大家好,我的瑞星杀毒软件被莫名奇妙删除.
怎么办了
扫描的日志:
[CODE]

2010-10-28,11:37:35

System Repair Engineer 2.8.2.1321
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描
    计划任务
    API HOOK
    隐藏进程


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <RFWTray><"C:\Program Files\Rising\Rfw\RsTray.exe" -system>  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <KSafeTray><"D:\pp\KSafe\KSafeTray.exe" -autorun>  [(Verified)Kingsoft Security Co.,Ltd]
    <wdcertm_ccb><C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDCertM_CCB.exe>  [ Beijing WatchData System Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <WebCheck><C:\WINDOWS\system32\webcheck.dll>  [(Verified)Microsoft Windows Component Publisher]
    <SysTray><C:\WINDOWS\system32\stobject.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    <WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    <WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    <WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    <WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    <WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    <WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    <WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    <WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    <WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
    <IE7 Uninstall Stub><C:\WINDOWS\system32\ieudinit.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
    <Browser Customizations><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
    <浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    <Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -BaseSettings>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\system32\logon.scr>  [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <aliim><; C:\Program Files\AliWangWang\aliim.exe>  [File is missing]
    <ctfmon.exe><; C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <Hcontrol><; C:\WINDOWS\ATK0100\Hcontrol.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <HKSERV.EXE><; C:\Program Files\Sony\HotKey Utility\HKserv.exe>  [Sony Corporation]
    <iTunesHelper><; "C:\Program Files\iTunes\iTunesHelper.exe">  [(Verified)Apple Inc.]
    <KernelFaultCheck><; %systemroot%\system32\dumprep 0 -k>  [File is missing]
    <KSafeTray><; "D:\pp\KSafe\KSafeTray.exe" -autorun>  [(Verified)Kingsoft Security Co.,Ltd]
    <PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <PPS Accelerator><; C:\Program Files\PPStream\ppsap.exe>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <QQDoctorRTP><; "C:\Program Files\Tencent\QQDoctor\QQDoctorRTP.exe" /regrun>  [File is missing]
    <QuickTime Task><; "D:\Program Files\QuickTime\qttask.exe" -atboottime>  [Apple Inc.]
    <SoundMan><; SOUNDMAN.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <TkBellExe><; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot>  [File is missing]
    <wdcertm_ccb><; C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDCertM_CCB.exe>  [ Beijing WatchData System Co., Ltd.]
    <ZTsoft><; C:\Program Files\涨停板敢死队证券研究所\涨停板敢死队股票软件\ZTsoft.exe>  [File is missing]

用户系统信息：cloundw (compatible; MSIE 7.0; Windows NT 5.1; Maxthon; Cloundw; “.NET CLR 1.1.4322”; .NET CLR 1.1.4322; .NET CLR 2.0.50727)

==================================
启动文件夹
N/A

==================================
服务
[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[Adobe Version Cue CS3 {zh_CN}  / Adobe Version Cue CS3][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe" -win32service><Adobe Systems Incorporated>
[Apple Mobile Device / Apple Mobile Device][Running/Auto Start]
  <"C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"><Apple Inc.>
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
  <C:\WINDOWS\system32\Ati2evxx.exe><>
[Bonjour 服务 / Bonjour Service][Running/Auto Start]
  <"C:\Program Files\Bonjour\mDNSResponder.exe"><Apple Inc.>
[CCProxy / CCProxy][Stopped/Disabled]
  <><(File is missing)>
[EvtEng / EvtEng][Stopped/Manual Start]
  <C:\Program Files\Intel\Wireless\Bin\EvtEng.exe><Intel Corporation>
[FLEXnet Licensing Service / FLEXnet Licensing Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"><Macrovision Europe Ltd.>
[Google 更新服务 (gupdate) / gupdate][Stopped/Manual Start]
  <"C:\Program Files\Google\Update\GoogleUpdate.exe" /svc><Google Inc.>
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
  <"C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe"><Macrovision Corporation>
[iPod 服务 / iPod Service][Stopped/Manual Start]
  <"C:\Program Files\iPod\bin\iPodService.exe"><Apple Inc.>
[KSafe service / KSafeSvc][Running/Auto Start]
  <"D:\pp\KSafe\KSafeSvc.exe" -svc><Kingsoft Corporation.>
[Macromedia Licensing Service / Macromedia Licensing Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe"><>
[PACSPTISVR / PACSPTISVR][Stopped/Manual Start]
  <C:\Program Files\Common Files\Sony Shared\AVLib\Pacsptisvr.exe><>
[Private Folder Service / prfldsvc][Stopped/Manual Start]
  <C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe><N/A>
[ProtexisLicensing / ProtexisLicensing][Stopped/Manual Start]
  <C:\WINDOWS\system32\PSIService.exe><>
[Rsd Service / RsMgrSvc][Running/Auto Start]
  <"C:\Program Files\Rising\RSD\RsMgrSvc.exe"><Beijing Rising Information Technology Co., Ltd.>
[Rav Service / RsRavMon][Stopped/Auto Start]
  <"C:\Program Files\Rising\Rav\RavMonD.exe"><Beijing Rising Information Technology Co., Ltd.>
[RFW Service / RsRFWMon][Running/Auto Start]
  <"C:\Program Files\Rising\Rfw\RavMonD.exe"><Beijing Rising Information Technology Co., Ltd.>
[Spectrum24 Event Monitor / S24EventMonitor][Stopped/Manual Start]
  <C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe><Intel Corporation>
[Sony SPTI Service / SPTISRV][Stopped/Manual Start]
  <C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe><Sony Corporation>
[WatchData ccb V3.2 / WDMonitorCCB][Running/Auto Start]
  <C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDKeyMonitorCCB.exe><Beijing WatchData System Co., Ltd.>
[Windows Live Setup Service / WLSetupSvc][Stopped/Manual Start]
  <"C:\Program Files\Windows Live\installer\WLSetupSvc.exe"><>
[WMDM PMSP Service / WMDM PMSP Service][Running/Auto Start]
  <C:\WINDOWS\system32\MsPMSPSv.exe><Microsoft Corporation>
[Kingsoft Rescue Service / Kingsoft Rescue Service][Running/Auto Start]
  <D:\KSM\ksmsvc.exe><>

==================================
驱动程序
[AEGIS Protocol (IEEE 802.1x) v3.1.0.1 / AegisP][Running/Auto Start]
  <system32\DRIVERS\AegisP.sys><Meetinghouse Data Communications>
[Service for WDM 3D Audio Driver / ALCXSENS][Stopped/Manual Start]
  <system32\drivers\ALCXSENS.SYS><Sensaura>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[ati2mtag / ati2mtag][Running/Manual Start]
  <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[BC / BC][Running/Boot Start]
  <\SystemRoot\system32\Drivers\BC.sys><Kingsoft Corporation>
[bootsafe / bootsafe][Running/Boot Start]
  <\SystemRoot\system32\Drivers\bootsafe.sys><Kinsoft>
[C-Media USB Audio Interface / cmuda2][Stopped/Manual Start]
  <system32\drivers\cmuda2.sys><N/A>
[ComputerZ / ComputerZ][Stopped/Manual Start]
  <\??\C:\Program Files\LuDaShi\ComputerZ.sys><N/A>
[Sony DMI Call service / DMICall][Running/System Start]
  <system32\DRIVERS\DMICall.sys><Sony Corporation>
[Intel(R) PRO/1000 Adapter Driver / E1000][Running/Manual Start]
  <system32\DRIVERS\e1000325.sys><Intel Corporation>
[Intel(R) PRO Adapter Driver / E100B][Stopped/Manual Start]
  <system32\DRIVERS\e100b325.sys><Intel Corporation>
[USB Serial Converter Driver / FTDIBUS][Stopped/Manual Start]
  <system32\drivers\ftdibus.sys><FTDI Ltd.>
[USB Serial Port Driver / FTSER2K][Stopped/Manual Start]
  <system32\drivers\ftser2k.sys><FTDI Ltd.>
[GMSIPCI / GMSIPCI][Stopped/Manual Start]
  <\??\E:\INSTALL\GMSIPCI.SYS><N/A>
[USB-HID -> COM Driver Service / HidCom][Stopped/Auto Start]
  <system32\DRIVERS\HidCom.sys><Cypress Semiconductor>
[HOOKAPI / HOOKAPI][Stopped/Manual Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\HOOKAPI.SYS><N/A>
[hookcont / hookcont][Running/System Start]
  <system32\drivers\HookCont.sys><Beijing Rising Information Technology Co., Ltd.>
[hooksys / hooksys][Running/System Start]
  <system32\drivers\HookSys.sys><Beijing Rising Information Technology Co., Ltd.>
[HSFHWICH / HSFHWICH][Running/Manual Start]
  <system32\DRIVERS\HSFHWICH.sys><Conexant Systems, Inc.>
[HSF_DP / HSF_DP][Running/Manual Start]
  <system32\DRIVERS\HSF_DP.sys><Conexant Systems, Inc.>
[krpr / krpr][Stopped/Disabled]
  <\??\C:\WINDOWS\system32\Drivers\krpr.sys><Kingsoft Corporation>
[mdmxsdk / mdmxsdk][Running/Auto Start]
  <system32\DRIVERS\mdmxsdk.sys><Conexant>
[MSICPL / MSICPL][Stopped/Manual Start]
  <\??\E:\install4\MSICPL.sys><N/A>
[ATK0100 ACPI UTILITY / MTsensor][Running/Manual Start]
  <system32\DRIVERS\ATKACPI.sys><>
[New0 / New0][Stopped/Auto Start]
  <\??\C:\WINDOWS\system32\new.sys><N/A>
[WinPcap Packet Driver (NPF) / NPF][Stopped/Manual Start]
  <system32\drivers\NPF.sys><CACE Technologies, Inc.>
[npkcrypt / npkcrypt][Stopped/Auto Start]
  <\??\D:\Program Files\Tencent\qq\npkcrypt.sys><N/A>
[NTACCESS / NTACCESS][Stopped/Manual Start]
  <\??\E:\NTACCESS.sys><N/A>
[oreans32 / oreans32][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\oreans32.sys><N/A>
[Padus ASPI Shell / pfc][Running/Manual Start]
  <system32\drivers\pfc.sys><Padus, Inc.>
[Microsoft IntelliPoint Filter Driver / Point32][Stopped/Manual Start]
  <system32\DRIVERS\point32.sys><Microsoft Corporation>
[Prvflder / Prvflder][Running/Auto Start]
  <system32\DRIVERS\prvflder.sys><Windows (R) 2000 DDK provider>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Razerlow USB Filter Driver / Razerlow][Stopped/Manual Start]
  <System32\Drivers\Razerlow.sys><Razer (Asia-Pacific) Pte Ltd>
[Rising RfwARP Driver / RFWARP][Running/Auto Start]
  <system32\DRIVERS\rfwarp.sys><Beijing Rising Information Technology Co., Ltd.>
[Rising RfwBase Driver / RfwBase9][Running/Manual Start]
  <system32\DRIVERS\rfwbase.sys><Beijing Rising Information Technology Co., Ltd.>
[rfwtdi / rfwtdi][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rfw\rfwtdi.sys><Beijing Rising Information Technology Co., Ltd.>
[WAN Miniport (PPP over Ethernet Protocol) / RMSPPPOE][Running/Manual Start]
  <system32\DRIVERS\RMSPPPOE.SYS><Robert Schlabbach>
[rsassist / rsassist][Stopped/Auto Start]
  <system32\drivers\rsassist.sys><N/A>
[rsfwdrv / rsfwdrv][Running/System Start]
  <\??\C:\Program Files\Rising\Rfw\rsfwdrv.sys><Beijing Rising Information Technology Co., Ltd.>
[WLAN Transport / s24trans][Running/Auto Start]
  <system32\DRIVERS\s24trans.sys><Intel Corporation>
[Secdrv / Secdrv][Running/Auto Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[Sony Ericsson SEMWModem / SEMWModem][Stopped/Manual Start]
  <system32\DRIVERS\GCXX.sys><Broadcom Corporation>
[Sony Ericsson SEMWWNIC / SEMWWNIC][Stopped/Manual Start]
  <system32\DRIVERS\GCXXNet.sys><Broadcom Corporation>
[Sony Ericsson GC75 Wireless Modem / SEWModem][Stopped/Manual Start]
  <system32\DRIVERS\GC75.sys><Sony Ericsson>
[Sony Notebook Control Device / SNC][Running/Manual Start]
  <system32\DRIVERS\SonyNC.sys><Sony Corporation>
[HS Serial I/O Device Driver / SocketSerial][Stopped/Manual Start]
  <system32\DRIVERS\Sio9502K.sys><Socket Communications, Inc.>
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1][Stopped/Manual Start]
  <system32\DRIVERS\SONYPVU1.SYS><Sony Corporation>
[Sony Programmable I/O Control Device / SPI][Running/Manual Start]
  <system32\DRIVERS\SonyPI.sys><Sony Corporation>
[Superk5 / Superk5][Running/Auto Start]
  <System32\Drivers\superk5.sys><Microsoft Corporation>
[tifmsony / tifmsony][Running/Manual Start]
  <system32\drivers\tifmsony.sys><Texas Instruments>
[USB TV Mini2 / TridVid][Stopped/Manual Start]
  <system32\DRIVERS\TridVid.sys><Trident Microsystem Inc.>
[Senselock USB Lock driver / USBLOCK][Stopped/Auto Start]
  <System32\Drivers\usblock.sys><Beijing Senselock Corp.>
[Intel(R) PRO/Wireless 2200 Adapter 驱动程序 / w22n51][Stopped/Manual Start]
  <system32\DRIVERS\w22n51.sys><Intel? Corporation>
[用于 Windows XP 的英特尔(R) PRO/无线 2200BG 网络连接驱动程序 / w29n51][Running/Manual Start]
  <system32\DRIVERS\w29n51.sys><Intel? Corporation>
[WIBU-KEY Kernel Driver / WIBUKEY][Running/Auto Start]
  <SYSTEM32\DRIVERS\Wibukey.sys><WIBU-SYSTEMS AG>
[winachsf / winachsf][Running/Manual Start]
  <system32\DRIVERS\HSF_CNXT.sys><Conexant Systems, Inc.>
[VIMICRO USB PC Camera / ZSMC301b][Stopped/Manual Start]
  <System32\Drivers\usbVM31b.sys><VM>

==================================
浏览器加载项
[CTSWebSiteMon Class]
  {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} <, >
[Adobe PDF Conversion Toolbar Helper]
  {AE7CD045-E861-484f-8273-0445EE161910} <, >
[]
  {7978461C-CC22-48F2-BC69-02220D3E101D} <, >
[Rising Online Antivirus scanner control]
  {9FAFB576-6933-4CCC-AB3D-B988EC43D04E} <%ProgramFiles%\Rising\RavOL\RavOLCtl.dll, (Signed) N/A>
[]
  {00000000-0000-0000-0000-000000000000} <, >
[IE7pro BHO]
  {00011268-E188-40DF-A514-835FCD78B1BF} <, >
[]
  {0026439F-A980-4F18-8C95-4F1CBBF9C1D8} <, >
[]
  {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <, >
[Adobe PDF Reader Link Helper]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <, >
[IE2EMBHO Class]
  {0A0DDBD3-6641-40B9-873F-BBDD26D6C14E} <, >
[InformationCardSigninHelper Class]
  {19916E01-B44E-4E31-94A4-4696DF46157B} <C:\WINDOWS\system32\icardie.dll, (Signed) Microsoft Corporation>
[]
  {1A3440C6-F123-4CAB-84EE-C814E1AE0D8F} <, >
[WWPicUploadCtrl Class]
  {1D63232D-4F15-4A42-890D-EE617AA1537D} <D:\pp\modules\1685\WWPictureUpload.dll, (Signed) Alibaba software (Shanghai) Corporation>
[InstallHelper Class]
  {1DABF8D5-8430-4985-9B7F-A30E53D709B3} <C:\WINDOWS\system32\MMInstaller.dll, (Signed) Tencent>
[iTrusPTA Class]
  {1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\aliedit\pta.dll, (Signed) >
[InfoScan Control]
  {1F14548F-6975-40F1-AE24-6E2D1D449B2F} <C:\PROGRA~1\CCBCOM~1\Detector\InfoScan.dll, CCB>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, (Signed) Microsoft Corporation>
[]
  {2318C2B1-4965-11D4-9B18-009027A5CD4F} <, >
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <C:\WINDOWS\system32\mshtml.dll, (Signed) Microsoft Corporation>
[XML DOM Document]
  {2933BF90-7B36-11D2-B20E-00C04F983E60} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[XSL Template]
  {2933BF94-7B36-11D2-B20E-00C04F983E60} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation>
[]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <, >
[QuickTime Object]
  {4063BE15-3B08-470D-A0D5-B37161CFFD69} <D:\Program Files\QuickTime\QTPlugin.ocx, (Signed) Apple Inc.>
[]
  {47833539-D0C5-4125-9FA8-0819E2EAAC93} <, >
[XML Document]
  {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[EditCtrl Class]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, (Signed) >
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, (Signed) Microsoft Corporation>
[]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <, >
[WangWangX Class]
  {5D09DD40-CDC4-4C56-B615-0D1E3B357C2B} <D:\pp\AliIMX.dll, (Signed) Alibaba software (Shanghai) Corporation.>
[QQMusicCreator Class]
  {6927992D-6A89-4549-8A32-95901BF5D920} <, >
[]
  {6C3797D2-3FEF-4CD4-B654-D3AE55B4128C} <, >
[]
  {77FEF28E-EB96-44FF-B511-3185DEA48697} <, >
[CTSWebSiteMon Class]
  {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} <, >
[]
  {7E853D72-626A-48EC-A868-BA8D5E23E045} <, >
[Microsoft Web Browser]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>
[XML DOM Document 4.0]
  {88D969C0-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml4.dll, (Signed) Microsoft Corporation>
[Free Threaded XML DOM Document 4.0]
  {88D969C1-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml4.dll, (Signed) Microsoft Corporation>
[XSL Template 4.0]
  {88D969C3-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml4.dll, (Signed) Microsoft Corporation>
[XML HTTP 4.0]
  {88D969C5-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml4.dll, (Signed) Microsoft Corporation>
[XML DOM 文档 5.0]
  {88D969E5-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL, Microsoft Corporation>
[Free Threaded XML DOM Document 5.0]
  {88D969E6-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL, Microsoft Corporation>
[XSL Template 5.0]
  {88D969E8-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL, Microsoft Corporation>
[XML HTTP 5.0]
  {88D969EA-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL, Microsoft Corporation>
[SSOForPTLogin Class]
  {8FC1EE75-72B3-4A23-B987-2B1C4C8A611B} <C:\Program Files\Common Files\Tencent\TXSSO\Bin\SSOAxCtrlForPTLogin.dll, (Signed) >
[Windows Live Sign-in Helper]
  {9030D464-4C02-4ABF-8ECC-5164760863C6} <, >
[]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <, >
[]
  {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} <, >
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <, >
[]
  {AA58ED58-01DD-4D91-8333-CF10577473F7} <, >
[Adobe PDF Conversion Toolbar Helper]
  {AE7CD045-E861-484F-8273-0445EE161910} <, >
[]
  {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <, >
[KeyCode Control]
  {B1CE16C6-EE96-44D0-8866-654C5536F810} <C:\PROGRA~1\CCBCOM~1\Detector\CCBENC~1.OCX, (Signed) CCB>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A>
[]
  {B580CF65-E151-49C3-B73F-70B13FCA8E86} <, >
[InfosecCCBNetSign Class]
  {BC96F5A4-C930-4226-ADAB-59349AE585E9} <C:\Program Files\CCBComponents\Detector\CCBNetSignCom.dll, (Signed) Infosec Technologies Co., Ltd.>
[FTNUpload Class]
  {BDEACC50-F56D-4D60-860F-CF6ED1766D65} <C:\Program Files\Common Files\Tencent\TXFTN\TXFTNActiveX.dll, (Signed) Tencent>
[]
  {C95FE080-8F5D-11D2-A20B-00AA003C157B} <, >
[QQPlayerCtrl Class]
  {CD108273-D434-43E6-AA90-1469F97EB398} <D:\pp\Plugin\Com.Tencent.QQMusic\bin\QQMusic\QzoneMusic.dll, (Signed) Tencent>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[WDCCBCtrl Class]
  {CE0460F5-48BD-4DC1-A046-0BDCB5A06CEB} <C:\WINDOWS\system32\wdccb.dll, (Signed) >
[]
  {D2517915-48CE-4286-970F-921E881B8C5C} <, >
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10d.ocx, (Signed) Adobe Systems, Inc.>
[]
  {D6E814A0-E0C5-11D4-8D29-0050BA6940E3} <, >
[]
  {DEDEB80D-FA35-45D9-9460-4983E5A8AFE6} <, >
[PlayerCtrl Class]
  {E05BC2A3-9A46-4A32-80C9-023A473F5B23} <D:\pp\Plugin\Com.Tencent.QQMusic\bin\QQMusic\QzoneMusic.dll, (Signed) Tencent>
[快车(FlashGet)]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <, >
[]
  {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <, >
[TimwpDll.TimwpCheck]
  {ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4} <D:\pp\Bin\Timwp.dll, (Signed) Tencent>
[XML HTTP Request]
  {ED8C108E-4349-11D2-91A4-00C04F7969E8} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[FlashGet GetFlash Class]
  {F156768E-81EF-470C-9057-481BA8380DBA} <, >
[]
  {F2C63239-A5DB-487B-B283-4132351E7AB6} <, >
[XML DOM Document 3.0]
  {F5078F32-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[Free Threaded XML DOM Document 3.0]
  {F5078F33-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[XML HTTP 3.0]
  {F5078F35-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[XSL Template 3.0]
  {F5078F36-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[XML DOM Document]
  {F6D90F11-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[XML HTTP]
  {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[]
  {FB5DA724-162B-11D3-8B9B-AA70B4B0B524} <, >
[]
  {FB5F1910-F110-11D2-BB9E-00C04F795683} <, >
[webmod Class]
  {FEE3C8C5-9BEA-4079-AB36-63ECABFC7392} <C:\WINDOWS\system32\aliedit\alidcp.dll, (Signed) Alipay.com Co.,Ltd>

==================================
正在运行的进程
[PID: 1664 / SYSTEM][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 696 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1184 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Ati2evxx.dll]  [, ]
[PID: 1688 / SYSTEM][C:\WINDOWS\system32\services.exe]  [(Verified) Microsoft Corporation, 5.1.2600.3520 (xpsp_sp2_gdr.090206-1233)]
[PID: 1748 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 640 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe]  [, ]
[PID: 716 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1280 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Inc., 1,0,5,11]
    [C:\WINDOWS\system32\msi.dll]  [Microsoft Corporation, 4.5.6001.22159]
[PID: 1704 / SYSTEM][C:\Program Files\Rising\RSD\RsMgrSvc.exe]  [Beijing Rising Information Technology Co., Ltd., 1.0.0.12]
    [C:\Program Files\Rising\RSD\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.4]
    [C:\Program Files\Rising\RSD\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.1]
[PID: 1840 / SYSTEM][C:\Program Files\Rising\Rfw\RavMonD.exe]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2]
    [C:\Program Files\Rising\Rfw\combase.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 17]
    [C:\Program Files\Rising\Rfw\cnt09.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5]
    [C:\Program Files\Rising\Rfw\MonBase.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3]
    [C:\Program Files\Rising\Rfw\MonComm.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 9]
    [C:\Program Files\Rising\Rfw\rfwlog.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.15]
    [C:\Program Files\Rising\Rfw\rfwrule.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.1]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Rising\Rfw\rfwsrv.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.2]
    [C:\Program Files\Rising\Rfw\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\Program Files\Rising\Rfw\mPorts.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.0]
    [C:\Program Files\Rising\Rfw\rfwdrvc.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
    [C:\Program Files\Rising\Rfw\Rfwdrv.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.5]
    [C:\Program Files\Rising\Rfw\RfwArp.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.5]
    [C:\Program Files\Rising\Rfw\rsnetsvr.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3]
    [C:\Program Files\Rising\Rfw\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\Rfw\urlrule.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.1]
    [C:\Program Files\Rising\Rfw\recomp.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6]
    [C:\Program Files\Rising\Rfw\refs.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3]
    [C:\Program Files\Rising\Rfw\viruslib.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3]
    [C:\Program Files\Rising\Rfw\relibldr.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3]
    [C:\Program Files\Rising\Rfw\rfwproxy.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 73]
    [C:\Program Files\Rising\Rfw\rslang.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1]
    [C:\Program Files\Rising\Rfw\rsindent.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 11]
    [C:\Program Files\Rising\Rfw\taskplug.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 10]
    [C:\Program Files\Rising\Rfw\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.0]
    [C:\Program Files\Rising\Rfw\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.0]
    [C:\Program Files\Rising\Rfw\proccomm.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4]
    [C:\Program Files\Rising\Rfw\NComm2.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3]
    [C:\Program Files\Rising\Rfw\rstask.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5]
    [C:\Program Files\Rising\Rfw\rsstub.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1]
    [C:\Program Files\Rising\Rfw\urllib.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1]
    [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Inc., 1,0,5,11]
[PID: 1988 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\msi.dll]  [Microsoft Corporation, 4.5.6001.22159]
    [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Inc., 1,0,5,11]
[PID: 492 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 764 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1476 / SYSTEM][D:\pp\KSafe\KSafeSvc.exe]  [Kingsoft Corporation., 1.6.0.1155]
    [D:\pp\KSafe\ksafeeng.dll]  [Kingsoft Corporation., 1.6.0.1155]
    [D:\pp\KSafe\katrun.dll]  [Kingsoft Corporation., 1.6.0.1155]
    [D:\pp\KSafe\ksafebak.dll]  [Kingsoft Corporation., 1.6.0.1155]
    [D:\pp\KSafe\ksafedb.dll]  [Kingsoft Corporation., 1.6.0.1155]
    [D:\pp\KSafe\kcache.dll]  [Kingsoft Corporation., 1.6.0.1155]
    [D:\pp\KSafe\knescan.dll]  [Kingsoft Corporation., 1.0.0.1111]
    [D:\pp\KSafe\kse\ksbwdet2.dll]  [Kingsoft Corporation, 2010,08,26,1359]
    [D:\pp\KSafe\kse\sqlite.dll]  [Kingsoft Corporation, 2010,03,30,781]
    [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Inc., 1,0,5,11]
    [D:\pp\KSafe\KEng\ksafeave.dll]  [Kingsoft Corporation., 1.0.0.1114]
    [D:\pp\KSafe\kdump.dll]  [Kingsoft Corporation, 2010,08,24,1353]
    [D:\pp\KSafe\KEng\kae\kaecore.dat]  [Kingsoft Corporation, 2010,06,30,436]
    [D:\pp\KSafe\kxebase.dll]  [Kingsoft Corporation, 2010,5,12,402]
    [D:\pp\KSafe\scom.dll]  [Kingsoft Corporation, 2010,5,12,402]
    [D:\pp\KSafe\kxecore\kxecore.dll]  [Kingsoft Corporation, 2010,5,12,402]
    [D:\pp\KSafe\kexectrl.dll]  [Kingsoft Corporation, 2010,09,18,1422]
    [D:\pp\KSafe\kwssp.dll]  [Kingsoft Corporation, 2010,09,20,35]
    [D:\pp\KSafe\json.dll]  [N/A, ]
    [D:\pp\KSafe\ksscore.dll]  [Kingsoft Corporation, 2010,09,19,14]
    [D:\pp\KSafe\kcldrep.dll]  [Kingsoft Corporation, 2010,09,06,1388]
    [D:\pp\KSafe\kse\ksecorex.dll]  [Kingsoft Corporation, 2010,09,16,1206]
    [D:\pp\KSafe\KEng\kae\karchive.dat]  [Kingsoft Corporation, 2010,06,30,436]
    [D:\pp\KSafe\KEng\kae\kaearcha.dat]  [Kingsoft Corporation, 2010,06,30,436]
    [D:\pp\KSafe\KEng\kae\kaeolea.dat]  [Kingsoft Corporation, 2010,06,30,436]
    [D:\pp\KSafe\KEng\kae\kaearchb.dat]  [Kingsoft Corporation, 2010,06,30,436]
    [C:\WINDOWS\system32\msi.dll]  [Microsoft Corporation, 4.5.6001.22159]
    [D:\pp\KSafe\KEng\kae\kaeunpak.dat]  [Kingsoft Corporation, 2010,06,30,436]
    [D:\pp\KSafe\KEng\kae\kaevname.dat]  [Kingsoft Corporation, 2010,06,30,436]
    [D:\pp\KSafe\KEng\kae\kaeunpack.dat]  [Kingsoft Corporation, 2010,07,18,365]
    [D:\pp\KSafe\KEng\kae\kaecorea.dat]  [Kingsoft Corporation, 2010,06,30,436]
[PID: 200 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe]  [, ]
[PID: 588 / sony][C:\WINDOWS\Explorer.EXE]  [(Verified) Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msi.dll]  [Microsoft Corporation, 4.5.6001.22159]
    [D:\pp\KSafe\ksfmon.dll]  [Kingsoft Corporation., 1.6.0.1155]
    [D:\pp\KSafe\kwsui.dll]  [Kingsoft Corporation, 2010,10,11,2]
    [D:\pp\KSafe\kswebshield.dll]  [Kingsoft Corporation, 2010,10,11,2]
    [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 8.1.0.0]
    [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS]  [Adobe Systems, Inc., 8.0.0.0]
    [D:\Adobe\Acrobat 8.0\Acrobat Elements\ContextMenu.chs]  [Adobe Systems Inc., 8.0.5.2006102200\0]
    [d:\WinRAR\rarext.dll]  [N/A, ]
    [D:\Adobe\Acrobat 8.0\Acrobat Elements\ContextMenu.dll]  [Adobe Systems Inc., 8.1.5.2007051000\0]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL]  [Microsoft Corporation, 8.00.50727.4053]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL]  [Microsoft Corporation, 8.00.50727.4053]
    [D:\pp\AliIMExt.dll]  [Alibaba software (Shanghai) Corporation., 1.0.0.1]
[PID: 616 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\AdobePDF.dll]  [Adobe Systems Incorporated., 8.0.0.00]
    [D:\Adobe\Acrobat 8.0\Acrobat\AdistRes.CHS]  [, ]
    [C:\WINDOWS\system32\mdimon.dll]  [Microsoft Corporation, 11.3.1897.0]
    [C:\WINDOWS\system32\msi.dll]  [Microsoft Corporation, 4.5.6001.22159]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll]  [Microsoft Corporation, 11.3.1897.0]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\vprproc.dll]  [Windows (R) 2000 DDK provider, 5.00.2195.1620]
    [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Inc., 1,0,5,11]
[PID: 1864 / sony][C:\Program Files\Rising\Rfw\RsTray.exe]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.11]
    [C:\Program Files\Rising\Rfw\comserv.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.15]
    [C:\Program Files\Rising\Rfw\rslang.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1]
    [C:\Program Files\Rising\Rfw\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\Rfw\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\Program Files\Rising\Rfw\ProcComm.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4]
    [C:\Program Files\Rising\Rfw\rsxml.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2]
    [C:\Program Files\Rising\Rfw\MonState.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2]
    [C:\Program Files\Rising\Rfw\rfwrule.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.1]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Rising\Rfw\rsconf.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.1]
    [C:\Program Files\Rising\Rfw\rspalvd.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.7]
    [C:\Program Files\Rising\Rfw\rsguilib.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 57]
    [C:\Program Files\Rising\Rfw\ravbintl.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 22]
    [C:\Program Files\Rising\Rfw\rsnetsvr.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3]
    [C:\Program Files\Rising\Rfw\rsmginfo.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4]
    [C:\Program Files\Rising\Rfw\rfwtray.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 39]
    [C:\Program Files\Rising\Rfw\ravppops.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 21]
    [C:\Program Files\Rising\Rfw\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.0]
    [C:\Program Files\Rising\Rfw\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.0]
    [C:\Program Files\Rising\Rfw\PngDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\Rfw\rfwlog.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.15]
    [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Inc., 1,0,5,11]
[PID: 652 / sony][D:\pp\KSafe\KSafeTray.exe]  [Kingsoft Corporation., 1.6.0.1155]
    [D:\pp\KSafe\ksfmon.dll]  [Kingsoft Corporation., 1.6.0.1155]
    [D:\pp\KSafe\krunopt.dll]  [Kingsoft Corporation., 1.6.0.1155]
    [D:\pp\KSafe\kdump.dll]  [Kingsoft Corporation, 2010,08,24,1353]
    [D:\pp\KSafe\kwsctrl.dll]  [Kingsoft Corporation., 1.6.0.1155]
    [D:\pp\KSafe\kwsui.dll]  [Kingsoft Corporation, 2010,10,11,2]
    [D:\pp\KSafe\kswebshield.dll]  [Kingsoft Corporation, 2010,10,11,2]
    [D:\pp\KSafe\ksafevul.dll]  [Kingsoft Corporation., 1.6.0.1155]
    [C:\WINDOWS\system32\msi.dll]  [Microsoft Corporation, 4.5.6001.22159]
    [D:\pp\KSafe\ksafeup.dll]  [Kingsoft Corporation., 1.6.0.1155]
    [D:\pp\KSafe\zlib1.dll]  [, 1.2.3]
    [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Inc., 1,0,5,11]
    [D:\pp\KSafe\KEng\ksignup.dll]  [Kingsoft Corporation., 1.0.0.1114]
    [D:\pp\KSafe\KEng\KSGMerge.DLL]  [Kingsoft Corporation, 2010,02,26,47]
    [D:\pp\KSafe\kplugeng.dll]  [Kingsoft Corporation., 1.5.2.1189]
[PID: 548 / sony][C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDCertM_CCB.exe]  [ Beijing WatchData System Co., Ltd., 3, 2, 0, 0]
    [C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\TokenMgr.dll]  [ Beijing WatchData System Co., Ltd., 3, 6, 3, 2]
    [C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDAlg.DLL]  [ Beijing WatchData System C0., Ltd., 3, 5, 12, 20]
    [C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\wdkmgr.dll]  [Watchdata, 2, 1, 1, 40]
    [C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDPKCS.dll]  [ Beijing WatchData System Co., Ltd., 3, 6, 2, 15]
    [C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDEvent.dll]  [ Beijing WatchData System Co., Ltd., 3, 2, 5, 0]
    [D:\pp\KSafe\ksfmon.dll]  [Kingsoft Corporation., 1.6.0.1155]
    [D:\pp\KSafe\kwsui.dll]  [Kingsoft Corporation, 2010,10,11,2]
    [D:\pp\KSafe\kswebshield.dll]  [Kingsoft Corporation, 2010,10,11,2]

[PID: 1276 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1612 / sony][C:\WINDOWS\system32\ctfmon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\pp\KSafe\ksfmon.dll]  [Kingsoft Corporation., 1.6.0.1155]
    [D:\pp\KSafe\kwsui.dll]  [Kingsoft Corporation, 2010,10,11,2]
    [D:\pp\KSafe\kswebshield.dll]  [Kingsoft Corporation, 2010,10,11,2]
[PID: 620 / SYSTEM][C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe]  [Apple Inc., 2.11.32.0]
[PID: 1472 / SYSTEM][C:\Program Files\Bonjour\mDNSResponder.exe]  [Apple Inc., 1,0,5,11]
[PID: 292 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 576 / SYSTEM][C:\WINDOWS\system32\tcpsvcs.exe]  [(Verified) Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Inc., 1,0,5,11]
[PID: 1892 / SYSTEM][C:\WINDOWS\System32\snmp.exe]  [(Verified) Microsoft Corporation, 5.1.2600.3038 (xpsp_sp2_gdr.061119-2303)]
    [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Inc., 1,0,5,11]
[PID: 1084 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1780 / SYSTEM][C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDKeyMonitorCCB.exe]  [ Beijing WatchData System Co., Ltd., 3, 2, 0, 0]
    [C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\wdkmgr.dll]  [Watchdata, 2, 1, 1, 40]
[PID: 2380 / SYSTEM][C:\WINDOWS\system32\MsPMSPSv.exe]  [Microsoft Corporation, 7.01.00.3055]
[PID: 1972 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2100 / sony][D:\TdxW.exe]  [(通达信)深圳市财富趋势科技有限责任公司, 1, 0, 0, 1]
    [D:\TCalc.dll]  [, 1, 0, 0, 1]
    [D:\MFC42.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [D:\Viewthem.dll]  [, 1, 0, 0, 1]
    [D:\invest.dll]  [, 1.15]
    [D:\Dbf.dll]  [N/A, ]
    [D:\TUserComm.dll]  [, 1, 0, 0, 1]
    [D:\TMarquee.dll]  [, 1, 0, 0, 1]
    [D:\TGear.dll]  [, 1.00]
    [D:\TJyaid.dll]  [, 1.00]
    [D:\TControl.dll]  [, 1.00]
    [D:\TDXImage.dll]  [, 1, 0, 0, 1]
    [D:\pp\KSafe\ksfmon.dll]  [Kingsoft Corporation., 1.6.0.1155]
    [D:\pp\KSafe\kwsui.dll]  [Kingsoft Corporation, 2010,10,11,2]
    [D:\pp\KSafe\kswebshield.dll]  [Kingsoft Corporation, 2010,10,11,2]
    [D:\calcer.dll]  [, 1, 0, 0, 1]
    [D:\res_std2.dll]  [N/A, ]
    [D:\TEncrypt.dll]  [, 1, 0, 0, 1]
    [D:\tc.dll]  [深圳财富趋势科技有限公司, 6, 0, 0, 2]
    [D:\MfcHlpr520.dll]  [深圳财富趋势科技有限公司, 11, 2, 0, 0]
    [D:\TcApi.dll]  [深圳财富趋势科技有限公司, 6, 0, 0, 1]
    [D:\clibhlpr.dll]  [N/A, ]
    [D:\WTCommLib.dll]  [N/A, ]
    [D:\TCPlugins\AddinUtility.dll]  [深圳财富趋势科技有限公司, 6, 0, 0, 2]
    [D:\TCPlugins\AddinCommonControl.dll]  [深圳财富趋势科技有限公司, 6, 0, 0, 2]
    [D:\TCPlugins\AddinSafeControl.dll]  [深圳财富趋势科技有限公司, 6, 0, 0, 2]
    [D:\TCPlugins\AddinTList.dll]  [深圳财富趋势科技有限公司, 6, 0, 0, 2]
    [D:\TCPlugins\AddinMiniQuote.dll]  [深圳财富趋势科技有限公司, 6, 0, 0, 2]
    [D:\TCPlugins\AddinStock.dll]  [深圳财富趋势科技有限公司, 1, 0, 0, 1]
    [D:\TCPlugins\AddinFund.dll]  [深圳财富趋势科技有限公司, 1, 0, 0, 1]
    [D:\TCPlugins\AddinPmxd.dll]  [深圳财富趋势科技有限公司, 6, 0, 0, 2]
    [D:\TCPlugins\AddinYzzz.dll]  [深圳财富趋势科技有限公司, 1, 0, 0, 1]
    [D:\GNPlugins\TE_Jiangen.dll]  [, 1, 0, 0, 1]
    [D:\GNPlugins\TE_Star.dll]  [, 1, 0, 0, 1]
[PID: 3624 / sony][D:\pp\Bin\QQ.exe]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Bin\Common.dll]  [Tencent, 1, 50, 1720, 0]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.DLL]  [Microsoft Corporation, 8.00.50727.4053]
    [D:\pp\Bin\KernelUtil.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Bin\GF.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Bin\xGraphic32.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Bin\AFUtil.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\KSafe\ksfmon.dll]  [Kingsoft Corporation., 1.6.0.1155]
    [D:\pp\KSafe\kwsui.dll]  [Kingsoft Corporation, 2010,10,11,2]
    [D:\pp\KSafe\kswebshield.dll]  [Kingsoft Corporation, 2010,10,11,2]
    [D:\pp\Bin\LoginPanel.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Bin\IM.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Bin\TaskTray.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Bin\AppUtil.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Bin\TXPFProxy.dll]  [Tencent, 1, 50, 1720, 0]
    [C:\WINDOWS\system32\msi.dll]  [Microsoft Corporation, 4.5.6001.22159]
    [D:\pp\Bin\MainFrame.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Bin\AppFramework.dll]  [Tencent, 1, 50, 1720, 0]
    [C:\Program Files\Common Files\Tencent\TXSSO\Bin\SSOPlatform.dll]  [Tencent, 1.2.1.10]
    [C:\Program Files\Common Files\Tencent\TXSSO\Bin\SSOCommon.DLL]  [Tencent, 1.2.1.6]
    [D:\pp\Bin\SkinMgr.dll]  [Tencent, 1, 50, 1720, 0]
    [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Inc., 1,0,5,11]
    [D:\pp\Bin\AFCtrl.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Bin\SystemMsg.dll]  [Tencent, 1, 50, 1720, 0]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [D:\pp\Bin\ConfigCenter.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Bin\ChatFrameApp.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Bin\QInterLive.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Bin\GroupApp.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Bin\AppMisc.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Bin\Contacts.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Bin\InformationBox.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Bin\ContactInfoFrame.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Plugin\Com.Tencent.PayCenter\Bin\PayCenter.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Plugin\Com.Tencent.QQVipMisc\Bin\QQVipMisc.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Plugin\Com.Tencent.NetBar\Bin\NetBar.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Plugin\Com.Tencent.VAS\Bin\VAS.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Plugin\Com.Tencent.Wireless\Bin\Wireless.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Plugin\Com.Tencent.PaiPaiGift\Bin\PaiPaiGift.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Plugin\Com.Tencent.QQShow\Bin\QQShow.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Plugin\Com.Tencent.Qzone\Bin\Qzone.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Plugin\Com.Tencent.CRM\Bin\CRM.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Plugin\Com.Tencent.AudioVideo\Bin\AudioVideo.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Plugin\Com.Tencent.Soso\Bin\Soso.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Plugin\Com.Tencent.Weather\Bin\Weather.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Plugin\Com.Tencent.Advertisement\Bin\Advertisement.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Plugin\Com.Tencent.Memo\Bin\Memo.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Plugin\Com.Tencent.QQVip\Bin\QQVip.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Plugin\Com.Tencent.MMOG\Bin\MMOG.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Plugin\Com.Tencent.QQGame\Bin\QQGame.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Plugin\Com.Tencent.QQMusic\Bin\QQMusic.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Plugin\Com.Tencent.Mail\Bin\Mail.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Plugin\com.tencent.snsapp\Bin\SNSApp.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Plugin\com.tencent.qbar\Bin\QBar.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Plugin\com.tencent.wenwen\Bin\WenWen.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Bin\WBlog.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Plugin\com.tencent.paipai\Bin\PaiPai.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Plugin\com.tencent.qqlive\Bin\QQLive.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Plugin\com.tencent.qqpet\Bin\QQPet.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Plugin\com.tencent.taotao\Bin\taotao.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Plugin\com.tencent.filetransfer\Bin\FileTransfer.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Bin\MsgMgr.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Plugin\com.tencent.gamelife\Bin\GameLife.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Plugin\com.tencent.today\Bin\Today.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Plugin\com.tencent.qqring\Bin\QQRing.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Plugin\com.tencent.qqwebsite\Bin\QQWebsite.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Bin\appcom.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Bin\LongCnn.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Bin\CustomFace.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Bin\AddrSearch.dll]  [Tencent, 2, 3, 12, 11]
    [D:\pp\Bin\KernelMisc.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Bin\Camera.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Bin\SCCore.dll]  [Tencent, 1, 7, 1, 6]
    [D:\pp\Plugin\com.tencent.sobar\Bin\SoBar.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\Plugin\com.tencent.qqshow\Bin\FlashAvatarDll.dll]  [Tencent, 1.50.1720.0]
    [C:\WINDOWS\system32\Macromed\Flash\Flash10d.ocx]  [Adobe Systems, Inc., 10,0,42,34]
[PID: 4068 / sony][D:\pp\Bin\TXPlatform.exe]  [Tencent, 1, 50, 1720, 0]
    [D:\pp\KSafe\ksfmon.dll]  [Kingsoft Corporation., 1.6.0.1155]
    [D:\pp\KSafe\kwsui.dll]  [Kingsoft Corporation, 2010,10,11,2]
    [D:\pp\KSafe\kswebshield.dll]  [Kingsoft Corporation, 2010,10,11,2]
    [D:\pp\Bin\TXPFProxy.dll]  [Tencent, 1, 50, 1720, 0]
    [C:\WINDOWS\system32\msi.dll]  [Microsoft Corporation, 4.5.6001.22159]
[PID: 3264 / sony][C:\WINDOWS\system32\conime.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\pp\KSafe\ksfmon.dll]  [Kingsoft Corporation., 1.6.0.1155]
    [D:\pp\KSafe\kwsui.dll]  [Kingsoft Corporation, 2010,10,11,2]
    [D:\pp\KSafe\kswebshield.dll]  [Kingsoft Corporation, 2010,10,11,2]
[PID: 2536 / sony][D:\MYIE2\Maxthon\maxthon.exe]  [Maxthon International Ltd., 1, 6, 3, 80]
    [D:\MYIE2\Maxthon\maxzlib.dll]  [ , 1, 0, 0, 2]
    [D:\pp\KSafe\ksfmon.dll]  [Kingsoft Corporation., 1.6.0.1155]
    [D:\pp\KSafe\kwsui.dll]  [Kingsoft Corporation, 2010,10,11,2]
    [D:\pp\KSafe\kswebshield.dll]  [Kingsoft Corporation, 2010,10,11,2]
    [D:\pp\KSafe\kswbc.dll]  [Kingsoft Corporation, 2010,09,20,35]
    [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Inc., 1,0,5,11]
    [C:\WINDOWS\system32\mscoree.dll]  [Microsoft Corporation, 2.0.50727.832 (QFE.050727-8300)]
    [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CorperfmonExt.dll]  [Microsoft Corporation, 2.0.50727.832 (QFE.050727-8300)]
    [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_perf.dll]  [Microsoft Corporation, 2.0.50727.832 (QFE.050727-8300)]
    [C:\WINDOWS\system32\msi.dll]  [Microsoft Corporation, 4.5.6001.22159]
    [D:\MYIE2\Maxthon\Services\RealTime\real_time.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll]  [Microsoft Corporation, 2.0.50727.832 (QFE.050727-8300)]
[PID: 300 / SYSTEM][D:\KSM\ksmsvc.exe]  [, 2010,07,15,1223]
    [D:\KSM\kdump.dll]  [Kingsoft Corporation, 2010,10,11,1453]
    [D:\KSM\kxestat.dll]  [Kingsoft Corporation, 2009,11,20,309]
    [D:\KSM\kxebase.dll]  [Kingsoft Corporation, 2009,11,20,309]
    [D:\KSM\scom.dll]  [Kingsoft Corporation, 2009,11,20,309]
    [D:\KSM\kxecore\kxelog.dll]  [Kingsoft Corporation, 2009,11,20,309]
    [D:\KSM\kxecore\kxecore.dll]  [Kingsoft Corporation, 2010,5,12,402]
    [D:\KSM\kxecore\kxestat.dll]  [Kingsoft Corporation, 2009,11,20,309]
    [D:\KSM\ksmcorex.dll]  [Kingsoft Corporation, 2010,10,21,10]
    [D:\KSM\kplugeng.dll]  [Kingsoft Corporation., 1.5.2.1190]
    [D:\KSM\sqlite.dll]  [N/A, ]
    [D:\KSM\ksmbrfix.dll]  [Kingsoft Corporation, 2010,09,13,1403]
    [D:\KSM\kavquara.dll]  [Kingsoft Corporation, 2010,07,14,924]
    [D:\KSM\ksecorex.dll]  [Kingsoft Corporation, 2010,09,16,1206]
    [D:\KSM\kae\kaecore.dat]  [Kingsoft Corporation, 2010,06,30,436]
    [D:\KSM\ksbwdet2.dll]  [Kingsoft Corporation, 2010,08,26,1359]
    [D:\KSM\kae\karchive.dat]  [Kingsoft Corporation, 2010,06,30,436]
    [D:\KSM\ksbwsspx.dll]  [Kingsoft Corporation, 2010,05,27,1072]
    [D:\KSM\kae\kaearcha.dat]  [Kingsoft Corporation, 2010,06,30,436]
    [D:\KSM\kae\kaeolea.dat]  [Kingsoft Corporation, 2010,03,18,77]
    [D:\KSM\kae\kaearchb.dat]  [Kingsoft Corporation, 2010,06,30,436]
    [D:\KSM\kcldrep.dll]  [Kingsoft Corporation, 2010,10,19,1467]
    [D:\KSM\kavifr.dll]  [Kingsoft Corporation, 2010,05,25,74]
    [D:\KSM\ksreng3.dll]  [Kingsoft Corporation, 2010,10,25,78]
    [D:\KSM\kscanner.dll]  [Kingsoft Corporation, 2010,09,26,1432]
[PID: 4060 / sony][D:\KSM\kinstool.exe]  [Kingsoft Corporation, 2010,04,28,935]
[PID: 2616 / sony][D:\KSM\ksmgui.exe]  [, 2010,09,13,1403]
    [D:\KSM\kdump.dll]  [Kingsoft Corporation, 2010,10,11,1453]
    [D:\KSM\kxestat.dll]  [Kingsoft Corporation, 2009,11,20,309]
    [D:\pp\KSafe\ksfmon.dll]  [Kingsoft Corporation., 1.6.0.1155]
    [D:\pp\KSafe\kwsui.dll]  [Kingsoft Corporation, 2010,10,11,2]
    [D:\pp\KSafe\kswebshield.dll]  [Kingsoft Corporation, 2010,10,11,2]
    [D:\KSM\kcldrep.dll]  [Kingsoft Corporation, 2010,10,19,1467]
    [D:\KSM\kavifr.dll]  [Kingsoft Corporation, 2010,05,25,74]
    [D:\KSM\COMRes.dll]  [Microsoft Corporation, 2001.12.4414.258]
[PID: 2268 / sony][D:\书籍\SReng2.8.2.1321版\SReng2.8.2.1321版\sr-engldr.EXE]  [Smallfrogs Studio, 2.8.2.1321]
    [D:\pp\KSafe\ksfmon.dll]  [Kingsoft Corporation., 1.6.0.1155]
    [D:\pp\KSafe\kwsui.dll]  [Kingsoft Corporation, 2010,10,11,2]
    [D:\pp\KSafe\kswebshield.dll]  [Kingsoft Corporation, 2010,10,11,2]
    [D:\书籍\SReng2.8.2.1321版\SReng2.8.2.1321版\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  Error. []
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
N/A

==================================
进程特权扫描
特殊特权被允许： SeLoadDriverPrivilege [PID = 548, C:\WINDOWS\SYSTEM32\WATCHDATA\WATCHDATA CCB CSP V3.2\WDCERTM_CCB.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1780, C:\WINDOWS\SYSTEM32\WATCHDATA\WATCHDATA CCB CSP V3.2\WDKEYMONITORCCB.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2100, D:\TDXW.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 2536, D:\MYIE2\MAXTHON\MAXTHON.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2536, D:\MYIE2\MAXTHON\MAXTHON.EXE]

==================================
计划任务
N/A

==================================
Windows 安全更新检查
N/A

==================================
API HOOK
入口点错误：LoadLibraryExW (危险等级: 高,  被下面模块所HOOK: 0x015A02F1)
入口点错误：CreateProcessA (危险等级: 高,  被下面模块所HOOK: 0x011902F1)
入口点错误：CreateProcessW (危险等级: 高,  被下面模块所HOOK: 0x015602F1)
入口点错误：ShellExecuteExW (危险等级: 高,  被下面模块所HOOK: 0x015C02F1)
入口点错误：ShellExecuteW (危险等级: 高,  被下面模块所HOOK: 0x015B02F1)

==================================
隐藏进程
N/A

==================================


[/CODE]