Logfile of HijackThis v1.99.1
Scan saved at 10:26:18, on 2006-8-27
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\program files\rising\rfw\rfwsrv.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\rising\Rav\RavStub.exe
C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\srvany.exe
C:\WINDOWS\system32\resetservice.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\msime.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
c:\program files\rising\rfw\RfwMain.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\rising\Rav\RavTask.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3X1.EXE
D:\Program Files\PowerDVD\PDVDServ.exe
D:\Program Files\WebThunder\WebThunder.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
D:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\rising\Rav\Ravmon.exe
d:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\rising\Rav\CCenter.exe
C:\Program Files\rising\Rav\Ravmond.exe
D:\HijackThis V1.99.1 汉化版\HijackThis.exe

O2 - BHO: WebThunderBHO - {00000AAA-A363-466E-BEF5-9BB68697AA7F} - D:\Program Files\WebThunder\WebThunderBHO_011.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - d:\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~1\FLASHGET\jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: 百度搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\WINDOWS\DOWNLO~1\BaiDuBar.dll
O2 - BHO: (no name) - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - (no file)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: (no name) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - (no file)
O3 - Toolbar: 百度搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\WINDOWS\DOWNLO~1\BaiDuBar.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\fgiebar.dll
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: (no name) - {F60C7D81-8471-4D40-AAFE-56D318F34C2D} - (no file)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [internat.exe] internat.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [IMONTRAY] C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe
O4 - HKLM\..\Run: [SonicFocus] "C:\Program Files\Sonic Focus\SFIGUI\SFIGUI.EXE" BOOT
O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [EPSON ME 100] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3X1.EXE /P12 "EPSON ME 100" /O6 "USB003" /M "ME 100"
O4 - HKLM\..\Run: [RemoteControl] "d:\Program Files\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [WebThunder] d:\Program Files\WebThunder\WebThunder.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - Startup: Yahoo! Widget Engine.lnk = D:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: NkbMonitor.exe.lnk = D:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Google 搜索(&G) - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: 使用Web迅雷下载 - d:\Program Files\WebThunder\GetUrl.htm
O8 - Extra context menu item: 使用Web迅雷下载全部链接 - d:\Program Files\WebThunder\GetAllUrl.htm
O8 - Extra context menu item: 使用网际快车下载 - D:\Program Files\FLASHGET\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - D:\Program Files\FLASHGET\jc_all.htm
O8 - Extra context menu item: 反向链接 - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: 收藏此页到ViVi - http://vivi.sina.com.cn/collect/click.php?agent=ddt
O8 - Extra context menu item: 新浪搜索 - http://cha.sina.com.cn/ddt.html
O8 - Extra context menu item: 查看 Exif 信息(&V) - res://D:\Program Files\Exif Show\ExShow.dll/EXSHOW.HTML
O8 - Extra context menu item: 查看 Exif/GPS/IPTC 信息 - d:\Program Files\Opanda\IExif 1.8\IExifCom.htm
O8 - Extra context menu item: 类似网页 - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: 缓存的网页快照 - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: 翻译英文字词(&T) - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O9 - Extra button: 红心游戏 - {00000000-DAEB-480d-867B-D746D955765B} - D:\Program Files\redheart青岛保皇\GameHall.exe
O9 - Extra 'Tools' menuitem: 红心游戏世界 - {00000000-DAEB-480d-867B-D746D955765B} - D:\Program Files\redheart青岛保皇\GameHall.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .amr: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: {58CDB34C-B4D7-418B-A0FB-C4C8A01C2F0E} - http://pi2.51.net/download/diybar.cab
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\Documents and Settings\Administrator\Local Settings\Temp\EI40_\msxml4.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {D1440673-6A26-4AE2-AC62-3FB23AF07349} (Upload Class) - http://www.0532keda.com/keda/manage/front/upload/TruesyUpload.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{05F6FBC7-FC96-45F2-BAF3-A4B50021D011}: NameServer = 10.64.1.1,10.68.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{05F6FBC7-FC96-45F2-BAF3-A4B50021D011}: NameServer = 10.64.1.1,10.68.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{05F6FBC7-FC96-45F2-BAF3-A4B50021D011}: NameServer = 10.64.1.1,10.68.1.1
O20 - Winlogon Notify: reset5 - C:\WINDOWS\SYSTEM32\reset5.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Reset 5 - Unknown owner - C:\WINDOWS\system32\srvany.exe
O23 - Service: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\rising\Rav\CCenter.exe
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\rising\Rav\Ravmond.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

瑞星绝对没问题，一定中毒了，在安全模式下杀杀看

关闭所有浏览窗口以及一些不必要的程序
运行Hijackthis，扫描结束后在下列选项前打上勾，然后选"修复"
O12 - Plugin for .amr: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: {58CDB34C-B4D7-418B-A0FB-C4C8A01C2F0E} - http://pi2.51.net/download/diybar.cab
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\Documents and Settings\Administrator\Local Settings\Temp\EI40_\msxml4.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {D1440673-6A26-4AE2-AC62-3FB23AF07349} (Upload Class) - http://www.0532keda.com/keda/manage/front/upload/TruesyUpload.cab
请下载 System Repair Engineer，使用“智能扫描”，按下“扫描”按钮进行扫描，扫描完成后按下“保存报告”按钮保存报告日志文件（SREng.LOG），把保存的报告日志文件内容复制-粘贴上来
下载网址
http://www.kztechs.com/sreng/sreng2.zip
http://forum.ikaka.com/topic.asp?board=67&artid=5188931
日志一次粘不完，分次粘完，请不要修改。

2006-08-27,12:50:32

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 1 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe>  [Microsoft Corporation]
    <BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}><"C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe">  [Nero AG]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <SoundMAXPnP><C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe>  [Analog Devices, Inc.]
    <internat.exe><internat.exe>  [Microsoft Corporation]
    <SoundMAX><"C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray>  [Analog Devices, Inc.]
    <IMONTRAY><C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe>  []
    <SonicFocus><"C:\Program Files\Sonic Focus\SFIGUI\SFIGUI.EXE" BOOT>  []
    <RfwMain><"C:\Program Files\rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  []
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <RavTask><"C:\Program Files\rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <QuickTime Task><"C:\Program Files\QuickTime\qttask.exe" -atboottime>  [Apple Computer, Inc.]
    <EPSON ME 100><C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3X1.EXE /P12 "EPSON ME 100" /O6 "USB003" /M "ME 100">  [SEIKO EPSON CORPORATION]
    <RemoteControl><"d:\Program Files\PowerDVD\PDVDServ.exe">  [Cyberlink Corp.]
    <NeroFilterCheck><C:\WINDOWS\System32\NeroCheck.exe>  [Ahead Software Gmbh]
    <PinnacleDriverCheck><C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg>  []
    <WebThunder><d:\Program Files\WebThunder\WebThunder.exe>  [深圳市迅雷网络技术有限公司]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <KernelFaultCheck><C:\WINDOWS\System32\msime.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\reset5]
    <WinlogonNotify: reset5><reset5.dll>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <cesmain.dll><; rundll32.exe C:\PROGRA~1\3721\Ces\cmail.dll,Rundll32>  []
    <csrss><; >  []
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><; C:\WINDOWS\system32\ctfmon.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <dddclient><; >  []
    <helper.dll><; C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32>  []
    <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32>  [Microsoft Corporation]
    <NeroCheck><; C:\WINDOWS\System32\\NeroCheck.exe>  [Ahead Software Gmbh]
    <NvCplDaemon><; RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup>  [NVIDIA Corporation]
    <nwiz><; nwiz.exe /install>  [NVIDIA Corporation]
    <PHIME2002A><; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [Microsoft Corporation]
    <PHIME2002ASync><; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [Microsoft Corporation]
    <SoundMAX><; "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray>  [Analog Devices, Inc.]
    <Super Rabbit SRRestore><; D:\PROGRA~1\SUPERR~1\SUPERR\SRRest.exe /autosave>  [Super Rabbit Soft]
    <Synchronization Manager><; %SystemRoot%\system32\mobsync.exe /logon>  []
    <TkBellExe><; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot>  [RealNetworks, Inc.]

==================================
启动文件夹
[Microsoft Office]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Microsoft Office.lnk><N>
[NkbMonitor.exe]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\NkbMonitor.exe.lnk><N>
[Adobe Gamma Loader]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Gamma Loader.lnk><N>
[Yahoo! Widget Engine]
  <C:\Documents and Settings\a\「开始」菜单\程序\启动\Yahoo! Widget Engine.lnk><N>

==================================
服务
[Adobe LM Service / Adobe LM Service]
  <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[DuDu Accelerator o / DDDProxy]
  <><N/A>
[Diskeeper / Diskeeper]
  <"C:\Program Files\Executive Software\DiskeeperLite\DKService.exe"><Executive Software International, Inc.>
[InstallDriver Table Manager / IDriverT]
  <"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"><Macrovision Corporation>
[Intel(R) Active Monitor / imonNT]
  <C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe><Intel Corp.>
[LexBce Server / LexBceS]
  <C:\WINDOWS\system32\LEXBCES.EXE><Lexmark International, Inc.>
[NVIDIA Driver Helper Service / NVSvc]
  <C:\WINDOWS\System32\nvsvc32.exe><NVIDIA Corporation>
[Reset 5 / Reset 5]
  <C:\WINDOWS\system32\srvany.exe><N/A>
[Rising Proxy  Service / RfwProxySrv]
  <c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
  <c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[WINS Client / RpcPatch]
  <><N/A>
[SoundMAX Agent Service / SoundMAX Agent Service (default)]
  <C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe><Analog Devices, Inc.>
[Ulead Burning Helper / UleadBurningHelper]
  <C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe><Ulead Systems, Inc.>
[UStorage Server Service / UStorage Server Service]
  <C:\WINDOWS\system32\UStorSrv.exe /Service><OTi>

==================================
浏览器加载项
[WebThunder Browser Helper]
  {00000AAA-A363-466E-BEF5-9BB68697AA7F} <D:\Program Files\WebThunder\WebThunderBHO_011.dll, Thunder Networking Technologies,LTD>
[Yahoo! Toolbar Helper]
  {02478D38-C3F9-4EFB-9B51-7695ECA05670} <C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll, Yahoo! Inc.>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[]
  {53707962-6F74-2D53-2644-206D7942484F} <d:\Spybot - Search & Destroy\SDHelper.dll, Safer Networking Limited>
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <D:\PROGRA~1\FLASHGET\jccatch.dll, Amaze Soft>
[Google Toolbar Helper]
  {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[百度搜霸]
  {B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\WINDOWS\DOWNLO~1\BaiDuBar.dll, >
[EpsonToolBandKicker Class]
  {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} <C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll, SEIKO EPSON CORPORATION>
[红心游戏]
  {00000000-DAEB-480d-867B-D746D955765B} <D:\Program Files\redheart青岛保皇\GameHall.exe, >
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\MSMSGS.EXE, Microsoft Corporation>
[百度搜霸]
  {B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\WINDOWS\DOWNLO~1\BaiDuBar.dll, >
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <D:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
[EPSON Web-To-Page]
  {EE5D279F-081B-4404-994D-C6B60AAEBA6D} <C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll, SEIKO EPSON CORPORATION>
[&Google]
  {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[Yahoo! Toolbar]
  {EF99BD32-C1FB-11D2-892F-0090271D4F88} <C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll, Yahoo! Inc.>
[Upload Class]
  {D1440673-6A26-4AE2-AC62-3FB23AF07349} <C:\WINDOWS\Downloaded Program Files\LeeUpload.DLL, 青岛市求实计算机工程有限公司>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[]
  {53707962-6F74-2D53-2644-206D7942484F} <d:\Spybot - Search & Destroy\SDHelper.dll, Safer Networking Limited>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\System32\shdocvw.dll, N/A>
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <D:\PROGRA~1\FLASHGET\jccatch.dll, Amaze Soft>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\System32\shdocvw.dll, N/A>

[百度搜霸]
  {B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\WINDOWS\DOWNLO~1\BaiDuBar.dll, >
[Adobe Acrobat Control for ActiveX]
  {CA8A9780-280D-11CF-A24D-444553540000} <D:\PROGRA~1\Adobe\ACROBA~1.0\Reader\ActiveX\pdf.ocx, Adobe Systems Incorporated>
[AUDIO__MID Moniker Class]
  {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\System32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <D:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[Google 搜索(&G)]
  <res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html, N/A>
[使用Web迅雷下载]
  <d:\Program Files\WebThunder\GetUrl.htm, N/A>
[使用Web迅雷下载全部链接]
  <d:\Program Files\WebThunder\GetAllUrl.htm, N/A>
[使用网际快车下载]
  <D:\Program Files\FLASHGET\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <D:\Program Files\FLASHGET\jc_all.htm, N/A>
[反向链接]
  <res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html, N/A>
[收藏此页到ViVi]
  <http://vivi.sina.com.cn/collect/click.php?agent=ddt, N/A>
[新浪搜索]
  <http://cha.sina.com.cn/ddt.html, N/A>
[查看 Exif 信息(&V)]
  <res://D:\Program Files\Exif Show\ExShow.dll/EXSHOW.HTML, N/A>
[查看 Exif/GPS/IPTC 信息]
  <d:\Program Files\Opanda\IExif 1.8\IExifCom.htm, N/A>
[类似网页]
  <res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html, N/A>
[缓存的网页快照]
  <res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html, N/A>
[翻译英文字词(&T)]
  <res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html, N/A>

==================================
正在运行的进程
[PID: 424][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 472][\??\C:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 496][\??\C:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
    [C:\WINDOWS\system32\reset5.dll]  <N/A><N/A>
[PID: 540][C:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 552][C:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 728][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 772][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 840][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 864][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 908][c:\program files\rising\rfw\rfwsrv.exe]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 32>
    [c:\program files\rising\rfw\RfwRule.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 13>
    [c:\program files\rising\rfw\rfwlog.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 6>
    [c:\program files\rising\rfw\Rfwdrv.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 21>
    [c:\program files\rising\rfw\MonDrv.dll]  <rs><1, 0, 0, 4>
    [c:\program files\rising\rfw\ProcLib.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 9>
[PID: 1100][C:\WINDOWS\system32\LEXBCES.EXE]  <Lexmark International, Inc.><7.4>
    [C:\WINDOWS\system32\lexp2p32.dll]  <Lexmark International, Inc.><7.4>
    [C:\WINDOWS\system32\lex2kusb.dll]  <Lexmark International, Inc.><7.4>
[PID: 1136][C:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.1.2600.0 (XPClient.010817-1148)>
    [C:\WINDOWS\system32\EBPMON24.DLL]  <SEIKO EPSON CORPORATION><5, 3, 0, 0>
    [C:\WINDOWS\system32\LEXLMPM.DLL]  <Lexmark International, Inc.><7.4>
    [C:\WINDOWS\system32\LexBce.dll]  <Lexmark International, Inc.><7.4>
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\LXAXPP5C.dll]  <Lexmark International><1.0.6.8>
[PID: 1144][C:\WINDOWS\system32\LEXPPS.EXE]  <N/A><N/A>
    [C:\WINDOWS\system32\LEXBCE.DLL]  <Lexmark International, Inc.><7.4>
[PID: 1284][C:\Program Files\Executive Software\DiskeeperLite\DKService.exe]  <Executive Software International, Inc.><7.0.418.0>
    [C:\Program Files\Executive Software\DiskeeperLite\DKLib.dll]  <Executive Software International, Inc.><7.0.418.0>
    [C:\Program Files\Executive Software\DiskeeperLite\DkRes.dll]  <Executive Software International, Inc.><7.0.418.0>
[PID: 1340][C:\WINDOWS\System32\nvsvc32.exe]  <NVIDIA Corporation><6.14.10.4403>
[PID: 1388][C:\WINDOWS\system32\srvany.exe]  <N/A><N/A>
[PID: 1412][C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe]  <Analog Devices, Inc.><3, 2, 6, 0>
[PID: 1420][C:\WINDOWS\system32\resetservice.exe]  <N/A><N/A>
[PID: 1460][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
    [C:\WINDOWS\System32\EPScan6\1500\Scnwia50.dll]  <><2004, 5, 28, 1>
[PID: 1480][C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe]  <Ulead Systems, Inc.><1, 0, 0, 4>
[PID: 1528][C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe]  <Intel Corp.><1.1.9.143 >
    [C:\Program Files\Intel\Intel(R) Active Monitor\IMONRES.LRC]  <Intel Corp.><1.1.9.143 >
    [C:\WINDOWS\System32\SensorDLL.DLL]  <Intel Corp.><1.1.9.143 >
[PID: 1824][C:\WINDOWS\Explorer.EXE]  <Microsoft Corporation><6.00.2800.1106 (xpsp1.020828-1920)>
    [C:\WINDOWS\system32\RavExt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
    [D:\Program Files\Nero7\Nero 7\Nero 7\Nero BackItUp\NBShell.dll]  <Nero AG><2, 0, 0, 5>
    [d:\Program Files\WinRAR\rarext.dll]  <N/A><N/A>
    [D:\Program Files\WebThunder\WebThunderBHO_011.dll]  <Thunder Networking Technologies,LTD><6, 0, 0, 2>
    [d:\Spybot - Search & Destroy\SDHelper.dll]  <Safer Networking Limited><1, 4, 0, 0>
    [D:\PROGRA~1\FLASHGET\jccatch.dll]  <Amaze Soft><1, 1, 4, 0>
    [C:\Program Files\rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\Program Files\Common Files\Ahead\lib\NMDataServices.dll]  <Nero AG><1, 0, 1, 5>
    [C:\Program Files\Common Files\Ahead\lib\NMPluginBase.dll]  <Nero AG><1, 0, 1, 5>
    [C:\Program Files\Common Files\Ahead\lib\NMCoFoundation.dll]  <Nero AG><1, 0, 1, 5>
    [C:\Program Files\Common Files\Ahead\lib\NMVDS.dll]  <Nero AG><1, 0, 1, 5>
    [C:\Program Files\Common Files\Ahead\lib\NMIndexStoreSvrPS.dll]  <Nero AG><1, 0, 1, 5>
[PID: 1948][C:\WINDOWS\System32\msime.exe]  <Microsoft Corporation><5.1.2600.2180>
[PID: 1956][C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe]  <Analog Devices, Inc.><4, 0, 3, 6>
    [C:\Program Files\Analog Devices\SoundMAX\SMWDMIF.dll]  <Analog Device, Inc.><1, 0, 20, 1>
[PID: 1972][C:\Program Files\Analog Devices\SoundMAX\Smax4.exe]  <Analog Devices, Inc.><4, 0, 4, 11>
[PID: 1980][C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe]  <><1.1.9.143 >
    [C:\Program Files\Intel\Intel(R) Active Monitor\IMONRES.LRC]  <Intel Corp.><1.1.9.143 >
    [C:\WINDOWS\System32\SensorDLL.DLL]  <Intel Corp.><1.1.9.143 >
[PID: 2012][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  <RealNetworks, Inc.><0.1.0.3249>
[PID: 2024][C:\Program Files\rising\Rav\RavTask.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 22>
    [C:\Program Files\rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\Program Files\rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [C:\Program Files\rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [C:\Program Files\rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>

[PID: 2044][C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3X1.EXE]  <SEIKO EPSON CORPORATION><3.00>
[PID: 172][D:\Program Files\PowerDVD\PDVDServ.exe]  <Cyberlink Corp.><6.00.1027>
    [d:\Program Files\PowerDVD\CLRCEngine2.dll]  <CyberLink Corp.><3.2.2021 >
[PID: 208][D:\Program Files\WebThunder\WebThunder.exe]  <深圳市迅雷网络技术有限公司><1, 1, 7, 42>
    [D:\Program Files\WebThunder\taskmanage.dll]  <Thunder Networking Technologies,LTD><1, 1, 6, 42>
    [D:\Program Files\WebThunder\download_interface.dll]  <Thunder Networking Technologies,LTD><1, 0, 3, 70>
    [D:\Program Files\WebThunder\asyn_dns.dll]  <N/A><N/A>
    [D:\Program Files\WebThunder\RegisterDll.dll]  <Thunder Networking Technologies,LTD><2, 0, 0, 13>
    [D:\Program Files\WebThunder\historyinfo_manage.dll]  <Thunder Networking Technologies,LTD><5, 2, 0, 150>
    [D:\Program Files\WebThunder\UpdateDownload.dll]  <Thunder Networking Technologies,LTD><1, 0, 1, 8>
    [D:\Program Files\WebThunder\UpdateExec.dll]  <Thunder Networking Technologies,LTD><1, 0, 1, 5>
    [D:\Program Files\WebThunder\iEmbedShell.dll]  <　><1, 0, 0, 10>
    [d:\Program Files\WebThunder\iEmbed03.dll]  <　><2, 2, 1, 33>
    [C:\Program Files\rising\Rav\RavScrCh.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx]  <Macromedia, Inc.><8,0,24,0>
[PID: 228][C:\WINDOWS\System32\ctfmon.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 248][C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe]  <Nero AG><1, 0, 1, 5>
    [C:\Program Files\Common Files\Ahead\lib\NMIndexStoreSvrPS.dll]  <Nero AG><1, 0, 1, 5>
    [C:\Program Files\Common Files\Ahead\lib\NMDataServices.dll]  <Nero AG><1, 0, 1, 5>
[PID: 268][c:\program files\rising\rfw\RfwMain.exe]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 52>
    [c:\program files\rising\rfw\RsGuiLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 23>
    [c:\program files\rising\rfw\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [c:\program files\rising\rfw\PngDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[PID: 352][C:\Program Files\rising\Rav\Ravmon.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 1, 32>
    [C:\Program Files\rising\Rav\RsGuiLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 24>
    [C:\Program Files\rising\Rav\BWList.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
    [C:\Program Files\rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [C:\Program Files\rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [C:\Program Files\rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\Program Files\rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [C:\Program Files\rising\Rav\PngDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[PID: 308][D:\Program Files\Nikon\PictureProject\NkbMonitor.exe]  <Nikon Corporation><1, 0, 0, 3007>
[PID: 2540][C:\Program Files\Internet Explorer\iexplore.exe]  <Microsoft Corporation><6.00.2800.1106 (xpsp1.020828-1920)>
    [C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll]  <Yahoo! Inc.><2005, 11, 4, 1>
    [D:\Program Files\WebThunder\WebThunderBHO_011.dll]  <Thunder Networking Technologies,LTD><6, 0, 0, 2>
    [D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll]  <Adobe Systems Incorporated><6.0.1.2003110300>
    [d:\Spybot - Search & Destroy\SDHelper.dll]  <Safer Networking Limited><1, 4, 0, 0>
    [D:\PROGRA~1\FLASHGET\jccatch.dll]  <Amaze Soft><1, 1, 4, 0>
    [c:\program files\google\googletoolbar1.dll]  <Google Inc.><3, 0, 131, 0>
    [C:\WINDOWS\DOWNLO~1\BaiDuBar.dll]  <><2, 0, 0, 0>
    [C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll]  <SEIKO EPSON CORPORATION><1, 0, 0, 0>
    [C:\Program Files\rising\Rav\RavScrCh.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx]  <Macromedia, Inc.><8,0,24,0>
[PID: 3612][D:\System Repair Engineer\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================

你先把补丁下好
再把天网防火墙下好~再format c:\s，从新装一次系统，装好后别急着上网，先打补丁，再启动防火墙，最后上网~
结果是：OK~！

有没有修复的可能???

修复白搭，没用的~！我试了N次重新安装软件，还不是修复~！一样没用，
如果机器够眩，友情推荐：建议用avast杀毒
下载地址是：www.avast.com

什么叫"机器够眩"?是配置吗?我用的P2.4C/1024M DDR400内存/INTEL865PE主板/SATA120硬盘/