多谢，给看看CODE]

2007-07-15,15:15:14

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
    <BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}><"C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe">  [Nero AG]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <CnxDslTaskBar><C:\Program Files\OEM\AccessRunner ADSL\CnxDslTb.exe>  [Conexant Systems Inc.]
    <ATIPTA><C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe>  [ATI Technologies, Inc.]
    <StormCodec_Helper><"F:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>  []
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [N/A]
    <PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [N/A]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <NeroFilterCheck><C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe>  [Nero AG]
    <InCD><C:\Program Files\Nero\Nero 7\InCD\InCD.exe>  [Nero AG]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <PCSuiteTrayApplication><C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup>  [Nokia]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]

<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <DAEMON Tools><; "H:\DAEMON Tools\daemon.exe" -lang 2052>  [N/A]

==================================
启动文件夹
N/A

==================================
服务
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
  <C:\WINDOWS\system32\Ati2evxx.exe><>
[ATI Smart / ATI Smart][Stopped/Disabled]
  <C:\WINDOWS\system32\ati2sgag.exe><>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[InCD Helper / InCDsrv][Running/Auto Start]
  <C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe><Nero AG>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
  <"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[ServiceLayer / ServiceLayer][Stopped/Manual Start]
  <"C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe"><Nokia.>

==================================
驱动程序
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
  <system32\drivers\ac97intc.sys><Intel Corporation>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AMD K8 Processor Driver / AmdK8][Stopped/Manual Start]
  <System32\DRIVERS\amdk8.sys><Advanced Micro Devices>
[ati2mtag / ati2mtag][Running/Manual Start]
  <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[BdGuard / BdGuard][Running/Boot Start]
  <\SystemRoot\system32\drivers\BDGuard.SYS><>
[ICatch (VI) PC Camera / CA561][Running/Manual Start]
  <System32\Drivers\SPCA561.SYS><SP>
[USB ADSL WAN Adapter Filter Driver / CnxEtP][Running/Manual Start]
  <system32\DRIVERS\CnxEtP.sys><Conexant>
[USB ADSL Interface Device / CnxEtU][Running/Manual Start]
  <system32\DRIVERS\CnxEtU.sys><Conexant>
[USB ADSL WAN Adapter Driver / CnxTgN][Running/Manual Start]
  <system32\DRIVERS\CnxTgN.sys><Conexant Systems Inc.>
[ExpScaner / ExpScaner][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\ExpScan.sys><>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[HOOKAPI / HOOKAPI][Stopped/Manual Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\HookApi.Sys><瑞星软件有限公司>
[HookCont / HookCont][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\HookSys.sys><Rising>
[InCD File System / InCDfs][Running/Disabled]
  <system32\drivers\InCDFs.sys><Nero AG>
[InCDPass / InCDPass][Running/System Start]
  <system32\drivers\InCDPass.sys><Nero AG>
[InCD Reader / incdrm][Running/System Start]
  <system32\drivers\InCDRm.sys><Nero AG>
[MEMSCAN / MEMSCAN][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[Nokia USB Generic / Nokia USB Generic][Stopped/Manual Start]
  <system32\drivers\nmwcdc.sys><Nokia>
[Nokia USB Modem / Nokia USB Modem][Stopped/Manual Start]
  <system32\drivers\nmwcdcm.sys><Nokia>
[Nokia USB Phone Parent / Nokia USB Phone Parent][Stopped/Manual Start]
  <system32\drivers\nmwcd.sys><Nokia>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\C:\Program Files\QQ2006\npkcrypt.sys><INCA Internet Co., Ltd.>
[NPPTNT2 / NPPTNT2][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\npptNT2.sys><INCA Internet Co., Ltd.>
[nv / nv][Stopped/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>

[RSPPSYS / RSPPSYS][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\RSPPSYS.sys><Rising>
[Realtek 10/100/1000 PCI NIC Family NDIS XP Driver / RTL8023xp][Stopped/Manual Start]
  <system32\DRIVERS\Rtnicxp.sys><Realtek Semiconductor Corporation>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[sptd / sptd][Running/Boot Start]
  <\SystemRoot\System32\Drivers\sptd.sys><N/A>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>

==================================
浏览器加载项
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <F:\Program Files\迅雷5\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[Thunder Browser Helper]
  {06849E9E-C8D7-4D59-B87D-784B7D6BE0B3} <F:\Program Files\迅雷5\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <D:\新建文件夹 (3)\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[BitComet Helper]
  {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <F:\Program Files\BitComet\tools\BitCometBHO_1.1.6.14.dll, BitComet>
[BandIE Class]
  {77FEF28E-EB96-44FF-B511-3185DEA48697} <C:\Program Files\BaiDu\bar\BaiduBar.dll, Baidu.com, Inc.>
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <F:\Program Files\迅雷5\Thunder.exe, Thunder Networking Technologies,LTD>
[浩方对战平台]
  {0A155D3C-68E2-4215-A47A-E800A446447A} <D:\浩方战网\浩方对战平台\GameClient.exe, N/A>
[百度超级搜霸]
  {B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\Program Files\BaiDu\bar\BaiduBar.dll, Baidu.com, Inc.>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\LegitCheckControl.DLL, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <F:\Program Files\迅雷5\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[ActiveMovieControl Object]
  {05589FA1-C356-11CE-BF01-00AA0055595A} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {06849E9E-C8D7-4D59-B87D-784B7D6BE0B3} <F:\Program Files\迅雷5\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <D:\新建文件夹 (3)\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Web Browser Applet Control]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\system32\Msjava.dll, Microsoft Corporation>
[IeHelper Class]
  {0D42E1BD-09DD-4873-A826-9C7E793EB7B6} <F:\Program Files\迅雷5\Components\ResWorker\DSIeHelper.dll, Thunder Networking Technologies,LTD>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\Mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[BitComet Helper]
  {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <F:\Program Files\BitComet\tools\BitCometBHO_1.1.6.14.dll, BitComet>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[BandIE Class]
  {77FEF28E-EB96-44FF-B511-3185DEA48697} <C:\Program Files\BaiDu\bar\BaiduBar.dll, Baidu.com, Inc.>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[百度超级搜霸]
  {B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\Program Files\BaiDu\bar\BaiduBar.dll, Baidu.com, Inc.>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[Vod Class]
  {EEDD6FF9-13DE-496B-9A1C-D78B3215E266} <F:\Program Files\迅雷5\Components\DownAndPlay\DapPlayer1.0.0.41.dll, XunLei>
[&使用BitComet下载]
  <res://F:\Program Files\BitComet\BitComet.exe/AddLink.htm, N/A>
[&使用BitComet下载全部链接]
  <res://F:\Program Files\BitComet\BitComet.exe/AddAllLink.htm, N/A>
[&使用BitComet下载本页视频]
  <res://F:\Program Files\BitComet\BitComet.exe/AddVideo.htm, N/A>
[使用迅雷下载]
  <F:\Program Files\迅雷5\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <F:\Program Files\迅雷5\Program\getallurl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>

==================================
正在运行的进程
[PID: 436 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 512 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 544 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Ati2evxx.dll]  [, ]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 588 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 600 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 740 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe]  [, ]
[PID: 780 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

[PID: 856 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 896 / SYSTEM][C:\Program Files\Rising\Rav\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 912 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 964 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1004 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1036 / SYSTEM][C:\Program Files\Rising\Rav\Ravmond.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 49]
    [C:\Program Files\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Rising\Rav\rfwctrl.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
    [C:\Program Files\Rising\Rav\RsPPsys.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\Program Files\Rising\Rav\RsLog.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
    [C:\Program Files\Rising\Rav\HOOKSYS.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 0]
    [C:\Program Files\Rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 15]
    [C:\Program Files\Rising\Rav\libload.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
    [C:\Program Files\Rising\Rav\VirusLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 15]
    [C:\Program Files\Rising\Rav\regmon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [C:\Program Files\Rising\Rav\psapi.dll]  [Microsoft Corporation, 4.00]
    [C:\Program Files\Rising\Rav\HookWeb.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 1]
    [C:\Program Files\Rising\Rav\MemMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 14]
    [C:\Program Files\Rising\Rav\expscan.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\Rising\Rav\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
    [C:\Program Files\Rising\Rav\HookCont.dll]  [Rising, 19, 0, 0, 0]
    [C:\Program Files\Rising\Rav\SpamEng.dll]  [, 18, 0, 0, 6]
    [C:\Program Files\Rising\Rav\engine.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 30]
    [C:\Program Files\Rising\Rav\PostTrt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
    [C:\Program Files\Rising\Rav\UnExe.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [C:\Program Files\Rising\Rav\ScanExec.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
    [C:\Program Files\Rising\Rav\ScanEx.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 67]
    [C:\Program Files\Rising\Rav\ExtFile.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 36]
    [C:\Program Files\Rising\Rav\NvFile.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
    [C:\Program Files\Rising\Rav\ScanMac.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 14]
    [C:\Program Files\Rising\Rav\ScanSct.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 20]
    [C:\Program Files\Rising\Rav\ScanPack.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 24]
    [C:\Program Files\Rising\Rav\RsVM.dll]  [, 19, 0, 0, 19]
    [C:\Program Files\Rising\Rav\Uroutine.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 45]
    [C:\Program Files\Rising\Rav\Uscript.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
    [C:\Program Files\Rising\Rav\ExtOLE.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 14]
[PID: 1328 / SYSTEM][C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe]  [Nero AG, 5, 1, 0, 0]
    [C:\Program Files\Nero\Nero 7\InCD\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Nero\Nero 7\InCD\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Common Files\Ahead\lib\AdvrCntr2.dll]  [Nero AG, 2,5,0, 5900]
    [C:\Program Files\Common Files\Ahead\lib\DriveLocker.dll]  [Nero AG, 1, 0, 0, 18]
    [C:\Program Files\Nero\Nero 7\InCD\incdshx.dll]  [Nero AG, 5, 1, 0, 0]
    [C:\Program Files\Nero\Nero 7\InCD\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
[PID: 1344 / Administrator][C:\WINDOWS\system32\Ati2evxx.exe]  [, ]
[PID: 1408 / Administrator][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]

<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <DAEMON Tools><; "H:\DAEMON Tools\daemon.exe" -lang 2052>  [N/A]

==================================
启动文件夹
N/A

==================================
服务
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
  <C:\WINDOWS\system32\Ati2evxx.exe><>
[ATI Smart / ATI Smart][Stopped/Disabled]
  <C:\WINDOWS\system32\ati2sgag.exe><>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[InCD Helper / InCDsrv][Running/Auto Start]
  <C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe><Nero AG>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
  <"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[ServiceLayer / ServiceLayer][Stopped/Manual Start]
  <"C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe"><Nokia.>

==================================
驱动程序
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
  <system32\drivers\ac97intc.sys><Intel Corporation>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AMD K8 Processor Driver / AmdK8][Stopped/Manual Start]
  <System32\DRIVERS\amdk8.sys><Advanced Micro Devices>
[ati2mtag / ati2mtag][Running/Manual Start]
  <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[BdGuard / BdGuard][Running/Boot Start]
  <\SystemRoot\system32\drivers\BDGuard.SYS><>
[ICatch (VI) PC Camera / CA561][Running/Manual Start]
  <System32\Drivers\SPCA561.SYS><SP>
[USB ADSL WAN Adapter Filter Driver / CnxEtP][Running/Manual Start]
  <system32\DRIVERS\CnxEtP.sys><Conexant>
[USB ADSL Interface Device / CnxEtU][Running/Manual Start]
  <system32\DRIVERS\CnxEtU.sys><Conexant>
[USB ADSL WAN Adapter Driver / CnxTgN][Running/Manual Start]
  <system32\DRIVERS\CnxTgN.sys><Conexant Systems Inc.>
[ExpScaner / ExpScaner][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\ExpScan.sys><>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[HOOKAPI / HOOKAPI][Stopped/Manual Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\HookApi.Sys><瑞星软件有限公司>
[HookCont / HookCont][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\HookSys.sys><Rising>
[InCD File System / InCDfs][Running/Disabled]
  <system32\drivers\InCDFs.sys><Nero AG>
[InCDPass / InCDPass][Running/System Start]
  <system32\drivers\InCDPass.sys><Nero AG>
[InCD Reader / incdrm][Running/System Start]
  <system32\drivers\InCDRm.sys><Nero AG>
[MEMSCAN / MEMSCAN][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[Nokia USB Generic / Nokia USB Generic][Stopped/Manual Start]
  <system32\drivers\nmwcdc.sys><Nokia>
[Nokia USB Modem / Nokia USB Modem][Stopped/Manual Start]
  <system32\drivers\nmwcdcm.sys><Nokia>
[Nokia USB Phone Parent / Nokia USB Phone Parent][Stopped/Manual Start]
  <system32\drivers\nmwcd.sys><Nokia>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\C:\Program Files\QQ2006\npkcrypt.sys><INCA Internet Co., Ltd.>
[NPPTNT2 / NPPTNT2][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\npptNT2.sys><INCA Internet Co., Ltd.>
[nv / nv][Stopped/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>

[D:\新建文件夹 (3)\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\Program Files\BaiDu\bar\BaiduBar.dll]  [Baidu.com, Inc., 2, 0, 2, 144]
    [D:\新建文件夹 (3)\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\Ahead\lib\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll]  [Nokia, 6, 81, 46, 1]
    [C:\Program Files\Nokia\Nokia PC Suite 6\PCSCM.dll]  [Nokia, 6, 81, 68, 0]
    [C:\WINDOWS\system32\ConnAPI.DLL]  [Nokia., 6, 81, 62, 0]
    [C:\Program Files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_chi-sc.nlr]  [Nokia, 6, 81, 29, 0]
    [C:\Program Files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr]  [Nokia, 6, 81, 11, 0]
    [C:\WINDOWS\system32\ffdshow.ax]  [, 1.0.2.2028]
    [F:\Program Files\Ringz Studio\Storm Codec\Codecs\VSFilter.dll]  [Gabest, 1, 0, 1, 3]
    [F:\Program Files\Ringz Studio\Storm Codec\Codecs\TTL2Dec.dll]  [N/A, ]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
[PID: 1484 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1500 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 1924 / Administrator][C:\Program Files\OEM\AccessRunner ADSL\CnxDslTb.exe]  [Conexant Systems Inc., 2.099.056.000]
    [C:\Program Files\OEM\AccessRunner ADSL\CnxDslWz.dll]  [Conexant Systems Inc., 2.099.056.000]
    [C:\WINDOWS\system32\CnxHwIo.dll]  [Conexant Systems Inc., 2.099.056.000]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1936 / Administrator][C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe]  [ATI Technologies, Inc., 6.14.10.5072]
    [C:\Program Files\ATI Technologies\ATI Control Panel\atipdsxx.dll]  [ATI Technologies, Inc., 6.14.10.5072]
    [C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATRPUIXX.CHS]  [ATI Technologies, Inc., 6.14.10.5072]
    [C:\Program Files\ATI Technologies\ATI Control Panel\atipdxxx.dll]  [ATI Technologies, Inc., 6.14.10.5072]
[PID: 1984 / Administrator][C:\Program Files\Rising\Rav\RavTask.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
[PID: 2004 / Administrator][C:\Program Files\Rising\Rav\Ravmon.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 45]
    [C:\Program Files\Rising\Rav\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]

[C:\Program Files\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Rising\Rav\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [C:\Program Files\Rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[PID: 2020 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 300 / Administrator][C:\Program Files\Nero\Nero 7\InCD\InCD.exe]  [Nero AG, 5, 1, 0, 0]
    [C:\Program Files\Nero\Nero 7\InCD\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Nero\Nero 7\InCD\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Nero\Nero 7\InCD\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Nero\Nero 7\InCD\InCDgui.dll]  [Nero AG, 5, 1, 0, 0]
    [C:\Program Files\Common Files\Ahead\lib\AdvrCntr2.dll]  [Nero AG, 2,5,0, 5900]
    [C:\Program Files\Nero\Nero 7\InCD\InCDAPI2.dll]  [Nero AG, 5, 1, 0, 0]
    [C:\Program Files\Common Files\Ahead\lib\DriveLocker.dll]  [Nero AG, 1, 0, 0, 18]
    [C:\Program Files\Nero\Nero 7\InCD\incdshx.dll]  [Nero AG, 5, 1, 0, 0]
[PID: 376 / Administrator][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.0.3510]
[PID: 516 / Administrator][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 704 / Administrator][C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe]  [Nero AG, 1, 0, 2, 14]
    [C:\Program Files\Common Files\Ahead\lib\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Common Files\Ahead\lib\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\Ahead\lib\AdvrCntr2.dll]  [Nero AG, 2,5,0, 5900]
    [C:\Program Files\Common Files\Ahead\lib\NMIndexStoreSvrPS.dll]  [Nero AG, 1, 0, 2, 14]
    [C:\Program Files\Common Files\Ahead\lib\NMDataServices.dll]  [Nero AG, 1, 0, 2, 14]
[PID: 1432 / Administrator][F:\Program Files\BitComet\BitComet.exe]  [www.BitComet.com, 0.90]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
[PID: 3204 / Administrator][C:\WINDOWS\winhlp32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3560 / Administrator][F:\Program Files\迅雷5\Program\Thunder5.exe]  [Thunder Networking Technologies,LTD, 5, 6, 7, 326]
    [F:\Program Files\迅雷5\Program\TaskManager.dll]  [Thunder Networking Technologies,LTD, 1, 1, 2, 26]
    [F:\Program Files\迅雷5\Program\download_interface.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 46]
    [F:\Program Files\迅雷5\Program\stlport_vc646.dll]  [STLport Consulting, Inc., 4.6.2003.1031]
    [F:\Program Files\迅雷5\Program\asyn_dns.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 46]
    [F:\Program Files\迅雷5\Program\BHOStub.dll]  [Thunder Networking Technologies,LTD, 1, 1, 0, 8]
    [F:\Program Files\迅雷5\Program\FloatBar.dll]  [Giganology Inc., 1, 0, 0, 2]
    [F:\Program Files\迅雷5\Components\DownAndPlay\DownAndPlay.dll]  [, 1, 0, 0, 18]
    [F:\Program Files\迅雷5\Program\iTargetAD.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 28]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [F:\Program Files\迅雷5\Components\InMedia\iEmbedShell.dll]  [　, 1, 0, 0, 19]
    [F:\Program Files\迅雷5\Components\Community\XLCommunity.dll]  [Thunder Networking Technologies,LTD, 1, 2, 1, 36]
    [F:\Program Files\迅雷5\Components\Security\ThunderSafe.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 2, 17]
    [F:\Program Files\迅雷5\Components\Search\XLSearch.dll]  [Thunder Networking Technologies,LTD, 1, 1, 4, 15]
    [F:\Program Files\迅雷5\Components\P4PClient\P4PClient.dll]  [Thunder Networking Technologies,LTD, 2, 2, 2, 55]
    [F:\Program Files\迅雷5\Program\LiveUpdate.dll]  [Thunder Networking Technologies,LTD, 1, 2, 1, 20]

[F:\Program Files\迅雷5\Components\ExplorerHelper\ExplorerHelper.dll]  [Thunder Networking Technologies,LTD, 1, 0, 4, 15]
    [F:\Program Files\迅雷5\Components\Tips\TipsClient.dll]  [Thunder Networking Technologies,LTD, 2, 1, 3, 58]
    [F:\Program Files\迅雷5\Components\VPSHELL\VPSHELL.dll]  [XunLei, 1, 2, 0, 10]
    [F:\Program Files\迅雷5\Components\UserExperience\UserExperience.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 1]
    [F:\Program Files\迅雷5\Components\ResWorker\DsXlCom.dll]  [, 1, 0, 0, 16]
    [F:\Program Files\迅雷5\Components\InMedia\iEmbed10.dll]  [　, 3, 3, 1, 83]
    [F:\Program Files\迅雷5\Program\RegisterDll.dll]  [Thunder Networking Technologies,LTD, 2, 13, 4, 58]
    [F:\Program Files\迅雷5\Program\MSVCIRT.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [F:\Program Files\迅雷5\Program\XLNet.Dll]  [Thunder Networking Technologies,LTD, 1, 2, 0, 8]
    [F:\Program Files\迅雷5\Plugins\TingTing\TingTing.dll]  [Thunder Networking Technologies,LTD, 1, 2, 2, 13]
    [F:\Program Files\迅雷5\Plugins\BhoAdv\bho_adv.dll]  [深圳市迅雷网络技术有限公司, 1.0.1.0]
    [F:\Program Files\迅雷5\Components\VPSHELL\VideoPicture.dll]  [XunLei, 1, 2, 0, 11]
    [F:\Program Files\迅雷5\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 6]
    [F:\Program Files\迅雷5\Components\ResWorker\MediaWorker.dll]  [Thunder Networking Technologies,LTD, 1, 2, 0, 18]
[PID: 1544 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\BaiDu\bar\BaiduBar.dll]  [Baidu.com, Inc., 2, 0, 2, 144]
    [F:\Program Files\迅雷5\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.2.9]
    [F:\Program Files\迅雷5\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 3, 11]
    [F:\Program Files\迅雷5\Components\ResWorker\DsBho_00.dll]  [, 1, 0, 0, 4]
    [F:\Program Files\迅雷5\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 6]
    [D:\新建文件夹 (3)\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [F:\Program Files\BitComet\tools\BitCometBHO_1.1.6.14.dll]  [BitComet, 20070614]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\GOOGLEPINYIN.IME]  [Google Inc., ]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [C:\WINDOWS\system32\ffdshow.ax]  [, 1.0.2.2028]
    [F:\Program Files\Ringz Studio\Storm Codec\Codecs\VSFilter.dll]  [Gabest, 1, 0, 1, 3]
    [C:\WINDOWS\system32\xpsp3res.dll]  [Microsoft Corporation, 5.1.2600.3121 (xpsp_sp2_gdr.070418-0032)]
    [F:\Program Files\迅雷5\ComDlls\ThunderAgent_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 2, 17]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL]  [Microsoft Corporation, 11.0.5510]
[PID: 1592 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\BaiDu\bar\BaiduBar.dll]  [Baidu.com, Inc., 2, 0, 2, 144]
    [F:\Program Files\迅雷5\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.2.9]
    [F:\Program Files\迅雷5\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 3, 11]
    [F:\Program Files\迅雷5\Components\ResWorker\DsBho_00.dll]  [, 1, 0, 0, 4]
    [F:\Program Files\迅雷5\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 6]
    [D:\新建文件夹 (3)\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [F:\Program Files\BitComet\tools\BitCometBHO_1.1.6.14.dll]  [BitComet, 20070614]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
[PID: 176 / Administrator][F:\Program Files\Ringz Studio\Storm Codec\mplayerc.exe]  [Gabest, 6, 4, 9, 0]
    [F:\Program Files\Ringz Studio\Storm Codec\stormupd.dll]  [N/A, ]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [C:\WINDOWS\system32\imaadp32.acm]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msadp32.acm]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msg711.acm]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\msgsm32.acm]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\tssoft32.acm]  [DSP GROUP, INC., 1.01]
    [C:\WINDOWS\system32\tsd32.dll]  [, ]
    [C:\WINDOWS\system32\msg723.acm]  [Microsoft Corporation, 4.4.3400]
    [C:\WINDOWS\system32\msaud32.acm]  [Microsoft Corporation, 8.00.00.4487]
    [C:\WINDOWS\system32\sl_anet.acm]  [Sipro Lab Telecom Inc., 3.02]
    [C:\WINDOWS\system32\iac25_32.ax]  [Intel Corporation, 2.05.53]
    [C:\WINDOWS\system32\l3codeca.acm]  [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]
    [C:\WINDOWS\system32\vct3216.acm]  [Voxware, Inc., 1.6.0.17]
    [C:\WINDOWS\system32\vct3216.dll]  [Voxware, Inc., 1.6.0.12]
    [C:\WINDOWS\system32\msms001.vwp]  [Voxware, Inc., 2.0.2.61]
    [C:\WINDOWS\system32\mvoice.vwp]  [Voxware, Inc., 2.0.0.12.01]
    [C:\WINDOWS\system32\vorbis.acm]  [HMS http://hp.vector.co.jp/authors/VA012897/, 0, 0, 3, 6]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\ffdshow.ax]  [, 1.0.2.2028]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [F:\Program Files\Ringz Studio\Storm Codec\Codecs\VSFilter.dll]  [Gabest, 1, 0, 1, 3]
    [F:\Program Files\Ringz Studio\Storm Codec\Codecs\TTL2Dec.dll]  [N/A, ]
[PID: 3288 / Administrator][D:\新建文件夹 (2)\SREng\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
    [D:\新建文件夹 (2)\SREng\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
进程特权扫描
特殊特权被允许： SeLoadDriverPrivilege [PID = 1328, C:\PROGRAM FILES\NERO\NERO 7\INCD\INCDSRV.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1924, C:\PROGRAM FILES\OEM\ACCESSRUNNER ADSL\CNXDSLTB.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1936, C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATIPTAXX.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 300, C:\PROGRAM FILES\NERO\NERO 7\INCD\INCD.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 376, C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 704, C:\PROGRAM FILES\COMMON FILES\AHEAD\LIB\NMBGMONITOR.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 3560, F:\PROGRAM FILES\迅雷5\PROGRAM\THUNDER5.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 176, F:\PROGRAM FILES\RINGZ STUDIO\STORM CODEC\MPLAYERC.EXE]

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

等待中，急切等待中，多谢

服务项呢?