31]
    C:\WINDOWS\system32\DUSER.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSGINA.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ODBC32.dll  [(Verified)Microsoft Corporation, 3.525.1132.0 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\comdlg32.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\odbcint.dll  [(Verified)Microsoft Corporation, 3.525.1117.0 built by: (_sqlbld), C:2006-09-03 16:00 M:2007-03-28 05:51]
    C:\WINDOWS\system32\MLANG.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rav\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-07-16 21:42 M:2008-07-30 20:57]
    C:\WINDOWS\system32\mydocs.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RavExt.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-07-16 21:42 M:2008-07-30 20:57]

[PID: 2212 / Administrator]   D:\Rising\Rfw\RfwMain.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.1.70, C:2008-07-16 18:23 M:2008-07-25 14:56]
    C:\WINDOWS\system32\ntdll.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kernel32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USER32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\GDI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ADVAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RPCRT4.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\Secur32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHELL32.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msvcrt.dll  [(Verified)Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHLWAPI.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ole32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\OLEAUT32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2008-07-16 18:23 M:2008-07-16 18:22]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2008-07-16 18:23 M:2008-07-16 18:22]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.dll  [(Verified)Microsoft Corporation, 6.0 (xpsp.080413-2105), C:2008-04-13 19:11 M:2008-04-13 19:11]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2008-07-16 18:23 M:2008-07-16 18:22]
    D:\Rising\Rfw\RsGuiLib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90, C:2008-07-16 18:23 M:2008-07-30 20:56]
    C:\WINDOWS\system32\VERSION.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\CRYPT32.dll  [(Verified)Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSASN1.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WINMM.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMM32.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\LPK.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USP10.dll  [(Verified)Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USERENV.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rfw\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-16 18:23 M:2008-07-30 20:56]
    D:\Rising\Rfw\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-16 18:23 M:2008-07-30 20:56]
    D:\Rising\Rfw\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-07-16 18:23 M:2008-07-30 20:56]
    D:\Rising\Rfw\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-07-16 18:23 M:2008-07-30 20:56]
    D:\Rising\Rfw\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-07-16 18:23 M:2008-07-30 20:56]
    D:\Rising\Rfw\RfwCtrl.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-16 18:23 M:2008-07-30 20:56]
    D:\Rising\Rfw\RsXML.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-07-16 18:23 M:2008-07-30 20:56]
    D:\Rising\Rfw\PngDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-07-16 18:23 M:2008-07-30 20:56]
    C:\WINDOWS\system32\uxtheme.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-16 18:23 M:2008-07-25 14:56]
    D:\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-16 18:23 M:2008-07-25 14:56]
    D:\Rising\Rfw\RfwRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.17, C:2008-07-16 18:23 M:2008-07-30 20:56]
    C:\WINDOWS\system32\wintrust.dll  [(Verified)Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMAGEHLP.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\rsaenh.dll  [(Verified)Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711), C:2006-09-03 16:00 M:2008-04-13 10:37]
    C:\WINDOWS\system32\xpsp2res.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 11:35]
    C:\WINDOWS\system32\perfproc.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSCTF.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\netapi32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\cryptnet.dll  [(Verified)Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\PSAPI.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SensApi.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WINHTTP.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WLDAP32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SETUPAPI.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\appHelp.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\CLBCATQ.DLL  [(Verified)Microsoft Corporation, 2001.12.4414.700, C:2008-07-16 17:02 M:2008-04-13 19:13]
    C:\WINDOWS\system32\COMRes.dll  [(Verified)Microsoft Corporation, 2001.12.4414.700, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\urlmon.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]

[PID: 2236 / Administrator]   D:\RISING\RAV\RavMon.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.01.24, C:2008-07-16 21:42 M:2008-07-30 20:57]
    C:\WINDOWS\system32\ntdll.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kernel32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2008-07-16 18:23 M:2008-07-16 18:22]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2008-07-16 18:23 M:2008-07-16 18:22]
    C:\WINDOWS\system32\GDI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USER32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHLWAPI.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ADVAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RPCRT4.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\Secur32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msvcrt.dll  [(Verified)Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHELL32.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.dll  [(Verified)Microsoft Corporation, 6.0 (xpsp.080413-2105), C:2008-04-13 19:11 M:2008-04-13 19:11]
    C:\WINDOWS\system32\ole32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\OLEAUT32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2008-07-16 18:23 M:2008-07-16 18:22]
    C:\WINDOWS\system32\VERSION.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMM32.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\LPK.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USP10.dll  [(Verified)Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\RISING\RAV\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\RISING\RAV\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\RISING\RAV\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\RISING\RAV\recomp.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 41, C:2008-07-16 21:42 M:2008-08-20 15:44]
    D:\RISING\RAV\refs.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\RISING\RAV\viruslib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\RISING\RAV\relibldr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\RISING\RAV\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\RISING\RAV\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\RISING\RAV\MonRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.29, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\RISING\RAV\PngDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-07-16 21:42 M:2008-07-26 20:24]
    C:\WINDOWS\system32\wtsapi32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WINSTA.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\NETAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\uxtheme.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msctfime.ime  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:12]
    D:\RISING\RAV\Rsguilib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90, C:2008-07-16 21:42 M:2008-07-26 20:24]
    D:\RISING\RAV\RsXML.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-07-16 21:42 M:2008-07-30 20:57]
    C:\WINDOWS\system32\perfproc.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-16 18:23 M:2008-07-25 14:56]
    D:\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-16 18:23 M:2008-07-25 14:56]
    C:\WINDOWS\system32\MSCTF.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]

[PID: 2612 / Administrator]   C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe   [Analog Devices, Inc., 4, 0, 4, 11, C:2008-07-16 17:30 M:2003-05-29 16:28]
    C:\WINDOWS\system32\ntdll.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kernel32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WINMM.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ADVAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RPCRT4.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\Secur32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\GDI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USER32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\VERSION.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\Program Files\Analog Devices\SoundMAX\SMWDMIF.dll  [Analog Device, Inc., 1, 0, 22, 26, C:2008-07-16 17:30 M:2003-05-23 13:13]
    C:\WINDOWS\system32\SETUPAPI.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msvcrt.dll  [(Verified)Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MFC42.DLL  [(Verified)Microsoft Corporation, 6.02.4131.0, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHELL32.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHLWAPI.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ole32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMM32.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\LPK.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USP10.dll  [(Verified)Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 25, C:2008-07-16 18:17 M:2008-08-15 22:09]
    C:\WINDOWS\system32\MFC42LOC.DLL  [(Verified)Microsoft Corporation, 6.00.8665.0, C:2006-09-03 16:00 M:2006-09-03 16:00]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll  [(Verified)Microsoft Corporation, 6.0 (xpsp.080413-2105), C:2008-04-13 19:11 M:2008-04-13 19:11]
    C:\WINDOWS\system32\comctl32.dll  [(Verified)Microsoft Corporation, 5.82 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\urlmon.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\uxtheme.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\DSound.dll  [(Verified)Microsoft Corporation, 5.3.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WINTRUST.dll  [(Verified)Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\CRYPT32.dll  [(Verified)Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSASN1.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMAGEHLP.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\wdmaud.drv  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2004-08-17 00:39 M:2008-04-13 19:14]
    C:\WINDOWS\system32\msacm32.drv  [(Verified)Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2006-09-03 16:00 M:2006-09-03 16:00]
    C:\WINDOWS\system32\MSACM32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\midimap.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\KsUser.dll  [(Verified)Microsoft Corporation, 5.3.2600.5512 (xpsp.080413-0845), C:2008-07-16 17:30 M:2008-04-13 19:13]
    D:\360safe\safemon\safemon.dll  [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42]
    C:\WINDOWS\system32\OLEAUT32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\PSAPI.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSCTF.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msctfime.ime  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:12]

[PID: 2920 / Administrator]   D:\卡卡安全助手\rstray.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.15, C:2008-07-16 18:17 M:2008-07-30 21:20]
    C:\WINDOWS\system32\ntdll.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kernel32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USER32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\GDI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ADVAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RPCRT4.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\Secur32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ole32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msvcrt.dll  [(Verified)Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\OLEAUT32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.dll  [(Verified)Microsoft Corporation, 6.0 (xpsp.080413-2105), C:2008-04-13 19:11 M:2008-04-13 19:11]
    C:\WINDOWS\system32\SHLWAPI.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMM32.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\LPK.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USP10.dll  [(Verified)Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 25, C:2008-07-16 18:17 M:2008-08-15 22:09]
    C:\WINDOWS\system32\urlmon.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\VERSION.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\卡卡安全助手\rsmginfo.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 8, C:2008-07-16 18:17 M:2008-08-02 17:04]
    C:\WINDOWS\system32\SHELL32.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WININET.dll  [(Verified)Microsoft Corporation, 6.00.2900.5583 (xpsp_sp3_gdr.080417-1430), C:2006-09-03 16:00 M:2008-04-21 14:43]
    C:\WINDOWS\system32\CRYPT32.dll  [(Verified)Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSASN1.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\uxtheme.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\卡卡安全助手\RsXML.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-07-16 18:17 M:2008-07-26 15:35]
    D:\卡卡安全助手\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2008-07-16 18:17 M:2008-07-16 18:17]
    D:\卡卡安全助手\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2008-07-16 18:17 M:2008-07-16 18:17]
    C:\WINDOWS\system32\msctfime.ime  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:12]
    D:\卡卡安全助手\ComServ.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.31, C:2008-07-16 18:17 M:2008-07-26 15:35]
    D:\卡卡安全助手\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-07-16 18:17 M:2008-07-26 15:36]
    D:\卡卡安全助手\rscommon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.1.1, C:2008-07-16 18:17 M:2008-07-26 15:35]
    D:\卡卡安全助手\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.24, C:2008-07-16 18:17 M:2008-07-26 15:36]
    C:\WINDOWS\system32\Wtsapi32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WINSTA.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\NETAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\360safe\safemon\safemon.dll  [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42]
    C:\WINDOWS\system32\PSAPI.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSCTF.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\卡卡安全助手\pngdll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-07-16 18:17 M:2008-07-26 15:35]
    D:\卡卡安全助手\runiep.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.33, C:2008-07-16 18:17 M:2008-08-19 15:17]
    D:\Rising\Rav\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\Rising\Rav\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-16 21:42 M:2008-07-30 20:57]
    C:\WINDOWS\system32\wsock32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WS2_32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WS2HELP.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RASAPI32.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\rasman.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\TAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\rtutils.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WINMM.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msv1_0.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\iphlpapi.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USERENV.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\mswsock.dll  [(Verified)Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-21 01:46]
    C:\WINDOWS\system32\DNSAPI.dll  [(Verified)Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-21 01:46]
    C:\WINDOWS\system32\rasadhlp.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\hnetcfg.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\wshtcpip.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SETUPAPI.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\appHelp.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\CLBCATQ.DLL  [(Verified)Microsoft Corporation, 2001.12.4414.700, C:2008-07-16 17:02 M:2008-04-13 19:13]
    C:\WINDOWS\system32\COMRes.dll  [(Verified)Microsoft Corporation, 2001.12.4414.700, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RavExt.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\卡卡安全助手\pscan.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.52, C:2008-07-16 18:17 M:2008-08-05 16:39]
    D:\卡卡安全助手\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2008-07-16 18:17 M:2008-07-16 18:17]
    D:\卡卡安全助手\NComm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.6, C:2008-07-16 18:17 M:2008-07-26 15:35]
    C:\WINDOWS\system32\SAMLIB.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\wbem\wbemprox.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:02 M:2008-04-13 19:13]
    C:\WINDOWS\system32\wbem\wbemcomn.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:02 M:2008-04-13 19:13]
    C:\WINDOWS\system32\xpsp2res.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 11:35]
    C:\WINDOWS\system32\wbem\wbemsvc.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:02 M:2008-04-13 19:13]
    C:\WINDOWS\system32\wbem\fastprox.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:02 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSVCP60.dll  [(Verified)Microsoft Corporation, 6.02.3104.0, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\NTDSAPI.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WLDAP32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\sfc_os.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WINTRUST.dll  [(Verified)Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMAGEHLP.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msxml3.dll  [(Verified)Microsoft Corporation, 8.90.1101.0, C:2006-09-03 16:00 M:2008-04-13 19:13]

[PID: 3020 / Administrator]   D:\Rising\Rav\RavTask.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.24, C:2008-07-16 21:42 M:2008-07-26 20:24]
    C:\WINDOWS\system32\ntdll.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kernel32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\COMCTL32.dll  [(Verified)Microsoft Corporation, 5.82 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ADVAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RPCRT4.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\Secur32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\GDI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USER32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHELL32.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msvcrt.dll  [(Verified)Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHLWAPI.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ole32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\OLEAUT32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMM32.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\LPK.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USP10.dll  [(Verified)Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll  [(Verified)Microsoft Corporation, 6.0 (xpsp.080413-2105), C:2008-04-13 19:11 M:2008-04-13 19:11]
    D:\Rising\Rav\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\Rising\Rav\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\Rising\Rav\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-07-16 21:42 M:2008-07-30 20:57]
    C:\WINDOWS\system32\VERSION.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rav\RSAPPMGR.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-07-16 21:42 M:2008-07-30 20:57]
    D:\Rising\Rav\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-07-16 21:42 M:2008-07-30 20:57]
    C:\WINDOWS\system32\uxtheme.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msctfime.ime  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:12]
    C:\WINDOWS\system32\MSCTF.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]

[PID: 3076 / Administrator]   C:\WINDOWS\system32\ctfmon.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ntdll.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kernel32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msvcrt.dll  [(Verified)Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ADVAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RPCRT4.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\Secur32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USER32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\GDI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSCTF.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSUTB.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ShimEng.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\AppPatch\AcGenral.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WINMM.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ole32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\OLEAUT32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSACM32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\VERSION.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHELL32.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHLWAPI.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USERENV.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\UxTheme.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMM32.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\LPK.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USP10.dll  [(Verified)Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 25, C:2008-07-16 18:17 M:2008-08-15 22:09]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll  [(Verified)Microsoft Corporation, 6.0 (xpsp.080413-2105), C:2008-04-13 19:11 M:2008-04-13 19:11]
    C:\WINDOWS\system32\urlmon.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-16 18:23 M:2008-07-25 14:56]
    D:\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-16 18:23 M:2008-07-25 14:56]
    D:\360safe\safemon\safemon.dll  [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42]
    C:\WINDOWS\system32\PSAPI.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msctfime.ime  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:12]

[PID: 156 / Administrator]   D:\Maxthon2\Maxthon.exe   [(Verified)Maxthon International ltd., 2, 1, 2, 649, C:2008-06-30 16:29 M:2008-06-30 16:29]
    C:\WINDOWS\system32\ntdll.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kernel32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WININET.dll  [(Verified)Microsoft Corporation, 6.00.2900.5583 (xpsp_sp3_gdr.080417-1430), C:2006-09-03 16:00 M:2008-04-21 14:43]
    C:\WINDOWS\system32\ADVAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RPCRT4.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\Secur32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\CRYPT32.dll  [(Verified)Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSASN1.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msvcrt.dll  [(Verified)Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USER32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\GDI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\OLEAUT32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ole32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHLWAPI.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\VERSION.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ATL.DLL  [(Verified)Microsoft Corporation, 3.05.2284, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WS2_32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WS2HELP.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\iphlpapi.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\NETAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMM32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WINMM.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Maxthon2\mxpp.dll  [(Verified)Maxthon International ltd., 1, 0, 0, 117, C:2008-06-30 16:27 M:2008-06-30 16:27]
    D:\Maxthon2\MxSk.dll  [(Verified)Maxthon, 1, 0, 0, 358, C:2008-06-30 16:27 M:2008-06-30 16:27]
    C:\WINDOWS\system32\MFC42.DLL  [(Verified)Microsoft Corporation, 6.02.4131.0, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSVCP60.dll  [(Verified)Microsoft Corporation, 6.02.3104.0, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MFC42u.DLL  [(Verified)Microsoft Corporation, 6.02.8071.0, C:2006-09-03 16:00 M:2006-12-14 21:45]
    C:\WINDOWS\system32\SHELL32.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.dll  [(Verified)Microsoft Corporation, 6.0 (xpsp.080413-2105), C:2008-04-13 19:11 M:2008-04-13 19:11]
    C:\WINDOWS\system32\urlmon.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\gdiplus.dll  [(Verified)Microsoft Corporation, 5.1.3102.5512 (xpsp.080413-2105), C:2008-04-13 19:11 M:2008-04-13 19:11]
    D:\Maxthon2\MxProxy2.dll  [(Verified)Maxthon International ltd., 1, 0, 0, 4033, C:2008-06-30 16:27 M:2008-06-30 16:27]
    D:\Maxthon2\MxExt.dll  [(Verified)N/A, C:2008-06-30 16:27 M:2008-06-30 16:27]
    D:\Maxthon2\MxUI.dll  [Maxthon International, 3, 3, 0, 3, C:2008-06-12 16:42 M:2008-06-12 16:42]
    C:\WINDOWS\system32\MSIMG32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\OLEACC.dll  [(Verified)Microsoft Corporation, 4.2.5406.0 (xpclient.010817-1148), C:2006-09-03 16:00 M:2006-09-03 16:00]
    C:\WINDOWS\system32\LPK.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USP10.dll  [(Verified)Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 25, C:2008-07-16 18:17 M:2008-08-15 22:09]
    C:\WINDOWS\system32\MFC42LOC.DLL  [(Verified)Microsoft Corporation, 6.00.8665.0, C:2006-09-03 16:00 M:2006-09-03 16:00]
    C:\WINDOWS\system32\WSOCK32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\卡卡安全助手\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.24, C:2008-07-16 18:17 M:2008-07-26 15:36]
    D:\卡卡安全助手\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-07-16 18:17 M:2008-07-26 15:36]
    C:\WINDOWS\system32\Wtsapi32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WINSTA.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-16 18:23 M:2008-07-25 14:56]
    D:\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-16 18:23 M:2008-07-25 14:56]
    C:\WINDOWS\system32\NTMARTA.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SAMLIB.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WLDAP32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\uxtheme.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\360safe\safemon\safemon.dll  [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42]
    C:\WINDOWS\system32\PSAPI.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSCTF.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SETUPAPI.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msctfime.ime  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:12]
    D:\Maxthon2\mxtool.dll  [(Verified)Copyright 2005, 1, 0, 0, 1, C:2008-06-30 16:27 M:2008-06-30 16:27]
    D:\Maxthon2\maxzlib.dll  [(Verified)(C) 1995-2004 Jean-loup Gailly & Mark Adler, 1.2.3, C:2008-06-30 16:26 M:2008-06-30 16:26]
    C:\WINDOWS\system32\CLBCATQ.DLL  [(Verified)Microsoft Corporation, 2001.12.4414.700, C:2008-07-16 17:02 M:2008-04-13 19:13]
    C:\WINDOWS\system32\COMRes.dll  [(Verified)Microsoft Corporation, 2001.12.4414.700, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RICHED32.DLL  [(Verified)Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2006-09-03 16:00 M:2006-09-03 16:00]
    C:\WINDOWS\system32\RICHED20.dll  [(Verified)Microsoft Corporation, 5.30.23.1230, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msxml3.dll  [(Verified)Microsoft Corporation, 8.90.1101.0, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\xpsp2res.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 11:35]
    C:\WINDOWS\system32\browseui.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\appHelp.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\cscui.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\CSCDLL.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\mlang.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Maxthon2\Modules\MxPageSearch\MxPageSearch.dll  [(Verified)Maxthon International ltd., 1,0,0,1330, C:2008-06-30 16:27 M:2008-06-30 16:27]
    D:\Maxthon2\Modules\MxWebBoost\MxWebBoost.dll  [(Verified)Maxthon, 1,0,2,1259, C:2008-06-30 16:27 M:2008-06-30 16:27]
    D:\Maxthon2\mxdb.dll  [(Verified)Max, 3, 5, 3, 125, C:2008-06-30 16:26 M:2008-06-30 16:26]
    C:\WINDOWS\system32\rsaenh.dll  [(Verified)Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711), C:2006-09-03 16:00 M:2008-04-13 10:37]
    C:\WINDOWS\system32\USERENV.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Maxthon2\Modules\MxGuardian\MxGuardian.dll  [(Verified)Maxthon International ltd., 1, 0, 0, 666, C:2008-06-30 16:27 M:2008-06-30 16:27]
    C:\WINDOWS\system32\WINTRUST.dll  [(Verified)Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMAGEHLP.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\shdocvw.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\CRYPTUI.dll  [(Verified)Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SXS.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\mswsock.dll  [(Verified)Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-21 01:46]
    C:\WINDOWS\system32\hnetcfg.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\wshtcpip.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RASAPI32.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\rasman.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\TAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\rtutils.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\DNSAPI.dll  [(Verified)Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-21 01:46]
    C:\WINDOWS\System32\winrnr.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\rasadhlp.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msv1_0.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Maxthon2\Modules\MxHistory\MxHistory.dll  [(Verified)Maxthon International ltd., 1, 0, 0, 7, C:2008-06-30 16:27 M:2008-06-30 16:27]
    C:\WINDOWS\system32\shdoclc.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 18:53]
    C:\WINDOWS\system32\mshtml.dll  [(Verified)Microsoft Corporation, 6.00.2900.5583 (xpsp_sp3_gdr.080417-1430), C:2006-09-03 16:00 M:2008-04-21 12:13]
    C:\WINDOWS\system32\msls31.dll  [(Verified)Microsoft Corporation, 3.10.349.0, C:2006-09-03 16:00 M:2006-09-03 16:00]
    C:\WINDOWS\system32\msimtf.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rav\RavScrCh.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-07-16 21:42 M:2008-07-30 20:57]
    C:\WINDOWS\system32\vbscript.dll  [(Verified)Microsoft Corporation, 5.7.0.18066, C:2006-09-03 16:00 M:2008-05-09 18:53]
    C:\WINDOWS\system32\jscript.dll  [(Verified)Microsoft Corporation, 5.7.0.18066, C:2006-09-03 16:00 M:2008-05-09 18:53]
    C:\WINDOWS\system32\mscms.dll  [(Verified)Microsoft Corporation, 5.1.2600.5627 (xpsp_sp3_gdr.080624-1245), C:2006-09-03 16:00 M:2008-06-25 00:42]
    C:\WINDOWS\system32\WINSPOOL.DRV  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:14]
    C:\WINDOWS\system32\wdmaud.drv  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2004-08-17 00:39 M:2008-04-13 19:14]
    C:\WINDOWS\system32\msacm32.drv  [(Verified)Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2006-09-03 16:00 M:2006-09-03 16:00]
    C:\WINDOWS\system32\MSACM32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\midimap.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx  [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32]
    C:\WINDOWS\system32\comdlg32.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ddrawex.dll  [(Verified)Microsoft Corporation, 5.03.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\DDRAW.dll  [(Verified)Microsoft Corporation, 5.03.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\DCIMAN32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\schannel.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\mshtmled.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\iepeers.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]

[PID: 1884 / Administrator]   F:\arswp\ArSwp.exe   [(Verified)ArSwp.com, 2, 8, 1, 815, C:2008-08-20 17:45 M:2008-08-15 22:25]
    C:\WINDOWS\system32\ntdll.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kernel32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHLWAPI.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ADVAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RPCRT4.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\Secur32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\GDI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USER32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msvcrt.dll  [(Verified)Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WININET.dll  [(Verified)Microsoft Corporation, 6.00.2900.5583 (xpsp_sp3_gdr.080417-1430), C:2006-09-03 16:00 M:2008-04-21 14:43]
    C:\WINDOWS\system32\CRYPT32.dll  [(Verified)Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSASN1.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\OLEAUT32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ole32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\VERSION.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\imagehlp.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WINTRUST.dll  [(Verified)Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WTSAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WINSTA.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\NETAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\PSAPI.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\comdlg32.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\COMCTL32.dll  [(Verified)Microsoft Corporation, 5.82 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SHELL32.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WINSPOOL.DRV  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:14]
    C:\WINDOWS\system32\oledlg.dll  [(Verified)Microsoft Corporation, 1.0 (xpsp.080413-2108), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\OLEPRO32.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\urlmon.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WSOCK32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WS2_32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WS2HELP.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\iphlpapi.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MSVCP60.dll  [(Verified)Microsoft Corporation, 6.02.3104.0, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SETUPAPI.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMM32.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\LPK.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\USP10.dll  [(Verified)Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 25, C:2008-07-16 18:17 M:2008-08-15 22:09]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll  [(Verified)Microsoft Corporation, 6.0 (xpsp.080413-2105), C:2008-04-13 19:11 M:2008-04-13 19:11]
    D:\卡卡安全助手\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.24, C:2008-07-16 18:17 M:2008-07-26 15:36]
    D:\卡卡安全助手\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-07-16 18:17 M:2008-07-26 15:36]
    D:\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-16 18:23 M:2008-07-25 14:56]
    D:\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-16 18:23 M:2008-07-25 14:56]
    C:\WINDOWS\system32\uxtheme.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\360safe\safemon\safemon.dll  [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42]
    C:\WINDOWS\system32\MSCTF.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\appHelp.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\CLBCATQ.DLL  [(Verified)Microsoft Corporation, 2001.12.4414.700, C:2008-07-16 17:02 M:2008-04-13 19:13]
    C:\WINDOWS\system32\COMRes.dll  [(Verified)Microsoft Corporation, 2001.12.4414.700, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msctfime.ime  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:12]
    F:\arswp\plugin\ArFix.dll  [(Verified)ArSwp.Com, 2, 5, 0, 0, C:2008-08-20 17:45 M:2007-11-28 15:19]
    C:\WINDOWS\system32\USERENV.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\shdocvw.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\CRYPTUI.dll  [(Verified)Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WLDAP32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\asycfilt.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\mlang.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\mswsock.dll  [(Verified)Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-21 01:46]
    C:\WINDOWS\system32\hnetcfg.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\System32\wshtcpip.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\RASAPI32.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\rasman.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\TAPI32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\rtutils.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\WINMM.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\msv1_0.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\DNSAPI.dll  [(Verified)Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-21 01:46]
    C:\WINDOWS\System32\winrnr.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\rasadhlp.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\Cabinet.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\SXS.DLL  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\shdoclc.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 18:53]
    C:\WINDOWS\system32\xpsp2res.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 11:35]
    C:\WINDOWS\system32\mshtml.dll  [(Verified)Microsoft Corporation, 6.00.2900.5583 (xpsp_sp3_gdr.080417-1430), C:2006-09-03 16:00 M:2008-04-21 12:13]
    C:\WINDOWS\system32\msls31.dll  [(Verified)Microsoft Corporation, 3.10.349.0, C:2006-09-03 16:00 M:2006-09-03 16:00]
    C:\WINDOWS\system32\msimtf.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    D:\Rising\Rav\RavScrCh.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-07-16 21:42 M:2008-07-30 20:57]
    C:\WINDOWS\system32\vbscript.dll  [(Verified)Microsoft Corporation, 5.7.0.18066, C:2006-09-03 16:00 M:2008-05-09 18:53]
    C:\WINDOWS\system32\jscript.dll  [(Verified)Microsoft Corporation, 5.7.0.18066, C:2006-09-03 16:00 M:2008-05-09 18:53]
    C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx  [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32]
    C:\WINDOWS\system32\wdmaud.drv  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2004-08-17 00:39 M:2008-04-13 19:14]
    C:\WINDOWS\system32\msacm32.drv  [(Verified)Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2006-09-03 16:00 M:2006-09-03 16:00]
    C:\WINDOWS\system32\MSACM32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\midimap.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\dxtrans.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ATL.DLL  [(Verified)Microsoft Corporation, 3.05.2284, C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\ddrawex.dll  [(Verified)Microsoft Corporation, 5.03.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\DDRAW.dll  [(Verified)Microsoft Corporation, 5.03.2600.5512 (xpsp.080413-0845), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\DCIMAN32.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\dxtmsft.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\IMGUTIL.DLL  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\pngfilt.dll  [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\mstask.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-07-16 17:03 M:2008-04-13 19:13]
    C:\WINDOWS\system32\MPR.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
    C:\WINDOWS\system32\NTDSAPI.dll  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-09-03 16:00 M:2008-04-13 19:13]


========================================
文件关联

[.hlp] <%SystemRoot%\System32\winhlp32.exe %1> [(Verified)Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148), C:2006-09-03 16:00 M:2006-09-03 16:00]
[.vbs] <%SystemRoot%\System32\WScript.exe "%1" %*> [(Verified)Microsoft Corporation, 5.7.0.18066, C:2006-09-03 16:00 M:2008-05-08 19:24]
[.js] <%SystemRoot%\System32\WScript.exe "%1" %*> [(Verified)Microsoft Corporation, 5.7.0.18066, C:2006-09-03 16:00 M:2008-05-08 19:24]
[.chm] <"C:\WINDOWS\hh.exe" %1> [(Verified)Microsoft Corporation, 5.2.3790.2453 (srv03_sp1_qfe.050525-1536), C:2006-09-03 16:00 M:2008-04-13 19:14]


========================================
AutoRun.INF



========================================
Winsock提供者

MSAFD Tcpip [TCP/IP]
    <%SystemRoot%\system32\mswsock.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-21 01:46]
MSAFD Tcpip [UDP/IP]
    <%SystemRoot%\system32\mswsock.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-21 01:46]
MSAFD Tcpip [RAW/IP]
    <%SystemRoot%\system32\mswsock.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-21 01:46]
RSVP UDP Service Provider
    <%SystemRoot%\system32\rsvpsp.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
RSVP TCP Service Provider
    <%SystemRoot%\system32\rsvpsp.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-09-03 16:00 M:2008-04-13 19:13]
MSAFD NetBIOS [\Device\NetBT_Tcpip_{E7201443-919F-4183-A6C6-71FF517BD495}] SEQPACKET 0
    <%SystemRoot%\system32\mswsock.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-21 01:46]
MSAFD NetBIOS [\Device\NetBT_Tcpip_{E7201443-919F-4183-A6C6-71FF517BD495}] DATAGRAM 0
    <%SystemRoot%\system32\mswsock.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-21 01:46]
MSAFD NetBIOS [\Device\NetBT_Tcpip_{AB7CF34E-C55E-4520-AAA9-270286084101}] SEQPACKET 1
    <%SystemRoot%\system32\mswsock.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-21 01:46]
MSAFD NetBIOS [\Device\NetBT_Tcpip_{AB7CF34E-C55E-4520-AAA9-270286084101}] DATAGRAM 1
    <%SystemRoot%\system32\mswsock.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-21 01:46]
MSAFD NetBIOS [\Device\NetBT_Tcpip_{DC27E26C-AAE8-434C-8306-19F167634FA5}] SEQPACKET 2
    <%SystemRoot%\system32\mswsock.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-21 01:46]
MSAFD NetBIOS [\Device\NetBT_Tcpip_{DC27E26C-AAE8-434C-8306-19F167634FA5}] DATAGRAM 2
    <%SystemRoot%\system32\mswsock.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-21 01:46]
MSAFD NetBIOS [\Device\NetBT_Tcpip_{892C7EF6-9C8D-4682-BE1F-E260F238A97C}] SEQPACKET 3
    <%SystemRoot%\system32\mswsock.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-21 01:46]
MSAFD NetBIOS [\Device\NetBT_Tcpip_{892C7EF6-9C8D-4682-BE1F-E260F238A97C}] DATAGRAM 3
    <%SystemRoot%\system32\mswsock.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-21 01:46]
MSAFD NetBIOS [\Device\NetBT_Tcpip_{306B383E-FFE2-4A54-8662-186EBF2637AC}] SEQPACKET 4
    <%SystemRoot%\system32\mswsock.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-21 01:46]
MSAFD NetBIOS [\Device\NetBT_Tcpip_{306B383E-FFE2-4A54-8662-186EBF2637AC}] DATAGRAM 4
    <%SystemRoot%\system32\mswsock.dll>  [(Verified)Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2006-09-03 16:00 M:2008-06-21 01:46]


========================================
HOSTS

    127.0.0.1 localhost


[/CODE]