瑞星卡卡安全论坛

怎么办啊？
在启动里面发现了这个:"C:\Program Files\IE\sellhost.exe"
是不是它的原因？
PS:我上不了baidu了 大伙能上吗？

这个文件没见过
请下载 System Repair Engineer，使用“智能扫描”，按下“扫描”按钮进行扫描，扫描完成后按下“保存报告”按钮保存报告日志文件（SREng.LOG），把保存的报告日志文件内容复制-粘贴上来
下载网址
http://www.kztechs.com/sreng/sreng2.zip
http://forum.ikaka.com/topic.asp?board=67&artid=5188931
日志一次粘不完，分次粘完，请不要修改。谢谢．．．

扫个 hijackthis日志吧

修复安装瑞星！
或下载安装！



http://update.rising.com.cn/register/pcver/upgrade.htm
------------------
C:\Program Files\IE\sellhost.exe肯定是不良东东！启动项中删除之！

baidu以能正常上啊！
查看你的hosts文件，删除内容，保存！

2006-10-04,19:22:51

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows Server 2003 Enterprise Edition  (Build 3790)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [Microsoft Corporation]
    <eMuleAutoStart><C:\Program Files\eMule\eMule.exe -AutoStart>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <wow><C:\WINDOWS\system32\Launcher.exe>  [N/A]
    <zz><C:\WINDOWS\system32\intenet.exe>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <Super Rabbit Desktop Set><; C:\Program Files\Super Rabbit\MagicSet\DS.EXE /Load>  [Super Rabbit Software]
    <xy><C:\WINDOWS\Download\svhost32.exe>  [N/A]
    <wdfmgr32><C:\WINDOWS\system32\wdfmgr32.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <TrayFactory><C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.235\PS Tray Factory v2.0\PSTrayFactory.exe /start>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><%SystemRoot%\system32\logonui.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{77E668D7-68D7-7E6C-D77E-8D7E68D77E6C}><C:\Program Files\Common Files\Microsoft Shared\MSINFO\68D77E6C.dll>  [N/A]
    <{E4C3C044-CE6A-4117-9D18-C1EBEC80D2C9}><C:\WINDOWS\system32\3.dLL>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <AGRSMMSG><; AGRSMMSG.exe>  [Agere Systems]
    <assistse><; "C:\PROGRA~1\3721\assistse.exe">  [N/A]
    <ATIModeChange><; Ati2mdxx.exe>  [ATI Technologies, Inc.]
    <CnsMin><; Rundll32.exe C:\WINDOWS\downlo~1\CnsMin.dll,Rundll32>  [N/A]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><; C:\WINDOWS\system32\ctfmon.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <helper.dll><; C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32>  [N/A]
    <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [Microsoft Corporation]
    <IMSCMig><; C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <MsnMsgr><; "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [Microsoft Corporation]
    <PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [Microsoft Corporation]
    <RavMon><; >  [N/A]
    <RavTimer><; >  [N/A]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <Super Rabbit CDNotify><; >  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <Super Rabbit Desktop Set><; C:\MagicSet\DS.EXE /Load>  [N/A]
    <Super Rabbit SRRestore><; >  [N/A]
    <TkBellExe><; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [N/A]
    <WangWang><; "C:\Program Files\淘宝网\淘宝旺旺\WangWang.EXE">  [淘宝（中国）软件有限公司]

==================================
启动文件夹
[Adobe Gamma]
  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\Adobe Gamma.lnk --> C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [Adobe Systems, Inc.]><H>
[IEXPLORE]
  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\IEXPLORE.lnk --> C:\PROGRA~1\IE\sellhost.exe [Microsofts]><N>

==================================
服务
[Adobe LM Service / Adobe LM Service]
  <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[Alerter / Alerter]
  <C:\WINDOWS\system32\svchost.exe -k LocalService-->%SystemRoot%\system32\alrsvc.dll><Microsoft Corporation>
[Application Layer Gateway Service / ALG]
  <C:\WINDOWS\System32\alg.exe><Microsoft Corporation>
[Application Management / AppMgmt]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><Microsoft Corporation>
[ASP.NET State Service / aspnet_state]
  <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[Ati HotKey Poller / Ati HotKey Poller]
  <C:\WINDOWS\system32\Ati2evxx.exe><N/A>
[Windows Audio / AudioSrv]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\audiosrv.dll><Microsoft Corporation>
[Background Intelligent Transfer Service / BITS]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\qmgr.dll><Microsoft Corporation>
[Computer Browser / Browser]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\browser.dll><Microsoft Corporation>
[Indexing Service / CiSvc]
  <C:\WINDOWS\system32\cisvc.exe><Microsoft Corporation>
[ClipBook / ClipSrv]
  <C:\WINDOWS\system32\clipsrv.exe><Microsoft Corporation>
[COM+ System Application / COMSysApp]
  <C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}><Microsoft Corporation>
[Cryptographic Services / CryptSvc]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\cryptsvc.dll><Microsoft Corporation>
[Distributed File System / Dfs]
  <C:\WINDOWS\system32\Dfssvc.exe><Microsoft Corporation>
[DHCP Client / Dhcp]
  <C:\WINDOWS\system32\svchost.exe -k NetworkService-->%SystemRoot%\System32\dhcpcsvc.dll><Microsoft Corporation>
[Logical Disk Manager Administrative Service / dmadmin]
  <C:\WINDOWS\System32\dmadmin.exe /com><Microsoft Corporation>
[Logical Disk Manager / dmserver]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\dmserver.dll><Microsoft Corporation>
[DNS Client / Dnscache]
  <C:\WINDOWS\system32\svchost.exe -k NetworkService-->%SystemRoot%\System32\dnsrslvr.dll><Microsoft Corporation>
[Error Reporting Service / ERSvc]
  <C:\WINDOWS\System32\svchost.exe -k WinErr-->%SystemRoot%\System32\ersvc.dll><Microsoft Corporation>
[Event Log / Eventlog]
  <C:\WINDOWS\system32\services.exe><Microsoft Corporation>
[COM+ Event System / EventSystem]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\es.dll><Microsoft Corporation>
[Help and Support / helpsvc]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><Microsoft Corporation>
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[HTTP SSL / HTTPFilter]
  <C:\WINDOWS\system32\lsass.exe-->%SystemRoot%\System32\w3ssl.dll><Microsoft Corporation>
[IBM PM Service / IBMPMSVC]
  <C:\WINDOWS\system32\ibmpmsvc.exe><N/A>
[IIS Admin Service / IISADMIN]
  <C:\WINDOWS\system32\inetsrv\inetinfo.exe><Microsoft Corporation>
[IMAPI CD-Burning COM Service / ImapiService]
  <C:\WINDOWS\system32\imapi.exe><Microsoft Corporation>
[Intersite Messaging / IsmServ]
  <C:\WINDOWS\System32\ismserv.exe><Microsoft Corporation>
[Kerberos Key Distribution Center / kdc]
  <C:\WINDOWS\System32\lsass.exe><Microsoft Corporation>
[Server / lanmanserver]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\srvsvc.dll><Microsoft Corporation>
[Workstation / lanmanworkstation]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\wkssvc.dll><Microsoft Corporation>
[License Logging / LicenseService]
  <C:\WINDOWS\System32\llssrv.exe><Microsoft Corporation>
[TCP/IP NetBIOS Helper / LmHosts]
  <C:\WINDOWS\system32\svchost.exe -k LocalService-->%SystemRoot%\System32\lmhsvc.dll><Microsoft Corporation>
[Machine Debug Manager / MDM]
  <"C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe"><Microsoft Corporation>
[Messenger / Messenger]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\msgsvc.dll><Microsoft Corporation>
[NetMeeting Remote Desktop Sharing / mnmsrvc]
  <C:\WINDOWS\system32\mnmsrvc.exe><Microsoft Corporation>
[Distributed Transaction Coordinator / MSDTC]
  <C:\WINDOWS\system32\msdtc.exe><Microsoft Corporation>
[Windows Installer / MSIServer]
  <C:\WINDOWS\system32\msiexec.exe /V><Microsoft Corporation>
[Microsoft Search / MSSEARCH]
  <"C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe"><Microsoft Corporation>
[MSSQLSERVER / MSSQLSERVER]
  <C:\PROGRA~1\MICROS~1\MSSQL\binn\sqlservr.exe><Microsoft Corporation>
[MSSQLServerADHelper / MSSQLServerADHelper]
  <C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe><Microsoft Corporation>
[Network DDE / NetDDE]
  <C:\WINDOWS\system32\netdde.exe><Microsoft Corporation>
[Network DDE DSDM / NetDDEdsdm]
  <C:\WINDOWS\system32\netdde.exe><Microsoft Corporation>
[Net Logon / Netlogon]
  <C:\WINDOWS\system32\lsass.exe><Microsoft Corporation>
[Network Connections / Netman]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\netman.dll><Microsoft Corporation>
[Network Location Awareness (NLA) / Nla]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\mswsock.dll><Microsoft Corporation>
[File Replication / NtFrs]
  <C:\WINDOWS\system32\ntfrs.exe><Microsoft Corporation>
[NT LM Security Support Provider / NtLmSsp]
  <C:\WINDOWS\system32\lsass.exe><Microsoft Corporation>
[Removable Storage / NtmsSvc]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\system32\ntmssvc.dll><Microsoft Corporation>
[Plug and Play / PlugPlay]
  <C:\WINDOWS\system32\services.exe><Microsoft Corporation>
[IPSEC Services / PolicyAgent]
  <C:\WINDOWS\system32\lsass.exe><Microsoft Corporation>
[Protected Storage / ProtectedStorage]
  <C:\WINDOWS\system32\lsass.exe><Microsoft Corporation>
[Remote Access Auto Connection Manager / RasAuto]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\rasauto.dll><Microsoft Corporation>
[Remote Access Connection Manager / RasMan]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\rasmans.dll><Microsoft Corporation>

[Remote Desktop Help Session Manager / RDSessMgr]
  <C:\WINDOWS\system32\sessmgr.exe><Microsoft Corporation>
[Routing and Remote Access / RemoteAccess]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\mprdim.dll><Microsoft Corporation>
[Remote Registry / RemoteRegistry]
  <C:\WINDOWS\system32\svchost.exe -k regsvc-->%SystemRoot%\system32\regsvc.dll><Microsoft Corporation>
[Remote Procedure Call (RPC) Locator / RpcLocator]
  <C:\WINDOWS\system32\locator.exe><Microsoft Corporation>
[Remote Procedure Call (RPC) / RpcSs]
  <C:\WINDOWS\system32\svchost -k rpcss-->%SystemRoot%\system32\rpcss.dll><Microsoft Corporation>
[Rising Process Communication Center / RsCCenter]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Resultant Set of Policy Provider / RSoPProv]
  <C:\WINDOWS\system32\RSoPProv.exe><Microsoft Corporation>
[RsRavMon Service / RsRavMon]
  <"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[Special Administration Console Helper / sacsvr]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\system32\sacsvr.dll><Microsoft Corporation>
[Security Accounts Manager / SamSs]
  <C:\WINDOWS\system32\lsass.exe><Microsoft Corporation>
[Smart Card / SCardSvr]
  <C:\WINDOWS\System32\SCardSvr.exe><Microsoft Corporation>
[Task Scheduler / Schedule]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\system32\schedsvc.dll><Microsoft Corporation>
[Secondary Logon / seclogon]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\seclogon.dll><Microsoft Corporation>
[System Event Notification / SENS]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\system32\sens.dll><Microsoft Corporation>
[Internet Connection Firewall (ICF) / Internet Connection Sharing (ICS) / SharedAccess]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\ipnathlp.dll><Microsoft Corporation>
[Shell Hardware Detection / ShellHWDetection]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\shsvcs.dll><Microsoft Corporation>
[Print Spooler / Spooler]
  <C:\WINDOWS\system32\spoolsv.exe><Microsoft Corporation>
[SQLSERVERAGENT / SQLSERVERAGENT]
  <C:\PROGRA~1\MICROS~1\MSSQL\binn\sqlagent.exe><Microsoft Corporation>
[Windows Image Acquisition (WIA) / stisvc]
  <C:\WINDOWS\system32\svchost.exe -k imgsvc-->%SystemRoot%\system32\wiaservc.dll><Microsoft Corporation>
[Microsoft Software Shadow Copy Provider / swprv]
  <C:\WINDOWS\System32\svchost.exe -k swprv-->%Systemroot%\System32\swprv.dll><Microsoft Corporation>
[Performance Logs and Alerts / SysmonLog]
  <C:\WINDOWS\system32\smlogsvc.exe><Microsoft Corporation>
[Telephony / TapiSrv]
  <C:\WINDOWS\System32\svchost.exe -k tapisrv-->%SystemRoot%\System32\tapisrv.dll><Microsoft Corporation>
[Terminal Services / TermService]
  <C:\WINDOWS\System32\svchost.exe -k termsvcs-->%SystemRoot%\System32\termsrv.dll><Microsoft Corporation>
[Themes / Themes]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\shsvcs.dll><Microsoft Corporation>
[Telnet / TlntSvr]
  <C:\WINDOWS\system32\tlntsvr.exe><Microsoft Corporation>
[Distributed Link Tracking Server / TrkSvr]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\system32\trksvr.dll><Microsoft Corporation>
[Distributed Link Tracking Client / TrkWks]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\system32\trkwks.dll><Microsoft Corporation>
[Terminal Services Session Directory / Tssdis]
  <C:\WINDOWS\System32\tssdis.exe><Microsoft Corporation>
[Upload Manager / uploadmgr]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><Microsoft Corporation>
[Uninterruptible Power Supply / UPS]
  <C:\WINDOWS\System32\ups.exe><Microsoft Corporation>
[Virtual Disk Service / vds]
  <C:\WINDOWS\System32\vds.exe><Microsoft Corporation>
[Volume Shadow Copy / VSS]
  <C:\WINDOWS\System32\vssvc.exe><Microsoft Corporation>
[Windows Time / W32Time]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\w32time.dll><Microsoft Corporation>
[World Wide Web Publishing Service / W3SVC]
  <C:\WINDOWS\System32\svchost.exe -k iissvcs-->C:\WINDOWS\system32\inetsrv\iisw3adm.dll><Microsoft Corporation>
[WebClient / WebClient]
  <C:\WINDOWS\system32\svchost.exe -k LocalService-->%SystemRoot%\System32\webclnt.dll><Microsoft Corporation>
[WinHTTP Web Proxy Auto-Discovery Service / WinHttpAutoProxySvc]
  <C:\WINDOWS\system32\svchost.exe -k LocalService-->winhttp.dll><Microsoft Corporation>
[Windows Management Instrumentation / winmgmt]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\system32\wbem\WMIsvc.dll><Microsoft Corporation>
[Portable Media Serial Number Service / WmdmPmSN]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\mspmsnsv.dll><Microsoft Corporation>
[Windows Management Instrumentation Driver Extensions / Wmi]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\advapi32.dll><Microsoft Corporation>
[WMI Performance Adapter / WmiApSrv]
  <C:\WINDOWS\system32\wbem\wmiapsrv.exe><Microsoft Corporation>

==================================
驱动程序
[Microsoft ACPI Driver / ACPI]
  <\SystemRoot\system32\DRIVERS\ACPI.sys><Microsoft Corporation>
[Microsoft Embedded Controller Driver / ACPIEC]
  <\SystemRoot\system32\DRIVERS\ACPIEC.sys><Microsoft Corporation>
[aeaudio / aeaudio]
  <system32\drivers\aeaudio.sys><Andrea Electronics Corporation>
[Microsoft Kernel Acoustic Echo Canceller / aec]
  <system32\drivers\aec.sys><Microsoft Corporation>
[AFD 网络支持环境 / AFD]
  <\SystemRoot\System32\drivers\afd.sys><Microsoft Corporation>
[Agere Systems Soft Modem / AgereSoftModem]
  <system32\DRIVERS\AGRSM.sys><Agere Systems>
[Intel AGP Bus Filter / agp440]
  <\SystemRoot\system32\DRIVERS\agp440.sys><Microsoft Corporation>
[1394 ARP 客户端协议 / Arp1394]
  <system32\DRIVERS\arp1394.sys><Microsoft Corporation>
[RAS Asynchronous Media Driver / AsyncMac]
  <system32\DRIVERS\asyncmac.sys><Microsoft Corporation>
[标准 IDE/ESDI 硬盘控制器 / atapi]
  <\SystemRoot\system32\DRIVERS\atapi.sys><Microsoft Corporation>
[ati2mtag / ati2mtag]
  <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[ATM ARP Client Protocol / Atmarpc]
  <system32\DRIVERS\atmarpc.sys><Microsoft Corporation>
[音频存根驱动程序 / audstub]
  <system32\DRIVERS\audstub.sys><Microsoft Corporation>
[BaseTDI / BaseTDI]
  <\??\C:\WINDOWS\system32\drivers\basetdi.sys><Beijing Rising Technology Co., Ltd.>
[Beep / Beep]
  <C:\WINDOWS\SYSTEM32\DRIVERS\Beep.SYS><Microsoft Corporation>
[cbidf2k / cbidf2k]
  <C:\WINDOWS\SYSTEM32\DRIVERS\cbidf2k.SYS><Microsoft Corporation>
[Cdfs / Cdfs]
  <C:\WINDOWS\SYSTEM32\DRIVERS\Cdfs.SYS><Microsoft Corporation>
[CD-ROM Driver / Cdrom]
  <system32\DRIVERS\cdrom.sys><Microsoft Corporation>
[群集磁盘驱动程序 / ClusDisk]
  <system32\DRIVERS\ClusDisk.sys><Microsoft Corporation>
[Microsoft AC Adapter Driver / CmBatt]
  <system32\DRIVERS\CmBatt.sys><Microsoft Corporation>
[Microsoft Composite Battery Driver / Compbatt]
  <\SystemRoot\system32\DRIVERS\compbatt.sys><Microsoft Corporation>
[CRC 磁盘筛选驱动程序 / crcdisk]
  <\SystemRoot\system32\DRIVERS\crcdisk.sys><Microsoft Corporation>
[DfsDriver / DfsDriver]
  <\SystemRoot\system32\drivers\Dfs.sys><Microsoft Corporation>
[磁盘驱动程序 / Disk]
  <\SystemRoot\system32\DRIVERS\disk.sys><Microsoft Corporation>
[dmboot / dmboot]
  <System32\drivers\dmboot.sys><Microsoft Corporation>
[dmio / dmio]
  <System32\drivers\dmio.sys><Microsoft Corporation>
[dmload / dmload]
  <System32\drivers\dmload.sys><Microsoft Corporation>
[Microsoft Kernel DLS Syntheiszer / DMusic]
  <system32\drivers\DMusic.sys><Microsoft Corporation>
[Microsoft Kernel DRM Audio Descrambler / drmkaud]
  <system32\drivers\drmkaud.sys><Microsoft Corporation>
[Intel(R) PRO Network Connection Driver / E100B]
  <system32\DRIVERS\e100b325.sys><Intel Corporation>
[ExpScaner / ExpScaner]
  <\??\C:\Program Files\Rising\Rav\ExpScan.sys><>
[Fastfat / Fastfat]
  <C:\WINDOWS\SYSTEM32\DRIVERS\Fastfat.SYS><Microsoft Corporation>
[Floppy Disk Controller Driver / Fdc]
  <system32\DRIVERS\fdc.sys><Microsoft Corporation>
[Fips / Fips]
  <C:\WINDOWS\SYSTEM32\DRIVERS\Fips.SYS><Microsoft Corporation>
[Flpydisk / Flpydisk]
  <C:\WINDOWS\SYSTEM32\DRIVERS\Flpydisk.SYS><Microsoft Corporation>
[FsVga / FsVga]
  <system32\DRIVERS\fsvga.sys><Microsoft Corporation>
[Volume Manager Driver / Ftdisk]
  <\SystemRoot\system32\DRIVERS\ftdisk.sys><Microsoft Corporation>
[Generic Packet Classifier / Gpc]
  <system32\DRIVERS\msgpc.sys><Microsoft Corporation>
[Microsoft HID Class Driver / hidusb]
  <system32\DRIVERS\hidusb.sys><Microsoft Corporation>
[HOOKAPI / HOOKAPI]
  <\??\C:\RISING\HOOKAPI.SYS><N/A>
[HookCont / HookCont]
  <\??\C:\Program Files\Rising\Rav\HOOKCONT.sys><Rising tech Co. ltd>
[HookReg / HookReg]
  <\??\C:\Program Files\Rising\Rav\HookReg.sys><>
[HookSys / HookSys]
  <\??\C:\Program Files\Rising\Rav\HookSys.sys><Rising>
[HTTP / HTTP]
  <System32\Drivers\HTTP.sys><Microsoft Corporation>
[i8042 Keyboard and PS/2 Mouse Port Driver / i8042prt]
  <system32\DRIVERS\i8042prt.sys><Microsoft Corporation>
[IBMPMDRV / IBMPMDRV]
  <system32\DRIVERS\ibmpmdrv.sys><N/A>
[CD-Burning Filter Driver / imapi]
  <system32\DRIVERS\imapi.sys><Microsoft Corporation>
[IntelIde / IntelIde]
  <\SystemRoot\system32\DRIVERS\intelide.sys><Microsoft Corporation>
[IP Traffic Filter Driver / IpFilterDriver]
  <system32\DRIVERS\ipfltdrv.sys><Microsoft Corporation>
[IP in IP Tunnel Driver / IpInIp]
  <system32\DRIVERS\ipinip.sys><N/A>
[IP Network Address Translator / IpNat]
  <system32\DRIVERS\ipnat.sys><Microsoft Corporation>
[IPSEC driver / IPSec]
  <system32\DRIVERS\ipsec.sys><Microsoft Corporation>
[PnP ISA/EISA Bus Driver / isapnp]
  <\SystemRoot\system32\DRIVERS\isapnp.sys><Microsoft Corporation>
[Keyboard Class Driver / Kbdclass]
  <system32\DRIVERS\kbdclass.sys><Microsoft Corporation>
[Microsoft Kernel Wave Audio Mixer / kmixer]
  <system32\drivers\kmixer.sys><Microsoft Corporation>
[KSecDD / KSecDD]
  <C:\WINDOWS\SYSTEM32\DRIVERS\KSecDD.SYS><Microsoft Corporation>
[MEMSCAN / MEMSCAN]
  <\??\C:\Program Files\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[mnmdd / mnmdd]
  <C:\WINDOWS\SYSTEM32\DRIVERS\mnmdd.SYS><Microsoft Corporation>
[Modem / Modem]
  <C:\WINDOWS\SYSTEM32\DRIVERS\Modem.SYS><Microsoft Corporation>
[Mouse Class Driver / Mouclass]
  <system32\DRIVERS\mouclass.sys><Microsoft Corporation>
[Mouse HID Driver / mouhid]
  <system32\DRIVERS\mouhid.sys><Microsoft Corporation>
[Mount Point Manager / MountMgr]
  <C:\WINDOWS\SYSTEM32\DRIVERS\MountMgr.SYS><Microsoft Corporation>
[WebDav Client Redirector / MRxDAV]
  <system32\DRIVERS\mrxdav.sys><Microsoft Corporation>
[MRxSmb / MRxSmb]
  <system32\DRIVERS\mrxsmb.sys><Microsoft Corporation>
[Msfs / Msfs]
  <C:\WINDOWS\SYSTEM32\DRIVERS\Msfs.SYS><Microsoft Corporation>
[Microsoft Streaming Service Proxy / MSKSSRV]
  <system32\drivers\MSKSSRV.sys><Microsoft Corporation>
[Microsoft Streaming Clock Proxy / MSPCLOCK]
  <system32\drivers\MSPCLOCK.sys><Microsoft Corporation>
[Microsoft Streaming Quality Manager Proxy / MSPQM]
  <system32\drivers\MSPQM.sys><Microsoft Corporation>
[Mup / Mup]
  <C:\WINDOWS\SYSTEM32\DRIVERS\Mup.SYS><Microsoft Corporation>
[NDIS System Driver / NDIS]
  <C:\WINDOWS\SYSTEM32\DRIVERS\NDIS.SYS><Microsoft Corporation>
[Remote Access NDIS TAPI Driver / NdisTapi]
  <system32\DRIVERS\ndistapi.sys><Microsoft Corporation>
[NDIS 用户模式 I/O 协议 / Ndisuio]
  <system32\DRIVERS\ndisuio.sys><Microsoft Corporation>
[Remote Access NDIS WAN Driver / NdisWan]
  <system32\DRIVERS\ndiswan.sys><Microsoft Corporation>
[NDIS Proxy / NDProxy]
  <C:\WINDOWS\SYSTEM32\DRIVERS\NDProxy.SYS><Microsoft Corporation>
[NetBIOS Interface / NetBIOS]
  <system32\DRIVERS\netbios.sys><Microsoft Corporation>
[NetBios over Tcpip / NetBT]
  <system32\DRIVERS\netbt.sys><Microsoft Corporation>
[1394 网络驱动程序 / NIC1394]
  <system32\DRIVERS\nic1394.sys><Microsoft Corporation>
[Npfs / Npfs]
  <C:\WINDOWS\SYSTEM32\DRIVERS\Npfs.SYS><Microsoft Corporation>
[npkcrypt / npkcrypt]
  <\??\C:\Program Files\Tencent\qq\npkcrypt.sys><N/A>
[Ntfs / Ntfs]
  <C:\WINDOWS\SYSTEM32\DRIVERS\Ntfs.SYS><Microsoft Corporation>
[Null / Null]
  <C:\WINDOWS\SYSTEM32\DRIVERS\Null.SYS><Microsoft Corporation>
[Texas Instruments OHCI Compliant IEEE 1394 Host Controller / ohci1394]
  <\SystemRoot\system32\DRIVERS\ohci1394.sys><Microsoft Corporation>
[Parallel port driver / Parport]
  <system32\DRIVERS\parport.sys><Microsoft Corporation>
[Partition Manager / PartMgr]
  <C:\WINDOWS\SYSTEM32\DRIVERS\PartMgr.SYS><Microsoft Corporation>
[Parvdm / Parvdm]
  <system32\DRIVERS\parvdm.sys><Microsoft Corporation>
[PCI Bus Driver / PCI]
  <\SystemRoot\system32\DRIVERS\pci.sys><Microsoft Corporation>
[PCIIde / PCIIde]
  <C:\WINDOWS\SYSTEM32\DRIVERS\PCIIde.SYS><Microsoft Corporation>
[Pcmcia / Pcmcia]
  <\SystemRoot\system32\DRIVERS\pcmcia.sys><Microsoft Corporation>
[WAN Miniport (PPTP) / PptpMiniport]
  <system32\DRIVERS\raspptp.sys><Microsoft Corporation>

[处理器驱动程序 / Processor]
  <system32\DRIVERS\processr.sys><Microsoft Corporation>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Remote Access Auto Connection Driver / RasAcd]
  <system32\DRIVERS\rasacd.sys><Microsoft Corporation>
[WAN Miniport (L2TP) / Rasl2tp]
  <system32\DRIVERS\rasl2tp.sys><Microsoft Corporation>
[远程访问 PPPOE 驱动程序 / RasPppoe]
  <system32\DRIVERS\raspppoe.sys><Microsoft Corporation>
[Direct Parallel / Raspti]
  <system32\DRIVERS\raspti.sys><Microsoft Corporation>
[Rdbss / Rdbss]
  <system32\DRIVERS\rdbss.sys><Microsoft Corporation>
[RDPCDD / RDPCDD]
  <System32\DRIVERS\RDPCDD.sys><Microsoft Corporation>
[Terminal Server Device Redirector Driver / rdpdr]
  <system32\DRIVERS\rdpdr.sys><Microsoft Corporation>
[RDPWD / RDPWD]
  <C:\WINDOWS\SYSTEM32\DRIVERS\RDPWD.SYS><Microsoft Corporation>
[Digital CD Audio Playback Filter Driver / redbook]
  <system32\DRIVERS\redbook.sys><Microsoft Corporation>
[Secdrv / Secdrv]
  <system32\DRIVERS\secdrv.sys><N/A>
[Serenum Filter Driver / serenum]
  <system32\DRIVERS\serenum.sys><Microsoft Corporation>
[Serial port driver / Serial]
  <system32\DRIVERS\serial.sys><Microsoft Corporation>
[高容量软盘驱动器 / Sfloppy]
  <system32\DRIVERS\sfloppy.sys><Microsoft Corporation>
[smwdm / smwdm]
  <system32\drivers\smwdm.sys><Analog Devices, Inc.>
[sojubus / sojubus]
  <\SystemRoot\system32\DRIVERS\sojubus.sys><>
[sojuscsi / sojuscsi]
  <\SystemRoot\system32\DRIVERS\sojuscsi.sys><>
[Microsoft Kernel Audio Splitter / splitter]
  <system32\drivers\splitter.sys><Microsoft Corporation>
[Srv / Srv]
  <system32\DRIVERS\srv.sys><Microsoft Corporation>
[Software Bus Driver / swenum]
  <system32\DRIVERS\swenum.sys><Microsoft Corporation>
[Microsoft Kernel GS Wavetable Synthesizer / swmidi]
  <system32\drivers\swmidi.sys><Microsoft Corporation>
[Microsoft Kernel System Audio Device / sysaudio]
  <system32\drivers\sysaudio.sys><Microsoft Corporation>
[TCP/IP Protocol Driver / Tcpip]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[TDPIPE / TDPIPE]
  <C:\WINDOWS\SYSTEM32\DRIVERS\TDPIPE.SYS><Microsoft Corporation>
[TDTCP / TDTCP]
  <C:\WINDOWS\SYSTEM32\DRIVERS\TDTCP.SYS><Microsoft Corporation>
[终端设备驱动程序 / TermDD]
  <system32\DRIVERS\termdd.sys><Microsoft Corporation>
[Udfs / Udfs]
  <C:\WINDOWS\SYSTEM32\DRIVERS\Udfs.SYS><Microsoft Corporation>
[Microcode Update Driver / Update]
  <system32\DRIVERS\update.sys><Microsoft Corporation>
[Microsoft USB 2.0 Enhanced Host Controller Miniport Driver / usbehci]
  <system32\DRIVERS\usbehci.sys><Microsoft Corporation>
[USB2 Enabled Hub / usbhub]
  <system32\DRIVERS\usbhub.sys><Microsoft Corporation>
[USB 大容量存储驱动程序 / USBSTOR]
  <system32\DRIVERS\USBSTOR.SYS><Microsoft Corporation>
[Microsoft USB Universal Host Controller Miniport Driver / usbuhci]
  <system32\DRIVERS\usbuhci.sys><Microsoft Corporation>
[vga / vga]
  <system32\DRIVERS\vgapnp.sys><Microsoft Corporation>
[VGA 显示控制器。 / VgaSave]
  <\SystemRoot\System32\drivers\vga.sys><Microsoft Corporation>
[存储卷 / VolSnap]
  <\SystemRoot\system32\DRIVERS\volsnap.sys><Microsoft Corporation>
[Remote Access IP ARP Driver / Wanarp]
  <system32\DRIVERS\wanarp.sys><Microsoft Corporation>

==================================
浏览器加载项
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[]
  {A9930D97-9CF0-42A0-A10D-4F28836579D5} <C:\PROGRA~1\KuGoo3\KUGOO3~1.OCX, N/A>
[启动迅雷]
  {0062C9BD-B349-40DE-91A0-755F37ACD559} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[@msdxmLC.dll,-1@2052,电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
[Office Update Installation Engine]
  {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} <C:\WINDOWS\opuc.dll, Microsoft Corporation>
[Update Class]
  {9F1C11AA-197B-4942-BA54-47A8489BB47F} <C:\WINDOWS\system32\iuctl.dll, Microsoft Corporation>
[MsnMessengerSetupDownloadControl Class]
  {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} <C:\WINDOWS\Downloaded Program Files\MsnMessengerSetupDownloader.ocx, Microsoft Corporation>
[JatoolsPrinter Class]
  {B43D3361-D975-4BE2-87FE-057188254255} <C:\WINDOWS\Downloaded Program Files\jatoolsP.dll, jatools software co.,ltd>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[&使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[上传到QQ网络硬盘]
  <C:\Program Files\Tencent\qq\AddToNetDisk.htm, N/A>
[使用KuGoo3下载(&K)]
  <C:\PROGRA~1\KuGoo3\KuGoo3DownX.htm, N/A>
[添加到QQ自定义面板]
  <C:\Program Files\Tencent\qq\AddPanel.htm, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\qq\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <C:\Program Files\Tencent\qq\SendMMS.htm, N/A>

==================================
正在运行的进程
[PID: 480][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[PID: 532][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[PID: 560][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[PID: 604][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[PID: 616][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[PID: 788][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[PID: 836][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[PID: 888][C:\WINDOWS\system32\ibmpmsvc.exe]  [N/A, N/A]
[PID: 992][C:\Program Files\Rising\Rav\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 1032][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[PID: 1080][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[PID: 1108][C:\Program Files\Rising\Rav\Ravmond.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 1, 35]
    [C:\Program Files\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\Rising\Rav\RsLog.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
    [C:\Program Files\Rising\Rav\HOOKSYS.dll]  [Beijing Rising Technology Co., Ltd., 18, 1, 0, 11]
    [C:\Program Files\Rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 32]
    [C:\Program Files\Rising\Rav\libload.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [C:\Program Files\Rising\Rav\VirusLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
    [C:\Program Files\Rising\Rav\regmon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [C:\Program Files\Rising\Rav\HookWeb.dll]  [rising, 18, 0, 0, 2]
    [C:\Program Files\Rising\Rav\MemMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [C:\Program Files\Rising\Rav\expscan.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\Rising\Rav\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
    [C:\Program Files\Rising\Rav\MailMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\Program Files\Rising\Rav\SpamEng.dll]  [N/A, 18, 0, 0, 6]
    [C:\Program Files\Rising\Rav\engine.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 34]
    [C:\Program Files\Rising\Rav\PostTrt.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 15]
    [C:\Program Files\Rising\Rav\UnExe.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [C:\Program Files\Rising\Rav\ScanExec.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [C:\Program Files\Rising\Rav\ScanEx.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 23]
    [C:\Program Files\Rising\Rav\RSUnpack.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 16]
    [C:\Program Files\Rising\Rav\NvFile.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 7]
    [C:\Program Files\Rising\Rav\ScanMac.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 9]
    [C:\Program Files\Rising\Rav\ScanSct.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 18]
    [C:\Program Files\Rising\Rav\Unpacker.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\Rising\Rav\ExtOLE.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [C:\Program Files\Rising\Rav\ExtMail.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [C:\Program Files\Rising\Rav\ScanNet.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\Program Files\Rising\Rav\RsStore.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]

[PID: 1124][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[PID: 1288][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[PID: 1412][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[PID: 1600][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[PID: 1648][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.3790.0 (srv03_rtm.030324-2048)]
    [C:\Program Files\Media Player Classic\Codecs\mmfinfo.dll]  [N/A, N/A]
    [C:\Program Files\Media Player Classic\Codecs\mkunicode.dll]  [N/A, N/A]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 21]
    [C:\WINDOWS\system32\icm32.dll]  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
    [C:\WINDOWS\system32\l3codecp.acm]  [Fraunhofer Institut Integrierte Schaltungen IIS, 3, 3, 2, 44]
    [C:\Program Files\Common Files\Microsoft Shared\MSINFO\68D77E6C.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\mywow.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\xydll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\3.dLL]  [N/A, N/A]
    [C:\WINDOWS\system32\myrx.dll]  [N/A, N/A]
[PID: 1780][C:\WINDOWS\system32\inetsrv\inetinfo.exe]  [Microsoft Corporation, 6.0.3790.0 (srv03_rtm.030324-2048)]
[PID: 1828][C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe]  [Microsoft Corporation, 7.10.3077]
[PID: 1896][C:\PROGRA~1\MICROS~1\MSSQL\binn\sqlservr.exe]  [Microsoft Corporation, 2000.080.0760.00]
[PID: 2000][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[PID: 2024][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[PID: 240][C:\WINDOWS\system32\Dfssvc.exe]  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[PID: 424][C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe]  [Microsoft Corporation, 9.107.8320.0]
[PID: 1192][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[PID: 1824][C:\Program Files\Rising\Rav\RavTask.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 22]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Common Files\Microsoft Shared\MSINFO\68D77E6C.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\xydll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\3.dLL]  [N/A, N/A]
[PID: 2068][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
    [C:\Program Files\Common Files\Microsoft Shared\MSINFO\68D77E6C.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\xydll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\3.dLL]  [N/A, N/A]
[PID: 2308][C:\WINDOWS\system32\wbem\wmiprvse.exe]  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[PID: 2668][C:\Program Files\IE\sellhost.exe]  [Microsofts, 1.01.0135]
    [C:\Program Files\Common Files\Microsoft Shared\MSINFO\68D77E6C.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\xydll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\3.dLL]  [N/A, N/A]
[PID: 3448][C:\WINDOWS\Download\svhost32.exe]  [N/A, N/A]
    [C:\WINDOWS\system32\xydll.dll]  [N/A, N/A]
    [C:\Program Files\Common Files\Microsoft Shared\MSINFO\68D77E6C.dll]  [N/A, N/A]
[PID: 1960][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
    [C:\Program Files\Common Files\Microsoft Shared\MSINFO\68D77E6C.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\xydll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\3.dLL]  [N/A, N/A]
[PID: 2740][C:\Program Files\Tencent\qq\QQ.exe]  [TENCENT, 0, 0, 0, 0]
    [C:\Program Files\Tencent\qq\CoralAssist.DLL]  [Coral Team, 4.5.0 build 20060515]
    [C:\Program Files\Tencent\qq\CoralQQ.DLL]  [Coral Team, 4.5.2 Build 20060830]
    [C:\Program Files\Tencent\qq\ipsearcher.dll]  [, 1.0.0.3]
    [C:\Program Files\Tencent\qq\QQBaseClassInDll.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\qq\QQHelperDll.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\qq\BasicCtrlDll.dll]  [Tencent, 5, 0, 200, 370]
    [C:\WINDOWS\system32\3.dLL]  [N/A, N/A]
    [C:\Program Files\Common Files\Microsoft Shared\MSINFO\68D77E6C.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\qq\LoginCtrl.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\qq\npkcntc.dll]  [INCA Internet Co., Ltd., 2006, 6, 27, 1]
    [C:\Program Files\Tencent\qq\npkpdb.dll]  [INCA Internet Co., Ltd., 2003, 10, 1, 1]
    [C:\Program Files\Tencent\qq\QQAPI.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\qq\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
    [C:\WINDOWS\system32\xydll.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\qq\QQRes.dll]  [tencent, 1, 0, 0, 1]
    [C:\Program Files\Tencent\qq\QQMainFrame.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\qq\CQQApplication.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\qq\NewSkin.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\qq\HostingMgr.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\qq\CameraDll.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\qq\MailSummary.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\qq\QQSpace.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\qq\QQGroupMng.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\qq\GroupLive.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\qq\LongConnection.dll]  [tencent, 5, 0, 200, 160]
    [C:\Program Files\Tencent\qq\QQPlugin.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\qq\ShareFiles.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\qq\QQZip.dll]  [tencent, 0, 3, 2, 4]
    [C:\WINDOWS\system32\l3codeca.acm]  [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]
    [C:\Program Files\Tencent\qq\UserDefinedHead.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\qq\QQConfigPlugin.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\qq\QRingMng.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\qq\QQAvatar.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\qq\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [C:\Program Files\Tencent\qq\QQSysMsgMng.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\qq\QQPet.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\qq\QQFileTransfer.dll]  [Tencent, 0, 3, 3, 5]
    [C:\Program Files\Tencent\qq\BQQApplication.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\qq\CommercesMng.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\qq\PersonalDesktop.dll]  [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]

[C:\Program Files\Tencent\qq\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 240]
    [C:\Program Files\Tencent\qq\QQSceneMng.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\qq\QQPhoneHelper.dll]  [腾讯科技（深圳）有限公司, 2, 0, 6, 60]
    [C:\Program Files\Tencent\qq\QQAllInOne.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\qq\SCCore.dll]  [TENCENT, 2, 0, 0, 1]
    [C:\Program Files\Tencent\qq\QQCustomFace.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
    [C:\Program Files\Tencent\qq\QQMagicFace.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\qq\GroupConnection.dll]  [Tencent, 0, 3, 3, 5]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[PID: 3300][C:\Program Files\Tencent\qq\TIMPlatform.exe]  [tencent, 0, 3, 1, 8]
    [C:\WINDOWS\system32\3.dLL]  [N/A, N/A]
    [C:\Program Files\Common Files\Microsoft Shared\MSINFO\68D77E6C.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\xydll.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\qq\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
[PID: 2648][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.3790.0 (srv03_rtm.030324-2048)]
    [C:\WINDOWS\system32\3.dLL]  [N/A, N/A]
    [C:\Program Files\Common Files\Microsoft Shared\MSINFO\68D77E6C.dll]  [N/A, N/A]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
    [C:\PROGRA~1\KuGoo3\KUGOO3~1.OCX]  [N/A, N/A]
    [C:\WINDOWS\system32\xydll.dll]  [N/A, N/A]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
[PID: 1168][c:\windows\system32\inetsrv\w3wp.exe]  [Microsoft Corporation, 6.0.3790.0 (srv03_rtm.030324-2048)]
[PID: 3788][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.3790.0 (srv03_rtm.030324-2048)]
    [C:\WINDOWS\system32\3.dLL]  [N/A, N/A]
    [C:\Program Files\Common Files\Microsoft Shared\MSINFO\68D77E6C.dll]  [N/A, N/A]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
    [C:\PROGRA~1\KuGoo3\KUGOO3~1.OCX]  [N/A, N/A]
    [C:\WINDOWS\system32\xydll.dll]  [N/A, N/A]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
[PID: 2440][C:\Program Files\Thunder Network\Thunder\Program\Thunder5.exe]  [Thunder Networking Technologies,LTD, 5.3.0.220]
    [C:\Program Files\Thunder Network\Thunder\Program\UpdateDownload.dll]  [Thunder Networking Technologies,LTD, 1, 0, 1, 8]
    [C:\Program Files\Thunder Network\Thunder\Program\download_interface.dll]  [Thunder Networking Technologies,LTD, 1, 0, 4, 71]
    [C:\Program Files\Thunder Network\Thunder\Program\log4cplus.dll]  [, 1, 0, 2, 1]
    [C:\Program Files\Thunder Network\Thunder\Program\stlport_vc646.dll]  [STLport Consulting, Inc., 4.6.2003.1031]
    [C:\Program Files\Thunder Network\Thunder\Program\asyn_dns.dll]  [N/A, N/A]
    [C:\Program Files\Thunder Network\Thunder\Program\msgmanage.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 15]
    [C:\Program Files\Thunder Network\Thunder\Program\historyinfo_manage.dll]  [Thunder Networking Technologies,LTD, 5, 2, 0, 148]
    [C:\WINDOWS\system32\3.dLL]  [N/A, N/A]
    [C:\Program Files\Common Files\Microsoft Shared\MSINFO\68D77E6C.dll]  [N/A, N/A]
    [C:\Program Files\Thunder Network\Thunder\Program\RegisterDll.dll]  [Thunder Networking Technologies,LTD, 2, 1, 0, 18]
    [C:\Program Files\Thunder Network\Thunder\Program\FloatBar.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 2]
    [C:\Program Files\Thunder Network\Thunder\Components\InMedia\iEmbedShell.dll]  [　, 1, 0, 0, 11]
    [C:\Program Files\Thunder Network\Thunder\Components\InMedia\iEmbed04.dll]  [　, 2, 3, 0, 37]
    [C:\Program Files\Thunder Network\Thunder\Components\P4PClient\P4PClient.dll]  [Thunder Networking Technologies,LTD, 1, 0, 3, 8]
    [C:\WINDOWS\system32\xydll.dll]  [N/A, N/A]
    [C:\Program Files\Thunder Network\Thunder\Program\iTargetAd.dll]  [Thunder Networking Technologies,LTD, 1, 0, 1, 55]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
[PID: 2536][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.574\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
    [C:\WINDOWS\system32\3.dLL]  [N/A, N/A]
    [C:\Program Files\Common Files\Microsoft Shared\MSINFO\68D77E6C.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\xydll.dll]  [N/A, N/A]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. [hh.exe %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [notepad.exe %1]
.INF  Error. [notepad.exe %1]
.VBS  Error. [wscript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
59.34.197.239      www.baidu.com
59.34.197.239      baidu.com
59.34.197.239      www.sohu.com
59.34.197.239      sohu.com
59.34.197.239      www.sina.com
59.34.197.239      sina.com
59.34.197.239      www.sina.com.cn
59.34.197.239      sina.com.cn
59.34.197.239      www.163.com
59.34.197.239      163.com
59.34.197.239      www.google.com
59.34.197.239      google.com
59.34.197.239      www.qq.com
59.34.197.239      qq.com
59.34.197.239      www.hao123.com
59.34.197.239      hao123.com
59.34.197.239      ttlttt.com
203.171.236.215      www.17173.com
203.171.236.215      www.wowchina.com
203.171.236.215      www.ztgame.com.cn
203.171.236.215      rxjh.17game.com
203.171.236.215      www.17game.com
203.171.236.215      www.kd171.cn
203.171.236.215      www.72g.com
203.171.236.215      www.muchina.com
203.171.236.215      xyq.163.com
203.171.236.215      xy2.163.com
203.171.236.215      www.the9.com
203.171.236.215      www.5173.com
203.171.236.215      www.tkgame.com

==================================

我现在能提供的就是这东西好像超级吃内存 我用bt下载电影 其他的什么都没干 bt就弹出out of memory
然后就是瑞星不能打开
请大家帮帮忙 谢谢了

顶起来
我现在还是上不了baidu 是不是因为这个病毒？