电脑有时总弹出Adware:Win32/Rugo还删不掉，用瑞星杀过病毒，也没用，想问问有懂这方面的人帮帮我！！
就VISTA自带的 WINDOWS DEFENDER能查到
开机显示Adware:Win32/Rugo 危害计算机什么的

类别:
广告软件

描述:
这个程序具有可能不需要的行为。

建议:
立即删除这个软件。

执行删除后重起还有
安装卡卡上网安全助手然后扫描流行木马和流氓软件,根本查不出来!

用户系统信息：Mozilla/5.0 (Windows; U; Windows NT 6.0; zh-CN; rv:1.9.0.12) Gecko/2009070611 Firefox/3.0.12 (.NET CLR 3.5.30729) AutoPager/0.5.2.2 (http://www.teesoft.info/)

瑞星遍查杀没有病毒.SRENG2.6版工具查启动项有四项不正常.分别是:
AppInit_DLLs
WebCheck
WinlogonNotify:igfxcui
(8c7461EF-2B13-11d2-BE35-3078302c2030)

2009-07-28,12:51:11

System Repair Engineer 2.7.1.1261
Smallfrogs (http://www.KZTechs.com)

Windows Vista Home Basic Edition Service Pack 1 (Build 6001) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描
    计划任务
    API HOOK
    隐藏进程


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <Sidebar><C:\Program Files\Windows Sidebar\sidebar.exe /autoRun>  [(Verified)Microsoft Windows]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <Windows Defender><%ProgramFiles%\Windows Defender\MSASCui.exe -hide>  [(Verified)Microsoft Windows]
    <QkOnBtn><C:\PROGRA~1\QBU\QkOnBtn.EXE>  [Dritek System Inc.]
    <EnergyUtility><C:\Program Files\Lenovo\EnergyCut\utilty.exe>  [TODO: <Company name>]
    <EnergyCut><C:\Program Files\Lenovo\EnergyCut\EnergyCut.exe>  [联想（北京）有限公司]
    <RFWTray><"d:\Program Files\Rising\RFW\RsTray.exe" -system>  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <runeip><"d:\Program Files\Rising\AntiSpyware\rstray.exe" /startup>  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <RavTray><"d:\Program Files\Rising\Rav\RsTray.exe" -system>  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <IgfxTray><C:\Windows\system32\igfxtray.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <HotKeysCmds><C:\Windows\system32\hkcmd.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <Persistence><C:\Windows\system32\igfxpers.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <885b><rundll32 "C:\Windows\Downlo~1\885b.dll",Run>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows]
    <Userinit><C:\Windows\system32\Userinit.exe,>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><kmon.dll>  [(Verified)Beijing Rising Information Technology Corporation Limited]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <WebCheck><C:\Windows\System32\webcheck.dll>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    <WinlogonNotify: igfxcui><igfxdev.dll>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\Windows\system32\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><C:\Windows\system32\ie4uinit.exe -UserIconConfig>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
    <Browser Customizations><"C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Windows Mail 7><"%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Windows Desktop Update><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    <Internet Explorer><C:\Windows\system32\ie4uinit.exe -BaseSettings>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install>  [(Verified)Microsoft Windows]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\Windows\system32\logon.scr>  [(Verified)Microsoft Windows]

==================================
启动文件夹
[Adobe Reader Speed Launch]
  <C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk --> C:\PROGRA~1\Adobe\READER~1.0\Reader\READER~1.EXE [Adobe Systems Incorporated]><N>
[Adobe Reader Synchronizer]
  <C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk --> C:\PROGRA~1\Adobe\READER~1.0\Reader\ADOBEC~1.EXE []><N>
[Adobe Reader Speed Launch]
  <C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk --> C:\PROGRA~1\Adobe\READER~1.0\Reader\READER~1.EXE [Adobe Systems Incorporated]><N>
[Adobe Reader Synchronizer]
  <C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk --> C:\PROGRA~1\Adobe\READER~1.0\Reader\ADOBEC~1.EXE []><N>

==================================
服务
[Contrl Center of Storm Media / ccosm][Running/Auto Start]
  <d:\Program Files\StormII\stormliv.exe /asservice><北京暴风网际科技有限公司>
[cefmor / cefmor][Running/Auto Start]
  <C:\Windows\system32\ctc6.exe><Microsoft Corporation>
[Rav Process Communication Center / RavCCenter][Stopped/Auto Start]
  <d:\Program Files\Rising\Rav\CCENTER.EXE><Beijing Rising Information Technology Co., Ltd.>
[Rising RavTask Manager / RavTask][Running/Auto Start]
  <"d:\Program Files\Rising\Rav\RavTask.exe" RavTask><Beijing Rising Information Technology Co., Ltd.>
[Rfw Process Communication Center / RfwCCenter][Stopped/Auto Start]
  <d:\Program Files\Rising\RFW\CCENTER.EXE><Beijing Rising Information Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Stopped/Auto Start]
  <d:\Program Files\Rising\RFW\rfwsrv.exe><Beijing Rising Information Technology Co., Ltd.>
[Rising RfwTask Manager / RfwTask][Running/Auto Start]
  <"d:\Program Files\Rising\RFW\RavTask.exe" RfwTask><Beijing Rising Information Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
  <d:\Program Files\Rising\Rav\RavMonD.exe><Beijing Rising Information Technology Co., Ltd.>
[Rising Scan Service / RsScanSrv][Stopped/Auto Start]
  <d:\Program Files\Rising\Rav\ScanFrm.exe><Beijing Rising Information Technology Co., Ltd.>
[XAudioService / XAudioService][Running/Auto Start]
  <C:\Windows\system32\DRIVERS\xaudio.exe><Conexant Systems, Inc.>
==================================
驱动程序
[Lenovo Virtual Power Controller Driver / ACPIVPC][Running/Manual Start]
  <system32\DRIVERS\AcpiVpc.sys><Lenovo Corporation>
[adp94xx / adp94xx][Stopped/Disabled]
  <\SystemRoot\system32\drivers\adp94xx.sys><Adaptec, Inc.>
[adpahci / adpahci][Stopped/Disabled]
  <\SystemRoot\system32\drivers\adpahci.sys><Adaptec, Inc.>
[adpu160m / adpu160m][Stopped/Disabled]
  <\SystemRoot\system32\drivers\adpu160m.sys><Adaptec, Inc.>
[adpu320 / adpu320][Stopped/Disabled]
  <\SystemRoot\system32\drivers\adpu320.sys><Adaptec, Inc.>
[aic78xx / aic78xx][Stopped/Disabled]
  <\SystemRoot\system32\drivers\djsvs.sys><Adaptec, Inc.>
[aliide / aliide][Stopped/Disabled]
  <\SystemRoot\system32\drivers\aliide.sys><Acer Laboratories Inc.>
[arc / arc][Stopped/Disabled]
  <\SystemRoot\system32\drivers\arc.sys><Adaptec, Inc.>
[arcsas / arcsas][Stopped/Disabled]
  <\SystemRoot\system32\drivers\arcsas.sys><Adaptec, Inc.>
[Broadcom 440x 10/100 Integrated Controller XP Driver / bcm4sbxp][Running/Manual Start]
  <system32\DRIVERS\bcm4sbxp.sys><Broadcom Corporation>
[blbdrive / blbdrive][Stopped/Disabled]
  <\SystemRoot\system32\drivers\blbdrive.sys><N/A>
[Brother USB Mass-Storage Lower Filter Driver / BrFiltLo][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\brfiltlo.sys><Brother Industries, Ltd.>
[Brother USB Mass-Storage Upper Filter Driver / BrFiltUp][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\brfiltup.sys><Brother Industries, Ltd.>
[Brother MFC Serial Port Interface Driver (WDM) / Brserid][Stopped/Disabled]
  <\SystemRoot\system32\drivers\brserid.sys><Brother Industries Ltd.>
[Brother WDM Serial driver / BrSerWdm][Stopped/Disabled]
  <\SystemRoot\system32\drivers\brserwdm.sys><Brother Industries Ltd.>
[Brother MFC USB Fax Only Modem / BrUsbMdm][Stopped/Disabled]
  <\SystemRoot\system32\drivers\brusbmdm.sys><Brother Industries Ltd.>
[Brother MFC USB Serial WDM Driver / BrUsbSer][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\brusbser.sys><Brother Industries Ltd.>
[cmdide / cmdide][Stopped/Disabled]
  <\SystemRoot\system32\drivers\cmdide.sys><CMD Technology, Inc.>
[Conexant UAA Function Driver for High Definition Audio Service / CnxtHdAudService][Running/Manual Start]
  <system32\drivers\CHDRT32.sys><Conexant Systems Inc.>
[Dritek Keyboard Filter Driver / DKbFltr][Running/Manual Start]
  <system32\DRIVERS\DKbFltr.sys><Dritek System Inc.>
[Intel(R) PRO/1000 NDIS 6 Adapter Driver / E1G60][Stopped/Manual Start]
  <system32\DRIVERS\E1G60I32.sys><Intel Corporation>
[elxstor / elxstor][Stopped/Disabled]
  <\SystemRoot\system32\drivers\elxstor.sys><Emulex>
[Microsoft UAA Function Driver for High Definition Audio Service / HdAudAddService][Stopped/Manual Start]
  <system32\drivers\CHDART.sys><Conexant Systems Inc.>
[hookcont / hookcont][Running/System Start]
  <system32\drivers\HookCont.sys><Beijing Rising Information Technology Co., Ltd.>
[hooksys / hooksys][Running/System Start]
  <system32\drivers\HookSys.sys><Beijing Rising Information Technology Co., Ltd.>
[HpCISSs / HpCISSs][Stopped/Disabled]
  <\SystemRoot\system32\drivers\hpcisss.sys><Hewlett-Packard Company>
[HSFHWAZL / HSFHWAZL][Stopped/Manual Start]
  <system32\DRIVERS\VSTAZL3.SYS><Conexant Systems, Inc.>
[HSF_DPV / HSF_DPV][Running/Manual Start]
  <system32\DRIVERS\HSX_DPV.sys><Conexant Systems, Inc.>
[HSXHWAZL / HSXHWAZL][Running/Manual Start]
  <system32\DRIVERS\HSXHWAZL.sys><Conexant Systems, Inc.>
[ialm / ialm][Stopped/Manual Start]
  <system32\DRIVERS\igdkmd32.sys><Intel Corporation>
[Intel RAID Controller Vista / iaStorV][Stopped/Disabled]
  <\SystemRoot\system32\drivers\iastorv.sys><Intel Corporation>
[igfx / igfx][Running/Manual Start]
  <system32\DRIVERS\igdkmd32.sys><Intel Corporation>
[iirsp / iirsp][Stopped/Disabled]
  <\SystemRoot\system32\drivers\iirsp.sys><Intel Corp./ICP vortex GmbH>
[IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start]
  <system32\DRIVERS\ipinip.sys><N/A>
[ITEATAPI_Service_Install / iteatapi][Stopped/Disabled]
  <\SystemRoot\system32\drivers\iteatapi.sys><Integrated Technology Express, Inc.>
[ITERAID_Service_Install / iteraid][Stopped/Disabled]
  <\SystemRoot\system32\drivers\iteraid.sys><Integrated Technology Express, Inc.>
[LSI_FC / LSI_FC][Stopped/Disabled]
  <\SystemRoot\system32\drivers\lsi_fc.sys><LSI Logic>
[LSI_SAS / LSI_SAS][Stopped/Disabled]
  <\SystemRoot\system32\drivers\lsi_sas.sys><LSI Logic>
[LSI_SCSI / LSI_SCSI][Stopped/Disabled]
  <\SystemRoot\system32\drivers\lsi_scsi.sys><LSI Logic>
[mdmxsdk / mdmxsdk][Running/Auto Start]
  <system32\DRIVERS\mdmxsdk.sys><Conexant>
[megasas / megasas][Stopped/Disabled]
  <\SystemRoot\system32\drivers\megasas.sys><LSI Logic Corporation>
[Mraid35x / Mraid35x][Stopped/Disabled]
  <\SystemRoot\system32\drivers\mraid35x.sys><LSI Logic Corporation>
[Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit / NETw3v32][Stopped/Manual Start]
  <system32\DRIVERS\NETw3v32.sys><Intel? Corporation>
[Intel(R) Wireless WiFi Link 适配器驱动程序（适用于 Windows Vista 32 位） / NETw4v32][Running/Manual Start]
  <system32\DRIVERS\NETw4v32.sys><Intel Corporation>
[nfrd960 / nfrd960][Stopped/Disabled]
  <\SystemRoot\system32\drivers\nfrd960.sys><IBM Corporation>
[WinPcap Packet Driver (NPF) / NPF][Stopped/Manual Start]
  <system32\drivers\NPF.sys><CACE Technologies>
[N-trig HID Tablet Driver / ntrigdigi][Stopped/Disabled]
  <\SystemRoot\system32\drivers\ntrigdigi.sys><N-trig Innovative Technologies>
[nvraid / nvraid][Stopped/Disabled]
  <\SystemRoot\system32\drivers\nvraid.sys><NVIDIA Corporation>
[nvstor / nvstor][Stopped/Disabled]
  <\SystemRoot\system32\drivers\nvstor.sys><NVIDIA Corporation>
[IPX Traffic Filter Driver / NwlnkFlt][Stopped/Manual Start]
  <system32\DRIVERS\nwlnkflt.sys><N/A>
[IPX Traffic Forwarder Driver / NwlnkFwd][Stopped/Manual Start]
  <system32\DRIVERS\nwlnkfwd.sys><N/A>
[QLogic Fibre Channel Miniport Driver / ql2300][Stopped/Disabled]
  <\SystemRoot\system32\drivers\ql2300.sys><QLogic Corporation>
[QLogic iSCSI Miniport Driver / ql40xx][Stopped/Disabled]
  <\SystemRoot\system32\drivers\ql40xx.sys><QLogic Corporation>
[R300 / R300][Stopped/Manual Start]
  <system32\DRIVERS\atikmdag.sys><ATI Technologies Inc.>
[Rising RfwBase Driver / RfwBase9][Running/System Start]
  <system32\DRIVERS\rfwbase.sys><Beijing Rising Information Technology Co., Ltd.>
[rfwtdi / rfwtdi][Running/Auto Start]
  <\??\d:\Program Files\Rising\RFW\rfwtdi.sys><Beijing Rising Information Technology Co., Ltd.>
[rsfwdrv / rsfwdrv][Running/System Start]
  <\??\d:\Program Files\Rising\RFW\rsfwdrv.sys><Beijing Rising Information Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Information Technology Co., Ltd.>
[SiSRaid2 / SiSRaid2][Stopped/Disabled]
  <\SystemRoot\system32\drivers\sisraid2.sys><Silicon Integrated Systems Corp.>
[SiSRaid4 / SiSRaid4][Stopped/Disabled]
  <\SystemRoot\system32\drivers\sisraid4.sys><Silicon Integrated Systems>
[Symc8xx / Symc8xx][Stopped/Disabled]
  <\SystemRoot\system32\drivers\symc8xx.sys><LSI Logic>
[Sym_hi / Sym_hi][Stopped/Disabled]
  <\SystemRoot\system32\drivers\sym_hi.sys><LSI Logic>
[Sym_u3 / Sym_u3][Stopped/Disabled]
  <\SystemRoot\system32\drivers\sym_u3.sys><LSI Logic>
[tifm21 / tifm21][Running/Manual Start]
  <system32\drivers\tifm21.sys><Texas Instruments>
[Conexant Setup API / UIUSys][Stopped/Manual Start]
  <system32\DRIVERS\UIUSYS.SYS><N/A>
[uliahci / uliahci][Stopped/Disabled]
  <\SystemRoot\system32\drivers\uliahci.sys><ULi Electronics Inc.>
[UlSata / UlSata][Stopped/Disabled]
  <\SystemRoot\system32\drivers\ulsata.sys><Promise Technology, Inc.>
[ulsata2 / ulsata2][Stopped/Disabled]
  <\SystemRoot\system32\drivers\ulsata2.sys><Promise Technology, Inc.>
[viaide / viaide][Stopped/Disabled]
  <\SystemRoot\system32\drivers\viaide.sys><VIA Technologies, Inc.>
[vsmraid / vsmraid][Stopped/Disabled]
  <\SystemRoot\system32\drivers\vsmraid.sys><VIA Technologies Inc.,Ltd>
[winachsf / winachsf][Running/Manual Start]
  <system32\DRIVERS\HSX_CNXT.sys><Conexant Systems, Inc.>
[XAudio / XAudio][Running/Auto Start]
  <system32\DRIVERS\xaudio.sys><Conexant Systems, Inc.>
==================================
浏览器加载项
[Invoke Class]
  {0120341D-F60C-478f-BB75-49DBB496FDB0} <C:\Windows\system32\1cgc.dll, Microsoft Corporation>
[Adobe PDF Reader Link Helper]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated>
[卡卡上网安全助手]
  {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} <C:\Windows\system32\UrlFilter.dll, (Signed) Beijing Rising Information Technology Co., Ltd.>
[FlashGetBHO]
  {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} <C:\Users\许 坚\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll, (Signed) FlashGet>
[Windows Live Toolbar Helper]
  {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, (Signed) Microsoft Corporation>
[WanWanCom Class]
  {E7C5259E-52D0-459B-AA9D-41AD25E79AFD} <H:\131玩玩\wwcom.dll, N/A>
[Windows Live Toolbar]
  {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, (Signed) Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\Windows\system32\Macromed\Flash\Flash10b.ocx, (Signed) Adobe Systems, Inc.>
[Invoke Class]
  {0120341D-F60C-478F-BB75-49DBB496FDB0} <C:\Windows\system32\1cgc.dll, Microsoft Corporation>
[Adobe PDF Reader Link Helper]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated>
[IFlashGetNetscapeEx Class]
  {116BA71C-8187-4F15-9A1F-C9D6289155D1} <C:\Users\许 坚\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll, (Signed) FlashGet>
[VistaWUWebControl Class]
  {12A66224-5E8A-4679-8941-0B9B960BF5EA} <%SystemRoot%\system32\wuwebv.dll, (Signed) N/A>
[XML DOM Document]
  {2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[JetCarNetscape Class]
  {2974c985-8151-4de5-b23c-b875f0a8522f} <C:\Users\许 坚\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll, (Signed) FlashGet>
[]
  {55302805-482E-470E-8A57-6795A1487F90} <, >
[卡卡上网安全助手]
  {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} <C:\Windows\system32\UrlFilter.dll, (Signed) Beijing Rising Information Technology Co., Ltd.>
[FlashGetBHO]
  {B070D3E3-FEC0-47D9-8E8A-99D4EEB3D3B0} <C:\Users\许 坚\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll, (Signed) FlashGet>
[Windows Live Toolbar]
  {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, (Signed) Microsoft Corporation>
[Windows Live Toolbar Helper]
  {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, (Signed) Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\Windows\system32\Macromed\Flash\Flash10b.ocx, (Signed) Adobe Systems, Inc.>
[WanWanCom Class]
  {E7C5259E-52D0-459B-AA9D-41AD25E79AFD} <H:\131玩玩\wwcom.dll, N/A>
[XML HTTP Request]
  {ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[XML HTTP]
  {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[&Windows Live Search]
  <res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm, N/A>
[使用快车3下载]
  <C:\Users\许 坚\AppData\Roaming\FlashGetBHO\GetUrl.htm, N/A>
[使用快车3下载全部链接]
  <C:\Users\许 坚\AppData\Roaming\FlashGetBHO\GetAllUrl.htm, N/A>
[添加到QQ表情]
  <D:\Program Files\Tencent\QQ\Bin\AddEmotion.htm, N/A>
[用比特精灵下载(&B)]
  <D:\Program Files\BitSpirit\bsurl.htm, N/A>

==================================
正在运行的进程
[PID: 384 / SYSTEM][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[PID: 520 / SYSTEM][C:\Windows\system32\csrss.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 560 / SYSTEM][C:\Windows\system32\wininit.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 572 / SYSTEM][C:\Windows\system32\csrss.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 604 / SYSTEM][C:\Windows\system32\services.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 616 / SYSTEM][C:\Windows\system32\lsass.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 624 / SYSTEM][C:\Windows\system32\lsm.exe]  [(Verified) Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[PID: 708 / SYSTEM][C:\Windows\system32\winlogon.exe]  [(Verified) Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[PID: 820 / SYSTEM][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 880 / NETWORK SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 996 / SYSTEM][d:\Program Files\Rising\Rav\CCENTER.EXE]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [d:\Program Files\Rising\Rav\combase.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [d:\Program Files\Rising\Rav\cnt09.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 37]
    [d:\Program Files\Rising\Rav\cnt08.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7]
[PID: 1040 / SYSTEM][C:\Windows\System32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1056 / SYSTEM][d:\Program Files\Rising\RFW\CCENTER.EXE]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [d:\Program Files\Rising\RFW\combase.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [d:\Program Files\Rising\RFW\cnt09.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 37]
[PID: 1100 / LOCAL SERVICE][C:\Windows\System32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1132 / SYSTEM][C:\Windows\System32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1144 / SYSTEM][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1260 / SYSTEM][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1280 / NETWORK SERVICE][C:\Windows\system32\SLsvc.exe]  [(Verified) Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[PID: 1372 / LOCAL SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1512 / SYSTEM][d:\Program Files\Rising\Rav\RavTask.exe]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24]
    [d:\Program Files\Rising\Rav\proccomm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [C:\Windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Windows\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [d:\Program Files\Rising\Rav\rsconf.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [d:\Program Files\Rising\Rav\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
    [d:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.20]
    [d:\Program Files\Rising\Rav\rstask.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 40]
    [d:\Program Files\Rising\Rav\rsstub.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
[PID: 1528 / SYSTEM][d:\Program Files\Rising\RFW\RavTask.exe]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24]
    [d:\Program Files\Rising\RFW\proccomm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [C:\Windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Windows\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [d:\Program Files\Rising\RFW\rsconf.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [d:\Program Files\Rising\RFW\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
    [d:\Program Files\Rising\RFW\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.20]
    [d:\Program Files\Rising\RFW\rstask.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 40]
    [d:\Program Files\Rising\RFW\rsstub.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
[PID: 1584 / NETWORK SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1664 / SYSTEM][d:\Program Files\Rising\RFW\rfwsrv.exe]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
    [d:\Program Files\Rising\RFW\combase.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [C:\Windows\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [d:\Program Files\Rising\RFW\MonBase.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6]
    [d:\Program Files\Rising\RFW\MonComm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13]
    [d:\Program Files\Rising\RFW\rfwlog.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13]
    [d:\Program Files\Rising\RFW\rfwrule.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.25]
    [d:\Program Files\Rising\RFW\rfwsrv.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.89]
    [d:\Program Files\Rising\RFW\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [d:\Program Files\Rising\RFW\mPorts.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.0]
    [d:\Program Files\Rising\RFW\rfwdrvc.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.3]
    [d:\Program Files\Rising\RFW\Rfwdrv.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.5]
    [d:\Program Files\Rising\RFW\urlrule.dll]  [Beijing Rising Information Technology Co., Ltd., 1.0.0.18]
    [d:\Program Files\Rising\RFW\recomp.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [d:\Program Files\Rising\RFW\refs.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5]
    [d:\Program Files\Rising\RFW\viruslib.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5]
    [d:\Program Files\Rising\RFW\rsnetsvr.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14]
    [d:\Program Files\Rising\RFW\relibldr.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6]
    [d:\Program Files\Rising\RFW\rfwproxy.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.25]
    [d:\Program Files\Rising\RFW\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [d:\Program Files\Rising\RFW\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
    [d:\Program Files\Rising\RFW\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.20]
    [d:\Program Files\Rising\RFW\proccomm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [d:\Program Files\Rising\RFW\urllib.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1]
[PID: 1708 / SYSTEM][d:\Program Files\Rising\Rav\RavMonD.exe]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [d:\Program Files\Rising\Rav\combase.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [C:\Windows\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [d:\Program Files\Rising\Rav\moncomm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13]
    [d:\Program Files\Rising\Rav\MonBase.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6]
    [d:\Program Files\Rising\Rav\Rslog.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [d:\Program Files\Rising\Rav\mondrv.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9]
    [d:\Program Files\Rising\Rav\defmon.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 31]
    [d:\Program Files\Rising\Rav\moncom08.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1]
    [d:\Program Files\Rising\Rav\MonRule.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9]
    [d:\Program Files\Rising\Rav\FileMon.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28]
    [d:\Program Files\Rising\Rav\MailMon.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24]
    [d:\Program Files\Rising\Rav\HookWeb.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [d:\Program Files\Rising\Rav\proccomm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [d:\Program Files\Rising\Rav\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
    [d:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.20]
    [d:\Program Files\Rising\Rav\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [d:\Program Files\Rising\Rav\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [d:\Program Files\Rising\Rav\Hooksys.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 18]
    [d:\Program Files\Rising\Rav\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [d:\Program Files\Rising\Rav\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [d:\Program Files\Rising\Rav\HookCont.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 12]
    [d:\Program Files\Rising\Rav\rsnetsvr.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14]
    [d:\Program Files\Rising\Rav\BACore.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 22]
    [d:\Program Files\Rising\Rav\recomp.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [d:\Program Files\Rising\Rav\refs.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5]
    [d:\Program Files\Rising\Rav\RSStore.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13]
    [d:\Program Files\Rising\Rav\ScanAdd.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.19]
    [d:\Program Files\Rising\Rav\Scanner.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.39]
    [d:\Program Files\Rising\Rav\viruslib.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5]
    [d:\Program Files\Rising\Rav\relibldr.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6]
    [d:\Program Files\Rising\Rav\extfile.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 15]
    [d:\Program Files\Rising\Rav\ffr.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [d:\Program Files\Rising\Rav\nvfile.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [d:\Program Files\Rising\Rav\scanexec.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6]
    [d:\Program Files\Rising\Rav\unexe.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [d:\Program Files\Rising\Rav\scanex.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 54]
    [d:\Program Files\Rising\Rav\pearc.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [d:\Program Files\Rising\Rav\scanpe.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14]
    [d:\Program Files\Rising\Rav\ur000.dat]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13]
    [d:\Program Files\Rising\Rav\urutils.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [d:\Program Files\Rising\Rav\methodex.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [d:\Program Files\Rising\Rav\pecompd.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1]
    [d:\Program Files\Rising\Rav\heurex.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [d:\Program Files\Rising\Rav\revm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 8]
    [d:\Program Files\Rising\Rav\extmail.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5]
    [d:\Program Files\Rising\Rav\ur001.dat]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7]
    [d:\Program Files\Rising\Rav\ur025.dat]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1]
    [d:\Program Files\Rising\Rav\scansct.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
[PID: 1784 / SYSTEM][d:\Program Files\Rising\Rav\RsStub.exe]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [d:\Program Files\Rising\Rav\ProcComm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [C:\Windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Windows\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
[PID: 1912 / SYSTEM][C:\Windows\System32\spoolsv.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1936 / LOCAL SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1992 / SYSTEM][d:\Program Files\Rising\RFW\RsStub.exe]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [d:\Program Files\Rising\RFW\ProcComm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [C:\Windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Windows\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
[PID: 408 / SYSTEM][d:\Program Files\Rising\Rav\rsnetsvr.exe]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 15]
    [d:\Program Files\Rising\Rav\NComm.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.12]
    [d:\Program Files\Rising\Rav\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [d:\Program Files\Rising\Rav\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [d:\Program Files\Rising\Rav\ProcComm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [C:\Windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Windows\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
[PID: 1748 / SYSTEM][d:\Program Files\StormII\stormliv.exe]  [北京暴风网际科技有限公司, 3, 9, 5, 15]
    [d:\Program Files\StormII\MSVCP60.dll]  [Microsoft Corporation, 6.02.3104.0]
    [d:\Program Files\StormII\bfoptdll.dll]  [北京暴风网际科技有限公司, 3, 8, 7, 16]
    [d:\Program Files\StormII\box\BoxLog.dll]  [北京暴风网际科技有限公司, 3, 9, 6, 27]
[PID: 1988 / SYSTEM][C:\Windows\system32\taskeng.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1648 / SYSTEM][C:\Windows\system32\ctc6.exe]  [Microsoft Corporation, 5, 1, 2600, 1]
[PID: 1492 / NETWORK SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 2180 / SYSTEM][d:\Program Files\Rising\Rav\ScanFrm.exe]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.12]
    [C:\Windows\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [d:\Program Files\Rising\Rav\combase.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [d:\Program Files\Rising\Rav\moncomm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13]
    [d:\Program Files\Rising\Rav\scansrvp.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.13]
    [d:\Program Files\Rising\Rav\proccomm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [d:\Program Files\Rising\Rav\ScanSrv.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.10]
    [d:\Program Files\Rising\Rav\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [d:\Program Files\Rising\Rav\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
[PID: 2192 / LOCAL SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 2272 / SYSTEM][C:\Windows\System32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 2372 / SYSTEM][C:\Windows\system32\SearchIndexer.exe]  [(Verified) Microsoft Corporation, 7.0.6001.16503 (longhorn(wmbla).080526-2159)]
[PID: 2404 / SYSTEM][C:\Windows\system32\DRIVERS\xaudio.exe]  [Conexant Systems, Inc., 1.00.00]
[PID: 2656 / SYSTEM][C:\Windows\system32\rundll32.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [C:\Windows\system32\b5a3.dll]  [Microsoft Corporation, 6, 0, 8169, 0]
[PID: 3640 / 许 坚][C:\Windows\system32\taskeng.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [C:\Windows\system32\igfxTMM.dll]  [Intel Corporation, 7.14.10.1437]
    [C:\Windows\system32\igfxdev.dll]  [Intel Corporation, 7.14.10.1437]
[PID: 3848 / 许 坚][C:\Windows\system32\Dwm.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [C:\Windows\system32\igdumd32.dll]  [Intel Corporation, 7.14.10.1437]
    [C:\Windows\system32\1cgc.dll]  [Microsoft Corporation, 5, 0, 0, 0]
[PID: 2916 / 许 坚][C:\Windows\Explorer.EXE]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [C:\Windows\Downlo~1\885b.dll]  [Microsoft Corporation, 6, 0, 2900, 3000]
    [C:\Windows\system32\RavExt.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
    [D:\PROGRA~1\Wopti\WOPTIE~1.DLL]  [共软网络, 1.0.8.103]
    [C:\Windows\system32\1cgc.dll]  [Microsoft Corporation, 5, 0, 0, 0]
    [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 8.0.0.2006102200]
[PID: 3864 / 许 坚][C:\Program Files\Windows Defender\MSASCui.exe]  [Microsoft Corporation, 1.1.1600.0]
[PID: 2164 / 许 坚][C:\Program Files\QBU\QkOnBtn.EXE]  [Dritek System Inc., 1, 0, 0, 421]
    [C:\Program Files\QBU\ComFnUtl.dll]  [Dritek System Inc., 1, 0, 0, 711]
    [C:\Program Files\QBU\Wnd2File.dll]  [Dritek System Inc., 3.00]
    [C:\Program Files\QBU\SzUPFUtl.dll]  [Dritek System Inc., 1.00]
    [C:\Program Files\QBU\OSDUtl.dll]  [Dritek System Inc., 1, 0, 3, 309]
    [C:\Program Files\QBU\RgnMaker.dll]  [Dritek System Inc., 12.07.1999 ( VC60 )]
    [C:\Program Files\QBU\CDRomUtl.dll]  [Dritek System Inc., 1.00]
    [C:\Program Files\QBU\MixerUtl.dll]  [Dritek System Inc., 1.00]
    [C:\Program Files\QBU\LgKCUtl.dll]  [Dritek System Inc., 2, 0, 2, 1007]
    [C:\Program Files\QBU\MMDUtl.DLL]  [Dritek System Inc., 1, 2, 8, 608]
    [C:\Windows\system32\igfxexps.dll]  [Intel Corporation, 7.14.10.1437]
    [C:\Program Files\QBU\VistaVol.DLL]  [Dritek System Inc., 1, 0, 0, 306]
[PID: 4048 / 许 坚][C:\Program Files\Lenovo\EnergyCut\utilty.exe]  [TODO: <Company name>, 1, 1, 1, 2]
    [C:\Program Files\Lenovo\EnergyCut\kbdhook.dll]  [N/A, ]
[PID: 2772 / 许 坚][C:\Program Files\Lenovo\EnergyCut\EnergyCut.exe]  [联想（北京）有限公司, 1, 1, 0, 8]

ib.dll]  [N/A, ]
[PID: 1004 / 许 坚][D:\Program Files\Rising\Rfw\RsTray.exe]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.22]
    [D:\Program Files\Rising\Rfw\ComServ.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.49]
    [C:\Windows\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [D:\Program Files\Rising\Rfw\rslang.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28]
    [D:\Program Files\Rising\Rfw\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [D:\Program Files\Rising\Rfw\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [D:\Program Files\Rising\Rfw\rsxml.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [D:\Program Files\Rising\Rfw\ProcComm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [D:\Program Files\Rising\Rfw\MonState.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7]
    [D:\Program Files\Rising\Rfw\rfwrule.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.25]
    [D:\Program Files\Rising\Rfw\rsconf.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [D:\Program Files\Rising\Rfw\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
    [D:\Program Files\Rising\Rfw\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.20]
    [D:\Program Files\Rising\Rfw\rspalvd.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.26]
    [D:\Program Files\Rising\Rfw\rsguilib.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 75]
    [C:\Windows\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Windows\system32\MFC71CHS.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [D:\Program Files\Rising\Rfw\ravbintl.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 29]
    [D:\Program Files\Rising\Rfw\rsnetsvr.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14]
    [D:\Program Files\Rising\Rfw\rsmginfo.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [D:\Program Files\Rising\Rfw\rfwtray.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 1, 12]
    [D:\Program Files\Rising\Rfw\PngDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [D:\Program Files\Rising\Rfw\rfwlog.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13]
[PID: 2392 / 许 坚][D:\Program Files\Rising\AntiSpyware\RSTray.exe]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.17]
    [D:\Program Files\Rising\AntiSpyware\rsmginfo.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [D:\Program Files\Rising\AntiSpyware\RsXML.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2]
    [D:\Program Files\Rising\AntiSpyware\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [D:\Program Files\Rising\AntiSpyware\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [D:\Program Files\Rising\AntiSpyware\ComServ.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.31]
    [D:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [D:\Program Files\Rising\AntiSpyware\rscommon.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.1.1]
    [D:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [D:\Program Files\Rising\AntiSpyware\pngdll.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5]
    [D:\Program Files\Rising\AntiSpyware\runiep.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.43]
    [D:\Program Files\Rising\AntiSpyware\NComm.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.11]
    [d:\Program Files\Rising\Rav\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [D:\Program Files\Rising\AntiSpyware\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
[PID: 1392 / 许 坚][D:\Program Files\Rising\Rav\RsTray.exe]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.22]
    [D:\Program Files\Rising\Rav\ComServ.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.49]
    [C:\Windows\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [D:\Program Files\Rising\Rav\rslang.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28]
    [D:\Program Files\Rising\Rav\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [D:\Program Files\Rising\Rav\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [D:\Program Files\Rising\Rav\rsxml.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [D:\Program Files\Rising\Rav\ProcComm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [D:\Program Files\Rising\Rav\MonState.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7]
    [D:\Program Files\Rising\Rav\ScanEvnt.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.14]
    [D:\Program Files\Rising\Rav\rsguilib.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 75]
    [C:\Windows\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Windows\system32\MFC71CHS.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [D:\Program Files\Rising\Rav\rsconf.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [D:\Program Files\Rising\Rav\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
    [D:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.20]
    [D:\Program Files\Rising\Rav\rspalvd.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.26]
    [D:\Program Files\Rising\Rav\ravbintl.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 29]
    [D:\Program Files\Rising\Rav\mruleui.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10]
    [D:\Program Files\Rising\Rav\MonTray.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.1.4]
    [D:\Program Files\Rising\Rav\PngDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [D:\Program Files\Rising\Rav\RavITray.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23]
    [D:\Program Files\Rising\Rav\ScanPrxy.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.17]
    [D:\Program Files\Rising\Rav\rsmginfo.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
[PID: 3972 / 许 坚][C:\Windows\System32\hkcmd.exe]  [Intel Corporation, 7.14.10.1437]
    [C:\Windows\System32\hccutils.DLL]  [Intel Corporation, 7.14.10.1437]
    [C:\Windows\system32\igfxsrvc.dll]  [Intel Corporation, 7.14.10.1437]
    [C:\Windows\system32\igfxrCHS.lrc]  [Intel Corporation, 7.14.10.1437]
[PID: 2768 / 许 坚][C:\Windows\System32\igfxpers.exe]  [Intel Corporation, 7.14.10.1437]
    [C:\Windows\system32\igfxsrvc.dll]  [Intel Corporation, 7.14.10.1437]
[PID: 3952 / 许 坚][C:\Program Files\Windows Sidebar\sidebar.exe]  [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
    [d:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.76]
    [C:\Windows\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Windows\system32\icm32.dll]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [C:\Windows\system32\1cgc.dll]  [Microsoft Corporation, 5, 0, 0, 0]
[PID: 3844 / 许 坚][C:\Windows\system32\igfxsrvc.exe]  [Intel Corporation, 7.14.10.1437]
    [C:\Windows\system32\igfxsrvc.dll]  [Intel Corporation, 7.14.10.1437]
    [C:\Windows\system32\igfxdev.dll]  [Intel Corporation, 7.14.10.1437]
[PID: 3328 / 许 坚][C:\Program Files\Windows Sidebar\sidebar.exe]  [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
    [d:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.76]
    [C:\Windows\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Windows\system32\1cgc.dll]  [Microsoft Corporation, 5, 0, 0, 0]
[PID: 2900 / 许 坚][D:\Program Files\Mozilla Firefox\firefox.exe]  [Mozilla Corporation, 1.9.0.12]
    [D:\Program Files\Mozilla Firefox\xul.dll]  [Mozilla Foundation, 1.9.0.12]
    [D:\Program Files\Mozilla Firefox\sqlite3.dll]  [sqlite.org, 3.6.10]
    [D:\Program Files\Mozilla Firefox\MOZCRT19.dll]  [Mozilla Foundation, 8.00.0000]
    [D:\Program Files\Mozilla Firefox\js3250.dll]  [Netscape Communications Corporation, 4.0]
    [D:\Program Files\Mozilla Firefox\nspr4.dll]  [Mozilla Foundation, 4.7.5]
    [D:\Program Files\Mozilla Firefox\smime3.dll]  [Mozilla Foundation, 3.12.2.0 Basic ECC]
    [D:\Program Files\Mozilla Firefox\nss3.dll]  [Mozilla Foundation, 3.12.2.0 Basic ECC]
    [D:\Program Files\Mozilla Firefox\nssutil3.dll]  [Mozilla Foundation, 3.12.2.0 Basic ECC]
    [D:\Program Files\Mozilla Firefox\plc4.dll]  [Mozilla Foundation, 4.7.5]
    [D:\Program Files\Mozilla Firefox\plds4.dll]  [Mozilla Foundation, 4.7.5]
    [D:\Program Files\Mozilla Firefox\ssl3.dll]  [Mozilla Foundation, 3.12.2.0 Basic ECC]
    [D:\Program Files\Mozilla Firefox\xpcom.dll]  [Mozilla Foundation, 1.9.0.12]
    [D:\Program Files\Mozilla Firefox\components\browserdirprovider.dll]  [Mozilla Foundation, 1.9.0.12]
    [D:\Program Files\Mozilla Firefox\components\brwsrcmp.dll]  [Mozilla Foundation, 1.9.0.12]
    [D:\Program Files\Mozilla Firefox\softokn3.dll]  [Mozilla Foundation, 3.12.2.0 Basic ECC]
    [D:\Program Files\Mozilla Firefox\nssdbm3.dll]  [Mozilla Foundation, 3.12.2.0 Basic ECC]
    [D:\Program Files\Mozilla Firefox\freebl3.dll]  [Mozilla Foundation, 3.12.2.0 Basic ECC]
    [D:\Program Files\Mozilla Firefox\nssckbi.dll]  [Mozilla Foundation, 1.75]
    [C:\Users\许 坚\AppData\Roaming\Mozilla\Firefox\Profiles\zxr4gcwm.default\extensions\fontsetter@mozillaonline.com\components\ClearTypeTuner.dll]  [N/A, ]
    [C:\Windows\system32\RavExt.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
    [D:\PROGRA~1\Wopti\WOPTIE~1.DLL]  [共软网络, 1.0.8.103]
    [C:\Users\许 坚\AppData\Roaming\Mozilla\Firefox\Profiles\zxr4gcwm.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}\components\FlashgetXpi.dll]  [flashget, 1, 0, 0, 1000]
    [C:\Users\许 坚\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll]  [FlashGet, 2, 5, 0, 1038]
    [C:\Windows\system32\1cgc.dll]  [Microsoft Corporation, 5, 0, 0, 0]
[PID: 852 / 许 坚][C:\Windows\system32\igfxext.exe]  [Intel Corporation, 7.14.10.1437]
    [C:\Windows\system32\igfxsrvc.dll]  [Intel Corporation, 7.14.10.1437]
    [C:\Windows\system32\igfxexps.dll]  [Intel Corporation, 7.14.10.1437]
[PID: 2364 / 许 坚][D:\Program Files\Rising\AntiSpyware\knownsvr.exe]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.14]
    [D:\Program Files\Rising\AntiSpyware\NComm.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.11]
    [D:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [D:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
[PID: 3216 / 许 坚][C:\Users\许坚~1\AppData\Local\Temp\Rar$EX07.490\sr-engldr.EXE]  [Smallfrogs Studio, 2.7.1.1261]
[PID: 1944 / 许 坚][C:\Users\许坚~1\AppData\Local\Temp\Rar$EX07.490\SREf72aee15.EXE]  [Smallfrogs Studio, 2.7.1.1261]
    [C:\Users\许坚~1\AppData\Local\Temp\Rar$EX07.490\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["%SystemRoot%\hh.exe" %1]
.HLP  OK. [%SystemRoot%\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. ["%SystemRoot%\System32\WScript.exe" "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost
::1            localhost

==================================
进程特权扫描
N/A

==================================
计划任务
[已启用] \\885b
        rundll32 C:\Windows\Downlo~1\885b.dll,Run
[已启用] \\RunAsStdUser Task23055
        D:\Program Files\Rising\Rav\rstray.exe C:\Windows\Downlo~1\885b.dll,Run
[已启用] \\{69DD6C3D-10EF-48A2-81A4-320E1CD93BE7}
        C:\Windows\system32\pcalua.exe -a "D:\Program Files\p2pover\p2pover.exe" -d "D:\Program Files\p2pover"
[已启用] \\查看 Windows Live Toolbar 更新
        C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE -a "D:\Program Files\p2pover\p2pover.exe" -d "D:\Program Files\p2pover"
[已禁用] \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)
        N/A
[已启用] \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)
        N/A
[已启用] \Microsoft\Windows\Bluetooth\UninstallDeviceTask
        BthUdTask.exe $(Arg0)
[已启用] \Microsoft\Windows\CertificateServicesClient\SystemTask
        N/A
[已启用] \Microsoft\Windows\CertificateServicesClient\UserTask
        N/A
[已启用] \Microsoft\Windows\CertificateServicesClient\UserTask-Roam
        N/A
[已启用] \Microsoft\Windows\Customer Experience Improvement Program\Consolidator
        %SystemRoot%\System32\wsqmcons.exe
[已启用] \Microsoft\Windows\Customer Experience Improvement Program\OptinNotification
        %SystemRoot%\System32\wsqmcons.exe -n 0x1C577FA2B69CAD0
[已启用] \Microsoft\Windows\Defrag\ScheduledDefrag
        %windir%\system32\defrag.exe -c -i
[已启用] \Microsoft\Windows\MobilePC\HotStart
        N/A
[已启用] \Microsoft\Windows\MobilePC\TMM
        N/A
[已启用] \Microsoft\Windows\MUI\LPRemove
        %windir%\system32\lpremove.exe
[已启用] \Microsoft\Windows\Multimedia\SystemSoundsService
        N/A
[已启用] \Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
        N/A
[已启用] \Microsoft\Windows\Shell\CrawlStartPages
        N/A
[已启用] \Microsoft\Windows\SystemRestore\SR
        %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
[已启用] \Microsoft\Windows\Tcpip\IpAddressConflict1
        rundll32 ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
[已启用] \Microsoft\Windows\Tcpip\IpAddressConflict2
        rundll32 ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
[已启用] \Microsoft\Windows\UPnP\UPnPHostConfig
        sc.exe config upnphost start= auto
[已启用] \Microsoft\Windows\Windows Error Reporting\QueueReporting
        %windir%\system32\wermgr.exe -queuereporting
[已启用] \Microsoft\Windows\Wired\GatherWiredInfo
        %windir%\system32\gatherWiredInfo.vbs
[已启用] \Microsoft\Windows\Wireless\GatherWirelessInfo
        %windir%\system32\gatherWirelessInfo.vbs

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]

日志

adware.win32/rugo怎么杀?急!!!                                                                                                                                        电脑有时总弹出Adware:Win32/Rugo还删不掉，用瑞星杀过病毒，也没用，想问问有懂这方面的人帮帮我！！
就VISTA自带的 WINDOWS DEFENDER能查到
开机显示Adware:Win32/Rugo 危害计算机什么的

类别:
广告软件

描述:
这个程序具有可能不需要的行为。

建议:
立即删除这个软件。

执行删除后重起还有，
安装卡卡上网安全助手然后扫描流行木马和流氓软件,根本查不出来!
感觉瑞星好无用！！！

期待高手！！！
后附日志。

用户系统信息：Mozilla/5.0 (Windows; U; Windows NT 6.0; zh-CN; rv:1.9.0.12) Gecko/2009070611 Firefox/3.0.12 (.NET CLR 3.5.30729) AutoPager/0.5.2.2 (http://www.teesoft.info/)