瑞星卡卡安全论坛

首页 » 技术交流区 » 反病毒/反流氓软件论坛 » IE首页被篡改
ao00o - 2006-10-7 11:04:00
IE首页被篡改,而且不定时有广告网页弹出.浏览器显示的有"快搜"的工具条.
用兔子和360安全卫士,瑞星,黄山都修复了,但还是不行.
下面是浏览器绑定的网站,请各位看下,能不能修复,万分感谢。
h ttp://piao xu e.c om    请不要点.





各位高手:
非常感谢您留心我这份系统诊断报告,小菜鸟十万火急等待您的帮助!
该诊断报告由360安全卫士提供 http://www.360safe.com
诊断时间: 2006-10-07  10:40:56
诊断平台: Microsoft Windows XP  Service Pack 2
IE版本: Internet Explorer V6.0.2900.2180 Build:62900.2180
计算机物理内存:511MB - 当前可用内存:288MB
100 - 未知 - Process: sysmgr.exe [] - sysmgr.exe
R0 - 未知 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page=http://piaoxue.com
O3 - 未知 - Toolbar: (SearchCar) - [IE Toolbar] - {BD328E49-38AB-42CB-8EEA-73AA4CD2A6FD} - C:\Program Files\SearchCar\SearchCar.dll
O18 - 未知 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - 未知 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - 未知 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - 未知 - Service: COM- Event System [支持系统事件通知服务 (SENS),此服务为订阅的组件对象模型 (COM) 组件提供自动分布事件功能。] - C:\WINDOWS\svchost.exe
O23 - 未知 - Service: 系统程序 [系统程序] - C:\WINDOWS\G_Server.exe
=======================================
100 - 安全 - Process: smss.exe [进程为会话管理子系统用以初始化系统变量,ms-dos驱动名称类似lpt1以及com,调用win32壳子系统和运行在windows登陆过程。] - \SystemRoot\System32\smss.exe
100 - 安全 - Process: csrss.exe [客户端服务子系统,用以控制windows图形相关子系统。] - C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestT
100 - 安全 - Process: winlogon.exe [windows nt用户登陆程序。] - winlogon.exe
100 - 安全 - Process: services.exe [用于管理windows服务系统进程。] - C:\WINDOWS\system32\services.exe
100 - 安全 - Process: lsass.exe [本地安全权限服务控制windows安全机制。] - C:\WINDOWS\system32\lsass.exe
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost -k DcomLaunch
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost -k rpcss
100 - 安全 - Process: CCenter.exe [瑞星杀毒软件控制台相关程序。] - "C:\Program Files\rising\Rav\CCenter.exe"
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\System32\svchost.exe -k netsvcs
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost.exe -k NetworkService
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost.exe -k LocalService
100 - 安全 - Process: RavMonD.exe [瑞星杀毒软件的一部分。] - "C:\Program Files\rising\Rav\Ravmond.exe"
100 - 安全 - Process: rfwsrv.exe [瑞星出品的防火墙程序,用于抵御黑客攻击。] - "C:\Program Files\Rising\Rfw\rfwsrv.exe"
100 - 安全 - Process: explorer.exe [windows program manager或者windows explorer用于控制windows图形shell,包括开始菜单、任务栏,桌面和文件管理。] - C:\WINDOWS\Explorer.EXE
100 - 安全 - Process: rundll32.exe [windows rundll32为了需要调用dlls的程序。] - C:\WINDOWS\system32\Rundll32.exe "C:\WINDOWS\system32\tsbfdx31.dll",DllCanUnloadNow
100 - 安全 - Process: spoolsv.exe [windows打印任务控制程序,用以打印机就绪。] - C:\WINDOWS\system32\spoolsv.exe
100 - 安全 - Process: RavStub.exe [瑞星出品的杀毒软件相关程序。] - "C:\Program Files\rising\Rav\RavStub.exe" /RAVMOND
100 - 安全 - Process: rfwmain.exe [瑞星公司出品的瑞星杀毒软件个人防火墙程序,用于抵御黑客攻击。] -  -StartUp
100 - 安全 - Process: nvsvc32.exe [nvidia driver helper service在nvida显卡驱动中被安装。] - C:\WINDOWS\system32\nvsvc32.exe
100 - 安全 - Process: ULCDRSvr.exe [友立资讯公司(ulead systems, inc.)出品的dvd编辑软件的一部分。] - "C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe"
100 - 安全 - Process: wdfmgr.exe [windows media player播放器相关程序。] - C:\WINDOWS\system32\wdfmgr.exe
100 - 安全 - Process: wscntfy.exe [是microsoft windows安全系统和输出当前安全身份的一部分,用于其电脑的稳定性以及安全运行的。] - C:\WINDOWS\system32\wscntfy.exe
100 - 安全 - Process: RavTask.exe [瑞星出品的杀毒软件相关程序。] - "C:\Program Files\rising\Rav\RavTask.exe" -system
100 - 安全 - Process: ctfmon.exe [office xp输入法图标。] - "C:\WINDOWS\system32\ctfmon.exe"
100 - 安全 - Process: RavMon.exe [瑞星杀毒软件防火墙。] - "C:\Program Files\rising\Rav\Ravmon.exe" -SYSTEM
100 - 未知 - Process: sysmgr.exe [] - sysmgr.exe
100 - 安全 - Process: 360Safe.exe [360安全卫士相关程序。] - "C:\Program Files\360safe\360Safe.exe"
100 - 安全 - Process: wuauclt.exe [windows作系统后台程序,用于系统升级。] - "C:\WINDOWS\system32\wuauclt.exe" /RunStoreAsComServer Local\[40c]SUSDS35f9ee32b4b5f84f990d1ac722e315c6
R0 - 未知 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page=http://piaoxue.com
R1 - 安全 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page=about:blank
R1 - 安全 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page=about:blank
O3 - 未知 - Toolbar: (SearchCar) - [IE Toolbar] - {BD328E49-38AB-42CB-8EEA-73AA4CD2A6FD} - C:\Program Files\SearchCar\SearchCar.dll
O4 - 安全 - HKLM\..\Run: [PHIME2002A] [输入法软件相关程序。] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 安全 - HKLM\..\Run: [PHIME2002ASync] [输入法软件相关程序。] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 安全 - HKLM\..\Run: [RavTask] [瑞星杀毒软件的任务计划程序。] "C:\Program Files\rising\Rav\RavTask.exe" -system
O4 - 安全 - HKCU\..\Run: [ctfmon.exe] [office xp输入法图标。] C:\WINDOWS\system32\ctfmon.exe
O18 - 未知 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - 未知 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - 未知 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - 未知 - Service: COM- Event System [支持系统事件通知服务 (SENS),此服务为订阅的组件对象模型 (COM) 组件提供自动分布事件功能。] - C:\WINDOWS\svchost.exe
O23 - 安全 - Service: NVSvc [是NVIDIA显示卡相关程序。] - C:\WINDOWS\system32\nvsvc32.exe
O23 - 安全 - Service: RfwProxySrv [瑞星防火墙相关程序。] - c:\program files\rising\rfw\rfwProxy.exe
O23 - 安全 - Service: RfwService [是瑞星个人防火墙相关程序。] - C:\Program Files\rising\rfw\rfwsrv.exe
O23 - 安全 - Service: RsCCenter [是瑞星杀毒软件控制台相关程序。] - C:\Program Files\rising\Rav\CCenter.exe
O23 - 安全 - Service: RsRavMon [是瑞星杀毒软件相关监控程序。] - C:\Program Files\rising\Rav\RavMonD.exe
O23 - 安全 - Service: UleadBurningHelper [Ulead DVD workshop相关产品的一部分,该程序用于烧录DVD和CD媒体。] - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - 未知 - Service: 系统程序 [系统程序] - C:\WINDOWS\G_Server.exe
=======================================
360Safe.exe=1.0.7.7007
AntiAdwa.dll=1.0.7.7007
AntiEng.dll=1.0.7.1001
AntiActi.dll=1.0.0.2002
CleanHis.dll=1.0.1.3003
safelive.exe=1.0.0.1002
live.dll=1.0.0.1007
=======================================
作历史报告:
----------查杀恶意软件历史----------
2006-10-07 01:33
查杀恶意软件 - 通用搜索 - 危险 -
2006-10-07 01:57
查杀恶意软件 - 很棒小秘书 - 危险 - C:\WINDOWS\system32\DISTRI~1.TXT
查杀恶意软件 - 通用搜索 - 危险 -
2006-10-07 02:00
查杀恶意软件 - 通用搜索 - 危险 -

----------全面诊断修复历史----------
2006-10-07 10:40
R0 - 未知 - IE首页 - HKCU\Software\Microsoft\Internet Explorer\Main
=======================================
360安全卫士,彻底查杀各种流氓软件,全面保护系统安全,并赠送正版卡巴斯基V6.0
最新免费下载:http://www.360safe.com
我无邪 - 2006-10-7 12:49:00
请下载 System Repair Engineer,使用“智能扫描”,按下“扫描”按钮进行扫描,扫描完成后按下“保存报告”按钮保存报告日志文件(SREng.LOG),把保存的报告日志文件内容复制-粘贴上来
下载网址
http://www.kztechs.com/sreng/sreng2.zip
http://forum.ikaka.com/topic.asp?board=67&artid=5188931
日志一次粘不完,分次粘完,请不要修改。
ao00o - 2006-10-7 13:27:00
谢谢楼上的.


2006-10-07,13:12:44

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <RavTask><"C:\Program Files\rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <CdnCtr><; C:\Program Files\CNNIC\Cdn\cdnup.exe>  [N/A]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    <Load><; ?粓? ?>  [N/A]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <msnnt><; C:\WINDOWS\winampb.exe>  [N/A]
    <MyShares><; c:\program Files\忆多多\MyShares.exe /tray>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <Realplayer.exe><; C:\WINDOWS\system32\Realplayer.exe>  [N/A]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <RealUpdate><; C:\Program Files\Common Files\update\update.exe>  [N/A]
    <Super Rabbit IEPro><; C:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE /LOAD>  [Super Rabbit Soft]
    <Syss><; C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\setup.exe>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <Telnet><; C:\WINDOWS\system32\Telnet.exe>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <updatereal><; C:\WINDOWS\realupdate.exe other>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <yassistse><; "C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe">  [N/A]
    <YLive.exe><; C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe>  [N/A]
    <zt><; C:\Program Files\Intel\svhost32.exe>  [N/A]

==================================
启动文件夹
N/A

==================================
服务
[COM- Event System / COM- Event System]
  <C:\WINDOWS\svchost.exe><N/A>
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[NVIDIA Driver Helper Service / NVSvc]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Rising Proxy  Service / RfwProxySrv]
  <c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
  <C:\Program Files\Rising\Rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
  <"C:\Program Files\rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"C:\Program Files\rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[Ulead Burning Helper / UleadBurningHelper]
  <C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe><Ulead Systems, Inc.>

==================================
驱动程序
[aeaudio / aeaudio]
  <system32\drivers\aeaudio.sys><Andrea Electronics Corporation>
[Rising TDI Base Driver / BaseTDI]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[ASUSTeK/Broadcom 440x 10/100 Integrated Controller XP Driver / bcm4sbxp]
  <system32\DRIVERS\bcm4sbxp.sys><Broadcom Corporation>
[ExpScaner / ExpScaner]
  <\??\C:\Program Files\rising\Rav\ExpScan.sys><>
[GMSIPCI / GMSIPCI]
  <\??\G:\INSTALL\GMSIPCI.SYS><N/A>
[hardlock / hardlock]
  <\??\C:\WINDOWS\system32\drivers\hardlock.sys><N/A>
[Haspnt / Haspnt]
  <\??\C:\WINDOWS\system32\drivers\Haspnt.sys><Aladdin Knowledge Systems>
[HookCont / HookCont]
  <\??\C:\Program Files\rising\Rav\HOOKCONT.sys><Rising tech Co. ltd>
[HookReg / HookReg]
  <\??\C:\Program Files\rising\Rav\HookReg.sys><>
[HookSys / HookSys]
  <\??\C:\Program Files\rising\Rav\HookSys.sys><Rising>
[HOOKTDI1 / HOOKTDI1]
  <\??\C:\Program Files\rising\rfw\tdihook.sys><N/A>
[HookUrl / HookUrl]
  <\??\C:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[IPHOOK / IPHOOK]
  <\??\C:\Program Files\rising\rfw\iphook.sys><N/A>
[jzkczr2 / jzkczr27]
  <\SystemRoot\System32\DRIVERS\jzkczr27.sys><Microsoft Corporation>
[kmsinput / kmsinput]
  <\??\C:\WINDOWS\system32\drivers\kmsinput.sys><N/A>
[lvpgsw7 / lvpgsw72]
  <\SystemRoot\System32\DRIVERS\lvpgsw72.sys><Microsoft Corporation>
[MEMSCAN / MEMSCAN]
  <\??\C:\Program Files\rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[mProcRs / mProcRs]
  <\??\c:\program files\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[New0 / New0]
  <\??\C:\WINDOWS\system32\new.sys><N/A>
[Netgroup Packet Filter / NPF]
  <system32\DRIVERS\npf.sys><CACE Technologies>
[npkcrypt / npkcrypt]
  <\??\C:\Program Files\Tencent\qq\npkcrypt.sys><N/A>
[nv / nv]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[nwupspx / nwupspx]
  <\SystemRoot\system32\drivers\nwupspx.sys><N/A>
[oreans32 / oreans32]
  <\??\C:\WINDOWS\system32\drivers\oreans32.sys><N/A>
[VSO Software pcouffin / pcouffin]
  <System32\Drivers\pcouffin.sys><VSO Software>
[PNP04620 / PNP04620]
  <\SystemRoot\system32\Drivers\pnp04519.sys><Anti Driver>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsFwDrv / RsFwDrv]
  <\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[Secdrv / Secdrv]
  <system32\DRIVERS\secdrv.sys><N/A>
[smwdm / smwdm]
  <system32\drivers\smwdm.sys><Analog Devices, Inc.>
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1]
  <system32\DRIVERS\SONYPVU1.SYS><Sony Corporation>
[Samsung Mobile USB Device 1.0 driver (WDM) / ss_bus]
  <system32\DRIVERS\ss_bus.sys><MCCI>
[SAMSUNG Mobile USB Modem 1.0 Filter / ss_mdfl]
  <system32\DRIVERS\ss_mdfl.sys><MCCI>
[SAMSUNG Mobile USB Modem 1.0 Drivers / ss_mdm]
  <system32\DRIVERS\ss_mdm.sys><MCCI>
[TDIHOOK / TDIHOOK]
  <\??\C:\Program Files\rising\Rfw\TDIHOOK.sys><N/A>
[tsbfdx3 / tsbfdx31]
  <\SystemRoot\System32\DRIVERS\tsbfdx31.sys><Microsoft Corporation>
[WINIO / WINIO]
  <\??\D:\新建文件夹\游击队\winio.sys><N/A>
[World Standard Teletext Codec / WSTCODEC]
  <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[xmasbus / xmasbus]
  <\SystemRoot\system32\DRIVERS\xmasbus.sys><>
[xmasscsi / xmasscsi]
  <\SystemRoot\System32\Drivers\xmasscsi.sys><>

==================================
浏览器加载项
[SearchCar]
  {BD328E49-38AB-42CB-8EEA-73AA4CD2A6FD} <C:\Program Files\SearchCar\SearchCar.dll, IE Toolbar>
[QuickTime Object]
  {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} <C:\Program Files\Final Codecs\QTSystem\QTPlugin.ocx, Apple Computer, Inc.>
[VTPlug3 Class]
  {0400AC1C-EEF0-4638-A501-31D5A0DC2002} <C:\WINDOWS\system32\gxd\VTrans3.dll, >
[PowerList Control]
  {20C2C286-BDE8-441B-B73D-AFA22D914DA5} <C:\PROGRA~1\ppStream\POWERL~1.OCX, PPStream.com>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <, N/A>
[Recorder Control]
  {2423AB16-9F42-457B-A337-FE3B11964DB0} <C:\PROGRA~1\Bluesky\BLUESK~1\recorder.ocx, Bluesky Studio (http://www.bluesky.cn)>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\Mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\WINDOWS\system32\dllcache\dhtmled.ocx, Microsoft Corporation>
[BlueskyVideo Control]
  {2EA6D939-4445-43F1-A12B-8CB3DDA8B855} <C:\PROGRA~1\Bluesky\BLUESK~1\v2.ocx, 蓝天工作室(http://www.bluesky.cn)>
[Share Control]
  {3072B1F1-0C4D-4E76-A7C6-FBAF129DBCC9} <C:\PROGRA~1\Bluesky\BLUESK~1\share.ocx, N/A>
[Tabular Data Control]
  {333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\WINDOWS\system32\tdc.ocx, Microsoft Corporation>
[WebActivater Control]
  {3D8F74EE-8692-4F8F-B8D2-7522E732519E} <C:\WINDOWS\system32\WEBACT~1.OCX, QQ>
[HHCtrl Object]
  {41B23C28-488E-4E5C-ACE2-BB0BBABE99E8} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[KmediaHelper Class]
  {42D25F15-CF07-4A72-B191-DB0792BF310C} <C:\WINDOWS\system32\Kmedia.dll, Kmedia>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
[PowerPlayer Control]
  {5EC7C511-CD0F-42E6-830C-1BD9882F3458} <C:\PROGRA~1\ppStream\POWERP~1.DLL, PPStream Inc.>
[IMCv1 Control]
  {6924091F-CD97-41E1-B1D4-D9079409D413} <C:\PROGRA~1\LtUcx\1003\c0.dll, N/A>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[XBTP03129 Class]
  {71E000D6-C63D-4D95-85A0-76DF890982A3} <C:\PROGRA~1\SEARCH~1\SEARCH~1.DLL, IE Toolbar>
[Record9158 Control]
  {8052AF20-EEE1-4A41-A050-8BDA57EC70D2} <C:\WINDOWS\system32\Rec9158.ocx, >
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Blueskyvoice Control]
  {991481A7-4669-4E15-8C24-100404E1F5CB} <C:\PROGRA~1\Bluesky\BLUESK~1\BLUESK~1.OCX, 蓝天工作室(http://www.bluesky.cn)>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\Mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[]
  {B69003B3-C55E-4B48-836C-BC5946FC3B28} <C:\Program Files\Messenger\msgsc.dll, Microsoft Corporation>
[SearchCar]
  {BD328E49-38AB-42CB-8EEA-73AA4CD2A6FD} <C:\Program Files\SearchCar\SearchCar.dll, IE Toolbar>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[iChatX Object]
  {C07405FD-84D1-4A25-94E8-68609EA8335B} <C:\WINDOWS\Downloaded Program Files\ichatx.dll, 深圳市东方博雅科技有限公司>
[AUDIO__MID Moniker Class]
  {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
  {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>

==================================
ao00o - 2006-10-7 13:30:00
正在运行的进程
[PID: 604][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 672][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 704][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 748][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 760][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 916][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 980][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1016][C:\Program Files\rising\Rav\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 1036][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1084][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1224][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1288][C:\Program Files\rising\Rav\Ravmond.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 1, 7]
    [C:\Program Files\rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 16]
    [C:\Program Files\rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [C:\Program Files\rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\rising\Rav\RsLog.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 18]
    [C:\Program Files\rising\Rav\HOOKSYS.dll]  [Rising, 18, 1, 0, 9]
    [C:\Program Files\rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 28]
    [C:\Program Files\rising\Rav\libload.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [C:\Program Files\rising\Rav\VirusLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
    [C:\Program Files\rising\Rav\regmon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [C:\Program Files\rising\Rav\HookWeb.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\rising\Rav\MemMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 8]
    [C:\Program Files\rising\Rav\expscan.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\rising\Rav\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
    [C:\Program Files\rising\Rav\MailMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\Program Files\rising\Rav\SpamEng.dll]  [N/A, 18, 0, 0, 4]
    [C:\Program Files\rising\Rav\engine.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 34]
    [C:\Program Files\rising\Rav\PostTrt.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 16]
    [C:\Program Files\rising\Rav\UnExe.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [C:\Program Files\rising\Rav\ScanExec.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [C:\Program Files\rising\Rav\ScanEx.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 27]
    [C:\Program Files\rising\Rav\RSUnpack.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 17]
    [C:\Program Files\rising\Rav\NvFile.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 7]
    [C:\Program Files\rising\Rav\ScanMac.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [C:\Program Files\rising\Rav\ScanSct.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
    [C:\Program Files\rising\Rav\RsStore.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\rising\Rav\ExtOLE.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [C:\Program Files\rising\Rav\Unpacker.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[PID: 1448][C:\Program Files\Rising\Rfw\rfwsrv.exe]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 33]
    [C:\Program Files\Rising\Rfw\RfwRule.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 13]
    [C:\Program Files\Rising\Rfw\rfwlog.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 6]
    [C:\Program Files\Rising\Rfw\Rfwdrv.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 21]
    [C:\Program Files\Rising\Rfw\MonDrv.dll]  [rs, 1, 0, 0, 4]
    [C:\Program Files\Rising\Rfw\ProcLib.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 9]
[PID: 1512][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
[PID: 1592][C:\WINDOWS\system32\Rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\tsbfdx31.dll]  [N/A, N/A]
[PID: 1688][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 1816][C:\Program Files\rising\Rav\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
    [C:\Program Files\rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[PID: 2004][C:\Program Files\Rising\Rfw\RfwMain.exe]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 52]
    [C:\Program Files\Rising\Rfw\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 23]
    [C:\Program Files\Rising\Rfw\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\Rising\Rfw\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[PID: 208][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.13.10.4104]
ao00o - 2006-10-7 13:30:00
[PID: 256][C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe]  [Ulead Systems, Inc., 1, 0, 0, 4]
[PID: 244][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 1100][C:\WINDOWS\system32\wscntfy.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1192][C:\Program Files\rising\Rav\RavTask.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 22]
    [C:\Program Files\rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [C:\Program Files\rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\WINDOWS\system32\tsbfdx31.dll]  [N/A, N/A]
[PID: 804][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1336][C:\Program Files\rising\Rav\Ravmon.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 1, 10]
    [C:\Program Files\rising\Rav\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 23]
    [C:\Program Files\rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 16]
    [C:\Program Files\rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [C:\Program Files\rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\WINDOWS\system32\tsbfdx31.dll]  [N/A, N/A]
[PID: 3256][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx]  [Macromedia, Inc., 8,0,24,0]
    [C:\WINDOWS\system32\Macromed\Common\SwSupport.dll]  [Macromedia, Inc., 10.0.1r4]
[PID: 1156][C:\Program Files\BitComet\BitComet.exe]  [www.BitComet.com, 0.63.]
[PID: 1144][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3140][C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\DVDPS.exe]  [Ulead Systems, Inc., 2.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\GUIBase.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\TaskCtrl.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\PSShareComm.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\u32Base.dll]  [Ulead Systems, Inc., 8.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\u32Comm.dll]  [Ulead Systems, Inc., 8.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\u32txEx.dll]  [Ulead Systems, Inc., 8.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\u32Tx.dll]  [Ulead Systems, Inc., 8.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\u32Cvt.dll]  [Ulead Systems, Inc., 8.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\uvipl.dll]  [N/A, N/A]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\cpuinf32.dll]  [N/A, N/A]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\Vcvrt32.dll]  [Ulead Systems, Inc., 2.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\RegUtil.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\u32Cfg.dll]  [Ulead Systems, Inc., 2.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\u32sn.dll]  [Ulead Systems, Inc., 7.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\u32Prod.dll]  [Ulead Systems, Inc., 8.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\RTObjMgr.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\ObjComm.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\u32File.dll]  [Ulead Systems, Inc., 8.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\U32MISC.dll]  [Ulead Systems, Inc., 8.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\uGifLib.dll]  [Ulead Systems, Inc., 7.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\uLzwLib.dll]  [Ulead Systems, Inc., 7.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\U32VIDEO.dll]  [Ulead Systems, Inc., 2.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\U32BROWS.DLL]  [Ulead Systems, Inc., 8.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\Vepb40.dll]  [Ulead Systems, Inc., 2.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\U32CCS.dll]  [Ulead Systems, Inc., 2.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\uvBase.dll]  [Ulead Systems, Inc., 2.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\uvPlay.dll]  [Ulead Systems, Inc., 2.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\PS2Base.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\PS1Project.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\pexBuf.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\u32Fido.dll]  [Ulead Systems, Inc., 8.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\CommonControl.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\Register.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\u32Clips.dll]  [Ulead Systems, Inc., 8.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\PS2SlideShow.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\MediaBase.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\wWebComp.dll]  [Ulead Systems, Inc., 7.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\uRender.dll]  [Ulead Systems, Inc., 8.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\U32path.dll]  [Ulead Systems, Inc., 7.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\u32txtur.dll]  [Ulead Systems, Inc., 8.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\uShadow.dll]  [Ulead Systems, Inc., 7.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\wcsRWUFO.dll]  [Ulead Systems, Inc., 7.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\TmplMenuRender.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\PexSlide.dll]  [Ulead Systems, Inc., 7.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\PexExif.dll]  [Ulead Systems, Inc., 8.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\uExifLib.dll]  [N/A, N/A]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\ulibjpg.dll]  [N/A, N/A]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\ulibtif.dll]  [N/A, N/A]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\ucvtmem.dll]  [N/A, N/A]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\uliblzw.dll]  [N/A, N/A]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\sepa.dll]  [Ulead Systems, Inc., 2.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\PS2Menu.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\S2REVideoConverter.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\UsageBar.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\PS2GUIBase.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\UndoManager.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\RenderPolicy.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\uviplPX.dll]  [N/A, N/A]
ao00o - 2006-10-7 13:31:00
[C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\PSShareCommRC.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\CommonControlRC.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\PEXEXIF_Res.dll]  [Ulead Systems, Inc., 8.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\PEXSLIDE_Res.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\PS2SlideShowRC.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\PS2BaseRC.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\PS2RC.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\CtrlMgr.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [c:\program files\ulead systems\ulead dvd pictureshow 2\vio\Uvavi.vio]  [Ulead Systems, Inc., 2.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\PAL.dll]  [Ulead Systems, Inc., 2.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\ukMgr.dll]  [Ulead Systems, Inc., 2.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\uvDV.dll]  [Ulead Systems, Inc., 2.0.0.0]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
    [C:\Program Files\Final Codecs\Codecs\ffdshow.ax]  [N/A, 1.0.2.1997]
    [c:\program files\ulead systems\ulead dvd pictureshow 2\vio\uvmpeg.vio]  [Ulead Systems, Inc., 2.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\uvMPEG2.dll]  [Ulead Systems, Inc., 2.0.0.0]
    [C:\Program Files\Common Files\Ulead Systems\MPEG\mpegin.dll]  [Ulead Systems, Inc, official release build]
    [C:\Program Files\Common Files\Ulead Systems\MPEG\mpgaout.dll]  [Ulead Systems, Inc, official release build]
    [C:\Program Files\Common Files\Ulead Systems\MPEG\mpgvout.dll]  [Ulead Systems, Inc, official release build]
    [C:\Program Files\Common Files\Ulead Systems\MPEG\mpgmux.dll]  [Ulead Systems, Inc, 1, 1, 1, 59]
    [C:\Program Files\Common Files\Ulead Systems\MPEG\mpg_dlg.dll]  [Ulead Systems, official release build]
    [C:\Program Files\Common Files\Ulead Systems\MPEG\pcmaout.dll]  [Ulead Systems, Inc, official release build]
    [C:\Program Files\Common Files\Ulead Systems\MPEG\ac3aout.dll]  [Ulead Systems, Inc., official release build]
    [C:\Program Files\Common Files\Ulead Systems\MPEG\mcmpgdec.dll]  [Ulead Systems, Inc., official release build]
    [C:\Program Files\Common Files\Ulead Systems\MPEG\mpgvout.004]  [Ulead Systems, Inc., official release build]
    [C:\Program Files\Common Files\Ulead Systems\MPEG\mpgcheck.dll]  [Ulead Systems, Inc., official release build]
    [c:\program files\ulead systems\ulead dvd pictureshow 2\vio\uvflc.vio]  [Ulead Systems, Inc., 6.0]
    [c:\program files\ulead systems\ulead dvd pictureshow 2\vio\uvqt.vio]  [Ulead Systems, Inc., 2.0.0.0]
    [C:\WINDOWS\system32\QuickTime.qts]  [Apple Computer, Inc., 7.0.4]
    [C:\Program Files\Final Codecs\QTSystem\QuickTime.qts]  [Apple Computer, Inc., 7.0.4]
    [C:\Program Files\Final Codecs\QTSystem\CoreVideo.qtx]  [Apple Computer, Inc., 7.0.4]
    [C:\Program Files\Final Codecs\QTSystem\QuickTime3GPP.qtx]  [Apple Computer, Inc., 7.0.4]
    [C:\Program Files\Final Codecs\QTSystem\QuickTime3GPPAuthoring.qtx]  [Apple Computer, Inc., 7.0.4]
    [C:\Program Files\Final Codecs\QTSystem\QuickTimeAudioSupport.qtx]  [Apple Computer, Inc., 7.0.4]
    [C:\Program Files\Final Codecs\QTSystem\QuickTimeAuthoring.qtx]  [Apple Computer, Inc., 7.0.4]
    [C:\Program Files\Final Codecs\QTSystem\QuickTimeEffects.qtx]  [Apple Computer, Inc., 7.0.4]
    [C:\Program Files\Final Codecs\QTSystem\QuickTimeEssentials.qtx]  [Apple Computer, Inc., 7.0.4]
    [C:\Program Files\Final Codecs\QTSystem\QuickTimeH264.qtx]  [Apple Computer, Inc., 7.0.4]
    [C:\Program Files\Final Codecs\QTSystem\QuickTimeImage.qtx]  [Apple Computer, Inc., 7.0.4]
    [C:\Program Files\Final Codecs\QTSystem\QuickTimeInternetExtras.qtx]  [Apple Computer, Inc., 7.0.4]
    [C:\Program Files\Final Codecs\QTSystem\QuickTimeMPEG.qtx]  [Apple Computer, Inc, 7.0.4]
    [C:\Program Files\Final Codecs\QTSystem\QuickTimeMPEG2.qtx]  [Apple Computer, Inc, 6.0]
    [C:\Program Files\Final Codecs\QTSystem\QuickTimeMPEG4.qtx]  [Apple Computer, Inc., 7.0.4]
    [C:\Program Files\Final Codecs\QTSystem\QuickTimeMPEG4Authoring.qtx]  [Apple Computer, Inc., 7.0.4]
    [C:\Program Files\Final Codecs\QTSystem\QuickTimeMusic.qtx]  [Apple Computer, Inc., 7.0.4]
    [C:\Program Files\Final Codecs\QTSystem\QuickTimeQD3D.qtx]  [Apple Computer, Inc., 7.0.4]
    [C:\Program Files\Final Codecs\QTSystem\QuickTimeStreaming.qtx]  [Apple Computer, Inc., 7.0.4]
    [C:\Program Files\Final Codecs\QTSystem\QuickTimeStreamingAuthoring.qtx]  [Apple Computer, Inc., 7.0.4]
    [C:\Program Files\Final Codecs\QTSystem\QuickTimeStreamingExtras.qtx]  [Apple Computer, Inc., 7.0.4]
    [C:\Program Files\Final Codecs\QTSystem\QuickTimeVR.qtx]  [Apple Computer, Inc, 7.0.4]
    [C:\Program Files\Final Codecs\QTSystem\Indeo4.qtx]  [Intel Corporation, 4.41.23.05]
    [c:\program files\ulead systems\ulead dvd pictureshow 2\vio\uvwav.vio]  [Ulead Systems, Inc., 2.0.0.0]
    [C:\WINDOWS\system32\vorbis.acm]  [HMS http://hp.vector.co.jp/authors/VA012897/, 0, 0, 3, 6]
    [C:\WINDOWS\system32\tssoft32.acm]  [DSP GROUP, INC., 1.01]
    [C:\WINDOWS\system32\tsd32.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\sl_anet.acm]  [Sipro Lab Telecom Inc., 3.02]
    [C:\WINDOWS\system32\iac25_32.ax]  [Intel Corporation, 2.05.53]
    [C:\WINDOWS\system32\L3codeca.acm]  [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 2, 0, 63]
    [C:\WINDOWS\system32\vct3216.acm]  [Voxware, Inc., 1.6.0.17]
    [C:\WINDOWS\system32\vct3216.dll]  [Voxware, Inc., 1.6.0.12]
    [C:\WINDOWS\system32\msms001.vwp]  [Voxware, Inc., 2.0.2.61]
    [C:\WINDOWS\system32\mvoice.vwp]  [Voxware, Inc., 2.0.0.12.01]
    [C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\MPEGacm.acm]  [Ulead Systems, Inc., 1.0.0.3]
    [C:\Program Files\Common Files\Ulead Systems\MPEG\uvsc.dll]  [Ulead, 1, 3, 0, 0]
ao00o - 2006-10-7 13:31:00
[C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\StartStep.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\PS2OpenPrjDB.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\Thumbnail.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\PEXFileReader.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\PS2OpenPrjDBRC.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\StartStepRC.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\CreateSlideShowStep.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\OrgItmSt.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\PSComm.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\BatchCollectDB.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\BatchSelCtrl.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\TreeCTL.dll]  [Ulead Systems, Inc., 4, 0, 0, 0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\peComm.dll]  [Ulead Systems, Inc., 4, 0, 0, 0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\PEObj.dll]  [Ulead Systems, Inc., 4, 0, 0, 0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\PEBase.dll]  [Ulead Systems, Inc., 4, 0, 0, 0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\PROCESS_DB.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\PS2ThumbListView.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\PSCommRC.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\BatchCollectDBRC.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\PS2ThumbListViewRC.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\createslideshowsteprc.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\FIO\u32prj.dll]  [Ulead Systems, Inc., 8.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\FIO\uFioUtil.dll]  [Ulead Systems, Inc., 8.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\fio\u32ZLib.dll]  [Ulead Systems, Inc., 8.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\TmplMenuRenderRC.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\usagebar_rc.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\AddPhoto.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\RODB.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\BrowseCtrl.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\Browse.dll]  [Ulead Systems, Inc., 4, 0, 0, 0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\BaseDV.dll]  [Ulead Systems, Inc., 4, 0, 0, 0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\Layout.dll]  [Ulead Systems, Inc., 4, 0, 0, 0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\IpeFill.dll]  [Ulead Systems, Inc., 4, 0, 0, 0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\u32Sel.dll]  [Ulead Systems, Inc., 8.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\CommonUI.dll]  [Ulead Systems, Inc., 4, 0, 0, 0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\BwsGlb.dll]  [Ulead Systems, Inc., 4, 0, 0, 0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\u32Afm.dll]  [Ulead Systems, Inc., 8.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\combo.dll]  [Ulead Systems, Inc., 4, 0, 0, 0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\AddTextDB.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\AddTextCtrl.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\IPEDLL.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\u32Tu.dll]  [Ulead Systems, Inc., 8.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\U32UTX.dll]  [Ulead Systems, Inc., 8.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\type_eff.dll]  [Ulead Systems, Inc., 7.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\Aefilter.dll]  [Ulead Systems, Inc., 7.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\maskop.dll]  [Ulead Systems, Inc., 7.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\maxmin.dll]  [Ulead Systems, Inc., 7.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\ulkFMgx.dll]  [Ulead Systems, Inc., 7.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\clrtoclr.dll]  [Ulead Systems, Inc., 7.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\save_ani.dll]  [Ulead Systems, Inc., 7.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\TextMedia.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\PS2PreviewCtrl.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\BwsRC.dll]  [Ulead Systems, Inc., 4, 0, 0, 0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\IPEDllRC.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\AddTextCtrlRC.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\AddTextDBRC.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\AddPhotoRC.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\FIO\U32JPG.FIO]  [Ulead Systems, Inc., 8.0.0.0]
    [C:\Program Files\Final Codecs\Codecs\iviaudio.ax]  [InterVideo Inc., 7.0.27.130]
    [C:\WINDOWS\system32\l3codecx.ax]  [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 5, 0, 50]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\SldSwOpt.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\TrsEfCtr.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\TrsEfCtrRC.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\SldSwORC.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\WINDOWS\system32\JPWB.IME]  [常诚研制, 4.00.950]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\MenuStep.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\MenuPreview.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\MenuPreviewRC.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\MenuStepRC.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\PreviewStep.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\PS2PlayerAdapter.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\PS2Player.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\PreviewStepRC.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\WINDOWS\system32\DVobSub.ax]  [Gabest, 2, 0, 23, 0]
    [C:\WINDOWS\system32\vobsub.dll]  [Gabest, 2, 0, 23, 0]
    [C:\WINDOWS\system32\MMSwitch.ax]  [Morgan Multimedia, 0, 9, 7, 0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\FinishStep.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\CPS2Burner.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\XBurnMgr.dll]  [Ulead Systems, Inc., 2.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\ULUS_COMM.dll]  [Ulead Systems, Inc., 1, 0, 0, 0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\XBurnMgrRC.dll]  [Ulead Systems, Inc., 2.0.0.0]
    [C:\Program Files\Ulead Systems\Ulead DVD PictureShow 2\FinishStep_RC.dll]  [Ulead Systems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Common Files\Ulead Systems\DVD\LdvdEng.dll]  [Ulead Systems, Inc., 3, 9, 11, 164]
    [C:\Program Files\Common Files\Ulead Systems\DVD\XDiscLayer.dll]  [Ulead Systems, Inc., 1, 3, 21, 114]
    [C:\Program Files\Common Files\Ulead Systems\DVD\XDiscLayerRC.dll]  [Ulead Systems, Inc., 1, 1, 0, 2]
    [C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRDrv.dll]  [Ulead Systems, 3, 6, 18, 260]
    [C:\Program Files\Common Files\Ulead Systems\DVD\NTICdDrv.dll]  [Ulead Systems, 1, 2, 1, 16]
    [C:\Program Files\Common Files\Ulead Systems\DVD\CdrwEx32.dll]  [NewTech Infosystems, Inc., 3, 0, 0, 41]
    [C:\Program Files\Common Files\Ulead Systems\DVD\CdrMmc32.dll]  [NewTech Infosystems, Inc., 2, 1, 0, 60]
    [C:\Program Files\Common Files\Ulead Systems\DVD\Cdrw32.dll]  [NewTech Infosystems, Inc., 2, 1, 0, 9]
    [C:\Program Files\Common Files\Ulead Systems\DVD\ImagFile.dll]  [NewTech Infosystems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Common Files\Ulead Systems\DVD\AboutNTISDK.dll]  [NewTech Infosystems, Inc., 1, 0, 0, 1]
    [C:\Program Files\Common Files\Ulead Systems\DVD\NtiAspi.dll]  [NewTech Infosystems, Inc., 1, 0, 0, 11]
    [C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRDrvRc.dll]  [Ulead Systems, Inc., 3, 5, 12, 176]
[PID: 1600][F:\杀毒\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  Error. [C:\WINDOWS\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\NOTEPAD.EXE %1]
.INF  Error. [C:\WINDOWS\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
我无邪 - 2006-10-7 13:52:00
打开System Repair Engineer(也就是你的扫描日志软件SREng.exe),使用“系统修复,文件关联,勾选“全选”点“修复”使所有扩展名都恢复正常。

下载超级兔子。
http://www.pctutu.com/srmsdown.asp
安装好后,打开“超级兔子优化王”“专业卸载,卸载所有提示的垃圾软件,卸载是不要打开任何浏览窗口。卸载不了可以重启后再去卸载。
卸载不了的,一会到安全模式再卸载。

打开System Repair Engineer(也就是你的扫描日志软件SREng.exe),点“启动项目,服务,点“Win32服务应用程序”勾选“隐藏微软服务”选中病毒服务COM- Event System,选择“删除服务”点“设置”选择“否”

打开System Repair Engineer(也就是你的扫描日志软件SREng.exe),点“启动项目,服务,点“驱动程序”勾选“隐藏以认证的微软服务”选中病毒服务Netgroup Packet Filter,New0, nwupspx,oreans32,选择“删除服务”点“设置”选择“否”最后重启。(每一个逗号隔开的就是一个病毒的服务,请逐一删除)

请到www.27814939.ys168.com,点“我的软件”下载KillBox.exe
重新启动电脑, 开机检测完后, 按[F8]键(可以一直按到启动菜单出来为止), 选择安全模式进入Windows
双击打开KillBox.exe,分别删除
C:\WINDOWS\winampb.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\setup.exe
C:\Program Files\Common Files\update\update.exe
C:\WINDOWS\system32\Telnet.exe
C:\WINDOWS\realupdate.exe
C:\Program Files\Intel\svhost32.exe
C:\WINDOWS\svchost.exe
C:\WINDOWS\system32\new.sys
C:\WINDOWS\system32\DRIVERS\npf.sys
C:\WINDOWS\system32\drivers\nwupspx.sys
C:\WINDOWS\system32\drivers\oreans32.sys
C:\WINDOWS\system32\tsbfdx31.dll
(删除时勾选“删除前先结束Explorer.EXE进程”不行再试着勾选"删除DLL文件前反注册此文件"
给菜鸟的东东—KillBox的使用技巧
http://forum.ikaka.com/topic.asp?board=28&artid=8160799

打开System Repair Engineer(也就是你的扫描日志软件SREng.exe),使用“启动项目,注册表”来删除以下选项。
C:\WINDOWS\winampb.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\setup.exe
C:\Program Files\Common Files\update\update.exe
C:\WINDOWS\system32\Telnet.exe
C:\WINDOWS\realupdate.exe
C:\Program Files\Intel\svhost32.exe

打开一个IE窗口,工具,internte选项,点“删除文件”弹出一个窗口勾选“删除所有脱机内容”删除cookies,确定。

完后重启,再扫个日志粘上来。
ao00o - 2006-10-7 21:50:00
非常感谢 我无邪 的热心帮助,已经按您给的顺序来了一遍.但好象还是老样子。
下面是刚扫的日志:


2006-10-07,21:35:59

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <RavTask><"C:\Program Files\rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]

==================================
启动文件夹
N/A

==================================
服务
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[NVIDIA Driver Helper Service / NVSvc]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Rising Proxy  Service / RfwProxySrv]
  <c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
  <C:\Program Files\Rising\Rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
  <"C:\Program Files\rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"C:\Program Files\rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[Ulead Burning Helper / UleadBurningHelper]
  <C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe><Ulead Systems, Inc.>

==================================
驱动程序
[aeaudio / aeaudio]
  <system32\drivers\aeaudio.sys><Andrea Electronics Corporation>
[Rising TDI Base Driver / BaseTDI]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[ASUSTeK/Broadcom 440x 10/100 Integrated Controller XP Driver / bcm4sbxp]
  <system32\DRIVERS\bcm4sbxp.sys><Broadcom Corporation>
[ExpScaner / ExpScaner]
  <\??\C:\Program Files\rising\Rav\ExpScan.sys><>
[fgxjqe2 / fgxjqe29]
  <\SystemRoot\System32\DRIVERS\fgxjqe29.sys><Microsoft Corporation>
[GMSIPCI / GMSIPCI]
  <\??\G:\INSTALL\GMSIPCI.SYS><N/A>
[hardlock / hardlock]
  <\??\C:\WINDOWS\system32\drivers\hardlock.sys><N/A>
[Haspnt / Haspnt]
  <\??\C:\WINDOWS\system32\drivers\Haspnt.sys><Aladdin Knowledge Systems>
[HookCont / HookCont]
  <\??\C:\Program Files\rising\Rav\HOOKCONT.sys><Rising tech Co. ltd>
[HookReg / HookReg]
  <\??\C:\Program Files\rising\Rav\HookReg.sys><>
[HookSys / HookSys]
  <\??\C:\Program Files\rising\Rav\HookSys.sys><Rising>
[HOOKTDI1 / HOOKTDI1]
  <\??\C:\Program Files\rising\rfw\tdihook.sys><N/A>
[HookUrl / HookUrl]
  <\??\C:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[IPHOOK / IPHOOK]
  <\??\C:\Program Files\rising\rfw\iphook.sys><N/A>
[jzkczr2 / jzkczr27]
  <\SystemRoot\System32\DRIVERS\jzkczr27.sys><Microsoft Corporation>
[kmsinput / kmsinput]
  <\??\C:\WINDOWS\system32\drivers\kmsinput.sys><N/A>
[lvpgsw7 / lvpgsw72]
  <\SystemRoot\System32\DRIVERS\lvpgsw72.sys><Microsoft Corporation>
[MEMSCAN / MEMSCAN]
  <\??\C:\Program Files\rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[mProcRs / mProcRs]
  <\??\c:\program files\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[npkcrypt / npkcrypt]
  <\??\C:\Program Files\Tencent\qq\npkcrypt.sys><N/A>
[nv / nv]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[nwupspx / nwupspx]
  <\SystemRoot\system32\drivers\nwupspx.sys><N/A>
[VSO Software pcouffin / pcouffin]
  <System32\Drivers\pcouffin.sys><VSO Software>
[PNP04620 / PNP04620]
  <\SystemRoot\system32\Drivers\pnp04519.sys><Anti Driver>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsFwDrv / RsFwDrv]
  <\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[Secdrv / Secdrv]
  <system32\DRIVERS\secdrv.sys><N/A>
[smwdm / smwdm]
  <system32\drivers\smwdm.sys><Analog Devices, Inc.>
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1]
  <system32\DRIVERS\SONYPVU1.SYS><Sony Corporation>
[Samsung Mobile USB Device 1.0 driver (WDM) / ss_bus]
  <system32\DRIVERS\ss_bus.sys><MCCI>
[SAMSUNG Mobile USB Modem 1.0 Filter / ss_mdfl]
  <system32\DRIVERS\ss_mdfl.sys><MCCI>
[SAMSUNG Mobile USB Modem 1.0 Drivers / ss_mdm]
  <system32\DRIVERS\ss_mdm.sys><MCCI>
[TDIHOOK / TDIHOOK]
  <\??\C:\Program Files\rising\Rfw\TDIHOOK.sys><N/A>
[tsbfdx3 / tsbfdx31]
  <\SystemRoot\System32\DRIVERS\tsbfdx31.sys><Microsoft Corporation>
[WINIO / WINIO]
  <\??\D:\新建文件夹\游击队\winio.sys><N/A>
ao00o - 2006-10-7 21:50:00
==================================
浏览器加载项
[SearchCar]
  {BD328E49-38AB-42CB-8EEA-73AA4CD2A6FD} <C:\Program Files\SearchCar\SearchCar.dll, IE Toolbar>
[QuickTime Object]
  {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} <C:\Program Files\Final Codecs\QTSystem\QTPlugin.ocx, Apple Computer, Inc.>
[VTPlug3 Class]
  {0400AC1C-EEF0-4638-A501-31D5A0DC2002} <C:\WINDOWS\system32\gxd\VTrans3.dll, >
[PowerList Control]
  {20C2C286-BDE8-441B-B73D-AFA22D914DA5} <C:\PROGRA~1\ppStream\POWERL~1.OCX, PPStream.com>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <, N/A>
[Recorder Control]
  {2423AB16-9F42-457B-A337-FE3B11964DB0} <C:\PROGRA~1\Bluesky\BLUESK~1\recorder.ocx, Bluesky Studio (http://www.bluesky.cn)>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\Mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\WINDOWS\system32\dllcache\dhtmled.ocx, Microsoft Corporation>
[BlueskyVideo Control]
  {2EA6D939-4445-43F1-A12B-8CB3DDA8B855} <C:\PROGRA~1\Bluesky\BLUESK~1\v2.ocx, 蓝天工作室(http://www.bluesky.cn)>
[Share Control]
  {3072B1F1-0C4D-4E76-A7C6-FBAF129DBCC9} <C:\PROGRA~1\Bluesky\BLUESK~1\share.ocx, N/A>
[Tabular Data Control]
  {333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\WINDOWS\system32\tdc.ocx, Microsoft Corporation>
[WebActivater Control]
  {3D8F74EE-8692-4F8F-B8D2-7522E732519E} <C:\WINDOWS\system32\WEBACT~1.OCX, QQ>
[HHCtrl Object]
  {41B23C28-488E-4E5C-ACE2-BB0BBABE99E8} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[KmediaHelper Class]
  {42D25F15-CF07-4A72-B191-DB0792BF310C} <C:\WINDOWS\system32\Kmedia.dll, Kmedia>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
[PowerPlayer Control]
  {5EC7C511-CD0F-42E6-830C-1BD9882F3458} <C:\PROGRA~1\ppStream\POWERP~1.DLL, PPStream Inc.>
[IMCv1 Control]
  {6924091F-CD97-41E1-B1D4-D9079409D413} <C:\PROGRA~1\LtUcx\1003\c0.dll, N/A>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[XBTP03129 Class]
  {71E000D6-C63D-4D95-85A0-76DF890982A3} <C:\PROGRA~1\SEARCH~1\SEARCH~1.DLL, IE Toolbar>
[Record9158 Control]
  {8052AF20-EEE1-4A41-A050-8BDA57EC70D2} <C:\WINDOWS\system32\Rec9158.ocx, >
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Blueskyvoice Control]
  {991481A7-4669-4E15-8C24-100404E1F5CB} <C:\PROGRA~1\Bluesky\BLUESK~1\BLUESK~1.OCX, 蓝天工作室(http://www.bluesky.cn)>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\Mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[]
  {B69003B3-C55E-4B48-836C-BC5946FC3B28} <C:\Program Files\Messenger\msgsc.dll, Microsoft Corporation>
[SearchCar]
  {BD328E49-38AB-42CB-8EEA-73AA4CD2A6FD} <C:\Program Files\SearchCar\SearchCar.dll, IE Toolbar>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[iChatX Object]
  {C07405FD-84D1-4A25-94E8-68609EA8335B} <C:\WINDOWS\Downloaded Program Files\ichatx.dll, 深圳市东方博雅科技有限公司>
[AUDIO__MID Moniker Class]
  {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
  {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
ao00o - 2006-10-7 21:51:00
==================================
正在运行的进程
[PID: 608][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 808][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 832][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 876][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 896][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1064][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1132][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1256][C:\Program Files\rising\Rav\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 1272][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1428][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1536][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1556][C:\Program Files\rising\Rav\Ravmond.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 1, 7]
    [C:\Program Files\rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 16]
    [C:\Program Files\rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [C:\Program Files\rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\rising\Rav\RsLog.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 18]
    [C:\Program Files\rising\Rav\HOOKSYS.dll]  [Rising, 18, 1, 0, 9]
    [C:\Program Files\rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 28]
    [C:\Program Files\rising\Rav\libload.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [C:\Program Files\rising\Rav\VirusLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
    [C:\Program Files\rising\Rav\regmon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [C:\Program Files\rising\Rav\HookWeb.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\rising\Rav\MemMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 8]
    [C:\Program Files\rising\Rav\expscan.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\rising\Rav\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
    [C:\Program Files\rising\Rav\MailMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\Program Files\rising\Rav\SpamEng.dll]  [N/A, 18, 0, 0, 4]
    [C:\Program Files\rising\Rav\engine.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 34]
    [C:\Program Files\rising\Rav\PostTrt.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 16]
    [C:\Program Files\rising\Rav\UnExe.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [C:\Program Files\rising\Rav\ScanExec.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [C:\Program Files\rising\Rav\ScanEx.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 27]
    [C:\Program Files\rising\Rav\RSUnpack.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 17]
    [C:\Program Files\rising\Rav\NvFile.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 7]
    [C:\Program Files\rising\Rav\ScanMac.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [C:\Program Files\rising\Rav\ScanSct.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
    [C:\Program Files\rising\Rav\RsStore.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\rising\Rav\ExtOLE.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [C:\Program Files\rising\Rav\Unpacker.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[PID: 1684][C:\Program Files\Rising\Rfw\rfwsrv.exe]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 33]
    [C:\Program Files\Rising\Rfw\RfwRule.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 13]
    [C:\Program Files\Rising\Rfw\rfwlog.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 6]
    [C:\Program Files\Rising\Rfw\Rfwdrv.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 21]
    [C:\Program Files\Rising\Rfw\MonDrv.dll]  [rs, 1, 0, 0, 4]
    [C:\Program Files\Rising\Rfw\ProcLib.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 9]
[PID: 1880][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
[PID: 1980][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 152][C:\WINDOWS\system32\Rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\tsbfdx31.dll]  [N/A, N/A]
[PID: 200][C:\Program Files\rising\Rav\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
    [C:\Program Files\rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[PID: 440][C:\Program Files\Rising\Rfw\RfwMain.exe]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 52]
    [C:\Program Files\Rising\Rfw\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 23]
    [C:\Program Files\Rising\Rfw\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\Rising\Rfw\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[PID: 572][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.13.10.4104]
[PID: 796][C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe]  [Ulead Systems, Inc., 1, 0, 0, 4]
[PID: 968][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 676][C:\Program Files\rising\Rav\RavTask.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 22]
    [C:\Program Files\rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [C:\Program Files\rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\WINDOWS\system32\tsbfdx31.dll]  [N/A, N/A]
[PID: 748][C:\Program Files\rising\Rav\Ravmon.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 1, 10]
    [C:\Program Files\rising\Rav\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 23]
    [C:\Program Files\rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 16]
    [C:\Program Files\rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [C:\Program Files\rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\WINDOWS\system32\tsbfdx31.dll]  [N/A, N/A]
[PID: 724][C:\WINDOWS\system32\wscntfy.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1476][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3256][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3324][F:\杀毒\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
秋日里的蓝天 - 2006-10-8 0:00:00
删除
C:\WINDOWS\system32\tsbfdx31.dll
ao00o - 2006-10-8 18:50:00
谢谢楼上的,tsbfdx31.dll文件在安全模式下也删除不了。
用KillBox.exe也不行.怎么办啊
ao00o - 2006-10-8 23:08:00
又用了好多方法,还是删除不了这个文件,怎么办呢?
我无邪 - 2006-10-9 0:21:00
打开System Repair Engineer(也就是你的扫描日志软件SREng.exe),点“启动项目,服务,点“驱动程序”勾选“隐藏以认证的微软服务”选中病毒服务nwupspx,选择“删除服务”点“设置”选择“否”
重启
请到www.27814939.ys168.com,点“我的软件”下载KillBox.exe
重新启动电脑, 开机检测完后, 按[F8]键(可以一直按到启动菜单出来为止), 选择安全模式进入Windows
双击打开KillBox.exe,分别删除
C:\WINDOWS\system32\drivers\nwupspx.sys
C:\WINDOWS\system32\tsbfdx31.dll
(删除时勾选“删除前先结束Explorer.EXE进程”不行再试着勾选"删除DLL文件前反注册此文件"
给菜鸟的东东—KillBox的使用技巧
http://forum.ikaka.com/topic.asp?board=28&artid=8160799

打开一个IE窗口,工具,internte选项,点“删除文件”弹出一个窗口勾选“删除所有脱机内容”删除cookies,确定。
打开System Repair Engineer(也就是你的扫描日志软件SREng.exe),使用“系统修复,Internet Explorer”“全选”“修复"看看能不能解决问题。
1
查看完整版本: IE首页被篡改
© 2000 - 2026 Rising Corp. Ltd.