[CODE]

2008-11-10,10:02:19

System Repair Engineer 2.7.0.1210
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描
    计划任务
    API HOOK
    隐藏进程


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
    <DesktopSprite><C:\Program Files\SnowFox\DesktopSprite2\DesktopSprite.exe>  [SnowFox Studio.]
    <BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}><; "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe">  [File is missing]
    <PcSync><; C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog>  [File is missing]
    <PPS Accelerator><; C:\Program Files\PPStream\ppsap.exe>  [(Verified)SHANGHAI ZHONGYUAN NETWORKS LIMITED]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <Microsoft Pinyin IME Migration><C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL>  [(Verified)Microsoft Corporation]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <Logitech Hardware Abstraction Layer><KHALMNPR.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <Kernel and Hardware Abstraction Layer><KHALMNPR.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <NvCplDaemon><; RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <HBService32><System.exe>  []
    <runeip><"C:\Program Files\Rising\AntiSpyware\rstray.exe" /startup>  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <Grid Service><; "C:\Program Files\GridService\peer.exe" -n Grid>  [FS2YOU]
    <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Publisher]
    <IMSCMIG40W><; C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40W\IMSCMIG.EXE /SetPreload /Log>  [Microsoft Corporation]
    <NeroCheck><; C:\WINDOWS\system32\NeroCheck.exe>  [File is missing]
    <NvMediaCenter><; RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <nwiz><; nwiz.exe /install>  []
    <PCSuiteTrayApplication><; C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup>  [File is missing]
    <PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows Publisher]
    <SoundMan><; SOUNDMAN.EXE>  [Realtek Semiconductor Corp.]
    <StormCodec_Helper><; "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>  []
    <SunJavaUpdateSched><; C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe>  [Sun Microsystems, Inc.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <KKDelay><C:\Program Files\Rising\AntiSpyware\RunOnce.exe>  [(Verified)Beijing Rising Information Technology Corporation Limited]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <nwiz><ailin.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
    <Userinit><C:\WINDOWS\system32\UserInit.exe,>  [(Infected) Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><01AFE3DC.dll,HBmhly.dll,HBJXSJ.dll,HBJTLQ.dll,HBWOW.dll,HBWD.dll,HBTL.dll,HBDNF.dll,HBQQXX.dll,HBQQSG.dll>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <{C8FFD223-C0FB-40C5-94A0-FD7891AC18E9}><C8FFD223.dll>  []
    <{43ACDCC5-9009-4AF4-B80A-93BC656EF298}><43ACDCC5.dll>  []
    <{D7C79813-9233-4AE0-832C-99B2E8019673}><D7C79813.dll>  []
    <{DFEC5CB7-E2AA-4B0A-BEB3-D140E59ED53A}><DFEC5CB7.dll>  []
    <{BA7EDF54-8408-4B21-B351-7B447B344BA4}><BA7EDF54.dll>  []
    <{E4814792-EFA3-4C20-93D0-8B130A59F9A8}><E4814792.dll>  []
    <{122B901E-493F-4AD9-BC69-7DE8C3E52FCC}><122B901E.dll>  []
    <{9F684DE8-3E87-4174-9033-E02A3DFD8B61}><9F684DE8.dll>  []
    <{F2CBFAC4-6FF9-4DE9-BCB1-0F2FA2AA0B4C}><F2CBFAC4.dll>  []
    <{59964D2B-044A-40AE-8837-0ED9EE8BDA08}><59964D2B.dll>  []
    <{3F21AA0C-2A9E-4BE9-9083-9E58AB41BA01}><3F21AA0C.dll>  []
    <{DA63E650-537C-4042-87BB-9D19D844680B}><DA63E650.dll>  []
    <{B3721C07-62B3-411A-9DC7-F5F27E3E21FF}><B3721C07.dll>  []
    <{58FF3024-8A83-4B1A-88E9-302F47646EEE}><58FF3024.dll>  []
    <{8566F82E-03A4-416E-AEAC-66600D8881F1}><8566F82E.dll>  []
    <{66AFCB56-FAA9-42D2-8C72-2767A46C7FA8}><66AFCB56.dll>  []
    <{08223B03-1B38-4A33-A83A-A4D3CC1D6E4E}><08223B03.dll>  []
    <{9CA963CA-107C-4089-B0AB-31380F90D7E3}><9CA963CA.dll>  []
    <{E0D39066-96D7-4891-8527-488ADAFCD60F}><E0D39066.dll>  []
    <{01AFE3DC-2242-436E-9B44-6DD1C664E828}><01AFE3DC.dll>  []
    <{5243F5FA-75D6-4469-90A8-A181E2AAAA5B}><5243F5FA.dll>  []
    <{F6A454AE-156A-415E-9F89-3795677A8A91}><C:\Program Files\Internet Explorer\53u1ttMe.2ys>  []
    <{5B77087D-AB76-4C22-B0A6-C34D1F438E55}><C:\Program Files\Common Files\Microsoft Shared\MSInfo\Come_System.sys>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <WebCheck><C:\WINDOWS\system32\webcheck.dll>  [(Verified)Microsoft Windows Component Publisher]
    <SysTray><C:\WINDOWS\system32\stobject.dll>  [(Verified)Microsoft Windows Publisher]
    <UPnPMonitor><C:\WINDOWS\system32\upnpui.dll>  [(Verified)Microsoft Windows Publisher]
    <WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    <WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    <WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    <WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
    <WinlogonNotify: LBTWlgn><c:\program files\common files\logitech\bluetooth\LBTWlgn.dll>  [(Verified)Logitech]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    <WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    <WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    <WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    <WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    <WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    <WinlogonNotify: WgaLogon><WgaLogon.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    <WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
    <IE7 Uninstall Stub><C:\WINDOWS\system32\ieudinit.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
    <Browser Customizations><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
    <浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    <Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -BaseSettings>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Thunder5.exe]
    <IFEO[Thunder5.exe]><svchost.exe>  [(Verified)Microsoft Windows Publisher]

==================================
启动文件夹
[Logitech SetPoint]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Logitech SetPoint.lnk --> C:\PROGRA~1\Logitech\SetPoint\SetPoint.exe [Logitech, Inc.]><N>

==================================
服务
[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[Contrl Center of Storm Media / ccosm][Running/Auto Start]
  <C:\Program Files\StormII\stormliv.exe /asservice><北京暴风网际科技有限公司>
[Cmb WebProtect Support / CMBWPS][Running/Auto Start]
  <C:\Program Files\CMBCHINA\WebProtect\WPService.exe /start><China Merchants Bank>
[DCOM Server Process Launcher / DcomLaunch][Running/Auto Start]
  <C:\WINDOWS\system32\svchost -k DcomLaunch-->%SystemRoot%\system32\rpcss.dll><N/A>
[Windows Presentation Foundation Font Cache 3.0.0.0 / FontCache3.0.0.0][Stopped/Manual Start]
  <C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe><Microsoft Corporation>
[hpqcxs08 / hpqcxs08][Running/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k hpdevmgmt-->C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll><Hewlett-Packard Co.>
[HP CUE DeviceDiscovery 服务 / hpqddsvc][Running/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k hpdevmgmt-->C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll><Hewlett-Packard Co.>
[Windows CardSpace / idsvc][Stopped/Manual Start]
  <"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"><Microsoft Corporation>
[Logitech Bluetooth Service / LBTServ][Stopped/Manual Start]
  <C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe><Logitech, Inc.>
[NBService / NBService][Stopped/Manual Start]
  <C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe><Nero AG>
[Net.Tcp Port Sharing Service / NetTcpPortSharing][Stopped/Disabled]
  <"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"><Microsoft Corporation>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Remote Procedure Call (RPC) / RpcSs][Running/Auto Start]
  <C:\WINDOWS\system32\svchost -k rpcss-->c:\windows\system32\rpcss.dll><N/A>
[Rising Process Communication Center / RsCCenter][Stopped/Auto Start]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Information Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
  <"C:\PROGRAM FILES\RISING\RAV\Ravmond.exe"><Beijing Rising Information Technology Co., Ltd.>
[ServiceLayer / ServiceLayer][Stopped/Manual Start]
  <"C:\Program Files\PC Connectivity Solution\ServiceLayer.exe"><Nokia.>
[Windows Live Setup Service / WLSetupSvc][Stopped/Manual Start]
  <"C:\Program Files\Windows Live\installer\WLSetupSvc.exe"><Microsoft Corporation>
[Portable Media Serial Number Service / WmdmPmSN][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\wmdmpmsvc.dll><N/A>

==================================
驱动程序
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[aliimz / aliimz][Stopped/Manual Start]
  <System32\Drivers\aliimz.sys><N/A>
[BRGSp50 NDIS Protocol Driver / BRGSp50][Stopped/Manual Start]
  <System32\Drivers\BRGSp50.sys><Printing Communications Assoc., Inc. (PCAUSA)>
[EagleNT / EagleNT][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\EagleNT.sys><N/A>
[fhzl / fhzl][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\fhzl.ahc><N/A>
[GMSIPCI / GMSIPCI][Stopped/Manual Start]
  <\??\H:\INSTALL\GMSIPCI.SYS><N/A>
[HBKernel32 Driver / HBKernel32][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\HBKernel32.sys><N/A>
[HookCont / HookCont][Running/System Start]
  <\SystemRoot\system32\drivers\HookCont.sys><Beijing Rising Information Technology Co., Ltd.>
[HookNtos / HookNtos][Running/System Start]
  <\SystemRoot\system32\drivers\HookNtos.sys><Beijing Rising Information Technology Co., Ltd.>
[HookReg / HookReg][Running/System Start]
  <\SystemRoot\system32\drivers\HookReg.sys><Beijing Rising Information Technology Co., Ltd.>
[HookSys / HookSys][Running/System Start]
  <\SystemRoot\system32\drivers\HookSys.sys><Beijing Rising Information Technology Co., Ltd.>
[W9968X ISP Driver / ISP68X][Stopped/Manual Start]
  <System32\Drivers\ISP68X.sys><Winbond Electronics Crop.>
[Logitech SetPoint Keyboard Driver / L8042Kbd][Running/Manual Start]
  <system32\DRIVERS\L8042Kbd.sys><Logitech, Inc.>
[SetPoint PS/2 Mouse Filter Driver / L8042mou][Running/Manual Start]
  <system32\DRIVERS\L8042mou.Sys><Logitech, Inc.>
[Logitech SetPoint KMDF HID Filter Driver / LHidFilt][Stopped/Manual Start]
  <system32\DRIVERS\LHidFilt.Sys><Logitech, Inc.>
[LibUsb-Win32 - Kernel Driver 11/20/2005, 20051120 / libusb0][Stopped/Manual Start]
  <system32\DRIVERS\libusb0.sys><http://libusb-win32.sourceforge.net>
[Logitech SetPoint KMDF Mouse Filter Driver / LMouFilt][Stopped/Manual Start]
  <system32\DRIVERS\LMouFilt.Sys><Logitech, Inc.>
[SetPoint Mouse Filter Driver / LMouKE][Running/Manual Start]
  <system32\DRIVERS\LMouKE.Sys><Logitech, Inc.>
[Logitech SetPoint KMDF USB Filter / LUsbFilt][Stopped/Manual Start]
  <System32\Drivers\LUsbFilt.Sys><Logitech, Inc.>
[Motorola USB CDC ACM Driver / motmodem][Stopped/Manual Start]
  <system32\DRIVERS\motmodem.sys><N/A>
[Nokia USB Phone Parent / nmwcd][Stopped/Manual Start]
  <system32\drivers\ccdcmb.sys><Nokia>
[Nokia USB Generic / nmwcdc][Stopped/Manual Start]
  <system32\drivers\ccdcmbo.sys><Nokia>
[NetGroup Packet Filter Driver / NPF][Stopped/Manual Start]
  <system32\drivers\npf.sys><Politecnico di Torino>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[nVidia WDM TVAudio Crossbar / nvtvSND][Stopped/Auto Start]
  <system32\DRIVERS\nvtvsnd.sys><N/A>
[oreans32 / oreans32][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\oreans32.sys><N/A>
[Motorola USB Device / P2k][Stopped/Manual Start]
  <system32\DRIVERS\P2k.sys><Motorola Inc>
[PCCS Mode Change Filter Driver / pccsmcfd][Stopped/Manual Start]
  <system32\DRIVERS\pccsmcfd.sys><Nokia>
[Hi-Tech Wealth USB Device / PKusb][Stopped/Manual Start]
  <System32\Drivers\pkusb.sys><HI-TECH Wealth>
[PsSdk30 / PsSdk30][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\Drivers\PsSdk30.drv><N/A>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RivaTuner32 / RivaTuner32][Stopped/Manual Start]
  <\??\C:\Program Files\RivaTuner v2.0 RC 15.8\RivaTuner32.sys><N/A>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Information Technology Co., Ltd.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Running/Auto Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[Prolific2 Serial port driver / Ser2pl][Stopped/Manual Start]
  <system32\DRIVERS\ser2pl.sys><Prolific Technology Inc.>
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1][Stopped/Manual Start]
  <system32\DRIVERS\SONYPVU1.SYS><Sony Corporation>
[sptd / sptd][Running/Boot Start]
  <\SystemRoot\System32\Drivers\sptd.sys><N/A>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[upperdev / upperdev][Stopped/Manual Start]
  <system32\DRIVERS\usbser_lowerflt.sys><Windows (R) Codename Longhorn DDK provider>
[UsbserFilt / UsbserFilt][Stopped/Manual Start]
  <system32\DRIVERS\usbser_lowerfltj.sys><Windows (R) Codename Longhorn DDK provider>
[ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS) / ZD1211BU(ZyDAS)][Stopped/Manual Start]
  <system32\DRIVERS\zd1211Bu.sys><ZyDAS Technology Corporation>
[ZDPSp50 NDIS Protocol Driver / ZDPSp50][Stopped/Manual Start]
  <System32\Drivers\ZDPSp50.sys><Printing Communications Assoc., Inc. (PCAUSA)>
[Kisstusb / Kisstusb][Running/]
  <2 - 系统找不到指定的文件。
><N/A>
[ca99d57 / ca99d57][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\ca99d57.sys><N/A>
[c39e8db / c39e8db][Running/Manual Start]
  <\??\C:\WINDOWS\system32\c39e8db.sys><N/A>
[d7b49fa / d7b49fa][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\d7b49fa.sys><N/A>

==================================
浏览器加载项
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v8.dll, N/A>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx, (Signed) >
[FG2CatchUrl]
  {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} <C:\Program Files\FlashGet Network\Flashget\ComDlls\bhoCATCH.dll_1.dll, (Signed) FlashGet>
[WebProtect]
  {53763D1D-9CA8-4C7C-9756-A8E6B8FC063B} <C:\Program Files\CMBCHINA\WebProtect\WebProtect.dll, (Signed) China Merchants Bank>
[SSVHelper Class]
  {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[]
  {7E853D72-626A-48EC-A868-BA8D5E23E045} <, >
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[Windows Live 登录帮助程序]
  {9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation>
[卡卡上网安全助手]
  {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} <C:\WINDOWS\system32\urlFilter.dll, (Signed) Beijing Rising Information Technology Co., Ltd.>
[Download_Bho Class]
  {A986E409-30CC-4185-89BB-AB212C104524} <C:\Program Files\PPLiveVA\DownloaderManager.dll, (Signed) >
[]
  {F6A454AE-156A-415E-9F89-3795677A8A91} <C:\Program Files\Internet Explorer\53u1ttMe.2ys, N/A>
[启动网吧版迅雷服务端]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <C:\Program Files\Thunder Network\NetBarThunder\NetBarThunder.exe, Thunder Networking Technologies,LTD>
[浩方对战平台]
  {0A155D3C-68E2-4215-A47A-E800A446447A} <E:\Temp\浩方对战平台\浩方优化版\GameClient.exe, (Signed) 上海浩方在线信息技术有限公司>
[PPLive]
  {95B3F550-91C4-4627-BCC4-521288C52977} <C:\Program Files\PPLive\PPLive.exe, (Signed) N/A>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, (Signed) Microsoft Corporation>
[Edit Class]
  {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINDOWS\system32\CMBEdit.dll, >
[EditCtrl Class]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, (Signed) >
[MUWebControl Class]
  {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, (Signed) Microsoft Corporation>
[Java Plug-in]
  {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[]
  {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} <, >
[Submit Class]
  {A3CD7F74-93C9-4BC4-B892-CCDF1514F714} <C:\WINDOWS\Downloaded Program Files\safeInput4jh.dll, Beijing eChannels Century Technology Co.,Ltd>
[]
  {B2EC6023-6C00-49F9-A8BE-3AAC4E326BA4} <, >
[Java Plug-in]
  {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.5.0_06]
  {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll, Sun Microsystems, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, (Signed) Adobe Systems, Inc.>
[CTAdjust Class]
  {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} <C:\WINDOWS\Downloaded Program Files\clearadjust.dll, >
[PasswordEditCtrl Class]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, (Signed) 腾讯科技（深圳）有限公司>
[safeInput Class]
  {ECCBA953-80E5-11D3-9285-0080ADB811C5} <C:\WINDOWS\Downloaded Program Files\safein.dll, Beijing eChannels Century Technology Co.,Ltd>
[]
  {00000000-0000-0000-0000-000000000000} <, >
[]
  {00000000-12C9-4305-82F9-43058F20E8D2} <, >
[ADODB.Recordset]
  {00000535-0000-0010-8000-00AA006D2EA4} <C:\Program Files\Common Files\System\ado\msado15.dll, (Signed) Microsoft Corporation>
[]
  {00000AAA-A363-466E-BEF5-9BB68697AA7F} <, >
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v8.dll, N/A>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[]
  {03507A1A-E0C5-4404-AA26-205385C0892D} <, >
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx, (Signed) >
[]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <, >
[]
  {0A155D3C-68E2-4215-A47A-E800A446447A} <, >
[]
  {0C7C23EF-A848-485B-873C-0ED954731014} <, >
[Edit Class]
  {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINDOWS\system32\CMBEdit.dll, >
[Fade]
  {16B280C5-EE70-11D1-9066-00C04FD9189D} <C:\WINDOWS\system32\Dxtmsft.dll, (Signed) Microsoft Corporation>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, (Signed) Microsoft Corporation>
[EWA Control]
  {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, (Signed) Synacast>
[InformationCardSigninHelper Class]
  {19916E01-B44E-4E31-94A4-4696DF46157B} <C:\WINDOWS\system32\icardie.dll, (Signed) Microsoft Corporation>
[iTrusPTA Class]
  {1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\aliedit\pta.dll, (Signed) >
[FG2CatchUrl]
  {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} <C:\Program Files\FlashGet Network\Flashget\ComDlls\bhoCATCH.dll_1.dll, (Signed) FlashGet>
[PowerList Control]
  {20C2C286-BDE8-441B-B73D-AFA22D914DA5} <C:\PROGRA~1\PPStream\110~1.262\POWERL~1.OCX, (Signed) PPStream Inc.>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, (Signed) Microsoft Corporation>
[]
  {2318C2B1-4965-11D4-9B18-009027A5CD4F} <, >
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <C:\WINDOWS\system32\mshtml.dll, (Signed) Microsoft Corporation>
[]
  {2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[]
  {2BD1FE34-9D76-4DA8-BDEB-7A78531F4EB4} <, >
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation>
[WebThunder DapPlayer]
  {2EEDA47E-8D5C-4d7e-B4B6-E16E19218555} <C:\Program Files\Thunder Network\WebThunder\DownAndPlay\DapPlayer3.0.11.17.dll, N/A>
[RealPlayer RAM Download Handler]
  {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, (Signed) RealNetworks, Inc.>
[HtmlDlgSafeHelper Class]
  {3050F819-98B5-11CF-BB82-00AA00BDCE0B} <C:\WINDOWS\system32\mshtmled.dll, (Signed) Microsoft Corporation>
[Zyzzyva]
  {30FA9641-9CFE-4D71-A3AA-DF8B6FA02FCC} <, >
[Tabular Data Control]
  {333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\WINDOWS\system32\tdc.ocx, (Signed) Microsoft Corporation>
[QuickTime Object]
  {4063BE15-3B08-470D-A0D5-B37161CFFD69} <C:\Program Files\StormII\Codec\QTSystem\QTPlugin.ocx, Apple Computer, Inc.>
[XML Document]
  {48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <C:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[EditCtrl Class]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, (Signed) >
[]
  {4F1E5B1A-2A80-42CA-8532-2D05CB959537} <, >
[WebProtect]
  {53763D1D-9CA8-4C7C-9756-A8E6B8FC063B} <C:\Program Files\CMBCHINA\WebProtect\WebProtect.dll, (Signed) China Merchants Bank>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>
[InstallShield Update Service Agent]
  {5B7524C8-2446-40E9-9474-94A779DBA224} <C:\WINDOWS\Downloaded Program Files\isusweb.dll, Macrovision Corporation>
[PowerPlayer Control]
  {5EC7C511-CD0F-42E6-830C-1BD9882F3458} <C:\PROGRA~1\PPStream\110~1.262\POWERP~1.DLL, (Signed) PPStream Inc.>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, (Signed) Microsoft Corporation>
[XMP Class]
  {6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, >
[XDRM]
  {693571CB-54A3-4E90-9D52-EEAE1334E2D3} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, >
[StormPlayer Object]
  {6BE52E1D-E586-474F-A6E2-1A85A9B4D9FB} <C:\Program Files\StormII\mps.dll, (Signed) 北京暴风网际科技有限公司>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[WangWangObj Class]
  {6E213FC7-DD5A-4115-B7E6-D4C7838C361E} <C:\Program Files\Alisoft\WangWang\WangWangX4.dll, 阿里巴巴软件(上海)有限公司>
[MUWebControl Class]
  {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, (Signed) Microsoft Corporation>
[]
  {7605CC7C-00FD-4A5F-BAFD-828342DE6279} <, >
[SSVHelper Class]
  {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[MediaComm Class]
  {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <C:\Program Files\Thunder Network\Thunder\Components\InMedia\MediaAddin17.dll, Thunder Networking Technologies,LTD>
[]
  {7E853D72-626A-48EC-A868-BA8D5E23E045} <, >
[Peer Adapter]
  {80E18282-3716-48CA-B50C-F7B7F6A32791} <, >
[Microsoft Web Browser]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[XML HTTP 4.0]
  {88D969C5-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml4.dll, Microsoft Corporation>
[XML DOM 文档 5.0]
  {88D969E5-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL, (Signed) Microsoft Corporation>
[XML HTTP 5.0]
  {88D969EA-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL, (Signed) Microsoft Corporation>
[]
  {88D96A05-F192-11D4-A65F-0040963251E5} <, >
[]
  {88D96A0A-F192-11D4-A65F-0040963251E5} <, >
[]
  {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} <, >
[Windows Live 登录帮助程序]
  {9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation>
[]
  {95B3F550-91C4-4627-BCC4-521288C52977} <, >
[]
  {962EFB8E-2683-42D4-AC74-AAA4C759B9C6} <, >
[卡卡上网安全助手]
  {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} <C:\WINDOWS\system32\urlFilter.dll, (Signed) Beijing Rising Information Technology Co., Ltd.>
[Submit Class]
  {A3CD7F74-93C9-4BC4-B892-CCDF1514F714} <C:\WINDOWS\Downloaded Program Files\safeInput4jh.dll, Beijing eChannels Century Technology Co.,Ltd>
[Download_Bho Class]
  {A986E409-30CC-4185-89BB-AB212C104524} <C:\Program Files\PPLiveVA\DownloaderManager.dll, (Signed) >
[RMGetLicense Class]
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, (Signed) Microsoft Corporation>
[]
  {AA58ED58-01DD-4D91-8333-CF10577473F7} <, >
[Thunder DapCtrl]
  {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <C:\Program Files\Thunder Network\NetBarThunder\Components\DownAndPlay\DapCtrl1.4.19.22.98.dll, ShenZhen Thunder Networking Technologies Ltd.>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, (Signed) Microsoft Corporation>
[UploadManager Class]
  {AF2F4E3F-DC4D-40B3-B7DA-77974FF2F317} <C:\WINDOWS\system32\CMUpload.dll, NetEase(Hangzhou)Network Tech.Co.,Ltd.>
[]
  {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <, >
[]
  {B012491E-8FA4-4851-AA9B-22E33784FBAD} <, >
[]
  {B2EC6023-6C00-49F9-A8BE-3AAC4E326BA4} <, >
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A>
[ScreenCapture163 Class]
  {B6DEE590-8486-4F35-86BB-265FC72DBD96} <C:\WINDOWS\system32\163screencapture.dll, NetEase(Hangzhou)Network Tech.Co.,Ltd.>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, (Signed) Microsoft Corporation>
[Adobe Acrobat Control for ActiveX]
  {CA8A9780-280D-11CF-A24D-444553540000} <C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\ActiveX\pdf.ocx, (Signed) Adobe Systems Incorporated>
[QQPlayerSvr Proxy Control]
  {CD108273-D434-43E6-AA90-1469F97EB398} <C:\Program Files\Tencent\QQ\QQPlayerProxy.dll, N/A>
[AUDIO__MID Moniker Class]
  {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, (Signed) RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, (Signed) Adobe Systems, Inc.>
[Macromedia Flash Factory Object]
  {D27CDB70-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, (Signed) Adobe Systems, Inc.>
[CTAdjust Class]
  {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} <C:\WINDOWS\Downloaded Program Files\clearadjust.dll, >
[RevealTrans]
  {E31E87C4-86EA-4940-9B8A-5BD5D179A737} <C:\WINDOWS\system32\Dxtmsft.dll, (Signed) Microsoft Corporation>
[PasswordEditCtrl Class]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, (Signed) 腾讯科技（深圳）有限公司>
[SVG Document]
  {EBF9B040-94C9-11D4-9064-00C04F78ACF9} <C:\WINDOWS\System32\Adobe\SVG Viewer\SVGControl.dll, Adobe Systems Incorporated>
[safeInput Class]
  {ECCBA953-80E5-11D3-9285-0080ADB811C5} <C:\WINDOWS\Downloaded Program Files\safein.dll, Beijing eChannels Century Technology Co.,Ltd>
[safeInput Class]
  {ECCBA956-80E5-11D3-9285-0080ADB811C9} <C:\WINDOWS\Downloaded Program Files\safeInput4jh.dll, Beijing eChannels Century Technology Co.,Ltd>
[TimwpDll.TimwpCheck]
  {ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4} <C:\PROGRA~1\Tencent\QQ\Timwp.dll, (Signed) TENCENT>
[XML HTTP Request]
  {ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[]
  {EE60714F-AC17-427E-861A-FD60CBDF119A} <, >
[Thunder DapPlayer]
  {EEDD6FF9-13DE-496B-9A1C-D78B3215E266} <C:\Program Files\Thunder Network\NetBarThunder\Components\DownAndPlay\DapPlayer3.0.44.68.98.dll, ShenZhen Thunder Networking Technologies Ltd.>
[XPPlayer Class]
  {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\pplayer.dll_1_work, Thunder>
[XML DOM Document 3.0]
  {F5078F32-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[Free Threaded XML DOM Document 3.0]
  {F5078F33-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[XML HTTP 3.0]
  {F5078F35-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[XSL Template 3.0]
  {F5078F36-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[]
  {F6A454AE-156A-415E-9F89-3795677A8A91} <C:\Program Files\Internet Explorer\53u1ttMe.2ys, N/A>
[XML DOM Document]
  {F6D90F11-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[XML HTTP]
  {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[]
  {FB5DA724-162B-11D3-8B9B-AA70B4B0B524} <, >
[FG2CatchUrl]
  {FB5DA724-162B-11D3-8B9B-AA70B4B0B525} <C:\Program Files\FlashGet Network\Flashget\ComDlls\bhoCATCH.dll_1.dll, (Signed) FlashGet>
[]
  {FB5F1910-F110-11D2-BB9E-00C04F795683} <, >
[]
  {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} <, >
[InstallCheck Class]
  {FFB8C97E-39D4-4E8A-9FE4-B451A0D6CA65} <C:\Program Files\Alisoft\WangWang\Ali_Check.dll, >
[&U使用纳米机器人下载并收藏]
  <C:\Program Files\NamiRobot\Data\du.html, N/A>
[使用快车(Flas&hGet)下载]
  <C:\Program Files\FlashGet Network\Flashget\ComDlls\Bholink.htm, N/A>
[使用快车(Flash&Get)下载全部链接]
  <C:\Program Files\FlashGet Network\Flashget\ComDlls\Bhoall.htm, N/A>
[使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\Program\getallurl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>

==================================
正在运行的进程
[PID: 348][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 424][\??\C:\WINDOWS\system32\csrss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\csrss.dll]  [N/A, ]
    [C:\WINDOWS\system32\sh12007.dll]  [N/A, ]
    [C:\WINDOWS\system32\sh18010.dll]  [N/A, ]
[PID: 448][\??\C:\WINDOWS\system32\winlogon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\01AFE3DC.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBJXSJ.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBmhly.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBJTLQ.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBWOW.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBWD.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBTL.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBDNF.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBQQXX.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBQQSG.dll]  [N/A, ]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
    [c:\program files\common files\logitech\bluetooth\LBTWlgn.dll]  [Logitech, Inc., 4.60.122]
    [c:\program files\common files\logitech\bluetooth\LBTServ.dll]  [Logitech, Inc., 4.60.122]
[PID: 496][C:\WINDOWS\system32\services.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
[PID: 508][C:\WINDOWS\system32\lsass.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
[PID: 660][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
    [c:\windows\system32\rpcss.dll]  [N/A, ]
[PID: 724][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
    [c:\windows\system32\rpcss.dll]  [N/A, ]
[PID: 784][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
    [c:\windows\system32\wmdmpmsvc.dll]  [N/A, ]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\Program Files\Internet Explorer\53u1ttMe.2ys]  [N/A, ]
[PID: 820][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
[PID: 952][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
[PID: 1012][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
[PID: 1284][C:\WINDOWS\system32\UserInit.exe]  [(Infected) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
    [C:\WINDOWS\system32\01AFE3DC.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBJXSJ.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBmhly.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBWD.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBTL.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBDNF.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBQQXX.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBQQSG.dll]  [N/A, ]
    [C:\WINDOWS\system32\5243F5FA.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\58FF3024.dll]  [N/A, ]
    [C:\WINDOWS\system32\DA63E650.dll]  [N/A, ]
    [C:\WINDOWS\system32\3F21AA0C.dll]  [N/A, ]
    [C:\WINDOWS\system32\59964D2B.dll]  [N/A, ]
    [C:\WINDOWS\system32\F2CBFAC4.dll]  [N/A, ]
    [C:\WINDOWS\system32\DFEC5CB7.dll]  [N/A, ]
    [C:\WINDOWS\system32\D7C79813.dll]  [N/A, ]
    [C:\WINDOWS\system32\43ACDCC5.dll]  [N/A, ]
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  [Logitech, Inc., 4.60.122]
    [C:\Program Files\Internet Explorer\53u1ttMe.2ys]  [N/A, ]
[PID: 1312][C:\WINDOWS\system32\spoolsv.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
    [C:\WINDOWS\system32\01AFE3DC.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBJXSJ.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBmhly.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBJTLQ.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBWOW.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBWD.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBTL.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBDNF.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBQQXX.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBQQSG.dll]  [N/A, ]
    [C:\WINDOWS\system32\HPLTLM.DLL]  [Hewlett-Packard Corporation, Microsoft Corporation, v5.31]
    [C:\WINDOWS\system32\ZLhp1020.DLL]  [Zenographics, Inc., 5, 53, 2714, 0]
    [C:\WINDOWS\system32\ZLM.dll]  [Zenographics, Inc., 5, 50, 1416, 0]
    [C:\WINDOWS\system32\hpzll4v2.dll]  [Hewlett-Packard Company, 61.063.247.00]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpzpp4v2.dll]  [Hewlett-Packard Corporation, 61.063.247.00]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\IMFPrint.DLL]  [Zenographics, Inc., 5, 54, 330, 0]
    [C:\WINDOWS\system32\Imf32.dll]  [Zenographics, Inc., 5, 60, 1204, 0]
    [C:\WINDOWS\system32\ZTAG32.dll]  [Zenographics, Inc., 5, 60, 1210, 0]
    [C:\WINDOWS\system32\ZSPOOL.dll]  [Zenographics, Inc., 5, 51, 709, 0]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\filterpipelineprintproc.dll]  [Microsoft Corporation, 6.0.5824.16384 (winmain(wmbla).060911-0725)]
[PID: 1384][C:\WINDOWS\explorer.exe]  [(Verified) Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
    [C:\WINDOWS\system32\01AFE3DC.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBJXSJ.dll]  [N/A, ]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.18]
    [C:\WINDOWS\system32\C8FFD223.dll]  [N/A, ]
    [C:\WINDOWS\system32\43ACDCC5.dll]  [N/A, ]
    [C:\WINDOWS\system32\D7C79813.dll]  [N/A, ]
    [C:\WINDOWS\system32\DFEC5CB7.dll]  [N/A, ]
    [C:\WINDOWS\system32\BA7EDF54.dll]  [N/A, ]
    [C:\WINDOWS\system32\E4814792.dll]  [N/A, ]
    [C:\WINDOWS\system32\122B901E.dll]  [N/A, ]
    [C:\WINDOWS\system32\9F684DE8.dll]  [N/A, ]
    [C:\WINDOWS\system32\F2CBFAC4.dll]  [N/A, ]
    [C:\WINDOWS\system32\59964D2B.dll]  [N/A, ]
    [C:\WINDOWS\system32\3F21AA0C.dll]  [N/A, ]
    [C:\WINDOWS\system32\DA63E650.dll]  [N/A, ]
    [C:\WINDOWS\system32\B3721C07.dll]  [N/A, ]
    [C:\WINDOWS\system32\58FF3024.dll]  [N/A, ]
    [C:\WINDOWS\system32\8566F82E.dll]  [N/A, ]
    [C:\WINDOWS\system32\66AFCB56.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\9CA963CA.dll]  [N/A, ]
    [C:\WINDOWS\system32\E0D39066.dll]  [N/A, ]
    [C:\WINDOWS\system32\5243F5FA.dll]  [N/A, ]
    [C:\WINDOWS\system32\ailin.dll]  [N/A, ]
    [C:\Program Files\Nokia\Nokia PC Suite 7\phonebrowser.dll]  [Nokia, 7, 0, 103, 0]
    [C:\Program Files\Nokia\Nokia PC Suite 7\NGSCM.DLL]  [Nokia, 7, 0, 140, 6]
    [C:\Program Files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_chi-sc.nlr]  [Nokia, 7, 0, 64, 0]
    [C:\Program Files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr]  [Nokia, 7, 0, 20, 0]
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  [Logitech, Inc., 4.60.122]
    [C:\Program Files\Logitech\SetPoint\GameHook.dll]  [Logitech, Inc., 4.60.122]
    [C:\WINDOWS\system32\HBTL.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBWOW.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBJTLQ.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBmhly.dll]  [N/A, ]
    [C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll]  [Nero AG, 2, 0, 0, 8]
    [C:\Program Files\Common Files\Ahead\Lib\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Common Files\Ahead\Lib\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\Ahead\Lib\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MFC71CHS.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\nvcpl.dll]  [NVIDIA Corporation, 6.14.10.9371]
    [C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.9371]
    [C:\WINDOWS\system32\nvapi.dll]  [N/A, ]
    [C:\WINDOWS\system32\nvshell.dll]  [, ]
    [C:\WINDOWS\system32\HBDNF.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBQQXX.dll]  [N/A, ]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.29]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 96]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_01.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 20]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_01.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [C:\WINDOWS\system32\HBQQSG.dll]  [N/A, ]
    [C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll]  [Nero AG, 2, 7, 2, 0]
    [C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Tencent\QQ\qdshm.dll]  [, 1, 0, 101, 20]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17]
    [C:\Program Files\NamiRobot\Data\NamipanExt1.dll]  [N/A, ]
    [C:\Program Files\Internet Explorer\53u1ttMe.2ys]  [N/A, ]
    [C:\Program Files\Common Files\Microsoft Shared\MSInfo\Come_System.sys]  [N/A, ]
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx]  [, 1, 0, 0, 1]
[PID: 1640][C:\Program Files\StormII\stormliv.exe]  [北京暴风网际科技有限公司, 3, 8, 6, 20]
    [C:\WINDOWS\system32\01AFE3DC.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBJXSJ.dll]  [N/A, ]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
[PID: 1660][C:\Program Files\CMBCHINA\WebProtect\WPService.exe]  [China Merchants Bank, 1, 0, 0, 1]
    [C:\Program Files\CMBCHINA\WebProtect\WebProtectPlus.dll]  [China Merchants Bank, 1, 0, 0, 1]
[PID: 1728][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
    [c:\program files\hp\digital imaging\bin\hpqddsvc.dll]  [Hewlett-Packard Co., 82.0.201.000]
    [c:\program files\hp\digital imaging\bin\hpqddcmn.dll]  [Hewlett-Packard Co., 82.0.201.000]
    [c:\program files\hp\digital imaging\bin\hpqcxs08.dll]  [Hewlett-Packard Co., 82.0.201.000]
    [C:\Program Files\HP\Digital Imaging\bin\hpocxi08.dll]  [Hewlett-Packard Co., 82.0.201.000]
    [C:\Program Files\HP\Digital Imaging\bin\hpqcob08.dll]  [Hewlett-Packard Co., 82.0.201.000]
    [C:\Program Files\Internet Explorer\53u1ttMe.2ys]  [N/A, ]
[PID: 1812][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
[PID: 1864][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.10.9371]
    [C:\WINDOWS\system32\nvapi.dll]  [N/A, ]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
[PID: 240][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
[PID: 416][C:\WINDOWS\system32\taskmagr.exe]  [N/A, ]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
    [C:\Program Files\Logitech\SetPoint\GameHook.dll]  [Logitech, Inc., 4.60.122]
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  [Logitech, Inc., 4.60.122]
[PID: 804][C:\Program Files\Windows Media Player\WMPNetwk.exe]  [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
[PID: 2140][C:\WINDOWS\System32\alg.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
[PID: 2164][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 7.00.6000.16735 (vista_gdr.080820-1506)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.29]
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx]  [, 1, 0, 0, 1]
    [C:\Program Files\CMBCHINA\WebProtect\WebProtect.dll]  [China Merchants Bank, 1, 0, 0, 1]
    [C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll]  [Sun Microsystems, Inc., 5.0.60.5]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 96]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_01.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 20]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_01.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [C:\WINDOWS\system32\urlFilter.dll]  [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15]
    [C:\WINDOWS\system32\D7C79813.dll]  [N/A, ]
    [C:\WINDOWS\system32\43ACDCC5.dll]  [N/A, ]
    [C:\Program Files\Rising\AntiSpyware\UrlRule.dll]  [Beijing Rising Information Technology Co., Ltd., 1.0.0.15]
    [C:\WINDOWS\system32\DFEC5CB7.dll]  [N/A, ]
    [C:\Program Files\PPLiveVA\DownloaderManager.dll]  [, 1.0.0.5]
    [C:\WINDOWS\system32\59964D2B.dll]  [N/A, ]
    [C:\WINDOWS\system32\F2CBFAC4.dll]  [N/A, ]
    [C:\WINDOWS\system32\3F21AA0C.dll]  [N/A, ]
    [C:\WINDOWS\system32\DA63E650.dll]  [N/A, ]
    [C:\WINDOWS\system32\5243F5FA.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\58FF3024.dll]  [N/A, ]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx]  [Adobe Systems, Inc., 9,0,124,0]
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  [Logitech, Inc., 4.60.122]
    [C:\Program Files\Logitech\SetPoint\GameHook.dll]  [Logitech, Inc., 4.60.122]
    [C:\Program Files\Internet Explorer\53u1ttMe.2ys]  [N/A, ]
[PID: 2220][C:\WINDOWS\system32\ctfmon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
    [C:\WINDOWS\system32\43ACDCC5.dll]  [N/A, ]
    [C:\WINDOWS\system32\D7C79813.dll]  [N/A, ]
    [C:\WINDOWS\system32\DFEC5CB7.dll]  [N/A, ]
    [C:\WINDOWS\system32\DA63E650.dll]  [N/A, ]
    [C:\WINDOWS\system32\3F21AA0C.dll]  [N/A, ]
    [C:\WINDOWS\system32\59964D2B.dll]  [N/A, ]
    [C:\WINDOWS\system32\F2CBFAC4.dll]  [N/A, ]
    [C:\WINDOWS\system32\5243F5FA.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\58FF3024.dll]  [N/A, ]
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  [Logitech, Inc., 4.60.122]
    [C:\Program Files\Internet Explorer\53u1ttMe.2ys]  [N/A, ]
[PID: 2676][C:\WINDOWS\system32\System.exe]  [N/A, ]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
    [C:\WINDOWS\system32\5243F5FA.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\58FF3024.dll]  [N/A, ]
    [C:\WINDOWS\system32\DA63E650.dll]  [N/A, ]
    [C:\WINDOWS\system32\3F21AA0C.dll]  [N/A, ]
    [C:\WINDOWS\system32\59964D2B.dll]  [N/A, ]
    [C:\WINDOWS\system32\F2CBFAC4.dll]  [N/A, ]
    [C:\WINDOWS\system32\DFEC5CB7.dll]  [N/A, ]
    [C:\WINDOWS\system32\D7C79813.dll]  [N/A, ]
    [C:\WINDOWS\system32\43ACDCC5.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBmhly.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBJXSJ.dll]  [N/A, ]
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  [Logitech, Inc., 4.60.122]
    [C:\WINDOWS\system32\HBJTLQ.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBWOW.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBWD.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBTL.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBDNF.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBQQXX.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBQQSG.dll]  [N/A, ]
    [C:\Program Files\Internet Explorer\53u1ttMe.2ys]  [N/A, ]
[PID: 2712][C:\Program Files\SnowFox\DesktopSprite2\DesktopSprite.exe]  [SnowFox Studio., 2.3.0.40]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  [Logitech, Inc., 4.60.122]
    [C:\Program Files\Logitech\SetPoint\GameHook.dll]  [Logitech, Inc., 4.60.122]
    [C:\WINDOWS\system32\5243F5FA.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\58FF3024.dll]  [N/A, ]
    [C:\WINDOWS\system32\DA63E650.dll]  [N/A, ]
    [C:\WINDOWS\system32\3F21AA0C.dll]  [N/A, ]
    [C:\WINDOWS\system32\59964D2B.dll]  [N/A, ]
    [C:\WINDOWS\system32\F2CBFAC4.dll]  [N/A, ]
    [C:\WINDOWS\system32\DFEC5CB7.dll]  [N/A, ]
    [C:\WINDOWS\system32\D7C79813.dll]  [N/A, ]
    [C:\WINDOWS\system32\43ACDCC5.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBQQSG.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBQQXX.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBDNF.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBTL.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBWOW.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBJTLQ.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBJXSJ.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBmhly.dll]  [N/A, ]
    [C:\Program Files\Internet Explorer\53u1ttMe.2ys]  [N/A, ]
[PID: 2724][C:\Program Files\Logitech\SetPoint\SetPoint.exe]  [Logitech, Inc., 4.60.122]
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  [Logitech, Inc., 4.60.122]
    [C:\WINDOWS\system32\KemXML.dll]  [Logitech, Inc., 4.60.122]
    [C:\WINDOWS\system32\kemutb.dll]  [Logitech, Inc., 4.60.122]
    [C:\WINDOWS\system32\KemUtil.dll]  [Logitech, Inc., 4.60.122]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\system32\KemWnd.dll]  [Logitech, Inc., 4.60.122]
    [C:\Program Files\Logitech\SetPoint\SetPointCOM.dll]  [Logitech, Inc., 4.60.122]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80CHS.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
    [C:\Program Files\Logitech\SetPoint\Macros\MacroCore.dll]  [Logitech, Inc., 4.60.122]
    [C:\Program Files\Logitech\SetPoint\IMHook.dll]  [Logitech, Inc., 4.60.122]
    [C:\Program Files\Logitech\SetPoint\WebBrowserSupport.dll]  [Logitech, Inc., 4.60.122]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Common Files\Logishrd\KHAL2\KhalApi.dll]  [Logitech, Inc., 4.60.122]
    [C:\Program Files\Common Files\Logitech\bluetooth\LBTServ.dll]  [Logitech, Inc., 4.60.122]
    [C:\Program Files\Logitech\SetPoint\kgame.dll]  [Logitech, Inc., 4.60.122]
    [C:\Program Files\Logitech\SetPoint\GameHook.dll]  [Logitech, Inc., 4.60.122]
    [C:\WINDOWS\system32\5243F5FA.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\58FF3024.dll]  [N/A, ]
    [C:\WINDOWS\system32\DA63E650.dll]  [N/A, ]
    [C:\WINDOWS\system32\3F21AA0C.dll]  [N/A, ]
    [C:\WINDOWS\system32\59964D2B.dll]  [N/A, ]
    [C:\WINDOWS\system32\F2CBFAC4.dll]  [N/A, ]
    [C:\WINDOWS\system32\DFEC5CB7.dll]  [N/A, ]
    [C:\WINDOWS\system32\D7C79813.dll]  [N/A, ]
    [C:\WINDOWS\system32\43ACDCC5.dll]  [N/A, ]
    [C:\Program Files\Logitech\SetPoint\LCabHandler.dll]  [Logitech, Inc., 4.60.122]
    [C:\WINDOWS\system32\C8FFD223.dll]  [N/A, ]
    [C:\WINDOWS\system32\BA7EDF54.dll]  [N/A, ]
    [C:\WINDOWS\system32\E4814792.dll]  [N/A, ]
    [C:\WINDOWS\system32\122B901E.dll]  [N/A, ]
    [C:\WINDOWS\system32\9F684DE8.dll]  [N/A, ]
    [C:\WINDOWS\system32\B3721C07.dll]  [N/A, ]
    [C:\WINDOWS\system32\8566F82E.dll]  [N/A, ]
    [C:\WINDOWS\system32\66AFCB56.dll]  [N/A, ]
    [C:\WINDOWS\system32\9CA963CA.dll]  [N/A, ]
    [C:\WINDOWS\system32\E0D39066.dll]  [N/A, ]
    [C:\WINDOWS\system32\01AFE3DC.dll]  [N/A, ]
    [C:\Program Files\Internet Explorer\53u1ttMe.2ys]  [N/A, ]
[PID: 3008][C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe]  [Microsoft Corporation, 4.200.520.1]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  [Logitech, Inc., 4.60.122]
    [C:\WINDOWS\system32\5243F5FA.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\58FF3024.dll]  [N/A, ]
    [C:\WINDOWS\system32\DA63E650.dll]  [N/A, ]
    [C:\WINDOWS\system32\3F21AA0C.dll]  [N/A, ]
    [C:\WINDOWS\system32\59964D2B.dll]  [N/A, ]
    [C:\WINDOWS\system32\F2CBFAC4.dll]  [N/A, ]
    [C:\WINDOWS\system32\DFEC5CB7.dll]  [N/A, ]
    [C:\WINDOWS\system32\D7C79813.dll]  [N/A, ]
    [C:\WINDOWS\system32\43ACDCC5.dll]  [N/A, ]
[PID: 3104][C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE]  [Logitech, Inc., 4.60.42]
    [C:\WINDOWS\system32\HBmhly.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBJXSJ.dll]  [N/A, ]
    [C:\Program Files\Common Files\Logishrd\KHAL2\KHALAPI.DLL]  [Logitech, Inc., 4.60.122]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
    [C:\Program Files\Logitech\SetPoint\GameHook.dll]  [Logitech, Inc., 4.60.122]
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  [Logitech, Inc., 4.60.122]
    [C:\Program Files\Common Files\Logitech\bluetooth\LBTServ.dll]  [Logitech, Inc., 4.60.122]
    [C:\Program Files\Common Files\Logishrd\KHAL2\KHALITCH.DLL]  [Logitech, Inc., 4.60.122]
    [C:\Program Files\Common Files\Logishrd\KHAL2\KHALMW.DLL]  [Logitech, Inc., 4.60.122]
    [C:\Program Files\Common Files\Logishrd\KHAL2\KHALHPP.DLL]  [Logitech, Inc., 4.60.122]
    [C:\Program Files\Common Files\Logishrd\KHAL2\KHALMOU.DLL]  [Logitech, Inc., 4.60.122]
    [C:\Program Files\Common Files\Logishrd\KHAL2\KHALHID.DLL]  [Logitech, Inc., 4.60.122]
    [C:\Program Files\Common Files\Logishrd\KHAL2\KHALUSB.DLL]  [Logitech, Inc., 4.60.122]
    [C:\WINDOWS\system32\5243F5FA.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\58FF3024.dll]  [N/A, ]
    [C:\WINDOWS\system32\DA63E650.dll]  [N/A, ]
    [C:\WINDOWS\system32\3F21AA0C.dll]  [N/A, ]
    [C:\WINDOWS\system32\59964D2B.dll]  [N/A, ]
    [C:\WINDOWS\system32\F2CBFAC4.dll]  [N/A, ]
    [C:\WINDOWS\system32\DFEC5CB7.dll]  [N/A, ]
    [C:\WINDOWS\system32\D7C79813.dll]  [N/A, ]
    [C:\WINDOWS\system32\43ACDCC5.dll]  [N/A, ]
    [C:\Program Files\Internet Explorer\53u1ttMe.2ys]  [N/A, ]
[PID: 3196][C:\WINDOWS\system32\conime.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
    [C:\WINDOWS\system32\HBmhly.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBJXSJ.dll]  [N/A, ]
    [C:\Program Files\Logitech\SetPoint\GameHook.dll]  [Logitech, Inc., 4.60.122]
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  [Logitech, Inc., 4.60.122]
    [C:\WINDOWS\system32\5243F5FA.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\58FF3024.dll]  [N/A, ]
    [C:\WINDOWS\system32\DA63E650.dll]  [N/A, ]
    [C:\WINDOWS\system32\3F21AA0C.dll]  [N/A, ]
    [C:\WINDOWS\system32\59964D2B.dll]  [N/A, ]
    [C:\WINDOWS\system32\F2CBFAC4.dll]  [N/A, ]
    [C:\WINDOWS\system32\DFEC5CB7.dll]  [N/A, ]
    [C:\WINDOWS\system32\D7C79813.dll]  [N/A, ]
    [C:\WINDOWS\system32\43ACDCC5.dll]  [N/A, ]
    [C:\Program Files\Internet Explorer\53u1ttMe.2ys]  [N/A, ]
[PID: 1300][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 7.00.6000.16735 (vista_gdr.080820-1506)]
    [C:\WINDOWS\system32\01AFE3DC.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBmhly.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBJXSJ.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBJTLQ.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBWOW.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBWD.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBTL.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBDNF.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBQQXX.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBQQSG.dll]  [N/A, ]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
    [C:\Program Files\Logitech\SetPoint\GameHook.dll]  [Logitech, Inc., 4.60.122]
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  [Logitech, Inc., 4.60.122]
    [C:\WINDOWS\system32\5243F5FA.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\58FF3024.dll]  [N/A, ]
    [C:\WINDOWS\system32\DA63E650.dll]  [N/A, ]
    [C:\WINDOWS\system32\3F21AA0C.dll]  [N/A, ]
    [C:\WINDOWS\system32\59964D2B.dll]  [N/A, ]
    [C:\WINDOWS\system32\F2CBFAC4.dll]  [N/A, ]
    [C:\WINDOWS\system32\DFEC5CB7.dll]  [N/A, ]
    [C:\WINDOWS\system32\D7C79813.dll]  [N/A, ]
    [C:\WINDOWS\system32\43ACDCC5.dll]  [N/A, ]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.29]
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx]  [, 1, 0, 0, 1]
    [C:\Program Files\CMBCHINA\WebProtect\WebProtect.dll]  [China Merchants Bank, 1, 0, 0, 1]
    [C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll]  [Sun Microsystems, Inc., 5.0.60.5]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 96]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_01.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 20]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_01.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [C:\WINDOWS\system32\urlFilter.dll]  [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15]
    [C:\Program Files\Rising\AntiSpyware\UrlRule.dll]  [Beijing Rising Information Technology Co., Ltd., 1.0.0.15]
    [C:\Program Files\PPLiveVA\DownloaderManager.dll]  [, 1.0.0.5]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx]  [Adobe Systems, Inc., 9,0,124,0]
    [C:\Program Files\Internet Explorer\53u1ttMe.2ys]  [N/A, ]
    [C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll]  [Nero AG, 2, 0, 0, 8]
    [C:\Program Files\Common Files\Ahead\Lib\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Common Files\Ahead\Lib\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\Ahead\Lib\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MFC71CHS.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\C8FFD223.dll]  [N/A, ]
    [C:\WINDOWS\system32\BA7EDF54.dll]  [N/A, ]
    [C:\WINDOWS\system32\E4814792.dll]  [N/A, ]
    [C:\WINDOWS\system32\122B901E.dll]  [N/A, ]
    [C:\WINDOWS\system32\9F684DE8.dll]  [N/A, ]
    [C:\WINDOWS\system32\B3721C07.dll]  [N/A, ]
    [C:\WINDOWS\system32\8566F82E.dll]  [N/A, ]
    [C:\WINDOWS\system32\66AFCB56.dll]  [N/A, ]
    [C:\WINDOWS\system32\9CA963CA.dll]  [N/A, ]
    [C:\WINDOWS\system32\E0D39066.dll]  [N/A, ]
    [C:\Program Files\Common Files\Microsoft Shared\MSInfo\Come_System.sys]  [N/A, ]
[PID: 3320][C:\WINDOWS\system32\a.exe]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\01AFE3DC.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBmhly.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBJXSJ.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBJTLQ.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBWOW.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBWD.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBTL.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBDNF.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBQQXX.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBQQSG.dll]  [N/A, ]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
    [C:\Program Files\Internet Explorer\53u1ttMe.2ys]  [N/A, ]
    [C:\WINDOWS\TEMP\2372c4.x]  [N/A, ]
[PID: 892][C:\WINDOWS\SREngLdr.EXE]  [Smallfrogs Studio, 2.7.0.1210]
    [C:\WINDOWS\system32\HBmhly.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBJXSJ.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBWOW.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBDNF.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBTL.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBQQSG.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBQQXX.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBWD.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBJTLQ.dll]  [N/A, ]
[PID: 1056][C:\WINDOWS\SREa5f3657c.EXE]  [Smallfrogs Studio, 2.7.0.1210]
    [C:\WINDOWS\system32\HBmhly.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBJXSJ.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBWOW.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBDNF.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBTL.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBQQSG.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBQQXX.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBWD.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBJTLQ.dll]  [N/A, ]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
    [C:\Program Files\Internet Explorer\53u1ttMe.2ys]  [N/A, ]
    [C:\Program Files\Logitech\SetPoint\GameHook.dll]  [Logitech, Inc., 4.60.122]
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  [Logitech, Inc., 4.60.122]
    [C:\WINDOWS\system32\5243F5FA.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\58FF3024.dll]  [N/A, ]
    [C:\WINDOWS\system32\DA63E650.dll]  [N/A, ]
    [C:\WINDOWS\system32\3F21AA0C.dll]  [N/A, ]
    [C:\WINDOWS\system32\59964D2B.dll]  [N/A, ]
    [C:\WINDOWS\system32\F2CBFAC4.dll]  [N/A, ]
    [C:\WINDOWS\system32\DFEC5CB7.dll]  [N/A, ]
    [C:\WINDOWS\system32\D7C79813.dll]  [N/A, ]
    [C:\WINDOWS\system32\43ACDCC5.dll]  [N/A, ]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1       v.onondown.com.cn
127.0.0.2       ymsdasdw1.cn
127.0.0.3       h96b.info
127.0.0.0       fuck.zttwp.cn
127.0.0.0       www.hackerbf.cn
127.0.0.0       geekbyfeng.cn
127.0.0.0       ppp.etimes888.com
127.0.0.0       www.bypk.com
127.0.0.1       va9sdhun23.cn
127.0.0.2       bnasnd83nd.cn
127.0.0.0       www.gamehacker.com.cn
127.0.0.0       gamehacker.com.cn
127.0.0.3       adlaji.cn
127.0.0.1       858656.com
127.1.1.1       bnasnd83nd.cn
127.0.0.1       my123.com
127.0.0.0       user1.12-27.net
127.0.0.1       8749.com
127.0.0.0       fengent.cn
127.0.0.1       4199.com
127.0.0.1       user1.16-22.net
127.0.0.1       7379.com
127.0.0.1       2be37c5f.3f6e2cc5f0b.com
127.0.0.1       7255.com
127.0.0.1       user1.23-12.net
127.0.0.1       3448.com
127.0.0.1       www.guccia.net
127.0.0.1       7939.com
127.0.0.1       a.o1o1o1.nEt
127.0.0.1       8009.com
127.0.0.1       user1.12-73.cn
127.0.0.1       piaoxue.com
127.0.0.1       3n8nlasd.cn
127.0.0.1       kzdh.com
127.0.0.0       www.sony888.cn
127.0.0.1       about.blank.la
127.0.0.0       user1.asp-33.cn
127.0.0.1       6781.com
127.0.0.0       www.netkwek.cn
127.0.0.1       7322.com
127.0.0.0       ymsdkad6.cn
127.0.0.1       localhost
127.0.0.0       www.lkwueir.cn
127.0.0.1       06.jacai.com
127.0.1.1       user1.23-17.net
127.0.0.1       1.jopenkk.com
127.0.0.0       upa.luzhiai.net
127.0.0.1       1.jopenqc.com
127.0.0.0       www.guccia.net
127.0.0.1       1.joppnqq.com
127.0.0.0       4m9mnlmi.cn
127.0.0.1       1.xqhgm.com
127.0.0.0       mm119mkssd.cn
127.0.0.1       100.332233.com
127.0.0.0       61.128.171.115:8080
127.0.0.1       121.11.90.79
127.0.0.0       www.1119111.com
127.0.0.1       121565.net
127.0.0.0       win.nihao69.cn
127.0.0.1       125.90.88.38
127.0.0.1       16888.6to23.com
127.0.0.1       2.joppnqq.com
127.0.0.0       puc.lianxiac.net
127.0.0.1       204.177.92.68
127.0.0.0       pud.lianxiac.net
127.0.0.1       210.74.145.236
127.0.0.0       210.76.0.133
127.0.0.1       219.129.239.220
127.0.0.0       61.166.32.2
127.0.0.1       219.153.40.221
127.0.0.0       218.92.186.27
127.0.0.1       219.153.46.27
127.0.0.0       www.fsfsfag.cn
127.0.0.1       219.153.52.123
127.0.0.0       ovo.ovovov.cn
127.0.0.1       221.195.42.71
127.0.0.0       dw.com.com
127.0.0.1       222.73.218.115
127.0.0.1       203.110.168.233:80
127.0.0.1       3.joppnqq.com
127.0.0.1       203.110.168.221:80
127.0.0.1       363xx.com
127.0.0.1       www1.ip10086.com.cm
127.0.0.1       4199.com
127.0.0.1       blog.ip10086.com.cn
127.0.0.1       43242.com
127.0.0.1       www.ccji68.cn
127.0.0.1       5.xqhgm.com
127.0.0.0       t.myblank.cn
127.0.0.1       520.mm5208.com
127.0.0.0       x.myblank.cn
127.0.0.1       59.34.131.54
127.0.0.1       210.51.45.5
127.0.0.1       59.34.198.228
127.0.0.1       www.ew1q.cn
127.0.0.1       59.34.198.88
127.0.0.1       59.34.198.97
127.0.0.1       60.190.114.101
127.0.0.1       60.190.218.34
127.0.0.0       qq-xing.com.cn
127.0.0.1       60.191.124.252
127.0.0.1       61.145.117.212
127.0.0.1       61.157.109.222
127.0.0.1       75.126.3.216
127.0.0.1       75.126.3.217
127.0.0.1       75.126.3.218
127.0.0.0       59.125.231.177:17777
127.0.0.1       75.126.3.220
127.0.0.1       75.126.3.221
127.0.0.1       75.126.3.222
127.0.0.1       772630.com
127.0.0.1       832823.cn
127.0.0.1       8749.com
127.0.0.1       888.jopenqc.com
127.0.0.1       89382.cn
127.0.0.1       8v8.biz
127.0.0.1       97725.com
127.0.0.1       9gg.biz
127.0.0.1       www.9000music.com
127.0.0.1       test.591jx.com
127.0.0.1       a.topxxxx.cn
127.0.0.1       picon.chinaren.com
127.0.0.1       www.5566.net
127.0.0.1       p.qqkx.com
127.0.0.1       news.netandtv.com
127.0.0.1       z.neter888.cn
127.0.0.1       b.myblank.cn
127.0.0.1       wvw.wokutu.com
127.0.0.1       unionch.qyule.com
127.0.0.1       www.qyule.com
127.0.0.1       it.itjc.cn
127.0.0.1       www.linkwww.com
127.0.0.1       vod.kaicn.com
127.0.0.1       www.tx8688.com
127.0.0.1       b.neter888.cn
127.0.0.1       promote.huanqiu.com
127.0.0.1       www.huanqiu.com
127.0.0.1       www.haokanla.com
127.0.0.1       play.unionsky.cn
127.0.0.1       www.52v.com
127.0.0.1       www.gghka.cn
127.0.0.1       icon.ajiang.net
127.0.0.1       new.ete.cn
127.0.0.1       www.stiae.cn
127.0.0.1       o.neter888.cn
127.0.0.1       comm.jinti.com
127.0.0.1       www.google-analytics.com
127.0.0.1       hz.mmstat.com
127.0.0.1       www.game175.cn
127.0.0.1       x.neter888.cn
127.0.0.1       z.neter888.cn
127.0.0.1       p.etimes888.com
127.0.0.1       hx.etimes888.com
127.0.0.1       abc.qqkx.com
127.0.0.1       dm.popdm.cn
127.0.0.1       www.yl9999.com
127.0.0.1       www.dajiadoushe.cn
127.0.0.1       v.onondown.com.cn
127.0.0.1       www.interoo.net
127.0.0.1       bally1.bally-bally.net
127.0.0.1       www.bao5605509.cn
127.0.0.1       www.rty456.cn
127.0.0.1       www.werqwer.cn
127.0.0.1       1.360-1.cn
127.0.0.1       user1.23-16.net
127.0.0.1       www.guccia.net
127.0.0.1       www.interoo.net
127.0.0.1       upa.netsool.net
127.0.0.1       js.users.51.la
127.0.0.1       vip2.51.la
127.0.0.1       web.51.la
127.0.0.1       qq.gong2008.com
127.0.0.1       2008tl.copyip.com
127.0.0.1       tla.laozihuolaile.cn
127.0.0.1       www.tx6868.cn
127.0.0.1       p001.tiloaiai.com
127.0.0.1       s1.tl8tl.com
127.0.0.1       s1.gong2008.com
127.0.0.1       4b3ce56f9g.3f6e2cc5f0b.com
127.0.0.1       2be37c5f.3f6e2cc5f0b.com

==================================
进程特权扫描
特殊特权被允许： SeDebugPrivilege [PID = 416, C:\WINDOWS\SYSTEM32\TASKMAGR.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 2676, C:\WINDOWS\SYSTEM32\SYSTEM.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2676, C:\WINDOWS\SYSTEM32\SYSTEM.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 2712, C:\PROGRAM FILES\SNOWFOX\DESKTOPSPRITE2\DESKTOPSPRITE.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2712, C:\PROGRAM FILES\SNOWFOX\DESKTOPSPRITE2\DESKTOPSPRITE.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 3320, C:\WINDOWS\SYSTEM32\A.EXE]
特殊特权被允许： SeSystemtimePrivilege [PID = 3320, C:\WINDOWS\SYSTEM32\A.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1488, C:\WINDOWS\TEMP\2652467]
特殊特权被允许： SeSystemtimePrivilege [PID = 1488, C:\WINDOWS\TEMP\2652467]
特殊特权被允许： SeDebugPrivilege [PID = 892, C:\WINDOWS\SRENGLDR.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 892, C:\WINDOWS\SRENGLDR.EXE]

==================================
计划任务
N/A

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]