下载 System Repair Engineer，
http://www.kztechs.com/sreng/download.html
1 解压缩sreng2.zip
2 运行SREng.exe
3 智能扫描=》扫描=》保存报告
4 把日志中的报告完整拷贝贴上来，不要修改

[CODE]
2009-01-10,10:54:31
System Repair Engineer 2.7.0.1210
Smallfrogs (http://www.KZTechs.com)
Windows Vista Home Premium Edition Service Pack 1 (Build 6001) - 管理权限用户 - 完整功能
以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描
    计划任务
    API HOOK
    隐藏进程

启动项目
注册表
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <Apoint><C:\Program Files\Apoint2K\Apoint.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start>  [(Verified)Qizhi Software (beijing) Co. Ltd]
    <NvCplDaemon><RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <NvMediaCenter><RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <runeip><"C:\Program Files\Rising\AntiSpyware\rstray.exe" /startup>  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <HP Software Update><C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe>  [(Verified)Hewlett-Packard Company]
    <RisTray><"C:\Program Files\Rising\Ris\RsTray.exe" -system>  [(Verified)Beijing Rising Information Technology Corporation Limited]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><explorer.exe>  [(Verified)Microsoft Windows]
    <Userinit><C:\Windows\system32\userinit.exe,>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <WebCheck><C:\Windows\system32\webcheck.dll>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\Windows\system32\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><C:\Windows\system32\ie4uinit.exe -UserIconConfig>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
    <Browser Customizations><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

[CODE]

2009-01-10,10:54:31

System Repair Engineer 2.7.0.1210
Smallfrogs (http://www.KZTechs.com)

Windows Vista Home Premium Edition Service Pack 1 (Build 6001) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描
    计划任务
    API HOOK
    隐藏进程


启动项目
注册表
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <Apoint><C:\Program Files\Apoint2K\Apoint.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start>  [(Verified)Qizhi Software (beijing) Co. Ltd]
    <NvCplDaemon><RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <NvMediaCenter><RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <runeip><"C:\Program Files\Rising\AntiSpyware\rstray.exe" /startup>  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <HP Software Update><C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe>  [(Verified)Hewlett-Packard Company]
    <RisTray><"C:\Program Files\Rising\Ris\RsTray.exe" -system>  [(Verified)Beijing Rising Information Technology Corporation Limited]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><explorer.exe>  [(Verified)Microsoft Windows]
    <Userinit><C:\Windows\system32\userinit.exe,>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <WebCheck><C:\Windows\system32\webcheck.dll>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\Windows\system32\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><C:\Windows\system32\ie4uinit.exe -UserIconConfig>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
    <Browser Customizations><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

[CODE]
2009-01-10,10:54:31
System Repair Engineer 2.7.0.1210
Smallfrogs (http://www.KZTechs.com)
Windows Vista Home Premium Edition Service Pack 1 (Build 6001) - 管理权限用户 - 完整功能
以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描
    计划任务
    API HOOK
    隐藏进程

启动项目
注册表
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <Apoint><C:\Program Files\Apoint2K\Apoint.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start>  [(Verified)Qizhi Software (beijing) Co. Ltd]
    <NvCplDaemon><RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <NvMediaCenter><RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <runeip><"C:\Program Files\Rising\AntiSpyware\rstray.exe" /startup>  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <HP Software Update><C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe>  [(Verified)Hewlett-Packard Company]
    <RisTray><"C:\Program Files\Rising\Ris\RsTray.exe" -system>  [(Verified)Beijing Rising Information Technology Corporation Limited]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><explorer.exe>  [(Verified)Microsoft Windows]
    <Userinit><C:\Windows\system32\userinit.exe,>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <WebCheck><C:\Windows\system32\webcheck.dll>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\Windows\system32\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><C:\Windows\system32\ie4uinit.exe -UserIconConfig>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
    <Browser Customizations><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
[CODE]
2009-01-10,10:54:31
System Repair Engineer 2.7.0.1210
Smallfrogs (http://www.KZTechs.com)
Windows Vista Home Premium Edition Service Pack 1 (Build 6001) - 管理权限用户 - 完整功能
以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描
    计划任务
    API HOOK
    隐藏进程

启动项目
注册表
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <Apoint><C:\Program Files\Apoint2K\Apoint.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start>  [(Verified)Qizhi Software (beijing) Co. Ltd]
    <NvCplDaemon><RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <NvMediaCenter><RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <runeip><"C:\Program Files\Rising\AntiSpyware\rstray.exe" /startup>  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <HP Software Update><C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe>  [(Verified)Hewlett-Packard Company]
    <RisTray><"C:\Program Files\Rising\Ris\RsTray.exe" -system>  [(Verified)Beijing Rising Information Technology Corporation Limited]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><explorer.exe>  [(Verified)Microsoft Windows]
    <Userinit><C:\Windows\system32\userinit.exe,>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <WebCheck><C:\Windows\system32\webcheck.dll>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\Windows\system32\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><C:\Windows\system32\ie4uinit.exe -UserIconConfig>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
    <Browser Customizations><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

[CODE]
2009-01-10,10:54:31
System Repair Engineer 2.7.0.1210
Smallfrogs (http://www.KZTechs.com)
Windows Vista Home Premium Edition Service Pack 1 (Build 6001) - 管理权限用户 - 完整功能
以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描
    计划任务
    API HOOK
    隐藏进程

启动项目
注册表
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <Apoint><C:\Program Files\Apoint2K\Apoint.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start>  [(Verified)Qizhi Software (beijing) Co. Ltd]
    <NvCplDaemon><RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <NvMediaCenter><RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <runeip><"C:\Program Files\Rising\AntiSpyware\rstray.exe" /startup>  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <HP Software Update><C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe>  [(Verified)Hewlett-Packard Company]
    <RisTray><"C:\Program Files\Rising\Ris\RsTray.exe" -system>  [(Verified)Beijing Rising Information Technology Corporation Limited]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><explorer.exe>  [(Verified)Microsoft Windows]
    <Userinit><C:\Windows\system32\userinit.exe,>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <WebCheck><C:\Windows\system32\webcheck.dll>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\Windows\system32\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><C:\Windows\system32\ie4uinit.exe -UserIconConfig>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
    <Browser Customizations><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
  [CODE]
2009-01-10,10:54:31
System Repair Engineer 2.7.0.1210
Smallfrogs (http://www.KZTechs.com)
Windows Vista Home Premium Edition Service Pack 1 (Build 6001) - 管理权限用户 - 完整功能
以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描
    计划任务
    API HOOK
    隐藏进程

启动项目
注册表
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <Apoint><C:\Program Files\Apoint2K\Apoint.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start>  [(Verified)Qizhi Software (beijing) Co. Ltd]
    <NvCplDaemon><RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <NvMediaCenter><RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <runeip><"C:\Program Files\Rising\AntiSpyware\rstray.exe" /startup>  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <HP Software Update><C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe>  [(Verified)Hewlett-Packard Company]
    <RisTray><"C:\Program Files\Rising\Ris\RsTray.exe" -system>  [(Verified)Beijing Rising Information Technology Corporation Limited]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><explorer.exe>  [(Verified)Microsoft Windows]
    <Userinit><C:\Windows\system32\userinit.exe,>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <WebCheck><C:\Windows\system32\webcheck.dll>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\Windows\system32\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><C:\Windows\system32\ie4uinit.exe -UserIconConfig>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
    <Browser Customizations><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
启动项目
注册表
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <Apoint><C:\Program Files\Apoint2K\Apoint.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start>  [(Verified)Qizhi Software (beijing) Co. Ltd]
    <NvCplDaemon><RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <NvMediaCenter><RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <runeip><"C:\Program Files\Rising\AntiSpyware\rstray.exe" /startup>  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <HP Software Update><C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe>  [(Verified)Hewlett-Packard Company]
    <RisTray><"C:\Program Files\Rising\Ris\RsTray.exe" -system>  [(Verified)Beijing Rising Information Technology Corporation Limited]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><explorer.exe>  [(Verified)Microsoft Windows]
    <Userinit><C:\Windows\system32\userinit.exe,>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <WebCheck><C:\Windows\system32\webcheck.dll>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\Windows\system32\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><C:\Windows\system32\ie4uinit.exe -UserIconConfig>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
    <Browser Customizations><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows]
[CODE]

2009-01-10,10:54:31
System Repair Engineer 2.7.0.1210
Smallfrogs (http://www.KZTechs.com)
Windows Vista Home Premium Edition Service Pack 1 (Build 6001) - 管理权限用户 - 完整功能
以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描
    计划任务
    API HOOK
    隐藏进程

启动项目
注册表
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <Apoint><C:\Program Files\Apoint2K\Apoint.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start>  [(Verified)Qizhi Software (beijing) Co. Ltd]
    <NvCplDaemon><RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <NvMediaCenter><RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <runeip><"C:\Program Files\Rising\AntiSpyware\rstray.exe" /startup>  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <HP Software Update><C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe>  [(Verified)Hewlett-Packard Company]
    <RisTray><"C:\Program Files\Rising\Ris\RsTray.exe" -system>  [(Verified)Beijing Rising Information Technology Corporation Limited]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><explorer.exe>  [(Verified)Microsoft Windows]
    <Userinit><C:\Windows\system32\userinit.exe,>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <WebCheck><C:\Windows\system32\webcheck.dll>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\Windows\system32\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><C:\Windows\system32\ie4uinit.exe -UserIconConfig>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
    <Browser Customizations><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
浏览器加载项
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\迅雷5\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[卡卡上网安全助手]
  {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} <C:\Windows\system32\UrlFilter.dll, (Signed) Beijing Rising Information Technology Co., Ltd.>
[SafeMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, (Signed) 360.CN>
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <D:\迅雷5\Thunder.exe, (Signed) Thunder Networking Technologies,LTD>
[Java Plug-in 1.6.0_07]
  {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[ScreenCapture Class]
  {BFB79EE1-04AE-4D4A-B85E-27EE5F30C095} <C:\Windows\system32\TXGYMailActiveX.dll, (Signed) Tencent Inc.>
[Java Plug-in 1.6.0_02]
  {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} <C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_07]
  {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} <C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_07]
  {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll, (Signed) Sun Microsystems, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\Windows\system32\Macromed\Flash\FlDbg10a.ocx, (Signed) Adobe Systems, Inc.>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <D:\迅雷5\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[]
  {03507A1A-E0C5-4404-AA26-205385C0892D} <, >
[Adobe PDF Reader Link Helper]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated>
[]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <, >
[]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <, >
[]
  {116BA71C-8187-4F15-9A1F-C9D6289155D1} <, >
[XML DOM Document]
  {2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[]
  {2974c985-8151-4de5-b23c-b875f0a8522f} <, >
[]
  {2EEDA47E-8D5C-4d7e-B4B6-E16E19218555} <, >
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <D:\迅雷5\ComDlls\ThunderAgent_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[]
  {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} <, >
[XMP Class]
  {6483F145-A768-4C41-AACC-52D4D7845851} <C:\ProgramData\Thunder Network\KanKan\xplayer.dll_1_work, Xunlei Networking Technologies,LTD>
[XDRM]
  {693571CB-54A3-4E90-9D52-EEAE1334E2D3} <C:\ProgramData\Thunder Network\KanKan\xdrm.dll_1_work, >
[SSVHelper Class]
  {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[MediaComm Class]
  {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <D:\迅雷5\Components\InMedia\MediaAddin18.dll, (Signed) Thunder Networking Technologies,LTD>
[]
  {7E853D72-626A-48EC-A868-BA8D5E23E045} <, >
[360SafeLive]
  {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, (Signed) 360.cn>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\迅雷5\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[]
  {9030D464-4C02-4ABF-8ECC-5164760863C6} <, >
[]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <, >
[卡卡上网安全助手]
  {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} <C:\Windows\system32\UrlFilter.dll, (Signed) Beijing Rising Information Technology Co., Ltd.>
[]
  {A412E581-59B2-485E-834F-C5F0C0268C79} <, >
[DapCtrl Class]
  {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.5808.119.(647).dll, (Signed) ShenZhen Thunder Networking Technologies Ltd.>
[SafeMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, (Signed) 360.CN>
[ScreenCapture Class]
  {BFB79EE1-04AE-4D4A-B85E-27EE5F30C095} <C:\Windows\system32\TXGYMailActiveX.dll, (Signed) Tencent Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\Windows\system32\Macromed\Flash\FlDbg10a.ocx, (Signed) Adobe Systems, Inc.>
[XPPlayer Class]
  {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Program Files\Common Files\Thunder Network\KanKan\PPlayer.2.1.5880.242.(647).dll, (Signed) Xunlei Networking Technologies,LTD>
[XML HTTP]
  {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[]
  {FB5DA724-162B-11D3-8B9B-AA70B4B0B524} <, >
[]
  {FB5DA724-162B-11D3-8B9B-AA70B4B0B525} <, >
[使用迅雷下载]
  <D:\迅雷5\Program\GetUrl.htm, N/A>
[使用迅雷下载全部链接]
  <D:\迅雷5\Program\GetAllUrl.htm, N/A>
[添加到QQ表情]
  <E:\qq2008\AddEmotion.htm, N/A>

==================================
正在运行的进程
[PID: 456 / SYSTEM][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[PID: 552 / SYSTEM][C:\Windows\system32\csrss.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 612 / SYSTEM][C:\Windows\system32\wininit.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 624 / SYSTEM][C:\Windows\system32\csrss.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 656 / SYSTEM][C:\Windows\system32\services.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 668 / SYSTEM][C:\Windows\system32\lsass.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [C:\Windows\system32\DPPWDFLT.dll]  [DigitalPersona, Inc., 3.0.0.2598]
[PID: 676 / SYSTEM][C:\Windows\system32\lsm.exe]  [(Verified) Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[PID: 784 / SYSTEM][C:\Windows\system32\winlogon.exe]  [(Verified) Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[PID: 876 / SYSTEM][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 936 / NETWORK SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1012 / SYSTEM][C:\Program Files\Rising\Ris\CCENTER.EXE]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\Rising\Ris\combase.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [C:\Program Files\Rising\Ris\cnt09.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 37]
    [C:\Program Files\Rising\Ris\cnt08.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7]
[PID: 1020 / SYSTEM][C:\Windows\System32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1056 / LOCAL SERVICE][C:\Windows\System32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1092 / SYSTEM][C:\Windows\System32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1132 / SYSTEM][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1220 / NETWORK SERVICE][C:\Windows\system32\SLsvc.exe]  [(Verified) Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[PID: 1248 / LOCAL SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1372 / NETWORK SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1580 / SYSTEM][C:\Windows\System32\spoolsv.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1604 / SYSTEM][C:\Program Files\DigitalPersona\Bin\DpHostW.exe]  [DigitalPersona, Inc., 4.2.1.988]
    [C:\Windows\system32\DPCLBACK.dll]  [DigitalPersona, Inc., 4.2.1.988]
    [C:\Program Files\DigitalPersona\Bin\DPDB.dll]  [DigitalPersona, Inc., 4.2.1.988]
    [C:\Windows\system32\dpHMatch.dll]  [DigitalPersona, Inc., 4.0.0.493]
    [C:\Program Files\DigitalPersona\Bin\DPILPro.dll]  [DigitalPersona, Inc., 4.2.1.988]
    [C:\Program Files\DigitalPersona\Bin\DpPMInfo.dll]  [DigitalPersona, Inc., 4.2.1.988]
    [C:\Program Files\DigitalPersona\Bin\DPCOper2.dll]  [DigitalPersona, Inc., 4.2.1.988]
    [C:\Windows\system32\DPFPApi.dll]  [DigitalPersona, Inc., 4.2.1.988]
    [C:\Program Files\DigitalPersona\Bin\DPMux.dll]  [DigitalPersona, Inc., 4.2.1.988]
    [C:\Program Files\DigitalPersona\Bin\DPDeviceAuthentec.dll]  [DigitalPersona, Inc., 4.2.1.988]
    [C:\Program Files\DigitalPersona\Bin\DPDeviceMitsumi.dll]  [DigitalPersona, Inc., 4.2.1.988]
    [C:\Program Files\DigitalPersona\Bin\DPDeviceUpek.dll]  [DigitalPersona, Inc., 4.2.1.988]
    [C:\Program Files\DigitalPersona\Bin\DPDeviceValidity.dll]  [DigitalPersona, Inc., 4.2.1.988]
    [C:\Program Files\DigitalPersona\Bin\DPDevice2.dll]  [DigitalPersona, Inc., 4.2.1.988]
    [C:\Windows\system32\dpHFtrEx.dll]  [DigitalPersona, Inc., 4.0.0.493]
[PID: 1644 / LOCAL SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1876 / SYSTEM][C:\Program Files\Common Files\LightScribe\LSSrvc.exe]  [Hewlett-Packard Company, 1.10.13.1]
    [C:\Program Files\Common Files\LightScribe\LSSProxy.dll]  [Hewlett-Packard Company, 1.10.13.1]
    [C:\Program Files\Common Files\LightScribe\LSLog.dll]  [Hewlett-Packard Company, 1.10.13.1]
[PID: 1924 / SYSTEM][C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe]  [Microsoft Corporation, 7.10.3077]
    [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\2052\mdmui.dll]  [Microsoft Corporation, 7.10.3077]
[PID: 2032 / NETWORK SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 220 / SYSTEM][C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe]  [, 5.00.3314]
    [C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapEngine.dll]  [, 5.00.3330]
    [C:\Program Files\HP\QuickPlay\Kernel\TV\PCMRRec4.dll]  [CyberLink Corp., 4.02.4530]
    [C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll]  [N/A, ]
[PID: 12 / SYSTEM][C:\Program Files\CyberLink\Shared Files\RichVideo.exe]  [, 2.0.1120  ]
[PID: 540 / SYSTEM][C:\Program Files\Rising\Ris\RavTask.exe]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 22]
    [C:\Program Files\Rising\Ris\rsconf.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [C:\Program Files\Rising\Ris\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
    [C:\Program Files\Rising\Ris\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.13]
    [C:\Program Files\Rising\Ris\proccomm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [C:\Windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Windows\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Rising\Ris\rsstub.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
    [C:\Program Files\Rising\Ris\rstask.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 35]
[PID: 604 / SYSTEM][C:\Windows\System32\rpcnetp.exe]  [N/A, ]
    [C:\Windows\System32\rpcnetp.dll]  [N/A, ]
[PID: 1144 / SYSTEM][C:\Program Files\Rising\Ris\RsStub.exe]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\Rising\Ris\ProcComm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [C:\Windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Windows\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
[PID: 1292 / SYSTEM][C:\Program Files\Rising\Rav\scannerd.exe]  [Beijing Rising Technology Co., Ltd., 20.0.0.23]
[PID: 1344 / LOCAL SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1732 / SYSTEM][C:\Windows\System32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 2060 / SYSTEM][C:\Windows\system32\SearchIndexer.exe]  [(Verified) Microsoft Corporation, 7.0.6001.16503 (longhorn(wmbla).080526-2159)]
[PID: 2124 / SYSTEM][C:\Windows\system32\DRIVERS\xaudio.exe]  [Conexant Systems, Inc., 1.00.15.00]
[PID: 2164 / SYSTEM][C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe]  [Hewlett-Packard Development Company, L.P., 2, 0, 1, 9]
[PID: 2324 / SYSTEM][C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe]  [, 5.00.3327]
    [C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll]  [N/A, ]
    [C:\Program Files\HP\QuickPlay\Kernel\TV\CLSchMgr.dll]  [, 5.00.3028]
    [C:\Program Files\HP\QuickPlay\Kernel\TV\CLTinyDB.dll]  [, 1.00.1012]
[PID: 2696 / SYSTEM][C:\Windows\system32\taskeng.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 3096 / hy][C:\Program Files\DigitalPersona\Bin\DpAgent.exe]  [DigitalPersona, Inc., 3.0.0.2598]
    [C:\Program Files\DigitalPersona\Bin\DpoSet.dll]  [DigitalPersona, Inc., 3.0.0.2598]
    [C:\Windows\system32\SOGOUPY.IME]  [Sogou.com Inc., 4.0.0.1981]
    [C:\Windows\system32\DPFPApi.DLL]  [DigitalPersona, Inc., 4.2.1.988]
    [C:\Windows\system32\DPCLBACK.dll]  [DigitalPersona, Inc., 4.2.1.988]
    [C:\Program Files\DigitalPersona\Bin\DpOCache.dll]  [DigitalPersona, Inc., 3.0.0.2598]
    [C:\Program Files\DigitalPersona\Bin\DpoFeedb.dll]  [DigitalPersona, Inc., 3.0.0.2598]
    [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 2, 0, 1007]
[PID: 3132 / hy][C:\Windows\system32\Dwm.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [C:\Windows\system32\nvd3dum.dll]  [NVIDIA Corporation, 7.15.11.5665]
    [C:\Program Files\DigitalPersona\Bin\DpoFeedb.dll]  [DigitalPersona, Inc., 3.0.0.2598]
    [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 2, 0, 1007]
[PID: 3160 / hy][C:\Windows\Explorer.EXE]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [C:\Windows\system32\SOGOUPY.IME]  [Sogou.com Inc., 4.0.0.1981]
    [C:\Program Files\DigitalPersona\Bin\DpoFeedb.dll]  [DigitalPersona, Inc., 3.0.0.2598]
    [C:\Windows\system32\nvcpl.dll]  [NVIDIA Corporation, 7.15.11.5665]
    [C:\Windows\system32\nvapi.dll]  [NVIDIA Corporation, 7.15.11.5665]
    [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 2, 0, 1007]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\Windows\system32\RavExt.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
[PID: 3220 / hy][C:\Program Files\SogouInput\4.0.0.1981\PinyinUp.exe]  [Sogou.com Inc., 4.0.0.1981]
    [C:\Program Files\SogouInput\4.0.0.1981\HWSignature.dll]  [Sogou.com Inc., 4.0.0.1981]
    [C:\Program Files\DigitalPersona\Bin\DpoFeedb.dll]  [DigitalPersona, Inc., 3.0.0.2598]
[PID: 3384 / hy][C:\Program Files\Apoint2K\Apoint.exe]  [Alps Electric Co., Ltd., 7.0.1.251]
    [C:\Program Files\Apoint2K\ApResCS.dll]  [Alps Electric Co., Ltd., 5.5.1701.21]
    [C:\Windows\system32\VXDIF.DLL]  [Alps Electric Co., Ltd., 6.0.3.15]
    [C:\Program Files\Apoint2K\Apoint.DLL]  [Alps Electric Co., Ltd., 5.5.1702.262]
    [C:\Program Files\Apoint2K\EzAuto.dll]  [Alps Electric Co., Ltd., 5.5.1.91]
    [C:\Program Files\DigitalPersona\Bin\DpoFeedb.dll]  [DigitalPersona, Inc., 3.0.0.2598]
    [C:\Windows\system32\SOGOUPY.IME]  [Sogou.com Inc., 4.0.0.1981]
    [C:\Program Files\Apoint2K\EzLaunch.DLL]  [Alps Electric Co., Ltd., 5.5.1.86]
[PID: 3416 / SYSTEM][C:\Windows\system32\wbem\wmiprvse.exe]  [(Verified) Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[PID: 3424 / hy][C:\WINDOWS\System32\rundll32.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [C:\Windows\system32\NvMcTray.dll]  [NVIDIA Corporation, 7.15.11.5665]
    [C:\WINDOWS\System32\nvapi.dll]  [NVIDIA Corporation, 7.15.11.5665]
    [C:\Windows\system32\SOGOUPY.IME]  [Sogou.com Inc., 4.0.0.1981]
    [C:\Program Files\DigitalPersona\Bin\DpoFeedb.dll]  [DigitalPersona, Inc., 3.0.0.2598]
[PID: 3432 / hy][C:\Program Files\Rising\AntiSpyware\RSTray.exe]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.16]
    [C:\Program Files\Rising\AntiSpyware\rsmginfo.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 8]
    [C:\Program Files\Rising\AntiSpyware\RsXML.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2]
    [C:\Program Files\Rising\AntiSpyware\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Rising\AntiSpyware\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Windows\system32\SOGOUPY.IME]  [Sogou.com Inc., 4.0.0.1981]
    [C:\Program Files\Rising\AntiSpyware\ComServ.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.31]
    [C:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\Program Files\Rising\AntiSpyware\rscommon.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.1.1]
    [C:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\AntiSpyware\pngdll.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5]
    [C:\Program Files\Rising\AntiSpyware\runiep.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.42]
    [C:\Program Files\Rising\AntiSpyware\NComm.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.11]
    [C:\Program Files\Rising\AntiSpyware\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [C:\Program Files\Rising\AntiSpyware\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [C:\Program Files\Rising\AntiSpyware\pscan.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.60]
    [C:\Program Files\Rising\AntiSpyware\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
[PID: 3440 / hy][C:\Program Files\HP\HP Software Update\hpwuSchd2.exe]  [Hewlett-Packard, 80, 1, 0, 0]
    [C:\Windows\system32\SOGOUPY.IME]  [Sogou.com Inc., 4.0.0.1981]
    [C:\Program Files\DigitalPersona\Bin\DpoFeedb.dll]  [DigitalPersona, Inc., 3.0.0.2598]
[PID: 3880 / hy][C:\Windows\system32\taskeng.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [C:\Program Files\DigitalPersona\Bin\DpoFeedb.dll]  [DigitalPersona, Inc., 3.0.0.2598]
    [C:\Windows\system32\SOGOUPY.IME]  [Sogou.com Inc., 4.0.0.1981]
    [C:\Windows\system32\nvapi.dll]  [NVIDIA Corporation, 7.15.11.5665]
[PID: 3468 / hy][C:\Program Files\Apoint2K\ApMsgFwd.exe]  [Alps Electric Co., Ltd., 7, 0, 0, 15]
    [C:\Program Files\Apoint2K\Apoint.dll]  [Alps Electric Co., Ltd., 5.5.1702.262]
    [C:\Windows\system32\Vxdif.dll]  [Alps Electric Co., Ltd., 6.0.3.15]
    [C:\Windows\system32\SOGOUPY.IME]  [Sogou.com Inc., 4.0.0.1981]
[PID: 2860 / hy][C:\Windows\system32\wbem\unsecapp.exe]  [(Verified) Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
    [C:\Program Files\DigitalPersona\Bin\DpoFeedb.dll]  [DigitalPersona, Inc., 3.0.0.2598]
[PID: 560 / hy][C:\Program Files\Apoint2K\Apntex.exe]  [Alps Electric Co., Ltd., 7.0.1.26]
    [C:\Windows\system32\VXDIF.DLL]  [Alps Electric Co., Ltd., 6.0.3.15]
    [C:\Program Files\Apoint2K\Apoint.DLL]  [Alps Electric Co., Ltd., 5.5.1702.262]
    [C:\Program Files\DigitalPersona\Bin\DpoFeedb.dll]  [DigitalPersona, Inc., 3.0.0.2598]
    [C:\Windows\system32\SOGOUPY.IME]  [Sogou.com Inc., 4.0.0.1981]
[PID: 2932 / SYSTEM][C:\Windows\System32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [C:\Windows\System32\rpcnetp.dll]  [N/A, ]
[PID: 2792 / hy][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 7.00.6000.16386 (vista_rtm.061101-2205)]
    [C:\Windows\System32\rpcnetp.dll]  [N/A, ]
[PID: 3348 / SYSTEM][c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe]  [Hewlett-Packard, 2.3.0.2]
    [C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5b3e3b0551bcaa722c27dbb089c431e4\mscorlib.ni.dll]  [Microsoft Corporation, 2.0.50727.1434 (REDBITS.050727-1400)]
    [C:\Windows\assembly\NativeImages_v2.0.50727_32\System\267d4c344058092e6950c11594244f90\System.ni.dll]  [Microsoft Corporation, 2.0.50727.1434 (REDBITS.050727-1400)]
    [C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\80a3d0416c6660b86e245bd1f6b66fd8\System.ServiceProcess.ni.dll]  [Microsoft Corporation, 2.0.50727.1434 (REDBITS.050727-1400)]
    [C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\8fe7232e97fdf63c6b146e93f432d7d7\System.Runtime.Remoting.ni.dll]  [Microsoft Corporation, 2.0.50727.1434 (REDBITS.050727-1400)]
    [C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll]  [Hewlett-Packard, 2.0.0.2]
[PID: 4724 / hy][D:\暴风影音2009\stMgr.exe]  [北京暴风网际科技有限公司, 3, 8, 12, 1]
    [C:\Program Files\DigitalPersona\Bin\DpoFeedb.dll]  [DigitalPersona, Inc., 3.0.0.2598]
    [C:\Windows\system32\SOGOUPY.IME]  [Sogou.com Inc., 4.0.0.1981]
    [D:\暴风影音2009\bfoptdll.dll]  [北京暴风网际科技有限公司, 3, 8, 7, 16]
    [D:\暴风影音2009\MSVCP60.dll]  [Microsoft Corporation, 6.02.3104.0]
    [D:\暴风影音2009\corelog.dll]  [北京暴风网际科技有限公司, 3, 8, 9, 27]
    [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 2, 0, 1007]
[PID: 5736 / SYSTEM][C:\Program Files\Rising\Ris\ScanFrm.exe]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.11]

[C:\Windows\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Rising\Ris\combase.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [C:\Program Files\Rising\Ris\moncomm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
    [C:\Program Files\Rising\Ris\scansrvp.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.11]
    [C:\Program Files\Rising\Ris\proccomm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [C:\Program Files\Rising\Ris\ScanSrv.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.9]
    [C:\Program Files\Rising\Ris\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\Ris\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\Program Files\Rising\Ris\ScanRavT.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.23]
    [C:\Program Files\Rising\Ris\ScanBT.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.36]
    [C:\Program Files\Rising\Ris\ScanStub.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.8]
    [C:\Program Files\Rising\Ris\RsLog.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.32]
    [C:\Program Files\Rising\Ris\ScanAdd.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.14]
    [C:\Program Files\Rising\Ris\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
    [C:\Program Files\Rising\Ris\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.13]
    [C:\Program Files\Rising\Ris\Scanner.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.32]
    [C:\Program Files\Rising\Ris\recomp.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\Rising\Ris\refs.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [C:\Program Files\Rising\Ris\viruslib.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\Ris\relibldr.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\Rising\Ris\ffr.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\Rising\Ris\nvfile.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [C:\Program Files\Rising\Ris\scanexec.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\Ris\unexe.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1]
    [C:\Program Files\Rising\Ris\scanex.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 17]
    [C:\Program Files\Rising\Ris\mvengine.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [C:\Program Files\Rising\Ris\posttrt.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\Rising\Ris\pearc.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\Ris\scanpe.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7]
    [C:\Program Files\Rising\Ris\ur000.dat]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5]
    [C:\Program Files\Rising\Ris\revm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\Rising\Ris\urutils.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\Ris\ur001.dat]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [C:\Program Files\Rising\Ris\SysMail.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.5]
    [C:\Program Files\Rising\Ris\extfile.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
[PID: 2468 / hy][C:\PROGRAM FILES\RISING\RIS\RSTRAY.EXE]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.22]
    [C:\Windows\system32\SOGOUPY.IME]  [Sogou.com Inc., 4.0.0.1981]
    [C:\PROGRAM FILES\RISING\RIS\ComServ.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.49]
    [C:\Windows\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\PROGRAM FILES\RISING\RIS\rslang.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 27]
    [C:\PROGRAM FILES\RISING\RIS\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\PROGRAM FILES\RISING\RIS\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\PROGRAM FILES\RISING\RIS\rsxml.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\PROGRAM FILES\RISING\RIS\ProcComm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [C:\PROGRAM FILES\RISING\RIS\MonState.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7]
    [C:\PROGRAM FILES\RISING\RIS\ScanEvnt.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.12]
    [C:\PROGRAM FILES\RISING\RIS\rsguilib.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 70]
    [C:\Windows\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\PROGRAM FILES\RISING\RIS\rsconf.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [C:\PROGRAM FILES\RISING\RIS\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
    [C:\PROGRAM FILES\RISING\RIS\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.13]
    [C:\PROGRAM FILES\RISING\RIS\rfwrule.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.25]
    [C:\PROGRAM FILES\RISING\RIS\rspalvd.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.21]
    [C:\PROGRAM FILES\RISING\RIS\rsnetsvr.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13]
    [C:\PROGRAM FILES\RISING\RIS\ravbintl.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 25]
    [C:\PROGRAM FILES\RISING\RIS\mruleui.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10]
    [C:\PROGRAM FILES\RISING\RIS\MonTray.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.89]
    [C:\PROGRAM FILES\RISING\RIS\PngDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\PROGRAM FILES\RISING\RIS\RavITray.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 19]
    [C:\PROGRAM FILES\RISING\RIS\ScanPrxy.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.13]
    [C:\PROGRAM FILES\RISING\RIS\rfwtray.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 1, 5]
    [C:\PROGRAM FILES\RISING\RIS\rsmginfo.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [C:\PROGRAM FILES\RISING\RIS\rfwlog.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9]
[PID: 6108 / SYSTEM][C:\PROGRAM FILES\RISING\RIS\RSNETSVR.EXE]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
    [C:\PROGRAM FILES\RISING\RIS\NComm.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.9]
    [C:\PROGRAM FILES\RISING\RIS\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\PROGRAM FILES\RISING\RIS\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\PROGRAM FILES\RISING\RIS\ProcComm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [C:\Windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Windows\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
[PID: 4196 / SYSTEM][C:\Program Files\Rising\Ris\RavMonD.exe]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1]
    [C:\Program Files\Rising\Ris\combase.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [C:\Windows\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Rising\Ris\moncomm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
    [C:\Program Files\Rising\Ris\MonBase.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5]
    [C:\Program Files\Rising\Ris\Rslog.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.32]
    [C:\Program Files\Rising\Ris\mondrv.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7]
    [C:\Program Files\Rising\Ris\defmon.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 29]
    [C:\Program Files\Rising\Ris\moncom08.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1]
    [C:\Program Files\Rising\Ris\MonRule.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9]
    [C:\Program Files\Rising\Ris\FileMon.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 21]
    [C:\Program Files\Rising\Ris\MailMon.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23]
    [C:\Program Files\Rising\Ris\HookWeb.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [C:\Program Files\Rising\Ris\rfwlog.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9]
    [C:\Program Files\Rising\Ris\rfwrule.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.25]
    [C:\Program Files\Rising\Ris\rfwsrv.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.75]
    [C:\Program Files\Rising\Ris\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\Program Files\Rising\Ris\mPorts.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.0]
    [C:\Program Files\Rising\Ris\rfwdrvc.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.3]
    [C:\Program Files\Rising\Ris\Rfwdrv.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.5]
    [C:\Program Files\Rising\Ris\urlrule.dll]  [Beijing Rising Information Technology Co., Ltd., 1.0.0.18]
    [C:\Program Files\Rising\Ris\recomp.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\Rising\Ris\rsnetsvr.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13]
    [C:\Program Files\Rising\Ris\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\Ris\refs.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [C:\Program Files\Rising\Ris\viruslib.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\Ris\relibldr.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\Rising\Ris\rfwproxy.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.24]
    [C:\Program Files\Rising\Ris\proccomm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [C:\Program Files\Rising\Ris\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
    [C:\Program Files\Rising\Ris\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.13]
    [C:\Program Files\Rising\Ris\Hooksys.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 18]
    [C:\Program Files\Rising\Ris\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [C:\Program Files\Rising\Ris\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [C:\Program Files\Rising\Ris\HookCont.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 11]
    [C:\Program Files\Rising\Ris\BACore.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 17]
    [C:\Program Files\Rising\Ris\RSStore.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9]
    [C:\Program Files\Rising\Ris\ScanAdd.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.14]
    [C:\Program Files\Rising\Ris\Scanner.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.32]
    [C:\Program Files\Rising\Ris\ffr.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\Rising\Ris\nvfile.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [C:\Program Files\Rising\Ris\scanexec.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\Ris\unexe.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1]
    [C:\Program Files\Rising\Ris\scanex.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 17]
    [C:\Program Files\Rising\Ris\pearc.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\Ris\scanpe.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7]
    [C:\Program Files\Rising\Ris\ur000.dat]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5]
    [C:\Program Files\Rising\Ris\urllib.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1]
    [C:\Program Files\Rising\Ris\extfile.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
    [C:\Program Files\Rising\Ris\extmail.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\Rising\Ris\revm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\Rising\Ris\urutils.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\Ris\ur001.dat]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [C:\Program Files\Rising\Ris\scansct.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\Rising\Ris\ur027.dat]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\Ris\ur025.dat]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1]
[PID: 1228 / hy][E:\Maxthon2\Maxthon.exe]  [Maxthon International ltd., 2, 1, 5, 1250]
    [E:\Maxthon2\mxpp.dll]  [Maxthon International ltd., 1, 0, 0, 241]
    [E:\Maxthon2\MxSk.dll]  [Maxthon, 1, 0, 0, 413]
    [E:\Maxthon2\MxProxy2.dll]  [Maxthon International ltd., 1, 0, 0, 4106]
    [E:\Maxthon2\MxExt.dll]  [N/A, ]
    [E:\Maxthon2\MxUI.dll]  [Maxthon International, 3, 3, 0, 9]
    [C:\Windows\system32\SOGOUPY.IME]  [Sogou.com Inc., 4.0.0.1981]
    [E:\Maxthon2\mxtool.dll]  [, 1, 0, 0, 1]
    [E:\Maxthon2\maxzlib.dll]  [, 1.2.3]
    [C:\Program Files\Rising\Ris\RavScrCh.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.55]
    [C:\Windows\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Windows\system32\Macromed\Flash\FlDbg10a.ocx]  [Adobe Systems, Inc., 10,0,12,36]
    [C:\Windows\system32\nvd3dum.dll]  [NVIDIA Corporation, 7.15.11.5665]
    [c:\Program Files\Microsoft Silverlight\2.0.31005.0\npctrl.dll]  [ Microsoft Corporation, 2.0.31005.0]
    [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 2, 0, 1007]
    [D:\迅雷5\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 120]
[PID: 6020 / hy][C:\WINDOWS\explorer.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 2, 0, 1007]
    [C:\Windows\system32\SOGOUPY.IME]  [Sogou.com Inc., 4.0.0.1981]
    [C:\Program Files\Cyberlink\PowerDirector\PDM1Splter.ax]  [CyberLink Corp., 2.3.1118  ]
    [C:\Program Files\Cyberlink\PowerDirector\PDM2Splter.ax]  [CyberLink Corp., 2.3.1118  ]
    [C:\Program Files\CyberLink\Power2Go\P2Gm2spliter.ax]  [CyberLink Corp., 2.4.2301  ]
    [C:\Program Files\CyberLink\Power2Go\P2Gm1spliter.ax]  [CyberLink Corp., 2.4.2301  ]
    [C:\Program Files\muvee Technologies\muvee autoProducer 6.1 - SE\mvBurnerDll\mcspmpeg.ax]  [MainConcept AG, 1.1.4178.0 2006/05/29]
    [C:\Program Files\muvee Technologies\muvee autoProducer 6.1 - SE\mvBurnerDll\mcmpegin.dll]  [MainConcept AG, 1.2.4178.0 2006/06/19]
    [C:\Program Files\muvee Technologies\muvee autoProducer 6.1 - SE\mvBurnerDll\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\muvee Technologies\muvee autoProducer 6.1 - SE\mvBurnerDll\mcdsmpeg.ax]  [MainConcept AG, 1.1.4178.0 2006/05/19]
    [C:\Program Files\muvee Technologies\muvee autoProducer 6.1 - SE\mvBurnerDll\mcmpgdec.dll]  [MainConcept AG, 2.0.4178.0 2006/06/07]
    [C:\Program Files\Common Files\Thunder Network\KanKan\RealMediaSplitter.1.0.2.2.(646).ax]  [Gabest, 1, 0, 2, 2]
    [C:\Program Files\HP\QuickPlay\Kernel\DMP\CLWMFDemux.ax]  [CyberLink, 1, 0, 0, 1302]
    [C:\Program Files\Common Files\muvee Technologies\MainConcept2\muveedsmpeg.ax]  [MainConcept AG, 1, 0, 0, 77]
    [C:\Program Files\Common Files\muvee Technologies\MainConcept2\muveempgdec.dll]  [MainConcept AG, official release build]
    [C:\Program Files\Common Files\muvee Technologies\MainConcept2\muveespmpeg.ax]  [MainConcept AG, 1, 0, 1, 12]
    [C:\Program Files\Common Files\muvee Technologies\MainConcept2\muveempegin.dll]  [MainConcept AG, official release build]
    [D:\迅雷5\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 120]
    [D:\迅雷5\Components\ResWorker\DsBho_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 20]
    [D:\迅雷5\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\Windows\system32\RavExt.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
    [D:\QvodPlayer\QvodBand.dll]  [Shenzhen QVOD Technology Co.,Ltd, 3, 0, 0, 0]
[PID: 4872 / hy][C:\Windows\System32\mobsync.exe]  [(Verified) Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
    [C:\Program Files\DigitalPersona\Bin\DpoFeedb.dll]  [DigitalPersona, Inc., 3.0.0.2598]
    [C:\Windows\system32\SOGOUPY.IME]  [Sogou.com Inc., 4.0.0.1981]
[PID: 4636 / hy][C:\Program Files\360safe\safemon\360tray.exe]  [奇虎网, 5, 0, 0, 1002]
    [C:\Windows\system32\SOGOUPY.IME]  [Sogou.com Inc., 4.0.0.1981]
    [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 2, 0, 1007]
    [C:\Program Files\360safe\safemon\SafeKrnl.dll]  [奇虎网, 4, 3, 0, 1004]
    [C:\Program Files\360safe\AntiAdwa.dll]  [360Safe.com, 4, 2, 0, 1002]
    [C:\Program Files\360safe\live.dll]  [360.cn, 1, 0, 1, 1029]
[PID: 2824 / hy][D:\SREngLdr.EXE]  [Smallfrogs Studio, 2.7.0.1210]
[PID: 3248 / hy][C:\Users\hy\AppData\Local\Temp\SREBD60.EXE]  [Smallfrogs Studio, 2.7.0.1210]
    [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 2, 0, 1007]
    [C:\Windows\system32\SOGOUPY.IME]  [Sogou.com Inc., 4.0.0.1981]
[PID: 4696 / SYSTEM][C:\Windows\system32\SearchProtocolHost.exe]  [(Verified) Microsoft Corporation, 7.0.6001.16503 (longhorn(wmbla).080526-2159)]

==================================
文件关联
.TXT  Error. [C:\Windows\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["%SystemRoot%\hh.exe" %1]
.HLP  Error. [C:\Windows\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. ["%SystemRoot%\System32\WScript.exe" "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1      localhost
::1            localhost
127.0.0.1 c0mo.com
127.0.0.1 gxgxy.net
127.0.0.1 union.daqi.com
127.0.0.1 121.15.247.22
127.0.0.1 61.155.140.4
127.0.0.1 219.129.239.251
127.0.0.1 61.164.118.208
127.0.0.1 www.zmjjjyy.cn
127.0.0.1 user9.78-10.net
127.0.0.1 444.gmwo07.com
127.0.0.1 333.gmwo07.com
127.0.0.1 222.gmwo07.com
127.0.0.1 111.gmwo07.com
127.0.0.1 haha.yaoyao09.com
127.0.0.1 www.noseqing.cn
127.0.0.1 fg.pvs360.com
127.0.0.1 cw.pvs360.com
127.0.0.1 ta.pvs360.com
127.0.0.1 dl.pvs360.com
127.0.0.1 ok.sl8cjs.cn
127.0.0.1 nc.mskess.com
127.0.0.1 idc.windowsupdeta.cn
127.0.0.1 pvs360.com
127.0.0.1 sl8cjs.cn
127.0.0.1 windowsupdeta.cn
127.0.0.1 up.22x44.com
127.0.0.1 my.531jx.cn
127.0.0.1 nx.51ylb.cn
127.0.0.1 llboss.com
127.0.0.1 down.malasc.cn
127.0.0.1 d2.llsging.com
127.0.0.1 171817.171817.com
127.0.0.1 wg.47255.com
127.0.0.1 www.tomwg.com
127.0.0.1 tp.shpzhan.cn
127.0.0.1 1.joppnqq.com
127.0.0.1 xx.exiao01.com
127.0.0.1 www.22aaa.com
127.0.0.1 ilove.com
127.0.0.1 xxx.mmma.biz
127.0.0.1 www.868wg.com
127.0.0.1 2.joppnqq.com
127.0.0.1 1.jopanqc.com
127.0.0.1 yu.8s7.net
127.0.0.1 1.jopmmqq.com
127.0.0.1 cao.kv8.info
127.0.0.1 xtx.kv8.info
127.0.0.1 new.749571.com
127.0.0.1 xxx.vh7.biz
127.0.0.1 1.jopenkk.com
127.0.0.1 d.93se.com
127.0.0.1 3.joppnqq.com
127.0.0.1 xxx.j41m.com
127.0.0.1 1.jopenqc.com
127.0.0.1 xxx.m111.biz
127.0.0.1 down.18dd.net
127.0.0.1 www.333292.com
127.0.0.1 qqq.hao1658.com
127.0.0.1 qqq.dzydhx.com
127.0.0.1 www.exiao01.com
127.0.0.1 www.cike007.cn
==================================
进程特权扫描
N/A
==================================
计划任务
[已启用] [url=file://\\ExtendedServicePlan]\\ExtendedServicePlan[/url]
        "C:\Program Files\Hewlett-Packard\SDP\RemEngine.exe" ExtendedServicePlan ShowMessageTask
[已启用] [url=file://\\HPCeeScheduleForhy]\\HPCeeScheduleForhy[/url]
        C:\Program Files\Hewlett-Packard\SDP\Ceement\HPCEE.exe HPCeeScheduleForhy (null)
[已启用] [url=file://\\OGADaily]\\OGADaily[/url]
        C:\Windows\system32\OGAVerify.exe HPCeeScheduleForhy (null)
[已启用] [url=file://\\OGALogon]\\OGALogon[/url]
        C:\Windows\system32\OGAVerify.exe HPCeeScheduleForhy (null)
[已启用] [url=file://\\ServicePlan]\\ServicePlan[/url]
        "C:\Program Files\Hewlett-Packard\SDP\RemEngine.exe" ServicePlan ShowMessageTask3M
[已启用] [url=file://\\SogouImeMgr]\\SogouImeMgr[/url]
        C:\PROGRA~1\SOGOUI~1\400~1.198\PINYIN~1.EXE /S
[已启用] [url=file://\\{37BCAA5B-C0E7-460E-B401-9DD6825C377D]\\{37BCAA5B-C0E7-460E-B401-9DD6825C377D[/url]}
        C:\Windows\system32\pcalua.exe -a E:\Maxthon2\Maxthon.exe -d E:\Maxthon2 -c -debug
[已禁用] \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)
        N/A
[已启用] \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)
        N/A
[已启用] \Microsoft\Windows\Bluetooth\UninstallDeviceTask
        BthUdTask.exe $(Arg0)
[已启用] \Microsoft\Windows\CertificateServicesClient\SystemTask
        N/A
[已启用] \Microsoft\Windows\CertificateServicesClient\UserTask
        N/A
[已启用] \Microsoft\Windows\CertificateServicesClient\UserTask-Roam
        N/A
[已启用] \Microsoft\Windows\Customer Experience Improvement Program\Consolidator
        %SystemRoot%\System32\wsqmcons.exe
[已启用] \Microsoft\Windows\Customer Experience Improvement Program\OptinNotification
        %SystemRoot%\System32\wsqmcons.exe -n 0x1C577FA2B69CAD0
[已启用] \Microsoft\Windows\Customer Experience Improvement Program\Uploader
        %windir%\system32\WSqmCons.exe -u
[已启用] \Microsoft\Windows\Defrag\ManualDefrag
        %windir%\system32\defrag.exe [url=file://\\?\Volume{d69646dc-9763-11dd-ac3b-806e6f6e6963}\]\\?\Volume{d69646dc-9763-11dd-ac3b-806e6f6e6963}\[/url] [url=file://\\?\Volume{d69646dd-9763-11dd-ac3b-806e6f6e6963}\]\\?\Volume{d69646dd-9763-11dd-ac3b-806e6f6e6963}\[/url] [url=file://\\?\Volume{d69646de-9763-11dd-ac3b-806e6f6e6963}\]\\?\Volume{d69646de-9763-11dd-ac3b-806e6f6e6963}\[/url] [url=file://\\?\Volume{d69646df-9763-11dd-ac3b-806e6f6e6963}\]\\?\Volume{d69646df-9763-11dd-ac3b-806e6f6e6963}\[/url] [url=file://\\?\Volume{d69648fe-9763-11dd-ac3b-001d7243f2d5}\]\\?\Volume{d69648fe-9763-11dd-ac3b-001d7243f2d5}\[/url]
[已启用] \Microsoft\Windows\Defrag\ScheduledDefrag
        %windir%\system32\defrag.exe -c -i -g
[已启用] \Microsoft\Windows\Media Center\ehDRMInit
        %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
[已启用] \Microsoft\Windows\Media Center\mcupdate
        %SystemRoot%\ehome\mcupdate $(Arg0) -gc
[已启用] \Microsoft\Windows\Media Center\OCURActivate
        %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
[已启用] \Microsoft\Windows\Media Center\OCURDiscovery
        %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery
[已启用] \Microsoft\Windows\Media Center\UpdateRecordPath
        %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
[已启用] \Microsoft\Windows\MobilePC\HotStart
        N/A
[已启用] \Microsoft\Windows\MobilePC\TMM
        N/A
[已启用] \Microsoft\Windows\MUI\LPRemove
        %windir%\system32\lpremove.exe
[已启用] \Microsoft\Windows\Multimedia\SystemSoundsService
        N/A
[已启用] \Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
        N/A
[已启用] \Microsoft\Windows\Shell\CrawlStartPages
        N/A
[已禁用] \Microsoft\Windows\SideShow\AutoWake
        N/A
[已启用] \Microsoft\Windows\SideShow\GadgetManager
        N/A
[已禁用] \Microsoft\Windows\SideShow\SessionAgent
        N/A
[已禁用] \Microsoft\Windows\SideShow\SystemDataProviders
        N/A
[已启用] \Microsoft\Windows\SystemRestore\SR
        %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
[已启用] \Microsoft\Windows\Tcpip\IpAddressConflict1
        rundll32 ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
[已启用] \Microsoft\Windows\Tcpip\IpAddressConflict2
        rundll32 ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
[已启用] \Microsoft\Windows\UPnP\UPnPHostConfig
        sc.exe config upnphost start= auto
[已启用] \Microsoft\Windows\Windows Error Reporting\QueueReporting
        %windir%\system32\wermgr.exe -queuereporting
[已启用] \Microsoft\Windows\WindowsCalendar\Reminders - hy
        C:\Program Files\Windows Calendar\WinCal.exe /reminder
[已启用] \Microsoft\Windows\Wired\GatherWiredInfo
        %windir%\system32\gatherWiredInfo.vbs
[已启用] \Microsoft\Windows\Wireless\GatherWirelessInfo
        %windir%\system32\gatherWirelessInfo.vbs
==================================
API HOOK
N/A
==================================
隐藏进程
N/A
==================================

[/CODE]

[rpcnetp / rpcnetp][Running/Manual Start]
  <2 - 系统找不到指定的文件。
><(File is missing)>
什么的服务