我的电脑C盘空间老是不足

[用户系统信息]Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)

瑞星卡卡电脑诊断日志 v1.30 (2007-10-30 14:16:17)  北京瑞星科技股份有限公司

注释:[A]表示该文件存在自启动关联;
[M]表示该文件在内存中;

+ 注册表自运行项目
  + 系统服务
    + HKLM\System\CurrentControlSet\Services
      ose
        [A ] 1. c:\program files\common files\microsoft shared\source engine\ose.exe


      RsCCenter
        [A ] 2. c:\program files\rising\rav\ccenter.exe


      RsRavMon
        [A ] 3. c:\program files\rising\rav\ravmond.exe




  + 内核驱动
    + HKLM\System\CurrentControlSet\Services
      ALCXWDM
        [A ] 4. c:\windows\system32\drivers\alcxwdm.sys


      BaseTDI
        [A ] 5. c:\windows\system32\drivers\basetdi.sys


      ExpScaner
        [A ] 6. c:\program files\rising\rav\expscan.sys


      HOOKAPI
        [A ] 7. c:\program files\rising\rav\hookapi.sys


      HookCont
        [A ] 8. c:\program files\rising\rav\hookcont.sys


      HookReg
        [A ] 9. c:\program files\rising\rav\hookreg.sys


      HookSys
        [A ] 10. c:\program files\rising\rav\hooksys.sys


      KBFiltr
        [A ] 11. c:\windows\system32\drivers\kbfiltr.sys


      MEMSCAN
        [A ] 12. c:\program files\rising\rav\memscan.sys


      minirdr
        [A ] 13. c:\windows\system32\drivers\minirdr.sys


      RsAntiSpyware
        [A ] 14. c:\windows\system32\drivers\rsboot.sys


      RsNTGDI
        [A ] 15. c:\windows\system32\drivers\rsntgdi.sys


      RSPPSYS
        [A ] 16. c:\program files\rising\rav\rsppsys.sys


      Secdrv
        [A ] 17. c:\windows\system32\drivers\secdrv.sys


      SiSkp
        [A ] 18. c:\windows\system32\drivers\srvkp.sys


      SynTP
        [A ] 19. c:\windows\system32\drivers\syntp.sys


      UUAPPSDR
        [A ] 20. c:\windows\system32\drivers\uuappsdr.sys




  + IE浏览器加载模块
    + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
      {B69F34DD-F0F9-42DC-9EDD-957187DA688D}
        [AM] 21. e:\新建文件夹 (3)\360safe\safemon\safemon.dll



    + HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions
      Exec
        [AM] 22. c:\program files\messenger\msmsgs.exe




  + 资源管理器加载模块
    + HKLM\SOFTWARE\Classes\PROTOCOLS\Filter
      text/xml
        [A ] 23. c:\program files\common files\microsoft shared\office11\msoxmlmf.dll



    + HKLM\SOFTWARE\Classes\PROTOCOLS\Handler
      ic32pp
        [A ] 24. c:\windows\wc98pp.dll


      mso-offdap
        [A ] 25. c:\program files\common files\microsoft shared\web components\10\owc10.dll


      mso-offdap11
        [A ] 26. c:\program files\common files\microsoft shared\web components\11\owc11.dll



    + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
      HyperTerminal Icon Ext
        [A ] 27. c:\windows\system32\hticons.dll


      Web Folders
        [A ] 28. c:\program files\common files\microsoft shared\web folders\msonsext.dll


      Microsoft Office Outlook Desktop Icon Handler
        [A ] 29. c:\program files\microsoft office\office11\mlshext.dll


      Microsoft Office Outlook Custom Icon Handler
        [A ] 30. c:\program files\microsoft office\office11\olkfstub.dll


      Microsoft Office HTML Icon Handler
        [AM] 31. c:\program files\microsoft office\office11\msohev.dll


      RISING
        [AM] 32. c:\windows\system32\ravext.dll


      WinRAR shell extension
        [AM] 33. c:\program files\winrar\rarext.dll



    + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
      {32CD708B-60A7-4C00-9377-D73EAA495F0F}
        [AM] 32. c:\windows\system32\ravext.dll


      {AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}
        [AM] 34. c:\windows\system32\shlhook.dll




  + 用户登陆自运行项目
    + HKCU\Software\Microsoft\Windows\CurrentVersion\Run
      MSMSGS
        [AM] 22. c:\program files\messenger\msmsgs.exe



    + HKLM\Software\Microsoft\Windows\CurrentVersion\Run
      IMSCMig
        [A ] 35. c:\program files\common files\microsoft shared\ime\imsc40a\imscmig.exe


      runeip
        [AM] 36. c:\program files\rising\antispyware\runiep.exe


      RavTask
        [A ] 37. c:\program files\rising\rav\ravtask.exe


      SoundMan
        [AM] 38. c:\windows\soundman.exe


      SiS Tray
        [AM] 39. c:\windows\system32\sistray.exe


      SiS KHooker
        [AM] 40. c:\windows\system32\khooker.exe


      SiSUSBRG
        [A ] 41. c:\windows\sisusbrg.exe


      LTSMMSG
        [AM] 42. c:\windows\ltsmmsg.exe


      SynTPLpr
        [AM] 43. c:\program files\synaptics\syntp\syntplpr.exe


      SynTPEnh
        [AM] 44. c:\program files\synaptics\syntp\syntpenh.exe


      LManager
        [AM] 45. c:\program files\launch manager\cplby25.exe



    + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
      RavStub
        [AM] 46. c:\program files\rising\rav\ravstub.exe




  + 开机执行
    + HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order
      BootExecute
        [A ] 47. c:\windows\system32\bsmain.exe




  + 映像劫持
    + HKCR\.html
      htmlfile\Edit\Command
        [A ] 48. c:\program files\microsoft office\office11\msohtmed.exe


      htmlfile\Print\Command
        [A ] 48. c:\program files\microsoft office\office11\msohtmed.exe



    + HKCR\.htm
      htmlfile\Edit\Command
        [A ] 48. c:\program files\microsoft office\office11\msohtmed.exe


      htmlfile\Print\Command
        [A ] 48. c:\program files\microsoft office\office11\msohtmed.exe




  + 打印机监控
    + HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
      Microsoft Document Imaging Writer Monitor
        [AM] 49. c:\windows\system32\mdimon.dll





+ 其他自启动项目
  + C:\Documents and Settings\xuec\「开始」菜单\程序\启动
    windows.exe
      [A ] 50. c:\documents and settings\xuec\「开始」菜单\程序\启动\windows.exe


    腾讯TM.lnk
      [A ] 51. c:\program files\tencent\qq\tmshell.exe

正在运行的进程
  + 00000088(136) soundman.exe
    00400000[0000D000]
      [AM] 38. c:\windows\soundman.exe


    10000000[0001B000]
      [ M] 52. c:\program files\rising\antispyware\ieprot.dll



  + 000000bc(188) sistray.EXE
    00400000[00054000]
      [AM] 39. c:\windows\system32\sistray.exe


    10000000[0001B000]
      [ M] 52. c:\program files\rising\antispyware\ieprot.dll



  + 000000e8(232) khooker.exe
    00400000[0004B000]
      [AM] 40. c:\windows\system32\khooker.exe


    10000000[0001B000]
      [ M] 52. c:\program files\rising\antispyware\ieprot.dll



  + 00000164(356) LTSMMSG.exe
    00400000[00011000]
      [AM] 42. c:\windows\ltsmmsg.exe


    10000000[0001B000]
      [ M] 52. c:\program files\rising\antispyware\ieprot.dll



  + 00000174(372) SynTPLpr.exe
    00400000[0001C000]
      [AM] 43. c:\program files\synaptics\syntp\syntplpr.exe


    63000000[00014000]
      [ M] 53. c:\windows\system32\syntpfcs.dll


    10000000[0001B000]
      [ M] 52. c:\program files\rising\antispyware\ieprot.dll



  + 00000184(388) SynTPEnh.exe
    00400000[00074000]
      [AM] 44. c:\program files\synaptics\syntp\syntpenh.exe


    63010000[0001C000]
      [ M] 54. c:\windows\system32\syntpapi.dll


    00DC0000[00014000]
      [ M] 53. c:\windows\system32\syntpfcs.dll


    10000000[0001B000]
      [ M] 52. c:\program files\rising\antispyware\ieprot.dll



  + 00000190(400) CPLBY25.EXE
    00400000[00024000]
      [AM] 45. c:\program files\launch manager\cplby25.exe


    10000000[00013000]
      [ M] 55. c:\program files\launch manager\lgkcutl.dll


    00370000[00010000]
      [ M] 56. c:\program files\launch manager\szupfutl.dll


    00380000[0005C000]
      [ M] 57. c:\program files\launch manager\osdutl.dll


    003E0000[0000D000]
      [ M] 58. c:\program files\launch manager\rgnmaker.dll


    003F0000[0000D000]
      [ M] 59. c:\program files\launch manager\cdromutl.dll


    00430000[00010000]
      [ M] 60. c:\program files\launch manager\mixerutl.dll


    00440000[00011000]
      [ M] 61. c:\program files\launch manager\comfnutl.dll


    00460000[00011000]
      [ M] 62. c:\program files\launch manager\wnd2file.dll


    00D10000[0000E000]
      [ M] 63. c:\program files\launch manager\dialcnt.dll


    63000000[00014000]
      [ M] 53. c:\windows\system32\syntpfcs.dll


    72C80000[00008000]
      [ M] 64. c:\windows\system32\msacm32.drv


    014A0000[0001B000]
      [ M] 52. c:\program files\rising\antispyware\ieprot.dll



  + 000001c4(452) smss.exe

  + 000001fc(508) csrss.exe

  + 00000214(532) winlogon.exe
    72C80000[00008000]
      [ M] 64. c:\windows\system32\msacm32.drv



  + 00000240(576) services.exe

  + 0000024c(588) lsass.exe

  + 000002e4(740) svchost.exe

  + 00000330(816) svchost.exe
    10000000[00007000]
      [ M] 65. c:\windows\system32\uunsp.dll



  + 00000380(896) svchost.exe
    10000000[00007000]
      [ M] 65. c:\windows\system32\uunsp.dll



  + 000003a8(936) svchost.exe

  + 000003dc(988) svchost.exe
    10000000[00007000]
      [ M] 65. c:\windows\system32\uunsp.dll



  + 00000444(1092) ctfmon.exe
    63000000[00014000]
      [ M] 53. c:\windows\system32\syntpfcs.dll


    10000000[0001B000]
      [ M] 52. c:\program files\rising\antispyware\ieprot.dll



  + 00000474(1140) msmsgs.exe
    01000000[001A3000]
      [AM] 22. c:\program files\messenger\msmsgs.exe


    63000000[00014000]
      [ M] 53. c:\windows\system32\syntpfcs.dll


    10000000[0001B000]
      [ M] 52. c:\program files\rising\antispyware\ieprot.dll


    750D0000[00018000]
      [ M] 66. c:\program files\messenger\msgsc.dll



  + 00000500(1280) winlog0n.exe
    00400000[0003F000]
      [ M] 67. c:\windows\system32\winlog0n.exe


    63000000[00014000]
      [ M] 53. c:\windows\system32\syntpfcs.dll


    10000000[0001B000]
      [ M] 52. c:\program files\rising\antispyware\ieprot.dll



  + 00000518(1304) Explorer.EXE
    10000000[0001B000]
      [AM] 32. c:\windows\system32\ravext.dll


    00FD0000[00011000]
      [AM] 34. c:\windows\system32\shlhook.dll


    01CE0000[0001B000]
      [ M] 52. c:\program files\rising\antispyware\ieprot.dll


    72C80000[00008000]
      [ M] 64. c:\windows\system32\msacm32.drv


    63000000[00014000]
      [ M] 53. c:\windows\system32\syntpfcs.dll


    01250000[0002D000]
      [AM] 33. c:\program files\winrar\rarext.dll


    23700000[0001A000]
      [ M] 68. c:\program files\rising\rav\rscommon.dll



  + 00000560(1376) spoolsv.exe
    00AE0000[00008000]
      [AM] 49. c:\windows\system32\mdimon.dll


    00AF0000[00008000]
      [ M] 69. c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll


    00B00000[00005000]
      [ M] 70. c:\windows\system32\spool\prtprocs\w32x86\vprproc.dll


    10000000[00007000]
      [ M] 65. c:\windows\system32\uunsp.dll



  + 000005bc(1468) RavStub.exe
    00400000[00018000]
      [AM] 46. c:\program files\rising\rav\ravstub.exe


    10000000[0001B000]
      [ M] 71. c:\program files\rising\rav\rscommx.dll


    23700000[0001A000]
      [ M] 68. c:\program files\rising\rav\rscommon.dll



  + 00000644(1604) svchost.exe

  + 000008d8(2264) IEXPLORE.EXE
    63000000[00014000]
      [ M] 53. c:\windows\system32\syntpfcs.dll


    10000000[0001D000]
      [AM] 21. e:\新建文件夹 (3)\360safe\safemon\safemon.dll


    02660000[0001B000]
      [ M] 52. c:\program files\rising\antispyware\ieprot.dll


    325C0000[00012000]
      [AM] 31. c:\program files\microsoft office\office11\msohev.dll


    72C80000[00008000]
      [ M] 64. c:\windows\system32\msacm32.drv


    02C40000[00007000]
      [ M] 65. c:\windows\system32\uunsp.dll


    02C60000[00019000]
      [ M] 72. c:\program files\rising\rav\ravscrch.dll


    30000000[002EF000]
      [ M] 73. c:\windows\system32\macromed\flash\flash9d.ocx



  + 00000b8c(2956) Ras.exe
    00400000[00160000]
      [ M] 74. c:\program files\rising\antispyware\ras.exe


    10000000[00013000]
      [ M] 75. c:\program files\rising\antispyware\topsoft.dll


    7C140000[00103000]
      [ M] 76. c:\program files\rising\antispyware\mfc71.dll


    7C340000[00056000]
      [ M] 77. c:\program files\rising\antispyware\msvcr71.dll


    7C3A0000[0007B000]
      [ M] 78. c:\program files\rising\antispyware\msvcp71.dll


    63000000[00014000]
      [ M] 53. c:\windows\system32\syntpfcs.dll


    011C0000[000BD000]
      [ M] 79. c:\program files\rising\antispyware\rasgui.dll


    01A20000[0001B000]
      [ M] 52. c:\program files\rising\antispyware\ieprot.dll


    01D30000[00007000]
      [ M] 65. c:\windows\system32\uunsp.dll



  + 00000b94(2964) runiep.exe
    00400000[00013000]
      [AM] 36. c:\program files\rising\antispyware\runiep.exe


    63000000[00014000]
      [ M] 53. c:\windows\system32\syntpfcs.dll


    01020000[0001B000]
      [ M] 52. c:\program files\rising\antispyware\ieprot.dll



  + 00000c04(3076) RsAgent.exe
    00400000[0003A000]
      [ M] 80. c:\program files\rising\rav\rsagent.exe


    63000000[00014000]
      [ M] 53. c:\windows\system32\syntpfcs.dll


    10000000[0001B000]
      [ M] 71. c:\program files\rising\rav\rscommx.dll


    01230000[0001B000]
      [ M] 52. c:\program files\rising\antispyware\ieprot.dll



  + 00000c1c(3100) AgentSvr.exe
    63000000[00014000]
      [ M] 53. c:\windows\system32\syntpfcs.dll


    10000000[0001B000]
      [ M] 52. c:\program files\rising\antispyware\ieprot.dll


    72C80000[00008000]
      [ M] 64. c:\windows\system32\msacm32.drv

c盘没有电影游戏，我前几天到电脑城安了个内存条，人家给看了一下，说有病毒然后删了些东西内存有450M左右，但是回来后C 盘又满了，请这位大侠帮帮忙，要不我把SRENG报告给你传过去，谢谢

[CODE]

2007-10-30,14:36:50

System Repair Engineer 2.4.12.806
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
    <MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" /background>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows Publisher]
    <IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [(Verified)Microsoft Corporation]
    <runeip><"C:\Program Files\Rising\AntiSpyware\runiep.exe" /startup>  [Beijing Rising Technology Co., Ltd.]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <SoundMan><soundman.exe>  [Avance Logic, Inc.]
    <SiS Tray><C:\WINDOWS\system32\sistray.EXE>  [Silicon Integrated Systems Corporation]
    <SiS KHooker><C:\WINDOWS\system32\khooker.exe>  [Silicon Integrated Systems Corporation]
    <SiSUSBRG><C:\WINDOWS\sisUSBrg.exe>  [Silicon Integrated Systems Corp.]
    <LTSMMSG><LTSMMSG.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <SynTPLpr><C:\Program Files\Synaptics\SynTP\SynTPLpr.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <SynTPEnh><C:\Program Files\Synaptics\SynTP\SynTPEnh.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <LManager><C:\PROGRA~1\LAUNCH~1\CPLBY25.EXE>  [Dritek System Inc.]
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  [N/A]
    <UnlockerAssistant><"C:\Program Files\Unlocker\UnlockerAssistant.exe">  [N/A]
    <Storm2Set><C:\WINDOWS\system32\rundll32.exe "C:\PROGRA~1\StormII\StormSet.dll",CheckEnv>  [(Verified)Beijing Baofeng Inc.]
    <360Safetray><E:\新建文件夹 (3)\360safe\safemon\360Tray.exe /start>  [奇虎网]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <RavStub><"C:\PROGRAM FILES\RISING\RAV\ravstub.exe" /RUNONCE>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\UserInit.exe,>  [(Verified)Microsoft Windows Publisher]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
    <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <73zrnjb><>  [N/A]

==================================
启动文件夹
[windows]
  <C:\Documents and Settings\xuec\「开始」菜单\程序\启动\windows.exe -->  [N/A]><N>
[腾讯TM]
  <C:\Documents and Settings\xuec\「开始」菜单\程序\启动\腾讯TM.lnk --> C:\PROGRA~1\Tencent\QQ\TMShell.exe [腾讯公司]><N>

==================================
服务
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
  <"C:\PROGRAM FILES\RISING\RAV\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>

==================================
驱动程序
[Service for Avance AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Avance Logic, Inc.>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[ExpScaner / ExpScaner][Running/Auto Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\ExpScan.sys><>
[HOOKAPI / HOOKAPI][Stopped/Manual Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\HookApi.Sys><瑞星软件有限公司>
[HookCont / HookCont][Running/Auto Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\HookSys.sys><Rising>
[Dritek HotKey Keyboard Filter Driver / KBFiltr][Running/Manual Start]
  <System32\Drivers\KBFiltr.sys><Dritek System Inc.>
[Lucent Technologies Soft Modem / LucentSoftModem][Running/Manual Start]
  <system32\DRIVERS\LTSM.sys><Lucent Technologies>
[MEMSCAN / MEMSCAN][Running/Auto Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\MEMSCAN.sys><Beijing Rising Technology Co., Ltd.>
[minirdr / minirdr][Running/System Start]
  <System32\drivers\minirdr.sys><UUDynamics>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
  <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\RSPPSYS.sys><Rising>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[SiS315 / SiS315][Running/Manual Start]
  <system32\DRIVERS\sisgrp.sys><Silicon Integrated Systems Corporation>
[SiS AGP Filter / sisagp][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\sisagp.sys><Silicon Integrated Systems Corporation>
[SiSkp / SiSkp][Running/System Start]
  <system32\drivers\srvkp.sys><N/A>
[Synaptics TouchPad Driver / SynTP][Running/Auto Start]
  <system32\DRIVERS\SynTP.sys><Synaptics, Inc.>
[UUAPPSDR / UUAPPSDR][Running/System Start]
  <System32\drivers\uuappsdr.sys><Windows (R) 2000 DDK provider>

==================================
浏览器加载项
[NavigatMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <E:\新建文件夹 (3)\360safe\safemon\safemon.dll, >
[信息检索(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[UUAPP_2.7 Class]
  {0202078E-1F02-4966-8F1C-48BBF31BB7A4} <C:\WINDOWS\system32\UUAPP-~1.DLL, >
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx, Adobe Systems, Inc.>
[nc5 Class]
  {EAF5041C-A17F-456B-B098-930A9DD2F886} <C:\Program Files\jre1.5.0_07\bin\NC5Ocx.dll, >
[UUAPP_2.7 Class]
  {0202078E-1F02-4966-8F1C-48BBF31BB7A4} <C:\WINDOWS\system32\UUAPP-~1.DLL, >
[ActiveMovieControl Object]
  {05589FA1-C356-11CE-BF01-00AA0055595A} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[360SafeLive]
  {87515F61-A66C-4319-A0E0-D416CB8059E3} <E:\新建文件夹 (3)\360safe\live.dll, 360safe.com>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[RMGetLicense Class]
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[NavigatMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <E:\新建文件夹 (3)\360safe\safemon\safemon.dll, >
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[Java Plug-in 1.5.0_07]
  {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} <C:\Program Files\jre1.5.0_07\bin\npjpi150_07.dll, Sun Microsystems, Inc.>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx, Adobe Systems, Inc.>
[nc5 Class]
  {EAF5041C-A17F-456B-B098-930A9DD2F886} <C:\Program Files\jre1.5.0_07\bin\NC5Ocx.dll, >
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ表情]
  <, N/A>

==================================
正在运行的进程
[PID: 452][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 508][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 532][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 576][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 588][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1304][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [C:\WINDOWS\system32\shlhook.dll]  [Beijing Rising Technology Co., Ltd., 4.0.0.9]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 6.2.8 15Mar02]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [E:\新建文件夹 (3)\360safe\safemon\safemon.dll]  [, 3, 6, 3, 1001]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[PID: 136][C:\WINDOWS\soundman.exe]  [Avance Logic, Inc., 5, 0, 0, 0]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 188][C:\WINDOWS\system32\sistray.EXE]  [Silicon Integrated Systems Corporation, 0.0.0.2060]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 232][C:\WINDOWS\system32\khooker.exe]  [Silicon Integrated Systems Corporation, 0, 0, 0, 2060]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 356][C:\WINDOWS\LTSMMSG.exe]  [Lucent Technologies, 3.1.113 3.1.113 05/07/2002 14:54:58]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 372][C:\Program Files\Synaptics\SynTP\SynTPLpr.exe]  [Synaptics, Inc., 6.2.8 15Mar02]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 6.2.8 15Mar02]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 388][C:\Program Files\Synaptics\SynTP\SynTPEnh.exe]  [Synaptics, Inc., 6.2.8 15Mar02]
    [C:\WINDOWS\system32\SynTPAPI.dll]  [Synaptics, Inc., 6.2.8 15Mar02]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 6.2.8 15Mar02]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 400][C:\PROGRA~1\LAUNCH~1\CPLBY25.EXE]  [Dritek System Inc., 1,2,0,1]
    [C:\PROGRA~1\LAUNCH~1\LgKCUtl.dll]  [Dritek System Inc., 1.00]
    [C:\PROGRA~1\LAUNCH~1\SzUPFUtl.dll]  [Dritek System Inc., 1.00]
    [C:\PROGRA~1\LAUNCH~1\OSDUtl.dll]  [Dritek System Inc., 1.00]
    [C:\PROGRA~1\LAUNCH~1\RgnMaker.dll]  [Dritek System Inc., 12.07.1999 ( VC60 )]
    [C:\PROGRA~1\LAUNCH~1\CDRomUtl.dll]  [Dritek System Inc., 1.00]
    [C:\PROGRA~1\LAUNCH~1\MixerUtl.dll]  [Dritek System Inc., 1.00]
    [C:\PROGRA~1\LAUNCH~1\ComFnUtl.dll]  [Dritek System Inc., 1.00]
    [C:\PROGRA~1\LAUNCH~1\Wnd2File.dll]  [Dritek System Inc., 3.00]
    [C:\PROGRA~1\LAUNCH~1\DialCnt.Dll]  [Dritek System Inc., 1.10]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 6.2.8 15Mar02]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 1092][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 6.2.8 15Mar02]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 1140][C:\Program Files\Messenger\msmsgs.exe]  [Microsoft Corporation, 4.7.3001]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 6.2.8 15Mar02]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
    [C:\Program Files\Messenger\msgsc.dll]  [Microsoft Corporation, 4.7.3000]
[PID: 1280][c:\windows\system32\winlog0n.exe]  [N/A, ]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 6.2.8 15Mar02]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 3076][C:\Program Files\Rising\Rav\RsAgent.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 12]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 6.2.8 15Mar02]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 3100][C:\WINDOWS\msagent\AgentSvr.exe]  [Microsoft Corporation, 2.00.0.3424]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 6.2.8 15Mar02]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2964][C:\Program Files\Rising\AntiSpyware\runiep.exe]  [Beijing Rising Technology Co., Ltd., 4.0.0.18]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 6.2.8 15Mar02]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 2212][C:\Program Files\Outlook Express\msimn.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 6.2.8 15Mar02]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\uunsp.dll]  [UUDynamics Inc., 2.7.10.18]
    [C:\Program Files\Messenger\msgsc.dll]  [Microsoft Corporation, 4.7.3000]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2632][C:\Program Files\Rising\AntiSpyware\Ras.exe]  [Beijing Rising Technology Co., Ltd., 4.0.0.62]
    [C:\Program Files\Rising\AntiSpyware\TopSoft.dll]  [Beijing Rising Technology Co., Ltd., 4.0.0.3]
    [C:\Program Files\Rising\AntiSpyware\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Rising\AntiSpyware\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Rising\AntiSpyware\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 6.2.8 15Mar02]
    [C:\Program Files\Rising\AntiSpyware\RasGui.dll]  [Beijing Rising Technology Co., Ltd., 2, 0, 0, 14]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
    [C:\WINDOWS\system32\uunsp.dll]  [UUDynamics Inc., 2.7.10.18]
[PID: 2584][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 6.2.8 15Mar02]
    [E:\新建文件夹 (3)\360safe\safemon\safemon.dll]  [, 3, 6, 3, 1001]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
    [C:\WINDOWS\system32\uunsp.dll]  [UUDynamics Inc., 2.7.10.18]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx]  [Adobe Systems, Inc., 9,0,47,0]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3280][C:\Documents and Settings\xuec\桌面\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 6.2.8 15Mar02]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
    [C:\WINDOWS\system32\uunsp.dll]  [UUDynamics Inc., 2.7.10.18]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
N/A

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]

谢谢各位大哥哥大姐姐帮帮忙吧！

C:\Documents and Settings\xuec\Local Settings\Temporary Internet Files  里面被我清空了，可是大小还是１４１Ｍ是不是有问题

C;\有个pagefile.sys文件,800M是不是有问题

C:\WINDOWS\system32\virpe.def 15M
C:\WINDOWS\system32\oembios.bin 12M