[CODE]

2009-11-02,22:05:22

System Repair Engineer 2.8.1.1279
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 3 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描
    计划任务
    Windows 安全更新检查
    API HOOK
    隐藏进程


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Component Publisher]
    <ctfmon><ctfmon.exe>  [(Verified)Microsoft Windows Component Publisher]
    <FlashGet 3><"D:\Program Files\FlashGet Network\FlashGet 3\Flashget3.exe" -minimize>  [(Verified)Trend Media Corporation Limited]
    <PPAP><C:\Documents and Settings\All Users\Application Data\PPLiveVA\Application\PPAP.exe>  [File is missing]
    <FlashGetBHO><"D:\Program Files\FlashGet Network\FlashGet 3\mxhelper.exe">  [(Verified)Trend Media Corporation Limited]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Component Publisher]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows Component Publisher]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows Component Publisher]
    <360Safetray><"C:\Program Files\360\360Safe\safemon\360Tray.exe" /start>  [(Verified)Qizhi Software (beijing) Co. Ltd]
    <egui><"C:\Program Files\ESET\ESET NOD32 Antivirus\EsetAct\essact.exe" -waitservice>  [Version 2 Limited]
    <360Safebox><"C:\Program Files\360\360Safe\360Safebox\safeboxTray.exe" /r>  [(Verified)Qizhi Software (beijing) Co. Ltd]
    <Stormtray><D:\StormII\Stormtray.exe /Start>  [(Verified)北京暴风网际科技有限公司]
    <Grid Service><"C:\Program Files\GridService\peer.exe" -n Grid>  [FS2YOU]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><E:\[动漫东东]萌化\[动漫东东]登陆\logonui4.exe>  [Narcissus Screen Designs]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <WebCheck><%SystemRoot%\system32\webcheck.dll>  [(Verified)Microsoft Windows Component Publisher]
    <SysTray><C:\WINDOWS\system32\stobject.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    <WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    <WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    <WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
    <WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    <WinlogonNotify: igfxcui><igfxdev.dll>  [Intel Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    <WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    <WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    <WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    <WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    <WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    <WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
    <浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    <Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\system32\RainySs.scr>  []

==================================
启动文件夹
N/A

==================================
服务
[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[ESET HTTP Server / EhttpSrv][Stopped/Manual Start]
  <"C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe"><ESET>
[ESET Service / ekrn][Running/Auto Start]
  <"C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe"><ESET>
[Windows Presentation Foundation Font Cache 3.0.0.0 / FontCache3.0.0.0][Stopped/Manual Start]
  <C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe><Microsoft Corporation>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Windows CardSpace / idsvc][Stopped/Manual Start]
  <"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"><Microsoft Corporation>
[Net.Tcp Port Sharing Service / NetTcpPortSharing][Stopped/Disabled]
  <"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"><Microsoft Corporation>
[Network Location Awareness (NLA) / Nla][Running/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\mswsock.dll><Microsoft Corporation>
[主动防御 / ZhuDongFangYu][Running/Auto Start]
  <"C:\Program Files\360\360Safe\deepscan\zhudongfangyu.exe"><360安全中心>

==================================
驱动程序
[360SelfProtection / 360SelfProtection][Running/System Start]
  <system32\drivers\360SelfProtection.sys><360安全中心>
[AFD / AFD][Running/System Start]
  <\SystemRoot\System32\drivers\afd.sys><Microsoft Corporation>
[BFSDRV / BFSDRV][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\bfsdrv.sys><360安全中心>
[BREGDRV / BREGDRV][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\bregdrv.sys><360安全中心>
[eamon / eamon][Running/Auto Start]
  <system32\DRIVERS\eamon.sys><ESET>
[EfiSystemMon / EfiMon][Running/System Start]
  <System32\Drivers\Efimon.sys><奇虎网>
[ehdrv / ehdrv][Running/System Start]
  <system32\DRIVERS\ehdrv.sys><ESET>
[epfwtdir / epfwtdir][Running/System Start]
  <system32\DRIVERS\epfwtdir.sys><ESET>
[Creative AudioPCI (ES1371,ES1373) (WDM) / es1371][Stopped/Manual Start]
  <system32\drivers\es1371mp.sys><Creative Technology Ltd.>
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[HookPort / HookPort][Running/Boot Start]
  <\SystemRoot\System32\Drivers\Hookport.sys><360安全中心>
[ialm / ialm][Running/Manual Start]
  <system32\DRIVERS\igxpmp32.sys><Intel Corporation>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
  <system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[npkcrypt / npkcrypt][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\npkcrypt.sys><INCA Internet Co., Ltd.>
[NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
[AMD PCNET Compatable Adapter Driver / PCnet][Stopped/Manual Start]
  <system32\DRIVERS\pcntpci5.sys><AMD Inc.>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\PxHelp20.sys><Sonic Solutions>
[Quantum DeepScanner Servers / qutmdserv][Running/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\qutmdrv.sys><360安全中心>
[Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver / RTLE8023xp][Running/Manual Start]
  <system32\DRIVERS\Rtenicxp.sys><Realtek Semiconductor Corporation>
[SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\SafeBoxKrnl.sys><360安全中心>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[SATALink driver accelerator / SiFilter][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\SiWinAcc.sys><Silicon Image, Inc.>
[SVKP / SVKP][Running/Auto Start]
  <\??\C:\WINDOWS\system32\SVKP.sys><AntiCracking>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[viamraid / viamraid][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\viamraid.sys><VIA Technologies inc,.ltd>

==================================
浏览器加载项
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[IE2EMBHO Class]
  {0A0DDBD3-6641-40B9-873F-BBDD26D6C14E} <D:\easyMule\modules\IE2EM.dll, (Signed) VeryCD.com>
[BitComet Helper]
  {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <D:\BitComet\tools\BitCometBHO_1.3.3.2.dll, (Signed) BitComet>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[FlashGetBHO]
  {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} <C:\Documents and Settings\new\Application Data\FlashGetBHO\FlashGetBHO3.dll, (Signed) Trend Media Group>
[SafeMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360\360Safe\safemon\safemon.dll, (Signed) 360.CN>
[]
  {0A155D3C-68E2-4215-A47A-E800A446447A} <, >
[BitComet]
  {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} <, >
[]
  {e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, (Signed) N/A>
[EditCtrl Class]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, (Signed) >
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[IE2EMBHO Class]
  {0A0DDBD3-6641-40B9-873F-BBDD26D6C14E} <D:\easyMule\modules\IE2EM.dll, (Signed) VeryCD.com>
[]
  {0A155D3C-68E2-4215-A47A-E800A446447A} <, >
[IFlashGetNetscapeEx Class]
  {116BA71C-8187-4F15-9A1F-C9D6289155D1} <C:\Documents and Settings\new\Application Data\FlashGetBHO\FlashGetHook.dll, (Signed) Trend Media Group>
[JetCarNetscape Class]
  {2974c985-8151-4de5-b23c-b875f0a8522f} <C:\Documents and Settings\new\Application Data\FlashGetBHO\FlashGetHook.dll, (Signed) Trend Media Group>
[Zyzzyva]
  {30FA9641-9CFE-4D71-A3AA-DF8B6FA02FCC} <, >
[BitComet Helper]
  {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <D:\BitComet\tools\BitCometBHO_1.3.3.2.dll, (Signed) BitComet>
[SkyDrive.Plugin.1]
  {4990272A-0655-4D80-90A7-C18D0FF7A4A9} <d:\NamiRobot\Plugins\SkyDrive.dll, >
[MUWebControl Class]
  {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, (Signed) Microsoft Corporation>
[Active Desktop Mover]
  {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, (Signed) N/A>
[360SafeLive]
  {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360\360Safe\Safelive.dll, (Signed) >
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[]
  {A986E409-30CC-4185-89BB-AB212C104524} <, >
[FlashGetBHO]
  {B070D3E3-FEC0-47D9-8E8A-99D4EEB3D3B0} <C:\Documents and Settings\new\Application Data\FlashGetBHO\FlashGetBHO3.dll, (Signed) Trend Media Group>
[SafeMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360\360Safe\safemon\safemon.dll, (Signed) 360.CN>
[]
  {D18A0B52-D63C-4ED0-AFC6-C1E3DC1AF43A} <, >
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10c.ocx, (Signed) Adobe Systems, Inc.>
[]
  {E2E2DD38-D088-4134-82B7-F2BA38496583} <, >
[&U使用纳米机器人下载并收藏]
  <d:\NamiRobot\Data\du.html, N/A>
[&使用BitComet下载]
  <res://D:\BitComet\BitComet.exe/AddLink.htm, N/A>
[&使用BitComet下载全部链接]
  <res://D:\BitComet\BitComet.exe/AddAllLink.htm, N/A>
[&使用BitComet下载本页视频]
  <res://D:\BitComet\BitComet.exe/AddVideo.htm, N/A>
[使用快车3下载]
  <C:\Documents and Settings\new\Application Data\FlashGetBHO\GetUrl.htm, N/A>
[使用快车3下载全部链接]
  <C:\Documents and Settings\new\Application Data\FlashGetBHO\GetAllUrl.htm, N/A>
[使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\Program\getallurl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000, N/A>
[用维棠下载视频]
  <D:\ViDown\vd_link.htm, N/A>

==================================
正在运行的进程
[PID: 656 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 708 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 732 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
[PID: 776 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 788 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
[PID: 948 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1016 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
[PID: 1112 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [c:\windows\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
    [C:\WINDOWS\system32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
    [C:\WINDOWS\System32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1192 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [c:\windows\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
    [C:\WINDOWS\system32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
[PID: 1256 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
[PID: 1292 / SYSTEM][C:\Program Files\360\360Safe\deepscan\zhudongfangyu.exe]  [360安全中心, 1, 0, 0, 1008]
    [C:\Program Files\360\360Safe\deepscan\CloudCom2.dll]  [360安全中心, 3, 0, 0, 1008]
    [C:\Program Files\360\360Safe\deepscan\heavygate.dll]  [360安全中心, 3, 6, 11, 0]
    [C:\Program Files\360\360Safe\SoftMgr\360SoftMgrS.dll]  [奇虎网, 2, 1, 5, 1005]
    [C:\Program Files\360\360Safe\deepscan\qutmload.dll]  [360.CN, 1, 0, 0, 1001]
[PID: 1504 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
    [C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\System32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
[PID: 1708 / new][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Documents and Settings\new\Application Data\FlashGetBHO\FlashGetBHO3.dll]  [Trend Media Group, 1.0.0.1007]
    [C:\Program Files\360\360Safe\safemon\safemon.dll]  [360.CN, 5, 0, 0, 1022]
    [C:\WINDOWS\system32\quartz.dll]  [Microsoft Corporation, 6.05.2600.5596]
    [C:\WINDOWS\system32\shdoclc.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.2.6.179]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5.0.8.179]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 22]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 17]
[PID: 1860 / new][D:\StormII\Stormtray.exe]  [北京暴风网际科技有限公司, 3, 9, 6, 25]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [D:\StormII\StormUpdate.dll]  [, 3, 9, 6, 19]
    [D:\StormII\MSVCP60.dll]  [Microsoft Corporation, 6.02.3104.0]
    [C:\WINDOWS\system32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
    [D:\StormII\box\BoxLog.dll]  [北京暴风网际科技有限公司, 3, 9, 8, 8]
    [C:\WINDOWS\system32\quartz.dll]  [Microsoft Corporation, 6.05.2600.5596]
    [C:\Program Files\360\360Safe\safemon\safemon.dll]  [360.CN, 5, 0, 0, 1022]
    [C:\Documents and Settings\new\Application Data\FlashGetBHO\FlashGetBHO3.dll]  [Trend Media Group, 1.0.0.1007]
    [D:\StormII\BFThumbs.dll]  [北京暴风网际科技有限公司, 3, 9, 2, 27]
    [D:\StormII\meedb.dll]  [北京暴风网际科技有限公司, 3, 9, 6, 19]
    [D:\StormII\corelog.dll]  [北京暴风网际科技有限公司, 3, 9, 6, 19]
    [D:\StormII\Tips.dll]  [北京暴风网际科技有限公司, 3, 9, 9, 2]
    [D:\StormII\codec\Flash.ocx]  [Adobe Systems, Inc., 10,0,22,87]
[PID: 1868 / new][C:\Program Files\GridService\peer.exe]  [FS2YOU, 2, 1, 10, 8366]
    [C:\WINDOWS\System32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Documents and Settings\new\Application Data\FlashGetBHO\FlashGetBHO3.dll]  [Trend Media Group, 1.0.0.1007]
[PID: 1884 / new][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Documents and Settings\new\Application Data\FlashGetBHO\FlashGetBHO3.dll]  [Trend Media Group, 1.0.0.1007]
[PID: 1904 / new][D:\Program Files\FlashGet Network\FlashGet 3\Flashget3.exe]  [Trend Media Corporation Limited, 3, 2, 0, 1069]
    [D:\Program Files\FlashGet Network\FlashGet 3\commonlib.dll]  [Trend Media Corporation Limited, 3, 0, 0, 1032]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Documents and Settings\new\Application Data\FlashGetBHO\FlashGetBHO3.dll]  [Trend Media Group, 1.0.0.1007]
    [D:\Program Files\FlashGet Network\FlashGet 3\BugReport.dll]  [, 1, 3, 0, 1011]
    [D:\Program Files\FlashGet Network\FlashGet 3\dbghelp.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [D:\Program Files\FlashGet Network\FlashGet 3\zlib.dll]  [, 1.1.4.0]
    [D:\Program Files\FlashGet Network\FlashGet 3\componentskrnl.dll]  [Trend Media Corporation Limited, 3, 0, 0, 1032]
    [D:\Program Files\FlashGet Network\FlashGet 3\fnsDirectuix.dll]  [Trend Media Corporation Limited, 3, 0, 0, 1032]
    [D:\Program Files\FlashGet Network\FlashGet 3\fnsSkinX.dll]  [Trend Media Corporation Limited, 3, 0, 0, 1032]
    [D:\Program Files\FlashGet Network\FlashGet 3\fnsScheduler.dll]  [Trend Media Corporation Limited, 3, 0, 0, 1032]
    [D:\Program Files\FlashGet Network\FlashGet 3\P2SCore.dll]  [FlashGet.com, 3, 1, 0, 93]
    [D:\Program Files\FlashGet Network\FlashGet 3\P2PCore.dll]  [FlashGet.com, 3, 1, 0, 92]
    [D:\Program Files\FlashGet Network\FlashGet 3\fnsStatistics.dll]  [Trend Media Corporation Limited, 3, 0, 0, 1032]
    [D:\Program Files\FlashGet Network\FlashGet 3\fnsSecurity.dll]  [Trend Media Corporation Limited, 3, 0, 0, 1032]
    [D:\Program Files\FlashGet Network\FlashGet 3\fnsArchive.dll]  [Trend Media Corporation Limited, 3, 0, 0, 1032]
    [D:\Program Files\FlashGet Network\FlashGet 3\adns.dll]  [FlashGet.com, 1, 0, 0, 6]
    [C:\WINDOWS\system32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
    [D:\Program Files\FlashGet Network\FlashGet 3\corestat.dll]  [FLASHGET, 3, 1, 0, 90]
    [D:\Program Files\FlashGet Network\FlashGet 3\VodCore.dll]  [, 1.0.0.16]
    [D:\Program Files\FlashGet Network\FlashGet 3\fnsLanguage.dll]  [Trend Media Corporation Limited, 1, 0, 0, 1032]
    [D:\Program Files\FlashGet Network\FlashGet 3\btcoreu.dll]  [FLASHGET, 3, 1, 0, 89]
    [D:\Program Files\FlashGet Network\FlashGet 3\SnapShot.dll]  [ FlashGet, 1, 0, 0, 1027]
    [D:\Program Files\FlashGet Network\FlashGet 3\unrar.dll]  [N/A, ]
    [D:\Program Files\FlashGet Network\FlashGet 3\id3lib.dll]  [http://www.id3lib.org/, 3.8.3]
    [D:\Program Files\FlashGet Network\FlashGet 3\libem.dll]  [FLASHGET, 3, 1, 0, 89]
    [D:\Program Files\FlashGet Network\FlashGet 3\SamplerCli.dll]  [ , 1, 0, 0, 1002]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
    [C:\WINDOWS\system32\shdoclc.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Program Files\360\360Safe\safemon\safemon.dll]  [360.CN, 5, 0, 0, 1022]
    [D:\Program Files\FlashGet Network\FlashGet 3\ckcore.dll]  [, 1, 0, 0, 13]
    [C:\WINDOWS\system32\Macromed\Flash\Flash10c.ocx]  [Adobe Systems, Inc., 10,0,32,18]
[PID: 1936 / new][D:\Program Files\FlashGet Network\FlashGet 3\mxhelper.exe]  [N/A, ]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Documents and Settings\new\Application Data\FlashGetBHO\FlashGetBHO3.dll]  [Trend Media Group, 1.0.0.1007]
[PID: 1336 / SYSTEM][C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe]  [ESET, 4.0.441.0 ]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnScan.dll]  [ESET, 4.0.441.0 ]
    [C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnAmon.dll]  [ESET, 4.0.441.0 ]
    [C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnEmon.dll]  [ESET, 4.0.441.0 ]
    [C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnDmon.dll]  [ESET, 4.0.441.0 ]
    [C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnEpfw.dll]  [ESET, 4.0.441.0 ]
    [C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnUpdate.dll]  [ESET, 4.0.441.0 ]
    [C:\Program Files\ESET\ESET NOD32 Antivirus\updater.dll]  [ESET, 4.0.441.0 ]
    [C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnMailPlugins.dll]  [ESET, 4.0.441.0 ]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
[PID: 2452 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\MSWSOCK.DLL]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 2760 / new][C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe]  [ESET, 4.0.441.0 ]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80CHS.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Program Files\360\360Safe\safemon\safemon.dll]  [360.CN, 5, 0, 0, 1022]
    [C:\Documents and Settings\new\Application Data\FlashGetBHO\FlashGetBHO3.dll]  [Trend Media Group, 1.0.0.1007]
    [C:\Program Files\ESET\ESET NOD32 Antivirus\eguiScan.dll]  [ESET, 4.0.441.0 ]
    [C:\Program Files\ESET\ESET NOD32 Antivirus\eguiAmon.dll]  [ESET, 4.0.441.0 ]
    [C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEmon.dll]  [ESET, 4.0.441.0 ]
    [C:\Program Files\ESET\ESET NOD32 Antivirus\eguiDmon.dll]  [ESET, 4.0.441.0 ]
    [C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEpfw.dll]  [ESET, 4.0.441.0 ]
    [C:\Program Files\ESET\ESET NOD32 Antivirus\eguiUpdate.dll]  [ESET, 4.0.441.0 ]
    [C:\Program Files\ESET\ESET NOD32 Antivirus\eguiMailPlugins.dll]  [ESET, 4.0.441.0 ]
[PID: 2108 / new][C:\Program Files\SogouInput\4.2.1.2707\pinyinup.exe]  [Sogou.com Inc., 4.2.1.2707]
    [C:\Program Files\SogouInput\4.2.1.2707\HWSignature.dll]  [Sogou.com Inc., 4.2.1.2707]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Program Files\SogouInput\4.2.1.2707\popup.dll]  [Sogou.com Inc., 1.2.0.0192]
    [C:\Program Files\360\360Safe\safemon\safemon.dll]  [360.CN, 5, 0, 0, 1022]
    [C:\Documents and Settings\new\Application Data\FlashGetBHO\FlashGetBHO3.dll]  [Trend Media Group, 1.0.0.1007]
    [C:\WINDOWS\System32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
    [C:\WINDOWS\system32\shdoclc.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 2404 / new][C:\Program Files\SogouInput\4.2.1.2707\PinyinUp.exe]  [Sogou.com Inc., 4.2.1.2707]
    [C:\Program Files\SogouInput\4.2.1.2707\HWSignature.dll]  [Sogou.com Inc., 4.2.1.2707]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\System32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
    [C:\Program Files\360\360Safe\safemon\safemon.dll]  [360.CN, 5, 0, 0, 1022]
    [C:\Documents and Settings\new\Application Data\FlashGetBHO\FlashGetBHO3.dll]  [Trend Media Group, 1.0.0.1007]
[PID: 2112 / new][C:\Program Files\Maxthon2\Maxthon.exe]  [Maxthon International ltd., 2, 5, 9, 2122]
    [C:\Program Files\Maxthon2\MxProxy2.dll]  [Maxthon International ltd., 1, 0, 0, 4331]
    [C:\Program Files\Maxthon2\MxUI.dll]  [Maxthon International ltd., 3, 3, 1, 30]
    [C:\Program Files\Maxthon2\MxAccount.dll]  [Maxthon International ltd., 1, 0, 0, 27]
    [C:\Program Files\Maxthon2\MxHttpRq.dll]  [Maxthon International ltd., 1, 0, 0, 8]
    [C:\Program Files\Maxthon2\MxTool.dll]  [, 1, 0, 0, 3]
    [C:\Program Files\Maxthon2\maxzlib.dll]  [, 1.2.3]
    [C:\Program Files\Maxthon2\MxPp.dll]  [Maxthon International ltd., 1, 0, 0, 321]
    [C:\Program Files\Maxthon2\MxSk.dll]  [Maxthon, 1, 0, 0, 487]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Program Files\360\360Safe\safemon\safemon.dll]  [360.CN, 5, 0, 0, 1022]
    [C:\Documents and Settings\new\Application Data\FlashGetBHO\FlashGetBHO3.dll]  [Trend Media Group, 1.0.0.1007]
    [C:\Documents and Settings\new\Application Data\FlashGetBHO\FlashGetHook.dll]  [Trend Media Group, 1.0.0.1015]
    [C:\Program Files\Maxthon2\mxtool2.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\quartz.dll]  [Microsoft Corporation, 6.05.2600.5596]
    [C:\Program Files\Maxthon2\MxFav.dll]  [Maxthon International ltd., 2, 0, 0, 140]
    [C:\Program Files\Maxthon2\Modules\MxWebBoost\MxWebBoost.dll]  [Maxthon, 1,0,2,1269]
    [C:\Program Files\Maxthon2\mxdb.dll]  [Max, 3, 5, 3, 125]
    [C:\Program Files\Maxthon2\Modules\MxHistory\MxHistory.dll]  [Maxthon International ltd., 1, 0, 0, 302]
    [C:\Program Files\Maxthon2\Modules\MxVideoPopup\MxVideoPopup.dll]  [Maxthon International ltd., 1, 0, 0, 10]
    [C:\WINDOWS\system32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
    [C:\Program Files\Maxthon2\Modules\MxUrlSec\MxUrlSec.dll]  [Maxthon International ltd., 1, 0, 0, 4]
    [C:\Program Files\Maxthon2\Modules\MxMute\MxMute.dll]  [Maxthon International ltd., 1, 0, 0, 9]
    [C:\WINDOWS\system32\shdoclc.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Program Files\Maxthon2\Modules\MxPageSearch\MxPageSearch.dll]  [Maxthon International ltd., 1,0,0,1892]
    [C:\WINDOWS\system32\Macromed\Flash\Flash10c.ocx]  [Adobe Systems, Inc., 10,0,32,18]
    [C:\WINDOWS\system32\mscoree.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\system32\SOGOUPY.IME]  [Sogou.com Inc., 4.2.1.2707]
    [C:\Program Files\SogouInput\4.2.1.2707\Resource.dll]  [Sogou.com Inc., 4.2.1.2707]
[PID: 3140 / new][F:\sreng2\SREngLdr.EXE]  [Smallfrogs Studio, 2.8.1.1279]
[PID: 2752 / new][F:\sreng2\SREcec25149.EXE]  [Smallfrogs Studio, 2.8.1.1279]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Program Files\360\360Safe\safemon\safemon.dll]  [360.CN, 5, 0, 0, 1022]
    [C:\Documents and Settings\new\Application Data\FlashGetBHO\FlashGetBHO3.dll]  [Trend Media Group, 1.0.0.1007]
    [C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [F:\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
    [C:\WINDOWS\System32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
MSAFD Tcpip [TCP/IP]
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD Tcpip [UDP/IP]
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD Tcpip [RAW/IP]
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{78B7C480-EF46-4691-921C-4D414B39FB4E}] SEQPACKET 0
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{78B7C480-EF46-4691-921C-4D414B39FB4E}] DATAGRAM 0
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{F6C60E97-F8D3-4E62-9FA2-A9D685B07D97}] SEQPACKET 1
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{F6C60E97-F8D3-4E62-9FA2-A9D685B07D97}] DATAGRAM 1
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{90284CC5-9E19-496E-A350-36F5EAF0B47E}] SEQPACKET 2
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{90284CC5-9E19-496E-A350-36F5EAF0B47E}] DATAGRAM 2
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{5815E8BF-A92B-413A-9792-9F97B713F2D9}] SEQPACKET 3
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{5815E8BF-A92B-413A-9792-9F97B713F2D9}] DATAGRAM 3
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{6918C6E4-036D-48CE-BD3E-8A9D0E41C7E4}] SEQPACKET 4
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{6918C6E4-036D-48CE-BD3E-8A9D0E41C7E4}] DATAGRAM 4
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1       localhost
127.0.0.1	858656.com
127.0.0.1	my123.com
127.0.0.1	8749.com
127.0.0.1	4199.com
127.0.0.1	7379.com
127.0.0.1	7255.com
127.0.0.1	3448.com
127.0.0.1	7939.com
127.0.0.1	8009.com
127.0.0.1	piaoxue.com
127.0.0.1	kzdh.com
127.0.0.1	about.blank.la
127.0.0.1	6781.com
127.0.0.1	7322.com
127.0.0.1	9991.com

==================================
进程特权扫描
特殊特权被允许： SeLoadDriverPrivilege [PID = 1868, C:\PROGRAM FILES\GRIDSERVICE\PEER.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 3140, F:\SRENG2\SRENGLDR.EXE]

==================================
计划任务
[已启用] SogouImeMgr.job
        C:\PROGRA~1\SOGOUI~1\421~1.270\PinyinRepair.exe 

==================================
Windows 安全更新检查
 Microsoft .NET Framework 版本 1.1，简体中文版 
KB829019,  Microsoft .NET Framework 2.0 语言包：x86 (KB829019) 
KB943649,  Outlook 2003 更新 (KB943649) 
KB945185,  Office 2003 安全更新 (KB945185) MS08-013
KB907417,  Office 2003 更新 (KB907417) 
KB943973,  Microsoft Works Suite 2005 安全更新 (KB943973) MS08-011
KB925850,  Windows Media Player 11 
KB950213,  Microsoft Office Publisher 2003 安全更新 (KB950213) MS08-027
KB940157,  用于 Windows XP 的 Windows 搜索 4.0 (KB940157) 
KB953432,  Microsoft Office Outlook 2003 更新 (KB953432) 
KB902344,  启用了 WMDRM 的 Media Player 更新程序 (KB902344) 
KB951066,  用于 Windows XP 的 Outlook Express 安全更新程序 (KB951066) MS08-048
KB952954,  Windows XP 安全更新程序 (KB952954) MS08-046
KB950974,  Microsoft XP 安全更新程序 (KB950974) MS08-049
KB952287,  Windows XP 更新程序 (KB952287) 
KB921598,  Microsoft Office 2003 安全更新 (KB921598) MS08-044
KB955439,  Access Snapshot Viewer 2003 安全更新 (KB955439) MS08-041
KB953404,  Microsoft Office 2003 安全更新 (KB953404) MS08-055
KB928416,  Microsoft .NET Framework 3.0： x86 语言包 (KB928416) 
KB949810,  Office 正版增值计划通知 (KB949810)-CHS 
KB958644,  Windows XP 安全更新程序 (KB958644) MS08-067
KB951535,  Microsoft Office 2003 安全更新 (KB951535) MS08-069
KB955069,  Windows XP 安全更新程序 (KB955069) MS08-069
KB954459,  Windows XP 安全更新程序 (KB954459) MS08-069
KB957097,  Windows XP 安全更新程序 (KB957097) MS08-068
KB943729,  用于 Windows XP 的组策略首选项客户端扩展 (KB943729) 
KB956802,  Windows XP 安全更新程序 (KB956802) MS08-071
KB952069,  Windows XP Service Pack 3 安全更新程序 (KB952069) MS08-076
KB956803,  Windows XP 安全更新程序 (KB956803) MS08-066
KB958687,  Windows XP 安全更新程序 (KB958687) MS09-001
KB967715,  Windows XP 更新程序 (KB967715) 
KB926140,  用于 Windows XP 的 Windows PowerShell 1.0 (KB926140) 
KB905474,  Windows Genuine Advantage 通知 (KB905474) 
KB909520,  Microsoft 基本智能卡加密服务提供程序包： x86 (KB909520) 
KB923561,  Windows XP 安全更新程序 (KB923561) MS09-010
KB956572,  Windows XP 安全更新程序 (KB956572) MS09-012
KB952004,  Windows XP 安全更新程序 (KB952004) MS09-012
KB960803,  Windows XP 安全更新程序 (KB960803) MS09-013
KB959426,  Windows XP 安全更新程序 (KB959426) MS09-015
KB957784,  Microsoft Office PowerPoint 2003 安全更新 (KB957784) MS09-017
KB961501,  Windows XP 安全更新程序 (KB961501) MS09-022
KB968537,  Windows XP 安全更新程序 (KB968537) MS09-025
KB970238,  Windows XP 安全更新程序 (KB970238) MS09-026
KB969681,  Microsoft Office Excel 2003 安全更新 (KB969681) MS09-021
KB969603,  Microsoft Office Word 2003 安全更新 (KB969603) MS09-027
KB971633,  Windows XP 安全更新程序 (KB971633) MS09-028
KB973923,  Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package 的安全更新 (KB973923) MS09-035
KB947319,  Microsoft Office Web Components 安全更新 (KB947319) MS09-043
KB970653,  Windows XP 更新程序 (KB970653) 
KB961371,  Windows XP 安全更新程序 (KB961371) MS09-029
KB944036,  用于 Windows XP 的 Internet Explorer 8 
KB974331,  Microsoft Silverlight 更新 (KB974331) 
KB974331,  Windows Live 软件包 
KB931125,  根证书更新 [2009 年 9 月] (KB931125) 
KB974554,  Microsoft Office 2003 安全更新 (KB974554) MS09-060
KB973705,  Microsoft Office Outlook 2003 安全更新 (KB973705) MS09-060
KB974771,  Outlook 2003 垃圾邮件筛选器更新 (KB974771) 
KB890830,  Windows 恶意软件删除工具 - 2009 年 10 月 (KB890830) 
KB954430,  Microsoft XML Core Services 4.0 Service Pack 2 安全更新程序 (KB954430) MS08-069
KB951847,  Microsoft .NET Framework 3.5 Service Pack 1 和用于 .NET 版本 2.0 至 3.5 的 .NET Framework 3.5 Family Update (KB951847) x86 
KB971513,  Windows XP 更新程序 (KB971513) 

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]