驱动程序
[Microsoft ACPI Driver / ACPI][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\ACPI.sys><Microsoft Corporation>
[Microsoft Kernel Acoustic Echo Canceller / aec][Stopped/Manual Start]
  <system32\drivers\aec.sys><Microsoft Corporation>
[AFD 网络支持环境 / AFD][Running/Auto Start]
  <\SystemRoot\System32\drivers\afd.sys><Microsoft Corporation>
[Intel AGP Bus Filter / agp440][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\agp440.sys><Microsoft Corporation>
[Service for WDM 3D Audio Driver / ALCXSENS][Running/Manual Start]
  <system32\drivers\ALCXSENS.SYS><Sensaura Ltd>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter / AN983][Running/Manual Start]
  <System32\DRIVERS\AN983.sys><ADMtek Incorporated.>
[RAS Asynchronous Media Driver / AsyncMac][Stopped/Manual Start]
  <System32\DRIVERS\asyncmac.sys><Microsoft Corporation>
[标准 IDE/ESDI 硬盘控制器 / atapi][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\atapi.sys><Microsoft Corporation>
[ati2mtag / ati2mtag][Stopped/Manual Start]
  <System32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[ATM ARP Client Protocol / Atmarpc][Stopped/Manual Start]
  <System32\DRIVERS\atmarpc.sys><Microsoft Corporation>
[音频存根驱动程序 / audstub][Stopped/Manual Start]
  <System32\DRIVERS\audstub.sys><Microsoft Corporation>
[CD-ROM Driver / Cdrom][Running/System Start]
  <System32\DRIVERS\cdrom.sys><Microsoft Corporation>
[d343bus / d343bus][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\d343bus.sys><>
[d343port / d343port][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\d343port.sys><>
[DigitalChina DCN-530TX Fast Ethernet Adapter Windows Driver / DCN530][Stopped/Manual Start]
  <System32\DRIVERS\DCN530N5.sys><Digitalchina Networks Limited.>
[磁盘驱动器 / Disk][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\disk.sys><Microsoft Corporation>
[dmboot / dmboot][Stopped/Disabled]
  <System32\drivers\dmboot.sys><Microsoft Corp., Veritas Software>
[Logical Disk Manager Driver / dmio][Running/Boot Start]
  <\SystemRoot\System32\drivers\dmio.sys><Microsoft Corp., Veritas Software>
[dmload / dmload][Running/Boot Start]
  <\SystemRoot\System32\drivers\dmload.sys><Microsoft Corp., Veritas Software.>
[Microsoft Kernel DLS Syntheiszer / DMusic][Stopped/Manual Start]
  <system32\drivers\DMusic.sys><Microsoft Corporation>
[Microsoft Kernel DRM Audio Descrambler / drmkaud][Stopped/Manual Start]
  <system32\drivers\drmkaud.sys><Microsoft Corporation>
[Floppy Disk Controller Driver / Fdc][Running/Manual Start]
  <System32\DRIVERS\fdc.sys><Microsoft Corporation>
[软盘驱动程序 / Flpydisk][Running/Manual Start]
  <System32\DRIVERS\flpydisk.sys><Microsoft Corporation>
[FsVga / FsVga][Stopped/System Start]
  <System32\DRIVERS\fsvga.sys><Microsoft Corporation>
[Volume Manager Driver / Ftdisk][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\ftdisk.sys><Microsoft Corporation>

[Game Port Enumerator / gameenum][Stopped/Manual Start]
  <System32\DRIVERS\gameenum.sys><Microsoft Corporation>
[Generic Packet Classifier / Gpc][Running/Manual Start]
  <System32\DRIVERS\msgpc.sys><Microsoft Corporation>
[Microsoft HID Class Driver / hidusb][Stopped/Manual Start]
  <System32\DRIVERS\hidusb.sys><Microsoft Corporation>
[i8042 键盘和 PS/2 鼠标端口驱动程序 / i8042prt][Running/System Start]
  <System32\DRIVERS\i8042prt.sys><Microsoft Corporation>
[CD 烧制筛选驱动器 / Imapi][Stopped/System Start]
  <System32\DRIVERS\imapi.sys><Microsoft Corporation>
[IPv6 防火墙驱动程序 / Ip6Fw][Stopped/Manual Start]
  <System32\DRIVERS\Ip6Fw.sys><Microsoft Corporation>
[IP Traffic Filter Driver / IpFilterDriver][Stopped/Manual Start]
  <System32\DRIVERS\ipfltdrv.sys><Microsoft Corporation>
[IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start]
  <System32\DRIVERS\ipinip.sys><Microsoft Corporation>
[IP Network Address Translator / IpNat][Running/Manual Start]
  <System32\DRIVERS\ipnat.sys><Microsoft Corporation>
[IPSEC driver / IPSec][Running/System Start]
  <System32\DRIVERS\ipsec.sys><Microsoft Corporation>
[IR Enumerator Service / IRENUM][Stopped/Manual Start]
  <System32\DRIVERS\irenum.sys><Microsoft Corporation>
[PnP ISA/EISA Bus Driver / isapnp][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\isapnp.sys><Microsoft Corporation>
[Keyboard Class Driver / Kbdclass][Running/System Start]
  <System32\DRIVERS\kbdclass.sys><Microsoft Corporation>
[Microsoft Kernel Wave Audio Mixer / kmixer][Stopped/Manual Start]
  <system32\drivers\kmixer.sys><Microsoft Corporation>
[Mouse Class Driver / Mouclass][Running/System Start]
  <System32\DRIVERS\mouclass.sys><Microsoft Corporation>
[Mouse HID Driver / mouhid][Stopped/Manual Start]
  <System32\DRIVERS\mouhid.sys><Microsoft Corporation>
[WebDav Client Redirector / MRxDAV][Running/Manual Start]
  <System32\DRIVERS\mrxdav.sys><Microsoft Corporation>
[MRxSmb / MRxSmb][Running/System Start]
  <System32\DRIVERS\mrxsmb.sys><Microsoft Corporation>
[Microsoft Streaming Service Proxy / MSKSSRV][Stopped/Manual Start]
  <system32\drivers\MSKSSRV.sys><Microsoft Corporation>
[Microsoft Streaming Clock Proxy / MSPCLOCK][Stopped/Manual Start]
  <system32\drivers\MSPCLOCK.sys><Microsoft Corporation>
[Microsoft Streaming Quality Manager Proxy / MSPQM][Stopped/Manual Start]
  <system32\drivers\MSPQM.sys><Microsoft Corporation>
[Microsoft MPU-401 MIDI UART Driver / ms_mpu401][Stopped/Manual Start]
  <system32\drivers\msmpu401.sys><Microsoft Corporation>
[NAVAP / NAVAP][Running/Manual Start]
  <\??\C:\PROGRA~1\SYMANT~1\SYMANT~1\NAVAP.sys><Symantec Corporation>
[NAVAPEL / NAVAPEL][Running/Auto Start]
  <\??\C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NAVAPEL.SYS><Symantec Corporation>
[NAVENG / NAVENG][Running/Manual Start]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20040417.021\NAVENG.sys><Symantec Corporation>
[NAVEX15 / NAVEX15][Running/Manual Start]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20040417.021\NAVEX15.sys><Symantec Corporation>
[Remote Access NDIS TAPI Driver / NdisTapi][Running/Manual Start]
  <System32\DRIVERS\ndistapi.sys><Microsoft Corporation>
[NDIS 用户模式 I/O 协议 / Ndisuio][Running/Manual Start]
  <System32\DRIVERS\ndisuio.sys><Microsoft Corporation>
[Remote Access NDIS WAN Driver / NdisWan][Running/Manual Start]
  <System32\DRIVERS\ndiswan.sys><Microsoft Corporation>
[NetBIOS Interface / NetBIOS][Running/System Start]
  <System32\DRIVERS\netbios.sys><Microsoft Corporation>
[NetBios over Tcpip / NetBT][Running/System Start]
  <System32\DRIVERS\netbt.sys><Microsoft Corporation>
[nv / nv][Running/Manual Start]
  <System32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[IPX Traffic Filter Driver / NwlnkFlt][Stopped/Manual Start]
  <System32\DRIVERS\nwlnkflt.sys><Microsoft Corporation>
[IPX Traffic Forwarder Driver / NwlnkFwd][Stopped/Manual Start]
  <System32\DRIVERS\nwlnkfwd.sys><Microsoft Corporation>
[Parallel port driver / Parport][Stopped/Manual Start]
  <System32\DRIVERS\parport.sys><Microsoft Corporation>
[PCI Bus Driver / PCI][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\pci.sys><Microsoft Corporation>
[PCIIde / PCIIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\pciide.sys><Microsoft Corporation>
[WAN Miniport (PPTP) / PptpMiniport][Running/Manual Start]
  <System32\DRIVERS\raspptp.sys><Microsoft Corporation>
[处理器驱动程序 / Processor][Running/System Start]
  <System32\DRIVERS\processr.sys><Microsoft Corporation>
[QoS Packet Scheduler / PSched][Running/Manual Start]
  <System32\DRIVERS\psched.sys><Microsoft Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Remote Access Auto Connection Driver / RasAcd][Running/System Start]
  <System32\DRIVERS\rasacd.sys><Microsoft Corporation>
[WAN Miniport (L2TP) / Rasl2tp][Running/Manual Start]
  <System32\DRIVERS\rasl2tp.sys><Microsoft Corporation>
[远程访问 PPPOE 驱动程序 / RasPppoe][Running/Manual Start]
  <System32\DRIVERS\raspppoe.sys><Microsoft Corporation>
[Direct Parallel / Raspti][Running/Manual Start]
  <System32\DRIVERS\raspti.sys><Microsoft Corporation>
[Rdbss / Rdbss][Running/System Start]
  <System32\DRIVERS\rdbss.sys><Microsoft Corporation>
[RDPCDD / RDPCDD][Running/System Start]
  <System32\DRIVERS\RDPCDD.sys><Microsoft Corporation>
[Terminal Server Device Redirector Driver / rdpdr][Stopped/Manual Start]
  <System32\DRIVERS\rdpdr.sys><Microsoft Corporation>
[Digital CD Audio Playback Filter Driver / redbook][Running/System Start]
  <System32\DRIVERS\redbook.sys><Microsoft Corporation>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start]
  <System32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <System32\DRIVERS\secdrv.sys><N/A>
[Serenum Filter Driver / serenum][Running/Manual Start]
  <System32\DRIVERS\serenum.sys><Microsoft Corporation>
[Serial port driver / Serial][Running/System Start]
  <System32\DRIVERS\serial.sys><Microsoft Corporation>
[Microsoft Kernel Audio Splitter / splitter][Stopped/Manual Start]
  <system32\drivers\splitter.sys><Microsoft Corporation>
[System Restore Filter Driver / sr][Stopped/Disabled]
  <\SystemRoot\System32\DRIVERS\sr.sys><Microsoft Corporation>
[Srv / Srv][Running/Manual Start]
  <System32\DRIVERS\srv.sys><Microsoft Corporation>
[Software Bus Driver / swenum][Running/Manual Start]
  <System32\DRIVERS\swenum.sys><Microsoft Corporation>
[Microsoft Kernel GS Wavetable Synthesizer / swmidi][Stopped/Manual Start]
  <system32\drivers\swmidi.sys><Microsoft Corporation>
[SymEvent / SymEvent][Running/Manual Start]
  <\??\C:\Program Files\Symantec\SYMEVENT.SYS><Symantec Corporation>
[Microsoft Kernel System Audio Device / sysaudio][Running/Manual Start]
  <system32\drivers\sysaudio.sys><Microsoft Corporation>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
  <System32\DRIVERS\tcpip.sys><Microsoft Corporation>
[Terminal Device Driver / TermDD][Running/System Start]
  <System32\DRIVERS\termdd.sys><Microsoft Corporation>
[Microcode Update Driver / Update][Stopped/Manual Start]
  <System32\DRIVERS\update.sys><Microsoft Corporation>
[Microsoft USB 2.0 Enhanced Host Controller Miniport Driver / usbehci][Stopped/Manual Start]
  <System32\DRIVERS\usbehci.sys><Microsoft Corporation>
[USB2 Enabled Hub / usbhub][Running/Manual Start]
  <System32\DRIVERS\usbhub.sys><Microsoft Corporation>
[Microsoft USB Universal Host Controller Miniport Driver / usbuhci][Running/Manual Start]
  <System32\DRIVERS\usbuhci.sys><Microsoft Corporation>
[VgaSave / VgaSave][Running/System Start]
  <\SystemRoot\System32\drivers\vga.sys><Microsoft Corporation>
[VIA AGP Bus Filter / viaagp][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\viaagp.sys><Microsoft Corporation>
[ViaIde / ViaIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\viaide.sys><Microsoft Corporation>
[Remote Access IP ARP Driver / Wanarp][Running/Manual Start]
  <System32\DRIVERS\wanarp.sys><Microsoft Corporation>
[Microsoft WINMM WDM Audio Compatibility Driver / wdmaud][Running/Manual Start]
  <system32\drivers\wdmaud.sys><Microsoft Corporation>
[WINIO / WINIO][Stopped/Manual Start]
  <\??\H:\DRIVER\Audio\winio.sys><N/A>
[USB 大容量存储设备 / USBSTOR][Stopped/Manual Start]
  <System32\DRIVERS\USBSTOR.SYS><Microsoft Corporation>

浏览器加载项
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FlashGet\jccatch.dll, Amaze Soft>
[]
  {B3ECCAC9-C7FA-462C-894B-8E9930A70E14} <C:\PROGRA~1\KuGoo\IEHELP~1.DLL, N/A>
[解霸]
  {367E0A21-8601-4986-9C9A-153BF5ACA118} <C:\HEROSOFT\Hero3000\MPLAYER.EXE, N/A>
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <, N/A>
[FlashGet]
  {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <C:\PROGRA~1\FlashGet\flashget.exe, Amaze Soft>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\MSMSGS.EXE, Microsoft Corporation>
[电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FlashGet\fgiebar.dll, Amaze Soft>
[使用网际快车下载]
  <C:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <C:\Program Files\FlashGet\jc_all.htm, N/A>
[解霸实时播放]
  <C:\HEROSOFT\Hero3000\MPURLGET.HTM, N/A>

==================================
正在运行的进程
[PID: 428][\SystemRoot\System32\smss.exe]  [N/A, N/A]
[PID: 476][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 500][\??\C:\WINDOWS\System32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\System32\NavLogon.dll]  [N/A, N/A]
[PID: 544][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 556][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 740][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 792][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 864][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 936][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1188][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2800.1221 (xpsp2.030511-1403)]
    [C:\Program Files\HTime\SYSHOOK.DLL]  [N/A, N/A]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll]  [Symantec Corporation, 8.1.0.821]
    [C:\PROGRA~1\FlashGet\jccatch.dll]  [Amaze Soft, 1, 1, 4, 0]
    [C:\PROGRA~1\KuGoo\IEHELP~1.DLL]  [N/A, N/A]
[PID: 1224][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[PID: 1340][C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe]  [Symantec Corporation, 8.1.0.821]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Cliscan.dll]  [Symantec Corporation, 8.1.0.821]
    [C:\PROGRA~1\SYMANT~1\SYMANT~1\NAVNTUTL.DLL]  [Symantec/Peter Norton Group, 1, 0, 0, 1]
[PID: 1348][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.0.1622]
[PID: 1360][C:\Program Files\HTime\HTime.exe]  [N/A, N/A]
    [C:\Program Files\HTime\SYSHOOK.DLL]  [N/A, N/A]
[PID: 1400][C:\WINDOWS\SOUNDMAN.EXE]  [Realtek Semiconductor Corp., 5.1.0.21]
[PID: 1440][C:\WINDOWS\System32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 1472][C:\Program Files\Messenger\msmsgs.exe]  [Microsoft Corporation, 4.7.2009]
    [C:\WINDOWS\System32\msdmo.dll]  [N/A, N/A]
[PID: 168][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 188][C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe]  [Symantec Corporation, 8.1.0.821]
[PID: 208][C:\WINDOWS\system32\netdde.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 268][C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe]  [Symantec Corporation, 8.1.0.821]
    [C:\WINDOWS\System32\CBA.DLL]  [Intel? Corporation, 6.12.0.105 E]
    [C:\WINDOWS\System32\MsgSys.dll]  [Intel? Corporation, 6.12.0.105 E]
    [C:\WINDOWS\System32\NTS.dll]  [Intel? Corporation, 6.12.0.105 E]
    [C:\WINDOWS\System32\PDS.DLL]  [Intel? Corporation, 6.12.0.105 E]
    [C:\PROGRA~1\SYMANT~1\SYMANT~1\NAVLU.dll]  [Symantec Corporation, 8.1.0.821]
    [C:\PROGRA~1\SYMANT~1\SYMANT~1\NAVNTUTL.DLL]  [Symantec/Peter Norton Group, 1, 0, 0, 1]
    [C:\PROGRA~1\SYMANT~1\SYMANT~1\i2ldvp3.dll]  [Symantec Corporation, 8.1.0.821]
    [C:\PROGRA~1\SYMANT~1\SYMANT~1\NAVAPI32.DLL]  [Symantec Corp., 4.2.0.7]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20040417.021\NAVEX32a.DLL]  [Symantec Corporation, 2003.03.1.2]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20040417.021\NAVENG32.DLL]  [Symantec Corporation, 2003.03.1.2]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NAVAP32.DLL]  [Symantec Corporation, 9.1.0.26]
[PID: 344][C:\WINDOWS\System32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.10.5303]
[PID: 464][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1680][C:\Program Files\WinRAR\WinRAR.exe]  [Eugene Roshal, 3.30]
    [C:\Program Files\HTime\SYSHOOK.DLL]  [N/A, N/A]
[PID: 652][C:\Program Files\EmEditor3\EMEDITOR.EXE]  [Emurasoft, Inc., 3, 3, 2, 0]
    [C:\Program Files\EmEditor3\EMEDRES.DLL]  [N/A, N/A]
    [C:\Program Files\EmEditor3\PlugIns\保存宏.dll]  [ , 3.09e]
    [C:\Program Files\EmEditor3\PlugIns\删除空行.dll]  [みなづき, 1, 0, 1, 0]
    [C:\Program Files\EmEditor3\PlugIns\删除行尾空格.dll]  [ , 1.09e]
    [C:\Program Files\EmEditor3\PlugIns\删除行首空格.dll]  [ , 2.10e]
    [C:\Program Files\EmEditor3\PlugIns\宏实用程序.dll]  [N/A, 3.09e]
    [C:\Program Files\EmEditor3\PlugIns\将数字按升序排列.dll]  [N/A, N/A]
    [C:\Program Files\EmEditor3\PlugIns\将数字按降序排列.dll]  [N/A, N/A]
    [C:\Program Files\EmEditor3\PlugIns\属性.dll]  [N/A, N/A]
    [C:\Program Files\EmEditor3\PlugIns\插入空格.dll]  [N/A, N/A]
    [C:\Program Files\EmEditor3\PlugIns\文本信息.dll]  [" ", 2.11Be]
    [C:\Program Files\EmEditor3\PlugIns\显示行号.dll]  [" ", 2.01]
    [C:\Program Files\EmEditor3\PlugIns\转为竖排.dll]  [N/A, N/A]
    [C:\Program Files\EmEditor3\PlugIns\转为简体中文.dll]  [N/A, N/A]
    [C:\Program Files\EmEditor3\PlugIns\转为繁体中文.dll]  [N/A, N/A]
    [C:\Program Files\EmEditor3\PlugIns\载入宏.dll]  [ , 3.09e]
    [C:\Program Files\HTime\SYSHOOK.DLL]  [N/A, N/A]
[PID: 1332][C:\Documents and Settings\Administrator\Rar$EX07.666\SREng.EXE]  [Smallfrogs Studio, 2.3.13.690]
    [C:\Program Files\HTime\SYSHOOK.DLL]  [N/A, N/A]

文件关联
.TXT  Error. [emeditor.txt]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  Error. [超级解霸3000]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
MSAFD Tcpip [TCP/IP]
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD Tcpip [UDP/IP]
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD Tcpip [RAW/IP]
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
RSVP UDP Service Provider
    C:\WINDOWS\system32\rsvpsp.dll(Microsoft Corporation, Microsoft Windows Rsvp 1.0 Service Provider)
RSVP TCP Service Provider
    C:\WINDOWS\system32\rsvpsp.dll(Microsoft Corporation, Microsoft Windows Rsvp 1.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{494F4E44-C3F4-43AD-8EBA-93A38A14C8F1}] SEQPACKET 6
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{494F4E44-C3F4-43AD-8EBA-93A38A14C8F1}] DATAGRAM 6
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{CD9FEFF4-1B1C-48D1-AC3D-A4E7DD49E685}] SEQPACKET 0
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{CD9FEFF4-1B1C-48D1-AC3D-A4E7DD49E685}] DATAGRAM 0
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{3C63CF3A-3E1D-4470-B174-3AE2495D9053}] SEQPACKET 5
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{3C63CF3A-3E1D-4470-B174-3AE2495D9053}] DATAGRAM 5
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{F89E8297-FCC1-4011-8C49-D305076E7BD0}] SEQPACKET 1
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{F89E8297-FCC1-4011-8C49-D305076E7BD0}] DATAGRAM 1
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{8AABC578-EE7D-458B-ABEE-8D013FE9BDE0}] SEQPACKET 2
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{8AABC578-EE7D-458B-ABEE-8D013FE9BDE0}] DATAGRAM 2
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{3E51AD92-E721-4071-8C7D-A00EADE89C70}] SEQPACKET 3
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{3E51AD92-E721-4071-8C7D-A00EADE89C70}] DATAGRAM 3
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{DCFBBDE6-D4CE-4BF2-A21D-482C0B6CE340}] SEQPACKET 4
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{DCFBBDE6-D4CE-4BF2-A21D-482C0B6CE340}] DATAGRAM 4
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)

==================================
Autorun.inf
[E:\]
[AutoRun]
open=sxs.exe
shellexecute=sxs.exe
shell\Auto\command=sxs.exe
[F:\]
[AutoRun]
open=sxs.exe
shellexecute=sxs.exe
shell\Auto\command=sxs.exe

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
API HOOK
N/A

==================================


[/CODE]

好了，高手指点下迷经，我下一步应该怎么走

高手快来呀