瑞星卡卡安全论坛

在线在求下帮助

导入不行啊

附件: 63285520061026143547.JPG

还是不行啊5555,小红伞

附件: 63285520061026145423.JPG

终于知道中的啥毒了啊,如何把这个从病毒隔离系统导出来啊,看的更清楚些看见全名啊

附件: 63285520061026151855.JPG

修复
O4 - 启动项HKLM\\Run: [wdfmgr32] C:\WINDOWS\system32\wdfmgr32.exe
O4 - 启动项HKLM\\Run: [Microsoft] C:\WINDOWS\taskmgr.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
删除
C:\WINDOWS\system32\wdfmgr32.exe
C:\WINDOWS\taskmgr.exe

修改主页

http://mopery.hits.io/sreng2.zip 下载System Repair Engineer
1 解压缩sreng2.zip
2 运行SREng.exe
3 智能扫描=》扫描=》保存报告
4 把日志中的报告完整拷贝贴上来，不要修改

被流氓搞了,用超级兔子吧

谢谢34楼的大大我去看下

SRE开不了点了没反应啊

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

+ BigDog305VimicroVimicroc:\windows\vm305_sti.exe

+ DAEMON ToolsFile not found: ;

+ NvCplDaemonNVIDIA Display Properties ExtensionNVIDIA Corporationc:\windows\system32\nvcpl.dll

+ nwizFile not found: ;

+ SoundManFile not found: ;

+ StormCodec_Helperd:\ringz studio\storm codec\stormset.exe

+ TkBellExeRealNetworks SchedulerRealNetworks, Inc.c:\program files\common files\real\update_ob\realsched.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks

+ 0c5d07ff.dllc:\program files\common files\microsoft shared\msinfo\0c5d07ff.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved

+ Desktop ExplorerNVIDIA Desktop Explorer, Version 56.72 NVIDIA Corporationc:\windows\system32\nvshell.dll

+ Desktop Explorer MenuNVIDIA Desktop Explorer, Version 56.72 NVIDIA Corporationc:\windows\system32\nvshell.dll

+ Display Panning CPL ExtensionFile not found: deskpan.dll

+ HyperTerminal Icon ExtHyperTerminal Applet LibraryHilgraeve, Inc.c:\windows\system32\hticons.dll

+ NvCpl DesktopContext ClassNVIDIA Display Properties ExtensionNVIDIA Corporationc:\windows\system32\nvcpl.dll

+ nView Desktop Context MenuNVIDIA Desktop Explorer, Version 56.72 NVIDIA Corporationc:\windows\system32\nvshell.dll

+ PicaViewPicaView 系统扩展 DLLACD Systems, Ltd.c:\program files\acdsee\picaview.dll

+ Play on my TV helperNVIDIA Display Properties ExtensionNVIDIA Corporationc:\windows\system32\nvcpl.dll

+ RISINGRising Shell Ext ModuleBeijing Rising Technology Co., Ltd.c:\windows\system32\ravext.dll

+ Shell Extensions for RealOne PlayerRealPlayer Shell ExtensionsRealNetworks, Inc.c:\program files\real\realplayer\rpshell.dll

+ WinRAR shell extensionc:\program files\winrar\rarext.dll

+ 粉碎文件File not found: C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\ywiper.dll

HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved

+ Web 文件夹c:\program files\common files\microsoft shared\web folders\msonsext.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

+ IeCatch2 Classjccatch ModuleAmaze Softc:\program files\flashget\jccatch.dll

+ QQBrowserHelperObject ClassQQIEHelper Module深圳市腾讯计算机系统有限公司d:\tencent\qq\qqiehelper.dll

+ Thunder Browser HelperXunLeiBHOThunder Networking Technologies,LTDc:\program files\thunder network\thunder\comdlls\xunleibho_002.dll

+ ThunderIEHelper ClassXunLei BHOThunder Networking Technologies,LTDc:\windows\system32\xunleibho_v14.dll

HKLM\Software\Microsoft\Internet Explorer\Toolbar

+ FlashGet BarFlashGet IE BarAmaze Softc:\program files\flashget\fgiebar.dll

HKLM\System\CurrentControlSet\Services

+ NVSvcProvides system and desktop level support to the NVIDIA display driverNVIDIA Corporationc:\windows\system32\nvsvc32.exe

HKLM\System\CurrentControlSet\Services

+ a320raidAdaptec HostRAID for Ultra320 SCSIAdaptec, Inc.c:\windows\system32\drivers\a320raid.sys

+ aar1210Adaptec HostRAID for Serial ATAAdaptec, Inc.c:\windows\system32\drivers\aar1210.sys

+ adpu320Adaptec Win2K/XP/Server2003 Ultra320 SCSI DriverAdaptec, Inc.c:\windows\system32\drivers\adpu320.sys

+ aec6210ACARD Technology Corp.c:\windows\system32\drivers\aec6210.sys

+ aec6260ID=0006, 0007ACARD Technology Corp.c:\windows\system32\drivers\aec6260.sys

+ aec6280AEC6280 Miniport DriverACARD Technology Corp.c:\windows\system32\drivers\aec6280.sys

+ AEC6890AEC6880/90 PCI Ultra ATA133 RAID Adapter DriverACARD Technology Corp.c:\windows\system32\drivers\aec6890.sys

+ aec68x5AEC6885/95/96 PCI ATA133 4 Channel RAID Adapter DriverACARD Technology Corp.c:\windows\system32\drivers\aec68x5.sys

+ ALCXWDMRealtek AC'97 Audio Driver (WDM)Realtek Semiconductor Corp.c:\windows\system32\drivers\alcxwdm.sys

+ AliIdeFile not found: System32\DRIVERS\aliide.sys

+ ascAdvanSys SCSI Controller DriverAdvanced System Products, Inc.c:\windows\system32\drivers\asc.sys

+ asc3550AdvanSys Ultra-Wide PCI SCSI DriverAdvanced System Products, Inc.c:\windows\system32\drivers\asc3550.sys

+ ati2mtagATI Radeon WindowsNT Miniport DriverATI Technologies Inc.c:\windows\system32\drivers\ati2mtag.sys

+ BaseTDIbasetdiBeijing Rising Technology Co., Ltd.c:\windows\system32\drivers\basetdi.sys

+ CmdIdeCMD PCI IDE Bus DriverCMD Technology, Inc.c:\windows\system32\drivers\cmdide.sys

+ dac2w2kMylex Disk Array Controller DriverMylex Corporationc:\windows\system32\drivers\dac2w2k.sys

+ dpti2oFile not found: System32\DRIVERS\dpti2o.sys

+ dtscsic:\windows\system32\drivers\dtscsi.sys

+ ExpScanerExpScan.sysc:\program files\rising\rav\expscan.sys

+ fasttrakPromise FastTrak Series Driver for WinXPPromise Technology, Inc.c:\windows\system32\drivers\fasttrak.sys

+ fasttx2kPromise Driver for Windows XPPromise Technology, Inc.c:\windows\system32\drivers\fasttx2k.sys

+ fasttx2k2Promise FastTrak Series Driver for WindowsXPPromise Technology, Inc.c:\windows\system32\drivers\fasttx2k2.sys

+ FETNDISBNDIS 5.0 miniport driverVIA Technologies, Inc.              c:\windows\system32\drivers\fetnd5b.sys

+ GMSIPCIFile not found: G:\INSTALL\GMSIPCI.SYS

+ HookContTDI HOOK DriverRising tech Co. ltdc:\program files\rising\rav\hookcont.sys

+ HookRegc:\program files\rising\rav\hookreg.sys

+ HookSysHooksysRisingc:\program files\rising\rav\hooksys.sys

+ HPT371HPT3xx Miniport DriverHighPoint Technologies, Inc.c:\windows\system32\drivers\hpt371.sys

+ hpt374HPT374 Miniport DriverHighPoint Technologies, Inc.c:\windows\system32\drivers\hpt374.sys

+ hpt3xxHPT3xx Miniport DriverHighPoint Technologies, Inc.c:\windows\system32\drivers\hpt3xx.sys

+ hptmvhptmv Miniport DriverHighPoint Technologies, Inc.c:\windows\system32\drivers\hptmv.sys

+ hptproHptproHighPoint Technologies, Inc.c:\windows\system32\drivers\hptpro.sys

+ iaStorIntel Application Accelerator driverIntel Corporationc:\windows\system32\drivers\iastor.sys

+ iteraidITE IT8212 ATA RAID SCSI miniportIntegrated Technology Express, Inc.c:\windows\system32\drivers\iteraid.sys

+ m5228M5228 ATA RAID Controller DriverALi Corporation.c:\windows\system32\drivers\m5228.sys

+ m5281M5281 SATA RAID Controller DriverALi Corporationc:\windows\system32\drivers\m5281.sys

+ MegaIDELSI MegaRAID IDE DriverLSI Logic Corporation.c:\windows\system32\drivers\megaide.sys

+ MEMSCANMemScan Driver瑞星软件有限公司c:\program files\rising\rav\memscan.sys

+ mraid2kMEGARAID SCSI Controller Driver for Windows 2000 PAEAmerican Megatrends, Inc.c:\windows\system32\drivers\mraid2k.sys

+ mraid35xMegaRAID RAID Controller Driver for Windows Whistler 32American Megatrends Inc.c:\windows\system32\drivers\mraid35x.sys

+ npkcryptFile not found: D:\Tencent\QQ\npkcrypt.sys

+ nvNVIDIA Compatible Windows 2000 Miniport Driver, Version 56.72 NVIDIA Corporationc:\windows\system32\drivers\nv4_mini.sys

+ Pnp680DMA capable ATA miniport driverSilicon Image, Inc.c:\windows\system32\drivers\pnp680.sys

+ Pnp680rDMA capable ATA RAID miniport driver Silicon Image, Incc:\windows\system32\drivers\pnp680r.sys

+ PtilinkDirect Parallel Link DriverParallel Technologies, Inc.c:\windows\system32\drivers\ptilink.sys

+ ql1080Miniport Driver for QLogic ISP PCI AdaptersQLogic Corporationc:\windows\system32\drivers\ql1080.sys

+ ql12160Miniport Driver for QLogic ISP PCI AdaptersQLogic Corporationc:\windows\system32\drivers\ql12160.sys

+ ql1280Miniport Driver for QLogic ISP PCI AdaptersQLogic Corporationc:\windows\system32\drivers\ql1280.sys

+ rtl8139Realtek RTL8139 NDIS 5.0 DriverRealtek Semiconductor Corporationc:\windows\system32\drivers\rtl8139.sys

+ SecdrvSafeDisc driverMacrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.c:\windows\system32\drivers\secdrv.sys

+ SI3112Serial ATA miniport driverSilicon Image, Inc.c:\windows\system32\drivers\si3112.sys

+ SI3112rSerial ATA RAID Miniport DriverSilicon Image, Incc:\windows\system32\drivers\si3112r.sys

+ SI3114Serial ATA miniport driverSilicon Image, Inc.c:\windows\system32\drivers\si3114.sys

+ SI3114rSATARAID Miniport DriverSilicon Image, Incc:\windows\system32\drivers\si3114r.sys

+ SI3124Serial ATA miniport driverSilicon Image, Inc.c:\windows\system32\drivers\si3124.sys

+ SI3124rSATARAID miniport driver (PRE-RELEASE)Silicon Image, Incc:\windows\system32\drivers\si3124r.sys

+ SiFilterWindows Accelerator DriverSilicon Image, Inc.c:\windows\system32\drivers\siwinacc.sys

+ SiSRaidSiS RAID Miniport DriverSilicon Integrated Systemsc:\windows\system32\drivers\sisraid.sys

+ SiSRaid1SiS RAID Miniport DriverSilicon Integrated Systemsc:\windows\system32\drivers\sisraid1.sys

+ sparrowAdaptec AIC-6x60 series SCSI miniportAdaptec, Inc.c:\windows\system32\drivers\sparrow.sys

+ sptdc:\windows\system32\drivers\sptd.sys

+ sptrakPromise SuperTrak Family Driver for WindowsNTPromise Technology, Inc.c:\windows\system32\drivers\sptrak.sys

+ sym_hiSymbios Hi-Perf SCSI Miniport DriverLSI Logicc:\windows\system32\drivers\sym_hi.sys

+ sym_u3Symbios Ultra3 SCSI Miniport DriverLSI Logicc:\windows\system32\drivers\sym_u3.sys

+ symc810Symbios Logic Inc. SCSI Miniport DriverSymbios Logic Inc.c:\windows\system32\drivers\symc810.sys

+ symc8xxSymbios 8XX SCSI Miniport DriverLSI Logicc:\windows\system32\drivers\symc8xx.sys

+ UlSataPromise Ultra/Sata Series Driver for WinXPPromise Technology, Inc.c:\windows\system32\drivers\ulsata.sys

+ ultraPromise Ultra66 Miniport 驱动程序Promise Technology, Inc.c:\windows\system32\drivers\ultra.sys

+ viamraidVIA RAID DRIVER FOR WIN 2000/XP/2003IA32VIA Technologies inc,.ltdc:\windows\system32\drivers\viamraid.sys

+ viapdskVIA VT4149 PATA DriverVIA Technologies, Inc.c:\windows\system32\drivers\viapdsk.sys

+ viaraidVT6410 RAID DRIVER FOR WINXPVIA Technologies inc,.ltdc:\windows\system32\drivers\viaraid.sys

+ viasraidVIA SATA RAID DRIVER FOR WINXPVIA Technologies inc,.ltdc:\windows\system32\drivers\viasraid.sys

+ vmscsiVMware SCSI ControllerVMware, Inc.c:\windows\system32\drivers\vmscsi.sys

+ WINIOFile not found: G:\winio.sys

+ ZSMC0305Video streaming and Capture Device DriverVimicro Corporationc:\windows\system32\drivers\usbvm305.sys

HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute

+ autocheck autochk *File not found: autocheck

SRE点了没反应好象和瑞星一样被平掉了,只有autoruns能用啊

原来把SRE的名字改下又能用了,发下报告
2006-10-26,16:55:16

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <nwiz><; nwiz.exe /install>  [NVIDIA Corporation]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <SoundMan><; SOUNDMAN.EXE>  [Realtek Semiconductor Corp.]
    <BigDog305><C:\WINDOWS\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305)>  []
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [NVIDIA Corporation]
    <StormCodec_Helper><"D:\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>  []
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  []
    <DAEMON Tools><; "d:\DAEMON Tools\daemon.exe" -lang 1033>  [DT Soft Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\SYSTEM32\Userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{D07F0C5D-0C5D-07FF-5D07-C5D7FC5D07FF}><C:\Program Files\Common Files\Microsoft Shared\MSINFO\0C5D07FF.dll>  []
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><>  []

==================================
启动文件夹
服务
[NVIDIA Display Driver Service / NVSvc]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Rising Process Communication Center / RsCCenter]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>

==================================
浏览器加载项
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v14.dll, Thunder Networking Technologies,LTD>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <D:\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FLASHGET\jccatch.dll, Amaze Soft>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v14.dll, Thunder Networking Technologies,LTD>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[Tabular Data Control]
  {333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\WINDOWS\system32\tdc.ocx, Microsoft Corporation>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <D:\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[PP Control]
  {616DACC1-C5E6-4646-B36A-3FA4FC726BAD} <d:\bluesky\BLUESK~1\ppc.ocx, N/A>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[Tracechat Control]
  {A40335C4-D3D1-4E7B-9130-039CDA5B603C} <d:\bluesky\BLUESK~1\TRACEC~1.OCX, N/A>
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FLASHGET\jccatch.dll, Amaze Soft>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[&使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[上传到QQ网络硬盘]
  <D:\Tencent\QQ\AddToNetDisk.htm, N/A>
[使用网际快车下载]
  <C:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <C:\Program Files\FlashGet\jc_all.htm, N/A>
[添加到QQ自定义面板]
  <D:\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <D:\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <D:\Tencent\QQ\SendMMS.htm, N/A>

==================================

正在运行的进程
[PID: 472][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 528][\??\C:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 552][\??\C:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 600][C:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 612][C:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 768][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 836][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 944][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 996][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1052][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1300][C:\WINDOWS\Explorer.EXE]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\Program Files\Common Files\Microsoft Shared\MSINFO\0C5D07FF.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\xunleibho_v14.dll]  <Thunder Networking Technologies,LTD><4, 6, 0, 62>
    [C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll]  <Thunder Networking Technologies,LTD><5, 0, 0, 2>
    [C:\PROGRA~1\FLASHGET\jccatch.dll]  <Amaze Soft><1, 1, 4, 0>
    [C:\Program Files\WinRAR\rarext.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\RavExt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\WINDOWS\system32\CmdLineExt.dll]  <Sony DADC Austria AG.><1,0,201,0>
[PID: 1352][C:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)>
[PID: 1544][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  <RealNetworks, Inc.><0.1.0.3510>
    [C:\Program Files\Common Files\Microsoft Shared\MSINFO\0C5D07FF.dll]  <N/A><N/A>
[PID: 1556][C:\WINDOWS\VM305_STI.EXE]  <Vimicro><4, 3, 625, 61>
    [C:\Program Files\Common Files\Microsoft Shared\MSINFO\0C5D07FF.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\msdmo.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\VM305Prp.Ax]  <Vimicro><4.3. 625.61>
[PID: 1608][C:\WINDOWS\system32\ctfmon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\Program Files\Common Files\Microsoft Shared\MSINFO\0C5D07FF.dll]  <N/A><N/A>
[PID: 2012][C:\WINDOWS\system32\nvsvc32.exe]  <NVIDIA Corporation><6.14.10.5672>
[PID: 2044][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 216][C:\WINDOWS\system32\wdfmgr.exe]  <Microsoft Corporation><5.2.3790.1230 built by: DNSRV(bld4act)>
[PID: 1160][C:\WINDOWS\System32\alg.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 592][C:\Program Files\Internet Explorer\iexplore.exe]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\Program Files\Common Files\Microsoft Shared\MSINFO\0C5D07FF.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\xunleibho_v14.dll]  <Thunder Networking Technologies,LTD><4, 6, 0, 62>
    [D:\Tencent\QQ\QQIEHelper.dll]  <深圳市腾讯计算机系统有限公司><1, 1, 0, 5>
    [C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll]  <Thunder Networking Technologies,LTD><5, 0, 0, 2>
    [C:\PROGRA~1\FLASHGET\jccatch.dll]  <Amaze Soft><1, 1, 4, 0>
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  <Adobe Systems, Inc.><9,0,16,0>
[PID: 1464][D:\Sandai Technologies Inc\讯雷下载\游戏\sreng2\SREng2\SREn.exe]  <Smallfrogs Studio><2.0.21.505>
    [C:\Program Files\Common Files\Microsoft Shared\MSINFO\0C5D07FF.dll]  <N/A><N/A>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================

请到westbeck.ys168.com点"手动杀毒辅助工具"下载killbox
重新启动电脑, 开机检测完后, 按[F8]键(可以一直按到启动菜单出来为止), 选择安全模式进入Windows
运行System Repair Engineer，使用“启动项目，注册表”来删除以下选项
<{D07F0C5D-0C5D-07FF-5D07-C5D7FC5D07FF}><C:\Program Files\Common Files\Microsoft Shared\MSINFO\0C5D07FF.dll> []
<{32CD708B-60A7-4C00-9377-D73EAA495F0F}><> []
双击打开KillBox.exe，分别删除
C:\Program Files\Common Files\Microsoft Shared\MSINFO\0C5D07FF.dll
（删除时勾选“删除前先结束Explorer.EXE进程”)
注:后缀为.dll的文件如果无法删除,请勾选"反注册""再删除

虽然我不知知道你中的什么病毒,但是我曾经试过这样,是朋友帮我用魔法兔子搞好的,用它修复你的IE。我现在没有这个软件了所以没法教你，你再试试吧。想请教你一下，你用什么工具截图上传的？

重起后瑞星能用了,没被平掉了,杀毒发现一QQ病毒

附件: 63285520061026184007.JPG

杀干净没啊

附件: 63285520061026184032.JPG

杀完毒后又扫了次报告
HijackThis_815汉化版扫描日志 V1.99.1
保存于      18:41:41, 日期 2006-10-26
操作系统：  Windows XP SP2 (WinNT 5.01.2600)
浏览器：    Unable to get Internet Explorer version!

当前运行的进程：         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Rising\Rav\Ravmond.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Rising\Rav\RavStub.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\VM305_STI.EXE
C:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\Rising\Rav\Ravmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\conime.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\Sandai Technologies Inc\讯雷下载\游戏\HijackThis_815汉化版\HijackThis1991zww.exe

O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v14.dll
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - D:\Tencent\QQ\QQIEHelper.dll
O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FLASHGET\jccatch.dll
O3 - IE工具栏增项: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll
O4 - 启动项HKLM\\Run: [nwiz] ; nwiz.exe /install
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - 启动项HKLM\\Run: [SoundMan] ; SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [BigDog305] C:\WINDOWS\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305)
O4 - 启动项HKLM\\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - 启动项HKLM\\Run: [StormCodec_Helper] "D:\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - 启动项HKLM\\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - 启动项HKLM\\Run: [DAEMON Tools] ; "d:\DAEMON Tools\daemon.exe" -lang 1033
O4 - 启动项HKLM\\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\RunOnce: [RavStub] "C:\Program Files\Rising\Rav\ravstub.exe" /RUNONCE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - IE右键菜单中的新增项目: &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm
O8 - IE右键菜单中的新增项目: &使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - D:\Tencent\QQ\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - C:\Program Files\FlashGet\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - C:\Program Files\FlashGet\jc_all.htm
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - D:\Tencent\QQ\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - D:\Tencent\QQ\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - D:\Tencent\QQ\SendMMS.htm
O17 - HKLM\System\CCS\Services\Tcpip\..\{6891F74D-B4D4-49E0-AD12-F6EC3045B351}: NameServer = 220.189.127.108 220.189.127.107
O23 - NT 服务: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe

看正常没啊

还扫了个SRE的大家看下
2006-10-26,18:42:35

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <nwiz><; nwiz.exe /install>  [NVIDIA Corporation]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <SoundMan><; SOUNDMAN.EXE>  [Realtek Semiconductor Corp.]
    <BigDog305><C:\WINDOWS\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305)>  []
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [NVIDIA Corporation]
    <StormCodec_Helper><"D:\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>  []
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  []
    <DAEMON Tools><; "d:\DAEMON Tools\daemon.exe" -lang 1033>  [DT Soft Ltd.]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <RavStub><"C:\Program Files\Rising\Rav\ravstub.exe" /RUNONCE>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\SYSTEM32\Userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [Microsoft Corporation]

==================================
启动文件夹
服务
[NVIDIA Display Driver Service / NVSvc]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Rising Process Communication Center / RsCCenter]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>

==================================
浏览器加载项
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v14.dll, Thunder Networking Technologies,LTD>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <D:\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FLASHGET\jccatch.dll, Amaze Soft>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v14.dll, Thunder Networking Technologies,LTD>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[Tabular Data Control]
  {333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\WINDOWS\system32\tdc.ocx, Microsoft Corporation>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <D:\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[PP Control]
  {616DACC1-C5E6-4646-B36A-3FA4FC726BAD} <d:\bluesky\BLUESK~1\ppc.ocx, N/A>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[Tracechat Control]
  {A40335C4-D3D1-4E7B-9130-039CDA5B603C} <d:\bluesky\BLUESK~1\TRACEC~1.OCX, N/A>
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FLASHGET\jccatch.dll, Amaze Soft>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[&使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[上传到QQ网络硬盘]
  <D:\Tencent\QQ\AddToNetDisk.htm, N/A>
[使用网际快车下载]
  <C:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <C:\Program Files\FlashGet\jc_all.htm, N/A>
[添加到QQ自定义面板]
  <D:\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <D:\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <D:\Tencent\QQ\SendMMS.htm, N/A>

==================================

正在运行的进程
[PID: 472][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 528][\??\C:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 552][\??\C:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 600][C:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 612][C:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 768][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 836][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 932][C:\Program Files\Rising\Rav\CCenter.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
[PID: 948][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1028][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1064][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1120][C:\Program Files\Rising\Rav\Ravmond.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 1, 35>
    [C:\Program Files\Rising\Rav\BWList.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
    [C:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [C:\Program Files\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\Program Files\Rising\Rav\RsLog.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 20>
    [C:\Program Files\Rising\Rav\HOOKSYS.dll]  <Beijing Rising Technology Co., Ltd.><18, 1, 0, 11>
    [C:\Program Files\Rising\Rav\Scanner.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 32>
    [C:\Program Files\Rising\Rav\libload.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [C:\Program Files\Rising\Rav\VirusLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 12>
    [C:\Program Files\Rising\Rav\regmon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
    [C:\Program Files\Rising\Rav\HookWeb.dll]  <rising><18, 0, 0, 2>
    [C:\Program Files\Rising\Rav\MemMon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [C:\Program Files\Rising\Rav\expscan.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\Program Files\Rising\Rav\mPorts.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 3>
    [C:\Program Files\Rising\Rav\MailMon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [C:\Program Files\Rising\Rav\SpamEng.dll]  <N/A><18, 0, 0, 6>
    [C:\Program Files\Rising\Rav\engine.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 35>
    [C:\Program Files\Rising\Rav\PostTrt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 18>
    [C:\Program Files\Rising\Rav\UnExe.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [C:\Program Files\Rising\Rav\ScanExec.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 15>
    [C:\Program Files\Rising\Rav\ScanEx.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 30>
    [C:\Program Files\Rising\Rav\RSUnpack.dll]  <Beijing Rising Technology Co., Ltd.><1, 0, 0, 18>
    [C:\Program Files\Rising\Rav\ExtFile.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
    [C:\Program Files\Rising\Rav\NvFile.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 7>
    [C:\Program Files\Rising\Rav\ScanMac.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [C:\Program Files\Rising\Rav\ScanSct.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
    [C:\Program Files\Rising\Rav\Unpacker.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [C:\Program Files\Rising\Rav\ExtOLE.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
[PID: 1324][C:\WINDOWS\Explorer.EXE]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\xunleibho_v14.dll]  <Thunder Networking Technologies,LTD><4, 6, 0, 62>
    [C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll]  <Thunder Networking Technologies,LTD><5, 0, 0, 2>
    [C:\PROGRA~1\FLASHGET\jccatch.dll]  <Amaze Soft><1, 1, 4, 0>
[PID: 1408][C:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)>
[PID: 1548][C:\Program Files\Rising\Rav\RavStub.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 16>
    [C:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[PID: 1704][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  <RealNetworks, Inc.><0.1.0.3510>
[PID: 1712][C:\WINDOWS\VM305_STI.EXE]  <Vimicro><4, 3, 625, 61>
    [C:\WINDOWS\system32\msdmo.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\VM305Prp.Ax]  <Vimicro><4.3. 625.61>
[PID: 1752][C:\Program Files\Rising\Rav\RavTask.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 22>
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [C:\Program Files\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [C:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
[PID: 1764][C:\Program Files\Rising\Rav\Ravmon.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 1, 33>
    [C:\Program Files\Rising\Rav\RsGuiLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 26>
    [C:\Program Files\Rising\Rav\BWList.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [C:\Program Files\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [C:\Program Files\Rising\Rav\PngDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[PID: 1772][C:\WINDOWS\system32\ctfmon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 244][C:\WINDOWS\system32\conime.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 512][C:\WINDOWS\system32\nvsvc32.exe]  <NVIDIA Corporation><6.14.10.5672>
[PID: 792][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1008][C:\WINDOWS\system32\wdfmgr.exe]  <Microsoft Corporation><5.2.3790.1230 built by: DNSRV(bld4act)>
[PID: 1980][C:\WINDOWS\System32\alg.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1724][C:\Program Files\Internet Explorer\iexplore.exe]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\xunleibho_v14.dll]  <Thunder Networking Technologies,LTD><4, 6, 0, 62>
    [D:\Tencent\QQ\QQIEHelper.dll]  <深圳市腾讯计算机系统有限公司><1, 1, 0, 5>
    [C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll]  <Thunder Networking Technologies,LTD><5, 0, 0, 2>
    [C:\PROGRA~1\FLASHGET\jccatch.dll]  <Amaze Soft><1, 1, 4, 0>
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  <Adobe Systems, Inc.><9,0,16,0>
    [C:\WINDOWS\system32\nvcpl.dll]  <NVIDIA Corporation><6.14.10.5672>
    [C:\WINDOWS\system32\nvshell.dll]  <NVIDIA Corporation><6.14.10.5672>
    [C:\WINDOWS\system32\NVWRSZHC.DLL]  <NVIDIA Corporation><6.14.10.5672>
[PID: 1864][D:\Sandai Technologies Inc\讯雷下载\游戏\sreng2\SREng2\SREn.exe]  <Smallfrogs Studio><2.0.21.505>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================
大家看正常没了啊还有啥问提啊

用杀软　清尸体 无异常了..

谢了没WT了吧

主页问题解决了没有？http://free.ys168.com/?enuo8979其他目录，解锁IE主页.REG

问提MS都解决了,报告看来也没WT了谢谢LS的各位啊