[CODE]

2009-01-16,10:45:21

SysLog Scanner 1.0 - build 20080726
Arswp (http://www.arswp.com)

Windows XP Professional Service Pack 3 (build 2600) - Administrators



========================================
注册项

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2008-05-01 00:00 M:2008-05-01 00:00|(Verified)NVIDIA Corporation, 6.14.11.0134, C:2008-06-05 08:51 M:2007-05-22 22:35]
    <SKYNET Personal FireWall><D:\software\FIREWALL\pfw.exe>  [广州众达天网技术有限公司, 3.0.0.1015, C:2008-12-09 23:26 M:2008-07-06 13:37]
    <ssMgr_ccb><C:\Program Files\StarSec\ssMgr_ccb.exe -r>  [Copyright (C) 2006, 1, 0, 5, 1026, C:2007-04-26 10:25 M:2007-04-26 10:25]
    <AVP><"D:\software\Kaspersky Internet Security 2009\avp.exe">  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:20 M:2008-07-29 20:20]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_Dlls><D:\software\KASPER~1\mzvkbd.dll,D:\software\KASPER~1\mzvkbd3.dll,D:\software\KASPER~1\adialhk.dll,D:\software\KASPER~1\kloehk.dll,>  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22|(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22|(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:20 M:2008-07-29 20:20|(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:21 M:2008-07-29 20:21]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\"添加到卡巴斯基反广告"]
    <><D:\software\Kaspersky Internet Security 2009\ie_banner_deny.htm>  [N/A, C:2008-07-29 20:08 M:2008-07-29 20:08]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载]
    <><d:\software\Thunder\Program\GetUrl.htm>  [N/A, C:2008-12-10 00:01 M:2008-07-28 15:43]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载全部链接]
    <><d:\software\Thunder\Program\GetAllUrl.htm>  [N/A, C:2008-12-10 00:01 M:2007-12-10 14:17]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\导出到 Microsoft Office Excel(&X)]
    <><res://D:\software\MICROS~1\OFFICE11\EXCEL.EXE/3000>  []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\查看当前站点排名]
    <><http://alexa.chinaz.com/alexa.htm>  []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\添加到QQ表情]
    <><d:\software\Tencent\QQ\AddEmotion.htm>  [N/A, C:2008-06-30 17:14 M:2008-06-30 17:14]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
    <WinlogonNotify: klogon><C:\WINDOWS\system32\klogon.dll>  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:21 M:2008-07-29 20:21]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2008-05-01 00:00 M:2008-05-01 00:00|(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-05-01 00:00 M:2008-05-01 00:00|(Verified)N/A, C:2008-05-01 00:00 M:2008-05-01 00:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2008-05-01 00:00 M:2008-05-01 00:00|(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-05-01 00:00 M:2008-05-01 00:00|(Verified)N/A, C:2008-05-01 00:00 M:2008-05-01 00:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2008-05-01 00:00 M:2008-05-01 00:00|(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-05-01 00:00 M:2008-05-01 00:00|(Verified)N/A, C:2006-11-02 23:38 M:2006-11-02 23:38]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}]
    <启动迅雷5><d:\software\Thunder\Thunder.exe>  [(Verified)Thunder Networking Technologies,LTD, 5, 6, 8, 19, C:2008-12-10 00:01 M:2008-10-16 18:18]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E}]
    <Web 流量保护状态><D:\software\Kaspersky Internet Security 2009\SCIEPlgn.dll>  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]


========================================
启动项



========================================
计划任务



========================================
组件


IE Extension
[Web 流量保护状态]
    {85E0B171-04FA-11D1-B7DA-00A0C90348D6}  <D:\software\Kaspersky Internet Security 2009\SCIEPlgn.dll>  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]

Shell Extension
[Display Panning CPL Extension]
    {42071714-76d4-11d1-8b24-00a0c9068ff3}  <deskpan.dll>  []
[HyperTerminal Icon Ext]
    {88895560-9AA2-1069-930E-00AA0030EBC8}  <C:\WINDOWS\system32\hticons.dll>  [(Verified)Hilgraeve, Inc., 5.1.2600.0, C:2008-12-09 22:37 M:2008-05-01 08:00]
[NvCpl DesktopContext Class]
    {A70C977A-BF00-412C-90B7-034C51DA2439}  <C:\WINDOWS\system32\nvcpl.dll>  [(Verified)NVIDIA Corporation, 6.14.11.0134, C:2008-06-05 08:51 M:2007-05-22 22:35]
[Play on my TV helper]
    {FFB699E0-306A-11d3-8BD1-00104B6F7516}  <C:\WINDOWS\system32\nvcpl.dll>  [(Verified)NVIDIA Corporation, 6.14.11.0134, C:2008-06-05 08:51 M:2007-05-22 22:35]
[Desktop Explorer]
    {1CDB2949-8F65-4355-8456-263E7C208A5D}  <C:\WINDOWS\system32\nvshell.dll>  [N/A, C:2008-06-05 08:51 M:2007-05-22 22:35]
[Desktop Explorer Menu]
    {1E9B04FB-F9E5-4718-997B-B8DA88302A47}  <C:\WINDOWS\system32\nvshell.dll>  [N/A, C:2008-06-05 08:51 M:2007-05-22 22:35]
[nView Desktop Context Menu]
    {1E9B04FB-F9E5-4718-997B-B8DA88302A48}  <C:\WINDOWS\system32\nvshell.dll>  [N/A, C:2008-06-05 08:51 M:2007-05-22 22:35]
[WinRAR shell extension]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <d:\software\WinRAR\rarext.dll>  [N/A, C:2008-12-09 23:55 M:2007-09-23 18:59]
[Anti-Spyware Toolkit]
    {B62954A8-2446-4AEA-A2EE-489863352A21}  <D:\software\ast\AstShellEx.dll>  [超级巡警, 1.5.5.13, C:2008-04-02 19:05 M:2008-04-02 19:05]
[Web 流量保护状态]
    {85E0B171-04FA-11D1-B7DA-00A0C90348D6}  <D:\software\Kaspersky Internet Security 2009\SCIEPlgn.dll>  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]

Protocols
[NyfFilter Class]
    {C4BA8816-8761-4164-8E33-56F3024A09E4}  <d:\software\nyfedit5\ienyf.dll>  [Wjj Software, 1, 0, 0, 11, C:2008-12-09 23:53 M:2006-04-30 09:41]

BrowserHelperObject
[ThunderAtOnce Class]
    {01443AEC-0FD1-40fd-9C87-E93D1494C233}  <d:\software\Thunder\ComDlls\TDAtOnce_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 1.0.5.34, C:2008-12-10 00:01 M:2008-09-06 10:36]
[AcroIEHlprObj Class]
    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}  <D:\software\Acrobat 7.0\ActiveX\AcroIEHelper.dll>  [(Verified)Adobe Systems Incorporated, 7.0.0.2004121400, C:2004-12-14 01:56 M:2004-12-14 01:56]
[IEVkbdBHO Class]
    {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}  <D:\software\Kaspersky Internet Security 2009\ievkbd.dll>  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:21 M:2008-07-29 20:21]
[Thunder Browser Helper]
    {889D2FEB-5411-4565-8998-1DD2C5261283}  <d:\software\Thunder\ComDlls\xunleiBHO_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 120, C:2008-12-10 00:01 M:2008-09-19 16:44]
[SecAddons Class]
    {AF69627B-8489-41C2-971A-B927DF7A5B0F}  <D:\software\ast\SecAddons.dll>  [超级巡警, 1, 0, 3, 4, C:2008-09-11 10:10 M:2008-09-11 10:10]

ActiveX Extension
[ThunderAtOnce Class]
    {01443AEC-0FD1-40FD-9C87-E93D1494C233}  <d:\software\Thunder\ComDlls\TDAtOnce_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 1.0.5.34, C:2008-12-10 00:01 M:2008-09-06 10:36]
[AcroIEHlprObj Class]
    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}  <D:\software\Acrobat 7.0\ActiveX\AcroIEHelper.dll>  [(Verified)Adobe Systems Incorporated, 7.0.0.2004121400, C:2004-12-14 01:56 M:2004-12-14 01:56]
[Edit Class]
    {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D}  <C:\WINDOWS\system32\CMBEdit.dll>  [Copyright 2004, 1, 2, 0, 3, C:2008-12-10 16:41 M:2007-09-14 15:54]
[iTrusPTA Class]
    {1E0DFFCF-27FF-4574-849B-55007349FEDA}  <C:\WINDOWS\system32\aliedit\pta.dll>  [(Verified)Copyright 2001, 2, 5, 1, 509, C:2007-04-19 18:43 M:2008-07-14 09:42]
[GDCCBCtrl Class]
    {478AB5EE-5C92-41C3-8339-CFC5BA639733}  <C:\WINDOWS\system32\GDCCBUtil.dll>  [G&D, 1.0.0.1, C:2007-04-09 10:21 M:2007-04-09 10:21]
[EditCtrl Class]
    {488A4255-3236-44B3-8F27-FA1AECAA8844}  <C:\WINDOWS\system32\aliedit\aliedit.dll>  [(Verified)Copyright 2008, 2, 1, 2, 1, C:2007-04-19 18:46 M:2008-07-14 09:42]
[IEVkbdBHO Class]
    {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}  <D:\software\Kaspersky Internet Security 2009\ievkbd.dll>  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:21 M:2008-07-29 20:21]
[MediaComm Class]
    {7670648D-461B-42AF-BDFE-46D26AF5EFF2}  <d:\software\Thunder\Components\InMedia\MediaAddin18.dll>  [(Verified)Thunder Networking Technologies,LTD, 3, 1, 6, 81, C:2009-01-07 00:47 M:2008-11-25 11:16]
[Thunder Browser Helper]
    {889D2FEB-5411-4565-8998-1DD2C5261283}  <d:\software\Thunder\ComDlls\xunleiBHO_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 120, C:2008-12-10 00:01 M:2008-09-19 16:44]
[DapCtrl Class]
    {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8}  <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.1.5807.94.(58).dll>  [(Verified)ShenZhen Thunder Networking Technologies Ltd., 2, 1, 5807, 94, C:2008-12-10 00:01 M:2008-10-16 17:13]
[SecAddons Class]
    {AF69627B-8489-41C2-971A-B927DF7A5B0F}  <D:\software\ast\SecAddons.dll>  [超级巡警, 1, 0, 3, 4, C:2008-09-11 10:10 M:2008-09-11 10:10]
[Shockwave Flash Object]
    {D27CDB6E-AE6D-11CF-96B8-444553540000}  <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx>  [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32]
[PlayerCtrl Class]
    {E05BC2A3-9A46-4A32-80C9-023A473F5B23}  <d:\software\Tencent\QQMusic\QzoneMusic.dll>  [(Verified)深圳腾讯科技, 3, 1, 162, 202, C:2008-05-15 09:37 M:2008-05-15 09:37]
[XPPlayer Class]
    {F3E70CEA-956E-49CC-B444-73AFE593AD7F}  <C:\Program Files\Common Files\Thunder Network\KanKan\PPlayer.2.1.5871.223.(59).dll>  [(Verified)Xunlei Networking Technologies,LTD, 2, 1, 5871, 223, C:2008-12-10 00:01 M:2008-10-13 18:29]

Context Menu
[Anti-Spyware Toolkit]
    {B62954A8-2446-4AEA-A2EE-489863352A21}  <D:\software\ast\AstShellEx.dll>  [超级巡警, 1.5.5.13, C:2008-04-02 19:05 M:2008-04-02 19:05]
[Kaspersky Anti-Virus]
    {dd230880-495a-11d1-b064-008048ec2fc5}  <D:\software\Kaspersky Internet Security 2009\ShellEx.dll>  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]
[WinRAR]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <d:\software\WinRAR\rarext.dll>  [N/A, C:2008-12-09 23:55 M:2007-09-23 18:59]


========================================
服务

[PlugServerD / PlugServer][Running/Auto Start]
    <C:\Program Files\StarSec\PlugServer.exe>  [GDChina, 1, 1, 0, 2, C:2008-12-09 23:38 M:2007-03-30 15:22]

[Kaspersky Internet Security / AVP][Running/Auto Start]
    <"D:\software\Kaspersky Internet Security 2009\avp.exe" -r>  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:20 M:2008-07-29 20:20]
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
    <%SystemRoot%\system32\nvsvc32.exe>  [(Verified)NVIDIA Corporation, 6.14.11.0134, C:2008-06-05 08:51 M:2007-05-22 22:35]


========================================
驱动

[ASTTools / ASTTools][Stopped/Manual Start]
    <\??\D:\software\ast\ASTTools.sys>  [DSW Lab, 1.0.0.2 built by: WinDDK, C:2008-08-12 11:07 M:2008-08-12 11:07]
[RF / RF][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\drivers\RF.ahc>  [N/A, C:2008-12-21 22:08 M:2009-01-13 18:05]
[SKNFW / SKNFW][Running/System Start]
    <\??\C:\WINDOWS\system32\Drivers\SKNFW.sys>  [N/A, C:2008-12-09 23:26 M:2007-12-17 10:14]
[SkyProcs / SkyProcs][Running/Manual Start]
    <\??\D:\software\FIREWALL\SkyProcs.sys>  [N/A, C:2008-12-09 23:26 M:2006-03-28 15:17]

[Broadcom NetXtreme Gigabit Ethernet / b57w2k][Running/Manual Start]
    <system32\DRIVERS\b57xp32.sys>  [(Verified)Broadcom Corporation, 10.26.0.0 built by: WinDDK, C:2008-12-09 23:04 M:2007-02-16 15:46]
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start]
    <system32\DRIVERS\HDAudBus.sys>  [(Verified)Windows (R) Server 2003 DDK provider, 5.10.01.5013 built by: WinDDK, C:2008-05-01 00:00 M:2008-05-01 00:00]
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
    <system32\drivers\RtkHDAud.sys>  [(Verified)Realtek Semiconductor Corp., 5.10.0.5391 built by: WinDDK, C:2008-12-09 22:58 M:2007-03-26 19:21]
[Kl1 / kl1][Running/Boot Start]
    <system32\drivers\kl1.sys>  [(Verified)Kaspersky Lab, 6.2.35.0, C:2008-07-21 18:34 M:2008-07-21 18:34]
[Kaspersky Lab Boot Guard Driver / klbg][Running/Boot Start]
    <system32\drivers\klbg.sys>  [(Verified)Kaspersky Lab, 8.0.6.2, C:2008-01-29 18:29 M:2008-01-29 18:29]
[Kaspersky Lab KLFltDev / KLFLTDEV][Running/Manual Start]
    <system32\DRIVERS\klfltdev.sys>  [(Verified)Kaspersky Lab, 8.0.0.17, C:2008-03-13 19:02 M:2008-03-13 19:02]
[Kaspersky Lab Driver / KLIF][Running/System Start]
    <system32\DRIVERS\klif.sys>  [(Verified)Kaspersky Lab, 8.1.0.100, C:2008-12-10 01:12 M:2008-12-10 01:12]
[Kaspersky Anti-Virus NDIS Filter / klim5][Running/Manual Start]
    <system32\DRIVERS\klim5.sys>  [(Verified)Kaspersky Lab, 6.1.28.0, C:2008-04-30 18:06 M:2008-04-30 18:06]
[nv / nv][Running/Manual Start]
    <system32\DRIVERS\nv4_mini.sys>  [(Verified)NVIDIA Corporation, 6.14.11.0134, C:2008-06-05 08:51 M:2007-05-22 22:35]
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
    <system32\DRIVERS\ptilink.sys>  [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:2008-05-01 00:00 M:2008-05-01 00:00]
[Secdrv / Secdrv][Stopped/Manual Start]
    <system32\DRIVERS\secdrv.sys>  [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:2008-05-01 00:00 M:2008-05-01 00:00]
[Prolific2 Serial port driver / Ser2pl][Stopped/Manual Start]
    <system32\DRIVERS\ser2pl.sys>  [(Verified)Prolific Technology Inc., 2.0.2.1, C:2008-12-11 14:22 M:2005-07-25 10:04]


========================================
进程

[PID: 640 / SYSTEM]   \SystemRoot\System32\smss.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-05-01 00:00 M:2008-05-01 00:00]

[PID: 976 / SYSTEM]   \??\C:\WINDOWS\system32\csrss.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-05-01 00:00 M:2008-05-01 00:00]

[PID: 1004 / SYSTEM]   \??\C:\WINDOWS\system32\winlogon.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2008-05-01 00:00 M:2008-05-01 00:00]
    D:\software\KASPER~1\mzvkbd.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]
    D:\software\KASPER~1\mzvkbd3.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]
    D:\software\KASPER~1\adialhk.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:20 M:2008-07-29 20:20]
    D:\software\KASPER~1\kloehk.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:21 M:2008-07-29 20:21]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-05-01 00:00 M:2008-05-01 00:00]
    C:\WINDOWS\system32\klogon.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:21 M:2008-07-29 20:21]

[PID: 1048 / SYSTEM]   C:\WINDOWS\system32\services.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-05-01 00:00 M:2008-05-01 00:00]
    D:\software\KASPER~1\mzvkbd.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]
    D:\software\KASPER~1\mzvkbd3.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]
    D:\software\KASPER~1\adialhk.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:20 M:2008-07-29 20:20]
    D:\software\KASPER~1\kloehk.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:21 M:2008-07-29 20:21]

[PID: 1060 / SYSTEM]   C:\WINDOWS\system32\lsass.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2008-05-01 00:00 M:2008-05-01 00:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-05-01 00:00 M:2008-05-01 00:00]
    D:\software\KASPER~1\mzvkbd.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]
    D:\software\KASPER~1\mzvkbd3.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]
    D:\software\KASPER~1\adialhk.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:20 M:2008-07-29 20:20]
    D:\software\KASPER~1\kloehk.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:21 M:2008-07-29 20:21]

[PID: 1212 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-05-01 00:00 M:2008-05-01 00:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-05-01 00:00 M:2008-05-01 00:00]
    D:\software\KASPER~1\mzvkbd.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]
    D:\software\KASPER~1\mzvkbd3.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]
    D:\software\KASPER~1\adialhk.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:20 M:2008-07-29 20:20]
    D:\software\KASPER~1\kloehk.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:21 M:2008-07-29 20:21]

[PID: 1312 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-05-01 00:00 M:2008-05-01 00:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-05-01 00:00 M:2008-05-01 00:00]
    D:\software\KASPER~1\mzvkbd.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]
    D:\software\KASPER~1\mzvkbd3.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]
    D:\software\KASPER~1\adialhk.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:20 M:2008-07-29 20:20]
    D:\software\KASPER~1\kloehk.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:21 M:2008-07-29 20:21]

[PID: 1352 / SYSTEM]   C:\WINDOWS\System32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-05-01 00:00 M:2008-05-01 00:00]
    C:\WINDOWS\System32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-05-01 00:00 M:2008-05-01 00:00]
    D:\software\KASPER~1\mzvkbd.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]
    D:\software\KASPER~1\mzvkbd3.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]
    D:\software\KASPER~1\adialhk.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:20 M:2008-07-29 20:20]
    D:\software\KASPER~1\kloehk.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:21 M:2008-07-29 20:21]

[PID: 1460 / LOCAL SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-05-01 00:00 M:2008-05-01 00:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-05-01 00:00 M:2008-05-01 00:00]
    D:\software\KASPER~1\mzvkbd.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]
    D:\software\KASPER~1\mzvkbd3.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]
    D:\software\KASPER~1\adialhk.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:20 M:2008-07-29 20:20]
    D:\software\KASPER~1\kloehk.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:21 M:2008-07-29 20:21]

[PID: 1676 / SYSTEM]   C:\WINDOWS\system32\nvsvc32.exe   [(Verified)NVIDIA Corporation, 6.14.11.0134, C:2008-06-05 08:51 M:2007-05-22 22:35]
    D:\software\KASPER~1\mzvkbd.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]
    D:\software\KASPER~1\mzvkbd3.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]
    D:\software\KASPER~1\kloehk.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:21 M:2008-07-29 20:21]
    C:\WINDOWS\system32\nvapi.dll  [(Verified)NVIDIA Corporation, 6.14.11.0134, C:2008-06-05 08:51 M:2007-05-22 22:35]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-05-01 00:00 M:2008-05-01 00:00]

[PID: 1692 / SYSTEM]   C:\Program Files\StarSec\PlugServer.exe   [GDChina, 1, 1, 0, 2, C:2008-12-09 23:38 M:2007-03-30 15:22]
    D:\software\KASPER~1\mzvkbd.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]
    D:\software\KASPER~1\mzvkbd3.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]
    D:\software\KASPER~1\adialhk.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:20 M:2008-07-29 20:20]
    D:\software\KASPER~1\kloehk.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:21 M:2008-07-29 20:21]
    C:\Program Files\StarSec\plugins\plugstarkey220.dll  [GDChina, 1, 1, 0, 1, C:2008-12-09 23:38 M:2007-04-11 19:45]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-05-01 00:00 M:2008-05-01 00:00]

[PID: 1724 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-05-01 00:00 M:2008-05-01 00:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-05-01 00:00 M:2008-05-01 00:00]
    D:\software\KASPER~1\mzvkbd.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]
    D:\software\KASPER~1\mzvkbd3.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]
    D:\software\KASPER~1\adialhk.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:20 M:2008-07-29 20:20]
    D:\software\KASPER~1\kloehk.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:21 M:2008-07-29 20:21]

[PID: 128 / dxjnet]   C:\WINDOWS\Explorer.EXE   [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-05-01 00:00 M:2008-05-01 00:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-05-01 00:00 M:2008-05-01 00:00]
    D:\software\KASPER~1\mzvkbd.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]
    D:\software\KASPER~1\mzvkbd3.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]
    D:\software\KASPER~1\adialhk.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:20 M:2008-07-29 20:20]
    D:\software\KASPER~1\kloehk.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:21 M:2008-07-29 20:21]
    D:\software\Acrobat 7.0\ActiveX\PDFShell.dll  [Adobe Systems, Inc., 7.0.0.0, C:2004-12-14 02:20 M:2004-12-14 02:20]
    C:\WINDOWS\system32\nvcpl.dll  [(Verified)NVIDIA Corporation, 6.14.11.0134, C:2008-06-05 08:51 M:2007-05-22 22:35]
    C:\WINDOWS\system32\NVRSZHC.DLL  [NVIDIA Corporation, 6.14.11.0134, C:2008-06-05 08:51 M:2007-05-22 22:35]
    C:\WINDOWS\system32\nvapi.dll  [(Verified)NVIDIA Corporation, 6.14.11.0134, C:2008-06-05 08:51 M:2007-05-22 22:35]
    C:\WINDOWS\system32\nvshell.dll  [N/A, C:2008-06-05 08:51 M:2007-05-22 22:35]
    d:\software\WinRAR\rarext.dll  [N/A, C:2008-12-09 23:55 M:2007-09-23 18:59]
    D:\software\Kaspersky Internet Security 2009\ShellEx.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]
    D:\software\Kaspersky Internet Security 2009\MSVCR80.dll  [Microsoft Corporation, 8.00.50727.762, C:2008-07-29 20:08 M:2008-07-29 20:08]
    D:\software\Kaspersky Internet Security 2009\MSVCP80.dll  [Microsoft Corporation, 8.00.50727.762, C:2008-07-29 20:08 M:2008-07-29 20:08]
    D:\software\ast\AstShellEx.dll  [超级巡警, 1.5.5.13, C:2008-04-02 19:05 M:2008-04-02 19:05]
    D:\software\ast\MFC80.DLL  [Microsoft Corporation, 8.00.50727.762, C:2006-12-02 00:26 M:2006-12-02 00:26]
    D:\software\ast\MSVCR80.dll  [Microsoft Corporation, 8.00.50727.762, C:2007-09-27 20:47 M:2007-09-27 20:47]
    D:\software\ast\MSVCP80.dll  [Microsoft Corporation, 8.00.50727.762, C:2006-12-01 22:03 M:2006-12-01 22:03]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 04:42 M:2003-02-21 04:42]
    D:\software\Acrobat 7.0\ActiveX\AcroIEHelper.dll  [(Verified)Adobe Systems Incorporated, 7.0.0.2004121400, C:2004-12-14 01:56 M:2004-12-14 01:56]
    d:\software\Thunder\ComDlls\xunleiBHO_Now.dll  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 120, C:2008-12-10 00:01 M:2008-09-19 16:44]
    d:\software\Thunder\Components\ResWorker\DsBho_00.dll  [Thunder Networking Technologies,LTD, 1, 0, 0, 20, C:2008-12-10 00:01 M:2008-10-16 18:17]
    d:\software\Thunder\Components\ResWorker\DataProcessor_00.dll  [Thunder Networking Technologies,LTD, 1, 0, 0, 16, C:2008-12-10 00:01 M:2008-10-16 18:17]
    C:\WINDOWS\system32\shdoclc.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-05-01 00:00 M:2008-05-01 00:00]
    d:\software\Thunder\ComDlls\TDAtOnce_Now.dll  [(Verified)Thunder Networking Technologies,LTD, 1.0.5.34, C:2008-12-10 00:01 M:2008-09-06 10:36]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 22:14 M:2003-03-18 22:14]
    ?  []

[PID: 276 / dxjnet]   C:\Program Files\StarSec\ssMgr_ccb.exe   [Copyright (C) 2006, 1, 0, 5, 1026, C:2007-04-26 10:25 M:2007-04-26 10:25]
    D:\software\KASPER~1\mzvkbd.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]
    D:\software\KASPER~1\mzvkbd3.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]
    D:\software\KASPER~1\adialhk.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:20 M:2008-07-29 20:20]
    D:\software\KASPER~1\kloehk.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:21 M:2008-07-29 20:21]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-05-01 00:00 M:2008-05-01 00:00]
    C:\WINDOWS\system32\SSP11_CCB.dll  [GDChina, 1, 0, 0, 2, C:2007-04-17 10:02 M:2007-04-17 10:02]

[PID: 1440 / dxjnet]   C:\WINDOWS\system32\taskmgr.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2008-05-01 00:00 M:2008-05-01 00:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-05-01 00:00 M:2008-05-01 00:00]
    D:\software\KASPER~1\mzvkbd.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]
    D:\software\KASPER~1\mzvkbd3.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]
    D:\software\KASPER~1\adialhk.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:20 M:2008-07-29 20:20]
    D:\software\KASPER~1\kloehk.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:21 M:2008-07-29 20:21]

[PID: 2956 / dxjnet]   D:\software\Winamp\winamp.exe   [Nullsoft, 5.0, C:2003-11-20 07:00 M:2003-11-20 07:00]
    D:\software\KASPER~1\mzvkbd.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]
    D:\software\KASPER~1\mzvkbd3.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]
    D:\software\KASPER~1\adialhk.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:20 M:2008-07-29 20:20]
    D:\software\KASPER~1\kloehk.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:21 M:2008-07-29 20:21]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-05-01 00:00 M:2008-05-01 00:00]
    D:\software\Winamp\Plugins\in_mp3.dll  [N/A, C:2003-11-17 14:00 M:2003-11-17 14:00]
    D:\software\Winamp\Plugins\in_cdda.dll  [N/A, C:2003-11-17 13:59 M:2003-11-17 13:59]
    D:\software\Winamp\Plugins\in_wave.dll  [N/A, C:2002-09-01 08:10 M:2002-09-01 08:10]
    D:\software\Winamp\Plugins\out_wave.dll  [N/A, C:2002-10-07 07:00 M:2002-10-07 07:00]
    D:\software\Winamp\Plugins\out_ds.dll  [N/A, C:2003-11-15 06:56 M:2003-11-15 06:56]
    D:\software\Winamp\Plugins\gen_tray.dll  [N/A, C:2003-11-14 04:52 M:2003-11-14 04:52]
    D:\software\Winamp\Plugins\gen_hotkeys.dll  [N/A, C:2003-11-19 04:30 M:2003-11-19 04:30]

[PID: 3368 / dxjnet]   C:\Program Files\Internet Explorer\IEXPLORE.EXE   [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-12-09 22:38 M:2008-05-01 08:00]
    D:\software\KASPER~1\mzvkbd.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]
    D:\software\KASPER~1\mzvkbd3.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]
    D:\software\KASPER~1\adialhk.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:20 M:2008-07-29 20:20]
    D:\software\KASPER~1\kloehk.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:21 M:2008-07-29 20:21]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-05-01 00:00 M:2008-05-01 00:00]
    d:\software\Thunder\ComDlls\TDAtOnce_Now.dll  [(Verified)Thunder Networking Technologies,LTD, 1.0.5.34, C:2008-12-10 00:01 M:2008-09-06 10:36]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 22:14 M:2003-03-18 22:14]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 04:42 M:2003-02-21 04:42]
    D:\software\Acrobat 7.0\ActiveX\AcroIEHelper.dll  [(Verified)Adobe Systems Incorporated, 7.0.0.2004121400, C:2004-12-14 01:56 M:2004-12-14 01:56]
    D:\software\Kaspersky Internet Security 2009\ievkbd.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:21 M:2008-07-29 20:21]
    D:\software\Kaspersky Internet Security 2009\MSVCR80.dll  [Microsoft Corporation, 8.00.50727.762, C:2008-07-29 20:08 M:2008-07-29 20:08]
    d:\software\Thunder\ComDlls\xunleiBHO_Now.dll  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 120, C:2008-12-10 00:01 M:2008-09-19 16:44]
    d:\software\Thunder\Components\ResWorker\DsBho_00.dll  [Thunder Networking Technologies,LTD, 1, 0, 0, 20, C:2008-12-10 00:01 M:2008-10-16 18:17]
    d:\software\Thunder\Components\ResWorker\DataProcessor_00.dll  [Thunder Networking Technologies,LTD, 1, 0, 0, 16, C:2008-12-10 00:01 M:2008-10-16 18:17]
    D:\software\ast\SecAddons.dll  [超级巡警, 1, 0, 3, 4, C:2008-09-11 10:10 M:2008-09-11 10:10]
    C:\WINDOWS\system32\shdoclc.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-05-01 00:00 M:2008-05-01 00:00]
    D:\software\Kaspersky Internet Security 2009\scrchpg.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]
    D:\software\Kaspersky Internet Security 2009\klscav.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:21 M:2008-07-29 20:21]
    D:\software\Kaspersky Internet Security 2009\prremote.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]
    D:\software\Kaspersky Internet Security 2009\MSVCP80.dll  [Microsoft Corporation, 8.00.50727.762, C:2008-07-29 20:08 M:2008-07-29 20:08]
    D:\software\Kaspersky Internet Security 2009\prloader.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]
    D:\software\Kaspersky Internet Security 2009\prkernel.ppl  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:25 M:2008-07-29 20:25]
    d:\software\kaspersky internet security 2009\params.ppl  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:25 M:2008-07-29 20:25]
    d:\software\kaspersky internet security 2009\pxstub.ppl  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:25 M:2008-07-29 20:25]
    d:\software\kaspersky internet security 2009\tempfile.ppl  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:26 M:2008-07-29 20:26]
    C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx  [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32]
    d:\software\kaspersky internet security 2009\nfio.ppl  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:25 M:2008-07-29 20:25]
    d:\software\kaspersky internet security 2009\fsdrvplg.ppl  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:24 M:2008-07-29 20:24]
    d:\software\kaspersky internet security 2009\fssync.dll  [(Verified)Kaspersky Lab, 8.0.5.454, C:2008-07-29 20:21 M:2008-07-29 20:21]
    d:\software\kaspersky internet security 2009\basegui.ppl  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:23 M:2008-07-29 20:23]
    d:\software\kaspersky internet security 2009\thpimpl.ppl  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:26 M:2008-07-29 20:26]
    d:\software\kaspersky internet security 2009\winreg.ppl  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:27 M:2008-07-29 20:27]

[PID: 3260 / dxjnet]   C:\WINDOWS\notepad.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2008-12-09 22:30 M:2008-05-01 08:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-05-01 00:00 M:2008-05-01 00:00]
    D:\software\KASPER~1\mzvkbd.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]
    D:\software\KASPER~1\mzvkbd3.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]
    D:\software\KASPER~1\adialhk.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:20 M:2008-07-29 20:20]
    D:\software\KASPER~1\kloehk.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:21 M:2008-07-29 20:21]

[PID: 2112 / dxjnet]   D:\software\arswp\ArSwp.exe   [(Verified)ArSwp.com, 2, 8, 2, 1115, C:2008-11-15 11:58 M:2008-11-15 11:58]
    D:\software\KASPER~1\mzvkbd.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]
    D:\software\KASPER~1\mzvkbd3.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22]
    D:\software\KASPER~1\adialhk.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:20 M:2008-07-29 20:20]
    D:\software\KASPER~1\kloehk.dll  [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:21 M:2008-07-29 20:21]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-05-01 00:00 M:2008-05-01 00:00]
    D:\software\arswp\plugin\ArFix.dll  [(Verified)ArSwp.Com, 2, 5, 0, 0, C:2007-11-28 15:19 M:2007-11-28 15:19]


========================================
文件关联



========================================
AutoRun.INF



========================================
Winsock提供者



========================================
HOSTS

    127.0.0.1 localhost
    127.0.0.1 yu.8s7.net
    127.0.0.1 2.joppnqq.com
    127.0.0.1 wg.47255.com
    127.0.0.1 1.joppnqq.com
    127.0.0.1 xxx.m111.biz
    127.0.0.1 1.jopenqc.com
    127.0.0.1 1.jopenkk.com
    127.0.0.1 xxx.vh7.biz
    127.0.0.1 xxx.j41m.com
    127.0.0.1 3.joppnqq.com
    127.0.0.1 d.93se.com
    127.0.0.1 www.868wg.com
    127.0.0.1 xxx.mmma.biz
    127.0.0.1 ilove.com
    127.0.0.1 tp.shpzhan.cn
    127.0.0.1 www.tomwg.com
    127.0.0.1 www.177dvd.cn
    127.0.0.1 www.cike007.cn
    127.0.0.1 www.22aaa.com
    127.0.0.1 xx.exiao01.com
    127.0.0.1 www.exiao01.com
    127.0.0.1 www.exiao01.com
    127.0.0.1 new.749571.com
    127.0.0.1 xtx.kv8.info
    127.0.0.1 cao.kv8.info
    127.0.0.1 down.malasc.cn
    127.0.0.1 down2.malasc.com
    127.0.0.1 www.51yws.com
    127.0.0.1 tpiii.chsip.net
    10.50.10.1 shanghai_srv01


[/CODE]