C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\瑞星杀毒\RISING\RAV\Ravmond.exe
C:\WINDOWS\Explorer.EXE
D:\瑞星杀毒\Rising\Rfw\rfwsrv.exe
D:\瑞星杀毒\RISING\RAV\RavStub.exe
C:\WINDOWS\SOUNDMAN.EXE
D:\瑞星杀毒\RISING\RAV\RAVMON.EXE
D:\瑞星杀毒\RISING\RAV\RAVTIMER.EXE
D:\瑞星杀毒\Rising\Rfw\rfwmain.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
D:\瑞星杀毒\RISING\RAV\CCENTER.EXE
C:\WINDOWS\System32\svchost.exe
D:\瑞星杀毒\RISING\RAV\Rav.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\应用软件\UC文件夹\uc\UC\UC.exe
D:\QQ文件\qq2005_beta3\新建文件夹\QQ.exe
C:\WINDOWS\system32\wuauclt.exe
D:\QQ文件\qq2005_beta3\新建文件夹\TMDlls\TIMPlatform.exe
D:\安装程序\日志.exe
R3 - Default URLSearchHook is missing
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v4.dll
O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - D:\PROGRA~1\baidu\bar\BaiduBar.dll
O3 - Toolbar: 百度超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - (no file)
O3 - Toolbar: 卡卡安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\KakaTool.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RavMon] D:\瑞星杀毒\RISING\RAV\RAVMON.EXE -SYSTEM
O4 - HKLM\..\Run: [RavTimer] D:\瑞星杀毒\RISING\RAV\RAVTIMER.EXE
O4 - HKLM\..\Run: [RfwMain] "D:\瑞星杀毒\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &使用迅雷下载 - D:\应用软件\迅雷\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - D:\应用软件\迅雷\getAllurl.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\QQ文件\qq2005_beta3\新建文件夹\AddToNetDisk.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\QQ文件\qq2005_beta3\新建文件夹\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\QQ文件\qq2005_beta3\新建文件夹\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\QQ文件\qq2005_beta3\新建文件夹\SendMMS.htm
O9 - Extra button: 易趣购物 - {DE607141-AC19-421e-862A-2D70ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=5 (file missing)
O9 - Extra 'Tools' menuitem: 易趣购物 - {DE607141-AC19-421e-862A-2D70ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=5 (file missing)
O14 - IERESET.INF: SEARCH_PAGE_URL=
O14 - IERESET.INF: START_PAGE_URL=
O16 - DPF: {52DF16E3-6C4F-4B22-8BAF-09263E463B48} - http://zs.kingsoft.com/KOSInit.cab
O16 - DPF: {56A7DC70-E102-4408-A34A-AE06FEF01586} (天下搜索) - http://iebar.t2t2.com/iebar.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2DB02F1C-4E61-4983-8334-50692F83A901}: NameServer = 202.99.96.68 202.99.64.69
O17 - HKLM\System\CS1\Services\Tcpip\..\{2DB02F1C-4E61-4983-8334-50692F83A901}: NameServer = 202.99.96.68 202.99.64.69
O18 - Protocol: koboo - {7DEE9D05-FA0A-4416-A6F3-6537D0EAB6A6} - C:\WINDOWS\system32\mbprot.dll
O18 - Protocol: mbox - {7DEE9D05-FA0A-4416-A6F3-6537D0EAB6A6} - C:\WINDOWS\system32\mbprot.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Corporation Limited - D:\瑞星杀毒\Rising\Rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - rising - D:\瑞星杀毒\RISING\RAV\CCENTER.EXE
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\瑞星杀毒\RISING\RAV\Ravmond.exe