[CODE]

2008-12-08,08:29:56

SysLog Scanner 1.0 - build 20080726
Arswp (http://www.arswp.com)

Windows Server 2003, Enterprise Edition Service Pack 1 (build 3790) - Administrators



========================================
Registries

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    <PhDesktop><d:\Program Files\Oray\PeanutHull5\PhDesktop.exe>  [上海贝锐, 1, 0, 0, 11, C:2007-03-31 19:50 M:2007-03-31 19:50]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <High Definition Audio 属性页快捷方式><HDAShCut.exe>  [Windows (R) Server 2003 DDK provider, 5.10.01.5012 built by: WinDDK, C:2007-01-08 14:36 M:2005-04-04 13:35]
    <Timer Explorer><H:\TExplore\TExplore.exe>  [Infinite, 6.0.0.1, C:2007-04-01 08:48 M:2007-01-17 12:00]
    <RavTask><"d:\Rising\Rav\RavTask.exe" -system>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.24, C:2007-05-16 04:01 M:2008-07-26 21:00]
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  [N/A, C:1601-01-01 08:00 M:1601-01-01 08:00]
    <360Safetray><D:\Program Files\360safe\safemon\360tray.exe /start>  [(Verified)奇虎网, 5, 0, 0, 1002, C:2008-08-25 14:12 M:2008-08-25 14:12]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|NVIDIA Corporation, 6.14.10.7777, C:2005-07-20 21:07 M:2005-07-20 21:07]
    <runeip><"D:\Program Files\Rising\AntiSpyware\rstray.exe" /startup>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.16, C:2008-12-07 15:18 M:2008-12-07 15:16]
    <ms08_067_patch><"C:\WINDOWS\system32\nap32.exe" /run>  [Beijing Rising Information Technology Co., Ltd., 1.0.0.1, C:2008-12-07 15:27 M:2008-12-06 11:01]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    <KKDelay><D:\Program Files\Rising\AntiSpyware\RunOnce.exe>  [(Verified)Beijing Rising Information Technology Co., Ltd., 19, 0, 0, 3, C:2008-12-07 15:18 M:2008-12-07 15:17]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <Shell><Explorer.exe>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    <Userinit><userinit.exe,>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_Dlls><kmon.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-12-07 15:18 M:2008-12-07 15:16]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\system32\logon.scr>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager]
    <BootExecute><autocheck autochk *>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs]
    <advapi32><advapi32.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    <comdlg32><comdlg32.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    <gdi32><gdi32.dll>  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    <imagehlp><imagehlp.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    <kernel32><kernel32.dll>  [Microsoft Corporation, 5.2.3790.2919 (srv03_sp1_gdr.070417-2346), C:2007-04-19 00:34 M:2007-04-19 00:34]
    <lz32><lz32.dll>  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    <ole32><ole32.dll>  [Microsoft Corporation, 5.2.3790.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    <oleaut32><oleaut32.dll>  [Microsoft Corporation, 5.2.3790.1830, C:2005-11-25 08:00 M:2005-11-25 08:00]
    <olecli32><olecli32.dll>  [Microsoft Corporation, 1.07 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    <olecnv32><olecnv32.dll>  [Microsoft Corporation, 5.2.3790.2492 (srv03_sp1_gdr.050720-1521), C:2005-11-25 08:00 M:2005-07-21 11:25]
    <olesvr32><olesvr32.dll>  [Microsoft Corporation, 1.09 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    <rpcrt4><rpcrt4.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    <shell32><shell32.dll>  [Microsoft Corporation, 6.00.3790.2867 (srv03_sp1_gdr.070122-2245), C:2007-01-23 23:03 M:2007-01-23 23:03]
    <url><url.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    <urlmon><urlmon.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    <user32><user32.dll>  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    <version><version.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    <wininet><wininet.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    <wldap32><wldap32.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&使用超级旋风下载]
    <><>  []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&使用超级旋风下载全部链接]
    <><>  []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&使用迅雷下载]
    <><d:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm>  [N/A, C:2007-01-09 09:14 M:2006-11-22 23:54]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&使用迅雷下载全部链接]
    <><d:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm>  [N/A, C:2007-01-09 09:14 M:2006-09-14 15:00]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\导出到 Microsoft Excel(&x)]
    <><res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000>  []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\添加到QQ表情]
    <><E:\Program Files\Tencent\QQ\AddEmotion.htm>  [N/A, C:2008-01-25 11:25 M:2008-01-25 11:25]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    <WinlogonNotify: crypt32chain><crypt32.dll>  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    <WinlogonNotify: cryptnet><cryptnet.dll>  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    <WinlogonNotify: cscdll><cscdll.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
    <WinlogonNotify: dimsntfy><dimsntfy.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    <WinlogonNotify: ScCertProp><wlnotify.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    <WinlogonNotify: Schedule><wlnotify.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    <WinlogonNotify: sclgntfy><sclgntfy.dll>  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    <WinlogonNotify: SensLogn><WlNotify.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    <WinlogonNotify: termsrv><wlnotify.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    <WinlogonNotify: wlballoon><wlnotify.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
    <浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:41 M:2005-11-25 08:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|N/A, C:2005-11-25 08:00 M:2005-11-25 08:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|N/A, C:2005-11-25 08:00 M:2005-11-25 08:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:41 M:2005-11-25 08:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    <Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200), C:2005-09-23 07:28 M:2005-09-23 07:28]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}]
    <启动迅雷5><d:\Program Files\Thunder Network\Thunder\Thunder.exe>  [Thunder Networking Technologies,LTD, 1, 0, 0, 5, C:2007-01-09 09:14 M:2006-11-29 14:26]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{6096E38F-5AC1-4391-8EC4-75DFA92FB32F}]
    <番茄花园><http://www.tomatolei.com>  []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\BJ Language Monitor]
    <PrintMonitor: BJ Language Monitor><cnbjmon.dll>  [Microsoft Corporation, 5.2.3790.1224 (dnsrv(skatari).040514-1058), C:2005-04-04 21:41 M:2005-11-25 08:00]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\EPSON V5 2KMonitor]
    <PrintMonitor: EPSON V5 2KMonitor><EBPMON2.DLL>  [SEIKO EPSON CORPORATION, 2, 34, 0, 0, C:2007-04-13 14:45 M:2002-10-08 10:34]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\Local Port]
    <PrintMonitor: Local Port><localspl.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\PJL Language Monitor]
    <PrintMonitor: PJL Language Monitor><pjlmon.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-04-04 21:36 M:2005-11-25 08:00]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\Standard TCP/IP Port]
    <PrintMonitor: Standard TCP/IP Port><tcpmon.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\USB Monitor]
    <PrintMonitor: USB Monitor><usbmon.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]


========================================
Startup Folders

[CrsExplorer.exe]
    <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\CrsExplorer.exe.lnk --> "E:\Webest\CE\CrsExplorer.exe"  > [北京维佳网域科技发展有限公司, 5.9.6.86, C:2007-04-13 09:52 M:2007-04-11 16:37]
[winpip.exe]
    <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\winpip.exe.lnk --> "D:\DNS\winpip.exe"  > [Copyright (C) 2003, 1, 0, 0, 1, C:2007-04-12 10:31 M:2004-12-03 11:23]


========================================
Task



========================================
Components


ShredTaskScheduler
[Browseui 预加载程序]
    {438755C2-A8BA-11D1-B96B-00A0C90312E1}  <%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[组件类别缓存程序]
    {8C7461EF-2B13-11d2-BE35-3078302C2030}  <%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]

Shell Extension
[Multimedia File Property Sheet]
    {00022613-0000-0000-C000-000000000046}  <mmsys.cpl>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[ICM 扫描仪管理]
    {176d6597-26d3-11d1-b350-080036a75b03}  <icmui.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[NTFS Security Page]
    {1F2E5C40-9550-11CE-99D2-00AA006E086C}  <rshx32.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[OLE Docfile Property Page]
    {3EA48300-8CF6-101B-84FB-666CCB9BCD32}  <docprop.dll>  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Shell extensions for sharing]
    {40dd6e20-7c17-11ce-a804-00aa003ca9f6}  <ntshrui.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[PlusPack CPL Extension]
    {41E300E0-78B6-11ce-849B-444553540000}  <%SystemRoot%\system32\themeui.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Display Adapter CPL Extension]
    {42071712-76d4-11d1-8b24-00a0c9068ff3}  <deskadp.dll>  [Microsoft Corporation, 6.00.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Display Monitor CPL Extension]
    {42071713-76d4-11d1-8b24-00a0c9068ff3}  <deskmon.dll>  [Microsoft Corporation, 6.00.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
[DS Security Page]
    {4E40F770-369C-11d0-8922-00A024AB2DBB}  <dssec.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Compatibility Page]
    {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}  <SlayerXP.dll>  [Microsoft Corporation, 6,0,5,0, C:2005-11-25 08:00 M:2005-11-25 08:00]
[Shell Scrap DataHandler]
    {56117100-C0CD-101B-81E2-00AA004AE837}  <shscrap.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Disk Copy Extension]
    {59099400-57FF-11CE-BD94-0020AF85B590}  <diskcopy.dll>  [Microsoft Corporation, 6.00.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Shell extensions for Microsoft Windows Network objects]
    {59be4990-f85c-11ce-aff7-00aa003ca9f6}  <ntlanui2.dll>  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
[ICM 监视器管理]
    {5DB2625A-54DF-11D0-B6C4-0800091AA605}  <%SystemRoot%\System32\icmui.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[ICM 打印机管理]
    {675F097E-4C4D-11D0-B6C1-0800091AA605}  <%SystemRoot%\system32\icmui.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Web Printer Shell Extension]
    {77597368-7b15-11d0-a0c2-080036af3f03}  <printui.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Disk Quota UI]
    {7988B573-EC89-11cf-9C00-00AA00A14F56}  <dskquoui.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[公文包]
    {85BBD920-42A0-1069-A2E4-08002B30309D}  <syncui.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[HyperTerminal Icon Ext]
    {88895560-9AA2-1069-930E-00AA0030EBC8}  <hticons.dll>  []
[字体]
    {BD84B380-8CA2-1069-AB1D-08000948F534}  <fontext.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[ICC 配置文件]
    {DBCE2480-C732-101B-BE72-BA78E9AD5B27}  <%SystemRoot%\system32\icmui.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Printers Security Page]
    {F37C5810-4D3F-11d0-B4BF-00AA00BBB723}  <rshx32.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Shell extensions for sharing]
    {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}  <ntshrui.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Display TroubleShoot CPL Extension]
    {f92e8c40-3d33-11d2-b1aa-080036a75b03}  <deskperf.dll>  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Crypto PKO Extension]
    {7444C717-39BF-11D1-8CD9-00C04FC29D45}  <C:\WINDOWS\system32\cryptext.dll>  [Microsoft Corporation, 5.131.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Crypto Sign Extension]
    {7444C719-39BF-11D1-8CD9-00C04FC29D45}  <C:\WINDOWS\system32\cryptext.dll>  [Microsoft Corporation, 5.131.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
[网络连接]
    {7007ACC7-3202-11D1-AAD2-00805FC1270E}  <C:\WINDOWS\system32\NETSHELL.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[网络连接]
    {992CFFA0-F557-101A-88EC-00DD010CCC48}  <C:\WINDOWS\system32\NETSHELL.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[扫描仪和照相机]
    {E211B736-43FD-11D1-9EFB-0000F8757FCD}  <wiashext.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[扫描仪和照相机]
    {FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}  <wiashext.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[扫描仪和照相机]
    {905667aa-acd6-11d2-8080-00805f6596d2}  <wiashext.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[扫描仪和照相机]
    {3F953603-1008-4f6e-A73A-04AAC7A992F1}  <wiashext.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[扫描仪和照相机]
    {83bbcbf3-b28a-4919-a5aa-73027445d672}  <wiashext.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Remote Sessions CPL Extension]
    {F0152790-D56E-4445-850E-4F3117DB740C}  <C:\WINDOWS\system32\remotepg.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:39 M:2005-11-25 08:00]
[Fusion Cache]
    {1D2680C9-0E2A-469d-B787-065558BC7D43}  <C:\WINDOWS\system32\mscoree.dll>  [Microsoft Corporation, 2.0.50727.253 (QFE.050727-2500), C:2007-07-26 12:22 M:2007-04-20 16:10]
[Windows Script Host 的外壳扩展]
    {60254CA5-953B-11CF-8C96-00AA00B8708C}  <C:\WINDOWS\system32\wshext.dll>  [Microsoft Corporation, 5.6.0.8827, C:2005-11-25 08:00 M:2005-11-25 08:00]
[Microsoft 数据链接]
    {2206CDB2-19C1-11D1-89E0-00C04FD7A829}  <C:\Program Files\Common Files\System\Ole DB\oledb32.dll>  [Microsoft Corporation, 2.82.1830.0 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:41 M:2005-11-25 08:00]
[Tasks Folder Icon Handler]
    {DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}  <C:\WINDOWS\system32\mstask.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:41 M:2005-11-25 08:00]
[Tasks Folder Shell Extension]
    {797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}  <C:\WINDOWS\system32\mstask.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:41 M:2005-11-25 08:00]
[任务计划]
    {D6277990-4C6A-11CF-8D87-00AA0060F5BF}  <C:\WINDOWS\system32\mstask.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:41 M:2005-11-25 08:00]
[Set Program Access and Defaults]
    {2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}  <%SystemRoot%\system32\shdocvw.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[搜索]
    {2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}  <%SystemRoot%\system32\shdocvw.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[帮助和支持]
    {2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}  <%SystemRoot%\system32\shdocvw.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[帮助和支持]
    {2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}  <%SystemRoot%\system32\shdocvw.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[运行...]
    {2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}  <%SystemRoot%\system32\shdocvw.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[Internet]
    {2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}  <%SystemRoot%\system32\shdocvw.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[电子邮件]
    {2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}  <%SystemRoot%\system32\shdocvw.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[字体]
    {D20EA4E1-3957-11d2-A40B-0C5020524152}  <%SystemRoot%\system32\shdocvw.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[管理工具]
    {D20EA4E1-3957-11d2-A40B-0C5020524153}  <%SystemRoot%\system32\shdocvw.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[Audio Media Properties Handler]
    {875CB1A1-0F29-45de-A1AE-CFB4950D0B78}  <%SystemRoot%\system32\shmedia.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Video Media Properties Handler]
    {40C3D757-D6E4-4b49-BB41-0E5BBEA28817}  <%SystemRoot%\system32\shmedia.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Wav Properties Handler]
    {E4B29F9D-D390-480b-92FD-7DDB47101D71}  <%SystemRoot%\system32\shmedia.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Avi Properties Handler]
    {87D62D94-71B3-4b9a-9489-5FE6850DC73E}  <%SystemRoot%\system32\shmedia.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Midi Properties Handler]
    {A6FD9E45-6E44-43f9-8644-08598F5A74D9}  <%SystemRoot%\system32\shmedia.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Video Thumbnail Extractor]
    {c5a40261-cd64-4ccf-84cb-c394da41d590}  <%SystemRoot%\system32\shmedia.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Microsoft Internet 工具栏]
    {5E6AB780-7743-11CF-A12B-00AA004AE837}  <%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[下载状态]
    {22BF0C20-6DA7-11D0-B373-00A0C9034938}  <%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[补充的外壳文件夹]
    {91EA3F8B-C99B-11d0-9815-00C04FD91972}  <%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[补充的外壳文件夹 2]
    {6413BA2C-B461-11d1-A18A-080036B11A03}  <%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[BandProxy]
    {F61FFEC1-754F-11d0-80CA-00AA005B4383}  <%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[Microsoft BrowserBand]
    {7BA4C742-9E81-11CF-99D3-00AA004AE837}  <%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[搜索区]
    {30D02401-6A81-11d0-8274-00C04FD5AE38}  <%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[窗格中的搜索]
    {169A0691-8DF9-11d1-A1C4-00C04FD75D13}  <%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[Web 搜索]
    {07798131-AF23-11d1-9111-00A0C98BA67D}  <%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[注册数目路选项实用程序]
    {AF4F6510-F982-11d0-8595-00AA004CD6D8}  <%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[地址(&A)]
    {01E04581-4EEE-11d0-BFE9-00AA005B4383}  <%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[地址 EditBox]
    {A08C11D2-A228-11d0-825B-00AA005B4383}  <%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[Microsoft AutoComplete]
    {00BB2763-6A77-11D0-A535-00C04FD7D062}  <%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[TridentImageExtractor]
    {7376D660-C583-11d0-A3A5-00C04FD706EC}  <%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[MRU 自动完成列表]
    {6756A641-DE71-11d0-831B-00AA005B4383}  <%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[自定义 MRU 自动完成列表]
    {6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}  <%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[可访问的]
    {7e653215-fa25-46bd-a339-34a2790f3cb7}  <%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[跟踪弹出栏]
    {acf35015-526e-4230-9596-becbe19f0ac9}  <%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[Microsoft 历史自动完成列表]
    {00BB2764-6A77-11D0-A535-00C04FD7D062}  <%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[Microsoft 外壳文件夹自动完成列表]
    {03C036F1-A186-11D0-824A-00AA005B4383}  <%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[Microsoft 多个自动完成列表容器]
    {00BB2765-6A77-11D0-A535-00C04FD7D062}  <%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[Shell Band Site Menu]
    {ECD4FC4E-521C-11D0-B792-00A0C90312E1}  <%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[外壳 DeskBarApp]
    {3CCF8A41-5C85-11d0-9796-00AA00B90ADF}  <%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[外壳 DeskBar]
    {ECD4FC4C-521C-11D0-B792-00A0C90312E1}  <%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[外壳 Rebar BandSite]
    {ECD4FC4D-521C-11D0-B792-00A0C90312E1}  <%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[用户帮助]
    {DD313E04-FEFF-11d1-8ECD-0000F87A470C}  <%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[全局文件夹设置]
    {EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}  <%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[Favorites Band]
    {EFA24E61-B078-11d0-89E4-00C04FC9E26E}  <%SystemRoot%\system32\shdocvw.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[Shell Automation Inproc Service]
    {0A89A860-D7B1-11CE-8350-444553540000}  <%SystemRoot%\system32\shdocvw.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[Shell DocObject Viewer]
    {E7E4BC40-E76A-11CE-A9BB-00AA004AE837}  <%SystemRoot%\system32\shdocvw.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[Microsoft Browser Architecture]
    {A5E46E3A-8849-11D1-9D8C-00C04FC99D61}  <%SystemRoot%\system32\shdocvw.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[InternetShortcut]
    {FBF23B40-E3F0-101B-8488-00AA003E56F8}  <shdocvw.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[Microsoft Url History 服务]
    {3C374A40-BAE4-11CF-BF7D-00AA006946EE}  <%SystemRoot%\system32\shdocvw.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[历史记录]
    {FF393560-C2A7-11CF-BFF4-444553540000}  <%SystemRoot%\system32\shdocvw.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[Internet 临时文件]
    {7BD29E00-76C1-11CF-9DD0-00A0C9034933}  <%SystemRoot%\system32\shdocvw.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[Internet 临时文件]
    {7BD29E01-76C1-11CF-9DD0-00A0C9034933}  <%SystemRoot%\system32\shdocvw.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[Microsoft Url 搜索挂接]
    {CFBFAE00-17A6-11D0-99CB-00C04FD64497}  <%SystemRoot%\system32\shdocvw.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[IE4 套件初始屏幕]
    {A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}  <%SystemRoot%\system32\shdocvw.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[CDF Extension Copy Hook]
    {67EA19A0-CCEF-11d0-8024-00C04FD75D13}  <%SystemRoot%\system32\shdocvw.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[ISFBand OC]
    {131A6951-7F78-11D0-A979-00C04FD705A2}  <%SystemRoot%\system32\shdocvw.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[Search Assistant OC]
    {9461b922-3c5a-11d2-bf8b-00c04fb93661}  <%SystemRoot%\system32\shdocvw.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[Internet]
    {3DC7A020-0ACD-11CF-A9BB-00AA004AE837}  <%SystemRoot%\system32\shdocvw.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[Internet Name Space]
    {871C5380-42A0-1069-A2EA-08002B30309D}  <%SystemRoot%\system32\shdocvw.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[浏览器栏]
    {EFA24E64-B078-11d0-89E4-00C04FC9E26E}  <%SystemRoot%\system32\shdocvw.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[Sendmail service]
    {9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}  <C:\WINDOWS\system32\sendmail.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Sendmail service]
    {9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}  <C:\WINDOWS\system32\sendmail.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[ActiveX 高速缓存文件夹]
    {88C6C381-2E85-11D0-94DE-444553540000}  <%SystemRoot%\system32\occache.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[WebCheck]
    {E6FB5E20-DE35-11CF-9C87-00AA005127ED}  <%SystemRoot%\system32\webcheck.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Subscription Mgr]
    {ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}  <%SystemRoot%\system32\webcheck.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[预订文件夹]
    {F5175861-2688-11d0-9C5E-00AA00A45957}  <%SystemRoot%\system32\webcheck.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[WebCheckWebCrawler]
    {08165EA0-E946-11CF-9C87-00AA005127ED}  <%SystemRoot%\system32\webcheck.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[WebCheckChannelAgent]
    {E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}  <%SystemRoot%\system32\webcheck.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[TrayAgent]
    {E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}  <%SystemRoot%\system32\webcheck.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Code Download Agent]
    {7D559C10-9FE9-11d0-93F7-00AA0059CE02}  <%SystemRoot%\system32\webcheck.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[ConnectionAgent]
    {E6CC6978-6B6E-11D0-BECA-00C04FD940BE}  <%SystemRoot%\system32\webcheck.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[PostAgent]
    {D8BD2030-6FC9-11D0-864F-00AA006809D9}  <%SystemRoot%\system32\webcheck.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[WebCheck SyncMgr Handler]
    {7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}  <%SystemRoot%\system32\webcheck.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Shell Application Manager]
    {352EC2B7-8B9A-11D1-B8AE-006008059382}  <%SystemRoot%\system32\appwiz.cpl>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Installed Apps Enumerator]
    {0B124F8F-91F0-11D1-B8B5-006008059382}  <%SystemRoot%\system32\appwiz.cpl>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Darwin App Publisher]
    {CFCCC7A0-A282-11D1-9082-006008059382}  <%SystemRoot%\system32\appwiz.cpl>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Shell Image Verbs]
    {e84fda7c-1d6a-45f6-b725-cb260c236066}  <%SystemRoot%\system32\shimgvw.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Shell Image Data Factory]
    {66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}  <%SystemRoot%\system32\shimgvw.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[GDI+ 文件缩略图解压缩程序]
    {3F30C968-480A-4C6C-862D-EFC0897BB84B}  <C:\WINDOWS\system32\shimgvw.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[摘要信息缩略图处理程序(DOCFILES)]
    {9DBD2C50-62AD-11d0-B806-00C04FD706EC}  <C:\WINDOWS\system32\shimgvw.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[HTML 缩略图的解压缩程序]
    {EAB841A0-9550-11cf-8C16-00805F1408F3}  <C:\WINDOWS\system32\shimgvw.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Shell Image Property Handler]
    {eb9b1153-3b57-4e68-959a-a3266bc3d7fe}  <%SystemRoot%\system32\shimgvw.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Web 发布向导]
    {CC6EEFFB-43F6-46c5-9619-51D571967F7D}  <%SystemRoot%\system32\netplwiz.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[通过 Web 订购照片]
    {add36aa8-751a-4579-a266-d66f5202ccbb}  <%SystemRoot%\system32\netplwiz.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[外壳出版向导对象]
    {6b33163c-76a5-4b6c-bf21-45de9cd503a1}  <%SystemRoot%\system32\netplwiz.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[获取 Passport 向导]
    {58f1f272-9240-4f51-b6d4-fd63d1618591}  <%SystemRoot%\system32\netplwiz.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Compressed (zipped) Folder Right Drag Handler]
    {BD472F60-27FA-11cf-B8B4-444553540000}  <%SystemRoot%\system32\zipfldr.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Compressed (zipped) Folder SendTo Target]
    {888DCA60-FC0A-11CF-8F0F-00C04FD7D062}  <%SystemRoot%\system32\zipfldr.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[频道文件]
    {f39a0dc0-9cc8-11d0-a599-00c04fd64433}  <%SystemRoot%\system32\cdfview.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[频道快捷方式]
    {f3aa0dc0-9cc8-11d0-a599-00c04fd64434}  <%SystemRoot%\system32\cdfview.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[频道句柄对象]
    {f3ba0dc0-9cc8-11d0-a599-00c04fd64435}  <%SystemRoot%\system32\cdfview.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Channel Menu]
    {f3da0dc0-9cc8-11d0-a599-00c04fd64437}  <%SystemRoot%\system32\cdfview.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Channel Properties]
    {f3ea0dc0-9cc8-11d0-a599-00c04fd64438}  <%SystemRoot%\system32\cdfview.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Extensions Manager Folder]
    {692F0339-CBAA-47e6-B5B5-3B84DB604E87}  <%SystemRoot%\system32\extmgr.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[以前版本的属性页]
    {596AB062-B4D2-4215-9F74-E9109B0A8153}  <%SystemRoot%\system32\twext.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[以前的版本]
    {9DB7A13C-F208-4981-8353-73CC61AE2783}  <%SystemRoot%\system32\twext.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[FTP Folders Webview]
    {63da6ec0-2e98-11cf-8d82-444553540000}  <C:\WINDOWS\system32\msieftp.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Microsoft DocProp Shell Ext]
    {883373C3-BF89-11D1-BE35-080036B11A03}  <C:\WINDOWS\system32\docprop2.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Microsoft DocProp Inplace Edit Box Control]
    {A9CF0EAE-901A-4739-A481-E35B73E47F6D}  <C:\WINDOWS\system32\docprop2.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Microsoft DocProp Inplace ML Edit Box Control]
    {8EE97210-FD1F-4B19-91DA-67914005F020}  <C:\WINDOWS\system32\docprop2.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Microsoft DocProp Inplace Droplist Combo Control]
    {0EEA25CC-4362-4A12-850B-86EE61B0D3EB}  <C:\WINDOWS\system32\docprop2.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Microsoft DocProp Inplace Calendar Control]
    {6A205B57-2567-4A2C-B881-F787FAB579A3}  <C:\WINDOWS\system32\docprop2.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Microsoft DocProp Inplace Time Control]
    {28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}  <C:\WINDOWS\system32\docprop2.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Directory Query UI]
    {8A23E65E-31C2-11d0-891C-00A024AB2DBB}  <%SystemRoot%\system32\dsquery.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Shell properties for a DS object]
    {9E51E0D0-6E0F-11d2-9601-00C04FA31A86}  <%SystemRoot%\system32\dsquery.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Directory Object Find]
    {163FDC20-2ABC-11d0-88F0-00A024AB2DBB}  <%SystemRoot%\system32\dsquery.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Directory Start/Search Find]
    {F020E586-5264-11d1-A532-0000F8757D7E}  <%SystemRoot%\system32\dsquery.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Directory Property UI]
    {0D45D530-764B-11d0-A1CA-00AA00C16E65}  <%SystemRoot%\system32\dsuiext.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Directory Context Menu Verbs]
    {62AE1F9A-126A-11D0-A14B-0800361B1103}  <%SystemRoot%\system32\dsuiext.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[MyDocs Copy Hook]
    {ECF03A33-103D-11d2-854D-006008059367}  <%SystemRoot%\system32\mydocs.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[MyDocs Drop Target]
    {ECF03A32-103D-11d2-854D-006008059367}  <%SystemRoot%\system32\mydocs.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[MyDocs Properties]
    {4a7ded0a-ad25-11d0-98a8-0800361b1103}  <%SystemRoot%\system32\mydocs.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Offline Files Menu]
    {750fdf0e-2a26-11d1-a3ea-080036587f03}  <%SystemRoot%\System32\cscui.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Offline Files Folder Options]
    {10CFC467-4392-11d2-8DB4-00C04FA31A66}  <%SystemRoot%\System32\cscui.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[脱机文件夹]
    {AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}  <%SystemRoot%\System32\cscui.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Microsoft Agent Character Property Sheet Handler]
    {143A62C8-C33B-11D1-84FE-00C04FA34A14}  <C:\WINDOWS\msagent\agentpsh.dll>  [Microsoft Corporation, 5.2.3790.1240, C:2005-11-25 08:00 M:2005-11-25 08:00]
[DfsShell]
    {ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}  <C:\WINDOWS\system32\dfsshlex.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[%DESC_PublishDropTarget%]
    {60fd46de-f830-4894-a628-6fa81bc0190d}  <%SystemRoot%\system32\photowiz.dll>  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
[MMC Icon Handler]
    {7A80E4A8-8005-11D2-BCF8-00C04F72C717}  <%SystemRoot%\System32\mmcshext.dll>  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
[.CAB file viewer]
    {0CD7A5C0-9F37-11CE-AE65-08002B2E1262}  <cabview.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[VSSShellExt]
    {4648F940-EFE3-4BAB-9211-3BE45CD5029D}  <C:\WINDOWS\system32\vssui.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[个人(&P)...]
    {32714800-2E5F-11d0-8B85-00AA0044F941}  <C:\Program Files\Outlook Express\wabfind.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:41 M:2005-11-25 08:00]
[Portable Media Devices]
    {640167b4-59b0-47a6-b335-a6b3c0695aea}  <%SystemRoot%\system32\audiodev.dll>  [Microsoft Corporation, 5.2.3790.3700 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Portable Media Devices Menu]
    {cc86590a-b60a-48e6-996b-41d25ed39a1e}  <%SystemRoot%\system32\audiodev.dll>  [Microsoft Corporation, 5.2.3790.3700 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Windows Media Player Play as Playlist Context Menu Handler]
    {8DD448E6-C188-4aed-AF92-44956194EB1F}  <C:\WINDOWS\system32\wmpshell.dll>  [Microsoft Corporation, 10.00.00.3700, C:2005-11-25 08:00 M:2005-11-25 08:00]
[Windows Media Player Burn Audio CD Context Menu Handler]
    {CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}  <C:\WINDOWS\system32\wmpshell.dll>  [Microsoft Corporation, 10.00.00.3700, C:2005-11-25 08:00 M:2005-11-25 08:00]
[Windows Media Player Add to Playlist Context Menu Handler]
    {F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}  <C:\WINDOWS\system32\wmpshell.dll>  [Microsoft Corporation, 10.00.00.3700, C:2005-11-25 08:00 M:2005-11-25 08:00]
[NvCpl DesktopContext Class]
    {A70C977A-BF00-412C-90B7-034C51DA2439}  <C:\WINDOWS\system32\nvcpl.dll>  [NVIDIA Corporation, 6.14.10.7777, C:2005-07-20 21:07 M:2005-07-20 21:07]
[Play on my TV helper]
    {FFB699E0-306A-11d3-8BD1-00104B6F7516}  <C:\WINDOWS\system32\nvcpl.dll>  [NVIDIA Corporation, 6.14.10.7777, C:2005-07-20 21:07 M:2005-07-20 21:07]
[Desktop Explorer]
    {1CDB2949-8F65-4355-8456-263E7C208A5D}  <C:\WINDOWS\system32\nvshell.dll>  [NVIDIA Corporation, 6.14.10.10531, C:2005-07-20 21:07 M:2005-07-20 21:07]
[Desktop Explorer Menu]
    {1E9B04FB-F9E5-4718-997B-B8DA88302A47}  <C:\WINDOWS\system32\nvshell.dll>  [NVIDIA Corporation, 6.14.10.10531, C:2005-07-20 21:07 M:2005-07-20 21:07]
[nView Desktop Context Menu]
    {1E9B04FB-F9E5-4718-997B-B8DA88302A48}  <C:\WINDOWS\system32\nvshell.dll>  [NVIDIA Corporation, 6.14.10.10531, C:2005-07-20 21:07 M:2005-07-20 21:07]
[WinRAR shell extension]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <C:\Program Files\WinRAR\rarext.dll>  [N/A, C:2007-01-08 12:40 M:2006-06-18 00:08]
[Web Folders]
    {BDEADF00-C265-11D0-BCED-00A0C90AB50F}  <C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL>  [Microsoft Corporation, 10.145.3810.0, C:2001-02-14 21:45 M:2001-02-14 21:45]
[Shell Search Band]
    {21569614-B795-46b1-85F4-E737A8DC09AD}  <%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[RISING]
    {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}  <C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-07-28 16:48 M:2008-07-28 16:40]
[ShellLink for Application References]
    {e82a2d71-5b2f-43a0-97b8-81be15854de8}  <C:\WINDOWS\system32\dfshim.dll>  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200), C:2005-09-23 07:28 M:2005-09-23 07:28]
[Shell Icon Handler for Application References]
    {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75}  <C:\WINDOWS\system32\dfshim.dll>  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200), C:2005-09-23 07:28 M:2005-09-23 07:28]

Protocols
[Cor MIME Filter, CorFltr, CorFltr 1]
    {1E66F26B-79EE-11D2-8710-00C04F79ED0D}  <mscoree.dll>  [Microsoft Corporation, 2.0.50727.253 (QFE.050727-2500), C:2007-07-26 12:22 M:2007-04-20 16:10]
[AP Class Install Handler filter]
    {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1}  <C:\WINDOWS\system32\urlmon.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[AP lzdhtml encoding/decoding Filter]
    {8f6b0360-b80d-11d0-a9b3-006097942311}  <C:\WINDOWS\system32\urlmon.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[WebView MIME Filter]
    {733AC4CB-F1A4-11d0-B951-00A0C90312E1}  <%SystemRoot%\system32\SHELL32.dll>  [Microsoft Corporation, 6.00.3790.2867 (srv03_sp1_gdr.070122-2245), C:2007-01-23 23:03 M:2007-01-23 23:03]
[Microsoft HTML About Pluggable Protocol]
    {3050F406-98B5-11CF-BB82-00AA00BDCE0B}  <%SystemRoot%\system32\mshtml.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[CDL: Asychronous Pluggable Protocol Handler]
    {3dd53d40-7b8b-11D0-b013-00aa0059ce02}  <C:\WINDOWS\system32\urlmon.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[Microsoft PKM KnowledgePluggable Class]
    {CD00020A-8B95-11D1-82DB-00C04FB1625D}  <C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL>  [Microsoft Corporation, 10.145.3722.0, C:2001-01-21 19:25 M:2001-01-21 19:25]
[file:, local: Asychronous Pluggable Protocol Handler]
    {79eac9e7-baf9-11ce-8c82-00aa004ba90b}  <C:\WINDOWS\system32\urlmon.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[ftp: Asychronous Pluggable Protocol Handler]
    {79eac9e3-baf9-11ce-8c82-00aa004ba90b}  <C:\WINDOWS\system32\urlmon.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[gopher: Asychronous Pluggable Protocol Handler]
    {79eac9e4-baf9-11ce-8c82-00aa004ba90b}  <C:\WINDOWS\system32\urlmon.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[http: Asychronous Pluggable Protocol Handler]
    {79eac9e2-baf9-11ce-8c82-00aa004ba90b}  <C:\WINDOWS\system32\urlmon.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[https: Asychronous Pluggable Protocol Handler]
    {79eac9e5-baf9-11ce-8c82-00aa004ba90b}  <C:\WINDOWS\system32\urlmon.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[Microsoft HTML Javascript Pluggable Protocol]
    {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B}  <%SystemRoot%\system32\mshtml.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[Microsoft HTML Mailto Pluggable Protocol]
    {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B}  <%SystemRoot%\system32\mshtml.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[MHTML Asychronous Pluggable Protocol Handler]
    {05300401-BCBC-11d0-85E3-00C04FD85AB4}  <%SystemRoot%\system32\inetcomm.dll>  [Microsoft Corporation, 6.00.3790.2929 (srv03_sp1_gdr.070502-2339), C:2007-01-08 11:41 M:2007-05-03 23:47]
[Microsoft HTML Resource Pluggable Protocol]
    {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B}  <%SystemRoot%\system32\mshtml.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[Microsoft HTML Resource Pluggable Protocol]
    {76E67A63-06E9-11D2-A840-006008059382}  <%SystemRoot%\system32\mshtml.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[WiaProtocol Class]
    {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE}  <C:\WINDOWS\system32\wiascr.dll>  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]

UrlSeachHook
[Microsoft Url 搜索挂接]
    {CFBFAE00-17A6-11D0-99CB-00C04FD64497}  <%SystemRoot%\system32\shdocvw.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]

ToolBar
[瑞星卡卡工具条(&R)]
    {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C}  <C:\WINDOWS\system32\KakaTool.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 3, C:2008-12-07 15:18 M:2008-12-07 15:16]

ActiveX Extension
[QQCycloneHelper Class]
    {00000000-12C9-4305-82F9-43058F20E8D2}  <h:\QQDownload1\QQIEHelper01.dll>  [(Verified)腾讯公司, 1, 1, 0, 5, C:2008-03-20 17:33 M:2008-03-20 17:33]
[XML DOM Document]
    {2933BF90-7B36-11D2-B20E-00C04F983E60}  <C:\WINDOWS\system32\msxml3.dll>  [Microsoft Corporation, 8.70.1113.0, C:2006-09-19 20:55 M:2006-09-19 20:55]
[QQRightClick Class]
    {4836C333-208E-4BCE-B30B-00B9545B0F6E}  <h:\QQDownload1\QQIEHelper01.dll>  [(Verified)腾讯公司, 1, 1, 0, 5, C:2008-03-20 17:33 M:2008-03-20 17:33]
[360SafeLive]
    {87515F61-A66C-4319-A0E0-D416CB8059E3}  <D:\Program Files\360safe\live.dll>  [(Verified)360.cn, 1, 0, 1, 1029, C:2008-11-25 09:42 M:2008-11-25 09:42]
[Thunder Browser Helper]
    {889D2FEB-5411-4565-8998-1DD2C5261283}  <d:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_006.dll>  [Thunder Networking Technologies,LTD, 5, 0, 0, 3, C:2007-01-09 09:14 M:2006-11-24 00:42]
[XML HTTP 4.0]
    {88D969C5-F192-11D4-A65F-0040963251E5}  <%SystemRoot%\system32\msxml4.dll>  [Microsoft Corporation, 4.20.9848.0, C:2007-05-08 15:10 M:2007-05-08 15:10]
[卡卡上网安全助手]
    {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}  <C:\WINDOWS\system32\UrlFilter.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-12-07 15:18 M:2008-12-07 15:17]
[SearchAssistantOC]
    {B45FF030-4447-11D2-85DE-00C04FA35C89}  <%SystemRoot%\system32\shdocvw.dll>  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
[SafeMon Class]
    {B69F34DD-F0F9-42DC-9EDD-957187DA688D}  <D:\Program Files\360safe\safemon\safemon.dll>  [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42]
[Shockwave Flash Object]
    {D27CDB6E-AE6D-11CF-96B8-444553540000}  <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx>  [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32]
[瑞星卡卡工具条(&R)]
    {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C}  <C:\WINDOWS\system32\KakaTool.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 3, C:2008-12-07 15:18 M:2008-12-07 15:16]
[TimwpDll.TimwpCheck]
    {ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4}  <E:\PROGRA~1\Tencent\QQ\Timwp.dll>  [(Verified)TENCENT, 8,0,713,1791, C:2008-01-25 17:14 M:2008-01-25 17:14]
[XML HTTP Request]
    {ED8C108E-4349-11D2-91A4-00C04F7969E8}  <C:\WINDOWS\system32\msxml3.dll>  [Microsoft Corporation, 8.70.1113.0, C:2006-09-19 20:55 M:2006-09-19 20:55]
[XML HTTP 3.0]
    {F5078F35-C551-11D3-89B9-0000F81FE221}  <C:\WINDOWS\system32\msxml3.dll>  [Microsoft Corporation, 8.70.1113.0, C:2006-09-19 20:55 M:2006-09-19 20:55]
[XML DOM Document]
    {F6D90F11-9C73-11D3-B32E-00C04F990BB4}  <C:\WINDOWS\system32\msxml3.dll>  [Microsoft Corporation, 8.70.1113.0, C:2006-09-19 20:55 M:2006-09-19 20:55]
[XML HTTP]
    {F6D90F16-9C73-11D3-B32E-00C04F990BB4}  <C:\WINDOWS\system32\msxml3.dll>  [Microsoft Corporation, 8.70.1113.0, C:2006-09-19 20:55 M:2006-09-19 20:55]

Context Menu
[Offline Files]
    {750fdf0e-2a26-11d1-a3ea-080036587f03}  <%SystemRoot%\System32\cscui.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Open With]
    {09799AFB-AD67-11d1-ABCD-00C04FC30936}  <%SystemRoot%\system32\SHELL32.dll>  [Microsoft Corporation, 6.00.3790.2867 (srv03_sp1_gdr.070122-2245), C:2007-01-23 23:03 M:2007-01-23 23:03]
[Open With EncryptionMenu]
    {A470F8CF-A1E8-4f65-8335-227475AA5C46}  <%SystemRoot%\system32\SHELL32.dll>  [Microsoft Corporation, 6.00.3790.2867 (srv03_sp1_gdr.070122-2245), C:2007-01-23 23:03 M:2007-01-23 23:03]
[RISINGRAV]
    {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}  <C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-07-28 16:48 M:2008-07-28 16:40]
[WinRAR]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <C:\Program Files\WinRAR\rarext.dll>  [N/A, C:2007-01-08 12:40 M:2006-06-18 00:08]
[Send To]
    {7BA4C740-9E81-11CF-99D3-00AA004AE837}  <%SystemRoot%\system32\SHELL32.dll>  [Microsoft Corporation, 6.00.3790.2867 (srv03_sp1_gdr.070122-2245), C:2007-01-23 23:03 M:2007-01-23 23:03]
[Sharing]
    {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}  <ntshrui.dll>  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]


========================================
Services

[Application Experience Lookup Service / AeLookupSvc][Running/Auto Start]
    <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\aelupsvc.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Alerter / Alerter][Stopped/Disabled]
    <%SystemRoot%\system32\svchost.exe -k LocalService --> "%SystemRoot%\system32\alrsvc.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Application Layer Gateway Service / ALG][Running/Manual Start]
    <%SystemRoot%\System32\alg.exe>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Application Management / AppMgmt][Stopped/Manual Start]
    <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\appmgmts.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Windows Audio / AudioSrv][Running/Auto Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\audiosrv.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Background Intelligent Transfer Service / BITS][Stopped/Manual Start]
    <%SystemRoot%\system32\svchost.exe -k netsvcs --> "C:\WINDOWS\system32\qmgr.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 6.6.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:41 M:2005-11-25 08:00]
[Computer Browser / Browser][Running/Auto Start]
    <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\browser.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Indexing Service / CiSvc][Stopped/Disabled]
    <%SystemRoot%\system32\cisvc.exe>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[ClipBook / ClipSrv][Stopped/Disabled]
    <%SystemRoot%\system32\clipsrv.exe>  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
[COM+ System Application / COMSysApp][Stopped/Manual Start]
    <C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}>  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Cryptographic Services / CryptSvc][Running/Auto Start]
    <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\cryptsvc.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[DCOM Server Process Launcher / DcomLaunch][Running/Auto Start]
    <%SystemRoot%\system32\svchost.exe -k DcomLaunch --> "%SystemRoot%\system32\rpcss.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
[Distributed File System / Dfs][Stopped/Manual Start]
    <%SystemRoot%\system32\Dfssvc.exe>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[DHCP Client / Dhcp][Running/Auto Start]
    <%SystemRoot%\system32\svchost.exe -k NetworkService --> "%SystemRoot%\System32\dhcpcsvc.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.2706 (srv03_sp1_gdr.060518-1516), C:2005-11-25 08:00 M:2006-05-19 11:18]
[Logical Disk Manager Administrative Service / dmadmin][Stopped/Manual Start]
    <%SystemRoot%\System32\dmadmin.exe /com>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Logical Disk Manager / dmserver][Running/Auto Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\dmserver.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[DNS Client / Dnscache][Running/Auto Start]
    <%SystemRoot%\system32\svchost.exe -k NetworkService --> "%SystemRoot%\System32\dnsrslvr.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Error Reporting Service / ERSvc][Stopped/Disabled]
    <%SystemRoot%\System32\svchost.exe -k WinErr --> "%SystemRoot%\System32\ersvc.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Event Log / Eventlog][Running/Auto Start]
    <%SystemRoot%\system32\services.exe>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[COM+ Event System / EventSystem][Running/Auto Start]
    <C:\WINDOWS\system32\svchost.exe -k netsvcs --> "C:\WINDOWS\system32\es.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 2001.12.4720.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
[gcelwx / gcelwx][Stopped/Auto Start]
    <C:\WINDOWS\system32\svchost.exe -k gcelwx --> "%SystemRoot%\System32\lwjzkf.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Help and Support / helpsvc][Running/Auto Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:41 M:2005-11-25 08:00]
[Human Interface Device Access / HidServ][Stopped/Disabled]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\hidserv.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[HTTP SSL / HTTPFilter][Stopped/Manual Start]
    <%SystemRoot%\System32\lsass.exe --> "%SystemRoot%\System32\w3ssl.dll">  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
[IMAPI CD-Burning COM Service / ImapiService][Stopped/Disabled]
    <C:\WINDOWS\system32\imapi.exe>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Intersite Messaging / IsmServ][Stopped/Disabled]
    <%SystemRoot%\System32\ismserv.exe>  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Kerberos Key Distribution Center / kdc][Stopped/Disabled]
    <%SystemRoot%\System32\lsass.exe>  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Server / lanmanserver][Running/Auto Start]
    <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\srvsvc.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Workstation / lanmanworkstation][Running/Auto Start]
    <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\wkssvc.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[License Logging / LicenseService][Stopped/Disabled]
    <%SystemRoot%\System32\llssrv.exe>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[TCP/IP NetBIOS Helper / LmHosts][Running/Auto Start]
    <%SystemRoot%\system32\svchost.exe -k LocalService --> "%SystemRoot%\System32\lmhsvc.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Messenger / Messenger][Stopped/Disabled]
    <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\msgsvc.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Disabled]
    <C:\WINDOWS\system32\mnmsrvc.exe>  [Microsoft Corporation, 5.2.3790.1830, C:2007-01-08 11:41 M:2005-11-25 08:00]
[Distributed Transaction Coordinator / MSDTC][Stopped/Disabled]
    <C:\WINDOWS\system32\msdtc.exe>  [Microsoft Corporation, 2001.12.4720.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:39 M:2005-11-25 08:00]
[Windows Installer / MSIServer][Stopped/Manual Start]
    <C:\WINDOWS\system32\msiexec.exe /V>  [Microsoft Corporation, 3.1.4000.1830, C:2005-11-25 08:00 M:2005-11-25 08:00]
[Network DDE / NetDDE][Stopped/Disabled]
    <%SystemRoot%\system32\netdde.exe>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Network DDE DSDM / NetDDEdsdm][Stopped/Disabled]
    <%SystemRoot%\system32\netdde.exe>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Net Logon / Netlogon][Stopped/Manual Start]
    <%SystemRoot%\system32\lsass.exe>  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Network Connections / Netman][Running/Manual Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\netman.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.2516 (srv03_sp1_gdr.050824-1616), C:2007-01-08 11:51 M:2005-08-26 08:18]
[Network Location Awareness (NLA) / Nla][Running/Manual Start]
    <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\mswsock.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[File Replication / NtFrs][Stopped/Manual Start]
    <%SystemRoot%\system32\ntfrs.exe>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[NT LM Security Support Provider / NtLmSsp][Stopped/Manual Start]
    <%SystemRoot%\system32\lsass.exe>  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Removable Storage / NtmsSvc][Stopped/Manual Start]
    <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\system32\ntmssvc.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
    <%SystemRoot%\system32\nvsvc32.exe>  [NVIDIA Corporation, 6.14.10.7777, C:2005-07-20 21:07 M:2005-07-20 21:07]
[PeanutHull DDNS Service / Peanuthull5Core][Running/Auto Start]
    <d:\Program Files\Oray\PeanutHull5\PhCore.exe -service>  [上海贝锐, 1, 0, 0, 21, C:2007-03-31 19:47 M:2007-03-31 19:47]
[COMEXE PIPClient / PIPClient][Running/Auto Start]
    <"D:\DNS\winpip.exe" -service>  [Copyright (C) 2003, 1, 0, 0, 1, C:2007-04-12 10:31 M:2004-12-03 11:23]
[Plug and Play / PlugPlay][Running/Auto Start]
    <%SystemRoot%\system32\services.exe>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[IPSEC Services / PolicyAgent][Running/Auto Start]
    <%SystemRoot%\system32\lsass.exe>  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Protected Storage / ProtectedStorage][Running/Auto Start]
    <%SystemRoot%\system32\lsass.exe>  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
[pzkezk / pzkezk][Stopped/Auto Start]
    <C:\WINDOWS\system32\svchost.exe -k pzkezk --> "%SystemRoot%\System32\hqlgsx.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Remote Access Auto Connection Manager / RasAuto][Stopped/Manual Start]
    <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\rasauto.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Remote Access Connection Manager / RasMan][Running/Manual Start]
    <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\rasmans.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.2731 (srv03_sp1_gdr.060621-2351), C:2005-11-25 08:00 M:2006-06-22 19:35]
[Remote Desktop Help Session Manager / RDSessMgr][Stopped/Manual Start]
    <C:\WINDOWS\system32\sessmgr.exe>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:39 M:2005-11-25 08:00]
[Routing and Remote Access / RemoteAccess][Stopped/Disabled]
    <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\mprdim.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Remote Registry / RemoteRegistry][Running/Auto Start]
    <%SystemRoot%\system32\svchost.exe -k regsvc --> "%SystemRoot%\system32\regsvc.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Remote Procedure Call (RPC) Locator / RpcLocator][Stopped/Manual Start]
    <%SystemRoot%\system32\locator.exe>  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Remote Procedure Call (RPC) / RpcSs][Running/Auto Start]
    <%SystemRoot%\system32\svchost.exe -k rpcss --> "%SystemRoot%\system32\rpcss.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
[Resultant Set of Policy Provider / RSoPProv][Stopped/Manual Start]
    <%SystemRoot%\system32\RSoPProv.exe>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Special Administration Console Helper / sacsvr][Stopped/Manual Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\system32\sacsvr.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Security Accounts Manager / SamSs][Running/Auto Start]
    <%SystemRoot%\system32\lsass.exe>  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Smart Card / SCardSvr][Running/Auto Start]
    <%SystemRoot%\System32\SCardSvr.exe>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Task Scheduler / Schedule][Running/Auto Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\system32\schedsvc.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:41 M:2005-11-25 08:00]
[Secondary Logon / seclogon][Running/Auto Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\seclogon.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[System Event Notification / SENS][Running/Auto Start]
    <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\system32\sens.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Windows Firewall/Internet Connection Sharing (ICS) / SharedAccess][Running/Auto Start]
    <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\system32\ipnathlp.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Shell Hardware Detection / ShellHWDetection][Running/Auto Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\shsvcs.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 6.00.3790.2857 (srv03_sp1_gdr.070104-2330), C:2007-01-05 03:34 M:2007-01-05 03:34]
[Print Spooler / Spooler][Running/Auto Start]
    <%SystemRoot%\system32\spoolsv.exe>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Windows Image Acquisition (WIA) / stisvc][Stopped/Disabled]
    <%SystemRoot%\system32\svchost.exe -k imgsvc --> "%SystemRoot%\system32\wiaservc.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Microsoft Software Shadow Copy Provider / swprv][Stopped/Manual Start]
    <%SystemRoot%\System32\svchost.exe -k swprv --> "%Systemroot%\System32\swprv.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Performance Logs and Alerts / SysmonLog][Stopped/Auto Start]
    <%SystemRoot%\system32\smlogsvc.exe>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Telephony / TapiSrv][Running/Manual Start]
    <%SystemRoot%\System32\svchost.exe -k tapisrv --> "%SystemRoot%\System32\tapisrv.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.2483 (srv03_sp1_gdr.050707-1651), C:2005-11-25 08:00 M:2005-07-09 03:20]
[Terminal Services / TermService][Running/Auto Start]
    <%SystemRoot%\System32\svchost.exe -k termsvcs --> "%SystemRoot%\System32\termsrv.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:39 M:2005-11-25 08:00]
[Themes / Themes][Running/Auto Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\shsvcs.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 6.00.3790.2857 (srv03_sp1_gdr.070104-2330), C:2007-01-05 03:34 M:2007-01-05 03:34]
[Telnet / TlntSvr][Stopped/Manual Start]
    <C:\WINDOWS\system32\tlntsvr.exe>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Distributed Link Tracking Server / TrkSvr][Stopped/Disabled]
    <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\system32\trksvr.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Distributed Link Tracking Client / TrkWks][Running/Auto Start]
    <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\system32\trkwks.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Terminal Services Session Directory / Tssdis][Stopped/Disabled]
    <%SystemRoot%\System32\tssdis.exe>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:39 M:2005-11-25 08:00]
[Windows User Mode Driver Framework / UMWdf][Stopped/Manual Start]
    <C:\WINDOWS\system32\wdfmgr.exe>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Uninterruptible Power Supply / UPS][Stopped/Manual Start]
    <%SystemRoot%\System32\ups.exe>  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Virtual Disk Service / vds][Stopped/Manual Start]
    <%SystemRoot%\System32\vds.exe>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Volume Shadow Copy / VSS][Stopped/Manual Start]
    <%SystemRoot%\System32\vssvc.exe>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Windows Time / W32Time][Running/Auto Start]
    <%SystemRoot%\System32\svchost.exe -k LocalService --> "C:\WINDOWS\system32\w32time.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[WebClient / WebClient][Stopped/Disabled]
    <%SystemRoot%\system32\svchost.exe -k LocalService --> "%SystemRoot%\System32\webclnt.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.2591 (srv03_sp1_gdr.051212-1556), C:2005-11-25 08:00 M:2005-12-13 12:07]
[WinHTTP Web Proxy Auto-Discovery Service / WinHttpAutoProxySvc][Stopped/Manual Start]
    <%SystemRoot%\system32\svchost.exe -k LocalService --> "winhttp.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Windows Management Instrumentation / winmgmt][Running/Auto Start]
    <%systemroot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\system32\wbem\WMIsvc.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:38 M:2005-11-25 08:00]
[Portable Media Serial Number Service / WmdmPmSN][Stopped/Manual Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "C:\WINDOWS\system32\mspmsnsv.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 10.0.3790.3700, C:2005-11-25 08:00 M:2005-11-25 08:00]
[Windows Management Instrumentation Driver Extensions / Wmi][Stopped/Manual Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\advapi32.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[WMI Performance Adapter / WmiApSrv][Stopped/Manual Start]
    <C:\WINDOWS\system32\wbem\wmiapsrv.exe>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:38 M:2005-11-25 08:00]
[Automatic Updates / wuauserv][Running/Auto Start]
    <%systemroot%\system32\svchost.exe -k netsvcs --> "C:\WINDOWS\system32\wuauserv.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.7.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:41 M:2005-11-25 08:00]
[Wireless Configuration / WZCSVC][Running/Auto Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\wzcsvc.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-04-04 21:41 M:2005-11-25 08:00]
[Network Provisioning Service / xmlprov][Stopped/Manual Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\xmlprov.dll">  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00|Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[Contrl Center of Storm Media / ccosm][Running/Auto Start]
    <d:\Program Files\StormII\stormliv.exe /asservice>  [(Verified)北京暴风网际科技有限公司, 3, 8, 3, 15, C:2008-03-11 14:33 M:2008-03-11 14:33]
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
    <"d:\Rising\Rav\CCenter.exe">  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.33, C:2007-01-08 13:04 M:2008-07-28 16:42]
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
    <"D:\RISING\RAV\Ravmond.exe">  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.80, C:2007-10-19 11:33 M:2008-07-28 16:40]


========================================
Drivers

[029aedc3 / 029aedc3][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\Drivers\029aedc3.sys>  []
[0459b197 / 0459b197][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\Drivers\0459b197.sys>  []
[Microsoft ACPI Driver / ACPI][Running/Boot Start]
    <system32\DRIVERS\ACPI.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Microsoft Kernel Acoustic Echo Canceller / aec][Stopped/Manual Start]
    <system32\drivers\aec.sys>  [Microsoft Corporation, 5.2.3790.1247, C:2007-01-08 11:35 M:2005-04-04 13:35]
[AFD / AFD][Running/System Start]
    <\SystemRoot\System32\drivers\afd.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[RAS Asynchronous Media Driver / AsyncMac][Stopped/Manual Start]
    <system32\DRIVERS\asyncmac.sys>  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
[标准 IDE/ESDI 硬盘控制器 / atapi][Running/Boot Start]
    <system32\DRIVERS\atapi.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-04-04 13:35]
[ATM ARP Client Protocol / Atmarpc][Stopped/Manual Start]
    <system32\DRIVERS\atmarpc.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[音频存根驱动程序 / audstub][Running/Manual Start]
    <system32\DRIVERS\audstub.sys>  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2007-01-08 11:35 M:2003-03-24 23:09]
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
    <System32\DRIVERS\BaseTDI.SYS>  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 5, C:2007-01-08 13:04 M:2007-04-12 14:37]
[CD-ROM Driver / Cdrom][Running/System Start]
    <system32\DRIVERS\cdrom.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[群集磁盘驱动程序 / ClusDisk][Stopped/Disabled]
    <system32\DRIVERS\ClusDisk.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:39 M:2005-11-25 08:00]
[CMB8100 / CMB8100][Running/Auto Start]
    <\??\C:\WINDOWS\system32\Drivers\CertClient.dat>  [N/A, C:2007-05-11 16:02 M:2006-11-30 16:31]
[CMBProtector / CMBProtector][Running/Auto Start]
    <\??\C:\WINDOWS\system32\Drivers\CMBProtector.dat>  [N/A, C:2007-05-11 16:02 M:2007-01-18 14:28]
[compbatcDrv / compbatcDrv][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\compbatc.sys>  []
[CRC 磁盘筛选驱动程序 / crcdisk][Running/Boot Start]
    <system32\DRIVERS\crcdisk.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:35 M:2005-04-04 13:35]
[d344bus / d344bus][Running/Boot Start]
    <system32\DRIVERS\d344bus.sys>  [ , 3.44.0.0 built by: WinDDK, C:2007-05-21 11:30 M:2003-12-27 20:42]
[d344prt / d344prt][Running/Boot Start]
    <System32\Drivers\d344prt.sys>  [ , 3.44.0.0 built by: WinDDK, C:2007-05-21 11:30 M:2003-12-27 02:38]
[DfsDriver / DfsDriver][Running/Boot Start]
    <system32\drivers\Dfs.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[磁盘驱动程序 / Disk][Running/Boot Start]
    <system32\DRIVERS\disk.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-04-04 13:35]
[dmboot / dmboot][Stopped/Disabled]
    <System32\drivers\dmboot.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Logical Disk Manager Driver / dmio][Running/Boot Start]
    <System32\drivers\dmio.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[dmload / dmload][Running/Boot Start]
    <System32\drivers\dmload.sys>  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Microsoft Kernel DLS Syntheiszer / DMusic][Stopped/Manual Start]
    <system32\drivers\DMusic.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:35 M:2005-04-04 13:35]
[Microsoft Kernel DRM Audio Descrambler / drmkaud][Stopped/Manual Start]
    <system32\drivers\drmkaud.sys>  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2007-01-08 11:35 M:2003-03-24 23:09]
[EagleNT / EagleNT][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\drivers\EagleNT.sys>  []
[3Com EtherLink XL 90XB/C Adapter Driver / EL90XBC][Stopped/Manual Start]
    <system32\DRIVERS\el90xbc5.sys>  [3Com Corporation, 4.25.00.0000, C:2007-01-08 11:34 M:2003-03-24 21:15]
[Floppy Disk Controller Driver / Fdc][Running/Manual Start]
    <system32\DRIVERS\fdc.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[软盘驱动程序 / Flpydisk][Running/Manual Start]
    <system32\DRIVERS\flpydisk.sys>  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
[FltMgr / FltMgr][Running/Boot Start]
    <system32\DRIVERS\fltMgr.sys>  [Microsoft Corporation, 5.2.3790.2774 (srv03_sp1_gdr.060821-0035), C:2007-01-08 11:41 M:2006-08-21 17:59]
[FsVga / FsVga][Running/System Start]
    <system32\DRIVERS\fsvga.sys>  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2003-03-26 03:31 M:2005-11-25 08:00]
[FTCProtect / FTCProtect][Stopped/Manual Start]
    <System32\Drivers\FTCProtect.sys>  []
[Volume Manager Driver / Ftdisk][Running/Boot Start]
    <system32\DRIVERS\ftdisk.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Game Port Enumerator / gameenum][Stopped/Manual Start]
    <system32\DRIVERS\gameenum.sys>  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2007-01-08 11:34 M:2003-03-24 23:10]
[GemCCID / GemCCID][Stopped/Manual Start]
    <System32\Drivers\GemCCID.sys>  [Gemalto, 4, 0, 3, 7, C:2008-04-04 09:02 M:2008-04-04 09:02]
[Generic Packet Classifier / Gpc][Running/Manual Start]
    <system32\DRIVERS\msgpc.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Microsoft 用于 High Definition Audio 服务的 UAA 功能驱动程序 / HdAudAddService][Running/Manual Start]
    <system32\drivers\HdAudio.sys>  [Windows (R) Server 2003 DDK provider, 5.10.01.5012 built by: WinDDK, C:2007-01-08 14:36 M:2005-04-04 13:35]
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
    <system32\DRIVERS\HDAudBus.sys>  [Windows (R) Server 2003 DDK provider, 5.10.01.5013 built by: WinDDK, C:2007-01-08 11:34 M:2005-07-08 17:56]
[Microsoft HID Class Driver / HidUsb][Stopped/Manual Start]
    <system32\DRIVERS\hidusb.sys>  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2007-05-10 16:39 M:2003-03-24 23:10]
[HOOKAPI / HOOKAPI][Stopped/Manual Start]
    <\??\D:\RISING\RAV\HOOKAPI.SYS>  []
[HTTP / HTTP][Stopped/Manual Start]
    <System32\Drivers\HTTP.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[i8042 Keyboard and PS/2 Mouse Port Driver / i8042prt][Running/System Start]
    <system32\DRIVERS\i8042prt.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[CD-Burning Filter Driver / imapi][Running/System Start]
    <system32\DRIVERS\imapi.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-04-04 21:35 M:2005-11-25 08:00]
[Intel Processor Driver / intelppm][Running/Manual Start]
    <system32\DRIVERS\intelppm.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[IPv6 Windows Firewall Driver / Ip6Fw][Stopped/Manual Start]
    <system32\DRIVERS\Ip6Fw.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[IP Traffic Filter Driver / IpFilterDriver][Stopped/Manual Start]
    <system32\DRIVERS\ipfltdrv.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start]
    <system32\DRIVERS\ipinip.sys>  []
[IP Network Address Translator / IpNat][Running/Manual Start]
    <system32\DRIVERS\ipnat.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[IPSEC driver / IPSec][Running/System Start]
    <system32\DRIVERS\ipsec.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[PnP ISA/EISA Bus Driver / isapnp][Running/Boot Start]
    <system32\DRIVERS\isapnp.sys>  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2003-03-25 19:28]
[Keyboard Class Driver / Kbdclass][Running/System Start]
    <system32\DRIVERS\kbdclass.sys>  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Microsoft Kernel Wave Audio Mixer / kmixer][Stopped/Manual Start]
    <system32\drivers\kmixer.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:35 M:2005-04-04 13:35]
[Mouse Class Driver / Mouclass][Running/System Start]
    <system32\DRIVERS\mouclass.sys>  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2003-03-26 03:28 M:2005-11-25 08:00]
[Mouse HID Driver / mouhid][Stopped/Manual Start]
    <system32\DRIVERS\mouhid.sys>  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2007-05-10 16:39 M:2003-03-25 19:28]
[WebDav Client Redirector / MRxDAV][Stopped/Manual Start]
    <system32\DRIVERS\mrxdav.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[MRXSMB / MRxSmb][Running/System Start]
    <system32\DRIVERS\mrxsmb.sys>  [Microsoft Corporation, 5.2.3790.2697 (srv03_sp1_gdr.060505-1533), C:2005-11-25 08:00 M:2006-05-09 01:22]
[Microsoft Streaming Service Proxy / MSKSSRV][Stopped/Manual Start]
    <system32\drivers\MSKSSRV.sys>  [Microsoft Corporation, 5.3.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:35 M:2005-04-04 13:35]
[Microsoft Streaming Clock Proxy / MSPCLOCK][Stopped/Manual Start]
    <system32\drivers\MSPCLOCK.sys>  [Microsoft Corporation, 5.3.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:35 M:2005-04-04 13:36]
[Microsoft Streaming Quality Manager Proxy / MSPQM][Stopped/Manual Start]
    <system32\drivers\MSPQM.sys>  [Microsoft Corporation, 5.3.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:35 M:2005-04-04 13:36]
[Microsoft System Management BIOS Driver / mssmbios][Running/Manual Start]
    <system32\DRIVERS\mssmbios.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-04-04 21:36 M:2005-11-25 08:00]
[Microsoft MPU-401 MIDI UART Driver / ms_mpu401][Stopped/Manual Start]
    <system32\drivers\msmpu401.sys>  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2007-01-08 11:34 M:2003-03-24 23:09]
[ATK0110 ACPI UTILITY / MTsensor][Running/Manual Start]
    <system32\DRIVERS\ASACPI.sys>  [1043, 2, 15, 37, C:2007-01-08 12:04 M:2004-08-15 02:56]
[Remote Access NDIS TAPI Driver / NdisTapi][Running/Manual Start]
    <system32\DRIVERS\ndistapi.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[NDIS 用户模式 I/O 协议 / Ndisuio][Running/Manual Start]
    <system32\DRIVERS\ndisuio.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Remote Access NDIS WAN Driver / NdisWan][Running/Manual Start]
    <system32\DRIVERS\ndiswan.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[NetBIOS Interface / NetBIOS][Running/System Start]
    <system32\DRIVERS\netbios.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[NetBios over Tcpip / NetBT][Running/System Start]
    <system32\DRIVERS\netbt.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[npkcrypt / npkcrypt][Stopped/Auto Start]
    <\??\H:\Tencent\QQ\npkcrypt.sys>  []
[nv / nv][Running/Manual Start]
    <system32\DRIVERS\nv4_mini.sys>  [NVIDIA Corporation, 6.14.10.7777, C:2005-07-20 21:07 M:2005-07-20 21:07]
[NWLink IPX/SPX/NetBIOS Compatible Transport Protocol / NwlnkIpx][Running/Auto Start]
    <system32\DRIVERS\nwlnkipx.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[NWLink NetBIOS / NwlnkNb][Running/Auto Start]
    <system32\DRIVERS\nwlnknb.sys>  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
[NWLink SPX/SPXII Protocol / NwlnkSpx][Running/Auto Start]
    <system32\DRIVERS\nwlnkspx.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Parallel port driver / Parport][Running/Manual Start]
    <system32\DRIVERS\parport.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-04-04 21:40 M:2005-11-25 08:00]
[Parvdm / Parvdm][Running/Auto Start]
    <system32\DRIVERS\parvdm.sys>  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
[PCI Bus Driver / PCI][Running/Boot Start]
    <system32\DRIVERS\pci.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-04-04 13:40]
[PCIIde / PCIIde][Running/Boot Start]
    <system32\DRIVERS\pciide.sys>  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2003-03-25 19:30]
[WAN Miniport (PPTP) / PptpMiniport][Running/Manual Start]
    <system32\DRIVERS\raspptp.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
    <system32\DRIVERS\ptilink.sys>  [Parallel Technologies, Inc., 1.10 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Remote Access Auto Connection Driver / RasAcd][Running/System Start]
    <system32\DRIVERS\rasacd.sys>  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
[WAN Miniport (L2TP) / Rasl2tp][Running/Manual Start]
    <system32\DRIVERS\rasl2tp.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[远程访问 PPPOE 驱动程序 / RasPppoe][Running/Manual Start]
    <system32\DRIVERS\raspppoe.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Direct Parallel / Raspti][Running/Manual Start]
    <system32\DRIVERS\raspti.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Rdbss / Rdbss][Running/System Start]
    <system32\DRIVERS\rdbss.sys>  [Microsoft Corporation, 5.2.3790.2697 (srv03_sp1_gdr.060505-1533), C:2005-11-25 08:00 M:2006-05-09 01:22]
[RDPCDD / RDPCDD][Running/System Start]
    <System32\DRIVERS\RDPCDD.sys>  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Terminal Server Device Redirector Driver / rdpdr][Running/Manual Start]
    <system32\DRIVERS\rdpdr.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:38 M:2005-04-04 13:36]
[Digital CD Audio Playback Filter Driver / redbook][Running/System Start]
    <system32\DRIVERS\redbook.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:35 M:2005-04-04 13:40]
[Feitian ROCKEY4 Device Service / ROCKEYNT][Running/Manual Start]
    <system32\DRIVERS\Rockey4.sys>  [Feitian Technologies Co., Ltd., 5.0.4.0211, C:2007-01-08 12:26 M:2007-01-08 12:26]
[Feitian ROCKEY4 USB Service / Rockey_USB][Running/Manual Start]
    <system32\DRIVERS\Rockey4USB.sys>  [Feitian Technologies Co., Ltd., 5.0.4.0211, C:2007-01-08 12:26 M:2007-01-08 12:26]
[rspp / rspp][Running/System Start]
    <\??\C:\WINDOWS\system32\Drivers\Rspp.sys>  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 8, C:2008-12-07 15:25 M:2008-12-07 15:26]
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
    <system32\DRIVERS\RTL8139.SYS>  [Realtek Semiconductor Corporation, 5.398.613.2003 built by: WinDDK, C:2007-01-08 11:34 M:2005-04-04 13:36]
[Secdrv / Secdrv][Stopped/Manual Start]
    <system32\DRIVERS\secdrv.sys>  [Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.00.060, C:2005-11-25 08:00 M:2005-11-25 08:00]
[Serenum Filter Driver / serenum][Running/Manual Start]
    <system32\DRIVERS\serenum.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Serial port driver / Serial][Running/System Start]
    <system32\DRIVERS\serial.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Microsoft Kernel Audio Splitter / splitter][Stopped/Manual Start]
    <system32\drivers\splitter.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:35 M:2005-04-04 13:36]
[Srv / Srv][Running/Manual Start]
    <system32\DRIVERS\srv.sys>  [Microsoft Corporation, 5.2.3790.2783 (srv03_sp1_gdr.060901-0013), C:2005-11-25 08:00 M:2006-09-01 22:32]
[Software Bus Driver / swenum][Running/Manual Start]
    <system32\DRIVERS\swenum.sys>  [Microsoft Corporation, 5.3.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-04-04 21:36 M:2005-11-25 08:00]
[Microsoft Kernel GS Wavetable Synthesizer / swmidi][Stopped/Manual Start]
    <system32\drivers\swmidi.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:35 M:2005-04-04 13:36]
[Microsoft Kernel System Audio Device / sysaudio][Running/Manual Start]
    <system32\drivers\sysaudio.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:35 M:2005-04-04 13:36]
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
    <system32\DRIVERS\tcpip.sys>  [Microsoft Corporation, 5.2.3790.2709 (srv03_sp1_gdr.060523-1514), C:2005-11-25 08:00 M:2006-05-24 09:05]
[终端设备驱动程序 / TermDD][Running/System Start]
    <system32\DRIVERS\termdd.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:38 M:2005-04-04 13:36]
[Microcode Update Driver / Update][Running/Manual Start]
    <system32\DRIVERS\update.sys>  [Microsoft Corporation, 5.2.3790.2944 (srv03_sp1_gdr.070527-2337), C:2005-11-25 08:00 M:2007-05-28 19:32]
[LGE CDMA Composite USB Device / usbbus][Stopped/Manual Start]
    <system32\DRIVERS\lgusbbus.sys>  []
[Microsoft USB Generic Parent Driver / usbccgp][Stopped/Manual Start]
    <system32\DRIVERS\usbccgp.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-06-01 09:02 M:2005-04-04 13:36]
[LGE CDMA USB Serial Port / UsbDiag][Stopped/Manual Start]
    <system32\DRIVERS\lgusbdiag.sys>  []
[Microsoft USB 2.0 Enhanced Host Controller Miniport Driver / usbehci][Running/Manual Start]
    <system32\DRIVERS\usbehci.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-04-04 13:36]
[USB2 Enabled Hub / usbhub][Running/Manual Start]
    <system32\DRIVERS\usbhub.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-04-04 13:36]
[LGE CDMA USB Modem / USBModem][Stopped/Manual Start]
    <system32\DRIVERS\lgusbmodem.sys>  []
[USB 大容量存储驱动程序 / USBSTOR][Running/Manual Start]
    <system32\DRIVERS\USBSTOR.SYS>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-09 12:18 M:2005-04-04 13:36]
[Microsoft USB Universal Host Controller Miniport Driver / usbuhci][Running/Manual Start]
    <system32\DRIVERS\usbuhci.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-04-04 13:36]
[vga / vga][Stopped/Manual Start]
    <system32\DRIVERS\vgapnp.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:34 M:2005-04-04 13:36]
[VGA 显示控制器。 / VgaSave][Running/System Start]
    <\SystemRoot\System32\drivers\vga.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[存储卷 / VolSnap][Running/Boot Start]
    <system32\DRIVERS\volsnap.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-04-04 13:40]
[Remote Access IP ARP Driver / Wanarp][Running/Manual Start]
    <system32\DRIVERS\wanarp.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[Microsoft WINMM WDM Audio Compatibility Driver / wdmaud][Running/Manual Start]
    <system32\drivers\wdmaud.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:35 M:2005-04-04 13:36]
[WinLogin / WinLogin][Stopped/Auto Start]
    <\??\C:\winlogin.sys>  []
[网络负载平衡 / WLBS][Stopped/Manual Start]
    <system32\DRIVERS\wlbs.sys>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[XScanPF / XScanPF][Stopped/Manual Start]
    <\??\C:\WINDOWS\hack\批量135入侵工具包\dat\xpf.sys>  []
[yzkezkwj / yzkezkwj][Stopped/Auto Start]
    <\??\C:\WINDOWS\system32\drivers\hqlgsx.sys>  []

[HookCont / HookCont][Running/System Start]
    <\SystemRoot\system32\drivers\HookCont.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 7, C:2007-10-19 11:33 M:2008-07-28 16:42]
[HookNtos / HookNtos][Running/System Start]
    <\SystemRoot\system32\drivers\HookNtos.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 52, C:2007-10-19 11:33 M:2008-10-23 16:36]
[HookReg / HookReg][Running/System Start]
    <\SystemRoot\system32\drivers\HookReg.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 29, C:2007-10-19 11:33 M:2008-11-04 18:52]
[HookSys / HookSys][Running/System Start]
    <\SystemRoot\system32\drivers\HookSys.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 55, C:2007-10-19 11:33 M:2008-08-27 15:23]
[KAVSafe / KAVSafe][Stopped/Auto Start]
    <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys>  [(Verified)Kingsoft Corporation, 2008,03,04,62, C:2008-12-07 14:29 M:2008-12-07 14:29]
[RsNTGDI / RsNTGDI][Running/Boot Start]
    <system32\Drivers\RsNTGdi.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 3, C:2007-10-19 11:33 M:2008-07-28 16:45]
[TesSafe / TesSafe][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\TesSafe.sys>  [(Verified)TENCENT, 0, 0, 8, 8, C:2008-06-20 10:38 M:2008-09-30 11:29]


========================================
Running Processes

[PID: 360 / SYSTEM]   \SystemRoot\System32\smss.exe   [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ntdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[PID: 424 / SYSTEM]   \??\C:\WINDOWS\system32\csrss.exe   [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ntdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\CSRSRV.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\basesrv.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\winsrv.dll  [Microsoft Corporation, 5.2.3790.2902 (srv03_sp1_gdr.070319-0010), C:2007-03-21 12:33 M:2007-03-21 12:33]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\KERNEL32.dll  [Microsoft Corporation, 5.2.3790.2919 (srv03_sp1_gdr.070417-2346), C:2007-04-19 00:34 M:2007-04-19 00:34]
    C:\WINDOWS\system32\GDI32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\ADVAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\LPK.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USP10.dll  [Microsoft Corporation, 1.0422.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msvcrt.dll  [Microsoft Corporation, 7.0.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\sxs.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[PID: 448 / SYSTEM]   \??\C:\WINDOWS\system32\winlogon.exe   [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ntdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\kernel32.dll  [Microsoft Corporation, 5.2.3790.2919 (srv03_sp1_gdr.070417-2346), C:2007-04-19 00:34 M:2007-04-19 00:34]
    C:\WINDOWS\system32\ADVAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\CRYPT32.dll  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MSASN1.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msvcrt.dll  [Microsoft Corporation, 7.0.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\GDI32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\NDdeApi.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\PROFMAP.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\NETAPI32.dll  [Microsoft Corporation, 5.2.3790.2769 (srv03_sp1_gdr.060810-0002), C:2006-08-11 17:58 M:2006-08-11 17:58]
    C:\WINDOWS\system32\USERENV.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\PSAPI.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\REGAPI.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\Secur32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SETUPAPI.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\VERSION.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WINSTA.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WS2_32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WS2HELP.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\IMM32.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\LPK.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USP10.dll  [Microsoft Corporation, 1.0422.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MSGINA.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SHSVCS.dll  [Microsoft Corporation, 6.00.3790.2857 (srv03_sp1_gdr.070104-2330), C:2007-01-05 03:34 M:2007-01-05 03:34]
    C:\WINDOWS\system32\SHLWAPI.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\sfc.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\sfc_os.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WINTRUST.dll  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\imagehlp.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.2.3790.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\apphelp.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msctfime.ime  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.2778_x-ww_A8F04F11\Comctl32.dll  [Microsoft Corporation, 6.0 (srv03_sp1_qfe.060825-0235), C:2007-04-13 10:10 M:2006-08-28 16:25]
    C:\WINDOWS\system32\WINSCARD.DLL  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WTSAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\sxs.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WINMM.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\shell32.dll  [Microsoft Corporation, 6.00.3790.2867 (srv03_sp1_gdr.070122-2245), C:2007-01-23 23:03 M:2007-01-23 23:03]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\wldap32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\cscdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\dimsntfy.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WlNotify.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MPR.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\OLEAUT32.dll  [Microsoft Corporation, 5.2.3790.1830, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WINSPOOL.DRV  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_5.82.3790.2778_x-ww_497C098C\COMCTL32.dll  [Microsoft Corporation, 5.82 (srv03_sp1_qfe.060825-0235), C:2007-04-13 10:10 M:2006-08-28 16:25]
    C:\WINDOWS\system32\SAMLIB.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\CLBCatQ.DLL  [Microsoft Corporation, 2001.12.4720.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\COMRes.dll  [Microsoft Corporation, 2001.12.4720.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\xpsp2res.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\cscui.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\NTMARTA.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\wdmaud.drv  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-04-04 21:36 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msacm32.drv  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MSACM32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\midimap.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\wbem\wbemprox.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:38 M:2005-11-25 08:00]
    C:\WINDOWS\system32\wbem\wbemcomn.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\wbem\wbemsvc.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2007-01-08 11:39 M:2005-11-25 08:00]
    C:\WINDOWS\system32\wbem\fastprox.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:38 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msvcp60.dll  [Microsoft Corporation, 6.05.2144.0, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\NTDSAPI.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\DNSAPI.dll  [Microsoft Corporation, 5.2.3790.2745 (srv03_sp1_gdr.060712-0023), C:2005-11-25 08:00 M:2006-07-13 02:59]

[PID: 492 / SYSTEM]   C:\WINDOWS\system32\services.exe   [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ntdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\kernel32.dll  [Microsoft Corporation, 5.2.3790.2919 (srv03_sp1_gdr.070417-2346), C:2007-04-19 00:34 M:2007-04-19 00:34]
    C:\WINDOWS\system32\ADVAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msvcrt.dll  [Microsoft Corporation, 7.0.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\NCObjAPI.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msvcp60.dll  [Microsoft Corporation, 6.05.2144.0, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SCESRV.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\AUTHZ.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\NETAPI32.dll  [Microsoft Corporation, 5.2.3790.2769 (srv03_sp1_gdr.060810-0002), C:2006-08-11 17:58 M:2006-08-11 17:58]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\GDI32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\USERENV.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\umpnpmgr.dll  [Microsoft Corporation, 5.2.3790.2477 (srv03_sp1_gdr.050629-1534), C:2007-01-08 11:51 M:2005-06-30 10:52]
    C:\WINDOWS\system32\WINSTA.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\IMM32.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\LPK.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USP10.dll  [Microsoft Corporation, 1.0422.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\secur32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\eventlog.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\PSAPI.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WS2_32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WS2HELP.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\wtsapi32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[PID: 504 / SYSTEM]   C:\WINDOWS\system32\lsass.exe   [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ntdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\kernel32.dll  [Microsoft Corporation, 5.2.3790.2919 (srv03_sp1_gdr.070417-2346), C:2007-04-19 00:34 M:2007-04-19 00:34]
    C:\WINDOWS\system32\ADVAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\LSASRV.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MPR.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\GDI32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\MSASN1.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msvcrt.dll  [Microsoft Corporation, 7.0.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\NETAPI32.dll  [Microsoft Corporation, 5.2.3790.2769 (srv03_sp1_gdr.060810-0002), C:2006-08-11 17:58 M:2006-08-11 17:58]
    C:\WINDOWS\system32\NTDSAPI.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\DNSAPI.dll  [Microsoft Corporation, 5.2.3790.2745 (srv03_sp1_gdr.060712-0023), C:2005-11-25 08:00 M:2006-07-13 02:59]
    C:\WINDOWS\system32\WS2_32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WS2HELP.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\Secur32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WLDAP32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SAMLIB.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SAMSRV.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\cryptdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\IMM32.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\LPK.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USP10.dll  [Microsoft Corporation, 1.0422.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msprivs.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\kerberos.dll  [Microsoft Corporation, 5.2.3790.2464 (srv03_sp1_gdr.050613-1636), C:2007-01-08 11:50 M:2005-06-15 03:11]
    C:\WINDOWS\system32\msv1_0.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\iphlpapi.dll  [Microsoft Corporation, 5.2.3790.2706 (srv03_sp1_gdr.060518-1516), C:2006-05-19 11:18 M:2006-05-19 11:18]
    C:\WINDOWS\system32\PSAPI.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\netlogon.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\AUTHZ.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\w32time.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msvcp60.dll  [Microsoft Corporation, 6.05.2144.0, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USERENV.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\schannel.dll  [Microsoft Corporation, 5.2.3790.2924 (srv03_sp1_gdr.070425-0118), C:2007-04-26 04:26 M:2007-04-26 04:26]
    C:\WINDOWS\system32\CRYPT32.dll  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\wdigest.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\setupapi.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RASSFM.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\KDCSVC.dll  [Microsoft Corporation, 5.2.3790.2464 (srv03_sp1_gdr.050613-1636), C:2007-01-08 11:50 M:2005-06-15 03:11]
    C:\WINDOWS\system32\NTDSA.dll  [Microsoft Corporation, 5.2.3790.2926 (srv03_sp1_gdr.070426-2339), C:2007-04-30 14:19 M:2007-04-30 14:19]
    C:\WINDOWS\system32\NTDSATQ.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MSWSOCK.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ESENT.dll  [Microsoft Corporation, 5.2.3790.2555 (srv03_sp1_gdr.051024-1524), C:2007-04-13 10:23 M:2005-10-25 09:59]
    C:\WINDOWS\system32\scecli.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WS03RES.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\hnetcfg.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\wshtcpip.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ipsecsvc.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\oakley.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WINIPSEC.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SHLWAPI.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\pstorsvc.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\psbase.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\wlbsctrl.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.2.3790.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\xpsp2res.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SFMAPI.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]

[PID: 664 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ntdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\kernel32.dll  [Microsoft Corporation, 5.2.3790.2919 (srv03_sp1_gdr.070417-2346), C:2007-04-19 00:34 M:2007-04-19 00:34]
    C:\WINDOWS\system32\ADVAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\rpcss.dll  [Microsoft Corporation, 5.2.3790.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\msvcrt.dll  [Microsoft Corporation, 7.0.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\Secur32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\GDI32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    c:\windows\system32\WS2_32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\WS2HELP.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\IMM32.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\LPK.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USP10.dll  [Microsoft Corporation, 1.0422.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\xpsp2res.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\PSAPI.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\CLBCatQ.DLL  [Microsoft Corporation, 2001.12.4720.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\COMRes.dll  [Microsoft Corporation, 2001.12.4720.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\OLEAUT32.dll  [Microsoft Corporation, 5.2.3790.1830, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.2.3790.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\VERSION.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[PID: 744 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ntdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\kernel32.dll  [Microsoft Corporation, 5.2.3790.2919 (srv03_sp1_gdr.070417-2346), C:2007-04-19 00:34 M:2007-04-19 00:34]
    C:\WINDOWS\system32\ADVAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\rpcss.dll  [Microsoft Corporation, 5.2.3790.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\msvcrt.dll  [Microsoft Corporation, 7.0.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\Secur32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\GDI32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    c:\windows\system32\WS2_32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\WS2HELP.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\IMM32.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\LPK.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USP10.dll  [Microsoft Corporation, 1.0422.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\xpsp2res.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\PSAPI.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\mswsock.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\hnetcfg.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\wshisn.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WSOCK32.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\wshtcpip.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\CLBCatQ.DLL  [Microsoft Corporation, 2001.12.4720.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\COMRes.dll  [Microsoft Corporation, 2001.12.4720.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\OLEAUT32.dll  [Microsoft Corporation, 5.2.3790.1830, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.2.3790.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\VERSION.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[PID: 784 / SYSTEM]   d:\Rising\Rav\CCenter.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.33, C:2007-01-08 13:04 M:2008-07-28 16:42]
    C:\WINDOWS\system32\ntdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\kernel32.dll  [Microsoft Corporation, 5.2.3790.2919 (srv03_sp1_gdr.070417-2346), C:2007-04-19 00:34 M:2007-04-19 00:34]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ADVAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\GDI32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\IMM32.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\LPK.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USP10.dll  [Microsoft Corporation, 1.0422.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msvcrt.dll  [Microsoft Corporation, 7.0.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[PID: 800 / SYSTEM]   C:\WINDOWS\System32\svchost.exe   [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ntdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\kernel32.dll  [Microsoft Corporation, 5.2.3790.2919 (srv03_sp1_gdr.070417-2346), C:2007-04-19 00:34 M:2007-04-19 00:34]
    C:\WINDOWS\system32\ADVAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\NTMARTA.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msvcrt.dll  [Microsoft Corporation, 7.0.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.2.3790.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\GDI32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\System32\SAMLIB.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WLDAP32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\IMM32.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\LPK.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\USP10.dll  [Microsoft Corporation, 1.0422.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\xpsp2res.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\shsvcs.dll  [Microsoft Corporation, 6.00.3790.2857 (srv03_sp1_gdr.070104-2330), C:2007-01-05 03:34 M:2007-01-05 03:34]
    C:\WINDOWS\system32\SHLWAPI.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\shell32.dll  [Microsoft Corporation, 6.00.3790.2867 (srv03_sp1_gdr.070122-2245), C:2007-01-23 23:03 M:2007-01-23 23:03]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.2778_x-ww_A8F04F11\comctl32.dll  [Microsoft Corporation, 6.0 (srv03_sp1_qfe.060825-0235), C:2007-04-13 10:10 M:2006-08-28 16:25]
    C:\WINDOWS\System32\WINSTA.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\NETAPI32.dll  [Microsoft Corporation, 5.2.3790.2769 (srv03_sp1_gdr.060810-0002), C:2006-08-11 17:58 M:2006-08-11 17:58]
    C:\WINDOWS\System32\UxTheme.dll  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\wzcsvc.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-04-04 21:41 M:2005-11-25 08:00]
    c:\windows\system32\rtutils.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\WMI.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\DHCPCSVC.DLL  [Microsoft Corporation, 5.2.3790.2706 (srv03_sp1_gdr.060518-1516), C:2005-11-25 08:00 M:2006-05-19 11:18]
    c:\windows\system32\DNSAPI.dll  [Microsoft Corporation, 5.2.3790.2745 (srv03_sp1_gdr.060712-0023), C:2005-11-25 08:00 M:2006-07-13 02:59]
    c:\windows\system32\WS2_32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\WS2HELP.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\iphlpapi.dll  [Microsoft Corporation, 5.2.3790.2706 (srv03_sp1_gdr.060518-1516), C:2006-05-19 11:18 M:2006-05-19 11:18]
    c:\windows\system32\PSAPI.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\Secur32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\OLEAUT32.dll  [Microsoft Corporation, 5.2.3790.1830, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\CRYPT32.dll  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MSASN1.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\WTSAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\ESENT.dll  [Microsoft Corporation, 5.2.3790.2555 (srv03_sp1_gdr.051024-1524), C:2007-04-13 10:23 M:2005-10-25 09:59]
    c:\windows\system32\ATL.DLL  [Microsoft Corporation, 3.05.2283, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\CLBCatQ.DLL  [Microsoft Corporation, 2001.12.4720.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\System32\COMRes.dll  [Microsoft Corporation, 2001.12.4720.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\VERSION.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\rastls.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\CRYPTUI.dll  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WINTRUST.dll  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\imagehlp.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\MPRAPI.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\ACTIVEDS.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\adsldpc.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\credui.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\SETUPAPI.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\RASAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\rasman.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\TAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\WINMM.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\WinSCard.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_5.82.3790.2778_x-ww_497C098C\COMCTL32.dll  [Microsoft Corporation, 5.82 (srv03_sp1_qfe.060825-0235), C:2007-04-13 10:10 M:2006-08-28 16:25]
    C:\WINDOWS\System32\raschap.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\schedsvc.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:41 M:2005-11-25 08:00]
    c:\windows\system32\NTDSAPI.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\AUTHZ.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\USERENV.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\wiarpc.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\MSIDLE.DLL  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\audiosrv.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\wkssvc.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\aelupsvc.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\apphelp.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\cryptsvc.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\certcli.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\sfc.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\sfc_os.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\VSSAPI.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MPR.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\es.dll  [Microsoft Corporation, 2001.12.4720.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    c:\windows\system32\dmserver.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\pchealth\helpctr\binaries\pchsvc.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:41 M:2005-11-25 08:00]
    c:\windows\system32\srvsvc.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\netman.dll  [Microsoft Corporation, 5.2.3790.2516 (srv03_sp1_gdr.050824-1616), C:2007-01-08 11:51 M:2005-08-26 08:18]
    c:\windows\system32\netshell.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\CLUSAPI.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WININET.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    c:\windows\system32\WZCSAPI.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-04-04 21:36 M:2005-11-25 08:00]
    C:\WINDOWS\System32\HNETCFG.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\mswsock.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\wshtcpip.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\SXS.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\comsvcs.dll  [Microsoft Corporation, 2001.12.4720.2517 (srv03_sp1_gdr.050825-1634), C:2007-01-08 11:51 M:2005-08-27 06:19]
    C:\WINDOWS\System32\winspool.drv  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\seclogon.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\sens.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\wbem\wmisvc.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:38 M:2005-11-25 08:00]
    c:\windows\system32\browser.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\wuauserv.dll  [Microsoft Corporation, 5.7.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:41 M:2005-11-25 08:00]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.WinHTTP_6595b64144ccf1df_5.1.3790.1830_x-ww_74150EFB\WINHTTP.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 19:30 M:2005-04-04 21:44]
    C:\WINDOWS\System32\Cabinet.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\trkwks.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\ipnathlp.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\Wbem\wbemcore.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:38 M:2005-11-25 08:00]
    C:\WINDOWS\System32\Wbem\esscli.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:38 M:2005-11-25 08:00]
    C:\WINDOWS\System32\msvcp60.dll  [Microsoft Corporation, 6.05.2144.0, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\Wbem\wbemcomn.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\Wbem\FastProx.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:38 M:2005-11-25 08:00]
    C:\WINDOWS\system32\wbem\wbemsvc.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2007-01-08 11:39 M:2005-11-25 08:00]
    C:\WINDOWS\System32\rasadhlp.dll  [Microsoft Corporation, 5.2.3790.2745 (srv03_sp1_gdr.060712-0023), C:2005-11-25 08:00 M:2006-07-13 02:59]
    C:\WINDOWS\system32\wbem\wmiutils.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:38 M:2005-11-25 08:00]
    C:\WINDOWS\system32\wbem\repdrvfs.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:38 M:2005-11-25 08:00]
    C:\WINDOWS\system32\wbem\wmiprvsd.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:38 M:2005-11-25 08:00]
    C:\WINDOWS\system32\NCObjAPI.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\wbem\wbemess.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:38 M:2005-11-25 08:00]
    C:\WINDOWS\system32\netcfgx.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WINIPSEC.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\rasmans.dll  [Microsoft Corporation, 5.2.3790.2731 (srv03_sp1_gdr.060621-2351), C:2005-11-25 08:00 M:2006-06-22 19:35]
    C:\WINDOWS\System32\rastapi.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\rasppp.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\ntlsapi.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\kerberos.dll  [Microsoft Corporation, 5.2.3790.2464 (srv03_sp1_gdr.050613-1636), C:2007-01-08 11:50 M:2005-06-15 03:11]
    C:\WINDOWS\System32\cryptdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\ipbootp.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\NETRAP.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msv1_0.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\nap32.dll  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 1, C:2008-12-07 15:27 M:2008-12-07 15:27]
    C:\WINDOWS\system32\wbem\ncprov.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:38 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msi.dll  [Microsoft Corporation, 3.1.4000.4042, C:2007-07-26 11:34 M:2007-03-17 19:08]
    C:\WINDOWS\System32\xactsrv.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\winrnr.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\nwprovau.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\cryptnet.dll  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\SensApi.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\mspatcha.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\advpack.dll  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[PID: 900 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ntdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\kernel32.dll  [Microsoft Corporation, 5.2.3790.2919 (srv03_sp1_gdr.070417-2346), C:2007-04-19 00:34 M:2007-04-19 00:34]
    C:\WINDOWS\system32\ADVAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\dhcpcsvc.dll  [Microsoft Corporation, 5.2.3790.2706 (srv03_sp1_gdr.060518-1516), C:2005-11-25 08:00 M:2006-05-19 11:18]
    C:\WINDOWS\system32\msvcrt.dll  [Microsoft Corporation, 7.0.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\DNSAPI.dll  [Microsoft Corporation, 5.2.3790.2745 (srv03_sp1_gdr.060712-0023), C:2005-11-25 08:00 M:2006-07-13 02:59]
    c:\windows\system32\WS2_32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\WS2HELP.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\iphlpapi.dll  [Microsoft Corporation, 5.2.3790.2706 (srv03_sp1_gdr.060518-1516), C:2006-05-19 11:18 M:2006-05-19 11:18]
    c:\windows\system32\PSAPI.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\GDI32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    c:\windows\system32\Secur32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\IMM32.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\LPK.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USP10.dll  [Microsoft Corporation, 1.0422.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\dnsrslvr.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\netman.dll  [Microsoft Corporation, 5.2.3790.2516 (srv03_sp1_gdr.050824-1616), C:2007-01-08 11:51 M:2005-08-26 08:18]
    C:\WINDOWS\system32\MPRAPI.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ACTIVEDS.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\adsldpc.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\credui.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.3790.2867 (srv03_sp1_gdr.070122-2245), C:2007-01-23 23:03 M:2007-01-23 23:03]
    C:\WINDOWS\system32\SHLWAPI.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\NETAPI32.dll  [Microsoft Corporation, 5.2.3790.2769 (srv03_sp1_gdr.060810-0002), C:2006-08-11 17:58 M:2006-08-11 17:58]
    C:\WINDOWS\system32\WLDAP32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ATL.DLL  [Microsoft Corporation, 3.05.2283, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.2.3790.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\OLEAUT32.dll  [Microsoft Corporation, 5.2.3790.1830, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\rtutils.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SAMLIB.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SETUPAPI.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\netshell.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\CLUSAPI.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RASAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\CRYPT32.dll  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MSASN1.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\rasman.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\TAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WINMM.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WININET.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\WZCSAPI.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-04-04 21:36 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WZCSvc.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-04-04 21:41 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WMI.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WTSAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WINSTA.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ESENT.dll  [Microsoft Corporation, 5.2.3790.2555 (srv03_sp1_gdr.051024-1524), C:2007-04-13 10:23 M:2005-10-25 09:59]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.2778_x-ww_A8F04F11\comctl32.dll  [Microsoft Corporation, 6.0 (srv03_sp1_qfe.060825-0235), C:2007-04-13 10:10 M:2006-08-28 16:25]
    C:\WINDOWS\system32\mswsock.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\hnetcfg.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\wshtcpip.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\nap32.dll  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 1, C:2008-12-07 15:27 M:2008-12-07 15:27]

[PID: 932 / LOCAL SERVICE]   C:\WINDOWS\system32\svchost.exe   [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ntdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\kernel32.dll  [Microsoft Corporation, 5.2.3790.2919 (srv03_sp1_gdr.070417-2346), C:2007-04-19 00:34 M:2007-04-19 00:34]
    C:\WINDOWS\system32\ADVAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\NTMARTA.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msvcrt.dll  [Microsoft Corporation, 7.0.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.2.3790.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\GDI32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\SAMLIB.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WLDAP32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\IMM32.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\LPK.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USP10.dll  [Microsoft Corporation, 1.0422.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\xpsp2res.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\lmhsvc.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\iphlpapi.dll  [Microsoft Corporation, 5.2.3790.2706 (srv03_sp1_gdr.060518-1516), C:2006-05-19 11:18 M:2006-05-19 11:18]
    c:\windows\system32\PSAPI.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\WS2_32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\WS2HELP.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\w32time.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\msvcp60.dll  [Microsoft Corporation, 6.05.2144.0, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\NETAPI32.dll  [Microsoft Corporation, 5.2.3790.2769 (srv03_sp1_gdr.060810-0002), C:2006-08-11 17:58 M:2006-08-11 17:58]
    c:\windows\system32\Secur32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\USERENV.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\mswsock.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\hnetcfg.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\wshtcpip.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\nap32.dll  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 1, C:2008-12-07 15:27 M:2008-12-07 15:27]
    C:\WINDOWS\system32\DNSAPI.dll  [Microsoft Corporation, 5.2.3790.2745 (srv03_sp1_gdr.060712-0023), C:2005-11-25 08:00 M:2006-07-13 02:59]
    C:\WINDOWS\system32\rasadhlp.dll  [Microsoft Corporation, 5.2.3790.2745 (srv03_sp1_gdr.060712-0023), C:2005-11-25 08:00 M:2006-07-13 02:59]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.WinHTTP_6595b64144ccf1df_5.1.3790.1830_x-ww_74150EFB\winhttp.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 19:30 M:2005-04-04 21:44]
    C:\WINDOWS\system32\SHLWAPI.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\System32\winrnr.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\DHCPCSVC.DLL  [Microsoft Corporation, 5.2.3790.2706 (srv03_sp1_gdr.060518-1516), C:2005-11-25 08:00 M:2006-05-19 11:18]

[PID: 980 / SYSTEM]   D:\RISING\RAV\ravmond.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.80, C:2007-10-19 11:33 M:2008-07-28 16:40]
    C:\WINDOWS\system32\ntdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\kernel32.dll  [Microsoft Corporation, 5.2.3790.2919 (srv03_sp1_gdr.070417-2346), C:2007-04-19 00:34 M:2007-04-19 00:34]
    D:\RISING\RAV\BWList.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.5, C:2007-10-19 11:33 M:2008-07-28 16:43]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2007-04-22 19:33 M:2003-03-19 13:20]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2007-04-22 19:33 M:2003-02-22 04:42]
    C:\WINDOWS\system32\GDI32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\ADVAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SHLWAPI.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\msvcrt.dll  [Microsoft Corporation, 7.0.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.3790.2867 (srv03_sp1_gdr.070122-2245), C:2007-01-23 23:03 M:2007-01-23 23:03]
    C:\WINDOWS\system32\OLEAUT32.dll  [Microsoft Corporation, 5.2.3790.1830, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.2.3790.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2007-04-22 19:33 M:2003-03-19 20:14]
    C:\WINDOWS\system32\WSOCK32.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WS2_32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WS2HELP.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\IMM32.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\LPK.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USP10.dll  [Microsoft Corporation, 1.0422.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.2778_x-ww_A8F04F11\comctl32.dll  [Microsoft Corporation, 6.0 (srv03_sp1_qfe.060825-0235), C:2007-04-13 10:10 M:2006-08-28 16:25]
    D:\RISING\RAV\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2007-10-19 11:33 M:2008-07-28 16:43]
    D:\RISING\RAV\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2007-10-19 11:33 M:2008-07-28 16:43]
    D:\RISING\RAV\RsLog.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.36, C:2007-10-19 11:33 M:2008-07-26 21:01]
    D:\RISING\RAV\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2007-10-19 11:32 M:2008-07-28 16:42]
    D:\RISING\RAV\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2007-10-19 11:32 M:2008-07-28 16:42]
    D:\RISING\RAV\MonRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.29, C:2007-10-19 11:33 M:2008-07-28 16:40]
    D:\RISING\RAV\Hooksys.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 12, C:2007-10-19 11:33 M:2008-07-28 16:40]
    D:\RISING\RAV\HookReg.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6, C:2007-10-19 11:33 M:2008-07-28 16:40]
    D:\RISING\RAV\HookNtos.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5, C:2007-10-19 11:33 M:2008-07-28 16:40]
    D:\RISING\RAV\rswalmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 24, C:2007-10-19 11:33 M:2008-07-28 16:40]
    D:\RISING\RAV\recomp.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 41, C:2007-10-19 11:32 M:2008-08-20 16:00]
    D:\RISING\RAV\refs.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18, C:2007-10-19 11:32 M:2008-07-28 16:44]
    D:\RISING\RAV\ffr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2007-10-19 11:32 M:2008-09-26 12:13]
    C:\WINDOWS\system32\sfc.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\sfc_os.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WINTRUST.dll  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\CRYPT32.dll  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MSASN1.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\imagehlp.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    d:\Rising\Rav\RsStore.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.9, C:2007-10-19 11:33 M:2008-07-28 16:45]
    D:\RISING\RAV\HookCont.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3, C:2007-10-19 11:33 M:2008-07-28 16:42]
    d:\Rising\Rav\fakescan.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.14, C:2007-10-19 11:33 M:2008-07-28 16:47]
    d:\Rising\Rav\Scanner.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.39, C:2007-10-19 11:33 M:2008-07-28 16:47]
    C:\WINDOWS\system32\VERSION.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    D:\RISING\RAV\viruslib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2007-01-08 13:04 M:2008-07-28 16:44]
    D:\RISING\RAV\relibldr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2007-10-19 11:32 M:2008-07-28 16:44]
    C:\WINDOWS\system32\mswsock.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\hnetcfg.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\wshtcpip.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\apphelp.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msctfime.ime  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    D:\RISING\RAV\HookWeb.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.3, C:2007-10-19 11:33 M:2008-07-28 16:42]
    C:\WINDOWS\system32\CLBCatQ.DLL  [Microsoft Corporation, 2001.12.4720.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\COMRes.dll  [Microsoft Corporation, 2001.12.4720.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\xpsp2res.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    D:\RISING\RAV\nvfile.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7, C:2007-01-08 13:04 M:2008-07-28 16:44]
    D:\RISING\RAV\extfile.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 32, C:2007-01-08 13:04 M:2008-07-28 16:44]
    D:\RISING\RAV\pearc.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 8, C:2007-10-19 11:32 M:2008-07-28 16:44]
    D:\RISING\RAV\scanexec.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 22, C:2007-01-08 13:04 M:2008-08-27 15:23]
    D:\RISING\RAV\unexe.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 6, C:2007-01-08 13:04 M:2008-07-28 16:44]
    D:\RISING\RAV\scanex.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 1, 0, C:2007-01-08 13:04 M:2008-12-02 17:59]
    D:\RISING\RAV\scanpack.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10, C:2007-01-08 13:24 M:2008-07-28 16:44]
    D:\RISING\RAV\revm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11, C:2007-10-19 11:32 M:2008-07-28 16:44]
    D:\RISING\RAV\urutils.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7, C:2007-12-20 16:18 M:2008-07-28 16:44]
    D:\RISING\RAV\ur000.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 22, C:2007-12-20 16:18 M:2008-10-09 17:43]
    D:\RISING\RAV\scriptci.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 4, C:2007-10-19 11:32 M:2008-07-28 16:44]
    D:\RISING\RAV\ur023.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 3, C:2008-04-08 12:38 M:2008-07-28 16:44]
    D:\RISING\RAV\uroutine.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2007-01-08 13:24 M:2008-07-28 16:44]
    D:\RISING\RAV\scansct.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11, C:2007-01-08 13:04 M:2008-09-02 18:22]
    D:\RISING\RAV\extmail.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10, C:2007-01-08 13:04 M:2008-07-28 16:44]

[PID: 1140 / LOCAL SERVICE]   C:\WINDOWS\System32\SCardSvr.exe   [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ntdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\kernel32.dll  [Microsoft Corporation, 5.2.3790.2919 (srv03_sp1_gdr.070417-2346), C:2007-04-19 00:34 M:2007-04-19 00:34]
    C:\WINDOWS\system32\msvcrt.dll  [Microsoft Corporation, 7.0.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ADVAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\GDI32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\IMM32.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\LPK.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\USP10.dll  [Microsoft Corporation, 1.0422.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[PID: 1240 / SYSTEM]   D:\RISING\RAV\RavStub.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.10, C:2007-10-19 11:33 M:2008-07-28 16:40]
    C:\WINDOWS\system32\ntdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\kernel32.dll  [Microsoft Corporation, 5.2.3790.2919 (srv03_sp1_gdr.070417-2346), C:2007-04-19 00:34 M:2007-04-19 00:34]
    C:\WINDOWS\system32\NETAPI32.dll  [Microsoft Corporation, 5.2.3790.2769 (srv03_sp1_gdr.060810-0002), C:2006-08-11 17:58 M:2006-08-11 17:58]
    C:\WINDOWS\system32\msvcrt.dll  [Microsoft Corporation, 7.0.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ADVAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\GDI32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_5.82.3790.2778_x-ww_497C098C\COMCTL32.dll  [Microsoft Corporation, 5.82 (srv03_sp1_qfe.060825-0235), C:2007-04-13 10:10 M:2006-08-28 16:25]
    C:\WINDOWS\system32\IMM32.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\LPK.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USP10.dll  [Microsoft Corporation, 1.0422.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    D:\RISING\RAV\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2007-10-19 11:32 M:2008-07-28 16:42]
    D:\RISING\RAV\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2007-10-19 11:32 M:2008-07-28 16:42]
    D:\RISING\RAV\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-07-28 16:47 M:2008-07-28 16:43]
    C:\WINDOWS\system32\VERSION.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[PID: 1368 / SYSTEM]   C:\WINDOWS\system32\spoolsv.exe   [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ntdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\kernel32.dll  [Microsoft Corporation, 5.2.3790.2919 (srv03_sp1_gdr.070417-2346), C:2007-04-19 00:34 M:2007-04-19 00:34]
    C:\WINDOWS\system32\ADVAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\GDI32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\msvcrt.dll  [Microsoft Corporation, 7.0.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\IMM32.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\LPK.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USP10.dll  [Microsoft Corporation, 1.0422.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\secur32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SPOOLSS.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\iphlpapi.dll  [Microsoft Corporation, 5.2.3790.2706 (srv03_sp1_gdr.060518-1516), C:2006-05-19 11:18 M:2006-05-19 11:18]
    C:\WINDOWS\system32\PSAPI.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WS2_32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WS2HELP.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\NETAPI32.dll  [Microsoft Corporation, 5.2.3790.2769 (srv03_sp1_gdr.060810-0002), C:2006-08-11 17:58 M:2006-08-11 17:58]
    C:\WINDOWS\system32\DNSAPI.dll  [Microsoft Corporation, 5.2.3790.2745 (srv03_sp1_gdr.060712-0023), C:2005-11-25 08:00 M:2006-07-13 02:59]
    C:\WINDOWS\system32\rasadhlp.dll  [Microsoft Corporation, 5.2.3790.2745 (srv03_sp1_gdr.060712-0023), C:2005-11-25 08:00 M:2006-07-13 02:59]
    C:\WINDOWS\system32\localspl.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.2.3790.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\OLEAUT32.dll  [Microsoft Corporation, 5.2.3790.1830, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\sfc_os.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WINTRUST.dll  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\CRYPT32.dll  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MSASN1.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\imagehlp.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USERENV.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\VERSION.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\winspool.drv  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\cnbjmon.dll  [Microsoft Corporation, 5.2.3790.1224 (dnsrv(skatari).040514-1058), C:2005-04-04 21:41 M:2005-11-25 08:00]
    C:\WINDOWS\system32\EBPMON2.DLL  [SEIKO EPSON CORPORATION, 2, 34, 0, 0, C:2007-04-13 14:45 M:2002-10-08 10:34]
    C:\WINDOWS\system32\pjlmon.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-04-04 21:36 M:2005-11-25 08:00]
    C:\WINDOWS\system32\tcpmon.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\wsnmp32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\tcpmib.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WSOCK32.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\mgmtapi.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\snmpapi.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\usbmon.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\mswsock.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\winrnr.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WLDAP32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\nwprovau.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MPR.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_5.82.3790.2778_x-ww_497C098C\COMCTL32.dll  [Microsoft Corporation, 5.82 (srv03_sp1_qfe.060825-0235), C:2007-04-13 10:10 M:2006-08-28 16:25]
    C:\WINDOWS\system32\hnetcfg.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\wshqos.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\wshtcpip.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\win32spl.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\NETRAP.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\NTDSAPI.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\inetpp.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\icmp.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\CLBCatQ.DLL  [Microsoft Corporation, 2001.12.4720.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\COMRes.dll  [Microsoft Corporation, 2001.12.4720.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\xpsp2res.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[PID: 1420 / SYSTEM]   d:\Program Files\StormII\stormliv.exe   [(Verified)北京暴风网际科技有限公司, 3, 8, 3, 15, C:2008-03-11 14:33 M:2008-03-11 14:33]
    C:\WINDOWS\system32\ntdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\kernel32.dll  [Microsoft Corporation, 5.2.3790.2919 (srv03_sp1_gdr.070417-2346), C:2007-04-19 00:34 M:2007-04-19 00:34]
    C:\WINDOWS\system32\SHLWAPI.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\GDI32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\ADVAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msvcrt.dll  [Microsoft Corporation, 7.0.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WS2_32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WS2HELP.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    d:\Program Files\StormII\MSVCP60.dll  [Microsoft Corporation, 6.02.3104.0, C:2007-09-21 19:43 M:2007-09-21 19:43]
    C:\WINDOWS\system32\MFC42.DLL  [Microsoft Corporation, 6.06.8063.0, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.2.3790.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\OLEAUT32.dll  [Microsoft Corporation, 5.2.3790.1830, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WININET.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\CRYPT32.dll  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MSASN1.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WSOCK32.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ODBC32.dll  [Microsoft Corporation, 3.526.1830.0 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.2778_x-ww_A8F04F11\COMCTL32.dll  [Microsoft Corporation, 6.0 (srv03_sp1_qfe.060825-0235), C:2007-04-13 10:10 M:2006-08-28 16:25]
    C:\WINDOWS\system32\comdlg32.dll  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.3790.2867 (srv03_sp1_gdr.070122-2245), C:2007-01-23 23:03 M:2007-01-23 23:03]
    C:\WINDOWS\system32\VERSION.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SETUPAPI.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\IMM32.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\LPK.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USP10.dll  [Microsoft Corporation, 1.0422.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\odbcint.dll  [Microsoft Corporation, 3.526.1830.0 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\xpsp2res.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\mswsock.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\hnetcfg.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\wshtcpip.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\CLBCatQ.DLL  [Microsoft Corporation, 2001.12.4720.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\COMRes.dll  [Microsoft Corporation, 2001.12.4720.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msxml3.dll  [Microsoft Corporation, 8.70.1113.0, C:2006-09-19 20:55 M:2006-09-19 20:55]
    C:\WINDOWS\system32\DNSAPI.dll  [Microsoft Corporation, 5.2.3790.2745 (srv03_sp1_gdr.060712-0023), C:2005-11-25 08:00 M:2006-07-13 02:59]
    C:\WINDOWS\System32\winrnr.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WLDAP32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\rasadhlp.dll  [Microsoft Corporation, 5.2.3790.2745 (srv03_sp1_gdr.060712-0023), C:2005-11-25 08:00 M:2006-07-13 02:59]
    C:\WINDOWS\system32\urlmon.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\mlang.dll  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\cryptdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[PID: 1508 / SYSTEM]   C:\WINDOWS\system32\nvsvc32.exe   [NVIDIA Corporation, 6.14.10.7777, C:2005-07-20 21:07 M:2005-07-20 21:07]
    C:\WINDOWS\system32\ntdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\kernel32.dll  [Microsoft Corporation, 5.2.3790.2919 (srv03_sp1_gdr.070417-2346), C:2007-04-19 00:34 M:2007-04-19 00:34]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\GDI32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\ADVAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USERENV.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msvcrt.dll  [Microsoft Corporation, 7.0.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\POWRPROF.dll  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\IMM32.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\LPK.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USP10.dll  [Microsoft Corporation, 1.0422.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\wtsapi32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WINSTA.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\NETAPI32.dll  [Microsoft Corporation, 5.2.3790.2769 (srv03_sp1_gdr.060810-0002), C:2006-08-11 17:58 M:2006-08-11 17:58]
    C:\WINDOWS\system32\SHLWAPI.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.2778_x-ww_A8F04F11\comctl32.dll  [Microsoft Corporation, 6.0 (srv03_sp1_qfe.060825-0235), C:2007-04-13 10:10 M:2006-08-28 16:25]
    C:\WINDOWS\system32\apphelp.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msctfime.ime  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.2.3790.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\WINTRUST.dll  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\CRYPT32.dll  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MSASN1.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\imagehlp.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[PID: 1524 / SYSTEM]   d:\Program Files\Oray\PeanutHull5\PhCore.exe   [上海贝锐, 1, 0, 0, 21, C:2007-03-31 19:47 M:2007-03-31 19:47]
    C:\WINDOWS\system32\ntdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\kernel32.dll  [Microsoft Corporation, 5.2.3790.2919 (srv03_sp1_gdr.070417-2346), C:2007-04-19 00:34 M:2007-04-19 00:34]
    d:\Program Files\Oray\PeanutHull5\iconv.dll  [Free Software Foundation, 1.9, C:2005-04-07 19:07 M:2005-04-07 19:07]
    C:\WINDOWS\system32\MSVCRT.dll  [Microsoft Corporation, 7.0.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\GDI32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\ADVAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WINSPOOL.DRV  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_5.82.3790.2778_x-ww_497C098C\COMCTL32.dll  [Microsoft Corporation, 5.82 (srv03_sp1_qfe.060825-0235), C:2007-04-13 10:10 M:2006-08-28 16:25]
    C:\WINDOWS\system32\WSOCK32.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WS2_32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WS2HELP.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\iphlpapi.dll  [Microsoft Corporation, 5.2.3790.2706 (srv03_sp1_gdr.060518-1516), C:2006-05-19 11:18 M:2006-05-19 11:18]
    C:\WINDOWS\system32\PSAPI.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\IMM32.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\LPK.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USP10.dll  [Microsoft Corporation, 1.0422.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\apphelp.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msctfime.ime  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.2.3790.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    d:\Program Files\Oray\PeanutHull5\PhAlive.dll  [上海贝锐, 1, 0, 0, 26, C:2007-03-29 15:37 M:2007-03-29 15:37]
    C:\WINDOWS\system32\MFC42.DLL  [Microsoft Corporation, 6.06.8063.0, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\OLEAUT32.dll  [Microsoft Corporation, 5.2.3790.1830, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WININET.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\SHLWAPI.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\CRYPT32.dll  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MSASN1.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ODBC32.dll  [Microsoft Corporation, 3.526.1830.0 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\comdlg32.dll  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.3790.2867 (srv03_sp1_gdr.070122-2245), C:2007-01-23 23:03 M:2007-01-23 23:03]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.2778_x-ww_A8F04F11\comctl32.dll  [Microsoft Corporation, 6.0 (srv03_sp1_qfe.060825-0235), C:2007-04-13 10:10 M:2006-08-28 16:25]
    C:\WINDOWS\system32\odbcint.dll  [Microsoft Corporation, 3.526.1830.0 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\mswsock.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\hnetcfg.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\wshtcpip.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\DNSAPI.dll  [Microsoft Corporation, 5.2.3790.2745 (srv03_sp1_gdr.060712-0023), C:2005-11-25 08:00 M:2006-07-13 02:59]
    C:\WINDOWS\System32\winrnr.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WLDAP32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\rasadhlp.dll  [Microsoft Corporation, 5.2.3790.2745 (srv03_sp1_gdr.060712-0023), C:2005-11-25 08:00 M:2006-07-13 02:59]

[PID: 1600 / SYSTEM]   D:\DNS\winpip.exe   [Copyright (C) 2003, 1, 0, 0, 1, C:2007-04-12 10:31 M:2004-12-03 11:23]
    C:\WINDOWS\system32\ntdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\kernel32.dll  [Microsoft Corporation, 5.2.3790.2919 (srv03_sp1_gdr.070417-2346), C:2007-04-19 00:34 M:2007-04-19 00:34]
    C:\WINDOWS\system32\WS2_32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ADVAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msvcrt.dll  [Microsoft Corporation, 7.0.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WS2HELP.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RASAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\CRYPT32.dll  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MSASN1.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\GDI32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\rasman.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\NETAPI32.dll  [Microsoft Corporation, 5.2.3790.2769 (srv03_sp1_gdr.060810-0002), C:2006-08-11 17:58 M:2006-08-11 17:58]
    C:\WINDOWS\system32\TAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\rtutils.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SHLWAPI.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\WINMM.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\IMM32.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\LPK.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USP10.dll  [Microsoft Corporation, 1.0422.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.2778_x-ww_A8F04F11\comctl32.dll  [Microsoft Corporation, 6.0 (srv03_sp1_qfe.060825-0235), C:2007-04-13 10:10 M:2006-08-28 16:25]
    C:\WINDOWS\system32\MFC42.DLL  [Microsoft Corporation, 6.06.8063.0, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.2.3790.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\OLEAUT32.dll  [Microsoft Corporation, 5.2.3790.1830, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WININET.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\WSOCK32.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ODBC32.dll  [Microsoft Corporation, 3.526.1830.0 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_5.82.3790.2778_x-ww_497C098C\COMCTL32.dll  [Microsoft Corporation, 5.82 (srv03_sp1_qfe.060825-0235), C:2007-04-13 10:10 M:2006-08-28 16:25]
    C:\WINDOWS\system32\comdlg32.dll  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.3790.2867 (srv03_sp1_gdr.070122-2245), C:2007-01-23 23:03 M:2007-01-23 23:03]
    C:\WINDOWS\system32\odbcint.dll  [Microsoft Corporation, 3.526.1830.0 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    D:\DNS\BCGCBPRO64.dll  [BCGSoft Ltd, 6, 4, 0, 0, C:2007-04-12 10:31 M:2004-02-13 14:43]
    C:\WINDOWS\system32\apphelp.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\CLBCatQ.DLL  [Microsoft Corporation, 2001.12.4720.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\COMRes.dll  [Microsoft Corporation, 2001.12.4720.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\VERSION.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SETUPAPI.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\iphlpapi.dll  [Microsoft Corporation, 5.2.3790.2706 (srv03_sp1_gdr.060518-1516), C:2006-05-19 11:18 M:2006-05-19 11:18]
    C:\WINDOWS\system32\PSAPI.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msctfime.ime  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\mswsock.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\DNSAPI.dll  [Microsoft Corporation, 5.2.3790.2745 (srv03_sp1_gdr.060712-0023), C:2005-11-25 08:00 M:2006-07-13 02:59]
    C:\WINDOWS\System32\winrnr.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WLDAP32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\rasadhlp.dll  [Microsoft Corporation, 5.2.3790.2745 (srv03_sp1_gdr.060712-0023), C:2005-11-25 08:00 M:2006-07-13 02:59]
    C:\WINDOWS\system32\hnetcfg.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\wshtcpip.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[PID: 1904 / LOCAL SERVICE]   C:\WINDOWS\system32\svchost.exe   [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ntdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\kernel32.dll  [Microsoft Corporation, 5.2.3790.2919 (srv03_sp1_gdr.070417-2346), C:2007-04-19 00:34 M:2007-04-19 00:34]
    C:\WINDOWS\system32\ADVAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\regsvc.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msvcrt.dll  [Microsoft Corporation, 7.0.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\secur32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[PID: 1952 / SYSTEM]   C:\WINDOWS\System32\svchost.exe   [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ntdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\kernel32.dll  [Microsoft Corporation, 5.2.3790.2919 (srv03_sp1_gdr.070417-2346), C:2007-04-19 00:34 M:2007-04-19 00:34]
    C:\WINDOWS\system32\ADVAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\NTMARTA.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msvcrt.dll  [Microsoft Corporation, 7.0.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.2.3790.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\GDI32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\System32\SAMLIB.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WLDAP32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\IMM32.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\LPK.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\USP10.dll  [Microsoft Corporation, 1.0422.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\xpsp2res.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\termsrv.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:39 M:2005-11-25 08:00]
    c:\windows\system32\ICAAPI.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:39 M:2005-11-25 08:00]
    c:\windows\system32\Secur32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\WS2_32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\WS2HELP.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\OLEAUT32.dll  [Microsoft Corporation, 5.2.3790.1830, C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\AUTHZ.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\mstlsapi.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\ACTIVEDS.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\adsldpc.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\credui.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.3790.2867 (srv03_sp1_gdr.070122-2245), C:2007-01-23 23:03 M:2007-01-23 23:03]
    C:\WINDOWS\system32\SHLWAPI.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\NETAPI32.dll  [Microsoft Corporation, 5.2.3790.2769 (srv03_sp1_gdr.060810-0002), C:2006-08-11 17:58 M:2006-08-11 17:58]
    c:\windows\system32\ATL.DLL  [Microsoft Corporation, 3.05.2283, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\CRYPT32.dll  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MSASN1.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\REGAPI.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.2778_x-ww_A8F04F11\comctl32.dll  [Microsoft Corporation, 6.0 (srv03_sp1_qfe.060825-0235), C:2007-04-13 10:10 M:2006-08-28 16:25]
    C:\WINDOWS\System32\PSAPI.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\VERSION.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\USERENV.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\imagehlp.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\rdpwsx.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:39 M:2005-11-25 08:00]
    C:\WINDOWS\System32\WINSPOOL.DRV  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\nap32.dll  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 1, C:2008-12-07 15:27 M:2008-12-07 15:27]

[PID: 824 / LOCAL SERVICE]   C:\WINDOWS\System32\alg.exe   [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ntdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\kernel32.dll  [Microsoft Corporation, 5.2.3790.2919 (srv03_sp1_gdr.070417-2346), C:2007-04-19 00:34 M:2007-04-19 00:34]
    C:\WINDOWS\system32\msvcrt.dll  [Microsoft Corporation, 7.0.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\ATL.DLL  [Microsoft Corporation, 3.05.2283, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ADVAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.2.3790.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\GDI32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\OLEAUT32.dll  [Microsoft Corporation, 5.2.3790.1830, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\WSOCK32.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\WS2_32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\WS2HELP.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\MSWSOCK.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\IMM32.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\LPK.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\USP10.dll  [Microsoft Corporation, 1.0422.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\CLBCatQ.DLL  [Microsoft Corporation, 2001.12.4720.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\System32\COMRes.dll  [Microsoft Corporation, 2001.12.4720.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\VERSION.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\xpsp2res.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\hnetcfg.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\wshtcpip.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]

[PID: 1324 / a2]   C:\WINDOWS\Explorer.EXE   [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ntdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\kernel32.dll  [Microsoft Corporation, 5.2.3790.2919 (srv03_sp1_gdr.070417-2346), C:2007-04-19 00:34 M:2007-04-19 00:34]
    C:\WINDOWS\system32\ADVAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\BROWSEUI.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\msvcrt.dll  [Microsoft Corporation, 7.0.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SHLWAPI.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\GDI32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.2.3790.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\OLEAUT32.dll  [Microsoft Corporation, 5.2.3790.1830, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SHDOCVW.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\CRYPT32.dll  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MSASN1.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\CRYPTUI.dll  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\NETAPI32.dll  [Microsoft Corporation, 5.2.3790.2769 (srv03_sp1_gdr.060810-0002), C:2006-08-11 17:58 M:2006-08-11 17:58]
    C:\WINDOWS\system32\VERSION.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WINTRUST.dll  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\imagehlp.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WLDAP32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.3790.2867 (srv03_sp1_gdr.070122-2245), C:2007-01-23 23:03 M:2007-01-23 23:03]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\IMM32.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\LPK.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USP10.dll  [Microsoft Corporation, 1.0422.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.2778_x-ww_A8F04F11\comctl32.dll  [Microsoft Corporation, 6.0 (srv03_sp1_qfe.060825-0235), C:2007-04-13 10:10 M:2006-08-28 16:25]
    C:\WINDOWS\system32\apphelp.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msctfime.ime  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\CLBCatQ.DLL  [Microsoft Corporation, 2001.12.4720.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\COMRes.dll  [Microsoft Corporation, 2001.12.4720.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\cscui.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\CSCDLL.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\themeui.dll  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\Secur32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MSIMG32.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\xpsp2res.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\urlmon.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\USERENV.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msutb.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MSCTF.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\LINKINFO.dll  [Microsoft Corporation, 5.2.3790.2521 (srv03_sp1_gdr.050831-1529), C:2005-11-25 08:00 M:2005-09-01 10:21]
    C:\WINDOWS\system32\ntshrui.dll  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_5.82.3790.2778_x-ww_497C098C\COMCTL32.dll  [Microsoft Corporation, 5.82 (srv03_sp1_qfe.060825-0235), C:2007-04-13 10:10 M:2006-08-28 16:25]
    C:\WINDOWS\system32\MPR.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\drprov.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\ntlanman.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\NETUI0.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\NETUI1.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\SAMLIB.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\davclnt.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\audiodev.dll  [Microsoft Corporation, 5.2.3790.3700 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WMVCore.DLL  [Microsoft Corporation, 10.00.00.3708 (srv03_sp1_gdr.061206-2314), C:2006-12-08 15:52 M:2006-12-08 15:52]
    C:\WINDOWS\system32\WMASF.DLL  [Microsoft Corporation, 10.00.00.3700 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SETUPAPI.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WINSTA.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msi.dll  [Microsoft Corporation, 3.1.4000.4042, C:2007-07-26 11:34 M:2007-03-17 19:08]
    C:\WINDOWS\system32\WININET.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\nvcpl.dll  [NVIDIA Corporation, 6.14.10.7777, C:2005-07-20 21:07 M:2005-07-20 21:07]
    C:\WINDOWS\system32\WINMM.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\comdlg32.dll  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WINSPOOL.DRV  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\OLEACC.dll  [Microsoft Corporation, 4.2.5406.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MSVCP60.dll  [Microsoft Corporation, 6.05.2144.0, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\NVRSZHC.DLL  [NVIDIA Corporation, 6.14.10.7777, C:2005-07-20 21:07 M:2005-07-20 21:07]
    C:\WINDOWS\system32\NTMARTA.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\nvshell.dll  [NVIDIA Corporation, 6.14.10.10531, C:2005-07-20 21:07 M:2005-07-20 21:07]
    C:\WINDOWS\system32\JPWB.IME  [常诚研制, 4.00.950, C:2006-08-06 10:12 M:2006-08-06 10:12]
    C:\WINDOWS\system32\winabc.ime  [Microsoft Corporation, 5.2.3790.0, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\shdoclc.dll  [Microsoft Corporation, 6.00.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\Program Files\WinRAR\rarext.dll  [N/A, C:2007-01-08 12:40 M:2006-06-18 00:08]
    C:\WINDOWS\system32\RavExt.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-07-28 16:48 M:2008-07-28 16:40]
    d:\Rising\Rav\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-07-28 16:47 M:2008-07-28 16:43]
    C:\WINDOWS\system32\zipfldr.dll  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\mydocs.dll  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\sendmail.dll  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\browselc.dll  [Microsoft Corporation, 6.00.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\DUSER.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MLANG.dll  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SXS.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\Actxprxy.dll  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[PID: 1396 / SYSTEM]   C:\WINDOWS\System32\svchost.exe   [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ntdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\kernel32.dll  [Microsoft Corporation, 5.2.3790.2919 (srv03_sp1_gdr.070417-2346), C:2007-04-19 00:34 M:2007-04-19 00:34]
    C:\WINDOWS\system32\ADVAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\tapisrv.dll  [Microsoft Corporation, 5.2.3790.2483 (srv03_sp1_gdr.050707-1651), C:2005-11-25 08:00 M:2005-07-09 03:20]
    c:\windows\system32\ACTIVEDS.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\adsldpc.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\credui.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msvcrt.dll  [Microsoft Corporation, 7.0.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\GDI32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.3790.2867 (srv03_sp1_gdr.070122-2245), C:2007-01-23 23:03 M:2007-01-23 23:03]
    C:\WINDOWS\system32\SHLWAPI.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\NETAPI32.dll  [Microsoft Corporation, 5.2.3790.2769 (srv03_sp1_gdr.060810-0002), C:2006-08-11 17:58 M:2006-08-11 17:58]
    C:\WINDOWS\system32\WLDAP32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\ATL.DLL  [Microsoft Corporation, 3.05.2283, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.2.3790.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\OLEAUT32.dll  [Microsoft Corporation, 5.2.3790.1830, C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\PSAPI.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\rtutils.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\Secur32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    c:\windows\system32\WINMM.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\IMM32.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\LPK.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\USP10.dll  [Microsoft Corporation, 1.0422.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.2778_x-ww_A8F04F11\comctl32.dll  [Microsoft Corporation, 6.0 (srv03_sp1_qfe.060825-0235), C:2007-04-13 10:10 M:2006-08-28 16:25]
    C:\WINDOWS\System32\unimdm.tsp  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\SETUPAPI.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\uniplat.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WINTRUST.dll  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\CRYPT32.dll  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MSASN1.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\imagehlp.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\kmddsp.tsp  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\ndptsp.tsp  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\ipconf.tsp  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\h323.tsp  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\WS2_32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\WS2HELP.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\MSWSOCK.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\hidphone.tsp  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\HID.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-04-04 21:35 M:2005-11-25 08:00]
    C:\WINDOWS\system32\nap32.dll  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 1, C:2008-12-07 15:27 M:2008-12-07 15:27]

[PID: 2164 / a2]   H:\TExplore\TExplore.exe   [Infinite, 6.0.0.1, C:2007-04-01 08:48 M:2007-01-17 12:00]
    C:\WINDOWS\system32\ntdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\kernel32.dll  [Microsoft Corporation, 5.2.3790.2919 (srv03_sp1_gdr.070417-2346), C:2007-04-19 00:34 M:2007-04-19 00:34]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\GDI32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\ADVAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\comdlg32.dll  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.2778_x-ww_A8F04F11\COMCTL32.dll  [Microsoft Corporation, 6.0 (srv03_sp1_qfe.060825-0235), C:2007-04-13 10:10 M:2006-08-28 16:25]
    C:\WINDOWS\system32\msvcrt.dll  [Microsoft Corporation, 7.0.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SHLWAPI.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.3790.2867 (srv03_sp1_gdr.070122-2245), C:2007-01-23 23:03 M:2007-01-23 23:03]
    C:\WINDOWS\system32\WINSPOOL.DRV  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\oledlg.dll  [Microsoft Corporation, 1.0 (srv03_sp1_gdr.061016-0022), C:2005-11-25 08:00 M:2006-10-16 20:40]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.2.3790.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\OLEAUT32.dll  [Microsoft Corporation, 5.2.3790.1830, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\PSAPI.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WINMM.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\IMM32.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\LPK.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USP10.dll  [Microsoft Corporation, 1.0422.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WS2_32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WS2HELP.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ATL.DLL  [Microsoft Corporation, 3.05.2283, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\CLBCatQ.DLL  [Microsoft Corporation, 2001.12.4720.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\COMRes.dll  [Microsoft Corporation, 2001.12.4720.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\VERSION.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msi.dll  [Microsoft Corporation, 3.1.4000.4042, C:2007-07-26 11:34 M:2007-03-17 19:08]
    C:\WINDOWS\system32\apphelp.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msctfime.ime  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\shdocvw.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\CRYPT32.dll  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MSASN1.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\CRYPTUI.dll  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\NETAPI32.dll  [Microsoft Corporation, 5.2.3790.2769 (srv03_sp1_gdr.060810-0002), C:2006-08-11 17:58 M:2006-08-11 17:58]
    C:\WINDOWS\system32\WINTRUST.dll  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\imagehlp.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WLDAP32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WININET.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\Secur32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msxml3.dll  [Microsoft Corporation, 8.70.1113.0, C:2006-09-19 20:55 M:2006-09-19 20:55]
    C:\WINDOWS\system32\urlmon.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\mlang.dll  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\shdoclc.dll  [Microsoft Corporation, 6.00.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\xpsp2res.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\wsock32.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\mswsock.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\hnetcfg.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\wshtcpip.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RASAPI32.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\rasman.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\TAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\rtutils.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msv1_0.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\iphlpapi.dll  [Microsoft Corporation, 5.2.3790.2706 (srv03_sp1_gdr.060518-1516), C:2006-05-19 11:18 M:2006-05-19 11:18]
    H:\TExplore\Plugin\QueryInfo.dll  [Copyright 2007, 1, 0, 0, 1, C:2007-04-01 08:48 M:2007-01-13 12:55]
    C:\WINDOWS\system32\MFC42.DLL  [Microsoft Corporation, 6.06.8063.0, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ODBC32.dll  [Microsoft Corporation, 3.526.1830.0 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\odbcint.dll  [Microsoft Corporation, 3.526.1830.0 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\sensapi.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USERENV.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    H:\TExplore\Plugin\Color.dll  [无限光软件工作室, 1, 0, 0, 1, C:2007-04-01 08:48 M:2007-01-14 23:11]
    C:\WINDOWS\system32\DNSAPI.dll  [Microsoft Corporation, 5.2.3790.2745 (srv03_sp1_gdr.060712-0023), C:2005-11-25 08:00 M:2006-07-13 02:59]
    C:\WINDOWS\System32\winrnr.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\nwprovau.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MPR.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\rasadhlp.dll  [Microsoft Corporation, 5.2.3790.2745 (srv03_sp1_gdr.060712-0023), C:2005-11-25 08:00 M:2006-07-13 02:59]
    C:\WINDOWS\system32\MSCTF.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\mshtml.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\msls31.dll  [Microsoft Corporation, 3.10.349.0, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SETUPAPI.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[PID: 2176 / a2]   d:\Rising\Rav\RavTask.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.24, C:2007-05-16 04:01 M:2008-07-26 21:00]
    C:\WINDOWS\system32\ntdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\kernel32.dll  [Microsoft Corporation, 5.2.3790.2919 (srv03_sp1_gdr.070417-2346), C:2007-04-19 00:34 M:2007-04-19 00:34]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_5.82.3790.2778_x-ww_497C098C\COMCTL32.dll  [Microsoft Corporation, 5.82 (srv03_sp1_qfe.060825-0235), C:2007-04-13 10:10 M:2006-08-28 16:25]
    C:\WINDOWS\system32\ADVAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\GDI32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.3790.2867 (srv03_sp1_gdr.070122-2245), C:2007-01-23 23:03 M:2007-01-23 23:03]
    C:\WINDOWS\system32\msvcrt.dll  [Microsoft Corporation, 7.0.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SHLWAPI.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.2.3790.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\OLEAUT32.dll  [Microsoft Corporation, 5.2.3790.1830, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\IMM32.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\LPK.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USP10.dll  [Microsoft Corporation, 1.0422.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.2778_x-ww_A8F04F11\comctl32.dll  [Microsoft Corporation, 6.0 (srv03_sp1_qfe.060825-0235), C:2007-04-13 10:10 M:2006-08-28 16:25]
    d:\Rising\Rav\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2007-10-19 11:32 M:2008-07-28 16:42]
    d:\Rising\Rav\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2007-10-19 11:32 M:2008-07-28 16:42]
    d:\Rising\Rav\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-07-28 16:47 M:2008-07-28 16:43]
    C:\WINDOWS\system32\VERSION.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    d:\Rising\Rav\RSAPPMGR.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2007-10-19 11:33 M:2008-07-28 16:43]
    d:\Rising\Rav\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2007-10-19 11:33 M:2008-07-28 16:43]
    C:\WINDOWS\system32\apphelp.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msctfime.ime  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MSCTF.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[PID: 2200 / a2]   d:\Rising\Rav\Ravmon.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.01.27, C:2007-10-19 11:33 M:2008-08-27 15:23]
    C:\WINDOWS\system32\ntdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\kernel32.dll  [Microsoft Corporation, 5.2.3790.2919 (srv03_sp1_gdr.070417-2346), C:2007-04-19 00:34 M:2007-04-19 00:34]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2007-04-22 19:33 M:2003-03-19 13:20]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2007-04-22 19:33 M:2003-02-22 04:42]
    C:\WINDOWS\system32\GDI32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\ADVAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SHLWAPI.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\msvcrt.dll  [Microsoft Corporation, 7.0.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.3790.2867 (srv03_sp1_gdr.070122-2245), C:2007-01-23 23:03 M:2007-01-23 23:03]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.2778_x-ww_A8F04F11\COMCTL32.dll  [Microsoft Corporation, 6.0 (srv03_sp1_qfe.060825-0235), C:2007-04-13 10:10 M:2006-08-28 16:25]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.2.3790.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\OLEAUT32.dll  [Microsoft Corporation, 5.2.3790.1830, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2007-04-22 19:33 M:2003-03-19 20:14]
    C:\WINDOWS\system32\VERSION.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\IMM32.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\LPK.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USP10.dll  [Microsoft Corporation, 1.0422.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    d:\Rising\Rav\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2007-10-19 11:32 M:2008-07-28 16:42]
    d:\Rising\Rav\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2007-10-19 11:32 M:2008-07-28 16:42]
    d:\Rising\Rav\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-07-28 16:47 M:2008-07-28 16:43]
    d:\Rising\Rav\recomp.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 41, C:2007-10-19 11:32 M:2008-08-20 16:00]
    d:\Rising\Rav\refs.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18, C:2007-10-19 11:32 M:2008-07-28 16:44]
    d:\Rising\Rav\viruslib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2007-01-08 13:04 M:2008-07-28 16:44]
    d:\Rising\Rav\relibldr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2007-10-19 11:32 M:2008-07-28 16:44]
    d:\Rising\Rav\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2007-10-19 11:33 M:2008-07-28 16:43]
    d:\Rising\Rav\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2007-10-19 11:33 M:2008-07-28 16:43]
    d:\Rising\Rav\MonRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.29, C:2007-10-19 11:33 M:2008-07-28 16:40]
    d:\Rising\Rav\PngDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2007-10-19 11:33 M:2008-07-26 21:00]
    C:\WINDOWS\system32\wtsapi32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WINSTA.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\NETAPI32.dll  [Microsoft Corporation, 5.2.3790.2769 (srv03_sp1_gdr.060810-0002), C:2006-08-11 17:58 M:2006-08-11 17:58]
    C:\WINDOWS\system32\apphelp.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msctfime.ime  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    d:\Rising\Rav\Rsguilib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90, C:2007-10-19 11:33 M:2008-07-26 21:00]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    d:\Rising\Rav\RsXML.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2007-10-19 11:33 M:2008-07-28 16:43]
    C:\WINDOWS\system32\perfproc.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MSCTF.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[PID: 2260 / a2]   D:\Program Files\360safe\safemon\360tray.exe   [(Verified)奇虎网, 5, 0, 0, 1002, C:2008-08-25 14:12 M:2008-08-25 14:12]
    C:\WINDOWS\system32\ntdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\kernel32.dll  [Microsoft Corporation, 5.2.3790.2919 (srv03_sp1_gdr.070417-2346), C:2007-04-19 00:34 M:2007-04-19 00:34]
    C:\WINDOWS\system32\MFC42.DLL  [Microsoft Corporation, 6.06.8063.0, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msvcrt.dll  [Microsoft Corporation, 7.0.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\GDI32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\ADVAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.2.3790.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\OLEAUT32.dll  [Microsoft Corporation, 5.2.3790.1830, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WININET.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\SHLWAPI.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\CRYPT32.dll  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MSASN1.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WSOCK32.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WS2_32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WS2HELP.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ODBC32.dll  [Microsoft Corporation, 3.526.1830.0 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.2778_x-ww_A8F04F11\COMCTL32.dll  [Microsoft Corporation, 6.0 (srv03_sp1_qfe.060825-0235), C:2007-04-13 10:10 M:2006-08-28 16:25]
    C:\WINDOWS\system32\comdlg32.dll  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.3790.2867 (srv03_sp1_gdr.070122-2245), C:2007-01-23 23:03 M:2007-01-23 23:03]
    C:\WINDOWS\system32\urlmon.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\VERSION.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SETUPAPI.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\iphlpapi.dll  [Microsoft Corporation, 5.2.3790.2706 (srv03_sp1_gdr.060518-1516), C:2006-05-19 11:18 M:2006-05-19 11:18]
    C:\WINDOWS\system32\PSAPI.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\NETAPI32.dll  [Microsoft Corporation, 5.2.3790.2769 (srv03_sp1_gdr.060810-0002), C:2006-08-11 17:58 M:2006-08-11 17:58]
    C:\WINDOWS\system32\IMM32.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\LPK.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USP10.dll  [Microsoft Corporation, 1.0422.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\odbcint.dll  [Microsoft Corporation, 3.526.1830.0 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RICHED32.DLL  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RICHED20.dll  [Microsoft Corporation, 5.31.23.1226, C:2006-11-27 21:44 M:2006-11-27 21:44]
    C:\WINDOWS\system32\apphelp.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msctfime.ime  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    D:\Program Files\360safe\safemon\safemon.dll  [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42]
    D:\Program Files\360safe\safemon\SafeKrnl.dll  [(Verified)奇虎网, 4, 3, 0, 1003, C:2008-08-26 16:55 M:2008-08-26 16:55]
    D:\Program Files\360safe\AntiAdwa.dll  [(Verified)360Safe.com, 4, 2, 0, 1001, C:2008-06-13 20:16 M:2008-06-13 20:16]
    C:\WINDOWS\system32\MSCTF.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    D:\Program Files\360safe\live.dll  [(Verified)360.cn, 1, 0, 1, 1029, C:2008-11-25 09:42 M:2008-11-25 09:42]
    C:\WINDOWS\system32\WINTRUST.dll  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\imagehlp.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\Secur32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RASAPI32.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\rasman.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\TAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\rtutils.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WINMM.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msv1_0.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\sensapi.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USERENV.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\mlang.dll  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\mswsock.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\hnetcfg.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\wshtcpip.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\DNSAPI.dll  [Microsoft Corporation, 5.2.3790.2745 (srv03_sp1_gdr.060712-0023), C:2005-11-25 08:00 M:2006-07-13 02:59]
    C:\WINDOWS\System32\winrnr.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WLDAP32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\nwprovau.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MPR.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\rasadhlp.dll  [Microsoft Corporation, 5.2.3790.2745 (srv03_sp1_gdr.060712-0023), C:2005-11-25 08:00 M:2006-07-13 02:59]
    C:\WINDOWS\system32\Cabinet.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[PID: 2324 / a2]   D:\Program Files\Rising\AntiSpyware\rstray.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.16, C:2008-12-07 15:18 M:2008-12-07 15:16]
    C:\WINDOWS\system32\ntdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\kernel32.dll  [Microsoft Corporation, 5.2.3790.2919 (srv03_sp1_gdr.070417-2346), C:2007-04-19 00:34 M:2007-04-19 00:34]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\GDI32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\ADVAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.2.3790.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\msvcrt.dll  [Microsoft Corporation, 7.0.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\OLEAUT32.dll  [Microsoft Corporation, 5.2.3790.1830, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.2778_x-ww_A8F04F11\COMCTL32.dll  [Microsoft Corporation, 6.0 (srv03_sp1_qfe.060825-0235), C:2007-04-13 10:10 M:2006-08-28 16:25]
    C:\WINDOWS\system32\SHLWAPI.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\IMM32.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\LPK.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USP10.dll  [Microsoft Corporation, 1.0422.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    D:\Program Files\Rising\AntiSpyware\rsmginfo.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 8, C:2008-12-07 15:18 M:2008-12-07 15:16]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.3790.2867 (srv03_sp1_gdr.070122-2245), C:2007-01-23 23:03 M:2007-01-23 23:03]
    C:\WINDOWS\system32\WININET.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\CRYPT32.dll  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MSASN1.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    D:\Program Files\Rising\AntiSpyware\RsXML.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-12-07 15:18 M:2008-12-07 15:17]
    D:\Program Files\Rising\AntiSpyware\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2008-12-07 15:18 M:2008-12-07 15:16]
    D:\Program Files\Rising\AntiSpyware\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2008-12-07 15:18 M:2008-12-07 15:16]
    C:\WINDOWS\system32\apphelp.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msctfime.ime  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    D:\Program Files\Rising\AntiSpyware\ComServ.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.31, C:2008-12-07 15:18 M:2008-12-07 15:16]
    D:\Program Files\Rising\AntiSpyware\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-12-07 15:18 M:2008-12-07 15:17]
    D:\Program Files\Rising\AntiSpyware\rscommon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.1.1, C:2008-12-07 15:18 M:2008-12-07 15:16]
    C:\WINDOWS\system32\VERSION.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    D:\Program Files\Rising\AntiSpyware\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-12-07 15:18 M:2008-12-07 15:16]
    C:\WINDOWS\system32\Wtsapi32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WINSTA.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\NETAPI32.dll  [Microsoft Corporation, 5.2.3790.2769 (srv03_sp1_gdr.060810-0002), C:2006-08-11 17:58 M:2006-08-11 17:58]
    C:\WINDOWS\system32\secur32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MSCTF.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    D:\Program Files\Rising\AntiSpyware\pngdll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-12-07 15:18 M:2008-12-07 15:16]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    D:\Program Files\Rising\AntiSpyware\runiep.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.41, C:2008-12-07 15:18 M:2008-12-07 15:17]
    D:\Program Files\Rising\AntiSpyware\NComm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.6, C:2008-12-07 15:18 M:2008-12-07 15:16]
    d:\Rising\Rav\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2007-10-19 11:32 M:2008-07-28 16:42]
    D:\Program Files\Rising\AntiSpyware\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-12-07 15:18 M:2008-12-07 15:16]
    C:\WINDOWS\system32\wsock32.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WS2_32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WS2HELP.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RASAPI32.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\rasman.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\TAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\rtutils.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WINMM.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msv1_0.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\iphlpapi.dll  [Microsoft Corporation, 5.2.3790.2706 (srv03_sp1_gdr.060518-1516), C:2006-05-19 11:18 M:2006-05-19 11:18]
    C:\WINDOWS\system32\PSAPI.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\sensapi.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USERENV.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\urlmon.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\System32\mswsock.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\DNSAPI.dll  [Microsoft Corporation, 5.2.3790.2745 (srv03_sp1_gdr.060712-0023), C:2005-11-25 08:00 M:2006-07-13 02:59]
    C:\WINDOWS\System32\winrnr.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WLDAP32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\nwprovau.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MPR.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\rasadhlp.dll  [Microsoft Corporation, 5.2.3790.2745 (srv03_sp1_gdr.060712-0023), C:2005-11-25 08:00 M:2006-07-13 02:59]
    C:\WINDOWS\system32\hnetcfg.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\wshtcpip.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SETUPAPI.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\CLBCatQ.DLL  [Microsoft Corporation, 2001.12.4720.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\COMRes.dll  [Microsoft Corporation, 2001.12.4720.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]

[PID: 2376 / a2]   C:\WINDOWS\system32\ctfmon.exe   [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ntdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\kernel32.dll  [Microsoft Corporation, 5.2.3790.2919 (srv03_sp1_gdr.070417-2346), C:2007-04-19 00:34 M:2007-04-19 00:34]
    C:\WINDOWS\system32\msvcrt.dll  [Microsoft Corporation, 7.0.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ADVAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\GDI32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\MSCTF.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MSUTB.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\IMM32.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\LPK.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USP10.dll  [Microsoft Corporation, 1.0422.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USERENV.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.2.3790.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\apphelp.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msctfime.ime  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[PID: 2396 / a2]   d:\Program Files\Oray\PeanutHull5\PhDesktop.exe   [上海贝锐, 1, 0, 0, 11, C:2007-03-31 19:50 M:2007-03-31 19:50]
    C:\WINDOWS\system32\ntdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\kernel32.dll  [Microsoft Corporation, 5.2.3790.2919 (srv03_sp1_gdr.070417-2346), C:2007-04-19 00:34 M:2007-04-19 00:34]
    C:\WINDOWS\system32\WINMM.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ADVAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\GDI32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    d:\Program Files\Oray\PeanutHull5\iconv.dll  [Free Software Foundation, 1.9, C:2005-04-07 19:07 M:2005-04-07 19:07]
    C:\WINDOWS\system32\MSVCRT.dll  [Microsoft Corporation, 7.0.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MFC42u.DLL  [Microsoft Corporation, 6.06.8063.0, C:2007-04-15 09:03 M:2006-11-01 04:18]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.2.3790.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\OLEAUT32.dll  [Microsoft Corporation, 5.2.3790.1830, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WININET.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\SHLWAPI.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\CRYPT32.dll  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MSASN1.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WSOCK32.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WS2_32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WS2HELP.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ODBC32.dll  [Microsoft Corporation, 3.526.1830.0 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_5.82.3790.2778_x-ww_497C098C\COMCTL32.dll  [Microsoft Corporation, 5.82 (srv03_sp1_qfe.060825-0235), C:2007-04-13 10:10 M:2006-08-28 16:25]
    C:\WINDOWS\system32\comdlg32.dll  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.3790.2867 (srv03_sp1_gdr.070122-2245), C:2007-01-23 23:03 M:2007-01-23 23:03]
    d:\Program Files\Oray\PeanutHull5\MSVCP60.dll  [Microsoft Corporation, 6.00.8972.0, C:2002-09-13 21:00 M:2002-09-13 21:00]
    C:\WINDOWS\system32\MSIMG32.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\iphlpapi.dll  [Microsoft Corporation, 5.2.3790.2706 (srv03_sp1_gdr.060518-1516), C:2006-05-19 11:18 M:2006-05-19 11:18]
    C:\WINDOWS\system32\PSAPI.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\DNSAPI.dll  [Microsoft Corporation, 5.2.3790.2745 (srv03_sp1_gdr.060712-0023), C:2005-11-25 08:00 M:2006-07-13 02:59]
    C:\WINDOWS\system32\IMM32.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\LPK.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USP10.dll  [Microsoft Corporation, 1.0422.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.2778_x-ww_A8F04F11\comctl32.dll  [Microsoft Corporation, 6.0 (srv03_sp1_qfe.060825-0235), C:2007-04-13 10:10 M:2006-08-28 16:25]
    C:\WINDOWS\system32\odbcint.dll  [Microsoft Corporation, 3.526.1830.0 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MSCTF.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    d:\Program Files\Oray\PeanutHull5\PhGUI.dll  [上海贝锐, 1, 0, 0, 1, C:2007-03-29 15:38 M:2007-03-29 15:38]
    C:\WINDOWS\system32\MFC42.DLL  [Microsoft Corporation, 6.06.8063.0, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\apphelp.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msctfime.ime  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\mswsock.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\hnetcfg.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\wshtcpip.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\winrnr.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WLDAP32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\rasadhlp.dll  [Microsoft Corporation, 5.2.3790.2745 (srv03_sp1_gdr.060712-0023), C:2005-11-25 08:00 M:2006-07-13 02:59]
    C:\WINDOWS\system32\CLBCatQ.DLL  [Microsoft Corporation, 2001.12.4720.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\COMRes.dll  [Microsoft Corporation, 2001.12.4720.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\VERSION.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[PID: 2516 / a2]   E:\Webest\CE\CrsExplorer.exe   [北京维佳网域科技发展有限公司, 5.9.6.86, C:2007-04-13 09:52 M:2007-04-11 16:37]
    C:\WINDOWS\system32\ntdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\kernel32.dll  [Microsoft Corporation, 5.2.3790.2919 (srv03_sp1_gdr.070417-2346), C:2007-04-19 00:34 M:2007-04-19 00:34]
    C:\WINDOWS\system32\oleaut32.dll  [Microsoft Corporation, 5.2.3790.1830, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ADVAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\GDI32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\msvcrt.dll  [Microsoft Corporation, 7.0.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.2.3790.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\version.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\mpr.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_5.82.3790.2778_x-ww_497C098C\comctl32.dll  [Microsoft Corporation, 5.82 (srv03_sp1_qfe.060825-0235), C:2007-04-13 10:10 M:2006-08-28 16:25]
    C:\WINDOWS\system32\shell32.dll  [Microsoft Corporation, 6.00.3790.2867 (srv03_sp1_gdr.070122-2245), C:2007-01-23 23:03 M:2007-01-23 23:03]
    C:\WINDOWS\system32\SHLWAPI.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\comdlg32.dll  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\wsock32.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WS2_32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WS2HELP.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    E:\Webest\CE\wjlock.dll  [N/A, C:2006-11-05 13:46 M:2006-02-02 05:49]
    E:\Webest\CE\UTS2.dll  [WJ Corp., 1, 0, 0, 0, C:2006-11-05 13:46 M:2005-05-24 16:27]
    C:\WINDOWS\system32\MFC42.DLL  [Microsoft Corporation, 6.06.8063.0, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WININET.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\CRYPT32.dll  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MSASN1.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ODBC32.dll  [Microsoft Corporation, 3.526.1830.0 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\IMM32.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\LPK.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USP10.dll  [Microsoft Corporation, 1.0422.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.2778_x-ww_A8F04F11\comctl32.dll  [Microsoft Corporation, 6.0 (srv03_sp1_qfe.060825-0235), C:2007-04-13 10:10 M:2006-08-28 16:25]
    C:\WINDOWS\system32\odbcint.dll  [Microsoft Corporation, 3.526.1830.0 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MSCTF.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\apphelp.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msctfime.ime  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\olepro32.dll  [Microsoft Corporation, 5.2.3790.1830, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\mswsock.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\hnetcfg.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\wshtcpip.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\DNSAPI.dll  [Microsoft Corporation, 5.2.3790.2745 (srv03_sp1_gdr.060712-0023), C:2005-11-25 08:00 M:2006-07-13 02:59]
    C:\WINDOWS\System32\winrnr.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WLDAP32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\rasadhlp.dll  [Microsoft Corporation, 5.2.3790.2745 (srv03_sp1_gdr.060712-0023), C:2005-11-25 08:00 M:2006-07-13 02:59]

[PID: 2680 / SYSTEM]   C:\WINDOWS\system32\wbem\wmiprvse.exe   [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:38 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ntdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\kernel32.dll  [Microsoft Corporation, 5.2.3790.2919 (srv03_sp1_gdr.070417-2346), C:2007-04-19 00:34 M:2007-04-19 00:34]
    C:\WINDOWS\system32\msvcrt.dll  [Microsoft Corporation, 7.0.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ADVAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\GDI32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\wbem\wbemcomn.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.2.3790.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\OLEAUT32.dll  [Microsoft Corporation, 5.2.3790.1830, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\wbem\FastProx.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:38 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msvcp60.dll  [Microsoft Corporation, 6.05.2144.0, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\NTDSAPI.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\DNSAPI.dll  [Microsoft Corporation, 5.2.3790.2745 (srv03_sp1_gdr.060712-0023), C:2005-11-25 08:00 M:2006-07-13 02:59]
    C:\WINDOWS\system32\WS2_32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WS2HELP.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\NETAPI32.dll  [Microsoft Corporation, 5.2.3790.2769 (srv03_sp1_gdr.060810-0002), C:2006-08-11 17:58 M:2006-08-11 17:58]
    C:\WINDOWS\system32\Secur32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WLDAP32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\NCObjAPI.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\faultrep.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\VERSION.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USERENV.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WINSTA.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SETUPAPI.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SHLWAPI.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\IMM32.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\LPK.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USP10.dll  [Microsoft Corporation, 1.0422.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\xpsp2res.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\CLBCatQ.DLL  [Microsoft Corporation, 2001.12.4720.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\COMRes.dll  [Microsoft Corporation, 2001.12.4720.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\wbem\wbemsvc.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2007-01-08 11:39 M:2005-11-25 08:00]
    C:\WINDOWS\system32\wbem\wmiutils.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:38 M:2005-11-25 08:00]
    C:\WINDOWS\system32\wbem\wmiprov.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:38 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WMI.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\NTMARTA.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SAMLIB.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\authz.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\wbem\esscli.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:38 M:2005-11-25 08:00]

[PID: 3404 / a2]   C:\WINDOWS\system32\conime.exe   [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ntdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\kernel32.dll  [Microsoft Corporation, 5.2.3790.2919 (srv03_sp1_gdr.070417-2346), C:2007-04-19 00:34 M:2007-04-19 00:34]
    C:\WINDOWS\system32\msvcrt.dll  [Microsoft Corporation, 7.0.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ADVAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\GDI32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\IMM32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\LPK.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USP10.dll  [Microsoft Corporation, 1.0422.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MSCTF.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\apphelp.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msctfime.ime  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.2.3790.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]

[PID: 588 / a2]   C:\WINDOWS\system32\wuauclt.exe   [(Verified)Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740), C:2007-01-08 11:41 M:2007-07-30 19:19]
    C:\WINDOWS\system32\ntdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\kernel32.dll  [Microsoft Corporation, 5.2.3790.2919 (srv03_sp1_gdr.070417-2346), C:2007-04-19 00:34 M:2007-04-19 00:34]
    C:\WINDOWS\system32\msvcrt.dll  [Microsoft Corporation, 7.0.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.2.3790.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\ADVAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\GDI32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\OLEAUT32.dll  [Microsoft Corporation, 5.2.3790.1830, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SHLWAPI.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\IMM32.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\LPK.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USP10.dll  [Microsoft Corporation, 1.0422.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.2778_x-ww_A8F04F11\COMCTL32.dll  [Microsoft Corporation, 6.0 (srv03_sp1_qfe.060825-0235), C:2007-04-13 10:10 M:2006-08-28 16:25]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.3790.2867 (srv03_sp1_gdr.070122-2245), C:2007-01-23 23:03 M:2007-01-23 23:03]
    C:\WINDOWS\system32\MSIMG32.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\Cabinet.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\CRYPT32.dll  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MSASN1.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WINTRUST.dll  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\imagehlp.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MSCTF.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\CLBCatQ.DLL  [Microsoft Corporation, 2001.12.4720.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\COMRes.dll  [Microsoft Corporation, 2001.12.4720.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\VERSION.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\xpsp2res.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\apphelp.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msctfime.ime  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[PID: 3372 / a2]   L:\杀毒工具\WINDOS清理助手\arswp2\ArSwp.exe   [ArSwp.com, 2, 8, 2, 1115, C:2008-12-08 08:28 M:2008-11-15 11:58]
    C:\WINDOWS\system32\ntdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\kernel32.dll  [Microsoft Corporation, 5.2.3790.2919 (srv03_sp1_gdr.070417-2346), C:2007-04-19 00:34 M:2007-04-19 00:34]
    C:\WINDOWS\system32\SHLWAPI.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\GDI32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\ADVAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msvcrt.dll  [Microsoft Corporation, 7.0.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WININET.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\CRYPT32.dll  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MSASN1.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\OLEAUT32.dll  [Microsoft Corporation, 5.2.3790.1830, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.2.3790.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\VERSION.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\imagehlp.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WINTRUST.dll  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WTSAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WINSTA.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\NETAPI32.dll  [Microsoft Corporation, 5.2.3790.2769 (srv03_sp1_gdr.060810-0002), C:2006-08-11 17:58 M:2006-08-11 17:58]
    C:\WINDOWS\system32\PSAPI.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\comdlg32.dll  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_5.82.3790.2778_x-ww_497C098C\COMCTL32.dll  [Microsoft Corporation, 5.82 (srv03_sp1_qfe.060825-0235), C:2007-04-13 10:10 M:2006-08-28 16:25]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.3790.2867 (srv03_sp1_gdr.070122-2245), C:2007-01-23 23:03 M:2007-01-23 23:03]
    C:\WINDOWS\system32\WINSPOOL.DRV  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\oledlg.dll  [Microsoft Corporation, 1.0 (srv03_sp1_gdr.061016-0022), C:2005-11-25 08:00 M:2006-10-16 20:40]
    C:\WINDOWS\system32\OLEPRO32.DLL  [Microsoft Corporation, 5.2.3790.1830, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\urlmon.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\WSOCK32.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WS2_32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WS2HELP.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\iphlpapi.dll  [Microsoft Corporation, 5.2.3790.2706 (srv03_sp1_gdr.060518-1516), C:2006-05-19 11:18 M:2006-05-19 11:18]
    C:\WINDOWS\system32\MSVCP60.dll  [Microsoft Corporation, 6.05.2144.0, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SETUPAPI.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\IMM32.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\LPK.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USP10.dll  [Microsoft Corporation, 1.0422.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.2778_x-ww_A8F04F11\comctl32.dll  [Microsoft Corporation, 6.0 (srv03_sp1_qfe.060825-0235), C:2007-04-13 10:10 M:2006-08-28 16:25]
    C:\WINDOWS\system32\MSCTF.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\apphelp.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\CLBCatQ.DLL  [Microsoft Corporation, 2001.12.4720.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\COMRes.dll  [Microsoft Corporation, 2001.12.4720.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USERENV.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msctfime.ime  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    L:\杀毒工具\WINDOS清理助手\arswp2\plugin\ArFix.dll  [ArSwp.Com, 2, 5, 0, 0, C:2008-12-08 08:28 M:2007-11-28 15:19]
    C:\WINDOWS\system32\secur32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\cryptnet.dll  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SensApi.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WLDAP32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\Cabinet.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.WinHTTP_6595b64144ccf1df_5.1.3790.1830_x-ww_74150EFB\WINHTTP.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 19:30 M:2005-04-04 21:44]
    C:\WINDOWS\system32\mswsock.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\hnetcfg.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\wshqos.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\wshtcpip.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RASAPI32.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\rasman.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\TAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\rtutils.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WINMM.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msv1_0.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\DNSAPI.dll  [Microsoft Corporation, 5.2.3790.2745 (srv03_sp1_gdr.060712-0023), C:2005-11-25 08:00 M:2006-07-13 02:59]
    C:\WINDOWS\System32\winrnr.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\System32\nwprovau.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MPR.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\rasadhlp.dll  [Microsoft Corporation, 5.2.3790.2745 (srv03_sp1_gdr.060712-0023), C:2005-11-25 08:00 M:2006-07-13 02:59]
    C:\WINDOWS\system32\shdocvw.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\CRYPTUI.dll  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\asycfilt.dll  [Microsoft Corporation, 5.2.3790.1830, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\mlang.dll  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SXS.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\shdoclc.dll  [Microsoft Corporation, 6.00.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\xpsp2res.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\mshtml.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\msls31.dll  [Microsoft Corporation, 3.10.349.0, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msimtf.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[PID: 3692 / a2]   C:\WINDOWS\system32\taskmgr.exe   [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ntdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\kernel32.dll  [Microsoft Corporation, 5.2.3790.2919 (srv03_sp1_gdr.070417-2346), C:2007-04-19 00:34 M:2007-04-19 00:34]
    C:\WINDOWS\system32\ADVAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\GDI32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\iphlpapi.dll  [Microsoft Corporation, 5.2.3790.2706 (srv03_sp1_gdr.060518-1516), C:2006-05-19 11:18 M:2006-05-19 11:18]
    C:\WINDOWS\system32\msvcrt.dll  [Microsoft Corporation, 7.0.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\PSAPI.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WS2_32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WS2HELP.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.2778_x-ww_A8F04F11\COMCTL32.dll  [Microsoft Corporation, 6.0 (srv03_sp1_qfe.060825-0235), C:2007-04-13 10:10 M:2006-08-28 16:25]
    C:\WINDOWS\system32\SHLWAPI.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.3790.2867 (srv03_sp1_gdr.070122-2245), C:2007-01-23 23:03 M:2007-01-23 23:03]
    C:\WINDOWS\system32\Secur32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\VDMDBG.dll  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\IMM32.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\LPK.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USP10.dll  [Microsoft Corporation, 1.0422.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MSCTF.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\apphelp.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msctfime.ime  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.2.3790.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WINSTA.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\NETAPI32.dll  [Microsoft Corporation, 5.2.3790.2769 (srv03_sp1_gdr.060810-0002), C:2006-08-11 17:58 M:2006-08-11 17:58]
    C:\WINDOWS\system32\UTILDLL.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\TAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\rtutils.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WINMM.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SETUPAPI.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WTSAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]

[PID: 2072 / a2]   L:\日志扫描工具\SysLog-0804\SysLog-0804\SysLog.exe   [N/A, C:2008-12-08 08:27 M:2008-08-04 21:19]
    C:\WINDOWS\system32\ntdll.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\kernel32.dll  [Microsoft Corporation, 5.2.3790.2919 (srv03_sp1_gdr.070417-2346), C:2007-04-19 00:34 M:2007-04-19 00:34]
    C:\WINDOWS\system32\SHLWAPI.dll  [Microsoft Corporation, 6.00.3790.2920 (srv03_sp1_gdr.070418-2354), C:2007-04-21 01:13 M:2007-04-21 01:13]
    C:\WINDOWS\system32\GDI32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.2.3790.2892 (srv03_sp1_gdr.070301-0030), C:2007-04-13 11:06 M:2007-03-02 14:11]
    C:\WINDOWS\system32\ADVAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msvcrt.dll  [Microsoft Corporation, 7.0.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\VERSION.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WINTRUST.dll  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\CRYPT32.dll  [Microsoft Corporation, 5.131.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\MSASN1.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\imagehlp.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WTSAPI32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WINSTA.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\NETAPI32.dll  [Microsoft Corporation, 5.2.3790.2769 (srv03_sp1_gdr.060810-0002), C:2006-08-11 17:58 M:2006-08-11 17:58]
    C:\WINDOWS\system32\PSAPI.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WS2_32.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\WS2HELP.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\comdlg32.dll  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_5.82.3790.2778_x-ww_497C098C\COMCTL32.dll  [Microsoft Corporation, 5.82 (srv03_sp1_qfe.060825-0235), C:2007-04-13 10:10 M:2006-08-28 16:25]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.3790.2867 (srv03_sp1_gdr.070122-2245), C:2007-01-23 23:03 M:2007-01-23 23:03]
    C:\WINDOWS\system32\WINSPOOL.DRV  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\oledlg.dll  [Microsoft Corporation, 1.0 (srv03_sp1_gdr.061016-0022), C:2005-11-25 08:00 M:2006-10-16 20:40]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.2.3790.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\OLEPRO32.DLL  [Microsoft Corporation, 5.2.3790.1830, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\OLEAUT32.dll  [Microsoft Corporation, 5.2.3790.1830, C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\IMM32.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\LPK.DLL  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\USP10.dll  [Microsoft Corporation, 1.0422.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.2778_x-ww_A8F04F11\comctl32.dll  [Microsoft Corporation, 6.0 (srv03_sp1_qfe.060825-0235), C:2007-04-13 10:10 M:2006-08-28 16:25]
    C:\WINDOWS\system32\MSCTF.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\apphelp.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\msctfime.ime  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\mswsock.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\SETUPAPI.dll  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\CLBCatQ.DLL  [Microsoft Corporation, 2001.12.4720.2492 (srv03_sp1_gdr.050720-1521), C:2007-01-08 11:51 M:2005-07-21 11:25]
    C:\WINDOWS\system32\COMRes.dll  [Microsoft Corporation, 2001.12.4720.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
    C:\WINDOWS\system32\LINKINFO.dll  [Microsoft Corporation, 5.2.3790.2521 (srv03_sp1_gdr.050831-1529), C:2005-11-25 08:00 M:2005-09-01 10:21]
    C:\WINDOWS\system32\ntshrui.dll  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]


========================================
File Link

[.txt] <C:\WINDOWS\notepad.exe %1> [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:32 M:2005-11-25 08:00]
[.log] <C:\WINDOWS\notepad.exe %1> [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2007-01-08 11:32 M:2005-11-25 08:00]
[.ini] <C:\WINDOWS\System32\NOTEPAD.EXE %1> [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
[.hlp] <%SystemRoot%\System32\winhlp32.exe %1> [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048), C:2005-11-25 08:00 M:2005-11-25 08:00]
[.vbs] <%SystemRoot%\System32\WScript.exe "%1" %*> [Microsoft Corporation, 5.6.0.8827, C:2005-11-25 08:00 M:2005-11-25 08:00]
[.js] <%SystemRoot%\System32\WScript.exe "%1" %*> [Microsoft Corporation, 5.6.0.8827, C:2005-11-25 08:00 M:2005-11-25 08:00]
[.chm] <"hh.exe" %1> [Microsoft Corporation, 5.2.3790.2427 (srv03_sp1_gdr.050421-1629), C:2005-11-25 08:00 M:2005-04-22 09:37]


========================================
Autorun



========================================
Winsock Providers

MSAFD Tcpip [TCP/IP]
    <%SystemRoot%\system32\mswsock.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
MSAFD Tcpip [UDP/IP]
    <%SystemRoot%\system32\mswsock.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
MSAFD Tcpip [RAW/IP]
    <%SystemRoot%\system32\mswsock.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
RSVP UDP Service Provider
    <%SystemRoot%\system32\mswsock.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
RSVP TCP Service Provider
    <%SystemRoot%\system32\mswsock.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
MSAFD nwlnkipx [IPX]
    <%SystemRoot%\system32\mswsock.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
MSAFD nwlnkspx [SPX]
    <%SystemRoot%\system32\mswsock.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
MSAFD nwlnkspx [SPX] [Pseudo Stream]
    <%SystemRoot%\system32\mswsock.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
MSAFD nwlnkspx [SPX II]
    <%SystemRoot%\system32\mswsock.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
MSAFD nwlnkspx [SPX II] [Pseudo Stream]
    <%SystemRoot%\system32\mswsock.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
MSAFD NetBIOS [\Device\NwlnkNb] SEQPACKET 4
    <%SystemRoot%\system32\mswsock.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
MSAFD NetBIOS [\Device\NwlnkNb] DATAGRAM 4
    <%SystemRoot%\system32\mswsock.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
MSAFD NetBIOS [\Device\NetBT_Tcpip_{50C02631-6BA6-483F-9C3B-CCB259598C79}] SEQPACKET 0
    <%SystemRoot%\system32\mswsock.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
MSAFD NetBIOS [\Device\NetBT_Tcpip_{50C02631-6BA6-483F-9C3B-CCB259598C79}] DATAGRAM 0
    <%SystemRoot%\system32\mswsock.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
MSAFD NetBIOS [\Device\NetBT_Tcpip_{65FC51E7-F696-4705-A19C-1641F16DA659}] SEQPACKET 1
    <%SystemRoot%\system32\mswsock.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
MSAFD NetBIOS [\Device\NetBT_Tcpip_{65FC51E7-F696-4705-A19C-1641F16DA659}] DATAGRAM 1
    <%SystemRoot%\system32\mswsock.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
MSAFD NetBIOS [\Device\NetBT_Tcpip_{583D1E99-1C79-4A31-9D8D-54359C65B946}] SEQPACKET 2
    <%SystemRoot%\system32\mswsock.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
MSAFD NetBIOS [\Device\NetBT_Tcpip_{583D1E99-1C79-4A31-9D8D-54359C65B946}] DATAGRAM 2
    <%SystemRoot%\system32\mswsock.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
MSAFD NetBIOS [\Device\NetBT_Tcpip_{FF8E2A0E-D988-4724-80B4-30487C0BD134}] SEQPACKET 3
    <%SystemRoot%\system32\mswsock.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]
MSAFD NetBIOS [\Device\NetBT_Tcpip_{FF8E2A0E-D988-4724-80B4-30487C0BD134}] DATAGRAM 3
    <%SystemRoot%\system32\mswsock.dll>  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447), C:2005-11-25 08:00 M:2005-11-25 08:00]


[/CODE]