主页被改成http://tom.5009.cn/了,改为空白页,正常,可是一重启又被改了!卡卡安全助手居然还恭喜我:没有发现恶意及流氓软件!


Logfile of Kaka v2. 0. 2. 6 Scan Module v1. 0. 3. 7
Scan saved at 10:27:02, on 2006-12-25
Platform: Microsoft Windows XP Professional Service Pack 2 (Build 2600)
MSIE: Internet Explorer v6.00 SP2; (6.00.2900.2180 (xpsp_sp2_rtm.040803-2158))


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page=tom.5009.cn
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page=%SystemRoot%\system32\blank.htm
O2 - BHO: Thunder Browser Helper - {06849E9E-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_006.dll
O2 - BHO: CPub Object - {C68AE9C0-0909-4DDC-B661-C11970042753} - C:\WINDOWS\svrhost.dll
O3 - Toolbar: 东方快车 - {3EA85E14-887D-4E2F-91E2-3158CE58ED62} - D:\Program Files\!Sunv\DFKC2003\IEBand.dll
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\KakaTool.dll
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [kis] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKLM\..\Run: [runeip] C:\Program Files\Rising\AntiSpyware\runiep.exe
O8 - Extra context menu item: &使用迅雷下载 - D:\Program Files\Thunder Network\Thunder\Program\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - D:\Program Files\Thunder Network\Thunder\Program\getallurl.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\Program Files\Tencent\qq\AddToNetDisk.htm
O8 - Extra context menu item: 东方快车-保存翻译后的网页 - D:\Program Files\!Sunv\DFKC2003\ExtSave.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\Program Files\Tencent\qq\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\Program Files\Tencent\qq\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\Program Files\Tencent\qq\SendMMS.htm
O9 - Extra Button: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra 'Tools' menuitem: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra Button: 东方快车 - {0B66EBA4-5F53-40e4-B17B-A0E9BC1E8D50} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra Button: Web反病毒保护 - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra Button: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra Button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Program Files\Tencent\qq\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Program Files\Tencent\qq\QQ.EXE
O14 - IERESET.INF: START_PAGE_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
O16 - DPF: {1F831FA1-42FC-11D4-95A6-0080AD30DCE1} (InstaFred) - file://D:\Program Files\AutoCAD 2002\InstFred.ocx
O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) - http://s3.liaoliao.com:1995/talk.cab
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday 控件) - file://D:\Program Files\AutoCAD 2002\AcDcToday.ocx
O16 - DPF: {AE563722-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://D:\Program Files\AutoCAD 2002\InstBanr.ocx
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview 控件) - file://D:\Program Files\AutoCAD 2002\AcPreview.ocx
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ipp - (no CLSID) - (no file)
O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll
O18 - Protocol: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL
O18 - Protocol: msdaipp - (no CLSID) - (no file)
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O20 - Winlogon Notify: igfxcui
O20 - Winlogon Notify: klogon
O23 - Service: Autodesk Licensing Service (Autodesk Licensing Service) - Autodesk, Inc. - "C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"
O23 - Service: 卡巴斯基互联网安全套装 6.0 (AVP) - Kaspersky Lab - "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r
O23 - Service: C-DillaSrv (C-DillaSrv) - C-Dilla Ltd - C:\WINDOWS\system32\drivers\cdantsrv.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Human Interface Device Access (HidServ) -  - C:\WINDOWS\system32\svchost.exe -k netsvcs
O23 - Service: Imsvc (Imsvc) -  - C:\WINDOWS\system32\svchost.exe -k netsvcs
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: RestoreService (RestoreService) - Microsoft Corporation All rights reserved - C:\WINDOWS\system32\svchost.exe -k restoreservice
O23 - Service: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) -  - "C:\Program Files\CyberLink\Shared Files\RichVideo.exe"
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

[CODE]

2006-12-25,12:43:11

System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><; C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
    <DesktopSprite><; D:\Program Files\SnowFox\DesktopSprite2\DesktopSprite.exe>  [N/A]
    <Stamp><; "d:\Program Files\Stamp\Stamp.exe" /background>  [N/A]
    <updateMgr><; "D:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB0_0_0>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <igfxtray><C:\WINDOWS\system32\igfxtray.exe>  [(Verified)Intel Corporation]
    <igfxhkcmd><; C:\WINDOWS\system32\hkcmd.exe>  [(Verified)Intel Corporation]
    <igfxpers><C:\WINDOWS\system32\igfxpers.exe>  [(Verified)Intel Corporation]
    <kis><; "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe">  [Kaspersky Lab]
    <runeip><; C:\Program Files\Rising\AntiSpyware\runiep.exe>  [Beijing Rising Technology Co., Ltd.]
    <BigDog303><; C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)>  [N/A]
    <DFKCSmartAssistant><; D:\Program Files\!Sunv\DFKC2003\SmartA.exe>  [N/A]
    <IMSCMig><; C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [(Verified)Microsoft Corporation]
    <IntelWireless><; "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless>  [Intel Corporation]
    <IntelZeroConfig><; "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe">  [Intel Corporation]
    <SigmatelSysTrayApp><; stsystra.exe>  [SigmaTel, Inc.]
    <StormCodec_Helper><; "d:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>  [N/A]
    <SysHotKey_DFDD><; C:\Program Files\Common Files\!SUNV\GraspWord\SysHotKey.exe>  [N/A]
    <TkBellExe><; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <KKDelay><C:\Program Files\Rising\AntiSpyware\RunOnce.exe>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll>  [Kaspersky Lab]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    <WinlogonNotify: igfxcui><igfxdev.dll>  [(Verified)Intel Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
    <WinlogonNotify: klogon><C:\WINDOWS\system32\klogon.dll>  [Kaspersky Lab]

==================================
启动文件夹
N/A

==================================
服务
[Autodesk Licensing Service / Autodesk Licensing Service][Running/Disabled]
  <"C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"><Autodesk, Inc.>
[卡巴斯基互联网安全套装 6.0 / AVP][Running/Auto Start]
  <"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r><Kaspersky Lab>
[C-DillaSrv / C-DillaSrv][Running/Auto Start]
  <C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE><C-Dilla Ltd>
[Intel(R) PROSet/Wireless Event Log / EvtEng][Running/Auto Start]
  <C:\Program Files\Intel\Wireless\Bin\EvtEng.exe><Intel Corporation>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Imsvc / Imsvc][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\Webmail.dll><>
[Intel(R) PROSet/Wireless Registry Service / RegSrvc][Running/Auto Start]
  <C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe><Intel Corporation>
[RestoreService / RestoreService][Running/Auto Start]
  <C:\WINDOWS\system32\Svchost.exe -k RestoreService-->C:\WINDOWS\system32\drivers\restore.dll><Microsoft Corporation All rights reserved>
[Rising Proxy  Service / RfwProxySrv][Stopped/Manual Start]
  <c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
  <c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Cyberlink RichVideo Service(CRVS) / RichVideo][Running/Auto Start]
  <"C:\Program Files\CyberLink\Shared Files\RichVideo.exe"><>
[Intel(R) PROSet/Wireless Service / S24EventMonitor][Running/Auto Start]
  <C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe><Intel Corporation>
[Ulead Burning Helper / UleadBurningHelper][Stopped/Disabled]
  <C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe><Ulead Systems, Inc.>
[Intel(R) PROSet/Wireless SSO Service / WLANKEEPER][Running/Auto Start]
  <C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe><Intel(R) Corporation>

==================================
驱动程序
[00000397 / 00000397][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\00000397.SYS><N/A>
[a347bus / a347bus][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\a347bus.sys><>
[a347scsi / a347scsi][Running/Boot Start]
  <\SystemRoot\System32\Drivers\a347scsi.sys><>
[AEGIS Protocol (IEEE 802.1x) v3.4.9.0 / AegisP][Running/Auto Start]
  <system32\DRIVERS\AegisP.sys><Meetinghouse Data Communications>
[标准 IDE/ESDI 硬盘控制器 / atapi][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\atapi.sys><N/A>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[Broadcom 440x 10/100 Integrated Controller XP Driver / bcm4sbxp][Running/Manual Start]
  <system32\DRIVERS\bcm4sbxp.sys><Broadcom Corporation>
[C-Dilla / C-Dilla][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\CDANT.SYS><Macrovision>
[egdfjhaa / egdfjhaa][Stopped/System Start]
  <\??\C:\WINDOWS\system32\drivers\egdfjhaa.sys><N/A>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[HookUrl / HookUrl][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[HSF_DPV / HSF_DPV][Running/Manual Start]
  <system32\DRIVERS\HSX_DPV.sys><Conexant Systems, Inc.>
[HSXHWAZL / HSXHWAZL][Running/Manual Start]
  <system32\DRIVERS\HSXHWAZL.sys><Conexant Systems, Inc.>
[ialm / ialm][Running/Manual Start]
  <system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[kl1 / kl1][Running/Boot Start]
  <\SystemRoot\system32\drivers\kl1.sys><Kaspersky Lab>
[klif / klif][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>
[mdmxsdk / mdmxsdk][Running/Auto Start]
  <system32\DRIVERS\mdmxsdk.sys><Conexant>
[mProcRs / mProcRs][Running/Auto Start]
  <\??\c:\program files\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\D:\Program Files\Tencent\qq\npkcrypt.sys><INCA Internet Co., Ltd.>
[npkycryp / npkycryp][Stopped/Manual Start]
  <\??\D:\Program Files\Tencent\qq\npkycryp.sys><N/A>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[pufarpmm / pufarpmm][Running/Boot Start]
  <\SystemRoot\system32\drivers\pufarpmm.sys><N/A>
[rimmptsk / rimmptsk][Running/Manual Start]
  <system32\DRIVERS\rimmptsk.sys><REDC>
[rimsptsk / rimsptsk][Running/Manual Start]
  <system32\DRIVERS\rimsptsk.sys><REDC>
[Ricoh xD-Picture Card Driver / rismxdp][Running/Manual Start]
  <system32\DRIVERS\rixdptsk.sys><REDC>
[RsFwDrv / RsFwDrv][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[WLAN 传输 / s24trans][Running/Auto Start]
  <system32\DRIVERS\s24trans.sys><Intel Corporation>
[Secdrv / Secdrv][Running/Auto Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[SigmaTel High Definition Audio CODEC / STHDA][Running/Manual Start]
  <system32\drivers\sthda.sys><SigmaTel, Inc.>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[Conexant Setup API / UIUSys][Stopped/Manual Start]
  <system32\DRIVERS\UIUSYS.SYS><N/A>
[Intel(R) PRO/Wireless 3945ABG Adapter Driver / w39n51][Stopped/Manual Start]
  <system32\DRIVERS\w39n51.sys><Intel? Corporation>
[winachsf / winachsf][Running/Manual Start]
  <system32\DRIVERS\HSX_CNXT.sys><Conexant Systems, Inc.>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[VIMICRO USB PC Camera (ZC0301PLH) / ZSMC303][Stopped/Manual Start]
  <System32\Drivers\usbVM303.sys><Vimicro Corporation>
[PCANDIS5 Protocol Driver / PCANDIS5][Running/Manual Start]
  <\??\C:\WINDOWS\system32\PCANDIS5.SYS><Printing Communications Assoc., Inc. (PCAUSA)>

==================================

浏览器加载项
N/A

==================================
正在运行的进程
[PID: 668][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 732][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 756][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\klogon.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll]  [Kaspersky Lab, 6.0.0.299]
[PID: 800][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 816][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 980][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1048][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1088][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll]  [Kaspersky Lab, 6.0.0.299]
    [c:\windows\system32\webmail.dll]  [, 1, 0, 0, 2]
[PID: 1136][C:\Program Files\Intel\Wireless\Bin\EvtEng.exe]  [Intel Corporation, 10, 1, 0, 1]
    [C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll]  [Intel Corporation, 10, 1, 0, 2]
    [C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL]  [Intel Corporation, 10, 1, 0, 5]
[PID: 1172][C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe]  [Intel Corporation , 10, 1, 0, 33]
    [C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL]  [Intel Corporation, 10, 1, 0, 5]
    [C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll]  [Intel Corporation, 10, 1, 0, 2]
    [C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll]  [N/A, N/A]
    [C:\Program Files\Intel\Wireless\Bin\IntStngs.dll]  [, 10, 1, 0, 3]
    [C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL]  [N/A, N/A]
[PID: 1196][C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe]  [Intel(R) Corporation, 10, 1, 0, 27]
    [C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll]  [Intel Corporation, 10, 1, 0, 46]
    [C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL]  [Intel Corporation, 10, 1, 0, 5]
    [C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll]  [Intel Corporation, 10, 1, 0, 2]
    [C:\Program Files\Intel\Wireless\Bin\DbEngine.dll]  [Intel Corporation, 10, 1, 0, 13]
    [C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll]  [N/A, N/A]
    [C:\Program Files\Intel\Wireless\Bin\IntStngs.dll]  [, 10, 1, 0, 3]
    [C:\Program Files\Intel\Wireless\Bin\MurocApi.dll]  [Intel Corporation, 10, 1, 0, 37]
    [C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll]  [Intel Corporation, 10, 1, 0, 1]
[PID: 1268][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1372][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1428][c:\program files\rising\rfw\rfwsrv.exe]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 30]
    [c:\program files\rising\rfw\RfwRule.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 3]
    [c:\program files\rising\rfw\rfwlog.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 2]
    [c:\program files\rising\rfw\Rfwdrv.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 9]
    [c:\program files\rising\rfw\MonDrv.dll]  [rs, 1, 0, 0, 4]
    [c:\program files\rising\rfw\ProcLib.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 5]
    [c:\program files\rising\rfw\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
[PID: 1688][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 1804][C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe]  [Autodesk, Inc., 2.51.000]
[PID: 1848][C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\pr_remote.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\FSSync.dll]  [Kaspersky Lab, 6.0.5.0]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\AVPGS.PPL]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\prloader.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\prkernel.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\pxstub.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\params.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\winreg.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\tm.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\nfio.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\fsdrvplgn.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\bl.ppl]  [Kaspersky Lab, 6.0.0.300]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\wmihlpr.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\ndetect.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\crpthlpr.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\schedule.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\timer.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\thpimpl.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\lic60.ppl]  [Kaspersky Lab, 6.0.0.300]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\report.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\hashmd5.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\avs.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\avpmgr.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\wdiskio.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\avlib.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\avspm.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\avp3info.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\ahfw.ppl]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\CKAHUM.dll]  [Kaspersky Lab, 6.0.0.1]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\CKAHComm.dll]  [Kaspersky Lab, 6.0.0.1]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ckahrule.dll]  [Kaspersky Lab, 6.0.0.1]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\ahids.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\antispam.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\adialtsk.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\aphisht.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\popupchk.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\httpanlz.ppl]  [Kaspersky Lab, 6.0.0.300]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\og.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\mc.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\sfdb.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\resip.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\aphish.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\httpscan.ppl]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\klaveng.dll]  [N/A, N/A]

[c:\program files\kaspersky lab\kaspersky internet security 6.0\oas.ppl]  [Kaspersky Lab, 6.0.0.300]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\trafficmonitor2.ppl]  [N/A, N/A]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\dtreg.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\pdm.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\procmon.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\pop3protocoller.ppl]  [Kaspersky Lab, 6.0.0.300]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\prutil.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\maildisp.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\imapprotocoller.ppl]  [Kaspersky Lab, 6.0.0.300]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\nntpprotocoller.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\sc.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\avp1.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\l_llio.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\ichk2.ppl]  [Kaspersky Lab, 6.0.0.300]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\icheckersa.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\smtpprotocoller.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\hashcont.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\hccmp.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\iwgen.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\tempfile.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\uniarc.ppl]  [Kaspersky Lab, 6.0.0.16]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\minizip.ppl]  [Kaspersky Lab, 6.0.0.16]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\cab.ppl]  [Kaspersky Lab, 6.0.0.16]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\arj.ppl]  [Kaspersky Lab, 6.0.0.16]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\rar.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\lha.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\mdb.ppl]  [Kaspersky Lab, 6.0.0.300]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\msoe.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\qb.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\updater2005.ppl]  [Kaspersky Lab, 6.0.0.300]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\productinfo.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\updater.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\diff.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\base64p.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\updateinfo.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\netsession.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\socket.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\httpsession.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\ntlm.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\updateobjectinfo.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\base64.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\updatecategory.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\updateinstaller.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\baseinstaller.ppl]  [Kaspersky Lab, 6.0.0.304]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\execinstaller.ppl]  [Kaspersky Lab, 6.0.0.304]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\prseqio.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\inflate.ppl]  [Kaspersky Lab, 6.0.0.16]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\ods.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\ntfsstrm.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\ftpsession.ppl]  [Kaspersky Lab, 6.0.0.299]
[PID: 1896][C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE]  [C-Dilla Ltd, 3.24.010]
[PID: 2020][C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe]  [Intel Corporation, 10, 1, 0, 1]
[PID: 200][C:\WINDOWS\system32\Svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\drivers\restore.dll]  [Microsoft Corporation All rights reserved, 1, 0, 0, 1]
[PID: 240][C:\Program Files\CyberLink\Shared Files\RichVideo.exe]  [, 1.1.0808  ]
[PID: 376][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1292][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3888][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
    [C:\WINDOWS\system32\igfxpph.dll]  [Intel Corporation, 3.0.0.4634]
    [C:\WINDOWS\system32\hccutils.DLL]  [Intel Corporation, 3.0.0.4634]
    [C:\WINDOWS\system32\igfxres.dll]  [Intel Corporation, 3.0.0.4634]
    [C:\WINDOWS\system32\igfxress.dll]  [Intel Corporation, 3.0.0.4634]
    [C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.4634]
    [D:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_006.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 3]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\shellex.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\pr_remote.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\prloader.dll]  [Kaspersky Lab, 6.0.0.299]
[PID: 3788][C:\Program Files\Rising\Rfw\rfwmain.exe]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 56]
    [C:\Program Files\Rising\Rfw\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 28]
    [C:\Program Files\Rising\Rfw\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\Program Files\Rising\Rfw\RfwCtrl.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
    [C:\Program Files\Rising\Rfw\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [C:\Program Files\Rising\Rfw\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[PID: 2396][C:\WINDOWS\system32\hkcmd.exe]  [Intel Corporation, 3.0.0.4634]
    [C:\WINDOWS\system32\hccutils.DLL]  [Intel Corporation, 3.0.0.4634]
    [C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.4634]
    [C:\WINDOWS\system32\igfxres.dll]  [Intel Corporation, 3.0.0.4634]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[PID: 872][C:\WINDOWS\system32\igfxpers.exe]  [Intel Corporation, 3.0.0.4634]
    [C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.4634]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[PID: 2364][C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\pr_remote.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\FSSync.dll]  [Kaspersky Lab, 6.0.5.0]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\AVPGS.PPL]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\prloader.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\prkernel.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\pxstub.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\params.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\winreg.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\avpgui.ppl]  [Kaspersky Lab, 6.0.0.300]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\basegui.dll]  [Kaspersky Lab, 6.0.0.300]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\nfio.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\fsdrvplgn.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\thpimpl.ppl]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\qb.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\inflate.ppl]  [Kaspersky Lab, 6.0.0.16]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\report.ppl]  [Kaspersky Lab, 6.0.0.299]
[PID: 2524][C:\Program Files\Rising\AntiSpyware\runiep.exe]  [Beijing Rising Technology Co., Ltd., 1, 0, 1, 3]
    [C:\Program Files\Rising\AntiSpyware\iep_ctrl.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 4]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[PID: 3980][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

[C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[PID: 3288][C:\Program Files\港湾网络\宽带接入客户端\HammerSupplicant.exe]  [HarbourNetworks, 1, 0, 0, 1]
    [C:\WINDOWS\system32\W32N50.dll]  [Printing Communications Assoc., Inc. (PCAUSA), 5.00.13.50]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[PID: 4028][C:\Program Files\Rising\AntiSpyware\Ras.exe]  [Beijing Rising Technology Co., Ltd., 1, 0, 3, 7]
    [C:\Program Files\Rising\AntiSpyware\RasGui.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 19]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\WINDOWS\system32\hccutils.DLL]  [Intel Corporation, 3.0.0.4634]
    [C:\Program Files\Rising\AntiSpyware\engine.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 18]
    [C:\Program Files\Rising\AntiSpyware\zip.dll]  [rising, 13, 0, 0, 1]
[PID: 1348][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
    [D:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_006.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 3]
    [C:\WINDOWS\svrhost.dll]  [Osborn Technologies, Inc., 1.0.0.2]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scr_ch_pg.dll]  [Kaspersky Lab, 1.0.6.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\klscav.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\pr_remote.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\prloader.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\prkernel.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\params.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\pxstub.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\tempfile.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\nfio.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\fsdrvplgn.ppl]  [Kaspersky Lab, 6.0.0.299]
    [C:\WINDOWS\system32\hccutils.DLL]  [Intel Corporation, 3.0.0.4634]
    [C:\WINDOWS\system32\JPWB.IME]  [常诚研制, 4.00.950]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
[PID: 3576][C:\Documents and Settings\A-shui\桌面\sreng2\SREng.EXE]  [Smallfrogs Studio, 2.3.13.690]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll]  [Kaspersky Lab, 6.0.0.299]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]

SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
N/A

==================================
API HOOK
警告！System Repair Engineer 提醒
你下面的函数内容与预期值不符，他
们可能被一些恶意的软件所修改：
RVA  错误： LoadLibraryA
RVA  错误： LoadLibraryExA
RVA  错误： LoadLibraryExW
RVA  错误： LoadLibraryW

==================================


[/CODE]

C:\WINDOWS\system32\Webmail.dll
存在,让我删了

C:\WINDOWS\system32\drivers\egdfjhaa.sys
D:\Program Files\Tencent\qq\npkycryp.sys
C:\WINDOWS\system32\drivers\00000397.SYS
不存在