前天就上了个手机论坛.然后瑞星监控一直弹出来警告.我全都禁止了.但是他一直弹.然后把论坛关掉.后来IE就老是弹出来很多很多网页..关闭完之后一会又开始弹网页..我用了所有以前有效的软件来修复IE.但是全都不管用..用了卡卡助手.超级兔子..360安全卫士.黄山IE修复,HijackThis,..所有能用的全都用了.就是不行..郁闷死了.我又重新安装了IE.并且又装了个火狐浏览器。但是根本不管用.照样弹出来网页..气死了..现在机器老是假死,开机也超级慢了..........

我把SREng的扫描结果发上来.麻烦高手帮我解决下了...谢谢....








2007-01-07,14:29:30

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <RavTask><"D:\安全软件\瑞星杀毒软件\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <SKYNET Personal FireWall><D:\安全软件\天网防火墙\3.0\FireWall\PFW.exe>  [广州众达天网技术有限公司]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><userinit.exe,rundll32.exe C:\WINDOWS\system32\winsys16_070104.dll start>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{B63BFF8C-2E25-4CCC-9A01-68807F567AA7}><C:\WINDOWS\system32\BandRes.dll>  []

==================================
启动文件夹
[Adobe Gamma Loader]
  <C:\Documents and Settings\All Users.WINDOWS\「开始」菜单\程序\启动\Adobe Gamma Loader.lnk --> C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [Adobe Systems, Inc.]><H>
[Reboot]
  <C:\Documents and Settings\mststar\「开始」菜单\程序\启动\Reboot.exe -->  [N/A]><H>

==================================
服务
[1F780B22 / 1F780B22]
  <C:\WINDOWS\system32\1F780B22.EXE -service><Microsoft Corporation>
[34C1543A / 34C1543A]
  <C:\WINDOWS\system32\34C1543A.EXE -service><Microsoft Corporation>
[F9EF81C8 / F9EF81C8]
  <C:\WINDOWS\system32\F9EF81C8.EXE -service><Microsoft Corporation>
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Logical Disk Manager Administrator Service / Logical Disk Manager Administrator Service]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\Program Files\Messenger\msnsvc.dll><N/A>
[Rising Process Communication Center / RsCCenter]
  <"D:\安全软件\瑞星杀毒软件\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"D:\安全软件\瑞星杀毒软件\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[Windows Media Connect Service / WMConnectCDS]
  <C:\Program Files\Windows Media Connect 2\wmccds.exe><Microsoft Corporation>

==================================
驱动程序
[atmsig / atmsig]
  <\??\C:\WINDOWS\system32\drivers\atmsig.sys><N/A>
[Rising TDI Base Driver / BaseTDI]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[cgbgcejd / cgbgcejd]
  <\SystemRoot\system32\drivers\cgbgcejd.sys><N/A>
[C-Media WDM Audio Interface / cmuda]
  <system32\drivers\cmuda.sys><C-Media Inc>
[EagleNT / EagleNT]
  <\??\C:\WINDOWS\system32\drivers\EagleNT.sys><N/A>
[USB Flash / Epiusb]
  <System32\Drivers\Epiusb.sys><Ericsson Mobile Communications AB>
[ExpScaner / ExpScaner]
  <\??\D:\安全软件\瑞星杀毒软件\Rising\Rav\ExpScan.sys><>
[HookCont / HookCont]
  <\??\D:\安全软件\瑞星杀毒软件\Rising\Rav\HOOKCONT.sys><Rising>
[HookReg / HookReg]
  <\??\D:\安全软件\瑞星杀毒软件\Rising\Rav\HookReg.sys><>
[HookSys / HookSys]
  <\??\D:\安全软件\瑞星杀毒软件\Rising\Rav\HookSys.sys><Rising>
[HSFHWBS2 / HSFHWBS2]
  <system32\DRIVERS\HSFBS2S2.sys><Conexant Systems, Inc.>
[HSF_DP / HSF_DP]
  <system32\DRIVERS\HSFDPSP2.sys><Conexant Systems, Inc.>
[ifahhbac / ifahhbac]
  <C:\WINDOWS\SYSTEM32\DRIVERS\ifahhbac.SYS><中国互联网络信息中心(CNNIC)>
[IPvE Adapter Driver / IPvE]
  <system32\DRIVERS\IPvE.sys><Hongtien>
[jr / jr]
  <\??\C:\WINDOWS\system32\drivers\jr.sys><N/A>
[Sony Ericsson 750 driver (WDM) / k750bus]
  <system32\DRIVERS\k750bus.sys><MCCI>
[Sony Ericsson 750 USB WMC Modem Filter / k750mdfl]
  <system32\DRIVERS\k750mdfl.sys><MCCI>
[Sony Ericsson 750 USB WMC Modem Drivers / k750mdm]
  <system32\DRIVERS\k750mdm.sys><MCCI>
[Sony Ericsson 750 USB WMC Device Management Drivers / k750mgmt]
  <system32\DRIVERS\k750mgmt.sys><MCCI>
[Sony Ericsson 750 USB WMC OBEX Interface Drivers / k750obex]
  <system32\DRIVERS\k750obex.sys><MCCI>
[kmsinput / kmsinput]
  <\??\C:\WINDOWS\system32\drivers\kmsinput.sys><N/A>
[laoupr34 / laoupr34]
  <\SystemRoot\system32\drivers\laoupr34.sys><N/A>
[mdmxsdk / mdmxsdk]
  <system32\DRIVERS\mdmxsdk.sys><Conexant>
[MEMSCAN / MEMSCAN]
  <\??\D:\安全软件\瑞星杀毒软件\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[NetGroup Packet Filter Driver / NPF]
  <system32\drivers\npf.sys><Politecnico di Torino>
[npkcrypt / npkcrypt]
  <\??\C:\WINDOWS\system32\qqedit\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv / nv]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[oreans32 / oreans32]
  <\??\C:\WINDOWS\system32\drivers\oreans32.sys><N/A>
[parcls / parcls]
  <\??\C:\WINDOWS\system32\drivers\parcls.sys><N/A>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsAntiSpyware / RsAntiSpyware]
  <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising>
[RsNTGDI / RsNTGDI]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS]
  <\??\D:\安全软件\瑞星杀毒软件\Rising\Rav\RSPPSYS.sys><Rising>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv]
  <system32\DRIVERS\secdrv.sys><Macrovision Europe Ltd>
[SiS AGP Filter / sisagp]
  <\SystemRoot\system32\DRIVERS\SISAGPX.sys><Silicon Integrated Systems Corporation>
[SiSide / SiSide]
  <\SystemRoot\system32\DRIVERS\siside.sys><Silicon Integrated Systems Corp.>
[sisidex / sisidex]
  <\SystemRoot\system32\drivers\sisidex.sys><Windows (R) 2000 DDK provider>
[Add Performance Filter Driver / sisperf]
  <\SystemRoot\system32\drivers\sisperf.sys><Silicon Integrated Systems Corp.>
[SKNFW / SKNFW]
  <\??\C:\WINDOWS\system32\Drivers\SKNFW.sys><N/A>
[SkyProcs / SkyProcs]
  <\??\D:\安全软件\天网防火墙\3.0\FireWall\SkyProcs.sys><N/A>
[TCP/IP Protocol Driver / Tcpip]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[VCD VNC Virtual Network Adapter / vcddev]
  <system32\DRIVERS\vcdvnic.sys><VNN B.J.>
[winachsf / winachsf]
  <system32\DRIVERS\HSFCXTS2.sys><Conexant Systems, Inc.>

==================================
浏览器加载项
[]
  {44424148-6e2d-48f6-ae2b-1b294ae19f4f} <C:\WINDOWS\system32\48f6ntos.dll, N/A>
[6e2d]
  {DFCB34B6-902D-426E-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\48f6ntos.dll, N/A>
[搜索工具栏]
  {50E15C78-DC91-4ABE-A8DC-5261058BB7D8} <C:\Program Files\搜索工具栏\soso.dll, IE Toolbar>
[internet explorer helper]
  {02C9B9AB-6372-46C5-B356-773FAF3B6B1E} <C:\WINDOWS\fonts\msshapi.dll, >
[ActiveMovieControl Object]
  {05589FA1-C356-11CE-BF01-00AA0055595A} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[Web Browser Applet Control]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\system32\msjava.dll, Microsoft Corporation>
[EWA Control]
  {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <D:\网络电视\PPLive\SYNACA~2.OCX, Synacast>
[PowerList Control]
  {20C2C286-BDE8-441B-B73D-AFA22D914DA5} <D:\网络电视\PPStream\POWERL~1.OCX, PPStream.com>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[CNxConnCtrl Object]
  {25142CCA-6788-434C-80BB-B9026F4273A1} <C:\WINDOWS\nxconn3.ocx, Nexon>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\WINDOWS\system32\dllcache\dhtmled.ocx, Microsoft Corporation>
[nEdit Control]
  {32D72994-45B9-42B5-8980-FB561D1BE2D0} <C:\WINDOWS\system32\nEdit\nEdit.ocx, NetEase Information Technology (Beijing) Co. Ltd>
[Tabular Data Control]
  {333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\WINDOWS\system32\tdc.ocx, Microsoft Corporation>
[XBTP02083 Class]
  {336BA351-3E92-40D7-8227-53E9F88ED488} <C:\PROGRA~1\搜阉索鞴工~1\soso.dll, N/A>
[updatePanelX Control]
  {43E839C5-E10F-443A-BC1F-F09CFD2ABC77} <C:\WINDOWS\system32\uusee\internet\updateC.ocx, uusee>
[]
  {44424148-6E2D-48F6-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\48f6ntos.dll, N/A>
[XML Document]
  {48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\system32\msxml3.dll, N/A>
[CEditCtrl Object]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com>
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
[PowerPlayer Control]
  {5EC7C511-CD0F-42E6-830C-1BD9882F3458} <D:\网络电视\PPStream\POWERP~1.DLL, PPStream Inc.>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AxInputControl Class]
  {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\DOWNLO~1\INPUTC~1.DLL, >
[Thunder Browser Helper]
  {761497BA-D6F0-462C-B6EB-D4DAF1D92D43} <D:\迅雷\ComDlls\XunLeiBHO_006.dll, Thunder Networking Technologies,LTD>
[SSVHelper Class]
  {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll, Sun Microsystems, Inc.>
[MediaComm Class]
  {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <D:\迅雷\Components\InMedia\MediaAddin10.dll, Thunder Networking Technologies,LTD>
[RestrictWordCtrl Class]
  {7B030E2F-E210-4A1D-9837-861E9CB3B42A} <C:\WINDOWS\restrictword.ocx, TODO: <?? ??>>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Java Plug-in 1.5.0_09]
  {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll, Sun Microsystems, Inc.>
[AxSubmitControl Class]
  {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\DOWNLO~1\SUBMIT~1.DLL, >
[XBTBPos00 Class]
  {8ECC1D17-AE8B-45EA-985B-85A7B11C3737} <C:\PROGRA~1\ABOBEF~1\CAB301~1.DLL, N/A>
[Mini PPGou BHO]
  {92FB5F8F-8254-4978-9C50-03D9B0405062} <C:\PROGRA~1\MINIPP~1\MINIPP~1.DLL, N/A>
[RealPlayer Stream Handler]
  {A1A41E11-91DB-4461-95CD-0C02327FD934} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks>
[Qzone Media Tools]
  {A96C48EA-AA88-4BBD-B58C-7B41146A6EAC} <F:\游戏\qq\QZone\QZONEM~1.OCX, Tencent Technology (Shenzhen) Company Limited>
[WAB Importer/Exporter]
  {AA158CA5-93B4-4CD4-8D8C-BB6F9F515213} <C:\WINDOWS\System32\wabimp.dll, WAB Co.>
[Qzone Media Tools]
  {AC3A36A8-9BFF-410A-A33D-2279FFEB69D2} <F:\游戏\qq\VQQPLA~1.OCX, Tencent Technology (Shenzhen) Company Limited>
[LbaNfupe Class]
  {AE01EF09-04A6-5C28-4D1A-29724159196E} <C:\WINDOWS\DOWNLO~1\xpsnw.dll, wyzmpsoft>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[NavigatMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <D:\安踩全软砑件\360safe\safemon\safemon.dll, N/A>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[isObject Class]
  {BE0B5843-553A-48C2-9A42-258A1D791AFC} <C:\PROGRA~1\pcast\hbcast.dll, N/A>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
  {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[ARMP Control]
  {D5CD69C4-F983-46E2-AF79-455E892729FA} <C:\WINDOWS\system32\uusee\internet\ARMP.ocx, UUSEE>
[6e2d]
  {DFCB34B6-902D-426E-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\48f6ntos.dll, N/A>
[&使用迅雷下载]
  <D:\迅雷\Program\geturl.htm, N/A>
[&使用迅雷下载全部链接]
  <D:\迅雷\Program\getallurl.htm, N/A>
[上传到QQ网络硬盘]
  <F:\游戏\qq\AddToNetDisk.htm, N/A>
[添加到QQ自定义面板]
  <F:\游戏\qq\AddPanel.htm, N/A>
[添加到QQ表情]
  <F:\游戏\qq\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <F:\游戏\qq\SendMMS.htm, N/A>

==================================
正在运行的进程
[PID: 316][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 380][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 404][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 448][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 460][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 620][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 680][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 720][D:\安全软件\瑞星杀毒软件\Rising\Rav\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 736][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\program files\messenger\msnsvc.dll]  [N/A, N/A]
[PID: 788][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 808][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 852][D:\安全软件\瑞星杀毒软件\Rising\Rav\Ravmond.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 39]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 6]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\rfwctrl.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\RsPPsys.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\RsLog.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\HOOKSYS.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 0]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 8]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\libload.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\VirusLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\regmon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\HookWeb.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 1]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\MemMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\expscan.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\HookCont.dll]  [Rising, 19, 0, 0, 0]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\SpamEng.dll]  [N/A, 18, 0, 0, 6]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\engine.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 20]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\PostTrt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 8]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\UnExe.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\ScanExec.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 15]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\ScanEx.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 30]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\ExtFile.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 23]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\NvFile.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\ScanMac.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 13]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\ScanSct.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\Unpacker.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 17]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\ScanPack.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 18]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\RsVM.dll]  [N/A, 19, 0, 0, 13]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\Uroutine.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\ScanNet.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\Uscript.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 17]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\RsStore.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\ExtOLE.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
[PID: 1012][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 1448][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1708][C:\program files\internet explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\TcpIpDog0.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
[PID: 1732][C:\WINDOWS\system32\Media\services.exe]  [N/A, N/A]
[PID: 1932][C:\program files\internet explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\winsys32_070104.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\TcpIpDog0.dll]  [N/A, N/A]
[PID: 280][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 284][C:\WINDOWS\system32\cmd.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 576][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1192][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1996][C:\WINDOWS\system32\wscntfy.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3560][D:\安全软件\瑞星杀毒软件\Rising\Rav\RavTask.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
[PID: 3576][D:\安全软件\瑞星杀毒软件\Rising\Rav\Ravmon.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 36]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 28]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 6]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[PID: 252][C:\WINDOWS\system32\Service.exe]  [Microsoft Corporation, 3.02]
[PID: 1236][E:\宽带登陆\ishare_user.exe]  [N/A, N/A]
    [E:\宽带登陆\cw3220.DLL]  [Borland International, 2.0]
    [C:\WINDOWS\system32\TcpIpDog0.dll]  [N/A, N/A]
[PID: 2112][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2332][C:\program files\internet explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\TcpIpDog0.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
[PID: 3680][C:\WINDOWS\explorer.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\TcpIpDog0.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\BandRes.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
[PID: 924][C:\WINDOWS\system32\Media\services.exe]  [N/A, N/A]
    [C:\WINDOWS\system32\TcpIpDog0.dll]  [N/A, N/A]
[PID: 2480][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\TcpIpDog0.dll]  [N/A, N/A]
[PID: 1432][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\TcpIpDog0.dll]  [N/A, N/A]
[PID: 2464][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\TcpIpDog0.dll]  [N/A, N/A]
[PID: 3168][D:\安全软件\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
    [C:\WINDOWS\system32\TcpIpDog0.dll]  [N/A, N/A]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. [C:\WINDOWS\hh.exe %1]
.HLP  Error. [C:\WINDOWS\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\NOTEPAD.EXE %1]
.INF  Error. [C:\WINDOWS\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
MSAFD Tcpip [TCP/IP]
    C:\WINDOWS\system32\TcpIpDog0.dll(N/A, N/A)
MSAFD Tcpip [UDP/IP]
    C:\WINDOWS\system32\TcpIpDog0.dll(N/A, N/A)
MSAFD Tcpip [RAW/IP]
    C:\WINDOWS\system32\TcpIpDog0.dll(N/A, N/A)
RSVP UDP Service Provider
    C:\WINDOWS\system32\TcpIpDogR0.dll(N/A, N/A)
RSVP TCP Service Provider
    C:\WINDOWS\system32\TcpIpDogR0.dll(N/A, N/A)

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================