[CODE]

2009-07-24,15:40:57

SysLog Scanner 1.0 - build 20080726
Arswp (http://www.arswp.com)

Windows XP Professional Service Pack 2 (build 2600) - Administrators



========================================
注册项

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\windows\system32\ctfmon.exe>  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2008-01-23 12:29 M:2004-08-17 20:00]
    <Super Rabbit Desktop Show><D:\system\MagicSet\SRDShow.exe /load>  [Super Rabbit, 3.0.0.0, C:2008-02-02 21:13 M:2008-02-27 09:31]
    <DAEMON Tools Lite><"D:\system\DAEMON Tools Lite\daemon.exe" -autorun>  [(Verified)DT Soft Ltd, 4.30.1.0, C:2008-07-24 23:02 M:2008-07-24 23:02]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <amd_dc_opt><C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe>  [AMD, 1, 1, 1, 0, C:2006-11-17 16:49 M:2006-11-17 16:49]
    <RTHDCPL><RTHDCPL.EXE>  [(Verified)Realtek Semiconductor Corp., 2.1.3.2, C:2008-01-23 13:08 M:2007-04-12 17:33]
    <Alcmtr><ALCMTR.EXE>  [(Verified)Realtek Semiconductor Corp., 1.6.0.2, C:2008-01-23 13:08 M:2005-05-03 18:43]
    <KVMON><; "D:\system\JiangMin\Antivirus\KVMonXP.kxp">  []
    <SunJavaUpdateSched><; "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe">  [(Verified)Sun Microsystems, Inc., 6.0.70.6, C:2009-05-16 22:34 M:2008-06-10 04:27]
    <360Safetray><"C:\Program Files\360safe\safemon\360tray.exe" /start>  [(Verified)360安全中心, 5, 2, 0, 1008, C:2009-07-15 18:54 M:2009-07-15 18:54]
    <360Safebox><"C:\Program Files\360safebox\safeboxTray.exe" /r>  [(Verified)360安全中心, 2, 5, 2, 1009, C:2009-07-13 05:23 M:2009-07-13 05:23]
    <RavTray><"C:\Program Files\Rising\Rav\RsTray.exe" -system>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22, C:2009-07-18 17:04 M:2009-07-14 15:42]
    <Adobe Reader Speed Launcher><"D:\Study\Abode Reader\Reader\Reader_sl.exe">  [(Verified)Adobe Systems Incorporated, 9.1.0.2009022700, C:2009-02-27 17:10 M:2009-02-27 17:10]
    <Grid Service><; "C:\Program Files\GridService\peer.exe" -n Grid>  [FS2YOU, 2, 1, 10, 8242, C:2008-08-29 15:29 M:2008-08-29 15:29]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><C:\windows\system32\a4rxQxCvNBMNnpqs.dll,>  [N/A, C:2009-07-24 10:00 M:2009-07-24 10:00]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><D:\system\logonxp2exe\logonxp2exe\LogonUI\All_Night_Long_Wide.exe>  [LOGONUI, 6.00.2600.0000 (xpclient.010817-1148), C:2009-01-01 23:39 M:2006-02-26 22:02]

[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\windows\system32\星夜焰火.scr>  [N/A, C:1999-10-24 22:54 M:1999-10-24 22:54]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{69B265A2-A172-4D27-BDF1-917E6D8B1DCC}><C:\windows\fonts\jUxfqJDwmfQEHcy2.fon>  [N/A, C:2009-07-24 09:56 M:2009-07-24 09:56]
    <{762D618C-E2CB-4217-8275-03302A93073F}><C:\windows\fonts\zEfE48cw9EmcFaR.fon>  [N/A, C:2009-07-24 09:56 M:2009-07-24 09:56]
    <{AB900155-F1F0-4165-9E73-67BC13BBCE89}><C:\windows\system32\xg4hAPNygs29.dll>  [N/A, C:2009-07-24 09:56 M:2009-07-24 09:56]
    <{9726072A-8039-4958-B609-565CF7A16B38}><C:\windows\system32\JPccCJnKygDdp3.dll>  [N/A, C:2009-07-24 09:57 M:2009-07-24 09:57]
    <{A0C86020-5935-4B87-B20E-0B656D450264}><C:\windows\system32\A0C86020.dll>  [N/A, C:2009-07-24 09:57 M:2009-07-24 09:57]
    <{4F5EEDE5-1687-49D2-8A17-FF0B454FB37B}><C:\windows\system32\qzp3jTZCSfSh.dll>  [N/A, C:2009-07-24 09:57 M:2009-07-24 09:57]
    <{37C5D66A-8B1B-4545-8112-3751194F6A4A}><C:\windows\system32\taNjsFa2tT2Dh.dll>  [N/A, C:2009-07-24 09:57 M:2009-07-24 09:57]
    <{704C3595-DB85-40F6-A601-8D6F346907BD}><C:\windows\system32\704C3595.dll>  [N/A, C:2009-07-24 09:58 M:2009-07-24 09:58]
    <{36AC68E6-0C26-4D39-B98E-54B49DAB6BAA}><C:\windows\system32\dhDhwS7fFW.dll>  [N/A, C:2009-07-24 09:58 M:2009-07-24 09:58]
    <{93DA1E7D-7C46-4F90-8674-EC90511FCA72}><C:\windows\system32\CDuAUVkGy9.dll>  [N/A, C:2009-07-24 09:58 M:2009-07-24 09:58]
    <{E4814792-EFA3-4C20-93D0-8B130A59F9A8}><C:\windows\system32\E4814792.dll>  [N/A, C:2009-07-24 09:58 M:2009-07-24 09:58]
    <{7A6359F5-6882-4FE9-B1CB-3130860BE4F3}><C:\windows\system32\BbXhGSfTsBbxT83aR.dll>  [N/A, C:2009-07-24 09:59 M:2009-07-24 09:59]
    <{23DA65D2-C696-4EE4-BEE8-B4841DEC3E30}><C:\windows\system32\ndxq9awMc.dll>  [N/A, C:2009-07-24 09:59 M:2009-07-24 09:59]
    <{CEBB8F8A-308B-43E9-9789-B6FD6BE1BD97}><C:\windows\system32\v54M9wWBuNGTf2m.dll>  [N/A, C:2009-07-24 09:59 M:2009-07-24 09:59]
    <{0623DE09-E49D-4695-AA24-88BA7B58A395}><C:\windows\fonts\xPjWNGd8cERq.fon>  [N/A, C:2009-07-24 09:59 M:2009-07-24 09:59]
    <{76B9BA7A-81D0-4979-8598-8471F2AB5186}><C:\windows\system32\76B9BA7A.dll>  [N/A, C:2009-07-24 09:59 M:2009-07-24 09:59]
    <{38FEFE05-702C-440D-AD5C-B796209A1CC5}><C:\windows\system32\Y4npJWJNr.dll>  [N/A, C:2009-07-24 10:00 M:2009-07-24 10:00]
    <{A761BE8E-C15A-4DDD-A777-2C683E9E96C8}><C:\windows\system32\a4rxQxCvNBMNnpqs.dll>  [N/A, C:2009-07-24 10:00 M:2009-07-24 10:00]
    <{E0528BDA-C850-4F23-93E4-7F907C1EF30E}><C:\windows\system32\BRv8dETwEzcN.dll>  [N/A, C:2009-07-24 10:00 M:2009-07-24 10:00]
    <{15882A2F-A06D-486E-8958-E84C86CBF273}><C:\windows\fonts\fyrwJf5Qfhh.fon>  [N/A, C:2009-07-24 10:00 M:2009-07-24 10:00]
    <{08223B03-1B38-4A33-A83A-A4D3CC1D6E4E}><C:\windows\system32\08223B03.dll>  [N/A, C:2009-07-24 10:01 M:2009-07-24 10:01]
    <{CD95107F-52A5-42A4-9914-18949993E798}><C:\windows\fonts\tY5UFS434YYd.fon>  [N/A, C:2009-07-24 10:01 M:2009-07-24 10:01]
    <{122B901E-493F-4AD9-BC69-7DE8C3E52FCC}><C:\windows\system32\122B901E.dll>  [N/A, C:2009-07-24 10:01 M:2009-07-24 10:01]
    <{DA112397-5376-4E52-A333-A85284658DEA}><C:\windows\fonts\NPPVWvYEyCe8H.fon>  [N/A, C:2009-07-24 10:01 M:2009-07-24 10:01]
    <{91F5C9DB-ACD1-4812-BAB9-6F5AE433930A}><C:\windows\fonts\MbsV2QQJe.fon>  [N/A, C:2009-07-24 10:02 M:2009-07-24 10:02]
    <{76CBCF38-0583-44C7-A1AE-D463DFE625EC}><C:\windows\system32\skcfujQ5EDN.dll>  [N/A, C:2009-07-24 10:02 M:2009-07-24 10:02]
    <{F8C6B7B5-DAE0-4B78-BF2A-101C9A9CCA27}><C:\windows\system32\Va7SpUWgCA5f.dll>  [N/A, C:2009-07-24 10:02 M:2009-07-24 10:02]
    <{822775B8-E45B-4E55-9325-0753A0C1DC00}><C:\windows\system32\wdGSVBqAs3Xk.dll>  [N/A, C:2009-07-24 10:02 M:2009-07-24 10:02]
    <{EA25F4E7-8B67-452A-B9DD-B38C526250D3}><C:\windows\fonts\Q9UnbAWWNuSv4.fon>  [N/A, C:2009-07-24 10:03 M:2009-07-24 10:03]
    <{0A2D7F10-1153-4061-AA4B-ACB870212B57}><C:\windows\system32\z5WRXqHagksJxWt.dll>  [N/A, C:2009-07-24 10:03 M:2009-07-24 10:03]
    <{50EBD6A5-0CF6-4E59-AE08-CCD991AA0596}><C:\windows\system32\GU6f5sW42mdc.dll>  [N/A, C:2009-07-24 10:03 M:2009-07-24 10:03]
    <{C8417122-386F-48C7-8900-C82E4694FEBC}><C:\Documents and Settings\Administrator\Application Data\Spy009.dll>  [N/A, C:2009-07-24 10:06 M:2009-07-24 10:06]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&U使用纳米机器人下载并收藏]
    <><d:\Network\NamiRobot\Data\du.html>  [N/A, C:2008-06-17 13:59 M:2008-06-17 13:59]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&使用BitComet下载]
    <><res://D:\Network\Bitcomet\BitComet.exe/AddLink.htm>  []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&使用BitComet下载全部链接]
    <><res://D:\Network\Bitcomet\BitComet.exe/AddAllLink.htm>  []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&使用BitComet下载本页视频]
    <><res://D:\Network\Bitcomet\BitComet.exe/AddVideo.htm>  []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&使用超级旋风下载]
    <><D:\Network\qqdown\geturl.htm>  [N/A, C:2008-11-21 15:47 M:2008-11-21 15:47]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&使用超级旋风下载全部链接]
    <><D:\Network\qqdown\getAllurl.htm>  [N/A, C:2008-11-21 15:47 M:2008-11-21 15:47]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&使用超级旋风下载本页视频]
    <><D:\Network\qqdown\geturlflv.htm>  [N/A, C:2008-09-27 18:34 M:2008-09-27 18:34]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用快车3下载]
    <><C:\Documents and Settings\Administrator\Application Data\FlashGetBHO\GetUrl.htm>  [N/A, C:2008-09-27 16:36 M:2008-09-27 16:36]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用快车3下载全部链接]
    <><C:\Documents and Settings\Administrator\Application Data\FlashGetBHO\GetAllUrl.htm>  [N/A, C:2008-09-27 16:36 M:2008-09-27 16:36]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用网际快车下载]
    <><D:\Network\flashgetspec\jc_link.htm>  [N/A, C:2009-05-16 17:50 M:2006-10-27 11:43]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用网际快车下载全部链接]
    <><D:\Network\flashgetspec\jc_all.htm>  [N/A, C:2009-05-16 17:50 M:2000-02-06 11:06]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载]
    <><D:\Network\Thunder5spec\Program\GetUrl.htm>  [N/A, C:2009-06-30 23:01 M:2009-06-30 23:01]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载全部链接]
    <><D:\Network\Thunder5spec\Program\GetAllUrl.htm>  [N/A, C:2009-06-30 23:01 M:2009-06-30 23:01]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\导出到 Microsoft Office Excel(&X)]
    <><res://D:\system\Office\OFFICE11\EXCEL.EXE/3000>  []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\导出当前页到超星阅览器(&A)]
    <><D:\Study\SSREADER36\SSREADER36\ss_all.htm>  [N/A, C:2009-05-13 00:06 M:2002-12-19 09:56]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\导出选中部分到超星阅览器(&S)]
    <><D:\Study\SSREADER36\SSREADER36\ss_select.htm>  [N/A, C:2009-05-13 00:06 M:2002-12-19 09:56]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\添加到QQ表情]
    <><D:\Network\QQ\QQ\Bin\AddEmotion.htm>  [N/A, C:2009-07-19 00:28 M:2009-07-19 00:28]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\通过网易邮箱发送]
    <><D:\Network\网易闪电邮\闪电邮\getcontent.htm>  [N/A, C:2008-12-04 10:55 M:2008-12-04 10:55]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    <WinlogonNotify: AtiExtEvent><Ati2evxx.dll>  [(Verified)ATI Technologies Inc., 6.14.10.4178, C:2007-06-27 09:50 M:2009-02-26 05:29]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    <WinlogonNotify: WgaLogon><WgaLogon.dll>  [Microsoft Corporation, 1.7.0018.1, C:2008-01-23 12:29 M:2007-02-28 20:29]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2004-08-17 20:00|(Verified)Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339), C:2008-01-23 12:28 M:2009-03-08 04:32|(Verified)N/A, C:2008-01-23 12:29 M:2004-08-17 20:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2004-08-17 20:00|(Verified)Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339), C:2008-01-23 12:28 M:2009-03-08 04:32|(Verified)N/A, C:2006-11-02 23:38 M:2006-11-02 23:38]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{6096E38F-5AC1-4391-8EC4-75DFA92FB32F}]
    <番茄花园><http://www.tomatolei.com>  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{95B3F550-91C4-4627-BCC4-521288C52977}]
    <PPLive><D:\Entertainment\PPLive\PPLive.exe>  [(Verified)N/A, C:2008-10-31 08:47 M:2008-09-26 18:13]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{D6E814A0-E0C5-11d4-8D29-0050BA6940E3}]
    <FlashGet><D:\NETWORK\FLASHG~2\flashget.exe>  [FlashGet.com, 1, 7, 3, 0, C:2009-05-16 17:50 M:2006-09-11 17:01]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A}]
    <BitComet><res://D:\Network\Bitcomet\tools\BitCometBHO_1.3.3.2.dll/206>  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MenuExt\添加到QQ表情]
    <><D:\Network\QQ\QQ\Bin\AddEmotion.htm>  [N/A, C:2009-07-19 00:28 M:2009-07-19 00:28]


========================================
启动项

[360tray]
    <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\360tray.lnk --> "C:\Program Files\360safe\safemon\360tray.exe"  > [(Verified)360安全中心, 5, 2, 0, 1008, C:2009-07-15 18:54 M:2009-07-15 18:54]


========================================
计划任务

[SogouImeMgr.job]
    <C:\windows\tasks\SogouImeMgr.job --> "D:\system\SOGOUI~1\422~1.273\PinyinRepair.exe" /S > [(Verified)Sogou.com Inc., 4.2.2.2732, C:2009-06-19 20:03 M:2009-06-19 20:03]


========================================
组件


ShellExecuteHook
[]
    {69B265A2-A172-4D27-BDF1-917E6D8B1DCC}  <C:\windows\fonts\jUxfqJDwmfQEHcy2.fon>  [N/A, C:2009-07-24 09:56 M:2009-07-24 09:56]
[]
    {762D618C-E2CB-4217-8275-03302A93073F}  <C:\windows\fonts\zEfE48cw9EmcFaR.fon>  [N/A, C:2009-07-24 09:56 M:2009-07-24 09:56]
[]
    {AB900155-F1F0-4165-9E73-67BC13BBCE89}  <C:\windows\system32\xg4hAPNygs29.dll>  [N/A, C:2009-07-24 09:56 M:2009-07-24 09:56]
[]
    {9726072A-8039-4958-B609-565CF7A16B38}  <C:\windows\system32\JPccCJnKygDdp3.dll>  [N/A, C:2009-07-24 09:57 M:2009-07-24 09:57]
[]
    {A0C86020-5935-4B87-B20E-0B656D450264}  <C:\windows\system32\A0C86020.dll>  [N/A, C:2009-07-24 09:57 M:2009-07-24 09:57]
[]
    {4F5EEDE5-1687-49D2-8A17-FF0B454FB37B}  <C:\windows\system32\qzp3jTZCSfSh.dll>  [N/A, C:2009-07-24 09:57 M:2009-07-24 09:57]
[]
    {37C5D66A-8B1B-4545-8112-3751194F6A4A}  <C:\windows\system32\taNjsFa2tT2Dh.dll>  [N/A, C:2009-07-24 09:57 M:2009-07-24 09:57]
[]
    {704C3595-DB85-40F6-A601-8D6F346907BD}  <C:\windows\system32\704C3595.dll>  [N/A, C:2009-07-24 09:58 M:2009-07-24 09:58]
[]
    {36AC68E6-0C26-4D39-B98E-54B49DAB6BAA}  <C:\windows\system32\dhDhwS7fFW.dll>  [N/A, C:2009-07-24 09:58 M:2009-07-24 09:58]
[]
    {93DA1E7D-7C46-4F90-8674-EC90511FCA72}  <C:\windows\system32\CDuAUVkGy9.dll>  [N/A, C:2009-07-24 09:58 M:2009-07-24 09:58]
[]
    {E4814792-EFA3-4C20-93D0-8B130A59F9A8}  <C:\windows\system32\E4814792.dll>  [N/A, C:2009-07-24 09:58 M:2009-07-24 09:58]
[]
    {7A6359F5-6882-4FE9-B1CB-3130860BE4F3}  <C:\windows\system32\BbXhGSfTsBbxT83aR.dll>  [N/A, C:2009-07-24 09:59 M:2009-07-24 09:59]
[]
    {23DA65D2-C696-4EE4-BEE8-B4841DEC3E30}  <C:\windows\system32\ndxq9awMc.dll>  [N/A, C:2009-07-24 09:59 M:2009-07-24 09:59]
[]
    {CEBB8F8A-308B-43E9-9789-B6FD6BE1BD97}  <C:\windows\system32\v54M9wWBuNGTf2m.dll>  [N/A, C:2009-07-24 09:59 M:2009-07-24 09:59]
[]
    {0623DE09-E49D-4695-AA24-88BA7B58A395}  <C:\windows\fonts\xPjWNGd8cERq.fon>  [N/A, C:2009-07-24 09:59 M:2009-07-24 09:59]
[]
    {76B9BA7A-81D0-4979-8598-8471F2AB5186}  <C:\windows\system32\76B9BA7A.dll>  [N/A, C:2009-07-24 09:59 M:2009-07-24 09:59]
[]
    {38FEFE05-702C-440D-AD5C-B796209A1CC5}  <C:\windows\system32\Y4npJWJNr.dll>  [N/A, C:2009-07-24 10:00 M:2009-07-24 10:00]
[]
    {A761BE8E-C15A-4DDD-A777-2C683E9E96C8}  <C:\windows\system32\a4rxQxCvNBMNnpqs.dll>  [N/A, C:2009-07-24 10:00 M:2009-07-24 10:00]
[]
    {E0528BDA-C850-4F23-93E4-7F907C1EF30E}  <C:\windows\system32\BRv8dETwEzcN.dll>  [N/A, C:2009-07-24 10:00 M:2009-07-24 10:00]
[]
    {15882A2F-A06D-486E-8958-E84C86CBF273}  <C:\windows\fonts\fyrwJf5Qfhh.fon>  [N/A, C:2009-07-24 10:00 M:2009-07-24 10:00]
[]
    {08223B03-1B38-4A33-A83A-A4D3CC1D6E4E}  <C:\windows\system32\08223B03.dll>  [N/A, C:2009-07-24 10:01 M:2009-07-24 10:01]
[]
    {CD95107F-52A5-42A4-9914-18949993E798}  <C:\windows\fonts\tY5UFS434YYd.fon>  [N/A, C:2009-07-24 10:01 M:2009-07-24 10:01]
[]
    {122B901E-493F-4AD9-BC69-7DE8C3E52FCC}  <C:\windows\system32\122B901E.dll>  [N/A, C:2009-07-24 10:01 M:2009-07-24 10:01]
[]
    {DA112397-5376-4E52-A333-A85284658DEA}  <C:\windows\fonts\NPPVWvYEyCe8H.fon>  [N/A, C:2009-07-24 10:01 M:2009-07-24 10:01]
[]
    {91F5C9DB-ACD1-4812-BAB9-6F5AE433930A}  <C:\windows\fonts\MbsV2QQJe.fon>  [N/A, C:2009-07-24 10:02 M:2009-07-24 10:02]
[]
    {76CBCF38-0583-44C7-A1AE-D463DFE625EC}  <C:\windows\system32\skcfujQ5EDN.dll>  [N/A, C:2009-07-24 10:02 M:2009-07-24 10:02]
[]
    {F8C6B7B5-DAE0-4B78-BF2A-101C9A9CCA27}  <C:\windows\system32\Va7SpUWgCA5f.dll>  [N/A, C:2009-07-24 10:02 M:2009-07-24 10:02]
[]
    {822775B8-E45B-4E55-9325-0753A0C1DC00}  <C:\windows\system32\wdGSVBqAs3Xk.dll>  [N/A, C:2009-07-24 10:02 M:2009-07-24 10:02]
[]
    {EA25F4E7-8B67-452A-B9DD-B38C526250D3}  <C:\windows\fonts\Q9UnbAWWNuSv4.fon>  [N/A, C:2009-07-24 10:03 M:2009-07-24 10:03]
[]
    {0A2D7F10-1153-4061-AA4B-ACB870212B57}  <C:\windows\system32\z5WRXqHagksJxWt.dll>  [N/A, C:2009-07-24 10:03 M:2009-07-24 10:03]
[]
    {50EBD6A5-0CF6-4E59-AE08-CCD991AA0596}  <C:\windows\system32\GU6f5sW42mdc.dll>  [N/A, C:2009-07-24 10:03 M:2009-07-24 10:03]
[]
    {C8417122-386F-48C7-8900-C82E4694FEBC}  <C:\Documents and Settings\Administrator\Application Data\Spy009.dll>  [N/A, C:2009-07-24 10:06 M:2009-07-24 10:06]

Shell Extension
[Display Panning CPL Extension]
    {42071714-76d4-11d1-8b24-00a0c9068ff3}  <deskpan.dll>  []
[HyperTerminal Icon Ext]
    {88895560-9AA2-1069-930E-00AA0030EBC8}  <C:\WINDOWS\system32\hticons.dll>  [(Verified)Hilgraeve, Inc., 5.1.2600.0, C:2008-01-23 12:38 M:2004-08-17 20:00]
[EncryptFile]
    {D55189EB-2826-4834-8E59-582B05CA99CA}  <D:\system\Wopti\WoptiEncryptModule.dll>  [(Verified)共软网络, 1.0.8.103, C:2008-02-23 19:45 M:2008-01-03 13:51]
[7-Zip Shell Extension]
    {23170F69-40C1-278A-1000-000100020000}  <D:\system\7-Zip\7-zip.dll>  [Igor Pavlov, 4.57, C:2007-12-06 16:32 M:2007-12-06 16:32]
[EditPlus 3]
    {36D94110-787C-4828-9C1B-0DAFEBC36069}  <d:\study\EditPlus 3\eppshell.dll>  [(Verified)N/A, C:2008-05-18 18:26 M:2008-04-11 18:43]
[诺基亚手机浏览器]
    {416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A}  <D:\Entertainment\Nokia\Nokia PC Suite 7\phonebrowser.dll>  [Nokia, 7, 0, 103, 0, C:2008-05-21 10:54 M:2008-05-21 10:54]
[WinRAR shell extension]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <D:\system\WinRAR\rarext.dll>  [N/A, C:2008-09-30 21:14 M:2008-09-30 21:14]
[Catalyst Context Menu extension]
    {5E2121EE-0300-11D4-8D3B-444553540000}  <C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll>  [Advanced Micro Devices, Inc., 6.14.10.2001, C:2009-02-25 15:39 M:2009-02-25 15:39]
[SimpleShlExt extension]
    {B785994F-F9F2-4aca-898B-A558904D03FB}  <C:\Program Files\Turbo Squid Tentacles\SaveToTentacles32.dll>  [Copyright 2000, 1, 0, 0, 1, C:2007-08-30 10:27 M:2007-08-30 10:27]
[RISING]
    {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}  <C:\windows\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-07-18 17:04 M:2009-07-14 15:42]
[FileTime Shell Extension]
    {3FCEF010-09A4-11D4-8D3B-D12F9D3D8B02}  <D:\Entertainment\杂志制作大师\ZmpShlPage.dll>  [www.zcom.com, 1.1.0.0, C:2009-04-28 16:51 M:2009-04-28 16:51]
[CTxtInfoShlExt extension]
    {F4D78AE1-05AB-11D4-8D3B-444553540000}  <D:\Entertainment\杂志制作大师\ZmpInfoTip.dll>  [www.zcom.com, 1, 0, 0, 1, C:2008-12-26 18:12 M:2008-12-26 18:12]

Protocols
[]
    {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC}  <C:\WINDOWS\system32\KuGoo3DownXControl.ocx>  [酷狗, 5.2.4.4, C:2008-01-27 16:09 M:2008-11-11 21:31]

BrowserHelperObject
[QQCycloneHelper Class]
    {00000000-12C9-4305-82F9-43058F20E8D2}  <D:\Network\qqdown\QQIEHelper01.dll>  [(Verified)Tencent Technology (Shenzhen) Company Limited, 1, 9, 266, 266, C:2008-03-06 14:36 M:2008-03-06 14:36]
[SSVHelper Class]
    {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}  <C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll>  [(Verified)Sun Microsystems, Inc., 6.0.70.6, C:2009-05-16 22:34 M:2008-06-10 04:27]
[FlashGetBHO]
    {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0}  <C:\Documents and Settings\Administrator\Application Data\FlashGetBHO\FlashGetBHO3.dll>  [(Verified)FlashGet, 2, 5, 0, 1038, C:2009-04-28 11:13 M:2009-04-28 11:13]
[SafeMon Class]
    {B69F34DD-F0F9-42DC-9EDD-957187DA688D}  <C:\Program Files\360safe\safemon\safemon.dll>  [(Verified)360.CN, 5, 0, 0, 1020, C:2009-07-15 14:51 M:2009-07-15 14:51]

ToolBar
[FlashGet Bar]
    {E0E899AB-F487-11D5-8D29-0050BA6940E3}  <D:\NETWORK\FLASHG~2\fgiebar.dll>  [Amaze Soft, 1, 2, 0, 0, C:2009-05-16 17:50 M:2005-06-07 11:06]

ActiveX Extension
[QQCycloneHelper Class]
    {00000000-12C9-4305-82F9-43058F20E8D2}  <D:\Network\qqdown\QQIEHelper01.dll>  [(Verified)Tencent Technology (Shenzhen) Company Limited, 1, 9, 266, 266, C:2008-03-06 14:36 M:2008-03-06 14:36]
[ThunderAtOnce Class]
    {01443AEC-0FD1-40FD-9C87-E93D1494C233}  <D:\Network\Thunder5spec\ComDlls\TDAtOnce_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 1.0.5.34, C:2009-06-05 16:57 M:2009-05-04 13:15]
[Adobe PDF Reader Link Helper]
    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}  <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll>  [(Verified)Adobe Systems Incorporated, 9.1.0.2009022700, C:2009-02-27 12:07 M:2009-02-27 12:07]
[Web Browser Applet Control]
    {08B0E5C0-4FCB-11CF-AAA5-00401C608501}  <C:\WINDOWS\system32\msjava.dll>  [Microsoft Corporation, 5.00.3810, C:2008-01-23 12:58 M:2003-02-28 18:26]
[InfosecCertInstall Class]
    {0EB487C8-E9AC-43A6-8C4C-083999B0622F}  <C:\WINDOWS\system32\certInStall.dll>  [Copyright 2002, 1, 0, 0, 1, C:2008-09-09 23:46 M:2007-09-25 14:25]
[IFlashGetNetscapeEx Class]
    {116BA71C-8187-4F15-9A1F-C9D6289155D1}  <C:\Documents and Settings\Administrator\Application Data\FlashGetBHO\FlashGetBHO3.dll>  [(Verified)FlashGet, 2, 5, 0, 1038, C:2009-04-28 11:13 M:2009-04-28 11:13]
[SSReaderPlug]
    {1DE88635-1C72-401E-B23B-93FA86D30F3B}  <C:\WINDOWS\system32\ssreaderplug.dll>  [(Verified)北京超星, 3.0.0.2, C:2007-04-04 17:15 M:2007-04-04 17:15]
[JetCarNetscape Class]
    {2974c985-8151-4de5-b23c-b875f0a8522f}  <C:\Documents and Settings\Administrator\Application Data\FlashGetBHO\FlashGetBHO3.dll>  [(Verified)FlashGet, 2, 5, 0, 1038, C:2009-04-28 11:13 M:2009-04-28 11:13]
[IeCatch5 Class]
    {2F364306-AA45-47B5-9F9D-39A8B94E7EF7}  <D:\NETWORK\FLASHG~2\jccatch.dll>  [FlashGet, 1, 1, 5, 0, C:2009-05-16 17:50 M:2006-05-16 15:19]
[SSReaderPlug Control]
    {3359C0B1-2363-40B3-AFCA-1ABC799AC486}  <C:\WINDOWS\system32\SSREAD~1.OCX>  [CX, 2, 0, 0, 4, C:2006-08-01 15:44 M:2006-08-01 15:44]
[BitComet Helper]
    {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}  <D:\Network\Bitcomet\tools\BitCometBHO_1.3.3.2.dll>  [(Verified)BitComet, 20090302, C:2009-03-02 18:01 M:2009-03-02 18:01]
[GDGetTokenInfo Class]
    {3AA9CF07-DF20-48FF-98BE-DED276E40146}  <C:\WINDOWS\system32\GDREAD~1.DLL>  [Copyright 2007, 1, 0, 0, 2, C:2008-09-09 23:45 M:2007-09-12 22:02]
[Thunder Agent Class]
    {485463B7-8FB2-4B3B-B29B-8B919B0EACCE}  <D:\Network\Thunder5spec\ComDlls\ThunderAgent_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 5.9.3.951, C:2009-07-13 21:11 M:2009-06-30 23:12]
[PowerPlayer Control]
    {5EC7C511-CD0F-42E6-830C-1BD9882F3458}  <D:\ENTERT~1\PPStream\110~1.265\POWERP~1.DLL>  [(Verified)PPStream Inc., 2,3,468,9468, C:2009-04-12 18:01 M:2009-04-12 18:01]
[XMP Class]
    {6483F145-A768-4C41-AACC-52D4D7845851}  <C:\Documents and Settings\All Users.WINDOWS\Application Data\Thunder Network\KanKan\xplayer.dll_1_work>  [深圳市迅雷网络技术有限公司, 2, 1, 9, 102, C:2008-01-27 00:24 M:2009-05-04 13:14]
[XDRM]
    {693571CB-54A3-4E90-9D52-EEAE1334E2D3}  <C:\Documents and Settings\All Users.WINDOWS\Application Data\Thunder Network\KanKan\xdrm.dll_1_work>  [Copyright XunLei 2007, 1, 0, 0, 7, C:2008-01-27 00:24 M:2008-08-04 12:58]
[StormPlayer Object]
    {6BE52E1D-E586-474F-A6E2-1A85A9B4D9FB}  <C:\Program Files\StormII\mps.dll>  [(Verified)北京暴风网际科技有限公司, 3, 9, 5, 4, C:2009-05-04 13:35 M:2009-05-04 13:35]
[WangWangObj Class]
    {6E213FC7-DD5A-4115-B7E6-D4C7838C361E}  <D:\Network\WangWang\WangWangX6.dll>  [(Verified)阿里巴巴软件(上海)有限公司, 1, 0, 0, 5, C:2008-09-12 00:00 M:2008-03-18 12:14]
[AxInputControl Class]
    {73E4740C-08EB-4133-896B-8D0A7C9EE3CD}  <C:\WINDOWS\system32\INPUTC~1.DLL>  [Copyright 2003, 1, 0, 0, 12, C:2008-09-09 23:45 M:2005-07-25 15:51]
[SSVHelper Class]
    {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}  <C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll>  [(Verified)Sun Microsystems, Inc., 6.0.70.6, C:2009-05-16 22:34 M:2008-06-10 04:27]
[MediaComm Class]
    {7670648D-461B-42AF-BDFE-46D26AF5EFF2}  <D:\Network\Thunder5spec\Components\InMedia\MediaAddin.dll>  [Thunder Networking Technologies,LTD, 3, 1, 7, 83, C:2009-06-27 17:01 M:2009-06-27 17:01]
[360SafeLive]
    {87515F61-A66C-4319-A0E0-D416CB8059E3}  <C:\Program Files\360safe\live.dll>  [(Verified)360.cn, 1, 0, 2, 1006, C:2009-07-13 02:03 M:2009-07-13 02:03]
[Thunder Browser Helper]
    {889D2FEB-5411-4565-8998-1DD2C5261283}  <D:\Network\Thunder5spec\ComDlls\xunleiBHO_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 5.9.3.951, C:2009-06-05 16:57 M:2009-06-30 23:12]
[Uploader Class]
    {8B054DFE-79A3-4A6A-9F46-CD2A2F601129}  <C:\WINDOWS\system32\TXGYMailActiveX.dll>  [(Verified)Tencent Inc., 1, 0, 1, 29, C:2008-04-28 15:09 M:2008-04-28 15:09]
[AxSubmitControl Class]
    {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2}  <C:\WINDOWS\system32\SUBMIT~1.DLL>  [Copyright 2003, 1, 0, 0, 5, C:2008-09-09 23:46 M:2005-01-26 00:36]
[OFrameObject Class]
    {9701758C-4373-482E-B13C-776C048EC890}  <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.5903.182.(889).dll>  [(Verified)深圳市迅雷网络技术有限公司, 2, 3, 5903, 182, C:2009-07-13 21:11 M:2009-06-30 23:12]
[VersionDetector Class]
    {9EFF1953-9694-47B1-AEF6-B2A3FE8BFE9B}  <C:\Program Files\Common Files\Thunder Network\KanKan\vd.1.1.0.20.(889).dll>  [(Verified)深圳市迅雷网络技术有限公司, 1, 1, 0, 20, C:2009-07-13 21:11 M:2009-06-30 23:13]
[DapCtrl Class]
    {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8}  <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.5903.182.(889).dll>  [(Verified)深圳市迅雷网络技术有限公司, 2, 3, 5903, 182, C:2009-07-13 21:11 M:2009-06-30 23:12]
[FlashGetBHO]
    {B070D3E3-FEC0-47D9-8E8A-99D4EEB3D3B0}  <C:\Documents and Settings\Administrator\Application Data\FlashGetBHO\FlashGetBHO3.dll>  [(Verified)FlashGet, 2, 5, 0, 1038, C:2009-04-28 11:13 M:2009-04-28 11:13]
[SafeMon Class]
    {B69F34DD-F0F9-42DC-9EDD-957187DA688D}  <C:\Program Files\360safe\safemon\safemon.dll>  [(Verified)360.CN, 5, 0, 0, 1020, C:2009-07-15 14:51 M:2009-07-15 14:51]
[ScreenCapture Class]
    {BFB79EE1-04AE-4D4A-B85E-27EE5F30C095}  <C:\WINDOWS\system32\TXGYMailActiveX.dll>  [(Verified)Tencent Inc., 1, 0, 1, 29, C:2008-04-28 15:09 M:2008-04-28 15:09]
[CSetLET Class]
    {C35D7AE1-0865-4A30-BF07-29FA29324155}  <C:\WINDOWS\system32\GDSetLET.dll>  [Copyright 2005, 1, 0, 0, 2, C:2008-09-09 23:45 M:2007-09-26 12:08]
[CheckReader Class]
    {C9E75CAD-ACA5-4074-81CC-5448FCCFE987}  <C:\Program Files\Founder\Apabi Reader 3.0\Check.dll>  [(Verified)Copyright 2002, 1, 0, 0, 1, C:2008-10-19 01:23 M:2008-10-07 17:14]
[QQPlayerCtrl Class]
    {CD108273-D434-43E6-AA90-1469F97EB398}  <D:\Network\QQ\QQ\Plugin\Com.Tencent.QQMusic\bin\QQMusic\QzoneMusic.dll>  [(Verified)深圳腾讯科技, 3, 1, 164, 203, C:2009-05-03 19:43 M:2009-05-03 19:43]
[Shockwave Flash Object]
    {D27CDB6E-AE6D-11CF-96B8-444553540000}  <C:\windows\system32\Macromed\Flash\Flash10b.ocx>  [(Verified)Adobe Systems, Inc., 10,0,22,87, C:2009-02-03 10:07 M:2009-02-03 10:07]
[PlayerCtrl Class]
    {E05BC2A3-9A46-4A32-80C9-023A473F5B23}  <D:\Network\QQ\QQ\Plugin\Com.Tencent.QQMusic\bin\QQMusic\QzoneMusic.dll>  [(Verified)深圳腾讯科技, 3, 1, 164, 203, C:2009-05-03 19:43 M:2009-05-03 19:43]
[FlashGet Bar]
    {E0E899AB-F487-11D5-8D29-0050BA6940E3}  <D:\NETWORK\FLASHG~2\fgiebar.dll>  [Amaze Soft, 1, 2, 0, 0, C:2009-05-16 17:50 M:2005-06-07 11:06]
[EditCtrl Class]
    {E0E9F6EF-871B-42AE-89C9-CD6AF7A2E5D3}  <C:\windows\system32\SecEdit\SecEdit.1.0.1.8.dll>  [(Verified)Copyright 2008, 1, 0, 1, 8, C:2009-03-18 17:32 M:2009-03-18 17:32]
[AxUSBKey Class]
    {E4BFF825-2E50-4BCC-8497-6EFDFB6C9B3D}  <C:\WINDOWS\system32\ICBCUS~1.DLL>  [北京信安世纪公司, 1, 0, 0, 4, C:2008-09-09 23:45 M:2008-04-02 11:33]
[TimwpDll.TimwpCheck]
    {ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4}  <D:\Network\QQ\QQ\Bin\Timwp.dll>  [(Verified)Tencent, 1, 30, 860, 0, C:2009-07-19 00:28 M:2009-07-19 00:28]
[gFlash Class]
    {F156768E-81EF-470C-9057-481BA8380DBA}  <D:\NETWORK\FLASHG~2\getflash.dll>  [Copyright 2006, 1, 0, 0, 1, C:2009-05-16 17:50 M:2006-09-12 10:50]
[XPPlayer Class]
    {F3E70CEA-956E-49CC-B444-73AFE593AD7F}  <C:\Program Files\Common Files\Thunder Network\KanKan\PPlayer.2.1.59010.253.(889).dll>  [(Verified)深圳市迅雷网络技术有限公司, 2, 1, 59010, 253, C:2009-07-13 21:11 M:2009-06-30 23:12]
[JetCarNetscape Class]
    {FB5DA724-162B-11D3-8B9B-AA70B4B0B524}  <D:\NETWORK\FLASHG~2\jccatch.dll>  [FlashGet, 1, 1, 5, 0, C:2009-05-16 17:50 M:2006-05-16 15:19]

Context Menu
[7-ZIP]
    {23170F69-40C1-278A-1000-000100020000}  <D:\system\7-Zip\7-zip.dll>  [Igor Pavlov, 4.57, C:2007-12-06 16:32 M:2007-12-06 16:32]
[EditPlus 3]
    {36D94110-787C-4828-9C1B-0DAFEBC36069}  <d:\study\EditPlus 3\eppshell.dll>  [(Verified)N/A, C:2008-05-18 18:26 M:2008-04-11 18:43]
[EncryptFile]
    {D55189EB-2826-4834-8E59-582B05CA99CA}  <D:\system\Wopti\WoptiEncryptModule.dll>  [(Verified)共软网络, 1.0.8.103, C:2008-02-23 19:45 M:2008-01-03 13:51]
[NamipanExt]
    {5696473A-FC50-4CA7-B87A-AF60201B04DD}  <D:\Network\NamiRobot\Data\NamipanExt1.dll>  [N/A, C:2008-06-17 13:59 M:2008-06-17 13:59]
[Netease mail]
    {75D7638B-31DD-4E55-B47E-8D8A45C1352A}  <D:\Network\网易闪电邮\闪电邮\rightmailshell.dll>  [网易 Netease, 1.0.0.0, C:2009-02-06 18:07 M:2009-02-06 18:07]
[Quakecd]
    {683E1524-B938-4873-A395-7DD1C3AC3A5F}  <D:\Game\金山游侠\Tools\KVD\kscdrush.dll>  [金山软件股份有限公司, 5, 0, 0, 0, C:2008-01-28 23:57 M:2003-06-20 06:04]
[RisingRavExt]
    {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}  <C:\windows\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-07-18 17:04 M:2009-07-14 15:42]
[TSStore]
    {B785994F-F9F2-4aca-898B-A558904D03FB}  <C:\Program Files\Turbo Squid Tentacles\SaveToTentacles32.dll>  [Copyright 2000, 1, 0, 0, 1, C:2007-08-30 10:27 M:2007-08-30 10:27]
[UltraEdit-32]
    {b5eedee0-c06e-11cf-8c56-444553540000}  <d:\study\UltraEdit-32\ue32ctmn.dll>  [IDM Computer Solutions, Inc., 1, 0, 0, 3, C:2008-07-06 18:26 M:2008-07-03 14:13]
[WinRAR]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <D:\system\WinRAR\rarext.dll>  [N/A, C:2008-09-30 21:14 M:2008-09-30 21:14]


========================================
服务

[ATI Smart / ATI Smart][Stopped/Auto Start]
    <C:\WINDOWS\system32\ati2sgag.exe>  [Copyright (C) 1998 - 2007 ATI Technologies Inc., 5.13.0027, C:2008-01-23 13:24 M:2009-02-25 15:15]
[Autodesk Licensing Service / Autodesk Licensing Service][Running/Auto Start]
    <"C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe">  [Autodesk, 2.80.011, C:2009-05-23 14:41 M:2009-05-23 14:41]
[##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## / Bonjour Service][Running/Auto Start]
    <"C:\Program Files\Bonjour\mDNSResponder.exe">  [Apple Computer, Inc., 1,0,3,1, C:2006-02-28 12:42 M:2006-02-28 12:42]
[daye Service / daye][Stopped/Auto Start]
    <C:\windows\system32\daye.exe>  [N/A, C:2009-07-24 10:06 M:2009-07-24 10:06]
[eSafe DeviceNotification service / DeviceNotice][Running/Auto Start]
    <C:\WINDOWS\system32\DeviceNotice.exe>  [DMWZ Science&Technology Co.,Ltd, 1, 0, 2, 1, C:2008-12-27 22:46 M:2007-08-23 09:11]
[EQService / EQService][Running/Auto Start]
    <C:\Program Files\EQSecure\EQService.exe>  [EQSecure, 2008, 3, 28, 23, C:2008-05-27 16:36 M:2008-05-27 16:36]
[Human Interface Device Access / HidServ][Stopped/Disabled]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\hidserv.dll">  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2004-08-17 20:00]
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
    <"C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe">  [Macrovision Corporation, 10.50.125, C:2004-10-22 02:24 M:2004-10-22 02:24]
[Windows CardSpace / idsvc][/Manual Start]
    <"C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe">  [Microsoft Corporation, 3.0.4506.30 (WAPRTM.004506-0030), C:2006-10-30 03:33 M:2006-10-30 03:33]
[mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit / mi-raysat_3dsMax2009_32][Stopped/Auto Start]
    <"D:\Study\Autodesk\3ds Max\mentalray\satellite\raysat_3dsMax2009_32server.exe">  [N/A, C:2008-03-19 18:28 M:2008-03-19 18:28]
[Net.Tcp Port Sharing Service / NetTcpPortSharing][Stopped/Disabled]
    <"C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe">  [Microsoft Corporation, 3.0.4506.30 (WAPRTM.004506-0030), C:2006-10-30 03:34 M:2006-10-30 03:34]
[NMIndexingService / NMIndexingService][Stopped/Manual Start]
    <"C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe">  []
[ServiceLayer / ServiceLayer][Stopped/Manual Start]
    <"C:\Program Files\PC Connectivity Solution\ServiceLayer.exe">  [Nokia., 7, 0, 13, 0, C:2008-08-07 11:17 M:2008-08-07 11:17]
[User Profile Hive Cleanup / UPHClean][Running/Auto Start]
    <C:\Program Files\UPHClean\uphclean.exe>  [Microsoft Corporation, 1.6.30.0, C:2005-04-27 14:59 M:2005-04-27 14:59]

[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
    <%SystemRoot%\system32\Ati2evxx.exe>  [(Verified)ATI Technologies Inc., 6.14.10.4222, C:2007-06-27 09:49 M:2009-02-26 05:27]
[Contrl Center of Storm Media / ccosm][Stopped/Auto Start]
    <C:\Program Files\StormII\stormliv.exe /asservice>  [(Verified)北京暴风网际科技有限公司, 3, 9, 5, 15, C:2009-04-21 12:01 M:2009-05-08 11:06]
[FLEXnet Licensing Service / FLEXnet Licensing Service][Stopped/Manual Start]
    <"C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe">  [(Verified)Acresso Software Inc., 11.6.0.0 build 60117, C:2009-04-22 19:03 M:2009-07-18 10:15]
[LightScribeService Direct Disc Labeling Service / LightScribeService][Running/Auto Start]
    <"C:\Program Files\Common Files\LightScribe\LSSrvc.exe">  [(Verified)Hewlett-Packard Company, 1.8.15.1, C:2007-07-25 15:50 M:2007-07-25 15:50]
[NMSAccessU / NMSAccessU][Running/Auto Start]
    <D:\system\CDBurnerXP\NMSAccessU.exe>  [(Verified)N/A, C:2009-05-22 10:36 M:2008-10-20 22:18]
[Rav Process Communication Center / RavCCenter][Stopped/Auto Start]
    <C:\Program Files\Rising\Rav\CCENTER.EXE>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-07-18 17:04 M:2009-07-14 15:42]
[Rising RavTask Manager / RavTask][Stopped/Auto Start]
    <"C:\Program Files\Rising\Rav\RavTask.exe" RavTask>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24, C:2009-07-18 17:04 M:2009-07-14 15:42]
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
    <C:\Program Files\Rising\Rav\RavMonD.exe>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-07-18 17:04 M:2009-07-14 15:42]
[Rising Scan Service / RsScanSrv][Stopped/Auto Start]
    <C:\Program Files\Rising\Rav\ScanFrm.exe>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.12, C:2009-07-18 17:04 M:2009-07-14 15:42]


========================================
驱动

[acpidisk / acpidisk][Running/Auto Start]
    <\??\C:\windows\system32\drivers\acpidisk.sys>  [N/A, C:2009-07-24 10:06 M:2009-06-04 15:19]
[A4Tech Mouse Filter Driver / Amfilter][Running/System Start]
    <system32\DRIVERS\Amfilter.sys>  [A4Tech Co.,Ltd., 6.00.6001.0, C:2007-05-15 05:38 M:2007-05-15 05:38]
[A4Tech HID-compliant Mouse Driver / Amusbprt][Running/Manual Start]
    <system32\DRIVERS\Amusbprt.sys>  [A4Tech Co.,Ltd., 6.00.6001.0, C:2007-05-15 05:41 M:2007-05-15 05:41]
[Apaidi / Apaidi][Running/Auto Start]
    <\??\C:\WINDOWS\system32\drivers\Apaidi.sys>  [N/A, C:2008-10-19 01:23 M:2004-06-25 09:29]
[ATITool Overclocking Utility / ATITool][Running/System Start]
    <system32\DRIVERS\ATITool.sys>  [Copyright 2004-2006 (c). All rights reserved., 1.30, C:2006-11-10 21:08 M:2006-11-10 21:08]
[EQSysSecure / EQSysSecure][Running/System Start]
    <\??\C:\WINDOWS\system32\drivers\EQSysSecure.sys>  [EQSecure, 4.32, C:2008-06-09 16:11 M:2008-05-21 12:04]
[Mouse Test Driver / Moufiltr][Stopped/Manual Start]
    <system32\DRIVERS\Moufiltr.sys>  [Windows (R) 2000 DDK provider, 5.00.2195.1620, C:2005-08-06 15:13 M:2005-08-06 15:13]
[mtlrd / mtlrd][Running/Auto Start]
    <\??\C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Media Player\wmp\mtlrd.sys>  [N/A, C:2009-07-23 12:53 M:2009-07-23 12:53]
[nocashio / nocashio][Stopped/Manual Start]
    <system32\drivers\nocashio.sys>  [N/A, C:2008-12-07 01:34 M:2008-12-07 01:34]
[PCAMPR5 NDIS Protocol Driver / PCAMPR5][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\PCAMPR5.SYS>  [Printing Communications Assoc., Inc. (PCAUSA), 5.03.16.54, C:2008-12-27 22:46 M:2002-05-02 12:52]
[QuakeDRV / QuakeDRV][Running/Boot Start]
    <system32\DRIVERS\quakedrv.sys>  [N/A, C:2008-01-28 23:57 M:2003-06-19 22:07]
[rvja / rvja][Running/Boot Start]
    <system32\drivers\prdsq.sys>  [N/A, C:2008-01-23 12:29 M:2004-08-17 20:00]
[sptd / sptd][Running/Boot Start]
    <System32\Drivers\sptd.sys>  [N/A, C:2008-01-27 09:50 M:2009-05-22 02:16]
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
    <system32\DRIVERS\tcpip.sys>  [Microsoft Corporation, 5.1.2600.3394 (xpsp_sp2_qfe.080620-1259), C:2008-01-23 12:29 M:2008-06-20 18:44]
[NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller / yukonwxp][Running/Manual Start]
    <system32\DRIVERS\yk51x86.sys>  [Marvell, 10.51.1.3 built by: WinDDK, C:2007-08-15 16:22 M:2007-12-28 17:51]

[360AntiArp / 360AntiArp][Running/System Start]
    <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys>  [(Verified)360安全中心, 1, 2, 0, 1003, C:2009-06-03 22:26 M:2009-06-03 22:26]
[360SelfProtection / 360SelfProtection][Running/System Start]
    <system32\drivers\360SelfProtection.sys>  [(Verified)360安全中心, 1, 0, 0, 1005, C:2009-07-18 17:01 M:2009-07-16 15:29]
[AMD Processor Driver / AmdK8][Running/System Start]
    <system32\DRIVERS\AmdK8.sys>  [(Verified)Advanced Micro Devices, 1.3.2 (dnsrv(wmbla).060701-2226), C:2008-01-23 13:17 M:2006-07-01 22:43]
[AMD Low Level Device Driver / AmdLLD][Running/Manual Start]
    <system32\DRIVERS\AmdLLD.sys>  [(Verified)AMD, Inc., 1.0.0.0, C:2008-01-23 13:19 M:2006-11-01 14:42]
[ati2mtag / ati2mtag][Running/Manual Start]
    <system32\DRIVERS\ati2mtag.sys>  [(Verified)ATI Technologies Inc., 6.14.10.6925, C:2007-06-27 09:58 M:2009-02-26 06:58]
[BFSDRV / BFSDRV][Running/Manual Start]
    <\??\C:\windows\system32\drivers\bfsdrv.sys>  [(Verified)360安全中心, 1.0.0.1003, C:2009-07-18 09:14 M:2009-06-12 11:28]
[eBoostr caching filter driver / eBoost][Running/Boot Start]
    <system32\drivers\eBoost.sys>  [(Verified)eBoostr.com, 1.1.0.399, C:2007-12-26 01:19 M:2007-12-26 01:19]
[EfiSystemMon / EfiMon][Running/System Start]
    <System32\Drivers\Efimon.sys>  [(Verified)奇虎网, 1, 0, 0, 1003, C:2009-06-29 15:13 M:2009-06-29 15:13]
[usb Card Device / ft2kEnum][Running/Manual Start]
    <system32\DRIVERS\ic2kenum.sys>  [(Verified)OEM Corporation, 2.4.3.403, C:2008-09-09 23:46 M:2008-09-09 23:46]
[USB Chip Holder Service / GDBaseSmc][Running/Manual Start]
    <system32\DRIVERS\Chip_smc.sys>  [(Verified)OEM, 2.4.3.1110, C:2008-09-09 23:45 M:2008-09-09 23:45]
[USB Chip Service / GD_USB][Stopped/Manual Start]
    <system32\DRIVERS\Chip_usb.sys>  [(Verified)2.4.3.1110, C:2008-09-09 23:45 M:2008-09-09 23:45]
[ATI Function Driver for High Definition Audio Service / HdAudAddService][Running/Manual Start]
    <system32\drivers\AtiHdAud.sys>  [(Verified)ATI Research Inc., 5.00.40001.08, C:2008-01-23 13:25 M:2006-12-29 00:44]
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
    <system32\DRIVERS\HDAudBus.sys>  [(Verified)Windows (R) Server 2003 DDK provider, 5.10.01.5013 built by: WinDDK, C:2005-01-07 17:07 M:2005-01-07 17:07]
[hookcont / hookcont][Running/System Start]
    <system32\drivers\HookCont.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 6, C:2009-07-18 17:04 M:2009-07-14 15:42]
[HookPort / HookPort][Running/Boot Start]
    <System32\Drivers\Hookport.sys>  [(Verified)360安全中心, 1, 0, 0, 1003, C:2009-07-18 17:01 M:2009-07-10 10:02]
[hooksys / hooksys][Running/System Start]
    <system32\drivers\HookSys.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 56, C:2009-07-18 17:04 M:2009-07-14 15:42]
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
    <system32\drivers\RtkHDAud.sys>  [(Verified)Realtek Semiconductor Corp., 5.10.0.5404 built by: WinDDK, C:2008-01-23 13:09 M:2007-04-23 18:12]
[Nokia USB Phone Parent / nmwcd][Stopped/Manual Start]
    <system32\drivers\ccdcmb.sys>  [(Verified)Nokia, 6.86.14.22, C:2008-10-03 23:19 M:2008-05-07 07:38]
[Nokia USB Generic / nmwcdc][Stopped/Manual Start]
    <system32\drivers\ccdcmbo.sys>  [(Verified)Nokia, 6.86.14.22, C:2008-10-03 23:19 M:2008-05-07 07:38]
[DDK PACKET Protocol / Packet][Running/Manual Start]
    <system32\DRIVERS\ProtoDrv.sys>  [(Verified)360安全中心, 1, 2, 0, 1001, C:2009-06-03 02:52 M:2009-06-03 02:52]
[PCAMp50 NDIS Protocol Driver / PCAMp50][Running/Auto Start]
    <System32\Drivers\PCAMp50.sys>  [(Verified)Printing Communications Assoc., Inc. (PCAUSA), 5.5.18.05, C:2008-12-27 22:46 M:2007-05-19 09:04]
[PCASp50 NDIS Protocol Driver / PCASp50][Running/Auto Start]
    <System32\Drivers\PCASp50.sys>  [(Verified)Printing Communications Assoc., Inc. (PCAUSA), 5.5.18.05, C:2008-12-27 22:46 M:2007-05-19 09:04]
[PCCS Mode Change Filter Driver / pccsmcfd][Stopped/Manual Start]
    <system32\DRIVERS\pccsmcfd.sys>  [(Verified)Nokia, 6.85.3.0, C:2008-10-03 23:20 M:2007-09-17 15:53]
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
    <system32\DRIVERS\ptilink.sys>  [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:2008-01-23 12:29 M:2004-08-17 20:00]
[SmartCard Reader Device  / Reader_Device][Running/Manual Start]
    <system32\DRIVERS\usbic2k.sys>  [(Verified)OEM, 2.4.3.403, C:2008-09-09 23:46 M:2008-09-09 23:46]
[Feitian ROCKEY4 Device Service / ROCKEYNT][Running/Manual Start]
    <system32\DRIVERS\Rockey4.sys>  [(Verified)Feitian Technologies Co., Ltd., 5.0.4.0211, C:2008-12-06 19:19 M:2008-12-06 19:19]
[RsNTGDI / RsNTGDI][Running/Boot Start]
    <system32\Drivers\RsNTGdi.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-07-18 17:04 M:2009-07-14 15:42]
[SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
    <\??\C:\windows\system32\drivers\SafeBoxKrnl.sys>  [(Verified)360安全中心, 2, 4, 0, 1004, C:2009-07-10 10:02 M:2009-07-10 10:02]
[Secdrv / Secdrv][Stopped/Manual Start]
    <system32\DRIVERS\secdrv.sys>  [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:2008-01-23 12:29 M:2007-11-13 18:25]
[StarForce Protection Environment Driver (version 1.x.a) / sfdrv01a][Running/Boot Start]
    <System32\drivers\sfdrv01a.sys>  [(Verified)Protection Technology (StarForce), 1.47, C:2006-07-05 20:46 M:2006-07-05 20:46]
[StarForce Protection Helper Driver (version 2.x) / sfhlp02][Running/Boot Start]
    <System32\drivers\sfhlp02.sys>  [(Verified)Protection Technology (StarForce), 2.8, C:2006-06-14 22:56 M:2006-06-14 22:56]
[StarForce Protection Synchronization Driver (version 4.x) / sfsync04][Running/Boot Start]
    <System32\drivers\sfsync04.sys>  [(Verified)Protection Technology (StarForce), 4.18, C:2006-08-11 21:47 M:2006-08-11 21:47]
[upperdev / upperdev][Stopped/Manual Start]
    <system32\DRIVERS\usbser_lowerflt.sys>  [(Verified)Windows (R) Codename Longhorn DDK provider, 6.0.6000.16386 built by: WinDDK, C:2008-10-03 23:19 M:2008-06-06 09:24]
[UsbserFilt / UsbserFilt][Stopped/Manual Start]
    <system32\DRIVERS\usbser_lowerfltj.sys>  [(Verified)Windows (R) Codename Longhorn DDK provider, 6.0.6000.16386 built by: WinDDK, C:2008-10-03 23:19 M:2008-05-07 07:38]


========================================
进程

[PID: 776 / SYSTEM]   \SystemRoot\System32\smss.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2004-08-17 20:00]

[PID: 976 / SYSTEM]   \??\C:\windows\system32\csrss.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2004-08-17 20:00]

[PID: 1176 / SYSTEM]   \??\C:\windows\system32\winlogon.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2004-08-17 20:00]
    C:\windows\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2008-10-06 00:25]
    C:\windows\system32\Ati2evxx.dll  [(Verified)ATI Technologies Inc., 6.14.10.4178, C:2007-06-27 09:50 M:2009-02-26 05:29]
    C:\windows\system32\WgaLogon.dll  [Microsoft Corporation, 1.7.0018.1, C:2008-01-23 12:29 M:2007-02-28 20:29]
    C:\windows\system32\COMRes.dll  [N/A, C:2008-01-23 12:29 M:2009-07-24 09:59]
    C:\windows\system32\winlib .dll  [N/A, C:2009-07-24 10:06 M:2009-07-24 10:06]
    C:\Program Files\Bonjour\mdnsNSP.dll  [Apple Computer, Inc., 1,0,3,1, C:2006-02-28 12:42 M:2006-02-28 12:42]
    C:\windows\fonts\jUxfqJDwmfQEHcy2.fon  [N/A, C:2009-07-24 09:56 M:2009-07-24 09:56]
    C:\windows\fonts\zEfE48cw9EmcFaR.fon  [N/A, C:2009-07-24 09:56 M:2009-07-24 09:56]
    C:\windows\system32\xg4hAPNygs29.dll  [N/A, C:2009-07-24 09:56 M:2009-07-24 09:56]
    C:\windows\system32\JPccCJnKygDdp3.dll  [N/A, C:2009-07-24 09:57 M:2009-07-24 09:57]
    C:\windows\system32\A0C86020.dll  [N/A, C:2009-07-24 09:57 M:2009-07-24 09:57]
    C:\windows\system32\qzp3jTZCSfSh.dll  [N/A, C:2009-07-24 09:57 M:2009-07-24 09:57]
    C:\windows\system32\taNjsFa2tT2Dh.dll  [N/A, C:2009-07-24 09:57 M:2009-07-24 09:57]
    C:\windows\system32\704C3595.dll  [N/A, C:2009-07-24 09:58 M:2009-07-24 09:58]
    C:\windows\system32\dhDhwS7fFW.dll  [N/A, C:2009-07-24 09:58 M:2009-07-24 09:58]
    C:\windows\system32\CDuAUVkGy9.dll  [N/A, C:2009-07-24 09:58 M:2009-07-24 09:58]
    C:\windows\system32\E4814792.dll  [N/A, C:2009-07-24 09:58 M:2009-07-24 09:58]
    C:\windows\system32\BbXhGSfTsBbxT83aR.dll  [N/A, C:2009-07-24 09:59 M:2009-07-24 09:59]
    C:\windows\system32\ndxq9awMc.dll  [N/A, C:2009-07-24 09:59 M:2009-07-24 09:59]
    C:\windows\system32\v54M9wWBuNGTf2m.dll  [N/A, C:2009-07-24 09:59 M:2009-07-24 09:59]
    C:\windows\fonts\xPjWNGd8cERq.fon  [N/A, C:2009-07-24 09:59 M:2009-07-24 09:59]
    C:\windows\system32\76B9BA7A.dll  [N/A, C:2009-07-24 09:59 M:2009-07-24 09:59]
    C:\windows\system32\Y4npJWJNr.dll  [N/A, C:2009-07-24 10:00 M:2009-07-24 10:00]
    C:\windows\system32\a4rxQxCvNBMNnpqs.dll  [N/A, C:2009-07-24 10:00 M:2009-07-24 10:00]
    C:\windows\system32\BRv8dETwEzcN.dll  [N/A, C:2009-07-24 10:00 M:2009-07-24 10:00]
    C:\windows\fonts\fyrwJf5Qfhh.fon  [N/A, C:2009-07-24 10:00 M:2009-07-24 10:00]
    C:\windows\system32\08223B03.dll  [N/A, C:2009-07-24 10:01 M:2009-07-24 10:01]
    C:\windows\fonts\tY5UFS434YYd.fon  [N/A, C:2009-07-24 10:01 M:2009-07-24 10:01]
    C:\windows\system32\122B901E.dll  [N/A, C:2009-07-24 10:01 M:2009-07-24 10:01]
    C:\windows\fonts\NPPVWvYEyCe8H.fon  [N/A, C:2009-07-24 10:01 M:2009-07-24 10:01]
    C:\windows\fonts\MbsV2QQJe.fon  [N/A, C:2009-07-24 10:02 M:2009-07-24 10:02]
    C:\windows\system32\skcfujQ5EDN.dll  [N/A, C:2009-07-24 10:02 M:2009-07-24 10:02]
    C:\windows\system32\Va7SpUWgCA5f.dll  [N/A, C:2009-07-24 10:02 M:2009-07-24 10:02]
    C:\windows\system32\wdGSVBqAs3Xk.dll  [N/A, C:2009-07-24 10:02 M:2009-07-24 10:02]
    C:\windows\fonts\Q9UnbAWWNuSv4.fon  [N/A, C:2009-07-24 10:03 M:2009-07-24 10:03]
    C:\windows\system32\z5WRXqHagksJxWt.dll  [N/A, C:2009-07-24 10:03 M:2009-07-24 10:03]
    C:\windows\system32\GU6f5sW42mdc.dll  [N/A, C:2009-07-24 10:03 M:2009-07-24 10:03]
    C:\Documents and Settings\Administrator\Application Data\Spy009.dll  [N/A, C:2009-07-24 10:06 M:2009-07-24 10:06]

[PID: 1292 / SYSTEM]   C:\windows\system32\services.exe   [(Verified)Microsoft Corporation, 5.1.2600.3520 (xpsp_sp2_qfe.090206-1239), C:2008-01-23 12:29 M:2009-02-09 17:48]
    C:\windows\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2008-10-06 00:25]

[PID: 1304 / SYSTEM]   C:\windows\system32\lsass.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2004-08-17 20:00]
    C:\windows\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2008-10-06 00:25]

[PID: 1572 / SYSTEM]   C:\windows\system32\Ati2evxx.exe   [(Verified)ATI Technologies Inc., 6.14.10.4222, C:2007-06-27 09:49 M:2009-02-26 05:27]
    C:\windows\system32\Ati2edxx.dll  [(Verified)ATI Technologies, Inc., 6, 14, 10, 2514, C:2007-06-27 09:50 M:2009-02-26 05:29]
    C:\windows\system32\atipdlxx.dll  [(Verified)ATI Technologies, Inc., 6, 14, 10, 2550, C:2007-06-27 09:51 M:2009-02-26 05:30]
    C:\windows\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2008-10-06 00:25]

[PID: 1604 / SYSTEM]   C:\windows\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2004-08-17 20:00]
    C:\windows\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2008-10-06 00:25]
    C:\windows\system32\COMRes.dll  [N/A, C:2008-01-23 12:29 M:2009-07-24 09:59]

[PID: 1716 / NETWORK SERVICE]   C:\windows\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2004-08-17 20:00]
    C:\windows\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2008-10-06 00:25]
    C:\Program Files\Bonjour\mdnsNSP.dll  [Apple Computer, Inc., 1,0,3,1, C:2006-02-28 12:42 M:2006-02-28 12:42]
    C:\windows\system32\COMRes.dll  [N/A, C:2008-01-23 12:29 M:2009-07-24 09:59]

[PID: 1884 / SYSTEM]   C:\windows\System32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2004-08-17 20:00]
    C:\windows\System32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2008-10-06 00:25]
    C:\windows\System32\COMRes.dll  [N/A, C:2008-01-23 12:29 M:2009-07-24 09:59]
    C:\Program Files\Bonjour\mdnsNSP.dll  [Apple Computer, Inc., 1,0,3,1, C:2006-02-28 12:42 M:2006-02-28 12:42]

[PID: 1976 / SYSTEM]   C:\windows\system32\Ati2evxx.exe   [(Verified)ATI Technologies Inc., 6.14.10.4222, C:2007-06-27 09:49 M:2009-02-26 05:27]
    C:\windows\system32\Ati2edxx.dll  [(Verified)ATI Technologies, Inc., 6, 14, 10, 2514, C:2007-06-27 09:50 M:2009-02-26 05:29]
    C:\windows\system32\atipdlxx.dll  [(Verified)ATI Technologies, Inc., 6, 14, 10, 2550, C:2007-06-27 09:51 M:2009-02-26 05:30]
    C:\windows\system32\ati2evxx.dll  [(Verified)ATI Technologies Inc., 6.14.10.4178, C:2007-06-27 09:50 M:2009-02-26 05:29]
    C:\windows\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2008-10-06 00:25]

[PID: 1984 / SYSTEM]   C:\windows\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2004-08-17 20:00]
    C:\windows\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2008-10-06 00:25]

[PID: 472 / NETWORK SERVICE]   C:\windows\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2004-08-17 20:00]
    C:\windows\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2008-10-06 00:25]

[PID: 580 / LOCAL SERVICE]   C:\windows\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2004-08-17 20:00]
    C:\windows\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2008-10-06 00:25]
    C:\windows\system32\COMRes.dll  [N/A, C:2008-01-23 12:29 M:2009-07-24 09:59]

[PID: 904 / SYSTEM]   C:\Program Files\EQSecure\EQService.exe   [EQSecure, 2008, 3, 28, 23, C:2008-05-27 16:36 M:2008-05-27 16:36]
    C:\windows\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2008-10-06 00:25]
    C:\Program Files\Bonjour\mdnsNSP.dll  [Apple Computer, Inc., 1,0,3,1, C:2006-02-28 12:42 M:2006-02-28 12:42]

[PID: 1024 / SYSTEM]   C:\windows\system32\spoolsv.exe   [(Verified)Microsoft Corporation, 5.1.2600.2696 (xpsp.050610-1527), C:2008-01-23 12:29 M:2007-05-24 14:29]
    C:\windows\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2008-10-06 00:25]
    C:\windows\System32\spool\PRTPROCS\W32X86\filterpipelineprintproc.dll  [Microsoft Corporation, 6.0.5824.16384 (winmain(wmbla).060911-0725), C:2009-05-22 16:41 M:2006-10-14 16:43]
    C:\Program Files\Bonjour\mdnsNSP.dll  [Apple Computer, Inc., 1,0,3,1, C:2006-02-28 12:42 M:2006-02-28 12:42]
    C:\windows\system32\COMRes.dll  [N/A, C:2008-01-23 12:29 M:2009-07-24 09:59]

[PID: 1232 / LOCAL SERVICE]   C:\windows\System32\SCardSvr.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2004-08-17 20:00]
    C:\windows\System32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2008-10-06 00:25]

[PID: 316 / LOCAL SERVICE]   C:\windows\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2004-08-17 20:00]
    C:\windows\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2008-10-06 00:25]

[PID: 344 / SYSTEM]   C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe   [Autodesk, 2.80.011, C:2009-05-23 14:41 M:2009-05-23 14:41]

[PID: 676 / SYSTEM]   C:\Program Files\Bonjour\mDNSResponder.exe   [Apple Computer, Inc., 1,0,3,1, C:2006-02-28 12:42 M:2006-02-28 12:42]
    C:\windows\system32\COMRes.dll  [N/A, C:2008-01-23 12:29 M:2009-07-24 09:59]

[PID: 984 / SYSTEM]   C:\WINDOWS\system32\DeviceNotice.exe   [DMWZ Science&Technology Co.,Ltd, 1, 0, 2, 1, C:2008-12-27 22:46 M:2007-08-23 09:11]
    C:\windows\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2008-10-06 00:25]

[PID: 1200 / SYSTEM]   C:\Program Files\Common Files\LightScribe\LSSrvc.exe   [(Verified)Hewlett-Packard Company, 1.8.15.1, C:2007-07-25 15:50 M:2007-07-25 15:50]
    C:\Program Files\Common Files\LightScribe\LSSProxy.dll  [Hewlett-Packard Company, 1.8.15.1, C:2007-07-25 15:50 M:2007-07-25 15:50]
    C:\Program Files\Common Files\LightScribe\LSLog.dll  [Hewlett-Packard Company, 1.8.15.1, C:2007-07-25 15:50 M:2007-07-25 15:50]

[PID: 324 / SYSTEM]   D:\system\CDBurnerXP\NMSAccessU.exe   [(Verified)N/A, C:2009-05-22 10:36 M:2008-10-20 22:18]

[PID: 568 / SYSTEM]   C:\windows\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2004-08-17 20:00]
    C:\windows\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2008-10-06 00:25]
    C:\windows\system32\COMRes.dll  [N/A, C:2008-01-23 12:29 M:2009-07-24 09:59]

[PID: 936 / SYSTEM]   C:\Program Files\UPHClean\uphclean.exe   [Microsoft Corporation, 1.6.30.0, C:2005-04-27 14:59 M:2005-04-27 14:59]

[PID: 2812 / LOCAL SERVICE]   C:\windows\System32\alg.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:28 M:2004-08-17 20:00]
    C:\windows\System32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2008-10-06 00:25]
    C:\windows\System32\COMRes.dll  [N/A, C:2008-01-23 12:29 M:2009-07-24 09:59]

[PID: 2752 / Hime]   C:\windows\Explorer.EXE   [(Verified)Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311), C:2008-01-23 12:29 M:2007-06-13 21:10]
    C:\windows\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2008-10-06 00:25]
    C:\windows\system32\COMRes.dll  [N/A, C:2008-01-23 12:29 M:2009-07-24 09:59]
    D:\Entertainment\Nokia\Nokia PC Suite 7\phonebrowser.dll  [Nokia, 7, 0, 103, 0, C:2008-05-21 10:54 M:2008-05-21 10:54]
    D:\Entertainment\Nokia\Nokia PC Suite 7\NGSCM.DLL  [Nokia, 7, 0, 140, 6, C:2008-06-18 14:04 M:2008-06-18 14:04]
    C:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll  [Microsoft Corporation, 5.1.3102.5581 (xpsp_sp3_qfe.080415-1416), C:2009-05-03 19:43 M:2009-05-03 19:43]
    D:\Entertainment\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_chi-sc.nlr  [Nokia, 7, 0, 64, 0, C:2008-06-04 13:28 M:2008-06-04 13:28]
    D:\Entertainment\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr  [Nokia, 7, 0, 20, 0, C:2008-05-22 12:20 M:2008-05-22 12:20]
    C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll  [(Verified)Adobe Systems, Inc., 9.1.0.2009022700, C:2009-02-27 12:16 M:2009-02-27 12:16]
    C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS  [N/A, C:2009-02-27 16:46 M:2009-02-27 16:46]
    D:\system\WinRAR\rarext.dll  [N/A, C:2008-09-30 21:14 M:2008-09-30 21:14]
    d:\study\UltraEdit-32\ue32ctmn.dll  [IDM Computer Solutions, Inc., 1, 0, 0, 3, C:2008-07-06 18:26 M:2008-07-03 14:13]
    C:\Program Files\Turbo Squid Tentacles\SaveToTentacles32.dll  [Copyright 2000, 1, 0, 0, 1, C:2007-08-30 10:27 M:2007-08-30 10:27]
    C:\windows\system32\RavExt.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-07-18 17:04 M:2009-07-14 15:42]
    D:\Entertainment\QvodPlayer\QvodBand.dll  [Shenzhen QVOD Technology Co.,Ltd, 3, 0, 0, 0, C:2009-06-10 15:24 M:2009-06-10 15:24]
    D:\Game\金山游侠\Tools\KVD\kscdrush.dll  [金山软件股份有限公司, 5, 0, 0, 0, C:2008-01-28 23:57 M:2003-06-20 06:04]
    D:\Network\网易闪电邮\闪电邮\rightmailshell.dll  [网易 Netease, 1.0.0.0, C:2009-02-06 18:07 M:2009-02-06 18:07]
    D:\Network\NamiRobot\Data\NamipanExt1.dll  [N/A, C:2008-06-17 13:59 M:2008-06-17 13:59]
    C:\windows\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2004-10-05 15:39 M:2003-02-21 04:42]
    D:\system\Wopti\WoptiEncryptModule.dll  [(Verified)共软网络, 1.0.8.103, C:2008-02-23 19:45 M:2008-01-03 13:51]
    d:\study\EditPlus 3\eppshell.dll  [(Verified)N/A, C:2008-05-18 18:26 M:2008-04-11 18:43]
    D:\system\7-Zip\7-zip.dll  [Igor Pavlov, 4.57, C:2007-12-06 16:32 M:2007-12-06 16:32]
    C:\windows\fonts\jUxfqJDwmfQEHcy2.fon  [N/A, C:2009-07-24 09:56 M:2009-07-24 09:56]
    C:\windows\fonts\zEfE48cw9EmcFaR.fon  [N/A, C:2009-07-24 09:56 M:2009-07-24 09:56]
    C:\windows\system32\xg4hAPNygs29.dll  [N/A, C:2009-07-24 09:56 M:2009-07-24 09:56]
    C:\windows\system32\JPccCJnKygDdp3.dll  [N/A, C:2009-07-24 09:57 M:2009-07-24 09:57]
    C:\windows\system32\A0C86020.dll  [N/A, C:2009-07-24 09:57 M:2009-07-24 09:57]
    C:\windows\system32\qzp3jTZCSfSh.dll  [N/A, C:2009-07-24 09:57 M:2009-07-24 09:57]
    C:\windows\system32\taNjsFa2tT2Dh.dll  [N/A, C:2009-07-24 09:57 M:2009-07-24 09:57]
    C:\windows\system32\704C3595.dll  [N/A, C:2009-07-24 09:58 M:2009-07-24 09:58]
    C:\windows\system32\dhDhwS7fFW.dll  [N/A, C:2009-07-24 09:58 M:2009-07-24 09:58]
    C:\windows\system32\CDuAUVkGy9.dll  [N/A, C:2009-07-24 09:58 M:2009-07-24 09:58]
    C:\windows\system32\E4814792.dll  [N/A, C:2009-07-24 09:58 M:2009-07-24 09:58]
    C:\windows\system32\BbXhGSfTsBbxT83aR.dll  [N/A, C:2009-07-24 09:59 M:2009-07-24 09:59]
    C:\windows\system32\ndxq9awMc.dll  [N/A, C:2009-07-24 09:59 M:2009-07-24 09:59]
    C:\windows\fonts\xPjWNGd8cERq.fon  [N/A, C:2009-07-24 09:59 M:2009-07-24 09:59]
    C:\windows\system32\76B9BA7A.dll  [N/A, C:2009-07-24 09:59 M:2009-07-24 09:59]
    C:\windows\system32\Y4npJWJNr.dll  [N/A, C:2009-07-24 10:00 M:2009-07-24 10:00]
    C:\windows\system32\a4rxQxCvNBMNnpqs.dll  [N/A, C:2009-07-24 10:00 M:2009-07-24 10:00]
    C:\windows\fonts\fyrwJf5Qfhh.fon  [N/A, C:2009-07-24 10:00 M:2009-07-24 10:00]
    C:\windows\system32\08223B03.dll  [N/A, C:2009-07-24 10:01 M:2009-07-24 10:01]
    C:\windows\fonts\tY5UFS434YYd.fon  [N/A, C:2009-07-24 10:01 M:2009-07-24 10:01]
    C:\windows\system32\122B901E.dll  [N/A, C:2009-07-24 10:01 M:2009-07-24 10:01]
    C:\windows\fonts\NPPVWvYEyCe8H.fon  [N/A, C:2009-07-24 10:01 M:2009-07-24 10:01]
    C:\windows\fonts\MbsV2QQJe.fon  [N/A, C:2009-07-24 10:02 M:2009-07-24 10:02]
    C:\windows\system32\skcfujQ5EDN.dll  [N/A, C:2009-07-24 10:02 M:2009-07-24 10:02]
    C:\windows\system32\Va7SpUWgCA5f.dll  [N/A, C:2009-07-24 10:02 M:2009-07-24 10:02]
    C:\windows\system32\wdGSVBqAs3Xk.dll  [N/A, C:2009-07-24 10:02 M:2009-07-24 10:02]
    C:\windows\fonts\Q9UnbAWWNuSv4.fon  [N/A, C:2009-07-24 10:03 M:2009-07-24 10:03]
    C:\windows\system32\z5WRXqHagksJxWt.dll  [N/A, C:2009-07-24 10:03 M:2009-07-24 10:03]
    C:\windows\system32\GU6f5sW42mdc.dll  [N/A, C:2009-07-24 10:03 M:2009-07-24 10:03]
    C:\windows\system32\v54M9wWBuNGTf2m.dll  [N/A, C:2009-07-24 09:59 M:2009-07-24 09:59]
    C:\windows\system32\BRv8dETwEzcN.dll  [N/A, C:2009-07-24 10:00 M:2009-07-24 10:00]
    C:\windows\system32\mtlrd.dll  [4.4.7.0, C:2009-07-24 10:04 M:2009-07-24 10:04]
    C:\windows\system32\jUvp.dll  [N/A, C:2008-01-23 12:29 M:2004-08-17 20:00]
    C:\Documents and Settings\Administrator\Application Data\Spy009.dll  [N/A, C:2009-07-24 10:06 M:2009-07-24 10:06]
    C:\Program Files\Bonjour\mdnsNSP.dll  [Apple Computer, Inc., 1,0,3,1, C:2006-02-28 12:42 M:2006-02-28 12:42]
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll  [Advanced Micro Devices, Inc., 6.14.10.2001, C:2009-02-25 15:39 M:2009-02-25 15:39]
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiamchs.dll  [Advanced Micro Devices, Inc., 6.14.10.2001, C:2009-02-25 15:38 M:2009-02-25 15:38]

[PID: 4088 / Hime]   C:\windows\RTHDCPL.EXE   [(Verified)Realtek Semiconductor Corp., 2.1.3.2, C:2008-01-23 13:08 M:2007-04-12 17:33]
    C:\windows\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2008-10-06 00:25]
    C:\windows\fonts\jUxfqJDwmfQEHcy2.fon  [N/A, C:2009-07-24 09:56 M:2009-07-24 09:56]
    C:\windows\fonts\zEfE48cw9EmcFaR.fon  [N/A, C:2009-07-24 09:56 M:2009-07-24 09:56]
    C:\windows\system32\xg4hAPNygs29.dll  [N/A, C:2009-07-24 09:56 M:2009-07-24 09:56]
    C:\windows\system32\JPccCJnKygDdp3.dll  [N/A, C:2009-07-24 09:57 M:2009-07-24 09:57]
    C:\windows\system32\qzp3jTZCSfSh.dll  [N/A, C:2009-07-24 09:57 M:2009-07-24 09:57]
    C:\windows\system32\taNjsFa2tT2Dh.dll  [N/A, C:2009-07-24 09:57 M:2009-07-24 09:57]
    C:\windows\system32\704C3595.dll  [N/A, C:2009-07-24 09:58 M:2009-07-24 09:58]
    C:\windows\system32\BbXhGSfTsBbxT83aR.dll  [N/A, C:2009-07-24 09:59 M:2009-07-24 09:59]
    C:\windows\fonts\xPjWNGd8cERq.fon  [N/A, C:2009-07-24 09:59 M:2009-07-24 09:59]
    C:\windows\system32\76B9BA7A.dll  [N/A, C:2009-07-24 09:59 M:2009-07-24 09:59]
    C:\windows\system32\Y4npJWJNr.dll  [N/A, C:2009-07-24 10:00 M:2009-07-24 10:00]
    C:\windows\fonts\fyrwJf5Qfhh.fon  [N/A, C:2009-07-24 10:00 M:2009-07-24 10:00]
    C:\windows\system32\08223B03.dll  [N/A, C:2009-07-24 10:01 M:2009-07-24 10:01]
    C:\windows\fonts\tY5UFS434YYd.fon  [N/A, C:2009-07-24 10:01 M:2009-07-24 10:01]
    C:\windows\system32\skcfujQ5EDN.dll  [N/A, C:2009-07-24 10:02 M:2009-07-24 10:02]
    C:\windows\system32\Va7SpUWgCA5f.dll  [N/A, C:2009-07-24 10:02 M:2009-07-24 10:02]
    C:\windows\system32\GU6f5sW42mdc.dll  [N/A, C:2009-07-24 10:03 M:2009-07-24 10:03]
    C:\Documents and Settings\Administrator\Application Data\Spy009.dll  [N/A, C:2009-07-24 10:06 M:2009-07-24 10:06]
    C:\windows\system32\mtlrd.dll  [4.4.7.0, C:2009-07-24 10:04 M:2009-07-24 10:04]

[PID: 888 / Hime]   D:\system\MagicSet\SRDShow.exe   [Super Rabbit, 3.0.0.0, C:2008-02-02 21:13 M:2008-02-27 09:31]
    C:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll  [Microsoft Corporation, 5.1.3102.5581 (xpsp_sp3_qfe.080415-1416), C:2009-05-03 19:43 M:2009-05-03 19:43]
    C:\windows\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2008-10-06 00:25]
    D:\system\MagicSet\Widget\Calendar.dll  [Super Rabbit, 3.0.0.0, C:2008-02-27 09:32 M:2008-02-27 09:32]
    D:\system\MagicSet\Widget\Clock.dll  [Super Rabbit, 3.0.0.0, C:2008-02-26 18:11 M:2008-02-26 18:11]
    D:\system\MagicSet\Widget\CountDown.dll  [Super Rabbit, 3.0.0.0, C:2008-02-26 18:11 M:2008-02-26 18:11]
    D:\system\MagicSet\Widget\RSS.dll  [Super Rabbit, 3.0.0.0, C:2008-02-28 16:16 M:2008-02-28 16:16]
    D:\system\MagicSet\Widget\SRDP.dll  [Super Rabbit, 3.0.0.0, C:2008-02-26 18:10 M:2008-02-26 18:10]
    D:\system\MagicSet\Widget\SlideShow.dll  [Super Rabbit, 3.0.0.0, C:2008-02-26 18:11 M:2008-02-26 18:11]
    D:\system\MagicSet\Widget\SysWatch.dll  [Super Rabbit, 3.0.0.0, C:2008-02-27 09:18 M:2008-02-27 09:18]
    D:\system\MagicSet\Widget\Weather.dll  [Super Rabbit, 3.0.0.0, C:2008-02-29 09:19 M:2008-02-29 09:19]
    C:\Program Files\Bonjour\mdnsNSP.dll  [Apple Computer, Inc., 1,0,3,1, C:2006-02-28 12:42 M:2006-02-28 12:42]
    C:\windows\system32\COMRes.dll  [N/A, C:2008-01-23 12:29 M:2009-07-24 09:59]
    C:\windows\fonts\jUxfqJDwmfQEHcy2.fon  [N/A, C:2009-07-24 09:56 M:2009-07-24 09:56]
    C:\windows\fonts\zEfE48cw9EmcFaR.fon  [N/A, C:2009-07-24 09:56 M:2009-07-24 09:56]
    C:\windows\system32\xg4hAPNygs29.dll  [N/A, C:2009-07-24 09:56 M:2009-07-24 09:56]
    C:\windows\system32\JPccCJnKygDdp3.dll  [N/A, C:2009-07-24 09:57 M:2009-07-24 09:57]
    C:\windows\system32\qzp3jTZCSfSh.dll  [N/A, C:2009-07-24 09:57 M:2009-07-24 09:57]
    C:\windows\system32\taNjsFa2tT2Dh.dll  [N/A, C:2009-07-24 09:57 M:2009-07-24 09:57]
    C:\windows\system32\704C3595.dll  [N/A, C:2009-07-24 09:58 M:2009-07-24 09:58]
    C:\windows\system32\BbXhGSfTsBbxT83aR.dll  [N/A, C:2009-07-24 09:59 M:2009-07-24 09:59]
    C:\windows\fonts\xPjWNGd8cERq.fon  [N/A, C:2009-07-24 09:59 M:2009-07-24 09:59]
    C:\windows\system32\76B9BA7A.dll  [N/A, C:2009-07-24 09:59 M:2009-07-24 09:59]
    C:\windows\system32\Y4npJWJNr.dll  [N/A, C:2009-07-24 10:00 M:2009-07-24 10:00]
    C:\windows\fonts\fyrwJf5Qfhh.fon  [N/A, C:2009-07-24 10:00 M:2009-07-24 10:00]
    C:\windows\system32\08223B03.dll  [N/A, C:2009-07-24 10:01 M:2009-07-24 10:01]
    C:\windows\fonts\tY5UFS434YYd.fon  [N/A, C:2009-07-24 10:01 M:2009-07-24 10:01]
    C:\windows\system32\skcfujQ5EDN.dll  [N/A, C:2009-07-24 10:02 M:2009-07-24 10:02]
    C:\windows\system32\Va7SpUWgCA5f.dll  [N/A, C:2009-07-24 10:02 M:2009-07-24 10:02]
    C:\windows\system32\GU6f5sW42mdc.dll  [N/A, C:2009-07-24 10:03 M:2009-07-24 10:03]
    C:\Documents and Settings\Administrator\Application Data\Spy009.dll  [N/A, C:2009-07-24 10:06 M:2009-07-24 10:06]
    C:\windows\system32\mtlrd.dll  [4.4.7.0, C:2009-07-24 10:04 M:2009-07-24 10:04]
    D:\system\MagicSet\OLEACC.DLL  [Microsoft Corporation, 4.2.3100.0, C:2008-02-02 21:13 M:2000-01-10 04:00]
    C:\windows\system32\BRv8dETwEzcN.dll  [N/A, C:2009-07-24 10:00 M:2009-07-24 10:00]

[PID: 23216 / Hime]   C:\windows\system32\conime.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2004-08-17 20:00]
    C:\windows\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2008-10-06 00:25]
    C:\windows\system32\GU6f5sW42mdc.dll  [N/A, C:2009-07-24 10:03 M:2009-07-24 10:03]
    C:\windows\system32\Va7SpUWgCA5f.dll  [N/A, C:2009-07-24 10:02 M:2009-07-24 10:02]
    C:\windows\system32\skcfujQ5EDN.dll  [N/A, C:2009-07-24 10:02 M:2009-07-24 10:02]
    C:\windows\fonts\tY5UFS434YYd.fon  [N/A, C:2009-07-24 10:01 M:2009-07-24 10:01]
    C:\windows\system32\08223B03.dll  [N/A, C:2009-07-24 10:01 M:2009-07-24 10:01]
    C:\windows\fonts\fyrwJf5Qfhh.fon  [N/A, C:2009-07-24 10:00 M:2009-07-24 10:00]
    C:\windows\system32\Y4npJWJNr.dll  [N/A, C:2009-07-24 10:00 M:2009-07-24 10:00]
    C:\windows\system32\76B9BA7A.dll  [N/A, C:2009-07-24 09:59 M:2009-07-24 09:59]
    C:\windows\fonts\xPjWNGd8cERq.fon  [N/A, C:2009-07-24 09:59 M:2009-07-24 09:59]
    C:\windows\system32\BbXhGSfTsBbxT83aR.dll  [N/A, C:2009-07-24 09:59 M:2009-07-24 09:59]
    C:\windows\system32\704C3595.dll  [N/A, C:2009-07-24 09:58 M:2009-07-24 09:58]
    C:\windows\system32\taNjsFa2tT2Dh.dll  [N/A, C:2009-07-24 09:57 M:2009-07-24 09:57]
    C:\windows\system32\qzp3jTZCSfSh.dll  [N/A, C:2009-07-24 09:57 M:2009-07-24 09:57]
    C:\windows\system32\JPccCJnKygDdp3.dll  [N/A, C:2009-07-24 09:57 M:2009-07-24 09:57]
    C:\windows\system32\xg4hAPNygs29.dll  [N/A, C:2009-07-24 09:56 M:2009-07-24 09:56]
    C:\windows\fonts\zEfE48cw9EmcFaR.fon  [N/A, C:2009-07-24 09:56 M:2009-07-24 09:56]
    C:\windows\fonts\jUxfqJDwmfQEHcy2.fon  [N/A, C:2009-07-24 09:56 M:2009-07-24 09:56]
    C:\windows\system32\mtlrd.dll  [4.4.7.0, C:2009-07-24 10:04 M:2009-07-24 10:04]
    C:\Documents and Settings\Administrator\Application Data\Spy009.dll  [N/A, C:2009-07-24 10:06 M:2009-07-24 10:06]

[PID: 25176 / SYSTEM]   C:\windows\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2004-08-17 20:00]
    C:\windows\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2008-10-06 00:25]
    C:\windows\system32\a4rxQxCvNBMNnpqs.dll  [N/A, C:2009-07-24 10:00 M:2009-07-24 10:00]
    C:\Program Files\Bonjour\mdnsNSP.dll  [Apple Computer, Inc., 1,0,3,1, C:2006-02-28 12:42 M:2006-02-28 12:42]

[PID: 24788 / Hime]   C:\Program Files\Rising\Rav\scanfrm.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.12, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\windows\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2004-10-05 15:39 M:2003-02-21 04:42]
    C:\windows\system32\a4rxQxCvNBMNnpqs.dll  [N/A, C:2009-07-24 10:00 M:2009-07-24 10:00]
    C:\Program Files\Rising\Rav\combase.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\moncomm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\scansrvp.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.13, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\proccomm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\ScanSrv.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.10, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\windows\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2008-10-06 00:25]
    C:\Program Files\Rising\Rav\ScanRavT.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.27, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\ScanBT.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.49, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\ScanStub.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.9, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\RsLog.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\ScanAdd.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.19, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.20, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\Scanner.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.39, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\recomp.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\refs.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\viruslib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\relibldr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\SysMail.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.5, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\mvengine.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\posttrt.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\ffr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\nvfile.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\scanexec.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\unexe.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\scanex.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 51, C:2009-07-18 17:04 M:2009-07-15 17:17]
    C:\Program Files\Rising\Rav\pearc.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\scanpe.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\ur000.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\urutils.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\methodex.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-07-18 17:04 M:2009-07-15 17:17]
    C:\Program Files\Rising\Rav\heurex.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-07-18 17:04 M:2009-07-15 17:17]
    C:\Program Files\Rising\Rav\pecompd.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\extfile.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 15, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\revm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 8, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\windows\system32\COMRes.dll  [N/A, C:2008-01-23 12:29 M:2009-07-24 09:59]
    C:\Program Files\Rising\Rav\scriptci.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\uroutine.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\ur025.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\ur023.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\ur001.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\extole.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\scansct.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\extmail.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\ur004.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\ur027.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\scanmac.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\ur011.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\rsstore.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-07-18 17:04 M:2009-07-14 15:42]
    C:\Program Files\Rising\Rav\scanelf.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-07-18 17:04 M:2009-07-14 15:42]

[PID: 1116 / Hime]   C:\windows\system32\taskmgr.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2004-08-17 20:00]
    C:\windows\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2008-10-06 00:25]
    C:\windows\system32\a4rxQxCvNBMNnpqs.dll  [N/A, C:2009-07-24 10:00 M:2009-07-24 10:00]
    C:\Documents and Settings\Administrator\Application Data\Spy009.dll  [N/A, C:2009-07-24 10:06 M:2009-07-24 10:06]
    C:\windows\system32\mtlrd.dll  [4.4.7.0, C:2009-07-24 10:04 M:2009-07-24 10:04]
    C:\windows\system32\GU6f5sW42mdc.dll  [N/A, C:2009-07-24 10:03 M:2009-07-24 10:03]
    C:\windows\system32\Va7SpUWgCA5f.dll  [N/A, C:2009-07-24 10:02 M:2009-07-24 10:02]
    C:\windows\system32\skcfujQ5EDN.dll  [N/A, C:2009-07-24 10:02 M:2009-07-24 10:02]
    C:\windows\fonts\tY5UFS434YYd.fon  [N/A, C:2009-07-24 10:01 M:2009-07-24 10:01]
    C:\windows\system32\08223B03.dll  [N/A, C:2009-07-24 10:01 M:2009-07-24 10:01]
    C:\windows\fonts\fyrwJf5Qfhh.fon  [N/A, C:2009-07-24 10:00 M:2009-07-24 10:00]
    C:\windows\system32\Y4npJWJNr.dll  [N/A, C:2009-07-24 10:00 M:2009-07-24 10:00]
    C:\windows\system32\76B9BA7A.dll  [N/A, C:2009-07-24 09:59 M:2009-07-24 09:59]
    C:\windows\fonts\xPjWNGd8cERq.fon  [N/A, C:2009-07-24 09:59 M:2009-07-24 09:59]
    C:\windows\system32\BbXhGSfTsBbxT83aR.dll  [N/A, C:2009-07-24 09:59 M:2009-07-24 09:59]
    C:\windows\system32\704C3595.dll  [N/A, C:2009-07-24 09:58 M:2009-07-24 09:58]
    C:\windows\system32\taNjsFa2tT2Dh.dll  [N/A, C:2009-07-24 09:57 M:2009-07-24 09:57]
    C:\windows\system32\qzp3jTZCSfSh.dll  [N/A, C:2009-07-24 09:57 M:2009-07-24 09:57]
    C:\windows\system32\JPccCJnKygDdp3.dll  [N/A, C:2009-07-24 09:57 M:2009-07-24 09:57]
    C:\windows\system32\xg4hAPNygs29.dll  [N/A, C:2009-07-24 09:56 M:2009-07-24 09:56]
    C:\windows\fonts\zEfE48cw9EmcFaR.fon  [N/A, C:2009-07-24 09:56 M:2009-07-24 09:56]
    C:\windows\fonts\jUxfqJDwmfQEHcy2.fon  [N/A, C:2009-07-24 09:56 M:2009-07-24 09:56]
    C:\windows\system32\BRv8dETwEzcN.dll  [N/A, C:2009-07-24 10:00 M:2009-07-24 10:00]

[PID: 22848 / Hime]   I:\Document And Settings3\Administrator\Desktop\arswp2\arswp2\ArSwp.exe   [(Verified)ArSwp.com, 2, 8, 2, 1115, C:2009-07-24 15:40 M:2008-11-15 11:58]
    C:\windows\system32\a4rxQxCvNBMNnpqs.dll  [N/A, C:2009-07-24 10:00 M:2009-07-24 10:00]
    C:\windows\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-23 12:29 M:2008-10-06 00:25]
    C:\Documents and Settings\Administrator\Application Data\Spy009.dll  [N/A, C:2009-07-24 10:06 M:2009-07-24 10:06]
    C:\windows\system32\mtlrd.dll  [4.4.7.0, C:2009-07-24 10:04 M:2009-07-24 10:04]
    C:\windows\system32\COMRes.dll  [N/A, C:2008-01-23 12:29 M:2009-07-24 09:59]
    C:\windows\system32\GU6f5sW42mdc.dll  [N/A, C:2009-07-24 10:03 M:2009-07-24 10:03]
    C:\windows\system32\Va7SpUWgCA5f.dll  [N/A, C:2009-07-24 10:02 M:2009-07-24 10:02]
    C:\windows\system32\skcfujQ5EDN.dll  [N/A, C:2009-07-24 10:02 M:2009-07-24 10:02]
    C:\windows\fonts\tY5UFS434YYd.fon  [N/A, C:2009-07-24 10:01 M:2009-07-24 10:01]
    C:\windows\system32\08223B03.dll  [N/A, C:2009-07-24 10:01 M:2009-07-24 10:01]
    C:\windows\fonts\fyrwJf5Qfhh.fon  [N/A, C:2009-07-24 10:00 M:2009-07-24 10:00]
    C:\windows\system32\Y4npJWJNr.dll  [N/A, C:2009-07-24 10:00 M:2009-07-24 10:00]
    C:\windows\system32\76B9BA7A.dll  [N/A, C:2009-07-24 09:59 M:2009-07-24 09:59]
    C:\windows\fonts\xPjWNGd8cERq.fon  [N/A, C:2009-07-24 09:59 M:2009-07-24 09:59]
    C:\windows\system32\BbXhGSfTsBbxT83aR.dll  [N/A, C:2009-07-24 09:59 M:2009-07-24 09:59]
    C:\windows\system32\704C3595.dll  [N/A, C:2009-07-24 09:58 M:2009-07-24 09:58]
    C:\windows\system32\taNjsFa2tT2Dh.dll  [N/A, C:2009-07-24 09:57 M:2009-07-24 09:57]
    C:\windows\system32\qzp3jTZCSfSh.dll  [N/A, C:2009-07-24 09:57 M:2009-07-24 09:57]
    C:\windows\system32\JPccCJnKygDdp3.dll  [N/A, C:2009-07-24 09:57 M:2009-07-24 09:57]
    C:\windows\system32\xg4hAPNygs29.dll  [N/A, C:2009-07-24 09:56 M:2009-07-24 09:56]
    C:\windows\fonts\zEfE48cw9EmcFaR.fon  [N/A, C:2009-07-24 09:56 M:2009-07-24 09:56]
    C:\windows\fonts\jUxfqJDwmfQEHcy2.fon  [N/A, C:2009-07-24 09:56 M:2009-07-24 09:56]
    C:\windows\system32\BRv8dETwEzcN.dll  [N/A, C:2009-07-24 10:00 M:2009-07-24 10:00]
    I:\Document And Settings3\Administrator\Desktop\arswp2\arswp2\plugin\ArFix.dll  [(Verified)ArSwp.Com, 2, 5, 0, 0, C:2009-07-24 15:40 M:2007-11-28 15:19]
    C:\Program Files\Bonjour\mdnsNSP.dll  [Apple Computer, Inc., 1,0,3,1, C:2006-02-28 12:42 M:2006-02-28 12:42]


========================================
文件关联



========================================
AutoRun.INF



========================================
Winsock提供者



========================================
HOSTS

    127.0.0.1 localhost


[/CODE]