2006-10-06,23:01:47

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
    <bgswitch><C:\WINDOWS\system32\bgswitch.exe>  [N/A]
    <恢复BOOT菜单><c:\windows\BOOT-hf.exe>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <rx><C:\WINDOWS\system32\explore.exe>  [N/A]
    <wow><C:\WINDOWS\system32\Launcher.exe>  [N/A]
    <zz><C:\WINDOWS\system32\intenet.exe>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <SoundMan><SOUNDMAN.EXE>  [(Verified)Realtek Semiconductor Corp.]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)NVIDIA Corporation]
    <nwiz><nwiz.exe /install>  [NVIDIA Corporation]
    <NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit>  [(Verified)NVIDIA Corporation]
    <RavTask><"E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <RfwMain><"E:\瑞星杀毒软件\瑞星防火墙\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <RavScanBD><"E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\ScanBD.exe" /INST>  [Beijing Rising Technology Co., Ltd.]
    <Thunder><"F:\迅雷5\Thunder.exe" /s>  [Thunder Networking Technologies,LTD]
    <R><C:\WINDOWS\system32\rundll32.exe mvlib.dll s>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <RavStub><"E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\ravstub.exe" /RUNONCE>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <9><C:\WINDOWS\system32\vpcrm.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\Userinit.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
    <{6E44887F-5214-41F2-AB46-4728735C4CC6}><C:\Program Files\Internet Explorer\PLUGINS\system3.sys>  [N/A]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\KAV6\KASCRSCN.SCR>  [N/A]

==================================

启动文件夹
N/A

==================================
服务
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[NVIDIA Display Driver Service / NVSvc]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Rising Proxy  Service / RfwProxySrv]
  <e:\瑞星杀毒软件\瑞星防火墙\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
  <e:\瑞星杀毒软件\瑞星防火墙\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
  <"E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[User Profile Hive Cleanup / UPHClean]
  <C:\Program Files\UPHClean\uphclean.exe><Microsoft Corporation>

==================================
驱动程序
[573671 / 573671]
  <\SystemRoot\System32\drivers\573671.sys><N/A>
[a0 / a0]
  <\SystemRoot\\SystemRoot\System32\drivers\573671.sys><N/A>
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc]
  <system32\drivers\ac97intc.sys><Intel Corporation>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AliIde / AliIde]
  <\SystemRoot\System32\DRIVERS\aliide.sys><N/A>
[Rising TDI Base Driver / BaseTDI]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[CmdIde / CmdIde]
  <\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[ExpScaner / ExpScaner]
  <\??\E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\ExpScan.sys><>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[HookCont / HookCont]
  <\??\E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\HOOKCONT.sys><Rising tech Co. ltd>
[HookReg / HookReg]
  <\??\E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\HookReg.sys><>
[HookSys / HookSys]
  <\??\E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\HookSys.sys><Rising>
[HookUrl / HookUrl]
  <\??\E:\瑞星杀毒软件\瑞星防火墙\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[HWiNFO32 Kernel Driver / HWiNFO32]
  <\??\C:\Program Files\HWiNFO32\HWiNFO32.SYS><REALiX(tm)>
[MegaIDE / MegaIDE]
  <\SystemRoot\System32\DRIVERS\MegaIDE.sys><LSI Logic Corporation.>
[MEMSCAN / MEMSCAN]
  <\??\E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[mProcRs / mProcRs]
  <\??\e:\瑞星杀毒软件\瑞星防火墙\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[nv / nv]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RGWatch / RGWatch]
  <\SystemRoot\system32\DRIVERS\RGWatch.sys><Windows (R) Server 2003 DDK provider>
[RsFwDrv / RsFwDrv]
  <\??\E:\瑞星杀毒软件\瑞星防火墙\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[Realtek 10/100/1000 NIC Family all in one NDIS XP Driver / RTL8023xp]
  <system32\DRIVERS\Rtlnicxp.sys><Realtek Semiconductor Corporation>
[Secdrv / Secdrv]
  <system32\DRIVERS\secdrv.sys><N/A>

==================================
浏览器加载项
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <F:\迅雷5\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[启动迅雷]
  {0062C9BD-B349-40DE-91A0-755F37ACD559} <F:\迅雷5\Thunder.exe, Thunder Networking Technologies,LTD>
[微软]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.microsoft.com/china/index.htm, N/A>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[BitComet工具栏]
  {3F1ABCDB-A875-46c1-8345-B72A4567E486} <E:\电影\BitComet\BitCometBar\BitCometBar0.6.dll, N/A>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <F:\迅雷5\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[&使用迅雷下载]
  <F:\迅雷5\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <F:\迅雷5\Program\GetAllUrl.htm, N/A>
[上传到QQ网络硬盘]
  <E:\QQ游戏\TT\AddToNetDisk.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
  <E:\QQ游戏\TT\AddPanel.htm, N/A>
[添加到QQ表情]
  <E:\QQ游戏\TT\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <E:\QQ游戏\TT\SendMMS.htm, N/A>

==================================

正在运行的进程
[PID: 436][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 492][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 516][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 560][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 572][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 724][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
[PID: 768][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\quartz32.dll]  [, 4, 1, 0, 0]
[PID: 884][E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 900][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\quartz32.dll]  [, 4, 1, 0, 0]
[PID: 988][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1056][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1080][E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\Ravmond.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 1, 35]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\RsLog.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\HOOKSYS.dll]  [Beijing Rising Technology Co., Ltd., 18, 1, 0, 11]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 32]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\libload.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\VirusLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\regmon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\HookWeb.dll]  [rising, 18, 0, 0, 2]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\MemMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\expscan.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\MailMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\SpamEng.dll]  [N/A, 18, 0, 0, 6]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\engine.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 34]
    [C:\WINDOWS\system32\quartz32.dll]  [, 4, 1, 0, 0]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\PostTrt.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 16]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\UnExe.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\ScanExec.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\ScanEx.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 27]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\RSUnpack.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 17]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\NvFile.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 7]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\ScanMac.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\ScanSct.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\Unpacker.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\RsStore.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\ExtOLE.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
[PID: 1188][e:\瑞星杀毒软件\瑞星防火墙\rising\rfw\rfwsrv.exe]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 32]
    [e:\瑞星杀毒软件\瑞星防火墙\rising\rfw\RfwRule.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 13]
    [e:\瑞星杀毒软件\瑞星防火墙\rising\rfw\rfwlog.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 6]
    [e:\瑞星杀毒软件\瑞星防火墙\rising\rfw\Rfwdrv.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 21]
    [e:\瑞星杀毒软件\瑞星防火墙\rising\rfw\MonDrv.dll]  [rs, 1, 0, 0, 4]
    [e:\瑞星杀毒软件\瑞星防火墙\rising\rfw\ProcLib.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 9]

[PID: 1260][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 21]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\mvlib.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\quartz32.dll]  [, 4, 1, 0, 0]
    [C:\WINDOWS\system32\myztr.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\mywow.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\myrx.dll]  [N/A, N/A]
    [F:\迅雷5\ComDlls\XunLeiBHO_002.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\nvcpl.dll]  [NVIDIA Corporation, 6.14.10.7124]
    [C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.7124]
    [C:\WINDOWS\system32\nvshell.dll]  [NVIDIA Corporation, 6.14.10.10025]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
[PID: 1404][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1492][E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 16]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[PID: 1672][e:\瑞星杀毒软件\瑞星防火墙\rising\rfw\RfwMain.exe]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 52]
    [e:\瑞星杀毒软件\瑞星防火墙\rising\rfw\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 23]
    [e:\瑞星杀毒软件\瑞星防火墙\rising\rfw\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [e:\瑞星杀毒软件\瑞星防火墙\rising\rfw\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\WINDOWS\system32\mvlib.dll]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
[PID: 1832][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.0.3275]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\mvlib.dll]  [N/A, N/A]
[PID: 1840][C:\WINDOWS\SOUNDMAN.EXE]  [Realtek Semiconductor Corp., 5.1.0.34]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\mvlib.dll]  [N/A, N/A]

[PID: 168][E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\RavTask.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 22]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\mvlib.dll]  [N/A, N/A]
[PID: 204][E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\Ravmon.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 1, 33]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 26]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\mvlib.dll]  [N/A, N/A]
[PID: 312][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\mvlib.dll]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
[PID: 816][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.10.7124]
    [C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.7124]
[PID: 1828][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 1860][C:\Program Files\UPHClean\uphclean.exe]  [Microsoft Corporation, 1.5.5.21]
[PID: 1204][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\quartz32.dll]  [, 4, 1, 0, 0]
[PID: 1768][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [F:\迅雷5\ComDlls\XunLeiBHO_002.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
[PID: 2720][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [F:\迅雷5\ComDlls\XunLeiBHO_002.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
    [C:\WINDOWS\system32\quartz32.dll]  [, 4, 1, 0, 0]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
[PID: 2376][E:\QQ游戏\TT\QQ.exe]  [TENCENT, 0, 0, 0, 0]
    [E:\QQ游戏\TT\QQBaseClassInDll.dll]  [, 1, 0, 0, 1]
    [E:\QQ游戏\TT\QQHelperDll.dll]  [, 1, 0, 0, 1]
    [E:\QQ游戏\TT\BasicCtrlDll.dll]  [Tencent, 5, 0, 200, 14]
    [C:\WINDOWS\system32\mvlib.dll]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
    [E:\QQ游戏\TT\LoginCtrl.dll]  [, 1, 0, 0, 1]
    [E:\QQ游戏\TT\npkcntc.dll]  [INCA Internet Co., Ltd., 2005, 9, 1, 1]
    [E:\QQ游戏\TT\npkpdb.dll]  [INCA Internet Co., Ltd., 2003, 10, 1, 1]
    [E:\QQ游戏\TT\QQAPI.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\QQ2005\TIMProxy.dll]  [tencent, 2.05]
    [E:\QQ游戏\TT\QQRes.dll]  [tencent, 1, 0, 0, 1]
    [C:\WINDOWS\system32\quartz32.dll]  [, 4, 1, 0, 0]
    [E:\QQ游戏\TT\QQMainFrame.dll]  [N/A, N/A]
    [E:\QQ游戏\TT\CQQApplication.dll]  [N/A, N/A]
    [E:\QQ游戏\TT\NewSkin.dll]  [, 1, 0, 0, 1]
    [E:\QQ游戏\TT\HostingMgr.dll]  [, 1, 0, 0, 1]
    [E:\QQ游戏\TT\CameraDll.dll]  [, 1, 0, 0, 1]
    [E:\QQ游戏\TT\MailSummary.dll]  [, 1, 0, 0, 1]
    [E:\QQ游戏\TT\QQSpace.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
    [E:\QQ游戏\TT\QQGroupMng.dll]  [, 1, 0, 0, 1]
    [E:\QQ游戏\TT\QQSysMsgMng.dll]  [N/A, N/A]
    [E:\QQ游戏\TT\QQConfigPlugin.dll]  [, 1, 0, 0, 1]
    [E:\QQ游戏\TT\UserDefinedHead.dll]  [, 1, 0, 0, 1]
    [E:\QQ游戏\TT\QRingMng.dll]  [N/A, N/A]
    [E:\QQ游戏\TT\PhoneAPI.dll]  [, 1, 0, 0, 1]
    [E:\QQ游戏\TT\DialerAllinOne.dll]  [tencent, 1, 4, 0, 0]
    [E:\QQ游戏\TT\QQAvatar.dll]  [N/A, N/A]
    [E:\QQ游戏\TT\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [E:\QQ游戏\TT\QQAllInOne.dll]  [N/A, N/A]
    [E:\QQ游戏\TT\SCCore.dll]  [N/A, N/A]
    [E:\QQ游戏\TT\QQCustomFace.dll]  [N/A, N/A]
    [E:\QQ游戏\TT\LongConnection.dll]  [tencent, 0, 3, 3, 8]
    [E:\QQ游戏\TT\QQPet.dll]  [, 1, 0, 0, 1]
    [E:\QQ游戏\TT\BQQApplication.dll]  [N/A, N/A]
    [E:\QQ游戏\TT\QQPlugin.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 21]
    [E:\QQ游戏\TT\CommercesMng.dll]  [, 1, 0, 0, 1]
    [E:\QQ游戏\TT\PersonalDesktop.dll]  [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
    [E:\QQ游戏\TT\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 141]
    [E:\QQ游戏\TT\QQSceneMng.dll]  [N/A, N/A]
    [E:\QQ游戏\TT\QQPhoneHelper.dll]  [腾讯科技（深圳）有限公司, 2, 0, 6, 60]

[E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
    [E:\QQ游戏\TT\QQTProxy.dll]  [, 1, 0, 0, 1]
    [E:\QQ游戏\TT\zlib1.dll]  [N/A, 1.2.1]
[PID: 3068][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [F:\迅雷5\ComDlls\XunLeiBHO_002.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
    [C:\WINDOWS\system32\quartz32.dll]  [, 4, 1, 0, 0]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
[PID: 3732][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [F:\迅雷5\ComDlls\XunLeiBHO_002.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
    [C:\WINDOWS\system32\quartz32.dll]  [, 4, 1, 0, 0]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
[PID: 2780][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\mvlib.dll]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
[PID: 2784][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [F:\迅雷5\ComDlls\XunLeiBHO_002.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
    [C:\WINDOWS\system32\quartz32.dll]  [, 4, 1, 0, 0]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
[PID: 1452][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [F:\迅雷5\ComDlls\XunLeiBHO_002.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
    [C:\WINDOWS\system32\quartz32.dll]  [, 4, 1, 0, 0]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
[PID: 3764][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [F:\迅雷5\ComDlls\XunLeiBHO_002.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
    [C:\WINDOWS\system32\quartz32.dll]  [, 4, 1, 0, 0]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
[PID: 1752][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [F:\迅雷5\ComDlls\XunLeiBHO_002.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
    [C:\WINDOWS\system32\quartz32.dll]  [, 4, 1, 0, 0]
[PID: 2180][E:\新歌\TTPlayer.exe]  [Alen Soft, 4, 6, 8, 0]
    [E:\新歌\ttpcomm.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\mvlib.dll]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
    [E:\新歌\ttpres.dll]  [Alen Soft, 4, 6, 8, 0]
[PID: 2796][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\mvlib.dll]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\kakatool.dll]  [Beijing Rising Technology Co., Ltd., 2, 0, 0, 9]
    [F:\迅雷5\ComDlls\XunLeiBHO_002.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
    [C:\WINDOWS\system32\quartz32.dll]  [, 4, 1, 0, 0]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
[PID: 3600][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3268][F:\迅雷5\Program\Thunder5.exe]  [Thunder Networking Technologies,LTD, 5.4.0.226]
    [F:\迅雷5\Program\UpdateDownload.dll]  [Thunder Networking Technologies,LTD, 1, 0, 1, 8]
    [F:\迅雷5\Program\download_interface.dll]  [Thunder Networking Technologies,LTD, 2, 0, 0, 1]
    [F:\迅雷5\Program\stlport_vc646.dll]  [STLport Consulting, Inc., 4.6.2003.1031]
    [F:\迅雷5\Program\log4cplus.dll]  [, 1, 0, 2, 1]
    [F:\迅雷5\Program\asyn_dns.dll]  [N/A, N/A]
    [F:\迅雷5\Program\msgmanage.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 15]
    [F:\迅雷5\Program\historyinfo_manage.dll]  [Thunder Networking Technologies,LTD, 5, 2, 0, 148]
    [C:\WINDOWS\system32\mvlib.dll]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
    [F:\迅雷5\Program\RegisterDll.dll]  [Thunder Networking Technologies,LTD, 2, 1, 0, 18]
    [F:\迅雷5\Program\FloatBar.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 2]
    [C:\WINDOWS\system32\quartz32.dll]  [, 4, 1, 0, 0]
    [F:\迅雷5\Plugins\TingTing\TingTing.dll]  [Thunder Networking Technologies,LTD, 1, 1, 1, 9]
    [F:\迅雷5\Components\InMedia\iEmbedShell.dll]  [　, 1, 0, 0, 11]
    [F:\迅雷5\Components\InMedia\iEmbed04.dll]  [　, 2, 3, 0, 37]
    [F:\迅雷5\Components\P4PClient\P4PClient.dll]  [Thunder Networking Technologies,LTD, 1, 0, 4, 10]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 21]
    [E:\瑞星杀毒软件\瑞星杀毒软件\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [F:\迅雷5\Program\iTargetAd.dll]  [Thunder Networking Technologies,LTD, 1, 0, 1, 59]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
[PID: 3880][E:\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
    [C:\WINDOWS\system32\mvlib.dll]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\PLUGINS\system3.sys]  [N/A, N/A]
    [C:\WINDOWS\system32\quartz32.dll]  [, 4, 1, 0, 0]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
MSTCPChain Provider
    C:\WINDOWS\system32\quartz32.dll(, MFClDLL)
MSTCP Provider
    C:\WINDOWS\system32\quartz32.dll(, MFClDLL)

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost
219.139.58.97  www.hao123.com
219.139.58.97  hao123.com
219.139.58.97  www.7b.com.cn
219.139.58.97  7b.com.cn
219.139.58.97  www.7939.com
219.139.58.97  7939.com
219.139.58.97  www.maohehe.com
219.139.58.97  maohehe.com
219.139.58.97  www.sina-baidu.com
219.139.58.97  sina-baidu.com
219.139.58.97  60.191.60.107
219.139.58.97  www.maipao.com
219.139.58.97  maipao.com
219.139.58.97  update.virussky.com
219.139.58.97  down.virussky.com
219.139.58.97  219.139.58.97
219.139.58.97  59.34.148.81
219.139.58.97  60.191.60.114
219.139.58.97  www.ycdy.com
219.139.58.97  ycdy.com
219.139.58.97  www.2tu.cn
219.139.58.97  2tu.cn
219.139.58.97  www.91tu.cn
219.139.58.97  91tu.cn
219.139.58.97  www.haotop.com
219.139.58.97  news01.virussky.com
219.139.58.97  news02.virussky.com
219.139.58.97  news03.virussky.com
219.139.58.97  news04.virussky.com
219.139.58.97  www.360safe.com
219.139.58.97  360safe.com
219.139.58.97  dl.360safe.com
219.139.58.97  bbs.360safe.com
219.139.58.97  www.gao58.com
219.139.58.97  count18.51yes.com
219.139.58.97  www.ok538.com
219.139.58.97  www.3000sss.com
219.139.58.97  3000sss.com
219.139.58.97  www.qq658.com
219.139.58.97  www.53679.com
219.139.58.97  www.17587.net
219.139.58.97  www.17587.com
219.139.58.97  www.an188.com
219.139.58.97  cwzwxm.3322.org
219.139.58.97  www.onediy.net
219.139.58.97  sohu.fswan.com
219.139.58.97  www.hewdq.com
219.139.58.97  go.ipcenter.cn
219.139.58.97  www.32666.com
219.139.58.97  show.googleadsenseagent.com
219.139.58.97  www.2yin.cn
219.139.58.97  2yin.cn
219.139.58.97  www.84442.com
219.139.58.97  www.898333.com
219.139.58.97  hewdq.com
219.139.58.97  84442.com
219.139.58.97  ip.j8lm.com
219.139.58.97  www.j8lm.com
219.139.58.97  wwww.systeel.com.cn
219.139.58.97  go.baibaoxiang.cn
219.139.58.97  www.btbaicai.com
219.139.58.97  btbaicai.com
219.139.58.97  www.2t2t.cn
219.139.58.97  2t2t.cn

==================================