中了Trojan.PSW.LMir.atb,请大人们帮忙!!
都是在C:\Documents and Settings\user\Local Settings\Temp文件夹下,会不段不段的出现名称不同的Trojan.PSW.LMir.atb病毒.
而且Temp文件夹清空是也会报错.
用橙色八月杀毒也没什么反应.




2006-08-10,03:59:46

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联


启动项目


注册表

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
(ctfmon.exe)(C:\WINDOWS\system32\ctfmon.exe) [Microsoft Corporation]
(msnmsgr)(; "C:\Program Files\MSN Messenger\msnmsgr.exe" /background) [Microsoft Corporation]
(MSMSGS)(; "C:\Program Files\Messenger\msmsgs.exe" /background) [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
(load)() []
(run)() []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
(PHIME2002ASync)(C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC) [Microsoft Corporation]
(PHIME2002A)(C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName) [Microsoft Corporation]
(SoundMan)(SOUNDMAN.EXE) [Realtek Semiconductor Corp.]
(AGRSMMSG)(AGRSMMSG.exe) [Agere Systems]
(PRONoMgr.exe)(C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe) [Intel(R) Corporation]
(Apoint)(C:\Program Files\Apoint2K\Apoint.exe) [Alps Electric Co., Ltd.]
(IgfxTray)(C:\WINDOWS\System32\igfxtray.exe) [Intel Corporation]
(HotKeysCmds)(C:\WINDOWS\System32\hkcmd.exe) [Intel Corporation]
(BigDogPath)(C:\WINDOWS\VM_STI.EXE USB PC Camera 301P) []
(RfwMain)("C:\Program Files\rising\Rfw\rfwmain.exe" -Startup) [Beijing Rising Technology Co., Ltd.]
(RavTask)("C:\Program Files\rising\Rav\RavTask.exe" -system) [Beijing Rising Technology Co., Ltd.]
(TkBellExe)(; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot) [RealNetworks, Inc.]
(IESAddr)() []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
(shell)(EXPLORER.EXE) [Microsoft Corporation]
(Userinit)(userinit.exe,) [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
(AppInit_DLLs)() []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
(UIHost)(C:\WINDOWS\Resources\粉色透明\cwdkg_lover.exe) []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
(DelayRun)(C:\WINDOWS\system\dd1d1880.dll) []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Sebring]
(WinlogonNotify: Sebring)(C:\WINDOWS\System32\LgNotify.dll) [Intel Corporation]
[HKEY_CURRENT_USER\Control Panel\Desktop]
(SCRNSAVE.EXE)(C:\WINDOWS\偪偂偺~1.SCR) [MacSourcery]




--------------------------------------------------------------------------------



启动文件夹

[Easy Button Utility]
(C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Easy Button Utility.lnk)(N)



--------------------------------------------------------------------------------



服务

[intarnet / intarnet]
(C:\WINDOWS\system32\intarnet.exe)(N/A)
[Routing and Remote SqlServer / Remote SQL]
(C:\WINDOWS\system32\su.exe)(N/A)
[Rising Personal Firewall Service / RfwService]
(C:\Program Files\rising\Rfw\rfwsrv.exe)(Beijing Rising Technology Co., Ltd.)
[Rising Process Communication Center / RsCCenter]
("C:\Program Files\rising\Rav\CCenter.exe")(Beijing Rising Technology Co., Ltd.)
[RsRavMon Service / RsRavMon]
("C:\Program Files\rising\Rav\Ravmond.exe")(Beijing Rising Technology Co., Ltd.)
[Sony SPTI Service / SPTISRV]
(C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe)(Sony Corporation)



--------------------------------------------------------------------------------



浏览器加载项

[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated)
[VnetCookie Class]
{4E83D567-4697-4F7B-B1F0-A513B01DB89A} (c:\PROGRA~1\chinanet\VNETTR~1.DLL, )
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} (d:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司)
[ST]
{9394EDE7-C8B5-483E-8773-474BF36AF6E4} (C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll, Microsoft Corporation)
[MSNToolBandBHO]
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\zh-cn\msntb.dll, Microsoft Corporation)
[超级兔子上网精灵]
{FEDF637B-F631-4583-A210-33CC828D42DB} (C:\PROGRA~1\SUPERR~1\MagicSet\HAOKAN~2.DLL, 超级兔子)
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} (d:\Program Files\Tencent\QQ\QQ.EXE, TENCENT)
[QQIEFloatBarCfgCmd Class]
{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} (d:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司)
[FlashGet Bar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} (C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft)
[金山快译(&K)]
{6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} (C:\Program Files\Corel\FastAIT\IEBand.dll, 金山软件股份有限公司)
[BitCometBar]
{3F1ABCDB-A875-46c1-8345-B72A4567E486} (C:\Program Files\BitComet\BitCometBar\BitCometBar0.2.dll, N/A)
[MSN]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\zh-cn\msntb.dll, Microsoft Corporation)
[超级兔子上网精灵]
{FEDF637B-F631-4583-A210-33CC828D42DB} (C:\PROGRA~1\SUPERR~1\MagicSet\HAOKAN~2.DLL, 超级兔子)
[PowerPlr Control]
{2354A44B-3CEB-4829-9940-545B03103538} (C:\WINDOWS\DOWNLO~1\PowerPlr.ocx, Powerise Digital)
[MSN Photo Upload Tool]
{4F1E5B1A-2A80-42CA-8532-2D05CB959537} (C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll, Microsoft? Corporation)
[AxInputControl Class]
{73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (C:\WINDOWS\DOWNLO~1\CONFLICT.1\INPUTC~1.DLL, )
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} (C:\WINDOWS\System32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.)
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated)
[Web Browser Applet Control]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} (C:\WINDOWS\System32\msjava.dll, Microsoft Corporation)
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} (C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation)
[PowerPlr Control]
{2354A44B-3CEB-4829-9940-545B03103538} (C:\WINDOWS\DOWNLO~1\PowerPlr.ocx, Powerise Digital)
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} (%SystemRoot%\system32\mshtml.dll, N/A)
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} (C:\WINDOWS\System32\dllcache\dhtmled.ocx, N/A)
[HtmlDlgSafeHelper Class]
{3050F819-98B5-11CF-BB82-00AA00BDCE0B} (C:\WINDOWS\system32\mshtmled.dll, Microsoft Corporation)
[BitCometBar]
{3F1ABCDB-A875-46C1-8345-B72A4567E486} (C:\Program Files\BitComet\BitCometBar\BitCometBar0.2.dll, N/A)
[VnetCookie Class]
{4E83D567-4697-4F7B-B1F0-A513B01DB89A} (c:\PROGRA~1\chinanet\VNETTR~1.DLL, )
[HHCtrl Object]
{52A2AAAE-085D-4187-97EA-8C30DB990436} (C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation)
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} (d:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司)
[Shell Name Space]
{55136805-B2DE-11D1-B9F2-00A0C98BC547} (%SystemRoot%\System32\shdocvw.dll, N/A)
[EbhHhygc Class]
{5E42883F-AF39-EF78-7E48-F71F367028EF} (C:\WINDOWS\DOWNLO~1\kaiynq.dll, yjyxqsoft)
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} (C:\WINDOWS\system32\wmp.dll, Microsoft Corporation)
[金山快译(&K)]
{6C3797D2-3FEF-4CD4-B654-D3AE55B4128C} (C:\Program Files\Corel\FastAIT\IEBand.dll, 金山软件股份有限公司)
[AxInputControl Class]
{73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (C:\WINDOWS\DOWNLO~1\CONFLICT.1\INPUTC~1.DLL, )
[MediaComm Class]
{7670648D-461B-42AF-BDFE-46D26AF5EFF2} (C:\Program Files\Thunder Network\Thunder\Components\InMedia\MediaAddin04.dll, Thunder Networking Technologies,LTD)
[Microsoft Web 浏览器]
{8856F961-340A-11D0-A96B-00C04FD705A2} (C:\WINDOWS\System32\shdocvw.dll, Microsoft Corporation)
[AxSubmitControl Class]
{8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} (C:\WINDOWS\DOWNLO~1\CONFLICT.1\SUBMIT~1.DLL, )
[LiveMediaOcx Control]
{9242BB35-0DB0-43AC-8DFC-8EA07E63B92A} (d:\PROGRA~2\Tencent\QQLive\QQLive.ocx, Tencent)
[ST]
{9394EDE7-C8B5-483E-8773-474BF36AF6E4} (C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll, Microsoft Corporation)
[RMGetLicense Class]
{A9FC132B-096D-460B-B7D5-1DB0FAE0C062} (C:\WINDOWS\System32\msnetobj.dll, Microsoft Corporation)
[Microsoft Scriptlet Component]
{AE24FDAE-03C6-11D1-8B76-0080C744F389} (C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation)
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} (%SystemRoot%\System32\shdocvw.dll, N/A)
[]
{B69003B3-C55E-4B48-836C-BC5946FC3B28} (C:\Program Files\Messenger\msgsc.dll, Microsoft Corporation)
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} (C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation)
[MSN]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\zh-cn\msntb.dll, Microsoft Corporation)
[MSNToolBandBHO]
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\zh-cn\msntb.dll, Microsoft Corporation)
[AUDIO__X_MS_WMA Moniker Class]
{CD3AFA84-B84F-48F0-9393-7EDC34128127} (C:\WINDOWS\system32\wmp.dll, Microsoft Corporation)
[VIDEO__X_MS_WMV Moniker Class]
{CD3AFA94-B84F-48F0-9393-7EDC34128127} (C:\WINDOWS\system32\wmp.dll, Microsoft Corporation)
[RealPlayer G2 Control]
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} (C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.)
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} (C:\WINDOWS\System32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.)
[FlashGet Bar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} (C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft)
[BHelper Class]
{F2E37336-BFDB-409B-8D0E-6F013C438B20} (C:\WINDOWS\dd1o1880.dll, N/A)
[超级兔子上网精灵]
{FEDF637B-F631-4583-A210-33CC828D42DB} (C:\PROGRA~1\SUPERR~1\MagicSet\HAOKAN~2.DLL, 超级兔子)
[&使用迅雷下载]
(C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A)
[&使用迅雷下载全部链接]
(C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A)
[上传到QQ网络硬盘]
(D:\Program files\Tencent\QQ\AddToNetDisk.htm, N/A)
[使用网际快车下载]
(C:\PROGRA~1\FLASHGET\jc_link.htm, N/A)
[使用网际快车下载全部链接]
(C:\PROGRA~1\FLASHGET\jc_all.htm, N/A)
[导出到 Microsoft Office Excel(&X)]
(res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A)
[添加到QQ自定义面板]
(D:\Program files\Tencent\QQ\AddPanel.htm, N/A)
[添加到QQ表情]
(D:\Program files\Tencent\QQ\AddEmotion.htm, N/A)
[用QQ彩信发送该图片]
(D:\Program files\Tencent\QQ\SendMMS.htm, N/A)



--------------------------------------------------------------------------------

正在运行的进程

[PID: 688][\SystemRoot\System32\smss.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 920][\??\C:\WINDOWS\system32\csrss.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 948][\??\C:\WINDOWS\system32\winlogon.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[C:\WINDOWS\System32\LgNotify.dll] (Intel Corporation)(4, 1, 0, 0)
[C:\WINDOWS\System32\l3codeca.acm] (Fraunhofer Institut Integrierte Schaltungen IIS)(1, 9, 0, 0305)
[PID: 996][C:\WINDOWS\system32\services.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 1016][C:\WINDOWS\system32\lsass.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 1168][C:\WINDOWS\system32\svchost.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 1240][C:\WINDOWS\system32\svchost.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 1364][C:\Program Files\rising\Rav\CCenter.exe] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 3)
[PID: 1380][C:\WINDOWS\System32\svchost.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 1472][C:\WINDOWS\System32\svchost.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 1576][C:\WINDOWS\System32\svchost.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 1592][C:\Program Files\rising\Rav\Ravmond.exe] (Beijing Rising Technology Co., Ltd.)(18, 0, 1, 33)
[C:\Program Files\rising\Rav\BWList.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 19)
[C:\Program Files\rising\Rav\RsCommX.dll] (rising)(18, 0, 0, 1)
[C:\Program Files\rising\Rav\RSAPPMGR.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 2)
[C:\Program Files\rising\Rav\CfgDll.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 11)
[C:\Program Files\rising\Rav\RSCOMMON.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[C:\Program Files\rising\Rav\RsLog.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 20)
[C:\Program Files\rising\Rav\HOOKSYS.dll] (Beijing Rising Technology Co., Ltd.)(18, 1, 0, 11)
[C:\Program Files\rising\Rav\Scanner.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 30)
[C:\Program Files\rising\Rav\libload.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 10)
[C:\Program Files\rising\Rav\VirusLib.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 12)
[C:\Program Files\rising\Rav\regmon.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 6)
[C:\Program Files\rising\Rav\HookWeb.dll] (rising)(18, 0, 0, 2)
[C:\Program Files\rising\Rav\MemMon.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 10)
[C:\Program Files\rising\Rav\expscan.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[C:\Program Files\rising\Rav\mPorts.dll] (Beijing Rising Technology Co., Ltd.)(4, 0, 0, 3)
[C:\Program Files\rising\Rav\MailMon.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 5)
[C:\Program Files\rising\Rav\SpamEng.dll] (N/A)(18, 0, 0, 6)
[C:\Program Files\rising\Rav\engine.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 30)
[C:\Program Files\rising\Rav\PostTrt.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 12)
[C:\Program Files\rising\Rav\UnExe.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 11)
[C:\Program Files\rising\Rav\ScanExec.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 11)
[C:\Program Files\rising\Rav\ScanEx.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 14)
[C:\Program Files\rising\Rav\NvFile.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 7)
[C:\Program Files\rising\Rav\ScanMac.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 9)
[C:\Program Files\rising\Rav\ScanSct.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 18)
[C:\Program Files\rising\Rav\Unpacker.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 3)
[C:\Program Files\rising\Rav\ExtMail.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 13)
[C:\Program Files\rising\Rav\ExtOLE.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 6)
[C:\Program Files\rising\Rav\RsStore.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 5)
[PID: 1840][C:\Program Files\rising\Rfw\rfwsrv.exe] (Beijing Rising Technology Co., Ltd.)(4, 0, 0, 32)

[C:\Program Files\rising\Rfw\RfwRule.dll] (Beijing Rising Technology Co., Ltd.)(4, 0, 0, 13)
[C:\Program Files\rising\Rfw\rfwlog.dll] (Beijing Rising Technology Co., Ltd.)(4, 0, 0, 6)
[C:\Program Files\rising\Rfw\Rfwdrv.dll] (Beijing Rising Technology Co., Ltd.)(4, 0, 0, 21)
[C:\Program Files\rising\Rfw\MonDrv.dll] (rs)(1, 0, 0, 4)
[C:\Program Files\rising\Rfw\ProcLib.dll] (Beijing Rising Technology Co., Ltd.)(4, 0, 0, 9)
[C:\Program Files\rising\Rfw\mPorts.dll] (Beijing Rising Technology Co., Ltd.)(4, 0, 0, 3)
[PID: 2024][C:\WINDOWS\system32\spoolsv.exe] (Microsoft Corporation)(5.1.2600.2696 (xpsp_sp2_gdr.050610-1519))
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\vprproc.dll] (Windows (R) 2000 DDK provider)(5.00.2195.1620)
[PID: 284][C:\Program Files\rising\Rav\RavStub.exe] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 16)
[C:\Program Files\rising\Rav\RsCommX.dll] (rising)(18, 0, 0, 1)
[C:\Program Files\rising\Rav\RSCOMMON.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[PID: 468][C:\WINDOWS\system32\ZCfgSvc.exe] (Intel Corporation)(4, 1, 0, 53)
[C:\WINDOWS\system32\PfMgrApi.dll] (Intel Corporation)(4, 1, 0, 0)
[C:\WINDOWS\system32\PsRegApi.dll] (Intel Corporation)(4, 1, 0, 0)
[C:\WINDOWS\system32\WConfig.DLL] (Intel Corporation)(4, 1, 0, 1)
[C:\WINDOWS\system32\WiFiAdap.DLL] (Intel Corporation)(4, 1, 0, 0)
[C:\WINDOWS\system32\C1XStngs.dll] ()(4, 1, 0, 1)
[C:\Program Files\Intel\PROSet\CHS\ZcSvcCHS.dll] (Intel Corporation)(4, 1, 0, 53)
[C:\Program Files\Intel\PROSet\CHS\PmApiCHS.dll] (Intel Corporation)(4, 1, 0, 0)
[C:\WINDOWS\system32\S24MUDLL.dll] (Intel Corporation)(4, 1, 0, 3)
[PID: 712][C:\WINDOWS\Explorer.EXE] (Microsoft Corporation)(6.00.2900.2180 (xpsp_sp2_rtm.040803-2158))
[C:\WINDOWS\system32\dllz.dll] (N/A)(N/A)
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] (Adobe Systems, Inc.)(7.0.0.0)
[C:\WINDOWS\System32\igfxpph.dll] (Intel Corporation)(3,0,0,2104)
[C:\WINDOWS\System32\hccutils.DLL] (Intel Corporation)(3,0,0,2104)
[C:\WINDOWS\system32\igfxres.dll] (Intel Corporation)(3,0,0,2104)
[C:\WINDOWS\System32\igfxsrvc.dll] (Intel Corporation)(3,0,0,2104)
[C:\WINDOWS\System32\igfxdev.dll] (Intel Corporation)(3,0,0,2104)
[C:\Program Files\WinRAR\rarext.dll] (N/A)(N/A)
[C:\Herosoft\HeroV8\VCvtShell.dll] (herosoft)(1, 0, 0, 1)
[C:\WINDOWS\system32\RavExt.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 21)
[C:\Program Files\rising\Rav\RSCOMMON.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[C:\Program Files\Easy Button Utility V2.2\KeyHook.dll] ()(1, 0, 0, 1)
[C:\WINDOWS\system32\igfxress.dll] (Intel Corporation)(3,0,0,2104)
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] (Adobe Systems Incorporated)(7.0.7.2006011200)
[PID: 744][C:\Program Files\rising\Rfw\RfwMain.exe] (Beijing Rising Technology Co., Ltd.)(4, 0, 0, 51)
[C:\Program Files\rising\Rfw\RsGuiLib.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 23)
[C:\Program Files\rising\Rfw\RSCOMMON.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[C:\Program Files\rising\Rfw\PngDll.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 5)
[C:\WINDOWS\system32\dllz.dll] (N/A)(N/A)
[PID: 2292][C:\Program Files\Internet Explorer\IEXPLORE.EXE] (Microsoft Corporation)(6.00.2900.2180 (xpsp_sp2_rtm.040803-2158))
[C:\WINDOWS\system32\intarnet.DLL] (N/A)(N/A)
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] (Adobe Systems Incorporated)(7.0.7.2006011200)
[c:\PROGRA~1\chinanet\VNETTR~1.DLL] ()(2005, 4, 6, 1)
[c:\PROGRA~1\chinanet\Communicate.dll] (0)(2005, 3, 3, 1)
[C:\PROGRA~1\Chinanet\CLIENT~1.DLL] ()(2004, 2, 28, 1)
[d:\Program Files\Tencent\QQ\QQIEHelper.dll] (深圳市腾讯计算机系统有限公司)(1, 1, 0, 5)
[C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll] (Microsoft Corporation)(01.02.3000.1001)
[C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\zh-cn\msntb.dll] (Microsoft Corporation)(01.02.5000.1021)
[C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\zh-cn\mtbres.dll] (Microsoft Corporation)(01.02.5000.1021)
[C:\PROGRA~1\SUPERR~1\MagicSet\HAOKAN~2.DLL] (超级兔子)(1.0.7.7)
[PID: 3212][C:\WINDOWS\System32\alg.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 3540][C:\WINDOWS\system32\ctfmon.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[C:\WINDOWS\system32\dllz.dll] (N/A)(N/A)
[PID: 3736][C:\WINDOWS\SOUNDMAN.EXE] (Realtek Semiconductor Corp.)(5.1.10)
[C:\WINDOWS\system32\dllz.dll] (N/A)(N/A)
[PID: 3748][C:\WINDOWS\AGRSMMSG.exe] (Agere Systems)(2.1.23 2.1.23 01/22/2003 17:47:39)
[C:\WINDOWS\system32\dllz.dll] (N/A)(N/A)
[PID: 3760][C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe] (Intel(R) Corporation)(6.1.303.0)
[C:\Program Files\Intel\NCS\PROSet\CHSPGUIR.dll] (Intel(R) Corporation)(6.1.303.0)
[C:\WINDOWS\System32\Pn802_11.dll] (Intel Corporation.)(4, 1, 0, 0)
[C:\WINDOWS\System32\PfMgrApi.dll] (Intel Corporation)(4, 1, 0, 0)
[C:\WINDOWS\System32\PsRegApi.dll] (Intel Corporation)(4, 1, 0, 0)
[C:\WINDOWS\System32\WConfig.DLL] (Intel Corporation)(4, 1, 0, 1)
[C:\WINDOWS\System32\WiFiAdap.DLL] (Intel Corporation)(4, 1, 0, 0)
[C:\Program Files\Intel\PROSet\CHS\PNC11CHS.dll] (Intel Corporation.)(4, 1, 0, 0)
[C:\WINDOWS\system32\S24MUDLL.dll] (Intel Corporation)(4, 1, 0, 3)
[PID: 3768][C:\Program Files\Apoint2K\Apoint.exe] (Alps Electric Co., Ltd.)(5.3.7.148)
[C:\WINDOWS\system32\VXDIF.DLL] (Alps Electric Co., Ltd.)(6.0.2.63)
[C:\Program Files\Apoint2K\Apoint.DLL] (Alps Electric Co., Ltd.)(5.3.8.208)
[C:\Program Files\Apoint2K\EzAuto.dll] (Alps Electric Co., Ltd.)(4.5.1.83)
[C:\Program Files\Apoint2K\EzLaunch.DLL] (Alps Electric Co., Ltd.)(4.5.0.48)
[C:\WINDOWS\system32\dllz.dll] (N/A)(N/A)
[PID: 3812][C:\WINDOWS\System32\hkcmd.exe] (Intel Corporation)(3,0,0,2104)
[C:\WINDOWS\System32\hccutils.DLL] (Intel Corporation)(3,0,0,2104)
[C:\WINDOWS\System32\igfxdev.dll] (Intel Corporation)(3,0,0,2104)
[C:\WINDOWS\System32\igfxsrvc.dll] (Intel Corporation)(3,0,0,2104)
[C:\WINDOWS\system32\dllz.dll] (N/A)(N/A)
[C:\WINDOWS\System32\igfxhk.dll] (Intel Corporation)(3,0,0,2104)
[C:\WINDOWS\System32\igfxres.dll] (Intel Corporation)(3,0,0,2104)
[PID: 3828][C:\WINDOWS\VM_STI.EXE] (VM.)(4.2.610.4)
[C:\WINDOWS\system32\msdmo.dll] (N/A)(N/A)
[C:\WINDOWS\system32\dllz.dll] (N/A)(N/A)
[PID: 3920][C:\Program Files\rising\Rav\RavTask.exe] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 22)
[C:\Program Files\rising\Rav\RSCOMMON.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[C:\Program Files\rising\Rav\RSAPPMGR.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 2)
[C:\Program Files\rising\Rav\CfgDll.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 11)
[C:\Program Files\rising\Rav\RsCommX.dll] (rising)(18, 0, 0, 1)
[C:\WINDOWS\system32\dllz.dll] (N/A)(N/A)
[PID: 3968][C:\Program Files\Apoint2K\Apntex.exe] (Alps Electric Co., Ltd.)(5.0.1.15)
[C:\WINDOWS\system32\VXDIF.DLL] (Alps Electric Co., Ltd.)(6.0.2.63)
[C:\WINDOWS\system32\dllz.dll] (N/A)(N/A)
[PID: 2308][C:\WINDOWS\system32\conime.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[C:\WINDOWS\system32\dllz.dll] (N/A)(N/A)
[PID: 1008][C:\Program Files\rising\Rav\Ravmon.exe] (Beijing Rising Technology Co., Ltd.)(18, 0, 1, 30)
[C:\Program Files\rising\Rav\RsGuiLib.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 24)
[C:\Program Files\rising\Rav\BWList.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 19)
[C:\Program Files\rising\Rav\RSAPPMGR.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 2)
[C:\Program Files\rising\Rav\CfgDll.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 11)
[C:\Program Files\rising\Rav\RSCOMMON.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[C:\Program Files\rising\Rav\RsCommX.dll] (rising)(18, 0, 0, 1)
[C:\Program Files\rising\Rav\PngDll.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 5)

[C:\WINDOWS\system32\dllz.dll] (N/A)(N/A)
[C:\Program Files\Easy Button Utility V2.2\KeyHook.dll] ()(1, 0, 0, 1)
[PID: 2396][C:\Program Files\Easy Button Utility V2.2\lxkey.exe] ()(1, 0, 0, 1)
[C:\Program Files\Easy Button Utility V2.2\KeyHook.dll] ()(1, 0, 0, 1)
[C:\WINDOWS\system32\dllz.dll] (N/A)(N/A)
[PID: 2656][C:\WINDOWS\rundll32.exe] (N/A)(N/A)
[C:\WINDOWS\system32\dllz.dll] (N/A)(N/A)
[PID: 2664][C:\WINDOWS\rundll32.exe] (N/A)(N/A)
[PID: 3272][C:\WINDOWS\rundll32.exe] (N/A)(N/A)
[PID: 3652][C:\WINDOWS\rundll32.exe] (N/A)(N/A)
[PID: 3660][C:\WINDOWS\rundll32.exe] (N/A)(N/A)
[PID: 2868][C:\WINDOWS\rundll32.exe] (N/A)(N/A)
[PID: 3864][C:\WINDOWS\rundll32.exe] (N/A)(N/A)
[PID: 3200][C:\WINDOWS\rundll32.exe] (N/A)(N/A)
[PID: 2816][C:\WINDOWS\System32\svchost.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 2548][C:\Program Files\Chinanet\VnetClient.exe] ()(2005, 11, 14, 1)
[C:\Program Files\Chinanet\Communicate.dll] (0)(2005, 3, 3, 1)
[C:\Program Files\Chinanet\DialModule.dll] (GDCN)(2005, 11, 15, 1)
[C:\PROGRA~1\Chinanet\CLIENT~1.DLL] ()(2004, 2, 28, 1)
[C:\PROGRA~1\Chinanet\PLUGIN~1.OCX] ()(2005, 7, 27, 1)
[C:\PROGRA~1\Chinanet\sign.dll] (0)(2004, 12, 1, 1)
[C:\PROGRA~1\Chinanet\WEBPLU~1.DLL] ()(2005, 8, 18, 1)
[C:\PROGRA~1\Chinanet\PostPlug.dll] ()(2004, 12, 16, 2)
[C:\PROGRA~1\Chinanet\ADVERT~1.OCX] ()(2005, 10, 13, 1)
[C:\PROGRA~1\Chinanet\Gif89a.dll] ()(2005, 6, 21, 1)
[C:\PROGRA~1\Chinanet\VnetBs.ocx] ()(2004, 11, 18, 1)
[C:\PROGRA~1\Chinanet\ACCOUN~2.DLL] ()(2005, 11, 14, 1)
[C:\PROGRA~1\Chinanet\AccountMgr.dll] ()(2005, 11, 14, 17)
[C:\PROGRA~1\Chinanet\VnetSkin.ocx] (GDDC)(2005, 11, 14, 1)
[C:\PROGRA~1\Chinanet\DialogStyle.dll] ()(1, 0, 0, 1)
[C:\PROGRA~1\Chinanet\Timer.ocx] ()(2005, 10, 9, 14)
[C:\PROGRA~1\Chinanet\PLUGIN~2.OCX] ()(2005, 2, 24, 1)
[C:\PROGRA~1\Chinanet\NEWMES~1.DLL] ()(2005, 8, 26, 1)
[C:\PROGRA~1\Chinanet\PassCtrl.dll] ()(1, 0, 0, 1)
[C:\WINDOWS\system32\wpcap.dll] (CACE Technologies)(3, 1, 0, 27)
[C:\WINDOWS\system32\packet.dll] (CACE Technologies)(3, 1, 0, 27)
[C:\WINDOWS\system32\WanPacket.dll] (CACE Technologies)(3, 1, 0, 27)
[C:\PROGRA~1\Chinanet\PlugPush.dll] ()(2004, 12, 21, 1)
[C:\PROGRA~1\Chinanet\ALLINT~1.DLL] ()(2004, 11, 23, 1)
[C:\PROGRA~1\Chinanet\VNetLog.ocx] ()(2005, 10, 9, 1)
[C:\PROGRA~1\Chinanet\StatNum.dll] ()(2004, 11, 18, 1)
[C:\PROGRA~1\Chinanet\VNETON~1.OCX] ()(2005, 3, 2, 1)
[C:\PROGRA~1\Chinanet\ALLFUN~1.DLL] (GDCN)(2005, 10, 9, 1)
[C:\PROGRA~1\Chinanet\VnetOptLog.dll] ()(2005, 9, 13, 9)
[C:\WINDOWS\system32\dllz.dll] (N/A)(N/A)
[C:\PROGRA~1\Chinanet\DlgSkin.ocx] ()(2005, 11, 14, 1)
[C:\WINDOWS\System32\Macromed\Flash\Flash8b.ocx] (Macromedia, Inc.)(8,0,24,0)
[PID: 2200][C:\Program Files\Internet Explorer\iexplore.exe] (Microsoft Corporation)(6.00.2900.2180 (xpsp_sp2_rtm.040803-2158))
[C:\PROGRA~1\SUPERR~1\MagicSet\HAOKAN~2.DLL] (超级兔子)(1.0.7.7)
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] (Adobe Systems Incorporated)(7.0.7.2006011200)
[c:\PROGRA~1\chinanet\VNETTR~1.DLL] ()(2005, 4, 6, 1)
[c:\PROGRA~1\chinanet\Communicate.dll] (0)(2005, 3, 3, 1)
[C:\PROGRA~1\Chinanet\CLIENT~1.DLL] ()(2004, 2, 28, 1)
[C:\WINDOWS\system32\dllz.dll] (N/A)(N/A)
[d:\Program Files\Tencent\QQ\QQIEHelper.dll] (深圳市腾讯计算机系统有限公司)(1, 1, 0, 5)
[C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll] (Microsoft Corporation)(01.02.3000.1001)
[C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\zh-cn\msntb.dll] (Microsoft Corporation)(01.02.5000.1021)
[C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\zh-cn\mtbres.dll] (Microsoft Corporation)(01.02.5000.1021)
[C:\WINDOWS\System32\Macromed\Flash\Flash8b.ocx] (Macromedia, Inc.)(8,0,24,0)
[C:\Program Files\Easy Button Utility V2.2\KeyHook.dll] ()(1, 0, 0, 1)
[PID: 1940][C:\Program Files\rising\rav\Rav.exe] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 75)
[C:\Program Files\rising\rav\PlugIn\RsPgScan.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 17)
[C:\Program Files\rising\rav\RSAPPMGR.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 2)
[C:\Program Files\rising\rav\CfgDll.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 11)
[C:\Program Files\rising\rav\RsCommX.dll] (rising)(18, 0, 0, 1)
[C:\Program Files\rising\rav\RavUI.Dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 61)
[C:\Program Files\rising\rav\RsGuiLib.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 24)
[C:\Program Files\rising\rav\PngDll.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 5)
[C:\Program Files\rising\rav\RSCOMMON.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[C:\WINDOWS\system32\dllz.dll] (N/A)(N/A)
[C:\Program Files\rising\Rav\Scanner.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 30)
[C:\Program Files\rising\rav\BWList.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 19)
[C:\Program Files\rising\rav\RavUIMsg.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 25)
[PID: 3908][C:\Program Files\rising\rav\RavStore.exe] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 9)
[C:\Program Files\rising\rav\RSCOMMON.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[C:\Program Files\rising\rav\RsCommX.dll] (rising)(18, 0, 0, 1)
[C:\Program Files\rising\rav\RSStore.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 5)
[C:\WINDOWS\system32\dllz.dll] (N/A)(N/A)
[C:\Program Files\rising\rav\libload.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 10)
[C:\Program Files\rising\rav\VirusLib.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 12)
[PID: 1124][C:\Documents and Settings\user\桌面\sreng2\SREng2\SREng.exe] (Smallfrogs Studio)(2.0.21.505)
[C:\WINDOWS\system32\dllz.dll] (N/A)(N/A)



--------------------------------------------------------------------------------



文件关联

.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

好了,希望大人能帮我解决问题.
之前已经杀了好几种病毒了,只有这种我对它一点办法也没有.


P.S.这种病毒会占用C盘空间吗?我总觉得C盘好象一直在变少的样子.

我的System Repair Engineer里没有<KernelFaultCheck><C:\WINDOWS\system32\mswdm.exe>这一项,C:\WINDOWS\system32\里也没有mswdm.exe

在安全模式下清空的文件夹，正常模式又回来了。
请大人帮忙！
下面是重新扫描的日志

2006-08-10,11:38:28

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联


启动项目


注册表

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
(ctfmon.exe)(C:\WINDOWS\system32\ctfmon.exe) [Microsoft Corporation]
(msnmsgr)(; "C:\Program Files\MSN Messenger\msnmsgr.exe" /background) [Microsoft Corporation]
(MSMSGS)(; "C:\Program Files\Messenger\msmsgs.exe" /background) [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
(load)() []
(run)() []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
(PHIME2002ASync)(C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC) [Microsoft Corporation]
(PHIME2002A)(C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName) [Microsoft Corporation]
(SoundMan)(SOUNDMAN.EXE) [Realtek Semiconductor Corp.]
(AGRSMMSG)(AGRSMMSG.exe) [Agere Systems]
(PRONoMgr.exe)(C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe) [Intel(R) Corporation]
(Apoint)(C:\Program Files\Apoint2K\Apoint.exe) [Alps Electric Co., Ltd.]
(IgfxTray)(C:\WINDOWS\System32\igfxtray.exe) [Intel Corporation]
(HotKeysCmds)(C:\WINDOWS\System32\hkcmd.exe) [Intel Corporation]
(BigDogPath)(C:\WINDOWS\VM_STI.EXE USB PC Camera 301P) []
(RfwMain)("C:\Program Files\rising\Rfw\rfwmain.exe" -Startup) [Beijing Rising Technology Co., Ltd.]
(RavTask)("C:\Program Files\rising\Rav\RavTask.exe" -system) [Beijing Rising Technology Co., Ltd.]
(TkBellExe)(; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot) [RealNetworks, Inc.]
(IESAddr)() []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
(shell)(EXPLORER.EXE) [Microsoft Corporation]
(Userinit)(userinit.exe,) [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
(AppInit_DLLs)() []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
(UIHost)(C:\WINDOWS\Resources\粉色透明\cwdkg_lover.exe) []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
(DelayRun)(C:\WINDOWS\system\dd1d1880.dll) []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Sebring]
(WinlogonNotify: Sebring)(C:\WINDOWS\System32\LgNotify.dll) [Intel Corporation]
[HKEY_CURRENT_USER\Control Panel\Desktop]
(SCRNSAVE.EXE)(C:\WINDOWS\偪偂偺~1.SCR) [MacSourcery]




--------------------------------------------------------------------------------



启动文件夹

[Easy Button Utility]
(C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Easy Button Utility.lnk)(N)



--------------------------------------------------------------------------------



服务

[intarnet / intarnet]
(C:\WINDOWS\system32\intarnet.exe)(N/A)
[Routing and Remote SqlServer / Remote SQL]
(C:\WINDOWS\system32\su.exe)(N/A)
[Rising Personal Firewall Service / RfwService]
(C:\Program Files\rising\Rfw\rfwsrv.exe)(Beijing Rising Technology Co., Ltd.)
[Rising Process Communication Center / RsCCenter]
("C:\Program Files\rising\Rav\CCenter.exe")(Beijing Rising Technology Co., Ltd.)
[RsRavMon Service / RsRavMon]
("C:\Program Files\rising\Rav\Ravmond.exe")(Beijing Rising Technology Co., Ltd.)
[Sony SPTI Service / SPTISRV]
(C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe)(Sony Corporation)



--------------------------------------------------------------------------------



浏览器加载项

[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated)
[VnetCookie Class]
{4E83D567-4697-4F7B-B1F0-A513B01DB89A} (c:\PROGRA~1\chinanet\VNETTR~1.DLL, )
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} (d:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司)
[ST]
{9394EDE7-C8B5-483E-8773-474BF36AF6E4} (C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll, Microsoft Corporation)
[MSNToolBandBHO]
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\zh-cn\msntb.dll, Microsoft Corporation)
[超级兔子上网精灵]
{FEDF637B-F631-4583-A210-33CC828D42DB} (C:\PROGRA~1\SUPERR~1\MagicSet\HAOKAN~2.DLL, 超级兔子)
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} (d:\Program Files\Tencent\QQ\QQ.EXE, TENCENT)
[QQIEFloatBarCfgCmd Class]
{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} (d:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司)
[FlashGet Bar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} (C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft)
[金山快译(&K)]
{6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} (C:\Program Files\Corel\FastAIT\IEBand.dll, 金山软件股份有限公司)
[BitCometBar]
{3F1ABCDB-A875-46c1-8345-B72A4567E486} (C:\Program Files\BitComet\BitCometBar\BitCometBar0.2.dll, N/A)
[MSN]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\zh-cn\msntb.dll, Microsoft Corporation)
[超级兔子上网精灵]
{FEDF637B-F631-4583-A210-33CC828D42DB} (C:\PROGRA~1\SUPERR~1\MagicSet\HAOKAN~2.DLL, 超级兔子)
[PowerPlr Control]
{2354A44B-3CEB-4829-9940-545B03103538} (C:\WINDOWS\DOWNLO~1\PowerPlr.ocx, Powerise Digital)
[MSN Photo Upload Tool]
{4F1E5B1A-2A80-42CA-8532-2D05CB959537} (C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll, Microsoft? Corporation)
[AxInputControl Class]
{73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (C:\WINDOWS\DOWNLO~1\CONFLICT.1\INPUTC~1.DLL, )
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} (C:\WINDOWS\System32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.)
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated)
[Web Browser Applet Control]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} (C:\WINDOWS\System32\msjava.dll, Microsoft Corporation)
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} (C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation)
[PowerPlr Control]
{2354A44B-3CEB-4829-9940-545B03103538} (C:\WINDOWS\DOWNLO~1\PowerPlr.ocx, Powerise Digital)
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} (%SystemRoot%\system32\mshtml.dll, N/A)
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} (C:\WINDOWS\System32\dllcache\dhtmled.ocx, N/A)
[HtmlDlgSafeHelper Class]
{3050F819-98B5-11CF-BB82-00AA00BDCE0B} (C:\WINDOWS\system32\mshtmled.dll, Microsoft Corporation)
[BitCometBar]
{3F1ABCDB-A875-46C1-8345-B72A4567E486} (C:\Program Files\BitComet\BitCometBar\BitCometBar0.2.dll, N/A)
[VnetCookie Class]
{4E83D567-4697-4F7B-B1F0-A513B01DB89A} (c:\PROGRA~1\chinanet\VNETTR~1.DLL, )
[HHCtrl Object]
{52A2AAAE-085D-4187-97EA-8C30DB990436} (C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation)
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} (d:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司)
[Shell Name Space]
{55136805-B2DE-11D1-B9F2-00A0C98BC547} (%SystemRoot%\System32\shdocvw.dll, N/A)
[EbhHhygc Class]
{5E42883F-AF39-EF78-7E48-F71F367028EF} (C:\WINDOWS\DOWNLO~1\kaiynq.dll, yjyxqsoft)
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} (C:\WINDOWS\system32\wmp.dll, Microsoft Corporation)
[金山快译(&K)]
{6C3797D2-3FEF-4CD4-B654-D3AE55B4128C} (C:\Program Files\Corel\FastAIT\IEBand.dll, 金山软件股份有限公司)
[AxInputControl Class]
{73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (C:\WINDOWS\DOWNLO~1\CONFLICT.1\INPUTC~1.DLL, )
[MediaComm Class]
{7670648D-461B-42AF-BDFE-46D26AF5EFF2} (C:\Program Files\Thunder Network\Thunder\Components\InMedia\MediaAddin04.dll, Thunder Networking Technologies,LTD)
[Microsoft Web 浏览器]
{8856F961-340A-11D0-A96B-00C04FD705A2} (C:\WINDOWS\System32\shdocvw.dll, Microsoft Corporation)
[AxSubmitControl Class]
{8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} (C:\WINDOWS\DOWNLO~1\CONFLICT.1\SUBMIT~1.DLL, )
[LiveMediaOcx Control]
{9242BB35-0DB0-43AC-8DFC-8EA07E63B92A} (d:\PROGRA~2\Tencent\QQLive\QQLive.ocx, Tencent)
[ST]
{9394EDE7-C8B5-483E-8773-474BF36AF6E4} (C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll, Microsoft Corporation)
[RMGetLicense Class]
{A9FC132B-096D-460B-B7D5-1DB0FAE0C062} (C:\WINDOWS\System32\msnetobj.dll, Microsoft Corporation)
[Microsoft Scriptlet Component]
{AE24FDAE-03C6-11D1-8B76-0080C744F389} (C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation)
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} (%SystemRoot%\System32\shdocvw.dll, N/A)
[]
{B69003B3-C55E-4B48-836C-BC5946FC3B28} (C:\Program Files\Messenger\msgsc.dll, Microsoft Corporation)
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} (C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation)
[MSN]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\zh-cn\msntb.dll, Microsoft Corporation)
[MSNToolBandBHO]
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\zh-cn\msntb.dll, Microsoft Corporation)
[AUDIO__X_MS_WMA Moniker Class]
{CD3AFA84-B84F-48F0-9393-7EDC34128127} (C:\WINDOWS\system32\wmp.dll, Microsoft Corporation)
[VIDEO__X_MS_WMV Moniker Class]
{CD3AFA94-B84F-48F0-9393-7EDC34128127} (C:\WINDOWS\system32\wmp.dll, Microsoft Corporation)
[RealPlayer G2 Control]
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} (C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.)
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} (C:\WINDOWS\System32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.)
[FlashGet Bar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} (C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft)
[BHelper Class]
{F2E37336-BFDB-409B-8D0E-6F013C438B20} (C:\WINDOWS\dd1o1880.dll, N/A)
[超级兔子上网精灵]
{FEDF637B-F631-4583-A210-33CC828D42DB} (C:\PROGRA~1\SUPERR~1\MagicSet\HAOKAN~2.DLL, 超级兔子)
[&使用迅雷下载]
(C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A)
[&使用迅雷下载全部链接]
(C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A)
[上传到QQ网络硬盘]
(D:\Program files\Tencent\QQ\AddToNetDisk.htm, N/A)
[使用网际快车下载]
(C:\PROGRA~1\FLASHGET\jc_link.htm, N/A)
[使用网际快车下载全部链接]
(C:\PROGRA~1\FLASHGET\jc_all.htm, N/A)
[导出到 Microsoft Office Excel(&X)]
(res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A)
[添加到QQ自定义面板]
(D:\Program files\Tencent\QQ\AddPanel.htm, N/A)
[添加到QQ表情]
(D:\Program files\Tencent\QQ\AddEmotion.htm, N/A)
[用QQ彩信发送该图片]
(D:\Program files\Tencent\QQ\SendMMS.htm, N/A)



--------------------------------------------------------------------------------

正在运行的进程

[PID: 688][\SystemRoot\System32\smss.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 740][\??\C:\WINDOWS\system32\csrss.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 764][\??\C:\WINDOWS\system32\winlogon.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[C:\WINDOWS\System32\LgNotify.dll] (Intel Corporation)(4, 1, 0, 0)
[PID: 816][C:\WINDOWS\system32\services.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 828][C:\WINDOWS\system32\lsass.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 988][C:\WINDOWS\system32\svchost.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 1056][C:\WINDOWS\system32\svchost.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 1192][C:\Program Files\rising\Rav\CCenter.exe] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 3)
[PID: 1208][C:\WINDOWS\System32\svchost.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 1296][C:\WINDOWS\System32\svchost.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 1404][C:\WINDOWS\System32\svchost.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 1420][C:\Program Files\rising\Rav\Ravmond.exe] (Beijing Rising Technology Co., Ltd.)(18, 0, 1, 33)
[C:\Program Files\rising\Rav\BWList.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 19)
[C:\Program Files\rising\Rav\RsCommX.dll] (rising)(18, 0, 0, 1)
[C:\Program Files\rising\Rav\RSAPPMGR.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 2)
[C:\Program Files\rising\Rav\CfgDll.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 11)
[C:\Program Files\rising\Rav\RSCOMMON.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[C:\Program Files\rising\Rav\RsLog.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 20)
[C:\Program Files\rising\Rav\HOOKSYS.dll] (Beijing Rising Technology Co., Ltd.)(18, 1, 0, 11)
[C:\Program Files\rising\Rav\Scanner.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 30)
[C:\Program Files\rising\Rav\libload.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 10)
[C:\Program Files\rising\Rav\VirusLib.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 12)
[C:\Program Files\rising\Rav\regmon.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 6)
[C:\Program Files\rising\Rav\HookWeb.dll] (rising)(18, 0, 0, 2)
[C:\Program Files\rising\Rav\MemMon.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 10)
[C:\Program Files\rising\Rav\expscan.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[C:\Program Files\rising\Rav\mPorts.dll] (Beijing Rising Technology Co., Ltd.)(4, 0, 0, 3)
[C:\Program Files\rising\Rav\MailMon.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 5)
[C:\Program Files\rising\Rav\SpamEng.dll] (N/A)(18, 0, 0, 6)
[C:\Program Files\rising\Rav\engine.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 30)
[C:\Program Files\rising\Rav\PostTrt.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 12)
[C:\Program Files\rising\Rav\UnExe.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 11)
[C:\Program Files\rising\Rav\ScanExec.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 11)
[C:\Program Files\rising\Rav\ScanEx.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 14)
[C:\Program Files\rising\Rav\NvFile.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 7)
[C:\Program Files\rising\Rav\ScanMac.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 9)
[C:\Program Files\rising\Rav\ScanSct.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 18)
[C:\Program Files\rising\Rav\Unpacker.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 3)
[C:\Program Files\rising\Rav\RsStore.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 5)
[PID: 1632][C:\Program Files\rising\Rfw\rfwsrv.exe] (Beijing Rising Technology Co., Ltd.)(4, 0, 0, 32)
[C:\Program Files\rising\Rfw\RfwRule.dll] (Beijing Rising Technology Co., Ltd.)(4, 0, 0, 13)
[C:\Program Files\rising\Rfw\rfwlog.dll] (Beijing Rising Technology Co., Ltd.)(4, 0, 0, 6)
[C:\Program Files\rising\Rfw\Rfwdrv.dll] (Beijing Rising Technology Co., Ltd.)(4, 0, 0, 21)
[C:\Program Files\rising\Rfw\MonDrv.dll] (rs)(1, 0, 0, 4)
[C:\Program Files\rising\Rfw\ProcLib.dll] (Beijing Rising Technology Co., Ltd.)(4, 0, 0, 9)
[PID: 1784][C:\WINDOWS\system32\spoolsv.exe] (Microsoft Corporation)(5.1.2600.2696 (xpsp_sp2_gdr.050610-1519))
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\vprproc.dll] (Windows (R) 2000 DDK provider)(5.00.2195.1620)
[PID: 1932][C:\Program Files\rising\Rav\RavStub.exe] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 16)
[C:\Program Files\rising\Rav\RsCommX.dll] (rising)(18, 0, 0, 1)
[C:\Program Files\rising\Rav\RSCOMMON.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[PID: 564][C:\Program Files\Internet Explorer\IEXPLORE.EXE] (Microsoft Corporation)(6.00.2900.2180 (xpsp_sp2_rtm.040803-2158))
[C:\WINDOWS\system32\intarnet.DLL] (N/A)(N/A)
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] (Adobe Systems Incorporated)(7.0.7.2006011200)
[c:\PROGRA~1\chinanet\VNETTR~1.DLL] ()(2005, 4, 6, 1)
[c:\PROGRA~1\chinanet\Communicate.dll] (0)(2005, 3, 3, 1)
[C:\PROGRA~1\Chinanet\CLIENT~1.DLL] ()(2004, 2, 28, 1)
[d:\Program Files\Tencent\QQ\QQIEHelper.dll] (深圳市腾讯计算机系统有限公司)(1, 1, 0, 5)
[C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll] (Microsoft Corporation)(01.02.3000.1001)
[C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\zh-cn\msntb.dll] (Microsoft Corporation)(01.02.5000.1021)
[C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\zh-cn\mtbres.dll] (Microsoft Corporation)(01.02.5000.1021)
[C:\PROGRA~1\SUPERR~1\MagicSet\HAOKAN~2.DLL] (超级兔子)(1.0.7.7)
[PID: 880][C:\WINDOWS\System32\alg.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 896][C:\WINDOWS\system32\ZCfgSvc.exe] (Intel Corporation)(4, 1, 0, 53)

[C:\WINDOWS\system32\PfMgrApi.dll] (Intel Corporation)(4, 1, 0, 0)
[C:\WINDOWS\system32\PsRegApi.dll] (Intel Corporation)(4, 1, 0, 0)
[C:\WINDOWS\system32\WConfig.DLL] (Intel Corporation)(4, 1, 0, 1)
[C:\WINDOWS\system32\WiFiAdap.DLL] (Intel Corporation)(4, 1, 0, 0)
[C:\WINDOWS\system32\C1XStngs.dll] ()(4, 1, 0, 1)
[C:\Program Files\Intel\PROSet\CHS\ZcSvcCHS.dll] (Intel Corporation)(4, 1, 0, 53)
[C:\Program Files\Intel\PROSet\CHS\PmApiCHS.dll] (Intel Corporation)(4, 1, 0, 0)
[C:\WINDOWS\system32\S24MUDLL.dll] (Intel Corporation)(4, 1, 0, 3)
[PID: 180][C:\WINDOWS\Explorer.EXE] (Microsoft Corporation)(6.00.2900.2180 (xpsp_sp2_rtm.040803-2158))
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] (Adobe Systems, Inc.)(7.0.0.0)
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] (Adobe Systems Incorporated)(7.0.7.2006011200)
[C:\WINDOWS\System32\igfxpph.dll] (Intel Corporation)(3,0,0,2104)
[C:\WINDOWS\System32\hccutils.DLL] (Intel Corporation)(3,0,0,2104)
[C:\WINDOWS\system32\igfxres.dll] (Intel Corporation)(3,0,0,2104)
[C:\WINDOWS\System32\igfxsrvc.dll] (Intel Corporation)(3,0,0,2104)
[C:\WINDOWS\System32\igfxdev.dll] (Intel Corporation)(3,0,0,2104)
[PID: 1080][C:\Program Files\rising\Rfw\RfwMain.exe] (Beijing Rising Technology Co., Ltd.)(4, 0, 0, 51)
[C:\Program Files\rising\Rfw\RsGuiLib.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 23)
[C:\Program Files\rising\Rfw\RSCOMMON.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[C:\Program Files\rising\Rfw\PngDll.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 5)
[PID: 576][C:\WINDOWS\SOUNDMAN.EXE] (Realtek Semiconductor Corp.)(5.1.10)
[PID: 1360][C:\WINDOWS\AGRSMMSG.exe] (Agere Systems)(2.1.23 2.1.23 01/22/2003 17:47:39)
[PID: 1488][C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe] (Intel(R) Corporation)(6.1.303.0)
[C:\Program Files\Intel\NCS\PROSet\CHSPGUIR.dll] (Intel(R) Corporation)(6.1.303.0)
[C:\WINDOWS\System32\Pn802_11.dll] (Intel Corporation.)(4, 1, 0, 0)
[C:\WINDOWS\System32\PfMgrApi.dll] (Intel Corporation)(4, 1, 0, 0)
[C:\WINDOWS\System32\PsRegApi.dll] (Intel Corporation)(4, 1, 0, 0)
[C:\WINDOWS\System32\WConfig.DLL] (Intel Corporation)(4, 1, 0, 1)
[C:\WINDOWS\System32\WiFiAdap.DLL] (Intel Corporation)(4, 1, 0, 0)
[C:\Program Files\Intel\PROSet\CHS\PNC11CHS.dll] (Intel Corporation.)(4, 1, 0, 0)
[C:\WINDOWS\system32\S24MUDLL.dll] (Intel Corporation)(4, 1, 0, 3)
[PID: 1500][C:\Program Files\Apoint2K\Apoint.exe] (Alps Electric Co., Ltd.)(5.3.7.148)
[C:\WINDOWS\system32\VXDIF.DLL] (Alps Electric Co., Ltd.)(6.0.2.63)
[C:\Program Files\Apoint2K\Apoint.DLL] (Alps Electric Co., Ltd.)(5.3.8.208)
[C:\Program Files\Apoint2K\EzAuto.dll] (Alps Electric Co., Ltd.)(4.5.1.83)
[C:\Program Files\Apoint2K\EzLaunch.DLL] (Alps Electric Co., Ltd.)(4.5.0.48)
[PID: 1432][C:\WINDOWS\System32\hkcmd.exe] (Intel Corporation)(3,0,0,2104)
[C:\WINDOWS\System32\hccutils.DLL] (Intel Corporation)(3,0,0,2104)
[C:\WINDOWS\System32\igfxdev.dll] (Intel Corporation)(3,0,0,2104)
[C:\WINDOWS\System32\igfxsrvc.dll] (Intel Corporation)(3,0,0,2104)
[C:\WINDOWS\System32\igfxhk.dll] (Intel Corporation)(3,0,0,2104)
[C:\WINDOWS\System32\igfxres.dll] (Intel Corporation)(3,0,0,2104)
[PID: 1576][C:\WINDOWS\VM_STI.EXE] (VM.)(4.2.610.4)
[C:\WINDOWS\system32\msdmo.dll] (N/A)(N/A)
[PID: 876][C:\Program Files\rising\Rav\RavTask.exe] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 22)
[C:\Program Files\rising\Rav\RSCOMMON.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[C:\Program Files\rising\Rav\RSAPPMGR.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 2)
[C:\Program Files\rising\Rav\CfgDll.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 11)
[C:\Program Files\rising\Rav\RsCommX.dll] (rising)(18, 0, 0, 1)
[PID: 1864][C:\WINDOWS\system32\ctfmon.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 1872][C:\Program Files\rising\Rav\Ravmon.exe] (Beijing Rising Technology Co., Ltd.)(18, 0, 1, 30)
[C:\Program Files\rising\Rav\RsGuiLib.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 24)
[C:\Program Files\rising\Rav\BWList.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 19)
[C:\Program Files\rising\Rav\RSAPPMGR.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 2)
[C:\Program Files\rising\Rav\CfgDll.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 11)
[C:\Program Files\rising\Rav\RSCOMMON.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[C:\Program Files\rising\Rav\RsCommX.dll] (rising)(18, 0, 0, 1)
[C:\Program Files\rising\Rav\PngDll.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 5)
[PID: 2028][C:\Program Files\Apoint2K\Apntex.exe] (Alps Electric Co., Ltd.)(5.0.1.15)
[C:\WINDOWS\system32\VXDIF.DLL] (Alps Electric Co., Ltd.)(6.0.2.63)
[PID: 2140][C:\WINDOWS\system32\conime.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 2228][C:\Program Files\Easy Button Utility V2.2\lxkey.exe] ()(1, 0, 0, 1)
[C:\Program Files\Easy Button Utility V2.2\KeyHook.dll] ()(1, 0, 0, 1)
[PID: 2756][C:\WINDOWS\System32\svchost.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 3928][C:\Documents and Settings\user\桌面\sreng2\SREng2\SREng.exe] (Smallfrogs Studio)(2.0.21.505)



--------------------------------------------------------------------------------



文件关联

.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]