大家帮我看看..我的IE在访问一些网站的时候我的全功能2009自动报拦截到118114那个网站的东西..我怀疑我电脑中招了..用SR扫描了一哈.看不怎么懂,请大家给我看看是哪里出问题了..谢谢!



SR报告:
[CODE]
2009-06-19,12:25:56
System Repair Engineer 2.7.1.1261
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 3 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描
    计划任务
    API HOOK
    隐藏进程

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [NVIDIA Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <WebCheck><C:\WINDOWS\system32\webcheck.dll>  [(Verified)Microsoft Windows]
    <SysTray><C:\WINDOWS\system32\stobject.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    <WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    <WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    <WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
    <WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    <WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    <WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    <WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    <WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    <WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    <WinlogonNotify: WgaLogon><WgaLogon.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    <WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
    <Internet Explorer 版本更新><C:\WINDOWS\system32\ieudinit.exe>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
    <Browser Customizations><"C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{D9FCD29C-7E14-4AF4-A935-B1321815EDEE}]
    <自定义浏览器><RunDLL32 IEDKCS32.DLL,BrandIE4 CUSTOM>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    <Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -BaseSettings>  [(Verified)Microsoft Windows Component Publisher]
==================================
启动文件夹
[服务管理器]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\服务管理器.lnk --> C:\PROGRA~1\MI6841~1\80\Tools\Binn\sqlmangr.exe [Microsoft Corporation]><N>
==================================
服务
[Network Service Support Agent. / .Net Service][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k krnlsrvc-->C:\WINDOWS\system32\RumhtkC.dll><@ Microsoft Corporation. All rights reserved.>
[FLEXnet Licensing Service / FLEXnet Licensing Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"><Acresso Software Inc.>
[Helix Server / Helix Server][Stopped/Manual Start]
  <C:\Program Files\Real\Helix Server\Bin\rmserver.exe><RealNetworks, Inc.>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[kwtjlz / kwtjlz][Running/Auto Start]
  <C:\WINDOWS\system32\SVCHOST.EXE -k kwtjlz-->%SystemRoot%\System32\gjgxbb.dll><N/A>
[NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
  <><(File is missing)>
[MSSQLSERVER / MSSQLSERVER][Running/Auto Start]
  <d:\PROGRA~1\MICROS~1\MSSQL\binn\sqlservr.exe><Microsoft Corporation>
[MSSQLServerADHelper / MSSQLServerADHelper][Stopped/Manual Start]
  <C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe><Microsoft Corporation>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[PnkBstrA / PnkBstrA][Stopped/Manual Start]
  <C:\WINDOWS\system32\PnkBstrA.exe><N/A>
[Ris Process Communication Center / RisCCenter][Stopped/Auto Start]
  <C:\Program Files\Rising\Ris\CCENTER.EXE><Beijing Rising Information Technology Co., Ltd.>
[Rising RisTask Manager / RisTask][Running/Auto Start]
  <"C:\Program Files\Rising\Ris\RavTask.exe" RisTask><Beijing Rising Information Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
  <C:\Program Files\Rising\Ris\RavMonD.exe><Beijing Rising Information Technology Co., Ltd.>
[Rising Scan Service / RsScanSrv][Stopped/Auto Start]
  <C:\Program Files\Rising\Ris\ScanFrm.exe><Beijing Rising Information Technology Co., Ltd.>
[SentinelProtectionServer / SentinelProtectionServer][Running/Auto Start]
  <"C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe"><SafeNet, Inc>
[SQLSERVERAGENT / SQLSERVERAGENT][Stopped/Manual Start]
  <d:\Program Files\Microsoft SQL Server\MSSQL\binn\sqlagent.exe -i MSSQLSERVER><Microsoft Corporation>
[VMware Authorization Service / VMAuthdService][Stopped/Auto Start]
  <D:\Program Files\VMware\VMware Workstation\vmware-authd.exe><VMware, Inc.>
[VMware DHCP Service / VMnetDHCP][Running/Auto Start]
  <C:\WINDOWS\system32\vmnetdhcp.exe><VMware, Inc.>
[VMware Virtual Mount Manager Extended / vmount2][Running/Auto Start]
  <"C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe"><VMware, Inc.>
[VMware NAT Service / VMware NAT Service][Running/Auto Start]
  <C:\WINDOWS\system32\vmnat.exe><VMware, Inc.>
[WatchData ccb V3.2 / WDMonitorCCB][Running/Auto Start]
  <C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDKeyMonitorCCB.exe><Beijing WatchData System Co., Ltd.>
[Windows Management Instrumentw / WMISEswes][Running/Auto Start]
  <C:\WINDOWS\system32\svchost -k WMISEswes-->%SystemRoot%\System32\pluprp.dll><奇虎网>
==================================
驱动程序
[AMD Processor Driver / AmdK8][Running/System Start]
  <system32\DRIVERS\AmdK8.sys><Advanced Micro Devices>
[Creative SB16/AWE32/AWE64 Driver (WDM) / ctlsb16][Stopped/Manual Start]
  <system32\drivers\ctlsb16.sys><Copyright (C) Creative Technology Ltd. 1994-2001>
[DC21x4 Based Network Adapter Driver / DC21x4][Stopped/Manual Start]
  <system32\DRIVERS\dc21x4.sys><Intel Corporation.>
[VMware hcmon / hcmon][Running/Auto Start]
  <\??\C:\WINDOWS\system32\Drivers\hcmon.sys><VMware, Inc.>
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[hookcont / hookcont][Running/System Start]
  <system32\drivers\HookCont.sys><Beijing Rising Information Technology Co., Ltd.>
[hooksys / hooksys][Running/System Start]
  <system32\drivers\HookSys.sys><Beijing Rising Information Technology Co., Ltd.>
[HUAWEI Mobile Composite Device driver / hwtdbus][Stopped/Manual Start]
  <system32\DRIVERS\hwtdbus.sys><MCCI Corporation>
[HUAWEI Mobile Cable Emulation Bus / hwtdceb][Running/Manual Start]
  <system32\DRIVERS\hwtdceb.sys><MCCI Corporation>
[Huawei TD USB Fake / hwtdfake][Stopped/Manual Start]
  <system32\DRIVERS\hwtdfake.sys><Huawei Technologies Co., Ltd.>
[HUAWEI Mobile CMCC MMS (Filter) / hwtdmdfl][Stopped/Manual Start]
  <system32\DRIVERS\hwtdmdfl.sys><MCCI Corporation>
[HUAWEI Mobile CMCC AT Interface Drivers / hwtdmdm][Stopped/Manual Start]
  <system32\DRIVERS\hwtdmdm.sys><MCCI Corporation>
[HUAWEI Mobile CMCC Modem Controller / hwtdmdmc][Stopped/Manual Start]
  <system32\DRIVERS\hwtdmdmc.sys><MCCI Corporation>
[HUAWEI Mobile CMCC MMS Controller / hwtdmdmc2][Stopped/Manual Start]
  <system32\DRIVERS\hwtdmdmc2.sys><MCCI Corporation>
[HUAWEI Mobile CMCC MMS / hwtdsce][Stopped/Manual Start]
  <system32\DRIVERS\hwtdsce.sys><MCCI Corporation>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
  <system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[ISO CD-ROM Device Driver / ISODrive][Stopped/Manual Start]
  <\??\F:\uiso9_pe_green\UltraISO\drivers\ISODrive.sys><EZB Systems, Inc.>
[KSCDMAN / KSCDMAN][Running/Auto Start]
  <system32\drivers\kscdman.sys><KingSoft Corp.>
[ATK0110 ACPI UTILITY / MTsensor][Running/Manual Start]
  <system32\DRIVERS\ASACPI.sys><>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[NVIDIA nForce 10/100 Mbps Ethernet  / NVENETFD][Running/Manual Start]
  <system32\DRIVERS\NVENETFD.sys><NVIDIA Corporation>
[NVIDIA Network Bus Enumerator / nvnetbus][Running/Manual Start]
  <system32\DRIVERS\nvnetbus.sys><NVIDIA Corporation>
[NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Rising RfwARP Driver / RFWARP][Running/Auto Start]
  <system32\DRIVERS\rfwarp.sys><Beijing Rising Information Technology Co., Ltd.>
[Rising RfwBase Driver / RfwBase9][Running/Manual Start]
  <system32\DRIVERS\rfwbase.sys><Beijing Rising Information Technology Co., Ltd.>
[rfwtdi / rfwtdi][Running/Auto Start]
  <\??\C:\Program Files\Rising\Ris\rfwtdi.sys><Beijing Rising Information Technology Co., Ltd.>
[rsfwdrv / rsfwdrv][Running/System Start]
  <\??\C:\Program Files\Rising\Ris\rsfwdrv.sys><Beijing Rising Information Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Information Technology Co., Ltd.>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[seMyIpFilt / seMyIpFilt][Stopped/Manual Start]
  <system32\drivers\seipdrv.sys><N/A>
[Sentinel / Sentinel][Running/Auto Start]
  <\SystemRoot\System32\Drivers\SENTINEL.SYS><Rainbow Technologies, Inc.>
[SATALink driver accelerator / SiFilter][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\SiWinAcc.sys><Silicon Image, Inc.>
[System Restore Filter Driver / sr][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\sr.sys><N/A>
[【重庆文理学院网络中心VPN技术,用户必须安装此驱动程序，才能正常使用校园网内部资源。】 / tap0801][Stopped/Manual Start]
  <system32\DRIVERS\tap0801.sys><The OpenVPN Project>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[viamraid / viamraid][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\viamraid.sys><VIA Technologies inc,.ltd>
[VMware Virtual Ethernet Adapter Driver / VMnetAdapter][Running/Manual Start]
  <system32\DRIVERS\vmnetadapter.sys><VMware, Inc.>
[VMware Bridge Protocol / VMnetBridge][Running/Auto Start]
  <system32\DRIVERS\vmnetbridge.sys><VMware, Inc.>
[VMware Network Application Interface / VMnetuserif][Running/Auto Start]

用户系统信息：Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; User-agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; http://bsalsa.com) ; .NET CLR 2.0.50727; .NET CLR 1.1.4322; GreenBrowser)

<\??\C:\WINDOWS\system32\drivers\vmnetuserif.sys><VMware, Inc.>
[VMware vmx86 / vmx86][Running/Auto Start]
  <\??\C:\WINDOWS\system32\Drivers\vmx86.sys><VMware, Inc.>
[Vstor2 Virtual Storage Driver / vstor2][Running/Auto Start]
  <\??\C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys><VMware, Inc.>==================================
浏览器加载项
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[Adobe PDF Link Helper]
  {18DF081C-E8AD-4283-A596-FA578C2EBDC3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll, (Signed) Adobe Systems Incorporated>
[RealPlayer Download and Record Plugin for Internet Explorer]
  {3049C3E9-B461-4BC5-8870-4C09146192CA} <d:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll, (Signed) RealPlayer>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[信息检索(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, (Signed) Microsoft Corporation>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[]
  {02AC20DD-5548-4CA7-ACCF-18AFE5A4A072} <, >
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, (Signed) Microsoft Corporation>
[Adobe PDF Link Helper]
  {18DF081C-E8AD-4283-A596-FA578C2EBDC3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll, (Signed) Adobe Systems Incorporated>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <C:\WINDOWS\system32\mshtml.dll, (Signed) Microsoft Corporation>
[XML DOM Document]
  {2933BF90-7B36-11D2-B20E-00C04F983E60} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation>
[RealPlayer Download and Record Plugin for Internet Explorer]
  {3049C3E9-B461-4BC5-8870-4C09146192CA} <d:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll, (Signed) RealPlayer>
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <C:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, (Signed) Microsoft Corporation>
[XMP Class]
  {6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, 深圳市迅雷网络技术有限公司>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[WangWangObj Class]
  {6E213FC7-DD5A-4115-B7E6-D4C7838C361E} <D:\Program Files\Alisoft\WangWang\WangWangX6.dll, (Signed) 阿里巴巴软件(上海)有限公司>
[Windows Script Host Shell Object]
  {72C24DD5-D70A-438B-8A42-98424B88AFB8} <C:\WINDOWS\system32\wshom.ocx, (Signed) Microsoft Corporation>
[MediaComm Class]
  {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <C:\Program Files\Thunder Network\Thunder\Components\InMedia\MediaAddin.dll, (Signed) Thunder Networking Technologies,LTD>
[XDownloaddManager Class]
  {802F530B-A8F6-4631-AE49-6BACAAC6373E} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[Microsoft Web Browser]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[XML HTTP 4.0]
  {88D969C5-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml4.dll, (Signed) Microsoft Corporation>
[XML HTTP 5.0]
  {88D969EA-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL, (Signed) Microsoft Corporation>
[XML DOM Document 6.0]
  {88D96A05-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[XML HTTP 6.0]
  {88D96A0A-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <, >
[OFrameObject Class]
  {9701758C-4373-482E-B13C-776C048EC890} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.5901.169.(951).dll, (Signed) ShenZhen Thunder Networking Technologies Ltd.>
[Rising Online Antivirus scanner control]
  {9FAFB576-6933-4CCC-AB3D-B988EC43D04E} <%ProgramFiles%\Rising\RavOL\RavOLCtl.dll, (Signed) N/A>
[DapCtrl Class]
  {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.5901.169.(951).dll, (Signed) ShenZhen Thunder Networking Technologies Ltd.>
[clienttime.client]
  {C5D0DFF5-6D39-4F98-88CD-12E8430A6300} <C:\Program Files\Timefairy\client.ocx, NTSC>
[QQPlayerCtrl Class]
  {CD108273-D434-43E6-AA90-1469F97EB398} <D:\Program files\Tencent\QQ\Plugin\Com.Tencent.QQMusic\bin\QQMusic\QzoneMusic.dll, (Signed) 深圳腾讯科技>
[WDCCBCtrl Class]
  {CE0460F5-48BD-4DC1-A046-0BDCB5A06CEB} <C:\WINDOWS\system32\wdccb.dll, (Signed) >
[Microsoft Url Search Hook]
  {CFBFAE00-17A6-11D0-99CB-00C04FD64497} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx, (Signed) Adobe Systems, Inc.>
[PlayerCtrl Class]
  {E05BC2A3-9A46-4A32-80C9-023A473F5B23} <D:\Program files\Tencent\QQ\Plugin\Com.Tencent.QQMusic\bin\QQMusic\QzoneMusic.dll, (Signed) 深圳腾讯科技>
[TimwpDll.TimwpCheck]
  {ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4} <D:\PROGRA~1\Tencent\QQ\Bin\Timwp.dll, (Signed) Tencent>
[XML HTTP Request]
  {ED8C108E-4349-11D2-91A4-00C04F7969E8} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[Scripting.Dictionary]
  {EE09B103-97E0-11CF-978F-00A02463E06F} <C:\WINDOWS\system32\scrrun.dll, (Signed) Microsoft Corporation>
[XPPlayer Class]
  {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Program Files\Common Files\Thunder Network\KanKan\PPlayer.2.1.59010.253.(952).dll, (Signed) ShenZhen Thunder Networking Technologies Ltd.>
[XML HTTP 3.0]
  {F5078F35-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[XML HTTP]
  {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ表情]
  <D:\Program files\Tencent\QQ\Bin\AddEmotion.htm, N/A>
==================================
正在运行的进程
[PID: 1004 / SYSTEM][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1384 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1528 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [c:\windows\system32\gjgxbb.dll]  [N/A, ]
    [c:\windows\system32\pluprp.dll]  [奇虎网, 5, 0, 0, 1015]
[PID: 1652 / SYSTEM][C:\WINDOWS\system32\services.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
[PID: 1664 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1916 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 2016 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1040 / SYSTEM][C:\Program Files\Rising\Ris\CCENTER.EXE]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\Rising\Ris\combase.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [C:\Program Files\Rising\Ris\cnt09.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 37]
    [C:\Program Files\Rising\Ris\cnt08.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1048 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1140 / SYSTEM][C:\Program Files\Rising\Ris\RavTask.exe]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24]
    [C:\Program Files\Rising\Ris\proccomm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Rising\Ris\rsconf.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\Ris\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
    [C:\Program Files\Rising\Ris\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.20]
    [C:\Program Files\Rising\Ris\rstask.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 39]
    [C:\Program Files\Rising\Ris\rsstub.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1184 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1404 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1612 / SYSTEM][C:\Program Files\Rising\Ris\RavMonD.exe]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\Rising\Ris\combase.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Rising\Ris\moncomm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13]
    [C:\Program Files\Rising\Ris\MonBase.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6]
    [C:\Program Files\Rising\Ris\Rslog.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\Ris\mondrv.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9]
    [C:\Program Files\Rising\Ris\defmon.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 31]
    [C:\Program Files\Rising\Ris\moncom08.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1]
    [C:\Program Files\Rising\Ris\MonRule.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9]
    [C:\Program Files\Rising\Ris\FileMon.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28]
    [C:\Program Files\Rising\Ris\MailMon.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24]
    [C:\Program Files\Rising\Ris\HookWeb.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [C:\Program Files\Rising\Ris\rfwlog.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13]
    [C:\Program Files\Rising\Ris\rfwrule.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.25]
    [C:\Program Files\Rising\Ris\rfwsrv.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.89]
    [C:\Program Files\Rising\Ris\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\Program Files\Rising\Ris\mPorts.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.0]
    [C:\Program Files\Rising\Ris\rfwdrvc.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.3]
    [C:\Program Files\Rising\Ris\Rfwdrv.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.5]
    [C:\Program Files\Rising\Ris\rsnetsvr.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14]
    [C:\Program Files\Rising\Ris\urlrule.dll]  [Beijing Rising Information Technology Co., Ltd., 1.0.0.18]
    [C:\Program Files\Rising\Ris\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\Ris\recomp.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\Ris\refs.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [C:\Program Files\Rising\Ris\viruslib.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5]
    [C:\Program Files\Rising\Ris\relibldr.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6]
    [C:\Program Files\Rising\Ris\rfwproxy.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.25]
    [C:\Program Files\Rising\Ris\proccomm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [C:\Program Files\Rising\Ris\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
    [C:\Program Files\Rising\Ris\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.20]
    [C:\Program Files\Rising\Ris\Hooksys.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 18]
    [C:\Program Files\Rising\Ris\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [C:\Program Files\Rising\Ris\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [C:\Program Files\Rising\Ris\HookCont.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 12]
    [C:\Program Files\Rising\Ris\BACore.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 22]
    [C:\Program Files\Rising\Ris\RSStore.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
    [C:\Program Files\Rising\Ris\ScanAdd.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.19]
    [C:\Program Files\Rising\Ris\Scanner.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.39]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Program Files\Rising\Ris\ffr.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [C:\Program Files\Rising\Ris\nvfile.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [C:\Program Files\Rising\Ris\scanexec.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6]
    [C:\Program Files\Rising\Ris\unexe.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\Rising\Ris\scanex.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [C:\Program Files\Rising\Ris\pearc.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\Ris\scanpe.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14]
    [C:\Program Files\Rising\Ris\pecompd.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1]
    [C:\Program Files\Rising\Ris\heurex.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\Rising\Ris\ur000.dat]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13]
    [C:\Program Files\Rising\Ris\urutils.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\Ris\methodex.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\Rising\Ris\revm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7]
    [C:\Program Files\Rising\Ris\extfile.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14]
    [C:\Program Files\Rising\Ris\urllib.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1]
    [C:\Program Files\Rising\Ris\ur025.dat]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1]
    [C:\Program Files\Rising\Ris\scansct.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [C:\Program Files\Rising\Ris\ur023.dat]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6]
    [C:\Program Files\Rising\Ris\extmail.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5]
    [C:\Program Files\Rising\Ris\ur001.dat]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7]
    [C:\Program Files\Rising\Ris\ur012.dat]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1]
    [C:\Program Files\Rising\Ris\extole.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1]
    [C:\Program Files\Rising\Ris\scanmac.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5]
[PID: 352 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]

[C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1248 / Administrator][C:\WINDOWS\system32\ctfmon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [c:\windows\system32\gjgxbb.dll]  [N/A, ]
    [c:\windows\system32\pluprp.dll]  [奇虎网, 5, 0, 0, 1015]
[PID: 1252 / Administrator][C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe]  [Microsoft Corporation, 2000.080.2039.00]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\W95SCM.dll]  [Microsoft Corporation, 2000.080.2039.00]
    [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\SQLSVC.dll]  [Microsoft Corporation, 2000.080.2039.00]
    [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\SQLRESLD.dll]  [Microsoft Corporation, 2000.080.2039.00]
    [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\Resources\2052\SQLSVC.RLL]  [Microsoft Corporation, 2000.080.0194.00]
    [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\Resources\2052\sqlmangr.RLL]  [Microsoft Corporation, 2000.080.0194.00]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [c:\windows\system32\gjgxbb.dll]  [N/A, ]
    [c:\windows\system32\pluprp.dll]  [奇虎网, 5, 0, 0, 1015]
[PID: 1200 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1272 / NETWORK SERVICE][C:\WINDOWS\system32\msdtc.exe]  [(Verified) Microsoft Corporation, 2001.12.4414.700]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1492 / SYSTEM][C:\WINDOWS\system32\SVCHOST.EXE]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [c:\windows\system32\gjgxbb.dll]  [N/A, ]
[PID: 1540 / SYSTEM][C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE]  [Microsoft Corporation, 7.00.9466]
    [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\2052\mdmui.dll]  [Microsoft Corporation, 7.00.9466]
    [c:\windows\system32\gjgxbb.dll]  [N/A, ]
    [c:\windows\system32\pluprp.dll]  [奇虎网, 5, 0, 0, 1015]
[PID: 1780 / SYSTEM][d:\PROGRA~1\MICROS~1\MSSQL\binn\sqlservr.exe]  [Microsoft Corporation, 2000.080.2039.00]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [d:\PROGRA~1\MICROS~1\MSSQL\binn\opends60.dll]  [Microsoft Corporation, 2000.080.2039.00]
    [d:\PROGRA~1\MICROS~1\MSSQL\binn\sqlsort.dll]  [Microsoft Corporation, 2000.080.2039.00]
    [d:\PROGRA~1\MICROS~1\MSSQL\binn\ums.dll]  [Microsoft Corporation, 2000.080.2039.00]
    [d:\PROGRA~1\MICROS~1\MSSQL\binn\Resources\2052\sqlevn70.RLL]  [Microsoft Corporation, 2000.080.2039.00]
    [d:\Program Files\Microsoft SQL Server\MSSQL\binn\SSNETLIB.dll]  [Microsoft Corporation, 2000.080.2039.00]
    [d:\PROGRA~1\MICROS~1\MSSQL\binn\SSmsLPCn.dll]  [Microsoft Corporation, 2000.080.2039.00]
    [d:\PROGRA~1\MICROS~1\MSSQL\binn\SSnmPN70.dll]  [Microsoft Corporation, 2000.080.2039.00]
    [d:\PROGRA~1\MICROS~1\MSSQL\binn\SSmsAD70.dll]  [Microsoft Corporation, 2000.080.2039.00]
    [d:\PROGRA~1\MICROS~1\MSSQL\binn\SSmsRP70.dll]  [Microsoft Corporation, 2000.080.2039.00]
[PID: 964 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.11.7519]
    [C:\WINDOWS\system32\nvapi.dll]  [NVIDIA Corporation, 6.14.11.7519]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [c:\windows\system32\gjgxbb.dll]  [N/A, ]
    [c:\windows\system32\pluprp.dll]  [奇虎网, 5, 0, 0, 1015]
[PID: 1864 / SYSTEM][C:\Program Files\Rising\Ris\ScanFrm.exe]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.11]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Rising\Ris\combase.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [C:\Program Files\Rising\Ris\moncomm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13]
    [C:\Program Files\Rising\Ris\scansrvp.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.13]
    [C:\Program Files\Rising\Ris\proccomm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [C:\Program Files\Rising\Ris\ScanSrv.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.10]
    [C:\Program Files\Rising\Ris\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\Ris\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Program Files\Rising\Ris\ScanSimT.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.24]
    [C:\Program Files\Rising\Ris\ScanBT.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.49]
    [C:\Program Files\Rising\Ris\ScanStub.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.9]
    [C:\Program Files\Rising\Ris\ScanAdd.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.19]
    [C:\Program Files\Rising\Ris\ScanRavT.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.27]
    [C:\Program Files\Rising\Ris\RsLog.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\Ris\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
    [C:\Program Files\Rising\Ris\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.20]
    [C:\Program Files\Rising\Ris\Scanner.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.39]
    [C:\Program Files\Rising\Ris\recomp.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\Ris\refs.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [C:\Program Files\Rising\Ris\viruslib.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5]
    [C:\Program Files\Rising\Ris\relibldr.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6]
    [C:\Program Files\Rising\Ris\scanexec.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6]
    [C:\Program Files\Rising\Ris\unexe.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\Rising\Ris\scanex.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [C:\Program Files\Rising\Ris\mvengine.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [C:\Program Files\Rising\Ris\posttrt.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\Rising\Ris\ffr.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [C:\Program Files\Rising\Ris\nvfile.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [C:\Program Files\Rising\Ris\pearc.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\Ris\scanpe.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14]
    [C:\Program Files\Rising\Ris\ur000.dat]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13]
    [C:\Program Files\Rising\Ris\urutils.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\Ris\methodex.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\Rising\Ris\pecompd.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1]
    [C:\Program Files\Rising\Ris\heurex.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\Rising\Ris\extfile.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14]
[PID: 1604 / SYSTEM][C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe]  [SafeNet, Inc, 7, 0, 0]
[PID: 220 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 148 / SYSTEM][C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe]  [VMware, Inc., 5.5.0 build-18463]
    [C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmxScsiLib.dll]  [VMware, Inc., 5.5.0 build-18463]
    [C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1320 / SYSTEM][C:\WINDOWS\system32\vmnat.exe]  [VMware, Inc., 5.5.0 build-18463]
[PID: 2104 / SYSTEM][C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDKeyMonitorCCB.exe]  [ Beijing WatchData System Co., Ltd., 3, 2, 0, 0]
    [C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\TokenMgr.dll]  [ Beijing WatchData System Co., Ltd., 3, 6, 3, 2]
    [C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDAlg.DLL]  [ Beijing WatchData System C0., Ltd., 3, 5, 12, 20]
    [C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\wdkmgr.dll]  [Watchdata, 1, 0, 0, 11]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [c:\windows\system32\gjgxbb.dll]  [N/A, ]
    [c:\windows\system32\pluprp.dll]  [奇虎网, 5, 0, 0, 1015]
[PID: 2200 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [c:\windows\system32\pluprp.dll]  [奇虎网, 5, 0, 0, 1015]
[PID: 2220 / SYSTEM][C:\WINDOWS\system32\vmnetdhcp.exe]  [VMware, Inc., 5.5.0 build-18463]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[PID: 3656 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 2124 / SYSTEM][C:\Program Files\Rising\Ris\rsnetsvr.exe]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 15]
    [C:\Program Files\Rising\Ris\NComm.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.12]
    [C:\Program Files\Rising\Ris\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\Program Files\Rising\Ris\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\Ris\ProcComm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 3196 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 2256 / Administrator][C:\Program Files\Rising\Ris\RsTray.exe]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.22]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Program Files\Rising\Ris\ComServ.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.49]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Rising\Ris\rslang.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28]
    [C:\Program Files\Rising\Ris\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\Ris\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\Program Files\Rising\Ris\rsxml.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\Rising\Ris\ProcComm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [C:\Program Files\Rising\Ris\MonState.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7]
    [C:\Program Files\Rising\Ris\ScanEvnt.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.14]
    [C:\Program Files\Rising\Ris\rsguilib.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 75]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MFC71CHS.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Rising\Ris\rsconf.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\Ris\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
    [C:\Program Files\Rising\Ris\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.20]
    [C:\Program Files\Rising\Ris\rfwrule.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.25]
    [C:\Program Files\Rising\Ris\rspalvd.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.26]
    [C:\Program Files\Rising\Ris\rsnetsvr.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14]
    [C:\Program Files\Rising\Ris\ravbintl.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 29]
    [C:\Program Files\Rising\Ris\mruleui.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10]
    [C:\Program Files\Rising\Ris\MonTray.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.1.4]
    [C:\Program Files\Rising\Ris\PngDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\Ris\RavITray.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23]
    [C:\Program Files\Rising\Ris\ScanPrxy.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.17]
    [C:\Program Files\Rising\Ris\rfwtray.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 1, 12]
    [C:\Program Files\Rising\Ris\rsmginfo.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [C:\Program Files\Rising\Ris\rfwlog.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13]
[PID: 4044 / Administrator][D:\Program files\Tencent\QQ\Bin\QQ.exe]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\Common.dll]  [Tencent, 1, 26, 760, 0]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [D:\Program files\Tencent\QQ\Bin\KernelUtil.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\GF.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\MSIMG32.dll]  [N/A, ]
    [D:\Program files\CyboQQ\cyboma.dll]  [N/A, ]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [c:\windows\system32\pluprp.dll]  [奇虎网, 5, 0, 0, 1015]
    [c:\windows\system32\gjgxbb.dll]  [N/A, ]
    [D:\Program files\CyboQQ\SonicUI.dll]  [N/A, ]
    [D:\Program files\Tencent\QQ\Bin\AppUtil.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\MainFrame.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\TaskTray.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\TXPFProxy.dll]  [N/A, ]
    [D:\Program files\Tencent\QQ\Bin\AppMisc.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\ChatFrame.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\ConfigCenter.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\CustomFace.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\IM.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\KernelMisc.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\LongCnn.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\ContactInfoFrame.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\MsgMgr.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\SkinMgr.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\QInterLive.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\AppCtrl.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\SystemMsg.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\Com.Tencent.PaiPai\Bin\PaiPai.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\Com.Tencent.AudioVideo\Bin\AudioVideo.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\Com.Tencent.MMOG\Bin\MMOG.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\Com.Tencent.Soso\Bin\Soso.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\Com.Tencent.Qzone\Bin\Qzone.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\Com.Tencent.Weather\Bin\Weather.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\Com.Tencent.SoBar\Bin\SoBar.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\Com.Tencent.PaiPaiGift\Bin\PaiPaiGift.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\Com.Tencent.QQLive\Bin\QQLive.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\Com.Tencent.QQMusic\Bin\QQMusic.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\Com.Tencent.taotao\Bin\Taotao.dll]  [Tencent, 1, 26, 760, 0]
    [C:\Program Files\Common Files\Tencent\TXSSO\Bin\SSOPlatform.dll]  [Tencent, 1.1.1.6]
    [C:\Program Files\Common Files\Tencent\TXSSO\Bin\SSOCommon.DLL]  [Tencent, 1.1.1.3]
    [D:\Program files\Tencent\QQ\Bin\BasicCtrlDll.dll]  [TENCENT, 8,0,773,1801]

[D:\Program files\Tencent\QQ\Plugin\Com.Tencent.QQShow\Bin\FlashAvatarDll.dll]  [Tencent, 1.26.1.26]
    [C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx]  [Adobe Systems, Inc., 10,0,22,87]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [D:\Program files\Tencent\QQ\Plugin\com.tencent.snsapp\Bin\SNSApp.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\com.tencent.NetBar\Bin\NetBar.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\com.tencent.wireless\Bin\Wireless.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\com.tencent.qqshow\Bin\QQShow.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\com.tencent.wenwen\Bin\WenWen.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\com.tencent.qqgame\Bin\QQGame.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\com.tencent.mail\Bin\Mail.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\com.tencent.crm\Bin\CRM.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\com.tencent.paycenter\Bin\PayCenter.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\com.tencent.qqring\Bin\QQRing.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\GroupApp.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\InformationBox.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\com.tencent.qqvip\Bin\QQVip.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\com.tencent.memo\Bin\Memo.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\com.tencent.qbar\Bin\QBar.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\com.tencent.filetransfer\Bin\FileTransfer.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\com.tencent.qqpet\Bin\QQPet.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\com.tencent.qqwebsite\Bin\QQWebsite.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\com.tencent.winks\Bin\Winks.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\com.tencent.gamelife\Bin\GameLife.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\AddrSearch.dll]  [Tencent, 2, 3, 10, 12]
    [C:\WINDOWS\system32\WINABCX.IME]  [PKUETI, 5.22.216]
    [D:\Program files\Tencent\QQ\Bin\VqqAllInOne.dll]  [Tencent, 2, 3, 0, 11]
    [D:\Program files\Tencent\QQ\Bin\vqqConv.dll]  [ , 2, 3, 0, 11]
    [D:\Program files\Tencent\QQ\Bin\VQQTrace.dll]  [ , 2, 3, 0, 11]
[PID: 3856 / Administrator][D:\Program files\Tencent\QQ\Bin\TXPlatform.exe]  [Tencent, 1, 26, 760, 0]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [c:\windows\system32\pluprp.dll]  [奇虎网, 5, 0, 0, 1015]
    [c:\windows\system32\gjgxbb.dll]  [N/A, ]
    [D:\Program files\Tencent\QQ\Bin\TXPFProxy.dll]  [N/A, ]
[PID: 3244 / Administrator][D:\Program files\Tencent\QQ\Bin\QQ.exe]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\Common.dll]  [Tencent, 1, 26, 760, 0]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [D:\Program files\Tencent\QQ\Bin\KernelUtil.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\GF.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\MSIMG32.dll]  [N/A, ]
    [D:\Program files\CyboQQ\cyboma.dll]  [N/A, ]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [c:\windows\system32\pluprp.dll]  [奇虎网, 5, 0, 0, 1015]
    [c:\windows\system32\gjgxbb.dll]  [N/A, ]
    [D:\Program files\CyboQQ\SonicUI.dll]  [N/A, ]
    [D:\Program files\Tencent\QQ\Bin\AppUtil.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\MainFrame.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\TaskTray.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\TXPFProxy.dll]  [N/A, ]
    [D:\Program files\Tencent\QQ\Bin\AppMisc.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\ChatFrame.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\ConfigCenter.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\CustomFace.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\IM.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\KernelMisc.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\LongCnn.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\ContactInfoFrame.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\MsgMgr.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\SkinMgr.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\QInterLive.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\AppCtrl.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\SystemMsg.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\Com.Tencent.PaiPai\Bin\PaiPai.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\Com.Tencent.AudioVideo\Bin\AudioVideo.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\Com.Tencent.MMOG\Bin\MMOG.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\Com.Tencent.Soso\Bin\Soso.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\Com.Tencent.Qzone\Bin\Qzone.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\Com.Tencent.Weather\Bin\Weather.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\Com.Tencent.SoBar\Bin\SoBar.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\Com.Tencent.PaiPaiGift\Bin\PaiPaiGift.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\Com.Tencent.QQLive\Bin\QQLive.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\Com.Tencent.QQMusic\Bin\QQMusic.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\Com.Tencent.taotao\Bin\Taotao.dll]  [Tencent, 1, 26, 760, 0]
    [C:\Program Files\Common Files\Tencent\TXSSO\Bin\SSOPlatform.dll]  [Tencent, 1.1.1.6]
    [C:\Program Files\Common Files\Tencent\TXSSO\Bin\SSOCommon.DLL]  [Tencent, 1.1.1.3]
    [D:\Program files\Tencent\QQ\Bin\BasicCtrlDll.dll]  [TENCENT, 8,0,773,1801]
    [D:\Program files\Tencent\QQ\Plugin\Com.Tencent.QQShow\Bin\FlashAvatarDll.dll]  [Tencent, 1.26.1.26]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [D:\Program files\Tencent\QQ\Plugin\com.tencent.snsapp\Bin\SNSApp.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\com.tencent.NetBar\Bin\NetBar.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\com.tencent.wireless\Bin\Wireless.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\com.tencent.qqshow\Bin\QQShow.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\com.tencent.wenwen\Bin\WenWen.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\com.tencent.qqgame\Bin\QQGame.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\com.tencent.mail\Bin\Mail.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\com.tencent.crm\Bin\CRM.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\com.tencent.paycenter\Bin\PayCenter.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\com.tencent.qqring\Bin\QQRing.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\GroupApp.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\com.tencent.qbar\Bin\QBar.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Bin\InformationBox.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\com.tencent.qqvip\Bin\QQVip.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\com.tencent.memo\Bin\Memo.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\com.tencent.qqpet\Bin\QQPet.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\com.tencent.filetransfer\Bin\FileTransfer.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\com.tencent.qqwebsite\Bin\QQWebsite.dll]  [Tencent, 1, 26, 760, 0]
    [D:\Program files\Tencent\QQ\Plugin\com.tencent.gamelife\Bin\GameLife.dll]  [Tencent, 1, 26, 760, 0]
    [C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx]  [Adobe Systems, Inc., 10,0,22,87]
[PID: 868 / Administrator][C:\WINDOWS\explorer.exe]  [(Verified) Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [c:\windows\system32\pluprp.dll]  [奇虎网, 5, 0, 0, 1015]
    [c:\windows\system32\gjgxbb.dll]  [N/A, ]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5.0.8.179]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_01.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 22]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_01.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 17]
    [C:\Program Files\Common Files\Nero\Lib\NeroDigitalExt.dll]  [Nero AG, 3, 1, 0, 8]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80CHS.DLL]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 9.1.0.2009022700]
    [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS]  [, ]
    [C:\WINDOWS\system32\nvshell.dll]  [, ]
    [C:\WINDOWS\system32\shdoclc.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.34]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[PID: 616 / Administrator][C:\Program Files\GreenBrowser\GreenBrowser.exe]  [MoreQuick.com, 5, 1, 523, 0]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [c:\windows\system32\pluprp.dll]  [奇虎网, 5, 0, 0, 1015]
    [c:\windows\system32\gjgxbb.dll]  [N/A, ]
    [C:\WINDOWS\system32\WINABCX.IME]  [PKUETI, 5.22.216]
    [C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx]  [Adobe Systems, Inc., 10,0,22,87]
[PID: 644 / Administrator][F:\应用软件\小工具\sreng2\SREngLdr.EXE]  [Smallfrogs Studio, 2.7.1.1261]
[PID: 2980 / Administrator][F:\应用软件\小工具\sreng2\SRE9176a9db.EXE]  [Smallfrogs Studio, 2.7.1.1261]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [c:\windows\system32\pluprp.dll]  [奇虎网, 5, 0, 0, 1015]
    [c:\windows\system32\gjgxbb.dll]  [N/A, ]
    [F:\应用软件\小工具\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15] ==================================
文件关联
.TXT  Error. [C:\WINDOWS\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. [C:\WINDOWS\hh.exe %1]
.HLP  Error. [C:\WINDOWS\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\NOTEPAD.EXE %1]
.INF  Error. [C:\WINDOWS\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1                    aaa.369678.cn
127.0.0.1                    about-blank.cc
127.0.0.1                    hao.allxun.com
127.0.0.1                    kzxf.com
127.0.0.1                    vod.mmdy.org
127.0.0.1                    www.123wa.com
127.0.0.1                    www.369678.cn
127.0.0.1                    www.4199.com
127.0.0.1                    www.71791.com
127.0.0.1                    www.7939.com
127.0.0.1                    www.9505.com
127.0.0.1                    www.feixue.net
127.0.0.1                    www.kzxf.com
127.0.0.1                    www.my123.com
127.0.0.1                    www.piaoxue.com
127.0.0.1                    www.xfkz.com
127.0.0.1                    xfkz.com
127.0.0.1 servserv.generals.ea.com
==================================
进程特权扫描
特殊特权被允许： SeLoadDriverPrivilege [PID = 1252, C:\PROGRAM FILES\MICROSOFT SQL SERVER\80\TOOLS\BINN\SQLMANGR.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 964, C:\WINDOWS\SYSTEM32\NVSVC32.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 148, C:\PROGRAM FILES\COMMON FILES\VMWARE\VMWARE VIRTUAL IMAGE EDITING\VMOUNT2.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2104, C:\WINDOWS\SYSTEM32\WATCHDATA\WATCHDATA CCB CSP V3.2\WDKEYMONITORCCB.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 616, C:\PROGRAM FILES\GREENBROWSER\GREENBROWSER.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 644, F:\应用软件\小工具\SRENG2\SRENGLDR.EXE]
==================================
计划任务
N/A
==================================
API HOOK
N/A
==================================
隐藏进程
N/A
==================================

[/CODE]

下载文件批量提取工具提取下面文件
http://bbs.ikaka.com/attachment.aspx?attachmentid=486266
c:\windows\system32\gjgxbb.dll

上传病毒样本到可疑文件交流区，地址为：http://bbs.ikaka.com/showforum-20002.aspx
或者直接发送给瑞星的邮件服务中心【病毒样本】地址为：http://mailcenter.rising.com.cn/uploadnew.aspx

谢谢阿福!~~~~~~~~~~马上去整这个东西...