瑞星卡卡安全论坛

我的 瑞星防火墙和监控都打不开了！！！！！！！！！！！！！！！！！！！！！
这是为什么？？？？？？？？？？？？？？？？？？？？？？
006-10-03,09:39:33

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [Microsoft Corporation]
    <LDM><C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe>  [Logitech]
    <pyjj><E:\实用软件\拼音加加\jj4\jjsvr4.exe>  [加加开发组]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
    <run><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <ATIPTA><"C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe">  [ATI Technologies, Inc.]
    <Logitech Hardware Abstraction Layer><KHALMNPR.EXE>  [Logitech Inc.]
    <mmtask><"C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe">  [Musicmatch Inc.]
    <NeroFilterCheck><; C:\WINDOWS\system32\NeroCheck.exe>  [Ahead Software Gmbh]
    <HP Software Update><E:\实用软件\hp打印机\HP Software Update\HPWuSchd2.exe>  [Hewlett-Packard Co.]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [Microsoft Corporation]
    <PHIME2002A><; >  []
    <PHIME2002ASync><; >  []
    <StormCodec_Helper><; "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>  []
    <SoundMan><SOUNDMAN.EXE>  [Realtek Semiconductor Corp.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{08315C1A-9BA9-4B7C-A432-26885F78DF28}><C:\Program Files\Common Files\Microsoft Shared\MSINFO\SysInfo.wmp>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    <WinlogonNotify: AtiExtEvent><Ati2evxx.dll>  [ATI Technologies Inc.]

==================================
启动文件夹
[Logitech SetPoint]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Logitech SetPoint.lnk><N>
[Logitech Desktop Messenger]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Logitech Desktop Messenger.lnk><N>
[HP Digital Imaging Monitor]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\HP Digital Imaging Monitor.lnk><N>

==================================
服务
[Ati HotKey Poller / Ati HotKey Poller]
  <C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[ATI Smart / ATI Smart]
  <C:\WINDOWS\system32\ati2sgag.exe><>
[JMediaService / JMediaService]
  <C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\MMSASS~1\MMSSVER.DLL,Service><N/A>
[Macromedia Licensing Service / Macromedia Licensing Service]
  <"C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe"><N/A>
[Rising Proxy  Service / RfwProxySrv]
  <c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
  <c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[Volume Shadddddow Copyerq / Service332245]
  <c:\windows\system\taskmrg.exe><>
[StdService / StdService]
  <C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\System32\STDSVER.DLL,Service><N/A>

==================================
浏览器加载项
[MyIEHelper Class]
  {16B770A0-0E87-4278-B748-2460D64A8386} <C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper200688_4825.dll, N/A>
[SYM]
  {36BF6929-DCBC-4CCD-A620-C5E3BBA77B95} <C:\WINDOWS\system32\usersrd.dll, >
[Vision]
  {6671A431-5C3D-463d-A7CF-5587F9B7E191} <C:\PROGRA~1\MMSASS~1\mmsass~1.dll, >
[stdup]
  {6A512BF7-EC78-4e8d-9841-6C02E8FA9838} <C:\WINDOWS\SYSTEM32\stdup.dll, MStdup Co Ltd.>
[超级兔子上网精灵]
  {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <E:\实用软件\超级兔子\MagicSet\haokanbar.dll, N/A>
[BandIE Class]
  {77FEF28E-EB96-44FF-B511-3185DEA48697} <C:\Program Files\Baidu\bar\BaiduBar.DLL, Baidu.com, Inc.>
[bingo]
  {B626AE7E-4F5D-4CD4-B457-D8693015DEFC} <C:\WINDOWS\system32\amvda.dll, >
[启动迅雷]
  {0062C9BD-B349-40DE-91A0-755F37ACD559} <E:\上网软件\迅雷\Thunder.exe, Thunder Networking Technologies,LTD>
[微软]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.microsoft.com/china/index.htm, N/A>
[MMSAssistMenu]
  {6671A433-5C3D-463d-A7CF-5587F9B7E191} <C:\PROGRA~1\MMSASS~1\mmsass~1.dll, >
[比较购物搜索(&C)]
  {A36ABCF0-1C8F-46e7-A67C-0489DC21B9CC} <C:\WINDOWS\YayaBands.dll, Eastday Corporation>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <E:\上网软件\qq2006\QQ.EXE, TENCENT>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <E:\上网软件\qq2006\QQIEHelper.dll, N/A>
[金山快译(&K)]
  {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} <E:\翻译工具\IEBand.dll, N/A>
[&Google]
  {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar1.dll, N/A>
[超级兔子上网精灵]
  {43869BB3-22FD-4F15-9B46-238106BA2F4E} <E:\实用软件\超级兔子\MagicSet\haokanbar.dll, N/A>
[Seekmo Toolbar]
  {53E0B6E8-A51D-448B-B692-40B67B285543} <C:\Program Files\Seekmo Programs\Seekmo Toolbar\SeekmoTB.dll, Seekmo>
[百度超级搜霸]
  {B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\Program Files\Baidu\bar\BaiduBar.DLL, Baidu.com, Inc.>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, Microsoft Corporation>
[updatePanelX Control]
  {43E839C5-E10F-443A-BC1F-F09CFD2ABC77} <C:\WINDOWS\system32\uusee\internet\updateC.ocx, uusee>
[Downloader Class]
  {5932517A-3326-4439-A708-1C98EDB5C549} <C:\WINDOWS\system32\iMopDl.dll, >
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[MyIEHelper Class]
  {16B770A0-0E87-4278-B748-2460D64A8386} <C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper200688_4825.dll, N/A>
[SYM]
  {36BF6929-DCBC-4CCD-A620-C5E3BBA77B95} <C:\WINDOWS\system32\usersrd.dll, >
[超级兔子上网精灵]
  {43869BB3-22FD-4F15-9B46-238106BA2F4E} <E:\实用软件\超级兔子\MagicSet\haokanbar.dll, N/A>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Vision]
  {6671A431-5C3D-463D-A7CF-5587F9B7E191} <C:\PROGRA~1\MMSASS~1\mmsass~1.dll, >
[stdup]

{6A512BF7-EC78-4E8D-9841-6C02E8FA9838} <C:\WINDOWS\SYSTEM32\stdup.dll, MStdup Co Ltd.>
[超级兔子上网精灵]
  {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <E:\实用软件\超级兔子\MagicSet\haokanbar.dll, N/A>
[BandIE Class]
  {77FEF28E-EB96-44FF-B511-3185DEA48697} <C:\Program Files\Baidu\bar\BaiduBar.DLL, Baidu.com, Inc.>
[bingo]
  {B626AE7E-4F5D-4CD4-B457-D8693015DEFC} <C:\WINDOWS\system32\amvda.dll, >
[&_找本网页音视频链接_]
  <C:\Program Files\Riptide\Plugin\Monitor.htm, N/A>
[&使用迅雷下载]
  <E:\上网软件\迅雷\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <E:\上网软件\迅雷\Program\GetAllUrl.htm, N/A>
[>>彩信发送<<]
  <res://C:\PROGRA~1\MMSASS~1\mmsass~1.dll/mms.htm, N/A>
[Google 搜索(&G)]
  <res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html, N/A>
[上传到QQ网络硬盘]
  <E:\上网软件\qq2006\AddToNetDisk.htm, N/A>
[使用影音传送带下载]
  <C:\Program Files\Xi\NetTransport 2\NTAddLink.html, N/A>
[使用影音传送带下载全部链接]
  <C:\Program Files\Xi\NetTransport 2\NTAddList.html, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
  <E:\上网软件\qq2006\AddPanel.htm, N/A>
[添加到QQ表情]
  <E:\上网软件\qq2006\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <E:\上网软件\qq2006\SendMMS.htm, N/A>
[百度-搜索MP3]
  <res://C:\Program Files\Baidu\bar\BaiduBar.DLL/BAIDUMP3.HTM, N/A>
[百度-搜索图片]
  <res://C:\Program Files\Baidu\bar\BaiduBar.DLL/BAIDUIMG.HTM, N/A>
[百度-搜索新闻]
  <res://C:\Program Files\Baidu\bar\BaiduBar.DLL/BAIDUNEWS.HTM, N/A>
[百度-搜索歌词]
  <res://C:\Program Files\Baidu\bar\BaiduBar.DLL/BAIDULYRIC.HTM, N/A>
[百度-搜索网页]
  <res://C:\Program Files\Baidu\bar\BaiduBar.DLL/BAIDUSEARCH.HTM, N/A>
[百度-搜索贴吧]
  <res://C:\Program Files\Baidu\bar\BaiduBar.DLL/BAIDUPOST.HTM, N/A>
[百度-词典搜索]
  <res://C:\Program Files\Baidu\bar\BaiduBar.DLL/BAIDU_DIC.HTM, N/A>

==================================
正在运行的进程
[PID: 580][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 640][\??\C:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 664][\??\C:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\Ati2evxx.dll]  <ATI Technologies Inc.><6.14.10.4117>
[PID: 708][C:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 720][C:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 884][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 960][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\quartz32.dll]  <><4, 1, 0, 0>
    [C:\WINDOWS\system32\cdnns.dll]  <CNNIC><2, 0, 0, 0>
[PID: 1056][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\quartz32.dll]  <><4, 1, 0, 0>
[PID: 1656][C:\WINDOWS\Explorer.EXE]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\DOCUME~1\new\LOCALS~1\Temp\IadHide5.dll]  <BackWeb><Version 7.2.0 (Build 157R)>
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  <Logitech Inc.><2.47.864>
[PID: 1812][C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe]  <ATI Technologies, Inc.><6.14.10.5157>
    [C:\Program Files\ATI Technologies\ATI Control Panel\atipdsxx.dll]  <ATI Technologies, Inc.><6.14.10.5157>
    [C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATRPUIXX.CHS]  <ATI Technologies, Inc.><6.14.10.5157>
    [C:\Program Files\ATI Technologies\ATI Control Panel\atipdxxx.dll]  <ATI Technologies, Inc.><6.14.10.5157>
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  <Logitech Inc.><2.47.864>
[PID: 1832][C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe]  <Musicmatch Inc.><9.0.0.1>
    [C:\Program Files\Musicmatch\Musicmatch Jukebox\MMVCP70.dll]  <Sample Corporation><7.00.0000>
    [C:\Program Files\Musicmatch\Musicmatch Jukebox\MMVCR70.dll]  <Sample Corporation><7.00.0000>
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  <Logitech Inc.><2.47.864>
[PID: 1844][E:\实用软件\hp打印机\HP Software Update\HPWuSchd2.exe]  <Hewlett-Packard Co.><53.0.13.000>
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  <Logitech Inc.><2.47.864>
[PID: 1872][C:\Program Files\Rising\Rav\RavTask.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 22>
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [C:\Program Files\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [C:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  <Logitech Inc.><2.47.864>
[PID: 1888][C:\WINDOWS\SOUNDMAN.EXE]  <Realtek Semiconductor Corp.><5, 1, 0, 50>
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  <Logitech Inc.><2.47.864>
[PID: 1896][C:\WINDOWS\system32\ctfmon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  <Logitech Inc.><2.47.864>
[PID: 1912][C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe]  <Logitech><2.30.04>
    [C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\backWeb.dll]  <BackWeb Technologies Inc.><Version 7.2.0 (Build 157R)>
    [C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\bwsec.dll]  <BackWeb><Version 4.2.0 (Build 157R)>
    [C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\clntutil.dll]  <N/A><N/A>
    [C:\PROGRA~1\Logitech\DESKTO~1\8876480\720~1.157\program\EN\ClientRC.dll]  <BackWeb Technologies Inc.><Version 7.2.0 (Build 157R)>
    [C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWfiles-8876480.dll]  <Logitech><Version 7.2.0 (Build 157R)>
    [C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\BWfiles.dll]  <><Version 7.2.0 (Build 157R)>
    [C:\DOCUME~1\new\LOCALS~1\Temp\IadHide5.dll]  <BackWeb><Version 7.2.0 (Build 157R)>
    [C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWDocMapExt-8876480.dll]  <Logitech><Version 7.2.0 (Build 157R)>
    [C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\BWDocMapExt.dll]  <><Version 7.2.0 (Build 157R)>
    [C:\WINDOWS\system32\cdnns.dll]  <CNNIC><2, 0, 0, 0>
    [C:\Program Files\Logitech\Desktop Messenger\8876480\Program\bwscriptext-8876480.dll]  <Logitech><Version 7.2.0 (Build 157R)>
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  <Logitech Inc.><2.47.864>
    [C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\bwscriptext.dll]  <><Version 7.2.0 (Build 157R)>
    [C:\Program Files\Logitech\Desktop Messenger\8876480\Program\SyncExt.dll]  <Logitech><2.30.04>
[PID: 1936][E:\实用软件\拼音加加\jj4\jjsvr4.exe]  <加加开发组><4.0.0.20>

[C:\Program Files\Logitech\SetPoint\lgscroll.dll]  <Logitech Inc.><2.47.864>
[PID: 1964][C:\Program Files\Logitech\SetPoint\SetPoint.exe]  <Logitech Inc.><2.47.864>
    [C:\WINDOWS\system32\KemUtil.dll]  <Logitech Inc.><2.47.864>
    [C:\Program Files\Logitech\SetPoint\SetPointCOM.dll]  <Logitech Inc.><2.47.864>
    [C:\WINDOWS\system32\kemutb.dll]  <Logitech Inc.><2.47.864>
    [C:\Program Files\Logitech\SetPoint\KGame.dll]  <Logitech Inc.><2.47.864>
    [C:\WINDOWS\system32\KemWnd.dll]  <Logitech Inc.><2.47.864>
    [C:\Program Files\Logitech\SetPoint\GameHook.dll]  <Logitech Inc.><2.47.864>
    [C:\WINDOWS\system32\KemXML.dll]  <Logitech Inc.><2.47.864>
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  <Logitech Inc.><2.47.864>
    [C:\DOCUME~1\new\LOCALS~1\Temp\IadHide5.dll]  <BackWeb><Version 7.2.0 (Build 157R)>
    [C:\Program Files\Logitech\SetPoint\Macros\MacroCore.dll]  <Logitech Inc.><2.47.864>
    [C:\Program Files\Logitech\SetPoint\IMHook.dll]  <Logitech Inc.><2.47.864>
    [C:\Program Files\Common Files\Logitech\KHAL\KhalApi.dll]  <Logitech Inc.><2.47.864>
    [C:\Program Files\Logitech\SetPoint\LCabHandler.dll]  <Logitech Inc.><2.47.864>
    [C:\Program Files\Logitech\SetPoint\KEMHook.dll]  <Logitech Inc.><2.47.864>
[PID: 188][C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE]  <Logitech Inc.><2.47.842>
    [C:\Program Files\Common Files\Logitech\KHAL\KHALAPI.DLL]  <Logitech Inc.><2.47.864>
    [C:\DOCUME~1\new\LOCALS~1\Temp\IadHide5.dll]  <BackWeb><Version 7.2.0 (Build 157R)>
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  <Logitech Inc.><2.47.864>
    [C:\Program Files\Common Files\Logitech\KHAL\KHALITCH.DLL]  <Logitech Inc.><2.47.864>
    [C:\Program Files\Common Files\Logitech\KHAL\KHALMW.DLL]  <Logitech Inc.><2.47.864>
    [C:\Program Files\Common Files\Logitech\KHAL\KHALHPP.DLL]  <Logitech Inc.><2.47.864>
[PID: 204][C:\Program Files\Logitech\SetPoint\SetPointUpdate.exe]  <Logitech Inc.><2.47.864>
    [C:\WINDOWS\system32\KemUtil.dll]  <Logitech Inc.><2.47.864>
    [C:\WINDOWS\system32\kemutb.dll]  <Logitech Inc.><2.47.864>
    [C:\WINDOWS\system32\KemXML.dll]  <Logitech Inc.><2.47.864>
    [C:\WINDOWS\system32\KemWnd.dll]  <Logitech Inc.><2.47.864>
    [C:\WINDOWS\system32\cdnns.dll]  <CNNIC><2, 0, 0, 0>
    [C:\WINDOWS\system32\quartz32.dll]  <><4, 1, 0, 0>
    [C:\DOCUME~1\new\LOCALS~1\Temp\IadHide5.dll]  <BackWeb><Version 7.2.0 (Build 157R)>
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  <Logitech Inc.><2.47.864>
[PID: 220][E:\实用软件\hp打印机\Digital Imaging\bin\hpqtra08.exe]  <Hewlett-Packard Co.><53.0.13.000>
    [C:\DOCUME~1\new\LOCALS~1\Temp\IadHide5.dll]  <BackWeb><Version 7.2.0 (Build 157R)>
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  <Logitech Inc.><2.47.864>
    [E:\实用软件\hp打印机\Digital Imaging\bin\hpqcxm08.dll]  <Hewlett-Packard Co.><53.0.13.000>
    [E:\实用软件\hp打印机\Digital Imaging\bin\hpquio08.dll]  <Hewlett-Packard Co.><53.0.13.000>
    [E:\实用软件\hp打印机\Digital Imaging\bin\hpqtra08.rsc]  <Hewlett-Packard Co.><53.0.13.000>
    [E:\实用软件\hp打印机\Digital Imaging\bin\hpqtao08.dll]  <Hewlett-Packard Co.><53.0.13.000>
    [E:\实用软件\hp打印机\Digital Imaging\bin\hpotradd.dll]  <Hewlett-Packard Co.><53.0.13.000>
    [E:\实用软件\hp打印机\Digital Imaging\bin\hpftra01.dll]  <Hewlett-Packard><1, 0, 0, 2>
    [E:\实用软件\hp打印机\Digital Imaging\bin\hpqrif08.dll]  <Hewlett-Packard Co.><53.0.20.000>
    [E:\实用软件\hp打印机\Digital Imaging\bin\hpodvd09.dll]  <Hewlett-Packard Co.><53.0.13.000>
    [E:\实用软件\hp打印机\Digital Imaging\bin\hpoddcomm09.dll]  <Hewlett-Packard Co.><53.0.13.000>
    [E:\实用软件\hp打印机\Digital Imaging\bin\hpodio08.dll]  <Hewlett-Packard Co.><50.0.165.000>
[PID: 440][C:\WINDOWS\system32\rundll32.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\PROGRA~1\MMSASS~1\MMSSVER.DLL]  <><1, 2, 0, 6>
    [C:\WINDOWS\system32\cdnns.dll]  <CNNIC><2, 0, 0, 0>
    [C:\WINDOWS\system32\quartz32.dll]  <><4, 1, 0, 0>
[PID: 480][C:\WINDOWS\system32\Svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [c:\windows\system32\msservices\update\svchost.dll]  <N/A><N/A>
    [c:\windows\system32\msservices\update\MsService.dll]  <><1, 0, 0, 1>
    [c:\windows\system32\msservices\update\unreg1.dll]  <N/A><N/A>
    [c:\windows\system32\msservices\update\OldUnReg.dll]  <N/A><N/A>
[PID: 532][C:\WINDOWS\system32\rundll32.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\System32\STDSVER.DLL]  <MStdup Co Ltd.><3, 2, 2, 3>
    [C:\WINDOWS\system32\cdnns.dll]  <CNNIC><2, 0, 0, 0>
    [C:\WINDOWS\system32\quartz32.dll]  <><4, 1, 0, 0>
[PID: 572][C:\WINDOWS\system32\wdfmgr.exe]  <Microsoft Corporation><5.2.3790.1230 built by: dnsrv(bld4act)>
[PID: 1264][E:\实用软件\hp打印机\Digital Imaging\bin\hpqSTE08.exe]  <Hewlett-Packard Co.><53.0.13.000>
    [E:\实用软件\hp打印机\Digital Imaging\bin\hpqmfc09.dll]  <Hewlett-Packard Co.><53.0.13.000>
    [E:\实用软件\hp打印机\Digital Imaging\bin\hpqtap08.dll]  <Hewlett-Packard Co.><53.0.13.000>
    [C:\DOCUME~1\new\LOCALS~1\Temp\IadHide5.dll]  <BackWeb><Version 7.2.0 (Build 157R)>
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  <Logitech Inc.><2.47.864>
    [E:\实用软件\hp打印机\Digital Imaging\bin\hpqcxm08.dll]  <Hewlett-Packard Co.><53.0.13.000>
    [E:\实用软件\hp打印机\Digital Imaging\bin\hpqSTE08.rsc]  <Hewlett-Packard Co.><53.0.13.000>
    [E:\实用软件\hp打印机\Digital Imaging\bin\hpqsti08.dll]  <Hewlett-Packard Co.><53.0.13.000>
    [E:\实用软件\hp打印机\Digital Imaging\bin\hpqcob08.dll]  <Hewlett-Packard Co.><53.0.13.000>
    [E:\实用软件\hp打印机\Digital Imaging\bin\hpqstv08.dll]  <Hewlett-Packard Co.><53.0.13.000>
    [E:\实用软件\hp打印机\Digital Imaging\bin\hpqsem08.rsc]  <Hewlett-Packard Co.><53.0.13.000>
    [E:\实用软件\hp打印机\Digital Imaging\bin\hpocxi08.dll]  <Hewlett-Packard Co.><50.0.125.000>
[PID: 2132][C:\WINDOWS\System32\alg.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\quartz32.dll]  <><4, 1, 0, 0>
[PID: 1792][E:\上网软件\maxthon\Max.exe]  <Maxthon International Ltd.><1, 5, 3, 18>
    [E:\上网软件\maxthon\maxzlib.dll]  < ><1, 0, 0, 2>
    [C:\DOCUME~1\new\LOCALS~1\Temp\IadHide5.dll]  <BackWeb><Version 7.2.0 (Build 157R)>
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  <Logitech Inc.><2.47.864>
    [C:\WINDOWS\system32\cdnns.dll]  <CNNIC><2, 0, 0, 0>
    [E:\上网软件\迅雷\ComDlls\XunLeiBHO_002.dll]  <Thunder Networking Technologies,LTD><5, 0, 0, 2>
    [E:\上网软件\maxthon\Services\RealTime\real_time.dll]  <><1, 0, 0, 1>
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\WINDOWS\system32\quartz32.dll]  <><4, 1, 0, 0>
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  <Adobe Systems, Inc.><9,0,16,0>
    [C:\WINDOWS\system32\PYJJ4.IME]  <加加工作组><4.0.0.21>
[PID: 2676][C:\WINDOWS\system32\taskmgr.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\DOCUME~1\new\LOCALS~1\Temp\IadHide5.dll]  <BackWeb><Version 7.2.0 (Build 157R)>
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  <Logitech Inc.><2.47.864>
[PID: 3636][C:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)>
[PID: 3388][E:\实用软件\网址\sreng2\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>
    [C:\DOCUME~1\new\LOCALS~1\Temp\IadHide5.dll]  <BackWeb><Version 7.2.0 (Build 157R)>
    [C:\Program Files\Logitech\SetPoint\lgscroll.dll]  <Logitech Inc.><2.47.864>
    [C:\WINDOWS\system32\cdnns.dll]  <CNNIC><2, 0, 0, 0>
    [C:\WINDOWS\system32\quartz32.dll]  <><4, 1, 0, 0>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================