电脑的速度已经很让人受不了，求助！【求助】 bbs.ikaka.com

松风柔月 - 2006-4-7 10:36:00

2006-04-07,10:30:59

System Repair Engineer 2.0.12.350 (2.0 RC 1)
Windows XP Professional Service Pack 2, v.2622 - 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<CalSprite><D:\calsprite_all\CalSprite\CalSprite.exe>
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<STYLEXP><C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide>
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><>
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<run><>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<RfwMain><"c:\program files\rising\rfw\rfwmain.exe" -startup>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<thunder_mini><D:\ThunderMini\ThunderMini.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<Userinit><C:\WINDOWS\system32\userinit.exe,>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><>

==================================
启动文件夹
服务
[.Net Boot Service / .Net Boot Service]
<><N/A>
[BlueSoleil Hid Service / BlueSoleil Hid Service]
<e:\IVT Corporation\BlueSoleil\BTNtService.exe><N/A>
[Crypkey License / Crypkey License]
<crypserv.exe><Kenonic Controls Ltd.>
[ewido security suite control / ewido security suite control]
<d:\security suite1\ewidoctrl.exe><ewido networks>
[ewido security suite guard / ewido security suite guard]
<d:\security suite1\ewidoguard.exe><N/A>
[Windows Internet/Server / Internet]
<><N/A>
[kavsvc / kavsvc]
<"e:\Kaspersky Anti-Virus Personal Pro\kavsvc.exe"><Kaspersky Lab>
[Kingsoft Personal Firewall Service / KPfwSvc]
<"C:\Documents and Settings\shanghalei\桌面\杀软\KAV2006\KPfwSvc.EXE"><N/A>
[KVSrvXP / KVSrvXP]
<E:\KV2006\KVSrvXP.exe /Service><Jiangmin Co. Ltd>
[KVWSC / KVWSC]
<"E:\KV2006\kvwsc.exe"><Jiangmin Co.Ltd>
[Local Network Service / Local Network Service]
<><N/A>
[Rising Proxy Service / RfwProxySrv]
<c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
<c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
<"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
<"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[StyleXPService / StyleXPService]
<"C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe"><>
[system32 / system32]
<C:\WINDOWS\system32.exe><N/A>
[QQFace / Universal Disk Manager]
<><N/A>
[VNN Client Service / VNNC]
<"C:\Program Files\VNN\VNN Client 3.0\VNNClientC.exe" -service><N/A>

==================================
浏览器加载项
[ThunderIEHelper Class]
{0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v14.dll, Thunder Networking Technologies,LTD>
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[NaviHelperObj Class]
{3E422F49-1566-40D3-B43D-077EF739AC32} <C:\WINDOWS\system32\NaviHelper.dll, TODO: <公司名>>
[雅虎助手]
{406F94F0-504F-4a40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, Yahoo!>
[FiltrateWebObj Class]
{42AFACEE-2A77-41EB-9EE2-D9F8AF827F90} <E:\KV2006\KVBHO_1.dll, Jiangmin Co.Ltd>
[]
{53707962-6F74-2D53-2644-206D7942484F} <E:\SPYBOT~1\SDHelper.dll, Safer Networking Limited>
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <E:\qq\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[BrowseHelper Class]
{80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9} <E:\KV2006\KvShell.dll, Jiangmin Co.Ltd>
[]
{A9930D97-9CF0-42A0-A10D-4F28836579D5} <E:\KuGoo3\KuGoo3DownXControl.ocx, N/A>
[Google Toolbar Helper]
{AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[IEHlprObj Class]
{C5E5DB7E-46B1-47E6-8447-2E517F269925} <e:\Xplus\GETIE.dll, >
[FlashFXP Helper for Internet Explorer]
{E5A1691B-D188-4419-AD02-90002030B8EE} <C:\PROGRA~1\FlashFXP\IEFlash.dll, IniCom Networks, Inc.>
[DragSearch BHO]
{EF1D17A9-089F-40cc-8D64-7324CDEBA0DB} <C:\PROGRA~1\YiSou\yisoub.dll, >
[好看123上网精灵]
{FEDF637B-F631-4583-A210-33CC828D42DB} <D:\MagicSet\HaokanBar.dll, 超级兔子>
[免费精彩视频超流畅在线观看]
{022C4009-5283-4365-97BF-144054B40E2E} <http://itv.mop.com, N/A>
[豪杰超级解霸9]
{367E0A21-8601-4986-9C9A-153BF5ACA118} <e:\Hero 9\STHSDVD.EXE, Herosoft>
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} <E:\qq\QQ.EXE, TENCENT>
[QQIEFloatBarCfgCmd Class]
{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <E:\qq\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[FlashGet Bar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[BitCometBar]
{3F1ABCDB-A875-46c1-8345-B72A4567E486} <D:\BitComet\BitCometBar\BitCometBar0.2.dll, N/A>
[江民杀毒工具栏]
{B5A34A93-D538-43A7-8371-864CB6148D12} <E:\KV2006\KvShell.dll, Jiangmin Co.Ltd>
[CyberArticle Express]
{769A6A36-ED24-4376-BC7C-80225BF35698} <C:\Program Files\CyberArticle\CAExp.dll, Wizissoft>
[好看123上网精灵]
{FEDF637B-F631-4583-A210-33CC828D42DB} <D:\MagicSet\HaokanBar.dll, 超级兔子>
[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[&Google]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[一搜工具条]
{115F6E46-FCBC-41ed-B3B5-3BDDD4AAB5E5} <C:\Program Files\YiSou\yisou.dll, 3721>
[雅虎助手]
{406F94F0-504F-4a40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, Yahoo!>
[Microsoft Office Template and Media Control]
{02BCC737-B171-4746-94C9-0D8A0B2C0089} <C:\WINDOWS\Downloaded Program Files\IEAWSDC.DLL, N/A>
[pcastup Class]
{87CCFDB0-C4BE-4BC2-A78C-9EAA7CF96667} <C:\WINDOWS\Downloaded Program Files\vodupdate.dll, >
[Java Plug-in 1.5.0_01]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.5.0_01]
{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll, Sun Microsystems, Inc.>
[IEDown Class]
{D0A29C6C-AA71-4423-8C4A-5998B774C448} <C:\WINDOWS\system32\GLIEDown2.dll, 联众公司>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8.ocx, Macromedia, Inc.>
[pCastPanel Class]
{FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} <C:\Program Files\pcast\PodcastbarMini\pcastctl.dll, N/A>
[ThunderIEHelper Class]
{0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v14.dll, Thunder Networking Technologies,LTD>
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Web Browser Applet Control]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\system32\msjava.dll, Microsoft Corporation>
[一搜工具条]
{115F6E46-FCBC-41ED-B3B5-3BDDD4AAB5E5} <C:\Program Files\YiSou\yisou.dll, 3721>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[&Google]
{2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[NaviHelperObj Class]
{3E422F49-1566-40D3-B43D-077EF739AC32} <C:\WINDOWS\system32\NaviHelper.dll, TODO: <公司名>>
[BitCometBar]
{3F1ABCDB-A875-46C1-8345-B72A4567E486} <D:\BitComet\BitCometBar\BitCometBar0.2.dll, N/A>
[雅虎助手]
{406F94F0-504F-4A40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, Yahoo!>
[FiltrateWebObj Class]
{42AFACEE-2A77-41EB-9EE2-D9F8AF827F90} <E:\KV2006\KVBHO_1.dll, Jiangmin Co.Ltd>
[]
{53707962-6F74-2D53-2644-206D7942484F} <E:\SPYBOT~1\SDHelper.dll, Safer Networking Limited>
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <E:\qq\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Shell Name Space]
{55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\SHDOCVW.DLL, N/A>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Active Desktop Mover]
{72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\shell32.dll, N/A>
[CyberArticle Express]
{769A6A36-ED24-4376-BC7C-80225BF35698} <C:\Program Files\CyberArticle\CAExp.dll, Wizissoft>
[BrowseHelper Class]
{80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9} <E:\KV2006\KvShell.dll, Jiangmin Co.Ltd>
[Microsoft Web 浏览器]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\SHDOCVW.DLL, Microsoft Corporation>
[]
{A9930D97-9CF0-42A0-A10D-4F28836579D5} <E:\KuGoo3\KuGoo3DownXControl.ocx, N/A>
[Google Toolbar Helper]
{AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[Microsoft Scriptlet Component]
{AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[江民杀毒工具栏]
{B5A34A93-D538-43A7-8371-864CB6148D12} <E:\KV2006\KvShell.dll, Jiangmin Co.Ltd>
[IEHlprObj Class]
{C5E5DB7E-46B1-47E6-8447-2E517F269925} <e:\Xplus\GETIE.dll, >
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8.ocx, Macromedia, Inc.>
[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[FlashGet Bar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[FlashFXP Helper for Internet Explorer]
{E5A1691B-D188-4419-AD02-90002030B8EE} <C:\PROGRA~1\FlashFXP\IEFlash.dll, IniCom Networks, Inc.>
[DragSearch BHO]
{EF1D17A9-089F-40CC-8D64-7324CDEBA0DB} <C:\PROGRA~1\YiSou\yisoub.dll, >
[好看123上网精灵]
{FEDF637B-F631-4583-A210-33CC828D42DB} <D:\MagicSet\HaokanBar.dll, 超级兔子>
[!搜一搜]
<res://C:\Program Files\YiSou\yisou.dll/232, N/A>
[&使用迅雷下载]
<d:\Thunder\geturl.htm, N/A>
[&使用迅雷下载全部链接]
<d:\Thunder\getallurl.htm, N/A>
[&使用迷你迅雷下载]

松风柔月 - 2006-4-7 10:39:00

[&使用迷你迅雷下载]
<D:\ThunderMini\geturl.htm, N/A>
[d]
<c:\documents and settings\shanghalei\application data\cyberarticle\script\save_2381531.htm, N/A>
[上传到QQ网络硬盘]
<E:\qq\AddToNetDisk.htm, N/A>
[使用网际快车下载]
<C:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
<C:\Program Files\FlashGet\jc_all.htm, N/A>
[反向链接]
<res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html, N/A>
[完整网页]
<C:\Documents and Settings\shanghalei\Application Data\CyberArticle\Script\Save_2538531.htm, N/A>
[添加到QQ自定义面板]
<E:\qq\AddPanel.htm, N/A>
[添加到QQ表情]
<E:\qq\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
<E:\qq\SendMMS.htm, N/A>
[用比特精灵下载(&B)]
<D:\BitSpirit\bsurl.htm, N/A>
[类似网页]
<res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html, N/A>
[缓存的网页快照]
<res://c:\program files\google\GoogleToolbar1.dll/cmcache.html, N/A>
[翻译英文字词(&T)]
<res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html, N/A>
[雅虎搜索]
<res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll/246, N/A>

==================================
正在运行的进程
[PID: 772][\SystemRoot\System32\smss.exe] <Microsoft Corporation><5.1.2600.2149 (xpsp_sp2_rc2.040610-1520)>
[PID: 852][\??\C:\WINDOWS\system32\csrss.exe] <Microsoft Corporation><5.1.2600.2149 (xpsp_sp2_rc2.040610-1520)>
[PID: 880][\??\C:\WINDOWS\system32\winlogon.exe] <Microsoft Corporation><5.1.2600.2149 (xpsp_sp2_rc2.040610-1520)>
[C:\WINDOWS\system32\FREEWB.IME] <Delphi Fan Studio><5.0>
[PID: 924][C:\WINDOWS\system32\services.exe] <Microsoft Corporation><5.1.2600.2149 (xpsp_sp2_rc2.040610-1520)>
[PID: 936][C:\WINDOWS\system32\lsass.exe] <Microsoft Corporation><5.1.2600.2149 (xpsp_sp2_rc2.040610-1520)>
[PID: 1100][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2149 (xpsp_sp2_rc2.040610-1520)>
[PID: 1152][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2149 (xpsp_sp2_rc2.040610-1520)>
[E:\KV2006\KVSock_4.dll] <Jiangmin Co. Ltd.><1, 2, 6, 2150>
[C:\WINDOWS\system32\cdnns.dll] <CNNIC><2, 0, 0, 0>
[PID: 1304][C:\Program Files\Rising\Rav\CCenter.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
[PID: 1320][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.2149 (xpsp_sp2_rc2.040610-1520)>
[E:\KV2006\KVSock_4.dll] <Jiangmin Co. Ltd.><1, 2, 6, 2150>
[PID: 1512][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2149 (xpsp_sp2_rc2.040610-1520)>
[PID: 1536][C:\Program Files\Rising\Rav\Ravmond.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 1, 16>
[C:\Program Files\Rising\Rav\BWList.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 16>
[C:\Program Files\Rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1>
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
[C:\Program Files\Rising\Rav\CfgDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[C:\Program Files\Rising\Rav\RsLog.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 18>
[C:\Program Files\Rising\Rav\HOOKSYS.dll] <Rising><18, 1, 0, 9>
[C:\Program Files\Rising\Rav\Scanner.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 28>
[C:\Program Files\Rising\Rav\libload.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
[C:\Program Files\Rising\Rav\VirusLib.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
[C:\Program Files\Rising\Rav\regmon.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
[C:\Program Files\Rising\Rav\HookWeb.dll] <rising><18, 0, 0, 1>
[C:\Program Files\Rising\Rav\MemMon.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 8>
[C:\Program Files\Rising\Rav\expscan.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[C:\Program Files\Rising\Rav\mPorts.dll] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 3>
[C:\Program Files\Rising\Rav\MailMon.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[C:\Program Files\Rising\Rav\SpamEng.dll] <N/A><18, 0, 0, 6>
[C:\Program Files\Rising\Rav\engine.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 26>
[E:\KV2006\KVSock_4.dll] <Jiangmin Co. Ltd.><1, 2, 6, 2150>
[C:\Program Files\Rising\Rav\PostTrt.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[C:\Program Files\Rising\Rav\UnExe.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 9>
[C:\Program Files\Rising\Rav\ScanExec.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
[C:\Program Files\Rising\Rav\ScanEx.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
[C:\Program Files\Rising\Rav\NvFile.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 7>
[C:\Program Files\Rising\Rav\ScanMac.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 7>
[C:\Program Files\Rising\Rav\ScanSct.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 13>
[C:\Program Files\Rising\Rav\Unpacker.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
[C:\Program Files\Rising\Rav\ExtOLE.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[C:\Program Files\Rising\Rav\ScanNet.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[PID: 1604][c:\program files\rising\rfw\rfwsrv.exe] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 30>
[c:\program files\rising\rfw\RfwRule.dll] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 12>
[c:\program files\rising\rfw\rfwlog.dll] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 6>
[c:\program files\rising\rfw\Rfwdrv.dll] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 21>
[c:\program files\rising\rfw\MonDrv.dll] <rs><1, 0, 0, 4>
[c:\program files\rising\rfw\ProcLib.dll] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 9>
[PID: 200][e:\IVT Corporation\BlueSoleil\BTNtService.exe] <N/A><N/A>
[PID: 332][C:\WINDOWS\system32\wdfmgr.exe] <Microsoft Corporation><5.2.3790.1230 built by: DNSRV(bld4act)>
[PID: 696][C:\WINDOWS\System32\alg.exe] <Microsoft Corporation><5.1.2600.2149 (xpsp_sp2_rc2.040610-1520)>
[E:\KV2006\KVSock_4.dll] <Jiangmin Co. Ltd.><1, 2, 6, 2150>

松风柔月 - 2006-4-7 10:39:00

[PID: 576][e:\象棋世家\601014.exe] <1000 Oaks><1, 0, 0, 0>
[PID: 1480][C:\WINDOWS\Explorer.EXE] <Microsoft Corporation><6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)>
[C:\WINDOWS\system32\FREEWB.IME] <Delphi Fan Studio><5.0>
[C:\WINDOWS\system32\mp3infp.dll] <win32lab.com><2.50.5.0>
[E:\KV2006\KvShell.dll] <Jiangmin Co.Ltd><9, 0, 5, 830>
[E:\KV2006\UpdateX.dll] <JiangMin Co.Ltd.><9, 0, 5, 913>
[E:\KV2006\lang\Kvxp0804.lng] <N/A><N/A>
[E:\KV2006\APIImpl.dll] <JiangMin Ltd.><9.0.0.500>
[C:\WINDOWS\system32\xunleibho_v14.dll] <Thunder Networking Technologies,LTD><4, 6, 0, 62>
[C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll] <Adobe Systems Incorporated><6.0.0.2003051500>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll] <Yahoo!><2, 0, 3, 1023>
[E:\KV2006\KVBHO_1.dll] <Jiangmin Co.Ltd><9.0.6.0113>
[E:\KV2006\KVAddrDb.dll] <Jiangmin Co.Ltd><9, 0, 0, 1018>
[d:\security suite1\shellhook.dll] <N/A><N/A>
[PID: 432][C:\Program Files\Rising\Rav\RavTask.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 22>
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
[C:\Program Files\Rising\Rav\CfgDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
[C:\Program Files\Rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1>
[C:\WINDOWS\system32\FREEWB.IME] <Delphi Fan Studio><5.0>
[PID: 1956][C:\Program Files\Rising\Rav\Ravmon.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 1, 16>
[C:\Program Files\Rising\Rav\RsGuiLib.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 23>
[C:\Program Files\Rising\Rav\BWList.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 16>
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
[C:\Program Files\Rising\Rav\CfgDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[C:\Program Files\Rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1>
[C:\Program Files\Rising\Rav\PngDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[C:\WINDOWS\system32\FREEWB.IME] <Delphi Fan Studio><5.0>
[PID: 536][c:\program files\rising\rfw\RfwMain.exe] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 48>
[c:\program files\rising\rfw\RsGuiLib.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 23>
[c:\program files\rising\rfw\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[c:\program files\rising\rfw\PngDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[C:\WINDOWS\system32\FREEWB.IME] <Delphi Fan Studio><5.0>
[PID: 1084][D:\ThunderMini\ThunderMini.exe] <Thunder Network Technologies Inc.><1, 2, 1, 9>
[D:\ThunderMini\boost_thread-vc6-mt-1_31.dll] <N/A><N/A>
[E:\KV2006\KVSock_4.dll] <Jiangmin Co. Ltd.><1, 2, 6, 2150>
[C:\WINDOWS\system32\FREEWB.IME] <Delphi Fan Studio><5.0>
[C:\WINDOWS\system32\cdnns.dll] <CNNIC><2, 0, 0, 0>
[PID: 524][C:\WINDOWS\system32\ctfmon.exe] <Microsoft Corporation><5.1.2600.2149 (xpsp_sp2_rc2.040610-1520)>
[C:\WINDOWS\system32\FREEWB.IME] <Delphi Fan Studio><5.0>
[PID: 1248][D:\calsprite_all\CalSprite\CalSprite.exe] <SnowFox Studio.><1.5.4.54>
[C:\WINDOWS\system32\FREEWB.IME] <Delphi Fan Studio><5.0>
[E:\KV2006\KVSock_4.dll] <Jiangmin Co. Ltd.><1, 2, 6, 2150>
[C:\WINDOWS\system32\cdnns.dll] <CNNIC><2, 0, 0, 0>
[PID: 1040][C:\Program Files\Rising\Rav\Rav.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 50>
[C:\Program Files\Rising\Rav\PlugIn\RsPgScan.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 13>
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
[C:\Program Files\Rising\Rav\CfgDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
[C:\Program Files\Rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1>
[C:\Program Files\Rising\Rav\RavUI.Dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 53>
[C:\Program Files\Rising\Rav\RsGuiLib.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 23>
[C:\Program Files\Rising\Rav\PngDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[C:\WINDOWS\system32\FREEWB.IME] <Delphi Fan Studio><5.0>
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[C:\Program Files\Rising\Rav\Scanner.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 28>
[C:\Program Files\Rising\Rav\BWList.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 16>
[C:\Program Files\Rising\Rav\RavUIMsg.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 23>
[PID: 3788][C:\Program Files\Internet Explorer\iexplore.exe] <Microsoft Corporation><6.00.2900.2149 (xpsp_sp2_rc2.040610-1520)>
[C:\WINDOWS\system32\FREEWB.IME] <Delphi Fan Studio><5.0>
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll] <Yahoo!><2, 0, 3, 1023>
[C:\WINDOWS\system32\xunleibho_v14.dll] <Thunder Networking Technologies,LTD><4, 6, 0, 62>
[C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll] <Adobe Systems Incorporated><6.0.0.2003051500>
[E:\KV2006\KVBHO_1.dll] <Jiangmin Co.Ltd><9.0.6.0113>
[E:\KV2006\KVAddrDb.dll] <Jiangmin Co.Ltd><9, 0, 0, 1018>
[E:\KV2006\KvShell.dll] <Jiangmin Co.Ltd><9, 0, 5, 830>
[E:\KV2006\UpdateX.dll] <JiangMin Co.Ltd.><9, 0, 5, 913>
[E:\KV2006\lang\Kvxp0804.lng] <N/A><N/A>
[E:\KV2006\APIImpl.dll] <JiangMin Ltd.><9.0.0.500>
[E:\KV2006\KVSock_4.dll] <Jiangmin Co. Ltd.><1, 2, 6, 2150>
[C:\WINDOWS\system32\cdnns.dll] <CNNIC><2, 0, 0, 0>
[C:\WINDOWS\system32\Macromed\Flash\Flash8.ocx] <Macromedia, Inc.><8,0,22,0>
[e:\Kaspersky Anti-Virus Personal Pro\scrchpg.dll] <Kaspersky Lab><5.0.1.18>
[e:\Kaspersky Anti-Virus Personal Pro\scrch_ag.dll] <Kaspersky Lab><5.0.388.1>
[e:\Kaspersky Anti-Virus Personal Pro\FSSync.dll] <Kaspersky Lab><5.0.388.0>
[e:\Kaspersky Anti-Virus Personal Pro\pr_rmt.dll] <Kaspersky Lab><5.0.388.0>
[e:\Kaspersky Anti-Virus Personal Pro\ccclient.dll] <Kaspersky Lab><5.0.388.1>
[e:\Kaspersky Anti-Virus Personal Pro\klipc.dll] <Kaspersky Lab><5.0.388.0>
[e:\Kaspersky Anti-Virus Personal Pro\KLUtil.dll] <Kaspersky Lab><5.0.388.1>
[e:\Kaspersky Anti-Virus Personal Pro\rpt.dll] <Kaspersky Lab><5.0.388.2>
[e:\Kaspersky Anti-Virus Personal Pro\CCIFACE.dll] <Kaspersky Lab><5.0.388.1>
[e:\Kaspersky Anti-Virus Personal Pro\prloader.dll] <Kaspersky Lab><5.0.388.0>
[e:\Kaspersky Anti-Virus Personal Pro\prkernel.ppl] <Kaspersky Lab><5.0.388.0>
[e:\kaspersky anti-virus personal pro\prstring.ppl] <Kaspersky Lab><5.0.388.0>
[e:\kaspersky anti-virus personal pro\pr_srv.ppl] <Kaspersky Lab><5.0.388.0>
[e:\kaspersky anti-virus personal pro\pr_clnt.ppl] <Kaspersky Lab><5.0.388.0>
[PID: 1936][C:\Documents and Settings\shanghalei\桌面\点我\系统优化\SREng.exe] <Smallfrogs Studio><2.0.12.350>
[C:\WINDOWS\system32\FREEWB.IME] <Delphi Fan Studio><5.0>
[E:\KV2006\KVSock_4.dll] <Jiangmin Co. Ltd.><1, 2, 6, 2150>
[C:\WINDOWS\system32\cdnns.dll] <CNNIC><2, 0, 0, 0>

==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
Jiangmin-MSAFD Tcpip [TCP/IP]
E:\KV2006\KVSock_4.dll(Jiangmin Co. Ltd., A winsock layer)
Jiangmin-MSAFD Tcpip [UDP/IP]
E:\KV2006\KVSock_4.dll(Jiangmin Co. Ltd., A winsock layer)
Jiangmin-RSVP UDP Service Provider
E:\KV2006\KVSock_4.dll(Jiangmin Co. Ltd., A winsock layer)
Jiangmin-RSVP TCP Service Provider
E:\KV2006\KVSock_4.dll(Jiangmin Co. Ltd., A winsock layer)
Jiangmin_Filter
E:\KV2006\KVSock_4.dll(Jiangmin Co. Ltd., A winsock layer)

松风柔月 - 2006-4-7 10:40:00

迫不得已麻烦大家，希望获得帮助

轩辕小聪 - 2006-4-7 13:32:00

[system32 / system32]
<C:\WINDOWS\system32.exe><N/A>
这个应该是灰鸽子，参考http://forum.ikaka.com/topic.asp?board=28&artid=7713905
比起灰鸽子，另一个问题更让我吃惊。瑞星，卡巴斯基，江民，ewido都存在于楼主的机子中，而且同时运行，必然造成冲突，反而会降低安全性，这样的系统，不慢才怪呢！！

南宫古竑 - 2006-4-7 14:51:00

【回复“轩辕小聪”的帖子】cfan上有一篇解决杀软冲突的问题，即使这样装成功了多款以上的杀软，日后也会出现问题吗？

松风柔月 - 2006-4-8 16:07:00

Logfile of HijackThis v1.99.1
Scan saved at 葛海霞 16:01:13, on 2006-4-8
Platform: Windows XP SP2, v.2622 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2149)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Rising\Rav\Ravmond.exe
c:\program files\rising\rfw\rfwsrv.exe
C:\WINDOWS\Explorer.EXE
c:\program files\rising\rfw\RfwMain.exe
C:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\Rising\Rav\Ravmon.exe
e:\IVT Corporation\BlueSoleil\BTNtService.exe
D:\ThunderMini\ThunderMini.exe
C:\WINDOWS\system32\ctfmon.exe
D:\calsprite_all\CalSprite\CalSprite.exe
C:\Program Files\Internet Explorer\iexplore.exe
d:\Thunder\Thunder.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\SHANGH~1\LOCALS~1\Temp\Rar$EX00.766\HijackThis.exe

R3 - URLSearchHook: (no name) - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - (no file)
O1 - Hosts: 202.85.22.10 bbs.100free.net
O1 - Hosts: 202.85.22.10 100free.net
O1 - Hosts: 202.85.22.10 www.100free.net
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v14.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: NaviHelperObj Class - {3E422F49-1566-40D3-B43D-077EF739AC32} - C:\WINDOWS\system32\NaviHelper.dll
O2 - BHO: FiltrateWebObj Class - {42AFACEE-2A77-41EB-9EE2-D9F8AF827F90} - E:\KV2006\KVBHO_1.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\SPYBOT~1\SDHelper.dll
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - E:\qq\QQIEHelper.dll
O2 - BHO: BrowseHelper Class - {80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9} - E:\KV2006\KvShell.dll
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O2 - BHO: (no name) - {A9930D97-9CF0-42A0-A10D-4F28836579D5} - E:\KuGoo3\KuGoo3DownXControl.ocx
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O2 - BHO: 好看123上网精灵 - {FEDF637B-F631-4583-A210-33CC828D42DB} - D:\MagicSet\HaokanBar.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll
O3 - Toolbar: BitCometBar - {3F1ABCDB-A875-46c1-8345-B72A4567E486} - D:\BitComet\BitCometBar\BitCometBar0.2.dll
O3 - Toolbar: 江民杀毒工具栏 - {B5A34A93-D538-43A7-8371-864CB6148D12} - E:\KV2006\KvShell.dll
O3 - Toolbar: CyberArticle Express - {769A6A36-ED24-4376-BC7C-80225BF35698} - C:\Program Files\CyberArticle\CAExp.dll
O3 - Toolbar: 好看123上网精灵 - {FEDF637B-F631-4583-A210-33CC828D42DB} - D:\MagicSet\HaokanBar.dll
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\KakaTool.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - (no file)
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [RfwMain] "c:\program files\rising\rfw\rfwmain.exe" -startup
O4 - HKLM\..\Run: [thunder_mini] D:\ThunderMini\ThunderMini.exe
O4 - HKLM\..\Run: [WangWang] "E:\淘宝网\淘宝旺旺\WangWang.EXE"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CalSprite] D:\calsprite_all\CalSprite\CalSprite.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O8 - Extra context menu item: !搜一搜 - res://C:\Program Files\YiSou\yisou.dll/232
O8 - Extra context menu item: &使用迅雷下载 - d:\Thunder\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - d:\Thunder\getallurl.htm
O8 - Extra context menu item: &使用迷你迅雷下载 - D:\ThunderMini\geturl.htm
O8 - Extra context menu item: d - c:\documents and settings\shanghalei\application data\cyberarticle\script\save_2381531.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - E:\qq\AddToNetDisk.htm
O8 - Extra context menu item: 使用网际快车下载 - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: 反向链接 - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: 完整网页 - C:\Documents and Settings\shanghalei\Application Data\CyberArticle\Script\Save_2538531.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - E:\qq\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - E:\qq\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - E:\qq\SendMMS.htm
O8 - Extra context menu item: 用比特精灵下载(&B) - D:\BitSpirit\bsurl.htm
O8 - Extra context menu item: 类似网页 - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: 缓存的网页快照 - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: 翻译英文字词(&T) - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: 雅虎搜索 - res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll/246
O9 - Extra button: 免费精彩视频超流畅在线观看 - {022C4009-5283-4365-97BF-144054B40E2E} - http://itv.mop.com (file missing)
O9 - Extra 'Tools' menuitem: 播霸电视 - {022C4009-5283-4365-97BF-144054B40E2E} - http://itv.mop.com (file missing)
O9 - Extra button: 豪杰超级解霸9 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - e:\Hero 9\STHSDVD.EXE
O9 - Extra 'Tools' menuitem: 豪杰超级解霸9 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - e:\Hero 9\STHSDVD.EXE
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\qq\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\qq\QQ.EXE
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - E:\qq\QQIEHelper.dll
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - E:\qq\QQIEHelper.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\cdnns.dll
O10 - Unknown file in Winsock LSP: e:\kv2006\kvsock_4.dll
O10 - Unknown file in Winsock LSP: e:\kv2006\kvsock_4.dll
O10 - Unknown file in Winsock LSP: e:\kv2006\kvsock_4.dll
O10 - Unknown file in Winsock LSP: e:\kv2006\kvsock_4.dll
O10 - Unknown file in Winsock LSP: e:\kv2006\kvsock_4.dll
O16 - DPF: {87CCFDB0-C4BE-4BC2-A78C-9EAA7CF96667} (pcastup Class) - http://ps.itv.mop.com/dn/files/vodupdate_1.0.0.8_20051009.cab
O16 - DPF: {D0A29C6C-AA71-4423-8C4A-5998B774C448} (IEDown Class) - http://download.ourgame.com/IEDown4.cab
O16 - DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} (pCastPanel Class) - http://ps.itv.mop.com/dn/files/pCastCtl_1.0.0.76_20051110.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E16E3887-7FF8-410A-92BA-8866CF32BEF3}: NameServer = 218.2.135.1 61.147.37.1
O23 - Service: BlueSoleil Hid Service - Unknown owner - e:\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: kavsvc - Kaspersky Lab - e:\Kaspersky Anti-Virus Personal Pro\kavsvc.exe
O23 - Service: KVWSC - Jiangmin Co.Ltd - E:\KV2006\kvwsc.exe
O23 - Service: Rising Proxy Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: VNN Client Service (VNNC) - Unknown owner - C:\Program Files\VNN\VNN Client 3.0\VNNClientC.exe" -service (file missing)

我在安全模式下没找到system32.exe.
用hijackthis扫描了下为什么和System Repair Engineer不一样呢。
我装了瑞星和江民的正版，咔吧是盗版KEY,发现只要不是同时打开就没事的，以前速度也很快啊，
最近好慢，请高手帮帮忙，看看有什么问题吗

瑞星卡卡安全论坛