[CODE]

2003-01-01,00:21:56

SysLog Scanner 1.0 - build 20080726
Arswp (http://www.arswp.com)

Windows XP Professional Service Pack 3 (build 2600) - Administrators



========================================
注册项

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <PPS Accelerator><C:\Program Files\PPStream\ppsap.exe>  [(Verified)PPStream Inc, 1, 0, 11, 171, C:2003-01-06 05:21 M:2008-12-11 18:06]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <Thunder><"C:\Program Files\Thunder\Thunder.exe" /s>  [Thunder Networking Technologies,LTD, 5, 6, 8, 19, C:2008-05-23 14:20 M:2008-05-23 14:20]
    <runeip><"D:\kaka\rstray.exe" /startup>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.16, C:2008-11-29 10:02 M:2008-11-29 10:08]
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  [N/A, ]
    <360Safetray><F:\360\360safe\safemon\360tray.exe /start>  [(Verified)360安全中心, 5, 0, 0, 1008, C:2009-01-06 12:21 M:2009-01-06 12:21]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_Dlls><kmon.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-11-29 10:02 M:2008-11-29 10:07]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\+放进我的口袋(&Y)]
    <><http://koudai.360.cn/post_js.html>  []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载]
    <><C:\Program Files\Thunder\Program\geturl.htm>  [N/A, C:2007-12-10 14:17 M:2007-12-10 14:17]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载全部链接]
    <><C:\Program Files\Thunder\Program\getallurl.htm>  [N/A, C:2007-12-10 14:17 M:2007-12-10 14:17]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\导出到 Microsoft Office Excel(&X)]
    <><res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000>  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    <WinlogonNotify: igfxcui><igfxsrvc.dll>  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00|(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00|(Verified)N/A, C:1980-01-01 00:00 M:2007-06-01 00:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00|(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00|(Verified)N/A, C:1980-01-01 00:00 M:2007-06-01 00:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00|(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00|(Verified)N/A, C:1980-01-01 00:00 M:2005-01-28 15:25]


========================================
启动项

[QQ游戏启动加速程序]
    <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\QQ游戏启动加速程序.lnk --> "D:\迅雷下载\qq  dui\QQGAME\Accel.exe"  > [(Verified)深圳市腾讯计算机系统有限公司, 2, 0, 103, 5, C:2009-01-06 15:55 M:2009-01-06 15:55]


========================================
计划任务

[a73b.job]
    <C:\WINDOWS\tasks\a73b.job --> "rundll32" C:\WINDOWS\Downlo~1\a73b.dll,Run > [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00|Microsoft Corporation, 5, 3, 2600, 2180, C:2003-01-01 00:04 M:2003-01-01 00:04]
[a73ac.job]
    <C:\WINDOWS\tasks\a73ac.job --> "rundll32" C:\WINDOWS\Downlo~1\a73ac.dll,Always > [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00|Microsoft Corporation, 8, 90, 1101, 0, C:2009-01-19 21:26 M:2003-01-01 00:04]
[SogouImeMgr.job]
    <C:\WINDOWS\tasks\SogouImeMgr.job --> "C:\PROGRA~1\SOGOUI~1\400~1.195\PinyinRepair.exe" /S > [(Verified)Sogou.com Inc., 4.0.0.1959, C:2008-12-29 12:26 M:2008-12-29 12:26]


========================================
组件


Shell Extension
[Display Panning CPL Extension]
    {42071714-76d4-11d1-8b24-00a0c9068ff3}  <deskpan.dll>  []
[HyperTerminal Icon Ext]
    {88895560-9AA2-1069-930E-00AA0030EBC8}  <C:\WINDOWS\system32\hticons.dll>  [(Verified)Hilgraeve, Inc., 5.1.2600.0, C:2008-04-29 01:02 M:2007-06-01 08:00]
[WinRAR shell extension]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <C:\Program Files\WinRAR\rarext.dll>  [N/A, C:2008-05-01 04:06 M:2007-09-21 16:56]

BrowserHelperObject
[PPS视频加速模块]
    {0000E615-928F-4EE3-892A-8BAC4931DB4F}  <c:\documents and settings\administrator\application data\ppstream\ppsva\1.0.0.6\ppsva.dll>  [(Verified)PPStream Inc., 1.0.0.6, C:2003-01-01 00:24 M:2008-11-11 14:07]
[ThunderAtOnce Class]
    {01443AEC-0FD1-40fd-9C87-E93D1494C233}  <C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 1.0.5.29, C:2008-07-13 02:26 M:2008-04-07 15:40]
[Thunder Browser Helper]
    {889D2FEB-5411-4565-8998-1DD2C5261283}  <C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2008-07-13 02:26 M:2008-04-29 14:42]
[卡卡上网安全助手]
    {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}  <C:\WINDOWS\system32\UrlFilter.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-11-29 10:02 M:2008-11-29 10:08]
[SafeMon Class]
    {B69F34DD-F0F9-42DC-9EDD-957187DA688D}  <F:\360\360safe\safemon\safemon.dll>  [(Verified)360.CN, 5, 0, 0, 1004, C:2008-12-31 02:23 M:2008-12-31 02:23]

ActiveX Extension
[PPS视频加速模块]
    {0000E615-928F-4EE3-892A-8BAC4931DB4F}  <c:\documents and settings\administrator\application data\ppstream\ppsva\1.0.0.6\ppsva.dll>  [(Verified)PPStream Inc., 1.0.0.6, C:2003-01-01 00:24 M:2008-11-11 14:07]
[ThunderAtOnce Class]
    {01443AEC-0FD1-40FD-9C87-E93D1494C233}  <C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 1.0.5.29, C:2008-07-13 02:26 M:2008-04-07 15:40]
[Thunder Agent Class]
    {485463B7-8FB2-4B3B-B29B-8B919B0EACCE}  <C:\Program Files\Thunder\ComDlls\ThunderAgent_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 4, 23, C:2008-07-13 02:26 M:2008-05-26 11:09]
[Thunder Browser Helper]
    {889D2FEB-5411-4565-8998-1DD2C5261283}  <C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2008-07-13 02:26 M:2008-04-29 14:42]
[卡卡上网安全助手]
    {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}  <C:\WINDOWS\system32\UrlFilter.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-11-29 10:02 M:2008-11-29 10:08]
[Invoke Class]
    {B2E3DA72-6FC6-46F2-B020-10A8B149FD2A}  <C:\WINDOWS\system32\d1ka.dll>  [Microsoft Corporation, 6, 0, 2900, 3395, C:2003-01-02 02:34 M:2009-01-24 19:45]
[SafeMon Class]
    {B69F34DD-F0F9-42DC-9EDD-957187DA688D}  <F:\360\360safe\safemon\safemon.dll>  [(Verified)360.CN, 5, 0, 0, 1004, C:2008-12-31 02:23 M:2008-12-31 02:23]
[Shockwave Flash Object]
    {D27CDB6E-AE6D-11CF-96B8-444553540000}  <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx>  [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32]

Context Menu
[WinRAR]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <C:\Program Files\WinRAR\rarext.dll>  [N/A, C:2008-05-01 04:06 M:2007-09-21 16:56]


========================================
服务

[heleErp / heleErp][Stopped/Auto Start]
    <C:\WINDOWS\system32\4abm.exe>  []
[HID Input Service / HidServ][Stopped/Auto Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\hidserv.dll">  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2007-06-01 00:00 M:2007-06-01 00:00]
[OSEvent / OSEvent][Stopped/Auto Start]
    <C:\WINDOWS\system32\t.exe>  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2009-01-21 10:28 M:2009-01-23 14:56]

[Contrl Center of Storm Media / ccosm][Stopped/Disabled]
    <C:\Program Files\StormII\stormliv.exe /asservice>  [(Verified)北京暴风网际科技有限公司, 3, 8, 3, 15, C:2008-03-11 14:33 M:2008-03-11 14:33]


========================================
驱动

[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
    <system32\drivers\ALCXWDM.SYS>  [Realtek Semiconductor Corp., 5.10.00.6280 built by: WinDDK, C:2008-11-27 11:13 M:2008-01-24 16:36]
[AmdK8 Compatible Device / AmdK8][Stopped/Manual Start]
    <System32\drivers\amdk8.sys>  [Advanced Micro Devices, 1.3.2 (dnsrv(wmbla).060701-2226), C:2008-01-03 17:01 M:2006-07-01 22:43]
[ialm / ialm][Running/Manual Start]
    <system32\DRIVERS\ialmnt5.sys>  [Intel Corporation, 6.14.10.4342, C:2008-11-27 11:11 M:2005-06-21 17:12]
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
    <system32\DRIVERS\tcpip.sys>  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_qfe.080620-1309), C:1980-01-01 00:00 M:2008-06-20 19:59]
[WoptiHWDetect / WoptiHWDetect][Running/Manual Start]
    <\??\E:\应用文件\windosw清理助手 优化大师\Wopti\WoptiHWDetect.sys>  [Wopti, 1.2.8.1023, C:2008-10-23 16:14 M:2008-10-23 16:14]

[360procmon / 360procmon][Running/Manual Start]
    <\??\F:\360\360safe\safemon\360procmon.sys>  [(Verified)版权所有 (C) 2006-2008 360.cn, 1, 0, 0, 1001, C:2008-09-28 00:56 M:2008-09-28 00:56]
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
    <system32\drivers\ac97intc.sys>  [(Verified)Intel Corporation, 5.10.3523 built by: WinDDK, C:2008-04-29 00:59 M:2001-08-17 12:20]
[Dritek Keyboard Filter Driver / DKbFltr][Running/Manual Start]
    <system32\DRIVERS\DKbFltr.sys>  [(Verified)Dritek System Inc., 1, 2, 1, 420, C:1980-01-01 00:00 M:2006-05-15 14:08]
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
    <system32\DRIVERS\fetnd5.sys>  [(Verified)VIA Technologies, Inc.              , 2.66, C:2008-04-29 00:59 M:2001-08-17 12:13]
[nv / nv][Stopped/Manual Start]
    <system32\DRIVERS\nv4_mini.sys>  [(Verified)NVIDIA Corporation, 6.14.10.5673, C:2008-04-29 00:59 M:2008-04-13 09:34]
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
    <system32\DRIVERS\ptilink.sys>  [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:2007-06-01 00:00 M:2007-06-01 00:00]
[Realtek 10/100/1000 PCI NIC Family NDIS XP Driver / RTL8023xp][Running/Manual Start]
    <system32\DRIVERS\Rtnicxp.sys>  [(Verified)Realtek Semiconductor Corporation                           , 5,663,1212,2006 built by: WinDDK, C:1980-01-01 00:00 M:2006-12-14 16:44]
[SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
    <\??\C:\WINDOWS\system32\Drivers\safeboxkrnl.sys>  [(Verified)360安全中心, 2, 3, 0, 1006, C:2009-01-06 18:51 M:2009-01-06 18:51]
[Secdrv / Secdrv][Stopped/Manual Start]
    <system32\DRIVERS\secdrv.sys>  [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:2007-06-01 00:00 M:2007-06-01 00:00]
[TesDrvPt / TesDrvPt][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\TesDrvPt.sys>  [(Verified)TENCENT, 1.0.4 built by: WinDDK, C:2008-11-29 20:27 M:2008-11-29 20:27]
[TesSafe / TesSafe][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\TesSafe.sys>  [(Verified)TENCENT, 0, 0, 9, 2, C:2008-11-28 18:00 M:1980-01-01 03:24]


========================================
进程

[PID: 440 / SYSTEM]   \SystemRoot\System32\smss.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2007-06-01 00:00 M:2007-06-01 00:00]

[PID: 500 / SYSTEM]   \??\C:\WINDOWS\system32\csrss.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2007-06-01 00:00 M:2007-06-01 00:00]

[PID: 524 / SYSTEM]   \??\C:\WINDOWS\system32\winlogon.exe   [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:1980-01-01 00:00 M:2008-05-09 00:00]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]

[PID: 568 / SYSTEM]   C:\WINDOWS\system32\services.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2007-06-01 00:00 M:2007-06-01 00:00]

[PID: 580 / SYSTEM]   C:\WINDOWS\system32\lsass.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\system32\xunyount.dll  [N/A, C:2009-01-16 20:13 M:2008-12-25 16:41]

[PID: 744 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]

[PID: 792 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\system32\xunyount.dll  [N/A, C:2009-01-16 20:13 M:2008-12-25 16:41]

[PID: 872 / SYSTEM]   C:\WINDOWS\System32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\System32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\system32\xunyount.dll  [N/A, C:2009-01-16 20:13 M:2008-12-25 16:41]

[PID: 924 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\system32\xunyount.dll  [N/A, C:2009-01-16 20:13 M:2008-12-25 16:41]

[PID: 1016 / LOCAL SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\system32\xunyount.dll  [N/A, C:2009-01-16 20:13 M:2008-12-25 16:41]

[PID: 1168 / SYSTEM]   C:\WINDOWS\system32\spoolsv.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]

[PID: 1316 / Administrator]   C:\WINDOWS\Explorer.EXE   [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-11-29 10:02 M:2008-11-29 10:07]
    F:\360\360safe\safemon\safemon.dll  [(Verified)360.CN, 5, 0, 0, 1004, C:2008-12-31 02:23 M:2008-12-31 02:23]
    C:\WINDOWS\system32\shdoclc.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:1980-01-01 00:00 M:2008-04-13 18:53]
    C:\WINDOWS\system32\browselc.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:1980-01-01 00:00 M:2008-04-13 18:50]
    C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll  [(Verified)Thunder Networking Technologies,LTD, 1.0.5.29, C:2008-07-13 02:26 M:2008-04-07 15:40]
    C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2008-07-13 02:26 M:2008-04-29 14:42]
    C:\Program Files\WinRAR\rarext.dll  [N/A, C:2008-05-01 04:06 M:2007-09-21 16:56]

[PID: 1392 / Administrator]   D:\kaka\rstray.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.16, C:2008-11-29 10:02 M:2008-11-29 10:08]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-11-29 10:02 M:2008-11-29 10:07]
    D:\kaka\rsmginfo.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2008-11-29 10:02 M:2003-01-01 04:07]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    D:\kaka\RsXML.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-11-29 10:02 M:2008-11-29 10:08]
    D:\kaka\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2008-11-29 10:02 M:2008-11-29 10:01]
    D:\kaka\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2008-11-29 10:02 M:2008-11-29 10:01]
    D:\kaka\ComServ.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.31, C:2008-11-29 10:02 M:2008-11-29 10:07]
    D:\kaka\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-11-29 10:02 M:2008-11-29 10:08]
    D:\kaka\rscommon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.1.1, C:2008-11-29 10:02 M:2008-11-29 10:08]
    D:\kaka\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-11-29 10:02 M:2008-11-29 10:07]
    D:\kaka\pngdll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-11-29 10:02 M:2008-11-29 10:07]
    D:\kaka\runiep.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.42, C:2008-11-29 10:02 M:2008-12-18 19:02]
    D:\kaka\NComm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.11, C:2008-11-29 10:02 M:2008-12-18 19:02]
    D:\kaka\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-11-29 10:08 M:2008-11-29 10:08]
    D:\kaka\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-11-29 10:08 M:2008-11-29 10:08]
    D:\kaka\pscan.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.60, C:2008-11-29 10:02 M:2008-12-18 19:02]
    D:\kaka\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2008-11-29 10:02 M:2008-11-29 10:01]
    C:\WINDOWS\system32\xunyount.dll  [N/A, C:2009-01-16 20:13 M:2008-12-25 16:41]

[PID: 1484 / Administrator]   C:\WINDOWS\system32\ctfmon.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-11-29 10:02 M:2008-11-29 10:07]

[PID: 1508 / Administrator]   C:\Program Files\PPStream\ppsap.exe   [(Verified)PPStream Inc, 1, 0, 11, 171, C:2003-01-06 05:21 M:2008-12-11 18:06]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-11-29 10:02 M:2008-11-29 10:07]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    c:\Program Files\PPStream\1.1.0.2640\Vodnet.dll  [(Verified)PPStream Inc., 1, 0, 11, 183, C:2003-01-06 05:29 M:2009-01-09 12:59]
    c:\Program Files\PPStream\1.1.0.2640\vodres.dll  [(Verified)PPStream Inc., 1, 0, 11, 182, C:2003-01-06 05:29 M:2009-01-08 16:21]
    c:\Program Files\PPStream\1.1.0.2640\ppssg.dll  [(Verified)PPStream Inc., 1, 0, 11, 182, C:2003-01-06 05:29 M:2009-01-08 16:21]
    c:\Program Files\PPStream\1.1.0.2640\fds.dll  [(Verified)PPStream Inc., 1, 0, 0, 98, C:2003-01-06 05:29 M:2008-12-31 17:52]
    C:\WINDOWS\system32\xunyount.dll  [N/A, C:2009-01-16 20:13 M:2008-12-25 16:41]

[PID: 1460 / LOCAL SERVICE]   C:\WINDOWS\system32\wdfmgr.exe   [(Verified)Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act), C:2005-01-28 01:36 M:2005-01-28 01:36]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-11-29 10:02 M:2008-11-29 10:07]
    D:\kaka\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-11-29 10:02 M:2008-11-29 10:07]
    D:\kaka\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-11-29 10:02 M:2008-11-29 10:08]

[PID: 1280 / LOCAL SERVICE]   C:\WINDOWS\System32\alg.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\System32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\System32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-11-29 10:02 M:2008-11-29 10:07]
    D:\kaka\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-11-29 10:02 M:2008-11-29 10:07]
    D:\kaka\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-11-29 10:02 M:2008-11-29 10:08]
    C:\WINDOWS\system32\xunyount.dll  [N/A, C:2009-01-16 20:13 M:2008-12-25 16:41]

[PID: 2472 / Administrator]   D:\Program Files\Tencent\QQ\QQ.exe   [(Verified)TENCENT, 8,0,978,1833, C:2008-11-27 11:15 M:2007-07-01 08:50]
    D:\Program Files\Tencent\QQ\QQBaseClassInDll.dll  [(Verified)TENCENT, 8,0,978,1833, C:2008-11-27 11:15 M:2007-07-01 08:51]
    D:\Program Files\Tencent\QQ\QQHelperDll.dll  [(Verified)TENCENT, 8,0,978,1833, C:2008-11-27 11:15 M:2007-07-01 08:51]
    D:\Program Files\Tencent\QQ\BasicCtrlDll.dll  [(Verified)TENCENT, 8,0,978,1833, C:2008-11-27 11:15 M:2007-07-01 08:52]
    D:\Program Files\Tencent\QQ\MSIMG32.dll  [N/A, C:2008-11-27 11:15 M:2000-01-01 00:00]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-11-29 10:02 M:2008-11-29 10:07]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    F:\360\360safe\safemon\safemon.dll  [(Verified)360.CN, 5, 0, 0, 1004, C:2008-12-31 02:23 M:2008-12-31 02:23]
    D:\Program Files\Tencent\QQ\FinePlus.dll  [N/A, C:2008-11-27 11:15 M:2000-01-01 00:00]
    D:\Program Files\Tencent\QQ\fphelper.dll  [N/A, C:2008-11-27 11:15 M:2000-01-01 00:00]
    D:\kaka\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-11-29 10:02 M:2008-11-29 10:07]
    D:\kaka\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-11-29 10:02 M:2008-11-29 10:08]
    D:\Program Files\Tencent\QQ\QQAPI.dll  [(Verified)TENCENT, 8,0,978,1833, C:2008-11-27 11:15 M:2007-07-01 08:51]
    D:\Program Files\Tencent\QQ\LoginCtrl.dll  [(Verified)TENCENT, 8,0,978,1833, C:2008-11-27 11:15 M:2007-07-01 08:50]
    D:\Program Files\Tencent\QQ\LoginCtrlRes.dll  [(Verified)TENCENT, 8,0,978,1833, C:2008-11-27 11:15 M:2007-07-01 08:50]
    D:\Program Files\Tencent\QQ\QQRes.dll  [(Verified)TENCENT, 8,0,978,1833, C:2008-11-27 11:15 M:2007-07-01 08:51]
    D:\Program Files\Tencent\QQ\QQMainFrame.dll  [(Verified)TENCENT, 8,0,978,1833, C:2008-11-27 11:15 M:2007-07-01 08:51]
    D:\Program Files\Tencent\QQ\QQPlugin.dll  [(Verified)TENCENT, 8,0,978,1833, C:2008-11-27 11:15 M:2007-07-01 08:51]
    D:\Program Files\Tencent\QQ\UnReadMsgMgr.dll  [(Verified)TENCENT, 8,0,978,1833, C:2008-11-27 11:15 M:2007-07-01 08:52]
    D:\Program Files\Tencent\QQ\QQAllInOne.dll  [(Verified)TENCENT, 8,0,978,1833, C:2008-11-27 11:15 M:2007-07-01 08:50]
    D:\Program Files\Tencent\QQ\SCCore.dll  [(Verified)TENCENT, 1, 6, 0, 2, C:2008-11-27 11:15 M:2007-07-01 08:52]
    D:\Program Files\Tencent\QQ\CameraDll.dll  [(Verified)TENCENT, 8,0,978,1833, C:2008-11-27 11:15 M:2007-07-01 08:52]
    D:\Program Files\Tencent\QQ\CQQApplication.dll  [(Verified)TENCENT, 8,0,978,1833, C:2008-11-27 11:15 M:2007-07-01 08:50]
    D:\Program Files\Tencent\QQ\FlashAvatarDll.dll  [(Verified)版权所有 (C) 2008, 1, 0, 0, 1, C:2008-11-27 11:15 M:2007-07-01 08:50]
    D:\Program Files\Tencent\QQ\NewSkin.dll  [(Verified)TENCENT, 8,0,978,1833, C:2008-11-27 11:15 M:2007-07-01 08:50]
    D:\Program Files\Tencent\QQ\MailSummary.dll  [(Verified)TENCENT, 8,0,978,1833, C:2008-11-27 11:15 M:2007-07-01 08:50]
    D:\Program Files\Tencent\QQ\QQSpace.dll  [(Verified)TENCENT, 8,0,978,1833, C:2008-11-27 11:15 M:2007-07-01 08:51]
    D:\Program Files\Tencent\QQ\UserDefinedHead.dll  [(Verified)TENCENT, 8,0,978,1833, C:2008-11-27 11:15 M:2007-07-01 08:52]
    C:\WINDOWS\system32\xunyount.dll  [N/A, C:2009-01-16 20:13 M:2008-12-25 16:41]
    C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx  [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32]
    C:\WINDOWS\system32\msdmo.dll  [(Verified)N/A, C:2007-06-01 00:00 M:2007-06-01 00:00]
    D:\Program Files\Tencent\QQ\OEMApplication.dll  [(Verified)TENCENT, 8,0,978,1833, C:2008-11-27 11:15 M:2007-07-01 08:50]
    D:\Program Files\Tencent\QQ\QQAvatar.dll  [(Verified)TENCENT, 8,0,978,1833, C:2008-11-27 11:15 M:2007-07-01 08:51]
    D:\Program Files\Tencent\QQ\QQKnowledgeSearch.dll  [(Verified)TENCENT, 8,0,978,1833, C:2008-11-27 11:15 M:2007-07-01 08:51]
    D:\Program Files\Tencent\QQ\QQGroupMng.dll  [(Verified)TENCENT, 8,0,978,1833, C:2008-11-27 11:15 M:2007-07-01 08:51]
    D:\Program Files\Tencent\QQ\QQPet.dll  [(Verified)TENCENT, 8,0,978,1833, C:2008-11-27 11:15 M:2007-07-01 08:51]
    D:\Program Files\Tencent\QQ\QQConfigPlugin.dll  [(Verified)TENCENT, 8,0,978,1833, C:2008-11-27 11:15 M:2007-07-01 08:51]
    D:\Program Files\Tencent\QQ\QQCustomFace.dll  [(Verified)TENCENT, 8,0,978,1833, C:2008-11-27 11:15 M:2007-07-01 08:51]
    D:\Program Files\Tencent\QQ\QRingMng.dll  [(Verified)TENCENT, 8,0,978,1833, C:2008-11-27 11:15 M:2007-07-01 08:51]
    D:\Program Files\Tencent\QQ\LongConnection.dll  [(Verified)TENCENT, 8,0,978,1833, C:2008-11-27 11:15 M:2007-07-01 08:53]
    D:\Program Files\Tencent\QQ\PhoneAPI.dll  [(Verified)TENCENT, 8,0,978,1833, C:2008-11-27 11:15 M:2007-07-01 08:50]
    D:\Program Files\Tencent\QQ\DialerAllinOne.dll  [(Verified)tencent, 1, 4, 0, 0, C:2008-11-27 11:15 M:2007-07-01 08:50]
    D:\Program Files\Tencent\QQ\BQQApplication.dll  [(Verified)TENCENT, 8,0,978,1833, C:2008-11-27 11:15 M:2007-07-01 08:50]
    D:\Program Files\Tencent\QQ\PersonalDesktop.dll  [(Verified)TENCENT, 8,0,978,1833, C:2008-11-27 11:15 M:2007-07-01 08:53]
    D:\Program Files\Tencent\QQ\ImageOle.dll  [(Verified)TENCENT, 8,0,978,1833, C:2008-11-27 11:15 M:2007-07-01 08:52]
    D:\Program Files\Tencent\QQ\QQMagicFace.dll  [(Verified)TENCENT, 8,0,978,1833, C:2008-11-27 11:15 M:2007-07-01 08:51]
    D:\Program Files\Tencent\QQ\QQLiveQMng.dll  [(Verified)TENCENT, 8,0,978,1833, C:2008-11-27 11:15 M:2007-07-01 08:51]
    D:\Program Files\Tencent\QQ\QQSceneMng.dll  [(Verified)TENCENT, 8,0,978,1833, C:2008-11-27 11:15 M:2007-07-01 08:51]
    C:\WINDOWS\system32\shdoclc.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:1980-01-01 00:00 M:2008-04-13 18:53]
    D:\Program Files\Tencent\QQ\GroupConnection.dll  [(Verified)TENCENT, 8,0,978,1833, C:2008-11-27 11:15 M:2007-07-01 08:52]
    D:\Program Files\Tencent\QQ\CommercesMng.dll  [(Verified)TENCENT, 8,0,978,1833, C:2008-11-27 11:15 M:2007-07-01 08:50]
    D:\Program Files\Tencent\QQ\QQAddr.dll  [(Verified)深圳市腾讯计算机系统有限公司, 5, 0, 101, 330, C:2008-11-27 11:15 M:2007-07-01 08:53]
    C:\WINDOWS\system32\SOGOUPY.IME  [(Verified)Sogou.com Inc., 4.0.0.1959, C:2008-12-29 12:26 M:2008-12-29 12:26]
    D:\Program Files\Tencent\QQ\AddrSearch.dll  [(Verified)腾讯科技（深圳）有限公司, 2, 0, 1, 10, C:2008-11-27 11:15 M:2007-07-01 08:49]
    D:\Program Files\Tencent\QQ\QQSysMsgMng.dll  [(Verified)TENCENT, 8,0,978,1833, C:2008-11-27 11:15 M:2007-07-01 08:51]

[PID: 2552 / Administrator]   D:\Program Files\Tencent\QQ\TXPlatform.exe   [(Verified)Tencent, 1, 5, 225, 0, C:2008-11-27 11:15 M:2008-05-20 17:53]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-11-29 10:02 M:2008-11-29 10:07]
    D:\kaka\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-11-29 10:02 M:2008-11-29 10:07]
    D:\kaka\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-11-29 10:02 M:2008-11-29 10:08]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    F:\360\360safe\safemon\safemon.dll  [(Verified)360.CN, 5, 0, 0, 1004, C:2008-12-31 02:23 M:2008-12-31 02:23]

[PID: 396 / Administrator]   C:\WINDOWS\system32\rundll32.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-11-29 10:02 M:2008-11-29 10:07]
    D:\kaka\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-11-29 10:02 M:2008-11-29 10:07]
    D:\kaka\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-11-29 10:02 M:2008-11-29 10:08]
    C:\WINDOWS\system32\a3px.dll  [Microsoft Corporation, 4, 1, 0, 3936, C:2003-01-02 02:34 M:2009-01-24 19:45]
    F:\360\360safe\safemon\safemon.dll  [(Verified)360.CN, 5, 0, 0, 1004, C:2008-12-31 02:23 M:2008-12-31 02:23]
    C:\WINDOWS\system32\xunyount.dll  [N/A, C:2009-01-16 20:13 M:2008-12-25 16:41]

[PID: 2276 / Administrator]   C:\Program Files\Internet Explorer\iexplore.exe   [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-29 01:04 M:2007-06-01 08:00]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-11-29 10:02 M:2008-11-29 10:07]
    D:\kaka\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-11-29 10:02 M:2008-11-29 10:07]
    D:\kaka\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-11-29 10:02 M:2008-11-29 10:08]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    F:\360\360safe\safemon\safemon.dll  [(Verified)360.CN, 5, 0, 0, 1004, C:2008-12-31 02:23 M:2008-12-31 02:23]
    C:\WINDOWS\system32\browselc.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:1980-01-01 00:00 M:2008-04-13 18:50]
    c:\documents and settings\administrator\application data\ppstream\ppsva\1.0.0.6\ppsva.dll  [(Verified)PPStream Inc., 1.0.0.6, C:2003-01-01 00:24 M:2008-11-11 14:07]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:1980-01-01 00:00 M:2005-07-27 22:56]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2008-12-25 17:20 M:2008-12-25 17:20]
    C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll  [(Verified)Thunder Networking Technologies,LTD, 1.0.5.29, C:2008-07-13 02:26 M:2008-04-07 15:40]
    C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2008-07-13 02:26 M:2008-04-29 14:42]
    C:\WINDOWS\system32\UrlFilter.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-11-29 10:02 M:2008-11-29 10:08]
    D:\kaka\UrlRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1.0.0.15, C:2008-11-29 10:02 M:2008-11-29 10:08]
    C:\WINDOWS\system32\xunyount.dll  [N/A, C:2009-01-16 20:13 M:2008-12-25 16:41]
    F:\360\360safe\safemon\urlproc.dll  [(Verified)360.CN, 1, 0, 0, 1001, C:2008-12-31 03:02 M:2008-12-31 03:02]
    C:\WINDOWS\system32\shdoclc.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:1980-01-01 00:00 M:2008-04-13 18:53]
    C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx  [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32]
    C:\WINDOWS\system32\SOGOUPY.IME  [(Verified)Sogou.com Inc., 4.0.0.1959, C:2008-12-29 12:26 M:2008-12-29 12:26]

[PID: 2832 / Administrator]   C:\Program Files\SogouInput\4.0.0.1959\PinyinUp.exe   [(Verified)Sogou.com Inc., 4.0.0.1959, C:2008-12-29 12:28 M:2008-12-29 12:28]
    C:\Program Files\SogouInput\4.0.0.1959\HWSignature.dll  [(Verified)Sogou.com Inc., 4.0.0.1959, C:2008-12-29 12:26 M:2008-12-29 12:26]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-11-29 10:02 M:2008-11-29 10:07]
    D:\kaka\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-11-29 10:02 M:2008-11-29 10:07]
    D:\kaka\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-11-29 10:02 M:2008-11-29 10:08]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    F:\360\360safe\safemon\safemon.dll  [(Verified)360.CN, 5, 0, 0, 1004, C:2008-12-31 02:23 M:2008-12-31 02:23]
    C:\WINDOWS\system32\xunyount.dll  [N/A, C:2009-01-16 20:13 M:2008-12-25 16:41]

[PID: 1652 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]

[PID: 328 / Administrator]   E:\应用文件\windosw清理助手 优化大师\Wopti\WoptiUtilities.exe   [Wopti, 7.89.8.1217, C:2008-12-17 10:22 M:2008-12-17 10:22]
    E:\应用文件\windosw清理助手 优化大师\Wopti\WoptiP2P.dll  [Wopti, 1.4.7.613, C:2008-08-27 20:12 M:2008-08-27 20:12]
    E:\应用文件\windosw清理助手 优化大师\Wopti\D3DX81ab.dll  [(Verified)鲁锦, 1.0.0.0, C:2008-07-27 23:30 M:2007-10-23 10:57]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-11-29 10:02 M:2008-11-29 10:07]
    D:\kaka\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-11-29 10:02 M:2008-11-29 10:07]
    D:\kaka\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-11-29 10:02 M:2008-11-29 10:08]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    F:\360\360safe\safemon\safemon.dll  [(Verified)360.CN, 5, 0, 0, 1004, C:2008-12-31 02:23 M:2008-12-31 02:23]
    C:\WINDOWS\system32\xunyount.dll  [N/A, C:2009-01-16 20:13 M:2008-12-25 16:41]

[PID: 3276 / NETWORK SERVICE]   C:\WINDOWS\system32\wbem\wmiprvse.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-04-29 01:01 M:2007-06-01 08:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-11-29 10:02 M:2008-11-29 10:07]
    D:\kaka\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-11-29 10:02 M:2008-11-29 10:07]
    D:\kaka\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-11-29 10:02 M:2008-11-29 10:08]

[PID: 3536 / SYSTEM]   C:\WINDOWS\system32\wbem\wmiprvse.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108), C:2008-04-29 01:01 M:2007-06-01 08:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-11-29 10:02 M:2008-11-29 10:07]
    D:\kaka\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-11-29 10:02 M:2008-11-29 10:07]
    D:\kaka\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-11-29 10:02 M:2008-11-29 10:08]

[PID: 2780 / Administrator]   C:\Program Files\Thunder\Program\Thunder5.exe   [Thunder Networking Technologies,LTD, 5.8.3.533, C:2008-07-03 17:41 M:2008-07-03 17:41]
    C:\Program Files\Thunder\Program\BugReport.dll  [Thunder Networking Technologies,LTD, 1, 4, 1, 20, C:2008-07-01 15:27 M:2008-07-01 15:27]
    C:\Program Files\Thunder\Program\ThunderEx.dll  [版权所有 (C) 2006, 1, 2, 6, 25, C:2008-07-03 17:03 M:2008-07-03 17:03]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-11-29 10:02 M:2008-11-29 10:07]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    F:\360\360safe\safemon\safemon.dll  [(Verified)360.CN, 5, 0, 0, 1004, C:2008-12-31 02:23 M:2008-12-31 02:23]
    D:\kaka\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-11-29 10:02 M:2008-11-29 10:07]
    D:\kaka\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-11-29 10:02 M:2008-11-29 10:08]
    C:\Program Files\Thunder\Program\TaskManager.dll  [Thunder Networking Technologies,LTD, 1, 3, 8, 68, C:2008-07-01 15:27 M:2008-07-01 15:27]
    C:\Program Files\Thunder\Program\download_interface.dll  [Thunder Networking Technologies,LTD, 3, 1, 2, 318, C:2008-07-01 15:27 M:2008-07-01 15:27]
    C:\Program Files\Thunder\Program\MSVCP71.dll  [Microsoft Corporation, 7.10.6030.0, C:2006-07-11 18:35 M:2006-07-11 18:35]
    C:\Program Files\Thunder\Program\MSVCR71.dll  [Microsoft Corporation, 7.10.6030.0, C:2006-07-11 18:35 M:2006-07-11 18:35]
    C:\Program Files\Thunder\Program\asyn_frame.dll  [Thunder Networking Technologies,LTD, 1, 1, 2, 21, C:2008-07-01 15:27 M:2008-07-01 15:27]
    C:\Program Files\Thunder\Program\ATL71.DLL  [Microsoft Corporation, 7.10.6041.0, C:2006-08-25 22:44 M:2006-08-25 22:44]
    C:\WINDOWS\system32\xunyount.dll  [N/A, C:2009-01-16 20:13 M:2008-12-25 16:41]
    C:\Program Files\Thunder\Program\p2p_upload.dll  [Thunder Networking Technologies,LTD, 1, 1, 2, 8, C:2008-07-01 15:27 M:2008-07-01 15:27]
    C:\Program Files\Thunder\Program\fs.dll  [Thunder Networking Technologies,LTD, 1, 1, 2, 10, C:2008-07-01 15:27 M:2008-07-01 15:27]
    C:\Program Files\Thunder\Program\XLNet.Dll  [Thunder Networking Technologies,LTD, 1, 5, 2, 25, C:2008-07-01 15:27 M:2008-07-01 15:27]
    C:\Program Files\Thunder\Program\BHOStub.dll  [Thunder Networking Technologies,LTD, 1, 1, 1, 10, C:2008-07-01 15:27 M:2008-07-01 15:27]
    C:\Program Files\Thunder\Components\DownAndPlay\DownAndPlay.dll  [Copyright 2007, 1, 0, 12, 30, C:2008-07-01 15:27 M:2008-07-01 15:27]
    C:\Program Files\Thunder\Program\backend_agent.dll  [Thunder Networking Technologies,LTD, 1, 1, 2, 20, C:2008-07-01 15:27 M:2008-07-01 15:27]
    C:\Program Files\Thunder\Program\p2sp.dll  [Thunder Networking Technologies,LTD, 1, 1, 2, 25, C:2008-07-01 15:27 M:2008-07-01 15:27]
    C:\Program Files\Thunder\Program\down_dispatcher.dll  [Thunder Networking Technologies,LTD, 1, 0, 2, 17, C:2008-07-01 15:27 M:2008-07-01 15:27]
    C:\Program Files\Thunder\Program\ptl.dll  [Thunder Networking Technologies,LTD, 3, 1, 2, 24, C:2008-07-01 15:27 M:2008-07-01 15:27]
    C:\Program Files\Thunder\Program\xl_stat.dll  [Thunder Networking Technologies,LTD, 1, 1, 2, 3, C:2008-07-01 15:27 M:2008-07-01 15:27]
    C:\Program Files\Thunder\Program\p2p_network_com.dll  [版权所有 (C) 2008, 1, 0, 2, 25, C:2008-07-01 15:27 M:2008-07-01 15:27]
    C:\Program Files\Thunder\Program\iTargetAD.dll  [N/A, C:2007-10-26 20:53 M:2007-10-26 20:53]
    C:\Program Files\Thunder\Program\p2p.dll  [Thunder Networking Technologies,LTD, 1,1,2,24, C:2008-07-01 15:27 M:2008-07-01 15:27]
    C:\Program Files\Thunder\Program\xldc.dll  [Thunder Networking Technologies,LTD, 3, 6, 2, 15, C:2008-07-01 15:27 M:2008-07-01 15:27]
    C:\Program Files\Thunder\Program\stream.dll  [Thunder Networking Technologies,LTD, 2, 1, 2, 381, C:2008-07-01 15:27 M:2008-07-01 15:27]
    C:\Program Files\Thunder\Program\p2p_local_res.dll  [Thunder Networking Technologies,LTD, 1,1,2,12, C:2008-07-01 15:27 M:2008-07-01 15:27]
    C:\Program Files\Thunder\Program\al.dll  [Thunder Networking Technologies,LTD, 1,1,2,15, C:2008-07-01 15:27 M:2008-07-01 15:27]
    C:\Program Files\Thunder\Components\Community\XLCommunity.dll  [Thunder Networking Technologies,LTD, 2, 4, 0, 73, C:2008-07-03 17:42 M:2008-07-03 17:42]
    C:\Program Files\Thunder\Program\XLCommunityEx.dll  [N/A, C:2008-07-03 17:40 M:2008-07-03 17:40]
    C:\Program Files\Thunder\Program\RegisterDll.dll  [Thunder Networking Technologies,LTD, 2, 17, 0, 67, C:2008-07-01 15:27 M:2008-07-01 15:27]
    C:\Program Files\Thunder\Program\imdt.dll  [TODO: <Company name>, 1.1.2.5, C:2008-07-01 15:27 M:2008-07-01 15:27]
    C:\Program Files\Thunder\Components\ExplorerHelper\ExplorerHelper.dll  [Thunder Networking Technologies,LTD, 1, 0, 4, 19, C:2008-07-01 15:27 M:2008-07-01 15:27]
    C:\Program Files\Thunder\ComDlls\ThunderAgent_Now.dll  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 4, 23, C:2008-07-13 02:26 M:2008-05-26 11:09]
    C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2008-07-13 02:26 M:2008-04-29 14:42]
    C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll  [(Verified)Thunder Networking Technologies,LTD, 1.0.5.29, C:2008-07-13 02:26 M:2008-04-07 15:40]
    C:\Program Files\Thunder\Components\DownloadStat\DownloadStat.dll  [Thunder Networking Technologies,LTD, 1, 4, 1, 6, C:2008-07-01 15:27 M:2008-07-01 15:27]
    C:\Program Files\Thunder\Program\emule_id.dll  [Copyright 2007, 1, 0, 2, 8, C:2008-07-01 15:27 M:2008-07-01 15:27]
    C:\Program Files\Thunder\Program\bd.dll  [Thunder Networking Technologies,LTD, 1, 0, 2, 17, C:2008-07-01 15:27 M:2008-07-01 15:27]

[PID: 1472 / Administrator]   E:\应用文件\arswp2\ArSwp.exe   [(Verified)ArSwp.com, 2, 8, 2, 1115, C:2003-01-01 00:21 M:2008-11-15 11:58]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-11-29 10:02 M:2008-11-29 10:07]
    D:\kaka\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-11-29 10:02 M:2008-11-29 10:07]
    D:\kaka\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-11-29 10:02 M:2008-11-29 10:08]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    F:\360\360safe\safemon\safemon.dll  [(Verified)360.CN, 5, 0, 0, 1004, C:2008-12-31 02:23 M:2008-12-31 02:23]
    E:\应用文件\arswp2\plugin\ArFix.dll  [(Verified)ArSwp.Com, 2, 5, 0, 0, C:2003-01-01 00:21 M:2007-11-28 15:19]
    C:\WINDOWS\system32\xunyount.dll  [N/A, C:2009-01-16 20:13 M:2008-12-25 16:41]
    C:\WINDOWS\system32\shdoclc.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:1980-01-01 00:00 M:2008-04-13 18:53]


========================================
文件关联



========================================
AutoRun.INF



========================================
Winsock提供者

xunyou over MSAFD Tcpip [TCP/IP]
    <C:\WINDOWS\system32\xunyount.dll>  [N/A, C:2009-01-16 20:13 M:2008-12-25 16:41]
xunyou over MSAFD Tcpip [UDP/IP]
    <C:\WINDOWS\system32\xunyount.dll>  [N/A, C:2009-01-16 20:13 M:2008-12-25 16:41]
xunyou over MSAFD Tcpip [RAW/IP]
    <C:\WINDOWS\system32\xunyount.dll>  [N/A, C:2009-01-16 20:13 M:2008-12-25 16:41]
xunyou
    <C:\WINDOWS\system32\xunyount.dll>  [N/A, C:2009-01-16 20:13 M:2008-12-25 16:41]


========================================
HOSTS

    127.0.0.1 localhost


[/CODE]