正在运行的进程
[PID: 464][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 548][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 576][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Ati2evxx.dll]  [ATI Technologies Inc., 6.14.10.4116]
[PID: 620][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 632][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 776][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4116]
    [C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2497]
[PID: 812][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 896][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 980][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1048][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1108][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1136][f:\瑞星\rising\rfw\rfwsrv.exe]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 30]
    [f:\瑞星\rising\rfw\RfwRule.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 3]
    [f:\瑞星\rising\rfw\rfwlog.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 2]
    [f:\瑞星\rising\rfw\Rfwdrv.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 9]
    [f:\瑞星\rising\rfw\MonDrv.dll]  [rs, 1, 0, 0, 4]
    [f:\瑞星\rising\rfw\ProcLib.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 5]
    [f:\瑞星\rising\rfw\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
[PID: 1348][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1548][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: DNSRV(bld4act)]
[PID: 1788][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4116]
    [C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2497]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[PID: 1900][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
    [C:\DOCUME~1\user\LOCALS~1\Temp\Wlgx.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\ctagent.dll]  [Creative Technology Ltd, 1, 0, 0, 8]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
    [F:\瑞星\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [C:\PROGRA~1\3721\ske\contmenu.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\yjplqb.dll]  [N/A, N/A]
    [F:\迅雷\ComDlls\XunLeiBHO_006.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 3]
    [C:\WINDOWS\system32\windhcp.ocx]  [N/A, N/A]
    [C:\DOCUME~1\user\LOCALS~1\Temp\ZtgQ.dll]  [N/A, N/A]
[PID: 1300][C:\WINDOWS\system32\CTHELPER.EXE]  [Creative Technology Ltd, 1, 2, 0, 0]
    [C:\WINDOWS\SYSTEM32\CTDCIFCE.DLL]  [Creative Technology Ltd, 5.12.01.0488-1.86.0080]
    [C:\WINDOWS\SYSTEM32\CTDC0001.DLL]  [Creative Technology Ltd, 5.12.01.0488-1.86.0080]
    [C:\WINDOWS\SYSTEM32\ctosuser.dll]  [Creative Technology Ltd, 5.12.01.0488-1.86.0080]
    [C:\WINDOWS\SYSTEM32\CTDPROXY.DLL]  [Creative Technology Ltd, 5.12.01.0488-1.86.0080]
    [C:\WINDOWS\SYSTEM32\PIAPROXY.DLL]  [Creative Technology Ltd, 5.12.01.0488-1.86.0080]
    [C:\WINDOWS\system32\ctagent.dll]  [Creative Technology Ltd, 1, 0, 0, 8]
    [C:\WINDOWS\system32\ctspkhlp.dll]  [Creative Technology Ltd, 1, 0, 1, 19]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[PID: 1320][C:\Program Files\Rising\AntiSpyware\runiep.exe]  [Beijing Rising Technology Co., Ltd., 1, 0, 1, 3]
    [C:\Program Files\Rising\AntiSpyware\iep_ctrl.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 4]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
    [C:\WINDOWS\system32\ctagent.dll]  [Creative Technology Ltd, 1, 0, 0, 8]
    [C:\DOCUME~1\user\LOCALS~1\Temp\Wlgx.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\yjplqb.dll]  [N/A, N/A]
[PID: 1520][C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe]  [Team H2O, v0.3.1412]
    [C:\Program Files\SyncroSoft\Pos\H2O\emu.dll]  [Team H2O, 4.3.0.0]
    [C:\WINDOWS\system32\ctagent.dll]  [Creative Technology Ltd, 1, 0, 0, 8]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
    [C:\WINDOWS\system32\yjplqb.dll]  [N/A, N/A]
[PID: 1600][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[PID: 1132][C:\DOCUME~1\user\LOCALS~1\Temp\Wl2\lexplore.exe]  [N/A, N/A]
    [C:\DOCUME~1\user\LOCALS~1\Temp\Wlgx.dll]  [N/A, N/A]

[PID: 1244][C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5746\GoogleToolbarNotifier.exe]  [Google Inc., 1, 2, 908, 5746]
    [C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5746\res_zh-CN.dll]  [Google Inc., 1, 2, 908, 5746]
    [C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5746\swg.dll]  [Google Inc., 1, 2, 908, 5746]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[PID: 692][C:\WINDOWS\system32\drivers\spoclsv.exe]  [N/A, N/A]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
    [C:\WINDOWS\system32\yjplqb.dll]  [N/A, N/A]
[PID: 2364][C:\Program Files\Creative Professional\E-MU PatchMix DSP\EmuPatchMixDSP.exe]  [EMU Systems, 1.00.01.0017]
    [C:\Program Files\Creative Professional\E-MU PatchMix DSP\EmuPatchMixDSP.dll]  [EMU Systems, 1.00.01.0008]
    [C:\WINDOWS\system32\ctosuser.dll]  [Creative Technology Ltd, 5.12.01.0488-1.86.0080]
    [C:\WINDOWS\system32\ctagent.dll]  [Creative Technology Ltd, 1, 0, 0, 8]
    [C:\WINDOWS\SYSTEM32\PIAPROXY.DLL]  [Creative Technology Ltd, 5.12.01.0488-1.86.0080]
    [C:\WINDOWS\SYSTEM32\CTDPROXY.DLL]  [Creative Technology Ltd, 5.12.01.0488-1.86.0080]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
    [C:\WINDOWS\system32\yjplqb.dll]  [N/A, N/A]
[PID: 2656][C:\Program Files\PC Connectivity Solution\ServiceLayer.exe]  [Nokia., 6, 82, 69, 3]
    [C:\Program Files\PC Connectivity Solution\NclTools.dll]  [Nokia, 6, 82, 26, 2]
    [C:\Program Files\PC Connectivity Solution\Transports\NCLIrDAMM.dll]  [Nokia Corp., 6, 82, 31, 0]
    [C:\Program Files\PC Connectivity Solution\Transports\NCLRSMM.dll]  [Nokia Corp., 6, 82, 39, 1]
    [C:\Program Files\PC Connectivity Solution\Transports\NCLUSBMM.dll]  [Nokia Corp., 6, 82, 48, 0]
    [C:\Program Files\PC Connectivity Solution\Transports\NclMSBTMM.dll]  [Nokia Corp., 6, 82, 47, 1]
[PID: 760][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ctagent.dll]  [Creative Technology Ltd, 1, 0, 0, 8]
    [c:\program files\google\googletoolbar1.dll]  [Google Inc., 4, 0, 1019, 5266]
    [F:\迅雷\ComDlls\XunLeiBHO_006.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 3]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
    [C:\DOCUME~1\user\LOCALS~1\Temp\Wlgx.dll]  [N/A, N/A]
    [F:\瑞星\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
    [C:\WINDOWS\system32\yjplqb.dll]  [N/A, N/A]
    [C:\DOCUME~1\user\LOCALS~1\Temp\ZtgQ.dll]  [N/A, N/A]
[PID: 1852][F:\迅雷\Program\Thunder5.exe]  [Thunder Networking Technologies,LTD, 5, 5, 2, 252]
    [F:\迅雷\Program\TaskManager.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 10]
    [F:\迅雷\Program\download_interface.dll]  [Thunder Networking Technologies,LTD, 2, 11, 2, 22]
    [F:\迅雷\Program\stlport_vc646.dll]  [STLport Consulting, Inc., 4.6.2003.1031]
    [F:\迅雷\Program\log4cplus.dll]  [, 1, 0, 2, 1]
    [F:\迅雷\Program\asyn_dns.dll]  [Thunder Networking Technologies,LTD, 2, 11, 2, 22]
    [F:\迅雷\Program\BHOStub.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 8]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
    [C:\WINDOWS\system32\ctagent.dll]  [Creative Technology Ltd, 1, 0, 0, 8]
    [F:\迅雷\Program\iTargetAD.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 12]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
    [C:\DOCUME~1\user\LOCALS~1\Temp\Wlgx.dll]  [N/A, N/A]
    [F:\迅雷\Components\DTAG\DTAG.dll]  [, 1, 0, 0, 1]
    [F:\迅雷\Program\LiveUpdate.dll]  [, 1, 0, 0, 9]
    [F:\迅雷\Program\UpdateDownload.dll]  [Thunder Networking Technologies,LTD, 1, 0, 1, 8]
    [F:\迅雷\Components\InMedia\iEmbedShell.dll]  [　, 1, 0, 0, 14]
    [F:\迅雷\Components\InMedia\iEmbed07.dll]  [　, 3, 1, 0, 58]
    [F:\迅雷\Components\Community\XLCommunity.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 10]
    [F:\迅雷\Program\RegisterDll.dll]  [Thunder Networking Technologies,LTD, 2, 2, 1, 42]
    [F:\迅雷\Components\Search\XLSearch.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 1]
    [F:\迅雷\Components\P4PClient\P4PClient.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 3]
    [F:\迅雷\Plugins\TingTing\TingTing.dll]  [Thunder Networking Technologies,LTD, 1, 1, 1, 12]
    [F:\迅雷\Plugins\ExplorerHelper\ExplorerHelper.dll]  [, 1, 0, 0, 1]
    [F:\瑞星\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [F:\迅雷\Plugins\BhoAdv\bho_adv.dll]  [深圳市迅雷网络技术有限公司, 1.0.1.0]
    [F:\迅雷\Program\msgmanage.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 15]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\yjplqb.dll]  [N/A, N/A]
    [C:\DOCUME~1\user\LOCALS~1\Temp\ZtgQ.dll]  [N/A, N/A]
[PID: 10416][C:\WINDOWS\system32\yjplqb.exe]  [N/A, N/A]
    [C:\WINDOWS\system32\yjplqb.dll]  [N/A, N/A]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[PID: 10524][C:\WINDOWS\system32\devgt.exe]  [Microsoft Corporation, 5.01.2600]
    [C:\WINDOWS\system32\yjplqb.dll]  [N/A, N/A]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[PID: 11028][C:\DOCUME~1\user\LOCALS~1\Temp\Zt2\SVCH0ST.EXE]  [N/A, N/A]
    [C:\WINDOWS\system32\windhcp.ocx]  [N/A, N/A]
    [C:\DOCUME~1\user\LOCALS~1\Temp\ZtgQ.dll]  [N/A, N/A]
[PID: 11588][F:\MTV\SREng.EXE]  [Smallfrogs Studio, 2.3.13.690]
    [C:\WINDOWS\system32\windhcp.ocx]  [N/A, N/A]
    [C:\WINDOWS\system32\yjplqb.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\ctagent.dll]  [Creative Technology Ltd, 1, 0, 0, 8]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
    [C:\DOCUME~1\user\LOCALS~1\Temp\ZtgQ.dll]  [N/A, N/A]
    [C:\DOCUME~1\user\LOCALS~1\Temp\Wlgx.dll]  [N/A, N/A]
[PID: 11672][f:\瑞星\rising\rfw\RfwMain.exe]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 56]
    [f:\瑞星\rising\rfw\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 28]
    [C:\WINDOWS\system32\windhcp.ocx]  [N/A, N/A]
    [f:\瑞星\rising\rfw\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [f:\瑞星\rising\rfw\RfwCtrl.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
    [f:\瑞星\rising\rfw\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [f:\瑞星\rising\rfw\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\WINDOWS\system32\yjplqb.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\ctagent.dll]  [Creative Technology Ltd, 1, 0, 0, 8]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]

==================================

文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
[C:\]
[AutoRun]
OPEN=setup.exe
shellexecute=setup.exe
shell\Auto\command=setup.exe
[D:\]
[AutoRun]
OPEN=setup.exe
shellexecute=setup.exe
shell\Auto\command=setup.exe
[E:\]
[AutoRun]
OPEN=setup.exe
shellexecute=setup.exe
shell\Auto\command=setup.exe
[F:\]
[AutoRun]
OPEN=setup.exe
shellexecute=setup.exe
shell\Auto\command=setup.exe

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
API HOOK
N/A

==================================


[/CODE]
完毕

EXE文件能安装，但安装完后都打不开

错！一般的应用可以安装，但瑞星，反间谍专家，卡巴司机一系列的杀毒都不能打开。

刚安装的Nuendo 3，暴风影音都可以打开。只要是杀毒的都打不开了

好，我去试下。

经常弹出  runtime error 204 at 004025B5.

2个软件解压到桌面后都打不开。打开马上就关掉了。

好。谢谢拉！！这个毒折腾死人了。还没见过这么厉害的毒。