[CODE]

2009-02-19,23:19:31

SysLog Scanner 1.0 - build 20080726
Arswp (http://www.arswp.com)

Windows XP Professional Service Pack 3 (build 2600) - Administrators



========================================
注册项

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <swg><C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe>  [(Verified)Google Inc., 2, 0, 301, 1654, C:2008-07-27 22:33 M:2008-07-27 22:33]
    <WangWang><"C:\Program Files\Alisoft\WangWang\WangWang.exe">  [(Verified)阿里巴巴软件(上海)有限公司, 5, 7, 0, 5, C:2008-12-14 18:39 M:2008-05-07 15:19]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00|NVIDIA Corporation, 6.14.11.6939, C:2008-07-27 10:27 M:2008-02-01 15:32]
    <SdInstall><G:\Smartdriver\DrvInstall.exe S>  [N/A, ]
    <CooCare><"C:\Program Files\XinLan\coocare\HotKeyPlatForm.exe">  [N/A, C:2008-01-10 11:22 M:2008-01-10 11:22]
    <KuGou><C:\Program Files\KuGou\KuGou2008\KuGoo.exe min>  [酷狗音乐, 5.3.23.291, C:2008-11-16 17:28 M:2009-01-06 01:56]
    <jfproc><F:\购物\pipi\jfCacheMgr.exe>  [皮皮科技, 2, 3, 0, 0, C:2008-11-16 17:26 M:2008-07-17 11:00]
    <Yuguo><"C:\Program Files\Yuguo\EAZTray.exe">  [南京安悦科技有限公司, 7,2,0,0, C:2007-06-05 20:23 M:2007-06-05 20:23]
    <wdcertm_ccb><C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDCertM_CCB.exe>  [ Beijing WatchData System Co., Ltd., 3, 2, 0, 0, C:2008-12-14 16:20 M:2008-06-07 09:27]
    <RavTray><"C:\Program Files\Rising\Rav\RsTray.exe" -system>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22, C:2009-01-06 02:04 M:2009-01-11 22:15]
    <stup.exe><Rundll32.exe C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll,Rundll32 R>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00|(Verified)腾讯, 5, 0, 4, 15, C:2009-01-11 23:23 M:2008-11-24 11:02]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    <KKDelay><C:\Program Files\Rising\AntiSpyware\RunOnce.exe>  [(Verified)Beijing Rising Information Technology Co., Ltd., 19, 0, 0, 3, C:2008-07-27 10:32 M:2009-01-07 19:25]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><ieprot.dll,kmon.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-01-07 19:26 M:2009-01-07 19:25]

[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\system32\夜光时钟.scr>  [N/A, C:2008-05-01 03:31 M:2006-05-25 00:02]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{D157330A-9EF3-49F8-9A67-4141AC41ADD4}><C:\WINDOWS\DOWNLO~1\CnsHook.dll>  [国风因特软件（北京）有限公司, 2.5.1.9, C:2008-07-29 21:38 M:2008-02-20 15:03]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-07-27 10:33 M:2009-01-06 02:01]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用UUSee下载]
    <><F:\uusee\geturltodown.htm>  [N/A, C:2008-05-14 11:27 M:2008-05-14 11:27]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用UUSee加速播放]
    <><F:\uusee\geturltoplay.htm>  [N/A, C:2008-05-14 11:27 M:2008-05-14 11:27]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载]
    <><C:\Program Files\Thunder\Program\geturl.htm>  [N/A, C:2007-12-10 14:17 M:2007-12-10 14:17]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载全部链接]
    <><C:\Program Files\Thunder\Program\getallurl.htm>  [N/A, C:2007-12-10 14:17 M:2007-12-10 14:17]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\导出到 Microsoft Office Excel(&X)]
    <><res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000>  []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\添加到QQ表情]
    <><F:\新建文件夹\AddEmotion.htm>  [N/A, C:2008-01-04 09:17 M:2008-01-04 09:17]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00|(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00|(Verified)N/A, C:1980-01-01 00:00 M:2007-06-01 00:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00|(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00|(Verified)N/A, C:1980-01-01 00:00 M:2007-06-01 00:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub>  [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00|(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00|(Verified)N/A, C:1980-01-01 00:00 M:2005-01-28 15:25]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{507F9113-CD77-4866-BA92-0E86DA3D0B97}]
    <Yahoo 3.5G电邮><http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail>  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{59BC54A2-56B3-44a0-93E5-432D58746E26}]
    <名品折扣><http://adtaobao.allyes.com/main/adfclick?db=adtaobao&bid=138,140,18&cid=816,8,1&sid=5042&show=ignore&url=http://www.taobao.com/vertical/mall/pro.php?allyesPara=816>  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{5D73EE86-05F1-49ed-B850-E423120EC338}]
    <雅虎助手><http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist>  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{6354ABE6-05F1-49ed-B850-E423120EC338}]
    <雅虎WIDGET><http://cn.widget.yahoo.com/index.htm?source=Cns>  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96}]
    <情景聊天><http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg>  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{ECF2E268-F28C-48d2-9AB7-8F69C11CCB71}]
    <><http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair>  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FD00D911-7529-4084-9946-A29F1BDF4FE5}]
    <><http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean>  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MenuExt\添加到QQ表情]
    <><F:\QQ2009\Bin\AddEmotion.htm>  []


========================================
启动项

[彩虹显IP（QQ辅助软件）]
    <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\彩虹显IP（QQ辅助软件）.lnk --> "F:\MP3\彩虹QQ\CaihongIP\CaiHong.exe"  > []
[ImageMixer HDD Camera Monitor]
    <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\ImageMixer HDD Camera Monitor.lnk --> "C:\Program Files\PIXELA\ImageMixer3\HDDCameraMonitor.exe"  > [PIXELA CORPORATION, 1.0.0.9, C:2008-11-30 17:31 M:2007-01-04 14:33]


========================================
计划任务

[SogouImeMgr.job]
    <C:\WINDOWS\tasks\SogouImeMgr.job --> "C:\PROGRA~1\SOGOUI~1\400~1.208\PinyinRepair.exe" /S > [(Verified)Sogou.com Inc., 4.0.0.2088, C:2009-01-21 18:21 M:2009-01-21 18:21]


========================================
组件


ShellExecuteHook
[CnsHook Class]
    {D157330A-9EF3-49F8-9A67-4141AC41ADD4}  <C:\WINDOWS\DOWNLO~1\CnsHook.dll>  [国风因特软件（北京）有限公司, 2.5.1.9, C:2008-07-29 21:38 M:2008-02-20 15:03]
[ShlExecHack Class]
    {32CD708B-60A7-4C00-9377-D73EAA495F0F}  <C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-07-27 10:33 M:2009-01-06 02:01]

Shell Extension
[Display Panning CPL Extension]
    {42071714-76d4-11d1-8b24-00a0c9068ff3}  <deskpan.dll>  []
[HyperTerminal Icon Ext]
    {88895560-9AA2-1069-930E-00AA0030EBC8}  <C:\WINDOWS\system32\hticons.dll>  [(Verified)Hilgraeve, Inc., 5.1.2600.0, C:2008-04-29 01:02 M:2007-06-01 08:00]
[WinRAR shell extension]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <C:\Program Files\WinRAR\rarext.dll>  [N/A, C:2008-05-01 04:06 M:2007-09-21 16:56]
[NvCpl DesktopContext Class]
    {A70C977A-BF00-412C-90B7-034C51DA2439}  <C:\WINDOWS\system32\nvcpl.dll>  [NVIDIA Corporation, 6.14.11.6939, C:2008-07-27 10:27 M:2008-02-01 15:32]
[Play on my TV helper]
    {FFB699E0-306A-11d3-8BD1-00104B6F7516}  <C:\WINDOWS\system32\nvcpl.dll>  [NVIDIA Corporation, 6.14.11.6939, C:2008-07-27 10:27 M:2008-02-01 15:32]
[Desktop Explorer]
    {1CDB2949-8F65-4355-8456-263E7C208A5D}  <C:\WINDOWS\system32\nvshell.dll>  [N/A, C:2008-07-27 10:31 M:2008-02-01 15:32]
[Desktop Explorer Menu]
    {1E9B04FB-F9E5-4718-997B-B8DA88302A47}  <C:\WINDOWS\system32\nvshell.dll>  [N/A, C:2008-07-27 10:31 M:2008-02-01 15:32]
[nView Desktop Context Menu]
    {1E9B04FB-F9E5-4718-997B-B8DA88302A48}  <C:\WINDOWS\system32\nvshell.dll>  [N/A, C:2008-07-27 10:31 M:2008-02-01 15:32]
[Eazshell Extensions]
    {CB0877AB-7E94-4073-8194-6F992D27EFAA}  <C:\Program Files\Yuguo\eazshell.dll>  [南京安悦科技有限公司, 7,2,0,0, C:2007-06-05 20:23 M:2007-06-05 20:23]
[RISING]
    {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}  <C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-07-27 10:33 M:2009-01-06 02:01]
[Tencent Browser Helper]
    {0C7C23EF-A848-485B-873C-0ED954731014}  <C:\Program Files\TENCENT\SSPlus\SAddr.dll>  [(Verified)腾讯, 5, 1, 3, 15, C:2009-01-11 23:23 M:2008-12-26 09:30]
[Tencent SearchHook]
    {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9}  <C:\Program Files\TENCENT\SSPlus\SAddr.dll>  [(Verified)腾讯, 5, 1, 3, 15, C:2009-01-11 23:23 M:2008-12-26 09:30]
[Tencent AddrDropTarget]
    {A57E074F-56D8-4A33-8112-AAC9693AA909}  <C:\Program Files\TENCENT\SSPlus\SAddr.dll>  [(Verified)腾讯, 5, 1, 3, 15, C:2009-01-11 23:23 M:2008-12-26 09:30]
[]
    {669751ED-D558-49AE-B01A-3B374CC7910E}  <C:\WINDOWS\system32\SSup.dll>  [(Verified)腾讯, 5, 0, 4, 19, C:2009-01-11 23:23 M:2008-12-13 17:14]

Protocols
[]
    {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC}  <C:\WINDOWS\system32\KuGoo3DownXControl.ocx>  [酷狗, 5.2.4.4, C:2008-11-16 17:29 M:2009-01-06 01:56]

BrowserHelperObject
[ThunderAtOnce Class]
    {01443AEC-0FD1-40fd-9C87-E93D1494C233}  <C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 1.0.5.29, C:2008-05-04 02:40 M:2008-04-07 15:40]
[Tencent Browser Helper]
    {0C7C23EF-A848-485B-873C-0ED954731014}  <C:\Program Files\TENCENT\SSPlus\SAddr.dll>  [(Verified)腾讯, 5, 1, 3, 15, C:2009-01-11 23:23 M:2008-12-26 09:30]
[]
    {669751ED-D558-49AE-B01A-3B374CC7910E}  <C:\WINDOWS\system32\SSup.dll>  [(Verified)腾讯, 5, 0, 4, 19, C:2009-01-11 23:23 M:2008-12-13 17:14]
[BandIE Class]
    {77FEF28E-EB96-44FF-B511-3185DEA48697}  <C:\PROGRA~1\baidu\bar\baidubar.dll>  [(Verified)Baidu.com, Inc., 2, 0, 2, 181, C:2008-10-11 14:06 M:2008-11-07 03:34]
[Thunder Browser Helper]
    {889D2FEB-5411-4565-8998-1DD2C5261283}  <C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2008-05-04 02:40 M:2008-04-29 14:42]
[卡卡上网安全助手]
    {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}  <C:\WINDOWS\system32\urlFilter.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2009-01-07 19:26 M:2009-01-07 19:26]
[Google Toolbar Helper]
    {AA58ED58-01DD-4d91-8333-CF10577473F7}  <C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll>  [(Verified)N/A, C:2009-01-17 22:56 M:2008-12-22 18:52]
[Google Toolbar Notifier BHO]
    {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}  <C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll>  [(Verified)Google Inc., 5, 0, 926, 3450, C:2009-01-17 22:56 M:2009-01-17 22:56]
[Google Dictionary Compression sdch]
    {C84D72FE-E17D-4195-BB24-76C02E2E7C4E}  <C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll>  [(Verified)Google Inc., 1, 0, 610, 10250, C:2008-12-22 18:51 M:2008-12-22 18:51]
[CnsHook Class]
    {D157330A-9EF3-49F8-9A67-4141AC41ADD4}  <C:\WINDOWS\DOWNLO~1\CnsHook.dll>  [国风因特软件（北京）有限公司, 2.5.1.9, C:2008-07-29 21:38 M:2008-02-20 15:03]

ToolBar
[百度工具栏]
    {B580CF65-E151-49C3-B73F-70B13FCA8E86}  <C:\PROGRA~1\baidu\bar\baidubar.dll>  [(Verified)Baidu.com, Inc., 2, 0, 2, 181, C:2008-10-11 14:06 M:2008-11-07 03:34]
[&Google Toolbar]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F}  <C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll>  [(Verified)N/A, C:2009-01-17 22:56 M:2008-12-22 18:52]

ActiveX Extension
[ThunderAtOnce Class]
    {01443AEC-0FD1-40FD-9C87-E93D1494C233}  <C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 1.0.5.29, C:2008-05-04 02:40 M:2008-04-07 15:40]
[Tencent Browser Helper]
    {0C7C23EF-A848-485B-873C-0ED954731014}  <C:\Program Files\TENCENT\SSPlus\SAddr.dll>  [(Verified)腾讯, 5, 1, 3, 15, C:2009-01-11 23:23 M:2008-12-26 09:30]
[iTrusPTA Class]
    {1E0DFFCF-27FF-4574-849B-55007349FEDA}  <C:\WINDOWS\system32\aliedit\pta.dll>  [(Verified)Copyright 2001, 2, 5, 1, 509, C:2008-12-13 13:55 M:2008-03-11 18:50]
[&Google Toolbar]
    {2318C2B1-4965-11D4-9B18-009027A5CD4F}  <C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll>  [(Verified)N/A, C:2009-01-17 22:56 M:2008-12-22 18:52]
[Thunder Agent Class]
    {485463B7-8FB2-4B3B-B29B-8B919B0EACCE}  <C:\Program Files\Thunder\ComDlls\ThunderAgent_Now.dll>  [Thunder Networking Technologies,LTD, 5, 0, 4, 23, C:2008-05-04 02:40 M:2007-12-10 14:17]
[EditCtrl Class]
    {488A4255-3236-44B3-8F27-FA1AECAA8844}  <C:\WINDOWS\system32\aliedit\aliedit.dll>  [(Verified)Copyright 2008, 2, 1, 2, 1, C:2008-12-13 13:55 M:2008-07-22 11:13]
[]
    {669751ED-D558-49AE-B01A-3B374CC7910E}  <C:\WINDOWS\system32\SSup.dll>  [(Verified)腾讯, 5, 0, 4, 19, C:2009-01-11 23:23 M:2008-12-13 17:14]
[WangWangObj Class]
    {6E213FC7-DD5A-4115-B7E6-D4C7838C361E}  <C:\Program Files\Alisoft\WangWang\WangWangX6.dll>  [(Verified)阿里巴巴软件(上海)有限公司, 1, 0, 0, 5, C:2008-12-14 18:39 M:2008-03-18 12:14]
[BandIE Class]
    {77FEF28E-EB96-44FF-B511-3185DEA48697}  <C:\PROGRA~1\baidu\bar\baidubar.dll>  [(Verified)Baidu.com, Inc., 2, 0, 2, 181, C:2008-10-11 14:06 M:2008-11-07 03:34]
[AutoLive]
    {7CA83CF1-3AEA-42D0-A4E3-1594FC6E48B2}  <C:\PROGRA~1\3721\autolive.dll>  [国风因特软件（北京）有限公司, 2.6.1.1017, C:2008-07-29 21:33 M:2008-05-20 08:55]
[Thunder Browser Helper]
    {889D2FEB-5411-4565-8998-1DD2C5261283}  <C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2008-05-04 02:40 M:2008-04-29 14:42]
[卡卡上网安全助手]
    {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}  <C:\WINDOWS\system32\urlFilter.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2009-01-07 19:26 M:2009-01-07 19:26]
[Google Toolbar Helper]
    {AA58ED58-01DD-4D91-8333-CF10577473F7}  <C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll>  [(Verified)N/A, C:2009-01-17 22:56 M:2008-12-22 18:52]
[Google Toolbar Notifier BHO]
    {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}  <C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll>  [(Verified)Google Inc., 5, 0, 926, 3450, C:2009-01-17 22:56 M:2009-01-17 22:56]
[百度工具栏]
    {B580CF65-E151-49C3-B73F-70B13FCA8E86}  <C:\PROGRA~1\baidu\bar\baidubar.dll>  [(Verified)Baidu.com, Inc., 2, 0, 2, 181, C:2008-10-11 14:06 M:2008-11-07 03:34]
[Google Dictionary Compression sdch]
    {C84D72FE-E17D-4195-BB24-76C02E2E7C4E}  <C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll>  [(Verified)Google Inc., 1, 0, 610, 10250, C:2008-12-22 18:51 M:2008-12-22 18:51]
[WDCCBCtrl Class]
    {CE0460F5-48BD-4DC1-A046-0BDCB5A06CEB}  <C:\WINDOWS\system32\wdccb.dll>  [(Verified)Copyright 2007, 1, 0, 0, 7, C:2008-12-14 16:18 M:2008-05-28 14:34]
[CnsHook Class]
    {D157330A-9EF3-49F8-9A67-4141AC41ADD4}  <C:\WINDOWS\DOWNLO~1\CnsHook.dll>  [国风因特软件（北京）有限公司, 2.5.1.9, C:2008-07-29 21:38 M:2008-02-20 15:03]
[Shockwave Flash Object]
    {D27CDB6E-AE6D-11CF-96B8-444553540000}  <D:\Program Files\IVMLAB\IVMDecoder\Flash9f.ocx>  [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-11-16 22:03 M:2008-03-25 10:32]

Context Menu
[RisingRavExt]
    {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}  <C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-07-27 10:33 M:2009-01-06 02:01]
[WinRAR]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <C:\Program Files\WinRAR\rarext.dll>  [N/A, C:2008-05-01 04:06 M:2007-09-21 16:56]
[Eazshell]
    {CB0877AB-7E94-4073-8194-6F992D27EFAA}  <C:\Program Files\Yuguo\eazshell.dll>  [南京安悦科技有限公司, 7,2,0,0, C:2007-06-05 20:23 M:2007-06-05 20:23]


========================================
服务

[Contrl Center of Storm Media / ccosm][Stopped/Disabled]
    <C:\Program Files\StormII\stormliv.exe /asservice>  [北京暴风网际科技有限公司, 3, 8, 1, 13, C:2008-01-11 11:41 M:2008-01-11 11:41]
[EAZClientService / EAZClientService][Running/Auto Start]
    <"C:\Program Files\Yuguo\EAZClnt.exe">  [N/A, C:2007-06-05 20:22 M:2007-06-05 20:22]
[HID Input Service / HidServ][Stopped/Auto Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\hidserv.dll">  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2007-06-01 00:00 M:2007-06-01 00:00]
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
    <%SystemRoot%\system32\nvsvc32.exe>  [NVIDIA Corporation, 6.14.11.6939, C:2008-07-27 10:27 M:2008-02-01 15:32]
[SHDSERV / SHDSERV][Running/Auto Start]
    <C:\Program Files\Yuguo\shdserv.exe>  [南京安悦科技有限公司, 7,2,0,0, C:2007-06-05 20:21 M:2007-06-05 20:21]
[ssc_vnc / ssc_vnc][Stopped/Manual Start]
    <"C:\Program Files\XinLan\coocare\SSCPlugins\RemoteDesk\winvnc.exe" -service>  [UltraVNC, 1.1.0.4, C:2008-01-09 15:22 M:2008-01-09 15:22]
[WatchData ccb V3.2 / WDMonitorCCB][Running/Auto Start]
    <C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDKeyMonitorCCB.exe>  [ Beijing WatchData System Co., Ltd., 3, 2, 0, 0, C:2008-12-14 16:20 M:2008-06-07 09:27]

[Google Updater Service / gusvc][Stopped/Manual Start]
    <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe">  [(Verified)Google, 2.2.1175.1407.beta, C:2008-07-27 22:33 M:2009-01-17 22:56]
[Rav Process Communication Center / RavCCenter][Stopped/Auto Start]
    <C:\Program Files\Rising\Rav\CCENTER.EXE>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-01-06 02:04 M:2009-01-06 02:01]
[Rising RavTask Manager / RavTask][Running/Auto Start]
    <"C:\Program Files\Rising\Rav\RavTask.exe" RavTask>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23, C:2009-01-06 02:04 M:2009-01-25 11:22]
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
    <C:\Program Files\Rising\Rav\RavMonD.exe>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-01-06 02:04 M:2009-01-06 02:01]
[Rising Scan Service / RsScanSrv][Stopped/Auto Start]
    <C:\Program Files\Rising\Rav\ScanFrm.exe>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2009-01-06 02:04 M:2009-01-06 02:01]
[Windows Network Media Service / UiPlayer][Running/Auto Start]
    <C:\Program Files\UitvDll\msrv.exe>  [(Verified)UiTV Corporation, 1, 0, 1, 4, C:2008-10-11 14:06 M:2008-07-01 11:56]


========================================
驱动

[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
    <system32\drivers\ALCXWDM.SYS>  [Realtek Semiconductor Corp., 5.10.00.6280 built by: WinDDK, C:2008-07-27 10:31 M:2008-01-24 16:36]
[AmdK8 Compatible Device / AmdK8][Stopped/Manual Start]
    <System32\drivers\amdk8.sys>  [Advanced Micro Devices, 1.3.2 (dnsrv(wmbla).060701-2226), C:2008-01-03 17:01 M:2006-07-01 22:43]
[CnsMinKP / CnsMinKP][Running/Boot Start]
    <system32\drivers\CnsMinKP.sys>  [国风因特软件（北京）有限公司, 2.0.8.1005, C:2008-07-29 21:38 M:2008-02-20 15:04]
[extstat / extstat][Running/Boot Start]
    <system32\drivers\extstat.sys>  [starsoftcomm.com, 6.0.0.1, C:2008-07-27 15:25 M:2007-12-26 23:57]
[nv / nv][Running/Manual Start]
    <system32\DRIVERS\nv4_mini.sys>  [NVIDIA Corporation, 6.14.11.6939, C:2008-04-29 00:59 M:2008-02-01 15:32]
[PxHelp20 / PxHelp20][Running/Boot Start]
    <system32\Drivers\PxHelp20.sys>  [Sonic Solutions, 3.00.43J, C:2008-11-30 17:32 M:2006-10-18 03:00]
[sscdir / sscdir][Running/Boot Start]
    <system32\drivers\sscdir.sys>  [starsoftcomm.com, 6.0.0.1, C:2008-07-27 15:25 M:2007-12-26 23:58]
[sscflt / sscflt][Running/Boot Start]
    <system32\drivers\sscflt.sys>  [starsoftcomm.com, 6.0.0.1, C:2008-07-27 15:25 M:2007-12-26 23:58]
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
    <system32\DRIVERS\tcpip.sys>  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:1980-01-01 00:00 M:2008-06-20 19:51]
[TesSafe / TesSafe][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\TesSafe.sys>  [TENCENT, 0, 0, 6, 0, C:2008-10-05 09:40 M:2008-10-05 10:54]

[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
    <system32\drivers\ac97intc.sys>  [(Verified)Intel Corporation, 5.10.3523 built by: WinDDK, C:2008-04-29 00:59 M:2001-08-17 12:20]
[Dritek Keyboard Filter Driver / DKbFltr][Running/Manual Start]
    <system32\DRIVERS\DKbFltr.sys>  [(Verified)Dritek System Inc., 1, 2, 1, 420, C:1980-01-01 00:00 M:2006-05-15 14:08]
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
    <system32\DRIVERS\fetnd5.sys>  [(Verified)VIA Technologies, Inc.              , 2.66, C:2008-04-29 00:59 M:2001-08-17 12:13]
[hookcont / hookcont][Running/System Start]
    <system32\drivers\HookCont.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 6, C:2009-01-06 02:04 M:2009-01-06 02:01]
[hooksys / hooksys][Running/System Start]
    <system32\drivers\HookSys.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 47, C:2009-01-06 02:04 M:2009-01-06 02:02]
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
    <system32\DRIVERS\ptilink.sys>  [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:2007-06-01 00:00 M:2007-06-01 00:00]
[RsNTGDI / RsNTGDI][Running/Boot Start]
    <system32\Drivers\RsNTGdi.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-01-06 02:04 M:2009-01-06 02:01]
[Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver / RTLE8023xp][Running/Manual Start]
    <system32\DRIVERS\Rtenicxp.sys>  [(Verified)Realtek Semiconductor Corporation                           , 5.658.0814.2006 built by: WinDDK, C:1980-01-01 00:00 M:2006-08-14 21:09]
[Secdrv / Secdrv][Stopped/Manual Start]
    <system32\DRIVERS\secdrv.sys>  [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:2007-06-01 00:00 M:2007-06-01 00:00]


========================================
进程

[PID: 696 / SYSTEM]   \SystemRoot\System32\smss.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2007-06-01 00:00 M:2007-06-01 00:00]

[PID: 760 / SYSTEM]   \??\C:\WINDOWS\system32\csrss.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2007-06-01 00:00 M:2007-06-01 00:00]

[PID: 784 / SYSTEM]   \??\C:\WINDOWS\system32\winlogon.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:1980-01-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]

[PID: 828 / SYSTEM]   C:\WINDOWS\system32\services.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2007-06-01 00:00 M:2007-06-01 00:00]

[PID: 840 / SYSTEM]   C:\WINDOWS\system32\lsass.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]

[PID: 1000 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]

[PID: 1076 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]

[PID: 1176 / SYSTEM]   C:\Program Files\Rising\Rav\CCENTER.EXE   [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\combase.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-01-06 02:04 M:2009-01-06 02:03]
    C:\Program Files\Rising\Rav\cnt09.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 37, C:2009-01-06 02:04 M:2009-01-06 02:03]
    C:\Program Files\Rising\Rav\cnt08.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2009-01-06 02:04 M:2009-01-06 02:03]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]

[PID: 1184 / SYSTEM]   C:\WINDOWS\System32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\System32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]

[PID: 1312 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]

[PID: 1424 / LOCAL SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]

[PID: 1468 / SYSTEM]   C:\Program Files\Rising\Rav\RavMonD.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\combase.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-01-06 02:04 M:2009-01-06 02:03]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:1980-01-01 00:00 M:2005-07-27 22:56]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:1980-01-01 00:00 M:2005-07-27 22:56]
    C:\Program Files\Rising\Rav\moncomm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\MonBase.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\Rslog.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.32, C:2009-01-06 02:04 M:2009-01-06 02:03]
    C:\Program Files\Rising\Rav\mondrv.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2009-01-06 02:04 M:2009-01-06 02:02]
    C:\Program Files\Rising\Rav\defmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 29, C:2009-01-06 02:04 M:2009-01-06 02:02]
    C:\Program Files\Rising\Rav\moncom08.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\MonRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\FileMon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 21, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\MailMon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23, C:2009-01-06 02:04 M:2009-01-07 19:29]
    C:\Program Files\Rising\Rav\HookWeb.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-01-06 02:04 M:2009-01-06 02:03]
    C:\Program Files\Rising\Rav\proccomm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2009-01-06 02:04 M:2009-01-14 22:41]
    C:\Program Files\Rising\Rav\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\Hooksys.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 18, C:2009-01-06 02:04 M:2009-01-06 02:02]
    C:\Program Files\Rising\Rav\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\HookCont.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 11, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\rsnetsvr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13, C:2009-01-06 02:04 M:2009-01-06 02:03]
    C:\Program Files\Rising\Rav\BACore.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 19, C:2009-01-06 02:04 M:2009-01-14 22:41]
    C:\Program Files\Rising\Rav\recomp.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\refs.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\RSStore.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2009-01-06 02:04 M:2009-01-06 02:02]
    C:\Program Files\Rising\Rav\ScanAdd.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.14, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\Scanner.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.33, C:2009-01-06 02:04 M:2009-01-17 22:57]
    C:\Program Files\Rising\Rav\viruslib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-01-06 02:04 M:2009-01-06 02:02]
    C:\Program Files\Rising\Rav\relibldr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\Program Files\Rising\Rav\ffr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\nvfile.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\scanexec.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-01-06 02:04 M:2009-01-06 02:02]
    C:\Program Files\Rising\Rav\unexe.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\scanex.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 17, C:2009-01-06 02:04 M:2009-01-11 22:15]
    C:\Program Files\Rising\Rav\pearc.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-01-06 02:04 M:2009-01-06 02:02]
    C:\Program Files\Rising\Rav\scanpe.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2009-01-06 02:04 M:2009-01-06 02:02]
    C:\Program Files\Rising\Rav\ur000.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\extfile.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-01-06 02:04 M:2009-01-06 02:02]
    C:\Program Files\Rising\Rav\revm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-01-06 02:04 M:2009-01-06 02:02]
    C:\Program Files\Rising\Rav\urutils.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-01-06 02:04 M:2009-01-06 02:02]
    C:\Program Files\Rising\Rav\ur001.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\scansct.dll  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-01-06 02:04 M:2009-01-06 02:02]
    C:\Program Files\Rising\Rav\ur025.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\extmail.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-01-06 02:04 M:2009-01-06 02:02]
    C:\Program Files\Rising\Rav\scriptci.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-01-06 02:04 M:2009-01-06 02:01]

[PID: 1580 / SYSTEM]   C:\WINDOWS\system32\spoolsv.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]

[PID: 1692 / SYSTEM]   C:\Program Files\Rising\Rav\rsnetsvr.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-01-06 02:04 M:2009-01-11 22:15]
    C:\Program Files\Rising\Rav\NComm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.9, C:2009-01-06 02:04 M:2009-01-06 02:03]
    C:\Program Files\Rising\Rav\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\ProcComm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:1980-01-01 00:00 M:2005-07-27 22:56]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:1980-01-01 00:00 M:2005-07-27 22:56]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]

[PID: 1972 / Administrator]   C:\WINDOWS\Explorer.EXE   [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-01-07 19:26 M:2009-01-07 19:25]
    C:\WINDOWS\DOWNLO~1\CnsHook.dll  [国风因特软件（北京）有限公司, 2.5.1.9, C:2008-07-29 21:38 M:2008-02-20 15:03]
    C:\WINDOWS\system32\RavExt.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-07-27 10:33 M:2009-01-06 02:01]
    C:\WINDOWS\DOWNLO~1\CnsMin.dll  [北京三七二一科技有限公司, 1, 5, 3, 6, C:2006-08-10 10:27 M:2006-08-10 10:27]
    C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll  [(Verified)腾讯, 5, 0, 4, 15, C:2009-01-11 23:23 M:2008-11-24 11:02]
    C:\Program Files\Yuguo\idle.dll  [N/A, C:2007-06-05 20:23 M:2007-06-05 20:23]
    C:\WINDOWS\system32\shdoclc.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:1980-01-01 00:00 M:2008-04-13 18:53]
    C:\WINDOWS\system32\nvcpl.dll  [NVIDIA Corporation, 6.14.11.6939, C:2008-07-27 10:27 M:2008-02-01 15:32]
    C:\WINDOWS\system32\NVRSZHC.DLL  [NVIDIA Corporation, 6.14.11.6939, C:2008-07-27 10:31 M:2008-02-01 15:32]
    C:\WINDOWS\system32\nvapi.dll  [NVIDIA Corporation, 6.14.11.6939, C:2008-07-27 10:27 M:2008-02-01 15:32]
    C:\WINDOWS\system32\nvshell.dll  [N/A, C:2008-07-27 10:31 M:2008-02-01 15:32]
    C:\WINDOWS\system32\browselc.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:1980-01-01 00:00 M:2008-04-13 18:50]
    C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll  [(Verified)Thunder Networking Technologies,LTD, 1.0.5.29, C:2008-05-04 02:40 M:2008-04-07 15:40]
    C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2008-05-04 02:40 M:2008-04-29 14:42]

[PID: 684 / SYSTEM]   C:\Program Files\Yuguo\EAZClnt.exe   [N/A, C:2007-06-05 20:22 M:2007-06-05 20:22]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-01-07 19:26 M:2009-01-07 19:25]
    C:\Program Files\Yuguo\schedule.dll  [N/A, C:2007-06-05 20:21 M:2007-06-05 20:21]
    C:\Program Files\Yuguo\shdapi.dll  [N/A, C:2007-06-05 20:21 M:2007-06-05 20:21]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\Program Files\Yuguo\shdservps.dll  [N/A, C:2007-06-05 20:21 M:2007-06-05 20:21]

[PID: 908 / SYSTEM]   C:\WINDOWS\system32\nvsvc32.exe   [NVIDIA Corporation, 6.14.11.6939, C:2008-07-27 10:27 M:2008-02-01 15:32]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-01-07 19:26 M:2009-01-07 19:25]
    C:\WINDOWS\system32\nvapi.dll  [NVIDIA Corporation, 6.14.11.6939, C:2008-07-27 10:27 M:2008-02-01 15:32]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]

[PID: 1124 / Administrator]   C:\WINDOWS\system32\Rundll32.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-01-07 19:26 M:2009-01-07 19:25]
    C:\WINDOWS\DOWNLO~1\CnsMin.dll  [北京三七二一科技有限公司, 1, 5, 3, 6, C:2006-08-10 10:27 M:2006-08-10 10:27]
    C:\WINDOWS\DOWNLO~1\CnsMinIO.dll  [国风因特软件（北京）有限公司, 2.5.0.9, C:2008-07-29 21:38 M:2008-05-23 09:57]
    C:\WINDOWS\DOWNLO~1\cnsio.dll  [国风因特软件（北京）有限公司, 2.5.0.6, C:2008-07-29 21:38 M:2008-05-23 09:57]

[PID: 1272 / SYSTEM]   C:\Program Files\Rising\Rav\RavTask.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23, C:2009-01-06 02:04 M:2009-01-25 11:22]
    C:\Program Files\Rising\Rav\rsconf.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2009-01-06 02:04 M:2009-01-14 22:41]
    C:\Program Files\Rising\Rav\proccomm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:1980-01-01 00:00 M:2005-07-27 22:56]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:1980-01-01 00:00 M:2005-07-27 22:56]
    C:\Program Files\Rising\Rav\rsstub.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\Program Files\Rising\Rav\rstask.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 36, C:2009-01-06 02:04 M:2009-01-25 11:22]

[PID: 892 / SYSTEM]   C:\Program Files\Rising\Rav\ScanFrm.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:1980-01-01 00:00 M:2005-07-27 22:56]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:1980-01-01 00:00 M:2005-07-27 22:56]
    C:\Program Files\Rising\Rav\combase.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-01-06 02:04 M:2009-01-06 02:03]
    C:\Program Files\Rising\Rav\moncomm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\scansrvp.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\proccomm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\ScanSrv.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.9, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]

[PID: 1596 / SYSTEM]   C:\Program Files\Yuguo\shdserv.exe   [南京安悦科技有限公司, 7,2,0,0, C:2007-06-05 20:21 M:2007-06-05 20:21]
    C:\Program Files\Yuguo\shdapi.dll  [N/A, C:2007-06-05 20:21 M:2007-06-05 20:21]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-01-07 19:26 M:2009-01-07 19:25]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\Program Files\Yuguo\shdservps.dll  [N/A, C:2007-06-05 20:21 M:2007-06-05 20:21]

[PID: 1880 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]

[PID: 1932 / SYSTEM]   C:\Program Files\UitvDll\msrv.exe   [(Verified)UiTV Corporation, 1, 0, 1, 4, C:2008-10-11 14:06 M:2008-07-01 11:56]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-01-07 19:26 M:2009-01-07 19:25]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\Program Files\UitvDll\UiPlay.dll  [(Verified)UiTV Corporation, 3.0.5.7, C:2008-10-11 14:06 M:2009-01-07 16:24]

[PID: 2024 / Administrator]   C:\Program Files\KuGou\KuGou2008\KuGoo.exe   [酷狗音乐, 5.3.23.291, C:2008-11-16 17:28 M:2009-01-06 01:56]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-01-07 19:26 M:2009-01-07 19:25]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\DOWNLO~1\CnsMin.dll  [北京三七二一科技有限公司, 1, 5, 3, 6, C:2006-08-10 10:27 M:2006-08-10 10:27]
    C:\Program Files\KuGou\KuGou2008\kgplaycomm.dll  [N/A, C:2008-11-16 17:28 M:2009-01-06 01:56]
    C:\Program Files\KuGou\KuGou2008\InExtend\kg_ksout.dll  [N/A, C:2008-11-16 17:29 M:2009-01-06 01:56]
    D:\Program Files\IVMLAB\IVMDecoder\Flash9f.ocx  [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-11-16 22:03 M:2008-03-25 10:32]
    C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll  [(Verified)腾讯, 5, 0, 4, 15, C:2009-01-11 23:23 M:2008-11-24 11:02]
    C:\Program Files\KuGou\KuGou2008\msdmo.dll  [Microsoft Corporation, 6.03.01.0400, C:2008-11-16 17:29 M:2009-01-06 01:56]
    C:\Program Files\KuGou\KuGou2008\cdread.dll  [N/A, C:2008-11-16 17:28 M:2009-01-06 01:56]
    C:\WINDOWS\system32\shdoclc.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:1980-01-01 00:00 M:2008-04-13 18:53]
    C:\Program Files\KuGou\KuGou2008\SkinRes.dll  [N/A, C:2008-11-16 17:28 M:2009-01-06 01:56]
    C:\WINDOWS\DOWNLO~1\CnsHook.dll  [国风因特软件（北京）有限公司, 2.5.1.9, C:2008-07-29 21:38 M:2008-02-20 15:03]
    C:\WINDOWS\system32\RavExt.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-07-27 10:33 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\RavScrCh.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.60, C:2008-07-27 16:18 M:2009-01-25 11:22]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:1980-01-01 00:00 M:2005-07-27 22:56]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:1980-01-01 00:00 M:2005-07-27 22:56]

[PID: 184 / LOCAL SERVICE]   C:\WINDOWS\system32\wdfmgr.exe   [(Verified)Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act), C:2005-01-28 01:36 M:2005-01-28 01:36]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-01-07 19:26 M:2009-01-07 19:25]

[PID: 332 / SYSTEM]   C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDKeyMonitorCCB.exe   [ Beijing WatchData System Co., Ltd., 3, 2, 0, 0, C:2008-12-14 16:20 M:2008-06-07 09:27]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-01-07 19:26 M:2009-01-07 19:25]
    C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\TokenMgr.dll  [ Beijing WatchData System Co., Ltd., 3, 6, 3, 2, C:2008-12-14 16:20 M:2008-06-07 09:27]
    C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDAlg.DLL  [ Beijing WatchData System C0., Ltd., 3, 5, 12, 20, C:2008-12-14 16:20 M:2008-05-28 14:34]
    C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\wdkmgr.dll  [Watchdata, 1, 0, 0, 11, C:2008-12-14 16:20 M:2008-05-28 14:34]
    C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDPKCS.dll  [ Beijing WatchData System Co., Ltd., 3, 6, 2, 15, C:2008-12-14 16:20 M:2008-05-30 11:08]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]

[PID: 500 / Administrator]   F:\购物\pipi\jfCacheMgr.exe   [皮皮科技, 2, 3, 0, 0, C:2008-11-16 17:26 M:2008-07-17 11:00]
    F:\购物\pipi\libdb43.dll  [Sleepycat Software, 4.3.27, C:2008-11-16 17:26 M:2005-02-24 14:29]
    F:\购物\pipi\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2008-11-16 17:26 M:2003-02-21 20:42]
    F:\购物\pipi\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2008-11-16 17:26 M:2003-03-19 12:14]
    F:\购物\pipi\KmBugslayerUtil.dll  [MSJ Bugslayer Column and the book "Debugging Microsoft Windows Applications", 3.0.000, C:2008-11-16 17:26 M:2005-10-11 15:08]
    F:\购物\pipi\dbghelp.dll  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920), C:2008-11-16 17:26 M:2002-10-07 20:00]
    F:\购物\pipi\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2008-11-16 17:26 M:2003-03-19 13:19]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-01-07 19:26 M:2009-01-07 19:25]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\DOWNLO~1\CnsMin.dll  [北京三七二一科技有限公司, 1, 5, 3, 6, C:2006-08-10 10:27 M:2006-08-10 10:27]
    C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll  [(Verified)腾讯, 5, 0, 4, 15, C:2009-01-11 23:23 M:2008-11-24 11:02]
    F:\购物\pipi\plugins\KmTransmit.dll  [皮皮科技, 4, 3, 0, 2, C:2008-11-16 17:26 M:2008-07-14 10:32]
    F:\购物\pipi\plugins\KmRelay.dll  [N/A, C:2008-11-16 17:26 M:2005-04-19 13:57]
    C:\WINDOWS\system32\shdoclc.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:1980-01-01 00:00 M:2008-04-13 18:53]
    C:\Program Files\Rising\Rav\RavScrCh.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.60, C:2008-07-27 16:18 M:2009-01-25 11:22]
    D:\Program Files\IVMLAB\IVMDecoder\Flash9f.ocx  [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-11-16 22:03 M:2008-03-25 10:32]
    C:\Program Files\Yuguo\idle.dll  [N/A, C:2007-06-05 20:23 M:2007-06-05 20:23]

[PID: 2100 / Administrator]   C:\Program Files\Yuguo\EAZTray.exe   [南京安悦科技有限公司, 7,2,0,0, C:2007-06-05 20:23 M:2007-06-05 20:23]
    C:\Program Files\Yuguo\shdapi.dll  [N/A, C:2007-06-05 20:21 M:2007-06-05 20:21]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-01-07 19:26 M:2009-01-07 19:25]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\DOWNLO~1\CnsMin.dll  [北京三七二一科技有限公司, 1, 5, 3, 6, C:2006-08-10 10:27 M:2006-08-10 10:27]
    C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll  [(Verified)腾讯, 5, 0, 4, 15, C:2009-01-11 23:23 M:2008-11-24 11:02]
    C:\Program Files\Yuguo\shdservps.dll  [N/A, C:2007-06-05 20:21 M:2007-06-05 20:21]
    C:\Program Files\Yuguo\idle.dll  [N/A, C:2007-06-05 20:23 M:2007-06-05 20:23]
    C:\WINDOWS\DOWNLO~1\CnsHook.dll  [国风因特软件（北京）有限公司, 2.5.1.9, C:2008-07-29 21:38 M:2008-02-20 15:03]
    C:\WINDOWS\system32\RavExt.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2008-07-27 10:33 M:2009-01-06 02:01]

[PID: 2192 / Administrator]   C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDCertM_CCB.exe   [ Beijing WatchData System Co., Ltd., 3, 2, 0, 0, C:2008-12-14 16:20 M:2008-06-07 09:27]
    C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\TokenMgr.dll  [ Beijing WatchData System Co., Ltd., 3, 6, 3, 2, C:2008-12-14 16:20 M:2008-06-07 09:27]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-01-07 19:26 M:2009-01-07 19:25]
    C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDAlg.DLL  [ Beijing WatchData System C0., Ltd., 3, 5, 12, 20, C:2008-12-14 16:20 M:2008-05-28 14:34]
    C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\wdkmgr.dll  [Watchdata, 1, 0, 0, 11, C:2008-12-14 16:20 M:2008-05-28 14:34]
    C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDPKCS.dll  [ Beijing WatchData System Co., Ltd., 3, 6, 2, 15, C:2008-12-14 16:20 M:2008-05-30 11:08]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\DOWNLO~1\CnsMin.dll  [北京三七二一科技有限公司, 1, 5, 3, 6, C:2006-08-10 10:27 M:2006-08-10 10:27]
    C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDEvent.dll  [ Beijing WatchData System Co., Ltd., 1, 0, 0, 1, C:2008-12-14 16:20 M:2008-06-07 09:27]
    C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll  [(Verified)腾讯, 5, 0, 4, 15, C:2009-01-11 23:23 M:2008-11-24 11:02]

[PID: 2248 / Administrator]   C:\Program Files\Rising\Rav\RsTray.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22, C:2009-01-06 02:04 M:2009-01-11 22:15]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\Program Files\Rising\Rav\ComServ.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.49, C:2009-01-06 02:04 M:2009-01-14 22:41]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:1980-01-01 00:00 M:2005-07-27 22:56]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:1980-01-01 00:00 M:2005-07-27 22:56]
    C:\Program Files\Rising\Rav\rslang.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 27, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\rsxml.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\ProcComm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\MonState.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\ScanEvnt.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.12, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\rsguilib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 70, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2008-07-27 16:17 M:2008-07-27 16:04]
    C:\Program Files\Rising\Rav\rsconf.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2009-01-06 02:04 M:2009-01-14 22:41]
    C:\Program Files\Rising\Rav\rspalvd.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.21, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\ravbintl.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 25, C:2009-01-06 02:04 M:2009-01-06 02:02]
    C:\Program Files\Rising\Rav\mruleui.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10, C:2009-01-06 02:04 M:2009-01-06 02:02]
    C:\Program Files\Rising\Rav\MonTray.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.90, C:2009-01-06 02:04 M:2009-01-14 22:41]
    C:\Program Files\Rising\Rav\PngDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\RavITray.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 19, C:2009-01-06 02:04 M:2009-01-06 02:01]
    C:\Program Files\Rising\Rav\ScanPrxy.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.14, C:2009-01-06 02:04 M:2009-01-25 11:23]
    C:\Program Files\Rising\Rav\rsmginfo.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-01-06 02:04 M:2009-01-11 22:15]

[PID: 2284 / Administrator]   C:\WINDOWS\system32\Rundll32.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-01-07 19:26 M:2009-01-07 19:25]
    C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll  [(Verified)腾讯, 5, 0, 4, 15, C:2009-01-11 23:23 M:2008-11-24 11:02]
    C:\WINDOWS\DOWNLO~1\CnsMin.dll  [北京三七二一科技有限公司, 1, 5, 3, 6, C:2006-08-10 10:27 M:2006-08-10 10:27]

[PID: 2308 / Administrator]   C:\WINDOWS\system32\ctfmon.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-01-07 19:26 M:2009-01-07 19:25]
    C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll  [(Verified)腾讯, 5, 0, 4, 15, C:2009-01-11 23:23 M:2008-11-24 11:02]
    C:\WINDOWS\DOWNLO~1\CnsMin.dll  [北京三七二一科技有限公司, 1, 5, 3, 6, C:2006-08-10 10:27 M:2006-08-10 10:27]

[PID: 2360 / Administrator]   C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe   [(Verified)Google Inc., 2, 0, 301, 1654, C:2008-07-27 22:33 M:2008-07-27 22:33]
    C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\gtn.dll  [(Verified)Google Inc., 5, 0, 926, 3450, C:2009-01-17 22:56 M:2009-01-17 22:56]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-01-07 19:26 M:2009-01-07 19:25]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\DOWNLO~1\CnsMin.dll  [北京三七二一科技有限公司, 1, 5, 3, 6, C:2006-08-10 10:27 M:2006-08-10 10:27]
    C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll  [(Verified)腾讯, 5, 0, 4, 15, C:2009-01-11 23:23 M:2008-11-24 11:02]
    C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll  [(Verified)Google Inc., 5, 0, 926, 3450, C:2009-01-17 22:56 M:2009-01-17 22:56]

[PID: 2364 / LOCAL SERVICE]   C:\WINDOWS\System32\alg.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\System32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\WINDOWS\System32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-01-07 19:26 M:2009-01-07 19:25]

[PID: 2748 / Administrator]   C:\Program Files\Alisoft\WangWang\WangWang.exe   [(Verified)阿里巴巴软件(上海)有限公司, 5, 7, 0, 5, C:2008-12-14 18:39 M:2008-05-07 15:19]
    C:\Program Files\Alisoft\WangWang\AliViewCtrl.dll  [ 阿里巴巴软件(上海)有限公司, 1, 0, 0, 2, C:2008-12-14 18:39 M:2008-03-05 13:43]
    C:\Program Files\Alisoft\WangWang\VLNetwork.dll  [阿里巴巴软件(上海)有限公司, 1, 0, 0, 6, C:2008-12-14 18:39 M:2008-03-05 13:43]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80.DLL  [Microsoft Corporation, 8.00.50727.762, C:2006-12-02 00:25 M:2006-12-02 00:25]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll  [Microsoft Corporation, 8.00.50727.762, C:2006-12-01 22:54 M:2006-12-01 22:54]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll  [Microsoft Corporation, 8.00.50727.762, C:2006-12-01 22:54 M:2006-12-01 22:54]
    C:\Program Files\Alisoft\WangWang\AliViewMedia.dll  [ 阿里巴巴软件(上海)有限公司, 1, 0, 0, 2, C:2008-12-14 18:39 M:2008-03-05 13:43]
    C:\Program Files\Alisoft\WangWang\VideoCap.dll  [ 阿里巴巴软件(上海)有限公司, 1, 0, 0, 4, C:2008-12-14 18:39 M:2008-03-05 13:43]
    C:\Program Files\Alisoft\WangWang\VLAudio.dll  [ 阿里巴巴软件(上海)有限公司, 1, 0, 0, 5, C:2008-12-14 18:39 M:2008-03-05 13:42]
    C:\Program Files\Alisoft\WangWang\JsmShow.dll  [ 阿里巴巴软件(上海)有限公司, 1, 0, 0, 4, C:2008-12-14 18:39 M:2008-03-05 13:43]
    C:\Program Files\Alisoft\WangWang\AliSkin.dll  [阿里巴巴软件(上海)有限公司, 1.0.0.1, C:2008-12-14 18:39 M:2008-03-17 21:56]
    C:\Program Files\Alisoft\WangWang\PngLib.dll  [阿里巴巴软件（上海）有限公司, 1, 0, 0, 1, C:2008-12-14 18:39 M:2008-03-05 13:43]
    C:\Program Files\Alisoft\WangWang\zlib.dll  [(C) 1995-2004 Jean-loup Gailly & Mark Adler, 1.2.3, C:2008-12-14 18:39 M:2008-03-05 13:43]
    C:\Program Files\Alisoft\WangWang\ww_network.dll  [版权所有 (C) 2006-2007 阿里巴巴软件(上海)有限公司, 2, 1, 0, 1, C:2008-12-14 18:39 M:2008-03-05 13:45]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-01-07 19:26 M:2009-01-07 19:25]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80CHS.DLL  [Microsoft Corporation, 8.00.50727.762, C:2006-12-02 00:08 M:2006-12-02 00:08]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll  [(Verified)腾讯, 5, 0, 4, 15, C:2009-01-11 23:23 M:2008-11-24 11:02]
    C:\WINDOWS\DOWNLO~1\CnsMin.dll  [北京三七二一科技有限公司, 1, 5, 3, 6, C:2006-08-10 10:27 M:2006-08-10 10:27]
    C:\Program Files\Alisoft\WangWang\Ali_Res.DLL  [N/A, C:2008-12-14 18:39 M:2008-03-05 13:47]
    C:\WINDOWS\system32\shdoclc.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:1980-01-01 00:00 M:2008-04-13 18:53]
    C:\WINDOWS\system32\aliedit\aliedit.dll  [(Verified)Copyright 2008, 2, 1, 2, 1, C:2008-12-13 13:55 M:2008-07-22 11:13]
    C:\Program Files\Alisoft\WangWang\WangWangX6.dll  [(Verified)阿里巴巴软件(上海)有限公司, 1, 0, 0, 5, C:2008-12-14 18:39 M:2008-03-18 12:14]
    C:\Program Files\Alisoft\WangWang\RICHED20.dll  [Microsoft Corporation, 5.30.23.1221, C:2008-12-14 18:39 M:2005-03-15 16:35]
    C:\Program Files\Alisoft\WangWang\RichOne.dll  [阿里巴巴软件(上海)有限公司, 1.0.0.1, C:2008-12-14 18:39 M:2008-03-05 13:44]
    C:\Program Files\Alisoft\WangWang\TBProgress.dll  [阿里巴巴软件(上海)有限公司, 1.0.0.1, C:2008-12-14 18:39 M:2008-03-05 13:44]
    C:\Program Files\Alisoft\WangWang\MessageNotify.dll  [Copyright (C) 2004, 1, 0, 0, 1, C:2008-12-14 18:39 M:2008-05-07 12:09]
    C:\Program Files\Rising\Rav\RavScrCh.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.60, C:2008-07-27 16:18 M:2009-01-25 11:22]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:1980-01-01 00:00 M:2005-07-27 22:56]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:1980-01-01 00:00 M:2005-07-27 22:56]
    C:\WINDOWS\system32\msdmo.dll  [(Verified)N/A, C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\Program Files\Yuguo\idle.dll  [N/A, C:2007-06-05 20:23 M:2007-06-05 20:23]

[PID: 3116 / Administrator]   C:\Program Files\PIXELA\ImageMixer3\HDDCameraMonitor.exe   [PIXELA CORPORATION, 1.0.0.9, C:2008-11-30 17:31 M:2007-01-04 14:33]
    C:\Program Files\PIXELA\ImageMixer3\pxl_m17n_tool.dll  [N/A, C:2008-11-30 17:31 M:2006-09-29 18:08]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-01-07 19:26 M:2009-01-07 19:25]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll  [(Verified)腾讯, 5, 0, 4, 15, C:2009-01-11 23:23 M:2008-11-24 11:02]
    C:\WINDOWS\DOWNLO~1\CnsMin.dll  [北京三七二一科技有限公司, 1, 5, 3, 6, C:2006-08-10 10:27 M:2006-08-10 10:27]

[PID: 3656 / Administrator]   C:\Program Files\XinLan\coocare\SCMain.exe   [保留所有权利。, 1.7.0.44, C:2008-01-10 11:18 M:2008-01-10 11:18]
    C:\Program Files\XinLan\coocare\xml4c_5_4_0.dll  [Apache Software Foundation, 5, 3, 0, 0, C:2004-08-03 10:17 M:2004-08-03 10:17]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll  [Microsoft Corporation, 5.1.3102.5581 (xpsp_sp3_qfe.080415-1416), C:2009-02-06 14:06 M:2009-02-06 14:06]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL  [Microsoft Corporation, 8.00.50727.762, C:2006-12-02 00:25 M:2006-12-02 00:25]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll  [Microsoft Corporation, 8.00.50727.762, C:2006-12-01 22:54 M:2006-12-01 22:54]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-01-07 19:26 M:2009-01-07 19:25]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80CHS.DLL  [Microsoft Corporation, 8.00.50727.762, C:2006-12-02 00:08 M:2006-12-02 00:08]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll  [(Verified)腾讯, 5, 0, 4, 15, C:2009-01-11 23:23 M:2008-11-24 11:02]
    C:\WINDOWS\DOWNLO~1\CnsMin.dll  [北京三七二一科技有限公司, 1, 5, 3, 6, C:2006-08-10 10:27 M:2006-08-10 10:27]
    C:\Program Files\XinLan\coocare\PublicInterface.dll  [TODO: <公司名>, 1.7.0.44, C:2008-01-10 11:20 M:2008-01-10 11:20]
    C:\Program Files\XinLan\coocare\ShareDataCenter.Dll  [TODO: <公司名>, 1.7.0.44, C:2008-01-10 11:20 M:2008-01-10 11:20]
    C:\Program Files\XinLan\coocare\PopupInfo.dll  [TODO: <公司名>, 1.7.0.44, C:2008-01-10 11:20 M:2008-01-10 11:20]
    C:\Program Files\XinLan\coocare\SideBar.dll  [TODO: <公司名>, 1.7.0.44, C:2008-01-10 11:20 M:2008-01-10 11:20]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll  [Microsoft Corporation, 8.00.50727.762, C:2006-12-01 22:54 M:2006-12-01 22:54]
    C:\Program Files\XinLan\coocare\client_net.dll  [N/A, C:2008-01-09 15:25 M:2008-01-09 15:25]
    C:\Program Files\XinLan\coocare\CommClient.dll  [N/A, C:2008-01-09 15:25 M:2008-01-09 15:25]
    C:\Program Files\XinLan\coocare\ReliableUDP.dll  [N/A, C:2008-01-09 15:25 M:2008-01-09 15:25]
    C:\Program Files\XinLan\coocare\EncryptAndCompress.dll  [N/A, C:2008-01-09 15:25 M:2008-01-09 15:25]
    C:\Program Files\XinLan\coocare\LinkMan.dll  [TODO: <公司名>, 1.7.0.44, C:2008-01-10 11:18 M:2008-01-10 11:18]
    C:\Program Files\XinLan\coocare\SCChat.dll  [TODO: <公司名>, 1.7.0.44, C:2008-01-10 11:19 M:2008-01-10 11:19]
    C:\Program Files\XinLan\coocare\MessageServicePlugIn.dll  [版权所有 (C) 2007, 1.7.0.44, C:2008-01-10 11:15 M:2008-01-10 11:15]
    C:\Program Files\XinLan\coocare\conAgent_DLL.dll  [N/A, C:2007-09-17 08:38 M:2007-09-17 08:38]
    C:\Program Files\XinLan\coocare\MSVCP60.dll  [Microsoft Corporation, 6.00.8168.0, C:2003-12-04 12:02 M:2003-12-04 12:02]
    C:\Program Files\XinLan\coocare\WPIMgrCore.dll  [Starsoftcomm, 1.7.0.44, C:2008-01-10 11:23 M:2008-01-10 11:23]
    C:\Program Files\XinLan\coocare\SSCPlugins\SysInfo\SystemInfoPlugin.dll  [TODO: <Company name>, 1.7.0.44, C:2008-01-10 11:24 M:2008-01-10 11:24]
    C:\Program Files\XinLan\coocare\SSCPlugins\RemoteAssist\RemoteAssistancePlug.dll  [TODO: <Company name>, 1.7.0.44, C:2008-01-10 11:23 M:2008-01-10 11:23]
    C:\Program Files\XinLan\coocare\SSCPlugins\RemoteDesk\RemoteDeskPlug.dll  [TODO: <Company name>, 1.7.0.44, C:2008-01-10 11:24 M:2008-01-10 11:24]
    C:\Program Files\XinLan\coocare\SSCPlugins\RemoteSound\RemoteSound.dll  [TODO: <Company name>, 1.7.0.44, C:2008-01-10 11:24 M:2008-01-10 11:24]
    C:\Program Files\XinLan\BD5E766C2FD94B4D91CAB1371B42C0CB\webdriver.dll  [StarSoftComm, 1.7.0.42, C:2008-01-02 17:44 M:2008-01-02 17:44]
    C:\Program Files\XinLan\7667EE74EABA4A26B4A71853C01BFDBF\MSPClient.dll  [版权所有 (C) 2008, 1, 0, 0, 1, C:2008-01-16 09:30 M:2008-01-16 09:30]
    C:\Program Files\XinLan\7667EE74EABA4A26B4A71853C01BFDBF\HttpCommunication.dll  [StarSoftComm, 1.6.1.12, C:2007-11-08 23:10 M:2007-11-08 23:10]
    C:\Program Files\XinLan\9542D647A2C44D3CBC76A36451623A09\RealTimeProPlugIn.dll  [StarSoftComm, 1.7.0.30, C:2008-01-14 18:44 M:2008-01-14 18:44]
    C:\Program Files\XinLan\2BB325ADDA12450DA6D9B1446350A4E9\UIDrvCtrl.dll  [StarSoftComm, 1.7.0.24, C:2007-12-27 19:31 M:2007-12-27 19:31]
    C:\Program Files\XinLan\1CA199C6B10D43B09A8F49A1BCC6FC13\AntiVirusPlugIn.dll  [StarSoftComm, 1.7.0.40, C:2008-01-15 03:30 M:2008-01-15 03:30]
    C:\Program Files\XinLan\1230D20A99E04B75AEDC0E0589C00F53\SBRPlugIn.dll  [StarSoftComm, 1.7.0.45, C:2008-01-04 02:36 M:2008-01-04 02:36]
    C:\Program Files\XinLan\coocare\SSCPlugins\RemoteDesk\starvncmanage.dll  [N/A, C:2008-01-08 18:13 M:2008-01-08 18:13]
    C:\Program Files\XinLan\1CA199C6B10D43B09A8F49A1BCC6FC13\AntiVirseInvoke.dll  [StarSoftComm, 1.7.0.40, C:2008-01-15 03:31 M:2008-01-15 03:31]
    C:\Program Files\XinLan\coocare\MSPActive.dll  [版权所有 (C) 2006, 1.7.0.44, C:2008-01-10 11:17 M:2008-01-10 11:17]

[PID: 2636 / Administrator]   E:\arswp2\ArSwp.exe   [(Verified)ArSwp.com, 2, 8, 2, 1115, C:2009-02-15 22:34 M:2008-11-15 11:58]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2009-01-07 19:26 M:2009-01-07 19:25]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2007-06-01 00:00 M:2007-06-01 00:00]
    C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll  [(Verified)腾讯, 5, 0, 4, 15, C:2009-01-11 23:23 M:2008-11-24 11:02]
    C:\WINDOWS\DOWNLO~1\CnsMin.dll  [北京三七二一科技有限公司, 1, 5, 3, 6, C:2006-08-10 10:27 M:2006-08-10 10:27]
    E:\arswp2\plugin\ArFix.dll  [(Verified)ArSwp.Com, 2, 5, 0, 0, C:2009-02-15 22:34 M:2007-11-28 15:19]
    C:\Program Files\Yuguo\idle.dll  [N/A, C:2007-06-05 20:23 M:2007-06-05 20:23]
    C:\WINDOWS\system32\shdoclc.dll  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:1980-01-01 00:00 M:2008-04-13 18:53]


========================================
文件关联



========================================
AutoRun.INF



========================================
Winsock提供者



========================================
HOSTS

    127.0.0.1 localhost


[/CODE]