[d:\Thunder\Components\ResWorker\DSIeHelper.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 2]
    [d:\Thunder\Components\ResWorker\DataProcessor.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 1]
    [C:\WINDOWS\system32\ieapfltr.dll]  [Microsoft Corporation, 7.0.6000.16461]
    [C:\WINDOWS\system32\msfeeds.dll]  [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [D:\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\GOOGLEPINYIN.IME]  [Google Inc., ]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
[PID: 472][d:\Thunder\Program\Thunder5.exe]  [Thunder Networking Technologies,LTD, 5, 6, 1, 292]
    [d:\Thunder\Program\TaskManager.dll]  [Thunder Networking Technologies,LTD, 1, 1, 0, 20]
    [d:\Thunder\Program\download_interface.dll]  [Thunder Networking Technologies,LTD, 2, 14, 2, 77]
    [d:\Thunder\Program\stlport_vc646.dll]  [STLport Consulting, Inc., 4.6.2003.1031]
    [d:\Thunder\Program\asyn_dns.dll]  [Thunder Networking Technologies,LTD, 2, 14, 2, 77]
    [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
    [d:\Thunder\Program\BHOStub.dll]  [Thunder Networking Technologies,LTD, 1, 1, 0, 8]
    [d:\Thunder\Components\DownAndPlay\DownAndPlay.dll]  [, 1, 0, 0, 2]
    [D:\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [d:\Thunder\Program\iTargetAD.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 26]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\ieframe.dll]  [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
    [d:\Thunder\Components\InMedia\iEmbedShell.dll]  [　, 1, 0, 0, 17]
    [d:\Thunder\Components\Community\XLCommunity.dll]  [Thunder Networking Technologies,LTD, 1, 0, 8, 30]
    [d:\Thunder\Program\LiveUpdate.dll]  [Thunder Networking Technologies,LTD, 1, 1, 1, 20]
    [d:\Thunder\Components\Search\XLSearch.dll]  [Thunder Networking Technologies,LTD, 1, 1, 1, 10]
    [d:\Thunder\Components\P4PClient\P4PClient.dll]  [Thunder Networking Technologies,LTD, 2, 2, 1, 46]
    [d:\Thunder\Components\DiagnoseHelper\DiagnoseHelper.dll]  [Thunder Networking Technologies,LTD, 1, 1, 1, 16]
    [d:\Thunder\Components\ExplorerHelper\ExplorerHelper.dll]  [Thunder Networking Technologies,LTD, 1, 0, 4, 15]
    [d:\Thunder\Components\Tips\TipsClient.dll]  [Thunder Networking Technologies,LTD, 2, 1, 3, 58]
    [d:\Thunder\Components\VPSHELL\VPSHELL.dll]  [XunLei, 1, 2, 0, 8]
    [d:\Thunder\Components\UserExperience\UserExperience.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 1]
    [d:\Thunder\Components\ResWorker\DsXlCom.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 4]
    [d:\Thunder\Components\InMedia\iEmbed09.dll]  [　, 3, 3, 0, 80]
    [d:\Thunder\Program\RegisterDll.dll]  [Thunder Networking Technologies,LTD, 2, 13, 2, 61]
    [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\PDM.DLL]  [Microsoft Corporation, 7.00.9466]
    [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\2052\mdmui.dll]  [Microsoft Corporation, 7.00.9466]
    [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MSDBG2.DLL]  [Microsoft Corporation, 7.00.9466]
    [d:\Thunder\Plugins\BhoAdv\bho_adv.dll]  [深圳市迅雷网络技术有限公司, 1.0.1.0]
    [D:\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [d:\Thunder\Components\VPSHELL\VideoPicture.dll]  [XunLei, 1, 2, 0, 9]
    [d:\Thunder\Components\ResWorker\DataProcessor.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 1]
    [d:\Thunder\Program\XLNet.Dll]  [Thunder Networking Technologies,LTD, 1, 2, 0, 8]
    [d:\Thunder\Components\ResWorker\MediaWorker.dll]  [Thunder Networking Technologies,LTD, 1, 2, 0, 8]
[PID: 2668][C:\WINDOWS\abc.EXE]  [Smallfrogs Studio, 2.4.12.806]
    [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
    [D:\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. [hh.exe %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [notepad.exe %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
[C:\]
[autorun]
open=Limit.exe
shellexecute=Limit.exe
shell\open=打开(&O)
shell\open\command=Limit.exe
shell\explore=资源管理器(&X)
shell\explore\command=Limit.exe
shell\auto=自动播放(&P)
shell\auto\command=Limit.exe
[D:\]
[autorun]
open=Limit.exe
shellexecute=Limit.exe
shell\open=打开(&O)
shell\open\command=Limit.exe
shell\explore=资源管理器(&X)
shell\explore\command=Limit.exe
shell\auto=自动播放(&P)
shell\auto\command=Limit.exe
[E:\]
[autorun]
open=Limit.exe
shellexecute=Limit.exe
shell\open=打开(&O)
shell\open\command=Limit.exe
shell\explore=资源管理器(&X)
shell\explore\command=Limit.exe
shell\auto=自动播放(&P)
shell\auto\command=Limit.exe
[F:\]
[autorun]
open=Limit.exe
shellexecute=Limit.exe
shell\open=打开(&O)
shell\open\command=Limit.exe
shell\explore=资源管理器(&X)
shell\explore\command=Limit.exe
shell\auto=自动播放(&P)
shell\auto\command=Limit.exe
[G:\]
[autorun]
open=Limit.exe
shellexecute=Limit.exe
shell\open=打开(&O)
shell\open\command=Limit.exe
shell\explore=资源管理器(&X)
shell\explore\command=Limit.exe
shell\auto=自动播放(&P)
shell\auto\command=Limit.exe
[H:\]
[autorun]
open=Limit.exe
shellexecute=Limit.exe
shell\open=打开(&O)
shell\open\command=Limit.exe
shell\explore=资源管理器(&X)
shell\explore\command=Limit.exe
shell\auto=自动播放(&P)
shell\auto\command=Limit.exe

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]

完了，辛苦GG分析下。

不得不说：还是卡卡这里好，去别的论坛上别人说得都是“百度知道”里搜的东西

立即用解压缩工具WinRAR打开各个磁盘，手工在WinRAR中删除各盘根目录下的文件：
Autorun.inf
Limit.exe
——————————————————————————————————
用扫日志的SRENG工具将下面的各项启动类型改为“Disabled”，
==================================
驱动程序
[CMB8100 / CMB8100][Running/Auto Start]
<\??\C:\WINDOWS\system32\Drivers\CertClient.dat><N/A>
[CMBProtector / CMBProtector][Running/Auto Start]
<\??\C:\WINDOWS\system32\Drivers\CMBProtector.dat><N/A>
————————————————————————————————
重启电脑，不行，就再扫日志。
没异常，就安装并升级杀软至最新版本，全盘杀毒。

驱动程序
[CMB8100 / CMB8100][Running/Auto Start]
<\??\C:\WINDOWS\system32\Drivers\CertClient.dat><N/A>
[CMBProtector / CMBProtector][Running/Auto Start]
<\??\C:\WINDOWS\system32\Drivers\CMBProtector.dat><N/A>

这个是招商银行的吗。是就不改了。

winrar只在安全模式下能删，而且重启后又有了，

驱动程序
[CMB8100 / CMB8100][Running/Auto Start]
<\??\C:\WINDOWS\system32\Drivers\CertClient.dat><N/A>
[CMBProtector / CMBProtector][Running/Auto Start]
<\??\C:\WINDOWS\system32\Drivers\CMBProtector.dat><N/A>
这个是招商银行的东西。

发现在SRENG工具-启动项目-注册表中有一个：
C:\WINDOWS\system32\MSCONFIG.EXE项
SRENG删不掉，删完后一刷新又有了。