不明朗，你这样试试。
打开System Repair Engineer（也就是你的扫描日志软件SREng.exe），使用“系统修复，HOSTS 文件
219.139.58.97 www.hao123.com
219.139.58.97 hao123.com
219.139.58.97 www.7b.com.cn
219.139.58.97 7b.com.cn
219.139.58.97 www.7939.com
219.139.58.97 www.maohehe.com
219.139.58.97 www.sina-baidu.com
219.139.58.97 sina-baidu.com
219.139.58.97 www.maipao.com
219.139.58.97 update.virussky.com
219.139.58.97 down.virussky.com
219.139.58.97 www.ycdy.com
219.139.58.97 ycdy.com
219.139.58.97 www.2tu.cn
219.139.58.97 2tu.cn
219.139.58.97 www.91tu.cn
219.139.58.97 91tu.cn
219.139.58.97 www.haotop.com
219.139.58.97 news01.virussky.com
219.139.58.97 news02.virussky.com
219.139.58.97 news03.virussky.com
219.139.58.97 news04.virussky.com
219.139.58.97 news40.virussky.com
219.139.58.97 news41.virussky.com
219.139.58.97 news42.virussky.com
219.139.58.97 www.an85.com
219.139.58.97 an85.com
219.139.58.97 www.360safe.com
219.139.58.97 360safe.com
219.139.58.97 dl.360safe.com
219.139.58.97 bbs.360safe.com
219.139.58.97 www.gao58.com
219.139.58.97 count18.51yes.com
219.139.58.97 www.ok538.com
219.139.58.97 www.3000sss.com
219.139.58.97 3000sss.com
219.139.58.97 www.qq658.com
219.139.58.97 www.53679.com
219.139.58.97 www.17587.net
219.139.58.97 www.17587.com
219.139.58.97 www.an188.com
219.139.58.97 cwzwxm.3322.org
219.139.58.97 www.onediy.net
219.139.58.97 sohu.fswan.com
219.139.58.97 www.hewdq.com
219.139.58.97 go.ipcenter.cn
219.139.58.97 www.32666.com
219.139.58.97 show.googleadsenseagent.com
219.139.58.97 www.2yin.cn
219.139.58.97 2yin.cn
219.139.58.97 www.84442.com
219.139.58.97 www.898333.com
219.139.58.97 hewdq.com
219.139.58.97 84442.com
219.139.58.97 wwww.systeel.com.cn
219.139.58.97 go.baibaoxiang.cn
219.139.58.97 www.btbaicai.com
219.139.58.97 btbaicai.com
219.139.58.97 www.2t2t.cn
219.139.58.97 2t2t.cn
219.139.58.97 3.a.kal.cn
219.139.58.97 www.222978.com
219.139.58.97 www.5yaowan.com
219.139.58.97 show.roogoo.com
219.139.58.97 ip.alexaanywhere.com
219.139.58.97 www.znmq.com
219.139.58.97 www.pctutu.com

请到http://forum.ikaka.com/topic.asp?board=67&artid=5188931，下载，LSPFix.exe，WinsockXPFix这两个软件
重新启动电脑, 开机检测完后, 按[F8]键(可以一直按到启动菜单出来为止), 选择安全模式进入Windows
打开System Repair Engineer（也就是你的扫描日志软件SREng.exe），使用“启动项目，注册表”来删除以下选项。
C:\WINDOWS\System32\rundll32.exe ctfmon.dll

运行LSPFix.exe
删除
quartz32.dll
附说明一份
LSPFix.exe这个软件主要用来辅助修复HijackThis扫描发现的O10项。
使用时，请关闭所有IE界面和文件夹界面后运行LSPFix，运行后，把要修复的那一个O10项从左边转到右边，点“Finish”即可。（不过这之前，需要在“I know what I`m doing”前面打勾。）
双击我的电脑，工具，文件夹选项，查看，单击选取"显示隐藏文件或文件夹"清除"隐藏受保护的操作系统文件（推荐）"复选框。在提示确定更改时，单击“是”，清除“隐藏已知文件类型的扩展名
删除
C:\WINDOWS\System32\quartz32.dll

修复后重启，如果无法上网，请运行WinsockXPFix，让它修复一下。
回到正常模式，请再扫日志粘上来。

【回复“我无邪”的帖子】219.139.58.97 www.hao123.com
219.139.58.97 hao123.com
219.139.58.97 www.7b.com.cn
219.139.58.97 7b.com.cn
219.139.58.97 www.7939.com
219.139.58.97 www.maohehe.com
219.139.58.97 www.sina-baidu.com
219.139.58.97 sina-baidu.com
219.139.58.97 www.maipao.com
219.139.58.97 update.virussky.com
219.139.58.97 down.virussky.com
219.139.58.97 www.ycdy.com
219.139.58.97 ycdy.com
219.139.58.97 www.2tu.cn
219.139.58.97 2tu.cn
219.139.58.97 www.91tu.cn
219.139.58.97 91tu.cn
219.139.58.97 www.haotop.com
219.139.58.97 news01.virussky.com
219.139.58.97 news02.virussky.com
219.139.58.97 news03.virussky.com
219.139.58.97 news04.virussky.com
219.139.58.97 news40.virussky.com
219.139.58.97 news41.virussky.com
219.139.58.97 news42.virussky.com
219.139.58.97 www.an85.com
219.139.58.97 an85.com
219.139.58.97 www.360safe.com
219.139.58.97 360safe.com
219.139.58.97 dl.360safe.com
219.139.58.97 bbs.360safe.com
219.139.58.97 www.gao58.com
219.139.58.97 count18.51yes.com
219.139.58.97 www.ok538.com
219.139.58.97 www.3000sss.com
219.139.58.97 3000sss.com
219.139.58.97 www.qq658.com
219.139.58.97 www.53679.com
219.139.58.97 www.17587.net
219.139.58.97 www.17587.com
219.139.58.97 www.an188.com
219.139.58.97 cwzwxm.3322.org
219.139.58.97 www.onediy.net
219.139.58.97 sohu.fswan.com
219.139.58.97 www.hewdq.com
219.139.58.97 go.ipcenter.cn
219.139.58.97 www.32666.com
219.139.58.97 show.googleadsenseagent.com
219.139.58.97 www.2yin.cn
219.139.58.97 2yin.cn
219.139.58.97 www.84442.com
219.139.58.97 www.898333.com
219.139.58.97 hewdq.com
219.139.58.97 84442.com
219.139.58.97 wwww.systeel.com.cn
219.139.58.97 go.baibaoxiang.cn
219.139.58.97 www.btbaicai.com
219.139.58.97 btbaicai.com
219.139.58.97 www.2t2t.cn
219.139.58.97 2t2t.cn
219.139.58.97 3.a.kal.cn
219.139.58.97 www.222978.com
219.139.58.97 www.5yaowan.com
219.139.58.97 show.roogoo.com
219.139.58.97 ip.alexaanywhere.com
219.139.58.97 www.znmq.com
219.139.58.97 www.pctutu.com
这些都要删除吗

【回复“我无邪”的帖子】C:\WINDOWS\System32\quartz32.dll这个删除不了

这是新的日志,帮我看看

2006-10-12,13:35:00

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 1 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe>  [(Verified)Microsoft Corporation]
    <MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" /background>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <SoundMan><SOUNDMAN.EXE>  [(Verified)Avance Logic, Inc.]
    <IgfxTray><C:\WINDOWS\System32\igfxtray.exe>  [(Verified)Intel Corporation]
    <HotKeysCmds><C:\WINDOWS\System32\hkcmd.exe>  [(Verified)Intel Corporation]
    <CnsMin><Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32>  [北京三七二一科技有限公司]
    <YLive.exe><C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe>  [Yahoo! China]
    <yassistse><"C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe">  [Yahoo!]
    <RavTask><"D:\瑞星2006\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <RavStub><"D:\瑞星2006\Rising\Rav\ravstub.exe" /RUNONCE>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\System32\userinit.exe,>  [(Verified)Microsoft Corporation]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{D157330A-9EF3-49F8-9A67-4141AC41ADD4}><C:\WINDOWS\DOWNLO~1\CnsHook.dll>  [北京三七二一科技有限公司]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
    <{E568441B-9EF3-49F8-9A67-4141AC41ADD4}><C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll>  [Yahoo! China]
    <{4BAB150F-DD97-476D-9C1E-41B6CDC0CA7A}><C:\PROGRA~1\Yahoo!\ASSIST~1\yclickon.dll>  [YAHOO Corporation Limited]

==================================
启动文件夹
[Microsoft Office]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Microsoft Office.lnk --> C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [Microsoft Corporation]><N>
[腾讯QQ]
  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\腾讯QQ.lnk --> D:\Program Files\QQ\QQ.exe [N/A]><N>

==================================
服务
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Kingsoft Personal Firewall Service / KPfwSvc]
  <"D:\shadu\KPfwSvc.EXE"><N/A>
[VeriSign Updater / navi]
  <C:\Program Files\VeriSign\NAVI\naviagent.exe uimode=agentupdate><VeriSign, Inc.>
[Rising Proxy  Service / RfwProxySrv]
  <d:\瑞星2006\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
  <d:\瑞星2006\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
  <"D:\瑞星2006\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"D:\瑞星2006\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[SoftEther Virtual LAN Card / SoftEther]
  <"D:\游戏王-城之内\SoftEther\SoftEther.exe" service><N/A>
[SoftEther Virtual HUB / SoftHUB]
  <"D:\游戏王-城之内\SoftEther\SoftHUB.exe" service><N/A>

==================================
启动文件夹
[Microsoft Office]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Microsoft Office.lnk --> C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [Microsoft Corporation]><N>
[腾讯QQ]
  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\腾讯QQ.lnk --> D:\Program Files\QQ\QQ.exe [N/A]><N>

==================================
服务
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Kingsoft Personal Firewall Service / KPfwSvc]
  <"D:\shadu\KPfwSvc.EXE"><N/A>
[VeriSign Updater / navi]
  <C:\Program Files\VeriSign\NAVI\naviagent.exe uimode=agentupdate><VeriSign, Inc.>
[Rising Proxy  Service / RfwProxySrv]
  <d:\瑞星2006\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
  <d:\瑞星2006\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
  <"D:\瑞星2006\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"D:\瑞星2006\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[SoftEther Virtual LAN Card / SoftEther]
  <"D:\游戏王-城之内\SoftEther\SoftEther.exe" service><N/A>
[SoftEther Virtual HUB / SoftHUB]
  <"D:\游戏王-城之内\SoftEther\SoftHUB.exe" service><N/A>

==================================
驱动程序
[ajurpg0 / ajurpg05]
  <\SystemRoot\System32\DRIVERS\ajurpg05.sys><Microsoft Corporation>
[Service for Avance AC97 Audio (WDM) / ALCXWDM]
  <system32\drivers\ALCXWDM.SYS><Avance Logic, Inc.>
[Rising TDI Base Driver / BaseTDI]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[CnsMinKP / CnsMinKP]
  <\SystemRoot\System32\drivers\CnsMinKP.sys><Copyright (C) 3721 Corporation.>
[dump_wmimmc / dump_wmimmc]
  <\??\C:\WINDOWS\System32\drivers\dump_wmimmc.sys><N/A>
[EagleNT / EagleNT]
  <\??\C:\WINDOWS\System32\drivers\EagleNT.sys><N/A>
[ExpScaner / ExpScaner]
  <\??\D:\瑞星2006\Rising\Rav\ExpScan.sys><>
[HookCont / HookCont]
  <\??\D:\瑞星2006\Rising\Rav\HOOKCONT.sys><Rising tech Co. ltd>
[HookReg / HookReg]
  <\??\D:\瑞星2006\Rising\Rav\HookReg.sys><>
[HookSys / HookSys]
  <\??\D:\瑞星2006\Rising\Rav\HookSys.sys><Rising>
[HookUrl / HookUrl]
  <\??\D:\瑞星2006\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[ialm / ialm]
  <System32\DRIVERS\ialmnt5.sys><Intel Corporation>
[kmsinput / kmsinput]
  <\??\C:\WINDOWS\System32\drivers\kmsinput.sys><N/A>
[MEMSCAN / MEMSCAN]
  <\??\D:\瑞星2006\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[mProcRs / mProcRs]
  <\??\d:\瑞星2006\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[npkcrypt / npkcrypt]
  <\??\D:\Program Files\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[NPPTNT2 / NPPTNT2]
  <\??\C:\WINDOWS\System32\npptNT2.sys><INCA Internet Co., Ltd.>
[Direct Parallel Link Driver / Ptilink]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[rfsafe / rfsafe]
  <\SystemRoot\system32\drivers\rfsafe.sys><N/A>
[RGWatch / RGWatch]
  <\SystemRoot\system32\DRIVERS\RGWatch.sys><Windows (R) Server 2003 DDK provider>
[RsFwDrv / RsFwDrv]
  <\??\D:\瑞星2006\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139]
  <System32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[rzkylj5 / rzkylj59]
  <\SystemRoot\System32\DRIVERS\rzkylj59.sys><Microsoft Corporation>
[Secdrv / Secdrv]
  <System32\DRIVERS\secdrv.sys><N/A>
[SoftEther Device Driver / SoftLAN]
  <System32\DRIVERS\SoftLAN.sys><SoftEther.com>
[vrvfilemon / VRVSYS]
  <\??\c:\bxy_vrv\filemon.sys><BXY>
[World Standard Teletext Codec / WSTCODEC]
  <System32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[USB PC Camera 301P / ZSMC301b]
  <System32\Drivers\usbVM31b.sys><VM>

==================================
浏览器加载项
[Yahoo!Photo]
  {33BBE430-0E42-4f12-B075-8D21ACB10DCB} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll, Yahoo! China>
[AntiFish Class]
  {38928D50-8A48-44C2-945F-D2F23F771410} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll, Yahoo.>
[BandIE Class]
  {77FEF28E-EB96-44FF-B511-3185DEA48697} <C:\PROGRA~1\baidu\bar\BaiduBar.dll, Baidu.com, Inc.>
[]
  {A9930D97-9CF0-42A0-A10D-4F28836579D5} <D:\PROGRA~1\KuGoo3\KUGOO3~1.OCX, N/A>
[CnsHook Class]
  {D157330A-9EF3-49F8-9A67-4141AC41ADD4} <C:\WINDOWS\DOWNLO~1\CnsHook.dll, 北京三七二一科技有限公司>
[Yahoo 3.5G电邮]
  {507F9113-CD77-4866-BA92-0E86DA3D0B97} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail, N/A>
[名品折扣]
  {59BC54A2-56B3-44a0-93E5-432D58746E26} <http://adtaobao.allyes.com/main/adfclick?db=adtaobao&bid=138,140,18&cid=816,8,1&sid=5042&show=ignore&url=http://www.taobao.com/vertical/mall/pro.php?allyesPara=816, N/A>
[雅虎助手]
  {5D73EE86-05F1-49ed-B850-E423120EC338} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist, N/A>
[雅虎WIDGET]
  {6354ABE6-05F1-49ed-B850-E423120EC338} <http://cn.widget.yahoo.com/index.htm?source=Cns, N/A>
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[情景聊天]
  {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg, N/A>
[]
  {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair, N/A>
[]
  {FD00D911-7529-4084-9946-A29F1BDF4FE5} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean, N/A>
[]
  {974AD624-EA50-4831-A6C0-3040F6665396} <C:\WINDOWS\Downlo~1\rssband.dll, 北京新浪信息技术有限公司>
[新浪点点通阅读器]
  {F0646DC8-58CD-4C64-8F6B-525043914685} <C:\WINDOWS\Downlo~1\rssband.dll, 北京新浪信息技术有限公司>
[电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[百度超级搜霸]
  {B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\PROGRA~1\baidu\bar\BaiduBar.dll, Baidu.com, Inc.>
[IMCv1 Control]
  {6924091F-CD97-41E1-B1D4-D9079409D413} <C:\WINDOWS\DOWNLO~1\imcv1.dll, 北京莲塘软件技术有限公司 Liantang Software Tech. Inc. (http://www.lotuspond.com.cn)>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[!搜一搜]
  <res://C:\Program Files\yisou\yisou.dll/232, N/A>
[上传到QQ网络硬盘]
  <D:\Program Files\QQ\AddToNetDisk.htm, N/A>
[使用KuGoo3下载(&K)]
  <D:\Program Files\KuGoo3\KuGoo3DownX.htm, N/A>
[添加到QQ自定义面板]
  <D:\Program Files\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <D:\Program Files\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <D:\Program Files\QQ\SendMMS.htm, N/A>
[百度-搜索MP3]
  <res://C:\PROGRA~1\baidu\bar\BaiduBar.dll/BAIDUMP3.HTM, N/A>
[百度-搜索图片]
  <res://C:\PROGRA~1\baidu\bar\BaiduBar.dll/BAIDUIMG.HTM, N/A>
[百度-搜索新闻]
  <res://C:\PROGRA~1\baidu\bar\BaiduBar.dll/BAIDUNEWS.HTM, N/A>
[百度-搜索歌词]
  <res://C:\PROGRA~1\baidu\bar\BaiduBar.dll/BAIDULYRIC.HTM, N/A>
[百度-搜索网页]
  <res://C:\PROGRA~1\baidu\bar\BaiduBar.dll/BAIDUSEARCH.HTM, N/A>
[百度-搜索贴吧]
  <res://C:\PROGRA~1\baidu\bar\BaiduBar.dll/BAIDUPOST.HTM, N/A>
[百度-词典搜索]
  <res://C:\PROGRA~1\baidu\bar\BaiduBar.dll/BAIDU_DIC.HTM, N/A>

==================================
正在运行的进程
[PID: 448][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 512][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 536][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.1557 (xpsp2_gdr.040517-1325)]
[PID: 580][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 592][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 752][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\quartz32.dll]  [, 4, 1, 0, 0]
[PID: 848][D:\瑞星2006\Rising\Rav\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 864][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\quartz32.dll]  [, 4, 1, 0, 0]
[PID: 1000][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1048][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\quartz32.dll]  [, 4, 1, 0, 0]
[PID: 1068][D:\瑞星2006\Rising\Rav\Ravmond.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 1, 35]
    [D:\瑞星2006\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
    [D:\瑞星2006\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [D:\瑞星2006\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [D:\瑞星2006\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [D:\瑞星2006\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [D:\瑞星2006\Rising\Rav\RsLog.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
    [D:\瑞星2006\Rising\Rav\HOOKSYS.dll]  [Beijing Rising Technology Co., Ltd., 18, 1, 0, 11]
    [D:\瑞星2006\Rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 32]
    [D:\瑞星2006\Rising\Rav\libload.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [D:\瑞星2006\Rising\Rav\VirusLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
    [D:\瑞星2006\Rising\Rav\regmon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [D:\瑞星2006\Rising\Rav\HookWeb.dll]  [rising, 18, 0, 0, 2]
    [D:\瑞星2006\Rising\Rav\MemMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [D:\瑞星2006\Rising\Rav\expscan.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [D:\瑞星2006\Rising\Rav\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
    [D:\瑞星2006\Rising\Rav\MailMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [D:\瑞星2006\Rising\Rav\SpamEng.dll]  [N/A, 18, 0, 0, 6]
    [D:\瑞星2006\Rising\Rav\engine.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 34]
    [C:\WINDOWS\System32\quartz32.dll]  [, 4, 1, 0, 0]
    [D:\瑞星2006\Rising\Rav\PostTrt.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 17]
    [D:\瑞星2006\Rising\Rav\UnExe.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [D:\瑞星2006\Rising\Rav\ScanExec.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [D:\瑞星2006\Rising\Rav\ScanEx.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 28]
    [D:\瑞星2006\Rising\Rav\RSUnpack.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [D:\瑞星2006\Rising\Rav\NvFile.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 7]
    [D:\瑞星2006\Rising\Rav\ScanMac.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [D:\瑞星2006\Rising\Rav\ScanSct.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
    [D:\瑞星2006\Rising\Rav\Unpacker.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [D:\瑞星2006\Rising\Rav\ExtOLE.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
[PID: 1216][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\DOWNLO~1\CnsHook.dll]  [北京三七二一科技有限公司, 1, 0, 3, 7]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 21]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll]  [Yahoo! China, 2, 0, 4, 1007]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\yclickon.dll]  [YAHOO Corporation Limited, 2, 0, 0, 1001]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 3, 8]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [, 2, 0, 9, 1027]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\YAlive.dll]  [, 2, 0, 4, 1030]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll]  [ , 2, 0, 1, 1007]
    [C:\PROGRA~1\baidu\bar\BaiduBar.dll]  [Baidu.com, Inc., 2, 0, 2, 49]
    [C:\WINDOWS\System32\igfxpph.dll]  [Intel Corporation, 3,0,0,2082]
    [C:\WINDOWS\System32\hccutils.DLL]  [Intel Corporation, 3,0,0,2082]
    [C:\WINDOWS\System32\igfxres.dll]  [Intel Corporation, 3,0,0,2082]
    [C:\WINDOWS\System32\igfxsrvc.dll]  [Intel Corporation, 3,0,0,2082]
    [C:\WINDOWS\System32\igfxdev.dll]  [Intel Corporation, 3,0,0,2082]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [D:\瑞星2006\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[PID: 1244][d:\瑞星2006\rising\rfw\rfwsrv.exe]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 33]
    [d:\瑞星2006\rising\rfw\RfwRule.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 13]
    [d:\瑞星2006\rising\rfw\rfwlog.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 6]
    [d:\瑞星2006\rising\rfw\Rfwdrv.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 21]
    [d:\瑞星2006\rising\rfw\MonDrv.dll]  [rs, 1, 0, 0, 4]
    [d:\瑞星2006\rising\rfw\ProcLib.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 9]
    [d:\瑞星2006\rising\rfw\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]