查不到毒，没办法重装了系统，以前中过把执行文件图标都改了。后来瑞星升级给杀掉了，今天又出现了，结果IE打不开，注册表也打不开，受到管理员限制，防火墙掉示要修改注册表rudll32.exe和另一个记不住了，感觉好象是原来中的毒升级版，倒底是什么毒？怎么才能杀干净？敬请赐教！！！

启动项目


注册表

[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
(load)() [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
(IMJPMIG8.1)("C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32) [(Verified)Microsoft Windows XP Publisher]
(MSPY2002)(C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC) [(Verified)Microsoft Windows XP Publisher]
(PHIME2002ASync)(C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC) [(Verified)Microsoft Windows XP Publisher]
(PHIME2002A)(C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName) [(Verified)Microsoft Windows XP Publisher]
(Cmaudio)(RunDll32 cmicnfg.cpl,CMICtrlWnd) [N/A]
(NvCplDaemon)(RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup) [(Verified)Microsoft Windows Hardware Compatibility Publisher]
(nwiz)(nwiz.exe /install) [NVIDIA Corporation]
(NvMediaCenter)(RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit) [(Verified)Microsoft Windows Hardware Compatibility Publisher]
(TkBellExe)("C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot) [RealNetworks, Inc.]
(CnxDslTaskBar)("c:\program files\conexant\accessrunner adsl usb\CnxDslTb.exe" "Conexant\AccessRunner ADSL USB") [N/A]
(runeip)(C:\Program Files\Rising\AntiSpyware\runiep.exe) [Beijing Rising Technology Co., Ltd.]
(RavTask)("C:\Program Files\Rising\Rav\RavTask.exe" -system) [Beijing Rising Technology Co., Ltd.]
(KernelFaultCheck)(%systemroot%\system32\dumprep 0 -k) [N/A]
(RfwMain)("C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup) [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
(shell)(Explorer.exe) [(Verified)Microsoft Windows XP Publisher]
(Userinit)(C:\WINDOWS\system32\userinit.exe,) [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
(AppInit_DLLs)() [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
(UIHost)(logonui.exe) [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
({32CD708B-60A7-4C00-9377-D73EAA495F0F})(C:\WINDOWS\system32\RavExt.dll) [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
(IMJPMIG8.1)(; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32) [(Verified)Microsoft Windows XP Publisher]
(PHIME2002A)(; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName) [(Verified)Microsoft Windows XP Publisher]
(PHIME2002ASync)(; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC) [(Verified)Microsoft Windows XP Publisher]
(RealTray)(; C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER) [N/A]

启动文件夹

[Adobe Reader Speed Launch]
(C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Reader Speed Launch.lnk --) C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [Adobe Systems Incorporated])(N)



--------------------------------------------------------------------------------



服务

[Human Interface Device Access / HidServ][Stopped/Disabled]
(C:\WINDOWS\System32\svchost.exe -k netsvcs--)%SystemRoot%\System32\hidserv.dll)(N/A)
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
(C:\WINDOWS\System32\nvsvc32.exe)(NVIDIA Corporation)
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
(C:\Program Files\Rising\Rfw\rfwsrv.exe)(Beijing Rising Technology Co., Ltd.)
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
("C:\Program Files\Rising\Rav\CCenter.exe")(Beijing Rising Technology Co., Ltd.)
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
("C:\Program Files\Rising\Rav\Ravmond.exe")(Beijing Rising Technology Co., Ltd.)
[Portable Media Serial Number Service / WmdmPmSN][Stopped/Manual Start]
(C:\WINDOWS\System32\svchost.exe -k netsvcs--)C:\WINDOWS\System32\mspmsnsv.dll)(Microsoft Corporation)



--------------------------------------------------------------------------------



驱动程序

[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
(system32\drivers\ac97intc.sys)(Intel Corporation)
[ati2mtaa / ati2mtaa][Stopped/Manual Start]
(System32\DRIVERS\ati2mtaa.sys)(ATI Technologies Inc.)
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
(System32\DRIVERS\BaseTDI.SYS)(Beijing Rising Technology Co., Ltd.)
[C-Media WDM Audio Interface / cmuda][Running/Manual Start]
(system32\drivers\cmuda.sys)(C-Media Inc)
[Conexant AccessRunner USB ADSL Adapter Filter Driver / CnxEtP][Running/Manual Start]
(System32\DRIVERS\CnxEtP.sys)(Conexant Systems, Inc.)
[Conexant AccessRunner USB ADSL Interface Device Driver / CnxEtU][Running/Manual Start]
(System32\DRIVERS\CnxEtU.sys)(Conexant Systems, Inc.)
[Conexant AccessRunner ADSL WAN PPPoE Adapter Driver / CnxTgNP][Running/Manual Start]
(System32\DRIVERS\CnxTgNP.sys)(Conexant Systems, Inc.)
[ExpScaner / ExpScaner][Running/Auto Start]
(\??\C:\Program Files\Rising\Rav\ExpScan.sys)()
[GMSIPCI / GMSIPCI][Stopped/Manual Start]
(\??\G:\INSTALL\GMSIPCI.SYS)(N/A)
[HookCont / HookCont][Running/Auto Start]
(\??\C:\Program Files\Rising\Rav\HOOKCONT.sys)(Rising)
[HookReg / HookReg][Running/Auto Start]
(\??\C:\Program Files\Rising\Rav\HookReg.sys)()
[HookSys / HookSys][Running/Auto Start]
(\??\C:\Program Files\Rising\Rav\HookSys.sys)(Rising)
[HookUrl / HookUrl][Running/Auto Start]
(\??\C:\Program Files\Rising\Rfw\HookUrl.sys)(Beijing Rising Technology Co., Ltd.)
[MEMSCAN / MEMSCAN][Running/Auto Start]
(\??\C:\Program Files\Rising\Rav\MEMSCAN.sys)(瑞星软件有限公司)
[mProcRs / mProcRs][Running/Auto Start]
(\??\c:\program files\rising\rfw\mProcRs.sys)(Beijing Rising Technology Co., Ltd.)
[npkcrypt / npkcrypt][Running/Auto Start]
(\??\C:\Program Files\Tencent\QQ\npkcrypt.sys)(INCA Internet Co., Ltd.)
[nv / nv][Running/Manual Start]
(System32\DRIVERS\nv4_mini.sys)(NVIDIA Corporation)
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
(System32\DRIVERS\ptilink.sys)(Parallel Technologies, Inc.)
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
(\SystemRoot\System32\drivers\RsBoot.sys)(Beijing Rising)
[RsFwDrv / RsFwDrv][Running/Auto Start]
(\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys)(Beijing Rising Technology Co., Ltd.)
[RsNTGDI / RsNTGDI][Running/Boot Start]
(\SystemRoot\System32\Drivers\RsNTGdi.sys)(Beijing Rising Technology Co., Ltd.)
[RSPPSYS / RSPPSYS][Running/Auto Start]
(\??\C:\Program Files\Rising\Rav\RSPPSYS.sys)(Rising)
[Realtek RTL8029(AS)-based PCI Ethernet Adapter NT Driver / rtl8029][Stopped/Manual Start]
(System32\DRIVERS\RTL8029.SYS)(Realtek Semiconductor Corporation)
[Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver / rtl8139][Running/Manual Start]
(System32\DRIVERS\R8139n51.SYS)(Realtek Semiconductor Corporation)
[Secdrv / Secdrv][Stopped/Manual Start]
(System32\DRIVERS\secdrv.sys)(N/A)
[VIA AC'97 Audio Controller (WDM) / VIAudio][Stopped/Manual Start]
(system32\drivers\ac97via.sys)(VIA Technologies, Inc.)

浏览器加载项

[QQCycloneHelper Class]
{00000000-12C9-4305-82F9-43058F20E8D2} (C:\Program Files\Tencent\QQDownload\QQIEHelper02.dll, 腾讯公司)
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated)
[Tencent Browser Helper]
{0C7C23EF-A848-485B-873C-0ED954731014} (C:\Program Files\TENCENT\Adplus\SSAddr.dll, Tencent)
[IeCatch2 Class]
{A5366673-E8CA-11D3-9CD9-0090271D075B} (C:\PROGRA~1\FLASHGET\jccatch.dll, Amaze Soft)
[@shdoclc.dll,-866]
{c95fe080-8f5d-11d2-a20b-00aa003c157a} (, N/A)
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} (C:\Program Files\Tencent\QQ\QQ.EXE, TENCENT)
[FlashGet]
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} (C:\PROGRA~1\FLASHGET\flashget.exe, Amaze Soft)
[电台(&R)]
{8E718888-423F-11D2-876E-00A0C9082467} (C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation)
[FlashGet Bar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} (C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft)
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} (C:\WINDOWS\System32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.)
[&使用超级旋风下载]
(C:\Program Files\Tencent\QQDownload\geturl.htm, N/A)
[&使用超级旋风下载全部链接]
(C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A)
[使用网际快车下载]
(C:\PROGRA~1\FLASHGET\jc_link.htm, N/A)
[使用网际快车下载全部链接]
(C:\PROGRA~1\FLASHGET\jc_all.htm, N/A)
[添加到QQ自定义面板]
(C:\Program Files\Tencent\QQ\AddPanel.htm, N/A)
[添加到QQ表情]
(C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A)
[用QQ彩信发送该图片]
(C:\Program Files\Tencent\QQ\SendMMS.htm, N/A)

正在运行的进程

[PID: 460][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 540][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 564][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[C:\WINDOWS\System32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[C:\WINDOWS\System32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 608][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 620][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 772][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 812][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1960][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\WINDOWS\System32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[C:\WINDOWS\System32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 7.0.7.2006011200]
[C:\WINDOWS\System32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\TENCENT\Adplus\SSAddr.dll] [Tencent, 4, 4, 3, 30]
[C:\PROGRA~1\FLASHGET\jccatch.dll] [Amaze Soft, 1, 1, 4, 0]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 7.0.0.0]
[PID: 1996][C:\Program Files\Rising\Rfw\RfwMain.exe] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 70]
[C:\Program Files\Rising\Rfw\RsGuiLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
[C:\Program Files\Rising\Rfw\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[C:\Program Files\Rising\Rfw\RfwCtrl.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
[C:\Program Files\Rising\Rfw\RsXML.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[C:\Program Files\Rising\Rfw\PngDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 376][C:\WINDOWS\System32\RunDll32.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\system\cmicnfg.cpl] [C-Media Corporation, 1, 0, 41, 6]
[C:\WINDOWS\System32\udaprop.dll] [C-Media Corporation, 1.0.2.2]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 400][C:\WINDOWS\System32\RUNDLL32.EXE] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\System32\NvMcTray.dll] [NVIDIA Corporation, 6.14.10.5664]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 408][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] [RealNetworks, Inc., 0.1.0.3208]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 432][C:\program files\conexant\accessrunner adsl usb\CnxDslTb.exe] [Conexant Systems, Inc., 040.001.018.000]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 476][C:\Program Files\Rising\AntiSpyware\runiep.exe] [Beijing Rising Technology Co., Ltd., 1, 0, 1, 6]
[C:\Program Files\Rising\AntiSpyware\iep_ctrl.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 4]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 148][C:\Program Files\Rising\AntiSpyware\Ras.exe] [Beijing Rising Technology Co., Ltd., 1, 0, 6, 1]
[C:\Program Files\Rising\AntiSpyware\RasGui.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 19]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
[PID: 488][C:\WINDOWS\System32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 2548][C:\Program Files\Rising\Rav\RsAgent.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 12]
[C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 2588][C:\WINDOWS\msagent\AgentSvr.exe] [Microsoft Corporation, 2.00.0.3422]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\WINDOWS\System32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[C:\WINDOWS\System32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3552][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
[C:\Program Files\Tencent\QQDownload\QQIEHelper02.dll] [腾讯公司, 1, 1, 0, 5]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 7.0.7.2006011200]
[C:\WINDOWS\System32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\TENCENT\Adplus\SSAddr.dll] [Tencent, 4, 4, 3, 30]
[C:\PROGRA~1\FLASHGET\jccatch.dll] [Amaze Soft, 1, 1, 4, 0]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\WINDOWS\System32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
[C:\WINDOWS\System32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[C:\WINDOWS\System32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
[PID: 3988][C:\Program Files\Real\RealPlayer\realplay.exe] [RealNetworks, Inc., 6.0.12.1053]
[C:\WINDOWS\System32\PNCRT.dll] [Real Networks, Inc, 6.0.0.0]
[C:\Program Files\Common Files\Real\Update_OB\rnms3270.dll] [RealNetworks, Inc., 7.0.1.3041]
[C:\Program Files\Common Files\Real\Common\objb3201.dll] [RealNetworks, Inc., 0.1.0.6032]
[C:\Program Files\Common Files\Real\RCAPlugins\uisy3201.dll] [RealNetworks, Inc., 0.1.0.3537]
[C:\Program Files\Real\RealPlayer\lang\gemctl_cn.dll] [RealNetworks, Inc., 6.0.12.292]
[C:\Program Files\Common Files\Real\Common\pnrs3260.dll] [RealNetworks, Inc., 6.0.9.3775]
[C:\Program Files\Common Files\Real\Update_OB\rnad3201.dll] [RealNetworks, Inc., 0.1.0.3208]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\Program Files\Common Files\Real\Update_OB\rnqu3270.dll] [RealNetworks, Inc., 7.0.0.3461]
[C:\Program Files\Common Files\Real\Update_OB\setu3270.dll] [RealNetworks, Inc., 7.0.0.4074]
[C:\Program Files\Common Files\Real\Plugins\httpfsys.dll] [RealNetworks, Inc., 10.0.0.2015]
[PID: 232][C:\Program Files\Tencent\QQDownload\QQDownload.exe] [Tencent Technology (Shenzhen) Company Limited, 1, 1, 101, 82]
[C:\Program Files\Tencent\QQDownload\QQDownload.dll] [Tencent Technology (Shenzhen) Company Limited, 1, 1, 100, 82]
[C:\Program Files\Tencent\QQDownload\TNProxy.dll] [Tencent Technology(Shenzhen) Company Limited, 2, 1, 101, 60]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\Program Files\Tencent\QQ\TIMProxy.dll] [tencent, 0, 3, 2, 4]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
[C:\WINDOWS\System32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[C:\WINDOWS\System32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\System32\msadp32.acm] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 2904][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
[C:\Program Files\Tencent\QQDownload\QQIEHelper02.dll] [腾讯公司, 1, 1, 0, 5]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 7.0.7.2006011200]
[C:\WINDOWS\System32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\TENCENT\Adplus\SSAddr.dll] [Tencent, 4, 4, 3, 30]
[C:\PROGRA~1\FLASHGET\jccatch.dll] [Amaze Soft, 1, 1, 4, 0]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\WINDOWS\System32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[C:\WINDOWS\System32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\WINDOWS\System32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
[PID: 248][C:\DOCUME~1\BLUEWA~1\LOCALS~1\Temp\Rar$EX00.764\SREng.EXE] [Smallfrogs Studio, 2.4.12.806]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]

文件关联

.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]



--------------------------------------------------------------------------------



Winsock 提供者

N/A



--------------------------------------------------------------------------------



Autorun.inf

N/A



--------------------------------------------------------------------------------



HOSTS 文件

127.0.0.1 localhost

我重装了系统，虽然浏览器能上了但是网络总是自动断开，显示691或651错误，只能重启，感觉还是有病毒在做怪，也查不出来，请指点