大概还有叫win1-10.exe。路径：C:\DOCUME~1\user1\LOCALS~1\Temp\Win7.exe.用瑞星19.12.42可以杀毒，病毒名：Trojan.PSW.Agent.jdo，同时还有一个文件：4[1].css。但是重现启动后只要一上网kaka助手还会报警，再杀，如此往复。
请告知对付办法，多谢！！！

请下载SREng2 ，使用“智能扫描”，按下“扫描”按钮进行扫描，扫描完成后按下“保存报告”按钮保存报告日志文件（SREng.LOG），把保存的报告日志文件内容复制-粘贴上来,,日志一次粘不完，分次粘完，
下载地址
http://www.kztechs.com/sreng/sreng2.zip

粘帖 应该会吧。ctrl+c 用鼠标也可以`

参考:
http://forum.ikaka.com/topic.asp?board=28&artid=8237996

2007-03-05,00:54:15

System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 1 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <CAP3ON><C:\WINDOWS\System32\spool\drivers\w32x86\3\CAP3ONN.EXE>  [(Verified)CANON INC.]
    <NeroFilterCheck><C:\WINDOWS\system32\NeroCheck.exe>  [Ahead Software Gmbh]
    <RfwMain><"d:\FW\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <RavTask><"D:\av\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <Sunkist2k><C:\Program Files\Multimedia Card Reader\shwicon2k.exe>  [Alcor Micro, Corp.]
    <Cmaudio><RunDll32 cmicnfg.cpl,CMICtrlWnd>  [N/A]
    <runeip><C:\Program Files\Rising\AntiSpyware\runiep.exe>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <KKDelay><C:\Program Files\Rising\AntiSpyware\RunOnce.exe>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <KernelFaultChck><C:\WINDOWS\System32\msdnl.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><EXPLORER.EXE>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
    <{36CD708B-6077-4C02-9377-D73EAA495A0F}><C:\WINDOWS\WinHttp.dll>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <Cmaudio><; RunDll32 cmicnfg.cpl,CMICtrlWnd>  [N/A]
    <iDuba Personal FireWall><; C:\KAV6\KAVPFW.EXE>  [N/A]
    <KAVRun><; C:\KAV6\KAVRun.EXE>  [N/A]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <KpopMon><; C:\KAV6\KPopMon.EXE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <Kulansyn><; C:\KAV6\Kulansyn.EXE>  [N/A]
    <MINI_BFYY><; E:\Storm Downloader\StormDownloader.exe>  [N/A]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <MSMSGS><; "C:\Program Files\Messenger\msmsgs.exe" /background>  [(Verified)Microsoft Corporation]
    <MsnMsgr><; "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <NbFloatBar><; >  [N/A]
    <NvCplDaemon><; RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup>  [(Verified)NVIDIA Corporation]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <NvMediaCenter><; RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit>  [(Verified)NVIDIA Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <nwiz><; nwiz.exe /install>  [(Verified)NVIDIA Corporation]
    <PHIME2002A><; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <StormCodec_Helper><; "E:\Storm Codec\StormSet.exe" /S /opti>  [N/A]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <xrikc0sbysg8><; >  [N/A]

==================================
启动文件夹
[Adobe Gamma Loader]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Gamma Loader.lnk --> C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [Adobe Systems, Inc.]><N>

==================================
服务
[Management Instrumentation Driver Extensions / 6to4][Stopped/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\winmide32.dll><N/A>
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
  <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[Canon Camera Access Library 8 / CCALib8][Running/Auto Start]
  <C:\Program Files\Canon\CAL\CALMAIN.exe><Canon Inc.>
[GEARSecurity / GEARSecurity][Running/Auto Start]
  <C:\WINDOWS\System32\GEARSEC.EXE><GEAR Software>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[iPod 服务 / iPodService][Stopped/Manual Start]
  <C:\Program Files\iPod\bin\iPodService.exe><Apple Computer, Inc.>
[LightScribeService Direct Disc Labeling Service / LightScribeService][Running/Auto Start]
  <C:\Program Files\Common Files\LightScribe\LSSrvc.exe><>
[Macromedia Licensing Service / Macromedia Licensing Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe"><N/A>
[NVIDIA Driver Helper Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\System32\nvsvc32.exe><NVIDIA Corporation>
[Rising Proxy  Service / RfwProxySrv][Stopped/Manual Start]
  <d:\fw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
  <d:\fw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"D:\av\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
  <"D:\av\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>

==================================
驱动程序
[ALi Based Ethernet NT Driver / ALI5261][Running/Manual Start]
  <System32\DRIVERS\ALILAN.SYS><ALi Corporation.>
[ALi AGP Bus Filter Driver / ALiAGP][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\ALiAGP.sys><ALi Corporation.>
[AliIde / AliIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\aliide.sys><ALi Corporation>
[aliperf / aliperf][Running/Boot Start]
  <\SystemRoot\System32\drivers\aliperf.sys><Windows (R) 2000 DDK provider>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[C-Media WDM Audio Interface / cmuda][Running/Manual Start]
  <system32\drivers\cmuda.sys><C-Media Inc>
[ExpScaner / ExpScaner][Running/Auto Start]
  <\??\D:\av\ExpScan.sys><>
[GEAR CDRom Filter / GEARAspiWDM][Running/Manual Start]
  <SYSTEM32\DRIVERS\GEARAspiWDM.sys><GEAR Software>
[Founder Scanner Driver / GT680xNT][Stopped/Manual Start]
  <system32\drivers\gt680x.sys><>
[HOOKAPI / HOOKAPI][Stopped/Manual Start]
  <\??\D:\RISING\RAV\HOOKAPI.SYS><N/A>
[HookCont / HookCont][Running/Auto Start]
  <\??\D:\av\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
  <\??\D:\av\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
  <\??\D:\av\HookSys.sys><Rising>
[HookUrl / HookUrl][Running/Auto Start]
  <\??\d:\FW\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[MEMSCAN / MEMSCAN][Running/Auto Start]
  <\??\D:\av\MEMSCAN.sys><瑞星软件有限公司>
[mProcRs / mProcRs][Running/Auto Start]
  <\??\d:\fw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[New0 / New0][Running/Auto Start]
  <\??\C:\WINDOWS\System32\new.sys><N/A>
[Netgroup Packet Filter / NPF][Stopped/Manual Start]
  <System32\DRIVERS\npf.sys><NetGroup - Politecnico di Torino>
[nv / nv][Running/Manual Start]
  <System32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Padus ASPI Shell / pfc][Running/Manual Start]
  <system32\drivers\pfc.sys><Padus, Inc.>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[WAN 微型端口 (PPP over Ethernet 协议) / RMSPPPOE][Running/Manual Start]
  <System32\DRIVERS\RMSPPPOE.SYS><Robert Schlabbach>
[RsAntiSpyware / RsAntiSpyware][Stopped/Disabled]
  <\SystemRoot\System32\drivers\RsBoot.sys><Beijing Rising>
[RsFwDrv / RsFwDrv][Running/Auto Start]
  <\??\d:\FW\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\System32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
  <\??\D:\av\RSPPSYS.sys><Rising>
[Secdrv / Secdrv][Stopped/Manual Start]
  <System32\DRIVERS\secdrv.sys><N/A>
[Alcor Micro Corp - 9360 / SunkFilt][Stopped/Manual Start]
  <\??\C:\WINDOWS\System32\Drivers\sunkfilt.sys><Alcor Micro Corp.>

==================================
浏览器加载项
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\System32\xunleibho_v4.dll, >
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <E:\Acrobat\Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <E:\FLASHGET\jccatch.dll, Amaze Soft>
[解霸]
  {367E0A21-8601-4986-9C9A-153BF5ACA118} <C:\HEROSOFT\Hero3000\MPLAYER.EXE, N/A>
[CibaCtrl Class]
  {8DE0FCD4-5EB5-11D3-AD25-00002100131B} <C:\PROGRA~1\Kingsoft\XDict\IEPlugin.dll, >
[JoyoCtrl Class]
  {C8CE29C5-7589-11D3-B81B-0080C8DC5DC8} <C:\PROGRA~1\Kingsoft\XDict\IEPlugin.dll, >
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[FlashGet]
  {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <E:\FLASHGET\flashget.exe, Amaze Soft>
[电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[金山快译(&K)]
  {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} <C:\PROGRA~1\Kingsoft\FastAIT\IEBand.dll, >
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <E:\FLASHGET\fgiebar.dll, Amaze Soft>
[Shockwave ActiveX Control]
  {166B1BCA-3F9C-11CF-8075-444553540000} <C:\WINDOWS\System32\macromed\Shockwave 10\Download.dll, Macromedia, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[&使用暴风下载器下载]
  <E:\Storm Downloader\geturl.htm, N/A>
[使用网际快车下载]
  <E:\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <E:\FlashGet\jc_all.htm, N/A>
[解霸实时播放]
  <C:\HEROSOFT\Hero3000\MPURLGET.HTM, N/A>

==================================
正在运行的进程
[PID: 672][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 740][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 764][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 808][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 820][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 1008][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1096][D:\av\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 1112][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1248][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1280][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1304][D:\av\Ravmond.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 43]
    [D:\av\BWList.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [D:\av\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [D:\av\rfwctrl.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
    [D:\av\RsPPsys.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
    [D:\av\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [D:\av\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [D:\av\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [D:\av\RsLog.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
    [D:\av\HOOKSYS.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 0]
    [D:\av\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 12]
    [D:\av\libload.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
    [D:\av\VirusLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [D:\av\regmon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [D:\av\HookWeb.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 1]
    [D:\av\MemMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
    [D:\av\expscan.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [D:\av\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
    [D:\av\HookCont.dll]  [Rising, 19, 0, 0, 0]
    [D:\av\SpamEng.dll]  [N/A, 18, 0, 0, 6]
    [D:\av\engine.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 26]
    [D:\av\PostTrt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 8]
    [D:\av\UnExe.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [D:\av\ScanExec.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
    [D:\av\ScanEx.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 41]
    [D:\av\ExtFile.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 25]
    [D:\av\NvFile.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
    [D:\av\ScanMac.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 13]
    [D:\av\ScanSct.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
    [D:\av\Unpacker.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
    [D:\av\ScanPack.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 20]
    [D:\av\RsVM.dll]  [N/A, 19, 0, 0, 15]
    [D:\av\Uroutine.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 23]
    [D:\av\ExtOLE.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 12]
    [D:\av\RsStore.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [D:\av\Uscript.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 18]
[PID: 1396][d:\fw\rfwsrv.exe]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 30]
    [d:\fw\RfwRule.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 3]
    [d:\fw\rfwlog.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 2]
    [d:\fw\Rfwdrv.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 10]
    [d:\fw\MonDrv.dll]  [rs, 1, 0, 0, 4]
    [d:\fw\ProcLib.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 5]
    [d:\fw\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
[PID: 1720][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
    [C:\WINDOWS\system32\CAP3LMK.DLL]  [CANON INC., 1.00.0.007]
    [C:\WINDOWS\system32\CAP3SMK.DLL]  [CANON INC., 1.00.0.007]
    [C:\WINDOWS\system32\CAP3PTMN.DLL]  [CANON INC., 1.00.0.007]
    [C:\WINDOWS\system32\OLFMNT40.DLL]  [Microsoft Corporation, 9.0.98.0105]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\olfpnt40.dll]  [Microsoft Corporation, 9.0.98.0105]
    [C:\WINDOWS\system32\CAP3EMN.DLL]  [CANON INC., 1.00.0.007]
[PID: 1996][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
    [E:\Acrobat\Reader\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 6.0.1.2003110300]
    [E:\FLASHGET\jccatch.dll]  [Amaze Soft, 1, 1, 4, 0]
    [D:\av\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [D:\av\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\System32\xunleibho_v4.dll]  [, 4, 3, 2, 29]
    [C:\PROGRA~1\WINZIP\WZSHLSTB.DLL]  [WinZip Computing, Inc., 4.1 (32-bit)]
[PID: 152][C:\WINDOWS\System32\CAP3RSK.EXE]  [CANON INC., 1.00.0.007]
[PID: 488][C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\CAP3SWK.EXE]  [CANON INC., 1.00.0.007]
    [C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\CAP3PMN.DLL]  [CANON INC., 1.00.0.007]
    [C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\CAP3SMK.DLL]  [CANON INC., 1.00.0.007]
[PID: 572][d:\fw\RfwMain.exe]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 70]
    [d:\fw\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 31]
    [d:\fw\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [d:\fw\RfwCtrl.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
    [d:\fw\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [d:\fw\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 632][D:\av\RavTask.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
    [D:\av\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [D:\av\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [D:\av\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [D:\av\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 600][C:\Program Files\Multimedia Card Reader\shwicon2k.exe]  [Alcor Micro, Corp., 1, 4, 0, 8]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 664][D:\av\Ravmon.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 45]
    [D:\av\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
    [D:\av\BWList.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]

THANKS A LOT ![

D:\av\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [D:\av\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [D:\av\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [D:\av\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [D:\av\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [D:\av\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 696][C:\WINDOWS\System32\RunDll32.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system\cmicnfg.cpl]  [C-Media Corporation, 1, 0, 41, 2]
    [C:\WINDOWS\System32\udaprop.dll]  [C-Media Corporation, 1.0.2.2]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 704][C:\Program Files\Rising\AntiSpyware\runiep.exe]  [Beijing Rising Technology Co., Ltd., 1, 0, 1, 6]
    [C:\Program Files\Rising\AntiSpyware\iep_ctrl.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 4]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 712][C:\WINDOWS\System32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 1856][C:\WINDOWS\System32\GEARSEC.EXE]  [GEAR Software, 1, 0, 0, 3]
[PID: 1876][C:\Program Files\Common Files\LightScribe\LSSrvc.exe]  [, 1.0.21.1]
[PID: 1920][C:\WINDOWS\System32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.01.4351]
[PID: 2012][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 532][C:\Program Files\Canon\CAL\CALMAIN.exe]  [Canon Inc., 8, 0, 0, 21]
[PID: 3392][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\System32\xunleibho_v4.dll]  [, 4, 3, 2, 29]
    [E:\Acrobat\Reader\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 6.0.1.2003110300]
    [E:\FLASHGET\jccatch.dll]  [Amaze Soft, 1, 1, 4, 0]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
    [D:\av\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\System32\Macromed\Flash\Flash8b.ocx]  [Macromedia, Inc., 8,0,24,0]
[PID: 2776][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\System32\xunleibho_v4.dll]  [, 4, 3, 2, 29]
    [E:\Acrobat\Reader\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 6.0.1.2003110300]
    [E:\FLASHGET\jccatch.dll]  [Amaze Soft, 1, 1, 4, 0]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
    [D:\av\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\System32\Macromed\Flash\Flash8b.ocx]  [Macromedia, Inc., 8,0,24,0]
[PID: 2412][C:\Program Files\Microsoft Office\Office\WINWORD.EXE]  [Microsoft Corporation, 9.0.2823]
    [D:\av\RsPlugIn.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 14]
    [C:\PROGRA~1\Kingsoft\XDict\PWOFFI~1.DLL]  [N/A, N/A]
    [C:\PROGRA~1\Kingsoft\FastAIT\AddIns\WORDAD~1.DLL]  [, 1, 0, 0, 1]
    [C:\PROGRA~1\COMMON~1\KingSoft\Extract\KSEngine.dll]  [, 1, 0, 0, 1]
    [C:\PROGRA~1\COMMON~1\KingSoft\Extract\xfile.dll]  [N/A, N/A]
    [C:\PROGRA~1\COMMON~1\KingSoft\Extract\XDPopWnd.dll]  [Kingsoft, 1, 0, 0, 0]
    [C:\PROGRA~1\COMMON~1\KingSoft\Extract\XImage32.dll]  [N/A, N/A]
    [C:\PROGRA~1\COMMON~1\KingSoft\Extract\KSVoice.dll]  [N/A, N/A]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
    [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\CAP3UIK.DLL]  [Canon Inc., 1.00.0.007]
    [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\CAP3K.DLL]  [Canon Inc., 0.3.0.0]
[PID: 2476][D:\av\Rav.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 28]
    [D:\av\PlugIn\RsPgScan.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 17]
    [D:\av\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [D:\av\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [D:\av\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [D:\av\RavUI.Dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 30]
    [D:\av\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
    [D:\av\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [D:\av\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
    [D:\av\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 12]
    [D:\av\BWList.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [D:\av\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
[PID: 2752][D:\SRE\SREng.EXE]  [Smallfrogs Studio, 2.3.13.690]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  Error. [超级解霸3000]
.JS  Error. ["E:\Dreamweaver\Dreamweaver MX 2004\Dreamweaver.exe" "%1"]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost
59.34.148.98      www.hao123.com
59.34.148.98      www.4199.com
59.34.148.98      www.9505.com
59.34.148.98      www.7322.com
218.5.76.175      www.huoche.com.cn

==================================
API HOOK
N/A

==================================

【回复“鸟儿天上飞”的帖子】

多谢。可是我的硬盘和注册表里并没有twunk32.exe 我也没装qq.

ding

该用户帖子内容已被屏蔽

【回复“Jokkkka”的帖子】

非常感谢！！！