[PID: 13760 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\bauhgnem.dll]  [N/A, ]
    [C:\WINDOWS\system32\eohsom.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\atgnehz.dll]  [N/A, ]
    [C:\WINDOWS\system32\tsqc.dll]  [N/A, ]
    [C:\WINDOWS\system32\kiluw.dll]  [N/A, ]
    [C:\WINDOWS\system32\jemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\sve.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\system32\zadnew.dll]  [N/A, ]
    [C:\WINDOWS\system32\iqnauhc.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijiq.dll]  [N/A, ]
    [C:\WINDOWS\system32\hjxr.dll]  [N/A, ]
    [C:\WINDOWS\system32\naijoad.dll]  [N/A, ]
    [C:\WINDOWS\system32\naixuhz.dll]  [N/A, ]
    [C:\WINDOWS\system32\auhad.dll]  [N/A, ]
    [C:\Program Files\Windows Live Toolbar\msntb.dll]  [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\zh-cn\mtbres.dll.mui]  [Microsoft Corporation, 03.00.0001.2012]
    [C:\Program Files\Windows Live Toolbar\mtbres.dll]  [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\Tem.dll]  [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\zh-cn\searchboxRes.dll.mui]  [Microsoft Corporation, 03.00.0001.2012]
    [C:\Program Files\Windows Live Toolbar\searchboxRes.dll]  [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\zh-cn\CMRes.dll.mui]  [Microsoft Corporation, 03.00.0001.2032]
    [C:\Program Files\Windows Live Toolbar\CMRes.dll]  [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\zh-cn\msn_slrs.DLL.mui]  [Microsoft Corporation, 03.00.0001.2012]
    [C:\Program Files\Windows Live Toolbar\msn_slrs.DLL]  [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\zh-cn\CBRes.dll.mui]  [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\CBRes.dll]  [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Tencent\QQDownload\QQIEHelper01.dll]  [腾讯公司, 1, 1, 0, 5]
    [E:\Thunder (2)\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.16]
    [C:\Program Files\Common Files\CPUSH\cpush.dll]  [, 1.0.6.4]
    [C:\Program Files\FlashGet Network\Flashget\ComDlls\bhoCATCH.dll]  [FlashGet, 2, 0, 2, 1011]
    [C:\Program Files\Windows Live\家庭安全设置\fssbho.dll]  [Microsoft Corporation, 2.0.5817.2]
    [C:\WINDOWS\jegoqmua.dll]  [N/A, ]
    [C:\WINDOWS\system32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
    [C:\WINDOWS\xwymthby.dll]  [N/A, ]
    [C:\Program Files\Windows Live\家庭安全设置\fsssvcps.dll]  [Microsoft Corporation, 2.0.5817.2]
    [C:\WINDOWS\system32\c0b1.dll]  [, 1, 0, 0, 2]
    [C:\PROGRA~1\OCINS\ieaux.dll]  [中国互联网络信息中心(CNNIC), 2, 6, 0, 9]
    [C:\PROGRA~1\OCINS\idnsvr.dll]  [中国互联网信息中心(CNNIC), 2, 6, 0, 4]
    [E:\Thunder (2)\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 55]
    [E:\Thunder (2)\Components\ResWorker\DsBho_01.dll]  [, 1, 0, 0, 12]
    [E:\Thunder (2)\Components\ResWorker\DataProcessor_01.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 13]
    [C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll]  [Microsoft Corporation, 4.200.520.1]
    [C:\Program Files\Common Files\Microsoft Shared\Windows Live\msidcrl40.dll]  [Microsoft Corporation, 4.200.520.1]
    [C:\Program Files\Windows Live Toolbar\searchbox.dll]  [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\stmain.dll]  [Microsoft Corporation, 03.01.0000.0146]
    [C:\WINDOWS\system32\wpdshext.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\PortableDeviceApi.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\Audiodev.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\Program Files\Windows Live Toolbar\cm.dll]  [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\msn_slps.dll]  [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\CB.dll]  [Microsoft Corporation, 03.01.0000.0146]
    [C:\WINDOWS\system32\HDDGuard.dll]  [N/A, ]
    [C:\WINDOWS\wmhyxyxc.dll]  [N/A, ]
    [C:\WINDOWS\system32\ftvltb.dll]  [N/A, ]
    [C:\WINDOWS\system32\WSockDrv32.dll]  [N/A, ]
[PID: 14144 / Administrator][C:\WINDOWS\system32\rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\bauhgnem.dll]  [N/A, ]
    [C:\WINDOWS\system32\eohsom.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\atgnehz.dll]  [N/A, ]
    [C:\WINDOWS\system32\tsqc.dll]  [N/A, ]
    [C:\WINDOWS\system32\kiluw.dll]  [N/A, ]
    [C:\WINDOWS\system32\jemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\sve.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\system32\zadnew.dll]  [N/A, ]
    [C:\WINDOWS\system32\iqnauhc.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijiq.dll]  [N/A, ]
    [C:\WINDOWS\system32\hjxr.dll]  [N/A, ]
    [C:\WINDOWS\system32\naijoad.dll]  [N/A, ]
    [C:\WINDOWS\system32\naixuhz.dll]  [N/A, ]
    [C:\WINDOWS\system32\auhad.dll]  [N/A, ]
    [C:\WINDOWS\system32\9c1.dll]  [  , 1, 0, 0, 3]
    [C:\WINDOWS\system32\HDDGuard.dll]  [N/A, ]
    [C:\WINDOWS\system32\upxdnd.dll]  [N/A, ]
    [C:\WINDOWS\jegoqmua.dll]  [N/A, ]
    [C:\WINDOWS\xwymthby.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhfrxz.dll]  [N/A, ]
    [C:\WINDOWS\system32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\system32\zjydcx.dll]  [N/A, ]
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
    [C:\WINDOWS\wmhyxyxc.dll]  [N/A, ]

[PID: 13760 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\bauhgnem.dll]  [N/A, ]
    [C:\WINDOWS\system32\eohsom.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\atgnehz.dll]  [N/A, ]
    [C:\WINDOWS\system32\tsqc.dll]  [N/A, ]
    [C:\WINDOWS\system32\kiluw.dll]  [N/A, ]
    [C:\WINDOWS\system32\jemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\sve.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\system32\zadnew.dll]  [N/A, ]
    [C:\WINDOWS\system32\iqnauhc.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijiq.dll]  [N/A, ]
    [C:\WINDOWS\system32\hjxr.dll]  [N/A, ]
    [C:\WINDOWS\system32\naijoad.dll]  [N/A, ]
    [C:\WINDOWS\system32\naixuhz.dll]  [N/A, ]
    [C:\WINDOWS\system32\auhad.dll]  [N/A, ]
    [C:\Program Files\Windows Live Toolbar\msntb.dll]  [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\zh-cn\mtbres.dll.mui]  [Microsoft Corporation, 03.00.0001.2012]
    [C:\Program Files\Windows Live Toolbar\mtbres.dll]  [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\Tem.dll]  [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\zh-cn\searchboxRes.dll.mui]  [Microsoft Corporation, 03.00.0001.2012]
    [C:\Program Files\Windows Live Toolbar\searchboxRes.dll]  [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\zh-cn\CMRes.dll.mui]  [Microsoft Corporation, 03.00.0001.2032]
    [C:\Program Files\Windows Live Toolbar\CMRes.dll]  [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\zh-cn\msn_slrs.DLL.mui]  [Microsoft Corporation, 03.00.0001.2012]
    [C:\Program Files\Windows Live Toolbar\msn_slrs.DLL]  [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\zh-cn\CBRes.dll.mui]  [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\CBRes.dll]  [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Tencent\QQDownload\QQIEHelper01.dll]  [腾讯公司, 1, 1, 0, 5]
    [E:\Thunder (2)\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.16]
    [C:\Program Files\Common Files\CPUSH\cpush.dll]  [, 1.0.6.4]
    [C:\Program Files\FlashGet Network\Flashget\ComDlls\bhoCATCH.dll]  [FlashGet, 2, 0, 2, 1011]
    [C:\Program Files\Windows Live\家庭安全设置\fssbho.dll]  [Microsoft Corporation, 2.0.5817.2]
    [C:\WINDOWS\jegoqmua.dll]  [N/A, ]
    [C:\WINDOWS\system32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
    [C:\WINDOWS\xwymthby.dll]  [N/A, ]
    [C:\Program Files\Windows Live\家庭安全设置\fsssvcps.dll]  [Microsoft Corporation, 2.0.5817.2]
    [C:\WINDOWS\system32\c0b1.dll]  [, 1, 0, 0, 2]
    [C:\PROGRA~1\OCINS\ieaux.dll]  [中国互联网络信息中心(CNNIC), 2, 6, 0, 9]
    [C:\PROGRA~1\OCINS\idnsvr.dll]  [中国互联网信息中心(CNNIC), 2, 6, 0, 4]
    [E:\Thunder (2)\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 55]
    [E:\Thunder (2)\Components\ResWorker\DsBho_01.dll]  [, 1, 0, 0, 12]
    [E:\Thunder (2)\Components\ResWorker\DataProcessor_01.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 13]
    [C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll]  [Microsoft Corporation, 4.200.520.1]
    [C:\Program Files\Common Files\Microsoft Shared\Windows Live\msidcrl40.dll]  [Microsoft Corporation, 4.200.520.1]
    [C:\Program Files\Windows Live Toolbar\searchbox.dll]  [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\stmain.dll]  [Microsoft Corporation, 03.01.0000.0146]
    [C:\WINDOWS\system32\wpdshext.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\PortableDeviceApi.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\Audiodev.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\Program Files\Windows Live Toolbar\cm.dll]  [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\msn_slps.dll]  [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\CB.dll]  [Microsoft Corporation, 03.01.0000.0146]
    [C:\WINDOWS\system32\HDDGuard.dll]  [N/A, ]
    [C:\WINDOWS\wmhyxyxc.dll]  [N/A, ]
    [C:\WINDOWS\system32\ftvltb.dll]  [N/A, ]
    [C:\WINDOWS\system32\WSockDrv32.dll]  [N/A, ]
[PID: 14144 / Administrator][C:\WINDOWS\system32\rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\bauhgnem.dll]  [N/A, ]
    [C:\WINDOWS\system32\eohsom.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\atgnehz.dll]  [N/A, ]
    [C:\WINDOWS\system32\tsqc.dll]  [N/A, ]
    [C:\WINDOWS\system32\kiluw.dll]  [N/A, ]
    [C:\WINDOWS\system32\jemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\sve.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\system32\zadnew.dll]  [N/A, ]
    [C:\WINDOWS\system32\iqnauhc.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijiq.dll]  [N/A, ]
    [C:\WINDOWS\system32\hjxr.dll]  [N/A, ]
    [C:\WINDOWS\system32\naijoad.dll]  [N/A, ]
    [C:\WINDOWS\system32\naixuhz.dll]  [N/A, ]
    [C:\WINDOWS\system32\auhad.dll]  [N/A, ]
    [C:\WINDOWS\system32\9c1.dll]  [  , 1, 0, 0, 3]
    [C:\WINDOWS\system32\HDDGuard.dll]  [N/A, ]
    [C:\WINDOWS\system32\upxdnd.dll]  [N/A, ]
    [C:\WINDOWS\jegoqmua.dll]  [N/A, ]
    [C:\WINDOWS\xwymthby.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhfrxz.dll]  [N/A, ]
    [C:\WINDOWS\system32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\system32\zjydcx.dll]  [N/A, ]
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
    [C:\WINDOWS\wmhyxyxc.dll]  [N/A, ]

[PID: 13072 / Administrator][c:\program files\tudou\飞速tudou\TudouVAMonitor.exe]  [土豆网(www.tudou.com), 1.0.0.1]
    [c:\program files\tudou\飞速tudou\MFC80.DLL]  [Microsoft Corporation, 8.00.50727.42]
    [C:\WINDOWS\system32\bauhgnem.dll]  [N/A, ]
    [C:\WINDOWS\system32\eohsom.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\atgnehz.dll]  [N/A, ]
    [C:\WINDOWS\system32\tsqc.dll]  [N/A, ]
    [C:\WINDOWS\system32\kiluw.dll]  [N/A, ]
    [C:\WINDOWS\system32\jemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\sve.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\system32\zadnew.dll]  [N/A, ]
    [C:\WINDOWS\system32\iqnauhc.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijiq.dll]  [N/A, ]
    [C:\WINDOWS\system32\hjxr.dll]  [N/A, ]
    [C:\WINDOWS\system32\naijoad.dll]  [N/A, ]
    [C:\WINDOWS\system32\naixuhz.dll]  [N/A, ]
    [C:\WINDOWS\system32\auhad.dll]  [N/A, ]
    [C:\WINDOWS\jegoqmua.dll]  [N/A, ]
    [C:\WINDOWS\xwymthby.dll]  [N/A, ]
    [C:\WINDOWS\system32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
    [C:\WINDOWS\system32\HDDGuard.dll]  [N/A, ]
    [C:\WINDOWS\wmhyxyxc.dll]  [N/A, ]
    [C:\WINDOWS\system32\ftvltb.dll]  [N/A, ]
    [C:\WINDOWS\system32\WSockDrv32.dll]  [N/A, ]
[PID: 10452 / Administrator][C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe]  [Microsoft Corporation, 4.200.520.1]
    [C:\WINDOWS\system32\bauhgnem.dll]  [N/A, ]
    [C:\WINDOWS\system32\eohsom.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\atgnehz.dll]  [N/A, ]
    [C:\WINDOWS\system32\tsqc.dll]  [N/A, ]
    [C:\WINDOWS\system32\kiluw.dll]  [N/A, ]
    [C:\WINDOWS\system32\jemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\sve.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\system32\zadnew.dll]  [N/A, ]
    [C:\WINDOWS\system32\iqnauhc.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijiq.dll]  [N/A, ]
    [C:\WINDOWS\system32\hjxr.dll]  [N/A, ]
    [C:\WINDOWS\system32\naijoad.dll]  [N/A, ]
    [C:\WINDOWS\system32\naixuhz.dll]  [N/A, ]
    [C:\WINDOWS\system32\auhad.dll]  [N/A, ]
    [C:\Program Files\Common Files\Microsoft Shared\Windows Live\msidcrl40.dll]  [Microsoft Corporation, 4.200.520.1]
    [C:\WINDOWS\jegoqmua.dll]  [N/A, ]
    [C:\WINDOWS\xwymthby.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhfrxz.dll]  [N/A, ]
    [C:\WINDOWS\system32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
    [C:\WINDOWS\system32\HDDGuard.dll]  [N/A, ]
    [C:\WINDOWS\wmhyxyxc.dll]  [N/A, ]
    [C:\WINDOWS\system32\WSockDrv32.dll]  [N/A, ]
    [C:\WINDOWS\system32\ftvltb.dll]  [N/A, ]
[PID: 5968 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\bauhgnem.dll]  [N/A, ]
    [C:\WINDOWS\system32\eohsom.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\atgnehz.dll]  [N/A, ]
    [C:\WINDOWS\system32\tsqc.dll]  [N/A, ]
    [C:\WINDOWS\system32\kiluw.dll]  [N/A, ]
    [C:\WINDOWS\system32\jemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\sve.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\system32\zadnew.dll]  [N/A, ]
    [C:\WINDOWS\system32\iqnauhc.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijiq.dll]  [N/A, ]
    [C:\WINDOWS\system32\hjxr.dll]  [N/A, ]
    [C:\WINDOWS\system32\naijoad.dll]  [N/A, ]
    [C:\WINDOWS\system32\naixuhz.dll]  [N/A, ]
    [C:\WINDOWS\system32\auhad.dll]  [N/A, ]
    [C:\Program Files\Windows Live Toolbar\msntb.dll]  [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\zh-cn\mtbres.dll.mui]  [Microsoft Corporation, 03.00.0001.2012]
    [C:\Program Files\Windows Live Toolbar\mtbres.dll]  [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\Tem.dll]  [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\zh-cn\searchboxRes.dll.mui]  [Microsoft Corporation, 03.00.0001.2012]
    [C:\Program Files\Windows Live Toolbar\searchboxRes.dll]  [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\zh-cn\CMRes.dll.mui]  [Microsoft Corporation, 03.00.0001.2032]
    [C:\Program Files\Windows Live Toolbar\CMRes.dll]  [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\zh-cn\msn_slrs.DLL.mui]  [Microsoft Corporation, 03.00.0001.2012]
    [C:\Program Files\Windows Live Toolbar\msn_slrs.DLL]  [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\zh-cn\CBRes.dll.mui]  [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\CBRes.dll]  [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Tencent\QQDownload\QQIEHelper01.dll]  [腾讯公司, 1, 1, 0, 5]
    [E:\Thunder (2)\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.16]
    [C:\Program Files\Common Files\CPUSH\cpush.dll]  [, 1.0.6.4]
    [C:\Program Files\FlashGet Network\Flashget\ComDlls\bhoCATCH.dll]  [FlashGet, 2, 0, 2, 1011]
    [C:\Program Files\Windows Live\家庭安全设置\fssbho.dll]  [Microsoft Corporation, 2.0.5817.2]
    [C:\WINDOWS\system32\HDDGuard.dll]  [N/A, ]
    [C:\WINDOWS\jegoqmua.dll]  [N/A, ]
    [C:\WINDOWS\system32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\xwymthby.dll]  [N/A, ]
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
    [C:\Program Files\Windows Live\家庭安全设置\fsssvcps.dll]  [Microsoft Corporation, 2.0.5817.2]
    [C:\WINDOWS\system32\c0b1.dll]  [, 1, 0, 0, 2]
    [C:\PROGRA~1\OCINS\ieaux.dll]  [中国互联网络信息中心(CNNIC), 2, 6, 0, 9]
    [C:\PROGRA~1\OCINS\idnsvr.dll]  [中国互联网信息中心(CNNIC), 2, 6, 0, 4]
    [E:\Thunder (2)\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 55]
    [E:\Thunder (2)\Components\ResWorker\DsBho_01.dll]  [, 1, 0, 0, 12]
    [E:\Thunder (2)\Components\ResWorker\DataProcessor_01.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 13]
    [C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll]  [Microsoft Corporation, 4.200.520.1]
    [C:\Program Files\Windows Live Toolbar\searchbox.dll]  [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\stmain.dll]  [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Common Files\Microsoft Shared\Windows Live\msidcrl40.dll]  [Microsoft Corporation, 4.200.520.1]
    [C:\WINDOWS\system32\wpdshext.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\PortableDeviceApi.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\Audiodev.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\Program Files\Windows Live Toolbar\cm.dll]  [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\msn_slps.dll]  [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\CB.dll]  [Microsoft Corporation, 03.01.0000.0146]
    [C:\WINDOWS\system32\mscoree.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorld.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\wmhyxyxc.dll]  [N/A, ]
    [C:\WINDOWS\system32\ftvltb.dll]  [N/A, ]
    [C:\WINDOWS\system32\WSockDrv32.dll]  [N/A, ]
[PID: 8520 / Administrator][C:\WINDOWS\wmhyxyxc.exe]  [N/A, ]
    [C:\WINDOWS\system32\auhad.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijiq.dll]  [N/A, ]
    [C:\WINDOWS\system32\naixuhz.dll]  [N/A, ]
    [C:\WINDOWS\system32\iqnauhc.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\hjxr.dll]  [N/A, ]
    [C:\WINDOWS\system32\naijoad.dll]  [N/A, ]
    [C:\WINDOWS\system32\bauhgnem.dll]  [N/A, ]
    [C:\WINDOWS\system32\jemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\eohsom.dll]  [N/A, ]
    [C:\WINDOWS\system32\zadnew.dll]  [N/A, ]
    [C:\WINDOWS\system32\atgnehz.dll]  [N/A, ]
    [C:\WINDOWS\system32\sve.dll]  [N/A, ]
    [C:\WINDOWS\system32\tsqc.dll]  [N/A, ]
    [C:\WINDOWS\system32\kiluw.dll]  [N/A, ]
    [C:\WINDOWS\wmhyxyxc.dll]  [N/A, ]
[PID: 15460 / Administrator][C:\WINDOWS\system32\18.exe]  [N/A, ]
    [C:\WINDOWS\system32\auhad.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijiq.dll]  [N/A, ]
    [C:\WINDOWS\system32\naixuhz.dll]  [N/A, ]
    [C:\WINDOWS\system32\iqnauhc.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\hjxr.dll]  [N/A, ]
    [C:\WINDOWS\system32\naijoad.dll]  [N/A, ]
    [C:\WINDOWS\system32\hjiq.dll]  [N/A, ]
    [C:\WINDOWS\system32\bauhgnem.dll]  [N/A, ]
    [C:\WINDOWS\system32\laixuhz.dll]  [N/A, ]
    [C:\WINDOWS\system32\jemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\eohsom.dll]  [N/A, ]
    [C:\WINDOWS\system32\oqnauhc.dll]  [N/A, ]
    [C:\WINDOWS\system32\zadnew.dll]  [N/A, ]
    [C:\WINDOWS\system32\atgnehz.dll]  [N/A, ]
    [C:\WINDOWS\system32\sve.dll]  [N/A, ]
    [C:\WINDOWS\system32\tsqc.dll]  [N/A, ]
    [C:\WINDOWS\system32\kiluw.dll]  [N/A, ]

[PID: 15996 / Administrator][C:\PROGRAM FILES\WINRAR\WINRAR.EXE]  [N/A, ]
    [C:\WINDOWS\system32\auhad.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijiq.dll]  [N/A, ]
    [C:\WINDOWS\system32\naixuhz.dll]  [N/A, ]
    [C:\WINDOWS\system32\iqnauhc.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\hjxr.dll]  [N/A, ]
    [C:\WINDOWS\system32\naijoad.dll]  [N/A, ]
    [C:\WINDOWS\system32\hjiq.dll]  [N/A, ]
    [C:\WINDOWS\system32\bauhgnem.dll]  [N/A, ]
    [C:\WINDOWS\system32\laixuhz.dll]  [N/A, ]
    [C:\WINDOWS\system32\jemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\eohsom.dll]  [N/A, ]
    [C:\WINDOWS\system32\oqnauhc.dll]  [N/A, ]
    [C:\WINDOWS\system32\zadnew.dll]  [N/A, ]
    [C:\WINDOWS\system32\atgnehz.dll]  [N/A, ]
    [C:\WINDOWS\system32\sve.dll]  [N/A, ]
    [C:\WINDOWS\system32\tsqc.dll]  [N/A, ]
    [C:\WINDOWS\system32\kiluw.dll]  [N/A, ]
    [C:\Program Files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll]  [Nokia, 6, 83, 74, 9]
    [C:\Program Files\Nokia\Nokia PC Suite 6\PCSCM.dll]  [Nokia, 6, 83, 92, 11]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_chi-sc.nlr]  [Nokia, 6, 83, 47, 1]
    [C:\Program Files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr]  [Nokia, 6, 83, 15, 1]
    [C:\Program Files\Windows Live\Messenger\fsshext.8.5.1302.1018.dll]  [Microsoft Corporation, 8.5.1302.1018]
    [C:\WINDOWS\system32\wpdshext.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\PortableDeviceApi.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\Audiodev.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\WSockDrv32.dll]  [N/A, ]
    [C:\WINDOWS\system32\ftvltb.dll]  [N/A, ]
    [C:\WINDOWS\system32\HDDGuard.dll]  [N/A, ]
    [C:\WINDOWS\jegoqmua.dll]  [N/A, ]
    [C:\WINDOWS\wmhyxyxc.dll]  [N/A, ]
    [C:\WINDOWS\system32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
[PID: 8488 / Administrator][C:\WINDOWS\system32\19.exe]  [N/A, ]
    [C:\WINDOWS\system32\auhad.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijiq.dll]  [N/A, ]
    [C:\WINDOWS\system32\naixuhz.dll]  [N/A, ]
    [C:\WINDOWS\system32\iqnauhc.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\hjxr.dll]  [N/A, ]
    [C:\WINDOWS\system32\naijoad.dll]  [N/A, ]
    [C:\WINDOWS\system32\hjiq.dll]  [N/A, ]
    [C:\WINDOWS\system32\bauhgnem.dll]  [N/A, ]
    [C:\WINDOWS\system32\laixuhz.dll]  [N/A, ]
    [C:\WINDOWS\system32\jemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\eohsom.dll]  [N/A, ]
    [C:\WINDOWS\system32\oqnauhc.dll]  [N/A, ]
    [C:\WINDOWS\system32\zadnew.dll]  [N/A, ]
    [C:\WINDOWS\system32\atgnehz.dll]  [N/A, ]
    [C:\WINDOWS\system32\sve.dll]  [N/A, ]
    [C:\WINDOWS\system32\tsqc.dll]  [N/A, ]
    [C:\WINDOWS\system32\kiluw.dll]  [N/A, ]
[PID: 14872 / Administrator][C:\WINDOWS\system32\20.exe]  [N/A, ]
    [C:\WINDOWS\system32\auhad.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijiq.dll]  [N/A, ]
    [C:\WINDOWS\system32\naixuhz.dll]  [N/A, ]
    [C:\WINDOWS\system32\iqnauhc.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\hjxr.dll]  [N/A, ]
    [C:\WINDOWS\system32\naijoad.dll]  [N/A, ]
    [C:\WINDOWS\system32\hjiq.dll]  [N/A, ]
    [C:\WINDOWS\system32\bauhgnem.dll]  [N/A, ]
    [C:\WINDOWS\system32\laixuhz.dll]  [N/A, ]
    [C:\WINDOWS\system32\jemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\eohsom.dll]  [N/A, ]
    [C:\WINDOWS\system32\oqnauhc.dll]  [N/A, ]
    [C:\WINDOWS\system32\zadnew.dll]  [N/A, ]
    [C:\WINDOWS\system32\atgnehz.dll]  [N/A, ]
    [C:\WINDOWS\system32\sve.dll]  [N/A, ]
    [C:\WINDOWS\system32\tsqc.dll]  [N/A, ]
    [C:\WINDOWS\system32\kiluw.dll]  [N/A, ]
[PID: 14476 / Administrator][c:\docume~1\admini~1\locals~1\temp\rar$ex04.782\srengps.exe]  [Smallfrogs Studio, 2.5.16.900]
    [C:\WINDOWS\system32\auhad.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijiq.dll]  [N/A, ]
    [C:\WINDOWS\system32\naixuhz.dll]  [N/A, ]
    [C:\WINDOWS\system32\iqnauhc.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\hjxr.dll]  [N/A, ]
    [C:\WINDOWS\system32\naijoad.dll]  [N/A, ]
    [C:\WINDOWS\system32\hjiq.dll]  [N/A, ]
    [C:\WINDOWS\system32\bauhgnem.dll]  [N/A, ]
    [C:\WINDOWS\system32\laixuhz.dll]  [N/A, ]
    [C:\WINDOWS\system32\jemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\eohsom.dll]  [N/A, ]
    [C:\WINDOWS\system32\oqnauhc.dll]  [N/A, ]
    [C:\WINDOWS\system32\zadnew.dll]  [N/A, ]
    [C:\WINDOWS\system32\atgnehz.dll]  [N/A, ]
    [C:\WINDOWS\system32\sve.dll]  [N/A, ]
    [C:\WINDOWS\system32\tsqc.dll]  [N/A, ]
    [C:\WINDOWS\system32\kiluw.dll]  [N/A, ]
    [C:\WINDOWS\system32\WSockDrv32.dll]  [N/A, ]
    [C:\WINDOWS\system32\ftvltb.dll]  [N/A, ]
    [C:\WINDOWS\system32\HDDGuard.dll]  [N/A, ]
    [C:\WINDOWS\jegoqmua.dll]  [N/A, ]
    [C:\WINDOWS\wmhyxyxc.dll]  [N/A, ]
    [C:\WINDOWS\system32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
    [c:\docume~1\admini~1\locals~1\temp\rar$ex04.782\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
进程特权扫描
特殊特权被允许： SeLoadDriverPrivilege [PID = 6032, C:\PROGRAM FILES\ARRAY NETWORKS\ARRAY SSL VPN\8,1,0,155\ARR_SRVS.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 7032, C:\WINDOWS\FMUGUEMLG.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 7032, C:\WINDOWS\FMUGUEMLG.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 8016, C:\PROGRAM FILES\NVIDIA CORPORATION\NVMIXER\NVMIXERTRAY.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 8404, E:\新建文件夹 (3)\MINIQQLIVE.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 8948, C:\PROGRAM FILES\OCINS\IDNSVR.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 9240, C:\PROGRAM FILES\NOKIA\NOKIA PC SUITE 6\LAUNCHAPPLICATION.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 7696, C:\PROGRAM FILES\NOKIA\NOKIA PC SUITE 6\PCSYNC2.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 7704, C:\PROGRAM FILES\TUDOU\飞速TUDOU\TUDOUVA.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 7424, C:\PROGRAM FILES\PC CONNECTIVITY SOLUTION\SERVICELAYER.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 12388, C:\PROGRAM FILES\COMMON FILES\NOKIA\MPAPI\MPAPI3S.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 13072, C:\PROGRAM FILES\TUDOU\飞速TUDOU\TUDOUVAMONITOR.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 8520, C:\WINDOWS\WMHYXYXC.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 8520, C:\WINDOWS\WMHYXYXC.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 15460, C:\WINDOWS\SYSTEM32\18.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 15996, C:\PROGRAM FILES\WINRAR\WINRAR.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 8488, C:\WINDOWS\SYSTEM32\19.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 14872, C:\WINDOWS\SYSTEM32\20.EXE]

==================================
API HOOK
入口点错误：CreateProcessW (危险等级: 高,  被下面模块所HOOK: C:\WINDOWS\system32\WSockDrv32.dll)

==================================
隐藏进程
N/A

==================================


[/CODE]