[CODE]

2009-06-25,09:44:53

SysLog Scanner 1.0 - build 20080726
Arswp (http://www.arswp.com)

Windows XP Professional Service Pack 2 (build 2600) - Administrators



========================================
注册项

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <cszSenddata><C:\Program Files\浙江联众\出生证明\SendData.exe>  []
    <PPS Accelerator><C:\Program Files\PPStream\ppsap.exe>  [(Verified)PPStream Inc, 1, 0, 11, 139, C:2008-07-02 10:15 M:2008-08-07 15:31]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start>  [(Verified)360安全中心, 5, 0, 0, 1020, C:2009-05-19 17:06 M:2009-05-19 17:06]
    <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r>  [(Verified)360安全中心, 2, 5, 1, 1005, C:2009-02-06 11:53 M:2009-02-06 11:53]
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  [N/A, ]
    <UUSEE><C:\Program Files\Common Files\uusee\UUSeeMediaCenter.exe>  []

[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><""C:\Program Files\Coopen\Coopen.scr"">  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <C:\WINDOWS\fonts\tvhafqsv.nls><>  []
    <C:\WINDOWS\fonts\wxboprdg.nls><>  []
    <C:\WINDOWS\fonts\kyyrylti.nls><>  []
    <C:\WINDOWS\fonts\ibtswwpr.nls><>  []
    <C:\WINDOWS\fonts\zxgcvlog.nls><>  []
    <C:\WINDOWS\fonts\czaifmyq.nls><>  []
    <C:\WINDOWS\fonts\papmuvjr.nls><>  []
    <C:\WINDOWS\fonts\tpziceri.nls><>  []
    <C:\WINDOWS\fonts\kgmlsvss.nls><>  []
    <C:\WINDOWS\fonts\ejwrfqkj.dll><>  []
    <C:\WINDOWS\fonts\umgtjogd.dll><>  []
    <C:\WINDOWS\fonts\zpmtgths.nls><>  []
    <C:\WINDOWS\fonts\jyctbpvl.nls><>  []
    <C:\WINDOWS\fonts\wxvwikjk.nls><>  []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&U使用纳米机器人下载并收藏]
    <><C:\Program Files\NamiRobot\Data\du.html>  [N/A, C:2008-06-17 13:59 M:2008-06-17 13:59]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\导出到 Microsoft Office Excel(&X)]
    <><res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000>  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    <WinlogonNotify: igfxcui><igfxsrvc.dll>  [Intel Corporation, 3.0.0.3889, C:2008-07-02 09:14 M:2004-08-20 15:50]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)N/A, C:1980-01-01 00:00 M:2004-08-17 12:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)N/A, C:1980-01-01 00:00 M:2004-08-17 12:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)N/A, C:1980-01-01 00:00 M:2005-01-28 15:25]


========================================
启动项

[Service Manager]
    <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Service Manager.lnk --> "C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe" /n > [Microsoft Corporation, 2000.080.0760.00, C:2002-12-17 17:23 M:2002-12-17 17:23]


========================================
计划任务



========================================
组件


Shell Extension
[Display Panning CPL Extension]
    {42071714-76d4-11d1-8b24-00a0c9068ff3}  <deskpan.dll>  []
[HyperTerminal Icon Ext]
    {88895560-9AA2-1069-930E-00AA0030EBC8}  <C:\WINDOWS\system32\hticons.dll>  [(Verified)Hilgraeve, Inc., 5.1.2600.0, C:2006-11-07 01:29 M:2004-08-17 20:00]
[WinRAR shell extension]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <C:\Program Files\WinRAR\rarext.dll>  [N/A, C:2008-02-02 02:17 M:2007-09-21 16:56]
[Sucop File Force Killer]
    {B62954A8-2446-4AEA-A2EE-489863352A51}  <C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.406\FileForceKiller.dll>  []

BrowserHelperObject
[SafeMon Class]
    {B69F34DD-F0F9-42DC-9EDD-957187DA688D}  <C:\Program Files\360safe\safemon\safemon.dll>  [(Verified)360.CN, 5, 0, 0, 1012, C:2008-05-27 18:20 M:2009-06-12 21:30]

ActiveX Extension
[iTrusPTA Class]
    {1E0DFFCF-27FF-4574-849B-55007349FEDA}  <C:\WINDOWS\system32\aliedit\pta.dll>  [(Verified)Copyright 2001, 2, 5, 1, 509, C:2009-03-01 08:08 M:2008-03-11 18:50]
[Recorder Control]
    {2423AB16-9F42-457B-A337-FE3B11964DB0}  <C:\PROGRA~1\bluesky\BLUESK~1\recorder.ocx>  [Bluesky Studio (http://www.bluesky.cn), 1, 0, 1, 3, C:2008-05-16 10:03 M:2008-05-16 10:03]
[BlueskyVideo Control]
    {2EA6D939-4445-43F1-A12B-8CB3DDA8B855}  <C:\PROGRA~1\bluesky\BLUESK~1\v2.ocx>  [Bluesky Studio (http://www.bluesky.cn), 8, 1, 9, 3, C:2008-07-22 17:16 M:2008-07-22 17:16]
[Ppd Control]
    {2F2BA87D-385E-4922-B41C-06E190B06AA9}  <C:\PROGRA~1\bluesky\BLUESK~1\ppd.ocx>  [Bluesky Studio(http://www.bluesky.cn), 1, 0, 1, 9, C:2008-07-21 11:06 M:2008-07-21 11:06]
[Share Control]
    {3072B1F1-0C4D-4E76-A7C6-FBAF129DBCC9}  <C:\PROGRA~1\bluesky\BLUESK~1\share.ocx>  [Bluesky Studio (http://www.bluesky.cn), 8, 1, 3, 7, C:2008-06-10 17:27 M:2008-06-10 17:27]
[EditCtrl Class]
    {488A4255-3236-44B3-8F27-FA1AECAA8844}  <C:\WINDOWS\system32\aliedit\aliedit.dll>  [(Verified)Copyright 2008, 2, 1, 2, 1, C:2009-03-01 08:08 M:2008-07-22 11:13]
[PP Control]
    {616DACC1-C5E6-4646-B36A-3FA4FC726BAD}  <C:\PROGRA~1\bluesky\BLUESK~1\ppc.ocx>  [Bluesky Studio (http://www.bluesky.cn), 2, 2, 3, 7, C:2008-07-10 11:31 M:2008-07-10 11:31]
[Videohelp Control]
    {75B75D86-D88B-4BEA-BC59-BFD9D7300518}  <C:\PROGRA~1\bluesky\BLUESK~1\VIDEOH~1.OCX>  [Bluesky Studio(http://www.bluesky.cn), 8, 1, 0, 0, C:2008-04-21 15:07 M:2008-04-21 15:07]
[360SafeLive]
    {87515F61-A66C-4319-A0E0-D416CB8059E3}  <C:\Program Files\360safe\live.dll>  [(Verified)360.cn, 1, 0, 2, 1005, C:2009-05-15 15:11 M:2009-05-15 15:11]
[Filetran Control]
    {88734439-46D0-42C0-A13F-7E881EE550CF}  <C:\PROGRA~1\bluesky\BLUESK~1\filetran.ocx>  [Bluesky Studio(http://www.bluesky.cn), 1, 1, 0, 1, C:2007-10-09 12:10 M:2007-10-09 12:10]
[Chat Control]
    {94EFE58C-E678-4808-AD65-24CE4B94C1FE}  <C:\PROGRA~1\bluesky\BLUESK~1\chat.ocx>  [Bluesky Studio(http://www.bluesky.cn), 1, 0, 0, 8, C:2007-11-27 10:59 M:2007-11-27 10:59]
[Blueskyvoice Control]
    {991481A7-4669-4e15-8C24-100404E1F5CB}  <C:\PROGRA~1\bluesky\BLUESK~1\BLUESK~1.OCX>  [Bluesky Studio (http://www.bluesky.cn), 9, 0, 2, 7, C:2008-07-01 11:18 M:2008-07-01 11:18]
[Display Control]
    {A1D97DB3-E564-4743-B2E7-6F5182CBF406}  <C:\PROGRA~1\bluesky\BLUESK~1\display.ocx>  [Bluesky Studio (http://www.bluesky.cn), 1, 0, 1, 8, C:2008-05-16 12:20 M:2008-05-16 12:20]
[Tracechat Control]
    {A40335C4-D3D1-4E7B-9130-039CDA5B603C}  <C:\PROGRA~1\bluesky\BLUESK~1\TRACEC~1.OCX>  [Bluesky Studio(http://www.bluesky.cn), 1, 0, 0, 6, C:2007-07-29 18:54 M:2007-07-29 18:54]
[Imgsend Control]
    {AA1561BF-D290-4060-919B-499849629205}  <C:\PROGRA~1\bluesky\BLUESK~1\imgsend.ocx>  [Bluesky Studio (http://www.bluesky.cn), 1, 0, 0, 2, C:2008-04-16 17:44 M:2008-04-16 17:44]
[PPChat Control]
    {AFB97F16-B7E8-4EB1-8133-FBD5AA2EBB3B}  <C:\PROGRA~1\bluesky\BLUESK~1\ppchat.ocx>  [Bluesky Studio(http://www.bluesky.cn), 1, 0, 0, 6, C:2007-10-09 12:43 M:2007-10-09 12:43]
[SafeMon Class]
    {B69F34DD-F0F9-42DC-9EDD-957187DA688D}  <C:\Program Files\360safe\safemon\safemon.dll>  [(Verified)360.CN, 5, 0, 0, 1012, C:2008-05-27 18:20 M:2009-06-12 21:30]
[Blueskyvoice Control]
    {BA0F088C-72C1-475a-92F8-42391DEF6961}  <C:\PROGRA~1\bluesky\BLUESK~1\BLUESK~2.OCX>  [蓝天工作室(http://www.bluesky.cn), 2, 6, 0, 1, C:2007-09-17 15:50 M:2007-09-17 15:50]
[Client Control]
    {C7B0C764-5D4E-433E-A854-591F28520577}  <C:\PROGRA~1\bluesky\BLUESK~1\client.ocx>  [BlueskyStudio(http://www.bluesky.cn), 1, 0, 0, 4, C:2007-07-29 18:01 M:2007-07-29 18:01]
[Play Control]
    {CC20DDA1-9A21-4DEC-B5BE-E61E0351FCA9}  <C:\PROGRA~1\bluesky\BLUESK~1\play.ocx>  [Bluesky Studio (http://www.bluesky.cn), 1, 0, 1, 9, C:2008-05-16 17:35 M:2008-05-16 17:35]
[RealPlayer G2 Control]
    {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA}  <C:\WINDOWS\system32\rmoc3260.dll>  [(Verified)RealNetworks, Inc., 6.0.9.2568, C:2006-10-18 23:05 M:2006-10-18 23:05]
[Shockwave Flash Object]
    {D27CDB6E-AE6D-11CF-96B8-444553540000}  <C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx>  [(Verified)Adobe Systems, Inc., 10,0,22,87, C:2009-02-03 10:07 M:2009-02-03 10:07]
[QvodCtrl Class]
    {F3D0D36F-23F8-4682-A195-74C92B03D4AF}  <C:\Program Files\benten\QvodInsert.dll>  []

Context Menu
[NamipanExt]
    {5696473A-FC50-4CA7-B87A-AF60201B04DD}  <C:\Program Files\NamiRobot\Data\NamipanExt1.dll>  [N/A, C:2008-06-17 13:59 M:2008-06-17 13:59]
[Sucop File Force Killer]
    {B62954A8-2446-4AEA-A2EE-489863352A51}  <C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.406\FileForceKiller.dll>  []
[WinRAR]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <C:\Program Files\WinRAR\rarext.dll>  [N/A, C:2008-02-02 02:17 M:2007-09-21 16:56]


========================================
服务

[3ware Controller Service / 3wareSrv][Stopped/Disabled]
    <%SystemRoot%\System32\3wareSrv.exe>  [N/A, C:2008-02-04 20:55 M:2006-02-26 23:21]
[MS Driver Management Service / 6to4][Stopped/Auto Start]
    <%sYSTEMrOOT%\sYSTEM32\SVCHOST.EXE -K NETSVCS --> "C:\Documents and Settings\Local User\360.dll">  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
[cknhcd / cknhcd][Stopped/Auto Start]
    <C:\WINDOWS\system32\SVCHOST.EXE -k cknhcd --> "%SystemRoot%\System32\ohcxnh.fdf">  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
[Distributed File System / Dfs][Stopped/Auto Start]
    <C:\Program Files\Common Files\Microsoft Shared\MSINFO\rejoice2009.exe>  []
[dudejmj / ias][Stopped/Auto Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "C:\WINDOWS\system32\dudej.ref">  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
[Microsoft Windows Update Manager / irmon][Stopped/Auto Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "C:\WINDOWS\system32\ntirmon.dll">  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
[ljnkau / ljnkau][Stopped/Auto Start]
    <C:\WINDOWS\system32\svchost -k ljnkau --> "%SystemRoot%\System32\byzgyy.fvg">  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
[Heal Certificate Management / msnapa][Stopped/Auto Start]
    <C:\Program Files\Microsoft Office\smss.exe>  []
[MSSQLSERVER / MSSQLSERVER][Running/Auto Start]
    <D:\MSDESP3\Mssql\BinnMSSQL\Binn\sqlservr.exe -sMSSQLSERVER>  [Microsoft Corporation, 2000.080.0760.00, C:2002-12-17 17:26 M:2002-12-17 17:26]
[MSSQLServerADHelper / MSSQLServerADHelper][Stopped/Manual Start]
    <C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe>  [Microsoft Corporation, 2000.080.0760.00, C:2002-12-17 17:23 M:2002-12-17 17:23]
[National Instruments Domain Service / Nationalnye][Stopped/Auto Start]
    <C:\WINDOWS\system32\svcewqka.exe>  []
[Nationalmem  Instruments Domain Service / Nationalqlg][Stopped/Auto Start]
    <C:\WINDOWS\system32\svcclrmi.exe>  []
[Microsoft Windows Update Manager  / nwcworkstation][Stopped/Auto Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "C:\WINDOWS\system32\ntnwcworkstation.dll">  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
[qhbjam / qhbjam][Stopped/Auto Start]
    <C:\WINDOWS\system32\SVCHOST.EXE -k qhbjam --> "%SystemRoot%\System32\fzefky.gtm">  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
[qihypu / qihypu][Stopped/Auto Start]
    <C:\WINDOWS\system32\svchost -k qihypu --> "%SystemRoot%\System32\wtaoek.kll">  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
[qqraq / qqraq][Stopped/Disabled]
    <C:\WINDOWS\system32\qqraq.exe>  []
[rhokpg / rhokpg][Stopped/Auto Start]
    <C:\WINDOWS\system32\SVCHOST.EXE -k rhokpg --> "%SystemRoot%\System32\ohcxnh.fdf">  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
[Remote Administrator Service / r_server][Running/Auto Start]
    <"C:\WINDOWS\system32\r_server.exe" /service>  [Software and all its components Copyright ? 1999-2004 Dmitri Znosko. All rights reserved., 2, 2, 0, 0, C:2008-10-15 13:21 M:2004-06-16 21:59]
[hUVoBRqr / S3U5sRZ4][Stopped/Auto Start]
    <C:\WINDOWS\system32\svchost.exe -k S3U5sRZ4 --> "C:\WINDOWS\system32\6ynjyugG.dll">  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
[SQLSERVERAGENT / SQLSERVERAGENT][Stopped/Manual Start]
    <D:\MSDESP3\Mssql\BinnMSSQL\Binn\sqlagent.EXE -i MSSQLSERVER>  [Microsoft Corporation, 2000.080.0760.00, C:2002-12-17 17:23 M:2002-12-17 17:23]
[Windows Image Acquisition   / stisve][Stopped/Disabled]
    <%sYSTEMrOOT%\sYSTEM32\SVCHOST.EXE -k krnlsrvc --> "C:\WINDOWS\system32\RxmctrC.dll">  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
[tfraq / tfraq][Stopped/Disabled]
    <C:\WINDOWS\system32\tfraq.exe>  []
[tgaq / tgaq][Stopped/Disabled]
    <C:\WINDOWS\system32\tgaq.exe>  []
[msp d / To ljd][Stopped/Disabled]
    <C:\WINDOWS\system32\Tow.exe>  []
[toaq / toaq][Stopped/Disabled]
    <C:\WINDOWS\system32\toaq.exe>  []
[tqaq / tqaq][Stopped/Disabled]
    <C:\WINDOWS\system32\tqaq.exe>  []
[tsraq / tsraq][Stopped/Disabled]
    <C:\WINDOWS\system32\tsraq.exe>  []
[twaq / twaq][Stopped/Disabled]
    <C:\WINDOWS\system32\twaq.exe>  []
[Windows User Mode Driver Framework / UMWdf][Stopped/Disabled]
    <C:\WINDOWS\system32\wdfmgr.exe>  []
[Windodasws Help System / WinHokodsaelp32][Stopped/Auto Start]
    <C:\WINDOWS\system32\WinHelp3okoka2.exe>  []
[ylphdq / ylphdq][Stopped/Auto Start]
    <C:\WINDOWS\system32\svchost -k ylphdq --> "%SystemRoot%\System32\vuzpqb.dll">  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]

[Kingsoft Antivirus WebShield Service / Kingsoft Antivirus WebShield Service][Running/Auto Start]
    <C:\Program Files\Kingsoft\KSWebShieldSVC\KSWebShield.exe>  [(Verified)Kingsoft Corporation, 2009,06,16,134, C:2009-06-25 09:35 M:2009-06-17 09:16]
[Kingsoft Rescue Service / Kingsoft Rescue Service][Running/Auto Start]
    <F:\电脑安全区域\KSM2.0\KSMSvc.exe>  [(Verified)Copyright (C) 2008, 2009, 4, 8, 3, C:2009-06-25 09:34 M:2009-06-18 14:49]
[Kingsoft Antivirus XEngine Service(Beta) / KxEServBeta][Running/Auto Start]
    <C:\Program Files\Common Files\Kingsoft\CommonService_Beta\kxeserv.exe>  [(Verified)Kingsoft Corporation, 2009,06,17,28, C:2009-06-25 09:34 M:2009-06-17 20:13]


========================================
驱动

[aaatimeo / aaatimeo][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\aaatimeo.sys>  [Microsoft Corporation, 5.00.1877.1, C:2008-02-04 20:55 M:2006-02-26 23:21]
[AFAMgt / AFAMgt][Running/Boot Start]
    <system32\DRIVERS\afamgt.sys>  [Adaptec, Inc., 4.1.0.7427, C:2008-02-04 20:55 M:2006-03-28 22:43]
[ahcix86 / ahcix86][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\ahcix86.sys>  [ATI Technologies Inc.,  2.5.1540.39 built by: WinDDK, C:2008-02-04 20:55 M:2007-03-07 18:47]
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
    <system32\drivers\ALCXWDM.SYS>  [Realtek Semiconductor Corp., 5.10.00.6280 built by: WinDDK, C:2008-07-02 09:24 M:2008-01-24 16:36]
[amdbusdr / amdbusdr][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\amdbusdr.sys>  [AMD, 8.2.8, C:2008-02-04 20:55 M:2006-02-26 23:21]
[AMD EIDE 驱动程衼E / amdeide][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\AmdEide.sys>  [AMD, 8.2.8, C:2008-02-04 20:55 M:2006-02-26 23:21]
[AMD K8 Processor Driver / AmdK8][Stopped/Manual Start]
    <System32\DRIVERS\amdk8.sys>  [Advanced Micro Devices, 1.3.2 (dnsrv(wmbla).060701-2226), C:2005-08-12 09:09 M:2006-07-01 22:43]
[SiI-3112 SATALink  Controller / ASH1205][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\ASH1205.sys>  [Silicon Image, Inc., 1, 0, 0, 41, C:2008-02-04 20:55 M:2006-02-26 23:21]
[ata1200a / ata1200a][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\ata1200a.sys>  [Adaptec, Inc., v1.3, C:2008-02-04 20:55 M:2006-02-26 23:21]
[atiide / atiide][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\atiide.sys>  [ATI Technologies Inc., 1.00.0000.3 built by: WinDDK, C:2008-02-04 20:55 M:2006-02-26 23:21]
[Promise driver accelerator / bb-run][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\bb-run.sys>  [Promise Technology, Inc.,  1.0.1.2 built by: WinDDK, C:2008-02-04 20:55 M:2003-11-05 15:45]
[DELL CERC SATA 1.5/6ch RAID Miniport Driver / cercsr6][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\cercsr6.sys>  [Adaptec, Inc., 4.1.0.7010, C:2008-02-04 20:55 M:2006-03-28 22:43]
[Cpq32fs2 / Cpq32fs2][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\Cpq32fs2.sys>  [Hewlett-Packard Company, 5.24.00.0, C:2008-02-04 20:55 M:2002-11-18 23:47]
[Promise Removable Disk Control Driver / dontgo][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\DontGo.sys>  [Promise Technology, Inc.,  1.0.0.3 built by: WinDDK, C:2008-02-04 20:55 M:2006-02-26 23:21]
[fttxr52P / fttxr52P][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\fttxr52P.sys>  [Promise Technology, Inc.,  2.6.0.311 built by: WinDDK, C:2008-02-04 20:55 M:2005-11-09 01:07]
[HpCISSm2 / HpCISSm2][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\HpCISSm2.sys>  [Hewlett-Packard Company, 5.8.0.32 Build 1 (x86), C:2006-05-28 14:57 M:2006-06-16 18:17]
[hptmv6 / hptmv6][Stopped/Boot Start]
    <system32\DRIVERS\hptmv6.sys>  [HighPoint Technologies, Inc., v1.04, C:2008-02-04 20:55 M:2006-02-26 23:21]
[ialm / ialm][Running/Manual Start]
    <system32\DRIVERS\ialmnt5.sys>  [Intel Corporation, 6.14.10.3889, C:2008-07-02 09:14 M:2004-08-20 16:26]
[Intel  RAID Controller / iaStor55][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\iaStor55.sys>  [Intel Corporation, 5.5.0.1035, C:2008-02-04 20:55 M:2005-10-12 18:07]
[mv61xx / mv61xx][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\mv61xx.sys>  [Marvell Semiconductor, Inc.,  1.2.0.24  built by: WinDDK, C:2008-02-04 20:55 M:2007-02-09 20:24]
[mvSata / mvSata][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\mvsata.sys>  [Marvell Semiconductors Inc., 3, 4, 1, 2, C:2008-02-04 20:55 M:2004-09-24 06:34]
[nvgts / nvgts][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\nvgts.sys>  [NVIDIA Corporation, 10.1.0.20 built by: WinDDK, C:2008-02-04 20:55 M:2007-09-11 23:18]
[NVIDIA nForce RAID Driver / nvrd32][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\nvrd32.sys>  [NVIDIA Corporation, 10.1.0.20 built by: WinDDK, C:2008-02-04 20:55 M:2007-09-11 15:18]
[ql2100 / ql2100][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\ql2100.sys>  [QLogic Corporation, 7.05.05 (W2K), C:2006-08-31 00:17 M:2006-02-26 23:21]
[ql2200 / ql2200][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\ql2200.sys>  [QLogic Corporation, 8.1.5.12 (W2K IP), C:2006-08-31 00:17 M:2006-02-26 23:21]
[rr172x / rr172x][Stopped/Boot Start]
    <system32\DRIVERS\rr172x.sys>  [HighPoint Technologies, Inc., v1.0, C:2008-02-04 20:55 M:2007-06-12 18:06]
[rr174x / rr174x][Stopped/Boot Start]
    <system32\DRIVERS\rr174x.sys>  [HighPoint Technologies, Inc., v1.02, C:2008-02-04 20:55 M:2007-02-01 21:14]
[rr2340 / rr2340][Stopped/Boot Start]
    <system32\DRIVERS\rr2340.sys>  [HighPoint Technologies, Inc., v1.4, C:2008-02-04 20:55 M:2007-07-02 23:14]
[SATALink External Device Filter / SiRemFil][Running/Boot Start]
    <system32\DRIVERS\SiRemFil.sys>  [Silicon Image, Inc., 1, 1, 6, 0, C:2008-02-04 20:55 M:2006-10-18 20:20]
[sisraidx / sisraidx][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\sisraidx.sys>  [Silicon Integrated Systems Corp., 2.11.01 built by: WinDDK, C:2008-02-04 20:55 M:2007-01-12 21:36]
[ViBus / ViBus][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\ViBus.sys>  [VIA Technologies, Inc., 6.0.6000.212, C:2008-02-04 20:55 M:2007-03-26 21:26]
[videX32 / videX32][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\videX32.sys>  [VIA Technologies, Inc., 6.0.3790.160, C:2008-02-04 20:55 M:2006-10-18 03:22]
[VIA SATA IDE Device Driver / ViPrt][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\ViPrt.sys>  [VIA Technologies, Inc., 6.0.6000.212, C:2008-02-04 20:55 M:2007-03-26 21:26]
[VIA SATA IDE Hot-plug Driver / xfilt][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\xfilt.sys>  [VIA Technologies,Inc, 6.0.5728.160, C:2008-02-04 20:55 M:2006-10-19 00:39]

[360AntiArp / 360AntiArp][Running/System Start]
    <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys>  [(Verified)360安全中心, 1, 0, 1, 1009, C:2008-12-25 13:33 M:2008-12-25 13:33]
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
    <system32\drivers\ac97intc.sys>  [(Verified)Intel Corporation, 5.10.3523 built by: WinDDK, C:2006-11-07 01:20 M:2001-08-17 12:20]
[AliIde / AliIde][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\aliide.sys>  [(Verified)Acer Laboratories Inc., 1.20, C:2005-06-29 18:14 M:2005-06-16 08:58]
[AMD AGP Bus Filter Driver / amdagp][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\amdagp.sys>  [(Verified)Advanced Micro Devices, Inc., 5.00 (xpsp_sp2_rtm.040803-2158), C:2008-02-04 20:55 M:2004-08-03 23:07]
[bootsafe / bootsafe][Running/Boot Start]
    <system32\Drivers\bootsafe.sys>  [(Verified)Copyright (C) 2008, 2009, 1, 6, 12, C:2009-06-25 09:35 M:2009-06-04 17:31]
[BREGDRV / BREGDRV][/Boot Start]
    <\??\C:\WINDOWS\system32\drivers\bregdrv.sys>  [(Verified)360安全中心, 1.0.0.1010, C:2009-05-31 08:06 M:2009-04-15 15:58]
[Brother USB Still Image driver / BrScnUsb][Running/Manual Start]
    <System32\Drivers\BrScnUsb.sys>  [(Verified)Brother Industries Ltd., 1,0,2,1, C:2008-07-02 09:56 M:2004-10-15 11:50]
[Brother MFC Serial Port Interface WDM Driver / BrSerIf][Running/Manual Start]
    <System32\Drivers\BrSerIf.sys>  [(Verified)Brother Industries Ltd., 1.0.2.4 built by: WinDDK, C:2008-07-02 09:56 M:2006-01-18 21:44]
[Brother MFC USB Serial WDM Driver / BrUsbSer][Running/Manual Start]
    <System32\Drivers\BrUsbSer.sys>  [(Verified)Brother Industries Ltd., 1,0,1,0 built by: WinDDK, C:2008-07-02 09:56 M:2006-01-19 02:17]
[CmdIde / CmdIde][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\cmdide.sys>  [(Verified)CMD Technology, Inc., 2.0.7 (XPClient.010817-1148), C:2004-04-12 20:37 M:2001-08-31 15:29]
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
    <system32\DRIVERS\fetnd5.sys>  [(Verified)VIA Technologies, Inc.              , 2.66, C:2006-11-07 01:20 M:2001-08-17 12:13]
[Intel RAID  Controller / iaStor70][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\iaStor70.sys>  [(Verified)Intel Corporation, 7.0.0.1020, C:2008-02-04 20:55 M:2007-02-12 19:36]
[nv / nv][Stopped/Manual Start]
    <system32\DRIVERS\nv4_mini.sys>  [(Verified)NVIDIA Corporation, 6.14.10.5673, C:2006-11-07 01:20 M:2004-08-03 22:29]
[DDK PACKET Protocol / Packet][Stopped/Manual Start]
    <system32\DRIVERS\ProtoDrv.sys>  [(Verified)360安全中心, 1, 0, 1, 1002, C:2008-09-28 01:50 M:2008-09-28 01:50]
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
    <system32\DRIVERS\ptilink.sys>  [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:2004-08-17 12:00 M:2004-08-17 12:00]
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
    <system32\DRIVERS\RTL8139.SYS>  [(Verified)Realtek Semiconductor Corporation, 5.398.613.2003 built by: WinDDK, C:2008-07-02 09:14 M:2004-08-03 22:31]
[SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
    <\??\C:\WINDOWS\system32\drivers\SafeBoxKrnl.sys>  [(Verified)360安全中心, 2, 3, 0, 1010, C:2009-03-03 18:15 M:2009-03-03 18:15]
[Secdrv / Secdrv][Stopped/Manual Start]
    <system32\DRIVERS\secdrv.sys>  [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:2004-08-17 12:00 M:2007-11-13 18:25]
[SIS AGP Bus Filter / sisagp][Stopped/Disabled]
    <\SystemRoot\system32\DRIVERS\sisagp.sys>  [(Verified)Silicon Integrated Systems Corporation, 5.12.01.2010 (xpsp_sp2_rtm.040803-2158), C:2008-02-04 20:55 M:2004-08-03 23:07]
[WoptiHWDetect / WoptiHWDetect][Stopped/Manual Start]
    <\??\C:\Program Files\Wopti\WoptiHWDetect.sys>  [(Verified)SSN, 1.2.7.829, C:2008-08-04 15:42 M:2007-10-23 11:07]


========================================
进程

[PID: 468 / SYSTEM]   \SystemRoot\System32\smss.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]

[PID: 520 / SYSTEM]   \??\C:\WINDOWS\system32\csrss.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]

[PID: 544 / SYSTEM]   \??\C:\WINDOWS\system32\winlogon.exe   [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2006-09-24 16:42]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]

[PID: 588 / SYSTEM]   C:\WINDOWS\system32\services.exe   [(Verified)Microsoft Corporation, 5.1.2600.3520 (xpsp_sp2_qfe.090206-1239), C:2004-08-17 12:00 M:2009-02-09 17:48]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]

[PID: 600 / SYSTEM]   C:\WINDOWS\system32\lsass.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]

[PID: 736 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]

[PID: 804 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]

[PID: 840 / SYSTEM]   C:\WINDOWS\System32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\System32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]

[PID: 896 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]

[PID: 948 / LOCAL SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]

[PID: 1088 / SYSTEM]   C:\Program Files\Kingsoft\KSWebShieldSVC\KSWebShield.exe   [(Verified)Kingsoft Corporation, 2009,06,16,134, C:2009-06-25 09:35 M:2009-06-17 09:16]
    C:\Program Files\Kingsoft\KSWebShieldSVC\kwssp.dll  [(Verified)Kingsoft Corporation, 2009,06,16,134, C:2009-06-25 09:35 M:2009-06-17 09:16]
    C:\Program Files\Kingsoft\KSWebShieldSVC\kswebshield.dll  [(Verified)Kingsoft Corporation, 2009,06,16,134, C:2009-06-25 09:35 M:2009-06-17 09:16]
    C:\Program Files\Kingsoft\KSWebShieldSVC\kxestat.dll  [(Verified)Kingsoft Corporation, 2009,06,15,24, C:2009-06-25 09:35 M:2009-06-17 09:16]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]

[PID: 1156 / SYSTEM]   F:\电脑安全区域\KSM2.0\KSMSvc.exe   [(Verified)Copyright (C) 2008, 2009, 4, 8, 3, C:2009-06-25 09:34 M:2009-06-18 14:49]
    F:\电脑安全区域\KSM2.0\MSVCR80.dll  [Microsoft Corporation, 8.00.50727.762, C:2009-06-25 09:34 M:2009-06-18 16:24]
    F:\电脑安全区域\KSM2.0\MSVCP80.dll  [Microsoft Corporation, 8.00.50727.762, C:2009-06-25 09:34 M:2009-06-18 16:24]
    F:\电脑安全区域\KSM2.0\KSMCore.dll  [Copyright (C) 2008, 2009, 6, 23, 102, C:2009-06-25 09:34 M:2009-06-24 16:35]
    F:\电脑安全区域\KSM2.0\kxebase.dll  [(Verified)Kingsoft Corporation, 2009,06,17,28, C:2009-06-25 09:34 M:2009-06-17 20:13]
    F:\电脑安全区域\KSM2.0\SCOM.dll  [(Verified)Kingsoft Corporation, 2009,06,17,28, C:2009-06-25 09:34 M:2009-06-17 20:13]
    C:\Program Files\Common Files\Kingsoft\CommonService_Beta\kxecore\kxelog.dll  [(Verified)Kingsoft Corporation, 2009,06,17,28, C:2009-06-25 09:34 M:2009-06-17 20:13]
    C:\Program Files\Common Files\Kingsoft\CommonService_Beta\kxecore\kxecore.dll  [(Verified)Kingsoft Corporation, 2009,06,17,28, C:2009-06-25 09:34 M:2009-06-17 20:13]
    F:\电脑安全区域\KSM2.0\json.dll  [(Verified)N/A, C:2009-06-25 09:34 M:2009-06-17 20:13]
    F:\电脑安全区域\KSM2.0\kscanner.dll  [Kingsoft Corporation, 2009, 4, 21, 336, C:2009-06-25 09:34 M:2009-06-04 17:31]
    F:\电脑安全区域\KSM2.0\bcdll.dll  [(Verified)Copyright (C) 2008, 2008, 11, 17, 1, C:2009-06-25 09:34 M:2009-06-04 17:31]

[PID: 1208 / Administrator]   C:\WINDOWS\Explorer.EXE   [(Verified)Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234), C:2004-08-17 12:00 M:2007-06-13 21:21]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    c:\documents and settings\administrator\application data\ppstream\bin\1.0.0.2\vodrc.dll  [ppstream.com, 1.0.0.2, C:2008-07-02 09:22 M:2007-09-12 16:43]
    C:\Program Files\Kingsoft\KSWebShieldSVC\kswebshield.dll  [(Verified)Kingsoft Corporation, 2009,06,16,134, C:2009-06-25 09:35 M:2009-06-17 09:16]
    C:\Program Files\360safe\safemon\safemon.dll  [(Verified)360.CN, 5, 0, 0, 1012, C:2008-05-27 18:20 M:2009-06-12 21:30]
    C:\Program Files\WinRAR\rarext.dll  [N/A, C:2008-02-02 02:17 M:2007-09-21 16:56]
    C:\Program Files\NamiRobot\Data\NamipanExt1.dll  [N/A, C:2008-06-17 13:59 M:2008-06-17 13:59]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:1980-01-01 00:00 M:2005-07-27 22:56]

[PID: 1244 / SYSTEM]   C:\WINDOWS\system32\spoolsv.exe   [(Verified)Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519), C:2004-08-17 12:00 M:2005-06-11 07:53]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]

[PID: 1324 / LOCAL SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]

[PID: 1384 / SYSTEM]   C:\Program Files\Common Files\Kingsoft\CommonService_Beta\kxeserv.exe   [(Verified)Kingsoft Corporation, 2009,06,17,28, C:2009-06-25 09:34 M:2009-06-17 20:13]
    C:\Program Files\Common Files\Kingsoft\CommonService_Beta\MSVCP80.dll  [Microsoft Corporation, 8.00.50727.762, C:2009-06-25 09:34 M:2009-06-18 16:24]
    C:\Program Files\Common Files\Kingsoft\CommonService_Beta\MSVCR80.dll  [Microsoft Corporation, 8.00.50727.762, C:2009-06-25 09:34 M:2009-06-18 16:24]
    C:\Program Files\Common Files\Kingsoft\CommonService_Beta\json.dll  [(Verified)N/A, C:2009-06-25 09:34 M:2009-06-17 20:13]
    C:\Program Files\Common Files\Kingsoft\CommonService_Beta\scom.dll  [(Verified)Kingsoft Corporation, 2009,06,17,28, C:2009-06-25 09:34 M:2009-06-17 20:13]
    C:\Program Files\Common Files\Kingsoft\CommonService_Beta\kxebase.dll  [(Verified)Kingsoft Corporation, 2009,06,17,28, C:2009-06-25 09:34 M:2009-06-17 20:13]
    C:\Program Files\Common Files\Kingsoft\CommonService_Beta\kxecore\kxelog.dll  [(Verified)Kingsoft Corporation, 2009,06,17,28, C:2009-06-25 09:34 M:2009-06-17 20:13]
    C:\Program Files\Common Files\Kingsoft\CommonService_Beta\kxecore\kxecore.dll  [(Verified)Kingsoft Corporation, 2009,06,17,28, C:2009-06-25 09:34 M:2009-06-17 20:13]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\Program Files\Common Files\Kingsoft\CommonService_Beta\kxecore\kxestat.dll  [(Verified)Kingsoft Corporation, 2009,06,17,28, C:2009-06-25 09:34 M:2009-06-17 20:42]

[PID: 1588 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\Program Files\Kingsoft\KSWebShieldSVC\kswebshield.dll  [(Verified)Kingsoft Corporation, 2009,06,16,134, C:2009-06-25 09:35 M:2009-06-17 09:16]

[PID: 1680 / SYSTEM]   D:\MSDESP3\Mssql\BinnMSSQL\Binn\sqlservr.exe   [Microsoft Corporation, 2000.080.0760.00, C:2002-12-17 17:26 M:2002-12-17 17:26]
    D:\MSDESP3\Mssql\BinnMSSQL\Binn\OPENDS60.DLL  [Microsoft Corporation, 2000.080.0194.00, C:2002-12-17 17:24 M:2002-12-17 17:24]
    D:\MSDESP3\Mssql\BinnMSSQL\Binn\UMS.DLL  [Microsoft Corporation, 2000.080.0760.00, C:2002-12-17 17:25 M:2002-12-17 17:25]
    D:\MSDESP3\Mssql\BinnMSSQL\Binn\SQLSORT.DLL  [Microsoft Corporation, 2000.080.0760.00, C:2002-12-17 17:25 M:2002-12-17 17:25]
    D:\MSDESP3\Mssql\BinnMSSQL\Binn\Resources\1033\sqlevn70.RLL  [Microsoft Corporation, 2000.080.0760.00, C:2002-12-17 17:22 M:2002-12-17 17:22]
    D:\MSDESP3\Mssql\BinnMSSQL\Binn\SSNETLIB.dll  [Microsoft Corporation, 2000.080.0766.00, C:2003-02-19 00:47 M:2003-02-19 00:47]
    D:\MSDESP3\Mssql\BinnMSSQL\Binn\SSNMPN70.dll  [Microsoft Corporation, 2000.080.0534.00, C:2002-12-17 17:25 M:2002-12-17 17:25]
    D:\MSDESP3\Mssql\BinnMSSQL\Binn\SSmsLPCn.dll  [Microsoft Corporation, 2000.080.0760.00, C:2002-12-17 17:25 M:2002-12-17 17:25]

[PID: 1884 / SYSTEM]   C:\WINDOWS\system32\r_server.exe   [Software and all its components Copyright ? 1999-2004 Dmitri Znosko. All rights reserved., 2, 2, 0, 0, C:2008-10-15 13:21 M:2004-06-16 21:59]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\Program Files\Kingsoft\KSWebShieldSVC\kswebshield.dll  [(Verified)Kingsoft Corporation, 2009,06,16,134, C:2009-06-25 09:35 M:2009-06-17 09:16]

[PID: 1980 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\WINDOWS\system32\BrWia04b.dll  [(Verified)Brother Industries, Ltd., 3.0.6.0 built by: WinDDK, C:2008-07-02 09:56 M:2004-11-02 20:19]
    C:\WINDOWS\system32\BrUSi04b.dll  [(Verified)Brother Industries, Ltd., 1, 0, 0, 1, C:2008-07-02 09:56 M:2004-09-21 12:11]

[PID: 1584 / SYSTEM]   C:\WINDOWS\system32\wuauclt.exe   [(Verified)Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740), C:2006-11-07 01:31 M:2007-07-30 19:19]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]

[PID: 2000 / Administrator]   C:\WINDOWS\system32\ctfmon.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\Program Files\Kingsoft\KSWebShieldSVC\kswebshield.dll  [(Verified)Kingsoft Corporation, 2009,06,16,134, C:2009-06-25 09:35 M:2009-06-17 09:16]

[PID: 1612 / Administrator]   C:\Program Files\PPStream\ppsap.exe   [(Verified)PPStream Inc, 1, 0, 11, 139, C:2008-07-02 10:15 M:2008-08-07 15:31]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\Program Files\Kingsoft\KSWebShieldSVC\kswebshield.dll  [(Verified)Kingsoft Corporation, 2009,06,16,134, C:2009-06-25 09:35 M:2009-06-17 09:16]
    G:\新建文件夹\PPStream\vodnet.dll  [(Verified)PPStream Inc., 1, 0, 11, 218, C:2009-05-11 11:19 M:2009-05-11 11:19]
    G:\新建文件夹\PPStream\vodres.dll  [(Verified)PPStream Inc., 1, 0, 11, 218, C:2009-05-11 11:19 M:2009-05-11 11:19]
    G:\新建文件夹\PPStream\ppssg.dll  [(Verified)PPStream Inc., 1, 0, 11, 192, C:2009-02-23 11:55 M:2009-02-23 11:55]
    G:\新建文件夹\PPStream\fds.dll  [(Verified)PPStream Inc., 1, 0, 0, 101, C:2009-03-18 17:42 M:2009-03-18 17:42]

[PID: 1860 / Administrator]   C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe   [Microsoft Corporation, 2000.080.0760.00, C:2002-12-17 17:23 M:2002-12-17 17:23]
    C:\Program Files\Microsoft SQL Server\80\Tools\Binn\W95SCM.dll  [Microsoft Corporation, 2000.080.0760.00, C:2002-12-17 17:25 M:2002-12-17 17:25]
    C:\Program Files\Microsoft SQL Server\80\Tools\Binn\SQLSVC.dll  [Microsoft Corporation, 2000.080.0760.00, C:2002-12-17 17:25 M:2002-12-17 17:25]
    C:\Program Files\Microsoft SQL Server\80\Tools\Binn\SQLRESLD.dll  [Microsoft Corporation, 2000.080.0382.00, C:2002-12-17 17:25 M:2002-12-17 17:25]
    C:\Program Files\Microsoft SQL Server\80\Tools\Binn\Resources\1033\SQLSVC.RLL  [Microsoft Corporation, 2000.080.0194.00, C:2000-08-06 01:50 M:2000-08-06 01:50]
    C:\Program Files\Microsoft SQL Server\80\Tools\Binn\Resources\1033\sqlmangr.RLL  [Microsoft Corporation, 2000.080.0194.00, C:2000-08-06 01:50 M:2000-08-06 01:50]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\Program Files\Kingsoft\KSWebShieldSVC\kswebshield.dll  [(Verified)Kingsoft Corporation, 2009,06,16,134, C:2009-06-25 09:35 M:2009-06-17 09:16]

[PID: 2256 / Administrator]   F:\电脑安全区域\arswp\ArSwp.exe   [(Verified)ArSwp.com, 2, 8, 2, 1115, C:2009-06-25 08:54 M:2008-11-15 11:58]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\Program Files\360safe\safemon\safemon.dll  [(Verified)360.CN, 5, 0, 0, 1012, C:2008-05-27 18:20 M:2009-06-12 21:30]
    C:\Program Files\Kingsoft\KSWebShieldSVC\kswebshield.dll  [(Verified)Kingsoft Corporation, 2009,06,16,134, C:2009-06-25 09:35 M:2009-06-17 09:16]
    c:\documents and settings\administrator\application data\ppstream\bin\1.0.0.2\vodrc.dll  [ppstream.com, 1.0.0.2, C:2008-07-02 09:22 M:2007-09-12 16:43]
    F:\电脑安全区域\arswp\plugin\ArFix.dll  [(Verified)ArSwp.Com, 2, 5, 0, 0, C:2009-06-25 08:54 M:2007-11-28 15:19]


========================================
文件关联



========================================
AutoRun.INF



========================================
Winsock提供者



========================================
HOSTS

    127.0.0.1 localhost


[/CODE]