[CODE]

2007-07-25,21:40:09

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <SoundMan><SOUNDMAN.EXE>  [(Verified)Microsoft Windows Publisher]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows Publisher]
    <nwiz><nwiz.exe /install>  []
    <NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <snpstd3><C:\WINDOWS\vsnpstd3.exe>  [Sonix]
    <racer><C:\Program Files\racer-han-cnc\racer.exe>  [Putian Runway]
    <Picasa Media Detector><C:\Program Files\Picasa2\PicasaMediaDetector.exe>  [(Verified)Google Inc.]
    <runeip><"C:\Program Files\Rising\AntiSpyware\runiep.exe" /startup>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360rpt.exe]
    <IFEO[360rpt.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360Safe.exe]
    <IFEO[360Safe.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360tray.exe]
    <IFEO[360tray.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\adam.exe]

<IFEO[adam.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AgentSvr.exe]
    <IFEO[AgentSvr.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AppSvc32.exe]
    <IFEO[AppSvc32.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autoruns.exe]
    <IFEO[autoruns.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgrssvc.exe]
    <IFEO[avgrssvc.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AvMonitor.exe]
    <IFEO[AvMonitor.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.com]
    <IFEO[avp.com]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.exe]
    <IFEO[avp.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CCenter.exe]
    <IFEO[CCenter.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccSvcHst.exe]
    <IFEO[ccSvcHst.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FileDsty.exe]
    <IFEO[FileDsty.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FTCleanerShell.exe]
    <IFEO[FTCleanerShell.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\HijackThis.exe]
    <IFEO[HijackThis.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IceSword.exe]
    <IFEO[IceSword.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iparmo.exe]
    <IFEO[iparmo.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Iparmor.exe]
    <IFEO[Iparmor.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\isPwdSvc.exe]
    <IFEO[isPwdSvc.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kabaload.exe]
    <IFEO[kabaload.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KaScrScn.SCR]
    <IFEO[KaScrScn.SCR]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KASMain.exe]
    <IFEO[KASMain.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KASTask.exe]
    <IFEO[KASTask.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAV32.exe]
    <IFEO[KAV32.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVDX.exe]
    <IFEO[KAVDX.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVPFW.exe]
    <IFEO[KAVPFW.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVSetup.exe]
    <IFEO[KAVSetup.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVStart.exe]
    <IFEO[KAVStart.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KISLnchr.exe]
    <IFEO[KISLnchr.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KMailMon.exe]
    <IFEO[KMailMon.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KMFilter.exe]
    <IFEO[KMFilter.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPFW32.exe]
    <IFEO[KPFW32.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPFW32X.exe]
    <IFEO[KPFW32X.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPFWSvc.exe]
    <IFEO[KPFWSvc.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KRegEx.exe]
    <IFEO[KRegEx.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\krepair.COM]
    <IFEO[krepair.COM]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KsLoader.exe]
    <IFEO[KsLoader.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVCenter.kxp]
    <IFEO[KVCenter.kxp]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvDetect.exe]
    <IFEO[KvDetect.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvfwMcl.exe]
    <IFEO[KvfwMcl.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVMonXP.kxp]
    <IFEO[KVMonXP.kxp]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVMonXP_1.kxp]
    <IFEO[KVMonXP_1.kxp]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvol.exe]
    <IFEO[kvol.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvolself.exe]
    <IFEO[kvolself.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvReport.kxp]
    <IFEO[KvReport.kxp]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVScan.kxp]
    <IFEO[KVScan.kxp]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVSrvXP.exe]
    <IFEO[KVSrvXP.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVStub.kxp]
    <IFEO[KVStub.kxp]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvupload.exe]
    <IFEO[kvupload.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvwsc.exe]

<IFEO[kvwsc.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvXP.kxp]
    <IFEO[KvXP.kxp]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvXP_1.kxp]
    <IFEO[KvXP_1.kxp]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatch.exe]
    <IFEO[KWatch.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatch9x.exe]
    <IFEO[KWatch9x.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatchX.exe]
    <IFEO[KWatchX.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\loaddll.exe]
    <IFEO[loaddll.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MagicSet.exe]
    <IFEO[MagicSet.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcconsol.exe]
    <IFEO[mcconsol.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmqczj.exe]
    <IFEO[mmqczj.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmsk.exe]
    <IFEO[mmsk.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NAVSetup.exe]
    <IFEO[NAVSetup.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32krn.exe]
    <IFEO[nod32krn.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32kui.exe]
    <IFEO[nod32kui.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PFW.exe]
    <IFEO[PFW.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PFWLiveUpdate.exe]
    <IFEO[PFWLiveUpdate.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QHSET.exe]
    <IFEO[QHSET.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Ras.exe]
    <IFEO[Ras.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Rav.exe]
    <IFEO[Rav.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavMon.exe]
    <IFEO[RavMon.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavMonD.exe]
    <IFEO[RavMonD.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavStub.exe]
    <IFEO[RavStub.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavTask.exe]
    <IFEO[RavTask.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RegClean.exe]
    <IFEO[RegClean.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwcfg.exe]
    <IFEO[rfwcfg.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RfwMain.exe]
    <IFEO[RfwMain.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwProxy.exe]
    <IFEO[rfwProxy.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwsrv.exe]
    <IFEO[rfwsrv.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RsAgent.exe]
    <IFEO[RsAgent.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Rsaupd.exe]
    <IFEO[Rsaupd.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\runiep.exe]
    <IFEO[runiep.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safelive.exe]
    <IFEO[safelive.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scan32.exe]
    <IFEO[scan32.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\shcfg32.exe]
    <IFEO[shcfg32.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SmartUp.exe]
    <IFEO[SmartUp.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SREng.exe]
    <IFEO[SREng.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\symlcsvc.exe]
    <IFEO[symlcsvc.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SysSafe.exe]
    <IFEO[SysSafe.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TrojanDetector.exe]
    <IFEO[TrojanDetector.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Trojanwall.exe]
    <IFEO[Trojanwall.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TrojDie.kxp]
    <IFEO[TrojDie.kxp]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UIHost.exe]
    <IFEO[UIHost.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxAgent.exe]
    <IFEO[UmxAgent.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxAttachment.exe]
    <IFEO[UmxAttachment.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxCfg.exe]
    <IFEO[UmxCfg.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxFwHlp.exe]
    <IFEO[UmxFwHlp.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxPol.exe]
    <IFEO[UmxPol.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UpLive.EXE.exe]
    <IFEO[UpLive.EXE.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WoptiClean.exe]
    <IFEO[WoptiClean.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zxsweep.exe]
    <IFEO[zxsweep.exe]><C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A1D29050.dat>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [N/A]
    <PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [N/A]
    <StormCodec_Helper><; "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>  []

==================================
启动文件夹
[壁纸自动换]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\壁纸自动换.lnk --> C:\WINDOWS\system32\bgswitch.exe [N/A]><N>
[河南网通宽带用户客户端]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\河南网通宽带用户客户端.lnk --> C:\Program Files\racer-henan-cnc\racer.exe [N/A]><N>
[Adobe Gamma Loader.exe]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Gamma Loader.exe.lnk --> C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [Adobe Systems, Inc.]><N>
[腾讯QQ]
  <C:\Documents and Settings\new\「开始」菜单\程序\启动\腾讯QQ.lnk --> D:\PROGRA~1\QQ.exe [TENCENT]><N>

==================================
服务
[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[Google Updater Service / gusvc][Stopped/Disabled]
  <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Rising Proxy  Service / RfwProxySrv][Stopped/Disabled]
  <d:\rising\rising\rfw\rfwproxy.exe><N/A>
[Rising Personal Firewall Service / RfwService][Stopped/Disabled]
  <d:\rising\rising\rfw\rfwsrv.exe><N/A>
[Rising Process Communication Center / RsCCenter][Stopped/Disabled]
  <"D:\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Stopped/Disabled]
  <"D:\Rising\Rising\Rav\Ravmond.exe"><N/A>
[Windows Media Player Network Sharing Service / WMPNetworkSvc][Stopped/Manual Start]
  <"C:\Program Files\Windows Media Player\WMPNetwk.exe"><N/A>

==================================

驱动程序
[a320raid / a320raid][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\a320raid.sys><Adaptec, Inc.>
[AAC / AAC][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\AAC.SYS><Adaptec, Inc.>
[aar1210 / aar1210][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\aar1210.sys><Adaptec, Inc.>
[abp480n5 / abp480n5][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\abp480n5.sys><Microsoft Corporation>
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
  <system32\drivers\ac97intc.sys><Intel Corporation>
[adpu160m / adpu160m][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\adpu160m.sys><Microsoft Corporation>
[adpu320 / adpu320][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\adpu320.sys><Adaptec, Inc.>
[ACARD AEC6210UF UltraDMA33 Controller / aec6210][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\aec6210.sys><ACARD Technology Corp.>
[ACARD AEC6260 UltraDMA-66 Controller / aec6260][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\aec6260.sys><ACARD Technology Corp.>
[aec6280 / aec6280][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\aec6280.sys><ACARD Technology Corp.>
[AEC6290 / AEC6290][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\AEC6290.SYS><ACARD Technology Corp.>
[AEC67160 / AEC67160][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\AEC67160.SYS><ACARD Technology Corp.>
[AEC671X / AEC671X][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\AEC671X.SYS><ACARD Technology Corp.>
[AEC6880 / AEC6880][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\AEC6880.SYS><ACARD Technology Corp.>
[AEC6890 / AEC6890][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\AEC6890.sys><ACARD Technology Corp.>
[aec68x5 / aec68x5][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\aec68x5.sys><ACARD Technology Corp.>
[Aha154x / Aha154x][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\aha154x.sys><Microsoft Corporation>
[aic78u2 / aic78u2][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\aic78u2.sys><Microsoft Corporation>
[aic78xx / aic78xx][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\aic78xx.sys><Microsoft Corporation>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AliIde / AliIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AMD K8 Processor Driver / AmdK8][Stopped/Manual Start]
  <System32\DRIVERS\amdk8.sys><Microsoft Corporation>
[arc / arc][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\arc.sys><Adaptec, Inc.>
[asc / asc][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\asc.sys><Advanced System Products, Inc.>
[asc3550 / asc3550][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\asc3550.sys><Advanced System Products, Inc.>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[CmdIde / CmdIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[dac2w2k / dac2w2k][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\dac2w2k.sys><Mylex Corporation>
[dpti2o / dpti2o][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\dpti2o.sys><Microsoft Corporation>
[elxstor / elxstor][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\elxstor.sys><Emulex>
[ExpScaner / ExpScaner][Stopped/Disabled]
  <\??\D:\Rising\Rising\Rav\ExpScan.sys><N/A>
[FASTSX / FASTSX][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\FASTSX.SYS><Promise Technology, Inc.>
[fasttrak / fasttrak][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\fasttrak.sys><Promise Technology, Inc.>
[fasttx2k / fasttx2k][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\fasttx2k.sys><Promise Technology, Inc.>
[fasttx2k2 / fasttx2k2][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\fasttx2k2.sys><Promise Technology, Inc.>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[HookCont / HookCont][Stopped/Disabled]
  <\??\D:\Rising\Rising\Rav\HOOKCONT.sys><N/A>
[HookReg / HookReg][Stopped/Disabled]
  <\??\D:\Rising\Rising\Rav\HookReg.sys><N/A>
[HookSys / HookSys][Stopped/Disabled]
  <\??\D:\Rising\Rising\Rav\HookSys.sys><N/A>
[HpCISSs / HpCISSs][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\hpcisss.sys><Hewlett-Packard Company>
[Hpt366 / Hpt366][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\Hpt366.sys><Microsoft Corporation>
[HPT371 / HPT371][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\HPT371.sys><HighPoint Technologies, Inc.>
[hpt374 / hpt374][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\hpt374.sys><HighPoint Technologies, Inc.>
[hpt3xx / hpt3xx][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\hpt3xx.sys><HighPoint Technologies, Inc.>
[hptmv / hptmv][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\hptmv.sys><HighPoint Technologies, Inc.>
[hptpro / hptpro][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\hptpro.sys><HighPoint Technologies, Inc.>
[HSFHWBS2 / HSFHWBS2][Running/Manual Start]
  <system32\DRIVERS\HSFBS2S2.sys><Conexant Systems, Inc.>
[HSF_DP / HSF_DP][Running/Manual Start]
  <system32\DRIVERS\HSFDPSP2.sys><Conexant Systems, Inc.>
[Intel Integrated RAID / iaStor][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\iaStor.sys><Intel Corporation>
[iirsp / iirsp][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\iirsp.sys><Intel Corp./ICP vortex GmbH>
[ini910u / ini910u][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\ini910u.sys><Microsoft Corporation>
[ITERAID_Service_Install / iteraid][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\iteraid.sys><Integrated Technology Express, Inc.>
[kmsinput / kmsinput][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\kmsinput.sys><N/A>
[LSI_SAS / LSI_SAS][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\lsi_sas.sys><LSI Logic>
[LSI_SCSI / LSI_SCSI][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\lsi_scsi.sys><LSI Logic>
[m5228 / m5228][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\m5228.sys><ALi Corporation.>
[m5281 / m5281][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\m5281.sys><ALi Corporation>
[mdmxsdk / mdmxsdk][Running/Auto Start]
  <system32\DRIVERS\mdmxsdk.sys><Conexant>
[MegaIDE / MegaIDE][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\MegaIDE.sys><LSI Logic Corporation.>
[megasas / megasas][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\megasas.sys><LSI Logic Corporation>
[MEMSCAN / MEMSCAN][Stopped/Disabled]
  <\??\D:\Rising\Rising\Rav\MEMSCAN.sys><N/A>
[mraid2k / mraid2k][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\mraid2k.sys><American Megatrends, Inc.>
[mraid35x / mraid35x][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\mraid35x.sys><American Megatrends Inc.>
[nfrd960 / nfrd960][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\nfrd960.sys><IBM Corporation>
[NetGroup Packet Filter Driver / NPF][Running/Manual Start]
  <system32\drivers\npf.sys><CACE Technologies>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\D:\Program Files\npkcrypt.sys><INCA Internet Co., Ltd.>
[npkycryp / npkycryp][Stopped/Manual Start]

<\??\D:\Program Files\npkycryp.sys><N/A>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Intel SCSI Controller / NvAtaBus][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\NVATABUS.SYS><NVIDIA Corporation>
[NVIDIA nForce(tm) RAID Class Driver / nvraid][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\nvraid.sys><NVIDIA Corporation>
[PNP649R / PNP649R][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\PNP649R.SYS><CMD Technology, Inc.>
[SiI 680 ATA Controller / Pnp680][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\pnp680.sys><Silicon Image, Inc.>
[Silicon Image SiI 0680 Medley Raid Controller / Pnp680r][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\pnp680r.sys><Silicon Image, Inc>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
  <\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[ql1080 / ql1080][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\ql1080.sys><QLogic Corporation>
[Ql10wnt / Ql10wnt][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\ql10wnt.sys><Microsoft Corporation>
[ql12160 / ql12160][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\ql12160.sys><QLogic Corporation>
[ql1280 / ql1280][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\ql1280.sys><QLogic Corporation>
[QLogic Fibre Channel SCSI Miniport Driver / ql2300][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\ql2300.sys><QLogic Corporation>
[RAIDSRC / RAIDSRC][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\RAIDSRC.SYS><Intel/ICP>
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
  <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Stopped/Disabled]
  <\??\D:\Rising\Rising\Rav\RSPPSYS.sys><N/A>
[Realtek 10/100/1000 NIC Family all in one NDIS XP Driver / RTL8023xp][Running/Manual Start]
  <system32\DRIVERS\Rtnicxp.sys><Realtek Semiconductor Corporation>
[S150SX8 / S150SX8][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\S150SX8.SYS><Promise Technology, Inc.>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[SiI-3512 SATALink Controller / SI3112][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\SI3112.sys><Silicon Image, Inc.>
[Silicon Image SiI 3512 SATARaid Controller / SI3112r][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\SI3112r.sys><Silicon Image, Inc>
[SiI-3114 SATALink Controller / SI3114][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\SI3114.sys><Silicon Image, Inc.>
[SiI-3114 SATARaid Controller / SI3114r][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\SI3114R.sys><Silicon Image, Inc>
[SiI-3124 SATALink Controller / SI3124][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\SI3124.sys><Silicon Image, Inc.>
[SiI-3124 SATARaid Controller / SI3124r][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\SI3124R.sys><Silicon Image, Inc>
[SATALink driver accelerator / SiFilter][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\SiWinAcc.sys><Silicon Image, Inc.>
[SIS AGP Bus Filter / sisagp][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\sisagp.sys><Silicon Integrated Systems Corporation>
[SISIDE / SISIDE][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\SISIDE.SYS><Silicon Integrated Systems Corp.>
[SiSRaid / SiSRaid][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\SiSRaid.sys><Silicon Integrated Systems>
[SiSRaid1 / SiSRaid1][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\SiSRaid1.sys><Silicon Integrated Systems>
[SISRAIDS / SISRAIDS][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\SISRAIDS.SYS><Silicon Integrated Systems Corp>
[USB PC Camera (SNPSTD3) / SNPSTD3][Stopped/Manual Start]
  <system32\DRIVERS\snpstd3.sys><>
[Sparrow / Sparrow][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\sparrow.sys><Adaptec, Inc.>
[sptrak / sptrak][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\sptrak.sys><Promise Technology, Inc.>
[symc810 / symc810][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\symc810.sys><Symbios Logic Inc.>
[symc8xx / symc8xx][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\symc8xx.sys><LSI Logic>
[SYMMPI / SYMMPI][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\SYMMPI.SYS><LSI Logic>
[sym_hi / sym_hi][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\sym_hi.sys><LSI Logic>
[sym_u3 / sym_u3][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\sym_u3.sys><LSI Logic>
[TosIde / TosIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\toside.sys><Microsoft Corporation>
[UlSata / UlSata][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\ulsata.sys><Promise Technology, Inc.>
[ULSATAS / ULSATAS][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\ULSATAS.SYS><Promise Technology, Inc.>
[ultra / ultra][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\ultra.sys><Promise Technology, Inc.>
[ViaIde / ViaIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\viaide.sys><Microsoft Corporation>
[viamraid / viamraid][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\viamraid.sys><VIA Technologies inc,.ltd>
[VIA ATA/ATAPI Host Controller / viapdsk][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\viapdsk.sys><VIA Technologies, Inc.>
[viaraid / viaraid][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\viaraid.sys><VIA Technologies inc,.ltd>
[viasraid / viasraid][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\viasraid.sys><VIA Technologies inc,.ltd>
[vmscsi / vmscsi][Stopped/Boot Start]

<\SystemRoot\system32\drivers\vmscsi.sys><VMware, Inc.>
[winachsf / winachsf][Running/Manual Start]
  <system32\DRIVERS\HSFCXTS2.sys><Conexant Systems, Inc.>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[RsFwDrv / RsFwDrv][Stopped/Manual Start]
  <2 - 系统找不到指定的文件。
><N/A>

==================================
浏览器加载项
[Thunder Browser Helper]
  {00000000-12C6-4305-82F9-43058F20E8D2} <D:\迅雷文件夹\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[QQCycloneHelper Class]
  {00000000-12C7-4305-82F9-43058F20E8D2} <D:\迅雷文件夹\QQIEHelper01.dll, 腾讯公司>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <D:\迅雷文件夹\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <D:\迅雷文件夹\Thunder.exe, Thunder Networking Technologies,LTD>
[微软]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.microsoft.com/china/index.htm, N/A>
[访问瑞星网站]
  {FF2DE7A6-ECB1-4CBC-9C0E-D92A9E66E444} <http://www.rising.com.cn/?u=RSTB, N/A>
[访问卡卡社区]
  {FF2DE7A6-ECB1-4CBC-9C0E-D92A9E66E445} <http://www.ikaka.com/?u=RSTB, N/A>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\LegitCheckControl.DLL, Microsoft? Corporation>
[Thunder Browser Helper]
  {00000000-12C6-4305-82F9-43058F20E8D2} <D:\迅雷文件夹\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[QQCycloneHelper Class]
  {00000000-12C7-4305-82F9-43058F20E8D2} <D:\迅雷文件夹\QQIEHelper01.dll, 腾讯公司>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <D:\迅雷文件夹\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[超级兔子上网精灵]
  {43869BB3-22FD-4F15-9B46-238106BA2F4E} <D:\PROGRA~1\SUPERR~1\MAGICSET\haokanbar.dll, Xiang Feng Technology>
[XML Document]
  {48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\system32\msxml3.dll, N/A>
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <D:\迅雷文件夹\ComDlls\ThunderAgent_Now.dll, Thunder Networking Technologies,LTD>
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Active Desktop Mover]
  {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[超级兔子上网精灵]
  {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <D:\PROGRA~1\SUPERR~1\MAGICSET\haokanbar.dll, Xiang Feng Technology>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\迅雷文件夹\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[NTIECatcher Class]
  {C56CB6B0-0D96-11D6-8C65-B2868B609932} <C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll, Xi>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\macromed\flash\Flash85.ocx, Macromedia, Inc.>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[Rising Web Scan Object]
  {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <C:\WINDOWS\DOWNLO~1\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[Vod Class]
  {EEDD6FF9-13DE-496B-9A1C-D78B3215E266} <D:\迅雷文件夹\Components\DownAndPlay\DapPlayer1.0.0.41.dll, XunLei>

[&使用超级旋风下载]
  <D:\迅雷文件夹\geturl.htm, N/A>
[&使用超级旋风下载全部链接]
  <D:\迅雷文件夹\getAllurl.htm, N/A>
[使用影音传送带下载]
  <C:\Program Files\Xi\NetTransport 2\NTAddLink.html, N/A>
[使用影音传送带下载全部链接]
  <C:\Program Files\Xi\NetTransport 2\NTAddList.html, N/A>
[使用迅雷下载]
  <D:\迅雷文件夹\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <D:\迅雷文件夹\Program\getallurl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ表情]
  <D:\Program Files\AddEmotion.htm, N/A>

==================================
正在运行的进程
[PID: 564 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 624 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 648 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 692 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 704 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 864 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 928 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1024 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1080 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1196 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1424 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 1872 / new][C:\WINDOWS\SOUNDMAN.EXE]  [Realtek Semiconductor Corp., 5, 1, 0, 48]
[PID: 1900 / new][C:\WINDOWS\system32\RUNDLL32.EXE]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\NvMcTray.dll]  [NVIDIA Corporation, 6.14.10.8195]
    [C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.8195]
[PID: 1908 / new][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.0.3427]
[PID: 1916 / new][C:\WINDOWS\vsnpstd3.exe]  [Sonix, 1, 0, 1, 5]
[PID: 1964 / new][C:\Program Files\Picasa2\PicasaMediaDetector.exe]  [Google Inc., 2.7.36.60]
[PID: 1972 / new][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1704 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.10.8195]
[PID: 816 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1004 / new][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1324 / new][C:\Program Files\racer-han-cnc\racer.exe]  [Putian Runway, 3,3,130,256]
    [C:\Program Files\racer-han-cnc\rwxre.dll]  [Mozilla Foundation, 1.7.3: 2007040220]
    [C:\Program Files\racer-han-cnc\nspr4.dll]  [Netscape Communications Corporation, 4.5 Beta]
    [C:\Program Files\racer-han-cnc\xpcom.dll]  [Mozilla Foundation, 1.7.3: 2007040220]
    [C:\Program Files\racer-han-cnc\nss3.dll]  [Netscape Communications Corporation, 3.9.1]
    [C:\Program Files\racer-han-cnc\softokn3.dll]  [Netscape Communications Corporation, 3.9.1]
    [C:\Program Files\racer-han-cnc\gkgfx.dll]  [Mozilla Foundation, 1.7.3: 2007040220]
    [C:\Program Files\racer-han-cnc\xpcom_compat.dll]  [Mozilla Foundation, 1.7.3: 2007040220]
    [C:\Program Files\racer-han-cnc\js3250.dll]  [Netscape Communications Corporation, 4.0]
    [C:\Program Files\racer-han-cnc\components\racer_base_comp.dll]  [Putian Runway, 3,3,130,256]
    [C:\Program Files\racer-han-cnc\racer_base.dll]  [Putian Runway, 3,3,130,256]
    [C:\Program Files\racer-han-cnc\kbdhook.dll]  [Putian Runway, 3,3,130,256]
    [C:\Program Files\racer-han-cnc\components\pipnss.dll]  [Mozilla Foundation, 1.7.3: 2007040220]
    [C:\Program Files\racer-han-cnc\components\gklayout.dll]  [Mozilla Foundation, 1.7.3: 2007040220]
    [C:\Program Files\racer-han-cnc\components\jar50.dll]  [Mozilla Foundation, 1.7.3: 2007040220]
    [C:\Program Files\racer-han-cnc\components\xpcom_compat_c.dll]  [Mozilla Foundation, 1.7.3: 2007040220]
    [C:\Program Files\racer-han-cnc\components\racer_ad_comp.dll]  [Putian Runway, 3,3,130,256]
    [C:\Program Files\racer-han-cnc\components\racer_access_dhcpplus.dll]  [Putian Runway, 3,3,130,256]
    [C:\Program Files\racer-han-cnc\dhcpplus.dll]  [北京润汇科技有限公司, 3, 0, 0, 45]
    [C:\Program Files\racer-han-cnc\components\racer_nss4_comp.dll]  [Putian Runway, 3,3,130,256]
    [C:\Program Files\racer-han-cnc\nss4.dll]  [北京润汇科技有限公司, 1, 0, 0, 4]
    [C:\Program Files\racer-han-cnc\wpcap.dll]  [CACE Technologies, 3, 2, 0, 29]
    [C:\Program Files\racer-han-cnc\packet.dll]  [CACE Technologies, 3, 2, 0, 29]
    [C:\Program Files\racer-han-cnc\WanPacket.dll]  [CACE Technologies, 3, 2, 0, 29]
    [C:\Program Files\racer-han-cnc\components\racer_tb_comp.dll]  [Putian Runway, 3,3,130,256]
[PID: 372 / new][D:\迅雷文件夹\Program\Thunder5.exe]  [Thunder Networking Technologies,LTD, 5, 6, 7, 326]
    [C:\Program Files\Common Files\Microsoft Shared\MSINFO\A1D29050.dll]  [N/A, ]
    [D:\迅雷文件夹\Program\TaskManager.dll]  [Thunder Networking Technologies,LTD, 1, 1, 2, 26]
    [D:\迅雷文件夹\Program\download_interface.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 46]
    [D:\迅雷文件夹\Program\stlport_vc646.dll]  [STLport Consulting, Inc., 4.6.2003.1031]
    [D:\迅雷文件夹\Program\asyn_dns.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 46]
    [D:\迅雷文件夹\Program\BHOStub.dll]  [Thunder Networking Technologies,LTD, 1, 1, 0, 8]
    [D:\迅雷文件夹\Components\DownAndPlay\DownAndPlay.dll]  [, 1, 0, 0, 18]
    [D:\迅雷文件夹\Program\iTargetAD.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 28]
    [C:\WINDOWS\system32\macromed\flash\Flash85.ocx]  [Macromedia, Inc., 8,5,0,133]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [D:\迅雷文件夹\Components\InMedia\iEmbedShell.dll]  [　, 1, 0, 0, 19]
    [D:\迅雷文件夹\Components\Community\XLCommunity.dll]  [Thunder Networking Technologies,LTD, 1, 2, 1, 36]
    [D:\迅雷文件夹\Components\Security\ThunderSafe.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 2, 17]
    [D:\迅雷文件夹\Components\Search\XLSearch.dll]  [Thunder Networking Technologies,LTD, 1, 1, 4, 15]
    [D:\迅雷文件夹\Components\P4PClient\P4PClient.dll]  [Thunder Networking Technologies,LTD, 2, 2, 2, 55]
    [D:\迅雷文件夹\Program\LiveUpdate.dll]  [Thunder Networking Technologies,LTD, 1, 2, 1, 20]
    [D:\迅雷文件夹\Components\ExplorerHelper\ExplorerHelper.dll]  [Thunder Networking Technologies,LTD, 1, 0, 4, 15]
    [D:\迅雷文件夹\Components\Tips\TipsClient.dll]  [Thunder Networking Technologies,LTD, 2, 1, 3, 58]
    [D:\迅雷文件夹\Components\VPSHELL\VPSHELL.dll]  [XunLei, 1, 2, 0, 10]
    [D:\迅雷文件夹\Components\UserExperience\UserExperience.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 1]
    [D:\迅雷文件夹\Components\ResWorker\DsXlCom.dll]  [, 1, 0, 0, 16]
    [D:\迅雷文件夹\Components\InMedia\iEmbed10.dll]  [　, 3, 3, 1, 83]
    [D:\迅雷文件夹\Program\RegisterDll.dll]  [Thunder Networking Technologies,LTD, 2, 13, 4, 58]
    [D:\迅雷文件夹\Program\MSVCIRT.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\迅雷文件夹\Program\XLNet.Dll]  [Thunder Networking Technologies,LTD, 1, 2, 0, 8]
    [D:\迅雷文件夹\Plugins\BhoAdv\bho_adv.dll]  [深圳市迅雷网络技术有限公司, 1.0.1.0]
    [D:\迅雷文件夹\Components\VPSHELL\VideoPicture.dll]  [XunLei, 1, 2, 0, 11]
    [D:\迅雷文件夹\Components\ResWorker\DataProcessor_01.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 6]
    [D:\迅雷文件夹\Components\ResWorker\MediaWorker.dll]  [Thunder Networking Technologies,LTD, 1, 2, 0, 18]
    [D:\迅雷文件夹\Program\FloatBar.dll]  [Giganology Inc., 1, 0, 0, 2]

[C:\WINDOWS\system32\shlhook.dll]  [Beijing Rising Technology Co., Ltd., 4.0.0.7]
[PID: 2632 / new][C:\WINDOWS\regedit.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2480 / new][D:\Program Files\QQ.exe]  [TENCENT, 7,0,225,1651]
    [D:\Program Files\QQBaseClassInDll.dll]  [TENCENT, 7,0,225,1651]
    [D:\Program Files\QQHelperDll.dll]  [TENCENT, 7,0,225,1651]
    [D:\Program Files\BasicCtrlDll.dll]  [TENCENT, 7, 0, 225, 1651]
    [D:\Program Files\MFC42.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [D:\Program Files\RICHED32.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [D:\Program Files\RICHED20.dll]  [Microsoft Corporation, 5.31.23.1218]
    [D:\Program Files\QQAPI.dll]  [TENCENT, 7,0,225,1651]
    [D:\Program Files\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
    [D:\Program Files\LoginCtrl.dll]  [TENCENT, 7,0,225,1651]
    [D:\Program Files\LoginCtrlRes.dll]  [TENCENT, 7,0,225,1651]
    [D:\Program Files\QQRes.dll]  [TENCENT, 7,0,225,1651]
    [D:\Program Files\MailSummary.dll]  [TENCENT, 7,0,225,1651]
    [D:\Program Files\QQMainFrame.dll]  [N/A, ]
    [D:\Program Files\gdiplus.dll]  [Microsoft Corporation, 5.1.3102.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\Program Files\CQQApplication.dll]  [N/A, ]
    [D:\Program Files\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [D:\Program Files\NewSkin.dll]  [TENCENT, 7,0,225,1651]
    [D:\Program Files\HostingMgr.dll]  [TENCENT, 7,0,225,1651]
    [D:\Program Files\CameraDll.dll]  [TENCENT, 7,0,225,1651]
    [D:\Program Files\QQKnowledgeSearch.dll]  [TENCENT, 7,0,225,1651]
    [D:\Program Files\QQAllInOne.dll]  [TENCENT, 7,0,225,1651]
    [D:\Program Files\SCCore.dll]  [TENCENT, 1, 6, 0, 2]
    [D:\Program Files\QQSpace.dll]  [TENCENT, 7,0,225,1651]
    [D:\Program Files\vbscript.dll]  [Microsoft Corporation, 5.6.0.7426]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [D:\Program Files\QQGroupMng.dll]  [TENCENT, 7,0,225,1651]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [D:\Program Files\QQAvatar.dll]  [N/A, ]
    [D:\Program Files\QQSysMsgMng.dll]  [N/A, ]
    [D:\Program Files\UserDefinedHead.dll]  [TENCENT, 7,0,225,1651]
    [D:\Program Files\QQPlugin.dll]  [N/A, ]
    [D:\Program Files\QQConfigPlugin.dll]  [TENCENT, 7,0,225,1651]
    [D:\Program Files\QRingMng.dll]  [N/A, ]
    [D:\Program Files\LongConnection.dll]  [TENCENT, 7,0,225,1651]
    [D:\Program Files\PhoneAPI.dll]  [TENCENT, 7,0,225,1651]
    [D:\Program Files\DialerAllinOne.dll]  [tencent, 1, 4, 0, 0]
    [D:\Program Files\QQPet.dll]  [TENCENT, 7,0,225,1651]
    [D:\Program Files\BQQApplication.dll]  [N/A, ]
    [D:\Program Files\CommercesMng.dll]  [TENCENT, 7,0,225,1651]
    [D:\Program Files\PersonalDesktop.dll]  [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
    [D:\Program Files\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 300]
    [D:\Program Files\QQSceneMng.dll]  [N/A, ]
    [D:\Program Files\QQPhoneHelper.dll]  [腾讯科技（深圳）有限公司, 2, 1, 9, 95]
    [D:\Program Files\QQCustomFace.dll]  [N/A, ]
    [D:\Program Files\ImageOle.dll]  [TENCENT, 7,0,225,1651]
    [D:\Program Files\QQLiveQMng.dll]  [TENCENT, 7,0,225,1651]
    [D:\Program Files\GroupConnection.dll]  [TENCENT, 7,0,225,1651]
    [D:\Program Files\OEMApplication.dll]  [TENCENT, 7,0,225,1651]
[PID: 2440 / new][D:\Program Files\TIMPlatform.exe]  [tencent, 0, 3, 1, 8]
    [D:\Program Files\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
[PID: 3816 / new][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\迅雷文件夹\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 3, 11]
    [D:\迅雷文件夹\Components\ResWorker\DsBho_01.dll]  [, 1, 0, 0, 4]
    [D:\迅雷文件夹\Components\ResWorker\DataProcessor_01.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 6]
    [D:\迅雷文件夹\QQIEHelper01.dll]  [腾讯公司, 1, 1, 0, 5]
    [D:\迅雷文件夹\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.2.9]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [D:\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\macromed\flash\Flash85.ocx]  [Macromedia, Inc., 8,5,0,133]
    [C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL]  [Microsoft Corporation, 11.0.5510]
[PID: 4020 / new][C:\WINDOWS\explorer.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WPDShServiceObj.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\PortableDeviceTypes.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\PortableDeviceApi.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\shlhook.dll]  [Beijing Rising Technology Co., Ltd., 4.0.0.7]
    [C:\WINDOWS\system32\nvshell.dll]  [, ]
    [D:\Program Files\rarext.dll]  [N/A, ]
    [E:\应用工具\AMV转换\AmvTransform.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
    [D:\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\Program Files\Common Files\Adobe\Shell\PSICON.DLL]  [Adobe Systems, Incorporated, 6.0]
[PID: 1008 / new][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\迅雷文件夹\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 3, 11]
    [D:\迅雷文件夹\Components\ResWorker\DsBho_01.dll]  [, 1, 0, 0, 4]
    [D:\迅雷文件夹\Components\ResWorker\DataProcessor_01.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 6]
    [D:\迅雷文件夹\QQIEHelper01.dll]  [腾讯公司, 1, 1, 0, 5]
    [D:\迅雷文件夹\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.2.9]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
    [D:\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\macromed\flash\Flash85.ocx]  [Macromedia, Inc., 8,5,0,133]
[PID: 3996 / new][D:\Program Files\WinRAR.exe]  [N/A, ]
    [D:\Program Files\riched32.dll]  [Microsoft Corporation, 5.00.2134.1]
    [D:\Program Files\RICHED20.dll]  [Microsoft Corporation, 5.31.23.1218]
    [C:\WINDOWS\system32\wpdshext.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\PortableDeviceApi.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\Audiodev.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\shlhook.dll]  [Beijing Rising Technology Co., Ltd., 4.0.0.7]
[PID: 1788 / new][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]

[D:\迅雷文件夹\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 3, 11]
    [D:\迅雷文件夹\Components\ResWorker\DsBho_01.dll]  [, 1, 0, 0, 4]
    [D:\迅雷文件夹\Components\ResWorker\DataProcessor_01.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 6]
    [D:\迅雷文件夹\QQIEHelper01.dll]  [腾讯公司, 1, 1, 0, 5]
    [D:\迅雷文件夹\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.2.9]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
    [D:\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\macromed\flash\Flash85.ocx]  [Macromedia, Inc., 8,5,0,133]
    [C:\WINDOWS\system32\xpsp3res.dll]  [Microsoft Corporation, 5.1.2600.3121 (xpsp_sp2_gdr.070418-0032)]
    [D:\迅雷文件夹\ComDlls\ThunderAgent_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 3, 20]
[PID: 1864 / new][D:\Program Files\WinRAR.exe]  [N/A, ]
    [D:\Program Files\riched32.dll]  [Microsoft Corporation, 5.00.2134.1]
    [D:\Program Files\RICHED20.dll]  [Microsoft Corporation, 5.31.23.1218]
    [C:\WINDOWS\system32\wpdshext.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\PortableDeviceApi.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\Audiodev.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[PID: 1356 / new][C:\DOCUME~1\new\LOCALS~1\Temp\Rar$EX00.109\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
    [C:\DOCUME~1\new\LOCALS~1\Temp\Rar$EX00.109\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
[D:\]
[AutoRun]
open=A1D29050.exe
shell\open=打开(&O)
shell\open\Command=A1D29050.exe
shell\open\Default=1
shell\explore=资源管理器(&X)
shell\explore\Command=A1D29050.exe
[E:\]
[AutoRun]
open=A1D29050.exe
shell\open=打开(&O)
shell\open\Command=A1D29050.exe
shell\open\Default=1
shell\explore=资源管理器(&X)
shell\explore\Command=A1D29050.exe

==================================
HOSTS 文件
127.0.0.1                    localhost
127.0.0.1                    008.cn
127.0.0.1                    ultimate-best-hgh.0my.net
127.0.0.1                    www.139500.com
127.0.0.1                    www.1yin.net
127.0.0.1                    ****cn
127.0.0.1                    www.37021.com
127.0.0.1                    www.47555.net
127.0.0.1                    www.511ring.com
127.0.0.1                    me.5e163.com
127.0.0.1                    www.777888.com
127.0.0.1                    www.77ttt.com
127.0.0.1                    www.9p.cn
127.0.0.1                    abcdesign.ru
127.0.0.1                    gutemine.wu-wien.ac.at
127.0.0.1                    math.kobe-u.ac.jp
127.0.0.1                    www.aifind.info
127.0.0.1                    www.allyes.com
127.0.0.1                    www.aogo.net
127.0.0.1                    baltnet.ru
127.0.0.1                    quotes.barchart.com
127.0.0.1                    free.bestialityhost.com
127.0.0.1                    cctv1.net
127.0.0.1                    cctv8.net
127.0.0.1                    www.cctv8.net
127.0.0.1                    ciachoo.pl
127.0.0.1                    www.play.cn.gs
127.0.0.1                    www.cnqb.net
127.0.0.1                    www.feixue.net
127.0.0.1                    www.xiliao.com.cn
127.0.0.1                    alexey.pioneers.com.ru
127.0.0.1                    www.coolcdrom.com
127.0.0.1                    www.coolseach.com
127.0.0.1                    puldk490gj.da.ru
127.0.0.1                    dicto.ru
127.0.0.1                    www.dj3344.com
127.0.0.1                    www.donttrip.org
127.0.0.1                    www.ehomeday.com
127.0.0.1                    elemental.ru
127.0.0.1                    errorguard.com
127.0.0.1                    friendlygreeting.com
127.0.0.1                    zhp.gdynia.pl
127.0.0.1                    www.gg888.net
127.0.0.1                    gin.ru
127.0.0.1                    www.girlchinese.com
127.0.0.1                    glass-master.ru
127.0.0.1                    photo.gornet.ru
127.0.0.1                    relay.great.ru
127.0.0.1                    hack-gegen-rechts.com
127.0.0.1                    hgrstrailer.com
127.0.0.1                    www.homepage.com
127.0.0.1                    hotbar.com
127.0.0.1                    intellect.lvc
127.0.0.1                    interfoodtd.ru
127.0.0.1                    jewishgen.org
127.0.0.1                    www.jixian.net
127.0.0.1                    k2kapital.com
127.0.0.1                    security.kolla.de
127.0.0.1                    www.kuliao.com
127.0.0.1                    laugh-mail.net
127.0.0.1                    7b.com.cn
127.0.0.1                    9505.com
127.0.0.1                    www.piaoxue.com
127.0.0.1                    marketscore.com
127.0.0.1                    www.mir0.com
127.0.0.1                    momentum.ru
127.0.0.1                    www.mtv51.com
127.0.0.1                    www.mydj2005.com
127.0.0.1                    nefkom.net
127.0.0.1                    no-abi2003.de
127.0.0.1                    tdi-router.opola.pl
127.0.0.1                    packages.debian.or.jp
127.0.0.1                    perfectgirls.net
127.0.0.1                    peterstar.ru
127.0.0.1                    pgipearls.com
127.0.0.1                    phg.pl
127.0.0.1                    vip.pnet.pl
127.0.0.1                    sec.polbox.pl
127.0.0.1                    polobeer.de
127.0.0.1                    porno-mania.net
127.0.0.1                    home.profootball.ru
127.0.0.1                    qianbai.com
127.0.0.1                    ad.qingyule.com
127.0.0.1                    www.qq168.net
127.0.0.1                    www.qq3344.com
127.0.0.1                    www.qq92.com
127.0.0.1                    www.qqwz.com
127.0.0.1                    www.qu123.com
127.0.0.1                    republika.pl
127.0.0.1                    www.richfind.com
127.0.0.1                    rollenspielzirkel.de
127.0.0.1                    safer-networking.org
127.0.0.1                    sdsauto.ru
127.0.0.1                    www.searchpage.cc
127.0.0.1                    www.seekeasysoft.net
127.0.0.1                    shadkhan.ru
127.0.0.1                    slavarik.ru
127.0.0.1                    sovea.de
127.0.0.1                    spybot.info
127.0.0.1                    www.start-page.info
127.0.0.1                    lars-s.privat.t-online.de
127.0.0.1                    u.t2cn.com
127.0.0.1                    www.7939.com
127.0.0.1                    www.4199.com
127.0.0.1                    www.3448.com
127.0.0.1                    www.6781.com
127.0.0.1                    it.trendmicro-europe.com
127.0.0.1                    trendmicro.it
127.0.0.1                    truefriends.net
127.0.0.1                    www.tthao.com
127.0.0.1                    www.ttrx.net
127.0.0.1                    tuhart.net
127.0.0.1                    www.unionsky.cn
127.0.0.1                    www.unionsky.com
127.0.0.1                    www.unionsky.net
127.0.0.1                    vconsole.net
127.0.0.1                    virtumonde.com
127.0.0.1                    gamma.vyborg.ru
127.0.0.1                    financial.washingtonpost.com
127.0.0.1                    webpark.pl
127.0.0.1                    wishken.com
127.0.0.1                    www.yeapple.com
127.0.0.1                    www.yibinren.com
127.0.0.1                    www.youmiss.com
127.0.0.1                    www.yysky.net
127.0.0.1                    zelnet.ru
127.0.0.1                    www.zhengdian.com
127.0.0.1                    abc.265.com
127.0.0.1                    555.265.com
127.0.0.1                    www.baidu345.com
127.0.0.1                    www.37ss.com
127.0.0.1                    my123.com
127.0.0.1                    http://dm91.kulong8.com/120shop.htm
127.0.0.1                    http://888.sooe.net.cn/?=ibcdm
127.0.0.1                    http://files.henbang.net/aced/201/133.htm?unionownerid=14
127.0.0.1                    http://www.pcarm.com/

==================================
进程特权扫描
特殊特权被允许： SeLoadDriverPrivilege [PID = 1908, C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1916, C:\WINDOWS\VSNPSTD3.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1324, C:\PROGRAM FILES\RACER-HAN-CNC\RACER.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 372, D:\迅雷文件夹\PROGRAM\THUNDER5.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2480, D:\PROGRAM FILES\QQ.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2440, D:\PROGRAM FILES\TIMPLATFORM.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 3996, D:\PROGRAM FILES\WINRAR.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1864, D:\PROGRAM FILES\WINRAR.EXE]

==================================