日志：

2006-11-22,22:25:52

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows 2000 Professional Service Pack 4 (Build 2195)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><ctfmon.exe>  [Microsoft Corporation]
    <msnmsgr><"D:\Program Files\MSN Messenger\msnmsgr.exe" /background>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <TrackPointSrv><tp4mon.exe>  [IBM]
    <Synchronization Manager><mobsync.exe /logon>  [Microsoft Corporation]
    <SoundFusion><RunDll32 cwcprops.cpl,CrystalControlWnd>  [Cirrus Logic]
    <helper.dll><D:\WINNT\system32\rundll32.exe D:\PROGRA~1\3721\helper.dll,Rundll32>  []
    <ISUSPM Startup><D:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup>  [InstallShield Software Corporation]
    <ISUSScheduler><"D:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start>  [InstallShield Software Corporation]
    <IMSCMig><D:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [Microsoft Corporation]
    <Super Rabbit SRRestore><E:\Program Files\Super Rabbit\MagicSet\SRRest.exe /autosave>  [Super Rabbit Soft]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><D:\WINNT\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><D:\WINNT\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
    <{D157330A-9EF3-49F8-9A67-4141AC41ADD4}><D:\WINNT\downlo~1\CnsHook.dll>  [北京三七二一科技有限公司]

==================================
启动文件夹
[Adobe Gamma Loader]
  <D:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Gamma Loader.lnk><N>
[AutoCAD 启动加速器]
  <D:\Documents and Settings\All Users\「开始」菜单\程序\启动\AutoCAD 启动加速器.lnk><N>
[Adobe Reader Speed Launch]
  <D:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Reader Speed Launch.lnk><N>

==================================
服务
[Adobe LM Service / Adobe LM Service]
  <"D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[Autodesk Licensing Service / Autodesk Licensing Service]
  <"D:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"><Autodesk, Inc.>
[C-DillaCdaC11BA / C-DillaCdaC11BA]
  <D:\WINNT\system32\drivers\CDAC11BA.EXE><Macrovision>
[Logical Disk Manager Administrative Service / dmadmin]
  <D:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[Rising Process Communication Center / RsCCenter]
  <"e:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"D:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>

==================================
浏览器加载项
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <E:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <E:\PROGRA~1\FLASHGET\jccatch.dll, Amaze Soft>
[百度搜霸]
  {B580CF65-E151-49C3-B73F-70B13FCA8E86} <D:\WINNT\DOWNLO~1\BaiDuBar.dll, >
[上网助手]
  {BB936323-19FA-4521-BA29-ECA6A121BC78} <D:\PROGRA~1\3721\Assist\asbar.dll, 3721>
[CnsHook Class]
  {D157330A-9EF3-49F8-9A67-4141AC41ADD4} <D:\WINNT\downlo~1\CnsHook.dll, 北京三七二一科技有限公司>
[豪杰超级解霸V8]
  {367E0A21-8601-4986-9C9A-153BF5ACA118} <e:\Herosoft\HeroV8\STHSDVD.EXE, herosoft>
[Yahoo 3.5G电邮]
  {507F9113-CD77-4866-BA92-0E86DA3D0B97} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail, N/A>
[名品折扣]
  {59BC54A2-56B3-44a0-93E5-432D58746E26} <http://adtaobao.allyes.com/main/adfclick?db=adtaobao&bid=138,140,18&cid=816,8,1&sid=5042&show=ignore&url=http://www.taobao.com/vertical/mall/pro.php?allyesPara=816, N/A>
[雅虎助手]
  {5D73EE86-05F1-49ed-B850-E423120EC338} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist, N/A>
[雅虎WIDGET]
  {6354ABE6-05F1-49ed-B850-E423120EC338} <http://cn.widget.yahoo.com/index.htm?source=Cns, N/A>
[信息检索(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <E:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <F:\download\QQ\QQ.EXE, TENCENT>
[FlashGet]
  {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <E:\PROGRA~1\FLASHGET\flashget.exe, Amaze Soft>
[情景聊天]
  {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg, N/A>
[]
  {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair, N/A>
[]
  {FD00D911-7529-4084-9946-A29F1BDF4FE5} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean, N/A>
[@msdxmLC.dll,-1@2052,电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <D:\WINNT\system32\msdxm.ocx, Microsoft Corporation>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <E:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[金山快译(&K)]
  {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} <E:\Program Files\Kingsoft\FastAIT 2005\IEBand.dll, 金山软件股份有限公司>
[百度搜霸]
  {B580CF65-E151-49C3-B73F-70B13FCA8E86} <D:\WINNT\DOWNLO~1\BaiDuBar.dll, >
[上网助手]
  {BB936323-19FA-4521-BA29-ECA6A121BC78} <D:\PROGRA~1\3721\Assist\asbar.dll, 3721>
[MSN Photo Upload Tool]
  {4F1E5B1A-2A80-42CA-8532-2D05CB959537} <D:\WINNT\Downloaded Program Files\MsnPUpld.dll, Microsoft? Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <D:\WINNT\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[上传到QQ网络硬盘]
  <F:\download\QQ\AddToNetDisk.htm, N/A>
[使用网际快车下载]
  <E:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <E:\Program Files\FlashGet\jc_all.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://E:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
  <F:\download\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <F:\download\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <F:\download\QQ\SendMMS.htm, N/A>
[百度Flash搜索]
  <res://D:\WINNT\DOWNLO~1\BaiDuBar.dll/FLASHSEARCH.HTM, N/A>
[百度mp3搜索]
  <res://D:\WINNT\DOWNLO~1\BaiDuBar.dll/BAIDUMP3.HTM, N/A>
[百度信息快递搜索]
  <res://D:\WINNT\DOWNLO~1\BaiDuBar.dll/BAIDUIE.HTM, N/A>
[百度图片搜索]
  <res://D:\WINNT\DOWNLO~1\BaiDuBar.dll/BAIDUIMG.HTM, N/A>
[百度搜索]
  <res://D:\WINNT\DOWNLO~1\BaiDuBar.dll/BAIDUSEARCH.HTM, N/A>
[百度新闻搜索]
  <res://D:\WINNT\DOWNLO~1\BaiDuBar.dll/BAIDUNEWS.HTM, N/A>
[豪杰超级解霸V8实时播放]
  <e:\Herosoft\HeroV8\MPURLGET.HTM, N/A>

==================================

正在运行的进程
[PID: 144][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.00.2195.6601>
[PID: 168][\??\D:\WINNT\system32\csrss.exe]  <Microsoft Corporation><5.00.2195.6601>
[PID: 164][\??\D:\WINNT\system32\winlogon.exe]  <Microsoft Corporation><5.00.2195.6898>
    [D:\WINNT\system32\UNISPIM.IME]  <北京清华紫光软件股份有限公司><3.0.0.3045>
[PID: 216][D:\WINNT\system32\services.exe]  <Microsoft Corporation><5.00.2195.6700>
    [D:\WINNT\system32\dmserver.dll]  <VERITAS Software Corp.><2195.6605.297.3>
    [D:\WINNT\system32\mswsock30.dll]  <N/A><N/A>
[PID: 228][D:\WINNT\system32\lsass.exe]  <Microsoft Corporation><5.00.2195.6902>
    [D:\WINNT\system32\mswsock30.dll]  <N/A><N/A>
[PID: 400][D:\WINNT\system32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
    [d:\winnt\system32\orubrmwe.d1l]  <N/A><N/A>
    [D:\WINNT\system32\mswsock30.dll]  <N/A><N/A>
[PID: 448][D:\WINNT\system32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
    [D:\WINNT\system32\mswsock30.dll]  <N/A><N/A>
[PID: 464][e:\Program Files\Rising\Rav\CCenter.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
[PID: 504][D:\Program Files\Rising\Rav\Ravmond.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 1, 35>
    [D:\Program Files\Rising\Rav\BWList.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
    [D:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [D:\Program Files\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [D:\Program Files\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [D:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [D:\Program Files\Rising\Rav\RsLog.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 20>
    [D:\Program Files\Rising\Rav\HOOKSYS.dll]  <Beijing Rising Technology Co., Ltd.><18, 1, 0, 11>
    [D:\Program Files\Rising\Rav\Scanner.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 32>
    [D:\Program Files\Rising\Rav\libload.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [D:\Program Files\Rising\Rav\VirusLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 12>
    [D:\Program Files\Rising\Rav\regmon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
    [D:\Program Files\Rising\Rav\HookWeb.dll]  <rising><18, 0, 0, 2>
    [D:\Program Files\Rising\Rav\MemMon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [D:\Program Files\Rising\Rav\expscan.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [D:\Program Files\Rising\Rav\mPorts.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 3>
    [D:\Program Files\Rising\Rav\MailMon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [D:\Program Files\Rising\Rav\SpamEng.dll]  <N/A><18, 0, 0, 6>
    [D:\Program Files\Rising\Rav\engine.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 34>
    [D:\WINNT\system32\mswsock30.dll]  <N/A><N/A>
    [D:\Program Files\Rising\Rav\PostTrt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 16>
    [D:\Program Files\Rising\Rav\UnExe.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [D:\Program Files\Rising\Rav\ScanExec.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [D:\Program Files\Rising\Rav\ScanEx.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 25>
    [D:\Program Files\Rising\Rav\RSUnpack.dll]  <Beijing Rising Technology Co., Ltd.><1, 0, 0, 17>
    [D:\Program Files\Rising\Rav\NvFile.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 7>
    [D:\Program Files\Rising\Rav\ScanMac.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 9>
    [D:\Program Files\Rising\Rav\ScanSct.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 18>
    [D:\Program Files\Rising\Rav\Unpacker.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[PID: 548][D:\WINNT\system32\spoolsv.exe]  <Microsoft Corporation><5.00.2195.6659>
    [D:\WINNT\system32\mswsock30.dll]  <N/A><N/A>
[PID: 584][D:\WINNT\system32\drivers\CDAC11BA.EXE]  <Macrovision><4.20.030>
[PID: 716][D:\WINNT\system32\regsvc.exe]  <Microsoft Corporation><5.00.2195.6701>
[PID: 736][D:\WINNT\system32\MSTask.exe]  <Microsoft Corporation><4.71.2195.6704>
    [D:\WINNT\system32\mswsock30.dll]  <N/A><N/A>
[PID: 792][D:\WINNT\System32\WBEM\WinMgmt.exe]  <Microsoft Corporation><1.50.1085.0100>
[PID: 828][D:\WINNT\system32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
    [D:\WINNT\system32\mswsock30.dll]  <N/A><N/A>
[PID: 860][D:\Program Files\Rising\Rav\RavStub.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 16>
    [D:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [D:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[PID: 1080][D:\WINNT\system32\Rundll32.exe]  <Microsoft Corporation><5.00.2134.1>
    [D:\WINNT\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 8>
    [D:\WINNT\system32\UNISPIM.IME]  <北京清华紫光软件股份有限公司><3.0.0.3045>
    [D:\WINNT\downlo~1\CnsMinIO.dll]  <北京三七二一科技有限公司><1, 0, 3, 6>
    [D:\WINNT\downlo~1\cnsio.dll]  <北京三七二一科技有限公司><1, 0, 2, 7>
    [D:\WINNT\system32\mswsock30.dll]  <N/A><N/A>
[PID: 1380][D:\WINNT\system32\tp4mon.exe]  <IBM><5.00.2134.1>
    [D:\WINNT\system32\tp4res.dll]  <IBM><5.00.2134.1>
    [D:\WINNT\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 8>
    [D:\PROGRA~1\3721\helper.dll]  <><1, 1, 1, 1327>
    [D:\WINNT\system32\UNISPIM.IME]  <北京清华紫光软件股份有限公司><3.0.0.3045>
[PID: 1396][D:\WINNT\system32\RunDll32.exe]  <Microsoft Corporation><5.00.2134.1>
    [D:\WINNT\system32\cwcprops.cpl]  <Cirrus Logic><5.12.01.3037>
    [D:\WINNT\system32\cwclang.dll]  <Cirrus Logic><5.12.01.3037>
    [D:\WINNT\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 8>
    [D:\PROGRA~1\3721\helper.dll]  <><1, 1, 1, 1327>
    [D:\WINNT\system32\UNISPIM.IME]  <北京清华紫光软件股份有限公司><3.0.0.3045>
[PID: 1404][D:\WINNT\system32\rundll32.exe]  <Microsoft Corporation><5.00.2134.1>
    [D:\PROGRA~1\3721\helper.dll]  <><1, 1, 1, 1327>
    [D:\WINNT\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 8>
    [D:\WINNT\system32\UNISPIM.IME]  <北京清华紫光软件股份有限公司><3.0.0.3045>
    [D:\PROGRA~1\3721\autolive.dll]  <><1, 1, 8, 1327>
    [D:\PROGRA~1\3721\notifier.dll]  <><1, 0, 0, 5>
    [D:\PROGRA~1\3721\alLiveEx.dll]  < ><1, 0, 3, 1006>

[PID: 1412][D:\Program Files\Common Files\InstallShield\UpdateService\issch.exe]  <InstallShield Software Corporation><3, 20, 100, 1123>
[PID: 1360][D:\Program Files\Rising\Rav\RavTask.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 22>
    [D:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [D:\Program Files\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [D:\Program Files\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [D:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [D:\PROGRA~1\3721\helper.dll]  <><1, 1, 1, 1327>
    [D:\WINNT\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 8>
    [D:\WINNT\system32\UNISPIM.IME]  <北京清华紫光软件股份有限公司><3.0.0.3045>
    [D:\WINNT\system32\mswsock30.dll]  <N/A><N/A>
[PID: 1504][D:\Program Files\Common Files\Real\Update_OB\realsched.exe]  <RealNetworks, Inc.><0.1.0.3536>
    [D:\PROGRA~1\3721\helper.dll]  <><1, 1, 1, 1327>
    [D:\WINNT\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 8>
    [D:\WINNT\system32\AcSignIcon.dll]  <Autodesk><16.1.63.0>
    [D:\WINNT\system32\UNISPIM.IME]  <北京清华紫光软件股份有限公司><3.0.0.3045>
[PID: 1516][E:\Herosoft\HeroV8\SysExplr.EXE]  <N/A><N/A>
    [E:\Herosoft\HeroV8\HttpReq.dll]  <N/A><N/A>
    [E:\Herosoft\HeroV8\CoolMenu.dll]  <N/A><N/A>
    [E:\Herosoft\HeroV8\httphlp.dll]  <N/A><N/A>
    [E:\Herosoft\HeroV8\AVCDROM.dll]  <N/A><N/A>
    [D:\PROGRA~1\3721\helper.dll]  <><1, 1, 1, 1327>
    [D:\WINNT\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 8>
    [E:\Herosoft\HeroV8\Sys936.DLL]  <N/A><N/A>
    [D:\WINNT\system32\UNISPIM.IME]  <北京清华紫光软件股份有限公司><3.0.0.3045>
    [D:\WINNT\system32\mswsock30.dll]  <N/A><N/A>
[PID: 1552][D:\WINNT\system32\ctfmon.exe]  <Microsoft Corporation><1.00.2409.34 built by: Lab06_N>
    [D:\PROGRA~1\3721\helper.dll]  <><1, 1, 1, 1327>
    [D:\WINNT\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 8>
    [D:\WINNT\system32\UNISPIM.IME]  <北京清华紫光软件股份有限公司><3.0.0.3045>
    [D:\WINNT\system32\mswsock30.dll]  <N/A><N/A>
[PID: 1556][D:\Program Files\Antiy Labs\Alive\AliveCenter_.exe]  <Antiy Labs><2, 1, 0, 0>
    [D:\PROGRA~1\3721\helper.dll]  <><1, 1, 1, 1327>
    [D:\WINNT\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 8>
    [D:\WINNT\system32\UNISPIM.IME]  <北京清华紫光软件股份有限公司><3.0.0.3045>
    [D:\WINNT\system32\mswsock30.dll]  <N/A><N/A>
[PID: 1352][D:\Program Files\MSN Messenger\msnmsgr.exe]  <Microsoft Corporation><7.0.0816>
    [D:\PROGRA~1\3721\helper.dll]  <><1, 1, 1, 1327>
    [D:\WINNT\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 8>
    [D:\WINNT\system32\mswsock30.dll]  <N/A><N/A>
    [D:\WINNT\system32\UNISPIM.IME]  <北京清华紫光软件股份有限公司><3.0.0.3045>
    [D:\WINNT\system32\AcSignIcon.dll]  <Autodesk><16.1.63.0>
    [D:\WINNT\system32\msdmo.dll]  <N/A><N/A>
    [D:\Program Files\Rising\Rav\RavScrCh.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[PID: 1276][D:\WINNT\system32\wuauclt.exe]  <Microsoft Corporation><5.8.0.2469 built by: lab01_n(wmbla)>
    [D:\PROGRA~1\3721\helper.dll]  <><1, 1, 1, 1327>
    [D:\WINNT\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 8>
[PID: 1228][E:\Program Files\WinRAR\WinRAR.exe]  <N/A><N/A>
    [D:\PROGRA~1\3721\helper.dll]  <><1, 1, 1, 1327>
    [D:\WINNT\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 8>
    [D:\WINNT\system32\UNISPIM.IME]  <北京清华紫光软件股份有限公司><3.0.0.3045>
    [D:\WINNT\system32\AcSignIcon.dll]  <Autodesk><16.1.63.0>
    [D:\WINNT\system32\mswsock30.dll]  <N/A><N/A>
[PID: 1336][D:\WINNT\explorer.exe]  <Microsoft Corporation><5.00.3700.6690>
    [D:\PROGRA~1\3721\helper.dll]  <><1, 1, 1, 1327>
    [D:\PROGRA~1\3721\alrex.dll]  <><1, 0, 1, 1001>
    [D:\WINNT\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 8>
    [D:\WINNT\system32\AcSignIcon.dll]  <Autodesk><16.1.63.0>
    [D:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll]  <Autodesk><16.1.63.0>
    [D:\WINNT\system32\RavExt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
    [D:\WINNT\downlo~1\CnsHook.dll]  <北京三七二一科技有限公司><1, 0, 4, 2>
    [D:\PROGRA~1\3721\autolive.dll]  <><1, 1, 8, 1327>
    [D:\PROGRA~1\3721\alLiveEx.dll]  < ><1, 0, 3, 1006>
    [D:\PROGRA~1\3721\Assist\asbar.dll]  <3721><1, 0, 1, 1021>
    [D:\PROGRA~1\3721\Assist\tbwrap.dll]  <3721><1, 0, 0, 2>
    [D:\PROGRA~1\3721\Assist\asnoad.dll]  <><1, 0, 0, 9>
    [D:\PROGRA~1\3721\Assist\aswiper.dll]  <3721><1, 0, 1, 1004>
    [D:\PROGRA~1\3721\Assist\asiesec.dll]  <yahoo><1, 0, 0, 9>
    [E:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  <Adobe Systems Incorporated><7.0.0.2004121400>
    [E:\PROGRA~1\FLASHGET\jccatch.dll]  <Amaze Soft><1, 1, 4, 0>
    [D:\WINNT\DOWNLO~1\BaiDuBar.dll]  <><2, 0, 0, 0>
    [E:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  <Adobe Systems, Inc.><7.0.0.0>
    [D:\Program Files\Common Files\Adobe\Shell\PSICON.DLL]  <Adobe Systems, Incorporated><7.0>
    [F:\download\MP3Partner\rbm.dll]  <TODO: <公司名>><1.0.0.1>
    [e:\Program Files\Antiy Labs\AGB5Cn\AGBCM.dll]  <Antiy Labs><3, 0, 0, 0>
    [E:\Program Files\WinRAR\rarext.dll]  <N/A><N/A>
    [D:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [D:\WINNT\system32\mswsock30.dll]  <N/A><N/A>
[PID: 600][F:\download\sreng2\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>
    [D:\PROGRA~1\3721\helper.dll]  <><1, 1, 1, 1327>
    [D:\WINNT\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 8>
    [D:\WINNT\system32\mswsock30.dll]  <N/A><N/A>

==================================
文件关联
.TXT  Error. [D:\WINNT\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. [hh.exe %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================

上面的没细看，但下面的文件关联很明显有问题了吧，先把他们修复吧

还有一个就是流氓软件太多，一眼看上去就有3721 百度搜霸之类

高手指导怎样做吧！！
我实在是菜到不行了...

[D:\WINNT\system32\mswsock30.dll] <N/A><N/A> 肯定是病毒
[d:\winnt\system32\orubrmwe.d1l] <N/A><N/A>  怀疑是病毒

要手动删除吗？？

http://zhidao.baidu.com/question/14626578.html