[CODE]

2008-10-23,17:15:14

System Repair Engineer 2.7.0.1210
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描
    计划任务
    API HOOK
    隐藏进程


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Corporation Limited]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <WebCheck><%SystemRoot%\system32\webcheck.dll>  [(Verified)Microsoft Windows Publisher]
    <SysTray><C:\WINDOWS\system32\stobject.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    <WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    <WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    <WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    <WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    <WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    <WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    <WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    <WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    <WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
    <浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    <Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe>  [(Verified)Microsoft Windows Publisher]

==================================
启动文件夹
[2SMZK7YE]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\2SMZK7YE.lnk --> C:\WINDOWS\0XSMNT~1.EXE []><H>
[Adobe Gamma Loader]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Gamma Loader.lnk --> C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [Adobe Systems, Inc.]><N>
[OON332E8L]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\OON332E8L.lnk --> C:\WINDOWS\7R31X0~1.EXE []><H>
[KPM62E0ID082]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\KPM62E0ID082.lnk --> C:\WINDOWS\DNNG3PF2.exe []><H>
[BPXY6]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\BPXY6.lnk --> C:\WINDOWS\EJC76R~1.EXE []><H>
[QJJHZ]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\QJJHZ.lnk --> C:\WINDOWS\9AGLZ.exe []><H>
[AKCK4FID]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\AKCK4FID.lnk --> C:\WINDOWS\RE41AMJ.exe []><H>
[QEOO5Y]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\QEOO5Y.lnk --> C:\WINDOWS\L1URE1~1.EXE []><H>
[1NYF2]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\1NYF2.lnk --> C:\WINDOWS\R6Y0RN3.exe []><H>
[QF8L5GDD9BWY]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\QF8L5GDD9BWY.lnk --> C:\WINDOWS\HXXMH8.exe []><H>
[DAGVV]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\DAGVV.lnk --> C:\WINDOWS\BUXR8I.exe []><H>
[W0Z7E]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\W0Z7E.lnk --> C:\WINDOWS\85824F.exe []><H>
[18FPRWMDNZVK]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\18FPRWMDNZVK.lnk --> C:\WINDOWS\GU2E5R~1.EXE []><H>
[GT7UWKPFI55Q]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\GT7UWKPFI55Q.lnk --> C:\WINDOWS\NJW7KAX.exe []><H>
[925HO7GJ6]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\925HO7GJ6.lnk --> C:\WINDOWS\4HRXBV~1.EXE []><H>
[I2G6KZEY]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\I2G6KZEY.lnk --> C:\WINDOWS\UH9GK0.exe []><H>
[SPXYRPUCZ]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\SPXYRPUCZ.lnk --> C:\WINDOWS\2DRQYYU.exe []><H>
[O1O9CN2F7G]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\O1O9CN2F7G.lnk --> C:\WINDOWS\KZLWII.exe []><H>
[K60TS96HX]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\K60TS96HX.lnk --> C:\WINDOWS\W5LBO6.exe []><H>
[3B2HDDH5RC]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\3B2HDDH5RC.lnk --> C:\WINDOWS\XX0DV6~1.EXE []><H>
[24BFDUK5]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\24BFDUK5.lnk --> C:\WINDOWS\03UQU5~1.EXE []><H>
[CVVBJ]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\CVVBJ.lnk --> C:\WINDOWS\4MVZ0X~1.EXE []><H>
[U8RJZFKD]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\U8RJZFKD.lnk --> C:\WINDOWS\SQ79FU~1.EXE []><H>
[9CA0ZOGR]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\9CA0ZOGR.lnk --> C:\WINDOWS\ZGCLJQR.exe []><H>
[UAA7ADG7]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\UAA7ADG7.lnk --> C:\WINDOWS\KDEMRA.exe []><H>
[OUE2DHXT9KNS]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\OUE2DHXT9KNS.lnk --> C:\WINDOWS\Q7P2TE~1.EXE []><H>
[CXDDW]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\CXDDW.lnk --> C:\WINDOWS\ULM9ZR~1.EXE []><H>
[M2RV613]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\M2RV613.lnk --> C:\WINDOWS\NVBQXY~1.EXE []><H>
[FAODAI]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\FAODAI.lnk --> C:\WINDOWS\H87V2.exe []><H>
[IRQB3S]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\IRQB3S.lnk --> C:\WINDOWS\IOGGHM~1.EXE []><H>
[J5LT53]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\J5LT53.lnk --> C:\WINDOWS\3YPPFT~1.EXE []><H>
[MEZ7D]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\MEZ7D.lnk -->  [File is missing]><N>
[4MYIXZ3MN6]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\4MYIXZ3MN6.lnk -->  [File is missing]><N>
[QP5RWS3CH]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\QP5RWS3CH.lnk -->  [File is missing]><N>
[LJ892LRWX4DQ]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\LJ892LRWX4DQ.lnk --> C:\WINDOWS\82J61C~1.EXE []><H>
[AZKEGM1PYX]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\AZKEGM1PYX.lnk --> C:\WINDOWS\W75DHP~1.EXE []><H>
[1NBP8S15VI]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\1NBP8S15VI.lnk --> C:\WINDOWS\6DSU5Y~1.EXE []><H>
[33K72VE]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\33K72VE.lnk --> C:\WINDOWS\VHN8MU~1.EXE []><H>
[KOO4IQ96WF9]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\KOO4IQ96WF9.lnk --> C:\WINDOWS\0OHC14.exe []><H>
[73MMDQ]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\73MMDQ.lnk --> C:\WINDOWS\10JNOB~1.EXE []><H>
[3CAD30EZQQ5P]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\3CAD30EZQQ5P.lnk --> C:\WINDOWS\REQSK.exe []><H>
[XL9LGRAY]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\XL9LGRAY.lnk --> C:\WINDOWS\JLJDO.exe []><H>
[SICLN]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\SICLN.lnk --> C:\WINDOWS\7IGO497.exe []><H>
[J5YTZ2I]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\J5YTZ2I.lnk --> C:\WINDOWS\M0KXXB~1.EXE []><H>
[NXQTWK]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\NXQTWK.lnk --> C:\WINDOWS\WQ3X4Y~1.EXE []><H>
[15BRHL]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\15BRHL.lnk --> C:\WINDOWS\TY0Z7ERA.exe []><H>
[X9GHSLB]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\X9GHSLB.lnk --> C:\WINDOWS\WSVYF3~1.EXE []><H>
[WLV2W2J0TFA]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\WLV2W2J0TFA.lnk --> C:\WINDOWS\YA38MF8Z.exe []><H>
[UACNCZMFCJ]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\UACNCZMFCJ.lnk --> C:\WINDOWS\55IEGO.exe []><H>
[5DOJ5CG]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\5DOJ5CG.lnk --> C:\WINDOWS\A1L9M.exe []><H>
[CNBR9PT6NE]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\CNBR9PT6NE.lnk --> C:\WINDOWS\B2001A~1.EXE []><H>
[D3LV7GAE4]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\D3LV7GAE4.lnk --> C:\WINDOWS\F8GD2WG.exe []><H>
[JMIFS4BTE8V]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\JMIFS4BTE8V.lnk --> C:\WINDOWS\2YOVI9~1.EXE []><H>
[YWWX2XTF9Z]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\YWWX2XTF9Z.lnk --> C:\WINDOWS\GRXLOF~1.EXE []><H>
[18I80B70]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\18I80B70.lnk --> C:\WINDOWS\VDSRAA.exe []><H>
[RUSWKJ9IT]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\RUSWKJ9IT.lnk --> C:\WINDOWS\UTXYAP~1.EXE []><H>
[LJ54E2TYNO51]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\LJ54E2TYNO51.lnk --> C:\WINDOWS\3H6HWL~1.EXE []><H>
[F0U19N329O]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\F0U19N329O.lnk --> C:\WINDOWS\PBUVK4~1.EXE []><H>
[CVG9NL]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\CVG9NL.lnk --> C:\WINDOWS\OSCPK0.exe []><H>
[FJYB54LA3]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\FJYB54LA3.lnk --> C:\WINDOWS\4V2F6.exe []><H>
[XI4GY2E]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\XI4GY2E.lnk --> C:\WINDOWS\X54KLWY.exe []><H>
[TFU5MTK1T29]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\TFU5MTK1T29.lnk --> C:\WINDOWS\EY17UK1.exe []><H>
[HJPGZV4]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\HJPGZV4.lnk --> C:\WINDOWS\QBT9RM~1.EXE []><H>
[3I7MXYJV2ZRJ]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\3I7MXYJV2ZRJ.lnk --> C:\WINDOWS\VIMFK1~1.EXE []><H>
[ON7TXSRP2J]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\ON7TXSRP2J.lnk --> C:\WINDOWS\N9ZYUHIQ.exe []><H>
[1IPJ28ZV]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\1IPJ28ZV.lnk --> C:\WINDOWS\AWWEH2~1.EXE []><H>
[LYERKA3XQ1]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\LYERKA3XQ1.lnk --> C:\WINDOWS\811RHL~1.EXE []><H>
[2KPSLCF]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\2KPSLCF.lnk --> C:\WINDOWS\UZYBQW.exe []><H>
[9IJ811SP825]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\9IJ811SP825.lnk --> C:\WINDOWS\Q45CI4~1.EXE []><H>
[OAIRH9CF1DA]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\OAIRH9CF1DA.lnk --> C:\WINDOWS\2ZXMV3~1.EXE []><H>
[Y1EEQ3H]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Y1EEQ3H.lnk --> C:\WINDOWS\DT26VHB.exe []><H>
[DZ6GZ2SC3]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\DZ6GZ2SC3.lnk --> C:\WINDOWS\6HY91F~1.EXE []><H>
[JY0WLT]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\JY0WLT.lnk --> C:\WINDOWS\KIHRR.exe []><H>
[YN04DNID]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\YN04DNID.lnk --> C:\WINDOWS\4Q5RGCSO.exe []><H>
[QERABUN3]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\QERABUN3.lnk --> C:\WINDOWS\ZJG75P.exe []><H>
[868E98]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\868E98.lnk --> C:\WINDOWS\L6PN1B~1.EXE []><H>
[BAF6B1]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\BAF6B1.lnk --> C:\WINDOWS\BLYIEB~1.EXE []><H>
[R2VG1]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\R2VG1.lnk --> C:\WINDOWS\X2UBCE~1.EXE []><H>
[TZSNUD6]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\TZSNUD6.lnk --> C:\WINDOWS\IZXAM6OE.exe []><H>
[24K18F]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\24K18F.lnk --> C:\WINDOWS\FAEYFL~1.EXE []><H>
[7QXMV27L9NP4]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\7QXMV27L9NP4.lnk --> C:\WINDOWS\39NMTO~1.EXE []><H>
[MCDSU2XPL0]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\MCDSU2XPL0.lnk --> C:\WINDOWS\WCCPV.exe []><H>
[O983Z0G]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\O983Z0G.lnk --> C:\WINDOWS\TOQV6B~1.EXE []><H>
[9OT6J1HHX]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\9OT6J1HHX.lnk --> C:\WINDOWS\WLOFTCX.exe []><H>
[MZ5BDIGXV5U]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\MZ5BDIGXV5U.lnk --> C:\WINDOWS\0C4UA4~1.EXE []><H>
[ZG5KYJU]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\ZG5KYJU.lnk --> C:\WINDOWS\JTYJF4~1.EXE []><H>
[DDHJ1ORSZ]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\DDHJ1ORSZ.lnk --> C:\WINDOWS\5JZ7P5~1.EXE []><H>
[72RNQ2NV6]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\72RNQ2NV6.lnk --> C:\WINDOWS\C3E1V3IV.exe []><H>
[4TU86]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\4TU86.lnk --> C:\WINDOWS\32G23N2.exe []><H>
[XM6C9]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\XM6C9.lnk --> C:\WINDOWS\AF2T8D~1.EXE []><H>
[MC1ESKXRH]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\MC1ESKXRH.lnk --> C:\WINDOWS\KB8ILG~1.EXE []><H>
[Q2NH12EOXC]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Q2NH12EOXC.lnk --> C:\WINDOWS\HPBRR5~1.EXE []><H>
[LU6ZLHB]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\LU6ZLHB.lnk --> C:\WINDOWS\DMW6H.exe []><H>
[GLBKLGE2EW]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\GLBKLGE2EW.lnk --> C:\WINDOWS\XK1UU1~1.EXE []><H>
[17YAEOCRU2KP]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\17YAEOCRU2KP.lnk --> C:\WINDOWS\YVMPND.exe []><H>
[X4UST]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\X4UST.lnk --> C:\WINDOWS\JLIQ8Y~1.EXE []><H>
[JMQ1B6]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\JMQ1B6.lnk --> C:\WINDOWS\OSB3J8~1.EXE []><H>
[Q6JCE8591]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Q6JCE8591.lnk --> C:\WINDOWS\ISPCYXQ.exe []><H>
[2M1PBXGCV5]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\2M1PBXGCV5.lnk --> C:\WINDOWS\79DZ97~1.EXE []><H>
[R7EJ3J178MB]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\R7EJ3J178MB.lnk --> C:\WINDOWS\7CR825~1.EXE []><H>
[XB82U7E]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\XB82U7E.lnk --> C:\WINDOWS\92QR586.exe []><H>
[RDZ2LGCW8214]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\RDZ2LGCW8214.lnk --> C:\WINDOWS\0OGP00~1.EXE []><H>
[4M3N9RRDMEO]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\4M3N9RRDMEO.lnk --> C:\WINDOWS\EAYGYCD.exe []><H>
[7YPPBVFWX2V]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\7YPPBVFWX2V.lnk --> C:\WINDOWS\H48G5RX9.exe []><H>
[7YPPBVFWX2V]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\7YPPBVFWX2V.BAT -->  [File is missing]><N>
[VXJTT]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\VXJTT.lnk --> C:\WINDOWS\CQDFOH~1.EXE []><H>
[V6D5BYHVGCA]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\V6D5BYHVGCA.lnk --> C:\WINDOWS\SW3K6Z~1.EXE []><H>

==================================
服务
[HN0SXZ22V / 03UQU56V9I8X][Running/Auto Start]
  <C:\WINDOWS\03UQU56V9I8X.exe UT95HQARV><>
[AIYBV / 048GNUGI][Running/Auto Start]
  <C:\WINDOWS\system32\NDV4D.exe 75WZ6VV3><>
[ZHX59 / 0C4UA4Z45A][Running/Auto Start]
  <C:\WINDOWS\0C4UA4Z45A.exe HBIZO><>
[FEDPVMPECS / 0CAWJU4EUBGH][Running/Auto Start]
  <C:\WINDOWS\system32\3F139W2D1R6.exe UG0V5NXTL><>
[5ENBJ / 0OGP00ZHFCRB][Running/Auto Start]
  <C:\WINDOWS\0OGP00ZHFCRB.exe TYRNFV><>
[VG9O6VIFL / 0OHC14][Running/Auto Start]
  <C:\WINDOWS\0OHC14.exe RJMKCDPI><>
[30XFEX1G / 0XSMNTLIPG][Running/Auto Start]
  <C:\WINDOWS\0XSMNTLIPG.exe 1O0HR><>
[CTQ80D9 / 10JNOBKN73O][Running/Auto Start]
  <C:\WINDOWS\10JNOBKN73O.exe 64KOUW24538><>
[CV30V8A18LK / 1DQ9HP][Running/Auto Start]
  <C:\WINDOWS\1DQ9HP.exe VDFME><>
[IRBQ05KHH37 / 1NMA57EP][Running/Auto Start]
  <C:\WINDOWS\system32\HG31KWCT2T.exe EW8KERC><>
[6GCF8509 / 23L688NSQP][Running/Auto Start]
  <C:\WINDOWS\system32\MR5XZ9MGB8K.exe FR5TK><>
[MLFBY / 28RGX6ZWY][Running/Auto Start]
  <C:\WINDOWS\system32\6VOR8U.exe FERYLJHYV><>
[6LFEEJ2UFNFU / 2DRQYYU][Running/Auto Start]
  <C:\WINDOWS\2DRQYYU.exe RGDKDUEO5><>
[XP75UI1KK / 2E39H4CQIK][Running/Auto Start]
  <C:\WINDOWS\system32\R0NQ43UUKFIP.exe 5FUQ95X0D4><>
[4MJZGE / 2YOVI9WF4VTT][Running/Auto Start]
  <C:\WINDOWS\2YOVI9WF4VTT.exe O724J><>
[HNCW4QIX / 2ZXMV31SG][Running/Auto Start]
  <C:\WINDOWS\2ZXMV31SG.exe MO1HGPFR><>
[TAXR2P07MI / 32G23N2][Running/Auto Start]
  <C:\WINDOWS\32G23N2.exe B46VL9AFMSC><>
[A67OUUKCV9R / 39NMTORARPN][Running/Auto Start]
  <C:\WINDOWS\39NMTORARPN.exe 7UUHM0C><>
[NGD5AFS460T / 3H6HWLVY4][Running/Auto Start]
  <C:\WINDOWS\3H6HWLVY4.exe J1S16B0><>
[VIAC0IICGYN / 3Q8P5B9PX][Running/Auto Start]
  <C:\WINDOWS\system32\O3HOB6.exe DW96OWXE27A><>
[2YKYIJPC / 3YPPFT456T7O][Running/Auto Start]
  <C:\WINDOWS\3YPPFT456T7O.exe VDOWQ><>
[IKAPEH1LH / 44URXNFADIC][Running/Auto Start]
  <C:\WINDOWS\system32\C4WU13RJF09T.exe T6LRX30HKCY><>
[M6U4Y2SMPKIQ / 4HRXBVJT3][Running/Auto Start]
  <C:\WINDOWS\4HRXBVJT3.exe 86GO62R8Y><>
[7O6PA3OS0 / 4MVZ0X557][Running/Auto Start]
  <C:\WINDOWS\4MVZ0X557.exe BY7SAO5UM><>
[R2EF7K / 4Q5RGCSO][Running/Auto Start]
  <C:\WINDOWS\4Q5RGCSO.exe A6L862OSR8><>
[34JJGBW5FATQ / 4S7C1BF][Running/Auto Start]
  <C:\WINDOWS\4S7C1BF.exe G61QVRJIV><>
[FS9ZSDF / 4V2F6][Running/Auto Start]
  <C:\WINDOWS\4V2F6.exe 7AE6PQFF3P><>
[F76AQ / 4Y2NV45ZJQM][Running/Auto Start]
  <C:\WINDOWS\system32\9N77F.exe V98ERDXF65FT><>
[R8JZ5E23LT5 / 55IEGO][Running/Auto Start]
  <C:\WINDOWS\55IEGO.exe RFWYQ626U><>
[E4QPEQU3XZGB / 5JZ7P5730B4W][Running/Auto Start]
  <C:\WINDOWS\5JZ7P5730B4W.exe YZCWBAVS><>
[LAIPSI / 5PHMR5B][Running/Auto Start]
  <C:\WINDOWS\system32\5HZV70FOK3.exe OQM2Q9V5HK6I><>
[B7A8URJHNQ3J / 5U17V][Running/Auto Start]
  <C:\WINDOWS\system32\SHOJYIJ4I.exe 8AVSTG2U><>
[TVJMCEV / 6AVRM][Running/Auto Start]
  <C:\WINDOWS\6AVRM.exe 5MNL3LE0797><>
[O7TAN / 6DSU5YINJ215][Running/Auto Start]
  <C:\WINDOWS\6DSU5YINJ215.exe IJI9BSIH3TIT><>
[6XD6K1P6Q26 / 6GNJG][Running/Auto Start]
  <C:\WINDOWS\system32\FFIYJCA9AV5.exe 16VLHL><>
[2TWNP3FYIE / 6HY91FUMNP6J][Running/Auto Start]
  <C:\WINDOWS\6HY91FUMNP6J.exe HGUFTM><>
[B7PGBTY5IEPW / 71A1OMFCCSQZ][Running/Auto Start]
  <C:\WINDOWS\system32\A3NRA.exe BR571YV4><>
[6GQZS / 79DZ972O8][Running/Auto Start]
  <C:\WINDOWS\79DZ972O8.exe QI64DQ1><>
[GJT0U / 7C6SJ1JR11W][Running/Auto Start]
  <C:\WINDOWS\system32\07MTK9LCE4.exe 1GOLNBDQXDQ9><>
[V0TT2IIDX9 / 7CR825949N][Running/Auto Start]
  <C:\WINDOWS\7CR825949N.exe 8OPHDQC><>
[Q0IF6ZC6ZQBI / 7IGO497][Running/Auto Start]
  <C:\WINDOWS\7IGO497.exe ZV1S5APEHSFY><>
[AV67XUC6DW / 7R31X0OGKEE][Running/Auto Start]
  <C:\WINDOWS\7R31X0OGKEE.exe H4MC0D47I><>
[0PZIVV81Z3IB / 7UABW][Running/Auto Start]
  <C:\WINDOWS\system32\SS84S7J.exe KLNOHCN9Q7><>
[WNIGQ / 7VQ16Y4G][Running/Auto Start]
  <C:\WINDOWS\system32\7AXNOGK5.exe DIR8SBYZO0><>
[CWBB8H / 807YOKW][Running/Auto Start]
  <C:\WINDOWS\system32\XUOAX4T.exe 1JG25M14XLVH><>
[WERTPZAYQFKO / 811RHLPIE][Running/Auto Start]
  <C:\WINDOWS\811RHLPIE.exe 3QK81I6D7F5><>
[GBTFQN4MTSS / 82DXT][Running/Auto Start]
  <C:\WINDOWS\system32\G6GK6S281UY.exe MVT55><>
[TVO9ZE8HYST / 82J61C740BU][Running/Auto Start]
  <C:\WINDOWS\82J61C740BU.exe TRK2FOZGD><>
[W1FQUH85DOT / 85824F][Running/Auto Start]
  <C:\WINDOWS\85824F.exe Y4FLDDL><>
[2H4HWNAVVOAC / 92QR586][Running/Auto Start]
  <C:\WINDOWS\92QR586.exe VS6AIJ7ZO><>
[KWUVE / 93FKF7DB][Running/Auto Start]
  <C:\WINDOWS\system32\CEXX8AZKRB.exe H10ETAT><>
[DVBCQ77UF / 9AGLZ][Running/Auto Start]
  <C:\WINDOWS\9AGLZ.exe 7I004XVHG29><>
[1450YCB81Q0 / 9PB56][Running/Auto Start]
  <C:\WINDOWS\system32\6C5J3QS.exe MVD1V><>
[HT4WV / 9PWVUWPEV][Running/Auto Start]
  <C:\WINDOWS\system32\W8VSJB4.exe O24HC5NSJ><>
[72CZ7ZX7 / 9XDC15QSUVR][Running/Auto Start]
  <C:\WINDOWS\9XDC15QSUVR.exe X3BMS><>
[1YQHVHFT6 / A1L9M][Running/Auto Start]
  <C:\WINDOWS\A1L9M.exe RY0J01VBY5H><>
[E9T56F / A7WE6G][Running/Auto Start]
  <C:\WINDOWS\A7WE6G.exe HJ1GP><>
[MJCUGYE / A8BHRVJAZUPX][Running/Auto Start]
  <C:\WINDOWS\system32\N5TDE5.exe 198ATP7SMIJ><>
[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[0TD9JE / AF2T8DFWE8WG][Running/Auto Start]
  <C:\WINDOWS\AF2T8DFWE8WG.exe 4NHAN2VJX0><>
[U54CAD9AN / APZ4HO][Running/Auto Start]
  <C:\WINDOWS\system32\TTHVQ9Z.exe ZZ09KS><>
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
  <C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[ZQDJBG393W6 / AWWEH2VLY8][Running/Auto Start]
  <C:\WINDOWS\AWWEH2VLY8.exe MH17HQXZJ><>
[AVMZB7ZYJ36 / B2001AP76][Running/Auto Start]
  <C:\WINDOWS\B2001AP76.exe JMLEFN1HNT><>
[GY1K5OOTW70J / B234WHWTG6R][Running/Auto Start]
  <C:\WINDOWS\system32\T59YO7.exe IGJFTM5AOVNU><>
[NYISWJD5 / BLYIEBPF20][Running/Auto Start]
  <C:\WINDOWS\BLYIEBPF20.exe XTOZVJ><>
[416ZKOT2Q47Q / BOBRVHS7HX2Q][Running/Auto Start]
  <C:\WINDOWS\system32\JHKSZM.exe S6UYXS><>
[RRQJT7E / BUXR8I][Running/Auto Start]
  <C:\WINDOWS\BUXR8I.exe HTXRQO9P><>
[C-DillaCdaC11BA / C-DillaCdaC11BA][Running/Auto Start]
  <C:\WINDOWS\system32\drivers\CDAC11BA.EXE><Macrovision>
[ZSR60LTPLC / C3E1V3IV][Running/Auto Start]
  <C:\WINDOWS\C3E1V3IV.exe JHEADCOQFVQ><>
[C4HLPTV24MF / C3FJR3B46G][Running/Auto Start]
  <C:\WINDOWS\C3FJR3B46G.exe H59NBOE8Q><>
[3CVOLFQI3TWB / CNKS6TK0RU5][Running/Auto Start]
  <C:\WINDOWS\CNKS6TK0RU5.exe LXQ4BC7><>
[Z54N23U4GIF7 / CPEK3BIE][Running/Auto Start]
  <C:\WINDOWS\system32\ZE2R4DO6L.exe 3DAMDYN><>
[G85M48D / CQDFOH7WJ][Running/Auto Start]
  <C:\WINDOWS\CQDFOH7WJ.exe 0IFX1><>
[TEXI7 / DHPRG5R][Running/Auto Start]
  <C:\WINDOWS\system32\LEWPIGHW.exe RT94HMHPCCOF><>
[XERXMLVR / DK7O6][Running/Auto Start]
  <C:\WINDOWS\system32\LD3XYJM.exe B8ZR8EH1UJ><>
[3NU8VMQ09FG4 / DMW6H][Running/Auto Start]
  <C:\WINDOWS\DMW6H.exe BKOZE0WF3OR><>
[XE7I4 / DNNG3PF2][Running/Auto Start]
  <C:\WINDOWS\DNNG3PF2.exe KZTSQ6ODP99><>
[7KWITIO / DT26VHB][Running/Auto Start]
  <C:\WINDOWS\DT26VHB.exe C73PYG5><>
[OGT6CQYR7 / E3C7R][Running/Auto Start]
  <C:\WINDOWS\system32\MRWWP.exe D6OYSY9><>
[KOLYI / EAYGYCD][Running/Auto Start]
  <C:\WINDOWS\EAYGYCD.exe 7E4OKAQ1LJAE><>
[C8HR55MD / EFA30Q][Running/Auto Start]
  <C:\WINDOWS\system32\S3F6023SRZO.exe C1G4HZN><>
[N3VAPOZR7AI7 / EIN8ZYD4AR][Running/Auto Start]
  <C:\WINDOWS\system32\BSFQYAOEOI.exe X3G8DUEJK><>
[D4RQH / EJC76RCECSYI][Running/Auto Start]
  <C:\WINDOWS\EJC76RCECSYI.exe EWO85><>
[HUQ6PHM85XIV / EQREQWMX][Running/Auto Start]
  <C:\WINDOWS\EQREQWMX.exe SRQNM6FZGCX><>
[VXOKR8NV / EY17UK1][Running/Auto Start]
  <C:\WINDOWS\EY17UK1.exe LEZOFX2O08><>
[2TM0ZQJHKQZS / F3V7UI][Running/Auto Start]
  <C:\WINDOWS\system32\P40VRUAH.exe P0ULJP84><>
[XGR23423C / F8GD2WG][Running/Auto Start]
  <C:\WINDOWS\F8GD2WG.exe 9VAWULHGEKN><>
[DZSR5TG81Q / F9KDITE9O][Running/Auto Start]
  <C:\WINDOWS\system32\CEEHY1QYNU.exe VA006CWSF><>
[5T1RBJD / FAEYFLDNA0MC][Running/Auto Start]
  <C:\WINDOWS\FAEYFLDNA0MC.exe 52O1S6R><>
[742MG1 / FF4RYL3][Running/Auto Start]
  <C:\WINDOWS\system32\71Z1D36JDM.exe 2M2EBJ><>
[3WEE0H / G085Q8ODK5L][Running/Auto Start]
  <C:\WINDOWS\system32\NC91SLCMVZC.exe 2KXAYIXUQL0><>
[V8KI7 / G15E46Q8PJ8B][Running/Auto Start]
  <C:\WINDOWS\system32\DF3H9.exe 3VJ9FIUM5ZEZ><>
[CKPD9GH3 / G8IF8YYK][Running/Auto Start]
  <C:\WINDOWS\system32\RD3ESIQ3CWK9.exe IEVVU0MTV><>
[BOI229UXLKAL / GGEKVHPI][Running/Auto Start]
  <C:\WINDOWS\system32\WO0DUC3QY.exe TKH7KO1R9GHC><>
[XEOMKIYE8 / GRXLOFGLW2U6][Running/Auto Start]
  <C:\WINDOWS\GRXLOFGLW2U6.exe 6GLX8UGYVF7V><>
[HJGXC / GU2E5RRBX][Running/Auto Start]
  <C:\WINDOWS\GU2E5RRBX.exe J5FSIZXH><>
[ZFPWF7 / H87V2][Running/Auto Start]
  <C:\WINDOWS\H87V2.exe HH4DKPM3><>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[CN1NLM / HPBRR5BIAR][Running/Auto Start]
  <C:\WINDOWS\HPBRR5BIAR.exe TLTPY><>
[P69L4JG82Q / HSPED1G][Running/Auto Start]
  <C:\WINDOWS\system32\B0K3S.exe KMDXRE0G><>
[HTTP - adsl / HTTP - adsl][Stopped/Auto Start]
  <C:\WINDOWS\system32\svchosr.exe><N/A>
[WWBQ9R / HXXMH8][Running/Auto Start]
  <C:\WINDOWS\HXXMH8.exe OFGTFK2B><>
[9MRRK / I29CH5GI7][Running/Auto Start]
  <C:\WINDOWS\system32\U5KG7ITLFTOT.exe 8RZ9R><>
[1SFHBM / IGV5EX][Running/Auto Start]
  <C:\WINDOWS\system32\K8T3QDKIK1PP.exe 851NI><>
[5539QE / IL75XLP6BUDW][Running/Auto Start]
  <C:\WINDOWS\system32\WP3Z2.exe PGLVMS0><>
[LPKA2WYLI / IOGGHMTF6][Running/Auto Start]
  <C:\WINDOWS\IOGGHMTF6.exe ZVDXUXGVP2N><>
[H36N8CQQ8 / ISPCYXQ][Running/Auto Start]
  <C:\WINDOWS\ISPCYXQ.exe YYNVCT4><>
[UEHV4PH / ITAFIP][Running/Auto Start]
  <C:\WINDOWS\system32\CIOZMLO.exe NEPSDQLBM><>
[A7U9MZB / IZXAM6OE][Running/Auto Start]
  <C:\WINDOWS\IZXAM6OE.exe GJ6EEML><>
[COKCUHJ27FE / JDJ2U02PV][Running/Auto Start]
  <C:\WINDOWS\JDJ2U02PV.exe D2S4H><>
[JIP2FU9C0T6 / JFA5238XNP][Running/Auto Start]
  <C:\WINDOWS\system32\27C51SRELL.exe JPZ2P1I1HVTN><>
[FPLJ5L6JS9V / JJMJCDWD2][Running/Auto Start]
  <C:\WINDOWS\system32\DPYVJC30TAVJ.exe KWNQWBG3DB><>
[GZ0CN / JLIQ8YFQFO2][Running/Auto Start]
  <C:\WINDOWS\JLIQ8YFQFO2.exe 36EDW><>
[9JCUJ / JLJDO][Running/Auto Start]
  <C:\WINDOWS\JLJDO.exe TRLG5HAXJC><>
[CUXCFU / JQ6KM][Running/Auto Start]
  <C:\WINDOWS\system32\09G0965CYCF.exe EDC6Y><>
[VALSJ6W / JTYJF4VZ4J][Running/Auto Start]
  <C:\WINDOWS\JTYJF4VZ4J.exe LUT6NWU><>
[GDEFN / K3NX9CW][Running/Auto Start]
  <C:\WINDOWS\system32\GTJKZ.exe 6JF1E74M><>
[XGPQMRVH / KB8ILGTEPM5][Running/Auto Start]
  <C:\WINDOWS\KB8ILGTEPM5.exe 9O5AMDZL><>
[PLEYV5E / KCRNGQJR0N][Running/Auto Start]
  <C:\WINDOWS\system32\LTS7WK5D.exe 1X4I6XLUKL><>
[FIC54Z1T / KDEMRA][Running/Auto Start]
  <C:\WINDOWS\KDEMRA.exe 349ROX><>
[M7MH7K69U0 / KIHRR][Running/Auto Start]
  <C:\WINDOWS\KIHRR.exe L1YOSJF><>
[W1QSZLTR7JIF / KOTQJ7E][Running/Auto Start]
  <C:\WINDOWS\KOTQJ7E.exe S69Q8ISK48E8><>
[IDWMMZPJE00 / KWU3W][Running/Auto Start]
  <C:\WINDOWS\system32\9TYLI.exe NQRV1XGEO><>
[K4I5W5DTT / KZLWII][Running/Auto Start]
  <C:\WINDOWS\KZLWII.exe J8JN5R><>
[LIN1V3Z8LIUG / L1URE1USLG9][Running/Auto Start]
  <C:\WINDOWS\L1URE1USLG9.exe UBV7F><>
[QKXH7TL / L6PN1BVHIO][Running/Auto Start]
  <C:\WINDOWS\L6PN1BVHIO.exe X3O35X9><>
[XDG7G3O / LIQ5U][Running/Auto Start]
  <C:\WINDOWS\system32\JQJG8IVL.exe YKL0E><>
[MDN26 / LWRRTY][Running/Auto Start]
  <C:\WINDOWS\LWRRTY.exe 8WWAD1W><>
[QII0X5OL43L / M0KXXBW4E][Running/Auto Start]
  <C:\WINDOWS\M0KXXBW4E.exe 6R372WLOB><>
[Macromedia Licensing Service / Macromedia Licensing Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe"><>
[XZRCX / MOWG98G30ES][Running/Auto Start]
  <C:\WINDOWS\MOWG98G30ES.exe MA2Q8141><>
[JZ3AIX5OH / MYQFFVM3ZNDL][Running/Auto Start]
  <C:\WINDOWS\MYQFFVM3ZNDL.exe 6RYLUJ5X9Z><>
[9QSUB75GE36 / N11RB2FF][Running/Auto Start]
  <C:\WINDOWS\system32\4YIORAGJI4.exe JM63PGZ1><>
[I0ZJY0VV / N42Y6][Running/Auto Start]
  <C:\WINDOWS\N42Y6.exe IR0ZQS><>
[GJWYVA / N6BXLRZ58M][Running/Auto Start]
  <C:\WINDOWS\system32\8RYKAF25.exe 5J4FRJCX><>
[ETS420 / N9ZYUHIQ][Running/Auto Start]
  <C:\WINDOWS\N9ZYUHIQ.exe XWE1SH><>
[7VGXWQY4 / NCCDS7EEDG85][Running/Auto Start]
  <C:\WINDOWS\system32\WJ8SC2ENK31U.exe WC1URO><>
[95MKJIETU9 / NJW7KAX][Running/Auto Start]
  <C:\WINDOWS\NJW7KAX.exe NZDOCBFP9><>
[ZA9N6RCC / NVBQXYZI1AX][Running/Auto Start]
  <C:\WINDOWS\NVBQXYZI1AX.exe M8LZWSBO><>
[H2RDJR2X1 / NVKK7JDWMV1V][Running/Auto Start]
  <C:\WINDOWS\system32\93549B8C1.exe RYVP79JLQK><>
[DQM7XY5I1I / NW6YR4][Running/Auto Start]
  <C:\WINDOWS\system32\KN0JXCVCI60R.exe P3LDEUSP><>
[AUR92S1NJ8M / OEIV4OKF][Running/Auto Start]
  <C:\WINDOWS\system32\9NCLTM3JAA3.exe LAB3PYK65TA><>
[9X2GPCQN7YIP / OJB9STZPZZ9][Running/Auto Start]
  <C:\WINDOWS\OJB9STZPZZ9.exe PL4FPF><>
[TVK35J16 / OJC0CKI][Running/Auto Start]
  <C:\WINDOWS\OJC0CKI.exe X1SRQS><>
[931GWV7 / OSB3J8LTB7MR][Running/Auto Start]
  <C:\WINDOWS\OSB3J8LTB7MR.exe O0Z80UIYT><>
[BZ0DO / OSCPK0][Running/Auto Start]
  <C:\WINDOWS\OSCPK0.exe 06CP5OI2S><>
[3DQ3S / OYBENVGA3][Running/Auto Start]
  <C:\WINDOWS\system32\K8WFBPNISC4.exe 3E2EY9LB><>
[QIV8SW3FW1JP / OZUSVAVUTS][Running/Auto Start]
  <C:\WINDOWS\system32\H8DQAZ80OK7.exe WRJZ3S><>
[WF1EKZG9 / PBUVK4EUZ8V][Running/Auto Start]
  <C:\WINDOWS\PBUVK4EUZ8V.exe HOA8PGS><>
[88J43S4ANY9 / PVM3YAIAF][Running/Auto Start]
  <C:\WINDOWS\PVM3YAIAF.exe CR8O8L><>
[47DTXS / PZ7VK][Running/Auto Start]
  <C:\WINDOWS\system32\6TWLL1.exe F4IRU><>
[M1OV4 / Q45CI49WV8LX][Running/Auto Start]
  <C:\WINDOWS\Q45CI49WV8LX.exe 704EEK0TWFC4><>
[F33ONW41 / Q7P2TEXNM40B][Running/Auto Start]
  <C:\WINDOWS\Q7P2TEXNM40B.exe HXN2PAYQTZ><>
[G0ULJFCVZBDV / Q7UDYVSQ][Running/Auto Start]
  <C:\WINDOWS\Q7UDYVSQ.exe TUSBL><>
[4I16TFE / Q8UW9DA6][Running/Auto Start]
  <C:\WINDOWS\system32\P2QMBZATPJ.exe 5RHP0YLCDNHE><>
[UFMNOQF / QBT9RMTAJ][Running/Auto Start]
  <C:\WINDOWS\QBT9RMTAJ.exe BO9HNMWHRZ><>
[SSXE0 / QDA22PPYBY2M][Running/Auto Start]
  <C:\WINDOWS\system32\TTTSMTN3E1V4.exe 03YUG8Q6Y><>
[9JP6W / QF77NM13N][Running/Auto Start]
  <C:\WINDOWS\system32\OGRD8ABM.exe OP5SMOZWIN><>
[G56RTPGB834 / QFGKETTV6VB2][Running/Auto Start]
  <C:\WINDOWS\system32\9VXO2.exe T86CI><>
[M8A5ME / QQ8BO][Running/Auto Start]
  <C:\WINDOWS\system32\40TZ7MX3JLKV.exe QLLY6OQEO3><>
[ITRIKMPOYRNU / QVJ77Z28][Running/Auto Start]
  <C:\WINDOWS\QVJ77Z28.exe 6JZTFA><>
[7CFU7P1ASY / R5UUOG][Running/Auto Start]
  <C:\WINDOWS\system32\X3H0E.exe MW14P><>
[10R4H53EUY2 / R6Y0RN3][Running/Auto Start]
  <C:\WINDOWS\R6Y0RN3.exe LHSTSQ><>
[YUZFY9V / RAOQQAK][Running/Auto Start]
  <C:\WINDOWS\system32\JDJ60BMJ.exe 0AKSSOUS1Y><>
[IHL7B5E0V2F / RE41AMJ][Running/Auto Start]
  <C:\WINDOWS\RE41AMJ.exe V1P739FALUV><>
[MQRTSUWRSHM / REQSK][Running/Auto Start]
  <C:\WINDOWS\REQSK.exe 3EFZZ><>
[ZH9E964O8 / RJQZ0F][Running/Auto Start]
  <C:\WINDOWS\system32\7MNPIO1RF.exe X5NGAJ4><>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Information Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
  <"C:\PROGRAM FILES\RISING\RAV\Ravmond.exe"><Beijing Rising Information Technology Co., Ltd.>
[P51WXQVUU / SO48346P][Running/Auto Start]
  <C:\WINDOWS\SO48346P.exe OEYWTQL><>
[WASH070JZMM / SQ79FUHZ6][Running/Auto Start]
  <C:\WINDOWS\SQ79FUHZ6.exe 6XXTC0DC><>
[361PUZJLP / TA40VYJOGKY][Running/Auto Start]
  <C:\WINDOWS\system32\D5B5KI4NOOM.exe 4E893S5XDB6R><>
[5Y2XFD16WUXF / TGRP1NKJEE][Running/Auto Start]
  <C:\WINDOWS\system32\HIBF22DFYW.exe 546YIVA><>
[H7WUDJEWXWF6 / TOQV6BSVH8][Running/Auto Start]
  <C:\WINDOWS\TOQV6BSVH8.exe GQC0GSZ9><>
[5FJZTYQ0QFRN / TY0Z7ERA][Running/Auto Start]
  <C:\WINDOWS\TY0Z7ERA.exe Y9DYNCT96L9><>
[RF00R2RI6UPU / UH9GK0][Running/Auto Start]
  <C:\WINDOWS\UH9GK0.exe DGL5K6AVJ8><>
[FVWANZSF9JT / ULM9ZR9N9][Running/Auto Start]
  <C:\WINDOWS\ULM9ZR9N9.exe OT53P8TEEC><>
[TS12OGK17 / ULV3WS0O50][Running/Auto Start]
  <C:\WINDOWS\system32\TIE88ET5APF.exe JROUBJIMK1><>
[VT1M0 / UMF7CQQDV6O][Running/Auto Start]
  <C:\WINDOWS\system32\V98HSRD.exe K2SSX><>
[W11Z6WRZ5P2 / UTXYAPO7Y0EW][Running/Auto Start]
  <C:\WINDOWS\UTXYAPO7Y0EW.exe 8GLM9TS6WADY><>
[H6W0J495NDOV / UZYBQW][Running/Auto Start]
  <C:\WINDOWS\UZYBQW.exe D7AZWB4U><>
[ECLG0T8QFRHM / V201ZZQV29N][Running/Auto Start]
  <C:\WINDOWS\system32\N1KU2LYICQTV.exe P6IW17BERO><>
[VN5VYXIH99 / V2WVL][Running/Auto Start]
  <C:\WINDOWS\system32\OGSQCNL1EGW3.exe BV82NJARL3UU><>
[PKJDO1L8UFK1 / V8ENDKSG0][Running/Auto Start]
  <C:\WINDOWS\system32\S4TFCBNO.exe VDUTZENC3Z><>
[BDV94K / VDSRAA][Running/Auto Start]
  <C:\WINDOWS\VDSRAA.exe A5J5VCA><>
[T6A811 / VHN8MUHQT69J][Running/Auto Start]
  <C:\WINDOWS\VHN8MUHQT69J.exe RAPO7UNTF><>
[OI3MWO / VIMFK1TWEJ][Running/Auto Start]
  <C:\WINDOWS\VIMFK1TWEJ.exe MGYMM><>
[LCFJVAR / W5LBO6][Running/Auto Start]
  <C:\WINDOWS\W5LBO6.exe T68VFDX><>
[16HYQPCF / W75DHP5AH][Running/Auto Start]
  <C:\WINDOWS\W75DHP5AH.exe OFMFWL><>
[OQ169X02BH5 / WCCPV][Running/Auto Start]
  <C:\WINDOWS\WCCPV.exe ZXXO6><>
[1PC47COAW / WLOFTCX][Running/Auto Start]
  <C:\WINDOWS\WLOFTCX.exe B6WYGMZ3A7LM><>
[ACFKZP8KNR9 / WMB80CGV50][Running/Auto Start]
  <C:\WINDOWS\system32\NIHJK6R893L0.exe 16TSNC7><>
[FJ9FXFRI / WQ3X4Y7CDU5O][Running/Auto Start]
  <C:\WINDOWS\WQ3X4Y7CDU5O.exe J2HYAASN4><>
[UZEV1T / WSVYF3D60KQ][Running/Auto Start]
  <C:\WINDOWS\WSVYF3D60KQ.exe KCW6OW0E7><>
[JFEPJRY6W63X / WXPEF3K7C36][Running/Auto Start]
  <C:\WINDOWS\system32\QHC1QHS0AUS.exe P0KJ3><>
[C7850F67 / X2UBCE9PB][Running/Auto Start]
  <C:\WINDOWS\X2UBCE9PB.exe 62XL91><>
[TW7OSJSI / X54KLWY][Running/Auto Start]
  <C:\WINDOWS\X54KLWY.exe GNTMP><>
[TVXHGUS91FJG / XK1UU18GB][Running/Auto Start]
  <C:\WINDOWS\XK1UU18GB.exe DQ1F43V><>
[E8XSE5NUO6 / XX0DV6O218][Running/Auto Start]
  <C:\WINDOWS\XX0DV6O218.exe INYOVWUC81M><>
[VS959YIHZ8C / YA38MF8Z][Running/Auto Start]
  <C:\WINDOWS\YA38MF8Z.exe CIFPIWVF><>
[A1QFD / YATBFGW3UAG][Running/Auto Start]
  <C:\WINDOWS\system32\TPIY31ECX04.exe JPOSG><>
[TKLVEQ / YMIQPGM8UV5L][Running/Auto Start]
  <C:\WINDOWS\system32\26YCBIV.exe 9DMEBCS63><>
[OWJA1U / YUGF0BJ][Running/Auto Start]
  <C:\WINDOWS\system32\1QPHV4JBF.exe 3DMMCFD6S><>
[ZVF2K9Z1AO / YVMPND][Running/Auto Start]
  <C:\WINDOWS\YVMPND.exe 3SKM2UTLNR6><>
[PXO53 / ZGCLJQR][Running/Auto Start]
  <C:\WINDOWS\ZGCLJQR.exe C0RV9><>
[3IBXF / ZJG75P][Running/Auto Start]
  <C:\WINDOWS\ZJG75P.exe C3KXKRYKHGP><>
[GVMH5QKF / ZM3H54BIWLA][Running/Auto Start]
  <C:\WINDOWS\system32\1C9CMPCSL.exe 8DNZYSS><>
[MKEKNIF / SW3K6Z3WDF][Stopped/Auto Start]
  <C:\WINDOWS\SW3K6Z3WDF.exe WV2I67VK6><>
[X7NHKAJGTUI / Z0U26HFA][Stopped/Auto Start]
  <C:\WINDOWS\system32\IYWFJFHSZ.exe 7NFZPIG><>
[SF6U0ROSPU / F7FOWVTQ1][Stopped/Auto Start]
  <C:\WINDOWS\system32\ZGDQ8M3.exe MOZ5OHFNMU><>
[1RZ71GCEZT5 / YOS1L3BK02][Stopped/Auto Start]
  <C:\WINDOWS\system32\9Z1LDOJ.exe PH0UGD9BGAN><>
[W87VIP9 / 653TX4X1][Stopped/Auto Start]
  <C:\WINDOWS\system32\JCYMHO2UPMTJ.exe 700IHE3T><>
[DAKQ3ND2 / FUXWQ56Y][Stopped/Auto Start]
  <C:\WINDOWS\system32\KJR4QNPX7.exe 60MZVRHWV487><>
[WFIBXCNY / BRASYQR7][Stopped/Auto Start]
  <C:\WINDOWS\system32\WG4DV6UA.exe OK3X0B><>
[XVRAUS8S8YI / HSOSH05K][Stopped/Auto Start]
  <C:\WINDOWS\system32\5IJ54.exe S9WFQ67J7R3U><>
[JZUY3LX / 88OXAQGGL][Stopped/Auto Start]
  <C:\WINDOWS\system32\NDZCN7QE5B.exe E4F6B><>
[ML10U8EA / HCAUQ3C][Stopped/Auto Start]
  <C:\WINDOWS\system32\Y8SQA2ADSKD6.exe 37HPMHO3DZ29><>
[OW861ZK7OXDE / 4NJAC9T6P5Y][Stopped/Auto Start]
  <C:\WINDOWS\system32\N5CAGEV.exe MQK7XW20FE><>
[WN3MDFD1 / TAR3SOCGX][Stopped/Auto Start]
  <C:\WINDOWS\system32\ZEPBA9.exe OVDJ30Q><>
[ANE750K / O6AWRV9CPL9][Stopped/Auto Start]
  <C:\WINDOWS\system32\R3GBNMPMO.exe ODUJN66JA><>
[K0AW9VM04 / DGHOXUHAHK][Stopped/Auto Start]
  <C:\WINDOWS\system32\NC9E6HC12FW.exe 7EWQI><>
[TL1B7794I1AC / YWG74MT605][Stopped/Auto Start]
  <C:\WINDOWS\system32\9U1R2DSY8S.exe 5WVK9OP><>
[2LJRDE0UAS8 / GYZ8Q5I][Stopped/Auto Start]
  <C:\WINDOWS\system32\2ZVC5M711MNF.exe FOYHCK9><>
[M8M3C1VH1A8N / 82Y96NP8Z9][Stopped/Auto Start]
  <C:\WINDOWS\system32\747UH.exe Z8BR8NY><>
[QZS2F99C2 / Z4O1LHKWJ][Stopped/Auto Start]
  <C:\WINDOWS\system32\36EMEOJVIU.exe P17SPZ92A0><>
[NP0VXQJJ0OX / 33G0O33][Stopped/Auto Start]
  <C:\WINDOWS\system32\U7GFBFKKVT.exe SJSU87XT><>
[B8S9GLDNIKZY / 7AG6OIFXPD1][Stopped/Auto Start]
  <C:\WINDOWS\system32\GI5E5T.exe Y3TJ0J><>
[B1O7ST0TR / LXK361MW2Y][Stopped/Auto Start]
  <C:\WINDOWS\system32\2I1TLAAIYVMO.exe OA6OY2WOC8I><>
[NE4KSNWHGEY / WDXPMBC08YX][Stopped/Auto Start]
  <C:\WINDOWS\system32\CH2E01.exe CHQCN57E151><>
[D3RDQ6R / S9YU0][Stopped/Auto Start]
  <C:\WINDOWS\system32\03UMB.exe 7C7W00Q><>
[IRYZZ0U / MZ5VNIO][Stopped/Auto Start]
  <C:\WINDOWS\system32\CBUIU1OYH.exe SUBSAMX8R5><>
[8UV0BCG / CX9B3KV0][Stopped/Auto Start]
  <C:\WINDOWS\system32\FJCZ0J.exe 00F4H39UG0E0><>
[U32DXNHI / 39WSCZ5PMRH][Stopped/Auto Start]
  <C:\WINDOWS\system32\O23YG.exe 5TYTA0FA4TA><>
[V6V8N / MPSYLA0][Stopped/Auto Start]
  <C:\WINDOWS\system32\9ZWWU.exe IJ63FJ6GGIB><>
[EROQY7HTR9SL / GZRELW][Stopped/Auto Start]
  <C:\WINDOWS\system32\92Y8S.exe DJ8LDZ4MJH5M><>
[G19ZQ / QJK5I][Stopped/Auto Start]
  <C:\WINDOWS\system32\1TOPK964.exe 7C0DLD><>
[9D0GTD5 / HHRPX3J2MB0][Stopped/Auto Start]
  <C:\WINDOWS\system32\GHN2J.exe T9P117TO><>
[2ZXCFAAZ6D3 / A6O9X1I9][Stopped/Auto Start]
  <C:\WINDOWS\system32\93K2I36.exe BYZUQFPWN><>
[AB0GHLS683 / 5A74EWZEERC7][Stopped/Auto Start]
  <C:\WINDOWS\system32\RMQ9JYH.exe KLCWGFQ83SJ1><>
[D8GM4O5R1SQ / 8OWVA7][Stopped/Auto Start]
  <C:\WINDOWS\system32\0JUUG27.exe 6O3AKPUDLDUL><>
[L9J1ERAP2Q / 89PRC][Stopped/Auto Start]
  <C:\WINDOWS\system32\N5Q02DZKES.exe 7A31NN><>
[NX1CT2LNP / CNCLG1][Stopped/Auto Start]
  <C:\WINDOWS\system32\J31AJR.exe 9VREOT0MGY><>
[RWPLLE / 4J7TRN5GJ][Stopped/Auto Start]
  <C:\WINDOWS\system32\2HSP73CHS.exe XDAJDQPXKDQI><>
[A73RT / JASN2I17GY][Stopped/Auto Start]
  <C:\WINDOWS\system32\WBJA5.exe UGCIVU><>

==================================
驱动程序
[a347bus / a347bus][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\a347bus.sys><>
[a347scsi / a347scsi][Running/Boot Start]
  <\SystemRoot\System32\Drivers\a347scsi.sys><>
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
  <system32\drivers\ac97intc.sys><Intel Corporation>
[AliIde / AliIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AMD Processor Driver / AmdK8][Running/System Start]
  <System32\DRIVERS\amdk8.sys><Advanced Micro Devices>
[askd / askd][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\askd.ahc><N/A>
[标准 IDE/ESDI 硬盘控制器 / atapi][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\atapi.sys><N/A>
[ati2mtag / ati2mtag][Running/Manual Start]
  <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[CdaC15BA / CdaC15BA][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\CDAC15BA.SYS><Macrovision Europe Ltd>
[CmdIde / CmdIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[Dritek Keyboard Filter Driver / DKbFltr][Running/Manual Start]
  <system32\DRIVERS\DKbFltr.sys><Dritek System Inc.>
[Dritek General Port I/O / DritekPortIO][Running/Auto Start]
  <\??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys><Dritek System Inc.>
[EMSCR / EMSCR][Running/Manual Start]
  <system32\DRIVERS\EMS7SK.sys><ENE Technology Inc.>
[ESDCR / ESDCR][Running/Manual Start]
  <system32\DRIVERS\ESD7SK.sys><ENE Technology Inc.>
[ESMCR / ESMCR][Running/Manual Start]
  <system32\DRIVERS\ESM7SK.sys><ENE Technology Inc.>
[Lavalys EVEREST Kernel Driver / EverestDriver][Stopped/Manual Start]
  <\??\C:\Program Files\装机人员工具\EVEREST Ultimate v3.50 增强版\kerneld.wnt><N/A>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[OLB8621HR / HGILRZPV4GXT][Stopped/Manual Start]
  <\??\C:\WINDOWS\YYEV4H5S.txt><N/A>
[HookCont / HookCont][Running/System Start]
  <\SystemRoot\system32\drivers\HookCont.sys><Beijing Rising Information Technology Co., Ltd.>
[HookNtos / HookNtos][Running/System Start]
  <\SystemRoot\system32\drivers\HookNtos.sys><Beijing Rising Information Technology Co., Ltd.>
[HookReg / HookReg][Running/System Start]
  <\SystemRoot\system32\drivers\HookReg.sys><Beijing Rising Information Technology Co., Ltd.>
[HookSys / HookSys][Running/System Start]
  <\SystemRoot\system32\drivers\HookSys.sys><Beijing Rising Information Technology Co., Ltd.>
[HSFHWAZL / HSFHWAZL][Running/Manual Start]
  <system32\DRIVERS\HSFHWAZL.sys><Conexant Systems, Inc.>
[HSF_DPV / HSF_DPV][Running/Manual Start]
  <system32\DRIVERS\HSF_DPV.sys><Conexant Systems, Inc.>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
  <system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[mdmxsdk / mdmxsdk][Running/Auto Start]
  <system32\DRIVERS\mdmxsdk.sys><Conexant>
[3Com 3CRDAG675B Wireless LAN PCI Adapter Service / net5213][Stopped/Manual Start]
  <system32\DRIVERS\net5213xp.sys><3Com Corporation>
[nv / nv][Stopped/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[OX16C95x Serial port driver / oxser][Stopped/System Start]
  <system32\DRIVERS\oxser.sys><OEM>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Information Technology Co., Ltd.>
[Realtek 10/100/1000 PCI NIC Family NDIS XP Driver / RTL8023xp][Running/Manual Start]
  <system32\DRIVERS\Rtnicxp.sys><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Running/Auto Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[ATI-4379 Serial ATA Controller / SI3112r][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\SI3112r.sys><Silicon Image, Inc.>
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1][Stopped/Manual Start]
  <system32\DRIVERS\SONYPVU1.SYS><Sony Corporation>
[Synaptics TouchPad Driver / SynTP][Running/Manual Start]
  <system32\DRIVERS\SynTP.sys><Synaptics, Inc.>
[winachsf / winachsf][Running/Manual Start]
  <system32\DRIVERS\HSF_CNXT.sys><Conexant Systems, Inc.>

==================================
浏览器加载项
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[浩方电竞平台]
  {0A155D3C-68E2-4215-A47A-E800A446447A} <d:\Program Files\Holdfast\platform 5.0\gameclient.exe, N/A>
[]
  {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <, >
[]
  {0A155D3C-68E2-4215-A47A-E800A446447A} <, >
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, (Signed) Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, (Signed) N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation>
[RealPlayer RAM Download Handler]
  {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, (Signed) RealNetworks, Inc.>
[]
  {3049C3E9-B461-4BC5-8870-4C09146192CA} <, >
[XML Document]
  {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[]
  {507F9113-CD77-4866-BA92-0E86DA3D0B97} <, >
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A>
[]
  {55FE8157-23FA-43C6-91A1-3E4094E9A38D} <, >
[]
  {59BC54A2-56B3-44A0-93E5-432D58746E26} <, >
[]
  {6354ABE6-05F1-49ED-B850-E423120EC338} <, >
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[]
  {77FEF28E-EB96-44FF-B511-3185DEA48697} <, >
[]
  {7CA83CF1-3AEA-42D0-A4E3-1594FC6E48B2} <, >
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, (Signed) Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[]
  {9A568672-D437-469E-86C2-F6E4A1156071} <, >
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A>
[]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <, >
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, (Signed) Microsoft Corporation>
[IE搜索工具条]
  {BE830FD4-E393-417F-9F4B-CC70ABB3384C} <C:\WINDOWS\system32\IETool.dll, N/A>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[]
  {D157330A-9EF3-49F8-9A67-4141AC41ADD4} <, >
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx, (Signed) Adobe Systems, Inc.>
[]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <, >
[]
  {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <, >
[]
  {ECF2E268-F28C-48D2-9AB7-8F69C11CCB71} <, >
[]
  {F08555B0-9CC3-11D2-AA8E-000000000000} <, >
[]
  {FB5F1910-F110-11D2-BB9E-00C04F795683} <, >
[]
  {FD00D911-7529-4084-9946-A29F1BDF4FE5} <, >
[中国搜索(&Z)]
  <C:\WINDOWS\I_SearchIE.htm, N/A>
[使用迅雷下载]
  <C:\Program Files\Thunder\Program\GetUrl.htm, N/A>
[使用迅雷下载全部链接]
  <C:\Program Files\Thunder\Program\GetAllUrl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ表情]
  <, >

==================================
正在运行的进程
[PID: 480 / SYSTEM][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 548 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 576 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Ati2evxx.dll]  [ATI Technologies Inc., 6.14.10.4132]
[PID: 620 / SYSTEM][C:\WINDOWS\system32\services.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 632 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 788 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4132]
    [C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2500]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 800 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 876 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 952 / SYSTEM][C:\Program Files\Rising\Rav\CCenter.exe]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.33]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 968 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1016 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1088 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1140 / SYSTEM][C:\PROGRAM FILES\RISING\RAV\ravmond.exe]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.80]
    [C:\PROGRAM FILES\RISING\RAV\BWList.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.5]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.1]
    [C:\PROGRAM FILES\RISING\RAV\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.19]
    [C:\PROGRAM FILES\RISING\RAV\RsLog.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.36]
    [C:\PROGRAM FILES\RISING\RAV\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [C:\PROGRAM FILES\RISING\RAV\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [C:\PROGRAM FILES\RISING\RAV\MonRule.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.29]
    [C:\PROGRAM FILES\RISING\RAV\Hooksys.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 12]
    [C:\PROGRAM FILES\RISING\RAV\HookReg.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6]
    [C:\PROGRAM FILES\RISING\RAV\HookNtos.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5]
    [C:\PROGRAM FILES\RISING\RAV\rswalmon.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 24]
    [C:\PROGRAM FILES\RISING\RAV\recomp.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 41]
    [C:\PROGRAM FILES\RISING\RAV\refs.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18]
    [C:\PROGRAM FILES\RISING\RAV\ffr.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17]
    [C:\Program Files\Rising\Rav\RsStore.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.9]
    [C:\PROGRAM FILES\RISING\RAV\HookCont.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3]
    [C:\Program Files\Rising\Rav\fakescan.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.14]
    [C:\Program Files\Rising\Rav\Scanner.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.39]
    [C:\PROGRAM FILES\RISING\RAV\viruslib.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27]
    [C:\PROGRAM FILES\RISING\RAV\relibldr.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRAM FILES\RISING\RAV\HookWeb.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.3]
    [C:\PROGRAM FILES\RISING\RAV\nvfile.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7]
    [C:\PROGRAM FILES\RISING\RAV\extfile.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 32]
    [C:\PROGRAM FILES\RISING\RAV\pearc.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 8]
    [C:\PROGRAM FILES\RISING\RAV\scanexec.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 22]
    [C:\PROGRAM FILES\RISING\RAV\unexe.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 6]
    [C:\PROGRAM FILES\RISING\RAV\scanex.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 96]
    [C:\PROGRAM FILES\RISING\RAV\scansct.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11]
    [C:\PROGRAM FILES\RISING\RAV\scanpack.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10]
    [C:\PROGRAM FILES\RISING\RAV\revm.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11]
    [C:\PROGRAM FILES\RISING\RAV\urutils.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7]
    [C:\PROGRAM FILES\RISING\RAV\ur000.dat]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 22]
    [C:\PROGRAM FILES\RISING\RAV\posttrt.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 25]
    [C:\PROGRAM FILES\RISING\RAV\extmail.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10]
[PID: 1356 / SYSTEM][C:\PROGRAM FILES\RISING\RAV\RavStub.exe]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.10]
    [C:\PROGRAM FILES\RISING\RAV\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [C:\PROGRAM FILES\RISING\RAV\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1504 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1564 / Administrator][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4132]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2500]
[PID: 1628 / Administrator][C:\WINDOWS\Explorer.EXE]  [(Verified) Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\browselc.dll]  [Microsoft Corporation, 6.00.2600.0000]
    [C:\Program Files\Thunder\ComDlls\XunLeiBHO_002.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17]
    [C:\Program Files\Common Files\Nero\Lib\NeroDigitalExt.dll]  [Nero AG, 3, 1, 0, 8]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80CHS.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.18]
[PID: 1768 / SYSTEM][C:\WINDOWS\03UQU56V9I8X.exe]  [, 6, 779, 0, 8]
[PID: 1832 / SYSTEM][C:\WINDOWS\system32\NDV4D.exe]  [, 6, 779, 0, 8]
[PID: 1848 / SYSTEM][C:\WINDOWS\0C4UA4Z45A.exe]  [, 6, 779, 0, 8]
[PID: 1860 / SYSTEM][C:\WINDOWS\system32\3F139W2D1R6.exe]  [, 6, 779, 0, 8]
[PID: 1872 / SYSTEM][C:\WINDOWS\0OGP00ZHFCRB.exe]  [, 6, 779, 0, 8]
[PID: 1892 / SYSTEM][C:\WINDOWS\0OHC14.exe]  [, 6, 779, 0, 8]
[PID: 1916 / SYSTEM][C:\WINDOWS\0XSMNTLIPG.exe]  [, 6, 779, 0, 8]
[PID: 1944 / SYSTEM][C:\WINDOWS\10JNOBKN73O.exe]  [, 6, 779, 0, 8]
[PID: 1956 / SYSTEM][C:\WINDOWS\1DQ9HP.exe]  [, 6, 779, 0, 8]
[PID: 1968 / SYSTEM][C:\WINDOWS\system32\HG31KWCT2T.exe]  [, 6, 779, 0, 8]
[PID: 1984 / SYSTEM][C:\WINDOWS\system32\MR5XZ9MGB8K.exe]  [, 6, 779, 0, 8]
[PID: 1992 / Administrator][C:\WINDOWS\system32\ctfmon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2004 / SYSTEM][C:\WINDOWS\system32\6VOR8U.exe]  [, 6, 779, 0, 8]
[PID: 2020 / SYSTEM][C:\WINDOWS\2DRQYYU.exe]  [, 6, 779, 0, 8]
[PID: 192 / SYSTEM][C:\WINDOWS\system32\R0NQ43UUKFIP.exe]  [, 6, 779, 0, 8]
[PID: 344 / Administrator][C:\WINDOWS\system32\conime.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 384 / SYSTEM][C:\WINDOWS\2YOVI9WF4VTT.exe]  [, 6, 779, 0, 8]
[PID: 424 / SYSTEM][C:\WINDOWS\2ZXMV31SG.exe]  [, 6, 779, 0, 8]
[PID: 992 / SYSTEM][C:\WINDOWS\32G23N2.exe]  [, 6, 779, 0, 8]
[PID: 928 / SYSTEM][C:\WINDOWS\39NMTORARPN.exe]  [, 6, 779, 0, 8]
[PID: 1376 / SYSTEM][C:\WINDOWS\3H6HWLVY4.exe]  [, 6, 779, 0, 8]
[PID: 1696 / SYSTEM][C:\WINDOWS\system32\O3HOB6.exe]  [, 6, 779, 0, 8]
[PID: 1812 / SYSTEM][C:\WINDOWS\3YPPFT456T7O.exe]  [, 6, 779, 0, 8]
[PID: 908 / SYSTEM][C:\WINDOWS\system32\C4WU13RJF09T.exe]  [, 6, 779, 0, 8]
[PID: 2076 / SYSTEM][C:\WINDOWS\4HRXBVJT3.exe]  [, 6, 779, 0, 8]
[PID: 2136 / SYSTEM][C:\WINDOWS\4MVZ0X557.exe]  [, 6, 779, 0, 8]
[PID: 2204 / SYSTEM][C:\WINDOWS\4Q5RGCSO.exe]  [, 6, 779, 0, 8]
[PID: 2280 / SYSTEM][C:\WINDOWS\4S7C1BF.exe]  [, 6, 779, 0, 8]
[PID: 2312 / SYSTEM][C:\WINDOWS\4V2F6.exe]  [, 6, 779, 0, 8]
[PID: 2380 / SYSTEM][C:\WINDOWS\system32\9N77F.exe]  [, 6, 779, 0, 8]
[PID: 2400 / SYSTEM][C:\WINDOWS\55IEGO.exe]  [, 6, 779, 0, 8]
[PID: 2412 / SYSTEM][C:\WINDOWS\5JZ7P5730B4W.exe]  [, 6, 779, 0, 8]
[PID: 2424 / SYSTEM][C:\WINDOWS\system32\5HZV70FOK3.exe]  [, 6, 779, 0, 8]
[PID: 2436 / SYSTEM][C:\WINDOWS\system32\SHOJYIJ4I.exe]  [, 6, 779, 0, 8]
[PID: 2448 / SYSTEM][C:\WINDOWS\6AVRM.exe]  [, 6, 779, 0, 8]
[PID: 2460 / SYSTEM][C:\WINDOWS\6DSU5YINJ215.exe]  [, 6, 779, 0, 8]
[PID: 2472 / SYSTEM][C:\WINDOWS\system32\FFIYJCA9AV5.exe]  [, 6, 779, 0, 8]
[PID: 2484 / SYSTEM][C:\WINDOWS\6HY91FUMNP6J.exe]  [, 6, 779, 0, 8]
[PID: 2500 / SYSTEM][C:\WINDOWS\system32\A3NRA.exe]  [, 6, 779, 0, 8]
[PID: 2512 / SYSTEM][C:\WINDOWS\79DZ972O8.exe]  [, 6, 779, 0, 8]
[PID: 2528 / SYSTEM][C:\WINDOWS\system32\07MTK9LCE4.exe]  [, 6, 779, 0, 8]
[PID: 2540 / SYSTEM][C:\WINDOWS\7CR825949N.exe]  [, 6, 779, 0, 8]
[PID: 2552 / SYSTEM][C:\WINDOWS\7IGO497.exe]  [, 6, 779, 0, 8]
[PID: 2564 / SYSTEM][C:\WINDOWS\7R31X0OGKEE.exe]  [, 6, 779, 0, 8]
[PID: 2576 / SYSTEM][C:\WINDOWS\system32\SS84S7J.exe]  [, 6, 779, 0, 8]
[PID: 2588 / SYSTEM][C:\WINDOWS\system32\7AXNOGK5.exe]  [, 6, 779, 0, 8]
[PID: 2600 / SYSTEM][C:\WINDOWS\system32\XUOAX4T.exe]  [, 6, 779, 0, 8]
[PID: 2612 / SYSTEM][C:\WINDOWS\811RHLPIE.exe]  [, 6, 779, 0, 8]
[PID: 2624 / SYSTEM][C:\WINDOWS\system32\G6GK6S281UY.exe]  [, 6, 779, 0, 8]
[PID: 2636 / SYSTEM][C:\WINDOWS\82J61C740BU.exe]  [, 6, 779, 0, 8]
[PID: 2648 / SYSTEM][C:\WINDOWS\85824F.exe]  [, 6, 779, 0, 8]
[PID: 2660 / SYSTEM][C:\WINDOWS\92QR586.exe]  [, 6, 779, 0, 8]
[PID: 2692 / SYSTEM][C:\WINDOWS\system32\CEXX8AZKRB.exe]  [, 6, 779, 0, 8]
[PID: 2704 / SYSTEM][C:\WINDOWS\9AGLZ.exe]  [, 6, 779, 0, 8]
[PID: 2720 / SYSTEM][C:\WINDOWS\system32\6C5J3QS.exe]  [, 6, 779, 0, 8]
[PID: 2732 / SYSTEM][C:\WINDOWS\system32\W8VSJB4.exe]  [, 6, 779, 0, 8]
[PID: 2744 / SYSTEM][C:\WINDOWS\9XDC15QSUVR.exe]  [, 6, 779, 0, 8]
[PID: 2756 / SYSTEM][C:\WINDOWS\A1L9M.exe]  [, 6, 779, 0, 8]
[PID: 2768 / SYSTEM][C:\WINDOWS\A7WE6G.exe]  [, 6, 779, 0, 8]
[PID: 2780 / SYSTEM][C:\WINDOWS\system32\N5TDE5.exe]  [, 6, 779, 0, 8]
[PID: 2792 / SYSTEM][C:\WINDOWS\AF2T8DFWE8WG.exe]  [, 6, 779, 0, 8]
[PID: 2804 / SYSTEM][C:\WINDOWS\system32\TTHVQ9Z.exe]  [, 6, 779, 0, 8]
[PID: 2816 / SYSTEM][C:\WINDOWS\AWWEH2VLY8.exe]  [, 6, 779, 0, 8]
[PID: 2828 / SYSTEM][C:\WINDOWS\B2001AP76.exe]  [, 6, 779, 0, 8]
[PID: 2840 / SYSTEM][C:\WINDOWS\system32\T59YO7.exe]  [, 6, 779, 0, 8]
[PID: 2856 / SYSTEM][C:\WINDOWS\BLYIEBPF20.exe]  [, 6, 779, 0, 8]
[PID: 2868 / SYSTEM][C:\WINDOWS\system32\JHKSZM.exe]  [, 6, 779, 0, 8]
[PID: 2880 / SYSTEM][C:\WINDOWS\BUXR8I.exe]  [, 6, 779, 0, 8]
[PID: 2892 / SYSTEM][C:\WINDOWS\system32\drivers\CDAC11BA.EXE]  [Macrovision, 4.20.030]
[PID: 2920 / SYSTEM][C:\WINDOWS\C3E1V3IV.exe]  [, 6, 779, 0, 8]
[PID: 2932 / SYSTEM][C:\WINDOWS\C3FJR3B46G.exe]  [, 6, 779, 0, 8]
[PID: 2944 / SYSTEM][C:\WINDOWS\CNKS6TK0RU5.exe]  [, 6, 779, 0, 8]
[PID: 2956 / SYSTEM][C:\WINDOWS\system32\ZE2R4DO6L.exe]  [, 6, 779, 0, 8]
[PID: 2968 / SYSTEM][C:\WINDOWS\CQDFOH7WJ.exe]  [, 6, 779, 0, 8]
[PID: 2984 / SYSTEM][C:\WINDOWS\system32\LEWPIGHW.exe]  [, 6, 779, 0, 8]
[PID: 3000 / SYSTEM][C:\WINDOWS\system32\LD3XYJM.exe]  [, 6, 779, 0, 8]
[PID: 3016 / SYSTEM][C:\WINDOWS\DMW6H.exe]  [, 6, 779, 0, 8]
[PID: 3028 / SYSTEM][C:\WINDOWS\DNNG3PF2.exe]  [, 6, 779, 0, 8]
[PID: 3040 / SYSTEM][C:\WINDOWS\DT26VHB.exe]  [, 6, 779, 0, 8]
[PID: 3052 / SYSTEM][C:\WINDOWS\system32\MRWWP.exe]  [, 6, 779, 0, 8]
[PID: 3064 / SYSTEM][C:\WINDOWS\EAYGYCD.exe]  [, 6, 779, 0, 8]
[PID: 3076 / SYSTEM][C:\WINDOWS\system32\S3F6023SRZO.exe]  [, 6, 779, 0, 8]
[PID: 3088 / SYSTEM][C:\WINDOWS\system32\BSFQYAOEOI.exe]  [, 6, 779, 0, 8]
[PID: 3100 / SYSTEM][C:\WINDOWS\EJC76RCECSYI.exe]  [, 6, 779, 0, 8]
[PID: 3112 / SYSTEM][C:\WINDOWS\EQREQWMX.exe]  [, 6, 779, 0, 8]
[PID: 3128 / SYSTEM][C:\WINDOWS\EY17UK1.exe]  [, 6, 779, 0, 8]
[PID: 3140 / SYSTEM][C:\WINDOWS\system32\P40VRUAH.exe]  [, 6, 779, 0, 8]
[PID: 3152 / SYSTEM][C:\WINDOWS\F8GD2WG.exe]  [, 6, 779, 0, 8]
[PID: 3164 / SYSTEM][C:\WINDOWS\system32\CEEHY1QYNU.exe]  [, 6, 779, 0, 8]
[PID: 3176 / SYSTEM][C:\WINDOWS\FAEYFLDNA0MC.exe]  [, 6, 779, 0, 8]
[PID: 3188 / SYSTEM][C:\WINDOWS\system32\71Z1D36JDM.exe]  [, 6, 779, 0, 8]
[PID: 3200 / SYSTEM][C:\WINDOWS\system32\NC91SLCMVZC.exe]  [, 6, 779, 0, 8]
[PID: 3212 / SYSTEM][C:\WINDOWS\system32\DF3H9.exe]  [, 6, 779, 0, 8]
[PID: 3224 / SYSTEM][C:\WINDOWS\system32\RD3ESIQ3CWK9.exe]  [, 6, 779, 0, 8]
[PID: 3236 / SYSTEM][C:\WINDOWS\system32\WO0DUC3QY.exe]  [, 6, 779, 0, 8]
[PID: 3248 / SYSTEM][C:\WINDOWS\GRXLOFGLW2U6.exe]  [, 6, 779, 0, 8]
[PID: 3260 / SYSTEM][C:\WINDOWS\GU2E5RRBX.exe]  [, 6, 779, 0, 8]
[PID: 3272 / SYSTEM][C:\WINDOWS\H87V2.exe]  [, 6, 779, 0, 8]
[PID: 3284 / SYSTEM][C:\WINDOWS\HPBRR5BIAR.exe]  [, 6, 779, 0, 8]
[PID: 3296 / SYSTEM][C:\WINDOWS\system32\B0K3S.exe]  [, 6, 779, 0, 8]
[PID: 3324 / SYSTEM][C:\WINDOWS\HXXMH8.exe]  [, 6, 779, 0, 8]
[PID: 3332 / SYSTEM][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3344 / SYSTEM][C:\WINDOWS\system32\U5KG7ITLFTOT.exe]  [, 6, 779, 0, 8]
[PID: 3356 / SYSTEM][C:\WINDOWS\system32\K8T3QDKIK1PP.exe]  [, 6, 779, 0, 8]
[PID: 3368 / SYSTEM][C:\WINDOWS\system32\inetsrv\inetinfo.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3384 / SYSTEM][C:\WINDOWS\system32\WP3Z2.exe]  [, 6, 779, 0, 8]
[PID: 3416 / SYSTEM][C:\WINDOWS\IOGGHMTF6.exe]  [, 6, 779, 0, 8]
[PID: 3428 / SYSTEM][C:\WINDOWS\ISPCYXQ.exe]  [, 6, 779, 0, 8]
[PID: 3440 / SYSTEM][C:\WINDOWS\system32\CIOZMLO.exe]  [, 6, 779, 0, 8]
[PID: 3452 / SYSTEM][C:\WINDOWS\IZXAM6OE.exe]  [, 6, 779, 0, 8]
[PID: 3464 / SYSTEM][C:\WINDOWS\JDJ2U02PV.exe]  [, 6, 779, 0, 8]
[PID: 3484 / SYSTEM][C:\WINDOWS\system32\27C51SRELL.exe]  [, 6, 779, 0, 8]
[PID: 3496 / SYSTEM][C:\WINDOWS\system32\DPYVJC30TAVJ.exe]  [, 6, 779, 0, 8]
[PID: 3508 / SYSTEM][C:\WINDOWS\JLIQ8YFQFO2.exe]  [, 6, 779, 0, 8]
[PID: 3520 / SYSTEM][C:\WINDOWS\JLJDO.exe]  [, 6, 779, 0, 8]
[PID: 3532 / SYSTEM][C:\WINDOWS\system32\09G0965CYCF.exe]  [, 6, 779, 0, 8]
[PID: 3544 / SYSTEM][C:\WINDOWS\JTYJF4VZ4J.exe]  [, 6, 779, 0, 8]
[PID: 3560 / SYSTEM][C:\WINDOWS\system32\GTJKZ.exe]  [, 6, 779, 0, 8]
[PID: 3572 / SYSTEM][C:\WINDOWS\KB8ILGTEPM5.exe]  [, 6, 779, 0, 8]
[PID: 3584 / SYSTEM][C:\WINDOWS\system32\LTS7WK5D.exe]  [, 6, 779, 0, 8]
[PID: 3596 / SYSTEM][C:\WINDOWS\KDEMRA.exe]  [, 6, 779, 0, 8]
[PID: 3608 / SYSTEM][C:\WINDOWS\KIHRR.exe]  [, 6, 779, 0, 8]
[PID: 3616 / SYSTEM][C:\WINDOWS\03UQU56V9I8X.exe]  [, 6, 779, 0, 8]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3628 / SYSTEM][C:\WINDOWS\KOTQJ7E.exe]  [, 6, 779, 0, 8]
[PID: 3660 / SYSTEM][C:\WINDOWS\system32\9TYLI.exe]  [, 6, 779, 0, 8]
[PID: 3680 / SYSTEM][C:\WINDOWS\KZLWII.exe]  [, 6, 779, 0, 8]
[PID: 3692 / SYSTEM][C:\WINDOWS\L1URE1USLG9.exe]  [, 6, 779, 0, 8]
[PID: 3712 / SYSTEM][C:\WINDOWS\L6PN1BVHIO.exe]  [, 6, 779, 0, 8]
[PID: 3736 / SYSTEM][C:\WINDOWS\system32\JQJG8IVL.exe]  [, 6, 779, 0, 8]
[PID: 3752 / SYSTEM][C:\WINDOWS\LWRRTY.exe]  [, 6, 779, 0, 8]
[PID: 3780 / SYSTEM][C:\WINDOWS\M0KXXBW4E.exe]  [, 6, 779, 0, 8]
[PID: 3800 / SYSTEM][C:\WINDOWS\MOWG98G30ES.exe]  [, 6, 779, 0, 8]
[PID: 3816 / SYSTEM][C:\WINDOWS\MYQFFVM3ZNDL.exe]  [, 6, 779, 0, 8]
[PID: 3828 / SYSTEM][C:\WINDOWS\system32\4YIORAGJI4.exe]  [, 6, 779, 0, 8]
[PID: 3840 / SYSTEM][C:\WINDOWS\N42Y6.exe]  [, 6, 779, 0, 8]
[PID: 3864 / SYSTEM][C:\WINDOWS\system32\8RYKAF25.exe]  [, 6, 779, 0, 8]
[PID: 3888 / SYSTEM][C:\WINDOWS\N9ZYUHIQ.exe]  [, 6, 779, 0, 8]
[PID: 3908 / SYSTEM][C:\WINDOWS\system32\WJ8SC2ENK31U.exe]  [, 6, 779, 0, 8]
[PID: 3924 / SYSTEM][C:\WINDOWS\NJW7KAX.exe]  [, 6, 779, 0, 8]
[PID: 3936 / SYSTEM][C:\WINDOWS\NVBQXYZI1AX.exe]  [, 6, 779, 0, 8]
[PID: 3948 / SYSTEM][C:\WINDOWS\system32\93549B8C1.exe]  [, 6, 779, 0, 8]
[PID: 3960 / SYSTEM][C:\WINDOWS\system32\KN0JXCVCI60R.exe]  [, 6, 779, 0, 8]
[PID: 3972 / SYSTEM][C:\WINDOWS\system32\9NCLTM3JAA3.exe]  [, 6, 779, 0, 8]
[PID: 3984 / SYSTEM][C:\WINDOWS\OJB9STZPZZ9.exe]  [, 6, 779, 0, 8]
[PID: 3996 / SYSTEM][C:\WINDOWS\OJC0CKI.exe]  [, 6, 779, 0, 8]
[PID: 4008 / SYSTEM][C:\WINDOWS\OSB3J8LTB7MR.exe]  [, 6, 779, 0, 8]
[PID: 4020 / SYSTEM][C:\WINDOWS\OSCPK0.exe]  [, 6, 779, 0, 8]
[PID: 4036 / SYSTEM][C:\WINDOWS\system32\K8WFBPNISC4.exe]  [, 6, 779, 0, 8]
[PID: 4048 / SYSTEM][C:\WINDOWS\system32\H8DQAZ80OK7.exe]  [, 6, 779, 0, 8]
[PID: 4060 / SYSTEM][C:\WINDOWS\PBUVK4EUZ8V.exe]  [, 6, 779, 0, 8]
[PID: 4080 / SYSTEM][C:\WINDOWS\PVM3YAIAF.exe]  [, 6, 779, 0, 8]
[PID: 4092 / SYSTEM][C:\WINDOWS\system32\6TWLL1.exe]  [, 6, 779, 0, 8]
[PID: 336 / SYSTEM][C:\WINDOWS\Q45CI49WV8LX.exe]  [, 6, 779, 0, 8]
[PID: 372 / SYSTEM][C:\WINDOWS\Q7P2TEXNM40B.exe]  [, 6, 779, 0, 8]
[PID: 284 / SYSTEM][C:\WINDOWS\Q7UDYVSQ.exe]  [, 6, 779, 0, 8]
[PID: 1080 / SYSTEM][C:\WINDOWS\system32\P2QMBZATPJ.exe]  [, 6, 779, 0, 8]
[PID: 4100 / SYSTEM][C:\WINDOWS\QBT9RMTAJ.exe]  [, 6, 779, 0, 8]
[PID: 4116 / SYSTEM][C:\WINDOWS\system32\TTTSMTN3E1V4.exe]  [, 6, 779, 0, 8]
[PID: 4128 / SYSTEM][C:\WINDOWS\system32\OGRD8ABM.exe]  [, 6, 779, 0, 8]
[PID: 4140 / SYSTEM][C:\WINDOWS\system32\9VXO2.exe]  [, 6, 779, 0, 8]
[PID: 4152 / SYSTEM][C:\WINDOWS\system32\40TZ7MX3JLKV.exe]  [, 6, 779, 0, 8]
[PID: 4164 / SYSTEM][C:\WINDOWS\QVJ77Z28.exe]  [, 6, 779, 0, 8]
[PID: 4176 / SYSTEM][C:\WINDOWS\system32\X3H0E.exe]  [, 6, 779, 0, 8]
[PID: 4188 / SYSTEM][C:\WINDOWS\R6Y0RN3.exe]  [, 6, 779, 0, 8]
[PID: 4212 / SYSTEM][C:\WINDOWS\system32\JDJ60BMJ.exe]  [, 6, 779, 0, 8]
[PID: 4232 / SYSTEM][C:\WINDOWS\RE41AMJ.exe]  [, 6, 779, 0, 8]
[PID: 4248 / SYSTEM][C:\WINDOWS\REQSK.exe]  [, 6, 779, 0, 8]
[PID: 4260 / SYSTEM][C:\WINDOWS\system32\7MNPIO1RF.exe]  [, 6, 779, 0, 8]
[PID: 4284 / SYSTEM][C:\WINDOWS\SO48346P.exe]  [, 6, 779, 0, 8]
[PID: 4300 / SYSTEM][C:\WINDOWS\SQ79FUHZ6.exe]  [, 6, 779, 0, 8]
[PID: 4320 / SYSTEM][C:\WINDOWS\system32\D5B5KI4NOOM.exe]  [, 6, 779, 0, 8]
[PID: 4364 / SYSTEM][C:\WINDOWS\system32\HIBF22DFYW.exe]  [, 6, 779, 0, 8]
[PID: 4412 / SYSTEM][C:\WINDOWS\TOQV6BSVH8.exe]  [, 6, 779, 0, 8]
[PID: 4428 / SYSTEM][C:\WINDOWS\TY0Z7ERA.exe]  [, 6, 779, 0, 8]
[PID: 4444 / SYSTEM][C:\WINDOWS\UH9GK0.exe]  [, 6, 779, 0, 8]
[PID: 4456 / SYSTEM][C:\WINDOWS\ULM9ZR9N9.exe]  [, 6, 779, 0, 8]
[PID: 4468 / SYSTEM][C:\WINDOWS\system32\TIE88ET5APF.exe]  [, 6, 779, 0, 8]
[PID: 4480 / SYSTEM][C:\WINDOWS\system32\V98HSRD.exe]  [, 6, 779, 0, 8]
[PID: 4492 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 4520 / SYSTEM][C:\WINDOWS\UTXYAPO7Y0EW.exe]  [, 6, 779, 0, 8]
[PID: 4532 / SYSTEM][C:\WINDOWS\UZYBQW.exe]  [, 6, 779, 0, 8]
[PID: 4544 / SYSTEM][C:\WINDOWS\system32\N1KU2LYICQTV.exe]  [, 6, 779, 0, 8]
[PID: 4560 / SYSTEM][C:\WINDOWS\system32\OGSQCNL1EGW3.exe]  [, 6, 779, 0, 8]
[PID: 4572 / SYSTEM][C:\WINDOWS\system32\S4TFCBNO.exe]  [, 6, 779, 0, 8]
[PID: 4584 / SYSTEM][C:\WINDOWS\VDSRAA.exe]  [, 6, 779, 0, 8]
[PID: 4596 / SYSTEM][C:\WINDOWS\VHN8MUHQT69J.exe]  [, 6, 779, 0, 8]
[PID: 4608 / SYSTEM][C:\WINDOWS\VIMFK1TWEJ.exe]  [, 6, 779, 0, 8]
[PID: 4628 / SYSTEM][C:\WINDOWS\W5LBO6.exe]  [, 6, 779, 0, 8]
[PID: 4648 / SYSTEM][C:\WINDOWS\W75DHP5AH.exe]  [, 6, 779, 0, 8]
[PID: 4664 / SYSTEM][C:\WINDOWS\WCCPV.exe]  [, 6, 779, 0, 8]
[PID: 4692 / SYSTEM][C:\WINDOWS\WLOFTCX.exe]  [, 6, 779, 0, 8]
[PID: 4716 / SYSTEM][C:\WINDOWS\system32\NIHJK6R893L0.exe]  [, 6, 779, 0, 8]
[PID: 4732 / SYSTEM][C:\WINDOWS\WQ3X4Y7CDU5O.exe]  [, 6, 779, 0, 8]
[PID: 4748 / SYSTEM][C:\WINDOWS\WSVYF3D60KQ.exe]  [, 6, 779, 0, 8]
[PID: 4764 / SYSTEM][C:\WINDOWS\system32\QHC1QHS0AUS.exe]  [, 6, 779, 0, 8]
[PID: 4776 / SYSTEM][C:\WINDOWS\X2UBCE9PB.exe]  [, 6, 779, 0, 8]
[PID: 4788 / SYSTEM][C:\WINDOWS\X54KLWY.exe]  [, 6, 779, 0, 8]
[PID: 4800 / SYSTEM][C:\WINDOWS\XK1UU18GB.exe]  [, 6, 779, 0, 8]
[PID: 4812 / SYSTEM][C:\WINDOWS\XX0DV6O218.exe]  [, 6, 779, 0, 8]
[PID: 4824 / SYSTEM][C:\WINDOWS\YA38MF8Z.exe]  [, 6, 779, 0, 8]
[PID: 4836 / SYSTEM][C:\WINDOWS\system32\TPIY31ECX04.exe]  [, 6, 779, 0, 8]
[PID: 4848 / SYSTEM][C:\WINDOWS\system32\26YCBIV.exe]  [, 6, 779, 0, 8]
[PID: 4860 / SYSTEM][C:\WINDOWS\system32\1QPHV4JBF.exe]  [, 6, 779, 0, 8]
[PID: 4876 / SYSTEM][C:\WINDOWS\YVMPND.exe]  [, 6, 779, 0, 8]
[PID: 4888 / SYSTEM][C:\WINDOWS\ZGCLJQR.exe]  [, 6, 779, 0, 8]
[PID: 4904 / SYSTEM][C:\WINDOWS\ZJG75P.exe]  [, 6, 779, 0, 8]
[PID: 4916 / SYSTEM][C:\WINDOWS\system32\1C9CMPCSL.exe]  [, 6, 779, 0, 8]
[PID: 5136 / SYSTEM][C:\WINDOWS\system32\wbem\wmiprvse.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 5760 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2140 / SYSTEM][C:\WINDOWS\system32\wuauclt.exe]  [(Verified) Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 5376 / Administrator][C:\Documents and Settings\Administrator\桌面\sreng2\SREngLdr.EXE]  [Smallfrogs Studio, 2.7.0.1210]
[PID: 5452 / Administrator][C:\Documents and Settings\Administrator\桌面\sreng2\SRE9b4eb966.EXE]  [Smallfrogs Studio, 2.7.0.1210]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Documents and Settings\Administrator\桌面\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1       localhost
0.0.0.0 182838.com
0.0.0.0 asiafriendfinder.com
0.0.0.0 beautishow.com
0.0.0.0 hothack.home.chinaren.com
0.0.0.0 iplus.allyes.com
0.0.0.0 lingaonbvm.myrice.com
0.0.0.0 love7liao.com
0.0.0.0 lingaonbvm.myrice.com
0.0.0.0 love7liao.com
0.0.0.0 lingaonbvm.myrice.com
0.0.0.0 love7liao.com
219.153.32.215 auto.search.msn.com

==================================
进程特权扫描
特殊特权被允许： SeLoadDriverPrivilege [PID = 3616, C:\WINDOWS\03UQU56V9I8X.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 5376, C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\SRENG2\SRENGLDR.EXE]

==================================
计划任务
N/A

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]