昨天晚上用电脑，结果没想到设想都被自动打开，而且网络防御也被关掉，瑞星一点发现都没有。

用户系统信息：Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.30729; .NET CLR 3.0.30618)

反病毒区求助吧
疑似黑客后门

断网，全盘查杀

上报日志到反病毒区。
下载SRENG2.6版工具：http://www.kztechs.com/sreng/download.html
SRENG工具的扫描日志操作，看这贴2楼：http://bbs.ikaka.com/showtopic-8442813.aspx

请查看主动防御白名单
是否有有手动设置过？
另：ravmond.exe的进程在不在

有没有点过来源不明确的东西

ravmond在，不过不一样，我用的Vista，显示的是RavMonD.exe。
白名单也没有设置过，以前没有，我用全功能软件，病毒库版本是21.24.62.00，
来源不明的东西，没有点过，就昨天晚上发现的。我们一起用的网络，用网络邻居，她们电脑好像中毒了，有没有影响。
昨天刚好去洗澡回来就发现摄像头的信号灯是开的。
用修复软件以后，再杀毒也没杀出来病毒。
怎么回事很烦恼，以前送电脑维修部修过，有两个隐藏分区，是不是有后门。

用SRENG工具扫描系统日志发这论坛来

下载SRENG工具：http://bbs.ikaka.com/attachment.aspx?attachmentid=462487
操作方法可以看这贴2楼：http://bbs.ikaka.com/showtopic-8442813.aspx

CODE]

2009-04-13,18:20:25

System Repair Engineer 2.7.1.1261
Smallfrogs (http://www.KZTechs.com)

Windows Vista Home Premium Edition Service Pack 1 (Build 6001) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描
    计划任务
    API HOOK
    隐藏进程


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <Windows Defender><%ProgramFiles%\Windows Defender\MSASCui.exe -hide>  [(Verified)Microsoft Windows]
    <RtHDVCpl><RtHDVCpl.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <Microsoft Pinyin IME Migration><C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL>  [(Verified)Microsoft Corporation]
    <PLFSet><rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <StartCCC><C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe>  []
    <SynTPEnh><C:\Program Files\Synaptics\SynTP\SynTPEnh.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <Skytel><Skytel.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <runeip><"d:\Program Files\Rising\AntiSpyware\rstray.exe" /startup>  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <RisTray><"d:\Program Files\Rising\Ris\RsTray.exe" -system>  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <IAAnotif><"C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe">  [(Verified)Intel Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <KKDelay><D:\Program Files\Rising\AntiSpyware\RunOnce.exe>  [(Verified)Beijing Rising Information Technology Corporation Limited]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><explorer.exe>  [(Verified)Microsoft Windows]
    <Userinit><C:\Windows\system32\userinit.exe,>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><kmon.dll>  [(Verified)Beijing Rising Information Technology Corporation Limited]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <WebCheck><C:\Windows\system32\webcheck.dll>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\Windows\system32\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><C:\Windows\system32\ie4uinit.exe -UserIconConfig>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
    <Browser Customizations><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Windows Mail 7><"%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Windows Desktop Update><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    <Internet Explorer><C:\Windows\system32\ie4uinit.exe -BaseSettings>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install>  [(Verified)Microsoft Windows]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\Windows\system32\Acer.scr>  []

==================================
启动文件夹
N/A

==================================
服务
[Agere Modem Call Progress Audio / AgereModemAudio][Running/Auto Start]
  <C:\Windows\system32\agrsmsvc.exe><Agere Systems>
[Ati External Event Utility / Ati External Event Utility][Running/Auto Start]
  <C:\Windows\system32\Ati2evxx.exe><ATI Technologies Inc.>
[Bluetooth Service / btwdins][Running/Auto Start]
  <C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe><Broadcom Corporation.>
[Symantec Lic NetConnect service / CLTNetCnService][Stopped/Auto Start]
  <"c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon><(File is missing)>
[eLock Service / eLockService][Running/Auto Start]
  <C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe><Acer Inc.>
[eNet Service / eNet Service][Running/Auto Start]
  <C:\Acer\Empowering Technology\eNet\eNet Service.exe><Acer Inc.>
[eRecovery Service / eRecoveryService][Running/Auto Start]
  <C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe><Acer Inc.>
[eSettings Service / eSettingsService][Running/Auto Start]
  <C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe><>
[Intel? PROSet/Wireless Event Log / EvtEng][Running/Auto Start]
  <C:\Program Files\Intel\WiFi\bin\EvtEng.exe><Intel(R) Corporation>
[Intel(R) Matrix Storage Event Monitor / IAANTMON][Running/Auto Start]
  <C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe><Intel Corporation>
[LightScribeService Direct Disc Labeling Service / LightScribeService][Running/Auto Start]
  <"C:\Program Files\Common Files\LightScribe\LSSrvc.exe"><Hewlett-Packard Company>
[MobilityService / MobilityService][Running/Auto Start]
  <C:\Acer\Mobility Center\MobilityService.exe -p><N/A>
[O2Micro Flash Memory Card Service / o2flash][Running/Auto Start]
  <"C:\Program Files\O2Micro Oz128 Driver\o2flash.exe"><O2Micro International>
[Intel? PROSet/Wireless Registry Service / RegSrvc][Running/Auto Start]
  <C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe><Intel(R) Corporation>
[Cyberlink RichVideo Service(CRVS) / RichVideo][Running/Auto Start]
  <"C:\Program Files\CyberLink\Shared Files\RichVideo.exe"><>
[Ris Process Communication Center / RisCCenter][Stopped/Auto Start]
  <d:\Program Files\Rising\Ris\CCENTER.EXE><Beijing Rising Information Technology Co., Ltd.>
[Rising RisTask Manager / RisTask][Running/Auto Start]
  <"d:\Program Files\Rising\Ris\RavTask.exe" RisTask><Beijing Rising Information Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
  <d:\Program Files\Rising\Ris\RavMonD.exe><Beijing Rising Information Technology Co., Ltd.>
[Rising Scan Service / RsScanSrv][Stopped/Auto Start]
  <d:\Program Files\Rising\Ris\ScanFrm.exe><Beijing Rising Information Technology Co., Ltd.>
[ePower Service / WMIService][Running/Auto Start]
  <C:\Acer\Empowering Technology\ePower\ePowerSvc.exe><acer>

==================================
驱动程序
[adp94xx / adp94xx][Stopped/Disabled]
  <\SystemRoot\system32\drivers\adp94xx.sys><Adaptec, Inc.>
[adpahci / adpahci][Stopped/Disabled]
  <\SystemRoot\system32\drivers\adpahci.sys><Adaptec, Inc.>
[adpu160m / adpu160m][Stopped/Disabled]
  <\SystemRoot\system32\drivers\adpu160m.sys><Adaptec, Inc.>
[adpu320 / adpu320][Stopped/Disabled]
  <\SystemRoot\system32\drivers\adpu320.sys><Adaptec, Inc.>
[Agere Systems Soft Modem / AgereSoftModem][Running/Manual Start]
  <system32\DRIVERS\AGRSM.sys><Agere Systems>
[aic78xx / aic78xx][Stopped/Disabled]
  <\SystemRoot\system32\drivers\djsvs.sys><Adaptec, Inc.>
[aliide / aliide][Stopped/Disabled]
  <\SystemRoot\system32\drivers\aliide.sys><Acer Laboratories Inc.>
[arc / arc][Stopped/Disabled]
  <\SystemRoot\system32\drivers\arc.sys><Adaptec, Inc.>
[arcsas / arcsas][Stopped/Disabled]
  <\SystemRoot\system32\drivers\arcsas.sys><Adaptec, Inc.>
[Atheros Extensible Wireless LAN device driver / athr][Stopped/Manual Start]
  <system32\DRIVERS\athr.sys><Atheros Communications, Inc.>
[atikmdag / atikmdag][Running/Manual Start]
  <system32\DRIVERS\atikmdag.sys><ATI Technologies Inc.>
[Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 / b57nd60x][Running/Manual Start]
  <system32\DRIVERS\b57nd60x.sys><Broadcom Corporation>
[blbdrive / blbdrive][Stopped/Disabled]
  <\SystemRoot\system32\drivers\blbdrive.sys><N/A>
[Brother USB Mass-Storage Lower Filter Driver / BrFiltLo][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\brfiltlo.sys><Brother Industries, Ltd.>
[Brother USB Mass-Storage Upper Filter Driver / BrFiltUp][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\brfiltup.sys><Brother Industries, Ltd.>
[Brother MFC Serial Port Interface Driver (WDM) / Brserid][Stopped/Disabled]
  <\SystemRoot\system32\drivers\brserid.sys><Brother Industries Ltd.>
[Brother WDM Serial driver / BrSerWdm][Stopped/Disabled]
  <\SystemRoot\system32\drivers\brserwdm.sys><Brother Industries Ltd.>
[Brother MFC USB Fax Only Modem / BrUsbMdm][Stopped/Disabled]
  <\SystemRoot\system32\drivers\brusbmdm.sys><Brother Industries Ltd.>
[Brother MFC USB Serial WDM Driver / BrUsbSer][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\brusbser.sys><Brother Industries Ltd.>
[蓝牙音频设备 / btwaudio][Stopped/Manual Start]
  <system32\drivers\btwaudio.sys><Broadcom Corporation.>
[Bluetooth AVDT / btwavdt][Stopped/Manual Start]
  <system32\drivers\btwavdt.sys><Broadcom Corporation.>
[btwrchid / btwrchid][Stopped/Manual Start]
  <system32\DRIVERS\btwrchid.sys><Broadcom Corporation.>
[cmdide / cmdide][Stopped/Disabled]
  <\SystemRoot\system32\drivers\cmdide.sys><CMD Technology, Inc.>
[Dritek Keyboard Filter Driver / DKbFltr][Running/Manual Start]
  <system32\DRIVERS\DKbFltr.sys><Dritek System Inc.>
[Intel(R) PRO/1000 NDIS 6 Adapter Driver / E1G60][Stopped/Manual Start]
  <system32\DRIVERS\E1G60I32.sys><Intel Corporation>
[elxstor / elxstor][Stopped/Disabled]
  <\SystemRoot\system32\drivers\elxstor.sys><Emulex>
[hookcont / hookcont][Running/System Start]
  <system32\drivers\HookCont.sys><Beijing Rising Information Technology Co., Ltd.>
[hooksys / hooksys][Running/System Start]
  <system32\drivers\HookSys.sys><Beijing Rising Information Technology Co., Ltd.>
[HpCISSs / HpCISSs][Stopped/Disabled]
  <\SystemRoot\system32\drivers\hpcisss.sys><Hewlett-Packard Company>
[HSFHWAZL / HSFHWAZL][Stopped/Manual Start]
  <system32\DRIVERS\VSTAZL3.SYS><Conexant Systems, Inc.>
[HSF_DPV / HSF_DPV][Stopped/Manual Start]
  <system32\DRIVERS\VSTDPV3.SYS><Conexant Systems, Inc.>
[ialm / ialm][Stopped/Manual Start]
  <system32\DRIVERS\igdkmd32.sys><Intel Corporation>
[Intel AHCI Controller / iaStor][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\iaStor.sys><Intel Corporation>
[Intel RAID Controller Vista / iaStorV][Stopped/Disabled]
  <\SystemRoot\system32\drivers\iastorv.sys><Intel Corporation>
[iirsp / iirsp][Stopped/Disabled]
  <\SystemRoot\system32\drivers\iirsp.sys><Intel Corp./ICP vortex GmbH>
[int15 / int15][Running/Auto Start]
  <\??\C:\Windows\system32\drivers\int15.sys><N/A>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
  <system32\drivers\RTKVHDA.sys><Realtek Semiconductor Corp.>
[IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start]
  <system32\DRIVERS\ipinip.sys><N/A>
[ITEATAPI_Service_Install / iteatapi][Stopped/Disabled]
  <\SystemRoot\system32\drivers\iteatapi.sys><Integrated Technology Express, Inc.>
[ITERAID_Service_Install / iteraid][Stopped/Disabled]
  <\SystemRoot\system32\drivers\iteraid.sys><Integrated Technology Express, Inc.>
[LSI_FC / LSI_FC][Stopped/Disabled]
  <\SystemRoot\system32\drivers\lsi_fc.sys><LSI Logic>
[LSI_SAS / LSI_SAS][Stopped/Disabled]
  <\SystemRoot\system32\drivers\lsi_sas.sys><LSI Logic>
[LSI_SCSI / LSI_SCSI][Stopped/Disabled]
  <\SystemRoot\system32\drivers\lsi_scsi.sys><LSI Logic>
[megasas / megasas][Stopped/Disabled]
  <\SystemRoot\system32\drivers\megasas.sys><LSI Logic Corporation>
[Mraid35x / Mraid35x][Stopped/Disabled]
  <\SystemRoot\system32\drivers\mraid35x.sys><LSI Logic Corporation>
[Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit / NETw3v32][Stopped/Manual Start]
  <system32\DRIVERS\NETw3v32.sys><Intel? Corporation>
[Intel(R) Wireless WiFi Link 适配器驱动程序（适用于 Windows Vista 32 位） / NETw4v32][Stopped/Manual Start]
  <system32\DRIVERS\NETw4v32.sys><Intel Corporation>
[Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit / NETw5v32][Running/Manual Start]
  <system32\DRIVERS\NETw5v32.sys><Intel Corporation>
[nfrd960 / nfrd960][Stopped/Disabled]
  <\SystemRoot\system32\drivers\nfrd960.sys><IBM Corporation>
[Upper Class Filter Driver / NTIDrvr][Running/Manual Start]
  <system32\DRIVERS\NTIDrvr.sys><NewTech Infosystems, Inc.>
[N-trig HID Tablet Driver / ntrigdigi][Stopped/Disabled]
  <\SystemRoot\system32\drivers\ntrigdigi.sys><N-trig Innovative Technologies>
[nvraid / nvraid][Stopped/Disabled]
  <\SystemRoot\system32\drivers\nvraid.sys><NVIDIA Corporation>
[nvstor / nvstor][Stopped/Disabled]
  <\SystemRoot\system32\drivers\nvstor.sys><NVIDIA Corporation>
[IPX Traffic Filter Driver / NwlnkFlt][Stopped/Manual Start]
  <system32\DRIVERS\nwlnkflt.sys><N/A>
[IPX Traffic Forwarder Driver / NwlnkFwd][Stopped/Manual Start]
  <system32\DRIVERS\nwlnkfwd.sys><N/A>
[O2MDRDR / O2MDRDR][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\o2media.sys><O2Micro>
[O2SDRDR / O2SDRDR][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\o2sd.sys><O2Micro>
[QLogic Fibre Channel Miniport Driver / ql2300][Stopped/Disabled]
  <\SystemRoot\system32\drivers\ql2300.sys><QLogic Corporation>
[QLogic iSCSI Miniport Driver / ql40xx][Stopped/Disabled]
  <\SystemRoot\system32\drivers\ql40xx.sys><QLogic Corporation>
[Rising RfwBase Driver / RfwBase9][Running/System Start]
  <system32\DRIVERS\rfwbase.sys><Beijing Rising Information Technology Co., Ltd.>
[rfwtdi / rfwtdi][Running/Auto Start]
  <\??\d:\Program Files\Rising\Ris\rfwtdi.sys><Beijing Rising Information Technology Co., Ltd.>
[rsfwdrv / rsfwdrv][Running/System Start]
  <\??\d:\Program Files\Rising\Ris\rsfwdrv.sys><Beijing Rising Information Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Information Technology Co., Ltd.>
[Realtek 8169 NT Driver / RTL8169][Stopped/Manual Start]
  <system32\DRIVERS\Rtlh86.sys><Realtek Corporation>
[SiSRaid2 / SiSRaid2][Stopped/Disabled]
  <\SystemRoot\system32\drivers\sisraid2.sys><Silicon Integrated Systems Corp.>
[SiSRaid4 / SiSRaid4][Stopped/Disabled]
  <\SystemRoot\system32\drivers\sisraid4.sys><Silicon Integrated Systems>
[USB2.0 PC Camera (SNP2UVC) / SNP2UVC][Running/Manual Start]
  <system32\DRIVERS\snp2uvc.sys><>
[Symc8xx / Symc8xx][Stopped/Disabled]
  <\SystemRoot\system32\drivers\symc8xx.sys><LSI Logic>
[Sym_hi / Sym_hi][Stopped/Disabled]
  <\SystemRoot\system32\drivers\sym_hi.sys><LSI Logic>
[Sym_u3 / Sym_u3][Stopped/Disabled]
  <\SystemRoot\system32\drivers\sym_u3.sys><LSI Logic>
[Synaptics TouchPad Driver / SynTP][Running/Manual Start]
  <system32\DRIVERS\SynTP.sys><Synaptics, Inc.>
[uliahci / uliahci][Stopped/Disabled]
  <\SystemRoot\system32\drivers\uliahci.sys><ULi Electronics Inc.>
[UlSata / UlSata][Stopped/Disabled]
  <\SystemRoot\system32\drivers\ulsata.sys><Promise Technology, Inc.>
[ulsata2 / ulsata2][Stopped/Disabled]
  <\SystemRoot\system32\drivers\ulsata2.sys><Promise Technology, Inc.>
[viaide / viaide][Stopped/Disabled]
  <\SystemRoot\system32\drivers\viaide.sys><VIA Technologies, Inc.>
[vsmraid / vsmraid][Stopped/Disabled]
  <\SystemRoot\system32\drivers\vsmraid.sys><VIA Technologies Inc.,Ltd>
[winachsf / winachsf][Stopped/Manual Start]
  <system32\DRIVERS\VSTCNXT3.SYS><Conexant Systems, Inc.>
[WisINT15 / WisINT15][Stopped/Manual Start]
  <\??\C:\Elements\1stboot\WisINT15.SYS><N/A>
[{49DE1C67-83F8-4102-99E0-C16DCC7EEC796} / {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}][Running/Auto Start]
  <\??\C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl><Cyberlink Corp.>

==================================
浏览器加载项
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <d:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[Yahoo! Toolbar Helper]
  {02478D38-C3F9-4EFB-9B51-7695ECA05670} <C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll, (Signed) Yahoo! Inc.>
[Adobe PDF Reader Link Helper]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated>
[Search Helper]
  {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} <C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll, (Signed) Microsoft Corp.>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <d:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[Windows Live 登录帮助程序]
  {9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation>
[卡卡上网安全助手]
  {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} <C:\Windows\system32\UrlFilter.dll, (Signed) Beijing Rising Information Technology Co., Ltd.>
[Windows Live Toolbar Helper]
  {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} <C:\Program Files\Windows Live\Toolbar\wltcore.dll, (Signed) Microsoft Corporation>
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <d:\Program Files\Thunder Network\Thunder\Thunder.exe, (Signed) ShenZhen Thunder Networking Technologies,LTD>
[BlogThisToolbarButton Class]
  {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} <C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll, (Signed) Microsoft Corporation>
[Send to OneNote from Internet Explorer button]
  {2670000A-7350-4f3c-8081-5663EE0C6C49} <C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll, (Signed) Microsoft Corporation>
[信息检索(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL, (Signed) Microsoft Corporation>
[Yahoo! 导航条]
  {EF99BD32-C1FB-11D2-892F-0090271D4F88} <C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll, (Signed) Yahoo! Inc.>
[&Windows Live Toolbar]
  {21FA44EF-376D-4D53-9B0F-8A89D3229068} <C:\Program Files\Windows Live\Toolbar\wltcore.dll, (Signed) Microsoft Corporation>
[Windows Live OneCare safety scanner control]
  {3860DD98-0549-4D50-AA72-5D17D200EE10} <%ProgramFiles%\Windows Live Safety Center\wlscCtrl2.dll, (Signed) N/A>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <d:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[Yahoo! Toolbar Helper]
  {02478D38-C3F9-4EFB-9B51-7695ECA05670} <C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll, (Signed) Yahoo! Inc.>
[Adobe PDF Reader Link Helper]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated>
[]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <, >
[NetPlayer Class]
  {1051BC6C-02E5-44F9-91B7-463FCB96C6D2} <d:\Program Files\Novasoft\vodplayer\VodHelper.dll, >
[InformationCardSigninHelper Class]
  {19916E01-B44E-4E31-94A4-4696DF46157B} <C:\Windows\system32\icardie.dll, (Signed) Microsoft Corporation>
[]
  {1E0DFFCF-27FF-4574-849B-55007349FEDA} <, >
[]
  {1E8A6170-7264-4D0F-BEAE-D42A53123C75} <, >
[]
  {219C3416-8CB2-491A-A3C7-D9FCDDC9D600} <, >
[&Windows Live Toolbar]
  {21FA44EF-376D-4D53-9B0F-8A89D3229068} <C:\Program Files\Windows Live\Toolbar\wltcore.dll, (Signed) Microsoft Corporation>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\Windows\System32\wmpdxm.dll, (Signed) Microsoft Corporation>
[]
  {2670000A-7350-4F3C-8081-5663EE0C6C49} <, >
[XML DOM Document]
  {2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[Windows Live OneCare safety scanner control]
  {3860DD98-0549-4D50-AA72-5D17D200EE10} <%ProgramFiles%\Windows Live Safety Center\wlscCtrl2.dll, (Signed) N/A>
[XML Document]
  {48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <d:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <, >
[XMP Class]
  {6483F145-A768-4C41-AACC-52D4D7845851} <C:\ProgramData\Thunder Network\KanKan\xplayer.dll_1_work, ShenZhen Thunder Networking Technologies,LTD>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <%SystemRoot%\system32\wmp.dll, (Signed) N/A>
[Search Helper]
  {6EBF7485-159F-4BFF-A14F-B9E3AAC4465B} <C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll, (Signed) Microsoft Corp.>
[MediaComm Class]
  {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <d:\Program Files\Thunder Network\Thunder\Components\InMedia\MediaAddin18.dll, (Signed) ShenZhen Thunder Networking Technologies,LTD>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <d:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[XML DOM Document 4.0]
  {88D969C0-F192-11D4-A65F-0040963251E5} <C:\Windows\system32\msxml4.dll, (Signed) Microsoft Corporation>
[XML DOM Document 5.0]
  {88D969E5-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll, (Signed) Microsoft Corporation>
[XML DOM Document 6.0]
  {88D96A05-F192-11D4-A65F-0040963251E5} <%SystemRoot%\System32\msxml6.dll, (Signed) N/A>
[XML HTTP 6.0]
  {88D96A0A-F192-11D4-A65F-0040963251E5} <%SystemRoot%\System32\msxml6.dll, (Signed) N/A>
[]
  {90222687-F593-4738-B738-FBEE9C7B26DF} <, >
[Windows Live 登录帮助程序]
  {9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation>
[]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <, >
[OFrameObject Class]
  {9701758C-4373-482E-B13C-776C048EC890} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.5810.141.(258).dll, (Signed) ShenZhen Thunder Networking Technologies,LTD>
[卡卡上网安全助手]
  {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} <C:\Windows\system32\UrlFilter.dll, (Signed) Beijing Rising Information Technology Co., Ltd.>
[DapCtrl Class]
  {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.5810.141.(258).dll, (Signed) ShenZhen Thunder Networking Technologies,LTD>
[Microsoft Office 12 Authorization Control]
  {C9712B19-838B-45A5-ABF2-9A315DDDED50} <C:\PROGRA~1\MICROS~2\Office12\AUTHZAX.DLL, (Signed) Microsoft Corporation>
[]
  {CCA281CA-C863-46EF-9331-5C8D4460577F} <, >
[AUDIO__MID Moniker Class]
  {CD3AFA74-B84F-48F0-9393-7EDC34128127} <%SystemRoot%\system32\wmp.dll, (Signed) N/A>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <%SystemRoot%\system32\wmp.dll, (Signed) N/A>
[Windows Live 登录控制]
  {D2517915-48CE-4286-970F-921E881B8C5C} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\Windows\system32\Macromed\Flash\Flash10b.ocx, (Signed) Adobe Systems, Inc.>
[Microsoft Silverlight]
  {DFEAF541-F3E1-4C24-ACAC-99C30715084A} <C:\Program Files\Microsoft Silverlight\2.0.40115.0\npctrl.dll, (Signed)  Microsoft Corporation>
[Windows Live Toolbar Helper]
  {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} <C:\Program Files\Windows Live\Toolbar\wltcore.dll, (Signed) Microsoft Corporation>
[]
  {E1771B7F-98BE-407F-BA67-AA16ADA5D0C5} <C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGSC1~1.DLL, (Signed) Microsoft Corporation>
[RevealTrans]
  {E31E87C4-86EA-4940-9B8A-5BD5D179A737} <C:\Windows\system32\Dxtmsft.dll, (Signed) Microsoft Corporation>
[XML HTTP Request]
  {ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[Yahoo! 导航条]
  {EF99BD32-C1FB-11D2-892F-0090271D4F88} <C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll, (Signed) Yahoo! Inc.>
[XPPlayer Class]
  {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Program Files\Common Files\Thunder Network\KanKan\PPlayer.2.1.58110.250.(258).dll, (Signed) ShenZhen Thunder Networking Technologies,LTD>
[XML DOM Document 3.0]
  {F5078F32-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[Free Threaded XML DOM Document 3.0]
  {F5078F33-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[XML HTTP 3.0]
  {F5078F35-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[XSL Template 3.0]
  {F5078F36-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[XML DOM Document]
  {F6D90F11-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[XML HTTP]
  {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[使用迅雷下载]
  <d:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[使用迅雷下载全部链接]
  <d:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[图像发送到 Bluetooth 设备(&B)...]
  <C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm, N/A>
[导出到 Microsoft Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000, N/A>
[页面发送到 Bluetooth 设备(&B)...]
  <C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm, N/A>

==================================
正在运行的进程
[PID: 456 / SYSTEM][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[PID: 596 / SYSTEM][C:\Windows\system32\csrss.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 652 / SYSTEM][C:\Windows\system32\wininit.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 664 / SYSTEM][C:\Windows\system32\csrss.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 696 / SYSTEM][C:\Windows\system32\services.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 708 / SYSTEM][C:\Windows\system32\lsass.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 716 / SYSTEM][C:\Windows\system32\lsm.exe]  [(Verified) Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[PID: 760 / SYSTEM][C:\Windows\system32\winlogon.exe]  [(Verified) Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[PID: 896 / SYSTEM][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 956 / NETWORK SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1076 / SYSTEM][C:\Windows\System32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1084 / SYSTEM][d:\Program Files\Rising\Ris\CCENTER.EXE]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [d:\Program Files\Rising\Ris\combase.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [d:\Program Files\Rising\Ris\cnt09.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 37]
    [d:\Program Files\Rising\Ris\cnt08.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7]
[PID: 1116 / SYSTEM][C:\Windows\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4174]
[PID: 1192 / LOCAL SERVICE][C:\Windows\System32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1232 / SYSTEM][C:\Windows\System32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1260 / SYSTEM][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1352 / NETWORK SERVICE][C:\Windows\system32\SLsvc.exe]  [(Verified) Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[PID: 1384 / LOCAL SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1492 / SYSTEM][C:\Windows\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4174]
    [C:\Windows\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2512]
    [C:\Windows\system32\atipdlxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2522]
    [C:\Windows\system32\ati2evxx.dll]  [ATI Technologies Inc., 6.14.10.4163]
[PID: 1620 / NETWORK SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1900 / SYSTEM][C:\Windows\system32\WLANExt.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [C:\Windows\System32\IWMSSvc.dll]  [Intel(R) Corporation, 12, 2, 0, 10]
    [C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll]  [The OpenSSL Project, http://www.openssl.org/, 0.9.8]
    [C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll]  [Intel(R) Corporation, 12, 2, 0, 0]
    [C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll]  [Intel(R) Corporation, 12, 2, 0, 2]
    [C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\ccxplugin.dll]  [Intel(R) Corporation, 12, 2, 0, 2]
    [C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL]  [N/A, ]
[PID: 2000 / SYSTEM][C:\Windows\System32\spoolsv.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 2044 / LOCAL SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 324 / SYSTEM][C:\Windows\system32\taskeng.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 396 / AS4920G][C:\Windows\system32\Dwm.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [C:\Windows\system32\atiumdag.dll]  [ATI Technologies Inc. , 7.14.10.0517]
    [C:\Windows\system32\atiumdva.dll]  [ATI Technologies Inc. , 7.14.10.0163]
[PID: 584 / AS4920G][C:\Windows\Explorer.EXE]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [C:\Windows\system32\btncopy.dll]  [Broadcom Corporation., 6.0.1.3900]
    [d:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 120]
    [d:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [ShenZhen Thunder Networking Technologies,LTD, 1, 0, 0, 20]
    [d:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [ShenZhen Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [C:\Windows\system32\icm32.dll]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [C:\Windows\system32\SOGOUPY.IME]  [Sogou.com Inc., 4.1.1.2341]
[PID: 1564 / AS4920G][C:\Windows\system32\taskeng.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [C:\Windows\system32\atitmmxx.dll]  [, 6, 14, 11, 17]
    [C:\Windows\system32\atipdlxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2522]
[PID: 2244 / SYSTEM][C:\Windows\system32\agrsmsvc.exe]  [Agere Systems, 1.0.0.4]
[PID: 2276 / LOCAL SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 2288 / SYSTEM][C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe]  [Broadcom Corporation., 6.0.1.3900]
[PID: 2324 / SYSTEM][C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe]  [Acer Inc., 2.5.4005.0]
    [C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\c068708e16abf0be77a21b9f29817d83\mscorlib.ni.dll]  [Microsoft Corporation, 2.0.50727.3074 (QFE.050727-3000)]
    [C:\Windows\assembly\NativeImages_v2.0.50727_32\System\57ac9ba5419d6bf4b79f2979b0755428\System.ni.dll]  [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]
    [C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\ba71341e41687591124f9a5680cb0981\System.ServiceProcess.ni.dll]  [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]
    [C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a4fd3b000abfd4712b02ec223df3e9dd\System.Runtime.Remoting.ni.dll]  [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]
    [C:\Acer\Empowering Technology\eLock\Service\eLock.Serv.Main.dll]  [Acer Inc., 2.5.4005.0]
    [C:\Acer\Empowering Technology\eLock\Service\eLock.Serv.Interface.dll]  [Acer Inc., 2.5.4005.0]
    [C:\Acer\Empowering Technology\eLock\Service\eLock.Serv.Library.dll]  [Acer Inc., 2.5.4005.0]
[PID: 2452 / SYSTEM][C:\Acer\Empowering Technology\eNet\eNet Service.exe]  [Acer Inc., 2, 6, 4, 8]
    [C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\c068708e16abf0be77a21b9f29817d83\mscorlib.ni.dll]  [Microsoft Corporation, 2.0.50727.3074 (QFE.050727-3000)]
    [C:\Windows\assembly\NativeImages_v2.0.50727_32\System\57ac9ba5419d6bf4b79f2979b0755428\System.ni.dll]  [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]
    [C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\ba71341e41687591124f9a5680cb0981\System.ServiceProcess.ni.dll]  [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]
    [C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a4fd3b000abfd4712b02ec223df3e9dd\System.Runtime.Remoting.ni.dll]  [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]
    [C:\Acer\Empowering Technology\eNet\eNetServiceInterface.dll]  [Acer Inc., 2, 6, 4, 8]
[PID: 2500 / SYSTEM][C:\Program Files\Intel\WiFi\bin\EvtEng.exe]  [Intel(R) Corporation, 12, 2, 0, 0]
    [C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll]  [Intel(R) Corporation, 12, 2, 0, 2]
    [C:\Program Files\Intel\WiFi\bin\MurocApi.dll]  [Intel(R) Corporation, 12, 2, 0, 5]
    [C:\Program Files\Intel\WiFi\bin\IntStngs.dll]  [Intel(R) Corporation, 12, 2, 0, 0]
    [C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll]  [The OpenSSL Project, http://www.openssl.org/, 0.9.8]
    [C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll]  [Intel(R) Corporation, 12, 2, 0, 0]
    [C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll]  [Intel(R) Corporation, 12, 2, 0, 2]
    [C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll]  [Intel(R) Corporation, 12, 2, 0, 1]
[PID: 2548 / SYSTEM][C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe]  [Intel Corporation, 7.5.0.1017]
    [C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll]  [Intel Corporation, 7.5.0.1017]
    [C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID_CHS.dll]  [Intel Corporation, 7.5.0.1017]
[PID: 2588 / SYSTEM][C:\Program Files\Common Files\LightScribe\LSSrvc.exe]  [Hewlett-Packard Company, 1.4.142.1]
    [C:\Program Files\Common Files\LightScribe\LSSProxy.dll]  [Hewlett-Packard Company, 1.4.142.1]
    [C:\Program Files\Common Files\LightScribe\LSLog.dll]  [Hewlett-Packard Company, 1.4.142.1]
[PID: 2612 / SYSTEM][C:\Acer\Mobility Center\MobilityService.exe]  [N/A, ]
    [C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\c068708e16abf0be77a21b9f29817d83\mscorlib.ni.dll]  [Microsoft Corporation, 2.0.50727.3074 (QFE.050727-3000)]
    [C:\Windows\assembly\NativeImages_v2.0.50727_32\System\57ac9ba5419d6bf4b79f2979b0755428\System.ni.dll]  [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]
    [C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\ba71341e41687591124f9a5680cb0981\System.ServiceProcess.ni.dll]  [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]
    [C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a4fd3b000abfd4712b02ec223df3e9dd\System.Runtime.Remoting.ni.dll]  [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]
    [C:\Acer\Mobility Center\MobilityInterface.dll]  [N/A, ]
    [C:\Acer\Mobility Center\MSVCR80D.dll]  [Microsoft Corporation, 8.00.50727.42]
    [C:\Acer\Mobility Center\msvcm80d.dll]  [Microsoft Corporation, 8.00.50727.42]
[PID: 2724 / SYSTEM][C:\Program Files\O2Micro Oz128 Driver\o2flash.exe]  [O2Micro International, 1, 0, 0, 3]
[PID: 2772 / NETWORK SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 2788 / SYSTEM][C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe]  [Intel(R) Corporation, 12, 2, 0, 0]
[PID: 2844 / SYSTEM][C:\Program Files\CyberLink\Shared Files\RichVideo.exe]  [, 2.0.0828  ]
[PID: 2912 / SYSTEM][C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe]  [Microsoft Corp., 1.2.123.0]
[PID: 2956 / LOCAL SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 2992 / SYSTEM][C:\Windows\System32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 3036 / SYSTEM][C:\Windows\system32\SearchIndexer.exe]  [(Verified) Microsoft Corporation, 7.0.6001.16503 (longhorn(wmbla).080526-2159)]
[PID: 3128 / SYSTEM][C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe]  [Acer Inc., 2.5.4.3]
    [C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\c068708e16abf0be77a21b9f29817d83\mscorlib.ni.dll]  [Microsoft Corporation, 2.0.50727.3074 (QFE.050727-3000)]
    [C:\Windows\assembly\NativeImages_v2.0.50727_32\System\57ac9ba5419d6bf4b79f2979b0755428\System.ni.dll]  [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]
    [C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\ba71341e41687591124f9a5680cb0981\System.ServiceProcess.ni.dll]  [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]
    [C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a4fd3b000abfd4712b02ec223df3e9dd\System.Runtime.Remoting.ni.dll]  [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]
    [C:\Acer\Empowering Technology\eRecovery\ServiceInterface.dll]  [, 2.05.4001]
    [C:\Acer\Empowering Technology\eRecovery\IERYETF.dll]  [, 2.05.4001]
    [C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\31729b33207d1093721f9e943302b900\System.Management.ni.dll]  [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]
[PID: 3196 / SYSTEM][C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe]  [, 1.0.0.0]
    [C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\c068708e16abf0be77a21b9f29817d83\mscorlib.ni.dll]  [Microsoft Corporation, 2.0.50727.3074 (QFE.050727-3000)]
    [C:\Windows\assembly\NativeImages_v2.0.50727_32\System\57ac9ba5419d6bf4b79f2979b0755428\System.ni.dll]  [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]