我的IE多了个工具条，删不去，原来在收藏夹里保留的网站都被放到一个叫“旧的收藏夹里”，有些收藏的网站好象也不见了，我用超级兔子删过，可删了一会检查又有，那个工具条总删不去，360检查没有问题，请问怎么删呢？
下面是日志：
2010-05-12,12:21:49

System Repair Engineer 2.8.2.1321
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 3 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描
    计划任务
    Windows 安全更新检查
    API HOOK
    隐藏进程


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Component Publisher]
    <MSMSGS><; "C:\Program Files\Messenger\msmsgs.exe" /background>  [(Verified)Microsoft Windows Component Publisher]
    <ekeyMonitor><; C:\Program Files\UniTrust\CertManager\UniAgent.exe>  [上海数字证书认证中心]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows Publisher]
    <IgfxTray><; C:\WINDOWS\system32\igfxtray.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <HotKeysCmds><; C:\WINDOWS\system32\hkcmd.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <Persistence><; C:\WINDOWS\system32\igfxpers.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <SkyTel><; SkyTel.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <RTHDCPL><; RTHDCPL.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <Alcmtr><; ALCMTR.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <EnergyUtility><; C:\Program Files\Lenovo\EnergyCut\utilty.exe>  [TODO: <Company name>]
    <EnergyCut><; C:\Program Files\Lenovo\EnergyCut\EnergyCut.exe>  []
    <Broadcom Wireless Manager UI><; C:\WINDOWS\system32\WLTRAY.exe>  [Broadcom Corporation]
    <AGRSMMSG><; AGRSMMSG.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [(Verified)Microsoft Corporation]
    <ISUSPM Startup><; "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup>  [Macrovision Corporation]
    <ISUSScheduler><; "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start>  [Macrovision Corporation]
    <VMSnap3><; C:\WINDOWS\VMSnap3.EXE>  [ZSMCSNAP]
    <rfagent><; "C:\Documents and Settings\yun\桌面\RFA\RFA\rfagent.exe">  [File is missing]
    <bosh_certd><C:\Program Files\bosh_feitian\certd_bosh.exe>  [EnterSafe]
    <AVP><"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe">  [(Verified)Kaspersky Lab]
    <citic_certd><C:\Program Files\CITICBank\Feitian\citic_certd.exe -r -a>  [China CITIC bank]
    <HengBao UranuSafe CSP V3.0 For SHBANK[bosh_keyDriver01]><C:\Program Files\bosh_hengbao\bosh_keyDriver01.exe>  [恒宝股份有限公司]
    <AntiTorjanSrv><; >  [N/A]
    <eTax@SH><; F:\Setup.exe -r>  [File is missing]
    <UnlockerAssistant><; "d:\Program Files\Unlocker\UnlockerAssistant.exe">  [File is missing]
    <BigDog303><C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)>  [File is missing]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <WebCheck><C:\WINDOWS\system32\webcheck.dll>  [(Verified)Microsoft Windows]
    <SysTray><C:\WINDOWS\system32\stobject.dll>  [(Verified)Microsoft Windows Component Publisher]
    <WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    <WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    <WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    <WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
    <WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
    <WinlogonNotify: klogon><C:\WINDOWS\system32\klogon.dll>  [(Verified)Kaspersky Lab]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    <WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    <WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    <WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    <WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    <WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    <WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
    <Internet Explorer 版本更新><C:\WINDOWS\system32\ieudinit.exe>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
    <Browser Customizations><"C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
    <浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    <Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -BaseSettings>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\system32\logon.scr>  [(Verified)Microsoft Windows Component Publisher]

==================================

用户系统信息：Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; 360SE)

启动文件夹
N/A

==================================
服务
[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
  <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[Kaspersky Anti-Virus / AVP][Running/Auto Start]
  <"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe" -r><Kaspersky Lab>
[Cmb WebProtect Support / CMBWPS][Running/Auto Start]
  <C:\Program Files\CMBCHINA\WebProtect\WPService.exe /start><China Merchants Bank>
[ICBC Daemon Service / ICBC Daemon Service][Stopped/Auto Start]
  <C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\IcbcDaemon.exe><N/A>
[ngSlotDaemon / ngSlotD][Running/Auto Start]
  <C:\Program Files\ngsrv\ngslotd.exe><Feitian>
[Broadcom Wireless LAN Tray Service / wltrysvc][Running/Auto Start]
  <C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe><N/A>
[Windows Media Player Network Sharing Service / WMPNetworkSvc][Stopped/Manual Start]
  <><(File is missing)>

==================================
驱动程序
[Lenovo Virtual Power Controller Driver / ACPIVPC][Running/Manual Start]
  <system32\DRIVERS\AcpiVpc.sys><Lenovo Corporation>
[Agere Systems Soft Modem / AgereSoftModem][Running/Manual Start]
  <system32\DRIVERS\AGRSM.sys><Agere Systems>
[AlcwDrv / AlcwDrv][Stopped/Manual Start]
  <\??\E:\软件\常用软件\sr_v10.0.0.118_gn\MagicSet\killvirus\AlcwDrv.sys><N/A>
[Broadcom 802.11 网络适配器驱动程序 / BCM43XX][Stopped/Manual Start]
  <system32\DRIVERS\bcmwl5.sys><Broadcom Corporation>
[CMB8100 / CMB8100][Running/Auto Start]
  <\??\C:\WINDOWS\system32\Drivers\CertClient.dat><N/A>
[CMBProtector / CMBProtector][Running/Auto Start]
  <\??\C:\WINDOWS\system32\Drivers\CMBProtector.dat><N/A>
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[ialm / ialm][Running/Manual Start]
  <system32\DRIVERS\igxpmp32.sys><Intel Corporation>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
  <system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[kl1 / kl1][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\kl1.sys><Kaspersky Lab>
[Kaspersky Lab Boot Guard Driver / klbg][Running/Boot Start]
  <\SystemRoot\system32\drivers\klbg.sys><Kaspersky Lab>
[Kaspersky Lab Driver / KLIF][Running/System Start]
  <system32\DRIVERS\klif.sys><Kaspersky Lab>
[Kaspersky Anti-Virus NDIS Filter / klim5][Running/Manual Start]
  <system32\DRIVERS\klim5.sys><Kaspersky Lab>
[Kaspersky Lab KLMOUFLT / klmouflt][Running/Manual Start]
  <system32\DRIVERS\klmouflt.sys><Kaspersky Lab>
[WinPcap Packet Driver (NPF) / NPF][Running/Manual Start]
  <system32\drivers\NPF.sys><CACE Technologies, Inc.>
[p2pfilter / p2pfilter][Stopped/Manual Start]
  <\??\C:\Documents and Settings\yun\桌面\sp900.com___p2pover\sp900.com___p2pover\p2pover\p2pfilter.sys><N/A>
[DDK PACKET Protocol / Packet][Stopped/System Start]
  <system32\DRIVERS\ProtoDrv.sys><N/A>
[PnpWmkDrv / PnpWmkDrv][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\PnpWmkDrv.sys><Windows (R) 2000 DDK provider>
[Protector / Protector][Running/System Start]
  <system32\drivers\Protector.sys><N/A>
[ProtectorA / ProtectorA][Running/System Start]
  <system32\drivers\ProtectorA.sys><N/A>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[USB Token 32 Holder Service / R6BaseSmc][Running/Manual Start]
  <system32\DRIVERS\smccarda.sys><OEM>
[rimmptsk / rimmptsk][Running/Manual Start]
  <system32\DRIVERS\rimmptsk.sys><REDC>
[rimsptsk / rimsptsk][Running/Manual Start]
  <system32\DRIVERS\rimsptsk.sys><REDC>
[Realtek 10/100/1000 NIC Family all in one NDIS XP Driver / RTL8023xp][Running/Manual Start]
  <system32\DRIVERS\Rtnicxp.sys><Realtek Semiconductor Corporation>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[USB Token 32 Device Service / Ry6_USB][Stopped/Manual Start]
  <system32\DRIVERS\Ry6USB.sys><>
[SafeBoxKrnl / SafeBoxKrnl][Stopped/System Start]
  <\??\C:\WINDOWS\system32\Drivers\safeboxkrnl.sys><N/A>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[USB eKey / UsbKDev][Stopped/Manual Start]
  <system32\DRIVERS\UsbKDev.sys><Mingwah Aohan High Technology Corp.>
[vmfilter303 / vmfilter303][Stopped/Manual Start]
  <system32\drivers\vmfilter303.sys><Vimicro Corporation>
[xAntiArpSpoof Service / xAntiArp][Stopped/Manual Start]
  <system32\DRIVERS\xAntiArp.sys><N/A>
[10Moons USB PC Camera / ZSMC303][Stopped/Manual Start]
  <System32\Drivers\usbVM303.sys><Vimicro Corporation>

==================================

浏览器加载项
[WebProtect]
  {53763D1D-9CA8-4C7C-9756-A8E6B8FC063B} <C:\Program Files\CMBCHINA\WebProtect\WebProtect.dll, (Signed) China Merchants Bank>
[HaoKanBar BrowserHelper]
  {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <C:\Documents and Settings\yun\桌面\sr_v10.0.1.310_bkill\MagicSet\haokanbar.dll, (Signed) 北京千兆时代科技有限公司>
[ICBC Anti-Phishing class]
  {BB4491A2-D11A-4c6b-91C0-B53246A3122B} <C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\Icbc_AntiPhishing.dll, (Signed) 中国工商银行>
[TQ.CN]
  {1522439E-756F-4A1C-B61D-D281AC1814C8} <http://www.tq.cn/, N/A>
[超级兔子上网精灵]
  {43869BB3-22FD-4F15-9B46-238106BA2F4E} <C:\Documents and Settings\yun\桌面\sr_v10.0.1.310_bkill\MagicSet\haokanbar.dll, (Signed) 北京千兆时代科技有限公司>
[AddSHCARoot Control]
  {098A3F72-3110-4004-B954-2F9DC44934B4} <, >
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\LegitCheckControl.DLL, (Signed) Microsoft Corporation>
[InstallHelper Class]
  {1DABF8D5-8430-4985-9B7F-A30E53D709B3} <C:\WINDOWS\system32\MMInstaller.dll, (Signed) Tencent>
[BcActiveX Control]
  {4631FC65-B24F-4818-966F-AF1629B57CDC} <C:\WINDOWS\system32\BCACTI~1.OCX, (Signed) Feitian Technologies Co.,Ltd.>
[PowerPassword Control]
  {614E58F9-74D0-4D7B-90E3-64A0F2AA73B4} <C:\WINDOWS\DOWNLO~1\POWERE~1.OCX, CSII>
[SfEdit32 Control]
  {69A5F9C4-01CB-470B-8161-CE67313E3CF4} <C:\WINDOWS\system32\99Bill\SfEdit32.dll, (Signed) 99BILL Corp.>
[XMapControl Control]
  {7188EB1C-F9A1-4290-A97A-CA3C18AE988C} <, >
[CertEnroll Class]
  {7978461C-CC22-48F2-BC69-02220D3E101D} <C:\WINDOWS\Downloaded Program Files\itrusenroll.dll, (Signed) iTruschina Co., Ltd.>
[koaliisvsctrl Class]
  {9BA878B8-5AF3-43E6-8DB1-E7849E4C6A4B} <C:\WINDOWS\system32\koalii_svs_acx.dll, (Signed) >
[Submit Class]
  {A3CD7F74-93C9-4BC4-B892-CCDF1514F714} <C:\WINDOWS\system32\safeInput4jh.dll, Beijing eChannels Century Technology Co.,Ltd>
[PowerCommit Control]
  {BEEE2807-1709-4184-A05D-1B2DE01EE4CF} <C:\WINDOWS\DOWNLO~1\POWERE~1.OCX, CSII>
[PowerPasswordX Control]
  {CB2E4748-5B57-492E-8155-A8A29B0DCB0A} <C:\WINDOWS\DOWNLO~1\CONFLICT.2\POWERE~1.OCX, (Signed) CSII>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10d.ocx, (Signed) Adobe Systems, Inc.>
[]
  {E0E9F6EF-871B-42AE-89C9-CD6AF7A2E5D3} <, >
[safeInput Class]
  {ECCBA953-80E5-11D3-9285-0080ADB811C5} <C:\WINDOWS\system32\safeinput.dll, Beijing eChannels Century Technology Co.,Ltd>
[GhSipPhoneOCX_3 Control]
  {F1B9B322-779E-4B5F-BF43-8C72A07A99D4} <, >
[Microsoft Office Spreadsheet 10.0]
  {0002E545-0000-0000-C000-000000000046} <C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL, (Signed) Microsoft Corporation>
[Microsoft Office Spreadsheet 10.0]
  {0002E551-0000-0000-C000-000000000046} <C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL, (Signed) Microsoft Corporation>
[]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <, >
[ClientBindingCtrl Class]
  {04A39EFC-FDF5-4819-98C9-BBC864DB2F90} <C:\WINDOWS\system32\ClientBinding.dll, Microsoft China>
[]
  {0545143D-6947-459C-9711-75935014EA8F} <, >
[]
  {05C1004E-2596-48E5-8E26-39362985EEB9} <, >
[Office Genuine Advantage Validation Tool]
  {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} <C:\WINDOWS\system32\OGACheckControl.dll, (Signed) >
[PhotoDrawEx Class]
  {05F5F404-7C24-4B39-B5CC-340CEDEB9C0D} <D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.Qzone\bin\QQPhotoDrawEx\QQPhotoDrawEx.dll, (Signed) Tencent>
[Web Browser Applet Control]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\system32\msjava.dll, Microsoft Corporation>
[BDA 调节型号 MPEG2 微调请求]
  {0955AC62-BF2E-4CBA-A2B9-A63F772D46CF} <C:\WINDOWS\system32\msvidctl.dll, (Signed) Microsoft Corporation>
[AddSHCARoot Control]
  {098A3F72-3110-4004-B954-2F9DC44934B4} <, >
[]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <, >
[]
  {0A0DDBD3-6641-40B9-873F-BBDD26D6C14E} <, >
[eKeyDevice Class]
  {0C809F3E-8C50-4739-B2B1-1373BCEA0075} <C:\WINDOWS\system32\UCClientCtrl.dll, 上海市数字证书认证中心>
[Edit Class]
  {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINDOWS\system32\CMBEdit.dll, (Signed) >
[]
  {0D99625B-0619-4420-BB61-82DEE1B91D3A} <, >
[]
  {11F2A418-94B2-4e16-9B0C-B00C0435F903} <, >
[CEnroll Class]
  {127698E4-E730-4E5C-A2B1-21490A70C8A1} <C:\WINDOWS\system32\xenroll.dll, (Signed) Microsoft Corporation>
[ImageManager Class]
  {128D0E38-1FF4-47C3-B0F7-0BAF90F568BF} <D:\Program Files\AliWangWang\modules\8004\ImageMan.dll, >
[]
  {1522439E-756F-4A1C-B61D-D281AC1814C8} <, >
[Fade]
  {16B280C5-EE70-11D1-9066-00C04FD9189D} <C:\WINDOWS\system32\Dxtmsft.dll, (Signed) Microsoft Corporation>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\LegitCheckControl.DLL, (Signed) Microsoft Corporation>
[KeyCode Control]
  {19779116-1D13-47C5-8FC2-7EEC2B483EA5} <C:\WINDOWS\system32\KeyCode.ocx, shanghai bank>
[InformationCardSigninHelper Class]
  {19916E01-B44E-4E31-94A4-4696DF46157B} <C:\WINDOWS\system32\icardie.dll, (Signed) Microsoft Corporation>
[SpdbUtility Control]
  {1AB36BBC-ABCB-4B10-AB46-7B2C4ED662F3} <C:\WINDOWS\system32\SPDBSA~1.OCX, (Signed) CSII>
[SwxCrypt Control]
  {1B7F63FD-BDD9-44DC-AFF3-8E4263B6644B} <C:\WINDOWS\system32\SwxCrypt.ocx, (Signed) M&W>
[InstallHelper Class]
  {1DABF8D5-8430-4985-9B7F-A30E53D709B3} <C:\WINDOWS\system32\MMInstaller.dll, (Signed) Tencent>
[iTrusPTA Class]
  {1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\aliedit\pta.dll, (Signed) >
[]
  {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <, >
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, (Signed) Microsoft Corporation>
[QQCPHelper.CPAdder]
  {23752AA7-CAD7-40C2-99EE-7A9CD3C20C6D} <D:\PROGRA~1\Tencent\QQ\Bin\CPHelper.dll, (Signed) Tencent>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <C:\WINDOWS\system32\mshtml.dll, (Signed) Microsoft Corporation>
[XML DOM Document]
  {2933BF90-7B36-11D2-B20E-00C04F983E60} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[Detecter Class]
  {2C48F48F-01A6-4593-A678-C7DA83C55719} <C:\WINDOWS\system32\SecCtl.dll, (Signed) >
[]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <, >
[Init_Tool Control]
  {399C2756-84D4-4AC5-9E86-288340334FB1} <C:\WINDOWS\system32\INIT_T~1.OCX, (Signed) Microsoft>
[GDGetTokenInfo Class]
  {3AA9CF07-DF20-48FF-98BE-DED276E40146} <C:\WINDOWS\system32\GDREAD~1.DLL, >
[]
  {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <, >
[VirtualKeyboardButtonHandler Class]
  {4248FE82-7FCB-46AC-B270-339F08212110} <C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll, (Signed) Kaspersky Lab>
[超级兔子上网精灵]
  {43869BB3-22FD-4F15-9B46-238106BA2F4E} <C:\Documents and Settings\yun\桌面\sr_v10.0.1.310_bkill\MagicSet\haokanbar.dll, (Signed) 北京千兆时代科技有限公司>
[WebDetectorBHO Class]
  {43BEAFD9-E005-483D-A367-146BA6C8A32E} <, >
[BcActiveX Control]
  {4631FC65-B24F-4818-966F-AF1629B57CDC} <C:\WINDOWS\system32\BCACTI~1.OCX, (Signed) Feitian Technologies Co.,Ltd.>
[XML Document]
  {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <, >
[IE2EMUrlTaker Class]
  {48618374-565F-4CA0-B8CD-6F496C997FAF} <, >
[EditCtrl Class]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, (Signed) >
[Microsoft RDP Client Control (redistributable) - version 6]
  {4eb89ff4-7f78-4a0f-8b8d-2bf02e94e4b2} <C:\WINDOWS\system32\mstscax.dll, (Signed) Microsoft Corporation>
[Microsoft RDP Client Control (redistributable) - version 5]
  {4EDCB26C-D24C-4e72-AF07-B576699AC0DE} <C:\WINDOWS\system32\mstscax.dll, (Signed) Microsoft Corporation>
[VaCom.Application]
  {51E88884-1306-4444-B22D-C34119E44232} <d:\PROGRA~1\tudou\飞速TU~1\TDVaCom.dll, (Signed) 土豆网>
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, (Signed) Microsoft Corporation>
[WebProtect]
  {53763D1D-9CA8-4C7C-9756-A8E6B8FC063B} <C:\Program Files\CMBCHINA\WebProtect\WebProtect.dll, (Signed) China Merchants Bank>
[QvodExtend]
  {53AC8551-0DE0-4606-8A1E-A51AF20ADD60} <, >
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>
[]
  {56746166-BC44-45F4-ADCE-52EAC919BB79} <, >
[Koal SignX Control 1.0]
  {57A1AA83-D974-4A12-8475-DAAEE04D237C} <C:\WINDOWS\system32\kpsignx.dll, Koal SoftWare>
[IEVkbdBHO Class]
  {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} <C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll, (Signed) Kaspersky Lab>
[WangWangX Class]
  {5D09DD40-CDC4-4C56-B615-0D1E3B357C2B} <D:\Program Files\AliWangWang\AliIMX.dll, (Signed) Alibaba software (Shanghai) Corporation.>
[CAntiVersion Object]
  {5EFE0AA6-B28B-41BD-9B3C-02AA3F79EA9A} <C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\AntiPhishingVer.dll, (Signed) 中国工商银行>
[PowerPassword Control]
  {614E58F9-74D0-4D7B-90E3-64A0F2AA73B4} <C:\WINDOWS\DOWNLO~1\POWERE~1.OCX, CSII>
[]
  {642D2749-A4FC-49C5-8384-E39E009EBCDD} <, >
[XMP Class]
  {6483F145-A768-4C41-AACC-52D4D7845851} <, >
[XDRM]
  {693571CB-54A3-4E90-9D52-EEAE1334E2D3} <, >
[SfEdit32 Control]
  {69A5F9C4-01CB-470B-8161-CE67313E3CF4} <C:\WINDOWS\system32\99Bill\SfEdit32.dll, (Signed) 99BILL Corp.>
[]
  {6B232760-90F1-41c3-9902-C8552C1D8A72} <, >
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[WebDll_EndUser Class]
  {6CF4C18B-D93D-4866-9A80-8E87AB491057} <C:\WINDOWS\system32\WebDllPersonal.dll, 北京飞天诚信科技有限公司>
[XMapControl Control]
  {7188EB1C-F9A1-4290-A97A-CA3C18AE988C} <, >
[Windows Script Host Shell Object]
  {72C24DD5-D70A-438B-8A42-98424B88AFB8} <C:\WINDOWS\system32\wshom.ocx, (Signed) Microsoft Corporation>
[HaoKanBar BrowserHelper]
  {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <C:\Documents and Settings\yun\桌面\sr_v10.0.1.310_bkill\MagicSet\haokanbar.dll, (Signed) 北京千兆时代科技有限公司>
[Microsoft RDP Client Control (redistributable) - version 7]
  {7390f3d8-0439-4c05-91e3-cf5cb290c3d0} <C:\WINDOWS\system32\mstscax.dll, (Signed) Microsoft Corporation>
[AxInputControl Class]
  {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\system32\INPUTC~1.DLL, >
[WBEM Scripting Sink]
  {75718C9A-F029-11D1-A1AC-00C04FB6C223} <C:\WINDOWS\system32\wbem\wbemdisp.dll, (Signed) Microsoft Corporation>
[Microsoft RDP Client Control (redistributable) - version 4]
  {7584c670-2274-4efb-b00b-d6aaba6d3850} <C:\WINDOWS\system32\mstscax.dll, (Signed) Microsoft Corporation>
[]
  {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <, >
[WBEM Scripting Locator]
  {76A64158-CB41-11D1-8B02-00600806D9B6} <C:\WINDOWS\system32\wbem\wbemdisp.dll, (Signed) Microsoft Corporation>
[BOC ProcessProtect Class]
  {776B71E2-B4CC-4C94-BC7C-09103AA690B6} <, >
[]
  {78ABDC59-D8E7-44D3-9A76-9A0918C52B4A} <, >
[CertEnroll Class]
  {7978461C-CC22-48F2-BC69-02220D3E101D} <C:\WINDOWS\Downloaded Program Files\itrusenroll.dll, (Signed) iTruschina Co., Ltd.>
[]
  {7E853D72-626A-48EC-A868-BA8D5E23E045} <, >
[CCertificate Class]
  {7E88F281-CD5F-41C2-8550-0AB4B5A9CD25} <C:\WINDOWS\system32\CertificateCtrl.dll, TODO: <公司名>>
[XDownloaddManager Class]
  {802F530B-A8F6-4631-AE49-6BACAAC6373E} <, >
[]
  {80E18282-3716-48CA-B50C-F7B7F6A32791} <, >
[]
  {87515F61-A66C-4319-A0E0-D416CB8059E3} <, >
[Microsoft Web Browser]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>
[]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <, >
[XML DOM Document 4.0]
  {88D969C0-F192-11D4-A65F-0040963251E5} <c:\WINDOWS\system32\msxml4.dll, (Signed) Microsoft Corporation>
[XML HTTP 4.0]
  {88D969C5-F192-11D4-A65F-0040963251E5} <c:\WINDOWS\system32\msxml4.dll, (Signed) Microsoft Corporation>
[XML DOM 文档 5.0]
  {88D969E5-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL, (Signed) Microsoft Corporation>
[XML HTTP 5.0]
  {88D969EA-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL, (Signed) Microsoft Corporation>
[XML DOM Document 6.0]
  {88D96A05-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[XML HTTP 6.0]
  {88D96A0A-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[Uploader Class]
  {8B054DFE-79A3-4A6A-9F46-CD2A2F601129} <C:\WINDOWS\system32\TXGYMailActiveX.dll, (Signed) Tencent Inc.>
[AxSubmitControl Class]
  {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\system32\SUBMIT~1.DLL, >
[CheckPayGate Control]
  {8E10BB5A-2973-4BEF-BF32-980CE7CF4CBB} <C:\PROGRA~1\CNCB\PayGate\Bin\Checker.ocx, (Signed) CHINA CITIC BANK>
[SSOForPTLogin Class]
  {8FC1EE75-72B3-4A23-B987-2B1C4C8A611B} <C:\Program Files\Common Files\Tencent\TXSSO\Bin\SSOAxCtrlForPTLogin.dll, (Signed) >
[]
  {9030D464-4C02-4ABF-8ECC-5164760863C6} <, >
[Microsoft RDP Client Control (redistributable) - version 3]
  {9059f30f-4eb1-4bd2-9fdc-36f43a218f4a} <C:\WINDOWS\system32\mstscax.dll, (Signed) Microsoft Corporation>
[]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <, >
[]
  {9701758C-4373-482E-B13C-776C048EC890} <, >
[koaliisvsctrl Class]
  {9BA878B8-5AF3-43E6-8DB1-E7849E4C6A4B} <C:\WINDOWS\system32\koalii_svs_acx.dll, (Signed) >
[ContainerForm Control]
  {9EBB4193-D192-4433-8426-2EEAE8E0A9EA} <C:\PROGRA~1\CNCB\PayGate\Bin\PayGate.ocx, (Signed) CHINA CITIC BANK >
[VersionDetector Class]
  {9EFF1953-9694-47B1-AEF6-B2A3FE8BFE9B} <C:\Program Files\Common Files\Thunder Network\KanKan\vd.1.1.0.29.(97).dll, (Signed) ShenZhen Thunder Networking Technologies,Ltd.>
[EMDM Class]
  {A0867FD1-79E7-456C-8B41-165A2504FD86} <, >
[]
  {A26ABCF0-1C8F-46E7-A67C-0489DC21B9CC} <, >
[Submit Class]
  {A3CD7F74-93C9-4BC4-B892-CCDF1514F714} <C:\WINDOWS\system32\safeInput4jh.dll, Beijing eChannels Century Technology Co.,Ltd>
[APlayer Control]
  {A9322148-C691-4B9D-91FC-B9C461DBE9DD} <C:\Program Files\Common Files\Thunder Network\APlayer\APlayer_001.dll, (Signed) ShenZhen Thunder Networking Technologies, LTD>
[WebLogon Control]
  {ABD696D5-BEBF-4332-B8D2-2B44BD23B58B} <D:\PROGRA~1\TQ\Dll\WebLogon.dll, TQ.CN>
[]
  {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <, >
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, (Signed) Microsoft Corporation>
[InfoSecICBCNetSign Class]
  {B1FBC1AD-5644-4084-882A-0F8BA85E7506} <C:\WINDOWS\system32\ICBC_N~1.DLL, (Signed) Infosec Technologies Co., Ltd.>
[SafeEngineCtl Class]
  {B48B9648-E9F0-48A3-90A5-8C588CE0898F} <C:\WINDOWS\system32\SAFEEN~2.DLL, Shanghai Electronic Certificate Authority Center Co,Ltd>
[]
  {B69003B3-C55E-4B48-836C-BC5946FC3B28} <C:\Program Files\Messenger\msgsc.dll, (Signed) Microsoft Corporation>
[]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <, >
[ICBC Anti-Phishing class]
  {BB4491A2-D11A-4C6B-91C0-B53246A3122B} <C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\Icbc_AntiPhishing.dll, (Signed) 中国工商银行>
[FTNUpload Class]
  {BDEACC50-F56D-4D60-860F-CF6ED1766D65} <C:\Program Files\Common Files\Tencent\TXFTN\TXFTNActiveX.dll, (Signed) Tencent>
[PowerCommit Control]
  {BEEE2807-1709-4184-A05D-1B2DE01EE4CF} <C:\WINDOWS\DOWNLO~1\POWERE~1.OCX, CSII>
[ScreenCapture Class]
  {BFB79EE1-04AE-4D4A-B85E-27EE5F30C095} <C:\WINDOWS\system32\TXGYMailActiveX.dll, (Signed) Tencent Inc.>
[CITICS ProcessProtect Class]
  {C37F9D60-975D-41F2-A745-4DC934D319AA} <CITICSPP.dll, www.ISRA.org.cn>
[]
  {C92AE615-4D46-4489-96FA-C5D6A38B3AB1} <, >
[CITICS Edit Class]
  {CAB6E271-C9B9-4A85-96A0-1B3A19A4E6DE} <CITICSKP.dll, www.ISRA.org.cn>
[PowerPasswordX Control]
  {CB2E4748-5B57-492E-8155-A8A29B0DCB0A} <C:\WINDOWS\DOWNLO~1\CONFLICT.2\POWERE~1.OCX, (Signed) CSII>
[FilterButtonHandler Class]
  {CCF151D8-D089-449F-A5A4-D9909053F20F} <C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll, (Signed) Kaspersky Lab>
[QQPlayerCtrl Class]
  {CD108273-D434-43E6-AA90-1469F97EB398} <D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQMusic\bin\QQMusic\QzoneMusic.dll, (Signed) Tencent>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[AUDIO__WAV Moniker Class]
  {CD3AFA7B-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
  {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[Microsoft Url Search Hook]
  {CFBFAE00-17A6-11D0-99CB-00C04FD64497} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>
[Msxml]
  {CFC399AF-D876-11D0-9C10-00C04FC99C8E} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10d.ocx, (Signed) Adobe Systems, Inc.>
[]
  {D9151DDA-36DE-49B2-B297-A0840F4A5163} <, >
[]
  {D9306BD1-2325-4C28-8632-B02330C1BB02} <, >
[SpdbSafe Control]
  {D9497A57-607D-4F29-9F93-B05E5AF87308} <C:\WINDOWS\system32\SPDBSA~1.OCX, (Signed) CSII>
[]
  {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <, >
[]
  {D9EBCF5D-3F8F-4b6a-89BA-70577BE73C62} <, >
[PlayerCtrl Class]
  {E05BC2A3-9A46-4A32-80C9-023A473F5B23} <D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQMusic\bin\QQMusic\QzoneMusic.dll, (Signed) Tencent>
[]
  {E0E9F6EF-871B-42AE-89C9-CD6AF7A2E5D3} <, >
[]
  {E1771B7F-98BE-407F-BA67-AA16ADA5D0C5} <C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGSC1~1.DLL, (Signed) Microsoft Corporation>
[NameCtrl Class]
  {E18FEC31-2EA1-49A2-A7A6-902DC0D1FF05} <D:\Program Files\Microsoft Office\OFFICE11\NAME.DLL, (Signed) Microsoft Corporation>
[]

{E2E2DD38-D088-4134-82B7-F2BA38496583} <, >
[RevealTrans]
  {E31E87C4-86EA-4940-9B8A-5BD5D179A737} <C:\WINDOWS\system32\Dxtmsft.dll, (Signed) Microsoft Corporation>
[FilterBHO Class]
  {E33CF602-D945-461A-83F0-819F76A199F8} <C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll, (Signed) Kaspersky Lab>
[BOC Edit Class]
  {E61E8363-041F-455C-8AD0-8A61F1D8E540} <C:\WINDOWS\system32\KeyboardProtection.dll, (Signed) www.ISRA.org.cn>
[PasswordEditCtrl Class]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\Program Files\Common Files\Tencent\Paycenter\qqedit.dll, (Signed) Tencent>
[safeInput Class]
  {ECCBA953-80E5-11D3-9285-0080ADB811C5} <C:\WINDOWS\system32\safeinput.dll, Beijing eChannels Century Technology Co.,Ltd>
[safeInput Class]
  {ECCBA956-80E5-11D3-9285-0080ADB811C9} <C:\WINDOWS\system32\safeInput4jh.dll, Beijing eChannels Century Technology Co.,Ltd>
[TimwpDll.TimwpCheck]
  {ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4} <D:\PROGRA~1\Tencent\QQ\Bin\Timwp.dll, (Signed) Tencent>
[XML HTTP Request]
  {ED8C108E-4349-11D2-91A4-00C04F7969E8} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[]
  {EEDD6FF9-13DE-496B-9A1C-D78B3215E266} <, >
[GhSipPhoneOCX_3 Control]
  {F1B9B322-779E-4B5F-BF43-8C72A07A99D4} <, >
[PBActiveX40 Control]
  {F2EB8999-766E-4BF6-AAAD-188D398C0D0B} <C:\WINDOWS\system32\PersonalBankMain.ocx, (Signed) China Merchants Bank>
[QvodCtrl Class]
  {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <D:\Program Files\QvodPlayer\QvodInsert.dll, (Signed) Shenzhen QVOD Technology Co.,Ltd>
[]
  {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <, >
[XML DOM Document 3.0]
  {F5078F32-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[Free Threaded XML DOM Document 3.0]
  {F5078F33-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[XML HTTP 3.0]
  {F5078F35-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[XSL Template 3.0]
  {F5078F36-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[XML Document 3.0]
  {F5078F40-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[XML DOM Document]
  {F6D90F11-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[XML HTTP]
  {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[Init_Tool Control]
  {F7465932-3C3D-4DA2-8541-406E07C369A9} <C:\WINDOWS\system32\INIT_T~2.OCX, (Signed) Microsoft>
[]
  {FB5DA724-162B-11D3-8B9B-AA70B4B0B524} <, >
[]
  {FB5F1910-F110-11D2-BB9E-00C04F795683} <, >
[webmod Class]
  {FEE3C8C5-9BEA-4079-AB36-63ECABFC7392} <C:\WINDOWS\system32\aliedit\alidcp.dll, (Signed) Alipay.com Co.,Ltd>
[添加为广告拦截图片]
  <C:\Documents and Settings\yun\桌面\sr_v10.0.1.310_bkill\MagicSet\AddBlock.htm, N/A>

==================================
正在运行的进程
[PID: 696 / SYSTEM][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 744 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 768 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\klogon.dll]  [Kaspersky Lab, 9.0.0.736]
    [C:\WINDOWS\System32\BCMLogon.dll]  [Broadcom Corporation, 4.10.47.2]
    [C:\WINDOWS\System32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\System32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\System32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
[PID: 812 / SYSTEM][C:\WINDOWS\system32\services.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)]
[PID: 824 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[PID: 1000 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1044 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1084 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1160 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1184 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1220 / SYSTEM][C:\WINDOWS\System32\WLTRYSVC.EXE]  [N/A, ]
    [C:\WINDOWS\System32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[PID: 1232 / SYSTEM][C:\WINDOWS\System32\bcmwltry.exe]  [Broadcom Corporation, 4.10.47.2]
    [C:\WINDOWS\System32\bcm1xsup.dll]  [N/A, ]
    [C:\WINDOWS\System32\bcmwlpkt.dll]  [CACE Technologies, 3, 1, 0, 27]
    [C:\WINDOWS\System32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\System32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\System32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\System32\atl71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\System32\wltrynt.dll]  [Broadcom Corporation, 4.10.47.2]
[PID: 1380 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\HPBMMON.DLL]  [Hewlett-Packard, 10.00.16]
    [C:\WINDOWS\system32\hpdomon.dll]  [Hewlett-Packard, 03.42.00]
    [C:\WINDOWS\system32\HPBHealr.dll]  [N/A, ]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\IMFPrint.DLL]  [Zenographics, Inc., 5, 54, 330, 0]
    [C:\WINDOWS\system32\Imf32.dll]  [Zenographics, Inc., 5, 60, 1204, 0]
    [C:\WINDOWS\system32\ZTAG32.dll]  [Zenographics, Inc., 5, 60, 1210, 0]
    [C:\WINDOWS\system32\ZSPOOL.dll]  [Zenographics, Inc., 5, 51, 709, 0]
[PID: 1468 / LOCAL SERVICE][C:\WINDOWS\System32\SCardSvr.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[PID: 1516 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1772 / SYSTEM][C:\Program Files\CMBCHINA\WebProtect\WPService.exe]  [China Merchants Bank, 1, 0, 0, 1]
    [C:\Program Files\CMBCHINA\WebProtect\WebProtectPlus.dll]  [China Merchants Bank, 1, 0, 0, 1]
[PID: 1876 / SYSTEM][C:\Program Files\ngsrv\ngslotd.exe]  [Feitian, 1, 2, 8, 1121]
    [C:\Program Files\ngsrv\slotmon\hidmon.dll]  [^_^, 1, 0, 8, 1121]
    [C:\Program Files\ngsrv\slotmon\scardmon.dll]  [^_^, 1, 0, 8, 1121]
[PID: 1896 / yun][C:\WINDOWS\Explorer.EXE]  [(Verified) Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\mscoree.dll]  [Microsoft Corporation, 2.0.50727.253 (QFE.050727-2500)]
    [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Shfusion.dll]  [Microsoft Corporation, 1.1.4322.573]
    [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [C:\Program Files\Common Files\QvodPlayer\Codecs\VSFilter.dll]  [Gabest, 1, 0, 1, 4]
    [C:\Program Files\Common Files\QvodPlayer\Codecs\PmpSplt.ax]  [cooleyes, 1, 0, 1, 1]
    [C:\Program Files\Common Files\QvodPlayer\Codecs\AviSplitter.ax]  [Gabest, 1, 0, 1, 1]
    [C:\Program Files\Common Files\QvodPlayer\Codecs\ffdshow.ax]  [, 1.0.5.1925]
[PID: 592 / yun][C:\Program Files\bosh_feitian\certd_bosh.exe]  [EnterSafe, 1, 0, 10, 207]
    [C:\WINDOWS\system32\boshp11v211.dll]  [EnterSafe, 1, 0, 10, 204]
[PID: 604 / yun][C:\Program Files\CITICBank\Feitian\citic_certd.exe]  [China CITIC bank, 1, 0, 8, 1121]
    [C:\WINDOWS\system32\citicp11.dll]  [China CITIC bank, 1, 1, 8, 1121]
[PID: 620 / yun][C:\Program Files\bosh_hengbao\bosh_keyDriver01.exe]  [恒宝股份有限公司, 1, 0, 0, 5]
    [C:\Program Files\bosh_hengbao\ASP.DLL]  [恒宝股份有限公司, 1, 0, 1, 11]
    [C:\Program Files\bosh_hengbao\TSP_COMM.dll]  [恒宝股份有限公司, 1, 0, 0, 6]
[PID: 736 / yun][C:\WINDOWS\system32\ctfmon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[PID: 2112 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[PID: 2388 / yun][D:\Program Files\Shiqiang\wnwb\wnwb.exe]  [深圳世强软件开发部 www.wn51.com , 2007, 10, 24, 1]
    [D:\Program Files\Shiqiang\wnwb\WNMKEY.DLL]  [深圳世强软件开发部 www.wnwb.com , 2007, 5, 21, 1]
    [D:\Program Files\Shiqiang\wnwb\wncfg.dll]  [深圳世强软件开发部 www.wn51.com, 2008, 6, 4, 1]
    [D:\Program Files\Shiqiang\wnwb\wnupdate.dll]  [深圳世强软件开发部 www.wn51.com, 2008.6.20.1]
[PID: 2876 / yun][D:\Program Files\360\360se3\360SE.exe]  [360安全中心, 3, 1, 2, 2]
    [D:\Program Files\360\360se3\Extensions\SafeCentral\SafeCentral.dll]  [, 1, 3, 1, 1011]
    [D:\Program Files\360\360se3\Extensions\Favorites\Favorites.dll]  [360安全中心, 1, 0, 2, 1010]
    [D:\Program Files\360\360se3\Extensions\LoginEnrol\LoginEnrol.dll]  [, 1, 0, 0, 6]
    [D:\PROGRA~1\360\360se3\Extensions\ExtAddons\ExtAddons.dll]  [360安全中心, 1, 0, 2, 5]
    [D:\PROGRA~1\360\360se3\Extensions\ExtAdfilter\ExtAdfilter.dll]  [, 1, 0, 1, 1]
    [D:\PROGRA~1\360\360se3\Extensions\ExtDownload\ExtDownload.dll]  [360, 1, 0, 3, 7]
    [D:\PROGRA~1\360\360se3\Extensions\ExtPages\ExtPages.dll]  [360安全中心, 1, 0, 3, 9005]
    [D:\PROGRA~1\360\360se3\Extensions\ExtProxy\ExtProxy.dll]  [360, 1, 0, 0, 9]
    [D:\PROGRA~1\360\360se3\Extensions\ExtSafeAddress\ExtSafeAddress.dll]  [Phoenix Studio, 1, 0, 0, 3]
    [D:\PROGRA~1\360\360se3\Extensions\ExtSuggest\ExtSuggest.dll]  [360SE, 1, 0, 1, 2]
    [D:\PROGRA~1\360\360se3\Extensions\ExtVideoAnalyze\ExtVideoAnalyze.dll]  [, 1, 0, 0, 7]
    [D:\PROGRA~1\360\360se3\Extensions\MiniSearchBar\MiniSearchBar.dll]  [, 1, 0, 0, 4]
    [D:\PROGRA~1\360\360se3\Extensions\onlinefav\onlinefav.dll]  [, 3, 0, 0, 3]
    [D:\PROGRA~1\360\360se3\Extensions\PocketPlugin\PocketPlugin.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\360\360se3\Extensions\SafeCentral\urlproc.dll]  [360.CN, 1, 0, 0, 1006]
    [D:\PROGRA~1\360\360se3\Extensions\SnapPlugin\SnapPlugin.dll]  [, 1, 0, 0, 2]
    [D:\PROGRA~1\360\360se3\Extensions\TranslatorPlugin\TranslatorPlugin.dll]  [, 1, 0, 0, 2]
    [D:\PROGRA~1\360\360se3\Extensions\UICenter\UICenter.dll]  [, 1, 0, 0, 7]
    [D:\PROGRA~1\360\360se3\Extensions\ExtVideoAnalyze\AnalyzerEx.dll]  [, 1, 0, 0, 1]
    [D:\PROGRA~1\360\360se3\Extensions\ExtVideoAnalyze\vdetect.dll]  [, 1, 0, 0, 13]
    [C:\WINDOWS\system32\Macromed\Flash\Flash10d.ocx]  [Adobe Systems, Inc., 10,0,42,34]
[PID: 264 / yun][D:\Program Files\360\360se3\360SE.exe]  [360安全中心, 3, 1, 2, 2]
    [D:\Program Files\360\360se3\Extensions\SafeCentral\SafeCentral.dll]  [, 1, 3, 1, 1011]
    [D:\PROGRA~1\360\360se3\Extensions\ExtAdfilter\ExtAdfilter.dll]  [, 1, 0, 1, 1]
    [D:\PROGRA~1\360\360se3\Extensions\ExtProxy\ExtProxy.dll]  [360, 1, 0, 0, 9]
    [D:\Program Files\360\360se3\Extensions\SafeCentral\urlproc.dll]  [360.CN, 1, 0, 0, 1006]
    [C:\WINDOWS\system32\Macromed\Flash\Flash10d.ocx]  [Adobe Systems, Inc., 10,0,42,34]
[PID: 2912 / yun][D:\Program Files\360\360se3\360SE.exe]  [360安全中心, 3, 1, 2, 2]
    [D:\Program Files\360\360se3\Extensions\SafeCentral\SafeCentral.dll]  [, 1, 3, 1, 1011]
    [D:\PROGRA~1\360\360se3\Extensions\ExtAdfilter\ExtAdfilter.dll]  [, 1, 0, 1, 1]
    [D:\PROGRA~1\360\360se3\Extensions\ExtProxy\ExtProxy.dll]  [360, 1, 0, 0, 9]
    [D:\Program Files\360\360se3\Extensions\SafeCentral\urlproc.dll]  [360.CN, 1, 0, 0, 1006]
    [C:\WINDOWS\system32\Macromed\Flash\Flash10d.ocx]  [Adobe Systems, Inc., 10,0,42,34]
    [C:\WINDOWS\system32\mscoree.dll]  [Microsoft Corporation, 2.0.50727.253 (QFE.050727-2500)]
    [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorie.dll]  [Microsoft Corporation, 1.1.4322.2443]
    [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[PID: 2880 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 2164 / yun][C:\Documents and Settings\yun\桌面\sreng2\SREngLdr.EXE]  [Smallfrogs Studio, 2.8.2.1321]
[PID: 896 / yun][C:\Documents and Settings\yun\桌面\sreng2\SREe97afdf9.EXE]  [Smallfrogs Studio, 2.8.2.1321]
    [C:\Documents and Settings\yun\桌面\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
进程特权扫描
特殊特权被允许： SeLoadDriverPrivilege [PID = 1232, C:\WINDOWS\SYSTEM32\BCMWLTRY.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1876, C:\PROGRAM FILES\NGSRV\NGSLOTD.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 592, C:\PROGRAM FILES\BOSH_FEITIAN\CERTD_BOSH.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 620, C:\PROGRAM FILES\BOSH_HENGBAO\BOSH_KEYDRIVER01.EXE]

==================================
计划任务
[已启用] OGALogon.job
        C:\WINDOWS\system32\OGAVerify.exe
[已启用] OGADaily.job
        C:\WINDOWS\system32\OGAVerify.exe

==================================
Windows 安全更新检查
KB940157,  用于 Windows XP 的 Windows 搜索 4.0 (KB940157)
KB905474,  Windows Genuine Advantage 通知 (KB905474)
KB909520,  Microsoft 基本智能卡加密服务提供程序包： x86 (KB909520)
KB951847,  Microsoft .NET Framework 3.5 Service Pack 1 和 .NET Framework 3.5 Family Update (KB951847) x86
KB979202,  Microsoft Silverlight (KB979202)
KB980302,  用于 Windows XP 的 Internet Explorer 8 兼容性视图列表的更新程序 (KB980302)
KB890830,  Windows 恶意软件删除工具 - 2010 年 5 月 (KB890830)
KB978542,  Windows XP 安全更新程序 (KB978542) MS10-030
KB981725,  Outlook 2003 垃圾邮件筛选器更新 (KB981725)
KB976382,  Microsoft Office 2003 安全更新 (KB976382) MS10-031

==================================
API HOOK
N/A