我的IE老是自动关闭,伤透了脑筋!求求高手帮帮忙!
症状如下:
WINDOWS为了保护数据关闭应用程序.
EXPLORER.EXE遇到问题需关闭.
错误签名:
EventType:BEX  P1:Explorer.exe  P2:6.0.2900.2180  P3:41107ece 
P4:unknow  P5:0.0.0.0  P6:00000000  P7:020aa1b9  ~~  ~~~~~~~~~  ~~  ~~~~~~~~~~
(有时是说某一内存不能为read)
到底是什么问题呢?我按这里的那篇IE重装的贴子说的所有方法试了均不行.先前只是偶尔关IE,现在连正常的非IE数据页面都关,往往出现在开机不久或长时间呆机后,使用时就.....
这个问题很久了,只是以前不常出现,没理它,现在真受不了,各为大大...大哥,帮帮我吧!!!

【回复“天道酬勤889”的帖子】
这是先前卡巴的报警:
2006-11-14 19:24:56C:\WINDOWS\Explorer.EXEHKEY_USERS\S-1-5-21-790525478-1935655697-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser{0E5CBF21-D15F-11D0-8301-00AA005B4383}21 bf 5c 0e 5f d1 d0 11 83 01 00 aa 00 5b 43 83 22 00 1c 00 08 00 00 00 06 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 4c 00 00 00 01 14 02 00 00 00 00 00 c0 00 00 00 00 00 00 46 81 00 00 00 10 00 00 00 80 3b da a6 3b fb c6 01 00 c0 c3 c8 ce fd c6 01 00 71 97 a7 3b fb c6 01 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 53 01 14 00 1f 50 e0 4f d0 20 ea 3a 69 10 a2 d8 08 00 2b 30 30 9d 19 00 2f 43 3a 5c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5c 00 31 00 00 00 00 00 5d 35 54 47 10 00 44 4f 43 55 4d 45 7e 31 00 00 44 00 03 00 04 00 ef be 5d 35 54 47 6d 35 00 80 14 00 00 00 44 00 6f 00 63 00 75 00 6d 00 65 00 6e 00 74 00 73 00 20 00 61 00 6e 00 64 00 20 00 53 00 65 00 74 00 74 00 69 00 6e 00 67 00 73 00 00 00 18 00 42 00 31 00 00 00 00 00 5d 35 b4 4a 10 00 4c 49 55 4a 55 4e 7e 31 00 00 2a 00 03 00 04 00 ef be 5d 35 b4 4a 6d 35 00 80 14 00 00 00 6c 00 69 00 75 00 6a 00 75 00 6e 00 62 00 69 00 6e 00 00 00 18 00 56 00 31 00 00 00 00 00 5d 35 bc 4a 11 00 46 41 56 4f 52 49 7e 31 00 00 3e 00 03 00 04 00 ef be 5d 35 b4 4a 61 35 00 80 14 00 28 00 46 00 61 00 76 00 6f 00 72 00 69 00 74 00 65 00 73 00 00 00 40 73 68 65 6c 6c 33 32 2e 64 6c 6c 2c 2d 31 32 36 39 33 00 18 00 30 00 35 00 00 00 00 00 5d 35 b7 4a 10 00 fe 94 a5 63 00 00 1c 00 03 00 04 00 ef be 5d 35 b7 4a 61 35 00 80 14 00 00 00 fe 94 a5 63 00 00 14 00 00 00 00 00 00 00空二进制表格修改detected
2006-11-14 19:24:56C:\WINDOWS\Explorer.EXEHKEY_USERS\S-1-5-21-790525478-1935655697-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser{0E5CBF21-D15F-11D0-8301-00AA005B4383}21 bf 5c 0e 5f d1 d0 11 83 01 00 aa 00 5b 43 83 22 00 1c 00 08 00 00 00 06 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 4c 00 00 00 01 14 02 00 00 00 00 00 c0 00 00 00 00 00 00 46 81 00 00 00 10 00 00 00 80 3b da a6 3b fb c6 01 00 c0 c3 c8 ce fd c6 01 00 71 97 a7 3b fb c6 01 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 53 01 14 00 1f 50 e0 4f d0 20 ea 3a 69 10 a2 d8 08 00 2b 30 30 9d 19 00 2f 43 3a 5c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5c 00 31 00 00 00 00 00 5d 35 54 47 10 00 44 4f 43 55 4d 45 7e 31 00 00 44 00 03 00 04 00 ef be 5d 35 54 47 6d 35 00 80 14 00 00 00 44 00 6f 00 63 00 75 00 6d 00 65 00 6e 00 74 00 73 00 20 00 61 00 6e 00 64 00 20 00 53 00 65 00 74 00 74 00 69 00 6e 00 67 00 73 00 00 00 18 00 42 00 31 00 00 00 00 00 5d 35 b4 4a 10 00 4c 49 55 4a 55 4e 7e 31 00 00 2a 00 03 00 04 00 ef be 5d 35 b4 4a 6d 35 00 80 14 00 00 00 6c 00 69 00 75 00 6a 00 75 00 6e 00 62 00 69 00 6e 00 00 00 18 00 56 00 31 00 00 00 00 00 5d 35 bc 4a 11 00 46 41 56 4f 52 49 7e 31 00 00 3e 00 03 00 04 00 ef be 5d 35 b4 4a 61 35 00 80 14 00 28 00 46 00 61 00 76 00 6f 00 72 00 69 00 74 00 65 00 73 00 00 00 40 73 68 65 6c 6c 33 32 2e 64 6c 6c 2c 2d 31 32 36 39 33 00 18 00 30 00 35 00 00 00 00 00 5d 35 b7 4a 10 00 fe 94 a5 63 00 00 1c 00 03 00 04 00 ef be 5d 35 b7 4a 61 35 00 80 14 00 00 00 fe 94 a5 63 00 00 14 00 00 00 00 00 00 00空二进制表格修改拒绝
2006-11-14 19:24:57C:\WINDOWS\Explorer.EXEHKEY_USERS\S-1-5-21-790525478-1935655697-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowserITBarLayout11 00 00 00 5c 00 00 00 00 00 00 00 34 00 00 00 1b 00 00 00 56 00 00 00 01 00 00 00 20 07 00 00 a0 0f 00 00 05 00 00 00 62 05 00 00 26 00 00 00 02 00 00 00 21 07 00 00 a0 0f 00 00 04 00 00 00 21 01 00 00 a0 0f 00 00 03 00 00 00 28 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00空二进制表格创建detected
2006-11-14 19:24:57C:\WINDOWS\Explorer.EXEHKEY_USERS\S-1-5-21-790525478-1935655697-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowserITBarLayout11 00 00 00 5c 00 00 00 00 00 00 00 34 00 00 00 1b 00 00 00 56 00 00 00 01 00 00 00 20 07 00 00 a0 0f 00 00 05 00 00 00 62 05 00 00 26 00 00 00 02 00 00 00 21 07 00 00 a0 0f 00 00 04 00 00 00 21 01 00 00 a0 0f 00 00 03 00 00 00 28 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00空二进制表格创建拒绝
2006-11-14 19:25:07C:\WINDOWS\Explorer.EXEHKEY_USERS\S-1-5-21-790525478-1935655697-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser{0E5CBF21-D15F-11D0-8301-00AA005B4383}21 bf 5c 0e 5f d1 d0 11 83 01 00 aa 00 5b 43 83 22 00 1c 00 08 00 00 00 06 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 4c 00 00 00 01 14 02 00 00 00 00 00 c0 00 00 00 00 00 00 46 81 00 00 00 10 00 00 00 80 3b da a6 3b fb c6 01 00 c0 c3 c8 ce fd c6 01 00 71 97 a7 3b fb c6 01 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 53 01 14 00 1f 50 e0 4f d0 20 ea 3a 69 10 a2 d8 08 00 2b 30 30 9d 19 00 2f 43 3a 5c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5c 00 31 00 00 00 00 00 5d 35 54 47 10 00 44 4f 43 55 4d 45 7e 31 00 00 44 00 03 00 04 00 ef be 5d 35 54 47 6d 35 00 80 14 00 00 00 44 00 6f 00 63 00 75 00 6d 00 65 00 6e 00 74 00 73 00 20 00 61 00 6e 00 64 00 20 00 53 00 65 00 74 00 74 00 69 00 6e 00 67 00 73 00 00 00 18 00 42 00 31 00 00 00 00 00 5d 35 b4 4a 10 00 4c 49 55 4a 55 4e 7e 31 00 00 2a 00 03 00 04 00 ef be 5d 35 b4 4a 6d 35 00 80 14 00 00 00 6c 00 69 00 75 00 6a 00 75 00 6e 00 62 00 69 00 6e 00 00 00 18 00 56 00 31 00 00 00 00 00 5d 35 bc 4a 11 00 46 41 56 4f 52 49 7e 31 00 00 3e 00 03 00 04 00 ef be 5d 35 b4 4a 61 35 00 80 14 00 28 00 46 00 61 00 76 00 6f 00 72 00 69 00 74 00 65 00 73 00 00 00 40 73 68 65 6c 6c 33 32 2e 64 6c 6c 2c 2d 31 32 36 39 33 00 18 00 30 00 35 00 00 00 00 00 5d 35 b7 4a 10 00 fe 94 a5 63 00 00 1c 00 03 00 04 00 ef be 5d 35 b7 4a 61 35 00 80 14 00 00 00 fe 94 a5 63 00 00 14 00 00 00 00 00 00 00空二进制表格修改detected
2006-11-14 19:25:07C:\WINDOWS\Explorer.EXEHKEY_USERS\S-1-5-21-790525478-1935655697-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser{0E5CBF21-D15F-11D0-8301-00AA005B4383}21 bf 5c 0e 5f d1 d0 11 83 01 00 aa 00 5b 43 83 22 00 1c 00 08 00 00 00 06 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 4c 00 00 00 01 14 02 00 00 00 00 00 c0 00 00 00 00 00 00 46 81 00 00 00 10 00 00 00 80 3b da a6 3b fb c6 01 00 c0 c3 c8 ce fd c6 01 00 71 97 a7 3b fb c6 01 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 53 01 14 00 1f 50 e0 4f d0 20 ea 3a 69 10 a2 d8 08 00 2b 30 30 9d 19 00 2f 43 3a 5c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5c 00 31 00 00 00 00 00 5d 35 54 47 10 00 44 4f 43 55 4d 45 7e 31 00 00 44 00 03 00 04 00 ef be 5d 35 54 47 6d 35 00 80 14 00 00 00 44 00 6f 00 63 00 75 00 6d 00 65 00 6e 00 74 00 73 00 20 00 61 00 6e 00 64 00 20 00 53 00 65 00 74 00 74 00 69 00 6e 00 67 00 73 00 00 00 18 00 42 00 31 00 00 00 00 00 5d 35 b4 4a 10 00 4c 49 55 4a 55 4e 7e 31 00 00 2a 00 03 00 04 00 ef be 5d 35 b4 4a 6d 35 00 80 14 00 00 00 6c 00 69 00 75 00 6a 00 75 00 6e 00 62 00 69 00 6e 00 00 00 18 00 56 00 31 00 00 00 00 00 5d 35 bc 4a 11 00 46 41 56 4f 52 49 7e 31 00 00 3e 00 03 00 04 00 ef be 5d 35 b4 4a 61 35 00 80 14 00 28 00 46 00 61 00 76 00 6f 00 72 00 69 00 74 00 65 00 73 00 00 00 40 73 68 65 6c 6c 33 32 2e 64 6c 6c 2c 2d 31 32 36 39 33 00 18 00 30 00 35 00 00 00 00 00 5d 35 b7 4a 10 00 fe 94 a5 63 00 00 1c 00 03 00 04 00 ef be 5d 35 b7 4a 61 35 00 80 14 00 00 00 fe 94 a5 63 00 00 14 00 00 00 00 00 00 00空二进制表格修改拒绝

【回复“天道酬勤889”的帖子】
这是瑞星的报警:
进程名称:C:\WINDOWS\system32\rundll32.exe
路径:HKEY_CLASSES_ROOT\.HTM\OPENWITHLIST\MICROSOFT OFFICE WORD\SHELL\EDIT
数值名称:default
操作方式:添加
操作结果:拒绝修改


进程名称:C:\WINDOWS\system32\rundll32.exe
路径:HKEY_CLASSES_ROOT\.HTM\OPENWITHLIST\MICROSOFT OFFICE WORD
数值名称:default
操作方式:添加
操作结果:拒绝修改


进程名称:C:\WINDOWS\Explorer.EXE
路径:HKEY_CLASSES_ROOT\.HTM\OPENWITHLIST\MICROSOFT OFFICE WORD\SHELL\EDIT
数值名称:default
操作方式:删除
操作结果:拒绝修改


进程名称:C:\WINDOWS\Explorer.EXE
路径:HKEY_CLASSES_ROOT\.HTM\OPENWITHLIST\MICROSOFT OFFICE WORD
数值名称:default
操作方式:删除
操作结果:拒绝修改

【回复“天道酬勤889”的帖子】
另有一问题:
在非网络连接的安全模式下起动,EXPLORER.EXE也会起动的吗?我记的一前好像进程中没有EXPLORER.EXE.而且以前就算是正常模式下也可终止EXPLORER.EXE进程,但现在跟本就不行.晕菜!!!

各位大虾帮帮忙吧!

【回复“天道酬勤889”的帖子】
附上以前的各种扫描日志:
2006-11-19,20:52:50

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <IgfxTray><C:\WINDOWS\system32\igfxtray.exe>  [(Verified)Intel Corporation]
    <HotKeysCmds><C:\WINDOWS\system32\hkcmd.exe>  [(Verified)Intel Corporation]
    <IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [(Verified)Microsoft Corporation]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]

==================================
启动文件夹
N/A

==================================
服务
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Intel NCS NetService / NetSvc]
  <C:\Program Files\Intel\NCS\Sync\NetSvc.exe><Intel(R) Corporation>
[Pml Driver HPZ12 / Pml Driver HPZ12]
  <C:\WINDOWS\system32\HPZipm12.exe><HP>
[Rising Process Communication Center / RsCCenter]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>

==================================
驱动程序
[Service for Realtek AC97 Audio (WDM) / ALCXWDM]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[BaseTDI / BaseTDI]
  <\??\C:\WINDOWS\system32\drivers\basetdi.sys><Beijing Rising Technology Co., Ltd.>
[Intel(R) PRO Adapter Driver / E100B]
  <system32\DRIVERS\e100b325.sys><Intel Corporation>
[ExpScaner / ExpScaner]
  <\??\C:\Program Files\Rising\Rav\ExpScan.sys><>
[HookCont / HookCont]
  <\??\C:\Program Files\Rising\Rav\HOOKCONT.sys><Rising>
[HookReg / HookReg]
  <\??\C:\Program Files\Rising\Rav\HookReg.sys><>
[HookSys / HookSys]
  <\??\C:\Program Files\Rising\Rav\HookSys.sys><Rising>
[IEEE-1284.4 Driver HPZid412 / HPZid412]
  <system32\DRIVERS\HPZid412.sys><HP>
[Print Class Driver for IEEE-1284.4 HPZipr12 / HPZipr12]
  <system32\DRIVERS\HPZipr12.sys><HP>
[USB to IEEE-1284.4 Translation Driver HPZius12 / HPZius12]
  <system32\DRIVERS\HPZius12.sys><HP>
[ialm / ialm]
  <system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[MEMSCAN / MEMSCAN]
  <\??\C:\Program Files\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[npkcrypt / npkcrypt]
  <\??\D:\Program Files\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsNTGDI / RsNTGDI]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[Secdrv / Secdrv]
  <system32\DRIVERS\secdrv.sys><N/A>
[TCP/IP Protocol Driver / Tcpip]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[TSP / TSP]
  <\??\C:\WINDOWS\system32\drivers\klif.sys><N/A>

==================================
浏览器加载项
[IeCatch5 Class]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <C:\PROGRA~1\FLASHGET\jccatch.dll, FlashGet>
[gFlash Class]
  {F156768E-81EF-470C-9057-481BA8380DBA} <C:\PROGRA~1\FLASHGET\getflash.dll, N/A>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[IeCatch5 Class]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <C:\PROGRA~1\FLASHGET\jccatch.dll, FlashGet>
[卡卡上网安全助手]
  {AFF6E516-CBE5-4F8A-9C2F-38A68013E766} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[使用网际快车下载]
  <C:\PROGRA~1\FLASHGET\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <C:\PROGRA~1\FLASHGET\jc_all.htm, N/A>

【回复“天道酬勤889”的帖子】
正在运行的进程
[PID: 604][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 788][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 860][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 936][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 964][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1148][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1244][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1332][C:\Program Files\Rising\Rav\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 1352][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1420][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1540][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1560][C:\Program Files\Rising\Rav\Ravmond.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 29]
    [C:\Program Files\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Rising\Rav\rfwctrl.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 9]
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\Program Files\Rising\Rav\RsLog.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
    [C:\Program Files\Rising\Rav\HOOKSYS.dll]  [Rising, 18, 1, 0, 9]
    [C:\Program Files\Rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
    [C:\Program Files\Rising\Rav\libload.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 13]
    [C:\Program Files\Rising\Rav\VirusLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [C:\Program Files\Rising\Rav\regmon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [C:\Program Files\Rising\Rav\psapi.dll]  [Microsoft Corporation, 4.00]
    [C:\Program Files\Rising\Rav\HookWeb.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 1]
    [C:\Program Files\Rising\Rav\MemMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [C:\Program Files\Rising\Rav\expscan.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\Rising\Rav\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
    [C:\Program Files\Rising\Rav\HookCont.dll]  [Rising, 19, 0, 0, 0]
    [C:\Program Files\Rising\Rav\SpamEng.dll]  [N/A, 18, 0, 0, 6]
    [C:\Program Files\Rising\Rav\engine.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
    [C:\Program Files\Rising\Rav\PostTrt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 8]
    [C:\Program Files\Rising\Rav\UnExe.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [C:\Program Files\Rising\Rav\ScanExec.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 14]
    [C:\Program Files\Rising\Rav\ScanEx.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 21]
    [C:\Program Files\Rising\Rav\NvFile.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
    [C:\Program Files\Rising\Rav\ScanMac.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 12]
    [C:\Program Files\Rising\Rav\ScanSct.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 14]
    [C:\Program Files\Rising\Rav\ExtFile.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
    [C:\Program Files\Rising\Rav\Unpacker.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 12]
    [C:\Program Files\Rising\Rav\ScanPack.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 13]
    [C:\Program Files\Rising\Rav\RsVM.dll]  [N/A, 19, 0, 0, 7]
    [C:\Program Files\Rising\Rav\ScanNet.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\Program Files\Rising\Rav\ScanElf.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
    [C:\Program Files\Rising\Rav\ExtOLE.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
    [C:\Program Files\Rising\Rav\Uscript.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 14]
    [C:\Program Files\Rising\Rav\Uroutine.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 13]
[PID: 1836][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\HpTcpMon.dll]  [Hewlett Packard, 6.01.00.009]
    [C:\WINDOWS\system32\hpzjrd01.dll]  [Hewlett Packard, 2.01.00.005]
    [C:\WINDOWS\system32\HPTcpMUI.dll]  [Microsoft Corporation, 6.01.00.009]
    [C:\WINDOWS\system32\hptcpmib.dll]  [Hewlett Packard, 6.01.00.009]
    [C:\WINDOWS\system32\hpzll054.dll]  [Hewlett-Packard Company, 60.054.45.00]
    [C:\WINDOWS\system32\mdimon.dll]  [Microsoft Corporation, 11.3.1897.0]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpzpp054.dll]  [Hewlett-Packard Corporation, 60.054.45.00]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll]  [Microsoft Corporation, 11.3.1897.0]
[PID: 1988][C:\Program Files\Rising\Rav\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 4]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[PID: 440][C:\WINDOWS\system32\HPZipm12.exe]  [HP, 10, 1, 1, 5]
[PID: 508][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 812][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 1632][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [C:\WINDOWS\system32\igfxpph.dll]  [Intel Corporation, 3.0.0.3929]
    [C:\WINDOWS\system32\hccutils.DLL]  [Intel Corporation, 3.0.0.3929]
    [C:\WINDOWS\system32\igfxres.dll]  [Intel Corporation, 3.0.0.3929]
    [C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.3929]
    [C:\WINDOWS\system32\igfxdev.dll]  [Intel Corporation, 3.0.0.3929]
[PID: 464][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 564][C:\WINDOWS\system32\wscntfy.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 628][C:\WINDOWS\system32\igfxtray.exe]  [Intel Corporation, 3.0.0.3929]
    [C:\WINDOWS\system32\hccutils.DLL]  [Intel Corporation, 3.0.0.3929]
    [C:\WINDOWS\system32\igfxdev.dll]  [Intel Corporation, 3.0.0.3929]
    [C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.3929]
    [C:\WINDOWS\system32\igfxres.dll]  [Intel Corporation, 3.0.0.3929]
    [C:\WINDOWS\system32\igfxress.dll]  [Intel Corporation, 3.0.0.3929]
[PID: 1140][C:\WINDOWS\system32\hkcmd.exe]  [Intel Corporation, 3.0.0.3929]
    [C:\WINDOWS\system32\hccutils.DLL]  [Intel Corporation, 3.0.0.3929]
    [C:\WINDOWS\system32\igfxdev.dll]  [Intel Corporation, 3.0.0.3929]
    [C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.3929]
    [C:\WINDOWS\system32\igfxhk.dll]  [Intel Corporation, 3.0.0.3929]
    [C:\WINDOWS\system32\igfxres.dll]  [Intel Corporation, 3.0.0.3929]
[PID: 1212][C:\Program Files\Rising\Rav\RavTask.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
[PID: 1288][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1304][C:\Program Files\Rising\Rav\Ravmon.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 26]
    [C:\Program Files\Rising\Rav\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 27]
    [C:\Program Files\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Rising\Rav\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [C:\Program Files\Rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[PID: 380][C:\Program Files\SREng2.2.6\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
N/A

==================================

【回复“天道酬勤889”的帖子】
是否更新(电爱版的SP2更新集)若的祸?好像更新前没有关IE的问题.(不敢100%确定).
以前中过招:瑞星和卡巴,还有系统修复类的软件都被干掉.但重装后就格不了U盘了.也制不了起动盘.

专杀工具
下载魔波专杀和补丁
http://free.ys168.com/?mizuki

【回复“红夜鬼1”的帖子】
不知为何下不了,网页错误.但能正常浏览.而且其它的网址可下载东西.还有另一下载地吗?

打开,保存就可以了,不要下载工具