Dropper.TiHs.ak病毒如何清除！【求助】
C盘中中了这个病毒，文件名为：system1.exe 而且瑞星监控中心的“邮件发送监控”和“邮件接收监控”两项始终为禁用状态，开启不了！上网也打不开任何网页（能连接到服务器，就是数据才有几十个字节！）不知道是不是它干的好事？
救命啊，老大！

【回复“EEEFLP”的帖子】
http://www.KZTechs.com/
下载System Repair Engineer
导出全部日志

谢谢老大！直接安装这个软件，运行就行了吧！不会损害其他文件吧？

[CODE]

2006-12-31,10:45:29

System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)

Windows 2000 Professional Service Pack 4 (Build 2195)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <internat.exe><internat.exe>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunServices]
    <Microsoft Search Companion><MS_search.exe>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <Synchronization Manager><mobsync.exe /logon>  [(Verified)Microsoft Corporation]
    <CApp><C:\WINNT\system32\capp.exe>  []
    <msstart><C:\WINNT\system32\msstart.exe>  [N/A]
    <nwiz><nwiz.exe /install>  [(Verified)NVIDIA Corporation]
    <StormCodec_Helper><"\StormSet.exe" /S /opti>  [N/A]
    <popo2004><>  [N/A]
    <mdac_runonce><C:\WINDOWS\SYSTEM\runonce.exe>  [N/A]
    <NWEReboot><>  [N/A]
    <stup.exe><C:\PROGRA~1\TENCENT\Adplus\stup.exe>  [Tencent]
    <internet.exe><C:/system.hta>  [N/A]
    <Chinaddr><C:\PROGRA~1\CHIN@D~1\Cns.exe -nosplash>  [国风因特软件(北京)有限公司]
    <DAEMON Tools-1033><"F:\D-Tools\daemon.exe"  -lang 1033>  [DAEMON'S HOME]
    <runeip><C:\Program Files\Rising\AntiSpyware\runiep.exe>  [Beijing Rising Technology Co., Ltd.]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]
    <SchedulingAgent><mstask.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><EXPLORER.EXE>  [(Verified)Microsoft Corporation]
    <Userinit><userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><KB215366M.LOG>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINNT\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <DLMon><C:\WINNT\system32\DLMain.dll>  [N/A]

==================================
启动文件夹
[金山词霸 2003]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\金山词霸 2003.lnk --> C:\PROGRA~1\Kingsoft\POWERW~1\XDICT.EXE [Kingsoft Co, Ltd.]><N>
[Microsoft Office]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Microsoft Office.lnk --> C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [Microsoft Corporation]><N>
[Adobe Gamma Loader]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Gamma Loader.lnk --> C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [Adobe Systems, Inc.]><N>

==================================
服务
[adionn / adionn][Stopped/Manual Start]
  <"\\61.51.59.82\E$\stone.exe" -service><N/A>
[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[ahrwxev / ahrwxev][Stopped/Manual Start]
  <"\\221.216.10.103\admin$\norton.exe" -service><N/A>
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
  <C:\WINNT\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[Logical Disk Manager Administrative Service / dmadmin][Stopped/Manual Start]
  <C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[fswccvh / fswccvh][Stopped/Manual Start]
  <"\\221.216.160.34\E$\bcvsrv32.exe" -service><N/A>
[nsnflie / nsnflie][Stopped/Manual Start]
  <"\\61.51.58.183\admin$\smsls.exe" -service><N/A>
[NVIDIA Driver Helper Service / NVSvc][Running/Auto Start]
  <C:\WINNT\system32\nvsvc32.exe><NVIDIA Corporation>
[PPPoE Service / PPPoEService][Running/Auto Start]
  <C:\PROGRA~1\北京通信\北京宽~1\app\pppoeservice.exe><N/A>
[PsExec / PSEXESVC][Stopped/Manual Start]
  <C:\WINNT\System32\PSEXESVC.EXE><N/A>
[Rising Proxy  Service / RfwProxySrv][Stopped/Manual Start]
  <c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
  <c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon][Running/Auto Start]
  <"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[sdudoju / sdudoju][Stopped/Manual Start]
  <"\\221.218.62.151\E$\winjava.exe" -service><N/A>
[smhgf / smhgf][Stopped/Manual Start]
  <"\\61.51.58.159\E$\winjava.exe" -service><N/A>
[Windows Management Protocol v.0 (experimental) / Windows Management Protocol v.0 (experimental)][Stopped/Auto Start]
  <Rundll32.exe msjdbc11.dll ondll_server><Microsoft Corporation>
[Portable Media Serial Number Service / WmdmPmSN][Stopped/Manual Start]
  <C:\WINNT\System32\svchost.exe -k netsvcs-->C:\WINNT\system32\mspmsnsv.dll><Microsoft Corporation>
[wodvllz / wodvllz][Stopped/Manual Start]
  <"\\61.51.59.3\E$\bcvsrv32.exe" -service><N/A>
[ypktxgk / ypktxgk][Stopped/Manual Start]
  <"\\221.216.10.76\admin$\rundlls.exe" -service><N/A>
[_reg / _reg][Stopped/Auto Start]
  <Rundll32.exe msjdbc11.dll ondll_server><Microsoft Corporation>

==================================
驱动程序
[0000_sys.sys /  ][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\0000_sys.sys><>
[ADProt / ADProt][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\ADProt.sys><腾讯科技（深圳）有限公司>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[CdnHook / CdnHook][Running/System Start]
  <System32\drivers\cdnhook.sys><N/A>
[Cdsys / Cdsys][Stopped/Manual Start]
  <\??\C:\WINNT\system32\cdcd.sys><N/A>
[d343bus / d343bus][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\d343bus.sys><>
[d343port / d343port][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\d343port.sys><>
[FAMETECH USB 2.0 PC Camera / DCamUSBEMPIA][Stopped/Manual Start]
  <system32\DRIVERS\emDevice.sys><eMPIA Technology, Inc.>
[dmboot / dmboot][Stopped/Disabled]
  <System32\drivers\dmboot.sys><VERITAS Software Corp.>
[Logical Disk Manager Driver / dmio][Running/Boot Start]
  <\SystemRoot\System32\drivers\dmio.sys><VERITAS Software Corp.>
[dmload / dmload][Running/Boot Start]
  <\SystemRoot\System32\drivers\dmload.sys><VERITAS Software Corp.>
[ENIMSR / ENIMSR][Stopped/Manual Start]
  <\??\C:\PROGRA~1\北京通信\北京宽~1\app\ENIMSR.SYS><Microsoft Corporation>
[ExpScaner / ExpScaner][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\ExpScan.sys><>
[ferdr / ferdr][Running/Auto Start]
  <\??\C:\WINNT\system32\Drivers\Ferdr.sys><N/A>
[VIA Rhine Family Fast Ethernet Adapter Driver Service / FETNDISB][Running/Manual Start]
  <system32\DRIVERS\fetnd5b.sys><VIA Technologies, Inc.>
[USB Device Lower Filter / FiltUSBEMPIA][Stopped/Manual Start]
  <system32\DRIVERS\emFilter.sys><eMPIA Technology Inc.>
[GMSIPCI / GMSIPCI][Stopped/Manual Start]
  <\??\H:\INSTALL\GMSIPCI.SYS><N/A>
[HOOKAPI / HOOKAPI][Stopped/Manual Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\HOOKAPI.SYS><瑞星软件有限公司>
[HookCont / HookCont][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\HookSys.sys><Rising>
[HookUrl / HookUrl][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[MEMSCAN / MEMSCAN][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[mProcRs / mProcRs][Running/Auto Start]
  <\??\c:\program files\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[New0 / New0][Running/Auto Start]
  <\??\C:\WINNT\system32\new.sys><N/A>
[Netgroup Packet Filter / NPF][Stopped/Manual Start]
  <system32\DRIVERS\npf.sys><CACE Technologies>
[npkcrypt / npkcrypt][Stopped/Auto Start]
  <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><N/A>
[CNC Enternet P.P.P.o.E LAN  Miniport Driver / NTSPPPOE][Running/Manual Start]
  <system32\DRIVERS\ntspppoe.sys><Microsoft Corporation>
[NTSTAP1 / NTSTAP1][Stopped/Manual Start]
  <\??\C:\PROGRA~1\北京通信\北京宽~1\app\NTSTAP1.SYS><Network TeleSystems, Inc.>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[StarForce Protection Environment Driver v6 / prodrv06][Running/System Start]
  <\SystemRoot\System32\drivers\prodrv06.sys><Protection Technology>
[StarForce Protection Helper Driver v2 / prohlp02][Running/Boot Start]
  <\SystemRoot\System32\drivers\prohlp02.sys><Protection Technology>
[StarForce Protection Synchronization Driver v1 / prosync1][Running/Boot Start]
  <\SystemRoot\System32\drivers\prosync1.sys><Protection Technology>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[QuakeDRV / QuakeDRV][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\quakedrv.sys><N/A>
[RAWESR / RAWESR][Stopped/Manual Start]
  <\??\C:\PROGRA~1\北京通信\北京宽~1\app\RAWESR.SYS><Microsoft Corporation>
[RsFwDrv / RsFwDrv][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\RSPPSYS.sys><Rising>
[USB Still Image Capture Device / ScanUSBEMPIA][Stopped/Manual Start]
  <system32\DRIVERS\emScan.sys><eMPIA Technology, Inc.>
[Sentinel / Sentinel][Running/Auto Start]
  <\SystemRoot\System32\Drivers\SENTINEL.SYS><N/A>
[StarForce Protection Helper Driver / sfhlp01][Running/Boot Start]
  <\SystemRoot\System32\drivers\sfhlp01.sys><Protection Technology>
[Sony Memory Stick Driver(SONYPVM1) / SONYPVM1][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\SONYPVM1.SYS><Sony Corporation>
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1][Stopped/Manual Start]
  <system32\DRIVERS\SONYPVU1.SYS><Sony Corporation>
[STEC3 / STEC3][Running/Auto Start]
  <\??\C:\WINNT\system32\STEC3.sys><AntiCracking>
[TAPBIND / TAPBIND][Stopped/Manual Start]
  <\??\C:\PROGRA~1\北京通信\北京宽~1\app\TAPBIND1.SYS><Network TeleSystems, Inc.>
[VIAPFD / VIAPFD][Running/System Start]
  <\SystemRoot\System32\Drivers\VIAPFD.SYS><VIA Technologies. Inc.>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[InstQA / InstQA][Stopped/Disabled]
  <\SystemRoot\system32\drivers\InstQA.sys><N/A>

==================================
浏览器加载项
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[CellWeb5 Control]
  {3F166327-8030-4881-8BD2-EA25350E574A} <C:\WINNT\system32\cellweb5.ocx, Cell Software, Inc.>
[CEditCtrl Object]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINNT\system32\aliedit\AliEdit.dll, www.alipay.com>
[AcDcToday 控件]
  {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} <C:\WINNT\DOWNLO~1\ACDCTO~1.OCX, Autodesk>
[Filetran Control]
  {88734439-46D0-42C0-A13F-7E881EE550CF} <C:\PROGRA~1\Bluesky\BLUESK~1\filetran.ocx, Bluesky Studio(http://www.bluesky.cn)>
[Ppinstall Control]
  {CF051549-EDE1-40F5-B440-BCD646CF2C25} <C:\WINNT\DOWNLO~1\PPINST~1.OCX, 网易 NetEase>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINNT\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[TTemplatePrinter Control]
  {ED09617B-2212-4FF6-A967-DB2922DDB00E} <C:\WINNT\DOWNLO~1\JQPRIN~1.OCX, 北京久其>
[AcPreview 控件]
  {F281A59C-7B65-11D3-8617-0010830243BD} <C:\WINNT\DOWNLO~1\ACPREV~1.OCX, Autodesk>
[Upgrade Class]
  {F4B47EEA-5D5D-4055-A6B5-ED59CC3C5BB3} <C:\WINNT\system32\ClientIns.dll, 北京锋力信息科技有限公司>
[上传到QQ网络硬盘]
  <C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[使用彩信超级自写发送到手机]
  <http://mms.sina.com.cn/mmsnews.html, N/A>
[发送图片到手机(&M)]
  <http://sms.sina.com.cn/diy/send.html?from=467, N/A>
[导出当前页到超星阅览器(&A)]
  <E:\SSREADER36\ss_all.htm, N/A>
[导出选中部分到超星阅览器(&S)]
  <E:\SSREADER36\ss_select.htm, N/A>
[收藏此页到新浪ViVi]
  <http://vivi.sina.com.cn/collect/click.php?agent=ddt, N/A>
[添加到QQ自定义面板]
  <C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[访问 3721中文网址]
  <C:\PROGRA~1\CHIN@D~1\cnsgo_936.htm, N/A>

==================================
正在运行的进程
[PID: 164][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.00.2195.6601]
[PID: 188][\??\C:\WINNT\system32\csrss.exe]  [Microsoft Corporation, 5.00.2195.6601]
[PID: 208][\??\C:\WINNT\system32\winlogon.exe]  [Microsoft Corporation, 5.00.2195.6970]
[PID: 236][C:\WINNT\system32\services.exe]  [Microsoft Corporation, 5.00.2195.6700]
    [C:\WINNT\system32\dmserver.dll]  [VERITAS Software Corp., 2195.6605.297.3]
[PID: 248][C:\WINNT\system32\lsass.exe]  [Microsoft Corporation, 5.00.2195.6902]
[PID: 412][c:\program files\rising\rfw\rfwsrv.exe]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 30]
    [c:\program files\rising\rfw\RfwRule.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 3]
    [c:\program files\rising\rfw\rfwlog.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 2]
    [c:\program files\rising\rfw\Rfwdrv.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 9]
    [c:\program files\rising\rfw\MonDrv.dll]  [rs, 1, 0, 0, 4]
    [c:\program files\rising\rfw\ProcLib.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 5]
    [c:\program files\rising\rfw\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
[PID: 424][C:\WINNT\system32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
    [C:\WINNT\System32\nsp.dll]  [N/A, N/A]
[PID: 452][C:\Program Files\Rising\Rav\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 564][C:\WINNT\system32\spoolsv.exe]  [Microsoft Corporation, 5.00.2195.7059]
    [C:\WINNT\system32\ZLMhp1.DLL]  [Zenographics, 5, 51, 1203, 0]
    [C:\WINNT\system32\ZLM.dll]  [Zenographics, Inc., 5, 50, 1416, 0]
    [C:\WINNT\system32\ZPJL.dll]  [Zenographics, Inc., 1, 0, 1410, 1]
    [C:\WINNT\system32\ZSPOOL.dll]  [Zenographics, Inc., 5, 51, 709, 0]
    [C:\WINNT\system32\spool\PRTPROCS\W32X86\IMFPrint.DLL]  [Zenographics, Inc., 5, 54, 330, 0]
    [C:\WINNT\system32\Imf32.dll]  [Zenographics, Inc., 5, 51, 405, 0]
    [C:\WINNT\system32\ZTAG32.dll]  [Zenographics, Inc., 5, 50, 1725, 0]
    [C:\WINNT\system32\spool\PRTPROCS\W32X86\vprproc.dll]  [Windows (R) 2000 DDK provider, 5.00.2195.1620]
    [C:\WINNT\system32\spool\PRTPROCS\W32X86\ZPPPCL.DLL]  [Zenographics, Inc., 5, 51, 710, 0]
    [C:\WINNT\system32\ZPP.dll]  [Zenographics, Inc., 5, 51, 709, 0]
    [C:\WINNT\system32\ZGDI32.dll]  [Zenographics, Inc., 5, 51, 628, 0]
    [C:\WINNT\System32\nsp.dll]  [N/A, N/A]
[PID: 596][C:\WINNT\system32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 632][C:\WINNT\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.13.10.2832]
[PID: 656][C:\PROGRA~1\北京通信\北京宽~1\app\pppoeservice.exe]  [N/A, N/A]
[PID: 704][C:\WINNT\system32\MSTask.exe]  [Microsoft Corporation, 4.71.2195.6920]
[PID: 812][C:\WINNT\system32\stisvc.exe]  [Microsoft Corporation, 5.00.2195.6656]
[PID: 912][C:\WINNT\Explorer.EXE]  [Microsoft Corporation, 5.00.3700.6690]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
    [C:\Program Files\TENCENT\Adplus\Adplus.dll]  [Tencent, 4, 2, 2, 21]
    [C:\WINNT\system32\hookdll.dll]  [, 1, 0, 1, 4]
    [C:\PROGRA~1\CHIN@D~1\cnasys.dll]  [N/A, N/A]
    [C:\Program Files\Kingsoft\Powerword 2003\Cjktl32.dll]  [N/A, N/A]
    [C:\Program Files\TENCENT\Adplus\SSAddr.dll]  [Tencent, 4, 2, 2, 21]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\PROGRA~1\WINZIP\WZSHLSTB.DLL]  [WinZip Computing, Inc., 4.1 (32-bit)]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [C:\WINNT\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
[PID: 992][C:\WINNT\system32\capp.exe]  [, 1, 1, 2, 0]
    [C:\WINNT\system32\hookdll.dll]  [, 1, 0, 1, 4]
    [C:\WINNT\system32\CdnTdns.dll]  [sunny, 1, 0, 0, 7]
    [C:\WINNT\System32\nsp.dll]  [N/A, N/A]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
    [C:\Program Files\TENCENT\Adplus\Adplus.dll]  [Tencent, 4, 2, 2, 21]
    [C:\Program Files\Kingsoft\Powerword 2003\Cjktl32.dll]  [N/A, N/A]
[PID: 988][C:\PROGRA~1\CHIN@D~1\Cns.exe]  [国风因特软件(北京)有限公司, 2, 2, 0, 0]
    [C:\PROGRA~1\CHIN@D~1\cnasys.dll]  [N/A, N/A]
    [C:\PROGRA~1\CHIN@D~1\cnadata.dll]  [因特国风, 1, 0, 0, 1]
    [C:\PROGRA~1\CHIN@D~1\cnaio.dll]  [N/A, N/A]
    [C:\WINNT\system32\hookdll.dll]  [, 1, 0, 1, 4]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
    [C:\Program Files\TENCENT\Adplus\Adplus.dll]  [Tencent, 4, 2, 2, 21]
    [C:\Program Files\Kingsoft\Powerword 2003\Cjktl32.dll]  [N/A, N/A]
[PID: 1024][F:\D-Tools\daemon.exe]  [DAEMON'S HOME, 3.43.0.0]
    [C:\WINNT\daemon.dll]  [N/A, 3.43.0.0]
    [F:\D-Tools\PFCTOC.DLL]  [Padus(R), Inc., 1, 0, 0, 12]
    [F:\D-Tools\Plugins\Images\ccdmount.dll]  [GENERIC, 1.02.0.0]
    [F:\D-Tools\Plugins\Images\mdsmount.dll]  [GENERIC, 1.01.0.0]
    [F:\D-Tools\Plugins\Images\pdimount.dll]  [GENERIC, 1.01.0.0]
    [F:\D-Tools\Plugins\Images\nrgmount.dll]  [GENERIC, 1.02.0.0]
    [F:\D-Tools\Plugins\Images\bw5mount.dll]  [N/A, 1.0.1.0]
    [C:\WINNT\system32\hookdll.dll]  [, 1, 0, 1, 4]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
    [C:\Program Files\TENCENT\Adplus\Adplus.dll]  [Tencent, 4, 2, 2, 21]
    [C:\Program Files\Kingsoft\Powerword 2003\Cjktl32.dll]  [N/A, N/A]
[PID: 1032][C:\Program Files\Rising\AntiSpyware\runiep.exe]  [Beijing Rising Technology Co., Ltd., 1, 0, 1, 3]
    [C:\Program Files\Rising\AntiSpyware\iep_ctrl.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 4]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
    [C:\WINNT\system32\hookdll.dll]  [, 1, 0, 1, 4]
    [C:\Program Files\TENCENT\Adplus\Adplus.dll]  [Tencent, 4, 2, 2, 21]
    [C:\Program Files\Kingsoft\Powerword 2003\Cjktl32.dll]  [N/A, N/A]
[PID: 1052][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.0.3427]
    [C:\WINNT\system32\hookdll.dll]  [, 1, 0, 1, 4]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
    [C:\Program Files\Kingsoft\Powerword 2003\Cjktl32.dll]  [N/A, N/A]
    [C:\Program Files\TENCENT\Adplus\Adplus.dll]  [Tencent, 4, 2, 2, 21]
[PID: 1068][C:\WINNT\system32\internat.exe]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\WINNT\system32\hookdll.dll]  [, 1, 0, 1, 4]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
    [C:\Program Files\Kingsoft\Powerword 2003\Cjktl32.dll]  [N/A, N/A]
    [C:\Program Files\TENCENT\Adplus\Adplus.dll]  [Tencent, 4, 2, 2, 21]
[PID: 1108][C:\Program Files\Kingsoft\Powerword 2003\XDICT.EXE]  [Kingsoft Co, Ltd., 6, 0, 1, 0]
    [C:\Program Files\Kingsoft\Powerword 2003\ITextOut.dll]  [Kingsoft, 1, 1, 0, 0]
    [C:\Program Files\Kingsoft\Powerword 2003\CJKTAB32.dll]  [N/A, N/A]
    [C:\Program Files\Kingsoft\Powerword 2003\XImage32.dll]  [N/A, N/A]
    [C:\Program Files\Kingsoft\Powerword 2003\xfile.dll]  [N/A, N/A]
    [C:\Program Files\Kingsoft\Powerword 2003\KPic10.dll]  [N/A, N/A]
    [C:\Program Files\Kingsoft\Powerword 2003\ijl11.dll]  [Intel Corporation, 1.1.2]
    [C:\Program Files\Kingsoft\Powerword 2003\toTTSEngine50.dll]  [Kingsoft Corporation, 1, 0, 0, 1]
    [C:\Program Files\Kingsoft\Powerword 2003\NormGrab.DLL]  [Kingsoft Co, Ltd., 6, 0, 0, 0]
    [C:\Program Files\Kingsoft\Powerword 2003\DicMngr.dll]  [Kingsoft, 1, 0, 0, 0]
    [C:\PROGRA~1\CHIN@D~1\cnasys.dll]  [N/A, N/A]
    [C:\WINNT\system32\hookdll.dll]  [, 1, 0, 1, 4]
    [C:\Program Files\Kingsoft\Powerword 2003\DBCore10.dll]  [Kingsoft  Corp., 1, 0, 0, 0]
    [C:\Program Files\Kingsoft\Powerword 2003\XdictGrb.dll]  [Kingsoft Co, Ltd., 6, 0, 0, 0]
    [C:\Program Files\Kingsoft\Powerword 2003\Cjktl32.dll]  [N/A, N/A]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
    [C:\Program Files\TENCENT\Adplus\Adplus.dll]  [Tencent, 4, 2, 2, 21]

[PID: 1216][C:\Program Files\Rising\Rav\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 4]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[PID: 844][C:\WINNT\System32\WBEM\WinMgmt.exe]  [Microsoft Corporation, 1.50.1085.0100]
[PID: 872][C:\WINNT\system32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 1576][C:\Program Files\Real\RealPlayer\RealPlay.exe]  [RealNetworks, Inc., 6.0.12.1348]
    [C:\WINNT\system32\PNCRT.dll]  [Real Networks, Inc, 6.0.0.0]
    [C:\Program Files\Common Files\Real\Update_OB\rnms3270.dll]  [RealNetworks, Inc., 7.0.1.3251]
    [C:\Program Files\Common Files\Real\Common\objb3201.dll]  [RealNetworks, Inc., 0.1.0.6244]
    [C:\Program Files\Common Files\Real\RCAPlugins\uisy3201.dll]  [RealNetworks, Inc., 0.1.0.3749]
    [C:\Program Files\Real\RealPlayer\lang\gemctl_cn.dll]  [RealNetworks, Inc., 6.0.12.298]
    [C:\Program Files\Common Files\Real\Common\pnrs3260.dll]  [RealNetworks, Inc., 6.0.9.3985]
    [C:\Program Files\Common Files\Real\Update_OB\rnad3201.dll]  [RealNetworks, Inc., 0.1.0.3427]
    [C:\Program Files\TENCENT\Adplus\Adplus.dll]  [Tencent, 4, 2, 2, 21]
    [C:\PROGRA~1\CHIN@D~1\cnasys.dll]  [N/A, N/A]
    [C:\WINNT\system32\hookdll.dll]  [, 1, 0, 1, 4]
    [C:\Program Files\Kingsoft\Powerword 2003\Cjktl32.dll]  [N/A, N/A]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
    [C:\Program Files\Common Files\Real\Update_OB\rnqu3270.dll]  [RealNetworks, Inc., 7.0.0.3671]
    [C:\Program Files\Common Files\Real\Update_OB\setu3270.dll]  [RealNetworks, Inc., 7.0.0.4309]
    [C:\Program Files\Common Files\Real\Plugins\httpfsys.dll]  [RealNetworks, Inc., 10.0.0.2668]
[PID: 1376][C:\Program Files\Real\RealPlayer\RealPlay.exe]  [RealNetworks, Inc., 6.0.12.1348]
    [C:\WINNT\system32\PNCRT.dll]  [Real Networks, Inc, 6.0.0.0]
    [C:\Program Files\Common Files\Real\Update_OB\upgr3270.dll]  [RealNetworks, Inc., 7.0.0.3652]
    [C:\Program Files\Common Files\Real\Common\objb3201.dll]  [RealNetworks, Inc., 0.1.0.6244]
    [C:\Program Files\TENCENT\Adplus\Adplus.dll]  [Tencent, 4, 2, 2, 21]
    [C:\PROGRA~1\CHIN@D~1\cnasys.dll]  [N/A, N/A]
    [C:\WINNT\system32\hookdll.dll]  [, 1, 0, 1, 4]
    [C:\Program Files\Kingsoft\Powerword 2003\Cjktl32.dll]  [N/A, N/A]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
    [C:\Program Files\Common Files\Real\Update_OB\setu3270.dll]  [RealNetworks, Inc., 7.0.0.4309]
    [C:\Program Files\Common Files\Real\Update_OB\rnqu3270.dll]  [RealNetworks, Inc., 7.0.0.3671]
    [C:\Program Files\Common Files\Real\Update_OB\rnup3270.dll]  [RealNetworks, Inc., 7.0.0.3003]
    [C:\Program Files\Common Files\Real\Update_OB\faus3270.dll]  [RealNetworks, Inc., 7.0.0.3123]
    [C:\Program Files\Common Files\Real\Common\pnrs3260.dll]  [RealNetworks, Inc., 6.0.9.3985]
    [C:\Program Files\Common Files\Real\Update_OB\rnad3201.dll]  [RealNetworks, Inc., 0.1.0.3427]
    [C:\Program Files\Common Files\Real\Update_OB\pnmi3270.dll]  [RealNetworks, Inc., 7.0.0.1826]
    [C:\Program Files\Common Files\Real\Update_OB\rnms3270.dll]  [RealNetworks, Inc., 7.0.1.3251]
    [C:\Program Files\Common Files\Real\Plugins\httpfsys.dll]  [RealNetworks, Inc., 10.0.0.2668]
[PID: 1380][C:\Documents and Settings\w\桌面\SREng.EXE]  [Smallfrogs Studio, 2.3.13.690]
    [C:\Program Files\TENCENT\Adplus\Adplus.dll]  [Tencent, 4, 2, 2, 21]
    [C:\PROGRA~1\CHIN@D~1\cnasys.dll]  [N/A, N/A]
    [C:\WINNT\system32\hookdll.dll]  [, 1, 0, 1, 4]
    [C:\Program Files\Kingsoft\Powerword 2003\Cjktl32.dll]  [N/A, N/A]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
    [C:\WINNT\System32\nsp.dll]  [N/A, N/A]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINNT\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
API HOOK
N/A

==================================


[/CODE] 以上为我的全日志，怎么救我的电脑？万分感谢！

版主救命啊！急！！！

版主救命啊！急！！！