[CODE]

2008-05-28,14:59:24

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows Vista Home Basic Edition  (Build 6000) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <SynTPEnh><C:\Program Files\Synaptics\SynTP\SynTPEnh.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <QPService><"C:\Program Files\HP\QuickPlay\QPService.exe">  [CyberLink Corp.]
    <QlbCtrl><%ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start>  [ Hewlett-Packard Development Company, L.P.]
    <HP Health Check Scheduler><C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe>  [(Verified)Hewlett-Packard]
    <hpWirelessAssistant><%ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe>  [(Verified)Hewlett-Packard Company]
    <WAWifiMessage><%ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe>  [(Verified)Hewlett-Packard Company]
    <SunJavaUpdateSched><"C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe">  [(Verified)"Sun Microsystems, Inc."]
    <Symantec PIF AlertEng><"C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll">  [N/A]
    <HP Software Update><C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe>  [(Verified)Hewlett-Packard Company]
    <SynTPStart><C:\Program Files\Synaptics\SynTP\SynTPStart.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <NvSvc><RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <NvCplDaemon><RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <NvMediaCenter><RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <KVMON><C:\Program Files\JiangMin\AntiVirus\KVMonXP.kxp>  [(Verified)Beijing Jiangmin New Sci.&Tec. Co. Ltd.]
    <Windows Defender><%ProgramFiles%\Windows Defender\MSASCui.exe -hide>  [(Verified)Microsoft Windows]
    <Adobe Reader Speed Launcher><"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe">  [(Verified)"Adobe Systems, Incorporated"]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows]
    <Userinit><C:\Windows\system32\userinit.exe,>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Windows Mail 7><"%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <Funshion><; "C:\Program Files\Funshion Online\Funshion\Funshion.exe" /tray>  [Funshion Online Technologies Ltd.]
    <iTunesHelper><; "C:\Program Files\iTunes\iTunesHelper.exe">  [(Verified)Apple Inc.]
    <QuickTime Task><; "C:\Program Files\QuickTime\QTTask.exe" -atboottime>  [Apple Inc.]

==================================
启动文件夹
N/A

==================================
服务
[AddFiltr / AddFiltr][Stopped/Manual Start]
  <"C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe"><Hewlett-Packard Development Company, L.P.>
[Apple Mobile Device / Apple Mobile Device][Running/Auto Start]
  <"C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"><Apple, Inc.>
[HP Health Check Service / HP Health Check Service][Running/Auto Start]
  <"C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe"><Hewlett-Packard>
[hpqwmiex / hpqwmiex][Running/Auto Start]
  <C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe><Hewlett-Packard Development Company, L.P.>
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
  <"C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe"><Macrovision Corporation>
[iPod 服务 / iPod Service][Stopped/Manual Start]
  <"C:\Program Files\iPod\bin\iPodService.exe"><Apple Inc.>
[KVSrvXP / KVSrvXP][Running/Auto Start]
  <C:\Program Files\JiangMin\AntiVirus\kvsrvxp.exe /Service><Jiangmin Co., Ltd.>
[LightScribeService Direct Disc Labeling Service / LightScribeService][Running/Auto Start]
  <"C:\Program Files\Common Files\LightScribe\LSSrvc.exe"><Hewlett-Packard Company>
[LiveUpdate / LiveUpdate][Stopped/Manual Start]
  <"C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE"><Symantec Corporation>
[LiveUpdate Notice Service Ex / LiveUpdate Notice Ex][Stopped/Auto Start]
  <"c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon><N/A>
[LiveUpdate Notice Service / LiveUpdate Notice Service][Running/Auto Start]
  <"C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll"><Symantec Corporation>
[Rising Proxy  Service / RfwProxySrv][Stopped/Auto Start]
  <C:\Program Files\Rising\Rfw\rfwProxy.exe><N/A>
[Rising Personal Firewall Service / RfwService][Stopped/Auto Start]
  <C:\Program Files\Rising\Rfw\rfwsrv.exe><N/A>
[Remote Packet Capture Protocol v.0 (experimental) / rpcapd][Stopped/Manual Start]
  <"C:\Program Files\WinPcap\rpcapd.exe" -d -f "C:\Program Files\WinPcap\rpcapd.ini"><N/A>
[Rising Vista Scanner / RsVScanner][Stopped/Auto Start]
  <C:\Program Files\Rising\Rav\scannerd.exe><N/A>
[ServiceLayer / ServiceLayer][Stopped/Manual Start]
  <"C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe"><Nokia.>
[stllssvr / stllssvr][Stopped/Manual Start]
  <"C:\Program Files\Common Files\SureThing Shared\stllssvr.exe"><MicroVision Development, Inc.>
[XAudioService / XAudioService][Running/Auto Start]
  <C:\Windows\system32\DRIVERS\xaudio.exe><Conexant Systems, Inc.>
[自动 LiveUpdate 调度程序 / 自动 LiveUpdate 调度程序][Running/Auto Start]
  <"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe"><Symantec Corporation>

==================================
驱动程序
[adp94xx / adp94xx][Stopped/Disabled]
  <\SystemRoot\system32\drivers\adp94xx.sys><Adaptec, Inc.>
[adpahci / adpahci][Stopped/Disabled]
  <\SystemRoot\system32\drivers\adpahci.sys><Adaptec, Inc.>
[adpu160m / adpu160m][Stopped/Disabled]
  <\SystemRoot\system32\drivers\adpu160m.sys><Adaptec, Inc.>
[adpu320 / adpu320][Stopped/Disabled]
  <\SystemRoot\system32\drivers\adpu320.sys><Adaptec, Inc.>
[aic78xx / aic78xx][Stopped/Disabled]
  <\SystemRoot\system32\drivers\djsvs.sys><Adaptec, Inc.>
[aliide / aliide][Stopped/Disabled]
  <\SystemRoot\system32\drivers\aliide.sys><Acer Laboratories Inc.>
[amdide / amdide][Stopped/Disabled]
  <\SystemRoot\system32\drivers\amdide.sys><Microsoft Corporation>
[arc / arc][Stopped/Disabled]
  <\SystemRoot\system32\drivers\arc.sys><Adaptec, Inc.>
[arcsas / arcsas][Stopped/Disabled]
  <\SystemRoot\system32\drivers\arcsas.sys><Adaptec, Inc.>
[Broadcom Extensible 802.11 网络适配器驱动程序 / BCM43XV][Stopped/Manual Start]
  <system32\DRIVERS\bcmwl6.sys><Broadcom Corporation>
[blbdrive / blbdrive][Stopped/Disabled]
  <\SystemRoot\system32\drivers\blbdrive.sys><N/A>
[Brother USB Mass-Storage Lower Filter Driver / BrFiltLo][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\brfiltlo.sys><Brother Industries, Ltd.>
[Brother USB Mass-Storage Upper Filter Driver / BrFiltUp][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\brfiltup.sys><Brother Industries, Ltd.>
[Brother MFC Serial Port Interface Driver (WDM) / Brserid][Stopped/Disabled]
  <\SystemRoot\system32\drivers\brserid.sys><Brother Industries Ltd.>
[Brother WDM Serial driver / BrSerWdm][Stopped/Disabled]
  <\SystemRoot\system32\drivers\brserwdm.sys><Brother Industries Ltd.>
[Brother MFC USB Fax Only Modem / BrUsbMdm][Stopped/Disabled]
  <\SystemRoot\system32\drivers\brusbmdm.sys><Brother Industries Ltd.>
[Brother MFC USB Serial WDM Driver / BrUsbSer][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\brusbser.sys><Brother Industries Ltd.>
[BsDeamon / BsDeamon][Running/System Start]
  <\??\C:\Program Files\JiangMin\AntiVirus\BsDeamon.sys><Jiangmin Co., Ltd.>
[cmdide / cmdide][Stopped/Disabled]
  <\SystemRoot\system32\drivers\cmdide.sys><CMD Technology, Inc.>
[Intel(R) PRO Network Connection Driver / E100B][Running/Manual Start]
  <system32\DRIVERS\e100b325.sys><Intel Corporation>
[Intel(R) PRO/1000 NDIS 6 Adapter Driver / E1G60][Stopped/Manual Start]
  <system32\DRIVERS\E1G60I32.sys><Intel Corporation>
[eabfiltr / eabfiltr][Running/System Start]
  <system32\DRIVERS\eabfiltr.sys><Hewlett-Packard Development Company, L.P.>
[elxstor / elxstor][Stopped/Disabled]
  <\SystemRoot\system32\drivers\elxstor.sys><Emulex>
[GEARAspiWDM / GEARAspiWDM][Running/Manual Start]
  <System32\Drivers\GEARAspiWDM.sys><GEAR Software Inc.>
[HBtnKey / HBtnKey][Running/Manual Start]
  <system32\DRIVERS\cpqbttn.sys><Hewlett-Packard Development Company, L.P.>
[Microsoft UAA Function Driver for High Definition Audio Service / HdAudAddService][Running/Manual Start]
  <system32\drivers\CHDART.sys><Conexant Systems Inc.>
[Jiangmin Firewall NDIS6 Filter / HdFw][Running/System Start]
  <system32\DRIVERS\HdFwLH.sys><Jiangmin Co., Ltd.>
[HDPT Miniport / HDPT][Running/Manual Start]
  <system32\DRIVERS\HDPT.sys><Jiangmin Co., Ltd.>
[HookUrl / HookUrl][Stopped/Auto Start]
  <\??\C:\Program Files\Rising\Rfw\HookUrl.sys><N/A>
[HpCISSs / HpCISSs][Stopped/Disabled]
  <\SystemRoot\system32\drivers\hpcisss.sys><Hewlett-Packard Company>
[HSFHWAZL / HSFHWAZL][Stopped/Manual Start]
  <system32\DRIVERS\VSTAZL3.SYS><Conexant Systems, Inc.>
[HSF_DPV / HSF_DPV][Running/Manual Start]
  <system32\DRIVERS\HSX_DPV.sys><Conexant Systems, Inc.>
[HSXHWAZL / HSXHWAZL][Running/Manual Start]
  <system32\DRIVERS\HSXHWAZL.sys><Conexant Systems, Inc.>
[ialm / ialm][Stopped/Manual Start]
  <system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[Intel RAID Controller Vista / iaStorV][Stopped/Disabled]
  <\SystemRoot\system32\drivers\iastorv.sys><Intel Corporation>
[iirsp / iirsp][Stopped/Disabled]
  <\SystemRoot\system32\drivers\iirsp.sys><Intel Corp./ICP vortex GmbH>
[IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start]
  <system32\DRIVERS\ipinip.sys><N/A>
[ITEATAPI_Service_Install / iteatapi][Stopped/Disabled]
  <\SystemRoot\system32\drivers\iteatapi.sys><Integrated Technology Express, Inc.>
[ITERAID_Service_Install / iteraid][Stopped/Disabled]
  <\SystemRoot\system32\drivers\iteraid.sys><Integrated Technology Express, Inc.>
[JmFwDDos / JmFwDDos][Running/Auto Start]
  <system32\DRIVERS\JmFwDDos.sys><Jiangmin Co., Ltd.>
[KRegEx / KRegEx][Running/Auto Start]
  <\??\C:\Program Files\JiangMin\antivirus\KRegEx.sys><Jiangmin Co. Ltd.>
[Jiangmin Antivirus Software - SysCall Services / KSysCall][Running/System Start]
  <\??\C:\Program Files\JiangMin\common\KSysCall.sys><Jiangmin Co.,  Ltd.>
[Jiangmin Antivirus Software - System Monitor / KSysMon][Running/System Start]
  <\??\C:\Program Files\JiangMin\AntiVirus\KSysMon.sys><Jiangmin Co., Ltd.>
[Jiangmin Antivirus Software - File Tracer / KSysTrace][Running/System Start]
  <\??\C:\Program Files\JiangMin\AntiVirus\KSysTrace.sys><Jiangmin Co., Ltd.>
[KVFileGuard From Jiangmin / KVFileGuard][Running/Manual Start]
  <\??\C:\Program Files\JiangMin\AntiVirus\KVfg.sys><Jiangmin Co., Ltd.>
[KVREDIR / KVREDIR][Running/System Start]
  <\??\C:\Program Files\JiangMin\AntiVirus\KVREDIR.sys><Jiangmin Co., Ltd.>
[LSI_FC / LSI_FC][Stopped/Disabled]
  <\SystemRoot\system32\drivers\lsi_fc.sys><LSI Logic>
[LSI_SAS / LSI_SAS][Stopped/Disabled]
  <\SystemRoot\system32\drivers\lsi_sas.sys><LSI Logic>
[LSI_SCSI / LSI_SCSI][Stopped/Disabled]
  <\SystemRoot\system32\drivers\lsi_scsi.sys><LSI Logic>
[mdmxsdk / mdmxsdk][Running/Auto Start]
  <system32\DRIVERS\mdmxsdk.sys><Conexant>
[megasas / megasas][Stopped/Disabled]
  <\SystemRoot\system32\drivers\megasas.sys><LSI Logic Corporation>
[Mraid35x / Mraid35x][Stopped/Disabled]
  <\SystemRoot\system32\drivers\mraid35x.sys><LSI Logic Corporation>
[用于 Windows Vista 32 Bit 版的英特尔(R) PRO/无线 3945ABG 适配器驱动程序 / NETw3v32][Stopped/Manual Start]
  <system32\DRIVERS\NETw3v32.sys><Intel? Corporation>
[Intel(R) Wireless WiFi Link 适配器驱动程序（适用于 Windows Vista 32 位） / NETw4v32][Running/Manual Start]
  <system32\DRIVERS\NETw4v32.sys><Intel Corporation>
[nfrd960 / nfrd960][Stopped/Disabled]
  <\SystemRoot\system32\drivers\nfrd960.sys><IBM Corporation>
[Nokia USB Generic / Nokia USB Generic][Stopped/Manual Start]
  <system32\drivers\nmwcdc.sys><Nokia>
[Nokia USB Modem / Nokia USB Modem][Stopped/Manual Start]
  <system32\drivers\nmwcdcm.sys><Nokia>
[Nokia USB Phone Parent / Nokia USB Phone Parent][Stopped/Manual Start]
  <system32\drivers\nmwcd.sys><Nokia>
[Nokia USB Port / Nokia USB Port][Stopped/Manual Start]
  <system32\drivers\nmwcdcj.sys><Nokia>
[NetGroup Packet Filter Driver / NPF][Stopped/Manual Start]
  <system32\drivers\npf.sys><Politecnico di Torino>
[npkcrypt / npkcrypt][Stopped/Manual Start]
  <\??\C:\Windows\system32\npkcrypt.sys><N/A>
[npkycryp / npkycryp][Stopped/Manual Start]
  <\??\C:\Windows\system32\npkycryp.sys><N/A>
[N-trig HID Tablet Driver / ntrigdigi][Stopped/Disabled]
  <\SystemRoot\system32\drivers\ntrigdigi.sys><N-trig Innovative Technologies>
[nvlddmkm / nvlddmkm][Running/Manual Start]
  <system32\DRIVERS\nvlddmkm.sys><NVIDIA Corporation>
[nvraid / nvraid][Stopped/Disabled]
  <\SystemRoot\system32\drivers\nvraid.sys><NVIDIA Corporation>
[nvstor / nvstor][Stopped/Disabled]
  <\SystemRoot\system32\drivers\nvstor.sys><NVIDIA Corporation>
[IPX Traffic Filter Driver / NwlnkFlt][Stopped/Manual Start]
  <system32\DRIVERS\nwlnkflt.sys><N/A>
[IPX Traffic Forwarder Driver / NwlnkFwd][Stopped/Manual Start]
  <system32\DRIVERS\nwlnkfwd.sys><N/A>
[PxHelp20 / PxHelp20][Running/Boot Start]
  <\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[QLogic Fibre Channel Miniport Driver / ql2300][Stopped/Disabled]
  <\SystemRoot\system32\drivers\ql2300.sys><QLogic Corporation>
[QLogic iSCSI Miniport Driver / ql40xx][Stopped/Disabled]
  <\SystemRoot\system32\drivers\ql40xx.sys><QLogic Corporation>
[Rising RfwBase Driver / RfwBase][Running/System Start]
  <system32\DRIVERS\rfwbase.sys><Beijing Rising Technology Co., Ltd.>
[rimmptsk / rimmptsk][Running/Auto Start]
  <system32\DRIVERS\rimmptsk.sys><REDC>
[rimsptsk / rimsptsk][Running/Auto Start]
  <system32\DRIVERS\rimsptsk.sys><REDC>
[Ricoh xD-Picture Card Driver / rismxdp][Running/Auto Start]
  <system32\DRIVERS\rixdptsk.sys><REDC>
[RsFwDrv / RsFwDrv][Stopped/System Start]
  <\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys><N/A>
[SiSRaid2 / SiSRaid2][Stopped/Disabled]
  <\SystemRoot\system32\drivers\sisraid2.sys><Silicon Integrated Systems Corp.>
[SiSRaid4 / SiSRaid4][Stopped/Disabled]
  <\SystemRoot\system32\drivers\sisraid4.sys><Silicon Integrated Systems>
[Symc8xx / Symc8xx][Stopped/Disabled]
  <\SystemRoot\system32\drivers\symc8xx.sys><LSI Logic>
[Sym_hi / Sym_hi][Stopped/Disabled]
  <\SystemRoot\system32\drivers\sym_hi.sys><LSI Logic>
[Sym_u3 / Sym_u3][Stopped/Disabled]
  <\SystemRoot\system32\drivers\sym_u3.sys><LSI Logic>
[Synaptics TouchPad Driver / SynTP][Running/Manual Start]
  <system32\DRIVERS\SynTP.sys><Synaptics, Inc.>
[Jiangmin AntiVirus Software - System Guard / SysGuard][Running/Boot Start]
  <\SystemRoot\system32\Drivers\SysGuard.sys><Jiangmin Co., Ltd.>
[Conexant Setup API / UIUSys][Stopped/Disabled]
  <system32\DRIVERS\UIUSYS.SYS><N/A>
[uliahci / uliahci][Stopped/Disabled]
  <\SystemRoot\system32\drivers\uliahci.sys><ULi Electronics Inc.>
[UlSata / UlSata][Stopped/Disabled]
  <\SystemRoot\system32\drivers\ulsata.sys><Promise Technology, Inc.>
[ulsata2 / ulsata2][Stopped/Disabled]
  <\SystemRoot\system32\drivers\ulsata2.sys><Promise Technology, Inc.>
[viaide / viaide][Stopped/Disabled]
  <\SystemRoot\system32\drivers\viaide.sys><VIA Technologies, Inc.>
[vsmraid / vsmraid][Stopped/Disabled]
  <\SystemRoot\system32\drivers\vsmraid.sys><VIA Technologies Inc.,Ltd>
[winachsf / winachsf][Running/Manual Start]
  <system32\DRIVERS\HSX_CNXT.sys><Conexant Systems, Inc.>
[XAudio / XAudio][Running/Auto Start]
  <system32\DRIVERS\xaudio.sys><Conexant Systems, Inc.>
[ArKdv / ArKdv][Running/Disabled]
  <\??\C:\Windows\system32\drivers\ArKdv.SYS><N/A>

==================================
浏览器加载项
[Java Plug-in 1.6.0_03]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, N/A>
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[信息检索(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[江民杀毒工具栏]
  {B5A34A93-D538-43A7-8371-864CB6148D12} <C:\Program Files\JiangMin\AntiVirus\KVshell.dll, Jiangmin Co.Ltd>
[EditCtrl Class]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\Windows\system32\aliedit\aliedit.dll, >
[Java Plug-in 1.6.0_03]
  {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, N/A>
[Java Plug-in 1.6.0]
  {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, N/A>
[Java Plug-in 1.6.0_03]
  {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, N/A>
[Microsoft Outlook 8.0 Object Library]
  {0006F033-0000-0000-C000-000000000046} <, N/A>
[Microsoft Office Outlook]
  {0006F03A-0000-0000-C000-000000000046} <, N/A>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[Adobe PDF Reader Link Helper]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[InformationCardSigninHelper Class]
  {19916E01-B44E-4E31-94A4-4696DF46157B} <C:\Windows\system32\icardie.dll, Microsoft Corporation>
[iTrusPTA Class]
  {1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\Windows\system32\aliedit\pta.dll, >
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\Windows\System32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <C:\Windows\system32\mshtml.dll, Microsoft Corporation>
[XML DOM Document]
  {2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\System32\msxml3.dll, N/A>
[RealPlayer RAM Download Handler]
  {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\Windows\system32\rmoc3260.dll, RealNetworks, Inc.>
[HtmlDlgSafeHelper Class]
  {3050F819-98B5-11CF-BB82-00AA00BDCE0B} <C:\Windows\system32\mshtmled.dll, Microsoft Corporation>
[IETag Factory]
  {38481807-CA0E-42D2-BF39-B33AF135CC4D} <C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL, Microsoft Corporation>
[QuickTime Object]
  {4063BE15-3B08-470D-A0D5-B37161CFFD69} <C:\Program Files\QuickTime\QTPlugin.ocx, Apple Inc.>
[XML Document]
  {48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\System32\msxml3.dll, N/A>
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <C:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll, Thunder Networking Technologies,LTD>
[EditCtrl Class]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\Windows\system32\aliedit\aliedit.dll, >
[PowerPlayer Control]
  {5EC7C511-CD0F-42E6-830C-1BD9882F3458} <C:\PROGRA~1\PPStream\POWERP~1.DLL, PPStream Inc.>
[XMP Class]
  {6483F145-A768-4C41-AACC-52D4D7845851} <C:\ProgramData\Thunder Network\KanKan\xplayer.dll_1_work, >
[XDRM]
  {693571CB-54A3-4E90-9D52-EEAE1334E2D3} <C:\ProgramData\Thunder Network\KanKan\xdrm.dll_1_work, >
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <%SystemRoot%\system32\wmp.dll, N/A>
[AxInputControl Class]
  {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\Windows\system32\INPUTC~1.DLL, >
[SSVHelper Class]
  {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, N/A>
[MediaComm Class]
  {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <C:\Program Files\Thunder Network\Thunder\Components\InMedia\MediaAddin14.dll, Thunder Networking Technologies,LTD>
[BrowseHelper Class]
  {80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9} <C:\Program Files\JiangMin\AntiVirus\KVshell.dll, Jiangmin Co.Ltd>
[Microsoft Web Browser]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\Windows\system32\ieframe.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[XML DOM Document 4.0]
  {88D969C0-F192-11D4-A65F-0040963251E5} <c:\Windows\system32\msxml4.dll, Microsoft Corporation>
[Free Threaded XML DOM Document 4.0]
  {88D969C1-F192-11D4-A65F-0040963251E5} <c:\Windows\system32\msxml4.dll, Microsoft Corporation>
[XSL Template 4.0]
  {88D969C3-F192-11D4-A65F-0040963251E5} <c:\Windows\system32\msxml4.dll, Microsoft Corporation>
[XML HTTP 4.0]
  {88D969C5-F192-11D4-A65F-0040963251E5} <c:\Windows\system32\msxml4.dll, Microsoft Corporation>
[XML DOM 文档 5.0]
  {88D969E5-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL, Microsoft Corporation>
[Free Threaded XML DOM Document 5.0]
  {88D969E6-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL, Microsoft Corporation>
[XSL Template 5.0]
  {88D969E8-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL, Microsoft Corporation>
[XML HTTP 5.0]
  {88D969EA-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL, Microsoft Corporation>
[XML DOM Document 6.0]
  {88D96A05-F192-11D4-A65F-0040963251E5} <%SystemRoot%\System32\msxml6.dll, N/A>
[AxSubmitControl Class]
  {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\Windows\system32\SUBMIT~1.DLL, >
[RMGetLicense Class]
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\Windows\System32\msnetobj.dll, Microsoft Corporation>
[Thunder DapCtrl]
  {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <C:\Program Files\Thunder Network\Thunder\Components\DownAndPlay\DapCtrl1.2.11.14.276.dll, ShenZhen Thunder Networking Technologies Ltd.>
[江民杀毒工具栏]
  {B5A34A93-D538-43A7-8371-864CB6148D12} <C:\Program Files\JiangMin\AntiVirus\KVshell.dll, Jiangmin Co.Ltd>
[]
  {B69003B3-C55E-4B48-836C-BC5946FC3B28} <C:\Program Files\MSN Messenger\msgsc.8.1.0178.00.dll, Microsoft Corporation>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <%CommonProgramFiles%\System\msadc\msadco.dll, N/A>
[QQPlayerSvr Proxy Control]
  {CD108273-D434-43E6-AA90-1469F97EB398} <C:\Program Files\Tencent\QQ\QzoneMusic.dll, 腾讯科技>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <%SystemRoot%\system32\wmp.dll, N/A>
[VIDEO__X_MS_ASF Moniker Class]
  {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <%SystemRoot%\system32\wmp.dll, N/A>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <%SystemRoot%\system32\wmp.dll, N/A>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\Windows\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\Windows\system32\Macromed\Flash\Flash9e.ocx, Adobe Systems, Inc.>
[Microsoft Agent Control 2.0]
  {D45FD31B-5C6E-11D1-9EC1-00C04FD7081F} <%SystemRoot%\MSAgent\agentctl.dll, N/A>
[QuickTimeCheck Class]
  {DE4AF3B0-F4D4-11D3-B41A-0050DA2E6C21} <C:\Program Files\QuickTime\QTSystem\QuickTimeCheck.ocx, Apple Inc.>
[]
  {E1771B7F-98BE-407F-BA67-AA16ADA5D0C5} <C:\PROGRA~1\MSNMES~1\MSGSC8~1.DLL, Microsoft Corporation>
[RevealTrans]
  {E31E87C4-86EA-4940-9B8A-5BD5D179A737} <C:\Windows\system32\Dxtmsft.dll, Microsoft Corporation>
[TimwpDll.TimwpCheck]
  {ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4} <C:\PROGRA~1\Tencent\QQ\Timwp.dll, TENCENT>
[XML HTTP Request]
  {ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\System32\msxml3.dll, N/A>
[Thunder DapPlayer]
  {EEDD6FF9-13DE-496B-9A1C-D78B3215E266} <C:\Program Files\Thunder Network\Thunder\Components\DownAndPlay\DapPlayer3.0.40.64.275.dll, ShenZhen Thunder Networking Technologies Ltd.>
[XPPlayer Class]
  {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\ProgramData\Thunder Network\KanKan\pplayer.dll_1_work, Thunder>
[XML DOM Document 3.0]
  {F5078F32-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\System32\msxml3.dll, N/A>
[XML HTTP 3.0]
  {F5078F35-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\System32\msxml3.dll, N/A>
[XML DOM Document]
  {F6D90F11-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, N/A>
[XML HTTP]
  {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, N/A>
[RegisterHelper Class]
  {FF354A24-B490-4D4F-8EEC-B3ACD6E681A4} <C:\Program Files\JiangMin\AntiVirus\UrlGuard.dll, Jiangmin Co., Ltd.>
[使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\Program\getallurl.htm, N/A>
[导出到 Microsoft Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>

==================================
正在运行的进程
[PID: 456 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 612 / SYSTEM][C:\Windows\system32\csrss.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 664 / SYSTEM][C:\Windows\system32\csrss.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 672 / SYSTEM][C:\Windows\system32\wininit.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 708 / SYSTEM][C:\Windows\system32\winlogon.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 756 / SYSTEM][C:\Windows\system32\services.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 768 / SYSTEM][C:\Windows\system32\lsass.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 776 / SYSTEM][C:\Windows\system32\lsm.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 936 / SYSTEM][C:\Windows\system32\svchost.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 992 / NETWORK SERVICE][C:\Windows\system32\svchost.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1024 / SYSTEM][C:\Windows\System32\svchost.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
    [C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{914D3B47-1F73-4747-890A-7E0F67CD453C}\mpengine.dll]  [Microsoft Corporation, 1.1.3520.0]
[PID: 1112 / LOCAL SERVICE][C:\Windows\System32\svchost.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 1140 / SYSTEM][C:\Windows\System32\svchost.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 1160 / SYSTEM][C:\Windows\system32\svchost.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 1304 / NETWORK SERVICE][C:\Windows\system32\SLsvc.exe]  [Microsoft Corporation, 6.0.6000.16509 (vista_gdr.070620-1500)]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 1344 / LOCAL SERVICE][C:\Windows\system32\svchost.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 1644 / NETWORK SERVICE][C:\Windows\system32\svchost.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 1848 / SYSTEM][C:\Windows\System32\spoolsv.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
    [C:\Windows\System32\mdimon.dll]  [Microsoft Corporation, 11.3.1897.0]
    [C:\Windows\system32\spool\PRTPROCS\W32X86\mdippr.dll]  [Microsoft Corporation, 11.3.1897.0]
[PID: 1876 / LOCAL SERVICE][C:\Windows\system32\svchost.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 564 / user][C:\Windows\system32\Dwm.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 576 / user][C:\Windows\system32\taskeng.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
    [C:\Windows\system32\nvapi.dll]  [NVIDIA Corporation, 7.15.11.6743]
[PID: 428 / user][C:\Windows\Explorer.EXE]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll]  [Microsoft Corporation, 5.2.6000.16386 (vista_rtm.061101-2205)]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
    [C:\Program Files\JiangMin\AntiVirus\KsPec.dll]  [Jiangmin Co., Ltd., 1, 0, 8, 317]
    [C:\Program Files\JiangMin\common\KvTrust.dll]  [Jiangmin Co., Ltd., 10, 0, 8, 326]
    [C:\Program Files\JiangMin\common\KvTools.dll]  [Jiangmin Co., Ltd., 2, 0, 7, 1224]
    [C:\Windows\system32\HiveBase.dll]  [Jiangmin Co., Ltd., 1, 0, 7, 717]
    [C:\Windows\system32\kvinstall.dll]  [Jiangmin Co.,Ltd, 2, 0, 7, 831]
    [C:\Program Files\JiangMin\common\KvTrustInit.dll]  [Jiangmin Co., Ltd., 11, 0, 8, 327]
    [C:\Program Files\JiangMin\AntiVirus\KVshell.dll]  [Jiangmin Co.Ltd, 2, 0, 7, 1018]
    [C:\Program Files\JiangMin\AntiVirus\lang\kvxp0804.lng]  [N/A, ]
    [C:\Program Files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll]  [Nokia, 6, 81, 46, 1]
    [C:\Program Files\Nokia\Nokia PC Suite 6\PCSCM.dll]  [Nokia, 6, 81, 68, 0]
    [C:\Windows\system32\ConnAPI.DLL]  [Nokia., 6, 81, 62, 0]
    [C:\Windows\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_chi-sc.nlr]  [Nokia, 6, 81, 29, 0]
    [C:\Program Files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr]  [Nokia, 6, 81, 11, 0]
    [C:\Windows\system32\nvcpl.dll]  [NVIDIA Corporation, 7.15.11.6743]
    [C:\Windows\system32\nvapi.dll]  [NVIDIA Corporation, 7.15.11.6743]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\Program Files\JiangMin\common\GUIEXT.DLL]  [Jiangmin Co.Ltd, 2, 0, 7, 828]
    [C:\Program Files\JiangMin\common\lang\guiext0804.lng]  [JiangMin Ltd., 7, 1, 0, 200]
[PID: 804 / SYSTEM][C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe]  [Apple, Inc., 1, 14, 0, 0]
[PID: 1264 / SYSTEM][C:\Program Files\Common Files\LightScribe\LSSrvc.exe]  [Hewlett-Packard Company, 1.4.136.1]
    [C:\Program Files\Common Files\LightScribe\LSSProxy.dll]  [Hewlett-Packard Company, 1.4.136.1]
    [C:\Program Files\Common Files\LightScribe\LSLog.dll]  [Hewlett-Packard Company, 1.4.136.1]
    [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_none_10b2f55f9bffb8f8\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_none_10b2f55f9bffb8f8\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 328 / SYSTEM][C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe]  [Symantec Corporation, 1.2.0.18]
    [C:\Windows\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
    [C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll]  [Symantec Corporation, 1.2.0.18]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\PIF\{B8E1D~1\PollMgr.dll]  [Symantec Corporation, 1.2.0.18]
[PID: 2056 / NETWORK SERVICE][C:\Windows\system32\svchost.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 2108 / LOCAL SERVICE][C:\Windows\system32\svchost.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 2136 / SYSTEM][C:\Windows\System32\svchost.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 2156 / SYSTEM][C:\Windows\system32\SearchIndexer.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 2272 / SYSTEM][C:\Windows\system32\DRIVERS\xaudio.exe]  [Conexant Systems, Inc., 1.00.12.00]
[PID: 2300 / SYSTEM][C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe]  [Symantec Corporation, 3.2.0.68]
    [C:\Program Files\Symantec\LiveUpdate\MSVCP71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [C:\Program Files\Symantec\LiveUpdate\MSVCR71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 2404 / SYSTEM][C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe]  [Hewlett-Packard Development Company, L.P., 2, 0, 1, 9]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 2632 / SYSTEM][C:\Windows\system32\taskeng.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 3008 / user][C:\Program Files\Synaptics\SynTP\SynTPEnh.exe]  [Synaptics, Inc., 10.0.13.2 14Sep07]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
    [C:\Windows\system32\SynCOM.dll]  [Synaptics, Inc., 10.0.13.2 14Sep07]
    [C:\Windows\system32\SynTPAPI.dll]  [Synaptics, Inc., 10.0.13.2 14Sep07]
[PID: 3016 / user][C:\Program Files\HP\QuickPlay\QPService.exe]  [CyberLink Corp., 4.5.0.0000]
    [C:\Program Files\HP\QuickPlay\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\HP\QuickPlay\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\HP\QuickPlay\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
    [C:\Program Files\HP\QuickPlay\helper.dll]  [CyberLink Corp., 3.00.4021 ]
    [C:\Program Files\HP\QuickPlay\Kernel\common\CLRCEngine3.dll]  [CyberLink Corp., 4, 5, 0, 2212]
    [C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL]  [Microsoft Corporation, 11.0.5510]
[PID: 3048 / user][C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe]  [Symantec Corporation, 1.2.0.18]
    [C:\Windows\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
    [C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll]  [Symantec Corporation, 1.2.0.18]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\PIF\{B8E1D~1\AlertUi.dll]  [Symantec Corporation, 1.2.0.18]
[PID: 3056 / user][C:\Program Files\HP\HP Software Update\hpwuSchd2.exe]  [Hewlett-Packard, 80, 1, 0, 0]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 3072 / user][C:\Program Files\Synaptics\SynTP\SynTPStart.exe]  [Synaptics, Inc., 10.0.13.2 14Sep07]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 3212 / user][C:\Windows\System32\rundll32.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
    [C:\Windows\system32\NvMcTray.dll]  [NVIDIA Corporation, 7.15.11.6743]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
    [C:\Windows\System32\nvapi.dll]  [NVIDIA Corporation, 7.15.11.6743]
[PID: 3336 / user][C:\Windows\system32\wbem\unsecapp.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 3364 / SYSTEM][C:\Windows\system32\wbem\wmiprvse.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 3668 / user][C:\Windows\System32\rundll32.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
    [C:\Windows\System32\NVSVC.DLL]  [NVIDIA Corporation, 7.15.11.6743]
    [C:\Windows\System32\nvapi.dll]  [NVIDIA Corporation, 7.15.11.6743]
[PID: 2808 / SYSTEM][C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe]  [Hewlett-Packard, 2.0.9.1]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
    [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_none_10b2f55f9bffb8f8\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7fe79782947b85d961fd55cb5e02a129\mscorlib.ni.dll]  [Microsoft Corporation, 2.0.50727.312 (rtmLHS.050727-3100)]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
    [C:\Windows\assembly\NativeImages_v2.0.50727_32\System\fcc712bc5da45a672e7f1ad176dbd5a5\System.ni.dll]  [Microsoft Corporation, 2.0.50727.312 (rtmLHS.050727-3100)]
    [C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\61b951bd03727a096c1c02cb18d5ce30\System.ServiceProcess.ni.dll]  [Microsoft Corporation, 2.0.50727.312 (rtmLHS.050727-3100)]
    [C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\8fbca0140921ed343cb511595869a0ed\System.Runtime.Remoting.ni.dll]  [Microsoft Corporation, 2.0.50727.312 (rtmLHS.050727-3100)]
    [C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll]  [HP, 2.0.0.2]
    [C:\Windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_zh-CHS_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll]  [Microsoft Corporation, 2.0.50727.312 (rtmLHS.050727-3100)]
    [C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\c11c5eb32a435c14a33e62b1e150e988\System.Web.ni.dll]  [Microsoft Corporation, 2.0.50727.833 (QFE.050727-8300)]
[PID: 3804 / user][C:\Users\user\Documents\CPA注册会计师考试\经济法\08郭守节\2008cpa_jjf_08_b_k.exe]  [N/A, ]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\comctl32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
    [C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL]  [Microsoft Corporation, 11.0.5510]
    [C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll]  [Microsoft Corporation, 5.2.6000.16386 (vista_rtm.061101-2205)]
    [C:\Windows\system32\Macromed\Flash\Flash9e.ocx]  [Adobe Systems, Inc., 9,0,115,0]
    [C:\Windows\system32\nvd3dum.dll]  [NVIDIA Corporation, 7.15.11.6743]
[PID: 3808 / user][c:\china-drm\exprundlls.exe]  [N/A, ]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\comctl32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 2576 / user][C:\Windows\system32\mfpmp.exe]  [Microsoft Corporation, 11.0.6000.6324 (vista_rtm.061101-2205)]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
    [C:\Windows\system32\nvd3dum.dll]  [NVIDIA Corporation, 7.15.11.6743]
[PID: 1864 / user][C:\Program Files\Internet Explorer\ieuser.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 512 / user][C:\Program Files\arswp\ArSwp.exe]  [ArSwp.com, 2, 7, 0, 415]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
    [C:\Program Files\arswp\plugin\ArFix.dll]  [ArSwp.Com, 2, 5, 0, 0]
    [C:\Program Files\JiangMin\AntiVirus\UrlGuard.dll]  [Jiangmin Co., Ltd., 1, 0, 8, 204]
    [C:\Windows\system32\HiveBase.dll]  [Jiangmin Co., Ltd., 1, 0, 7, 717]
    [C:\Program Files\JiangMin\Kernel\EngFace.dll]  [Jiangmin Co., Ltd., 2, 0, 8, 514]
    [C:\Windows\system32\kvinstall.dll]  [Jiangmin Co.,Ltd, 2, 0, 7, 831]
    [C:\Program Files\JiangMin\AntiVirus\KVAddrDb.dll]  [Jiangmin Co., Ltd., 11, 0, 7, 1015]
    [C:\Program Files\JiangMin\AntiVirus\GuardPS.dll]  [Jiangmin Co., Ltd., 2, 0, 7, 822]
    [C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL]  [Microsoft Corporation, 11.0.5510]
[PID: 4052 / user][C:\Users\user\AppData\Local\Temp\Rar$EX00.614\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\COMCTL32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
    [C:\Users\user\AppData\Local\Temp\Rar$EX00.614\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
[PID: 2376 / user][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 7.00.6000.16386 (vista_rtm.061101-2205)]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
    [C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll]  [Microsoft Corporation, 5.2.6000.16386 (vista_rtm.061101-2205)]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
    [C:\Program Files\JiangMin\AntiVirus\UrlGuard.dll]  [Jiangmin Co., Ltd., 1, 0, 8, 204]
    [C:\Windows\system32\HiveBase.dll]  [Jiangmin Co., Ltd., 1, 0, 7, 717]
    [C:\Program Files\JiangMin\Kernel\EngFace.dll]  [Jiangmin Co., Ltd., 2, 0, 8, 514]
    [C:\Windows\system32\kvinstall.dll]  [Jiangmin Co.,Ltd, 2, 0, 7, 831]
    [C:\Program Files\JiangMin\AntiVirus\KVAddrDb.dll]  [Jiangmin Co., Ltd., 11, 0, 7, 1015]
    [C:\Windows\system32\Macromed\Flash\Flash9e.ocx]  [Adobe Systems, Inc., 9,0,115,0]
    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll]  [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
    [C:\Windows\system32\nvd3dum.dll]  [NVIDIA Corporation, 7.15.11.6743]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["%SystemRoot%\hh.exe" %1]
.HLP  OK. [%SystemRoot%\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. ["%SystemRoot%\System32\WScript.exe" "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
N/A

==================================
进程特权扫描
N/A

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]