用双IE及异常桌面图标扫描日志工具扫了一个log，版主烦请看看。谢谢咯

用户系统信息：Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Maxthon 2.0)

用过这个工具了嘛：FixIE_Plus.rar

如果使用这个工具清理后，重启还是不行，建议扫描sreng日志上来看一下。

之前就用了，没用
刚刚又试了一次，还是不行，重启就还是会有
另外伴随这个的是支付宝网站打不开，其他都ok
重装了支付宝安全控件还是如此，崩溃ing

[CODE]

2010-07-13,14:38:19

System Repair Engineer 2.8.2.1321
Smallfrogs (http://www.KZTechs.com)

Windows XP Home Edition Service Pack 3 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描
    计划任务
    Windows 安全更新检查
    API HOOK
    隐藏进程


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Component Publisher]
    <DAEMON Tools Lite><"D:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun>  [(Verified)DAEMON Tools Code Signing Services]
    <Kingsoft Program Assistant><"D:\Program Files\Kingsoft\SystemCleaner\kscsvc.exe" -runshell>  [(Verified)Zhuhai  Kingsoft Software Co.,Ltd]
    <FlashGet 3><; "C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" -minimize>  [File is missing]
    <MsnMsgr><; "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background>  [(Verified)Microsoft Corporation]
    <pc suite tray><; "D:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray>  [File is missing]
    <PPAP><; "C:\Program Files\Common Files\PPLiveNetwork\PPAP.exe" -background>  [(Verified)PPLive Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IgfxTray><C:\WINDOWS\system32\igfxtray.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <HotKeysCmds><C:\WINDOWS\system32\hkcmd.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <Persistence><C:\WINDOWS\system32\igfxpers.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <ETDWare><C:\Program Files\Elantech\ETDCtrl.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <AsusTray><C:\Program Files\EeePC\ACPI\AsTray.exe>  [ASUSTeK Computer Inc.]
    <AsusACPIServer><C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe>  [ASUSTeK Computer Inc.]
    <AsusEPCMonitor><C:\Program Files\EeePC\ACPI\AsEPCMon.exe>  [ASUSTeK Computer Inc.]
    <Microsoft Pinyin IME Migration><C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL>  [(Verified)Microsoft Corporation]
    <RTHDCPL><RTHDCPL.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <Alcmtr><ALCMTR.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <runeip><"D:\Program Files\Rising\AntiSpyware\rstray.exe" /startup>  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <RisTray><"D:\Program Files\Rising\Ris\RsTray.exe" -system>  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <Adobe Reader Speed Launcher><; "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe">  [(Verified)Adobe Systems, Incorporated]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <WebCheck><C:\WINDOWS\system32\webcheck.dll>  [(Verified)Microsoft Windows]
    <SysTray><C:\WINDOWS\system32\stobject.dll>  [(Verified)Microsoft Windows Component Publisher]
    <WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    <WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    <WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    <WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
    <WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    <WinlogonNotify: igfxcui><igfxdev.dll>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    <WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    <WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    <WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    <WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    <WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    <WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
    <Internet Explorer 版本更新><C:\WINDOWS\system32\ieudinit.exe>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
    <Browser Customizations><"C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
    <浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    <Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -BaseSettings>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [(Verified)Microsoft Corporation]

==================================
启动文件夹
N/A

==================================
服务
[Autodesk Licensing Service / Autodesk Licensing Service][Stopped/Manual Start]

<"C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"><Autodesk>
[AVG Anti-Spyware Guard / AVG Anti-Spyware Guard][Stopped/Auto Start]
  <><(File is missing)>
[Bluetooth Service / btwdins][Running/Auto Start]
  <C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe><Broadcom Corporation.>
[Cmb WebProtect Support / CMBWPS][Running/Auto Start]
  <C:\Program Files\CMBCHINA\WebProtect\WPService.exe /start><China Merchants Bank>
[Google Updater Service / gusvc][Stopped/Manual Start]
  <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[Kingsoft Rescue Service / Kingsoft Rescue Service][Running/Auto Start]
  <D:\Program Files\kingsoft\KSM\ksmsvc.exe><>
[Kingsoft System Optimization / kscsvc][Running/Auto Start]
  <D:\Program Files\Kingsoft\SystemCleaner\kscsvc.exe -daemon><Kingsoft Corporation>
[Private Folder Service / prfldsvc][Stopped/Manual Start]
  <C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe><N/A>
[Ris Service / RsRisMon][Running/Auto Start]
  <"D:\Program Files\Rising\Ris\RavMonD.exe"><Beijing Rising Information Technology Co., Ltd.>
[ServiceLayer / ServiceLayer][Stopped/Manual Start]
  <"C:\Program Files\PC Connectivity Solution\ServiceLayer.exe"><Nokia>

==================================
驱动程序
[Ambfilt / Ambfilt][Stopped/Manual Start]
  <system32\drivers\Ambfilt.sys><Creative>
[Atheros AR5008 Wireless Network Adapter Service / AR5416][Stopped/Manual Start]
  <system32\DRIVERS\athw.sys><Atheros Communications, Inc.>
[ASUS ACPI Driver / AsusACPI][Running/Manual Start]
  <system32\DRIVERS\ASUSACPI.sys><ASUSTeK Computer Inc.>
[BAPIDRV / BAPIDRV][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\BAPIDRV.SYS><360.cn>
[BC / BC][Running/Boot Start]
  <\SystemRoot\system32\Drivers\BC.sys><Kingsoft Corporation>
[bootsafe / bootsafe][Running/Boot Start]
  <\SystemRoot\system32\Drivers\bootsafe.sys><Kinsoft>
[蓝牙音频设备 / btaudio][Stopped/Manual Start]
  <system32\drivers\btaudio.sys><Broadcom Corporation.>
[蓝牙虚拟通信驱动程序 / BTDriver][Running/Manual Start]
  <system32\DRIVERS\btport.sys><Broadcom Corporation.>
[蓝牙总线枚举器 / BTKRNL][Running/Manual Start]
  <system32\DRIVERS\btkrnl.sys><Broadcom Corporation.>
[蓝牙局域网接入服务器 / BTWDNDIS][Stopped/Manual Start]
  <system32\DRIVERS\btwdndis.sys><Broadcom Corporation.>
[btwhid / btwhid][Stopped/Manual Start]
  <system32\DRIVERS\btwhid.sys><Broadcom Corporation.>
[WIDCOMM USB Bluetooth Driver / BTWUSB][Stopped/Manual Start]
  <System32\Drivers\btwusb.sys><Broadcom Corporation.>
[CMB8100 / CMB8100][Running/Auto Start]
  <\??\C:\WINDOWS\system32\Drivers\CertClient.dat><N/A>
[CMBProtector / CMBProtector][Running/Auto Start]
  <\??\C:\WINDOWS\system32\Drivers\CMBProtector.dat><N/A>
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[hookcont / hookcont][Running/System Start]
  <system32\drivers\HookCont.sys><Beijing Rising Information Technology Co., Ltd.>
[hooksys / hooksys][Running/System Start]
  <system32\drivers\HookSys.sys><Beijing Rising Information Technology Co., Ltd.>
[ialm / ialm][Running/Manual Start]
  <system32\DRIVERS\igxpmp32.sys><Intel Corporation>
[Intel AHCI Controller / iaStor][Running/Boot Start]
  <\SystemRoot\system32\drivers\iaStor.sys><Intel Corporation>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
  <system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[KAVBootC / KAVBootC][Stopped/Boot Start]
  <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
[KAVSafe / KAVSafe][Running/Auto Start]
  <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
[krpr / krpr][Stopped/Manual Start]
  <\??\D:\Program Files\kingsoft\KSM\krpr.sys><Kingsoft Corporation>
[Elantech Smart-Pad / Ktp][Running/Manual Start]
  <system32\DRIVERS\ETD.sys><ELANTECH Devices Corp.>
[Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller / L1e][Running/Manual Start]
  <system32\DRIVERS\l1e51x86.sys><Atheros Communications, Inc.>
[Monfilt / Monfilt][Stopped/Manual Start]
  <system32\drivers\Monfilt.sys><Creative Technology Ltd.>
[PCCS Mode Change Filter Driver / pccsmcfd][Stopped/Manual Start]
  <system32\DRIVERS\pccsmcfd.sys><Nokia>
[Prvflder / Prvflder][Running/Auto Start]
  <system32\DRIVERS\prvflder.sys><Windows (R) 2000 DDK provider>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
  <\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[Rising RfwARP Driver / RFWARP][Running/Auto Start]
  <system32\DRIVERS\rfwarp.sys><Beijing Rising Information Technology Co., Ltd.>
[Rising RfwBase Driver / RfwBase9][Running/Manual Start]
  <system32\DRIVERS\rfwbase.sys><Beijing Rising Information Technology Co., Ltd.>
[rfwtdi / rfwtdi][Running/Auto Start]
  <\??\D:\Program Files\Rising\Ris\rfwtdi.sys><Beijing Rising Information Technology Co., Ltd.>
[rsassist / rsassist][Running/Auto Start]
  <system32\drivers\rsassist.sys><Beijing Rising Information Technology Co., Ltd.>
[rsfwdrv / rsfwdrv][Running/System Start]
  <\??\D:\Program Files\Rising\Ris\rsfwdrv.sys><Beijing Rising Information Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Information Technology Co., Ltd.>
[Ralink 802.11n Wireless Driver / RT80x86][Stopped/Manual Start]
  <system32\DRIVERS\RT2860.sys><Ralink Technology, Corp.>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[USB2.0 PC Camera (SNP2UVC) / SNP2UVC][Running/Manual Start]
  <system32\DRIVERS\snp2uvc.sys><>
[sptd / sptd][Running/Boot Start]
  <\SystemRoot\System32\Drivers\sptd.sys><N/A>
[SymEvent / SymEvent][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS><Symantec Corporation>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[upperdev / upperdev][Stopped/Manual Start]
  <system32\DRIVERS\usbser_lowerflt.sys><Nokia>
[UsbserFilt / UsbserFilt][Stopped/Manual Start]
  <system32\DRIVERS\usbser_lowerfltj.sys><Nokia>

==================================
浏览器加载项
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <D:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) 深圳市迅雷网络技术有限公司>
[IE2EMBHO Class]
  {0A0DDBD3-6641-40B9-873F-BBDD26D6C14E} <D:\Program Files\easyMule\modules\IE2EM.dll, (Signed) VeryCD.com>
[WebProtect]
  {53763D1D-9CA8-4C7C-9756-A8E6B8FC063B} <C:\Program Files\CMBCHINA\WebProtect\WebProtect.dll, (Signed) China Merchants Bank>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) 深圳市迅雷网络技术有限公司>
[卡卡上网安全助手]
  {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} <C:\WINDOWS\system32\UrlFilter.dll, (Signed) Beijing Rising Information Technology Co., Ltd.>
[Download_Bho Class]
  {A986E409-30CC-4185-89BB-AB212C104524} <C:\Program Files\PPLive\PPVA\DownloaderManager.dll, (Signed) Synacast>
[InstallHelper Class]
  {1DABF8D5-8430-4985-9B7F-A30E53D709B3} <D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQMusic\bin\QQMusic\MMInstaller.dll, (Signed) Tencent>
[F5 Networks Dynamic Application Tunnel Control]
  {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} <C:\WINDOWS\Downloaded Program Files\TunnelServerX.dll, (Signed) F5 Networks>
[F5 Networks Auto Update]
  {45B69029-F3AB-4204-92DE-D5140C3E8E74} <C:\WINDOWS\Downloaded Program Files\InstallerControl.dll, (Signed) F5 Networks>
[XPPIECtrl Class]
  {5AB1EF72-6CC6-4090-9030-8E0ACF7E6D3E} <C:\WINDOWS\Downloaded Program Files\XPPIE.dll, TOM Online Inc.>
[DLoader Class]
  {78ABDC59-D8E7-44D3-9A76-9A0918C52B4A} <C:\WINDOWS\Downloaded Program Files\downloader.dll, (Signed) Sina Com>
[F5 Virtual Sandbox Class]
  {7E73BE8F-FD87-44EC-8E22-023D5FF960FF} <C:\WINDOWS\Downloaded Program Files\vdeskctrl.dll, (Signed) F5 Networks, Inc>
[Java Plug-in]
  {8AD9C840-044E-11D1-B3E9-00805F499D93} <D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[CCTVUpdateInstall]
  {AC414988-E5BB-4C2C-873B-EA53D2F3D23A} <C:\Documents and Settings\QinFei\Application Data\CCTV\tv\CCTVUpdateInstall.dll, (Signed) CCTV International Networks Co.,Ltd>
[Java Plug-in]
  {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} <D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.5.0_06]
  {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <D:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll, Sun Microsystems, Inc.>
[F5 Networks SuperHost Class]
  {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} <C:\WINDOWS\Downloaded Program Files\urSuperHost.dll, (Signed) F5 Networks>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10e.ocx, (Signed) Adobe Systems, Inc.>
[KUpdateObj2 Class]
  {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, (Signed) Kingsoft Corporation>
[F5 Networks Host Control]
  {E0FF21FA-B857-45C5-8621-F120A0C17FF2} <C:\WINDOWS\Downloaded Program Files\urxhost.dll, (Signed) F5 Networks>
[PasswordEditCtrl Class]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\Program Files\Common Files\Tencent\Paycenter\qqedit.dll, (Signed) Tencent>
[PPLive Lite Class]
  {EF0D1A14-1033-41A2-A589-240C01EDC078} <C:\Program Files\Common Files\PPLiveNetwork\plugin\pplugin2.dll, >
[]
  {00000000-0593-4356-9CF7-1D8C2B3343C0} <, >
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <D:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) 深圳市迅雷网络技术有限公司>
[Adobe PDF Reader Link Helper]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated>
[]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <, >
[]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <, >
[IE2EMBHO Class]
  {0A0DDBD3-6641-40B9-873F-BBDD26D6C14E} <D:\Program Files\easyMule\modules\IE2EM.dll, (Signed) VeryCD.com>
[Edit Class]
  {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINDOWS\system32\CMBEdit.dll, (Signed) >
[]
  {116BA71C-8187-4F15-9A1F-C9D6289155D1} <, >
[Player Class]
  {11F2A418-94B2-4e16-9B0C-B00C0435F903} <C:\Program Files\Tencent\QQLive\LiveMedia.dll, (Signed) Tencent>
[Adobe PDF Link Helper]
  {18DF081C-E8AD-4283-A596-FA578C2EBDC3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll, (Signed) Adobe Systems Incorporated>
[WWPicUploadCtrl Class]
  {1D63232D-4F15-4A42-890D-EE617AA1537D} <D:\Program Files\AliWangWang\modules\1685\WWPictureUpload.dll, Alibaba software (Shanghai) Corporation>
[InstallHelper Class]
  {1DABF8D5-8430-4985-9B7F-A30E53D709B3} <D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQMusic\bin\QQMusic\MMInstaller.dll, (Signed) Tencent>
[HallToolkit Class]
  {1E36C446-29F0-4773-A3FB-59C5501446EB} <D:\Program Files\Thunder\Program\HallTool.dll, (Signed) 深圳市迅雷网络技术有限公司>
[]
  {219C3416-8CB2-491A-A3C7-D9FCDDC9D600} <, >
[]
  {21FA44EF-376D-4D53-9B0F-8A89D3229068} <, >
[]
  {22BF413B-C6D2-4D91-82A9-A0F997BA588C} <, >
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <C:\WINDOWS\system32\mshtml.dll, (Signed) Microsoft Corporation>
[XML DOM Document]
  {2933BF90-7B36-11D2-B20E-00C04F983E60} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[]
  {2974c985-8151-4de5-b23c-b875f0a8522f} <, >
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation>
[]
  {2D90D33C-DE76-42D0-9040-E4466DDC24AC} <, >
[]
  {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <, >
[XML Document]
  {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <D:\Program Files\Thunder\ComDlls\ThunderAgent5.9.20.1418.dll, (Signed) 深圳市迅雷网络技术有限公司>
[]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <, >
[WebProtect]
  {53763D1D-9CA8-4C7C-9756-A8E6B8FC063B} <C:\Program Files\CMBCHINA\WebProtect\WebProtect.dll, (Signed) China Merchants Bank>
[]
  {548BF84E-9665-47F9-B635-7380F8943E90} <, >
[isInstalled Class]
  {5852F5ED-8BF4-11D4-A245-0080C6F74284} <D:\Program Files\Java\jre1.5.0_06\bin\JavaWebStart.dll, Sun Microsystems, Inc.>
[XPPIECtrl Class]
  {5AB1EF72-6CC6-4090-9030-8E0ACF7E6D3E} <C:\WINDOWS\Downloaded Program Files\XPPIE.dll, TOM Online Inc.>
[WangWangX Class]
  {5D09DD40-CDC4-4C56-B615-0D1E3B357C2B} <D:\Program Files\AliWangWang\AliIMX.dll, (Signed) Alibaba software (Shanghai) Corporation.>
[XMP Class]
  {6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, Xunlei Networking Technologies,LTD>
[QQLiveFile Class]
  {6B232760-90F1-41c3-9902-C8552C1D8A72} <C:\Program Files\Tencent\QQLive\FileVersion.dll, (Signed) Tencent>
[]
  {6EBF7485-159F-4BFF-A14F-B9E3AAC4465B} <, >
[]
  {7478FB63-1E75-49FC-9C06-6F38C258365A} <, >
[SSVHelper Class]
  {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll, Sun Microsystems, Inc.>
[MediaComm Class]
  {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <D:\Program Files\Thunder\userdata\Components\InMedia\MediaAddin.dll, (Signed) 深圳市迅雷网络技术有限公司>
[Skype add-on (button)]
  {77BF5300-1474-4EC7-9980-D32B190E9B07} <C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll, N/A>
[DLoader Class]
  {78ABDC59-D8E7-44D3-9A76-9A0918C52B4A} <C:\WINDOWS\Downloaded Program Files\downloader.dll, (Signed) Sina Com>
[XDownloaddManager Class]
  {802F530B-A8F6-4631-AE49-6BACAAC6373E} <D:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) 深圳市迅雷网络技术有限公司>
[]
  {87515F61-A66C-4319-A0E0-D416CB8059E3} <, >
[Microsoft Web Browser]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) 深圳市迅雷网络技术有限公司>
[XML DOM Document 6.0]
  {88D96A05-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[SSOForPTLogin Class]
  {8FC1EE75-72B3-4A23-B987-2B1C4C8A611B} <C:\Program Files\Common Files\Tencent\TXSSO\Bin\SSOAxCtrlForPTLogin.dll, (Signed) >
[]
  {9030D464-4C02-4ABF-8ECC-5164760863C6} <, >
[]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <, >
[OFrameObject Class]
  {9701758C-4373-482E-B13C-776C048EC890} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.5918.281.(220).dll, (Signed) 深圳市迅雷网络技术有限公司>
[卡卡上网安全助手]
  {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} <C:\WINDOWS\system32\UrlFilter.dll, (Signed) Beijing Rising Information Technology Co., Ltd.>
[]
  {998A88A0-A355-809B-831C-B83A80000991} <, >
[]
  {998A88A0-A355-809B-831C-B83A80000992} <, >
[VersionDetector Class]
  {9EFF1953-9694-47B1-AEF6-B2A3FE8BFE9B} <C:\Program Files\Common Files\Thunder Network\KanKan\vd.1.1.0.30.(891).dll, (Signed) 深圳市迅雷网络技术有限公司>
[HallToolkit Class]
  {A24E6133-404F-4431-A296-2DE576FC5AEE} <C:\Program Files\Common Files\Thunder Network\XLGame\HallTool.1.0.0.5.(890).dll, (Signed) 深圳市迅雷网络技术有限公司>
[APlayer Control]
  {A9322148-C691-4B9D-91FC-B9C461DBE9DD} <C:\Program Files\Common Files\Thunder Network\APlayer\APlayer_001.dll, (Signed) ShenZhen Thunder Networking Technologies, LTD>
[Download_Bho Class]
  {A986E409-30CC-4185-89BB-AB212C104524} <C:\Program Files\PPLive\PPVA\DownloaderManager.dll, (Signed) Synacast>
[DapCtrl Class]
  {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.5918.281.(220).dll, (Signed) 深圳市迅雷网络技术有限公司>
[]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <, >
[]
  {CCA281CA-C863-46EF-9331-5C8D4460577F} <, >
[Microsoft Url Search Hook]
  {CFBFAE00-17A6-11D0-99CB-00C04FD64497} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>
[Windows Live 登录控制]
  {D2517915-48CE-4286-970F-921E881B8C5C} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10e.ocx, (Signed) Adobe Systems, Inc.>
[KUpdateObj2 Class]
  {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, (Signed) Kingsoft Corporation>

[]
  {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <, >
[QQLive Class]
  {D9EBCF5D-3F8F-4b6a-89BA-70577BE73C62} <C:\Program Files\Tencent\QQLive\LiveAPI.dll, (Signed) Tencent>
[]
  {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} <, >
[]
  {E2E2DD38-D088-4134-82B7-F2BA38496583} <, >
[RevealTrans]
  {E31E87C4-86EA-4940-9B8A-5BD5D179A737} <C:\WINDOWS\system32\Dxtmsft.dll, (Signed) Microsoft Corporation>
[PasswordEditCtrl Class]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\Program Files\Common Files\Tencent\Paycenter\qqedit.dll, (Signed) Tencent>
[TimwpDll.TimwpCheck]
  {ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4} <D:\PROGRA~1\Tencent\QQ\Bin\Timwp.dll, (Signed) Tencent>
[XML HTTP Request]
  {ED8C108E-4349-11D2-91A4-00C04F7969E8} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[PPLive Lite Class]
  {EF0D1A14-1033-41A2-A589-240C01EDC078} <C:\Program Files\Common Files\PPLiveNetwork\plugin\pplugin2.dll, >
[PBActiveX40 Control]
  {F2EB8999-766E-4BF6-AAAD-188D398C0D0B} <C:\WINDOWS\system32\PersonalBankMain.ocx, (Signed) China Merchants Bank>
[]
  {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <, >
[XML HTTP]
  {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[]
  {FB5F1910-F110-11D2-BB9E-00C04F795683} <, >
[]
  {FEE3C8C5-9BEA-4079-AB36-63ECABFC7392} <, >
[使用迅雷下载]
  <D:\Program Files\Thunder\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <D:\Program Files\Thunder\Program\getallurl.htm, N/A>

==================================
正在运行的进程
[PID: 956 / SYSTEM][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1016 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1040 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[PID: 1084 / SYSTEM][C:\WINDOWS\system32\services.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
[PID: 1096 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[PID: 1280 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1348 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1460 / SYSTEM][D:\Program Files\Rising\Ris\RavMonD.exe]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2]
    [D:\Program Files\Rising\Ris\combase.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 17]
    [D:\Program Files\Rising\Ris\cnt09.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5]
    [D:\Program Files\Rising\Ris\moncomm.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 9]
    [D:\Program Files\Rising\Ris\MonBase.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3]
    [D:\Program Files\Rising\Ris\Rslog.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.41]
    [D:\Program Files\Rising\Ris\mondrv.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6]
    [D:\Program Files\Rising\Ris\defmon.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 46]
    [D:\Program Files\Rising\Ris\moncom08.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1]
    [D:\Program Files\Rising\Ris\MonRule.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 10]
    [D:\Program Files\Rising\Ris\FileMon.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 29]
    [D:\Program Files\Rising\Ris\MailMon.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 22]
    [D:\Program Files\Rising\Ris\HookWeb.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 12]
    [D:\Program Files\Rising\Ris\rfwlog.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.15]
    [D:\Program Files\Rising\Ris\rfwrule.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.1]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [D:\Program Files\Rising\Ris\rfwsrv.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.2]
    [D:\Program Files\Rising\Ris\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [D:\Program Files\Rising\Ris\mPorts.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.0]
    [D:\Program Files\Rising\Ris\rfwdrvc.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
    [D:\Program Files\Rising\Ris\Rfwdrv.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.5]
    [D:\Program Files\Rising\Ris\rsnetsvr.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3]
    [D:\Program Files\Rising\Ris\RfwArp.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.5]
    [D:\Program Files\Rising\Ris\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [D:\Program Files\Rising\Ris\urlrule.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.1]
    [D:\Program Files\Rising\Ris\recomp.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6]
    [D:\Program Files\Rising\Ris\refs.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3]
    [D:\Program Files\Rising\Ris\viruslib.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3]
    [D:\Program Files\Rising\Ris\relibldr.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3]
    [D:\Program Files\Rising\Ris\rfwproxy.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 73]
    [D:\Program Files\Rising\Ris\rslang.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1]
    [D:\Program Files\Rising\Ris\rsindent.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 11]
    [D:\Program Files\Rising\Ris\taskplug.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 10]
    [D:\Program Files\Rising\Ris\scansrvp.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.7]
    [D:\Program Files\Rising\Ris\cnt08.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1]
    [D:\Program Files\Rising\Ris\proccomm.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4]
    [D:\Program Files\Rising\Ris\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.0]
    [D:\Program Files\Rising\Ris\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.0]
    [D:\Program Files\Rising\Ris\Hooksys.dll]  [Beijing Rising Information Technology Co., Ltd., 24, 0, 0, 3]
    [D:\Program Files\Rising\Ris\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [D:\Program Files\Rising\Ris\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [D:\Program Files\Rising\Ris\HookCont.dll]  [Beijing Rising Information Technology Co., Ltd., 24, 0, 0, 1]
    [D:\Program Files\Rising\Ris\BACore.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 39]
    [D:\Program Files\Rising\Ris\bawhite.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3]
    [D:\Program Files\Rising\Ris\RSStore.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6]
    [D:\Program Files\Rising\Ris\Scanner.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.22]
    [D:\Program Files\Rising\Ris\ScanAdd.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.4]
    [D:\Program Files\Rising\Ris\NComm2.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3]
    [D:\Program Files\Rising\Ris\rstask.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5]
    [D:\Program Files\Rising\Ris\rsstub.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1]
    [D:\Program Files\Rising\Ris\ScanSrv.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.3]
    [D:\Program Files\Rising\Ris\scanpe.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 10]
    [D:\Program Files\Rising\Ris\pearc.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2]
    [D:\Program Files\Rising\Ris\ur000.dat]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4]
    [D:\Program Files\Rising\Ris\urutils.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1]
    [D:\Program Files\Rising\Ris\revm.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6]
    [D:\Program Files\Rising\Ris\ur001.dat]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2]
    [D:\Program Files\Rising\Ris\ffr.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4]
    [D:\Program Files\Rising\Ris\nvfile.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1]
    [D:\Program Files\Rising\Ris\scanexec.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2]
    [D:\Program Files\Rising\Ris\unexe.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2]
    [D:\Program Files\Rising\Ris\scanex.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 80]
    [D:\Program Files\Rising\Ris\scantj.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4]
    [D:\Program Files\Rising\Ris\methodex.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3]
    [D:\Program Files\Rising\Ris\heurex.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 17]
    [D:\Program Files\Rising\Ris\pecompd.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5]
    [D:\Program Files\Rising\Ris\urllib.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1]
    [D:\Program Files\Rising\Ris\scansct.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4]
    [D:\Program Files\Rising\Ris\extmail.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5]
    [D:\Program Files\Rising\Ris\extsfx.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4]
[PID: 1476 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [c:\windows\system32\msi.dll]  [Microsoft Corporation, 4.5.6001.22159]
[PID: 1564 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1692 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1920 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 2004 / QinFei][C:\WINDOWS\Explorer.EXE]  [(Verified) Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll]  [Microsoft Corporation, 2.0.50727.3603 (GDR.050727-3600)]
    [C:\Program Files\ASUS\Eee Storage\XPClient.dll]  [Ecareme, 1.0.0.0]
    [D:\Program Files\Rising\AntiSpyware\RegCall.dll]  [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6]
    [C:\WINDOWS\system32\msi.dll]  [Microsoft Corporation, 4.5.6001.22159]
    [C:\WINDOWS\system32\btncopy.dll]  [Broadcom Corporation., 5.5.0.4400]
    [C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 6.14.10.4906]
    [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 9.1.0.2009022700]
    [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS]  [, ]
    [D:\Program Files\WinRAR\rarext.dll]  [, ]
    [C:\Program Files\Elantech\ETDApix.dll]  [ELANTECH Devices Corp., 7, 0, 4, 4]
    [D:\Program Files\Thunder\ComDlls\ATL71.DLL]  [Microsoft Corporation, 7.10.6101.0]
    [D:\Program Files\Thunder\ComDlls\MSVCP71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [D:\Program Files\Thunder\ComDlls\MSVCR71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [D:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll]  [深圳市迅雷网络技术有限公司, 5,9,20,1418]
    [D:\Program Files\Thunder\ComDlls\zlib1.dll]  [, 1.2.3]
    [D:\Program Files\Thunder\userdata\Components\ResWorker\DsBho_00.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 0, 31]
    [D:\Program Files\Thunder\userdata\Components\ResWorker\DataProcessor_00.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 1, 5]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.1]
    [C:\WINDOWS\system32\kakaext.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.4]
    [D:\Program Files\FastCopy\fastext1.dll]  [SHIROUZU Hiroaki, 1, 9, 9, 3]
    [C:\Program Files\ASUS\Eee Storage\LogicNP.EZNamespaceExtensions.dll]  [ , 3.0.0.0]
    [C:\Program Files\ASUS\Eee Storage\EcaremeDLL.dll]  [, 1.0.3357.31342]
    [C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll]  [Microsoft Corporation, 8.0.50727.3053 (netfxsp.050727-3000)]
    [C:\WINDOWS\assembly\GAC_MSIL\SqliteShared\1.0.3357.31342__0d0f4b69e50e559b\SqliteShared.dll]  [, 1.0.3357.31342]
    [C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll]  [, 1.0.60.0]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\37217abe2c5164e59aba251860f4c79e\System.ni.dll]  [Microsoft Corporation, 2.0.50727.3614 (GDR.050727-3600)]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\50130ef751b98a4a11bd4ab73af7cab5\System.Data.ni.dll]  [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]
    [C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll]  [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\9c56656c88979cf18de6cbcb6587ba8f\System.Transactions.ni.dll]  [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]
    [C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll]  [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\631b3eba1ba5bd3c3f027f34011cadeb\System.Configuration.ni.dll]  [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\563a54b98adb70fae862974042298348\System.Xml.ni.dll]  [Microsoft Corporation, 2.0.50727.3082 (QFE.050727-3000)]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\e9edc5cd12ebb513b4a3c53cb4640771\System.EnterpriseServices.ni.dll]  [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]
    [C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll]  [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\f3440ea00eb3c40dc073b2fe03843638\System.Drawing.ni.dll]  [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]
    [D:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll]  [深圳市迅雷网络技术有限公司, 5,9,20,1418]
    [D:\Program Files\Thunder\ComDlls\ThunderAgent5.9.20.1418.dll]  [深圳市迅雷网络技术有限公司, 5,9,20,1418]
    [C:\WINDOWS\system32\igfxpph.dll]  [Intel Corporation, 6.14.10.4906]
    [C:\WINDOWS\system32\hccutils.DLL]  [Intel Corporation, 6.14.10.4906]
    [C:\WINDOWS\system32\igfxres.dll]  [Intel Corporation, 6.14.10.4906]
    [C:\WINDOWS\system32\igfxress.dll]  [Intel Corporation, 6.14.10.4906]
    [D:\Program Files\AliWangWang\AliIMExt.dll]  [Alibaba software (Shanghai) Corporation., 1.0.0.1]
[PID: 160 / SYSTEM][D:\Program Files\kingsoft\KSM\ksmsvc.exe]  [, 2010,06,30,1175]
    [D:\Program Files\kingsoft\KSM\kdump.dll]  [Kingsoft Corporation, 2010,06,18,1126]
    [D:\Program Files\kingsoft\KSM\kxestat.dll]  [Kingsoft Corporation, 2009,11,20,309]
    [D:\Program Files\kingsoft\KSM\kxebase.dll]  [Kingsoft Corporation, 2009,11,20,309]
    [D:\Program Files\kingsoft\KSM\scom.dll]  [Kingsoft Corporation, 2009,11,20,309]
    [D:\Program Files\kingsoft\KSM\kxecore\kxelog.dll]  [Kingsoft Corporation, 2009,11,20,309]
    [D:\Program Files\kingsoft\KSM\kxecore\kxecore.dll]  [Kingsoft Corporation, 2010,5,12,402]
    [D:\Program Files\kingsoft\KSM\kxecore\kxestat.dll]  [Kingsoft Corporation, 2009,11,20,309]
    [D:\Program Files\kingsoft\KSM\ksmcorex.dll]  [Kingsoft Corporation, 2010,07,09,1205]
    [D:\Program Files\kingsoft\KSM\kcldrep.dll]  [Kingsoft Corporation, 2010,07,05,1190]
    [D:\Program Files\kingsoft\KSM\sqlite.dll]  [N/A, ]
    [D:\Program Files\kingsoft\KSM\kavifr.dll]  [Kingsoft Corporation, 2010,05,25,74]
    [D:\Program Files\kingsoft\KSM\ksecorex.dll]  [Kingsoft Corporation, 2010,07,05,896]
    [D:\Program Files\kingsoft\KSM\ksreng.dll]  [Kingsoft Corporation, 2010,07,02,1183]
    [D:\Program Files\kingsoft\KSM\ksbwsspx.dll]  [Kingsoft Corporation, 2010,05,27,1072]
    [D:\Program Files\kingsoft\KSM\kae\kaecore.dat]  [Kingsoft Corporation, 2010,03,18,77]
    [D:\Program Files\kingsoft\KSM\ksbwdet2.dll]  [Kingsoft Corporation, 2010,06,08,1105]
    [D:\Program Files\kingsoft\KSM\kae\karchive.dat]  [Kingsoft Corporation, 2010,03,18,77]
    [D:\Program Files\kingsoft\KSM\kae\kaearcha.dat]  [Kingsoft Corporation, 2010,03,18,77]
    [D:\Program Files\kingsoft\KSM\kae\kaeolea.dat]  [Kingsoft Corporation, 2010,03,18,77]

[D:\Program Files\kingsoft\KSM\kae\kaearchb.dat]  [Kingsoft Corporation, 2010,03,18,77]
[PID: 260 / SYSTEM][D:\Program Files\Kingsoft\SystemCleaner\kscsvc.exe]  [Kingsoft Corporation, 2010,05,21,64]
    [D:\Program Files\Kingsoft\SystemCleaner\kdump.dll]  [Kingsoft Corporation, 2010,04,29,944]
    [D:\Program Files\Kingsoft\SystemCleaner\kbccore.dll]  [Kingsoft Corporation, 2010,05,21,64]
    [D:\Program Files\Kingsoft\SystemCleaner\KIPC.dll]  [Kingsoft Corporation, 2010,05,21,64]
    [D:\Program Files\Kingsoft\SystemCleaner\ksscore.dll]  [Kingsoft Corporation, 2010,05,14,1013]
    [D:\Program Files\Kingsoft\SystemCleaner\kxebase.dll]  [Kingsoft Corporation, 2009,11,20,309]
    [D:\Program Files\Kingsoft\SystemCleaner\scom.dll]  [Kingsoft Corporation, 2009,11,20,309]
    [D:\Program Files\Kingsoft\SystemCleaner\kxecore\kxecore.dll]  [Kingsoft Corporation, 2009,11,20,309]
    [D:\Program Files\Kingsoft\SystemCleaner\KSE\ksecorex.dll]  [Kingsoft Corporation, 2010,04,28,98]
    [D:\Program Files\Kingsoft\SystemCleaner\KSE\kae\kaecore.dat]  [Kingsoft Corporation, 2010,03,18,77]
    [D:\Program Files\Kingsoft\SystemCleaner\kxesansp.dll]  [Kingsoft Corporation, 2010,05,13,1000]
    [D:\Program Files\Kingsoft\SystemCleaner\KSE\kae\karchive.dat]  [Kingsoft Corporation, 2010,03,18,77]
    [D:\Program Files\Kingsoft\SystemCleaner\KSE\kae\kaearcha.dat]  [Kingsoft Corporation, 2010,03,18,77]
    [D:\Program Files\Kingsoft\SystemCleaner\KSE\kae\kaeolea.dat]  [Kingsoft Corporation, 2010,03,18,77]
    [D:\Program Files\Kingsoft\SystemCleaner\KSE\kae\kaearchb.dat]  [Kingsoft Corporation, 2010,03,18,77]
[PID: 484 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\bthcrp.dll]  [Broadcom Corporation., 5.5.0.4400]
    [C:\WINDOWS\system32\WidcommSdk.dll]  [Broadcom Corporation., 5.5.0.4400]
    [C:\WINDOWS\system32\wbtapi.dll]  [Broadcom Corporation., 5.5.0.4400]
    [C:\WINDOWS\system32\msi.dll]  [Microsoft Corporation, 4.5.6001.22159]
    [C:\WINDOWS\system32\CNMLM8R.DLL]  [CANON INC., 2.10.2.11]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\CNMPD8R.DLL]  [CANON INC., 2.10.2.10]
[PID: 940 / QinFei][C:\WINDOWS\system32\igfxtray.exe]  [Intel Corporation, 6.14.10.4906]
    [C:\WINDOWS\system32\hccutils.DLL]  [Intel Corporation, 6.14.10.4906]
    [C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 6.14.10.4906]
    [C:\WINDOWS\system32\igfxres.dll]  [Intel Corporation, 6.14.10.4906]
    [C:\WINDOWS\system32\igfxress.dll]  [Intel Corporation, 6.14.10.4906]
[PID: 976 / QinFei][C:\WINDOWS\system32\hkcmd.exe]  [Intel Corporation, 6.14.10.4906]
    [C:\WINDOWS\system32\hccutils.DLL]  [Intel Corporation, 6.14.10.4906]
    [C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 6.14.10.4906]
    [C:\WINDOWS\system32\igfxres.dll]  [Intel Corporation, 6.14.10.4906]
[PID: 1012 / QinFei][C:\Program Files\Elantech\ETDCtrl.exe]  [ELANTECH Devices Corp., 7, 0, 4, 3]
    [C:\Program Files\Elantech\ETDIsos.dll]  [ELANTECH Devices Corp., 7, 0, 4, 0]
    [C:\Program Files\Elantech\ETDApix.dll]  [ELANTECH Devices Corp., 7, 0, 4, 4]
    [C:\Program Files\Elantech\ETDCmds.dll]  [ELANTECH Devices Corp., 7, 0, 4, 3]
    [D:\Program Files\Rising\AntiSpyware\RegCall.dll]  [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6]
[PID: 1008 / QinFei][C:\Program Files\EeePC\ACPI\AsTray.exe]  [ASUSTeK Computer Inc., 5, 1, 1, 4008]
    [C:\WINDOWS\system32\IGFXEXPS.DLL]  [Intel Corporation, 6.14.10.4906]
[PID: 148 / QinFei][C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe]  [ASUSTeK Computer Inc., 5, 1, 1, 4009]
    [D:\Program Files\Rising\AntiSpyware\RegCall.dll]  [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6]
    [C:\WINDOWS\system32\IGFXEXPS.DLL]  [Intel Corporation, 6.14.10.4906]
[PID: 1236 / QinFei][C:\Program Files\EeePC\ACPI\AsEPCMon.exe]  [ASUSTeK Computer Inc., 5, 1, 1, 1002]
[PID: 1436 / QinFei][C:\WINDOWS\system32\igfxsrvc.exe]  [Intel Corporation, 6.14.10.4906]
    [C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 6.14.10.4906]
    [C:\WINDOWS\system32\igfxdev.dll]  [Intel Corporation, 6.14.10.4906]
[PID: 1512 / QinFei][C:\WINDOWS\RTHDCPL.EXE]  [Realtek Semiconductor Corp., 2.2.4.3]
    [D:\Program Files\Rising\AntiSpyware\RegCall.dll]  [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6]
[PID: 1708 / QinFei][D:\Program Files\Rising\AntiSpyware\rstray.exe]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.29]
    [D:\Program Files\Rising\AntiSpyware\rsmginfo.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4]
    [D:\Program Files\Rising\AntiSpyware\RegCall.dll]  [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6]
    [D:\Program Files\Rising\AntiSpyware\RsXML.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2]
    [D:\Program Files\Rising\AntiSpyware\ComServ.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.33]
    [D:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [D:\Program Files\Rising\AntiSpyware\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [D:\Program Files\Rising\AntiSpyware\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [D:\Program Files\Rising\AntiSpyware\rscommon.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.1.1]
    [D:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [D:\Program Files\Rising\AntiSpyware\rsxml1.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2]
    [D:\Program Files\Rising\AntiSpyware\pngdll.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5]
    [D:\Program Files\Rising\AntiSpyware\runiep.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.65]
    [D:\Program Files\Rising\AntiSpyware\NComm.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.11]
    [D:\Program Files\Rising\AntiSpyware\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [D:\Program Files\Rising\AntiSpyware\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
[PID: 1768 / QinFei][D:\Program Files\Rising\Ris\RsTray.exe]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.11]
    [D:\Program Files\Rising\Ris\comserv.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.15]
    [D:\Program Files\Rising\Ris\rslang.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1]
    [D:\Program Files\Rising\Ris\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [D:\Program Files\Rising\Ris\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [D:\Program Files\Rising\Ris\ProcComm.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4]
    [D:\Program Files\Rising\Ris\rsxml.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2]
    [D:\Program Files\Rising\Ris\MonState.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2]
    [D:\Program Files\Rising\Ris\ScanEvnt.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.3]
    [D:\Program Files\Rising\Ris\rsguilib.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 57]
    [D:\Program Files\Rising\Ris\rsconf.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.1]
    [D:\Program Files\Rising\Ris\rfwrule.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.1]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [D:\Program Files\Rising\Ris\rspalvd.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.7]
    [D:\Program Files\Rising\Ris\rsnetsvr.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3]
    [D:\Program Files\Rising\Ris\ravbintl.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 22]
    [D:\Program Files\Rising\Ris\mruleui.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 7]
    [D:\Program Files\Rising\Ris\MonTray.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.74]
    [D:\Program Files\Rising\Ris\RavITray.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6]
    [D:\Program Files\Rising\Ris\rfwtray.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 39]
    [D:\Program Files\Rising\Ris\rsmginfo.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4]
    [D:\Program Files\Rising\Ris\scanleak.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6]
    [D:\Program Files\Rising\Ris\ravppops.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 21]
    [D:\Program Files\Rising\Ris\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.0]
    [D:\Program Files\Rising\Ris\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.0]
    [D:\Program Files\Rising\Ris\PngDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [D:\Program Files\Rising\Ris\ScanPrxy.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.4]
    [D:\Program Files\Rising\Ris\rfwlog.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.15]
[PID: 584 / QinFei][C:\WINDOWS\system32\ctfmon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [D:\Program Files\Rising\AntiSpyware\RegCall.dll]  [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6]
[PID: 648 / QinFei][D:\Program Files\DAEMON Tools Lite\daemon.exe]  [DT Soft Ltd, 4.30.4.0027]
    [D:\Program Files\DAEMON Tools Lite\DTCommonRes.dll]  [DT Soft Ltd, 4.30.4.0027]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL]  [Microsoft Corporation, 8.00.50727.4053]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL]  [Microsoft Corporation, 8.00.50727.4053]
    [D:\Program Files\Rising\AntiSpyware\RegCall.dll]  [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll]  [Microsoft Corporation, 2.0.50727.3603 (GDR.050727-3600)]
    [C:\Program Files\ASUS\Eee Storage\XPClient.dll]  [Ecareme, 1.0.0.0]
    [D:\Program Files\DAEMON Tools Lite\Engine.dll]  [DT Soft Ltd, 4.30.4.0027]
    [D:\Program Files\DAEMON Tools Lite\imgengine.dll]  [DT Soft Ltd., 1.17.0.0]
[PID: 808 / QinFei][C:\WINDOWS\system32\igfxext.exe]  [Intel Corporation, 6.14.10.4906]
    [D:\Program Files\Rising\AntiSpyware\RegCall.dll]  [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6]
    [C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 6.14.10.4906]
    [C:\WINDOWS\system32\IGFXEXPS.DLL]  [Intel Corporation, 6.14.10.4906]
[PID: 1612 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1868 / SYSTEM][C:\Program Files\CMBCHINA\WebProtect\WPService.exe]  [China Merchants Bank, 1, 0, 0, 1]
    [C:\Program Files\CMBCHINA\WebProtect\WebProtectPlus.dll]  [China Merchants Bank, 1, 0, 0, 1]
[PID: 2232 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 3100 / SYSTEM][C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe]  [Broadcom Corporation., 5.5.0.4400]
[PID: 3428 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[PID: 2908 / QinFei][D:\Program Files\Rising\AntiSpyware\knownsvr.exe]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.14]
    [D:\Program Files\Rising\AntiSpyware\NComm.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.11]
    [D:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [D:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [D:\Program Files\Rising\AntiSpyware\RegCall.dll]  [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6]
[PID: 2924 / QinFei][D:\Program Files\Maxthon2\Maxthon.exe]  [Maxthon International ltd., 2, 5, 9, 2246]
    [D:\Program Files\Maxthon2\MxProxy2.dll]  [Maxthon International ltd., 1, 0, 0, 4339]
    [D:\Program Files\Maxthon2\MxUI.dll]  [Maxthon International ltd., 3, 3, 1, 30]
    [D:\Program Files\Maxthon2\MxAccount.dll]  [Maxthon International ltd., 1, 0, 0, 27]
    [D:\Program Files\Maxthon2\MxHttpRq.dll]  [Maxthon International ltd., 1, 0, 0, 8]
    [D:\Program Files\Maxthon2\MxTool.dll]  [, 1, 0, 0, 3]
    [D:\Program Files\Maxthon2\maxzlib.dll]  [, 1.2.3]
    [D:\Program Files\Maxthon2\MxPp.dll]  [Maxthon International ltd., 1, 0, 0, 323]
    [D:\Program Files\Maxthon2\MxSk.dll]  [Maxthon, 1, 0, 0, 569]
    [D:\Program Files\Rising\AntiSpyware\RegCall.dll]  [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6]
    [D:\Program Files\Maxthon2\mxtool2.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll]  [Microsoft Corporation, 2.0.50727.3603 (GDR.050727-3600)]
    [C:\Program Files\ASUS\Eee Storage\XPClient.dll]  [Ecareme, 1.0.0.0]
    [D:\Program Files\Maxthon2\MxFav.dll]  [Maxthon International ltd., 2, 0, 0, 169]
    [C:\WINDOWS\system32\msi.dll]  [Microsoft Corporation, 4.5.6001.22159]
    [C:\WINDOWS\system32\Macromed\Flash\Flash10e.ocx]  [Adobe Systems, Inc., 10,0,45,2]
    [C:\Program Files\Elantech\ETDApix.dll]  [ELANTECH Devices Corp., 7, 0, 4, 4]
    [D:\Program Files\AliWangWang\AliIMX.dll]  [Alibaba software (Shanghai) Corporation., 1.0.0.1]
    [D:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll]  [深圳市迅雷网络技术有限公司, 5,9,20,1418]
    [D:\Program Files\Thunder\ComDlls\MSVCP71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [D:\Program Files\Thunder\ComDlls\MSVCR71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [D:\Program Files\Thunder\ComDlls\ATL71.DLL]  [Microsoft Corporation, 7.10.6101.0]
    [D:\Program Files\Thunder\ComDlls\zlib1.dll]  [, 1.2.3]
[PID: 3324 / QinFei][D:\Program Files\WinRAR\WinRAR.exe]  [, ]
    [D:\Program Files\Rising\AntiSpyware\RegCall.dll]  [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6]
    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll]  [Microsoft Corporation, 2.0.50727.3603 (GDR.050727-3600)]
    [C:\Program Files\ASUS\Eee Storage\XPClient.dll]  [Ecareme, 1.0.0.0]
    [C:\Program Files\Elantech\ETDApix.dll]  [ELANTECH Devices Corp., 7, 0, 4, 4]
[PID: 2304 / QinFei][C:\Documents and Settings\QinFei\桌面\sreng2\SREngLdr.EXE]  [Smallfrogs Studio, 2.8.2.1321]
[PID: 1296 / QinFei][C:\Documents and Settings\QinFei\桌面\sreng2\SREb3a20106.EXE]  [Smallfrogs Studio, 2.8.2.1321]
    [D:\Program Files\Rising\AntiSpyware\RegCall.dll]  [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6]
    [C:\Documents and Settings\QinFei\桌面\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
N/A

==================================
进程特权扫描
特殊特权被允许： SeLoadDriverPrivilege [PID = 1008, C:\PROGRAM FILES\EEEPC\ACPI\ASTRAY.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 148, C:\PROGRAM FILES\EEEPC\ACPI\ASACPISVR.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 3324, D:\PROGRAM FILES\WINRAR\WINRAR.EXE]

==================================
计划任务
N/A

==================================
Windows 安全更新检查
Microsoft .NET Framework 版本 1.1 简体中文语言包
KB829019,  Microsoft .NET Framework 2.0 语言包：x86 (KB829019)
KB892130,  Windows 正版增值验证工具 (KB892130)
KB940157,  用于 Windows XP 的 Windows 搜索 4.0 (KB940157)
KB928416,  Microsoft .NET Framework 3.0： x86 语言包 (KB928416)
KB909520,  Microsoft 基本智能卡加密服务提供程序包： x86 (KB909520)
KB951847,  Microsoft .NET Framework 3.5 Service Pack 1 (KB951847) x86 语言包
KB971513,  Windows XP 更新程序 (KB971513)
KB976569,  用于 Windows Server 2003 和 Windows XP x86 的 Microsoft .NET Framework 2.0 Service Pack 2 更新程序 (KB976569)
KB931125,  根证书更新程序 [2010 年 5 月] (KB931125)
KB982632,  用于 Windows XP 的 Internet Explorer 8 兼容性视图列表的更新程序 (KB982632)
KB890830,  Windows 恶意软件删除工具 - 2010 年 6 月 (KB890830)

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]

不能把最终的那个log直接发来么 已附件形式发送上来。

不好意思，鸡冻了

看一下这几个注册表项的权限：
[键]HKEY_CLASSES_ROOT\CLSID\{43C2FA26-30B3-4F7A-B5CB-FE64B7B5B657}\SHELL\OPEN\COMMAND
[值]@
[类型]REG_SZ
[内容]c:\program files\internet explorer\iexplore.exe http://www.6006.cc/?index


[键]HKEY_CLASSES_ROOT\CLSID\{8CE6AD74-9F68-49B1-9FB3-5772DC81F9CE}\SHELL\OPEN\COMMAND
[值]@
[类型]REG_SZ
[内容]c:\program files\internet explorer\iexplore.exe http://www.6006.cc/?index



[键]HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{43C2FA26-30B3-4F7A-B5CB-FE64B7B5B657}\SHELL\OPEN\COMMAND
[值]@
[类型]REG_SZ
[内容]c:\program files\internet explorer\iexplore.exe http://www.6006.cc/?index



[键]HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{8CE6AD74-9F68-49B1-9FB3-5772DC81F9CE}\SHELL\OPEN\COMMAND
[值]@
[类型]REG_SZ
[内容]c:\program files\internet explorer\iexplore.exe http://www.6006.cc/?index