[CODE]

2008-08-21,11:38:06

SysLog Scanner 1.0 - build 20080726
Arswp (http://www.arswp.com)

Windows XP Professional Service Pack 2 (build 2600) - Administrators



========================================
注册项

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32>  []
    <PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  []
    <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32>  []
    <Super Rabbit SafeEdit><; C:\Program Files\Super Rabbit\MagicSet\SRFC.EXE /Load>  [Super Rabbit Soft, 2.30, C:2007-09-27 16:06 M:2007-09-27 16:06]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <bootvidgj.dll><C:\WINDOWS\system32\bootvidgj.dll>  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    <kbdswjr.dll><C:\WINDOWS\system32\kbdswjr.dll>  []
    <lweurqhx.dll><C:\WINDOWS\system32\lweurqhx.dll>  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    <tuxumyls.dll><C:\WINDOWS\system32\tuxumyls.dll>  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    <cliconfgzx.dll><C:\WINDOWS\system32\cliconfgzx.dll>  [N/A, C:2001-08-14 22:27 M:2001-08-14 22:27]
    <adsntzt.dll><C:\WINDOWS\system32\adsntzt.dll>  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    <certmgrkd.dll><C:\WINDOWS\system32\certmgrkd.dll>  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    <avicapwm.dll><C:\WINDOWS\system32\avicapwm.dll>  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    <imgutilhx2.dll><C:\WINDOWS\system32\imgutilhx2.dll>  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{E0F3526A-4165-4589-80CD-50B6FBAC3BDA}><C:\WINDOWS\system32\adsntzt.dll>  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    <{6B9FEAD7-4319-4312-AB05-D8C9CD255BFE}><C:\WINDOWS\system32\avicapwm.dll>  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    <{71A78CD4-E470-4a18-8457-E0E0283DD507}><C:\WINDOWS\system32\lweurqhx.dll>  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    <{9E8287B0-0F3A-48ae-99C5-A6E0AAC36BC5}><C:\WINDOWS\system32\certmgrkd.dll>  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    <{21BE5FDF-D4CB-4850-AD99-21E68B50BF3F}><C:\WINDOWS\system32\tuxumyls.dll>  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    <{00300030-0030-0030-0030-00300030BB15}><C:\WINDOWS\system32\imgutilhx2.dll>  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    <{D3112B69-A745-4805-874E-ABD480EA1299}><C:\WINDOWS\system32\bootvidgj.dll>  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    <{00050005-0005-0005-0005-00050005BB15}><C:\WINDOWS\system32\cliconfgzx.dll>  [N/A, C:2001-08-14 22:27 M:2001-08-14 22:27]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&使用快车(FlashGet)下载]
    <><>  []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用WEB迅雷下载]
    <><C:\Program Files\Thunder Network\WebThunder\GetUrl.htm>  [N/A, C:2007-10-12 18:49 M:2007-10-12 18:49]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用WEB迅雷下载全部链接]
    <><C:\Program Files\Thunder Network\WebThunder\GetAllUrl.htm>  [N/A, C:2006-09-13 16:49 M:2006-09-13 16:49]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载]
    <><C:\Program Files\Thunder\Program\GetUrl.htm>  [N/A, C:2006-12-11 15:29 M:2008-06-13 09:55]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载全部链接]
    <><C:\Program Files\Thunder\Program\GetAllUrl.htm>  [N/A, C:2006-12-05 21:42 M:2008-06-13 09:55]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迷你快车下载]
    <><C:\Program Files\FlashGet Network\FlashGet Mini\GetUrl.htm>  [N/A, C:2008-06-08 00:19 M:2008-06-08 00:19]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迷你快车下载全部链接]
    <><C:\Program Files\FlashGet Network\FlashGet Mini\GetAllUrl.htm>  [N/A, C:2008-06-08 00:20 M:2008-06-08 00:20]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迷你快车下载该网页FLV]
    <><C:\Program Files\FlashGet Network\FlashGet Mini\FlashGetFlvdetector.htm>  [N/A, C:2008-05-16 19:09 M:2008-05-16 19:09]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\导出到 Microsoft Office Excel(&X)]
    <><res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000>  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)N/A, C:1980-01-01 00:00 M:2004-08-17 12:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)N/A, C:1980-01-01 00:00 M:2004-08-17 12:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)N/A, C:1980-01-01 00:00 M:2006-11-02 23:38]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}]
    <启动迅雷5><C:\Program Files\Thunder\Thunder.exe>  [Thunder Networking Technologies,LTD, 5, 6, 8, 19, C:2006-12-29 19:55 M:2008-07-11 09:45]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{962EFB8E-2683-42d4-AC74-AAA4C759B9C6}]
    <启动WEB迅雷><http://my.xunlei.com>  []


========================================
启动项

[SD1D5P]
    <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\SD1D5P.lnk --> "C:\WINDOWS\MGKUAVGH7ZR.exe"  > [drw.kills, 3.0.8.1, C:2008-08-21 11:11 M:2008-08-15 04:06]
[Z3QBV5RRWOP0]
    <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Z3QBV5RRWOP0.lnk --> "C:\WINDOWS\JTSMZ2VFZA5J.exe"  > [drw.kills, 3.0.8.1, C:2008-08-21 10:44 M:2008-08-15 04:06]
[JWPHP400HP]
    <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\JWPHP400HP.lnk --> "C:\WINDOWS\IMWNH9L.exe"  > [drw.kills, 3.0.8.1, C:2008-08-21 10:44 M:2008-08-15 04:06]
[NE4RQ4KLMXJU]
    <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\NE4RQ4KLMXJU.lnk --> "C:\WINDOWS\MSPJU.exe"  > [drw.kills, 3.0.8.1, C:2008-08-21 10:44 M:2008-08-15 04:06]
[JKV63AISI]
    <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\JKV63AISI.lnk --> "C:\WINDOWS\TVEOQK2JW.exe"  > [drw.kills, 3.0.8.1, C:2008-08-21 11:11 M:2008-08-15 04:06]
[12VEUIODKS]
    <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\12VEUIODKS.lnk --> "C:\WINDOWS\UTC8T.exe"  > [drw.kills, 3.0.8.1, C:2008-08-21 11:11 M:2008-08-15 04:06]
[7T0KOWKL]
    <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\7T0KOWKL.lnk --> "C:\WINDOWS\IX9OOD.exe"  > [drw.kills, 3.0.8.1, C:2008-08-21 11:11 M:2008-08-15 04:06]
[O4QGYKODVX]
    <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\O4QGYKODVX.lnk --> "C:\WINDOWS\PMD7S5NK57X7.exe"  > [drw.kills, 3.0.8.1, C:2008-08-21 11:11 M:2008-08-15 04:06]
[5GHH1]
    <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\5GHH1.lnk --> "C:\WINDOWS\051FS.exe"  > [drw.kills, 3.0.8.1, C:2008-08-21 10:45 M:2008-08-15 04:06]
[PYTYCWD8]
    <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\PYTYCWD8.lnk --> "C:\WINDOWS\IQ00M.exe"  > [drw.kills, 3.0.8.1, C:2008-08-21 11:11 M:2008-08-15 04:06]
[Q7B7X]
    <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Q7B7X.lnk --> ""  > []


========================================
计划任务



========================================
组件


ShellServiceObjectDelayLoad
[]
    {00030003-0003-0003-0003-00030003BB15}  <C:\WINDOWS\system32\bootvidgj.dll>  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
[]
    {00120012-0012-0012-0012-00120012BB15}  <C:\WINDOWS\system32\kbdswjr.dll>  []
[]
    {71A78CD4-E470-4a18-8457-E0E0283DD507}  <C:\WINDOWS\system32\lweurqhx.dll>  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
[]
    {21BE5FDF-D4CB-4850-AD99-21E68B50BF3F}  <C:\WINDOWS\system32\tuxumyls.dll>  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
[]
    {00050005-0005-0005-0005-00050005BB15}  <C:\WINDOWS\system32\cliconfgzx.dll>  [N/A, C:2001-08-14 22:27 M:2001-08-14 22:27]
[]
    {E0F3526A-4165-4589-80CD-50B6FBAC3BDA}  <C:\WINDOWS\system32\adsntzt.dll>  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
[]
    {9E8287B0-0F3A-48ae-99C5-A6E0AAC36BC5}  <C:\WINDOWS\system32\certmgrkd.dll>  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
[]
    {6B9FEAD7-4319-4312-AB05-D8C9CD255BFE}  <C:\WINDOWS\system32\avicapwm.dll>  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
[]
    {00300030-0030-0030-0030-00300030BB15}  <C:\WINDOWS\system32\imgutilhx2.dll>  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]

ShellExecuteHook
[]
    {E0F3526A-4165-4589-80CD-50B6FBAC3BDA}  <C:\WINDOWS\system32\adsntzt.dll>  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
[]
    {6B9FEAD7-4319-4312-AB05-D8C9CD255BFE}  <C:\WINDOWS\system32\avicapwm.dll>  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
[]
    {71A78CD4-E470-4a18-8457-E0E0283DD507}  <C:\WINDOWS\system32\lweurqhx.dll>  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
[]
    {9E8287B0-0F3A-48ae-99C5-A6E0AAC36BC5}  <C:\WINDOWS\system32\certmgrkd.dll>  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
[]
    {21BE5FDF-D4CB-4850-AD99-21E68B50BF3F}  <C:\WINDOWS\system32\tuxumyls.dll>  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
[]
    {00300030-0030-0030-0030-00300030BB15}  <C:\WINDOWS\system32\imgutilhx2.dll>  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
[]
    {D3112B69-A745-4805-874E-ABD480EA1299}  <C:\WINDOWS\system32\bootvidgj.dll>  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
[]
    {00050005-0005-0005-0005-00050005BB15}  <C:\WINDOWS\system32\cliconfgzx.dll>  [N/A, C:2001-08-14 22:27 M:2001-08-14 22:27]

Shell Extension
[Display Panning CPL Extension]
    {42071714-76d4-11d1-8b24-00a0c9068ff3}  <deskpan.dll>  []
[HyperTerminal Icon Ext]
    {88895560-9AA2-1069-930E-00AA0030EBC8}  <C:\WINDOWS\system32\hticons.dll>  [(Verified)Hilgraeve, Inc., 5.1.2600.0, C:2006-11-07 01:29 M:2004-08-17 20:00]
[WinRAR shell extension]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <C:\Program Files\WinRAR\rarext.dll>  [N/A, C:2007-02-01 13:57 M:2006-12-04 18:43]
[Shell Extensions for RealOne Player]
    {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}  <C:\Program Files\Real\RealPlayer\rpshell.dll>  [RealNetworks, Inc., 1.0.1.2237, C:2007-02-01 14:08 M:2007-02-01 14:08]
[NvCpl DesktopContext Class]
    {A70C977A-BF00-412C-90B7-034C51DA2439}  <C:\WINDOWS\system32\nvcpl.dll>  [(Verified)NVIDIA Corporation, 6.14.10.9136, C:1980-01-01 00:00 M:2006-07-12 13:19]
[Play on my TV helper]
    {FFB699E0-306A-11d3-8BD1-00104B6F7516}  <C:\WINDOWS\system32\nvcpl.dll>  [(Verified)NVIDIA Corporation, 6.14.10.9136, C:1980-01-01 00:00 M:2006-07-12 13:19]
[Desktop Explorer]
    {1CDB2949-8F65-4355-8456-263E7C208A5D}  <C:\WINDOWS\system32\nvshell.dll>  [N/A, C:1980-01-01 00:00 M:2006-07-12 13:19]
[Desktop Explorer Menu]
    {1E9B04FB-F9E5-4718-997B-B8DA88302A47}  <C:\WINDOWS\system32\nvshell.dll>  [N/A, C:1980-01-01 00:00 M:2006-07-12 13:19]
[nView Desktop Context Menu]
    {1E9B04FB-F9E5-4718-997B-B8DA88302A48}  <C:\WINDOWS\system32\nvshell.dll>  [N/A, C:1980-01-01 00:00 M:2006-07-12 13:19]
[Autodesk DWF Preview]
    {6DEA92E9-8682-4b6a-97DE-354772FE5727}  <C:\Program Files\Common Files\Autodesk Shared\AcDwfThmbPrxy16.dll>  [(Verified)Autodesk, 16.2.54.0, C:2005-03-05 04:14 M:2005-03-05 04:14]
[RISING]
    {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}  <C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2007-05-07 08:07 M:2008-07-28 14:53]
[UnlockerShellExtension]
    {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83}  <C:\Program Files\Unlocker\UnlockerCOM.dll>  [N/A, C:2008-05-02 12:15 M:2008-05-02 12:15]

Protocols
[]
    {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC}  <C:\WINDOWS\system32\KuGoo3DownXControl.ocx>  [酷狗, 5.2.4.4, C:2008-07-06 01:14 M:2008-06-18 16:06]
[]
    {828030A1-22C1-4009-854F-8E305202313F}  <"C:\PROGRA~1\MSNMES~1\msgrapp.dll">  [Microsoft Corporation, 7.5.0324, C:2006-01-24 20:34 M:2006-01-24 20:34]

BrowserHelperObject
[超级兔子上网精灵]
    {7369D35A-5B70-4A5B-B789-B25FE09B4AF3}  <C:\Program Files\Super Rabbit\MagicSet\haokanbar.dll>  [Xiang Feng Technology, 2, 3, 0, 1658, C:2007-09-30 00:35 M:2007-09-30 00:35]

UrlSeachHook
[SrchHook Class]
    {F08555B0-9CC3-11D2-AA8E-000000000000}  <C:\WINDOWS\system32\IEBHO.dll>  []

ToolBar
[百度工具栏]
    {B580CF65-E151-49C3-B73F-70B13FCA8E86}  <C:\PROGRA~1\baidu\bar\baidubar.dll>  []
[超级兔子上网精灵]
    {43869BB3-22FD-4F15-9B46-238106BA2F4E}  <C:\Program Files\Super Rabbit\MagicSet\haokanbar.dll>  [Xiang Feng Technology, 2, 3, 0, 1658, C:2007-09-30 00:35 M:2007-09-30 00:35]

ActiveX Extension
[WebThunder Browser Helper]
    {00000AAA-A363-466E-BEF5-9BB68697AA7F}  <C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 62, C:2008-01-11 19:14 M:2008-01-19 16:26]
[ThunderAtOnce Class]
    {01443AEC-0FD1-40FD-9C87-E93D1494C233}  <C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll>  []
[MMCPlayer Class]
    {05C1004E-2596-48E5-8E26-39362985EEB9}  <F:\工具\feidianTV\MMCShell.dll>  [Sohu.com Inc., 2, 0, 0, 100, C:2007-04-18 16:28 M:2007-05-15 15:32]
[ULiveCtrl Control]
    {070CA17A-4BD2-4612-83B4-32B1B9159B48}  <C:\PROGRA~1\sina\SINAWE~1\302~1.9BE\UCLIVE~1.OCX>  [(Verified)北京新浪信息技术有限公司, 3, 0, 2, 9, C:2008-08-08 20:12 M:2008-08-06 16:54]
[Thunder Browser Helper]
    {077FD0C2-1291-4104-A356-41E36B252682}  <C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll>  []
[eREADVer Control]
    {0FA136BD-E4E5-41E9-8305-C62F3B64ABF7}  <C:\PROGRA~1\eREAD6.0\eREAD6.0\eREAD6.dll>  [TODO: <Company name>, 1.0.0.1, C:2007-07-06 17:49 M:2007-07-06 17:49]
[UUSeeInstaller Control]
    {1345F3CB-7C40-41C2-9AC2-87CF8B68E34E}  <C:\PROGRA~1\Netease\NETEAS~1\NETEAS~1.OCX>  [(Verified)UUSEE, 1, 8, 727, 18, C:2008-07-27 19:21 M:2008-07-27 19:21]
[InstallHelper Class]
    {1DABF8D5-8430-4985-9B7F-A30E53D709B3}  <C:\Program Files\Tencent\QQLive\QQLiveInstaller.dll>  [Copyright (C) 2005 - 2007 TENCENT Inc. All Rights Reserved. 腾讯公司 版权所有 (C) 2005 - 2007, 6.00.3432.6, C:2007-09-18 15:32 M:2007-09-18 15:32]
[AddTask Class]
    {24F06550-65E3-4D1C-8CFE-839C296B5530}  <C:\Program Files\eREAD6.0\eREAD6.0\IEeREAD.dll>  [Copyright 2007, 1, 0, 0, 1, C:2007-06-28 17:24 M:2007-06-28 17:24]
[WebThunder DapPlayer]
    {2EEDA47E-8D5C-4d7e-B4B6-E16E19218555}  <C:\Program Files\Thunder Network\WebThunder\DownAndPlay\DapPlayer3.0.41.65.868.dll>  [ShenZhen Thunder Networking Technologies Ltd., 3, 0, 41, 65, C:2008-03-04 23:15 M:2007-12-04 11:19]
[RealPlayer RAM Download Handler]
    {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93}  <C:\WINDOWS\system32\rmoc3260.dll>  [RealNetworks, Inc., 6.0.9.2318, C:2006-02-28 10:31 M:2006-02-28 10:31]
[Thunder Browser Helper]
    {3E422F48-1566-40D3-B43D-077EF739AC32}  <C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll>  []
[超级兔子上网精灵]
    {43869BB3-22FD-4F15-9B46-238106BA2F4E}  <C:\Program Files\Super Rabbit\MagicSet\haokanbar.dll>  [Xiang Feng Technology, 2, 3, 0, 1658, C:2007-09-30 00:35 M:2007-09-30 00:35]
[]
    {47AC9076-C898-B098-D098-A18319080974}  <C:\WINDOWS\system32\nhmxdjkl.dll>  []
[Thunder Agent Class]
    {485463B7-8FB2-4B3B-B29B-8B919B0EACCE}  <C:\Program Files\Thunder\ComDlls\ThunderAgent_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 4, 23, C:2007-06-23 19:05 M:2008-06-13 09:43]
[EditCtrl Class]
    {488A4255-3236-44B3-8F27-FA1AECAA8844}  <C:\WINDOWS\system32\aliedit\aliedit.dll>  [(Verified)Copyright 2007, 1, 1, 0, 1, C:2007-04-19 18:46 M:2007-04-19 18:46]
[UploadControl Control]
    {52FF336D-A05D-4A14-A3A1-7B6B4B427F88}  <C:\WINDOWS\system32\UPLOAD~1.OCX>  [广州网易互动娱乐有限公司, 1.0.0.28, C:2008-01-16 16:09 M:2008-01-16 16:09]
[PowerPlayer Control]
    {5EC7C511-CD0F-42E6-830C-1BD9882F3458}  <C:\PROGRA~1\PPStream\POWERP~1.DLL>  []
[XMP Class]
    {6483F145-A768-4C41-AACC-52D4D7845851}  <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work>  [Copyright XunLei 2007, 2, 1, 2, 77, C:2007-10-24 12:55 M:2008-08-04 12:58]
[ChatCommControl Control]
    {688C15EE-9C38-471D-9E46-BB842E30246F}  <C:\WINDOWS\DOWNLO~1\NaraChat.ocx>  [NaraSoft, 1, 0, 0, 7, C:2008-03-12 13:40 M:2008-03-12 13:40]
[XDRM]
    {693571CB-54A3-4E90-9D52-EEAE1334E2D3}  <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work>  [Copyright XunLei 2007, 1, 0, 0, 7, C:2007-10-24 12:55 M:2008-08-04 12:58]
[AddTask Class]
    {6A19C29D-ED45-4483-8999-9F939C8161F2}  <C:\Program Files\eREAD6.0\eREAD6.0\WebHook.dll>  [Copyright 2007, 1, 0, 0, 1, C:2007-06-29 14:03 M:2007-06-29 14:03]
[超级兔子上网精灵]
    {7369D35A-5B70-4A5B-B789-B25FE09B4AF3}  <C:\Program Files\Super Rabbit\MagicSet\haokanbar.dll>  [Xiang Feng Technology, 2, 3, 0, 1658, C:2007-09-30 00:35 M:2007-09-30 00:35]
[Vagaa_CHK Control]
    {75124323-C599-4253-8CE1-86389192EDC1}  <E:\乱\Vagaa\exts\VAGAA_~1.OCX>  [51yess, 1, 0, 0, 1, C:2007-10-09 12:58 M:2005-08-02 21:10]
[MediaComm Class]
    {7670648D-461B-42AF-BDFE-46D26AF5EFF2}  <C:\Program Files\Thunder\Components\InMedia\MediaAddin17.dll>  [Thunder Networking Technologies,LTD, 3, 1, 5, 78, C:2008-08-02 16:03 M:2008-07-12 09:58]
[BandIE Class]
    {77FEF28E-EB96-44FF-B511-3185DEA48697}  <C:\PROGRA~1\baidu\bar\baidubar.dll>  []
[DLoader Class]
    {78ABDC59-D8E7-44D3-9A76-9A0918C52B4A}  <C:\WINDOWS\Downloaded Program Files\downloader.dll>  [(Verified)Sina Com, 1, 0, 0, 14, C:2008-07-28 15:29 M:2008-07-28 15:29]
[163Uploader Control]
    {8686F2A6-DC01-4E8F-BDE3-DCC7DBBAD6AE}  <C:\WINDOWS\system32\163UPL~1.OCX>  [广州网易互动娱乐有限公司, 1.0.0.16, C:2008-02-14 10:40 M:2008-03-17 16:14]
[360SafeLive]
    {87515F61-A66C-4319-A0E0-D416CB8059E3}  <C:\Program Files\装机人员工具\360safe_3.0\live.dll>  [(Verified)360.cn, 1, 0, 1, 1027, C:2008-04-09 17:07 M:2008-04-09 17:07]
[Thunder Browser Helper]
    {889D2FEB-5411-4565-8998-1DD2C5261283}  <C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll>  []
[SLViewer Control]
    {8EEB54D5-CC70-40E4-B015-AC478C02ECC8}  <C:\WINDOWS\system32\SLViewer.ocx>  [DideoNET Co., Ltd., 1, 2, 32, 209, C:2007-11-21 16:15 M:2007-11-21 16:15]
[LiveMediaOcx Control]
    {9242BB35-0DB0-43AC-8DFC-8EA07E63B92A}  <C:\PROGRA~1\Tencent\QQLive\QQLive.ocx>  [Tencent, 6.00.3432.6, C:2007-09-18 15:28 M:2007-09-18 15:28]
[Tool Class]
    {A7F05EE4-0426-454F-8013-C41E3596E9E9}  <C:\PROGRA~1\baidu\bar\baidubar.dll>  []
[DapCtrl Class]
    {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8}  <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.1.5803.60.(284).dll>  [ShenZhen Thunder Networking Technologies Ltd., 2, 1, 5803, 60, C:2008-08-15 01:49 M:2008-08-04 12:58]
[百度工具栏]
    {B580CF65-E151-49C3-B73F-70B13FCA8E86}  <C:\PROGRA~1\baidu\bar\baidubar.dll>  []
[SafeMon Class]
    {B69F34DD-F0F9-42DC-9EDD-957187DA688D}  <C:\Program Files\装机人员工具\360safe_3.0\safemon\safemon.dll>  [(Verified)360.CN, 4, 1, 5, 1002, C:2008-05-27 18:20 M:2008-05-27 18:20]
[Tencent Safety Online Base Module]
    {C09B522F-8AED-4E21-A65C-DC1AB652BAEE}  <C:\WINDOWS\system32\TSOBase\TSOBase.ocx>  [(Verified)Tencent Corporation, 2007, 4, 10, 12, C:2006-12-17 16:10 M:2006-12-17 16:10]
[MiniFlashGetBHO]
    {C74E94A7-B7BD-4891-9328-455395BCC7AD}  <C:\Program Files\FlashGet Network\FlashGet Mini\libMiniBHO.dll>  [(Verified)FlashGet Inc, 1.0.1.1002, C:2008-06-12 11:22 M:2008-06-12 11:22]
[RealPlayer G2 Control]
    {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA}  <C:\WINDOWS\system32\rmoc3260.dll>  [RealNetworks, Inc., 6.0.9.2318, C:2006-02-28 10:31 M:2006-02-28 10:31]
[Shockwave Flash Object]
    {D27CDB6E-AE6D-11CF-96B8-444553540000}  <C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx>  [(Verified)Adobe Systems, Inc., 9,0,115,0, C:2007-11-21 08:04 M:2007-11-21 08:04]
[PlayerCtrl Class]
    {E05BC2A3-9A46-4A32-80C9-023A473F5B23}  <C:\Program Files\Tencent\qq\QzoneMusic.dll>  [(Verified)深圳腾讯科技, 3, 1, 163, 202, C:2007-05-20 16:38 M:2007-05-20 16:38]
[PasswordEditCtrl Class]
    {E787FD25-8D7C-4693-AE67-9406BC6E22DF}  <C:\WINDOWS\system32\qqedit\qqedit.dll>  [(Verified)腾讯科技（深圳）有限公司, 1, 1, 0, 5, C:2008-03-04 20:39 M:2008-01-07 17:08]
[UPlayer Control]
    {EAB7A1CC-C77B-45E5-9AC2-AD037D047BCC}  <C:\PROGRA~1\Netease\NETEAS~1\SEEPLA~1.OCX>  [(Verified)UUSEE, 2008, 7, 29, 0, C:2008-07-31 18:22 M:2008-07-31 18:22]
[BoBoControl Class]
    {EC0978ED-24E3-403C-AB7A-060E388553E6}  <C:\WINDOWS\system32\BoBo_ActiveX_V3.ocx>  [(Verified)广州易播信息科技有限公司, 3.20.1116.2, C:2007-11-30 10:11 M:2007-11-16 15:26]
[Thunder DapPlayer]
    {EEDD6FF9-13DE-496B-9A1C-D78B3215E266}  <C:\Program Files\Thunder\Components\DownAndPlay\DapPlayer3.0.5712.71.284.dll>  [ShenZhen Thunder Networking Technologies Ltd., 3, 0, 5712, 71, C:2008-08-15 01:49 M:2008-08-04 12:58]
[Thunder DapCtrl]
    {EF1EA76E-5428-4e40-85A1-D4DD2893183A}  <C:\Program Files\Thunder Network\WebThunder\DownAndPlay\DapCtrl1.3.17.20.868.dll>  [ShenZhen Thunder Networking Technologies Ltd., 1.3.17.20, C:2008-03-04 23:15 M:2008-01-02 10:10]
[SrchHook Class]
    {F08555B0-9CC3-11D2-AA8E-000000000000}  <C:\WINDOWS\system32\IEBHO.dll>  []
[QvodCtrl Class]
    {F3D0D36F-23F8-4682-A195-74C92B03D4AF}  <C:\Program Files\QvodPlayer\QvodInsert.dll>  [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53, C:2008-02-18 18:45 M:2008-02-18 18:45]
[XPPlayer Class]
    {F3E70CEA-956E-49CC-B444-73AFE593AD7F}  <C:\Program Files\Common Files\Thunder Network\KanKan\PPlayer.2.0.0.181.(284).dll>  [Xunlei Networking Technologies,LTD, 2, 0, 0, 181, C:2008-08-15 01:49 M:2008-08-04 12:58]

Context Menu
[RISINGRAV]
    {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}  <C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2007-05-07 08:07 M:2008-07-28 14:53]
[WinRAR]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <C:\Program Files\WinRAR\rarext.dll>  [N/A, C:2007-02-01 13:57 M:2006-12-04 18:43]
[UnlockerShellExtension]
    {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83}  <C:\Program Files\Unlocker\UnlockerCOM.dll>  [N/A, C:2008-05-02 12:15 M:2008-05-02 12:15]


========================================
服务

[HZ9L5DE / 051FS][Stopped/Disabled]
    <C:\WINDOWS\051FS.exe -2V0EEJZKP>  [drw.kills, 3.0.8.1, C:2008-08-21 10:45 M:2008-08-15 04:06]
[2B38FCXKUR / 078DR3][Stopped/Disabled]
    <C:\WINDOWS\078DR3.exe -ZXA59P>  [drw.kills, 3.0.8.1, C:2008-08-16 13:42 M:2008-08-15 04:06]
[HWRQW / 07GIB174E][Stopped/Disabled]
    <C:\WINDOWS\07GIB174E.exe -3W2ZBDE9>  [drw.kills, 3.0.8.1, C:2008-08-16 13:47 M:2008-08-15 04:06]
[F5KC7E4N9P / 0F1EJC3SMLV][Stopped/Disabled]
    <C:\WINDOWS\0F1EJC3SMLV.exe -OH8CJ2ROI>  [drw.kills, 3.0.8.1, C:2008-08-15 20:27 M:2008-08-15 04:06]
[EW9HDQZQUUCE / 0JTGCPMS2][Stopped/Disabled]
    <C:\WINDOWS\system32\0JTGCPMS2.exe -3R49S>  [drw.kills, 3.0.8.1, C:2008-08-15 20:36 M:2008-08-15 04:06]
[75Q9ZM / 0Q138JSDW][Stopped/Disabled]
    <C:\WINDOWS\0Q138JSDW.exe -WZ9GLVUG2CQA>  [drw.kills, 3.0.8.1, C:2008-08-16 13:47 M:2008-08-15 04:06]
[WBMKTHT / 0Q54WZPOXGL][Stopped/Disabled]
    <C:\WINDOWS\system32\0Q54WZPOXGL.exe -6H3SL8O6LNE>  [drw.kills, 3.0.8.1, C:2008-08-20 22:12 M:2008-08-15 04:06]
[4KURURX3I3 / 16G29QPCTMM][Stopped/Disabled]
    <C:\WINDOWS\16G29QPCTMM.exe -CGQKSDYK>  [drw.kills, 3.0.8.1, C:2008-08-17 00:50 M:2008-08-15 04:06]
[BM5D3P9OKSX / 1AHHRPWU7S][Stopped/Disabled]
    <C:\WINDOWS\system32\1AHHRPWU7S.exe -Y971TT>  [drw.kills, 3.0.8.1, C:2008-08-15 20:36 M:2008-08-15 04:06]
[5MUCUBY / 1AHSN5NOVZ][Stopped/Disabled]
    <C:\WINDOWS\1AHSN5NOVZ.exe -5FGNKBLNZCA>  [drw.kills, 3.0.8.1, C:2008-08-16 13:42 M:2008-08-15 04:06]
[PM5XOSARQ6I / 1DC38][Stopped/Disabled]
    <C:\WINDOWS\system32\1DC38.exe -E0PDPPRWVXZ>  [drw.kills, 3.0.8.1, C:2008-08-15 20:16 M:2008-08-15 04:06]
[SD7F8AN3CXF / 1GQ59][Stopped/Disabled]
    <C:\WINDOWS\system32\1GQ59.exe -6B8QSY>  [drw.kills, 3.0.8.1, C:2008-08-21 06:46 M:2008-08-15 04:06]
[DWAXI / 1SC25V6LCGBW][Stopped/Disabled]
    <C:\WINDOWS\1SC25V6LCGBW.exe -XQFNO5O5C5RO>  [drw.kills, 3.0.8.1, C:2008-08-15 05:22 M:2008-08-15 04:06]
[A8RO7L1 / 1YLN1R][Stopped/Disabled]
    <C:\WINDOWS\system32\1YLN1R.exe -3ZKUYVI>  [drw.kills, 3.0.8.1, C:2008-08-15 05:17 M:2008-08-15 04:06]
[YGWMOSW / 203QUTANIO7][Stopped/Disabled]
    <C:\WINDOWS\system32\203QUTANIO7.exe -5HE3Y75TP>  [drw.kills, 3.0.8.1, C:2008-08-16 12:21 M:2008-08-15 04:06]
[ND4PSDC / 20TXK][Stopped/Disabled]
    <C:\WINDOWS\system32\20TXK.exe -QW4AS>  [drw.kills, 3.0.8.1, C:2008-08-16 13:47 M:2008-08-15 04:06]
[REQDT58T / 235XJGAR8Z][Stopped/Disabled]
    <C:\WINDOWS\235XJGAR8Z.exe -573J3PIN5A9>  [drw.kills, 3.0.8.1, C:2008-08-17 00:47 M:2008-08-15 04:06]
[Z0OMEDG82 / 23UW2ARP][Stopped/Disabled]
    <C:\WINDOWS\system32\23UW2ARP.exe -YMHHUH>  [drw.kills, 3.0.8.1, C:2008-08-21 08:14 M:2008-08-15 04:06]
[Z3D0RM / 25CK34R5][Stopped/Disabled]
    <C:\WINDOWS\25CK34R5.exe -QOR5E6>  [drw.kills, 3.0.8.1, C:2008-08-15 20:27 M:2008-08-15 04:06]
[MAHA1LYM / 2BBQIOYO2CN3][Stopped/Disabled]
    <C:\WINDOWS\system32\2BBQIOYO2CN3.exe -Y1C6JE>  [drw.kills, 3.0.8.1, C:2008-08-15 20:36 M:2008-08-15 04:06]
[007ZHMOHNRAF / 2I25D][Stopped/Disabled]
    <C:\WINDOWS\2I25D.exe -OIS5T>  [drw.kills, 3.0.8.1, C:2008-08-15 04:32 M:2008-08-15 04:06]
[CK6P1REQP / 2OZN6Y][Stopped/Disabled]
    <C:\WINDOWS\2OZN6Y.exe -YI1CY5Q4IK>  [drw.kills, 3.0.8.1, C:2008-08-16 13:47 M:2008-08-15 04:06]
[JZ0R6O8OB / 2PDW01LA][Stopped/Disabled]
    <C:\WINDOWS\2PDW01LA.exe -NFOP6VAKM>  [drw.kills, 3.0.8.1, C:2008-08-15 04:34 M:2008-08-15 04:06]
[J3BZS3 / 2SSVI][Stopped/Disabled]
    <C:\WINDOWS\system32\2SSVI.exe -TP97C9>  [drw.kills, 3.0.8.1, C:2008-08-15 05:16 M:2008-08-15 04:06]
[KMC7Z / 2TPP31BMB][Stopped/Disabled]
    <C:\WINDOWS\system32\2TPP31BMB.exe -IBN2K1WENQHW>  [drw.kills, 3.0.8.1, C:2008-08-15 20:36 M:2008-08-15 04:06]
[BTZMFH0A9 / 2UFYNOZ0GDGG][Stopped/Disabled]
    <C:\WINDOWS\system32\2UFYNOZ0GDGG.exe -U4JTI>  [drw.kills, 3.0.8.1, C:2008-08-15 20:16 M:2008-08-15 04:06]
[3R6GR3S4KAD1 / 2VBIVLN2334Q][Stopped/Disabled]
    <C:\WINDOWS\system32\2VBIVLN2334Q.exe -8Y97VA>  [drw.kills, 3.0.8.1, C:2008-08-16 12:21 M:2008-08-15 04:06]
[LENHSX41 / 2ZYXYE64][Stopped/Disabled]
    <C:\WINDOWS\2ZYXYE64.exe -B0267V6RS40>  [drw.kills, 3.0.8.1, C:2008-08-16 12:21 M:2008-08-15 04:06]
[TMPZCA / 39U7BCBN8][Stopped/Disabled]
    <C:\WINDOWS\39U7BCBN8.exe -11U84D782ONR>  [drw.kills, 3.0.8.1, C:2008-08-15 20:16 M:2008-08-15 04:06]
[NG8MERW3KWPW / 3BVCPZC5U][Stopped/Disabled]
    <C:\WINDOWS\3BVCPZC5U.exe -88G27Q7>  [drw.kills, 3.0.8.1, C:2008-08-15 05:22 M:2008-08-15 04:06]
[TN4ZR0Z / 3CGJPEK70J][Stopped/Disabled]
    <C:\WINDOWS\3CGJPEK70J.exe -7J4X7>  [drw.kills, 3.0.8.1, C:2008-08-18 12:39 M:2008-08-15 04:06]
[NTBFN / 3HYBQ][Stopped/Disabled]
    <C:\WINDOWS\3HYBQ.exe -9H3Y1TPWPJ>  [drw.kills, 3.0.8.1, C:2008-08-15 04:32 M:2008-08-15 04:06]
[XERTT2VJK3F5 / 3JQ6HPDCMC3C][Stopped/Disabled]
    <C:\WINDOWS\3JQ6HPDCMC3C.exe -XI8EP5Q7>  [drw.kills, 3.0.8.1, C:2008-08-21 06:47 M:2008-08-15 04:06]
[FX7E8L6P0PX / 3OJY35JQA0P1][Stopped/Disabled]
    <C:\WINDOWS\3OJY35JQA0P1.exe -G1IK0RQCYZ3>  [drw.kills, 3.0.8.1, C:2008-08-16 13:47 M:2008-08-15 04:06]
[PEK6K2PPLER / 3X6IZE78][Stopped/Disabled]
    <C:\WINDOWS\system32\3X6IZE78.exe -XCGSPOXD>  [drw.kills, 3.0.8.1, C:2008-08-15 04:32 M:2008-08-15 04:06]
[00UEKS / 3YFS4WDBXYH][Stopped/Disabled]
    <C:\WINDOWS\system32\3YFS4WDBXYH.exe -24UCA>  [drw.kills, 3.0.8.1, C:2008-08-17 00:50 M:2008-08-15 04:06]
[3JBUO6Y9FE / 42DWZ][Stopped/Auto Start]
    <C:\WINDOWS\system32\42DWZ.exe -8EL06MZKHH>  [drw.kills, 3.0.8.1, C:2008-08-21 11:11 M:2008-08-15 04:06]
[UR07R7DUQYT / 45II8Y1G][Stopped/Disabled]
    <C:\WINDOWS\45II8Y1G.exe -4VZWOBLRO>  [drw.kills, 3.0.8.1, C:2008-08-21 06:32 M:2008-08-15 04:06]
[14OJAH2E / 47FSSIWWZX][Stopped/Disabled]
    <C:\WINDOWS\system32\47FSSIWWZX.exe -H99IAUE>  [drw.kills, 3.0.8.1, C:2008-08-16 13:42 M:2008-08-15 04:06]
[EJ08AMWJVTF / 4C8VVE][Stopped/Disabled]
    <C:\WINDOWS\4C8VVE.exe -HLI8I01BAHUF>  [drw.kills, 3.0.8.1, C:2008-08-16 13:47 M:2008-08-15 04:06]
[CWVR8I / 4F70OUCFC][Stopped/Disabled]
    <C:\WINDOWS\system32\4F70OUCFC.exe -HJUHQUP>  [drw.kills, 3.0.8.1, C:2008-08-18 12:38 M:2008-08-15 04:06]
[ANI2KYVUVN / 4GY0FBATM54][Stopped/Disabled]
    <C:\WINDOWS\4GY0FBATM54.exe -0PTNCVIVEK97>  [drw.kills, 3.0.8.1, C:2008-08-16 13:42 M:2008-08-15 04:06]
[S5UL7 / 4MNQ11H45][Stopped/Disabled]
    <C:\WINDOWS\4MNQ11H45.exe -D3EGV4103S>  [drw.kills, 3.0.8.1, C:2008-08-17 00:52 M:2008-08-15 04:06]
[HHRPW / 4QU7O1YZUNF][Stopped/Disabled]
    <C:\WINDOWS\system32\4QU7O1YZUNF.exe -0TM5XWLEH1>  [drw.kills, 3.0.8.1, C:2008-08-15 20:28 M:2008-08-15 04:06]
[KQQ9L3L90 / 4TVKXLXRXHB][Stopped/Disabled]
    <C:\WINDOWS\4TVKXLXRXHB.exe -VGITVX0CC0C>  [drw.kills, 3.0.8.1, C:2008-08-16 13:42 M:2008-08-15 04:06]
[721N1RO / 4XHTPV8B6LV][Stopped/Disabled]
    <C:\WINDOWS\system32\4XHTPV8B6LV.exe -XAXIRMRYGTK>  [drw.kills, 3.0.8.1, C:2008-08-17 00:50 M:2008-08-15 04:06]
[XDRMAX3SC8H / 5IMWICT][Stopped/Disabled]
    <C:\WINDOWS\system32\5IMWICT.exe -GWLMJ3IZN>  [drw.kills, 3.0.8.1, C:2008-08-15 05:22 M:2008-08-15 04:06]
[JJYDKXYVGTHT / 5RL0TSAMVM][Stopped/Disabled]
    <C:\WINDOWS\5RL0TSAMVM.exe -4ZM3NCDE5AT2>  [drw.kills, 3.0.8.1, C:2008-08-15 20:36 M:2008-08-15 04:06]
[48ZDNS6 / 5S4D9I8F][Stopped/Disabled]
    <C:\WINDOWS\5S4D9I8F.exe -XAQ64AU8YK>  [drw.kills, 3.0.8.1, C:2008-08-15 04:24 M:2008-08-15 04:06]
[CH4GA7FL8 / 5VXNGXH][Stopped/Disabled]
    <C:\WINDOWS\system32\5VXNGXH.exe -DBWZLU5OQIE>  [drw.kills, 3.0.8.1, C:2008-08-16 09:29 M:2008-08-15 04:06]
[CVQY6GKUU7 / 60DB72][Stopped/Disabled]
    <C:\WINDOWS\system32\60DB72.exe -ICJ8AW4>  [drw.kills, 3.0.8.1, C:2008-08-16 13:42 M:2008-08-15 04:06]
[9T9WBG / 641FGEMP][Stopped/Disabled]
    <C:\WINDOWS\641FGEMP.exe -65G76I9P>  [drw.kills, 3.0.8.1, C:2008-08-17 00:50 M:2008-08-15 04:06]
[58OW598 / 6A7EFELF71][Stopped/Disabled]
    <C:\WINDOWS\6A7EFELF71.exe -K0Z9M2>  [drw.kills, 3.0.8.1, C:2008-08-15 20:16 M:2008-08-15 04:06]
[DGW78SPL / 6AD23FSNF][Stopped/Disabled]
    <C:\WINDOWS\system32\6AD23FSNF.exe -QQWPOODC2>  [drw.kills, 3.0.8.1, C:2008-08-15 20:36 M:2008-08-15 04:06]
[WI87L7JLXM / 6J784HKVQ][Stopped/Disabled]
    <C:\WINDOWS\system32\6J784HKVQ.exe -TFAGZT7RZN9>  [drw.kills, 3.0.8.1, C:2008-08-17 00:50 M:2008-08-15 04:06]
[BC3604JI / 6Q2O4NC27N][Stopped/Disabled]
    <C:\WINDOWS\system32\6Q2O4NC27N.exe -DZS1RVA>  [drw.kills, 3.0.8.1, C:2008-08-16 13:42 M:2008-08-15 04:06]
[2HSX7 / 6QMAD][Stopped/Disabled]
    <C:\WINDOWS\system32\6QMAD.exe -WJIII>  [drw.kills, 3.0.8.1, C:2008-08-16 13:47 M:2008-08-15 04:06]
[5ED9Y / 76B5JAMBDLL][Stopped/Disabled]
    <C:\WINDOWS\system32\76B5JAMBDLL.exe -M1XAGRD62>  [drw.kills, 3.0.8.1, C:2008-08-18 12:38 M:2008-08-15 04:06]
[R7ZZR1MS7SY / 7AVJ69BV93T][Stopped/Disabled]
    <C:\WINDOWS\7AVJ69BV93T.exe -X88BSKL1>  [drw.kills, 3.0.8.1, C:2008-08-21 08:15 M:2008-08-15 04:06]
[Y4MF1IV / 7FED2GRY][Stopped/Disabled]
    <C:\WINDOWS\7FED2GRY.exe -CF3XMCC6V9RQ>  [drw.kills, 3.0.8.1, C:2008-08-16 13:47 M:2008-08-15 04:06]
[8H8N2SZ437 / 7IR1FEWD][Stopped/Disabled]
    <C:\WINDOWS\7IR1FEWD.exe -IDMG8NE8>  [drw.kills, 3.0.8.1, C:2008-08-15 20:36 M:2008-08-15 04:06]
[H1NUZT / 7K5LH][Stopped/Disabled]
    <C:\WINDOWS\system32\7K5LH.exe -ZD7VFVDQL>  [drw.kills, 3.0.8.1, C:2008-08-17 00:47 M:2008-08-15 04:06]
[PDF47PUEZN / 7V4LU6][Stopped/Disabled]
    <C:\WINDOWS\system32\7V4LU6.exe -14BBQ>  [drw.kills, 3.0.8.1, C:2008-08-16 13:43 M:2008-08-15 04:06]
[IWWT3UHM / 7WKZH1LU][Stopped/Disabled]
    <C:\WINDOWS\7WKZH1LU.exe -WUEG01HRK>  [drw.kills, 3.0.8.1, C:2008-08-16 13:42 M:2008-08-15 04:06]
[O7LHINGEWG3A / 82C0O][Stopped/Disabled]
    <C:\WINDOWS\system32\82C0O.exe -VCT2MPHVHV>  [drw.kills, 3.0.8.1, C:2008-08-15 20:27 M:2008-08-15 04:06]
[27D2JD3 / 85685][Stopped/Disabled]
    <C:\WINDOWS\85685.exe -NYOX3PVTROH4>  [drw.kills, 3.0.8.1, C:2008-08-15 20:36 M:2008-08-15 04:06]
[UDIEUTI6D / 87IK7R4X][Stopped/Disabled]
    <C:\WINDOWS\system32\87IK7R4X.exe -M4EV5X58>  [drw.kills, 3.0.8.1, C:2008-08-18 12:38 M:2008-08-15 04:06]
[PYPZHBSPT0 / 899QSS7QBA80][Stopped/Disabled]
    <C:\WINDOWS\899QSS7QBA80.exe -60JNSL37>  [drw.kills, 3.0.8.1, C:2008-08-16 09:25 M:2008-08-15 04:06]
[8561C4IXKE5 / 8DM6V904XR][Stopped/Disabled]
    <C:\WINDOWS\system32\8DM6V904XR.exe -TG178L>  [drw.kills, 3.0.8.1, C:2008-08-16 13:47 M:2008-08-15 04:06]
[ABM2DE6O / 8GXCO][Stopped/Disabled]
    <C:\WINDOWS\system32\8GXCO.exe -1VJVLOO1E97U>  [drw.kills, 3.0.8.1, C:2008-08-16 13:47 M:2008-08-15 04:06]
[4RBW107LF92E / 8NJ48][Stopped/Disabled]
    <C:\WINDOWS\system32\8NJ48.exe -OIYB65>  [drw.kills, 3.0.8.1, C:2008-08-16 13:42 M:2008-08-15 04:06]
[LB3TY6T / 8YJKY6A][Stopped/Disabled]
    <C:\WINDOWS\8YJKY6A.exe -RYMBUCFP2>  [drw.kills, 3.0.8.1, C:2008-08-15 20:16 M:2008-08-15 04:06]
[OOSON / 938HAP][Stopped/Disabled]
    <C:\WINDOWS\938HAP.exe -1ABG3WO>  [drw.kills, 3.0.8.1, C:2008-08-15 05:17 M:2008-08-15 04:06]
[ELVK8VGQZ9E6 / 95QPUJ0][Stopped/Disabled]
    <C:\WINDOWS\system32\95QPUJ0.exe -2W5AYV>  [drw.kills, 3.0.8.1, C:2008-08-21 08:14 M:2008-08-15 04:06]
[GNTV0V8S / 9GQ6XFDSRU][Stopped/Disabled]
    <C:\WINDOWS\9GQ6XFDSRU.exe -41RZ08EYN>  [drw.kills, 3.0.8.1, C:2008-08-21 06:46 M:2008-08-15 04:06]
[MYW7MZ7 / 9IMC8][Stopped/Disabled]
    <C:\WINDOWS\9IMC8.exe -5M79LDY4>  [drw.kills, 3.0.8.1, C:2008-08-16 13:42 M:2008-08-15 04:06]
[DAIMA4N6L8HZ / 9KZE0OS431B7][Stopped/Disabled]
    <C:\WINDOWS\system32\9KZE0OS431B7.exe -OFOVL50VHLS>  [drw.kills, 3.0.8.1, C:2008-08-15 20:36 M:2008-08-15 04:06]
[GQPM5COCJQ / A3WOVO91BZ][Stopped/Disabled]
    <C:\WINDOWS\system32\A3WOVO91BZ.exe -XDSHFPLOD6EW>  [drw.kills, 3.0.8.1, C:2008-08-15 20:16 M:2008-08-15 04:06]
[II159 / A7WS88QAJU0T][Stopped/Disabled]
    <C:\WINDOWS\A7WS88QAJU0T.exe -ZLLIU80>  [drw.kills, 3.0.8.1, C:2008-08-18 12:38 M:2008-08-15 04:06]
[DQIR3V / A9C973][Stopped/Disabled]
    <C:\WINDOWS\A9C973.exe -SAN25BODRY0>  [drw.kills, 3.0.8.1, C:2008-08-16 13:47 M:2008-08-15 04:06]
[YUAFT / AAUWSCGD][Stopped/Disabled]
    <C:\WINDOWS\system32\AAUWSCGD.exe -4KZYWU46VX7H>  [drw.kills, 3.0.8.1, C:2008-08-15 04:32 M:2008-08-15 04:06]
[Adobe LM Service / Adobe LM Service][Stopped/Disabled]
    <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe">  [Adobe Systems, 2.67.010, C:2007-06-19 11:05 M:2007-12-07 10:33]
[WEHWD8A175 / AGW57Z1P][Stopped/Disabled]
    <C:\WINDOWS\AGW57Z1P.exe -YG283>  [drw.kills, 3.0.8.1, C:2008-08-15 20:27 M:2008-08-15 04:06]
[MMSABB0PMXQ / AH2C8][Stopped/Disabled]
    <C:\WINDOWS\system32\AH2C8.exe -WVT2L2OA8E>  [drw.kills, 3.0.8.1, C:2008-08-17 00:52 M:2008-08-15 04:06]
[SNCYEM / AH9B3AN98DOM][Stopped/Disabled]
    <C:\WINDOWS\system32\AH9B3AN98DOM.exe -AM7S9SF>  [drw.kills, 3.0.8.1, C:2008-08-15 20:36 M:2008-08-15 04:06]
[AIZA2UZPD6 / ALO32][Stopped/Disabled]
    <C:\WINDOWS\system32\ALO32.exe -2Z8KV2C2>  [drw.kills, 3.0.8.1, C:2008-08-21 06:46 M:2008-08-15 04:06]
[U2O5MI6 / AN3DF2LVY][Stopped/Disabled]
    <C:\WINDOWS\system32\AN3DF2LVY.exe -2BKMZAD6F6W6>  [drw.kills, 3.0.8.1, C:2008-08-15 20:27 M:2008-08-15 04:06]
[ARP防火墙加载程序 / AntiARPClientLoader][Stopped/Disabled]
    <"C:\Program Files\彩影软件\ARP防火墙单机版\AntiARPClientLoader.exe">  []
[O3MK403I / ATWWNI][Stopped/Disabled]
    <C:\WINDOWS\system32\ATWWNI.exe -C5TXGFTPZDCI>  [drw.kills, 3.0.8.1, C:2008-08-17 00:50 M:2008-08-15 04:06]
[YOMODOB6 / AU4IOD1L1X3J][Stopped/Disabled]
    <C:\WINDOWS\system32\AU4IOD1L1X3J.exe -K2LAS8>  [drw.kills, 3.0.8.1, C:2008-08-18 12:38 M:2008-08-15 04:06]
[Autodesk Licensing Service / Autodesk Licensing Service][Stopped/Disabled]
    <"C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe">  [Autodesk, 2.66.000, C:2007-10-12 19:13 M:2007-12-06 08:32]
[0N28HO8W / AVCCX2TT4][Stopped/Disabled]
    <C:\WINDOWS\system32\AVCCX2TT4.exe -6SJJMM8NF2L>  [drw.kills, 3.0.8.1, C:2008-08-15 04:07 M:2008-08-15 04:06]
[AW3L6CS16R / B3MMEW][Stopped/Disabled]
    <C:\WINDOWS\B3MMEW.exe -27F2F14KBED>  [drw.kills, 3.0.8.1, C:2008-08-16 09:25 M:2008-08-15 04:06]
[RFPNU64YD / B4N063YCS0][Stopped/Disabled]
    <C:\WINDOWS\system32\B4N063YCS0.exe -HHHHFF>  [drw.kills, 3.0.8.1, C:2008-08-16 13:47 M:2008-08-15 04:06]
[F6GVV7 / B60R2][Stopped/Disabled]
    <C:\WINDOWS\B60R2.exe -VFIM3SV20R>  [drw.kills, 3.0.8.1, C:2008-08-15 20:27 M:2008-08-15 04:06]
[S8FX7BJ / BDVVE4HJ][Stopped/Auto Start]
    <C:\WINDOWS\system32\BDVVE4HJ.exe -4XU48LUG9R8>  [drw.kills, 3.0.8.1, C:2008-08-21 11:11 M:2008-08-15 04:06]
[JNY3LTR34JU / BIINOTUS][Stopped/Disabled]
    <C:\WINDOWS\BIINOTUS.exe -KGSWW44NKI>  [drw.kills, 3.0.8.1, C:2008-08-17 00:50 M:2008-08-15 04:06]
[J0HDW / BPBJPP][Stopped/Disabled]
    <C:\WINDOWS\BPBJPP.exe -JHCX9PQFAM>  [drw.kills, 3.0.8.1, C:2008-08-17 00:50 M:2008-08-15 04:06]
[K1LX7G369D / BQ4XCA][Stopped/Disabled]
    <C:\WINDOWS\BQ4XCA.exe -J6HMCHT>  [drw.kills, 3.0.8.1, C:2008-08-21 08:14 M:2008-08-15 04:06]
[BM3N1EXV / BRR18PC7OW][Stopped/Disabled]
    <C:\WINDOWS\BRR18PC7OW.exe -DCZHEFPW>  [drw.kills, 3.0.8.1, C:2008-08-16 13:42 M:2008-08-15 04:06]
[WAEGZK2IVI / BSZ20XMONWR][Stopped/Disabled]
    <C:\WINDOWS\BSZ20XMONWR.exe -1RVHBUJGK2U>  [drw.kills, 3.0.8.1, C:2008-08-16 13:47 M:2008-08-15 04:06]
[MHSLISAGL / C18ATT7][Stopped/Disabled]
    <C:\WINDOWS\system32\C18ATT7.exe -LSPPCW9M58>  [drw.kills, 3.0.8.1, C:2008-08-16 13:42 M:2008-08-15 04:06]
[XAWI4TQQ0PR6 / C8HIT673][Stopped/Disabled]
    <C:\WINDOWS\C8HIT673.exe -AAO55GL12>  [drw.kills, 3.0.8.1, C:2008-08-15 05:16 M:2008-08-15 04:06]
[UM314JD / CA9NJBP][Stopped/Disabled]
    <C:\WINDOWS\CA9NJBP.exe -3RWDU>  [drw.kills, 3.0.8.1, C:2008-08-16 13:47 M:2008-08-15 04:06]
[Contrl Center of Storm Media / ccosm][Stopped/Disabled]
    <C:\Program Files\Ringz Studio\Storm Codec\stormliv.exe /asservice>  [北京暴风网际科技有限公司, 3, 8, 6, 20, C:2008-03-11 14:33 M:2008-05-28 16:40]
[V8VLNUM9X5GM / CGXBTR][Stopped/Disabled]
    <C:\WINDOWS\system32\CGXBTR.exe -MLIA1KP>  [drw.kills, 3.0.8.1, C:2008-08-15 04:24 M:2008-08-15 04:06]
[6E8VJ4TJBI1M / CPUUMT81QJS][Stopped/Disabled]
    <C:\WINDOWS\CPUUMT81QJS.exe -ID8HYA8>  [drw.kills, 3.0.8.1, C:2008-08-16 13:47 M:2008-08-15 04:06]
[L3WD96 / CXU1KO][Stopped/Auto Start]
    <C:\WINDOWS\system32\CXU1KO.exe -WG5UQU189>  [drw.kills, 3.0.8.1, C:2008-08-21 11:11 M:2008-08-15 04:06]
[3SZM8UK5IG7 / DA9EOS][Stopped/Disabled]
    <C:\WINDOWS\DA9EOS.exe -HT5QSEY5C>  [drw.kills, 3.0.8.1, C:2008-08-16 13:42 M:2008-08-15 04:06]
[V1MG87SUS / DBXDG9VAU8][Stopped/Disabled]
    <C:\WINDOWS\system32\DBXDG9VAU8.exe -1ZJ5JNT3OFJW>  [drw.kills, 3.0.8.1, C:2008-08-17 00:47 M:2008-08-15 04:06]
[DCOM Service Process Manager / DCOMManager][Stopped/Auto Start]
    <C:\WINDOWS\system32\svchost.exe -k netsvcs --> "c:\windows\inf\pcidevices8.inf">  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
[C2AB3C8DKWOR / DETBGXKLCS][Stopped/Disabled]
    <C:\WINDOWS\DETBGXKLCS.exe -G5F0C8>  [drw.kills, 3.0.8.1, C:2008-08-15 05:22 M:2008-08-15 04:06]
[E7N8ER / DGYMIKPKT][Stopped/Disabled]
    <C:\WINDOWS\system32\DGYMIKPKT.exe -OL8YG6KEX6B5>  [drw.kills, 3.0.8.1, C:2008-08-16 09:25 M:2008-08-15 04:06]
[WGWR4 / DKWHFCQKDXK][Stopped/Disabled]
    <C:\WINDOWS\DKWHFCQKDXK.exe -U0G7CBQFB4IK>  [drw.kills, 3.0.8.1, C:2008-08-21 08:14 M:2008-08-15 04:06]
[LEJQAWRHTVDH / DOAKZHP32][Stopped/Disabled]
    <C:\WINDOWS\system32\DOAKZHP32.exe -13Y93K1>  [drw.kills, 3.0.8.1, C:2008-08-15 05:22 M:2008-08-15 04:06]
[9MVVLB41IIYK / DRLBTK][Stopped/Disabled]
    <C:\WINDOWS\system32\DRLBTK.exe -RPP0572SKSLM>  [drw.kills, 3.0.8.1, C:2008-08-16 09:25 M:2008-08-15 04:06]
[dtmu / dtmu][Stopped/Auto Start]
    <C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\yohp\iyrz.dll,Service -s>  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
[3FFAW3H / DVN8KIYP1C][Stopped/Disabled]
    <C:\WINDOWS\system32\DVN8KIYP1C.exe -0A04S>  [drw.kills, 3.0.8.1, C:2008-08-15 20:27 M:2008-08-15 04:06]
[FANFG / DX2EFY0JQBLD][Stopped/Disabled]
    <C:\WINDOWS\DX2EFY0JQBLD.exe -N8RZJ6>  [drw.kills, 3.0.8.1, C:2008-08-15 20:16 M:2008-08-15 04:06]
[ZTBKDQR / DYFS50AN63][Stopped/Disabled]
    <C:\WINDOWS\DYFS50AN63.exe -W2JJRF9T>  [drw.kills, 3.0.8.1, C:2008-08-16 09:25 M:2008-08-15 04:06]
[4AF3ZZ1IP69 / E22MS9TY9BOA][Stopped/Disabled]
    <C:\WINDOWS\system32\E22MS9TY9BOA.exe -0SRU6H>  [drw.kills, 3.0.8.1, C:2008-08-17 00:50 M:2008-08-15 04:06]
[J35GWJO / E2JZ0AJ][Stopped/Disabled]
    <C:\WINDOWS\E2JZ0AJ.exe -8PW73>  [drw.kills, 3.0.8.1, C:2008-08-15 05:22 M:2008-08-15 04:06]
[D910ZE / E6XE4BA9][Stopped/Disabled]
    <C:\WINDOWS\system32\E6XE4BA9.exe -WDVCB>  [drw.kills, 3.0.8.1, C:2008-08-16 13:35 M:2008-08-15 04:06]
[0MQPDRTJDR / E9YN6HZ][Stopped/Disabled]
    <C:\WINDOWS\system32\E9YN6HZ.exe -5J4MH>  [drw.kills, 3.0.8.1, C:2008-08-16 13:47 M:2008-08-15 04:06]
[FCFGDM / EBRF04][Stopped/Disabled]
    <C:\WINDOWS\EBRF04.exe -84QNZ>  [drw.kills, 3.0.8.1, C:2008-08-21 06:46 M:2008-08-15 04:06]
[KKABBX / EL18GKHWE][Stopped/Disabled]
    <C:\WINDOWS\system32\EL18GKHWE.exe -X4B2SF>  [drw.kills, 3.0.8.1, C:2008-08-16 13:47 M:2008-08-15 04:06]
[YUI2DYG / EPTOQ2][Stopped/Disabled]
    <C:\WINDOWS\EPTOQ2.exe -ZBYWNY8ZZ7>  [drw.kills, 3.0.8.1, C:2008-08-15 20:27 M:2008-08-15 04:06]
[1TBQYRA / EUNMA][Stopped/Disabled]
    <C:\WINDOWS\EUNMA.exe -DGLXUJTP>  [drw.kills, 3.0.8.1, C:2008-08-15 20:16 M:2008-08-15 04:06]
[7203C77YZPKI / EWARQ][Stopped/Disabled]
    <C:\WINDOWS\EWARQ.exe -HHJFPFC>  [drw.kills, 3.0.8.1, C:2008-08-15 20:28 M:2008-08-15 04:06]
[TME2ZLQ / F03HX3WWS3G][Stopped/Disabled]
    <C:\WINDOWS\F03HX3WWS3G.exe -CG9RSS2L8>  [drw.kills, 3.0.8.1, C:2008-08-15 19:19 M:2008-08-15 04:06]
[6D3LY / F80TB][Stopped/Disabled]
    <C:\WINDOWS\F80TB.exe -Z4FLOEGV50Z>  [drw.kills, 3.0.8.1, C:2008-08-17 00:50 M:2008-08-15 04:06]
[EDXT698UM0TY / F8GGTFCQAO][Stopped/Disabled]
    <C:\WINDOWS\system32\F8GGTFCQAO.exe -6LCSL8AJ>  [drw.kills, 3.0.8.1, C:2008-08-16 13:42 M:2008-08-15 04:06]
[LWTGAAM / F9R952QHSR][Stopped/Disabled]
    <C:\WINDOWS\F9R952QHSR.exe -9UJD0>  [drw.kills, 3.0.8.1, C:2008-08-16 12:21 M:2008-08-15 04:06]
[H0728PF / FEEUL][Stopped/Disabled]
    <C:\WINDOWS\system32\FEEUL.exe -Q1BXIFTQHQ>  [drw.kills, 3.0.8.1, C:2008-08-15 20:16 M:2008-08-15 04:06]
[7TBLS6O2 / FFU0W][Stopped/Disabled]
    <C:\WINDOWS\FFU0W.exe -6UH8HSW5I>  [drw.kills, 3.0.8.1, C:2008-08-16 09:25 M:2008-08-15 04:06]
[G3ZE5ZW / FI66R4H05LX][Stopped/Disabled]
    <C:\WINDOWS\system32\FI66R4H05LX.exe -9RJOXO8X>  [drw.kills, 3.0.8.1, C:2008-08-17 00:50 M:2008-08-15 04:06]
[W1XVX9LH1S1 / FKRD6][Stopped/Disabled]
    <C:\WINDOWS\FKRD6.exe -9XG7AHB2D>  [drw.kills, 3.0.8.1, C:2008-08-15 20:36 M:2008-08-15 04:06]
[ZNSE1RQSH3 / FOTMN8UFH][Stopped/Auto Start]
    <C:\WINDOWS\system32\FOTMN8UFH.exe -13CZEGJ292>  [drw.kills, 3.0.8.1, C:2008-08-21 11:11 M:2008-08-15 04:06]
[TBUVWLHF4 / FR2IF][Stopped/Disabled]
    <C:\WINDOWS\FR2IF.exe -M62MINC9>  [drw.kills, 3.0.8.1, C:2008-08-18 12:38 M:2008-08-15 04:06]
[G4OW36 / FWDMYAE3AI][Stopped/Disabled]
    <C:\WINDOWS\FWDMYAE3AI.exe -2YCVCMLTDGU>  [drw.kills, 3.0.8.1, C:2008-08-15 20:27 M:2008-08-15 04:06]
[WGS3TTEO / FWEHJ][Stopped/Disabled]
    <C:\WINDOWS\system32\FWEHJ.exe -N61K47G1T9T>  [drw.kills, 3.0.8.1, C:2008-08-16 09:25 M:2008-08-15 04:06]
[9Z5EC2K8OU78 / FYJKCCWF5JD][Stopped/Disabled]
    <C:\WINDOWS\FYJKCCWF5JD.exe -460F7Z>  [drw.kills, 3.0.8.1, C:2008-08-16 13:42 M:2008-08-15 04:06]
[8X7YI / G6JAN64][Stopped/Disabled]
    <C:\WINDOWS\system32\G6JAN64.exe -GBAOWMO0FI7>  [drw.kills, 3.0.8.1, C:2008-08-16 13:47 M:2008-08-15 04:06]
[FBCG9ZETV / G9R10779M0RV][Stopped/Disabled]
    <C:\WINDOWS\G9R10779M0RV.exe -DDDDHW>  [drw.kills, 3.0.8.1, C:2008-08-16 13:43 M:2008-08-15 04:06]
[5YEOZL114X9 / GGG5ID5KP4][Stopped/Disabled]
    <C:\WINDOWS\system32\GGG5ID5KP4.exe -YGGD7U3NZNE>  [drw.kills, 3.0.8.1, C:2008-08-17 00:47 M:2008-08-15 04:06]
[58F1D1I8O4 / GJNL9][Stopped/Disabled]
    <C:\WINDOWS\GJNL9.exe -SXM6SZMSL>  [drw.kills, 3.0.8.1, C:2008-08-15 20:36 M:2008-08-15 04:06]
[FPR6CB48QOCJ / GK73YJJ][Stopped/Disabled]
    <C:\WINDOWS\GK73YJJ.exe -H6QINVH>  [drw.kills, 3.0.8.1, C:2008-08-17 00:47 M:2008-08-15 04:06]
[PMFIP / GKHKP5E][Stopped/Disabled]
    <C:\WINDOWS\system32\GKHKP5E.exe -WL73PT6MJ>  [drw.kills, 3.0.8.1, C:2008-08-16 12:21 M:2008-08-15 04:06]
[ZP4BY2FLEU / GLLOWI3CIGA8][Stopped/Disabled]
    <C:\WINDOWS\GLLOWI3CIGA8.exe -R9PCBV>  [drw.kills, 3.0.8.1, C:2008-08-15 05:22 M:2008-08-15 04:06]
[WQY7HQ / GNG4L4A][Stopped/Disabled]
    <C:\WINDOWS\system32\GNG4L4A.exe -UNG5QKGSO5T5>  [drw.kills, 3.0.8.1, C:2008-08-15 05:22 M:2008-08-15 04:06]
[AVY7M543 / GOGUJB8][Stopped/Disabled]
    <C:\WINDOWS\system32\GOGUJB8.exe -HFO8X94YUR8D>  [drw.kills, 3.0.8.1, C:2008-08-21 06:47 M:2008-08-15 04:06]
[Z323KQU / GPYJD8FWIF][Stopped/Disabled]
    <C:\WINDOWS\system32\GPYJD8FWIF.exe -MSXCKZ>  [drw.kills, 3.0.8.1, C:2008-08-21 08:15 M:2008-08-15 04:06]
[HBGKY / GR4FOG][Stopped/Disabled]
    <C:\WINDOWS\system32\GR4FOG.exe -DQR57GX0WV6>  [drw.kills, 3.0.8.1, C:2008-08-15 20:36 M:2008-08-15 04:06]
[NNFUI / GRRUZJ5BO6][Stopped/Disabled]
    <C:\WINDOWS\system32\GRRUZJ5BO6.exe -1L2FNF3PEX>  [drw.kills, 3.0.8.1, C:2008-08-15 05:16 M:2008-08-15 04:06]
[XHFTGFAKU / GT3OURAS2][Stopped/Disabled]
    <C:\WINDOWS\system32\GT3OURAS2.exe -3H952EQ>  [drw.kills, 3.0.8.1, C:2008-08-16 09:25 M:2008-08-15 04:06]
[VP6M2RWT6 / GU6OXSXSYG6P][Stopped/Disabled]
    <C:\WINDOWS\system32\GU6OXSXSYG6P.exe -D2QPAST7L>  [drw.kills, 3.0.8.1, C:2008-08-16 13:47 M:2008-08-15 04:06]
[NPBYV5C / GWMPXJ][Stopped/Disabled]
    <C:\WINDOWS\GWMPXJ.exe -GI1V38>  [drw.kills, 3.0.8.1, C:2008-08-16 13:47 M:2008-08-15 04:06]
[07ZFIUX6AR / GX7I835HRW][Stopped/Disabled]
    <C:\WINDOWS\GX7I835HRW.exe -H9AMVYUY>  [drw.kills, 3.0.8.1, C:2008-08-18 12:38 M:2008-08-15 04:06]
[TNQQOZS / H152IWLPO5][Stopped/Disabled]
    <C:\WINDOWS\H152IWLPO5.exe -6WQ7XAXVE>  [drw.kills, 3.0.8.1, C:2008-08-16 13:35 M:2008-08-15 04:06]
[HOL9VT8MQ / H1H94AHY][Stopped/Disabled]
    <C:\WINDOWS\system32\H1H94AHY.exe -H9I3HV8B6QVX>  [drw.kills, 3.0.8.1, C:2008-08-16 12:21 M:2008-08-15 04:06]
[PQUNVB / H6UGVKIX3AQ6][Stopped/Disabled]
    <C:\WINDOWS\H6UGVKIX3AQ6.exe -8CY5R8U>  [drw.kills, 3.0.8.1, C:2008-08-20 22:12 M:2008-08-15 04:06]
[PGLVY4B / H92QMAO9][Stopped/Disabled]
    <C:\WINDOWS\system32\H92QMAO9.exe -19WI3Q>  [drw.kills, 3.0.8.1, C:2008-08-16 13:42 M:2008-08-15 04:06]
[NUADEGOVU / HAVXGNTAF][Stopped/Disabled]
    <C:\WINDOWS\system32\HAVXGNTAF.exe -9D58H>  [drw.kills, 3.0.8.1, C:2008-08-17 00:50 M:2008-08-15 04:06]
[P7J4TZD / HCXASNJ][Stopped/Disabled]
    <C:\WINDOWS\HCXASNJ.exe -MYE2X43KQA>  [drw.kills, 3.0.8.1, C:2008-08-18 12:38 M:2008-08-15 04:06]
[Human Interface Device Access / HidServ][Stopped/Disabled]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\hidserv.dll">  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
[1MOE75CX / HJK2VQOR78][Stopped/Disabled]
    <C:\WINDOWS\HJK2VQOR78.exe -J6U9L>  [drw.kills, 3.0.8.1, C:2008-08-15 05:22 M:2008-08-15 04:06]
[HLQ77I49V / HKV51][Stopped/Disabled]
    <C:\WINDOWS\system32\HKV51.exe -6QS7B5G>  [drw.kills, 3.0.8.1, C:2008-08-17 00:50 M:2008-08-15 04:06]
[2K43DPI / HLGB1W2C][Stopped/Disabled]
    <C:\WINDOWS\system32\HLGB1W2C.exe -RV01LVR>  [drw.kills, 3.0.8.1, C:2008-08-15 04:34 M:2008-08-15 04:06]
[9UVO7T26 / HS51BJC][Stopped/Disabled]
    <C:\WINDOWS\system32\HS51BJC.exe -GSQX0UVWI8>  [drw.kills, 3.0.8.1, C:2008-08-15 20:27 M:2008-08-15 04:06]
[084PCB6WR8 / I76SWTODGE][Stopped/Disabled]
    <C:\WINDOWS\I76SWTODGE.exe -YMAO9AH396>  [drw.kills, 3.0.8.1, C:2008-08-15 20:36 M:2008-08-15 04:06]
[O516YBG02 / I938HA][Stopped/Disabled]
    <C:\WINDOWS\I938HA.exe -4WRO0LWG40>  [drw.kills, 3.0.8.1, C:2008-08-15 05:22 M:2008-08-15 04:06]
[L7P266HE2QE / IBB2B][Stopped/Disabled]
    <C:\WINDOWS\system32\IBB2B.exe -QS1L54IXEIP>  [drw.kills, 3.0.8.1, C:2008-08-17 00:50 M:2008-08-15 04:06]
[X2DF8 / IF0C1A9A8R8W][Stopped/Disabled]
    <C:\WINDOWS\IF0C1A9A8R8W.exe -OEVW1>  [drw.kills, 3.0.8.1, C:2008-08-16 13:42 M:2008-08-15 04:06]
[9OE36ARC2CKP / IF88R8JYDNEQ][Stopped/Disabled]
    <C:\WINDOWS\system32\IF88R8JYDNEQ.exe -2RLW4DC>  [drw.kills, 3.0.8.1, C:2008-08-16 13:42 M:2008-08-15 04:06]
[KUFLL0 / IJFEXKQMGHXL][Stopped/Disabled]
    <C:\WINDOWS\IJFEXKQMGHXL.exe -Q9KM5>  [drw.kills, 3.0.8.1, C:2008-08-16 12:21 M:2008-08-15 04:06]
[XNKHZKM6TLD7 / IL8VR47XRV][Stopped/Disabled]
    <C:\WINDOWS\system32\IL8VR47XRV.exe -BTQ8V48FYE>  [drw.kills, 3.0.8.1, C:2008-08-16 13:47 M:2008-08-15 04:06]
[XK85F / IOJRZVRTI10O][Stopped/Disabled]
    <C:\WINDOWS\system32\IOJRZVRTI10O.exe -9RUN2TO1IMXT>  [drw.kills, 3.0.8.1, C:2008-08-21 07:13 M:2008-08-15 04:06]
[KTIGA1 / IQ00M][Stopped/Auto Start]
    <C:\WINDOWS\IQ00M.exe -MIS76>  [drw.kills, 3.0.8.1, C:2008-08-21 11:11 M:2008-08-15 04:06]
[TLXL8R7083XE / IQSDW][Stopped/Disabled]
    <C:\WINDOWS\system32\IQSDW.exe -RJWKSI2>  [drw.kills, 3.0.8.1, C:2008-08-15 20:27 M:2008-08-15 04:06]
[PQ4SU / IT6QM3][Stopped/Disabled]
    <C:\WINDOWS\IT6QM3.exe -F5D2HQQWM82>  [drw.kills, 3.0.8.1, C:2008-08-17 00:50 M:2008-08-15 04:06]
[6G6KNYQ91 / IX9OOD][Stopped/Auto Start]
    <C:\WINDOWS\IX9OOD.exe -GN8BR6>  [drw.kills, 3.0.8.1, C:2008-08-21 11:11 M:2008-08-15 04:06]
[O0PM8EX / J23ECO52B][Stopped/Disabled]
    <C:\WINDOWS\J23ECO52B.exe -562OQY>  [drw.kills, 3.0.8.1, C:2008-08-16 13:47 M:2008-08-15 04:06]
[3DIN2Q0DJ / J5BIN38T7][Stopped/Disabled]
    <C:\WINDOWS\J5BIN38T7.exe -F4ABE>  [drw.kills, 3.0.8.1, C:2008-08-16 13:42 M:2008-08-15 04:06]
[5CJE9MX3 / J5BNFRS9ME][Stopped/Disabled]
    <C:\WINDOWS\J5BNFRS9ME.exe -X3T02FDK6>  [drw.kills, 3.0.8.1, C:2008-08-16 09:25 M:2008-08-15 04:06]
[DYWJJAV6 / J66BJ4RLUSB7][Stopped/Disabled]
    <C:\WINDOWS\system32\J66BJ4RLUSB7.exe -11C9MG6OX>  [drw.kills, 3.0.8.1, C:2008-08-16 13:47 M:2008-08-15 04:06]
[24WEB9I9TY / JDB4MW][Stopped/Disabled]
    <C:\WINDOWS\system32\JDB4MW.exe -172PWH4LMW>  [drw.kills, 3.0.8.1, C:2008-08-16 13:47 M:2008-08-15 04:06]
[87A56308S7H / JG81EFN6GKC][Stopped/Disabled]
    <C:\WINDOWS\system32\JG81EFN6GKC.exe -VPZ89YZVC8K>  [drw.kills, 3.0.8.1, C:2008-08-16 13:42 M:2008-08-15 04:06]
[RW1ENJYIT / JGKFL8B][Stopped/Disabled]
    <C:\WINDOWS\JGKFL8B.exe -T82VYX5A1>  [drw.kills, 3.0.8.1, C:2008-08-18 12:38 M:2008-08-15 04:06]
[AR64ZNQ / JXZ39D8][Stopped/Disabled]
    <C:\WINDOWS\system32\JXZ39D8.exe -LZCQE570AT14>  [drw.kills, 3.0.8.1, C:2008-08-15 20:36 M:2008-08-15 04:06]
[Z78LD2YSANIJ / K6KYNK96582S][Stopped/Disabled]
    <C:\WINDOWS\K6KYNK96582S.exe -477ULN1DE3T0>  [drw.kills, 3.0.8.1, C:2008-08-16 13:47 M:2008-08-15 04:06]
[U4A1OTXV3 / K6UM0][Stopped/Disabled]
    <C:\WINDOWS\system32\K6UM0.exe -67H46DK>  [drw.kills, 3.0.8.1, C:2008-08-15 05:22 M:2008-08-15 04:06]
[NYR6R / KD9UQU3I249X][Stopped/Disabled]
    <C:\WINDOWS\system32\KD9UQU3I249X.exe -MYS4URH5T>  [drw.kills, 3.0.8.1, C:2008-08-18 12:38 M:2008-08-15 04:06]
[9G5WHIU2CJ5 / KEQHGNAU][Stopped/Disabled]
    <C:\WINDOWS\KEQHGNAU.exe -8LUCMF1XL7GU>  [drw.kills, 3.0.8.1, C:2008-08-17 00:47 M:2008-08-15 04:06]
[IURARC4B / KGSM2OZZV4][Stopped/Disabled]
    <C:\WINDOWS\system32\KGSM2OZZV4.exe -ENGPQ6>  [drw.kills, 3.0.8.1, C:2008-08-17 00:47 M:2008-08-15 04:06]
[IE0QJ0 / KTNEVR][Stopped/Disabled]
    <C:\WINDOWS\KTNEVR.exe -FJSOPM>  [drw.kills, 3.0.8.1, C:2008-08-16 13:42 M:2008-08-15 04:06]
[0MBGTR384G / KXH5J11O1][Stopped/Disabled]
    <C:\WINDOWS\system32\KXH5J11O1.exe -71L0SMR9>  [drw.kills, 3.0.8.1, C:2008-08-16 13:47 M:2008-08-15 04:06]
[A2UXS / KXXLWELMFZQW][Stopped/Disabled]
    <C:\WINDOWS\system32\KXXLWELMFZQW.exe -81DIO8KW>  [drw.kills, 3.0.8.1, C:2008-08-15 20:36 M:2008-08-15 04:06]
[GMLHX5CFXB / KZQPAN9AH][Stopped/Disabled]
    <C:\WINDOWS\system32\KZQPAN9AH.exe -RXS1BQUM7882>  [drw.kills, 3.0.8.1, C:2008-08-18 12:24 M:2008-08-15 04:06]
[NT Data Provider / lDOMANE][Stopped/Disabled]
    <C:\WINDOWS\SYSTEM32\RUNDLL2KXP.EXE C:\WINDOWS\SYSTEM32\WBEM\ATJZQ.DLL,Export 1087>  [Microsoft Corporation, 5, 1, 2600, 2709, C:2004-08-17 12:00 M:2004-08-17 12:00]
[46CPEEX0BRQ / LMSM1S][Stopped/Disabled]
    <C:\WINDOWS\LMSM1S.exe -C7CB4DLXA>  [drw.kills, 3.0.8.1, C:2008-08-21 08:14 M:2008-08-15 04:06]
[HAIDFWVO / LN3495HA][Stopped/Disabled]
    <C:\WINDOWS\LN3495HA.exe -E0HU5WLA6Y>  [drw.kills, 3.0.8.1, C:2008-08-16 13:47 M:2008-08-15 04:06]
[83QK7W4 / LQMLPP1][Stopped/Disabled]
    <C:\WINDOWS\LQMLPP1.exe -HLJMPOTHJ9H>  [drw.kills, 3.0.8.1, C:2008-08-15 20:36 M:2008-08-15 04:06]
[6AQ3VRC1UB0 / LSLUI][Stopped/Disabled]
    <C:\WINDOWS\system32\LSLUI.exe -GWDYC>  [drw.kills, 3.0.8.1, C:2008-08-17 00:50 M:2008-08-15 04:06]
[G9E2A9TT / LVC7XHOGQ95][Stopped/Disabled]
    <C:\WINDOWS\LVC7XHOGQ95.exe -EWLKZFKSJ>  [drw.kills, 3.0.8.1, C:2008-08-17 00:50 M:2008-08-15 04:06]
[CP5YGUF / LY3MYJ9U][Stopped/Disabled]
    <C:\WINDOWS\LY3MYJ9U.exe -2YTTAZMT57G>  [drw.kills, 3.0.8.1, C:2008-08-16 13:42 M:2008-08-15 04:06]
[Q9QZX1PPD / M10VB2SJ3Q][Stopped/Disabled]
    <C:\WINDOWS\system32\M10VB2SJ3Q.exe -7DVIBQUFFOO>  [drw.kills, 3.0.8.1, C:2008-08-17 00:47 M:2008-08-15 04:06]
[MAM4Q1 / M2FFF6EBA][Stopped/Disabled]
    <C:\WINDOWS\M2FFF6EBA.exe -8CICIZWMX6>  [drw.kills, 3.0.8.1, C:2008-08-15 20:27 M:2008-08-15 04:06]
[95WK88ZHJW81 / M2QD38P459F][Stopped/Disabled]
    <C:\WINDOWS\M2QD38P459F.exe -N81OC>  [drw.kills, 3.0.8.1, C:2008-08-15 20:36 M:2008-08-15 04:06]
[7HL6J02 / M4RLN8JQS][Stopped/Disabled]
    <C:\WINDOWS\M4RLN8JQS.exe -4E81TCY01UCO>  [drw.kills, 3.0.8.1, C:2008-08-16 13:47 M:2008-08-15 04:06]
[L4CTBE5H1BG / MGKUAVGH7ZR][Stopped/Auto Start]
    <C:\WINDOWS\MGKUAVGH7ZR.exe -SREFC1ZLL>  [drw.kills, 3.0.8.1, C:2008-08-21 11:11 M:2008-08-15 04:06]
[UAZVW1DEGVY / MHOEM9V9][Stopped/Disabled]
    <C:\WINDOWS\system32\MHOEM9V9.exe -XY8P4>  [drw.kills, 3.0.8.1, C:2008-08-17 00:47 M:2008-08-15 04:06]
[RaySat_3dsmax8 Server / mi-raysat_3dsmax8][Stopped/Disabled]
    <"C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe">  [N/A, C:2005-09-21 13:13 M:2007-12-05 22:04]
[P0FO5 / MM7CUSR][Stopped/Disabled]
    <C:\WINDOWS\system32\MM7CUSR.exe -8VOH0WOT3K>  [drw.kills, 3.0.8.1, C:2008-08-15 20:16 M:2008-08-15 04:06]
[MOT8M7 / MPH6UU84][Stopped/Disabled]
    <C:\WINDOWS\MPH6UU84.exe -334WDS4IN>  [drw.kills, 3.0.8.1, C:2008-08-16 09:24 M:2008-08-15 04:06]
[26U0B1PCUP / MU7U0EB][Stopped/Disabled]
    <C:\WINDOWS\MU7U0EB.exe -IGSG6LRL6TXW>  [drw.kills, 3.0.8.1, C:2008-08-15 04:07 M:2008-08-15 04:06]
[MTFOD8Z / NENA6XY0][Stopped/Disabled]
    <C:\WINDOWS\NENA6XY0.exe -6JJYG>  [drw.kills, 3.0.8.1, C:2008-08-17 00:50 M:2008-08-15 04:06]
[EQOMM6R / NF46LL9IC9WF][Stopped/Disabled]
    <C:\WINDOWS\NF46LL9IC9WF.exe -T7HMOWU>  [drw.kills, 3.0.8.1, C:2008-08-15 04:32 M:2008-08-15 04:06]
[LOOQ7 / NFWIW79][Stopped/Disabled]
    <C:\WINDOWS\NFWIW79.exe -AZBRQWSWYQB>  [drw.kills, 3.0.8.1, C:2008-08-16 09:29 M:2008-08-15 04:06]
[PLS39VV8H3S / NMUNM][Stopped/Disabled]
    <C:\WINDOWS\NMUNM.exe -EQB00ZSOUZG>  [drw.kills, 3.0.8.1, C:2008-08-16 13:42 M:2008-08-15 04:06]
[ZAI1HLK / NQVAXIAJL10][Stopped/Disabled]
    <C:\WINDOWS\system32\NQVAXIAJL10.exe -QFOKJ4>  [drw.kills, 3.0.8.1, C:2008-08-15 05:22 M:2008-08-15 04:06]
[ZQTWISJ05DE / NTNWCGSUWYDX][Stopped/Disabled]
    <C:\WINDOWS\system32\NTNWCGSUWYDX.exe -1LHFFUV4V>  [drw.kills, 3.0.8.1, C:2008-08-16 13:42 M:2008-08-15 04:06]
[WD0WH5TN / NXKGARVPVA7Z][Stopped/Disabled]
    <C:\WINDOWS\system32\NXKGARVPVA7Z.exe -KGBOF477WZO>  [drw.kills, 3.0.8.1, C:2008-08-17 00:50 M:2008-08-15 04:06]
[NAYV4J / NXYA9JN9WO2][Stopped/Disabled]
    <C:\WINDOWS\system32\NXYA9JN9WO2.exe -M3B2ANV>  [drw.kills, 3.0.8.1, C:2008-08-15 04:25 M:2008-08-15 04:06]
[A0LHBCY1 / NYEVRNBBCJ][Stopped/Disabled]
    <C:\WINDOWS\system32\NYEVRNBBCJ.exe -US8JA>  [drw.kills, 3.0.8.1, C:2008-08-16 13:47 M:2008-08-15 04:06]
[38ZY0G9 / O8H1U1][Stopped/Disabled]
    <C:\WINDOWS\system32\O8H1U1.exe -YMOECI4NQ>  [drw.kills, 3.0.8.1, C:2008-08-15 20:27 M:2008-08-15 04:06]
[AWWIO / O9SP9OEOGN][Stopped/Disabled]
    <C:\WINDOWS\system32\O9SP9OEOGN.exe -V8A42E4VA6>  [drw.kills, 3.0.8.1, C:2008-08-21 10:45 M:2008-08-15 04:06]
[PR757UP0GZ / OAIMPKRKNX5][Stopped/Disabled]
    <C:\WINDOWS\system32\OAIMPKRKNX5.exe -YOIIMWQ1GZR>  [drw.kills, 3.0.8.1, C:2008-08-16 13:42 M:2008-08-15 04:06]
[WV9LP7L / OE4NH][Stopped/Disabled]
    <C:\WINDOWS\OE4NH.exe -HS5AHNNCZV>  [drw.kills, 3.0.8.1, C:2008-08-16 12:21 M:2008-08-15 04:06]
[XRMF027 / OHBQV][Stopped/Disabled]
    <C:\WINDOWS\OHBQV.exe -GLITFLP3R1>  [drw.kills, 3.0.8.1, C:2008-08-16 12:21 M:2008-08-15 04:06]
[JEI3X3VYXM / OKIW995][Stopped/Disabled]
    <C:\WINDOWS\system32\OKIW995.exe -0E0VSU4DQ>  [drw.kills, 3.0.8.1, C:2008-08-18 12:38 M:2008-08-15 04:06]
[GQX913W6JR6 / OLDZ9B][Stopped/Disabled]
    <C:\WINDOWS\OLDZ9B.exe -GGPPX1>  [drw.kills, 3.0.8.1, C:2008-08-18 12:38 M:2008-08-15 04:06]
[QFPZLYS / ON104V][Stopped/Disabled]
    <C:\WINDOWS\system32\ON104V.exe -Z9HIGQZDTGK>  [drw.kills, 3.0.8.1, C:2008-08-15 05:22 M:2008-08-15 04:06]
[Q45JQ88QY / ON2FU9E6][Stopped/Disabled]
    <C:\WINDOWS\system32\ON2FU9E6.exe -X37DJSOUF>  [drw.kills, 3.0.8.1, C:2008-08-15 20:36 M:2008-08-15 04:06]
[C6FAKUEDG / OPI6AEOGG5A8][Stopped/Disabled]
    <C:\WINDOWS\system32\OPI6AEOGG5A8.exe -7UTY6T2LXM>  [drw.kills, 3.0.8.1, C:2008-08-21 07:39 M:2008-08-15 04:06]
[58802RV / OT62YD][Stopped/Disabled]
    <C:\WINDOWS\system32\OT62YD.exe -IJVF68>  [drw.kills, 3.0.8.1, C:2008-08-18 12:38 M:2008-08-15 04:06]
[595DUC / OU33MUQV][Stopped/Disabled]
    <C:\WINDOWS\system32\OU33MUQV.exe -034OY7PBX7B>  [drw.kills, 3.0.8.1, C:2008-08-17 00:50 M:2008-08-15 04:06]
[FZ0G3541 / OWD5T36BKYV8][Stopped/Disabled]
    <C:\WINDOWS\system32\OWD5T36BKYV8.exe -Y16VVEUM>  [drw.kills, 3.0.8.1, C:2008-08-21 06:32 M:2008-08-15 04:06]
[ZEG7CNEE41 / OXEW6ZA4][Stopped/Disabled]
    <C:\WINDOWS\OXEW6ZA4.exe -9WDKZIZGH>  [drw.kills, 3.0.8.1, C:2008-08-15 20:36 M:2008-08-15 04:06]
[J1ZHBHKK / P23VRQYR45][Stopped/Disabled]
    <C:\WINDOWS\P23VRQYR45.exe -D91XR>  [drw.kills, 3.0.8.1, C:2008-08-17 00:50 M:2008-08-15 04:06]
[9PKUQNR4 / P44HUI0CMU3P][Stopped/Disabled]
    <C:\WINDOWS\P44HUI0CMU3P.exe -VFTVS3SCZ4>  [drw.kills, 3.0.8.1, C:2008-08-17 00:50 M:2008-08-15 04:06]
[V22KHS7T / P5UXH85PLZ][Stopped/Disabled]
    <C:\WINDOWS\P5UXH85PLZ.exe -Q2W03S9>  [drw.kills, 3.0.8.1, C:2008-08-16 12:21 M:2008-08-15 04:06]
[5IYE9ST2M / PD93U][Stopped/Disabled]
    <C:\WINDOWS\PD93U.exe -PO5PI>  [drw.kills, 3.0.8.1, C:2008-08-16 13:47 M:2008-08-15 04:06]
[MXJAX / PDG7X][Stopped/Disabled]
    <C:\WINDOWS\system32\PDG7X.exe -O2HR7XHTDQRH>  [drw.kills, 3.0.8.1, C:2008-08-16 13:47 M:2008-08-15 04:06]
[GF451U / PLLUWFTDS9][Stopped/Disabled]
    <C:\WINDOWS\PLLUWFTDS9.exe -GH4ST6>  [drw.kills, 3.0.8.1, C:2008-08-17 00:47 M:2008-08-15 04:06]
[95HUV2G / PMD7S5NK57X7][Stopped/Auto Start]
    <C:\WINDOWS\PMD7S5NK57X7.exe -P43YCLZJ0GAU>  [drw.kills, 3.0.8.1, C:2008-08-21 11:11 M:2008-08-15 04:06]
[4C9CB3JQO / PRJNAZTX6R][Stopped/Disabled]
    <C:\WINDOWS\system32\PRJNAZTX6R.exe -N89RKA1>  [drw.kills, 3.0.8.1, C:2008-08-15 04:32 M:2008-08-15 04:06]
[946VY6W23 / PRNIK9848BEQ][Stopped/Disabled]
    <C:\WINDOWS\system32\PRNIK9848BEQ.exe -EI5G9KDNT>  [drw.kills, 3.0.8.1, C:2008-08-16 13:42 M:2008-08-15 04:06]
[19ALC3NI / PS0TEF9B][Stopped/Disabled]
    <C:\WINDOWS\system32\PS0TEF9B.exe -RZCD5FU>  [drw.kills, 3.0.8.1, C:2008-08-15 20:16 M:2008-08-15 04:06]
[3PQRSBU / PTPDVMFL][Stopped/Disabled]
    <C:\WINDOWS\system32\PTPDVMFL.exe -IX51VJIMG4O>  [drw.kills, 3.0.8.1, C:2008-08-16 12:21 M:2008-08-15 04:06]
[GBWRC0H4 / PUQ0L][Stopped/Disabled]
    <C:\WINDOWS\PUQ0L.exe -X9XGETMRPM>  [drw.kills, 3.0.8.1, C:2008-08-18 12:38 M:2008-08-15 04:06]
[IA667PB / PVNRBFM2C97G][Stopped/Disabled]
    <C:\WINDOWS\PVNRBFM2C97G.exe -M383OW>  [drw.kills, 3.0.8.1, C:2008-08-15 04:25 M:2008-08-15 04:06]
[G8WDDHFVO / Q4BXLB8NPF4][Stopped/Disabled]
    <C:\WINDOWS\system32\Q4BXLB8NPF4.exe -L8N5M>  [drw.kills, 3.0.8.1, C:2008-08-18 12:39 M:2008-08-15 04:06]
[46LYD / Q5IFSR][Stopped/Disabled]
    <C:\WINDOWS\system32\Q5IFSR.exe -CBX0MGX>  [drw.kills, 3.0.8.1, C:2008-08-16 13:42 M:2008-08-15 04:06]
[J7ZYGV / Q920I5X][Stopped/Disabled]
    <C:\WINDOWS\Q920I5X.exe -2RWST4>  [drw.kills, 3.0.8.1, C:2008-08-17 00:47 M:2008-08-15 04:06]
[QB2YN5MASS / Q9V57][Stopped/Disabled]
    <C:\WINDOWS\system32\Q9V57.exe -IHHAB>  [drw.kills, 3.0.8.1, C:2008-08-15 20:27 M:2008-08-15 04:06]
[OYR9RVH / QCT63U9PLTC][Stopped/Disabled]
    <C:\WINDOWS\system32\QCT63U9PLTC.exe -H1IKE7KKFZN0>  [drw.kills, 3.0.8.1, C:2008-08-16 23:11 M:2008-08-15 04:06]
[OJPBVTTA / QEWARQ6ENF8][Stopped/Disabled]
    <C:\WINDOWS\QEWARQ6ENF8.exe -203C77YZPK>  [drw.kills, 3.0.8.1, C:2008-08-15 20:36 M:2008-08-15 04:06]
[ARHQUYFNF6 / QIGBJO6SZ][Stopped/Disabled]
    <C:\WINDOWS\system32\QIGBJO6SZ.exe -FFZ2SUOV1NE>  [drw.kills, 3.0.8.1, C:2008-08-15 20:27 M:2008-08-15 04:06]
[MNUTYA / QIGEMBZN][Stopped/Disabled]
    <C:\WINDOWS\QIGEMBZN.exe -EDK0O>  [drw.kills, 3.0.8.1, C:2008-08-17 00:47 M:2008-08-15 04:06]
[KGB9TZM / QS6RH][Stopped/Disabled]
    <C:\WINDOWS\system32\QS6RH.exe -P6HZFK5EAL>  [drw.kills, 3.0.8.1, C:2008-08-17 00:50 M:2008-08-15 04:06]
[Qvod Terminal / Qvod Terminal][Stopped/Disabled]
    <C:\Program Files\QvodPlayer\QvodTerminal.exe>  [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53, C:2008-02-22 18:22 M:2008-02-22 18:22]
[S77SV / R7A0E][Stopped/Disabled]
    <C:\WINDOWS\R7A0E.exe -INU0AAV>  [drw.kills, 3.0.8.1, C:2008-08-21 07:13 M:2008-08-15 04:06]
[IQEADK3YLSC / R9IWRGE4LO][Stopped/Disabled]
    <C:\WINDOWS\R9IWRGE4LO.exe -NV7GIX8>  [drw.kills, 3.0.8.1, C:2008-08-15 20:27 M:2008-08-15 04:06]
[54TWEM / R9ZFU3I5][Stopped/Disabled]
    <C:\WINDOWS\system32\R9ZFU3I5.exe -Y5WO88M>  [drw.kills, 3.0.8.1, C:2008-08-15 05:22 M:2008-08-15 04:06]
[O7D36 / RDPL7VT4SY][Stopped/Disabled]
    <C:\WINDOWS\system32\RDPL7VT4SY.exe -KFRJLUL5HJO>  [drw.kills, 3.0.8.1, C:2008-08-15 05:16 M:2008-08-15 04:06]
[4Z6V0I / RHJ3UO2WZ8N][Stopped/Disabled]
    <C:\WINDOWS\RHJ3UO2WZ8N.exe -U5HQIX0H>  [drw.kills, 3.0.8.1, C:2008-08-15 04:24 M:2008-08-15 04:06]
[OQP7YE6FHL1 / RJTPJI][Stopped/Disabled]
    <C:\WINDOWS\system32\RJTPJI.exe -OTFWTP6>  [drw.kills, 3.0.8.1, C:2008-08-16 09:25 M:2008-08-15 04:06]
[5LC70ZK / RLE0DZB][Stopped/Disabled]
    <C:\WINDOWS\RLE0DZB.exe -PL4SZG4>  [drw.kills, 3.0.8.1, C:2008-08-17 00:50 M:2008-08-15 04:06]
[YFHEP1 / RLWDK0AC1M][Stopped/Disabled]
    <C:\WINDOWS\system32\RLWDK0AC1M.exe -BPW9IC>  [drw.kills, 3.0.8.1, C:2008-08-21 08:41 M:2008-08-15 04:06]
[Remote Tracking Client Service / RMTCS][Stopped/Disabled]
    <C:\WINDOWS\system32\rapimgr.exe>  []
[Remote Packet Capture Protocol v.0 (experimental) / rpcapd][Stopped/Disabled]
    <"%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini">  [N/A, C:2003-04-04 14:54 M:2007-12-07 10:38]
[Rising RealTime Monitor / RsRavMon][Stopped/Disabled]
    <"F:\工具\RISING\RAV\Ravmond.exe">  [N/A, C:2007-06-23 16:05 M:2008-08-14 22:26]
[LE3QY / RVSZIMP4P][Stopped/Disabled]
    <C:\WINDOWS\system32\RVSZIMP4P.exe -00CEHH>  [drw.kills, 3.0.8.1, C:2008-08-15 20:16 M:2008-08-15 04:06]
[P6C5MZ / RXB0EPA3Y][Stopped/Disabled]
    <C:\WINDOWS\system32\RXB0EPA3Y.exe -BSNHKPRS15C>  [drw.kills, 3.0.8.1, C:2008-08-16 13:42 M:2008-08-15 04:06]
[2OOU0IWP1 / RYJBH][Stopped/Disabled]
    <C:\WINDOWS\system32\RYJBH.exe -WG4YZWYA>  [drw.kills, 3.0.8.1, C:2008-08-17 00:50 M:2008-08-15 04:06]
[T4I0PQZ / S8UQFT2MW5][Stopped/Disabled]
    <C:\WINDOWS\S8UQFT2MW5.exe -QVK98YTQ>  [drw.kills, 3.0.8.1, C:2008-08-15 20:27 M:2008-08-15 04:06]
[Security Control / seictrl][Stopped/Auto Start]
    <c:\windows\system32\rundll32.exe dbi100.dll,scan>  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
[716O4 / SLGMG9A17][Stopped/Disabled]
    <C:\WINDOWS\SLGMG9A17.exe -CQ3WRBKT>  [drw.kills, 3.0.8.1, C:2008-08-17 00:50 M:2008-08-15 04:06]
[Cryptographic Machine / SmallCenter][Stopped/Auto Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "C:\WINDOWS\system32\vtpsh.dll">  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
[8H8GY6P / SN7HY4GS5IV][Stopped/Disabled]
    <C:\WINDOWS\system32\SN7HY4GS5IV.exe -NGFOHYK31WE>  [drw.kills, 3.0.8.1, C:2008-08-15 04:24 M:2008-08-15 04:06]
[Stormser / Stormser][Stopped/Disabled]
    <C:\PROGRA~1\RINGZS~1\STORMC~1\Stormser.exe>  [暴风网际, 1, 0, 0, 11, C:2008-06-28 22:01 M:2008-06-20 12:35]
[JPRNCO2 / SVNBA064][Stopped/Disabled]
    <C:\WINDOWS\system32\SVNBA064.exe -VY9YBGEA4A>  [drw.kills, 3.0.8.1, C:2008-08-16 13:42 M:2008-08-15 04:06]
[JSTACVFTJ1AJ / T5MITD4FAQ][Stopped/Disabled]
    <C:\WINDOWS\system32\T5MITD4FAQ.exe -86C3YOIU>  [drw.kills, 3.0.8.1, C:2008-08-15 20:27 M:2008-08-15 04:06]
[8JQ97Z6 / T8QZRFTD][Stopped/Auto Start]
    <C:\WINDOWS\system32\T8QZRFTD.exe -60D0KPRL>  [drw.kills, 3.0.8.1, C:2008-08-21 11:11 M:2008-08-15 04:06]
[A9HLU / TDJWSWOQ][Stopped/Disabled]
    <C:\WINDOWS\system32\TDJWSWOQ.exe -FNKNYO>  [drw.kills, 3.0.8.1, C:2008-08-15 20:36 M:2008-08-15 04:06]
[S730YPY8OJ7 / TFC56][Stopped/Disabled]
    <C:\WINDOWS\system32\TFC56.exe -KN7YOC5PH4NO>  [drw.kills, 3.0.8.1, C:2008-08-18 12:38 M:2008-08-15 04:06]
[MC6NQ / TII28GT5][Stopped/Disabled]
    <C:\WINDOWS\system32\TII28GT5.exe -2D24CUJIC7VJ>  [drw.kills, 3.0.8.1, C:2008-08-15 05:16 M:2008-08-15 04:06]
[CY2ZDOQ / TM2KCFY6A][Stopped/Disabled]
    <C:\WINDOWS\system32\TM2KCFY6A.exe -5DBFZGEK>  [drw.kills, 3.0.8.1, C:2008-08-16 13:47 M:2008-08-15 04:06]
[KKSF38NA4R / TO2R8QK][Stopped/Disabled]
    <C:\WINDOWS\TO2R8QK.exe -B1FVB6TQ>  [drw.kills, 3.0.8.1, C:2008-08-16 12:21 M:2008-08-15 04:06]
[mspx / TOlb][Stopped/Disabled]
    <C:\WINDOWS\system32\toolba.exe>  [N/A, C:2008-08-15 01:46 M:2008-08-15 01:46]
[Distributed Link Tracking Client Service / TrackingSS][Stopped/Disabled]
    <C:\WINDOWS\system32\service.exe>  []
[L03DDQXP5 / TRRPIBJ][Stopped/Disabled]
    <C:\WINDOWS\TRRPIBJ.exe -A4CM1X9N>  [drw.kills, 3.0.8.1, C:2008-08-15 20:27 M:2008-08-15 04:06]
[24AZPH / TVEOQK2JW][Stopped/Auto Start]
    <C:\WINDOWS\TVEOQK2JW.exe -B6SOLLP102V>  [drw.kills, 3.0.8.1, C:2008-08-21 11:11 M:2008-08-15 04:06]
[OV9DZWE7K / U08C89CBH][Stopped/Disabled]
    <C:\WINDOWS\system32\U08C89CBH.exe -OXAGH468PNS1>  [drw.kills, 3.0.8.1, C:2008-08-15 20:27 M:2008-08-15 04:06]
[G3H8MRR / U4GEA9H][Stopped/Disabled]
    <C:\WINDOWS\U4GEA9H.exe -J7T1043Z>  [drw.kills, 3.0.8.1, C:2008-08-15 20:36 M:2008-08-15 04:06]
[5ZLACQGWY5 / U5F0UT0XPPF][Stopped/Disabled]
    <C:\WINDOWS\system32\U5F0UT0XPPF.exe -9A13NE>  [drw.kills, 3.0.8.1, C:2008-08-16 12:21 M:2008-08-15 04:06]
[9I7JK / U9DS22B0E][Stopped/Disabled]
    <C:\WINDOWS\U9DS22B0E.exe -CCRQE9HAYJ5>  [drw.kills, 3.0.8.1, C:2008-08-18 12:24 M:2008-08-15 04:06]
[UG9FN / U9V2CJ7SHF8V][Stopped/Disabled]
    <C:\WINDOWS\U9V2CJ7SHF8V.exe -M65B84SA>  [drw.kills, 3.0.8.1, C:2008-08-15 20:27 M:2008-08-15 04:06]
[HC172 / U9X6803BPY3X][Stopped/Disabled]
    <C:\WINDOWS\U9X6803BPY3X.exe -XOXER9VUXB9>  [drw.kills, 3.0.8.1, C:2008-08-17 00:50 M:2008-08-15 04:06]
[OOYV9 / UAP1V0][Stopped/Disabled]
    <C:\WINDOWS\UAP1V0.exe -POPKIKQHOWC6>  [drw.kills, 3.0.8.1, C:2008-08-18 12:38 M:2008-08-15 04:06]
[57WC4T1NBY / UBOH1UJ4OW1][Stopped/Disabled]
    <C:\WINDOWS\system32\UBOH1UJ4OW1.exe -I6VHUQ>  [drw.kills, 3.0.8.1, C:2008-08-15 20:27 M:2008-08-15 04:06]
[FDJ2MZAFHSRE / UGXJXV5][Stopped/Disabled]
    <C:\WINDOWS\UGXJXV5.exe -90FAPUIN>  [drw.kills, 3.0.8.1, C:2008-08-15 20:36 M:2008-08-15 04:06]
[FI98I / UMZMNEEVLB][Stopped/Disabled]
    <C:\WINDOWS\UMZMNEEVLB.exe -GEYITI2SSK>  [drw.kills, 3.0.8.1, C:2008-08-17 00:50 M:2008-08-15 04:06]
[VMC4IC0BR7 / UR0Z8P2][Stopped/Disabled]
    <C:\WINDOWS\UR0Z8P2.exe -VC25IY>  [drw.kills, 3.0.8.1, C:2008-08-15 05:16 M:2008-08-15 04:06]
[KOZLCZ9L6 / UTC8T][Stopped/Auto Start]
    <C:\WINDOWS\UTC8T.exe -7V4DZW5>  [drw.kills, 3.0.8.1, C:2008-08-21 11:11 M:2008-08-15 04:06]
[F0M7NT0NWAJC / UYS9SD][Stopped/Disabled]
    <C:\WINDOWS\UYS9SD.exe -4GZ5T>  [drw.kills, 3.0.8.1, C:2008-08-17 00:50 M:2008-08-15 04:06]
[D2PQ7YVK / V0794E3FZ77][Stopped/Disabled]
    <C:\WINDOWS\V0794E3FZ77.exe -J1R4IMWLDY6>  [drw.kills, 3.0.8.1, C:2008-08-18 12:38 M:2008-08-15 04:06]
[PRWH3T72CG5 / VAWZ4S0KW][Stopped/Disabled]
    <C:\WINDOWS\system32\VAWZ4S0KW.exe -W40PP>  [drw.kills, 3.0.8.1, C:2008-08-17 00:47 M:2008-08-15 04:06]
[X2M956K00XN / VDUZ8LTN8G][Stopped/Disabled]
    <C:\WINDOWS\system32\VDUZ8LTN8G.exe -Y05QMH4PBVD>  [drw.kills, 3.0.8.1, C:2008-08-16 12:21 M:2008-08-15 04:06]
[O4MKTK7AK1 / VHGXIWK2AV][Stopped/Disabled]
    <C:\WINDOWS\system32\VHGXIWK2AV.exe -MO3HLP>  [drw.kills, 3.0.8.1, C:2008-08-17 00:50 M:2008-08-15 04:06]
[NVIDIA VideoCard Driver / VideoCard][Stopped/Disabled]
    <%SystemRoot%\IPdriver.exe>  []
[A1TEWIZWVO / VNOL70HL6DFV][Stopped/Disabled]
    <C:\WINDOWS\VNOL70HL6DFV.exe -JMLEX5LFJK>  [drw.kills, 3.0.8.1, C:2008-08-15 20:36 M:2008-08-15 04:06]
[BT85GATGHFBZ / VR232S7L9W][Stopped/Disabled]
    <C:\WINDOWS\system32\VR232S7L9W.exe -4OWXG7UX>  [drw.kills, 3.0.8.1, C:2008-08-15 20:36 M:2008-08-15 04:06]
[RWI16XY / VRAZWCG45QI][Stopped/Disabled]
    <C:\WINDOWS\VRAZWCG45QI.exe -BRXZHWATDY>  [drw.kills, 3.0.8.1, C:2008-08-17 00:50 M:2008-08-15 04:06]
[CHTA3IQKNNL2 / VSYM5O][Stopped/Disabled]
    <C:\WINDOWS\VSYM5O.exe -0MAMY29>  [drw.kills, 3.0.8.1, C:2008-08-15 05:16 M:2008-08-15 04:06]
[WX09OW / VUYTZD5F][Stopped/Disabled]
    <C:\WINDOWS\system32\VUYTZD5F.exe -SMJ6EGHHTZ>  [drw.kills, 3.0.8.1, C:2008-08-18 12:38 M:2008-08-15 04:06]
[CYHWDPG6M / VVN6C9J][Stopped/Disabled]
    <C:\WINDOWS\VVN6C9J.exe -UUISU0T3OH4G>  [drw.kills, 3.0.8.1, C:2008-08-15 05:16 M:2008-08-15 04:06]
[19QWAA8E5O / VWU8IE8UQ36I][Stopped/Disabled]
    <C:\WINDOWS\system32\VWU8IE8UQ36I.exe -V4PAO7NX>  [drw.kills, 3.0.8.1, C:2008-08-15 19:19 M:2008-08-15 04:06]
[IPDLDP3Y51E / VXEPPHHHNC][Stopped/Disabled]
    <C:\WINDOWS\system32\VXEPPHHHNC.exe -FWSSX90>  [drw.kills, 3.0.8.1, C:2008-08-15 04:22 M:2008-08-15 04:06]
[UREPI7 / WC2BOR2][Stopped/Disabled]
    <C:\WINDOWS\WC2BOR2.exe -YLZTZO1>  [drw.kills, 3.0.8.1, C:2008-08-15 20:16 M:2008-08-15 04:06]
[VVWWU9NXS / WDZTS0I3F][Stopped/Disabled]
    <C:\WINDOWS\WDZTS0I3F.exe -OG7LPT>  [drw.kills, 3.0.8.1, C:2008-08-15 05:22 M:2008-08-15 04:06]
[51736T0T / WKXT71TM][Stopped/Disabled]
    <C:\WINDOWS\WKXT71TM.exe -5JM04FNPM9AN>  [drw.kills, 3.0.8.1, C:2008-08-15 20:17 M:2008-08-15 04:06]
[Windows Media Player Network Sharing Service / WMPNetworkSvc][Stopped/Disabled]
    <"C:\Program Files\Windows Media Player\WMPNetwk.exe">  [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006), C:2006-11-02 23:06 M:2007-12-07 10:33]
[XUF50U2QIJ / WPJ6PXK][Stopped/Disabled]
    <C:\WINDOWS\WPJ6PXK.exe -AHT9V8>  [drw.kills, 3.0.8.1, C:2008-08-16 23:11 M:2008-08-15 04:06]
[96EGN / XANSCRYH646][Stopped/Disabled]
    <C:\WINDOWS\XANSCRYH646.exe -5ROCC5T4D1D>  [drw.kills, 3.0.8.1, C:2008-08-21 07:39 M:2008-08-15 04:06]
[PMKREZMV40I / XCD34MO85HLH][Stopped/Disabled]
    <C:\WINDOWS\system32\XCD34MO85HLH.exe -K97XRD4GZ1>  [drw.kills, 3.0.8.1, C:2008-08-16 09:25 M:2008-08-15 04:06]
[LW6K31PW6UY / XE4QSAXE4RM][Stopped/Disabled]
    <C:\WINDOWS\XE4QSAXE4RM.exe -OVVDL7K4X>  [drw.kills, 3.0.8.1, C:2008-08-15 20:16 M:2008-08-15 04:06]
[G2JUYUEXLD9P / XQ2ZE][Stopped/Disabled]
    <C:\WINDOWS\system32\XQ2ZE.exe -IJFPU9JV>  [drw.kills, 3.0.8.1, C:2008-08-15 05:22 M:2008-08-15 04:06]
[K82OD2Y49TT / XYIMKRMTXM][Stopped/Disabled]
    <C:\WINDOWS\XYIMKRMTXM.exe -IQY9XUBYEWA>  [drw.kills, 3.0.8.1, C:2008-08-21 08:41 M:2008-08-15 04:06]
[2UL92ZQ / Y30X690V63H6][Stopped/Auto Start]
    <C:\WINDOWS\system32\Y30X690V63H6.exe -O4XBSFNVC1>  [drw.kills, 3.0.8.1, C:2008-08-21 11:11 M:2008-08-15 04:06]
[8RNQI2KJSC / Y3DWF01][Stopped/Disabled]
    <C:\WINDOWS\Y3DWF01.exe -E5B9B7S>  [drw.kills, 3.0.8.1, C:2008-08-15 20:16 M:2008-08-15 04:06]
[DXELH / Y8HTHK0C302][Stopped/Disabled]
    <C:\WINDOWS\Y8HTHK0C302.exe -HBU1RGLNWG>  [drw.kills, 3.0.8.1, C:2008-08-17 00:49 M:2008-08-15 04:06]
[0UH5L / Y8N45Q][Stopped/Disabled]
    <C:\WINDOWS\Y8N45Q.exe -9PDDQHMIDI9>  [drw.kills, 3.0.8.1, C:2008-08-17 00:47 M:2008-08-15 04:06]
[TBBUB4ZG / YBGST25AS6L][Stopped/Disabled]
    <C:\WINDOWS\YBGST25AS6L.exe -LEFHG0R2>  [drw.kills, 3.0.8.1, C:2008-08-16 12:21 M:2008-08-15 04:06]
[6DDISGL744W / YD249PNDB][Stopped/Disabled]
    <C:\WINDOWS\system32\YD249PNDB.exe -KY167YC6T>  [drw.kills, 3.0.8.1, C:2008-08-16 13:47 M:2008-08-15 04:06]
[Q9E88JM0 / YEUABZDH][Stopped/Disabled]
    <C:\WINDOWS\system32\YEUABZDH.exe -3FV9E4>  [drw.kills, 3.0.8.1, C:2008-08-15 05:22 M:2008-08-15 04:06]
[GU1FTU87SQS / YHX3P707Q][Stopped/Disabled]
    <C:\WINDOWS\YHX3P707Q.exe -BZC0Q>  [drw.kills, 3.0.8.1, C:2008-08-16 13:42 M:2008-08-15 04:06]
[SCBUM6P4X / YKIZDZWS][Stopped/Disabled]
    <C:\WINDOWS\system32\YKIZDZWS.exe -F6QY0>  [drw.kills, 3.0.8.1, C:2008-08-17 00:50 M:2008-08-15 04:06]
[DYY4EJ4 / YKRWQ7][Stopped/Disabled]
    <C:\WINDOWS\system32\YKRWQ7.exe -VA68W5HVQXU>  [drw.kills, 3.0.8.1, C:2008-08-21 08:14 M:2008-08-15 04:06]
[HZGE08EG / YNE215MIQ0FM][Stopped/Disabled]
    <C:\WINDOWS\system32\YNE215MIQ0FM.exe -WU0C09FH>  [drw.kills, 3.0.8.1, C:2008-08-15 20:16 M:2008-08-15 04:06]
[J7L6B / YW70N6][Stopped/Disabled]
    <C:\WINDOWS\system32\YW70N6.exe -09N1R9T77F>  [drw.kills, 3.0.8.1, C:2008-08-15 05:22 M:2008-08-15 04:06]
[O76TTE2J / Z3STZM0ND][Stopped/Disabled]
    <C:\WINDOWS\system32\Z3STZM0ND.exe -9IAQV0>  [drw.kills, 3.0.8.1, C:2008-08-16 12:21 M:2008-08-15 04:06]
[YYX6Y4SX334S / Z7IXF][Stopped/Disabled]
    <C:\WINDOWS\Z7IXF.exe -PEJMBVXRIT>  [drw.kills, 3.0.8.1, C:2008-08-16 13:47 M:2008-08-15 04:06]
[89D4RASNGD / Z865QNQFE][Stopped/Disabled]
    <C:\WINDOWS\Z865QNQFE.exe -5IOF3315GFA8>  [drw.kills, 3.0.8.1, C:2008-08-15 05:22 M:2008-08-15 04:06]
[E2SE8AXE / ZONG8F3Z][Stopped/Disabled]
    <C:\WINDOWS\ZONG8F3Z.exe -AYRDIKBNJO>  [drw.kills, 3.0.8.1, C:2008-08-16 09:25 M:2008-08-15 04:06]
[WQQ98K80P7V0 / ZX4G1XZA3][Stopped/Disabled]
    <C:\WINDOWS\ZX4G1XZA3.exe -D3NQ6LZCCNC>  [drw.kills, 3.0.8.1, C:2008-08-15 04:22 M:2008-08-15 04:06]
[YIWR3PUBA / ZZT5GS2ZJMI2][Stopped/Disabled]
    <C:\WINDOWS\ZZT5GS2ZJMI2.exe -SV9IF7TFTK98>  [drw.kills, 3.0.8.1, C:2008-08-15 05:22 M:2008-08-15 04:06]

[BoBoTurbo / BoBoTurbo][Stopped/Disabled]
    <C:\WINDOWS\system32\BoBoTurbo\BoBoTurbo.exe>  [(Verified)广州易播信息科技有限公司, 1, 4, 1011, 2, C:2007-10-01 15:33 M:2007-10-11 18:06]
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
    <%SystemRoot%\system32\nvsvc32.exe>  [(Verified)NVIDIA Corporation, 6.14.10.9136, C:1980-01-01 00:00 M:2006-07-12 13:19]
[Rising Proxy  Service / RfwProxySrv][Stopped/Disabled]
    <f:\工具\rising\rising\rfw\rfwproxy.exe>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.37, C:2007-11-05 10:29 M:2008-07-30 16:19]
[Rising Personal Firewall Service / RfwService][Stopped/Disabled]
    <f:\工具\rising\rising\rfw\rfwsrv.exe>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.76, C:2007-11-05 10:29 M:2008-07-27 09:11]
[Remote Procedure Call (RPC) / RpcSs][Running/Auto Start]
    <%SystemRoot%\system32\svchost -k rpcss --> "C:\WINDOWS\system32\srpcss.dll">  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|N/A, C:2004-08-17 12:00 M:2005-07-26 12:39]
[Rising Process Communication Center / RsCCenter][Stopped/Disabled]
    <"F:\工具\Rising\Rav\CCenter.exe">  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.33, C:2007-11-05 11:18 M:2008-07-28 14:53]


========================================
驱动

[LF1UWEY / 6LQPSP][Stopped/Manual Start]
    <\??\C:\WINDOWS\5VOJ81NG5.txt>  [N/A, C:2008-08-21 07:46 M:2008-08-21 07:46]
[805m / 805m][Stopped/Boot Start]
    <system32\drivers\805m.sys>  [N/A, C:2004-08-17 12:00 M:2004-08-17 12:00]
[VMQ7V / 9J2KF8P][Stopped/Manual Start]
    <\??\C:\WINDOWS\2GSSUF.txt>  [N/A, C:2008-08-21 10:50 M:2008-08-21 10:50]
[8GCIR6ROY / 9SEXO][Stopped/Manual Start]
    <\??\C:\WINDOWS\XROIGII11.txt>  []
[ADI UAA Function Driver for High Definition Audio Service / ADIHdAudAddService][Running/Manual Start]
    <system32\drivers\ADIHdAud.sys>  [Analog Devices, Inc., PRE-RELEASE built by: WinDDK, C:2007-05-06 15:40 M:2006-07-05 00:01]
[AEAudio Service / AEAudioService][Running/Manual Start]
    <system32\drivers\AEAudio.sys>  [Andrea Electronics Corporation, 4.1.32.25, C:2007-05-06 15:40 M:2005-12-19 16:00]
[AMD K8 Processor Driver / AmdK8][Stopped/Manual Start]
    <System32\DRIVERS\amdk8.sys>  [Advanced Micro Devices, 1.1.0 (srv03_sp1_rtm.050324-1447), C:2005-08-12 09:09 M:2005-05-21 20:43]
[AntiARP NDIS Protocol Driver / AntiArpNdisProt][Running/Auto Start]
    <system32\DRIVERS\AntiArpNdisProt.sys>  [Windows (R) 2000 DDK provider, 5.00.2195.6717, C:2007-10-17 13:33 M:2007-10-17 13:33]
[Atixeve2859 / Atixeve2859][Stopped/Manual Start]
    <\??\C:\DOCUME~1\woe\LOCALS~1\Temp\~wxp2ins.656.tmp>  []
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
    <System32\DRIVERS\BaseTDI.SYS>  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 5, C:2007-06-23 16:05 M:2007-06-23 16:34]
[BdGuard / BdGuard][Running/Boot Start]
    <system32\drivers\BDGuard.SYS>  [Copyright (C) 2005, 1, 0, 12, 0, C:2007-11-20 19:32 M:2007-11-20 19:32]
[d347bus / d347bus][Running/Boot Start]
    <system32\DRIVERS\d347bus.sys>  [ , 3.47.0.0 built by: WinDDK, C:2007-06-18 23:51 M:2004-08-22 16:31]
[d347prt / d347prt][Running/Boot Start]
    <System32\Drivers\d347prt.sys>  [ , 3.47.0.0 built by: WinDDK, C:2007-06-18 23:51 M:2004-08-22 16:31]
[e2o8jcva / e2o8jcva][Running/Boot Start]
    <System32\DRIVERS\e2o8jcva.sys>  [N/A, C:2004-08-17 12:00 M:2004-08-17 12:00]
[ec3e6508c0d7c9ad / ec3e6508c0d7c9ad][Stopped/Manual Start]
    <\??\C:\ec3e6508c0d7c9ad.dat>  []
[gqjls / gqjls][Running/Boot Start]
    <System32\DRIVERS\gqjls.sys>  [N/A, C:2004-08-17 12:00 M:2004-08-17 12:00]
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
    <system32\DRIVERS\HDAudBus.sys>  [Windows (R) Server 2003 DDK provider, 5.10.01.5013 built by: WinDDK, C:1980-01-01 00:00 M:2005-01-07 17:07]
[IIS Manager  / IIS Manager ][Stopped/Manual Start]
    <\??\C:\DOCUME~1\woe\LOCALS~1\Temp\1.tmp>  [N/A, C:2008-08-21 07:19 M:2008-08-21 07:19]
[IX4IH66SUA1 / KDXOAC51KCL7][Stopped/Manual Start]
    <\??\C:\WINDOWS\BL4VQNJ242.txt>  []
[OME5VMY6Q1 / L471JP][Stopped/Manual Start]
    <\??\C:\WINDOWS\7VOMSZ2M.txt>  []
[78791 / L66G3AL][Stopped/Manual Start]
    <\??\C:\WINDOWS\ORS4YY52ZG.txt>  [N/A, C:2008-08-21 07:55 M:2008-08-21 07:55]
[5ADLK1BHN05Z / MOOQ6][Stopped/Manual Start]
    <\??\C:\WINDOWS\1YE5W.txt>  []
[ATK0110 ACPI UTILITY / MTsensor][Running/Manual Start]
    <system32\DRIVERS\ASACPI.sys>  [1043, 2, 15, 37, C:1980-01-01 00:00 M:2004-08-13 10:56]
[Nessery / Nessery][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\Nessery.sys>  []
[npkcrypt / npkcrypt][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\npkcrypt.sys>  []
[npkycryp / npkycryp][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\npkycryp.sys>  []
[p2pfilter / p2pfilter][Stopped/Manual Start]
    <\??\C:\Program Files\p2pover\p2pfilter.sys>  [N/A, C:2005-05-10 21:23 M:2005-05-10 21:23]
[QKeyServiceDisplay / QKeyService][Running/Boot Start]
    <system32\KeyCrypt.sys>  [ Tencent Technology (Shenzhen) Company Limited, 1, 0, 0, 9, C:2008-01-04 11:53 M:2008-06-28 18:38]
[Srramdisk Driver / RRamdisk][Running/Boot Start]
    <system32\DRIVERS\rramdisk.sys>  [gavotte, 1.0.2003.1209, C:2008-04-06 04:16 M:2003-12-09 10:04]
[SenFilt Service / SenFiltService][Running/Manual Start]
    <system32\drivers\Senfilt.sys>  [Sensaura, 5.10.00.3519, C:2007-05-06 15:40 M:2005-06-07 16:00]
[sysHostSvc / sysHostSvc][Running/Auto Start]
    <\??\C:\WINDOWS\system32\drivers\GuiHelp.sys>  [Microsoft Corporation, 5, 1, 2467, 4, C:2006-11-07 01:06 M:2006-11-07 01:06]
[2D76BV6Y942 / T8TYXAB][Stopped/Manual Start]
    <\??\C:\WINDOWS\K2XE5E5GRI2.txt>  [N/A, C:2008-08-21 06:33 M:2008-08-21 06:33]
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
    <system32\DRIVERS\tcpip.sys>  [Microsoft Corporation, 5.1.2600.3394 (xpsp_sp2_gdr.080620-1245), C:2004-08-17 12:00 M:2008-06-20 18:45]
[tdfgcz16 / tdfgcz16][Running/Boot Start]
    <System32\DRIVERS\tdfgcz16.sys>  [N/A, C:2004-08-17 12:00 M:2007-04-16 23:54]
[10moons UAD Device / TridDev][Stopped/Manual Start]
    <system32\DRIVERS\Triddev.sys>  [Trident Microsystem Inc., 1.05.0917.04, C:2008-03-07 16:20 M:2005-04-26 15:01]
[10moons USB TV BOX / TridVid][Stopped/Manual Start]
    <system32\DRIVERS\TridVid.sys>  [10moons Technologies Co.,Ltd, 1.0, C:2008-03-07 16:20 M:2007-07-02 17:15]
[97Z1WK6W5AW / U5C65TP1DN][Stopped/Manual Start]
    <\??\C:\WINDOWS\IIH5YN6ZSJ.txt>  []
[UnlockerDriver5 / UnlockerDriver5][/Boot Start]
    <\??\C:\Program Files\Unlocker\UnlockerDriver5.sys>  [N/A, C:2008-05-02 12:15 M:2008-05-02 12:15]
[LGE Mobile Composite USB Device / usbbus][Stopped/Manual Start]
    <system32\DRIVERS\lgusbbus.sys>  []
[LGE Mobile USB Modem / USBModem][Stopped/Manual Start]
    <system32\DRIVERS\lgusbmodem.sys>  []
[TWORA8V8Z4H / WILIGE][Stopped/Manual Start]
    <\??\C:\WINDOWS\LNEH8S2U90T.txt>  []
[xAntiArpSpoof Service / xAntiArp][Running/Manual Start]
    <system32\DRIVERS\xAntiArp.sys>  [Windows (R) 2000 DDK provider, 5.00.2195.6717, C:2007-12-06 14:16 M:2007-12-06 14:16]
[KDPAXQAFP9IE / ZBQD8MET4][Stopped/Manual Start]
    <\??\C:\WINDOWS\94H1S.txt>  [N/A, C:2008-08-20 22:14 M:2008-08-20 22:14]
[BCZ8YR3G / ZC448ZMIZFYG][Stopped/Manual Start]
    <\??\C:\WINDOWS\1YPY1K.txt>  [N/A, C:2008-08-21 06:48 M:2008-08-21 06:48]

[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
    <system32\drivers\ac97intc.sys>  [(Verified)Intel Corporation, 5.10.3523 built by: WinDDK, C:2006-11-07 01:20 M:2001-08-17 12:20]
[AliIde / AliIde][Running/Boot Start]
    <System32\DRIVERS\aliide.sys>  [(Verified)Acer Laboratories Inc., 1.20, C:2005-06-29 18:14 M:2005-06-16 08:58]
[CmdIde / CmdIde][Running/Boot Start]
    <System32\DRIVERS\cmdide.sys>  [(Verified)CMD Technology, Inc., 2.0.7 (XPClient.010817-1148), C:2004-04-12 20:37 M:2001-08-31 15:29]
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
    <system32\DRIVERS\fetnd5.sys>  [(Verified)VIA Technologies, Inc.              , 2.66, C:2006-11-07 01:20 M:2001-08-17 12:13]
[HookCont / HookCont][Running/System Start]
    <\SystemRoot\system32\drivers\HookCont.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 7, C:2007-11-05 11:18 M:2008-07-28 14:53]
[HookNtos / HookNtos][Running/System Start]
    <\SystemRoot\system32\drivers\HookNtos.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 50, C:2007-11-05 11:19 M:2008-07-28 14:53]
[HookReg / HookReg][Running/System Start]
    <\SystemRoot\system32\drivers\HookReg.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 28, C:2007-11-05 11:19 M:2008-07-28 14:53]
[HookSys / HookSys][Running/System Start]
    <\SystemRoot\system32\drivers\HookSys.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 54, C:2007-11-05 11:18 M:2008-07-28 14:53]
[HookUrl / HookUrl][Running/Auto Start]
    <\??\F:\工具\Rising\Rising\Rfw\HookUrl.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.12, C:2007-11-05 10:29 M:2008-07-30 16:19]
[nv / nv][Running/Manual Start]
    <system32\DRIVERS\nv4_mini.sys>  [(Verified)NVIDIA Corporation, 6.14.10.9136, C:2006-11-07 01:20 M:2006-07-12 13:19]
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
    <system32\DRIVERS\ptilink.sys>  [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:2004-08-17 12:00 M:2004-08-17 12:00]
[Rising  Rfwbase Driver / RfwBase][Running/Auto Start]
    <System32\DRIVERS\rfwbase.SYS>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.10, C:2007-11-05 10:30 M:2008-07-30 16:19]
[RsFwDrv / RsFwDrv][Running/System Start]
    <\??\F:\工具\Rising\Rising\Rfw\RsFwDrv.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.34, C:2007-11-05 10:29 M:2008-07-30 16:19]
[RsNTGDI / RsNTGDI][Running/Boot Start]
    <system32\Drivers\RsNTGdi.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 3, C:2007-06-23 16:25 M:2008-07-28 14:54]
[Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver / RTLE8023xp][Running/Manual Start]
    <system32\DRIVERS\Rtenicxp.sys>  [(Verified)Realtek Semiconductor Corporation                           , 5.664.0205.2007 built by: WinDDK, C:1980-01-01 00:00 M:2007-02-07 00:43]
[Secdrv / Secdrv][Stopped/Manual Start]
    <system32\DRIVERS\secdrv.sys>  [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:2004-08-17 12:00 M:2007-11-13 18:25]
[TesSafe / TesSafe][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\TesSafe.sys>  [(Verified)TENCENT, 0, 0, 8, 2, C:2007-12-28 11:00 M:2008-08-02 12:36]


========================================
进程

[PID: 1048 / SYSTEM]   \SystemRoot\System32\smss.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]

[PID: 1104 / SYSTEM]   \??\C:\WINDOWS\system32\csrss.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\gdipro.dll  [N/A, C:2004-08-17 12:00 M:2005-07-26 12:39]
    C:\WINDOWS\system32\sys07003.dll  [N/A, C:2004-08-17 12:00 M:2005-07-26 12:39]

[PID: 1128 / SYSTEM]   \??\C:\WINDOWS\system32\winlogon.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]

[PID: 1172 / SYSTEM]   C:\WINDOWS\system32\services.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]

[PID: 1184 / SYSTEM]   C:\WINDOWS\system32\lsass.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]

[PID: 1340 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]

[PID: 1412 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    c:\windows\system32\srpcss.dll  [N/A, C:2004-08-17 12:00 M:2005-07-26 12:39]

[PID: 1540 / SYSTEM]   C:\WINDOWS\System32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\System32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]

[PID: 1884 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]

[PID: 1916 / LOCAL SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]

[PID: 296 / SYSTEM]   C:\WINDOWS\system32\spoolsv.exe   [(Verified)Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519), C:2004-08-17 12:00 M:2005-06-11 07:53]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]

[PID: 704 / woe]   C:\WINDOWS\Explorer.EXE   [(Verified)Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234), C:2004-08-17 12:00 M:2007-06-13 21:21]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\WINDOWS\system32\kqeea.dll  [N/A, C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\adsntzt.dll  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    C:\WINDOWS\system32\avicapwm.dll  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    C:\WINDOWS\system32\lweurqhx.dll  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    C:\WINDOWS\system32\certmgrkd.dll  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    C:\WINDOWS\system32\tuxumyls.dll  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    C:\WINDOWS\system32\imgutilhx2.dll  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    C:\WINDOWS\system32\bootvidgj.dll  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    C:\WINDOWS\system32\cliconfgzx.dll  [N/A, C:2001-08-14 22:27 M:2001-08-14 22:27]
    C:\WINDOWS\system32\ybh7sz.dll  [N/A, C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\browselc.dll  [Microsoft Corporation, 6.00.2600.0000, C:1980-01-01 00:00 M:2001-09-29 14:39]
    C:\Program Files\Unlocker\UnlockerCOM.dll  [N/A, C:2008-05-02 12:15 M:2008-05-02 12:15]
    C:\Program Files\WinRAR\rarext.dll  [N/A, C:2007-02-01 13:57 M:2006-12-04 18:43]
    C:\WINDOWS\system32\RavExt.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2007-05-07 08:07 M:2008-07-28 14:53]
    F:\工具\Rising\Rav\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2007-11-05 11:18 M:2008-07-28 14:54]

[PID: 1100 / SYSTEM]   C:\WINDOWS\system32\nvsvc32.exe   [(Verified)NVIDIA Corporation, 6.14.10.9136, C:1980-01-01 00:00 M:2006-07-12 13:19]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]

[PID: 1960 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]

[PID: 224 / woe]   C:\WINDOWS\system32\ctfmon.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\WINDOWS\system32\cliconfgzx.dll  [N/A, C:2001-08-14 22:27 M:2001-08-14 22:27]
    C:\WINDOWS\system32\bootvidgj.dll  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    C:\WINDOWS\system32\imgutilhx2.dll  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    C:\WINDOWS\system32\tuxumyls.dll  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    C:\WINDOWS\system32\certmgrkd.dll  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    C:\WINDOWS\system32\lweurqhx.dll  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    C:\WINDOWS\system32\avicapwm.dll  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    C:\WINDOWS\system32\adsntzt.dll  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]

[PID: 668 / woe]   C:\WINDOWS\system32\conime.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\WINDOWS\system32\cliconfgzx.dll  [N/A, C:2001-08-14 22:27 M:2001-08-14 22:27]
    C:\WINDOWS\system32\bootvidgj.dll  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    C:\WINDOWS\system32\imgutilhx2.dll  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    C:\WINDOWS\system32\tuxumyls.dll  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    C:\WINDOWS\system32\certmgrkd.dll  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    C:\WINDOWS\system32\lweurqhx.dll  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    C:\WINDOWS\system32\avicapwm.dll  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    C:\WINDOWS\system32\adsntzt.dll  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]

[PID: 2664 / SYSTEM]   C:\WINDOWS\System32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\System32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]

[PID: 3416 / woe]   C:\Program Files\Maxthon2\Maxthon.exe   [Maxthon International ltd., 2, 0, 1, 7022, C:1980-01-01 00:00 M:2007-02-13 17:03]
    C:\Program Files\Maxthon2\mxpp.dll  [Maxthon, 1, 0, 0, 12, C:1980-01-01 00:00 M:2007-01-11 11:32]
    C:\Program Files\Maxthon2\MxSk.dll  [Maxthon, 1, 0, 0, 104, C:1980-01-01 00:00 M:2007-01-26 16:41]
    C:\Program Files\Maxthon2\MxProxy2.dll  [Maxthon Copyright (C) 2005, 1, 0, 0, 2473, C:1980-01-01 00:00 M:2007-02-13 10:52]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\WINDOWS\system32\cliconfgzx.dll  [N/A, C:2001-08-14 22:27 M:2001-08-14 22:27]
    C:\WINDOWS\system32\bootvidgj.dll  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    C:\WINDOWS\system32\imgutilhx2.dll  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    C:\WINDOWS\system32\tuxumyls.dll  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    C:\WINDOWS\system32\certmgrkd.dll  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    C:\WINDOWS\system32\lweurqhx.dll  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    C:\WINDOWS\system32\avicapwm.dll  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    C:\WINDOWS\system32\adsntzt.dll  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    C:\Program Files\Maxthon2\MxFav.dll  [Maxthon, 1, 0, 0, 9, C:1980-01-01 00:00 M:2006-12-21 09:45]
    C:\Program Files\Maxthon2\maxzlib.dll  [(C) 1995-2004 Jean-loup Gailly & Mark Adler, 1.2.3, C:1980-01-01 00:00 M:2006-10-12 17:27]
    C:\Program Files\Maxthon2\mxtool.dll  [Copyright 2005, 1, 0, 0, 1, C:1980-01-01 00:00 M:2006-10-05 20:55]
    C:\Program Files\Maxthon2\mxfeedU.dll  [版权所有 (C) 2006, 1, 0, 45, 45, C:1980-01-01 00:00 M:2006-09-07 12:57]
    C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx  [(Verified)Adobe Systems, Inc., 9,0,115,0, C:2007-11-21 08:04 M:2007-11-21 08:04]
    C:\WINDOWS\system32\SOGOUPY.IME  [(Verified)Sogou.com Inc., 3.5.0.0, C:2008-06-20 19:22 M:2008-06-20 19:22]
    C:\Program Files\SogouInput\Plugin\SgImeWord.dll  [(Verified)Sogou.com Inc., 3.5.0.0, C:2008-06-20 19:22 M:2008-06-20 19:22]

[PID: 928 / woe]   C:\WINDOWS\清-理-助-手\A-r-S-w-p.exe   [A-r-S-w-p.com, 2, 8, 1, 815, C:2008-08-21 11:33 M:2008-08-17 07:56]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\WINDOWS\system32\cliconfgzx.dll  [N/A, C:2001-08-14 22:27 M:2001-08-14 22:27]
    C:\WINDOWS\system32\bootvidgj.dll  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    C:\WINDOWS\system32\imgutilhx2.dll  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    C:\WINDOWS\system32\tuxumyls.dll  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    C:\WINDOWS\system32\certmgrkd.dll  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    C:\WINDOWS\system32\lweurqhx.dll  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    C:\WINDOWS\system32\avicapwm.dll  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    C:\WINDOWS\system32\adsntzt.dll  [N/A, C:2008-08-14 22:27 M:2008-08-14 22:27]
    C:\WINDOWS\清-理-助-手\plugin\ArFix.dll  [(Verified)ArSwp.Com, 2, 5, 0, 0, C:2008-08-21 11:33 M:2007-11-28 15:19]


========================================
文件关联



========================================
AutoRun.INF

H:\Autorun.inf
    open=autorun.exe [d0z@FtpDown                        , 1.0.0.0            , C:2005-09-24 16:02 M:2005-09-24 16:02]


========================================
Winsock提供者



[/CODE]