现在这个病毒是杀也杀不掉...删也删不掉。..高手们快告示我怎么办啊......
能帮我的+我QQ吧..急死

扫
个
日
志

到http://www.KZTechs.com下载System Repair Engineer点击智能扫描,再点击扫描,然后点击保存日志,保存成htm文件,再把里面的内容粘上去,日志一次粘不完,要分次粘完,请不要修改.

谢谢了

注册表

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
(ctfmon.exe)(C:\WINDOWS\system32\ctfmon.exe) [Microsoft Corporation]
(caishowmanage)(C:\Program Files\CaiShow Tech\CaiShow\UpdateManager.EXE) []
(MSMSGS)("C:\Program Files\Messenger\msmsgs.exe" /background) [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunServices]
(services)(C:\WINDOWS\services.exe) []
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
(load)() []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
(IMJPMIG8.1)("C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32) [Microsoft Corporation]
(PHIME2002ASync)(C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC) [Microsoft Corporation]
(PHIME2002A)(C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName) [Microsoft Corporation]
(Cmaudio)(RunDll32 cmicnfg.cpl,CMICtrlWnd) []
(IgfxTray)(C:\WINDOWS\System32\igfxtray.exe) [Intel Corporation]
(HotKeysCmds)(C:\WINDOWS\System32\hkcmd.exe) [Intel Corporation]
(SoundMan)(SOUNDMAN.EXE) [Realtek Semiconductor Corp.]
(SysExplr)(C:\Herosoft\HeroV8\SYSEXPLR.EXE) []
(TkBellExe)("C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot) [RealNetworks, Inc.]
(pbmini)(rem "C:\Program Files\pcast\PodcastbarMini\PodcastBarMiniStarter.exe" -hide) []
(MSService_v1.0)(rem C:\WINDOWS\system32\vfp02.exe) []
(RfwMain)("C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup) [Beijing Rising Technology Co., Ltd.]
(RavTask)("C:\Program Files\Rising\Rav\RavTask.exe" -system) [Beijing Rising Technology Co., Ltd.]
(KernelFaultCheck)(%systemroot%\system32\dumprep 0 -k) []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
(RavStub)("C:\Program Files\Rising\Rav\ravstub.exe" /RUNONCE) [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
(shell)(Explorer.exe) [Microsoft Corporation]
(Userinit)(C:\WINDOWS\system32\userinit.exe,) [Microsoft Corporation]
(UIHost)(logonui.exe) [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
({32CD708B-60A7-4C00-9377-D73EAA495F0F})(C:\WINDOWS\system32\RavExt.dll) [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
(themeadp)(C:\WINDOWS\system32\themeadp.dll) []
(webwork)(C:\WINDOWS\webwork\webwork.dll) [MSWebwork Cop.]
(MediaCheck)(C:\PROGRA~1\Kuree\MService.dll) []




--------------------------------------------------------------------------------

启动文件夹

[Microsoft Office]
(C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Microsoft Office.lnk)(N)
[腾讯QQ]
(C:\Documents and Settings\aaa\「开始」菜单\程序\启动\腾讯QQ.lnk)(N)



--------------------------------------------------------------------------------



服务

[JMediaService / JMediaService]
(C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\MMSASS~1\MMSSVER.DLL,Service)(N/A)
[Kingsoft Personal Firewall Service / KPfwSvc]
("D:\防火墙\KPfwSvc.EXE")(N/A)
[Rising Proxy Service / RfwProxySrv]
(c:\program files\rising\rfw\rfwproxy.exe)(Beijing Rising Technology Co., Ltd.)
[Rising Personal Firewall Service / RfwService]
(c:\program files\rising\rfw\rfwsrv.exe)(Beijing Rising Technology Co., Ltd.)
[Rising Process Communication Center / RsCCenter]
("C:\Program Files\Rising\Rav\CCenter.exe")(Beijing Rising Technology Co., Ltd.)
[RsRavMon Service / RsRavMon]
("C:\Program Files\Rising\Rav\Ravmond.exe")(Beijing Rising Technology Co., Ltd.)
[Sample NT Service / SampleService]
(C:\WINDOWS\NTService.exe)(N/A)
[StdService / StdService]
(C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\STDSVER.DLL,Service)(N/A)
[WinWrCup / WinWrCup]
(C:\WINDOWS\wincup\wincup.exe -R)(MsWinCup)



--------------------------------------------------------------------------------

浏览器加载项

[CPub Object]
{0CA51D02-7739-43EA-8D9A-1E8AD4327B03} (C:\Program Files\P4P\sodaie.dll, N/A)
[ChajianHelper Class]
{0CB66BA8-5E1F-4963-93D1-E1D6B78FE9A2} (C:\WINDOWS\System32\SYSREA~1.DLL, Kmedia)
[Yahoo!Photo]
{33BBE430-0E42-4f12-B075-8D21ACB10DCB} (C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll, N/A)
[CaiShowBH Class]
{3AF40CB8-B3BA-4E2D-8968-4BF8DB172997} (C:\Program Files\CaiShow Tech\CaiShow\BrowerHelper.dll, N/A)
[KmediaHelper Class]
{42D25F15-CF07-4A72-B191-DB0792BF310C} (C:\WINDOWS\System32\Kmedia.dll, Kmedia)
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} (D:\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司)
[NetAccelerate Class]
{5673A7C0-95CC-4646-BB07-3BD71234CEF9} (C:\WINDOWS\System32\MicrosoftNet.dll, N/A)
[DragSearch BHO]
{62EED7C6-9F02-42f9-B634-98E2899E147B} (C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, N/A)
[Vision]
{6671A431-5C3D-463d-A7CF-5587F9B7E191} (C:\PROGRA~1\MMSASS~1\mmsass~1.dll, )
[stdup]
{6A512BF7-EC78-4e8d-9841-6C02E8FA9838} (C:\WINDOWS\SYSTEM32\stdup.dll, MStdup Co Ltd.)
[Router Video 40]
{8465D755-AFE0-40ef-BC5E-2290D2C1F31F} (C:\WINDOWS\System32\rv40.dll, N/A)
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} (D:\迅雷\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD)
[NewWebController Class]
{9ACEEE30-143F-471A-AA45-72B061FE7D60} (C:\WINDOWS\system32\WinSC.dll, N/A)
[IEHlprObj Class]
{CE7C3CF0-4B15-11D1-ABED-709549C10000} (C:\WINDOWS\system32\IEHelper.dll, )
[QuickBtn]
{D1BB7CF4-4463-4e91-88D7-ECC3CE0A13B7} (C:\Program Files\CoolWebsite\QuickLink.dll, Fengcent)
[IEHlprObj Class]
{EE7C3CF0-4B15-11D1-ABED-709549C10000} (C:\PROGRA~1\INTERN~1\HMMPI.dll, N/A)
[启动迅雷]
{0062C9BD-B349-40DE-91A0-755F37ACD559} (D:\迅雷\Thunder.exe, Thunder Networking Technologies,LTD)
[免费精彩视频超流畅在线观看]
{022C4009-5283-4365-97BF-144054B40E2E} (http://itv.mop.com, N/A)
[浩方对战平台]
{0A155D3C-68E2-4215-A47A-E800A446447A} (E:\浩方\浩方对战平台\GameClient.exe, N/A)
[QuickBtn]
{1D901067-2529-4A9B-9B6B-7A1DB3A44CB5} (C:\Program Files\CoolWebsite\QuickLink.dll, Fengcent)
[豪杰超级解霸V8]
{367E0A21-8601-4986-9C9A-153BF5ACA118} (C:\Herosoft\HeroV8\STHSDVD.EXE, N/A)
[MMSAssistMenu]
{6671A433-5C3D-463d-A7CF-5587F9B7E191} (C:\PROGRA~1\MMSASS~1\mmsass~1.dll, )
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} (D:\QQ\QQ.EXE, TENCENT)
[易趣购物]
{DE607143-AC19-423e-863A-3D70ABDF119A} (http://click2.ad4all.net/url2/urlmanage/url.asp?id=5, N/A)
[QQIEFloatBarCfgCmd Class]
{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} (D:\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司)
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} (C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation)
[BitComet工具栏]
{3F1ABCDB-A875-46c1-8345-B72A4567E486} (D:\新建文件夹\BitComet\BitCometBar\BitCometBar0.5.dll, N/A)
[IE标准栏]
{954F618B-0DEC-4D1A-9317-E0FC96F87865} (C:\WINDOWS\system32\amstreamxb.dll, )
[updatePanelX Control]
{43E839C5-E10F-443A-BC1F-F09CFD2ABC77} (C:\WINDOWS\system32\uusee\internet\updateC.ocx, uusee)
[PowerPlayer Control]
{5EC7C511-CD0F-42E6-830C-1BD9882F3458} (C:\DOCUME~1\aaa\APPLIC~1\ppStream\100~1.139\POWERP~1.DLL, PPStream Inc.)
[Qzone Media Tools]
{A96C48EA-AA88-4BBD-B58C-7B41146A6EAC} (D:\QQ\QZone\QZONEM~1.OCX, Tencent Technology (Shenzhen) Company Limited)
[WebActivater Control]
{C661F36D-DF85-4EF4-83C7-E107B83D04B1} (C:\WINDOWS\System32\3DShowVM.ocx, QQ)
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} (C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.)
[CPasswordEditCtrl Object]
{E787FD25-8D7C-4693-AE67-9406BC6E22DF} (C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技（深圳）有限公司)
[pCastPanel Class]
{FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} (C:\WINDOWS\Downloaded Program Files\pCastCtl.dll, )
[CPub Object]
{0CA51D02-7739-43EA-8D9A-1E8AD4327B03} (C:\Program Files\P4P\sodaie.dll, N/A)
[ChajianHelper Class]
{0CB66BA8-5E1F-4963-93D1-E1D6B78FE9A2} (C:\WINDOWS\System32\SYSREA~1.DLL, Kmedia)
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} (C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation)
[Yahoo!Photo]
{33BBE430-0E42-4F12-B075-8D21ACB10DCB} (C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll, N/A)
[CaiShowBH Class]
{3AF40CB8-B3BA-4E2D-8968-4BF8DB172997} (C:\Program Files\CaiShow Tech\CaiShow\BrowerHelper.dll, N/A)
[BitComet工具栏]
{3F1ABCDB-A875-46C1-8345-B72A4567E486} (D:\新建文件夹\BitComet\BitCometBar\BitCometBar0.5.dll, N/A)
[KmediaHelper Class]
{42D25F15-CF07-4A72-B191-DB0792BF310C} (C:\WINDOWS\System32\Kmedia.dll, Kmedia)
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} (D:\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司)
[Shell Name Space]
{55136805-B2DE-11D1-B9F2-00A0C98BC547} (%SystemRoot%\System32\shdocvw.dll, N/A)
[NetAccelerate Class]
{5673A7C0-95CC-4646-BB07-3BD71234CEF9} (C:\WINDOWS\System32\MicrosoftNet.dll, N/A)
[PowerPlayer Control]
{5EC7C511-CD0F-42E6-830C-1BD9882F3458} (C:\DOCUME~1\aaa\APPLIC~1\ppStream\100~1.139\POWERP~1.DLL, PPStream Inc.)
[DragSearch BHO]
{62EED7C6-9F02-42F9-B634-98E2899E147B} (C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, N/A)
[Vision]
{6671A431-5C3D-463D-A7CF-5587F9B7E191} (C:\PROGRA~1\MMSASS~1\mmsass~1.dll, )
[stdup]
{6A512BF7-EC78-4E8D-9841-6C02E8FA9838} (C:\WINDOWS\SYSTEM32\stdup.dll, MStdup Co Ltd.)
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} (C:\WINDOWS\system32\wmp.dll, Microsoft Corporation)
[Router Video 40]
{8465D755-AFE0-40EF-BC5E-2290D2C1F31F} (C:\WINDOWS\System32\rv40.dll, N/A)
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} (D:\迅雷\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD)
[IE标准栏]
{954F618B-0DEC-4D1A-9317-E0FC96F87865} (C:\WINDOWS\system32\amstreamxb.dll, )
[NewWebController Class]
{9ACEEE30-143F-471A-AA45-72B061FE7D60} (C:\WINDOWS\system32\WinSC.dll, N/A)
[HBObject Class]
{AE22AFE5-1EF4-4D25-9E23-D2825FB17DA1} (C:\PROGRA~1\HBClient\hbhelper.dll, N/A)
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} (%SystemRoot%\System32\shdocvw.dll, N/A)
[AUDIO__X_MS_WMA Moniker Class]
{CD3AFA84-B84F-48F0-9393-7EDC34128127} (C:\WINDOWS\system32\wmp.dll, Microsoft Corporation)
[IEHlprObj Class]
{CE7C3CF0-4B15-11D1-ABED-709549C10000} (C:\WINDOWS\system32\IEHelper.dll, )
[QuickBtn]
{D1BB7CF4-4463-4E91-88D7-ECC3CE0A13B7} (C:\Program Files\CoolWebsite\QuickLink.dll, Fengcent)
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} (C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.)
[IEHlprObj Class]
{EE7C3CF0-4B15-11D1-ABED-709549C10000} (C:\PROGRA~1\INTERN~1\HMMPI.dll, N/A)
[pCastPanel Class]
{FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} (C:\WINDOWS\Downloaded Program Files\pCastCtl.dll, )
[ )) 彩信发送 ((]
(res://C:\PROGRA~1\MMSASS~1\Mmsass~1.dll/mms.htm, N/A)
[&使用迅雷下载]
(D:\迅雷\Program\GetUrl.htm, N/A)
[&使用迅雷下载全部链接]
(D:\迅雷\Program\GetAllUrl.htm, N/A)
[))彩信发送((]
(res://C:\PROGRA~1\MMSASS~1\mmsass~1.dll/mms.htm, N/A)
[上传到QQ网络硬盘]
(D:\QQ\AddToNetDisk.htm, N/A)
[添加到QQ自定义面板]
(D:\QQ\AddPanel.htm, N/A)
[添加到QQ表情]
(D:\QQ\AddEmotion.htm, N/A)
[用QQ彩信发送该图片]
(D:\QQ\SendMMS.htm, N/A)
[用炫彩图铃发送该图片]
(C:\Program Files\CaiShow Tech\CaiShow\SendMMS.htm, N/A)
[豪杰超级解霸V8实时播放]
(C:\Herosoft\HeroV8\MPURLGET.HTM, N/A)



--------------------------------------------------------------------------------

正在运行的进程

[PID: 428][\SystemRoot\System32\smss.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 492][\??\C:\WINDOWS\system32\csrss.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 516][\??\C:\WINDOWS\system32\winlogon.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 560][C:\WINDOWS\system32\services.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 572][C:\WINDOWS\system32\lsass.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 720][C:\WINDOWS\system32\svchost.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 796][C:\WINDOWS\system32\svchost.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 868][C:\Program Files\Rising\Rav\CCenter.exe] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 3)
[PID: 896][C:\WINDOWS\System32\svchost.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 960][C:\WINDOWS\System32\svchost.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 1048][C:\WINDOWS\System32\svchost.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 1064][C:\Program Files\Rising\Rav\Ravmond.exe] (Beijing Rising Technology Co., Ltd.)(18, 0, 1, 35)
[C:\Program Files\Rising\Rav\BWList.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 19)
[C:\Program Files\Rising\Rav\RsCommX.dll] (rising)(18, 0, 0, 1)
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 2)
[C:\Program Files\Rising\Rav\CfgDll.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 11)
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[C:\Program Files\Rising\Rav\RsLog.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 20)
[C:\Program Files\Rising\Rav\HOOKSYS.dll] (Beijing Rising Technology Co., Ltd.)(18, 1, 0, 11)
[C:\Program Files\Rising\Rav\Scanner.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 32)
[C:\Program Files\Rising\Rav\libload.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 10)
[C:\Program Files\Rising\Rav\VirusLib.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 12)
[C:\Program Files\Rising\Rav\regmon.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 6)
[C:\Program Files\Rising\Rav\HookWeb.dll] (rising)(18, 0, 0, 2)
[C:\Program Files\Rising\Rav\MemMon.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 10)
[C:\Program Files\Rising\Rav\expscan.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[C:\Program Files\Rising\Rav\mPorts.dll] (Beijing Rising Technology Co., Ltd.)(4, 0, 0, 3)
[C:\Program Files\Rising\Rav\MailMon.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 5)
[C:\Program Files\Rising\Rav\SpamEng.dll] (N/A)(18, 0, 0, 6)
[C:\Program Files\Rising\Rav\engine.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 34)
[C:\Program Files\Rising\Rav\PostTrt.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 15)
[C:\Program Files\Rising\Rav\UnExe.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 11)
[C:\Program Files\Rising\Rav\ScanExec.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 11)
[C:\Program Files\Rising\Rav\ScanEx.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 21)
[C:\Program Files\Rising\Rav\RSUnpack.dll] (Beijing Rising Technology Co., Ltd.)(1, 0, 0, 13)
[C:\Program Files\Rising\Rav\NvFile.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 7)
[C:\Program Files\Rising\Rav\ScanMac.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 9)
[C:\Program Files\Rising\Rav\ScanSct.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 18)
[C:\Program Files\Rising\Rav\Unpacker.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[C:\Program Files\Rising\Rav\ExtFile.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 21)
[C:\Program Files\Rising\Rav\ExtOLE.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 6)
[C:\Program Files\Rising\Rav\RsStore.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 6)
[PID: 1192][c:\program files\rising\rfw\rfwsrv.exe] (Beijing Rising Technology Co., Ltd.)(4, 0, 0, 33)
[c:\program files\rising\rfw\RfwRule.dll] (Beijing Rising Technology Co., Ltd.)(4, 0, 0, 13)
[c:\program files\rising\rfw\rfwlog.dll] (Beijing Rising Technology Co., Ltd.)(4, 0, 0, 6)
[c:\program files\rising\rfw\Rfwdrv.dll] (Beijing Rising Technology Co., Ltd.)(4, 0, 0, 21)
[c:\program files\rising\rfw\MonDrv.dll] (rs)(1, 0, 0, 4)
[c:\program files\rising\rfw\ProcLib.dll] (Beijing Rising Technology Co., Ltd.)(4, 0, 0, 9)
[c:\program files\rising\rfw\mPorts.dll] (Beijing Rising Technology Co., Ltd.)(4, 0, 0, 3)
[PID: 1256][C:\WINDOWS\Explorer.EXE] (Microsoft Corporation)(6.00.2900.2180 (xpsp_sp2_rtm.040803-2158))
[C:\WINDOWS\system32\RavExt.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 21)
[C:\DOCUME~1\aaa\LOCALS~1\Temp\themeadp.nls] (N/A)(N/A)
[C:\WINDOWS\webwork\webwork.nls] (MSWebwork Cop.)(1, 0, 0, 1)
[C:\PROGRA~1\MMSASS~1\mmsass~1.dll] ()(1, 2, 0, 5)
[C:\PROGRA~1\MMSASS~1\albus.dll] (Albus)(1, 0, 0, 2)
[C:\WINDOWS\SYSTEM32\stdup.dll] (MStdup Co Ltd.)(3, 2, 2, 3)
[D:\迅雷\ComDlls\XunLeiBHO_002.dll] (Thunder Networking Technologies,LTD)(5, 0, 0, 2)
[C:\Program Files\CoolWebsite\QuickLink.dll] (Fengcent)(1, 0, 0, 2)
[C:\Program Files\Rising\Rav\RavScrCh.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[C:\Herosoft\HeroV8\VCvtShell.dll] (herosoft)(1, 0, 0, 1)
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[PID: 1424][C:\WINDOWS\system32\spoolsv.exe] (Microsoft Corporation)(5.1.2600.2696 (xpsp_sp2_gdr.050610-1519))
[PID: 1512][C:\Program Files\Rising\Rav\RavStub.exe] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 16)
[C:\Program Files\Rising\Rav\RsCommX.dll] (rising)(18, 0, 0, 1)
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[PID: 1688][c:\program files\rising\rfw\RfwMain.exe] (Beijing Rising Technology Co., Ltd.)(4, 0, 0, 52)
[c:\program files\rising\rfw\RsGuiLib.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 23)
[c:\program files\rising\rfw\RSCOMMON.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[c:\program files\rising\rfw\PngDll.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 5)
[C:\Herosoft\HeroV8\VCvtShell.dll] (herosoft)(1, 0, 0, 1)
[PID: 120][C:\PROGRA~1\Kuree\kpupdate.exe] (N/A)(N/A)
[C:\Herosoft\HeroV8\VCvtShell.dll] (herosoft)(1, 0, 0, 1)
[PID: 168][C:\WINDOWS\System32\igfxtray.exe] (Intel Corporation)(3.0.0.2209)
[C:\WINDOWS\System32\hccutils.DLL] (Intel Corporation)(3.0.0.2209)
[C:\WINDOWS\System32\igfxdev.dll] (Intel Corporation)(3.0.0.2209)
[C:\WINDOWS\System32\igfxsrvc.dll] (Intel Corporation)(3.0.0.2209)
[C:\WINDOWS\System32\igfxres.dll] (Intel Corporation)(3.0.0.2209)
[C:\WINDOWS\System32\igfxress.dll] (Intel Corporation)(3.0.0.2209)
[C:\Herosoft\HeroV8\VCvtShell.dll] (herosoft)(1, 0, 0, 1)
[PID: 188][C:\WINDOWS\System32\hkcmd.exe] (Intel Corporation)(3.0.0.2209)
[C:\WINDOWS\System32\hccutils.DLL] (Intel Corporation)(3.0.0.2209)
[C:\WINDOWS\System32\igfxdev.dll] (Intel Corporation)(3.0.0.2209)
[C:\WINDOWS\System32\igfxsrvc.dll] (Intel Corporation)(3.0.0.2209)
[C:\WINDOWS\System32\igfxhk.dll] (Intel Corporation)(3.0.0.2209)
[C:\WINDOWS\System32\igfxres.dll] (Intel Corporation)(3.0.0.2209)
[C:\Herosoft\HeroV8\VCvtShell.dll] (herosoft)(1, 0, 0, 1)
[PID: 180][C:\WINDOWS\SOUNDMAN.EXE] (Realtek Semiconductor Corp.)(5.1.0.30)
[C:\Herosoft\HeroV8\VCvtShell.dll] (herosoft)(1, 0, 0, 1)
[PID: 216][C:\Herosoft\HeroV8\SYSEXPLR.EXE] (N/A)(N/A)
[C:\Herosoft\HeroV8\AVCDROM.dll] (N/A)(N/A)
[C:\Herosoft\HeroV8\CoolMenu.dll] (N/A)(N/A)
[C:\Herosoft\HeroV8\Sys936.DLL] (N/A)(N/A)
[C:\Herosoft\HeroV8\VCvtShell.dll] (herosoft)(1, 0, 0, 1)
[PID: 224][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] (RealNetworks, Inc.)(0.1.0.3510)
[C:\Herosoft\HeroV8\VCvtShell.dll] (herosoft)(1, 0, 0, 1)
[PID: 240][C:\Program Files\Rising\Rav\RavTask.exe] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 22)
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 2)
[C:\Program Files\Rising\Rav\CfgDll.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 11)
[C:\Program Files\Rising\Rav\RsCommX.dll] (rising)(18, 0, 0, 1)
[C:\Herosoft\HeroV8\VCvtShell.dll] (herosoft)(1, 0, 0, 1)
[PID: 260][C:\Program Files\Rising\Rav\Ravmon.exe] (Beijing Rising Technology Co., Ltd.)(18, 0, 1, 33)
[C:\Program Files\Rising\Rav\RsGuiLib.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 26)
[C:\Program Files\Rising\Rav\BWList.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 19)
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 2)
[C:\Program Files\Rising\Rav\CfgDll.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 11)
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[C:\Program Files\Rising\Rav\RsCommX.dll] (rising)(18, 0, 0, 1)
[C:\Program Files\Rising\Rav\PngDll.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 5)
[C:\Herosoft\HeroV8\VCvtShell.dll] (herosoft)(1, 0, 0, 1)
[PID: 336][C:\WINDOWS\system32\ctfmon.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[C:\Herosoft\HeroV8\VCvtShell.dll] (herosoft)(1, 0, 0, 1)
[PID: 352][C:\Program Files\Messenger\msmsgs.exe] (Microsoft Corporation)(4.7.3001)
[C:\Herosoft\HeroV8\VCvtShell.dll] (herosoft)(1, 0, 0, 1)
[PID: 1156][C:\WINDOWS\system32\rundll32.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[C:\PROGRA~1\MMSASS~1\MMSSVER.DLL] ()(1, 2, 0, 5)
[PID: 1116][C:\WINDOWS\System32\rundll32.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[C:\WINDOWS\System32\STDSVER.DLL] (MStdup Co Ltd.)(3, 2, 2, 3)
[PID: 1208][C:\WINDOWS\wincup\wincup.exe] (MsWinCup)(1, 0, 0, 0)
[PID: 2300][C:\WINDOWS\System32\alg.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 3296][C:\WINDOWS\system32\wuauclt.exe] (Microsoft Corporation)(5.8.0.2469 built by: lab01_n(wmbla))
[C:\Herosoft\HeroV8\VCvtShell.dll] (herosoft)(1, 0, 0, 1)
[PID: 3728][D:\TT浏览器\TTraveler.exe] (腾讯公司)(3.1.0.259)
[C:\Herosoft\HeroV8\VCvtShell.dll] (herosoft)(1, 0, 0, 1)
[D:\TT浏览器\Plugins\QQFloatBar\QQFloatBar4TT2.dll] (腾讯公司)(1, 1, 0, 5)
[D:\TT浏览器\Plugins\TWeather\TWeather.dll] ()(1, 0, 0, 3)
[D:\TT浏览器\PersonalDesktop.dll] (深圳市腾讯计算机系统公司QQ工作小组)(1, 0, 0, 4)
[C:\Program Files\Rising\Rav\RavScrCh.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx] (Adobe Systems, Inc.)(9,0,16,0)
[C:\PROGRA~1\Kuree\mpkres.dll] ()(1.0.1.2)
[C:\Herosoft\HeroV8\VCvtShell.dll] (herosoft)(1, 0, 0, 1)
[PID: 2636][C:\Program Files\Rising\Rav\Rav.exe] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 75)

[C:\Program Files\Rising\Rav\PlugIn\RsPgScan.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 17)
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 2)
[C:\Program Files\Rising\Rav\CfgDll.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 11)
[C:\Program Files\Rising\Rav\RsCommX.dll] (rising)(18, 0, 0, 1)
[C:\Program Files\Rising\Rav\RavUI.Dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 65)
[C:\Program Files\Rising\Rav\RsGuiLib.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 26)
[C:\Program Files\Rising\Rav\PngDll.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 5)
[C:\Herosoft\HeroV8\VCvtShell.dll] (herosoft)(1, 0, 0, 1)
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[C:\Program Files\Rising\Rav\Scanner.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 32)
[C:\Program Files\Rising\Rav\BWList.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 19)
[C:\Program Files\Rising\Rav\RavUIMsg.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 27)
[C:\Program Files\Rising\Rav\RavQu.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 17)
[C:\WINDOWS\system32\RavExt.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 21)
[C:\Program Files\Rising\Rav\libload.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 10)
[C:\Program Files\Rising\Rav\VirusLib.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 12)
[C:\Program Files\Rising\Rav\MVEngine.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 15)
[C:\Program Files\Rising\Rav\Engine.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 34)
[C:\Program Files\Rising\Rav\ScanExec.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 11)
[C:\Program Files\Rising\Rav\Unpacker.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[C:\Program Files\Rising\Rav\UnExe.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 11)
[C:\Program Files\Rising\Rav\ScanEx.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 21)
[C:\Program Files\Rising\Rav\RSUnpack.dll] (Beijing Rising Technology Co., Ltd.)(1, 0, 0, 13)
[C:\Program Files\Rising\Rav\PostTrt.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 15)
[C:\Program Files\Rising\Rav\NvFile.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 7)
[C:\Program Files\Rising\Rav\ScanMac.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 9)
[C:\Program Files\Rising\Rav\ScanSct.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 18)
[C:\Program Files\Rising\Rav\ExtMail.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 13)
[C:\Program Files\Rising\Rav\ExtFile.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 21)
[C:\Program Files\Rising\Rav\ExtOLE.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 6)
[C:\Program Files\Rising\Rav\RsStore.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 6)
[C:\Program Files\Rising\Rav\RsLog.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 20)
[C:\Program Files\Rising\Rav\ScanNet.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 5)
[PID: 2960][D:\QQ\TIMPlatform.exe] (tencent)(0, 3, 1, 8)
[C:\Herosoft\HeroV8\VCvtShell.dll] (herosoft)(1, 0, 0, 1)
[D:\QQ\TIMProxy.dll] (tencent)(0, 3, 2, 4)
[PID: 3604][c:\program files\rising\rfw\RfwCfg.exe] (Beijing Rising Technology Corporation Limited)(4, 0, 0, 96)
[c:\program files\rising\rfw\RsGuiLib.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 23)
[C:\Herosoft\HeroV8\VCvtShell.dll] (herosoft)(1, 0, 0, 1)
[c:\program files\rising\rfw\RSCOMMON.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[c:\program files\rising\rfw\PngDll.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 5)
[PID: 1928][C:\DOCUME~1\aaa\LOCALS~1\Temp\Rar$EX00.907\SREng2\SREng.exe] (Smallfrogs Studio)(2.0.21.505)
[C:\Herosoft\HeroV8\VCvtShell.dll] (herosoft)(1, 0, 0, 1)



--------------------------------------------------------------------------------



文件关联

.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]



--------------------------------------------------------------------------------

ding