Logfile of HijackThis v1.99.0
Scan saved at 23:11:52, on 2006-10-3
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\tlntsvr.exe
C:\WINNT\system32\MsPMSPSv.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINNT\SOUNDMAN.EXE
C:\WINNT\system32\ctfmon.exe
C:\Program Files\Uper\wsetup.exe
C:\WINNT\System32\svchost.exe
D:\foobar2000\foobar2000.exe
E:\瑞星\Rav2006.exe
C:\WINNT\system32\drwtsn32.exe
C:\WINNT\system32\drwtsn32.exe
C:\WINNT\explorer.exe
C:\WINNT\system32\drwtsn32.exe
C:\WINNT\system32\drwtsn32.exe
C:\Program Files\Internet Explorer\iexplore.exe
E:\瑞星\HijackThis\HijackThis.exe

R3 - URLSearchHook: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll (file missing)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: WebThunderBHO - {00000AAA-A363-466E-BEF5-9BB68697AA7F} - e:\WebThunder\WebThunderBHO_013.dll
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINNT\system32\xunleibho_v14.dll
O2 - BHO: MyIEHelper Class - {16B770A0-0E87-4278-B748-2460D64A8386} - C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper_4606.dll (file missing)
O2 - BHO: yPhtb - {33BBE430-0E42-4f12-B075-8D21ACB10DCB} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yphtb.dll (file missing)
O2 - BHO: Anti Fish - {38928D50-8A48-44C2-945F-D2F23F771410} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yangling.dll (file missing)
O2 - BHO: 3721中文邮 - {6231D512-E4A4-4DF2-BE62-5B8F0EE348EF} - (no file)
O2 - BHO: YDragSearch - {62EED7C6-9F02-42f9-B634-98E2899E147B} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\YDRAGS~1.DLL (file missing)
O2 - BHO: at - {8B316DA1-9950-4926-B9EA-1AEC124AFA45} - C:\WINNT\system32\sscli.dll
O2 - BHO: (no name) - {999ADFA2-8AD1-47ff-97FC-69FB847458F4} - (no file)
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - C:\WINNT\downlo~1\CnsHook.dll (file missing)
O2 - BHO: IEHlprObj Class - {D424FE4E-CAF9-4fdd-BC5F-E6E6B91D53BF} - C:\Progra~1\NetMeeting\conf.dll (file missing)
O2 - BHO: AssistHelper - {FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yassist.dll (file missing)
O3 - Toolbar: 雅虎助手 - {406F94F0-504F-4A40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll (file missing)
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - HKLM\..\Run: [CnsMin] Rundll32.exe C:\WINNT\DOWNLO~1\CnsMin.dll,Rundll32
O4 - HKLM\..\Run: [WebThunder] e:\WebThunder\WebThunder.exe
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - Global Startup: wsetup.lnk = C:\Program Files\Uper\wsetup.exe
O8 - Extra context menu item: &使用迅雷下载 - E:\迅雷\Program\GetUrl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - E:\迅雷\Program\GetAllUrl.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - E:\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 使用Web迅雷下载 - e:\WebThunder\GetUrl.htm
O8 - Extra context menu item: 使用Web迅雷下载全部链接 - e:\WebThunder\GetAllUrl.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://D:\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ自定义面板 - E:\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - E:\QQ\AddEmotion.htm
O8 - Extra context menu item: 添加到雅虎订阅(&Y) - res://C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yrss.dll/YRSSMENUEXT
O8 - Extra context menu item: 用QQ彩信发送该图片 - E:\QQ\SendMMS.htm
O8 - Extra context menu item: 用比特精灵下载(&B) - E:\BitSpirit\bsurl.htm
O8 - Extra context menu item: 雅虎搜索 - res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll/203
O9 - Extra button: Yahoo 3.5G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail (file missing)
O9 - Extra button: 寻宝乐趣多 - {59BC54A2-56B3-44a0-93E5-432D58746E26} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=taobao (file missing)
O9 - Extra button: 雅虎助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist (file missing)
O9 - Extra button: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: 启动Web迅雷 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - http://my.xunlei.com (file missing)
O9 - Extra 'Tools' menuitem: 启动Web迅雷 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - http://my.xunlei.com (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra button: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/ (file missing)
O9 - Extra button: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing)
O9 - Extra 'Tools' menuitem: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing)
O9 - Extra button: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing)
O9 - Extra 'Tools' menuitem: 清理上网记录 - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing)
O11 - Options group: [!CNS]  中文上网
O16 - DPF: {098A3F72-3110-4004-B954-2F9DC44934B4} (AddSHCARoot Control) - http://billing.iyoyo.com.cn/Account/AddSHCARootCert.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1155565469029
O16 - DPF: {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (Rising Web Scan Object) - http://download.rising.com.cn/register/pcver/autoupgradepad/pcver2006new/OL2006.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{FAE2AD80-7D11-425E-8621-9E7D38492B70}: NameServer = 202.101.172.46 202.101.172.47
O23 - Service: Logical Disk Manager Administrative Service - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Distributed Transaction Coordinator - Unknown - C:\WINNT\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
O23 - Service: Windows Management Instrumentation - Unknown - C:\WINNT\System32\WBEM\WinMgmt.exe (file missing)

2006-10-03,23:12:35

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows 2000 Professional Service Pack 4 (Build 2195)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><ctfmon.exe>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <Synchronization Manager><mobsync.exe /logon>  [Microsoft Corporation]
    <SoundMan><SOUNDMAN.EXE>  [Avance Logic, Inc.]
    <NvCplDaemon><RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup>  [NVIDIA Corporation]
    <nwiz><nwiz.exe /install>  [NVIDIA Corporation]
    <NvMediaCenter><RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit>  [NVIDIA Corporation]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [Microsoft Corporation]
    <CnsMin><Rundll32.exe C:\WINNT\DOWNLO~1\CnsMin.dll,Rundll32>  []
    <WebThunder><e:\WebThunder\WebThunder.exe>  [深圳市迅雷网络技术有限公司]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><EXPLORER.EXE>  [Microsoft Corporation]
    <Userinit><userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{E55B4CBE-4CBE-55B9-BE55-CBE5BCBE55B9}><C:\Program Files\Common Files\Microsoft Shared\MSINFO\4CBE55B9.dll>  []
    <{8A238B14-A6FF-11E0-9A84-00C04FD8DBD8}><C:\WINNT\system32\sysldr.dll>  []

==================================
启动文件夹
[wsetup]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\wsetup.lnk><N>

==================================
服务
[Logical Disk Manager Administrative Service / dmadmin]
  <C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[Distributed Link Tracking Clienter / HService2]
  <c:\windows\system32\SVCH0ST.EXE><N/A>
[Distributed Transaction Coordinator / MSDTC]
  <C:\WINNT\System32\msdtc.exe><N/A>
[NVIDIA Driver Helper Service / NVSvc]
  <C:\WINNT\System32\nvsvc32.exe><NVIDIA Corporation>
[RsRavMon Service / RsRavMon]
  <"C:\Program Files\Rising\Rav\Ravmond.exe"><N/A>
[Windows Management Instrumentation / WinMgmt]
  <C:\WINNT\System32\WBEM\WinMgmt.exe><N/A>

==================================
浏览器加载项
[WebThunder Browser Helper]
  {00000AAA-A363-466E-BEF5-9BB68697AA7F} <e:\WebThunder\WebThunderBHO_013.dll, Thunder Networking Technologies,LTD>
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINNT\system32\xunleibho_v14.dll, Thunder Networking Technologies,LTD>
[MyIEHelper Class]
  {16B770A0-0E87-4278-B748-2460D64A8386} <C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper_4606.dll, N/A>
[Yahoo!Photo]
  {33BBE430-0E42-4f12-B075-8D21ACB10DCB} <C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yphtb.dll, N/A>
[AntiFish Class]
  {38928D50-8A48-44C2-945F-D2F23F771410} <C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yangling.dll, N/A>
[3721中文邮]
  {6231D512-E4A4-4DF2-BE62-5B8F0EE348EF} <, N/A>
[DragSearch BHO]
  {62EED7C6-9F02-42f9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\assist\YDRAGS~1.DLL, N/A>
[Schedule Class]
  {8B316DA1-9950-4926-B9EA-1AEC124AFA45} <C:\WINNT\system32\sscli.dll, >
[CnsHook Class]
  {D157330A-9EF3-49F8-9A67-4141AC41ADD4} <C:\WINNT\downlo~1\CnsHook.dll, N/A>
[IEHlprObj Class]
  {D424FE4E-CAF9-4fdd-BC5F-E6E6B91D53BF} <C:\Progra~1\NetMeeting\conf.dll, N/A>
[assist]
  {FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} <C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yassist.dll, N/A>
[Yahoo 3.5G电邮]
  {507F9113-CD77-4866-BA92-0E86DA3D0B97} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail, N/A>
[寻宝乐趣多]
  {59BC54A2-56B3-44a0-93E5-432D58746E26} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=taobao, N/A>
[雅虎助手]
  {5D73EE86-05F1-49ed-B850-E423120EC338} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist, N/A>
[信息检索(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <D:\MICROS~1\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[启动Web迅雷]
  {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} <http://my.xunlei.com, N/A>
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[情景聊天]
  {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/, N/A>
[]
  {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair, N/A>
[]
  {FD00D911-7529-4084-9946-A29F1BDF4FE5} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean, N/A>
[雅虎助手]
  {406F94F0-504F-4A40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, N/A>
[AddSHCARoot Control]
  {098A3F72-3110-4004-B954-2F9DC44934B4} <C:\WINNT\DOWNLO~1\ADDCAR~1.OCX, SHECA>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINNT\system32\wuweb.dll, Microsoft Corporation>
[Rising Web Scan Object]
  {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <C:\WINNT\Downloaded Program Files\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[&使用迅雷下载]
  <E:\迅雷\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <E:\迅雷\Program\GetAllUrl.htm, N/A>
[上传到QQ网络硬盘]
  <E:\QQ\AddToNetDisk.htm, N/A>
[使用Web迅雷下载]
  <e:\WebThunder\GetUrl.htm, N/A>
[使用Web迅雷下载全部链接]
  <e:\WebThunder\GetAllUrl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://D:\MICROS~1\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
  <E:\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <E:\QQ\AddEmotion.htm, N/A>
[添加到雅虎订阅(&Y)]
  <res://C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yrss.dll/YRSSMENUEXT, N/A>
[用QQ彩信发送该图片]
  <E:\QQ\SendMMS.htm, N/A>
[用比特精灵下载(&B)]
  <E:\BitSpirit\bsurl.htm, N/A>
[雅虎搜索]
  <res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll/203, N/A>

正在运行的进程
[PID: 204][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.00.2195.6601>
[PID: 164][\??\C:\WINNT\system32\csrss.exe]  <Microsoft Corporation><5.00.2195.6601>
[PID: 124][\??\C:\WINNT\system32\winlogon.exe]  <Microsoft Corporation><5.00.2195.6970>
[PID: 232][C:\WINNT\system32\services.exe]  <Microsoft Corporation><5.00.2195.6700>
    [C:\WINNT\system32\dmserver.dll]  <VERITAS Software Corp.><2195.6605.297.3>
[PID: 244][C:\WINNT\system32\lsass.exe]  <Microsoft Corporation><5.00.2195.6902>
[PID: 420][C:\WINNT\system32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 452][C:\WINNT\system32\spoolsv.exe]  <Microsoft Corporation><5.00.2195.7059>
    [C:\WINNT\system32\spool\PRTPROCS\W32X86\vprproc.dll]  <Windows (R) 2000 DDK provider><5.00.2195.1620>
[PID: 480][C:\WINNT\System32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 488][C:\WINNT\System32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 500][C:\WINNT\System32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 532][C:\WINNT\System32\nvsvc32.exe]  <NVIDIA Corporation><6.14.10.6176>
[PID: 580][C:\WINNT\system32\regsvc.exe]  <Microsoft Corporation><5.00.2195.6701>
[PID: 596][C:\WINNT\System32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 608][C:\WINNT\system32\MSTask.exe]  <Microsoft Corporation><4.71.2195.6920>
[PID: 632][C:\WINNT\system32\tlntsvr.exe]  <Microsoft Corporation><5.00.99206.1>
[PID: 716][C:\WINNT\system32\MsPMSPSv.exe]  <Microsoft Corporation><7.00.00.1956>
[PID: 736][C:\WINNT\system32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 944][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  <Microsoft Corporation><6.00.2800.1106>
    [C:\Program Files\Common Files\Microsoft Shared\MSInfo\MSINFO16.DLL]  <N/A><N/A>
    [C:\WINNT\system32\dumpreps.dll]  <N/A><N/A>
    [C:\Program Files\Common Files\Microsoft Shared\MSINFO\4CBE55B9.dll]  <N/A><N/A>
[PID: 988][C:\WINNT\SOUNDMAN.EXE]  <Avance Logic, Inc.><5.0.02>
    [C:\Program Files\Common Files\Microsoft Shared\MSINFO\4CBE55B9.dll]  <N/A><N/A>
[PID: 1000][C:\WINNT\system32\ctfmon.exe]  <Microsoft Corporation><1.00.2409.34 built by: Lab06_N>
    [C:\Program Files\Common Files\Microsoft Shared\MSINFO\4CBE55B9.dll]  <N/A><N/A>
[PID: 952][C:\Program Files\Uper\wsetup.exe]  <N/A><1.00>
[PID: 1088][C:\WINNT\System32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 1040][D:\foobar2000\foobar2000.exe]  <N/A><N/A>
    [D:\foobar2000\utf8api.dll]  <N/A><N/A>
    [D:\foobar2000\components\foo_input_std.dll]  <N/A><N/A>
    [D:\foobar2000\components\foo_output_std.dll]  <N/A><N/A>
    [D:\foobar2000\components\foo_ui_std.dll]  <N/A><N/A>
    [D:\foobar2000\components\foo_vis_manager.dll]  <N/A><N/A>
    [D:\foobar2000\components\foo_cdda.dll]  <N/A><N/A>
    [D:\foobar2000\components\foo_flac.dll]  <N/A><N/A>
    [D:\foobar2000\components\foo_ape.dll]  <N/A><N/A>
    [D:\foobar2000\components\foo_wavpack.dll]  <N/A><N/A>
    [D:\foobar2000\components\foo_mp4.dll]  <N/A><N/A>
    [D:\foobar2000\components\foo_speex.dll]  <N/A><N/A>
    [D:\foobar2000\components\foo_mod.dll]  <N/A><N/A>
    [D:\foobar2000\BASS.dll]  <N/A><N/A>
    [D:\foobar2000\components\foo_wma.dll]  <N/A><N/A>
    [D:\foobar2000\components\foo_out_dsound_ex.dll]  <N/A><N/A>
    [D:\foobar2000\components\foo_console.dll]  <N/A><N/A>
    [D:\foobar2000\components\foo_read_http.dll]  <N/A><N/A>
    [D:\foobar2000\components\foo_rgscan.dll]  <N/A><N/A>
    [D:\foobar2000\components\foo_albumlist.dll]  <N/A><N/A>
    [D:\foobar2000\components\foo_masstag.dll]  <N/A><N/A>
    [D:\foobar2000\components\foo_codepage_action.dll]  <N/A><N/A>
    [D:\foobar2000\components\foo_infobox.dll]  <N/A><N/A>
    [D:\foobar2000\components\foo_dsp_extra.dll]  <N/A><N/A>
    [D:\foobar2000\components\foo_diskwriter.dll]  <N/A><N/A>
    [C:\Program Files\Common Files\Microsoft Shared\MSINFO\4CBE55B9.dll]  <N/A><N/A>

[PID: 932][E:\瑞星\Rav2006.exe]  <Beijing Rising Technology Co., Ltd.><18.36.1.0>
    [C:\Program Files\Common Files\Microsoft Shared\MSINFO\4CBE55B9.dll]  <N/A><N/A>
[PID: 1276][C:\WINNT\system32\drwtsn32.exe]  <Microsoft Corporation><5.00.2195.6699>
    [C:\WINNT\system32\dumpreps.dll]  <N/A><N/A>
[PID: 324][C:\WINNT\system32\drwtsn32.exe]  <Microsoft Corporation><5.00.2195.6699>
    [C:\WINNT\system32\dumpreps.dll]  <N/A><N/A>
[PID: 948][C:\WINNT\explorer.exe]  <Microsoft Corporation><5.00.3700.6690>
    [C:\WINNT\system32\dumpreps.dll]  <N/A><N/A>
    [C:\Program Files\Common Files\Microsoft Shared\MSINFO\4CBE55B9.dll]  <N/A><N/A>
    [e:\WebThunder\WebThunderBHO_013.dll]  <Thunder Networking Technologies,LTD><6, 0, 0, 4>
    [C:\WINNT\system32\xunleibho_v14.dll]  <Thunder Networking Technologies,LTD><4, 6, 0, 62>
    [C:\WINNT\system32\sscli.dll]  <><5, 0, 2195, 6696>
    [D:\WinRAR\rarext.dll]  <N/A><N/A>
[PID: 1064][C:\WINNT\system32\drwtsn32.exe]  <Microsoft Corporation><5.00.2195.6699>
    [C:\WINNT\system32\dumpreps.dll]  <N/A><N/A>
[PID: 900][C:\WINNT\system32\drwtsn32.exe]  <Microsoft Corporation><5.00.2195.6699>
    [C:\WINNT\system32\dumpreps.dll]  <N/A><N/A>
[PID: 1304][C:\Program Files\Internet Explorer\iexplore.exe]  <Microsoft Corporation><6.00.2800.1106>
    [C:\Program Files\Common Files\Microsoft Shared\MSINFO\4CBE55B9.dll]  <N/A><N/A>
    [C:\WINNT\system32\dumpreps.dll]  <N/A><N/A>
    [e:\WebThunder\WebThunderBHO_013.dll]  <Thunder Networking Technologies,LTD><6, 0, 0, 4>
    [C:\WINNT\system32\xunleibho_v14.dll]  <Thunder Networking Technologies,LTD><4, 6, 0, 62>
    [C:\WINNT\system32\sscli.dll]  <><5, 0, 2195, 6696>
    [C:\WINNT\system32\macromed\flash\Flash.ocx]  <Macromedia, Inc.><7,0,19,0>
[PID: 904][E:\瑞星\sreng2\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>
    [C:\Program Files\Common Files\Microsoft Shared\MSINFO\4CBE55B9.dll]  <N/A><N/A>
    [C:\WINNT\system32\dumpreps.dll]  <N/A><N/A>

==================================
文件关联
.TXT  Error. [NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINNT\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================

请大大说清楚用什么软件修复和大致的流程好吗，万分感谢
我不能安装瑞星软件了，一到检测内存病毒就出错跳出来了

打开SRE-启动-注册表-<{E55B4CBE-4CBE-55B9-BE55-CBE5BCBE55B9}><C:\Program Files\Common Files\Microsoft Shared\MSINFO\4CBE55B9.dll> []
<{8A238B14-A6FF-11E0-9A84-00C04FD8DBD8}><C:\WINNT\system32\sysldr.dll> []
打开SRE-启动-服务-WIN32服务-隐藏微软-[Distributed Link Tracking Clienter / HService2]
<c:\windows\system32\SVCH0ST.EXE><N/A>

大大，-<{E55B4CBE-4CBE-55B9-BE55-CBE5BCBE55B9}><C:\Program Files\Common Files\Microsoft Shared\MSINFO\4CBE55B9.dll> []
这项无法修复，删了又出来，请指教