杀软被禁用，进程里开机就50多个进程项，未名进程多不胜数，求高手指教

用户系统信息：Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727)

前几天用专杀还提出了一些木马，今天连木马群专杀及修复都不能用了，开机提示加载C：windows\system32\killdll.dll 时出错，内存分配访问无效。

用户系统信息：Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727)

开机时进程项多达90个了，我已经手动关了那些垃圾木马。可一开机还是有

用橙色八月提取，结果内存使用高达100%，进度一直停留在内存程序上

在安全模式下，木马进程依然跳着玩 ，而且关于那个查杀木马群的家伙也不好用了，打不开，说正在被另一个程序使用，完，肯定又是＇进水＇了，另外刚刚一个系统提示，我觉得还是说一下比较好，plugin
run-time error
-2147023838(80070422) automation error the service cannot be started,either beacuse it is disabled or beacuse it has no enabled devices associated with it.

[code]2009-04-08,12:06:32
System Repair Engineer 2.7.1.1261
Smallfrogs (http://www.KZTechs.com)
Windows XP Home Edition Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描
    计划任务
    API HOOK
    隐藏进程

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><; C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
    <LiveUpdate_UIServer><; C:\Program Files\Lenovo\LiveUpdate\UiServer.exe>  []
    <MSMSGS><; "C:\Program Files\Messenger\msmsgs.exe" /background>  [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <MSConfig><C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto>  [(Verified)Microsoft Windows Publisher]
    <a360><; C:\WINDOWS\system32\scvhost.exe>  []
    <360Safebox><; "C:\Program Files\360\360safebox\safeboxTray.exe" /r>  [(Verified)Qizhi Software (beijing) Co. Ltd]
    <360Safetray><; C:\Program Files\360\360Safe\safemon\360tray.exe /start>  [(Verified)Qizhi Software (beijing) Co. Ltd]
    <Alcmtr><; ALCMTR.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <BtTray><; "C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe" -startup>  []
    <cabinetLaunch><; C:\Program Files\lenovo\Lenovo Yangtian Data Security Management\launch.exe>  [Lenovo(Beijing) Company, Ltd.]
    <CCenterIM><; "C:\Program Files\Lenovo\联想通讯中心6.0\CCenterIM.exe" /Auto>  []
    <Ferrari><; C:\WINDOWS\system32\scvhost.exe>  []
    <Funshion><; D:\Program Files\Funshion Online\Funshion\Funshion.exe /tray>  []
    <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Publisher]
    <KBDaemon><; C:\Program Files\Lenovo\联想功能键盘驱动\KBDaemon.exe>  []
    <LenovoTT><; C:\Program Files\Lenovo\Lenovo Trust Technology\LenovoTT.exe>  [skyware]
    <multitray><; C:\Program Files\Lenovo\MultiRecover\loadtray.exe>  [(Verified)"Xi'an Saming Technology Co., Ltd."]
    <NvCplDaemon><; RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <NvMediaCenter><; RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <nwiz><; nwiz.exe /install>  [N/A]
    <PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows Publisher]
    <RavTray><; "C:\Program Files\Rising\Rav\RsTray.exe" -system>  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <RfwMain><; "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [(Verified)Beijing Rising Science and Technology Corporation Limited]
    <RTHDCPL><; RTHDCPL.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <runeip><; "C:\Program Files\Rising\AntiSpyware\rstray.exe" /startup>  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <StartCCC><; C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <qq2983><C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\131796_xeex.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  []
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><kmon.dll>  [(Verified)Beijing Rising Information Technology Corporation Limited]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>  [(Verified)Microsoft Windows XP Publisher]
    <{B70A8AAD-F18A-465E-8240-184DD5845D2D}><C:\WINDOWS\fonts\X7s7xgtP.fon>  [File is missing]
    <{47018D3A-8682-4D30-AC5E-F74B84189AB3}><C:\WINDOWS\fonts\crrp2mDP.fon>  [File is missing]
    <{704C3595-DB85-40F6-A601-8D6F346907BD}><C:\WINDOWS\system32\704C3595.dll>  []
    <{C10D41C6-4D17-4808-87CE-40612862A1BB}><C:\WINDOWS\system32\XR5nPhu9.dll>  []
    <{A1A6BC2E-C6A1-43C1-8884-A31D772F42B8}><C:\WINDOWS\system32\A1A6BC2E.dll>  [File is missing]
    <{028A997C-4262-4107-BD46-2ABBC6143E8C}><C:\WINDOWS\system32\efc0c52cc1.dll>  []
    <{CC0EC2C9-432D-4DCC-91E7-A7C5CEA748D8}><C:\WINDOWS\system32\CC0EC2C9.dll>  [File is missing]
    <{08223B03-1B38-4A33-A83A-A4D3CC1D6E4E}><C:\WINDOWS\system32\08223B03.dll>  []
    <{737858A9-9AEA-4838-9B49-54DA731F7F37}><C:\WINDOWS\system32\BMsg6pdMD4ht.dll>  []
    <{FEACAF74-8D58-42F4-AB39-1CDA51437347}><C:\WINDOWS\system32\etGBJk2YCXnM.dll>  [File is missing]
    <{CC2B89B8-6A27-4D4A-BBBE-D2CD655A47C2}><C:\WINDOWS\system32\d7eb91606b0.dll>  []
    <{A2A0F1E3-5A22-4952-8A3E-25C5E9CFC302}><C:\WINDOWS\system32\MGmdqtJZG47.dll>  [File is missing]
    <{1FB0C5FF-4FA0-49B6-9C16-6E7A15ED3CC2}><C:\WINDOWS\system32\hfbgclff.dll>  [File is missing]
    <{7F90BCCD-8208-418A-AE04-A854328EE6CF}><C:\WINDOWS\system32\nfpgbccd.dll>  [File is missing]
    <{3261172B-A309-4F94-AB03-9105CD41894B}><C:\WINDOWS\system32\jimhhnib.dll>  [File is missing]
    <{1779203F-7B22-403D-A2E7-41B39A65370F}><C:\WINDOWS\system32\hnnpigjf.dll>  [File is missing]
    <{49762F37-EF1F-447D-A27A-967C9520A3F8}><C:\WINDOWS\fonts\sJbQjtY7bc.fon>  [File is missing]
    <{3F8A57D2-00D4-4204-B7A0-91FB4C2446DF}><C:\WINDOWS\system32\jfoalndi.dll>  [File is missing]
    <{3A5700C3-2847-4CBE-A3E5-F0C394690C9A}><C:\WINDOWS\system32\wS0GWMZ.dll>  [File is missing]
    <{DE00760F-DC9F-46C2-9D4E-61B5BB810C51}><C:\WINDOWS\system32\STG4WdmetW2FP.dll>  []
    <{609758CB-54E6-4C21-B57C-3407D9E232E8}><C:\WINDOWS\system32\YbKeaDWhb3vF4pe.dll>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows XP Publisher]
    <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows XP Publisher]
    <WebCheck><C:\WINDOWS\system32\webcheck.dll>  [(Verified)Microsoft Windows]
    <SysTray><C:\WINDOWS\system32\stobject.dll>  [(Verified)Microsoft Windows Publisher]
    <1FB0C5FF><C:\WINDOWS\system32\hfbgclff.dll>  [File is missing]
    <7F90BCCD><C:\WINDOWS\system32\nfpgbccd.dll>  [File is missing]
    <3261172B><C:\WINDOWS\system32\jimhhnib.dll>  [File is missing]
    <1779203F><C:\WINDOWS\system32\hnnpigjf.dll>  [File is missing]
    <3F8A57D2><C:\WINDOWS\system32\jfoalndi.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    <WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    <WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    <WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    <WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    <WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    <WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    <WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    <WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\uklognf]
    <WinlogonNotify: uklognf><uklognf.dll>  [Lenovo Co. LTD]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    <WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
    <IE7 Uninstall Stub><C:\WINDOWS\system32\ieudinit.exe>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
    <Browser Customizations><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    <Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -BaseSettings>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8b15971b-5355-4c82-8c07-7e181ea07608}]
    <Fax><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DrRtp.exe]
    <IFEO[DrRtp.exe]><C:\WINDOWS\system32\svchost.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe]
    <IFEO[egui.exe]><services.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QQDoctor.exe]
    <IFEO[QQDoctor.exe]><C:\WINDOWS\system32\svchost.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RStray.exe]
    <IFEO[RStray.exe]><C:\WINDOWS\system32\svchost.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\System32\logon.scr>  [(Verified)Microsoft Windows Publisher]
==================================
启动文件夹
N/A
==================================
服务
[Application Management / AppMgmt][Stopped/Disabled]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
[Ati HotKey Poller / Ati HotKey Poller][Stopped/Disabled]
  <C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[BlueSoleilCS / BlueSoleilCS][Stopped/Disabled]
  <C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe><>
[BsHelpCS / BsHelpCS][Stopped/Disabled]
  <C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe><>
[CCommWDSSearch / CCommWDSSearch][Stopped/Disabled]

用户系统信息：Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727)

<"C:\Program Files\lenovo\联想通讯中心6.0\CCommWDSSearch.exe"><TODO: <公司名>>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[IGRS / IGRS][Stopped/Disabled]
  <"C:\Program Files\Common Files\Lenovo Shared\AnyComm\IGRS.exe"><联想集团有限公司>
[lenovo live update / Lenovo Upgrade Service.bis.release][Stopped/Disabled]
  <C:\Program Files\lenovo\LiveUpdate\liveupdate.exe><新思软件技术有限公司>
[NVIDIA Display Driver Service / NVSvc][Stopped/Disabled]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[OKAV Agent Service / OKAV Agent Service][Stopped/Disabled]
  <C:\Program Files\Trend Micro\OKAVAgent\OKAVAgent.exe><Trend Micro Inc.>
[Rav Process Communication Center / RavCCenter][Stopped/Disabled]
  <C:\Program Files\Rising\Rav\CCENTER.EXE><Beijing Rising Information Technology Co., Ltd.>
[Rising RavTask Manager / RavTask][Stopped/Disabled]
  <"C:\Program Files\Rising\Rav\RavTask.exe" RavTask><Beijing Rising Information Technology Co., Ltd.>
[Rising Proxy  Service / RfwProxySrv][Stopped/Disabled]
  <c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Stopped/Disabled]
  <c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Stopped/Disabled]
  <C:\Program Files\Rising\Rav\RavMonD.exe><Beijing Rising Information Technology Co., Ltd.>
[Rising Scan Service / RsScanSrv][Stopped/Disabled]
  <C:\Program Files\Rising\Rav\ScanFrm.exe><Beijing Rising Information Technology Co., Ltd.>
[Lenovo file service / secsvr][Stopped/Disabled]
  <C:\WINDOWS\secsvr.exe><Lenovo Co. LTD>
[system privilege agent / sysagent][Stopped/Disabled]
  <C:\WINDOWS\system32\sysagent.exe><lenovo>
[Lenovo auto login helper / usblogon][Stopped/Disabled]
  <C:\WINDOWS\usblogon.exe><Lenovo Co. LTD>
==================================
驱动程序
[Microsoft Kernel Acoustic Echo Canceller / aec][Stopped/Manual Start]
  <system32\drivers\aec.sys><N/A>
[AliIde / AliIde][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AMD AGP Bus Filter Driver / amdagp][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\amdagp.sys><Advanced Micro Devices, Inc.>
[asc / asc][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\asc.sys><Advanced System Products, Inc.>
[asc3550 / asc3550][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\asc3550.sys><Advanced System Products, Inc.>
[RAS Asynchronous Media Driver / AsyncMac][Stopped/Manual Start]
  <system32\DRIVERS\asyncmac.sys><N/A>
[ati2mtag / ati2mtag][Stopped/Manual Start]
  <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[BdGuard / BdGuard][Running/Boot Start]
  <\SystemRoot\system32\drivers\BDGuard.SYS><>
[Bluetooth Audio Service / BlueletAudio][Stopped/Manual Start]
  <system32\DRIVERS\blueletaudio.sys><IVT Corporation.>
[Bluetooth SCO Audio Service / BlueletSCOAudio][Stopped/Manual Start]
  <system32\DRIVERS\BlueletSCOAudio.sys><IVT Corporation.>
[BREGDRV / BREGDRV][Stopped/Manual Start]
  <\??\D:\TDDOWNLOAD\BREGDRV.sys><N/A>
[Bluetooth PAN Network Adapter / BT][Stopped/Manual Start]
  <system32\DRIVERS\btnetdrv.sys><IVT Corporation.>
[Bluetooth HID Enumerator / BTHidEnum][Running/Boot Start]
  <\SystemRoot\System32\Drivers\vbtenum.sys><IVT Corporation.>
[Bluetooth HID Manager Service / BTHidMgr][Running/Boot Start]
  <\SystemRoot\System32\Drivers\BTHidMgr.sys><IVT Corporation.>
[CmdIde / CmdIde][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[dac2w2k / dac2w2k][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\dac2w2k.sys><Mylex Corporation>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[hookcont / hookcont][Stopped/System Start]
  <system32\drivers\HookCont.sys><Beijing Rising Information Technology Co., Ltd.>
[hooksys / hooksys][Stopped/System Start]
  <system32\drivers\HookSys.sys><Beijing Rising Information Technology Co., Ltd.>
[HookUrl / HookUrl][Stopped/Auto Start]
  <\??\C:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Stopped/Manual Start]
  <system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[mraid35x / mraid35x][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\mraid35x.sys><American Megatrends Inc.>
[nv / nv][Stopped/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[pcidump / pcidump][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\pcidump.sys><N/A>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[ql1080 / ql1080][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\ql1080.sys><QLogic Corporation>
[ql12160 / ql12160][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\ql12160.sys><QLogic Corporation>
[ql1280 / ql1280][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\ql1280.sys><QLogic Corporation>
[Rising  Rfwbase Driver / RfwBase][Stopped/Auto Start]
  <System32\DRIVERS\rfwbase.SYS><Beijing Rising Technology Co., Ltd.>
[RsFwDrv / RsFwDrv][Stopped/System Start]
  <\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Information Technology Co., Ltd.>
[rspp / rspp][Stopped/System Start]
  <\??\C:\WINDOWS\system32\Drivers\Rspp.sys><Beijing Rising Information Technology Co., Ltd.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[SafeBoxKrnl / SafeBoxKrnl][Stopped/System Start]
  <\??\C:\WINDOWS\system32\drivers\SafeBoxKrnl.sys><360安全中心>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[SIS AGP Bus Filter / sisagp][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\sisagp.sys><Silicon Integrated Systems Corporation>
[Sparrow / Sparrow][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\sparrow.sys><Adaptec, Inc.>
[symc810 / symc810][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\symc810.sys><Symbios Logic Inc.>
[symc8xx / symc8xx][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\symc8xx.sys><LSI Logic>
[sym_hi / sym_hi][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\sym_hi.sys><LSI Logic>
[sym_u3 / sym_u3][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\sym_u3.sys><LSI Logic>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[ultra / ultra][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\ultra.sys><Promise Technology, Inc.>
[UPDATEDATA / UPDATEDATA][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\acpiec.sys><N/A>
[Virtual Serial port driver / VComm][Stopped/Manual Start]
  <system32\DRIVERS\VComm.sys><IVT Corporation.>
[Bluetooth VComm Manager Service / VcommMgr][Stopped/Manual Start]
  <System32\Drivers\VcommMgr.sys><IVT Corporation.>
[VDProtect / VDProtect][Stopped/System Start]
  <\SystemRoot\system32\drivers\VDProtect.sys><Lenovo>
[NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller / yukonwxp][Running/Manual Start]
  <system32\DRIVERS\yk51x86.sys><Marvell>
[zx / zx][Stopped/Manual Start]
  <\??\C:\DOCUME~1\lenovo\LOCALS~1\Temp\~bc80.tmp><N/A>
==================================
浏览器加载项
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[BandIE Class]
  {77FEF28E-EB96-44FF-B511-3185DEA48697} <C:\PROGRA~1\baidu\bar\baidubar.dll, (Signed) Baidu.com, Inc.>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[卡卡上网安全助手]
  {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} <C:\WINDOWS\system32\UrlFilter.dll, (Signed) Beijing Rising Information Technology Co., Ltd.>
[SafeMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360\360Safe\safemon\safemon.dll, (Signed) 360.CN>
[Windows Live Toolbar Helper]
  {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, (Signed) Microsoft Corporation>
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, (Signed) Thunder Networking Technologies,LTD>
[联想]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.lenovo.com, N/A>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, (Signed) Microsoft Corporation>
[Windows Live Toolbar]
  {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, (Signed) Microsoft Corporation>
[百度工具栏]
  {B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\PROGRA~1\baidu\bar\baidubar.dll, (Signed) Baidu.com, Inc.>
[AxSubmitControl Class]
  {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\DOWNLO~1\SUBMIT~1.DLL, >
[]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <, >
[]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <, >
[360SafeLive]
  {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360\360Safe\live.dll, (Signed) 360.cn>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, (Signed) Adobe Systems, Inc.>
[]
  {FB5F1910-F110-11D2-BB9E-00C04F795683} <, >
==================================
正在运行的进程
[PID: 524][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 580][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 604][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Ati2evxx.dll]  [ATI Technologies Inc., 6.14.10.4162]
    [C:\WINDOWS\system32\uklognf.dll]  [Lenovo Co. LTD, 1, 0, 0, 1]
    [C:\WINDOWS\system32\mangdrive.dll]  [Lenovo Co. LTD, 1, 0, 0, 1]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
    [C:\WINDOWS\fonts\gth16502.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth19506.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth24504.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth26507.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth30511.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth33503.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth39513.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth41501.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth43508.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth60335.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth62333.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth68327.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth77327.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth80327.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth83325.ttf]  [N/A, ]
[PID: 648][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 660][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 800][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
    [C:\WINDOWS\fonts\gth16502.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth19506.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth24504.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth26507.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth30511.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth33503.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth39513.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth41501.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth43508.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth60335.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth62333.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth68327.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth77327.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth80327.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth83325.ttf]  [N/A, ]
[PID: 904][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
    [C:\WINDOWS\fonts\gth16502.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth19506.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth24504.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth26507.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth30511.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth33503.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth39513.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth41501.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth43508.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth60335.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth62333.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth68327.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth77327.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth80327.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth83325.ttf]  [N/A, ]
[PID: 1168][C:\WINDOWS\system32\userinit.exe]  [N/A, ]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
    [C:\WINDOWS\fonts\gth16502.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth19506.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth24504.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth26507.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth30511.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth33503.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth39513.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth41501.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth43508.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth60335.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth62333.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth68327.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth77327.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth80327.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth83325.ttf]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\msdfjsadfjd.dat]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\jxinit.dat]  [N/A, ]
    [C:\WINDOWS\system32\STG4WdmetW2FP.dll]  [N/A, ]
[PID: 1192][C:\WINDOWS\explorer.exe]  [N/A, ]
    [C:\WINDOWSupdate.dll]  [N/A, ]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\jxinit.dat]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\msdfjsadfjd.dat]  [N/A, ]
    [C:\WINDOWS\fonts\gth16502.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth19506.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth24504.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth26507.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth30511.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth33503.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth39513.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth41501.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth43508.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth60335.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth62333.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth68327.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth77327.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth80327.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth83325.ttf]  [N/A, ]
    [C:\WINDOWS\system32\STG4WdmetW2FP.dll]  [N/A, ]
[PID: 1292][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
    [C:\WINDOWS\fonts\gth16502.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth19506.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth24504.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth26507.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth30511.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth33503.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth39513.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth41501.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth43508.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth60335.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth62333.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth68327.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth77327.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth80327.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth83325.ttf]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\jxinit.dat]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\msdfjsadfjd.dat]  [N/A, ]
    [C:\WINDOWS\system32\d7eb91606b0.dll]  [N/A, ]
    [C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\efc0c52cc1.dll]  [N/A, ]
    [C:\WINDOWS\system32\XR5nPhu9.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
    [C:\WINDOWS\system32\STG4WdmetW2FP.dll]  [N/A, ]
[PID: 1376][C:\WINDOWS\temp\explorer.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
    [C:\WINDOWS\fonts\gth16502.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth19506.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth24504.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth26507.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth30511.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth33503.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth39513.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth41501.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth43508.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth60335.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth62333.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth68327.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth77327.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth80327.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth83325.ttf]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\msdfjsadfjd.dat]  [N/A, ]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\jxinit.dat]  [N/A, ]
    [C:\WINDOWS\system32\nvcpl.dll]  [NVIDIA Corporation, 6.14.10.7184]
    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll]  [, 2, 0, 0, 0]
    [C:\WINDOWS\system32\STG4WdmetW2FP.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
    [C:\WINDOWS\system32\XR5nPhu9.dll]  [N/A, ]
    [C:\WINDOWS\system32\efc0c52cc1.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
    [C:\WINDOWS\system32\d7eb91606b0.dll]  [N/A, ]
    [C:\WINDOWS\system32\YbKeaDWhb3vF4pe.dll]  [N/A, ]
    [C:\WINDOWS\system32\ucabinet.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\mangdrive.dll]  [Lenovo Co. LTD, 1, 0, 0, 1]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
[PID: 192][C:\WINDOWS\system32\taskmgr.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]

[C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\jxinit.dat]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\msdfjsadfjd.dat]  [N/A, ]
    [C:\WINDOWS\fonts\gth16502.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth19506.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth24504.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth26507.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth30511.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth33503.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth39513.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth41501.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth43508.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth60335.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth62333.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth68327.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth77327.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth80327.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth83325.ttf]  [N/A, ]
    [C:\WINDOWS\system32\STG4WdmetW2FP.dll]  [N/A, ]
    [C:\WINDOWS\system32\d7eb91606b0.dll]  [N/A, ]
    [C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\efc0c52cc1.dll]  [N/A, ]
    [C:\WINDOWS\system32\XR5nPhu9.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
[PID: 900][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
    [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll]  [Microsoft Corporation, 5.1.3102.5581 (xpsp_sp3_qfe.080415-1416)]
    [C:\WINDOWS\fonts\gth16502.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth19506.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth24504.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth26507.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth30511.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth33503.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth39513.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth41501.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth43508.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth60335.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth62333.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth68327.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth77327.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth80327.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth83325.ttf]  [N/A, ]
    [C:\WINDOWS\system32\d7eb91606b0.dll]  [N/A, ]
    [C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\efc0c52cc1.dll]  [N/A, ]
    [C:\WINDOWS\system32\XR5nPhu9.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
    [C:\WINDOWS\system32\STG4WdmetW2FP.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\jxinit.dat]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\msdfjsadfjd.dat]  [N/A, ]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.67]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 120]
    [C:\WINDOWS\system32\YbKeaDWhb3vF4pe.dll]  [N/A, ]
[PID: 1360][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
    [C:\WINDOWS\system32\d7eb91606b0.dll]  [N/A, ]
    [C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\efc0c52cc1.dll]  [N/A, ]
    [C:\WINDOWS\system32\XR5nPhu9.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
    [C:\WINDOWS\system32\STG4WdmetW2FP.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\jxinit.dat]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\msdfjsadfjd.dat]  [N/A, ]
    [C:\WINDOWS\fonts\gth16502.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth19506.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth24504.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth26507.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth30511.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth33503.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth39513.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth41501.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth43508.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth60335.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth62333.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth68327.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth77327.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth80327.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth83325.ttf]  [N/A, ]
[PID: 548][C:\Program Files\Thunder Network\Thunder\Program\Thunder5.exe]  [Thunder Networking Technologies,LTD, 5.8.9.662]
    [C:\Program Files\Thunder Network\Thunder\Program\BugReport.dll]  [Thunder Networking Technologies,LTD, 1, 4, 1, 20]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
    [C:\Program Files\Thunder Network\Thunder\Program\TaskManager.dll]  [Thunder Networking Technologies,LTD, 1, 3, 10, 73]
    [C:\Program Files\Thunder Network\Thunder\Program\download_interface.dll]  [Thunder Networking Technologies,LTD, 3, 4, 2, 333]
    [C:\Program Files\Thunder Network\Thunder\Program\mp.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 5]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Thunder Network\Thunder\Program\asyn_frame.dll]  [Thunder Networking Technologies,LTD, 1, 3, 2, 32]
    [C:\Program Files\Thunder Network\Thunder\Program\ATL71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Thunder Network\Thunder\Program\XLNet.Dll]  [Thunder Networking Technologies,LTD, 1, 5, 2, 25]
    [C:\Program Files\Thunder Network\Thunder\Program\BHOStub.dll]  [Thunder Networking Technologies,LTD, 1, 1, 1, 12]
    [C:\Program Files\Thunder Network\Thunder\Components\DownAndPlay\DownAndPlay.dll]  [, 1, 0, 12, 30]
    [C:\Program Files\Thunder Network\Thunder\Program\backend_agent.dll]  [Thunder Networking Technologies,LTD, 1, 1, 2, 27]
    [C:\Program Files\Thunder Network\Thunder\Program\zlib1.dll]  [, 1.2.3]
    [C:\WINDOWS\fonts\gth16502.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth19506.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth24504.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth26507.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth30511.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth33503.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth39513.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth41501.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth43508.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth60335.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth62333.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth68327.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth77327.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth80327.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth83325.ttf]  [N/A, ]
    [C:\WINDOWS\system32\d7eb91606b0.dll]  [N/A, ]
    [C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\efc0c52cc1.dll]  [N/A, ]
    [C:\WINDOWS\system32\XR5nPhu9.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
    [C:\WINDOWS\system32\STG4WdmetW2FP.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\jxinit.dat]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\msdfjsadfjd.dat]  [N/A, ]
    [C:\Program Files\Thunder Network\Thunder\Program\p2sp.dll]  [Thunder Networking Technologies,LTD, 1, 1, 2, 59]
    [C:\Program Files\Thunder Network\Thunder\Program\fs.dll]  [Thunder Networking Technologies,LTD, 1, 1, 2, 17]
    [C:\Program Files\Thunder Network\Thunder\Program\down_dispatcher.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 42]
    [C:\Program Files\Thunder Network\Thunder\Program\ptl.dll]  [Thunder Networking Technologies,LTD, 3, 2, 2, 55]
    [C:\Program Files\Thunder Network\Thunder\Program\dl_peer_id.dll]  [Thunder Networking Technologies,LTD, 3, 1, 2, 4]
    [C:\Program Files\Thunder Network\Thunder\Program\xl_stat.dll]  [, 1, 0, 2, 7]
    [C:\Program Files\Thunder Network\Thunder\Program\p2p_network_com.dll]  [, 1, 0, 2, 25]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.67]
    [C:\Program Files\Thunder Network\Thunder\Program\iTargetAD.dll]  [Thunder Networking Technologies,LTD, 1, 0, 4, 35]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [C:\Program Files\Thunder Network\Thunder\Program\p2p.dll]  [Thunder Networking Technologies,LTD, 1,1,2,48]
    [C:\Program Files\Thunder Network\Thunder\Program\p2p_upload.dll]  [Thunder Networking Technologies,LTD, 1,1,2,13]
    [C:\Program Files\Thunder Network\Thunder\Program\xldc.dll]  [Thunder Networking Technologies,LTD, 4, 0, 2, 28]
    [C:\Program Files\Thunder Network\Thunder\Program\stream.dll]  [ShenZhen Thunder Networking Technologies,Ltd., 2, 1, 2, 1025]
    [C:\Program Files\Thunder Network\Thunder\Program\p2p_local_res.dll]  [Thunder Networking Technologies,LTD, 1,1,2,18]
    [C:\Program Files\Thunder Network\Thunder\Program\al.dll]  [Thunder Networking Technologies,LTD, 1,1,2,31]
    [C:\Program Files\Thunder Network\Thunder\Program\media_data.dll]  [, 1, 0, 2, 7]
    [C:\Program Files\Thunder Network\Thunder\Program\sl.dll]  [Thunder Networking Technologies,LTD, 1.0.2.2]
    [C:\Program Files\Thunder Network\Thunder\Program\p2sp_pd.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 5]
    [C:\Program Files\Thunder Network\Thunder\Components\InMedia\iEmbedShell.dll]  [　, 3, 4, 11, 118]
    [C:\Program Files\Thunder Network\Thunder\Components\InMedia\iEmbed20.dll]  [Thunder Networking Technologies,LTD, 3, 4, 11, 118]
    [C:\Program Files\Thunder Network\Thunder\Components\InMedia\XLIPC.DLL]  [Thunder Networking Technologies,LTD, 1, 0, 0, 2]
    [C:\Program Files\Thunder Network\Thunder\Program\xldcsubtask.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 13]
    [C:\Program Files\Thunder Network\Thunder\Program\emule_id.dll]  [, 1, 0, 2, 12]
    [C:\Program Files\Thunder Network\Thunder\Components\P4PClient\P4PClient.dll]  [Thunder Networking Technologies,LTD, 2, 2, 5, 70]
    [C:\Program Files\Thunder Network\Thunder\Components\Community\XLCommunity.dll]  [Thunder Networking Technologies,LTD, 2, 6, 0, 104]
    [C:\Program Files\Thunder Network\Thunder\Program\RegisterDll.dll]  [Thunder Networking Technologies,LTD, 2, 17, 0, 67]
    [C:\Program Files\Thunder Network\Thunder\Program\MSVCIRT.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Thunder Network\Thunder\Program\XLNetU.Dll]  [Thunder Networking Technologies,LTD, 1, 5, 1, 24]
    [C:\Program Files\Thunder Network\Thunder\Program\imdt.dll]  [Thunder Networking Technologies,LTD, 1.2.0.21]
    [C:\Program Files\Thunder Network\Thunder\Components\Security\ThunderSafe.dll]  [Xunlei Networking Technologies,LTD, 2, 1, 8, 106]
    [C:\Program Files\Thunder Network\Thunder\Components\Security\ConfigManager.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 0, 1]
    [C:\Program Files\Thunder Network\Thunder\Components\Security\SafeManager.dll]  [Xunlei Networking Technologies,LTD, 1, 0, 5, 20]
    [C:\Program Files\Thunder Network\Thunder\Components\Security\SafeStatistic.dll]  [Xunlei Networking Technologies,LTD, 1, 0, 0, 1]

[C:\Program Files\Thunder Network\Thunder\Plugins\XLSafeHost\XLSafeHost.dll]  [深圳市迅雷网络技术有限公司, 1, 2, 19, 106]
    [C:\Program Files\Thunder Network\Thunder\Components\InMedia\MediaAddin18.dll]  [Thunder Networking Technologies,LTD, 3, 1, 6, 81]
    [C:\Program Files\Thunder Network\Thunder\Components\Search\XLSearch.dll]  [Thunder Networking Technologies,LTD, 1, 1, 7, 25]
    [C:\Program Files\Thunder Network\Thunder\Program\LiveUpdate.dll]  [Thunder Networking Technologies,LTD, 1, 2, 4, 26]
    [C:\Program Files\Thunder Network\Thunder\Plugins\NetGame\XLNetGame.dll]  [, 1, 0, 0, 2]
    [C:\Program Files\Thunder Network\Thunder\Components\XLSoftBase\DrThunderHost.dll]  [深圳市迅雷网络技术有限公司, 1.0.0.17]
    [C:\Program Files\Thunder Network\Thunder\Components\XLSoftBase\DrKernel.dll]  [深圳市迅雷网络技术有限公司, 1.0.0.8]
    [C:\Program Files\Thunder Network\Thunder\Components\XLSoftBase\DrSoftIdentifier.dll]  [深圳市迅雷网络技术有限公司, 1.0.0.10]
    [C:\Program Files\Thunder Network\Thunder\Components\XLSoftBase\DrUpdate.dll]  [深圳市迅雷网络技术有限公司, 1.1.0.8]
    [C:\Program Files\Thunder Network\Thunder\Components\ExplorerHelper\ExplorerHelper.dll]  [Thunder Networking Technologies,LTD, 1, 0, 4, 26]
    [C:\Program Files\Thunder Network\Thunder\Components\Tips\TipsClient.dll]  [Thunder Networking Technologies,LTD, 3, 0, 2, 131]
    [C:\Program Files\Thunder Network\Thunder\Components\Tips\XLSkin.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 2]
    [C:\Program Files\Thunder Network\Thunder\Components\VPSHELL\VPSHELL.dll]  [迅雷网络, 4, 0, 0, 38]
    [C:\WINDOWS\system32\YbKeaDWhb3vF4pe.dll]  [N/A, ]
    [C:\Program Files\Thunder Network\Thunder\Components\UserExperience\UserExperience.dll]  [Thunder Networking Technologies,LTD, 1, 0, 3, 5]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsXlCom.dll]  [, 1, 0, 0, 30]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\MediaWorker.dll]  [Thunder Networking Technologies,LTD, 1, 2, 0, 22]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [C:\Program Files\Thunder Network\Thunder\Components\DownloadStat\DownloadStat.dll]  [Thunder Networking Technologies,LTD, 1, 4, 1, 6]
    [C:\Program Files\Thunder Network\Thunder\Program\bd.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 20]
    [C:\Program Files\Thunder Network\Thunder\Components\Tips\XLIPC.DLL]  [Thunder Networking Technologies,LTD, 1, 0, 0, 2]
[PID: 1000][D:\TDDOWNLOAD\sreng2\SREngLdr.EXE]  [Smallfrogs Studio, 2.7.1.1261]
[PID: 988][D:\TDDOWNLOAD\sreng2\SREe381f2a3.EXE]  [Smallfrogs Studio, 2.7.1.1261]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
    [C:\WINDOWS\system32\d7eb91606b0.dll]  [N/A, ]
    [C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\efc0c52cc1.dll]  [N/A, ]
    [C:\WINDOWS\system32\XR5nPhu9.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
    [C:\WINDOWS\system32\STG4WdmetW2FP.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\jxinit.dat]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\msdfjsadfjd.dat]  [N/A, ]
    [C:\WINDOWS\fonts\gth16502.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth19506.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth24504.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth26507.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth30511.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth33503.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth39513.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth41501.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth43508.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth60335.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth62333.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth68327.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth77327.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth80327.ttf]  [N/A, ]
    [C:\WINDOWS\fonts\gth83325.ttf]  [N/A, ]
    [D:\TDDOWNLOAD\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
[PID: 332][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1      v.onondown.com.cn
127.0.0.2      ymsdasdw1.cn
127.0.0.3      h96b.info
127.0.0.0      xxx.zttwp.cn
127.0.0.0      www.hackerbf.cn
127.0.0.0      geekbyfeng.cn
127.0.0.0      121.14.101.68
127.0.0.0      ppp.etimes888.com
127.0.0.0      www.bypk.com
127.0.0.0      CSC3-2004-crl.verisign.com
127.0.0.1      va9sdhun23.cn
127.0.0.0      udp.hjob123.com
127.0.0.2      bnasnd83nd.cn
127.0.0.0      www.gamehacker.com.cn
127.0.0.0      gamehacker.com.cn
127.0.0.3      adlaji.cn
127.0.0.1      858656.com
127.1.1.1      bnasnd83nd.cn
127.0.0.1      my123.com
127.0.0.0      user1.12-27.net
127.0.0.1      8749.com
127.0.0.0      fengent.cn
127.0.0.1      4199.com
127.0.0.1      user1.16-22.net
127.0.0.1      7379.com
127.0.0.1      2be37c5f.3f6e2cc5f0b.com
127.0.0.1      7255.com
127.0.0.1      user1.23-12.net
127.0.0.1      3448.com
127.0.0.1      www.guccia.net
127.0.0.1      7939.com
127.0.0.1      a.o1o1o1.nEt
127.0.0.1      8009.com
127.0.0.1      user1.12-73.cn
127.0.0.1      piaoxue.com
127.0.0.1      3n8nlasd.cn
127.0.0.1      kzdh.com
127.0.0.0      www.sony888.cn
127.0.0.1      about.blank.la
127.0.0.0      user1.asp-33.cn
127.0.0.1      6781.com
127.0.0.0      www.netkwek.cn
127.0.0.1      7322.com
127.0.0.0      ymsdkad6.cn
127.0.0.1      localhost
127.0.0.0      www.lkwueir.cn
127.0.0.1      06.jacai.com
127.0.1.1      user1.23-17.net
127.0.0.1      1.jopenkk.com
127.0.0.0      upa.luzhiai.net
127.0.0.1      1.jopenqc.com
127.0.0.0      www.guccia.net
127.0.0.1      1.joppnqq.com
127.0.0.0      4m9mnlmi.cn
127.0.0.1      1.xqhgm.com
127.0.0.0      mm119mkssd.cn
127.0.0.1      100.332233.com
127.0.0.0      61.128.171.115:8080
127.0.0.1      121.11.90.79
127.0.0.0      www.1119111.com
127.0.0.1      121565.net
127.0.0.0      win.nihao69.cn
127.0.0.1      125.90.88.38
127.0.0.1      16888.6to23.com
127.0.0.1      2.joppnqq.com
127.0.0.0      puc.lianxiac.net
127.0.0.1      204.177.92.68
127.0.0.0      pud.lianxiac.net
127.0.0.1      210.74.145.236
127.0.0.0      210.76.0.133
127.0.0.1      219.129.239.220
127.0.0.0      61.166.32.2
127.0.0.1      219.153.40.221
127.0.0.0      218.92.186.27
127.0.0.1      219.153.46.27
127.0.0.0      www.fsfsfag.cn
127.0.0.1      219.153.52.123
127.0.0.0      ovo.ovovov.cn
127.0.0.1      221.195.42.71
127.0.0.0      dw.com.com
127.0.0.1      222.73.218.115
127.0.0.1      203.110.168.233:80
127.0.0.1      3.joppnqq.com
127.0.0.1      203.110.168.221:80
127.0.0.1      363xx.com
127.0.0.1      www1.ip10086.com.cm
127.0.0.1      4199.com
127.0.0.1      blog.ip10086.com.cn
127.0.0.1      43242.com
127.0.0.1      www.ccji68.cn
127.0.0.1      5.xqhgm.com
127.0.0.0      t.myblank.cn
127.0.0.1      520.mm5208.com
127.0.0.0      x.myblank.cn
127.0.0.1      59.34.131.54
127.0.0.1      210.51.45.5
127.0.0.1      59.34.198.228
127.0.0.1      www.ew1q.cn
127.0.0.1      59.34.198.88
127.0.0.1      59.34.198.97
127.0.0.1      60.190.114.101
127.0.0.1      60.190.218.34
127.0.0.0      qq-xing.com.cn
127.0.0.1      60.191.124.252
127.0.0.1      61.145.117.212
127.0.0.1      61.157.109.222
127.0.0.1      75.126.3.216
127.0.0.1      75.126.3.217
127.0.0.1      75.126.3.218
127.0.0.0      59.125.231.177:17777
127.0.0.1      75.126.3.220
127.0.0.1      75.126.3.221
127.0.0.1      75.126.3.222
127.0.0.1      772630.com
127.0.0.1      832823.cn
127.0.0.1      8749.com
127.0.0.1      888.jopenqc.com
127.0.0.1      89382.cn
127.0.0.1      8v8.biz
127.0.0.1      97725.com
127.0.0.1      9gg.biz
127.0.0.1      www.9000music.com
127.0.0.1      test.591jx.com
127.0.0.1      a.topxxxx.cn
127.0.0.1      picon.chinaren.com
127.0.0.1      www.5566.net
127.0.0.1      p.qqkx.com
127.0.0.1      news.netandtv.com
127.0.0.1      z.neter888.cn
127.0.0.1      b.myblank.cn
127.0.0.1      wvw.wokutu.com
127.0.0.1      unionch.qyule.com
127.0.0.1      www.qyule.com
127.0.0.1      it.itjc.cn
127.0.0.1      www.linkwww.com
127.0.0.1      vod.kaicn.com
127.0.0.1      www.tx8688.com
127.0.0.1      b.neter888.cn
127.0.0.1      promote.huanqiu.com
127.0.0.1      www.huanqiu.com
127.0.0.1      www.haokanla.com
127.0.0.1      play.unionsky.cn
127.0.0.1      www.52v.com
127.0.0.1      www.gghka.cn
127.0.0.1      icon.ajiang.net
127.0.0.1      new.ete.cn
127.0.0.1      www.stiae.cn
127.0.0.1      o.neter888.cn
127.0.0.1      comm.jinti.com
127.0.0.1      www.google-analytics.com
127.0.0.1      hz.mmstat.com
127.0.0.1      www.game175.cn
127.0.0.1      x.neter888.cn
127.0.0.1      z.neter888.cn
127.0.0.1      p.etimes888.com
127.0.0.1      hx.etimes888.com
127.0.0.1      abc.qqkx.com
127.0.0.1      dm.popdm.cn
127.0.0.1      www.yl9999.com
127.0.0.1      www.dajiadoushe.cn
127.0.0.1      v.onondown.com.cn
127.0.0.1      www.interoo.net
127.0.0.1      bally1.bally-bally.net
127.0.0.1      www.bao5605509.cn
127.0.0.1      www.rty456.cn
127.0.0.1      www.werqwer.cn
127.0.0.1      1.360-1.cn
127.0.0.1      user1.23-16.net
127.0.0.1      www.guccia.net
127.0.0.1      www.interoo.net
127.0.0.1      upa.netsool.net
127.0.0.1      js.users.51.la
127.0.0.1      vip2.51.la
127.0.0.1      web.51.la
127.0.0.1      qq.gong2008.com
127.0.0.1      2008tl.copyip.com
127.0.0.1      tla.laozihuolaile.cn
127.0.0.1      www.tx6868.cn
127.0.0.1      p001.tiloaiai.com
127.0.0.1      s1.tl8tl.com
127.0.0.1      s1.gong2008.com
127.0.0.1      4b3ce56f9g.3f6e2cc5f0b.com
127.0.0.1      2be37c5f.3f6e2cc5f0b.com
==================================
进程特权扫描
特殊特权被允许： SeDebugPrivilege [PID = 1192, C:\WINDOWS\EXPLORER.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 1376, C:\WINDOWS\TEMP\EXPLORER.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1376, C:\WINDOWS\TEMP\EXPLORER.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 1000, D:\TDDOWNLOAD\SRENG2\SRENGLDR.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1000, D:\TDDOWNLOAD\SRENG2\SRENGLDR.EXE]
==================================
计划任务
[已启用] 查看 Windows Live Toolbar 更新.job
        C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
==================================
API HOOK
N/A
==================================
隐藏进程
N/A
==================================[/code]

大中午的都去吃饭了？斑竹们都哪去了？