我的电脑经常弹出IE网页广告，以下是我的两个系统扫描报告，请求帮忙解决，谢谢！

Logfile of HijackThis v1.99.1
Scan saved at 12:27:57, on 2006-10-24
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\Ravmond.exe
c:\program files\rising\rfw\rfwsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Rising\Rav\RavStub.exe
c:\program files\rising\rfw\RfwMain.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
D:\Nero 7\InCD\InCDsrv.exe
E:\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\Rising\Rav\Ravmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
E:\Tencent\TT\TTraveler.exe
E:\Tencent\QQ\QQ.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.093\HijackThis.exe

O2 - BHO: Vision - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - (no file)
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - C:\WINDOWS\DOWNLO~1\CnsHook.dll
O3 - Toolbar: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll (file missing)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - E:\FlashGet\fgiebar.dll
O3 - Toolbar: 金山快译(&K) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - D:\Kingsoft\FastAIT 2006\IEBand.dll
O3 - Toolbar: (no name) - {0A00D11E-B1E7-44b5-AD88-C9190876AAC4} - (no file)
O4 - HKLM\..\Run: [CnsMin] Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32
O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\RunOnce: [RavStub] "C:\Program Files\Rising\Rav\ravstub.exe" /RUNONCE
O4 - HKCU\..\Run: [bgswitch] C:\WINDOWS\system32\bgswitch.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: AutoCAD 启动加速器.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
O8 - Extra context menu item: &Download by NetAnts - E:\NetAnts\NAGet.htm
O8 - Extra context menu item: Add to QQ Emoticons - E:\Tencent\SanookQQ\AddEmotion.htm
O8 - Extra context menu item: Download &All by NetAnts - E:\NetAnts\NAGetAll.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: 上传到QQ网络硬盘 - E:\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 使用Web迅雷下载 - E:\Thunder Network\WebThunder\GetUrl.htm
O8 - Extra context menu item: 使用Web迅雷下载全部链接 - E:\Thunder Network\WebThunder\GetAllUrl.htm
O8 - Extra context menu item: 使用网际快车下载 - E:\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - E:\FlashGet\jc_all.htm
O8 - Extra context menu item: 使用脱兔下载 - E:\Tuotu\TT_one.htm
O8 - Extra context menu item: 使用脱兔下载全部链接 - E:\Tuotu\TT_all.htm
O8 - Extra context menu item: 使用超级解霸播放 - d:\Herosoft\Hero 9\MPURLGET.HTM
O8 - Extra context menu item: 使用迅雷下载 - e:\Thunder Network\Thunder\Program\GetUrl.htm
O8 - Extra context menu item: 使用迅雷下载全部链接 - e:\Thunder Network\Thunder\Program\GetAllUrl.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - E:\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - E:\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - E:\Tencent\QQ\SendMMS.htm

O8 - Extra context menu item: 雅虎搜索 - res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll/246
O9 - Extra button: 免费精彩视频超流畅在线观看 - {022C4009-5283-4365-97BF-144054B40E2E} - http://itv.mop.com (file missing)
O9 - Extra 'Tools' menuitem: 播霸电视 - {022C4009-5283-4365-97BF-144054B40E2E} - http://itv.mop.com (file missing)
O9 - Extra button: 豪杰超级解霸9 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - d:\Herosoft\Hero 9\STHSDVD.EXE
O9 - Extra 'Tools' menuitem: 豪杰超级解霸9 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - d:\Herosoft\Hero 9\STHSDVD.EXE
O9 - Extra button: Yahoo 3.5G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail (file missing)
O9 - Extra button: NetAnts - {57E91B47-F40A-11D1-B792-444553540000} - E:\NetAnts\NetAnts.exe
O9 - Extra 'Tools' menuitem: &NetAnts - {57E91B47-F40A-11D1-B792-444553540000} - E:\NetAnts\NetAnts.exe
O9 - Extra button: 名品折扣 - {59BC54A2-56B3-44a0-93E5-432D58746E26} - http://adtaobao.allyes.com/main/adfclick?db=adtaobao&bid=138,140,18&cid=816,8,1&sid=5042&show=ignore&url=http://www.taobao.com/vertical/mall/pro.php?allyesPara=816 (file missing)
O9 - Extra button: 雅虎助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist (file missing)
O9 - Extra button: 番茄花园 - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.tomatolei.com (file missing)
O9 - Extra 'Tools' menuitem: 番茄花园 - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.tomatolei.com (file missing)
O9 - Extra button: 雅虎WIDGET - {6354ABE6-05F1-49ed-B850-E423120EC338} - http://cn.widget.yahoo.com/index.htm?source=Cns (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: 启动Web迅雷 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - http://my.xunlei.com (file missing)
O9 - Extra 'Tools' menuitem: 启动Web迅雷 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - http://my.xunlei.com (file missing)
O9 - Extra button: 易趣购物 - {BE9C13C3-9E46-4db1-BC05-BD8DA44599F2} - http://adfarm.mediaplex.com/ad/ck/4080-22910-9640-151?cn=song;icon;hp&mpro=http://www.ebay.com.cn (file missing)
O9 - Extra 'Tools' menuitem: 易趣购物 - {BE9C13C3-9E46-4db1-BC05-BD8DA44599F2} - http://adfarm.mediaplex.com/ad/ck/4080-22910-9640-151?cn=song;icon;hp&mpro=http://www.ebay.com.cn (file missing)
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\Tencent\SanookQQ\QQ.EXE
O9 - Extra 'Tools' menuitem: Sanook! QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\Tencent\SanookQQ\QQ.EXE
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\FlashGet\flashget.exe
O9 - Extra button: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg (file missing)
O9 - Extra button: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing)
O9 - Extra 'Tools' menuitem: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing)
O9 - Extra button: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing)
O9 - Extra 'Tools' menuitem: 清理上网记录 - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing)
O11 - Options group: [!CNS]  中文上网
O14 - IERESET.INF: START_PAGE_URL=http://www.9991.com/?duote
O16 - DPF: {1F831FA1-42FC-11D4-95A6-0080AD30DCE1} (InstaFred) - file://D:\AutodeskAutoCAD 2002\InstFred.ocx
O16 - DPF: {7260569F-1D40-4E7F-B95B-2E68D35668B9} (MofileUploadX Control) - http://www.mofile.com/activex/UploadFX.CAB
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday 控件) - file://D:\AutodeskAutoCAD 2002\AcDcToday.ocx
O16 - DPF: {AE563722-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://D:\AutodeskAutoCAD 2002\InstBanr.ocx
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview 控件) - file://D:\AutodeskAutoCAD 2002\AcPreview.ocx
O16 - DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} (pCastPanel Class) - http://ps.itv.mop.com/dn/files/pCastCtl-1.0.0.90-signed.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6401B5BE-108A-4C01-A455-82229941E83E}: NameServer = 202.96.128.166,61.144.56.101
O17 - HKLM\System\CCS\Services\Tcpip\..\{FA5A6B2D-C384-492E-8043-C465BA642D9E}: NameServer = 202.96.128.166,61.144.56.101
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - D:\Nero 7\InCD\InCDsrv.exe
O23 - Service: NBService - Nero AG - D:\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - E:\Alcohol 120\StarWind\StarWindService.exe

2006-10-24,12:32:16

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <bgswitch><C:\WINDOWS\system32\bgswitch.exe>  []
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
    <run><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <CnsMin><Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32>  [北京三七二一科技有限公司]
    <RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <RavStub><"C:\Program Files\Rising\Rav\ravstub.exe" /RUNONCE>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{D157330A-9EF3-49F8-9A67-4141AC41ADD4}><C:\WINDOWS\DOWNLO~1\CnsHook.dll>  [北京三七二一科技有限公司]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><; d:\Herosoft\Hero 9\解霸屏保.SCR>  []

==================================
启动文件夹
[AutoCAD 启动加速器]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\AutoCAD 启动加速器.lnk><N>

==================================
服务
[Adobe LM Service / Adobe LM Service]
  <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[Autodesk Licensing Service / Autodesk Licensing Service]
  <"C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"><Autodesk>
[C-DillaCdaC11BA / C-DillaCdaC11BA]
  <C:\WINDOWS\system32\drivers\CDAC11BA.EXE><Macrovision>
[C-DillaSrv / C-DillaSrv]
  <C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE><C-Dilla Ltd>
[Crypkey License / Crypkey License]
  <crypserv.exe><Kenonic Controls Ltd.>
[Dcopiio / Dcopiio]
  <><N/A>
[EPSON Printer Status Agent2 / EPSONStatusAgent2]
  <C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe><SEIKO EPSON CORPORATION>
[InCD Helper / InCDsrv]
  <D:\Nero 7\InCD\InCDsrv.exe><Nero AG>
[NBService / NBService]
  <D:\Nero 7\Nero BackItUp\NBService.exe><Nero AG>
[Rising Proxy  Service / RfwProxySrv]
  <c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
  <c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[StarWind iSCSI Service / StarWindService]
  <E:\Alcohol 120\StarWind\StarWindService.exe><Rocket Division Software>
[Standard Update Net Service / stdupnet]
  <C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\stdupnet.dll,Service -s><N/A>

==================================
浏览器加载项
[CnsHook Class]
  {D157330A-9EF3-49F8-9A67-4141AC41ADD4} <C:\WINDOWS\DOWNLO~1\CnsHook.dll, 北京三七二一科技有限公司>
[免费精彩视频超流畅在线观看]
  {022C4009-5283-4365-97BF-144054B40E2E} <http://itv.mop.com, N/A>
[豪杰超级解霸9]
  {367E0A21-8601-4986-9C9A-153BF5ACA118} <d:\Herosoft\Hero 9\STHSDVD.EXE, herosoft>
[Yahoo 3.5G电邮]
  {507F9113-CD77-4866-BA92-0E86DA3D0B97} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail, N/A>
[NetAnts]
  {57E91B47-F40A-11D1-B792-444553540000} <E:\NetAnts\NetAnts.exe,  >
[名品折扣]
  {59BC54A2-56B3-44a0-93E5-432D58746E26} <http://adtaobao.allyes.com/main/adfclick?db=adtaobao&bid=138,140,18&cid=816,8,1&sid=5042&show=ignore&url=http://www.taobao.com/vertical/mall/pro.php?allyesPara=816, N/A>
[雅虎助手]
  {5D73EE86-05F1-49ed-B850-E423120EC338} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist, N/A>
[番茄花园]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.tomatolei.com, N/A>
[雅虎WIDGET]
  {6354ABE6-05F1-49ed-B850-E423120EC338} <http://cn.widget.yahoo.com/index.htm?source=Cns, N/A>
[信息检索(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <D:\MICROS~1\Office12\REFIEBAR.DLL, Microsoft Corporation>
[启动Web迅雷]
  {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} <http://my.xunlei.com, N/A>
[易趣购物]
  {BE9C13C3-9E46-4db1-BC05-BD8DA44599F2} <http://adfarm.mediaplex.com/ad/ck/4080-22910-9640-151?cn=song;icon;hp&mpro=http://www.ebay.com.cn, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <E:\Tencent\SanookQQ\QQ.EXE, M-web ( Thailand ) Limited>
[FlashGet]
  {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <E:\FlashGet\flashget.exe, FlashGet.com>
[情景聊天]
  {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg, N/A>
[]
  {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair, N/A>
[]
  {FD00D911-7529-4084-9946-A29F1BDF4FE5} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean, N/A>
[雅虎助手]
  {406F94F0-504F-4a40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, N/A>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <E:\FlashGet\fgiebar.dll, Amaze Soft>
[金山快译(&K)]
  {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} <D:\Kingsoft\FastAIT 2006\IEBand.dll, 金山软件股份有限公司>
[InstaFred]
  {1F831FA1-42FC-11D4-95A6-0080AD30DCE1} <C:\WINDOWS\DOWNLO~1\InstFred.ocx, Autodesk, Inc.>
[MofileUploadX Control]
  {7260569F-1D40-4E7F-B95B-2E68D35668B9} <C:\WINDOWS\DOWNLO~1\MoUpload.ocx, >
[AcDcToday 控件]
  {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} <C:\WINDOWS\DOWNLO~1\ACDCTO~1.OCX, Autodesk>
[NOXLATE-BANR]
  {AE563722-B4F5-11D4-A415-00108302FDFD} <C:\WINDOWS\DOWNLO~1\InstBanr.ocx, Autodesk, Inc.>
[AcPreview 控件]
  {F281A59C-7B65-11D3-8617-0010830243BD} <C:\WINDOWS\DOWNLO~1\ACPREV~1.OCX, Autodesk>
[pCastPanel Class]
  {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} <C:\WINDOWS\Downloaded Program Files\pCastCtl.dll, >
[WebThunder Browser Helper]
  {00000AAA-A363-466E-BEF5-9BB68697AA7F} <E:\Thunder Network\WebThunder\WebThunderBHO_015.dll, Thunder Networking Technologies,LTD>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <D:\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, N/A>
[CLDown Object]
  {0BECAB3A-E1F8-45E6-8332-38DD750EBA01} <E:\Tuotu\TuoTuHelper.dll, N/A>
[IeCatch5 Class]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <E:\FlashGet\jccatch.dll, N/A>
[雅虎助手]
  {406F94F0-504F-4A40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, N/A>
[金山快译(&K)]
  {6C3797D2-3FEF-4CD4-B654-D3AE55B4128C} <D:\Kingsoft\FastAIT 2006\IEBand.dll, 金山软件股份有限公司>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <e:\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll, N/A>
[CnsHook Class]
  {D157330A-9EF3-49F8-9A67-4141AC41ADD4} <C:\WINDOWS\DOWNLO~1\CnsHook.dll, 北京三七二一科技有限公司>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <E:\FlashGet\fgiebar.dll, Amaze Soft>
[bho Class]
  {ED8DFC5C-10EF-45AB-9DC2-0639AFF5A270} <C:\PROGRA~1\COMMON~1\Wnwb\wnwbio.dll, 深圳世强软件开发部>
[gFlash Class]
  {F156768E-81EF-470C-9057-481BA8380DBA} <E:\FlashGet\getflash.dll, N/A>
[&Download by NetAnts]
  <E:\NetAnts\NAGet.htm, N/A>
[Add to QQ Emoticons]
  <E:\Tencent\SanookQQ\AddEmotion.htm, N/A>
[Download &All by NetAnts]
  <E:\NetAnts\NAGetAll.htm, N/A>
[E&xport to Microsoft Excel]
  <res://D:\MICROS~1\Office12\EXCEL.EXE/3000, N/A>
[上传到QQ网络硬盘]
  <E:\Tencent\QQ\AddToNetDisk.htm, N/A>
[使用Web迅雷下载]
  <E:\Thunder Network\WebThunder\GetUrl.htm, N/A>
[使用Web迅雷下载全部链接]
  <E:\Thunder Network\WebThunder\GetAllUrl.htm, N/A>
[使用网际快车下载]
  <E:\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <E:\FlashGet\jc_all.htm, N/A>
[使用脱兔下载]
  <E:\Tuotu\TT_one.htm, N/A>
[使用脱兔下载全部链接]
  <E:\Tuotu\TT_all.htm, N/A>
[使用超级解霸播放]
  <d:\Herosoft\Hero 9\MPURLGET.HTM, N/A>
[使用迅雷下载]
  <e:\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[使用迅雷下载全部链接]
  <e:\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[添加到QQ自定义面板]
  <E:\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <E:\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <E:\Tencent\QQ\SendMMS.htm, N/A>
[雅虎搜索]
  <res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll/246, N/A>

==================================
正在运行的进程
[PID: 664][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 724][\??\C:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 748][\??\C:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 792][C:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 804][C:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 972][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1040][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1128][C:\Program Files\Rising\Rav\CCenter.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
[PID: 1144][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [c:\windows\system32\jetspeed.dll]  <><1, 0, 0, 1>
[PID: 1280][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1416][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1440][C:\Program Files\Rising\Rav\Ravmond.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 1, 35>
    [C:\Program Files\Rising\Rav\BWList.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
    [C:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [C:\Program Files\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\Program Files\Rising\Rav\RsLog.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 20>
    [C:\Program Files\Rising\Rav\HOOKSYS.dll]  <Beijing Rising Technology Co., Ltd.><18, 1, 0, 11>
    [C:\Program Files\Rising\Rav\Scanner.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 32>
    [C:\Program Files\Rising\Rav\libload.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [C:\Program Files\Rising\Rav\VirusLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 12>
    [C:\Program Files\Rising\Rav\regmon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
    [C:\Program Files\Rising\Rav\HookWeb.dll]  <rising><18, 0, 0, 2>
    [C:\Program Files\Rising\Rav\MemMon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [C:\Program Files\Rising\Rav\expscan.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\Program Files\Rising\Rav\mPorts.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 3>
    [C:\Program Files\Rising\Rav\MailMon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [C:\Program Files\Rising\Rav\SpamEng.dll]  <N/A><18, 0, 0, 6>
    [C:\Program Files\Rising\Rav\engine.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 34>
    [C:\Program Files\Rising\Rav\PostTrt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 17>
    [C:\Program Files\Rising\Rav\UnExe.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [C:\Program Files\Rising\Rav\ScanExec.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 15>
    [C:\Program Files\Rising\Rav\ScanEx.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 30>
    [C:\Program Files\Rising\Rav\RSUnpack.dll]  <Beijing Rising Technology Co., Ltd.><1, 0, 0, 18>
    [C:\Program Files\Rising\Rav\NvFile.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 7>
    [C:\Program Files\Rising\Rav\ScanMac.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [C:\Program Files\Rising\Rav\ScanSct.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
    [C:\Program Files\Rising\Rav\Unpacker.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [C:\Program Files\Rising\Rav\ScanNet.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [C:\Program Files\Rising\Rav\ExtOLE.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
[PID: 1536][c:\program files\rising\rfw\rfwsrv.exe]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 33>
    [c:\program files\rising\rfw\RfwRule.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 13>
    [c:\program files\rising\rfw\rfwlog.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 6>
    [c:\program files\rising\rfw\Rfwdrv.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 21>
    [c:\program files\rising\rfw\MonDrv.dll]  <rs><1, 0, 0, 4>
    [c:\program files\rising\rfw\ProcLib.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 9>
[PID: 1740][C:\WINDOWS\Explorer.EXE]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\AcSignIcon.dll]  <Autodesk><17.0.54.0>
    [C:\WINDOWS\DOWNLO~1\CnsHook.dll]  <北京三七二一科技有限公司><1, 0, 4, 2>
    [C:\WINDOWS\system32\RavExt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 9>
    [C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll]  <Autodesk><17.0.116.0>
    [C:\WINDOWS\system32\stdstub.dll]  <MS Stdup><1, 0, 0, 4>
    [C:\WINDOWS\system32\stdplay.dll]  < ><1, 0, 0, 5>
    [D:\Nero 7\Nero BackItUp\NBShell.dll]  <Nero AG><2, 6, 5, 0>
    [C:\PROGRA~1\WINZIP\WZSHLSTB.DLL]  <WinZip Computing LP><4.1 (32-bit)>
    [C:\Program Files\WinRAR\rarext.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\mp3infp.dll]  <win32lab.com><2.53.26.0>
    [D:\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  <Adobe Systems, Inc.><7.0.0.0>
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[PID: 1828][C:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)>
    [C:\WINDOWS\system32\EBPMON2.DLL]  <SEIKO EPSON CORPORATION><2, 16, 0, 0>
[PID: 1916][C:\WINDOWS\system32\Rundll32.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 9>
    [C:\WINDOWS\system32\stdstub.dll]  <MS Stdup><1, 0, 0, 4>
    [C:\WINDOWS\system32\stdplay.dll]  < ><1, 0, 0, 5>
[PID: 2020][C:\Program Files\Rising\Rav\RavStub.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 16>
    [C:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[PID: 260][c:\program files\rising\rfw\RfwMain.exe]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 52>
    [c:\program files\rising\rfw\RsGuiLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 23>
    [c:\program files\rising\rfw\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [c:\program files\rising\rfw\PngDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 9>
    [C:\WINDOWS\system32\stdstub.dll]  <MS Stdup><1, 0, 0, 4>
    [C:\WINDOWS\system32\stdplay.dll]  < ><1, 0, 0, 5>
[PID: 356][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 372][C:\WINDOWS\system32\drivers\CDAC11BA.EXE]  <Macrovision><4.20.030>
[PID: 464][C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE]  <C-Dilla Ltd><3.27.000>
[PID: 484][C:\WINDOWS\system32\crypserv.exe]  <Kenonic Controls Ltd.><5.4.0>
[PID: 528][C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe]  <SEIKO EPSON CORPORATION><2, 1, 0, 0>
    [C:\WINDOWS\system32\EBAPI2.DLL]  <SEIKO EPSON CORPORATION><1, 3, 0, 0>
    [C:\Program Files\Common Files\EPSON\EBAPI\EBPLPT.DLL]  <SEIKO EPSON CORPORATION><2, 16, 0, 0>
[PID: 588][D:\Nero 7\InCD\InCDsrv.exe]  <Nero AG><5, 5, 0, 5>
    [C:\Program Files\Common Files\Ahead\Lib\AdvrCntr2.dll]  <Nero AG><5,2,1, 8200>
    [C:\Program Files\Common Files\Ahead\Lib\DriveLocker.dll]  <Nero AG><1, 0, 0, 18>
    [D:\Nero 7\InCD\incdshx.dll]  <Nero AG><5, 5, 0, 5>
[PID: 700][E:\Alcohol 120\StarWind\StarWindService.exe]  <Rocket Division Software><2.6.1 Build 0x20050401>
[PID: 988][C:\WINDOWS\system32\rundll32.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\stdupnet.dll]  < ><4, 1, 0, 3>
    [C:\WINDOWS\system32\albus.dll]  <Albus><1, 0, 0, 3>
    [C:\WINDOWS\system32\stdstub.dll]  <MS Stdup><1, 0, 0, 4>
    [C:\WINDOWS\system32\stdplay.dll]  < ><1, 0, 0, 5>
    [C:\WINDOWS\system32\stdvote.dll]  < ><1, 0, 0, 5>
[PID: 1076][C:\WINDOWS\System32\rundll32.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\TEMP\jtemp\comare.dll]  <N/A><N/A>
[PID: 2168][C:\WINDOWS\System32\alg.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 2476][C:\Program Files\Rising\Rav\RavTask.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 22>
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [C:\Program Files\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [C:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 9>
    [C:\WINDOWS\system32\stdstub.dll]  <MS Stdup><1, 0, 0, 4>
    [C:\WINDOWS\system32\stdplay.dll]  < ><1, 0, 0, 5>

[PID: 2572][C:\Program Files\Rising\Rav\Ravmon.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 1, 33>
    [C:\Program Files\Rising\Rav\RsGuiLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 26>
    [C:\Program Files\Rising\Rav\BWList.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [C:\Program Files\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [C:\Program Files\Rising\Rav\PngDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 9>
    [C:\WINDOWS\system32\stdstub.dll]  <MS Stdup><1, 0, 0, 4>
    [C:\WINDOWS\system32\stdplay.dll]  < ><1, 0, 0, 5>
[PID: 2740][C:\WINDOWS\system32\ctfmon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 9>
    [C:\WINDOWS\system32\stdstub.dll]  <MS Stdup><1, 0, 0, 4>
    [C:\WINDOWS\system32\stdplay.dll]  < ><1, 0, 0, 5>
[PID: 2912][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 3500][E:\Tencent\TT\TTraveler.exe]  <腾讯公司><3.1.0.261>
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 9>
    [C:\WINDOWS\system32\stdstub.dll]  <MS Stdup><1, 0, 0, 4>
    [C:\WINDOWS\system32\stdplay.dll]  < ><1, 0, 0, 5>
    [C:\WINDOWS\system32\AcSignIcon.dll]  <Autodesk><17.0.54.0>
    [C:\WINDOWS\DOWNLO~1\CnsHook.dll]  <北京三七二一科技有限公司><1, 0, 4, 2>
    [E:\Tencent\TT\Plugins\QQFloatBar\QQFloatBar4TT2.dll]  <腾讯公司><1, 1, 0, 5>
    [E:\Tencent\TT\Plugins\TWeather\TWeather.dll]  <><1, 0, 0, 3>
    [E:\Tencent\TT\PersonalDesktop.dll]  <深圳市腾讯计算机系统公司QQ工作小组><1, 0, 0, 4>
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  <Adobe Systems, Inc.><9,0,16,0>
[PID: 576][E:\Tencent\QQ\QQ.exe]  <TENCENT><0, 0, 0, 0>
    [E:\Tencent\QQ\QQBaseClassInDll.dll]  <><1, 0, 0, 1>
    [E:\Tencent\QQ\QQHelperDll.dll]  <><1, 0, 0, 1>
    [E:\Tencent\QQ\BasicCtrlDll.dll]  <Tencent><5, 0, 200, 14>
    [E:\Tencent\QQ\RunJin.dll]  <飘云 http://www.pyqq.cn><飘云>
    [E:\Tencent\QQ\ipsearcher.dll]  <><1.0.0.3>
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 9>
    [C:\WINDOWS\system32\stdstub.dll]  <MS Stdup><1, 0, 0, 4>
    [C:\WINDOWS\system32\stdplay.dll]  < ><1, 0, 0, 5>
    [E:\Tencent\QQ\QQAPI.dll]  <><1, 0, 0, 1>
    [E:\Tencent\SanookQQ\TIMProxy.dll]  <tencent><2.05>
    [E:\Tencent\QQ\LoginCtrl.dll]  <><1, 0, 0, 1>
    [E:\Tencent\QQ\npkcntc.dll]  <INCA Internet Co., Ltd.><2005, 9, 1, 1>
    [E:\Tencent\QQ\npkpdb.dll]  <INCA Internet Co., Ltd.><2003, 10, 1, 1>
    [E:\Tencent\QQ\QQRes.dll]  <tencent><1, 0, 0, 1>
    [E:\Tencent\QQ\QQMainFrame.dll]  <N/A><N/A>
    [E:\Tencent\QQ\CQQApplication.dll]  <N/A><N/A>
    [E:\Tencent\QQ\NewSkin.dll]  <><1, 0, 0, 1>
    [E:\Tencent\QQ\HostingMgr.dll]  <><1, 0, 0, 1>
    [E:\Tencent\QQ\CameraDll.dll]  <><1, 0, 0, 1>
    [E:\Tencent\QQ\MailSummary.dll]  <><1, 0, 0, 1>
    [E:\Tencent\QQ\QQSpace.dll]  <><1, 0, 0, 1>
    [E:\Tencent\QQ\QQConfigPlugin.dll]  <><1, 0, 0, 1>
    [C:\WINDOWS\system32\msdmo.dll]  <N/A><N/A>
    [E:\Tencent\QQ\QQAllInOne.dll]  <N/A><N/A>
    [E:\Tencent\QQ\SCCore.dll]  <N/A><N/A>
    [E:\Tencent\QQ\QQAvatar.dll]  <N/A><N/A>
    [E:\Tencent\QQ\FlashAvatarDll.dll]  <><1, 4, 0, 1>
    [E:\Tencent\QQ\QQPlugin.dll]  <N/A><N/A>
    [C:\WINDOWS\DOWNLO~1\CnsHook.dll]  <北京三七二一科技有限公司><1, 0, 4, 2>
    [C:\WINDOWS\system32\RavExt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
    [E:\Tencent\QQ\CommercesMng.dll]  <><1, 0, 0, 1>
    [E:\Tencent\QQ\PersonalDesktop.dll]  <深圳市腾讯计算机系统公司QQ工作小组><1, 0, 0, 2>
    [E:\Tencent\QQ\QQAddr.dll]  <深圳市腾讯计算机系统有限公司><5, 0, 101, 141>
[PID: 3172][C:\PROGRA~1\WINZIP\winzip32.exe]  <WinZip Computing LP><21.0 (32-bit)>
    [C:\PROGRA~1\WINZIP\wzeay32.dll]  <WinZip Computing LP><0.9.7g (32-bit)>
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 9>
    [C:\WINDOWS\system32\stdstub.dll]  <MS Stdup><1, 0, 0, 4>
    [C:\WINDOWS\system32\stdplay.dll]  < ><1, 0, 0, 5>
    [C:\PROGRA~1\WINZIP\WZCKTREE.DLL]  <WinZip Computing LP><1.1 (32-bit)>
    [C:\PROGRA~1\WINZIP\WZVINFO.DLL]  <WinZip Computing LP><1.1 (32-bit)>
    [C:\PROGRA~1\WINZIP\WZCAB3.DLL]  <WinZip Computing LP><3.1 (32-bit)>
    [C:\PROGRA~1\WINZIP\wz32.dll]  <WinZip Computing LP><21.0 (32-bit)>
    [C:\WINDOWS\system32\AcSignIcon.dll]  <Autodesk><17.0.54.0>
    [C:\WINDOWS\DOWNLO~1\CnsHook.dll]  <北京三七二一科技有限公司><1, 0, 4, 2>
    [C:\WINDOWS\system32\RavExt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
[PID: 3208][C:\Documents and Settings\Administrator\Local Settings\Temp\wz5ce0\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 9>
    [C:\WINDOWS\system32\stdstub.dll]  <MS Stdup><1, 0, 0, 4>
    [C:\WINDOWS\system32\stdplay.dll]  < ><1, 0, 0, 5>
[PID: 2160][C:\Program Files\Rising\Rav\ravhdbak.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 9>
    [C:\WINDOWS\system32\stdstub.dll]  <MS Stdup><1, 0, 0, 4>
    [C:\WINDOWS\system32\stdplay.dll]  < ><1, 0, 0, 5>
    [C:\Program Files\Rising\Rav\HDBACKUP.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 1>
    [C:\Program Files\Rising\Rav\Zip.dll]  <rising><13, 0, 0, 1>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================

照做了，IE还是一样会弹出来?

已经删除：
C:\WINDOWS\system32\stdupnet.dll
C:\WINDOWS\system32\stdstub.dll
[C:\WINDOWS\system32\stdplay.dll
但：
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
应该为Autocad(Autodesk公司产品）2002的windows补丁服务
所以没删


但现在又出现了新的问题：主页被改为www.feixue.net，改不回来了，传上最新报告，请高手帮忙解决，谢谢！

修改主IE主页的问题已经用Windows清理助手解决了，谢谢！
现在还有一个问题，我是用路由器上网的（还有几台电脑），但经常没法正常上传，QQ经常登录不上，但重启中由器后就能上了，但一段时间后又不行了，请高手解答，谢谢！