我的电脑中了Rootkit.AdProt.g这个病毒 杀不死每次开机就提示有这个 病毒 瑞星监控的内存监控被禁用 小伞是黄色!!!求救怎么办啊  !!!在线等!!!!!!!!!!!!!!!!!!!!!

请提供病毒路径
用SRENG扫描日志看看

病毒名称    处理结果    发现日期    路径    文件    病毒来源
Worm.Snake.a    删除成功    2006-11-26 07:30    C:\WINDOWS    AdobeR.exe    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:30    C:\Documents and Settings\All Users\Application Data\ACD Systems\ACDSee\5.0\ACDInTouch\EN\StaticPages    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:30    C:\Documents and Settings\All Users\Application Data\ACD Systems\FotoCanvas\2.0\ACDInTouch\EN\StaticPages    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:31    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\MTMTWFWR    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:31    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\KFSH6PE3    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:31    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\CLE705Y3    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:31    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\8BMJ8729    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:31    C:\Documents and Settings\Administrator\桌面\GPRS\动感大挪移内部免注册版\doc    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:31    C:\Documents and Settings\Administrator\桌面\GPRS\浏览无界限---无界浏览器最新版8绿色版    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:31    C:\Documents and Settings\Administrator\桌面\GPRS\Opera V9.02 Build 8573┊极为出色浏览器┊多国语言绿色特别版    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:31    C:\Documents and Settings\Administrator\Application Data\Opera\Opera\profile\cache4    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:32    C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sigyetzm.default    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:32    C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sigyetzm.default\bookmarkbackups    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:32    C:\Program Files\Common Files\Microsoft Shared\Stationery    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:32    C:\Program Files\Common Files\Microsoft Shared\Smart Tag\Chinese Measurement Converter\1028    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:32    C:\Program Files\Common Files\Microsoft Shared\Smart Tag\Chinese Measurement Converter\1033    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:32    C:\Program Files\Common Files\Microsoft Shared\Smart Tag\Chinese Measurement Converter\2052    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:32    C:\Program Files\Common Files\System\ado    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:32    C:\Program Files\Common Files\Real\Update_OB\UI    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:32    C:\Program Files\NetMeeting    readme.eml>>HTML TEXT    本机
Trojan.Clicker.Agent.afg    删除成功    2006-11-26 07:32    C:\Program Files\装机人员工具    UPIEA(IE插件屏蔽) 2006.exe    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:32    C:\Program Files\Real\RealPlayer\DataCache\admodules    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:32    C:\Program Files\Real\RealPlayer\DataCache\Devices    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:33    C:\Program Files\Real\RealPlayer\DataCache\GetMedia    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:33    C:\Program Files\Real\RealPlayer\DataCache\Login    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:33    C:\Program Files\Real\RealPlayer\DataCache\mstore    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:33    C:\Program Files\Real\RealPlayer\DataCache\webresources    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:33    C:\Program Files\Real\RealPlayer\Firstrun    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:33    C:\Program Files\Real\RealPlayer    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:33    C:\Program Files\WinRAR    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:33    C:\Program Files\Thunder Network\Thunder\Program    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:33    C:\Program Files\QQ2006\3DShow    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:33    C:\Program Files\QQ2006\Dat    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:33    C:\Program Files\QQ2006\GroupLive\CacheFile\index_loge_normal    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:33    C:\Program Files\QQ2006\GroupLive\CacheFile    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:33    C:\Program Files\QQ2006\QQBuddy\Dat    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:33    C:\Program Files\QQ2006\QBox\msg    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:34    C:\Program Files\QQ2006    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:34    C:\Program Files\Microsoft Office\OFFICE11\2052    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:34    C:\Program Files\Herosoft\Hero 9\DVDSkin\skin2\HTML    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:34    C:\Program Files\Herosoft\Hero 9\DVDSkin\skin6\HTML    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:35    C:\Program Files\Herosoft\Hero 9    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:35    C:\Program Files\Tencent\TT    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:35    C:\Program Files\CNNIC\Cdn    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:35    C:\Program Files\Mozilla Firefox\res    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:35    C:\Program Files\Mozilla Firefox\defaults\profile    readme.eml>>HTML TEXT    本机
Dropper.Agent.dvv    删除成功    2006-11-26 07:39    G:\新建文件夹\硬件检测工具    检测工具.exe    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:39    G:\新建文件夹\硬件检测工具\everest    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:40    G:\Program Files\PPLive\xml    readme.eml>>HTML TEXT    本机
Exploit.HTML.Iframe.FileDownload    清除成功    2006-11-26 07:40    G:\gprs\GPRS_PC驱动_中性\GPRS_PC驱动_中性\重要15包月\马赫5无线上网加速器Mach5_setup    readme.eml>>HTML TEXT    本机

是用  SRENG

2006-11-26,11:25:37

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联


启动项目


注册表

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
(ctfmon.exe)(C:\WINDOWS\system32\ctfmon.exe) [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
(load)() []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
(wallpaper)(c:\windows\system32\壁纸自动换.exe) []
(SoundMan)(SOUNDMAN.EXE) [Realtek Semiconductor Corp.]
(Windows XPlan)() []
(ConnMgr)(C:\Program Files\中国移动随e行客户端软件\TaskCtrl.exe) []
(CdnCtr)(C:\Program Files\CNNIC\Cdn\cdnup.exe) [CNNIC]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
(RavStub)("C:\Program Files\Rising\Rav\ravstub.exe" /RUNONCE) [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
(shell)(Explorer.exe) [Microsoft Corporation]
(Userinit)(C:\WINDOWS\system32\userinit.exe,) [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
(AppInit_DLLs)() []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
(UIHost)(logonui.exe) [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
({32CD708B-60A7-4C00-9377-D73EAA495F0F})(C:\WINDOWS\system32\RavExt.dll) [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
(SysTime)(C:\PROGRA~1\WinKld\WinKld.dll) [www.88dog.com]
(webwork)(C:\WINDOWS\webwork\webwork.dll) []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
(IMJPMIG8.1)(; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32) [Microsoft Corporation]
(PHIME2002A)(; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName) []
(PHIME2002ASync)(; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC) []

启动文件夹

服务

[Rising RealTime Monitor / RsRavMon]
("C:\Program Files\Rising\Rav\RavMonD.exe")(Beijing Rising Technology Co., Ltd.)



--------------------------------------------------------------------------------



浏览器加载项

[Cbho Object]
{352E3B3A-CAB5-4DBC-B940-C7F84D0447D8} (C:\PROGRA~1\CNNIC\Cdn\cdndrag.dll, CNNIC)
[AntiFish Class]
{38928D50-8A48-44C2-945F-D2F23F771410} (C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll, Yahoo.)
[CdnForIE Class]
{5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} (C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC)
[DragSearch BHO]
{62EED7C6-9F02-42f9-B634-98E2899E147B} (C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, N/A)
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} (C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD)
[NOW!Imaging]
{9AA2F14F-E956-44B8-8694-A5B615CDF341} (C:\Program Files\Mach5 Speed Wireless\components\NOWImaging.dll, N/A)
[WMHlprObj Class]
{F5824EFB-728A-4726-A5A5-85A68B20EDC3} (C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll, CNNIC)
[红心游戏]
{00000000-DAEB-480d-867B-D746D955765B} (D:\GAME\redheart\GameHall.exe, )
[豪杰超级解霸9]
{367E0A21-8601-4986-9C9A-153BF5ACA118} (C:\Program Files\Herosoft\Hero 9\STHSDVD.EXE, herosoft)
[CdnForIE Class]
{5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} (C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC)
[信息检索(&R)]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} (C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation)
[Windows Genuine Advantage Validation Tool]
{17492023-C23A-453E-A040-C7C580BBF700} (C:\WINDOWS\system32\LegitCheckControl.DLL, Microsoft Corporation)
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} (C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.)
[iTrusPTA Class]
{1E0DFFCF-27FF-4574-849B-55007349FEDA} (C:\WINDOWS\system32\aliedit\pta.dll, )
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} (%SystemRoot%\system32\mshtml.dll, N/A)
[Cbho Object]
{352E3B3A-CAB5-4DBC-B940-C7F84D0447D8} (C:\PROGRA~1\CNNIC\Cdn\cdndrag.dll, CNNIC)
[AntiFish Class]
{38928D50-8A48-44C2-945F-D2F23F771410} (C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll, Yahoo.)
[CEditCtrl Object]
{488A4255-3236-44B3-8F27-FA1AECAA8844} (C:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com)
[CdnForIE Class]
{5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} (C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC)
[DragSearch BHO]
{62EED7C6-9F02-42F9-B634-98E2899E147B} (C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, N/A)
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} (C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation)
[Microsoft Web 浏览器]
{8856F961-340A-11D0-A96B-00C04FD705A2} (C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation)
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} (C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD)
[NOW!Imaging]
{9AA2F14F-E956-44B8-8694-A5B615CDF341} (C:\Program Files\Mach5 Speed Wireless\components\NOWImaging.dll, N/A)
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} (%SystemRoot%\system32\shdocvw.dll, N/A)
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} (C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation)
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} (C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.)
[WMHlprObj Class]
{F5824EFB-728A-4726-A5A5-85A68B20EDC3} (C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll, CNNIC)
[使用超级解霸播放]
(C:\Program Files\Herosoft\Hero 9\MPURLGET.HTM, N/A)
[使用迅雷下载]
(C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A)
[使用迅雷下载全部链接]
(C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A)
[导出到 Microsoft Office Excel(&X)]
(res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A)
[访问通用网址]
(C:\Program Files\CNNIC\Cdn\cnnic.htm, N/A)

正在运行的进程

[PID: 668][\SystemRoot\System32\smss.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 716][\??\C:\WINDOWS\system32\csrss.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 744][\??\C:\WINDOWS\system32\winlogon.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 788][C:\WINDOWS\system32\services.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 800][C:\WINDOWS\system32\lsass.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 944][C:\WINDOWS\system32\svchost.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 1016][C:\WINDOWS\system32\svchost.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[C:\WINDOWS\system32\cdnns.dll] (CNNIC)(2, 0, 0, 0)
[PID: 1068][C:\WINDOWS\System32\svchost.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 1164][C:\WINDOWS\system32\svchost.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 1232][C:\WINDOWS\system32\svchost.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 1616][C:\WINDOWS\system32\spoolsv.exe] (Microsoft Corporation)(5.1.2600.2696 (xpsp_sp2_gdr.050610-1519))
[C:\WINDOWS\system32\cdnns.dll] (CNNIC)(2, 0, 0, 0)
[PID: 1868][C:\Program Files\Rising\Rav\RavMonD.exe] (Beijing Rising Technology Co., Ltd.)(18, 0, 1, 47)
[C:\Program Files\Rising\Rav\BWList.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 20)
[C:\Program Files\Rising\Rav\RsCommX.dll] (rising)(18, 0, 0, 1)
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 2)
[C:\Program Files\Rising\Rav\CfgDll.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 11)
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[C:\Program Files\Rising\Rav\RsLog.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 20)
[C:\Program Files\Rising\Rav\HOOKSYS.dll] (Beijing Rising Technology Co., Ltd.)(18, 1, 0, 12)
[C:\Program Files\Rising\Rav\Scanner.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 33)
[C:\Program Files\Rising\Rav\libload.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 10)
[C:\Program Files\Rising\Rav\VirusLib.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 13)
[C:\Program Files\Rising\Rav\regmon.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 6)
[C:\Program Files\Rising\Rav\HookWeb.dll] (rising)(18, 0, 0, 2)
[C:\Program Files\Rising\Rav\expscan.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[C:\Program Files\Rising\Rav\mPorts.dll] (Beijing Rising Technology Co., Ltd.)(4, 0, 0, 3)
[C:\Program Files\Rising\Rav\MailMon.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 5)
[C:\Program Files\Rising\Rav\SpamEng.dll] (N/A)(18, 0, 0, 6)
[C:\Program Files\Rising\Rav\engine.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 35)
[C:\Program Files\Rising\Rav\UnExe.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 11)
[C:\Program Files\Rising\Rav\ScanExec.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 16)
[C:\Program Files\Rising\Rav\ScanEx.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 34)
[C:\Program Files\Rising\Rav\RSUnpack.dll] (Beijing Rising Technology Co., Ltd.)(1, 0, 0, 21)
[C:\Program Files\Rising\Rav\ExtFile.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 24)
[C:\Program Files\Rising\Rav\PostTrt.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 18)
[C:\Program Files\Rising\Rav\NvFile.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 7)
[C:\Program Files\Rising\Rav\ScanMac.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 10)
[C:\Program Files\Rising\Rav\ScanSct.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 20)
[C:\Program Files\Rising\Rav\RsStore.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 6)
[C:\Program Files\Rising\Rav\ExtOLE.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 6)
[PID: 2016][C:\WINDOWS\Explorer.EXE] (Microsoft Corporation)(6.00.2900.2180 (xpsp_sp2_rtm.040803-2158))
[C:\WINDOWS\system32\RavExt.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 21)
[C:\Program Files\CNNIC\Cdn\imaoe.dll] (CNNIC)(2, 2, 0, 1)
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] (CNNIC)(2, 1, 0, 3)
[C:\Program Files\CNNIC\Cdn\cdndet.dll] (CNNIC)(2, 5, 0, 0)
[C:\PROGRA~1\WinKld\Winkld.dat] (www.88dog.com)(2, 0, 0, 1)
[C:\WINDOWS\webwork\albus.dll] (N/A)(1, 0, 0, 4)
[C:\WINDOWS\webwork\webwork.nls] (N/A)(N/A)
[C:\WINDOWS\system32\cdnns.dll] (CNNIC)(2, 0, 0, 0)
[C:\Program Files\WinRAR\rarext.dll] (N/A)(N/A)
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll] (Thunder Networking Technologies,LTD)(5, 0, 0, 2)
[PID: 228][C:\WINDOWS\system32\wdfmgr.exe] (Microsoft Corporation)(5.2.3790.1230 built by: dnsrv(bld4act))
[PID: 420][C:\Program Files\CNNIC\Cdn\cdnup.exe] (CNNIC)(2, 5, 0, 6)
[C:\Program Files\CNNIC\Cdn\cdnuplib.dll] (CNNIC)(2, 5, 0, 6)
[C:\Program Files\CNNIC\Cdn\cdnprh.dll] (CNNIC)(2, 4, 0, 3)
[C:\Program Files\CNNIC\Cdn\cdndet.dll] (CNNIC)(2, 5, 0, 0)
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] (CNNIC)(2, 1, 0, 3)
[C:\Program Files\CNNIC\Cdn\imaoe.dll] (CNNIC)(2, 2, 0, 1)
[C:\Program Files\CNNIC\Cdn\cdntdns.dll] (CNNIC)(2, 2, 0, 3)
[PID: 572][C:\Program Files\Rising\Rav\RavStub.exe] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 16)
[C:\Program Files\Rising\Rav\RsCommX.dll] (rising)(18, 0, 0, 1)
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[PID: 892][C:\WINDOWS\System32\alg.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 960][C:\WINDOWS\SOUNDMAN.EXE] (Realtek Semiconductor Corp.)(5, 1, 0, 52)
[C:\Program Files\CNNIC\Cdn\imaoe.dll] (CNNIC)(2, 2, 0, 1)
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] (CNNIC)(2, 1, 0, 3)

[C:\Program Files\CNNIC\Cdn\cdndet.dll] (CNNIC)(2, 5, 0, 0)
[PID: 1172][C:\Program Files\中国移动随e行客户端软件\TaskCtrl.exe] ()(1, 0, 0, 1)
[C:\Program Files\CNNIC\Cdn\imaoe.dll] (CNNIC)(2, 2, 0, 1)
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] (CNNIC)(2, 1, 0, 3)
[C:\Program Files\CNNIC\Cdn\cdndet.dll] (CNNIC)(2, 5, 0, 0)
[PID: 1204][C:\Program Files\Rising\Rav\RavTask.exe] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 22)
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 2)
[C:\Program Files\Rising\Rav\CfgDll.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 11)
[C:\Program Files\Rising\Rav\RsCommX.dll] (rising)(18, 0, 0, 1)
[C:\Program Files\CNNIC\Cdn\imaoe.dll] (CNNIC)(2, 2, 0, 1)
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] (CNNIC)(2, 1, 0, 3)
[C:\Program Files\CNNIC\Cdn\cdndet.dll] (CNNIC)(2, 5, 0, 0)
[PID: 1260][C:\WINDOWS\system32\ctfmon.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[C:\Program Files\CNNIC\Cdn\imaoe.dll] (CNNIC)(2, 2, 0, 1)
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] (CNNIC)(2, 1, 0, 3)
[C:\Program Files\CNNIC\Cdn\cdndet.dll] (CNNIC)(2, 5, 0, 0)
[PID: 1344][C:\Program Files\Rising\Rav\Ravmon.exe] (Beijing Rising Technology Co., Ltd.)(18, 0, 1, 39)
[C:\Program Files\Rising\Rav\RsGuiLib.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 26)
[C:\Program Files\Rising\Rav\BWList.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 20)
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 2)
[C:\Program Files\Rising\Rav\CfgDll.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 11)
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[C:\Program Files\Rising\Rav\RsCommX.dll] (rising)(18, 0, 0, 1)
[C:\Program Files\Rising\Rav\PngDll.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 5)
[C:\Program Files\CNNIC\Cdn\imaoe.dll] (CNNIC)(2, 2, 0, 1)
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] (CNNIC)(2, 1, 0, 3)
[C:\Program Files\CNNIC\Cdn\cdndet.dll] (CNNIC)(2, 5, 0, 0)
[PID: 192][C:\Program Files\Rising\Rav\RsAgent.exe] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 12)
[C:\Program Files\CNNIC\Cdn\imaoe.dll] (CNNIC)(2, 2, 0, 1)
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] (CNNIC)(2, 1, 0, 3)
[C:\Program Files\CNNIC\Cdn\cdndet.dll] (CNNIC)(2, 5, 0, 0)
[C:\Program Files\Rising\Rav\RsCommX.dll] (rising)(18, 0, 0, 1)
[PID: 204][C:\WINDOWS\msagent\AgentSvr.exe] (Microsoft Corporation)(2.00.0.3422)
[C:\Program Files\CNNIC\Cdn\imaoe.dll] (CNNIC)(2, 2, 0, 1)
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] (CNNIC)(2, 1, 0, 3)
[C:\Program Files\CNNIC\Cdn\cdndet.dll] (CNNIC)(2, 5, 0, 0)
[PID: 2324][C:\WINDOWS\system32\conime.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[C:\Program Files\CNNIC\Cdn\imaoe.dll] (CNNIC)(2, 2, 0, 1)
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] (CNNIC)(2, 1, 0, 3)
[C:\Program Files\CNNIC\Cdn\cdndet.dll] (CNNIC)(2, 5, 0, 0)
[PID: 3640][C:\Program Files\Internet Explorer\iexplore.exe] (Microsoft Corporation)(6.00.2900.2180 (xpsp_sp2_rtm.040803-2158))
[C:\Program Files\CNNIC\Cdn\imaoe.dll] (CNNIC)(2, 2, 0, 1)
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] (CNNIC)(2, 1, 0, 3)
[C:\Program Files\CNNIC\Cdn\cdnuplib.dll] (CNNIC)(2, 5, 0, 6)
[C:\Program Files\CNNIC\Cdn\cdndet.dll] (CNNIC)(2, 5, 0, 0)
[C:\PROGRA~1\CNNIC\Cdn\cdndrag.dll] (CNNIC)(1.0.0.6)
[C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll] (Yahoo.)(1, 0, 5, 1006)
[C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll] (Thunder Networking Technologies,LTD)(5, 0, 0, 2)
[C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll] (CNNIC)(1, 1, 0, 0)
[C:\WINDOWS\system32\cdnns.dll] (CNNIC)(2, 0, 0, 0)
[C:\Program Files\Rising\Rav\RavScrCh.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx] (Adobe Systems, Inc.)(9,0,28,0)
[C:\WINDOWS\system32\WINABCX.IME] (PKUETI)(5.22.216)
[PID: 2392][C:\Program Files\Tencent\TT\TTraveler.exe] (腾讯公司)(3.1.0.261)
[C:\Program Files\CNNIC\Cdn\imaoe.dll] (CNNIC)(2, 2, 0, 1)
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] (CNNIC)(2, 1, 0, 3)
[C:\Program Files\CNNIC\Cdn\cdndet.dll] (CNNIC)(2, 5, 0, 0)
[C:\Program Files\Tencent\TT\Plugins\QQFloatBar\QQFloatBar4TT2.dll] (腾讯公司)(1, 1, 0, 5)
[C:\Program Files\Tencent\TT\Plugins\TWeather\TWeather.dll] ()(1, 0, 0, 3)
[C:\WINDOWS\system32\cdnns.dll] (CNNIC)(2, 0, 0, 0)
[C:\Program Files\Rising\Rav\RavScrCh.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[C:\Program Files\Tencent\TT\PersonalDesktop.dll] (深圳市腾讯计算机系统公司QQ工作小组)(1, 0, 0, 4)
[PID: 1936][C:\Program Files\Tencent\TT\TCPlus.exe] (腾讯公司)(1, 0, 0, 5)
[C:\Program Files\CNNIC\Cdn\imaoe.dll] (CNNIC)(2, 2, 0, 1)
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] (CNNIC)(2, 1, 0, 3)
[C:\Program Files\CNNIC\Cdn\cdndet.dll] (CNNIC)(2, 5, 0, 0)
[C:\Program Files\Tencent\TT\QQDownload.dll] (Tencent Technology (Shenzhen) Company Limited)(1, 0, 101, 28)
[C:\WINDOWS\system32\cdnns.dll] (CNNIC)(2, 0, 0, 0)
[C:\Program Files\Tencent\TT\TNProxy.dll] (Tencent Technology(Shenzhen) Company Limited)(2, 1, 101, 60)
[PID: 3292][E:\1_060708203040\SREng.exe] (Smallfrogs Studio)(2.0.21.505)
[C:\Program Files\CNNIC\Cdn\imaoe.dll] (CNNIC)(2, 2, 0, 1)
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] (CNNIC)(2, 1, 0, 3)
[C:\Program Files\CNNIC\Cdn\cdndet.dll] (CNNIC)(2, 5, 0, 0)
[C:\WINDOWS\system32\cdnns.dll] (CNNIC)(2, 0, 0, 0)

文件关联

.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]



--------------------------------------------------------------------------------


Winsock 提供者

请高手帮忙啊  斑竹也看看啊  先谢谢了!!!!!!!!