大家帮帮我`````我的电脑````好像是中毒了```桌面上出现2个文件``也删除不点 ``只要一重新启动``就出来了`````也查不出来病毒`````

出现什么文件？

引用:

【烧香的熊猫的贴子】出现什么文件？ ………………

是什么人体艺术````和性爱36式``````

怎么也删不掉 ```还有我的QQ也上不成了 ```不能输入密码````大家救救啊``

请下载SREng2扫个日志上来
下载地址
http://www.kztechs.com/sreng/sreng2.zip

[CODE]

2007-01-04,10:12:15

System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)

Windows 2000 Professional Service Pack 3 (Build 2195)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><ctfmon.exe>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <Synchronization Manager><mobsync.exe /logon>  [Microsoft Corporation]
    <IgfxTray><C:\WINNT\System32\igfxtray.exe>  [Intel Corporation]
    <HotKeysCmds><C:\WINNT\System32\hkcmd.exe>  [Intel Corporation]
    <SoundMan><SOUNDMAN.EXE>  [Avance Logic, Inc.]
    <IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [(Verified)Microsoft Corporation]
    <rfw><C:\Program Files\rising\Rfw\Rfw.exe>  [Beijing Rising Technology Corporation Limited]
    <NeroFilterCheck><C:\WINNT\system32\NeroCheck.exe>  [Ahead Software Gmbh]
    <RavTimer><E:\Program Files\Rising\Rav\RavTimer.exe>  [Beijing Rising Technology Co., Ltd.]
    <RavMon><E:\Program Files\Rising\Rav\RavMon.exe -system>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINNT\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{C217767F-E340-49B8-85D3-3A72B9CD652F}><C:\Program Files\Common Files\Microsoft Shared\MSINFO\InfoMs.Ime>  [N/A]
    <{B8A170A8-7AD3-4678-B2FE-F2D7381CC1B5}><C:\Program Files\Internet Explorer\Connection Wizard\isignup.sys>  [N/A]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><(无)>  [N/A]

==================================
启动文件夹
[腾讯QQ]
  <C:\Documents and Settings\administrator\「开始」菜单\程序\启动\腾讯QQ.lnk --> C:\PROGRA~1\Tencent\QQ\QQ.exe [TENCENT]><N>

==================================

服务
[911814A6 / 911814A6][Stopped/Auto Start]
  <C:\WINNT\System32\911814A6.EXE -service><Microsoft Corporation>
[Alerter / Alerter][Stopped/Manual Start]
  <C:\WINNT\System32\services.exe><Microsoft Corporation>
[Application Management / AppMgmt][Running/Manual Start]
  <C:\WINNT\system32\services.exe><Microsoft Corporation>
[Computer Browser / Browser][Running/Auto Start]
  <C:\WINNT\System32\services.exe><Microsoft Corporation>
[Indexing Service / cisvc][Stopped/Manual Start]
  <C:\WINNT\System32\cisvc.exe><Microsoft Corporation>
[ClipBook / ClipSrv][Stopped/Manual Start]
  <C:\WINNT\system32\clipsrv.exe><Microsoft Corporation>
[DHCP Client / Dhcp][Running/Auto Start]
  <C:\WINNT\System32\services.exe><Microsoft Corporation>
[Logical Disk Manager Administrative Service / dmadmin][Stopped/Manual Start]
  <C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[Logical Disk Manager / dmserver][Running/Auto Start]
  <C:\WINNT\System32\services.exe><Microsoft Corporation>
[DNS Client / Dnscache][Running/Auto Start]
  <C:\WINNT\System32\services.exe><Microsoft Corporation>
[Event Log / Eventlog][Running/Auto Start]
  <C:\WINNT\system32\services.exe><Microsoft Corporation>
[COM+ Event System / EventSystem][Running/Manual Start]
  <C:\WINNT\System32\svchost.exe -k netsvcs-->C:\WINNT\System32\es.dll><Microsoft Corporation>
[Fax Service / Fax][Stopped/Manual Start]
  <C:\WINNT\system32\faxsvc.exe><Microsoft Corporation>
[Server / lanmanserver][Running/Auto Start]
  <C:\WINNT\System32\services.exe><Microsoft Corporation>
[Workstation / lanmanworkstation][Running/Auto Start]
  <C:\WINNT\System32\services.exe><Microsoft Corporation>
[TCP/IP NetBIOS Helper Service / LmHosts][Running/Auto Start]
  <C:\WINNT\System32\services.exe><Microsoft Corporation>
[Messenger / Messenger][Running/Auto Start]
  <C:\WINNT\System32\services.exe><Microsoft Corporation>
[NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
  <C:\WINNT\System32\mnmsrvc.exe><Microsoft Corporation>
[Distributed Transaction Coordinator / MSDTC][Stopped/Manual Start]
  <C:\WINNT\System32\msdtc.exe><Microsoft Corporation>
[Network DDE / NetDDE][Stopped/Manual Start]
  <C:\WINNT\system32\netdde.exe><Microsoft Corporation>
[Network DDE DSDM / NetDDEdsdm][Stopped/Manual Start]
  <C:\WINNT\system32\netdde.exe><Microsoft Corporation>
[Net Logon / Netlogon][Stopped/Manual Start]
  <C:\WINNT\System32\lsass.exe><Microsoft Corporation>
[Network Connections / Netman][Running/Manual Start]
  <C:\WINNT\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\netman.dll><Microsoft Corporation>
[NT LM Security Support Provider / NtLmSsp][Stopped/Manual Start]
  <C:\WINNT\System32\lsass.exe><Microsoft Corporation>
[Removable Storage / NtmsSvc][Running/Auto Start]
  <C:\WINNT\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\NtmsSvc.dll><Microsoft Corporation>
[SAP Agent / NwSapAgent][Running/Auto Start]
  <C:\WINNT\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\ipxsap.dll><Microsoft Corporation>
[Plug and Play / PlugPlay][Running/Auto Start]
  <C:\WINNT\system32\services.exe><Microsoft Corporation>
[IPSEC Policy Agent / PolicyAgent][Running/Auto Start]
  <C:\WINNT\System32\lsass.exe><Microsoft Corporation>
[Protected Storage / ProtectedStorage][Running/Auto Start]
  <C:\WINNT\system32\services.exe><Microsoft Corporation>
[Remote Access Auto Connection Manager / RasAuto][Stopped/Manual Start]
  <C:\WINNT\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\rasauto.dll><Microsoft Corporation>
[Remote Access Connection Manager / RasMan][Running/Manual Start]
  <C:\WINNT\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\rasmans.dll><Microsoft Corporation>
[Routing and Remote Access / RemoteAccess][Stopped/Disabled]
  <C:\WINNT\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\mprdim.dll><Microsoft Corporation>
[Remote Registry Service / RemoteRegistry][Running/Auto Start]
  <C:\WINNT\system32\regsvc.exe><Microsoft Corporation>
[Remote Procedure Call (RPC) Locator / RpcLocator][Stopped/Manual Start]
  <C:\WINNT\System32\locator.exe><Microsoft Corporation>
[Remote Procedure Call (RPC) / RpcSs][Running/Auto Start]
  <C:\WINNT\system32\svchost -k rpcss-->%SystemRoot%\system32\rpcss.dll><Microsoft Corporation>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <E:\PROGRAM FILES\RISING\RAV\CCENTER.EXE><rising>
[RsRavMon Service / RsRavMon][Running/Auto Start]
  <E:\PROGRAM FILES\RISING\RAV\Ravmond.exe><Beijing Rising Technology Co., Ltd.>
[QoS RSVP / RSVP][Stopped/Manual Start]
  <C:\WINNT\System32\rsvp.exe -s><Microsoft Corporation>
[Security Accounts Manager / SamSs][Running/Auto Start]
  <C:\WINNT\system32\lsass.exe><Microsoft Corporation>
[Smart Card Helper / SCardDrv][Stopped/Manual Start]
  <C:\WINNT\System32\SCardSvr.exe><Microsoft Corporation>
[Smart Card / SCardSvr][Stopped/Manual Start]
  <C:\WINNT\System32\SCardSvr.exe><Microsoft Corporation>
[Task Scheduler / Schedule][Running/Auto Start]
  <C:\WINNT\system32\MSTask.exe><Microsoft Corporation>
[RunAs Service / seclogon][Running/Auto Start]
  <C:\WINNT\system32\services.exe><Microsoft Corporation>
[System Event Notification / SENS][Running/Auto Start]
  <C:\WINNT\system32\svchost.exe -k netsvcs-->%SystemRoot%\system32\sens.dll><Microsoft Corporation>
[Internet Connection Sharing / SharedAccess][Stopped/Manual Start]
  <C:\WINNT\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\ipnathlp.dll><Microsoft Corporation>
[Print Spooler / Spooler][Running/Auto Start]
  <C:\WINNT\system32\spoolsv.exe><Microsoft Corporation>
[Performance Logs and Alerts / SysmonLog][Stopped/Manual Start]
  <C:\WINNT\system32\smlogsvc.exe><Microsoft Corporation>
[Telephony / TapiSrv][Running/Manual Start]
  <C:\WINNT\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\tapisrv.dll><Microsoft Corporation>
[Telnet / TlntSvr][Stopped/Manual Start]
  <C:\WINNT\system32\tlntsvr.exe><Microsoft Corporation>
[Distributed Link Tracking Client / TrkWks][Running/Auto Start]
  <C:\WINNT\system32\services.exe><Microsoft Corporation>
[Uninterruptible Power Supply / UPS][Stopped/Manual Start]
  <C:\WINNT\System32\ups.exe><Microsoft Corporation>
[Utility Manager / UtilMan][Stopped/Manual Start]
  <C:\WINNT\System32\UtilMan.exe><Microsoft Corporation>
[Windows Time / W32Time][Stopped/Manual Start]
  <C:\WINNT\System32\services.exe><Microsoft Corporation>
[Windows Management Instrumentation / WinMgmt][Running/Auto Start]
  <C:\WINNT\System32\WBEM\WinMgmt.exe><Microsoft Corporation>
[Windows Management Instrumentation Driver Extensions / Wmi][Running/Manual Start]
  <C:\WINNT\system32\Services.exe><Microsoft Corporation>
[Automatic Updates / wuauserv][Running/Auto Start]
  <C:\WINNT\system32\svchost.exe -k wugroup-->C:\WINNT\System32\wuauserv.dll><Microsoft Corporation>

驱动程序
[Microsoft ACPI Driver / ACPI][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\ACPI.sys><Microsoft Corporation>
[ADProt / ADProt][Stopped/System Start]
  <\SystemRoot\system32\drivers\ADProt.sys><腾讯科技（深圳）有限公司>
[AFD 网络支持环境 / AFD][Running/Auto Start]
  <\SystemRoot\System32\drivers\afd.sys><Microsoft Corporation>
[Service for Avance AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Avance Logic, Inc.>
[AppleTalk Protocol / AppleTalk][Running/Auto Start]
  <System32\DRIVERS\sfmatalk.sys><Microsoft Corporation>
[RAS Asynchronous Media Driver / AsyncMac][Stopped/Manual Start]
  <System32\DRIVERS\asyncmac.sys><Microsoft Corporation>
[Standard IDE/ESDI Hard Disk Controller / atapi][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\atapi.sys><Microsoft Corporation>
[ATM ARP Client Protocol / Atmarpc][Stopped/Manual Start]
  <System32\DRIVERS\atmarpc.sys><Microsoft Corporation>
[Audio Stub Driver / audstub][Running/Manual Start]
  <System32\DRIVERS\audstub.sys><Microsoft Corporation>
[BaseTDI / BaseTDI][Running/Auto Start]
  <\??\C:\WINNT\System32\drivers\basetdi.sys><Rising>
[BdGuard / BdGuard][Running/Boot Start]
  <\SystemRoot\System32\drivers\BDGuard.SYS><N/A>
[Closed Caption Decoder / CCDECODE][Stopped/Manual Start]
  <System32\DRIVERS\CCDECODE.sys><Microsoft Corporation>
[CD-ROM Driver / Cdrom][Running/System Start]
  <System32\DRIVERS\cdrom.sys><Microsoft Corporation>
[Disk Driver / Disk][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\disk.sys><Microsoft Corporation>
[DLC Protocol / Dlc][Running/System Start]
  <System32\DRIVERS\dlc.sys><Microsoft Corporation>
[Legend DFE-530TX PCI Fast Ethernet Adapter / dlkfet][Stopped/Manual Start]
  <System32\DRIVERS\dlkfet.sys><Fast Ethernet PCI Adapter Manufacturer>
[dmboot / dmboot][Stopped/Disabled]
  <System32\drivers\dmboot.sys><VERITAS Software Corp.>
[Logical Disk Manager Driver / dmio][Running/Boot Start]
  <\SystemRoot\System32\drivers\dmio.sys><VERITAS Software Corp.>
[dmload / dmload][Running/Boot Start]
  <\SystemRoot\System32\drivers\dmload.sys><VERITAS Software Corp.>
[Microsoft DirectMusic SW Synth (WDM) / DMusic][Stopped/Manual Start]
  <system32\drivers\DMusic.sys><Microsoft Corporation>
[Rising Exploit Scaner 1.0 / ExpScaner][Running/Manual Start]
  <\??\E:\PROGRAM FILES\RISING\RAV\ExpScan.sys><N/A>
[Floppy Disk Controller Driver / Fdc][Running/Manual Start]
  <System32\DRIVERS\fdc.sys><Microsoft Corporation>
[Floppy Disk Driver / Flpydisk][Stopped/Manual Start]
  <System32\DRIVERS\flpydisk.sys><Microsoft Corporation>
[FsVga / FsVga][Running/System Start]
  <System32\DRIVERS\fsvga.sys><Microsoft Corporation>
[Volume Manager Driver / Ftdisk][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\ftdisk.sys><Microsoft Corporation>
[Game Port Enumerator / gameenum][Running/Manual Start]
  <System32\DRIVERS\gameenum.sys><Microsoft Corporation>
[Generic Packet Classifier / Gpc][Running/Manual Start]
  <System32\DRIVERS\msgpc.sys><Microsoft Corporation>
[HOOKAPI / HOOKAPI][Running/Auto Start]
  <\??\E:\PROGRAM FILES\RISING\RAV\HOOKAPI.SYS><瑞星软件有限公司>

[HookCont / HookCont][Running/Auto Start]
  <\??\E:\PROGRAM FILES\RISING\RAV\HOOKCONT.sys><Rising tech Co. ltd>
[HookReg / HookReg][Running/Auto Start]
  <\??\E:\PROGRAM FILES\RISING\RAV\HOOKREG.sys><>
[HookSys / HookSys][Running/Auto Start]
  <\??\E:\PROGRAM FILES\RISING\RAV\hooksys.sys><瑞星>
[i8042 Keyboard and PS/2 Mouse Port Driver / i8042prt][Running/System Start]
  <System32\DRIVERS\i8042prt.sys><Microsoft Corporation>
[ialm / ialm][Running/Manual Start]
  <System32\DRIVERS\ialmnt5.sys><Intel Corporation>
[IdeBusDr / IdeBusDr][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\IdeBusDr.sys><Intel Corporation>
[Intel(R) Ultra ATA Controller / IdeChnDr][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\IdeChnDr.sys><Intel Corporation>
[IP Traffic Filter Driver / IpFilterDriver][Stopped/Manual Start]
  <System32\DRIVERS\ipfltdrv.sys><Microsoft Corporation>
[IPHOOK / IPHOOK][Running/Auto Start]
  <\??\C:\Program Files\rising\rfw\iphook.sys><Beijing Rising Technology Corporation Limited>
[IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start]
  <System32\DRIVERS\ipinip.sys><Microsoft Corporation>
[IP Network Address Translator / IpNat][Stopped/Manual Start]
  <System32\DRIVERS\ipnat.sys><Microsoft Corporation>
[IPSEC driver / IPSEC][Running/Manual Start]
  <System32\DRIVERS\ipsec.sys><Microsoft Corporation>
[IR Enumerator Service / IRENUM][Stopped/Manual Start]
  <System32\DRIVERS\irenum.sys><Microsoft Corporation>
[PnP ISA/EISA Bus Driver / isapnp][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\isapnp.sys><Microsoft Corporation>
[Keyboard Class Driver / Kbdclass][Running/System Start]
  <System32\DRIVERS\kbdclass.sys><Microsoft Corporation>
[Microsoft Kernel Wave Audio Mixer / kmixer][Running/Manual Start]
  <system32\drivers\kmixer.sys><Microsoft Corporation>
[kmsinput / kmsinput][Stopped/Manual Start]
  <\??\C:\WINNT\System32\drivers\kmsinput.sys><N/A>
[MEMSCAN / MEMSCAN][Running/Auto Start]
  <\??\E:\PROGRAM FILES\RISING\RAV\MEMSCAN.SYS><瑞星软件有限公司>
[Mouse Class Driver / Mouclass][Running/System Start]
  <System32\DRIVERS\mouclass.sys><Microsoft Corporation>
[BDA MPE Filter / MPE][Stopped/Manual Start]
  <System32\DRIVERS\MPE.sys><Microsoft Corporation>
[MRxSmb / MRxSmb][Running/System Start]
  <System32\DRIVERS\mrxsmb.sys><Microsoft Corporation>
[Microsoft Streaming Service Proxy / MSKSSRV][Stopped/Manual Start]
  <system32\drivers\MSKSSRV.sys><Microsoft Corporation>
[Microsoft Streaming Clock Proxy / MSPCLOCK][Stopped/Manual Start]
  <system32\drivers\MSPCLOCK.sys><Microsoft Corporation>
[Microsoft Streaming Quality Manager Proxy / MSPQM][Stopped/Manual Start]
  <system32\drivers\MSPQM.sys><Microsoft Corporation>
[Microsoft MPU-401 MIDI UART Driver / ms_mpu401][Running/Manual Start]
  <system32\drivers\msmpu401.sys><Microsoft Corporation>
[NABTS/FEC VBI Codec / NABTSFEC][Stopped/Manual Start]
  <System32\DRIVERS\NABTSFEC.sys><Microsoft Corporation>
[NetBEUI Protocol / Nbf][Running/Auto Start]
  <System32\DRIVERS\nbf.sys><Microsoft Corporation>
[Remote Access NDIS TAPI Driver / NdisTapi][Running/Manual Start]
  <System32\DRIVERS\ndistapi.sys><Microsoft Corporation>
[Remote Access NDIS WAN Driver / NdisWan][Running/Manual Start]
  <System32\DRIVERS\ndiswan.sys><Microsoft Corporation>
[NetBIOS Interface / NetBIOS][Running/System Start]
  <System32\DRIVERS\netbios.sys><Microsoft Corporation>
[NetBios over Tcpip / NetBT][Running/System Start]
  <System32\DRIVERS\netbt.sys><Microsoft Corporation>
[NetDetect / NetDetect][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\netdtect.sys><Microsoft Corporation>
[New0 / New0][Running/Auto Start]
  <\??\C:\WINNT\System32\new.sys><N/A>
[Network Monitor Driver / nm][Stopped/Manual Start]
  <System32\DRIVERS\NMnt.sys><Microsoft Corporation>
[npkcrypt / npkcrypt][Stopped/Auto Start]
  <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><N/A>
[IPX Traffic Filter Driver / NwlnkFlt][Stopped/Manual Start]
  <System32\DRIVERS\nwlnkflt.sys><Microsoft Corporation>
[IPX Traffic Forwarder Driver / NwlnkFwd][Stopped/Manual Start]
  <System32\DRIVERS\nwlnkfwd.sys><Microsoft Corporation>
[NWLink IPX/SPX/NetBIOS Compatible Transport Protocol / NwlnkIpx][Running/Auto Start]
  <System32\DRIVERS\nwlnkipx.sys><Microsoft Corporation>
[NWLink NetBIOS / NwlnkNb][Running/Auto Start]
  <System32\DRIVERS\nwlnknb.sys><Microsoft Corporation>
[NWLink SPX/SPXII Protocol / NwlnkSpx][Running/Auto Start]
  <System32\DRIVERS\nwlnkspx.sys><Microsoft Corporation>
[Parallel class driver / Parallel][Running/Manual Start]
  <System32\DRIVERS\parallel.sys><Microsoft Corporation>
[Parallel port driver / Parport][Running/System Start]
  <System32\DRIVERS\parport.sys><Microsoft Corporation>
[PCI Bus Driver / PCI][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\pci.sys><Microsoft Corporation>
[PCIIde / PCIIde][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\pciide.sys><Microsoft Corporation>
[WAN Miniport (PPTP) / PptpMiniport][Running/Manual Start]
  <System32\DRIVERS\raspptp.sys><Microsoft Corporation>
[QoS Packet Scheduler / PSched][Running/Manual Start]
  <System32\DRIVERS\psched.sys><Microsoft Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[pxufnhd / pxufnhd][Running/Boot Start]
  <\SystemRoot\system32\drivers\pxufnhd.sys><>
[Remote Access Auto Connection Driver / RasAcd][Running/System Start]
  <System32\DRIVERS\rasacd.sys><Microsoft Corporation>
[WAN Miniport (L2TP) / Rasl2tp][Running/Manual Start]
  <System32\DRIVERS\rasl2tp.sys><Microsoft Corporation>
[Direct Parallel / Raspti][Running/Manual Start]
  <System32\DRIVERS\raspti.sys><Microsoft Corporation>
[Microsoft Streaming Network Raw Channel Access / RCA][Stopped/Manual Start]
  <system32\drivers\RCA.sys><Microsoft Corporation>
[Rdbss / Rdbss][Running/System Start]
  <System32\DRIVERS\rdbss.sys><Microsoft Corporation>
[Digital CD Audio Playback Filter Driver / redbook][Stopped/System Start]
  <System32\DRIVERS\redbook.sys><Microsoft Corporation>
[Microsoft Legacy Modem Driver / ROOTMODEM][Running/Manual Start]
  <System32\Drivers\RootMdm.sys><Microsoft Corporation>
[Realtek RTL8139-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
  <System32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Serenum Filter Driver / serenum][Running/Manual Start]
  <System32\DRIVERS\serenum.sys><Microsoft Corporation>
[Serial port driver / Serial][Running/System Start]
  <System32\DRIVERS\serial.sys><Microsoft Corporation>
[Srv / Srv][Running/Manual Start]
  <System32\DRIVERS\srv.sys><Microsoft Corporation>
[Software Bus Driver / swenum][Running/Manual Start]
  <System32\DRIVERS\swenum.sys><Microsoft Corporation>
[Microsoft Kernel GS Wavetable Synthesizer / swmidi][Stopped/Manual Start]
  <system32\drivers\swmidi.sys><Microsoft Corporation>
[Microsoft System Audio Device / sysaudio][Running/Manual Start]
  <system32\drivers\sysaudio.sys><Microsoft Corporation>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
  <System32\DRIVERS\tcpip.sys><Microsoft Corporation>
[TDIHOOK / TDIHOOK][Running/System Start]
  <\??\C:\Program Files\rising\rfw\tdihook.sys><Beijing Rising Technology Corporation Limited>
[Microsoft USB Universal Host Controller Driver / uhcd][Running/Manual Start]
  <System32\DRIVERS\uhcd.sys><Microsoft Corporation>
[Microcode Update Driver / Update][Running/Manual Start]
  <System32\DRIVERS\update.sys><Microsoft Corporation>
[Microsoft USB 2.0 Enhanced Host Controller Miniport Driver / usbehci][Running/Manual Start]
  <System32\DRIVERS\usbehci.sys><Microsoft Corporation>
[Microsoft USB Standard Hub Driver / usbhub][Running/Manual Start]
  <System32\DRIVERS\usbhub.sys><Microsoft Corporation>
[USB 2.0 Root Hub Support / usbhub20][Running/Manual Start]
  <System32\DRIVERS\usbhub20.sys><Windows (R) 2000 DDK provider>
[VgaSave / VgaSave][Running/System Start]
  <\SystemRoot\System32\drivers\vga.sys><Microsoft Corporation>
[Remote Access IP ARP Driver / Wanarp][Running/Manual Start]
  <System32\DRIVERS\wanarp.sys><Microsoft Corporation>
[Microsoft WINMM WDM Audio Compatibility Driver / wdmaud][Running/Manual Start]
  <system32\drivers\wdmaud.sys><Microsoft Corporation>
[WINIO / WINIO][Stopped/Manual Start]
  <\??\G:\winio.sys><N/A>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  <System32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[Intel(R) Graphics Platform (SoftBIOS) Driver / {6080A529-897E-4629-A488-ABA0C29B635E}][Running/Manual Start]
  <system32\drivers\ialmsbw.sys><Intel Corporation>
[Intel(R) Graphics Chipset (KCH) Driver / {D31A0762-0CEB-444e-ACFF-B049A1F6FE91}][Running/Manual Start]
  <system32\drivers\ialmkchw.sys><Intel Corporation>

==================================
浏览器加载项
[QQCycloneHelper Class]
  {00000000-12C9-4305-82F9-43058F20E8D2} <C:\Program Files\Tencent\QQDownload\QQIEHelper01.dll, 腾讯公司>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx, >
[Tencent Browser Helper]
  {0C7C23EF-A848-485B-873C-0ED954731014} <C:\Program Files\TENCENT\Adplus\SSAddr1.dll, Tencent>
[CAdLogic Object]
  {11F09AFD-75AD-4E51-AB43-E09E9351CE16} <C:\Program Files\Common Files\CPUSH\cpush0.dll, N/A>
[]
  {669751ED-D558-49AE-B01A-3B374CC7910E} <C:\WINNT\System32\ssup.dll, TENCENT>
[BandIE Class]
  {77FEF28E-EB96-44FF-B511-3185DEA48697} <C:\PROGRA~1\baidu\bar\baidubar.dll, Baidu.com, Inc.>
[CibaCtrl Class]
  {8DE0FCD4-5EB5-11D3-AD25-00002100131B} <C:\POWERW~1\IEPlugin.dll, >
[信息检索(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[金山词霸]
  {9A687CA6-D585-4947-9ED9-BE96071F5CD9} <C:\POWERW~1\XDictExB.dll, 金山软件股份有限公司>
[JoyoCtrl Class]
  {C8CE29C5-7589-11D3-B81B-0080C8DC5DC8} <C:\POWERW~1\IEPlugin.dll, >
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[@msdxmLC.dll,-1@2052,电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINNT\System32\msdxm.ocx, Microsoft Corporation>
[百度超级搜霸]
  {B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\PROGRA~1\baidu\bar\baidubar.dll, Baidu.com, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINNT\System32\macromed\flash\Flash.ocx, Macromedia, Inc.>
[&使用超级旋风下载]
  <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
[&使用超级旋风下载全部链接]
  <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
[上传到QQ网络硬盘]
  <C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
  <C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>

==================================

正在运行的进程
[PID: 140][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.00.2195.5382]
[PID: 164][\??\C:\WINNT\system32\csrss.exe]  [Microsoft Corporation, 5.00.2195.5265]
[PID: 160][\??\C:\WINNT\system32\winlogon.exe]  [Microsoft Corporation, 5.00.2195.5386]
[PID: 212][C:\WINNT\system32\services.exe]  [Microsoft Corporation, 5.00.2195.3940]
    [C:\WINNT\system32\dmserver.dll]  [VERITAS Software Corp., 2195.3649.297.3]
[PID: 224][C:\WINNT\system32\lsass.exe]  [Microsoft Corporation, 5.00.2195.5430]
[PID: 404][C:\WINNT\system32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 456][C:\WINNT\system32\spoolsv.exe]  [Microsoft Corporation, 5.00.2195.4299]
[PID: 508][C:\WINNT\System32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 572][C:\WINNT\system32\regsvc.exe]  [Microsoft Corporation, 5.00.2195.3649]
[PID: 588][E:\PROGRAM FILES\RISING\RAV\CCENTER.EXE]  [rising, 17, 0, 0, 1]
[PID: 596][E:\PROGRAM FILES\RISING\RAV\Ravmond.exe]  [Beijing Rising Technology Co., Ltd., 17, 0, 1, 18]
    [E:\PROGRAM FILES\RISING\RAV\guidll.dll]  [rising, 17, 0, 0, 6]
    [E:\PROGRAM FILES\RISING\RAV\RsCommX.dll]  [rising, 17, 0, 0, 3]
    [E:\PROGRAM FILES\RISING\RAV\RSAPPMGR.DLL]  [Rising Corp., 17, 0, 0, 5]
    [E:\PROGRAM FILES\RISING\RAV\CfgDll.dll]  [rising, 17, 0, 0, 45]
    [E:\Program Files\Rising\Rav\Scanner.dll]  [Rising, 17, 0, 0, 40]
    [E:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 17, 0, 0, 17]
    [E:\Program Files\Rising\Rav\libload.dll]  [Rising, 17, 0, 0, 13]
    [E:\Program Files\Rising\Rav\VirusLib.dll]  [Rising, 17, 0, 0, 26]
    [E:\PROGRAM FILES\RISING\RAV\MailMon.dll]  [ , 17, 0, 0, 6]
    [E:\Program Files\Rising\Rav\SpamEng.dll]  [N/A, 17, 0, 0, 5]
    [E:\PROGRAM FILES\RISING\RAV\MemMon.dll]  [北京瑞星, 17, 3, 0, 8]
    [E:\PROGRAM FILES\RISING\RAV\expscan.dll]  [N/A, 17, 0, 0, 6]
    [E:\PROGRAM FILES\RISING\RAV\regmon.dll]  [ , 17, 0, 0, 12]
    [E:\PROGRAM FILES\RISING\RAV\HookWeb.dll]  [rising, 17, 0, 0, 4]
    [E:\Program Files\Rising\Rav\engine.dll]  [rising, 17, 0, 0, 36]
    [E:\Program Files\Rising\Rav\PostTrt.dll]  [Rising, 17, 0, 0, 13]
    [E:\Program Files\Rising\Rav\UnExe.dll]  [Rising, 17, 0, 0, 25]
    [E:\Program Files\Rising\Rav\ScanEx.dll]  [Rising, 17, 0, 0, 30]
    [E:\Program Files\Rising\Rav\NvFile.dll]  [瑞星, 17, 0, 0, 13]
    [E:\Program Files\Rising\Rav\ScanMac.dll]  [rising, 17, 0, 0, 9]
    [E:\Program Files\Rising\Rav\ScanSct.dll]  [rising, 17, 0, 0, 23]
    [E:\Program Files\Rising\Rav\ScanExec.dll]  [N/A, 17, 0, 0, 18]
    [E:\PROGRAM FILES\RISING\RAV\mPorts.dll]  [Beijing Rising Technology Corporation Limited, 3, 0, 0, 3]
    [E:\Program Files\Rising\Rav\Unpacker.dll]  [rising, 17, 0, 0, 17]
    [E:\Program Files\Rising\Rav\ExtMail.dll]  [瑞星, 17, 0, 0, 15]
[PID: 748][C:\WINNT\system32\MSTask.exe]  [Microsoft Corporation, 4.71.2195.1]
[PID: 784][C:\WINNT\System32\WBEM\WinMgmt.exe]  [Microsoft Corporation, 1.50.1085.0070]
[PID: 832][C:\WINNT\system32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 960][C:\WINNT\Explorer.EXE]  [Microsoft Corporation, 5.00.3502.5321]
    [C:\Program Files\Common Files\Microsoft Shared\MSINFO\InfoMs.Ime]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\Connection Wizard\isignup.sys]  [N/A, N/A]
    [C:\WINNT\downlo~1\Kcwkum.dll]  [Tencent, 4, 4, 1, 14]
    [C:\WINNT\System32\igfxpph.dll]  [Intel Corporation, 3,0,0,1502]
    [C:\WINNT\System32\hccutils.DLL]  [Intel Corporation, 3,0,0,1502]
    [E:\Program Files\Rising\Rav\RavScrCh.dll]  [, 17, 0, 0, 7]
    [C:\PROGRA~1\baidu\bar\baidubar.dll]  [Baidu.com, Inc., 2, 0, 2, 124]
    [C:\WINNT\downlo~1\Asad.dll]  [Tencent, 4, 4, 1, 14]
    [C:\WINNT\System32\igfxres.dll]  [Intel Corporation, 3,0,0,1502]
    [C:\WINNT\System32\igfxsrvc.dll]  [Intel Corporation, 3,0,0,1502]
    [C:\WINNT\System32\igfxdev.dll]  [Intel Corporation, 3,0,0,1502]
    [C:\PROGRA~1\WinZip\wzshlext.dll]  [N/A, N/A]
    [C:\PROGRA~1\WINZIP\WZCAB2.DLL]  [Nico Mak Computing, Inc., 2, 0, 0, 0]
    [C:\WINNT\System32\RavExt.DLL]  [Beijing Rising Technology Co., Ltd., 17, 0, 0, 3]
    [C:\Powerword 2003\Cjktl32.dll]  [N/A, N/A]
[PID: 1160][C:\WINNT\System32\igfxtray.exe]  [Intel Corporation, 3,0,0,1502]
    [C:\WINNT\System32\hccutils.DLL]  [Intel Corporation, 3,0,0,1502]
    [C:\WINNT\System32\igfxdev.dll]  [Intel Corporation, 3,0,0,1502]
    [C:\Program Files\Internet Explorer\Connection Wizard\isignup.sys]  [N/A, N/A]
    [C:\WINNT\System32\igfxsrvc.dll]  [Intel Corporation, 3,0,0,1502]
    [C:\WINNT\System32\igfxres.dll]  [Intel Corporation, 3,0,0,1502]
    [C:\WINNT\System32\igfxress.dll]  [Intel Corporation, 3,0,0,1502]
    [C:\WINNT\downlo~1\Kcwkum.dll]  [Tencent, 4, 4, 1, 14]
[PID: 1168][C:\WINNT\System32\hkcmd.exe]  [Intel Corporation, 3,0,0,1502]
    [C:\WINNT\System32\hccutils.DLL]  [Intel Corporation, 3,0,0,1502]
    [C:\WINNT\System32\igfxdev.dll]  [Intel Corporation, 3,0,0,1502]
    [C:\Program Files\Internet Explorer\Connection Wizard\isignup.sys]  [N/A, N/A]
    [C:\WINNT\System32\igfxsrvc.dll]  [Intel Corporation, 3,0,0,1502]
    [C:\WINNT\System32\igfxhk.dll]  [Intel Corporation, 3,0,0,1502]
    [C:\WINNT\System32\igfxres.dll]  [Intel Corporation, 3,0,0,1502]
    [C:\WINNT\downlo~1\Kcwkum.dll]  [Tencent, 4, 4, 1, 14]
[PID: 1176][C:\WINNT\SOUNDMAN.EXE]  [Avance Logic, Inc., 5, 0, 0, 0]
    [C:\Program Files\Internet Explorer\Connection Wizard\isignup.sys]  [N/A, N/A]
    [C:\WINNT\downlo~1\Kcwkum.dll]  [Tencent, 4, 4, 1, 14]