[CODE]

2009-08-25,14:27:29

System Repair Engineer 2.7.1.1261
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 3 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描
    计划任务
    API HOOK
    隐藏进程


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Component Publisher]
    <swg><C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe>  [(Verified)Google Inc]
    <FlashGet 3><"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" -minimize>  [File is missing]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <360Safetray><"D:\360safe\safemon\360tray.exe" /start>  [(Verified)Qizhi Software (beijing) Co. Ltd]
    <runeip><"C:\Program Files\Rising\AntiSpyware\rstray.exe" /startup>  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [(Verified)"RealNetworks, Inc."]
    <RFWTray><"C:\Program Files\Rising\RFW\RsTray.exe" -system>  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <RavTray><"C:\Program Files\Rising\Rav\RsTray.exe" -system>  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <updater><C:\WINDOWS\system32\updater.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <ming9bstart><C:\WINDOWS\system\ming9b090423.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><C:\WINDOWS\system32\a4rxQxCvNBMNnpqs.dll,kmon.dll>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <{E3531A16-FFEA-416F-82DF-32FEDE02EABF}><C:\WINDOWS\system32\emHnPuBAaF7XjuXBbdxSg.dll>  []
    <{69B265A2-A172-4D27-BDF1-917E6D8B1DCC}><C:\WINDOWS\fonts\jUxfqJDwmfQEHcy2.fon>  []
    <{427E02E6-39DB-4424-A49C-7553CD1331F5}><C:\WINDOWS\system32\WcCtgJ4zcxHF.dll>  []
    <{9AD1DE62-196C-4C01-9A2F-0BEDEF727C59}><C:\WINDOWS\system32\mFr9FPruEFZ9VNdrveJunw3.dll>  []
    <{B8898C49-7B3A-4306-A9EF-8E186EDEE5EA}><C:\WINDOWS\system32\Qh6xX7VN48sVPnK.dll>  []
    <{D6129F8A-6F6E-41D7-BBC9-AC7426759CED}><C:\WINDOWS\system32\w7uds3zyayg9.dll>  []
    <{122B901E-493F-4AD9-BC69-7DE8C3E52FCC}><C:\WINDOWS\system32\122B901E.dll>  []
    <{F1455861-8C40-4095-ABD8-7BEAE5ADF92E}><C:\WINDOWS\system32\Rwad8sdv4e7V8xpKZ.dll>  []
    <{5405A7B2-F3F5-446F-8715-2A4EF674E079}><C:\WINDOWS\system32\rfpz9wwyy2np.dll>  []
    <{0220FBE7-F757-4C74-B246-D6703DCF1087}><C:\WINDOWS\system32\EmfVcSFcRkARFbbTQW5V5.dll>  []
    <{108DA6C0-CFBF-41D4-9A09-C4D06AE6FFD2}><C:\WINDOWS\system32\Q9q2MHJ3uTBErM7wc.dll>  []
    <{87DE8A1A-96C5-4420-B222-EF998F697CE7}><C:\WINDOWS\system32\2exJW3dsaTgWrf5uAPadmHN.dll>  []
    <{704C3595-DB85-40F6-A601-8D6F346907BD}><C:\WINDOWS\system32\704C3595.dll>  []
    <{08223B03-1B38-4A33-A83A-A4D3CC1D6E4E}><C:\WINDOWS\system32\08223B03.dll>  []
    <{8708994F-1758-4C2C-9A3F-FA22D6CCCB41}><C:\WINDOWS\fonts\A97CRaCB.fon>  []
    <{A761BE8E-C15A-4DDD-A777-2C683E9E96C8}><C:\WINDOWS\system32\a4rxQxCvNBMNnpqs.dll>  []
    <{36AC68E6-0C26-4D39-B98E-54B49DAB6BAA}><C:\WINDOWS\system32\dhDhwS7fFW.dll>  []
    <{1055CA44-51F8-486B-8CBD-DC7AD4213F1E}><C:\WINDOWS\fonts\bQgc5yHMSD4yd.fon>  []
    <{53915AE3-2660-4870-B092-C9E5A292D327}><C:\WINDOWS\fonts\DGvbbtCNkQVHR6JNYgc.fon>  []
    <{CD478099-014D-4B3A-A4BB-B518F1019BC7}><C:\WINDOWS\system32\SCEVFJRCmaB7.dll>  []
    <{23DA65D2-C696-4EE4-BEE8-B4841DEC3E30}><C:\WINDOWS\system32\ndxq9awMc.dll>  []
    <{762D618C-E2CB-4217-8275-03302A93073F}><C:\WINDOWS\fonts\zEfE48cw9EmcFaR.fon>  []
    <{2EF0D734-21FD-4225-A1A2-BCD296182AAF}><C:\WINDOWS\system32\2EF0D734.dll>  []
    <{51AA0D89-E9A9-4284-93E8-40C0FDD59304}><C:\WINDOWS\system32\eNyN5X48HrtXc.dll>  []
    <{0A2D7F10-1153-4061-AA4B-ACB870212B57}><C:\WINDOWS\system32\z5WRXqHagksJxWt.dll>  []
    <{8E6D4583-0FA1-41B2-BAAA-63352E6333CA}><C:\WINDOWS\system32\jY8sGUnWqbZb3x2BPhY.dll>  []
    <{51716C09-6B08-4CCF-B526-718E912C0573}><C:\WINDOWS\system32\PERrGx5DkqSbQdwauCRQH.dll>  []
    <{A5CA6C70-7185-4466-AB45-B1C34E7A37CA}><C:\WINDOWS\system32\ed78ab9.dll>  []
    <{BE12C98F-645D-4566-B524-DC32040B7C8A}><C:\WINDOWS\system32\eYNMAnskCCBQCc8Jp.dll>  []
    <{822775B8-E45B-4E55-9325-0753A0C1DC00}><C:\WINDOWS\system32\wdGSVBqAs3Xk.dll>  []
    <{1719B301-B494-4185-9379-242461F9CF02}><C:\WINDOWS\system32\BtmBAnd89jc9PsPq5EKNj.dll>  []
    <{38FEFE05-702C-440D-AD5C-B796209A1CC5}><C:\WINDOWS\system32\Y4npJWJNr.dll>  []
    <{50EBD6A5-0CF6-4E59-AE08-CCD991AA0596}><C:\WINDOWS\system32\GU6f5sW42mdc.dll>  []
    <{76CBCF38-0583-44C7-A1AE-D463DFE625EC}><C:\WINDOWS\system32\skcfujQ5EDN.dll>  []
    <{737858A9-9AEA-4838-9B49-54DA731F7F37}><C:\WINDOWS\system32\BMsg6pdMD4ht.dll>  []
    <{B4FBFDAA-D831-4CDA-BF0D-68815CE308F0}><C:\WINDOWS\system32\HFXBt3PgtnqwHXb.dll>  [File is missing]
    <{44145A62-C003-4C0E-ADDE-4AB37A7FD38B}><C:\Program Files\Internet Explorer\D9.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <WebCheck><%SystemRoot%\system32\webcheck.dll>  [(Verified)Microsoft Windows Component Publisher]
    <SysTray><C:\WINDOWS\system32\stobject.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    <WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    <WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    <WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
    <WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    <WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    <WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    <WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    <WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    <WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    <WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
    <{153FC33C-8D26-4620-ACBA-3371AAC67A23}><C:\WINDOWS\System32\flysoft.dll>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
    <浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    <Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360hotfix.exe]
    <IFEO[360hotfix.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360rpt.exe]
    <IFEO[360rpt.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360Safebox.exe]
    <IFEO[360Safebox.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360tray.exe]
    <IFEO[360tray.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\apvxdwin.exe]
    <IFEO[apvxdwin.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ast.exe]
    <IFEO[ast.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avcenter.exe]
    <IFEO[avcenter.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avengine.exe]
    <IFEO[avengine.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgnt.exe]
    <IFEO[avgnt.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avguard.exe]
    <IFEO[avguard.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avltmain.exe]
    <IFEO[avltmain.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp32.exe]
    <IFEO[avp32.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avtask.exe]
    <IFEO[avtask.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdagent.exe]
    <IFEO[bdagent.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdwizreg.exe]
    <IFEO[bdwizreg.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\boxmod.exe]
    <IFEO[boxmod.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccapp.exe]
    <IFEO[ccapp.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccevtmgr.exe]
    <IFEO[ccevtmgr.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccregvfy.exe]
    <IFEO[ccregvfy.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccsetmgr.exe]
    <IFEO[ccsetmgr.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cqw32.exe]
    <IFEO[cqw32.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DrvAnti.exe]
    <IFEO[DrvAnti.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe]
    <IFEO[egui.exe]><services.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ekrn.exe]
    <IFEO[ekrn.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\enc98.EXE]
    <IFEO[enc98.EXE]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\extdb.exe]
    <IFEO[extdb.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\frameworkservice.exe]
    <IFEO[frameworkservice.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\frwstub.exe]
    <IFEO[frwstub.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\guardfield.exe]
    <IFEO[guardfield.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kaccore.exe]
    <IFEO[kaccore.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kavsvc.exe]
    <IFEO[kavsvc.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kavsvcui.exe]
    <IFEO[kavsvcui.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kissvc.exe]
    <IFEO[kissvc.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\knownsvr.exe]
    <IFEO[knownsvr.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvfw.exe]
    <IFEO[kvfw.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvmonxp.exe]
    <IFEO[kvmonxp.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvprescan.exe]
    <IFEO[kvprescan.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\livesrv.exe]
    <IFEO[livesrv.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcagent.exe]
    <IFEO[mcagent.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcdash.exe]
    <IFEO[mcdash.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcdetect.exe]
    <IFEO[mcdetect.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcshield.exe]
    <IFEO[mcshield.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mctskshd.exe]
    <IFEO[mctskshd.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcvsescn.exe]
    <IFEO[mcvsescn.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcvsshld.exe]
    <IFEO[mcvsshld.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mghtml.exe]
    <IFEO[mghtml.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\naprdmgr.exe]
    <IFEO[naprdmgr.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navw32.exe]
    <IFEO[navw32.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nmain.exe]
    <IFEO[nmain.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\oasclnt.exe]
    <IFEO[oasclnt.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pavsrv51.exe]
    <IFEO[pavsrv51.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\psctrls.exe]
    <IFEO[psctrls.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\psimreal.exe]
    <IFEO[psimreal.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\psimsvc.exe]
    <IFEO[psimsvc.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qqdoctormain.exe]
    <IFEO[qqdoctormain.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ravmon.exe]
    <IFEO[ravmon.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ravtask.exe]
    <IFEO[ravtask.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rsmain.exe]
    <IFEO[rsmain.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rssafety.exe]
    <IFEO[rssafety.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safebank.exe]
    <IFEO[safebank.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safeboxTray.exe]
    <IFEO[safeboxTray.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scanfrm.exe]
    <IFEO[scanfrm.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sched.exe]
    <IFEO[sched.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\secnotifier.exe]
    <IFEO[secnotifier.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SetupLD.exe]
    <IFEO[SetupLD.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\shstat.exe]
    <IFEO[shstat.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sndsrvc.exe]
    <IFEO[sndsrvc.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spbbcsvc.exe]
    <IFEO[spbbcsvc.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbmon.exe]
    <IFEO[tbmon.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ulibcfg.exe]
    <IFEO[ulibcfg.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\updaterui.exe]
    <IFEO[updaterui.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vcr32.exe]
    <IFEO[vcr32.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vcrmon.exe]
    <IFEO[vcrmon.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vptray.exe]
    <IFEO[vptray.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsserv.exe]
    <IFEO[vsserv.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vstskmgr.exe]
    <IFEO[vstskmgr.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\webproxy.exe]
    <IFEO[webproxy.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\xcommsvr.exe]
    <IFEO[xcommsvr.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\xnlscn.exe]
    <IFEO[xnlscn.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\修复工具.]
    <IFEO[修复工具.]><ntsd -d>  [N/A]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\system32\桌面下雪.SCR>  [Nord-Tec Software Engineering]

==================================
启动文件夹
[腾讯QQ]
  <C:\Documents and Settings\lian\「开始」菜单\程序\启动\腾讯QQ.lnk --> C:\PROGRA~1\QQ\QQ.exe [TENCENT]><N>
[QQ游戏启动加速程序]
  <C:\Documents and Settings\lian\「开始」菜单\程序\启动\QQ游戏启动加速程序.lnk --> C:\PROGRA~1\QQGame\Accel.exe [深圳市腾讯计算机系统有限公司]><N>

==================================
服务
[6to4 / 6to4][Stopped/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\6to4.dll><N/A>
[Application Management / AppMgmt][Stopped/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
[Contrl Center of Storm Media / ccosm][Running/Auto Start]
  <C:\Program Files\StormII\stormliv.exe /asservice><北京暴风网际科技有限公司>
[Google Software Updater / gusvc][Stopped/Manual Start]
  <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[Help and Support / helpsvc][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>
[Human Interface Device Access / HidServ][Stopped/Boot Start]
  <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
  <C:\WINDOWS\system32\mnmsrvc.exe><(File is missing)>
[Rav Process Communication Center / RavCCenter][Stopped/Disabled]
  <C:\Program Files\Rising\Rav\CCENTER.EXE><Beijing Rising Information Technology Co., Ltd.>
[Rising RavTask Manager / RavTask][Stopped/Disabled]
  <"C:\Program Files\Rising\Rav\RavTask.exe" RavTask><Beijing Rising Information Technology Co., Ltd.>
[Rfw Process Communication Center / RfwCCenter][Stopped/Auto Start]
  <C:\Program Files\Rising\RFW\CCENTER.EXE><Beijing Rising Information Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Stopped/Auto Start]
  <C:\Program Files\Rising\RFW\rfwsrv.exe><Beijing Rising Information Technology Co., Ltd.>
[Rising RfwTask Manager / RfwTask][Stopped/Auto Start]
  <"C:\Program Files\Rising\RFW\RavTask.exe" RfwTask><Beijing Rising Information Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Stopped/Disabled]
  <C:\Program Files\Rising\Rav\RavMonD.exe><Beijing Rising Information Technology Co., Ltd.>
[Rising Scan Service / RsScanSrv][Stopped/Disabled]
  <C:\Program Files\Rising\Rav\ScanFrm.exe><Beijing Rising Information Technology Co., Ltd.>
[Tencent Software Update Service / TSUSVC][Running/Auto Start]
  <"C:\Program Files\Tencent\QQSoftMgr\TencentUpdateSvc.exe" -run><Tencent>
[Ukwsvr / Ukwsvr][Running/Auto Start]
  <C:\Program Files\unikeyword\ukwsvr.exe><China Internet Network Information Center>

==================================
驱动程序
[2310_00 / 2310_00][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\2310_00.sys><HighPoint Technologies, Inc.>
[360SelfProtection / 360SelfProtection][Running/System Start]
  <system32\drivers\360SelfProtection.sys><360安全中心>
[3wareDrv / 3wareDrv][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\3wareDrv.sys><N/A>
[3waregsm / 3waregsm][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\3waregsm.sys><N/A>
[a320raid / a320raid][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\a320raid.sys><Adaptec, Inc.>
[aaatimeo / aaatimeo][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\aaatimeo.sys><Microsoft Corporation>
[Adaptec RAID Miniport Driver / aac][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\aac.sys><Adaptec, Inc.>
[Adaptec SAS/SATA-II RAID Miniport Driver / aacsas][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\aacsas.sys><Adaptec, Inc.>
[aar1210 / aar1210][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\aar1210.sys><Adaptec, Inc.>
[adp94xx / adp94xx][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\adp94xx.sys><Adaptec, Inc.>
[adpu160m / adpu160m][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\adpu160m.sys><Adaptec, Inc.>
[adpu320 / adpu320][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\adpu320.sys><Adaptec, Inc.>
[ACARD AEC6210UF UltraDMA33 Controller / aec6210][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\aec6210.sys><ACARD Technology Corp.>
[ACARD AEC6260 UltraDMA-66 Controller / aec6260][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\aec6260.sys><ACARD Technology Corp.>
[aec6280 / aec6280][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\aec6280.sys><ACARD Technology Corp.>
[aec6290 / aec6290][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\aec6280.sys><ACARD Technology Corp.>
[aec67160 / aec67160][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\aec67160.sys><ACARD Technology Corp.>
[AEC671X / AEC671X][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\AEC671X.sys><ACARD Technology Corp.>
[AEC6880 / AEC6880][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\AEC6880.sys><ACARD Technology Corp.>
[aec6897 / aec6897][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\aec6897.sys><ACARD Technology Corp.>
[aec68x5 / aec68x5][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\aec68x5.sys><ACARD Technology Corp.>
[AFAMgt / AFAMgt][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\afamgt.sys><Adaptec, Inc.>
[Intel AGP Bus Filter / agp440][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\agp440.sys><Microsoft Corporation>
[Compaq AGP Bus Filter / agpCPQ][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\agpCPQ.sys><Microsoft Corporation>
[ahcix86 / ahcix86][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\ahcix86.sys><ATI Technologies Inc.>
[AliIde / AliIde][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\aliide.sys><ALi Corporation>
[ALI AGP Bus Filter / alim1541][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\alim1541.sys><Microsoft Corporation>
[AMD AGP Bus Filter Driver / amdagp][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\amdagp.sys><Advanced Micro Devices, Inc.>
[amdbusdr / amdbusdr][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\amdbusdr.sys><AMD>
[AMD EIDE 驱动程衼E / amdeide][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\AmdEide.sys><AMD>
[arcm_x86 / arcm_x86][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\arcm_x86.sys><ARECA Technology Corporation>
[asc / asc][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\asc.sys><Advanced System Products, Inc.>
[asc3550 / asc3550][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\asc3550.sys><Advanced System Products, Inc.>
[SiI-3112 SATALink  Controller / ASH1205][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\ASH1205.sys><Silicon Image, Inc.>
[ata1200a / ata1200a][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\ata1200a.sys><Adaptec, Inc.>
[atiide / atiide][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\atiide.sys><ATI Technologies Inc.>
[Promise driver accelerator / bb-run][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
[BFSDRV / BFSDRV][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\bfsdrv.sys><360安全中心>
[BREGDRV / BREGDRV][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\bregdrv.sys><360安全中心>
[cda1000 / cda1000][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\cda1000.sys><Adaptec, Inc.>
[DELL CERC SATA 1.5/6ch RAID Miniport Driver / cercsr6][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\cercsr6.sys><Adaptec, Inc.>
[CmdIde / CmdIde][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[Cpq32fs2 / Cpq32fs2][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\Cpq32fs2.sys><Hewlett-Packard Company>
[cpqarry2 / cpqarry2][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\cpqarry2.sys><Compaq Computer Corporation>
[cpqcissm / cpqcissm][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\cpqcissm.sys><Hewlett-Packard Company>
[dac2w2k / dac2w2k][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\dac2w2k.sys><Mylex Corporation>
[dac960nt / dac960nt][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\dac960nt.sys><Mylex Corporation>
[Promise Removable Disk Control Driver / dontgo][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
[dpti2o / dpti2o][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\dpti2o.sys><Adaptec, Inc.>
[EagleNT / EagleNT][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\EagleNT.sys><N/A>
[EfiSystemMon / EfiMon][Running/System Start]
  <System32\Drivers\Efimon.sys><奇虎网>
[Creative AudioPCI (ES1371,ES1373) (WDM) / es1371][Stopped/Manual Start]
  <system32\drivers\es1371mp.sys><Creative Technology Ltd.>
[FastSx / FastSx][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\FastSx.sys><Promise Technology, Inc.>
[fasttrak / fasttrak][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\fasttrak.sys><Promise Technology, Inc.>
[fasttx2k / fasttx2k][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\fasttx2k.sys><Promise Technology, Inc.>
[VIA Rhine-Family Fast-Ethernet Adapter Driver Service / FET5X86V][Running/Manual Start]
  <system32\DRIVERS\fetnd5bv.sys><VIA Technologies, Inc.>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[fttxr52P / fttxr52P][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\fttxr52P.sys><Promise Technology, Inc.>
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[Microsoft HID Class Driver / HidUsb][Stopped/Manual Start]
  <system32\DRIVERS\hidusb.sys><Microsoft Corporation>
[hookcont / hookcont][Running/System Start]
  <system32\drivers\HookCont.sys><Beijing Rising Information Technology Co., Ltd.>
[HookPort / HookPort][Running/Boot Start]
  <\SystemRoot\System32\Drivers\Hookport.sys><360安全中心>
[hooksys / hooksys][Running/System Start]
  <system32\drivers\HookSys.sys><Beijing Rising Information Technology Co., Ltd.>
[HpCISSm2 / HpCISSm2][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\HpCISSm2.sys><Hewlett-Packard Company>
[Hpt366 / Hpt366][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\Hpt366.sys><Microsoft Corporation>
[hpt374 / hpt374][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\hpt374.sys><HighPoint Technologies, Inc.>
[hpt3xx / hpt3xx][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\hpt3xx.sys><HighPoint Technologies, Inc.>
[hptmv / hptmv][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\hptmv.sys><HighPoint Technologies, Inc.>
[hptmv6 / hptmv6][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\hptmv6.sys><HighPoint Technologies, Inc.>
[hptpro / hptpro][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\hptpro.sys><HighPoint Technologies, Inc.>
[i2omp / i2omp][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\i2omp.sys><Microsoft Corporation>
[Intel RAID Controller / iaStor][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\iaStor.sys><Intel Corporation>
[Intel  RAID Controller / iaStor55][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\iaStor55.sys><Intel Corporation>
[Intel RAID  Controller / iaStor70][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\iaStor70.sys><Intel Corporation>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
  <system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[IntelIde / IntelIde][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\intelide.sys><Microsoft Corporation>
[Intel Processor Driver / intelppm][Stopped/Disabled]
  <system32\DRIVERS\intelppm.sys><Microsoft Corporation>
[IBM ServeRAID Device Driver / ipsraidn][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\ipsraidn.sys><IBM Corporation>
[ITERAID_Service_Install / iteraid][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\iteraid.sys><Integrated Technology Express, Inc.>
[JRAID / JRAID][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\jraid.sys><JMicron Technology Corp.>
[Keyboard HID Driver / kbdhid][Stopped/Manual Start]
  <system32\DRIVERS\kbdhid.sys><Microsoft Corporation>
[m5228 / m5228][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\m5228.sys><ALi Corporation.>
[m5281 / m5281][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\m5281.sys><ALi Corporation>
[m5287 / m5287][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\m5287.sys><ULi Electronics Inc.>
[m5288 / m5288][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\m5288.sys><ULi Electronics Inc.>
[m5289 / m5289][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\m5289.sys><ULi Electronics Inc.>
[MegaIDE / MegaIDE][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\MegaIDE.sys><LSI Logic Corporation.>
[Mkd2kfNt / Mkd2kfNt][Stopped/Manual Start]
  <system32\drivers\Mkd2kfNt.sys><AhnLab, Inc.>
[Mkd2Nadr / Mkd2Nadr][Stopped/Manual Start]
  <system32\drivers\Mkd2Nadr.sys><AhnLab, Inc.>
[mraid35x / mraid35x][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\mraid35x.sys><American Megatrends Inc.>
[Microsoft System Management BIOS Driver / mssmbios][Running/Manual Start]
  <system32\DRIVERS\mssmbios.sys><Microsoft Corporation>
[mtlrd / mtlrd][Running/Auto Start]
  <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Media Player\wmp\mtlrd.sys><N/A>
[ATK0110 ACPI UTILITY / MTsensor][Running/Manual Start]
  <system32\DRIVERS\ASACPI.sys><>
[mv614x / mv614x][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\mv614x.sys><N/A>
[mv61xx / mv61xx][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\mv61xx.sys><Marvell Semiconductor, Inc.>
[mvSata / mvSata][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\mvsata.sys><Marvell Semiconductors Inc.>
[Network Monitor Protocol Driver / MyProt][Stopped/Manual Start]
  <system32\DRIVERS\winyyy.sys><N/A>
[IBM ServeRAID 4M/4L/4Mx/4Lx/5i/6M/6i/7k Device Driver / nfrd960][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\nfrd960.sys><IBM Corporation>
[Netgroup Packet Filter / NPF][Running/Manual Start]
  <system32\drivers\npf.sys><Politecnico di Torino>
[nvatabus / nvatabus][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\nvatabus.sys><NVIDIA Corporation>
[nvgts / nvgts][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\nvgts.sys><NVIDIA Corporation>
[NVIDIA nForce(tm) RAID Class Driver / nvraid][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\nvraid.sys><NVIDIA Corporation>
[NVIDIA nForce RAID Driver / nvrd32][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
[AMD PCNET Compatable Adapter Driver / PCnet][Stopped/Manual Start]
  <system32\DRIVERS\pcntpci5.sys><AMD Inc.>
[CMD IDE Raid Controller / Pnp649r][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\pnp649r.sys><CMD Technology, Inc.>
[SiI 680 ATA Controller / Pnp680][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\pnp680.sys><Silicon Image, Inc.>
[Silicon Image SiI 0680 Medley Raid Controller / Pnp680r][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\pnp680r.sys><Silicon Image, Inc>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[ql1080 / ql1080][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\ql1080.sys><QLogic Corporation>
[ql12160 / ql12160][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\ql12160.sys><QLogic Corporation>
[ql1280 / ql1280][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\ql1280.sys><QLogic Corporation>
[ql2100 / ql2100][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\ql2100.sys><QLogic Corporation>
[ql2200 / ql2200][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\ql2200.sys><QLogic Corporation>
[QLogic Fibre Channel SCSI Miniport Driver (w32 IP) / ql2300][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\ql2300.sys><QLogic Corporation>
[raidsrc / raidsrc][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\raidsrc.sys><Intel>
[Rising RfwBase Driver / RfwBase9][Running/Manual Start]
  <system32\DRIVERS\rfwbase.sys><Beijing Rising Information Technology Co., Ltd.>
[rfwtdi / rfwtdi][Running/Auto Start]
  <\??\C:\Program Files\Rising\RFW\rfwtdi.sys><Beijing Rising Information Technology Co., Ltd.>
[rr172x / rr172x][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\rr172x.sys><HighPoint Technologies, Inc.>
[rr174x / rr174x][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\rr174x.sys><HighPoint Technologies, Inc.>
[rr232x / rr232x][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\rr232x.sys><HighPoint Technologies, Inc.>
[rr2340 / rr2340][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\rr2340.sys><HighPoint Technologies, Inc.>
[rsfwdrv / rsfwdrv][Running/System Start]
  <\??\C:\Program Files\Rising\RFW\rsfwdrv.sys><Beijing Rising Information Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Information Technology Co., Ltd.>
[S150sx8 / S150sx8][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\S150sx8.sys><Promise Technology, Inc.>
[S3GIGP / S3GIGP][Running/Manual Start]
  <system32\DRIVERS\S3gIGPm.sys><S3 Graphics Co., Ltd.>
[SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
  <\??\C:\WINDOWS\system32\Drivers\safeboxkrnl.sys><360安全中心>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[SiI-3512 SATALink Controller / SI3112][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\SI3112.sys><Silicon Image, Inc.>
[ATI-437A Serial ATA Controller / SI3112r][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\SI3112r.sys><Silicon Image, Inc>
[SiI-3114 SATALink Controller / SI3114][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\SI3114.sys><Silicon Image, Inc.>
[SiI-3114 SATARaid Controller / SI3114r][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\SI3114R.sys><Silicon Image, Inc>
[SiI-3114 SoftRaid 5 Controller / Si3114r5][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\Si3114r5.sys><Silicon Image, Inc>
[SiI-3124 SATALink Controller / SI3124][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\SI3124.sys><Silicon Image, Inc.>
[SiI-3124 SATARaid Controller / SI3124r][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\SI3124R.sys><Silicon Image, Inc>
[SiI-3124 SoftRaid 5 Controller / Si3124r5][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\Si3124r5.sys><Silicon Image, Inc>
[SiI-3132 SATALink Controller / SI3132][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\SI3132.sys><Silicon Image, Inc.>
[SiI-3132 SoftRaid 5 Controller / Si3132r5][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\Si3132r5.sys><Silicon Image, Inc>
[SATALink driver accelerator / SiFilter][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\SiWinAcc.sys><Silicon Image, Inc.>
[SATALink External Device Filter / SiRemFil][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
[SiSide / SiSide][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\siside.sys><Silicon Integrated Systems Corp.>
[SiSRaid4 / SiSRaid4][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\sisraid4.sys><Silicon Integrated Systems>
[sisraidx / sisraidx][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\sisraidx.sys><Silicon Integrated Systems Corp.>
[Sparrow / Sparrow][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\sparrow.sys><Adaptec, Inc.>
[sptrak / sptrak][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\sptrak.sys><Promise Technology, Inc.>
[Software Bus Driver / swenum][Running/Manual Start]
  <system32\DRIVERS\swenum.sys><Microsoft Corporation>
[symc8xx / symc8xx][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\symc8xx.sys><LSI Logic>
[Symmpi / Symmpi][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\symmpi.sys><LSI Logic>
[sym_hi / sym_hi][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\sym_hi.sys><LSI Logic>
[sym_u3 / sym_u3][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\sym_u3.sys><LSI Logic>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[TesDrvPt / TesDrvPt][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\TesDrvPt.sys><TENCENT>
[TesSafe / TesSafe][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
[UlSata / UlSata][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\ulsata.sys><Promise Technology, Inc.>
[ulsata2 / ulsata2][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\ulsata2.sys><Promise Technology, Inc.>
[ultra / ultra][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\ultra.sys><Promise Technology, Inc.>
[Microsoft USB Generic Parent Driver / usbccgp][Stopped/Manual Start]
  <system32\DRIVERS\usbccgp.sys><Microsoft Corporation>
[Microsoft USB Open Host Controller Miniport Driver / usbohci][Stopped/Manual Start]
  <system32\DRIVERS\usbohci.sys><Microsoft Corporation>
[vb / vb][Stopped/Manual Start]
  <\??\C:\DOCUME~1\lian\LOCALS~1\Temp\~731812.tmp><Microsoft Corporation>
[VIA AGP Bus Filter / viaagp][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\viaagp.sys><Microsoft Corporation>
[VIA AGP Filter / viaagp1][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\viaagp1.sys><VIA Technologies, Inc.>
[viamraid / viamraid][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\viamraid.sys><VIA Technologies inc,.ltd>
[VIA ATA/ATAPI Host Controller / viapdsk][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\viapdsk.sys><VIA Technologies, Inc.>
[ViBus / ViBus][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\ViBus.sys><VIA Technologies, Inc.>
[videX32 / videX32][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\videX32.sys><VIA Technologies, Inc.>
[VIA SATA IDE Device Driver / ViPrt][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\ViPrt.sys><VIA Technologies, Inc.>
[VMscsi / VMscsi][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\vmscsi.sys><VMware, Inc.>
[WmiSvc / WmiSvc][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\WmiSvc.sys><N/A>
[VIA SATA IDE Hot-plug Driver / xfilt][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
[xyoh / xyoh][Running/Boot Start]
  <\SystemRoot\system32\drivers\cgegc.sys><N/A>
[zx / zx][Stopped/Manual Start]
  <\??\C:\WINDOWS\TEMP\~da55f.tmp><N/A>
[usbhkf / usbhkf][Running/]
  <2 - 系统找不到指定的文件。
><N/A>
[pcidump / pcidump][Running/Disabled]
  <\??\C:\WINDOWS\system32\drivers\pcidump.sys><N/A>

==================================
浏览器加载项
[QQCycloneHelper Class]
  {00000000-12C9-4305-82F9-43058F20E8D2} <C:\Program Files\QQDownload\QQIEHelper01.dll, (Signed) Tencent Technology (Shenzhen) Company Limited>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[CAdLogic Object]
  {11F09AFD-75AD-4E51-AB43-E09E9351CE16} <C:\Program Files\Common Files\PushWare\cpush.dll, >
[KwAddr Class]
  {28B3B717-A610-4e32-8555-B8BA4779CF8A} <C:\PROGRA~1\UNIKEY~1\addr.dll, (Signed) China Internet Network Information Center>
[QQToolbar]
  {29CF293A-1E7D-4069-9E11-E39698D0AF95} <C:\Program Files\Tencent\QQToolbar\IEBar.dll, (Signed) TENCENT>
[RealPlayer Download and Record Plugin for Internet Explorer]
  {3049C3E9-B461-4BC5-8870-4C09146192CA} <C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll, (Signed) RealPlayer>
[VnetCookie Class]
  {4E83D567-4697-4F7B-B1F0-A513B01DB89A} <c:\PROGRA~1\chinanet\VNETTR~1.DLL, >
[BandIE Class]
  {77FEF28E-EB96-44FF-B511-3185DEA48697} <C:\PROGRA~1\baidu\bar\baidubar.dll, N/A>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[卡卡上网安全助手]
  {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} <C:\WINDOWS\system32\UrlFilter.dll, (Signed) Beijing Rising Information Technology Co., Ltd.>
[Google Toolbar Helper]
  {AA58ED58-01DD-4d91-8333-CF10577473F7} <C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll, (Signed) Google Inc.>
[Google Toolbar Notifier BHO]
  {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll, (Signed) Google Inc.>
[SafeMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, (Signed) 360.CN>
[Google Dictionary Compression sdch]
  {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} <C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll, (Signed) Google Inc.>
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, (Signed) Thunder Networking Technologies,LTD>
[豪杰超级解霸V8]
  {367E0A21-8601-4986-9C9A-153BF5ACA118} <C:\Herosoft\HeroV8\STHSDVD.EXE, N/A>
[永航技术联盟]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.yhghost.com, N/A>
[]
  {e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, (Signed) N/A>
[百度工具栏]
  {B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\PROGRA~1\baidu\bar\baidubar.dll, N/A>
[QQToolbar]
  {29CF293A-1E7D-4069-9E11-E39698D0AF95} <C:\Program Files\Tencent\QQToolbar\IEBar.dll, (Signed) TENCENT>
[Google Toolbar]
  {2318C2B1-4965-11d4-9B18-009027A5CD4F} <C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll, (Signed) Google Inc.>
[QQCycloneHelper Class]
  {00000000-12C9-4305-82F9-43058F20E8D2} <C:\Program Files\QQDownload\QQIEHelper01.dll, (Signed) Tencent Technology (Shenzhen) Company Limited>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <, >
[CAdLogic Object]
  {11F09AFD-75AD-4E51-AB43-E09E9351CE16} <C:\Program Files\Common Files\PushWare\cpush.dll, >
[Google Toolbar]
  {2318C2B1-4965-11D4-9B18-009027A5CD4F} <C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll, (Signed) Google Inc.>
[KwAddr Class]
  {28B3B717-A610-4E32-8555-B8BA4779CF8A} <C:\PROGRA~1\UNIKEY~1\addr.dll, (Signed) China Internet Network Information Center>
[QQToolbar]
  {29CF293A-1E7D-4069-9E11-E39698D0AF95} <C:\Program Files\Tencent\QQToolbar\IEBar.dll, (Signed) TENCENT>
[RealPlayer Download and Record Plugin for Internet Explorer]
  {3049C3E9-B461-4BC5-8870-4C09146192CA} <C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll, (Signed) RealPlayer>
[]
  {367E0A21-8601-4986-9C9A-153BF5ACA118} <, >
[VnetCookie Class]
  {4E83D567-4697-4F7B-B1F0-A513B01DB89A} <c:\PROGRA~1\chinanet\VNETTR~1.DLL, >
[]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <, >
[BandIE Class]
  {77FEF28E-EB96-44FF-B511-3185DEA48697} <C:\PROGRA~1\baidu\bar\baidubar.dll, N/A>
[360SafeLive]
  {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, (Signed) 360.cn>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[卡卡上网安全助手]
  {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} <C:\WINDOWS\system32\UrlFilter.dll, (Signed) Beijing Rising Information Technology Co., Ltd.>
[Google Toolbar Helper]
  {AA58ED58-01DD-4D91-8333-CF10577473F7} <C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll, (Signed) Google Inc.>
[Google Toolbar Notifier BHO]
  {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll, (Signed) Google Inc.>
[百度工具栏]
  {B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\PROGRA~1\baidu\bar\baidubar.dll, N/A>
[SafeMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, (Signed) 360.CN>
[Google Dictionary Compression sdch]
  {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} <C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll, (Signed) Google Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx, (Signed) Adobe Systems, Inc.>
[]
  {E2E2DD38-D088-4134-82B7-F2BA38496583} <, >
[&使用超级旋风下载]
  <C:\Program Files\QQDownload\geturl.htm, N/A>
[&使用超级旋风下载全部链接]
  <C:\Program Files\QQDownload\getAllurl.htm, N/A>
[使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\Program\getallurl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ表情]
  <C:\Program Files\QQ\AddEmotion.htm, N/A>

==================================
正在运行的进程
[PID: 880 / SYSTEM][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 956 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 980 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\a4rxQxCvNBMNnpqs.dll]  [N/A, ]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
[PID: 1024 / SYSTEM][C:\WINDOWS\system32\services.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
[PID: 1036 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1200 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
[PID: 1280 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
[PID: 1444 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\System32\COMRes.dll]  [N/A, ]
    [c:\windows\system32\6to4.dll]  [N/A, ]
    [c:\windows\system32\appmgmts.dll]  [N/A, ]
    [C:\WINDOWS\system32\emHnPuBAaF7XjuXBbdxSg.dll]  [N/A, ]
    [C:\WINDOWS\fonts\jUxfqJDwmfQEHcy2.fon]  [N/A, ]
    [C:\WINDOWS\system32\WcCtgJ4zcxHF.dll]  [N/A, ]
    [C:\WINDOWS\system32\mFr9FPruEFZ9VNdrveJunw3.dll]  [N/A, ]
    [C:\WINDOWS\system32\Qh6xX7VN48sVPnK.dll]  [N/A, ]
    [C:\WINDOWS\system32\w7uds3zyayg9.dll]  [N/A, ]
    [C:\WINDOWS\system32\122B901E.dll]  [N/A, ]
    [C:\WINDOWS\system32\Rwad8sdv4e7V8xpKZ.dll]  [N/A, ]
    [C:\WINDOWS\system32\rfpz9wwyy2np.dll]  [N/A, ]
    [C:\WINDOWS\system32\EmfVcSFcRkARFbbTQW5V5.dll]  [N/A, ]
    [C:\WINDOWS\system32\Q9q2MHJ3uTBErM7wc.dll]  [N/A, ]
    [C:\WINDOWS\system32\2exJW3dsaTgWrf5uAPadmHN.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\fonts\A97CRaCB.fon]  [N/A, ]
    [C:\WINDOWS\system32\a4rxQxCvNBMNnpqs.dll]  [N/A, ]
    [C:\WINDOWS\system32\dhDhwS7fFW.dll]  [N/A, ]
    [C:\WINDOWS\fonts\bQgc5yHMSD4yd.fon]  [N/A, ]
    [C:\WINDOWS\fonts\DGvbbtCNkQVHR6JNYgc.fon]  [N/A, ]
    [C:\WINDOWS\system32\SCEVFJRCmaB7.dll]  [N/A, ]
    [C:\WINDOWS\system32\ndxq9awMc.dll]  [N/A, ]
    [C:\WINDOWS\fonts\zEfE48cw9EmcFaR.fon]  [N/A, ]
    [C:\WINDOWS\system32\2EF0D734.dll]  [N/A, ]
    [C:\WINDOWS\system32\eNyN5X48HrtXc.dll]  [N/A, ]
    [C:\WINDOWS\system32\z5WRXqHagksJxWt.dll]  [N/A, ]
    [C:\WINDOWS\system32\jY8sGUnWqbZb3x2BPhY.dll]  [N/A, ]
    [C:\WINDOWS\system32\PERrGx5DkqSbQdwauCRQH.dll]  [N/A, ]
    [C:\WINDOWS\system32\ed78ab9.dll]  [N/A, ]
    [C:\WINDOWS\system32\eYNMAnskCCBQCc8Jp.dll]  [N/A, ]
    [C:\WINDOWS\system32\wdGSVBqAs3Xk.dll]  [N/A, ]
    [C:\WINDOWS\system32\BtmBAnd89jc9PsPq5EKNj.dll]  [N/A, ]
    [C:\WINDOWS\system32\Y4npJWJNr.dll]  [N/A, ]
    [C:\WINDOWS\system32\GU6f5sW42mdc.dll]  [N/A, ]
    [C:\WINDOWS\system32\skcfujQ5EDN.dll]  [N/A, ]
    [C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
[PID: 1580 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1716 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
[PID: 1860 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\a4rxQxCvNBMNnpqs.dll]  [N/A, ]
    [C:\WINDOWS\system32\msi.dll]  [Microsoft Corporation, 4.5.6001.22159]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
[PID: 280 / lian][C:\WINDOWS\Explorer.EXE]  [(Verified) Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\a4rxQxCvNBMNnpqs.dll]  [N/A, ]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 38]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
    [C:\WINDOWS\system32\emHnPuBAaF7XjuXBbdxSg.dll]  [N/A, ]
    [C:\WINDOWS\fonts\jUxfqJDwmfQEHcy2.fon]  [N/A, ]
    [C:\WINDOWS\system32\WcCtgJ4zcxHF.dll]  [N/A, ]
    [C:\WINDOWS\system32\mFr9FPruEFZ9VNdrveJunw3.dll]  [N/A, ]
    [C:\WINDOWS\system32\Qh6xX7VN48sVPnK.dll]  [N/A, ]
    [C:\WINDOWS\system32\w7uds3zyayg9.dll]  [N/A, ]
    [C:\WINDOWS\system32\122B901E.dll]  [N/A, ]
    [C:\WINDOWS\system32\Rwad8sdv4e7V8xpKZ.dll]  [N/A, ]
    [C:\WINDOWS\system32\rfpz9wwyy2np.dll]  [N/A, ]
    [C:\WINDOWS\system32\EmfVcSFcRkARFbbTQW5V5.dll]  [N/A, ]
    [C:\WINDOWS\system32\Q9q2MHJ3uTBErM7wc.dll]  [N/A, ]
    [C:\WINDOWS\system32\2exJW3dsaTgWrf5uAPadmHN.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\fonts\A97CRaCB.fon]  [N/A, ]
    [C:\WINDOWS\system32\dhDhwS7fFW.dll]  [N/A, ]
    [C:\WINDOWS\fonts\bQgc5yHMSD4yd.fon]  [N/A, ]
    [C:\WINDOWS\fonts\DGvbbtCNkQVHR6JNYgc.fon]  [N/A, ]
    [C:\WINDOWS\system32\SCEVFJRCmaB7.dll]  [N/A, ]
    [C:\WINDOWS\system32\ndxq9awMc.dll]  [N/A, ]
    [C:\WINDOWS\fonts\zEfE48cw9EmcFaR.fon]  [N/A, ]
    [C:\WINDOWS\system32\2EF0D734.dll]  [N/A, ]
    [C:\WINDOWS\system32\eNyN5X48HrtXc.dll]  [N/A, ]
    [C:\WINDOWS\system32\z5WRXqHagksJxWt.dll]  [N/A, ]
    [C:\WINDOWS\system32\jY8sGUnWqbZb3x2BPhY.dll]  [N/A, ]
    [C:\WINDOWS\system32\PERrGx5DkqSbQdwauCRQH.dll]  [N/A, ]
    [C:\WINDOWS\system32\ed78ab9.dll]  [N/A, ]
    [C:\WINDOWS\system32\eYNMAnskCCBQCc8Jp.dll]  [N/A, ]
    [C:\WINDOWS\system32\wdGSVBqAs3Xk.dll]  [N/A, ]
    [C:\WINDOWS\system32\BtmBAnd89jc9PsPq5EKNj.dll]  [N/A, ]
    [C:\WINDOWS\system32\Y4npJWJNr.dll]  [N/A, ]
    [C:\WINDOWS\system32\GU6f5sW42mdc.dll]  [N/A, ]
    [C:\WINDOWS\system32\skcfujQ5EDN.dll]  [N/A, ]
    [C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
    [C:\WINDOWS\system32\cMZD.dll]  [N/A, ]
    [C:\WINDOWS\system32\msi.dll]  [Microsoft Corporation, 4.5.6001.22159]
    [C:\WINDOWS\System32\flysoft.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\mtlrd.dll]  [, 4.5.0.0]
    [C:\WINDOWS\system32\shdoclc.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 852 / lian][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.1.68]
    [C:\WINDOWS\system32\a4rxQxCvNBMNnpqs.dll]  [N/A, ]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 38]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
    [C:\WINDOWS\system32\mtlrd.dll]  [, 4.5.0.0]
    [C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
    [C:\WINDOWS\system32\GU6f5sW42mdc.dll]  [N/A, ]
    [C:\WINDOWS\system32\Y4npJWJNr.dll]  [N/A, ]
    [C:\WINDOWS\system32\BtmBAnd89jc9PsPq5EKNj.dll]  [N/A, ]
    [C:\WINDOWS\system32\PERrGx5DkqSbQdwauCRQH.dll]  [N/A, ]
    [C:\WINDOWS\system32\2EF0D734.dll]  [N/A, ]
    [C:\WINDOWS\fonts\bQgc5yHMSD4yd.fon]  [N/A, ]
    [C:\WINDOWS\fonts\A97CRaCB.fon]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
    [C:\WINDOWS\system32\2exJW3dsaTgWrf5uAPadmHN.dll]  [N/A, ]
    [C:\WINDOWS\system32\Q9q2MHJ3uTBErM7wc.dll]  [N/A, ]
    [C:\WINDOWS\system32\EmfVcSFcRkARFbbTQW5V5.dll]  [N/A, ]
    [C:\WINDOWS\system32\Rwad8sdv4e7V8xpKZ.dll]  [N/A, ]
    [C:\WINDOWS\system32\w7uds3zyayg9.dll]  [N/A, ]
    [C:\WINDOWS\system32\mFr9FPruEFZ9VNdrveJunw3.dll]  [N/A, ]
    [C:\WINDOWS\system32\WcCtgJ4zcxHF.dll]  [N/A, ]
    [C:\WINDOWS\fonts\jUxfqJDwmfQEHcy2.fon]  [N/A, ]
[PID: 928 / lian][C:\WINDOWS\system32\ctfmon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\a4rxQxCvNBMNnpqs.dll]  [N/A, ]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 38]
    [C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
    [C:\WINDOWS\system32\GU6f5sW42mdc.dll]  [N/A, ]
    [C:\WINDOWS\system32\Y4npJWJNr.dll]  [N/A, ]
    [C:\WINDOWS\system32\BtmBAnd89jc9PsPq5EKNj.dll]  [N/A, ]
    [C:\WINDOWS\system32\PERrGx5DkqSbQdwauCRQH.dll]  [N/A, ]
    [C:\WINDOWS\system32\2EF0D734.dll]  [N/A, ]
    [C:\WINDOWS\fonts\bQgc5yHMSD4yd.fon]  [N/A, ]
    [C:\WINDOWS\fonts\A97CRaCB.fon]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
    [C:\WINDOWS\system32\2exJW3dsaTgWrf5uAPadmHN.dll]  [N/A, ]
    [C:\WINDOWS\system32\Q9q2MHJ3uTBErM7wc.dll]  [N/A, ]
    [C:\WINDOWS\system32\EmfVcSFcRkARFbbTQW5V5.dll]  [N/A, ]
    [C:\WINDOWS\system32\Rwad8sdv4e7V8xpKZ.dll]  [N/A, ]
    [C:\WINDOWS\system32\w7uds3zyayg9.dll]  [N/A, ]
    [C:\WINDOWS\system32\mFr9FPruEFZ9VNdrveJunw3.dll]  [N/A, ]
    [C:\WINDOWS\system32\WcCtgJ4zcxHF.dll]  [N/A, ]
    [C:\WINDOWS\fonts\jUxfqJDwmfQEHcy2.fon]  [N/A, ]
    [C:\WINDOWS\system32\mtlrd.dll]  [, 4.5.0.0]
[PID: 944 / lian][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe]  [Google Inc., 2, 0, 301, 1654]
    [C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\gtn.dll]  [Google Inc., 5, 1, 1309, 3572]
    [C:\WINDOWS\system32\a4rxQxCvNBMNnpqs.dll]  [N/A, ]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 38]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll]  [Google Inc., 5, 1, 1309, 3572]
    [C:\WINDOWS\system32\mtlrd.dll]  [, 4.5.0.0]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
    [C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
    [C:\WINDOWS\system32\GU6f5sW42mdc.dll]  [N/A, ]
    [C:\WINDOWS\system32\Y4npJWJNr.dll]  [N/A, ]
    [C:\WINDOWS\system32\BtmBAnd89jc9PsPq5EKNj.dll]  [N/A, ]
    [C:\WINDOWS\system32\PERrGx5DkqSbQdwauCRQH.dll]  [N/A, ]
    [C:\WINDOWS\system32\2EF0D734.dll]  [N/A, ]
    [C:\WINDOWS\fonts\bQgc5yHMSD4yd.fon]  [N/A, ]
    [C:\WINDOWS\fonts\A97CRaCB.fon]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
    [C:\WINDOWS\system32\2exJW3dsaTgWrf5uAPadmHN.dll]  [N/A, ]
    [C:\WINDOWS\system32\Q9q2MHJ3uTBErM7wc.dll]  [N/A, ]
    [C:\WINDOWS\system32\EmfVcSFcRkARFbbTQW5V5.dll]  [N/A, ]
    [C:\WINDOWS\system32\Rwad8sdv4e7V8xpKZ.dll]  [N/A, ]
    [C:\WINDOWS\system32\w7uds3zyayg9.dll]  [N/A, ]
    [C:\WINDOWS\system32\mFr9FPruEFZ9VNdrveJunw3.dll]  [N/A, ]
    [C:\WINDOWS\system32\WcCtgJ4zcxHF.dll]  [N/A, ]
    [C:\WINDOWS\fonts\jUxfqJDwmfQEHcy2.fon]  [N/A, ]
[PID: 2040 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 152 / lian][C:\WINDOWS\system32\rundll32.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\a4rxQxCvNBMNnpqs.dll]  [N/A, ]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 38]
    [C:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\WINDOWS\system32\fly6143.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\mtlrd.dll]  [, 4.5.0.0]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
    [C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
    [C:\WINDOWS\system32\GU6f5sW42mdc.dll]  [N/A, ]
    [C:\WINDOWS\system32\Y4npJWJNr.dll]  [N/A, ]
    [C:\WINDOWS\system32\BtmBAnd89jc9PsPq5EKNj.dll]  [N/A, ]
    [C:\WINDOWS\system32\PERrGx5DkqSbQdwauCRQH.dll]  [N/A, ]
    [C:\WINDOWS\system32\2EF0D734.dll]  [N/A, ]
    [C:\WINDOWS\fonts\bQgc5yHMSD4yd.fon]  [N/A, ]
    [C:\WINDOWS\fonts\A97CRaCB.fon]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
    [C:\WINDOWS\system32\2exJW3dsaTgWrf5uAPadmHN.dll]  [N/A, ]
    [C:\WINDOWS\system32\Q9q2MHJ3uTBErM7wc.dll]  [N/A, ]
    [C:\WINDOWS\system32\EmfVcSFcRkARFbbTQW5V5.dll]  [N/A, ]
    [C:\WINDOWS\system32\Rwad8sdv4e7V8xpKZ.dll]  [N/A, ]
    [C:\WINDOWS\system32\w7uds3zyayg9.dll]  [N/A, ]
    [C:\WINDOWS\system32\mFr9FPruEFZ9VNdrveJunw3.dll]  [N/A, ]
    [C:\WINDOWS\system32\WcCtgJ4zcxHF.dll]  [N/A, ]
    [C:\WINDOWS\fonts\jUxfqJDwmfQEHcy2.fon]  [N/A, ]
    [C:\WINDOWS\system32\shdoclc.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.69]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[PID: 260 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\a4rxQxCvNBMNnpqs.dll]  [N/A, ]
    [C:\WINDOWS\System32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 38]
    [C:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\WINDOWS\System32\COMRes.dll]  [N/A, ]
[PID: 328 / SYSTEM][C:\Program Files\StormII\stormliv.exe]  [北京暴风网际科技有限公司, 3, 8, 3, 15]
    [C:\Program Files\StormII\MSVCP60.dll]  [Microsoft Corporation, 6.02.3104.0]
    [C:\WINDOWS\system32\a4rxQxCvNBMNnpqs.dll]  [N/A, ]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 38]
    [C:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
[PID: 304 / SYSTEM][C:\Program Files\Tencent\QQSoftMgr\TencentUpdateSvc.exe]  [Tencent, 1.0 Beta2 Build 2009.04.20]
    [C:\WINDOWS\system32\a4rxQxCvNBMNnpqs.dll]  [N/A, ]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 38]
    [C:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
[PID: 2400 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
    [C:\WINDOWS\system32\a4rxQxCvNBMNnpqs.dll]  [N/A, ]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 38]
    [C:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
[PID: 2352 / lian][C:\Program Files\ChinaNet\VnetClient.exe]  [, 2005, 11, 18, 1]
    [C:\Program Files\ChinaNet\Communicate.dll]  [GDCN, 2005, 3, 3, 1]
    [C:\Program Files\ChinaNet\DialModule.dll]  [GDCN, 2005, 9, 1, 1]
    [C:\Program Files\ChinaNet\MFC42.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [C:\WINDOWS\system32\a4rxQxCvNBMNnpqs.dll]  [N/A, ]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 38]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\mtlrd.dll]  [, 4.5.0.0]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
    [C:\PROGRA~1\ChinaNet\CLIENT~1.DLL]  [, 2004, 2, 28, 1]
    [C:\PROGRA~1\ChinaNet\PLUGIN~1.OCX]  [, 2005, 7, 27, 1]
    [C:\PROGRA~1\ChinaNet\sign.dll]  [0, 2004, 12, 1, 1]
    [C:\PROGRA~1\ChinaNet\SETUPP~1.DLL]  [, 1, 0, 0, 1]
    [C:\PROGRA~1\ChinaNet\WEBPLU~1.DLL]  [, 2005, 8, 18, 1]
    [C:\PROGRA~1\ChinaNet\ADVERT~1.OCX]  [, 2005, 10, 13, 1]
    [C:\PROGRA~1\ChinaNet\Gif89a.dll]  [, 2005, 6, 21, 1]
    [C:\PROGRA~1\ChinaNet\VnetBs.ocx]  [, 2004, 11, 18, 1]
    [C:\PROGRA~1\ChinaNet\ACCOUN~2.DLL]  [, 2005, 8, 11, 1]
    [C:\PROGRA~1\ChinaNet\AccountMgr.dll]  [, 2005, 8, 16, 1]
    [C:\PROGRA~1\ChinaNet\VnetSkin.ocx]  [GDDC, 2005, 12, 21, 1]
    [C:\PROGRA~1\ChinaNet\DialogStyle.dll]  [, 1, 0, 0, 1]
    [C:\PROGRA~1\ChinaNet\BDSearch.ocx]  [gdcn, 2005, 12, 22, 1]
    [C:\PROGRA~1\ChinaNet\Timer.ocx]  [, 2005, 10, 9, 14]
    [C:\PROGRA~1\ChinaNet\PLUGIN~2.OCX]  [, 2005, 2, 24, 1]
    [C:\PROGRA~1\ChinaNet\NEWMES~1.DLL]  [, 2005, 8, 26, 1]
    [C:\PROGRA~1\ChinaNet\PassCtrl.dll]  [GDCN, 2006, 1, 9, 10]
    [C:\WINDOWS\system32\wpcap.dll]  [Politecnico di Torino, 3, 0, 0, 18]
    [C:\WINDOWS\system32\pthreadVC.dll]  [N/A, ]
    [C:\WINDOWS\system32\packet.dll]  [Politecnico di Torino, 3, 0, 0, 18]
    [C:\PROGRA~1\ChinaNet\PlugPush.dll]  [, 2004, 12, 21, 1]
    [C:\PROGRA~1\ChinaNet\ALLINT~1.DLL]  [, 2004, 11, 23, 1]
    [C:\PROGRA~1\ChinaNet\VNETLO~1.OCX]  [, 2005, 4, 19, 1]
    [C:\PROGRA~1\ChinaNet\StatNum.dll]  [, 2004, 11, 18, 1]
    [C:\PROGRA~1\ChinaNet\VNETON~1.OCX]  [, 2005, 3, 2, 1]
    [C:\PROGRA~1\ChinaNet\ALLFUN~1.DLL]  [GDCN, 2005, 12, 20, 1]
    [C:\PROGRA~1\ChinaNet\VnetOptLog.dll]  [, 2005, 9, 13, 9]
    [C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
    [C:\WINDOWS\system32\GU6f5sW42mdc.dll]  [N/A, ]
    [C:\WINDOWS\system32\Y4npJWJNr.dll]  [N/A, ]
    [C:\WINDOWS\system32\BtmBAnd89jc9PsPq5EKNj.dll]  [N/A, ]
    [C:\WINDOWS\system32\PERrGx5DkqSbQdwauCRQH.dll]  [N/A, ]
    [C:\WINDOWS\system32\2EF0D734.dll]  [N/A, ]
    [C:\WINDOWS\fonts\bQgc5yHMSD4yd.fon]  [N/A, ]
    [C:\WINDOWS\fonts\A97CRaCB.fon]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
    [C:\WINDOWS\system32\2exJW3dsaTgWrf5uAPadmHN.dll]  [N/A, ]
    [C:\WINDOWS\system32\Q9q2MHJ3uTBErM7wc.dll]  [N/A, ]
    [C:\WINDOWS\system32\EmfVcSFcRkARFbbTQW5V5.dll]  [N/A, ]
    [C:\WINDOWS\system32\Rwad8sdv4e7V8xpKZ.dll]  [N/A, ]
    [C:\WINDOWS\system32\w7uds3zyayg9.dll]  [N/A, ]
    [C:\WINDOWS\system32\mFr9FPruEFZ9VNdrveJunw3.dll]  [N/A, ]
    [C:\WINDOWS\system32\WcCtgJ4zcxHF.dll]  [N/A, ]
    [C:\WINDOWS\fonts\jUxfqJDwmfQEHcy2.fon]  [N/A, ]
    [C:\WINDOWS\system32\shdoclc.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.69]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\PROGRA~1\ChinaNet\DlgSkin.ocx]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx]  [Adobe Systems, Inc., 10,0,22,87]
[PID: 3908 / lian][C:\program files\internet explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\a4rxQxCvNBMNnpqs.dll]  [N/A, ]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 38]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\mtlrd.dll]  [, 4.5.0.0]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
    [C:\PROGRA~1\Google\GOOGLE~2\GOOGLE~2.DLL]  [N/A, ]
    [C:\Program Files\Tencent\QQToolbar\IEBar.dll]  [TENCENT, 3, 1, 33, 12]
    [C:\Documents and Settings\NetworkService\Application Data\TENCENT\QQToolbar\buttons\Toolbar.dll]  [TENCENT, 3, 1, 33, 12]
    [C:\Documents and Settings\NetworkService\Application Data\TENCENT\QQToolbar\buttons\TBAddr.dll]  [Tencent, 3, 1, 24, 11]
    [C:\Documents and Settings\lian\Application Data\TENCENT\QQToolbar\buttons\QQMail.dll]  [TENCENT, 3, 1, 10, 10]
    [C:\Documents and Settings\lian\Application Data\TENCENT\QQToolbar\buttons\Shuqian.dll]  [TENCENT, 3, 1, 13, 11]
    [C:\Documents and Settings\lian\Application Data\TENCENT\QQToolbar\buttons\Wenwen.dll]  [TENCENT, 3, 1, 11, 11]
    [C:\Documents and Settings\lian\Application Data\TENCENT\QQToolbar\buttons\Weather.dll]  [TENCENT, 3, 1, 7, 10]
    [C:\Documents and Settings\lian\Application Data\TENCENT\QQToolbar\buttons\Paipai.dll]  [TENCENT, 3, 1, 7, 11]
    [C:\Documents and Settings\lian\Application Data\TENCENT\QQToolbar\buttons\Qzone.dll]  [TENCENT, 3, 1, 14, 10]
    [C:\Documents and Settings\lian\Application Data\TENCENT\QQToolbar\buttons\MusicBox.dll]  [TENCENT, 3, 1, 4, 11]
    [C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll]  [Google Inc., 6, 1, 1518, 856]
    [C:\WINDOWS\system32\msi.dll]  [Microsoft Corporation, 4.5.6001.22159]
    [C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_6D0D6FD66D664927.dll]  [Google Inc., 6, 1, 1518, 856]
    [C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_zh-CN_27C51813E9BF5574.dll]  [Google Inc., 6, 1, 1518, 856]
    [C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll]  [Google Inc., 5, 1, 1309, 3572]
    [C:\Program Files\QQDownload\QQIEHelper01.dll]  [Tencent Technology (Shenzhen) Company Limited, 1, 9, 266, 266]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.34]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\PushWare\cpush.dll]  [, 1.1.5.2]
    [C:\PROGRA~1\UNIKEY~1\addr.dll]  [China Internet Network Information Center, 1, 3, 0, 0]
    [C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll]  [RealPlayer, 1.0.1.85]
    [C:\Program Files\Real\RealPlayer\lang\rpbrp_cn.dll]  [RealNetworks, Inc., 6.0.14.0]
    [c:\PROGRA~1\chinanet\VNETTR~1.DLL]  [, 2005, 4, 6, 1]
    [c:\PROGRA~1\chinanet\Communicate.dll]  [GDCN, 2005, 3, 3, 1]
    [C:\PROGRA~1\ChinaNet\CLIENT~1.DLL]  [, 2004, 2, 28, 1]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 120]
    [C:\WINDOWS\system32\UrlFilter.dll]  [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15]
    [C:\Program Files\Rising\AntiSpyware\UrlRule.dll]  [Beijing Rising Information Technology Co., Ltd., 1.0.0.15]
    [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 5, 0, 0, 1021]
    [C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll]  [Google Inc., 1, 0, 610, 27482]
    [C:\WINDOWS\system32\shdoclc.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
    [C:\WINDOWS\system32\GU6f5sW42mdc.dll]  [N/A, ]
    [C:\WINDOWS\system32\Y4npJWJNr.dll]  [N/A, ]
    [C:\WINDOWS\system32\BtmBAnd89jc9PsPq5EKNj.dll]  [N/A, ]
    [C:\WINDOWS\system32\PERrGx5DkqSbQdwauCRQH.dll]  [N/A, ]
    [C:\WINDOWS\system32\2EF0D734.dll]  [N/A, ]
    [C:\WINDOWS\fonts\bQgc5yHMSD4yd.fon]  [N/A, ]
    [C:\WINDOWS\fonts\A97CRaCB.fon]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
    [C:\WINDOWS\system32\2exJW3dsaTgWrf5uAPadmHN.dll]  [N/A, ]
    [C:\WINDOWS\system32\Q9q2MHJ3uTBErM7wc.dll]  [N/A, ]
    [C:\WINDOWS\system32\EmfVcSFcRkARFbbTQW5V5.dll]  [N/A, ]
    [C:\WINDOWS\system32\Rwad8sdv4e7V8xpKZ.dll]  [N/A, ]
    [C:\WINDOWS\system32\w7uds3zyayg9.dll]  [N/A, ]
    [C:\WINDOWS\system32\mFr9FPruEFZ9VNdrveJunw3.dll]  [N/A, ]
    [C:\WINDOWS\system32\WcCtgJ4zcxHF.dll]  [N/A, ]
    [C:\WINDOWS\fonts\jUxfqJDwmfQEHcy2.fon]  [N/A, ]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.69]
    [C:\WINDOWS\system\nb9ming32c090423.dll]  [N/A, ]
    [C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx]  [Adobe Systems, Inc., 10,0,22,87]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [C:\WINDOWS\system32\rmsp.ax]  [Gabest, 1, 0, 1, 1]
    [C:\Program Files\Common Files\Thunder Network\KanKan\RealMediaSplitter.1.0.2.4.(159).ax]  [Gabest, 1, 0, 2, 4]
[PID: 3336 / lian][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\a4rxQxCvNBMNnpqs.dll]  [N/A, ]
    [C:\WINDOWS\TEMP\tmp.tmp]  [N/A, ]
[PID: 3588 / lian][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\a4rxQxCvNBMNnpqs.dll]  [N/A, ]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 38]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\mtlrd.dll]  [, 4.5.0.0]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
    [C:\PROGRA~1\Google\GOOGLE~2\GOOGLE~2.DLL]  [N/A, ]
    [C:\Program Files\Tencent\QQToolbar\IEBar.dll]  [TENCENT, 3, 1, 33, 12]
    [C:\Documents and Settings\lian\Application Data\TENCENT\QQToolbar\buttons\Toolbar.dll]  [TENCENT, 3, 1, 33, 12]
    [C:\Documents and Settings\lian\Application Data\TENCENT\QQToolbar\buttons\TBAddr.dll]  [Tencent, 3, 1, 24, 11]
    [C:\Documents and Settings\lian\Application Data\TENCENT\QQToolbar\buttons\QQMail.dll]  [TENCENT, 3, 1, 10, 10]
    [C:\Documents and Settings\lian\Application Data\TENCENT\QQToolbar\buttons\Shuqian.dll]  [TENCENT, 3, 1, 13, 11]
    [C:\Documents and Settings\lian\Application Data\TENCENT\QQToolbar\buttons\Wenwen.dll]  [TENCENT, 3, 1, 11, 11]
    [C:\Documents and Settings\lian\Application Data\TENCENT\QQToolbar\buttons\Weather.dll]  [TENCENT, 3, 1, 7, 10]
    [C:\Documents and Settings\lian\Application Data\TENCENT\QQToolbar\buttons\Paipai.dll]  [TENCENT, 3, 1, 7, 11]
    [C:\Documents and Settings\lian\Application Data\TENCENT\QQToolbar\buttons\Qzone.dll]  [TENCENT, 3, 1, 14, 10]
    [C:\Documents and Settings\lian\Application Data\TENCENT\QQToolbar\buttons\MusicBox.dll]  [TENCENT, 3, 1, 4, 11]
    [C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll]  [Google Inc., 6, 1, 1518, 856]
    [C:\WINDOWS\system32\msi.dll]  [Microsoft Corporation, 4.5.6001.22159]
    [C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_6D0D6FD66D664927.dll]  [Google Inc., 6, 1, 1518, 856]
    [C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_zh-CN_27C51813E9BF5574.dll]  [Google Inc., 6, 1, 1518, 856]
    [C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll]  [Google Inc., 5, 1, 1309, 3572]
    [C:\Program Files\QQDownload\QQIEHelper01.dll]  [Tencent Technology (Shenzhen) Company Limited, 1, 9, 266, 266]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.34]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\PushWare\cpush.dll]  [, 1.1.5.2]
    [C:\PROGRA~1\UNIKEY~1\addr.dll]  [China Internet Network Information Center, 1, 3, 0, 0]
    [C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll]  [RealPlayer, 1.0.1.85]
    [C:\Program Files\Real\RealPlayer\lang\rpbrp_cn.dll]  [RealNetworks, Inc., 6.0.14.0]
    [c:\PROGRA~1\chinanet\VNETTR~1.DLL]  [, 2005, 4, 6, 1]
    [c:\PROGRA~1\chinanet\Communicate.dll]  [GDCN, 2005, 3, 3, 1]
    [C:\PROGRA~1\ChinaNet\CLIENT~1.DLL]  [, 2004, 2, 28, 1]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 120]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 20]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [C:\WINDOWS\system32\UrlFilter.dll]  [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15]
    [C:\Program Files\Rising\AntiSpyware\UrlRule.dll]  [Beijing Rising Information Technology Co., Ltd., 1.0.0.15]
    [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 5, 0, 0, 1021]
    [C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll]  [Google Inc., 1, 0, 610, 27482]
    [C:\WINDOWS\system32\shdoclc.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
    [C:\WINDOWS\system32\GU6f5sW42mdc.dll]  [N/A, ]
    [C:\WINDOWS\system32\Y4npJWJNr.dll]  [N/A, ]
    [C:\WINDOWS\system32\BtmBAnd89jc9PsPq5EKNj.dll]  [N/A, ]
    [C:\WINDOWS\system32\PERrGx5DkqSbQdwauCRQH.dll]  [N/A, ]
    [C:\WINDOWS\system32\2EF0D734.dll]  [N/A, ]
    [C:\WINDOWS\fonts\bQgc5yHMSD4yd.fon]  [N/A, ]
    [C:\WINDOWS\fonts\A97CRaCB.fon]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
    [C:\WINDOWS\system32\2exJW3dsaTgWrf5uAPadmHN.dll]  [N/A, ]
    [C:\WINDOWS\system32\Q9q2MHJ3uTBErM7wc.dll]  [N/A, ]
    [C:\WINDOWS\system32\EmfVcSFcRkARFbbTQW5V5.dll]  [N/A, ]
    [C:\WINDOWS\system32\Rwad8sdv4e7V8xpKZ.dll]  [N/A, ]
    [C:\WINDOWS\system32\w7uds3zyayg9.dll]  [N/A, ]
    [C:\WINDOWS\system32\mFr9FPruEFZ9VNdrveJunw3.dll]  [N/A, ]
    [C:\WINDOWS\system32\WcCtgJ4zcxHF.dll]  [N/A, ]
    [C:\WINDOWS\fonts\jUxfqJDwmfQEHcy2.fon]  [N/A, ]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.69]
    [C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx]  [Adobe Systems, Inc., 10,0,22,87]
    [C:\WINDOWS\system32\QQPINYIN.IME]  [Tencent, 2.1.481.201]
    [C:\WINDOWS\system32\emHnPuBAaF7XjuXBbdxSg.dll]  [N/A, ]
    [C:\WINDOWS\system32\Qh6xX7VN48sVPnK.dll]  [N/A, ]
    [C:\WINDOWS\system32\122B901E.dll]  [N/A, ]
    [C:\WINDOWS\system32\rfpz9wwyy2np.dll]  [N/A, ]
    [C:\WINDOWS\system32\dhDhwS7fFW.dll]  [N/A, ]
    [C:\WINDOWS\fonts\DGvbbtCNkQVHR6JNYgc.fon]  [N/A, ]
    [C:\WINDOWS\system32\SCEVFJRCmaB7.dll]  [N/A, ]
    [C:\WINDOWS\system32\ndxq9awMc.dll]  [N/A, ]
    [C:\WINDOWS\fonts\zEfE48cw9EmcFaR.fon]  [N/A, ]
    [C:\WINDOWS\system32\eNyN5X48HrtXc.dll]  [N/A, ]
    [C:\WINDOWS\system32\z5WRXqHagksJxWt.dll]  [N/A, ]
    [C:\WINDOWS\system32\jY8sGUnWqbZb3x2BPhY.dll]  [N/A, ]
    [C:\WINDOWS\system32\ed78ab9.dll]  [N/A, ]
    [C:\WINDOWS\system32\eYNMAnskCCBQCc8Jp.dll]  [N/A, ]
    [C:\WINDOWS\system32\wdGSVBqAs3Xk.dll]  [N/A, ]
    [C:\WINDOWS\system32\skcfujQ5EDN.dll]  [N/A, ]
[PID: 2708 / lian][C:\Program Files\QQDownload\QQDownload.exe]  [Tencent Technology (Shenzhen) Company Limited, 1, 9, 271, 271]
    [C:\WINDOWS\system32\a4rxQxCvNBMNnpqs.dll]  [N/A, ]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 38]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\mtlrd.dll]  [, 4.5.0.0]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
    [C:\Program Files\QQDownload\xmain.dll]  [Tencent Technology (Shenzhen) Company Limited, 1.9.272.272]
    [C:\Program Files\QQDownload\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\QQDownload\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\QQDownload\ATL80.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
    [C:\WINDOWS\system32\GU6f5sW42mdc.dll]  [N/A, ]
    [C:\WINDOWS\system32\Y4npJWJNr.dll]  [N/A, ]
    [C:\WINDOWS\system32\BtmBAnd89jc9PsPq5EKNj.dll]  [N/A, ]
    [C:\WINDOWS\system32\PERrGx5DkqSbQdwauCRQH.dll]  [N/A, ]
    [C:\WINDOWS\system32\2EF0D734.dll]  [N/A, ]
    [C:\WINDOWS\fonts\bQgc5yHMSD4yd.fon]  [N/A, ]
    [C:\WINDOWS\fonts\A97CRaCB.fon]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
    [C:\WINDOWS\system32\2exJW3dsaTgWrf5uAPadmHN.dll]  [N/A, ]
    [C:\WINDOWS\system32\Q9q2MHJ3uTBErM7wc.dll]  [N/A, ]
    [C:\WINDOWS\system32\EmfVcSFcRkARFbbTQW5V5.dll]  [N/A, ]
    [C:\WINDOWS\system32\Rwad8sdv4e7V8xpKZ.dll]  [N/A, ]
    [C:\WINDOWS\system32\w7uds3zyayg9.dll]  [N/A, ]
    [C:\WINDOWS\system32\mFr9FPruEFZ9VNdrveJunw3.dll]  [N/A, ]
    [C:\WINDOWS\system32\WcCtgJ4zcxHF.dll]  [N/A, ]
    [C:\WINDOWS\fonts\jUxfqJDwmfQEHcy2.fon]  [N/A, ]
    [C:\Program Files\QQDownload\VideoParser.dll]  [Tencent Technology (Shenzhen) Company Limited, 1, 9, 4, 203]
    [C:\Program Files\QQDownload\xdownload.dll]  [Tencent Technology (Shenzhen) Company Limited, 1.9.273.273]
    [C:\Program Files\QQDownload\xcore.dll]  [Tencent Technology(Shenzhen) Company Limited, 2, 1, 101, 90]
    [C:\Program Files\QQDownload\Addons\Miner.dll]  [Tencent Technology (Shenzhen) Company Limited, 1, 9, 4, 311]
    [C:\Program Files\QQDownload\Addons\ATL80.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\QQDownload\Addons\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\QQDownload\Addons\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\system32\shdoclc.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.69]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
    [C:\WINDOWS\system32\emHnPuBAaF7XjuXBbdxSg.dll]  [N/A, ]
    [C:\WINDOWS\system32\Qh6xX7VN48sVPnK.dll]  [N/A, ]
    [C:\WINDOWS\system32\122B901E.dll]  [N/A, ]
    [C:\WINDOWS\system32\rfpz9wwyy2np.dll]  [N/A, ]
    [C:\WINDOWS\system32\dhDhwS7fFW.dll]  [N/A, ]
    [C:\WINDOWS\fonts\DGvbbtCNkQVHR6JNYgc.fon]  [N/A, ]
    [C:\WINDOWS\system32\SCEVFJRCmaB7.dll]  [N/A, ]
    [C:\WINDOWS\system32\ndxq9awMc.dll]  [N/A, ]
    [C:\WINDOWS\fonts\zEfE48cw9EmcFaR.fon]  [N/A, ]
    [C:\WINDOWS\system32\eNyN5X48HrtXc.dll]  [N/A, ]
    [C:\WINDOWS\system32\z5WRXqHagksJxWt.dll]  [N/A, ]
    [C:\WINDOWS\system32\jY8sGUnWqbZb3x2BPhY.dll]  [N/A, ]
    [C:\WINDOWS\system32\ed78ab9.dll]  [N/A, ]
    [C:\WINDOWS\system32\eYNMAnskCCBQCc8Jp.dll]  [N/A, ]
    [C:\WINDOWS\system32\wdGSVBqAs3Xk.dll]  [N/A, ]
    [C:\WINDOWS\system32\skcfujQ5EDN.dll]  [N/A, ]
[PID: 4896 / lian][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, ]
    [C:\WINDOWS\system32\a4rxQxCvNBMNnpqs.dll]  [N/A, ]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 38]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\mtlrd.dll]  [, 4.5.0.0]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
    [C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
    [C:\WINDOWS\system32\GU6f5sW42mdc.dll]  [N/A, ]
    [C:\WINDOWS\system32\Y4npJWJNr.dll]  [N/A, ]
    [C:\WINDOWS\system32\BtmBAnd89jc9PsPq5EKNj.dll]  [N/A, ]
    [C:\WINDOWS\system32\PERrGx5DkqSbQdwauCRQH.dll]  [N/A, ]
    [C:\WINDOWS\system32\2EF0D734.dll]  [N/A, ]
    [C:\WINDOWS\fonts\bQgc5yHMSD4yd.fon]  [N/A, ]
    [C:\WINDOWS\fonts\A97CRaCB.fon]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
    [C:\WINDOWS\system32\2exJW3dsaTgWrf5uAPadmHN.dll]  [N/A, ]
    [C:\WINDOWS\system32\Q9q2MHJ3uTBErM7wc.dll]  [N/A, ]
    [C:\WINDOWS\system32\EmfVcSFcRkARFbbTQW5V5.dll]  [N/A, ]
    [C:\WINDOWS\system32\Rwad8sdv4e7V8xpKZ.dll]  [N/A, ]
    [C:\WINDOWS\system32\w7uds3zyayg9.dll]  [N/A, ]
    [C:\WINDOWS\system32\mFr9FPruEFZ9VNdrveJunw3.dll]  [N/A, ]
    [C:\WINDOWS\system32\WcCtgJ4zcxHF.dll]  [N/A, ]
    [C:\WINDOWS\fonts\jUxfqJDwmfQEHcy2.fon]  [N/A, ]
    [C:\WINDOWS\system32\emHnPuBAaF7XjuXBbdxSg.dll]  [N/A, ]
    [C:\WINDOWS\system32\Qh6xX7VN48sVPnK.dll]  [N/A, ]
    [C:\WINDOWS\system32\122B901E.dll]  [N/A, ]
    [C:\WINDOWS\system32\rfpz9wwyy2np.dll]  [N/A, ]
    [C:\WINDOWS\system32\dhDhwS7fFW.dll]  [N/A, ]
    [C:\WINDOWS\fonts\DGvbbtCNkQVHR6JNYgc.fon]  [N/A, ]
    [C:\WINDOWS\system32\SCEVFJRCmaB7.dll]  [N/A, ]
    [C:\WINDOWS\system32\ndxq9awMc.dll]  [N/A, ]
    [C:\WINDOWS\fonts\zEfE48cw9EmcFaR.fon]  [N/A, ]
    [C:\WINDOWS\system32\eNyN5X48HrtXc.dll]  [N/A, ]
    [C:\WINDOWS\system32\z5WRXqHagksJxWt.dll]  [N/A, ]
    [C:\WINDOWS\system32\jY8sGUnWqbZb3x2BPhY.dll]  [N/A, ]
    [C:\WINDOWS\system32\ed78ab9.dll]  [N/A, ]
    [C:\WINDOWS\system32\eYNMAnskCCBQCc8Jp.dll]  [N/A, ]
    [C:\WINDOWS\system32\wdGSVBqAs3Xk.dll]  [N/A, ]
    [C:\WINDOWS\system32\skcfujQ5EDN.dll]  [N/A, ]
[PID: 5620 / lian][C:\DOCUME~1\lian\LOCALS~1\Temp\Rar$EX00.984\SREngLdr.EXE]  [Smallfrogs Studio, 2.7.1.1261]
[PID: 5636 / lian][C:\DOCUME~1\lian\LOCALS~1\Temp\Rar$EX00.984\SREdbab6a29.EXE]  [Smallfrogs Studio, 2.7.1.1261]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\mtlrd.dll]  [, 4.5.0.0]
    [C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
    [C:\WINDOWS\system32\GU6f5sW42mdc.dll]  [N/A, ]
    [C:\WINDOWS\system32\Y4npJWJNr.dll]  [N/A, ]
    [C:\WINDOWS\system32\BtmBAnd89jc9PsPq5EKNj.dll]  [N/A, ]
    [C:\WINDOWS\system32\PERrGx5DkqSbQdwauCRQH.dll]  [N/A, ]
    [C:\WINDOWS\system32\2EF0D734.dll]  [N/A, ]
    [C:\WINDOWS\fonts\bQgc5yHMSD4yd.fon]  [N/A, ]
    [C:\WINDOWS\fonts\A97CRaCB.fon]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
    [C:\WINDOWS\system32\2exJW3dsaTgWrf5uAPadmHN.dll]  [N/A, ]
    [C:\WINDOWS\system32\Q9q2MHJ3uTBErM7wc.dll]  [N/A, ]
    [C:\WINDOWS\system32\EmfVcSFcRkARFbbTQW5V5.dll]  [N/A, ]
    [C:\WINDOWS\system32\Rwad8sdv4e7V8xpKZ.dll]  [N/A, ]
    [C:\WINDOWS\system32\w7uds3zyayg9.dll]  [N/A, ]
    [C:\WINDOWS\system32\mFr9FPruEFZ9VNdrveJunw3.dll]  [N/A, ]
    [C:\WINDOWS\system32\WcCtgJ4zcxHF.dll]  [N/A, ]
    [C:\WINDOWS\fonts\jUxfqJDwmfQEHcy2.fon]  [N/A, ]
    [C:\DOCUME~1\lian\LOCALS~1\Temp\Rar$EX00.984\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1       localhost
60.173.10.4     www.qv0d996.cn

==================================
进程特权扫描
特殊特权被允许： SeDebugPrivilege [PID = 2352, C:\PROGRAM FILES\CHINANET\VNETCLIENT.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2352, C:\PROGRAM FILES\CHINANET\VNETCLIENT.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 4896, C:\PROGRAM FILES\WINRAR\WINRAR.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 4896, C:\PROGRAM FILES\WINRAR\WINRAR.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 5620, C:\DOCUME~1\LIAN\LOCALS~1\TEMP\RAR$EX00.984\SRENGLDR.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 5620, C:\DOCUME~1\LIAN\LOCALS~1\TEMP\RAR$EX00.984\SRENGLDR.EXE]

==================================
计划任务
N/A

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]