[CODE]

2007-04-19,17:03:25

System Repair Engineer 2.4.12.806
Smallfrogs (http://www.KZTechs.com)

Windows 2000 Professional Service Pack 4 (Build 2195) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <Super Rabbit IEPro><C:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE /LOAD>  [Super Rabbit Soft]
    <ctfmon.exe><ctfmon.exe>  [Microsoft Corporation]
    <vy2><C:\DOCUME~1\admin\LOCALS~1\Temp\crasos.exe>  []
    <xq52fz972><C:\DOCUME~1\admin\LOCALS~1\Temp\1explore.exe>  []
    <hkgrh6r><C:\DOCUME~1\admin\LOCALS~1\Temp\Servera.exe>  []
    <b><C:\DOCUME~1\admin\LOCALS~1\Temp\winlog0n.exe>  []
    <zk8><C:\DOCUME~1\admin\LOCALS~1\Temp\rundl132.exe>  []
    <5ke><C:\DOCUME~1\admin\LOCALS~1\Temp\c0nime.exe>  []
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <Synchronization Manager><mobsync.exe /logon>  [(Verified)Microsoft Windows 2000 Publisher]
    <SoundMan><SOUNDMAN.EXE>  [Realtek Semiconductor Corp.]
    <DAEMON Tools><"C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033>  [(Verified)DAEMON Tools Code Signing Services]
    <WangWang><"F:\Program Files\淘宝网\淘宝旺旺\WangWang.EXE">  []
    <stup.exe><C:\PROGRA~1\TENCENT\Adplus\stup.exe>  [Tencent]
    <cmdbcs><C:\WINNT\cmdbcs.exe>  []
    <RfwMain><"E:\Rising\Rfw\rfwmain.exe" -Startup>  []
    <RavTask><"E:\Rising\Rav\RavTask.exe" -system>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows 2000 Publisher]
    <Userinit><C:\WINNT\system32\userinit.exe,>  [(Verified)Microsoft Windows 2000 Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINNT\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]

==================================
启动文件夹
[AutoCAD 启动加速器]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\AutoCAD 启动加速器.lnk --> C:\PROGRA~1\COMMON~1\AUTODE~1\ACSTAR~1.EXE [Autodesk, Inc]><N>
[Microsoft Office]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Microsoft Office.lnk --> C:\PROGRA~1\MICROS~2\Office10\OSA.EXE [Microsoft Corporation]><N>
[QQ游戏启动加速程序]
  <C:\Documents and Settings\admin\「开始」菜单\程序\启动\QQ游戏启动加速程序.lnk --> E:\QQGame\Accel.exe [N/A]><N>
[腾讯QQ]
  <C:\Documents and Settings\admin\「开始」菜单\程序\启动\腾讯QQ.lnk --> E:\QQ\QQ.exe [N/A]><N>

==================================
服务
[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
  <C:\WINNT\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[Autodesk Licensing Service / Autodesk Licensing Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"><Autodesk, Inc.>
[Logical Disk Manager Administrative Service / dmadmin][Stopped/Manual Start]
  <C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[TCP/IP Check / Hello Download][Stopped/Auto Start]
  <C:\Program Files\Common Files\System\wab32res.exe><N/A>
[Rising Proxy  Service / RfwProxySrv][Stopped/Manual Start]
  <e:\rising\rfw\rfwproxy.exe><N/A>
[Rising Personal Firewall Service / RfwService][Stopped/Auto Start]
  <e:\rising\rfw\rfwsrv.exe><N/A>
[Rising Process Communication Center / RsCCenter][Stopped/Auto Start]
  <"E:\Rising\Rav\CCenter.exe"><N/A>
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
  <"E:\RISING\RAV\Ravmond.exe"><N/A>
[Portable Media Serial Number Service / WmdmPmSN][Stopped/Manual Start]
  <C:\WINNT\System32\svchost.exe -k netsvcs-->C:\WINNT\system32\mspmsnsv.dll><Microsoft Corporation>

==================================
驱动程序
[Service for WDM 3D Audio Driver / ALCXSENS][Running/Manual Start]
  <system32\drivers\ALCXSENS.SYS><Sensaura Ltd>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[dmboot / dmboot][Stopped/Disabled]
  <System32\drivers\dmboot.sys><VERITAS Software Corp.>
[Logical Disk Manager Driver / dmio][Running/Boot Start]
  <\SystemRoot\System32\drivers\dmio.sys><VERITAS Software Corp.>
[dmload / dmload][Running/Boot Start]
  <\SystemRoot\System32\drivers\dmload.sys><VERITAS Software Corp.>
[dtscsi / dtscsi][Stopped/Manual Start]
  <\SystemRoot\System32\Drivers\dtscsi.sys><DT Soft Ltd.>
[ExpScaner / ExpScaner][Running/Auto Start]
  <\??\E:\RISING\RAV\ExpScan.sys><>
[VIA Rhine Family Fast Ethernet Adapter Driver Service / FETNDISB][Running/Manual Start]
  <System32\DRIVERS\fetnd5b.sys><VIA Technologies, Inc.>
[HookCont / HookCont][Running/Auto Start]
  <\??\E:\RISING\RAV\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
  <\??\E:\RISING\RAV\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
  <\??\E:\RISING\RAV\HookSys.sys><Rising>
[HookUrl / HookUrl][Running/Auto Start]
  <\??\E:\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[kmsinput / kmsinput][Stopped/Manual Start]
  <\??\C:\WINNT\system32\drivers\kmsinput.sys><N/A>
[MEMSCAN / MEMSCAN][Running/Auto Start]
  <\??\E:\RISING\RAV\MEMSCAN.sys><瑞星软件有限公司>
[mProcRs / mProcRs][Running/Auto Start]
  <\??\e:\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\E:\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[NTSIM / NTSIM][Stopped/Manual Start]
  <\??\C:\WINNT\System32\ntsim.sys><VIA Networking Technologies, Inc.>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[QKeyServiceDisplay / QKeyService][Running/Boot Start]
  <\SystemRoot\system32\KeyCrypt.sys><>
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
  <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising>
[RsFwDrv / RsFwDrv][Running/Auto Start]
  <\??\E:\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
  <\??\E:\RISING\RAV\RSPPSYS.sys><Rising>
[S3Psddr / S3Psddr][Running/Manual Start]
  <System32\DRIVERS\s3gnbm.sys><S3 Graphics, Inc.>
[TSP / TSP][Stopped/Manual Start]
  <\??\C:\WINNT\system32\drivers\klif.sys><N/A>
[VIA AGP Filter / viaagp1][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\viaagp1.sys><VIA Technologies, Inc.>
[VIA USB Filter / viafilter][Stopped/Manual Start]
  <\SystemRoot\System32\Drivers\viausb.sys><VIA Technologies, Inc.>
[viaide / viaide][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\viaide.sys><VIA Technologies, Inc.>
[WINIO / WINIO][Stopped/Manual Start]
  <\??\C:\WINNT\Downloaded Program Files\winio.sys><N/A>

==================================
浏览器加载项
[QQCycloneHelper Class]
  {00000000-12C9-4305-82F9-43058F20E8D2} <E:\QQDownload\QQIEHelper02.dll, 腾讯公司>
[Tencent Browser Helper]
  {0C7C23EF-A848-485B-873C-0ED954731014} <C:\Program Files\TENCENT\Adplus\SSAddr.dll, Tencent>
[IeCatch5 Class]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <F:\PROGRA~1\FLASHGET\jccatch.dll, FlashGet>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <E:\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[gFlash Class]
  {F156768E-81EF-470C-9057-481BA8380DBA} <F:\PROGRA~1\FLASHGET\getflash.dll, >
[联信通宽频数字家园]
  {039C4009-5283-4365-97BF-144054B40E2E} <, N/A>
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <E:\QQ\QQ.EXE, N/A>
[FlashGet]
  {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <F:\PROGRA~1\FLASHGET\flashget.exe, N/A>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <E:\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINNT\system32\msdxm.ocx, Microsoft Corporation>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <F:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINNT\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[GDHidCtrl Class]
  {220ED87A-CB03-45A8-A81E-1C5597E11186} <C:\WINNT\system32\GDHidUsr\GDHidUsr.dll, >
[WebActivater Control]
  {3D8F74EE-8692-4F8F-B8D2-7522E732519E} <C:\WINNT\system32\WEBACT~1.OCX, QQ>
[CEditCtrl Object]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINNT\system32\aliedit\AliEdit.dll, www.alipay.com>
[UploadControl Control]
  {52FF336D-A05D-4A14-A3A1-7B6B4B427F88} <C:\WINNT\system32\UPLOAD~1.OCX, 广州网易互动娱乐有限公司>
[Downloader Class]
  {5932517A-3326-4439-A708-1C98EDB5C549} <C:\WINNT\system32\iMopDl.dll, >
[AxInputControl Class]
  {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINNT\DOWNLO~1\INPUTC~1.DLL, >
[VnetAnprIns Class]
  {74447F9C-5691-4A9A-8BE4-564092E40B03} <C:\WINNT\Downloaded Program Files\anprins.dll, 中国电信股份有限公司>
[Qzone Media Tools]
  {A96C48EA-AA88-4BBD-B58C-7B41146A6EAC} <E:\QQ\QZone\QZONEM~1.OCX, Tencent Technology (Shenzhen) Company Limited>
[WebActivater Control]
  {C661F36D-DF85-4EF4-83C7-E107B83D04B1} <C:\WINNT\system32\3DShowVM.ocx, QQ>
[NTKO OFFICE文档控件]
  {C9BC4DFF-4248-4A3C-8A49-63A7D317F404} <C:\WINNT\Downloaded Program Files\OfficeControl.ocx, 千航网络[NTKO SOFTWARE] WEB:http://www.ntko.com Email: tanger@ntko.com>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINNT\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[Rising Web Scan Object]
  {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <C:\WINNT\Downloaded Program Files\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[CPasswordEditCtrl Object]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINNT\system32\qqedit\qqedit.dll, 腾讯科技（深圳）有限公司>
[WangWangObj Class]
  {6E213FC7-DD5A-4115-B7E6-D4C7838C361E} <F:\Program Files\淘宝网\淘宝旺旺\WangWangX4.dll, 阿里软件（中国）有限公司>
[&使用超级旋风下载]
  <E:\QQDownload\geturl.htm, N/A>
[&使用超级旋风下载全部链接]
  <E:\QQDownload\getAllurl.htm, N/A>
[上传到QQ网络硬盘]
  <E:\QQ\AddToNetDisk.htm, N/A>
[使用网际快车下载]
  <F:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <F:\Program Files\FlashGet\jc_all.htm, N/A>
[添加到QQ自定义面板]
  <E:\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <E:\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <E:\QQ\SendMMS.htm, N/A>

==================================
正在运行的进程
[PID: 140][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.00.2195.6601]
[PID: 164][\??\C:\WINNT\system32\csrss.exe]  [Microsoft Corporation, 5.00.2195.6601]
[PID: 184][\??\C:\WINNT\system32\winlogon.exe]  [Microsoft Corporation, 5.00.2195.6997]
    [C:\WINNT\system32\wdmaud.drv]  [Microsoft Corporation, 5.00.2195.6673]
    [C:\WINNT\system32\msacm32.drv]  [Microsoft Corporation, 5.00.2134.1]
    [C:\WINNT\system32\winabc.ime]  [Microsoft Corporation, 5.00.2195.6601]
[PID: 800][C:\WINNT\Explorer.EXE]  [Microsoft Corporation, 5.00.3700.6690]
    [C:\WINNT\AppPatch\AcLayers.DLL]  [Microsoft Corporation, 5.00.2195.6717]
    [C:\WINNT\system32\winabc.ime]  [Microsoft Corporation, 5.00.2195.6601]
    [C:\WINNT\system32\AcSignIcon.dll]  [Autodesk, 16.1.63.0]
    [C:\WINNT\TEMP\LgSy0.dll]  [N/A, ]
    [C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll]  [Autodesk, 16.1.63.0]
    [C:\WINNT\system32\msimtf.dll]  [Microsoft Corporation, 1.00.2409.7 built by: Lab06_N]
    [C:\WINNT\system32\MSCTF.dll]  [Microsoft Corporation, 1.00.2409.8 built by: Lab06_N]
    [C:\WINNT\system32\wdmaud.drv]  [Microsoft Corporation, 5.00.2195.6673]
    [C:\Program Files\TENCENT\Adplus\Adplus.dll]  [Tencent, 4, 5, 1, 15]
    [C:\WINNT\system32\msacm32.drv]  [Microsoft Corporation, 5.00.2134.1]
    [C:\WINNT\system32\cmdbcs.dll]  [N/A, ]
    [C:\WINNT\mui\fallback\0804\msctf.dll.mui]  [Microsoft Corporation, 1.00.2409.8 built by: Lab06_N]
    [C:\WINNT\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [C:\DOCUME~1\admin\LOCALS~1\Temp\Msxo0.dll]  [N/A, ]
    [C:\DOCUME~1\admin\LOCALS~1\Temp\fyzo0.dll]  [N/A, ]
    [C:\DOCUME~1\admin\LOCALS~1\Temp\Kavs0.dll]  [N/A, ]
    [C:\DOCUME~1\admin\LOCALS~1\Temp\Gjzo1.dll]  [N/A, ]
    [C:\DOCUME~1\admin\LOCALS~1\Temp\LgSy0.dll]  [N/A, ]
    [C:\DOCUME~1\admin\LOCALS~1\Temp\Rav21.dll]  [N/A, ]
    [C:\Program Files\TENCENT\Adplus\SSAddr.dll]  [Tencent, 4, 4, 3, 30]
    [F:\PROGRA~1\FLASHGET\jccatch.dll]  [FlashGet, 1, 1, 5, 0]
    [C:\Program Files\Microsoft Office\Office10\msohev.dll]  [Microsoft Corporation, 10.0.2609]
    [C:\WINNT\system32\msadp32.acm]  [Microsoft Corporation, 5.00.2134.1]
[PID: 1180][C:\WINNT\SOUNDMAN.EXE]  [Realtek Semiconductor Corp., 5.1.06]
    [C:\WINNT\system32\winabc.ime]  [Microsoft Corporation, 5.00.2195.6601]
    [C:\Program Files\TENCENT\Adplus\Adplus.dll]  [Tencent, 4, 5, 1, 15]
    [C:\WINNT\system32\MSCTF.dll]  [Microsoft Corporation, 1.00.2409.8 built by: Lab06_N]
[PID: 1232][C:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE]  [Super Rabbit Soft, 7.76]
    [C:\WINNT\system32\MSVBVM60.DLL]  [Microsoft Corporation, 6.00.9690]
    [C:\WINNT\system32\vb6chs.dll]  [Microsoft Corporation, 6.00.8988]
    [C:\Program Files\TENCENT\Adplus\Adplus.dll]  [Tencent, 4, 5, 1, 15]
    [C:\WINNT\system32\MSCTF.dll]  [Microsoft Corporation, 1.00.2409.8 built by: Lab06_N]
    [C:\WINNT\system32\winabc.ime]  [Microsoft Corporation, 5.00.2195.6601]
    [E:\超级兔子\MagicSet\shlobj71.ocx]  [Sky Software (http://www.ssware.com), 7, 1, 0, 0]
    [C:\WINNT\mui\fallback\0804\msctf.dll.mui]  [Microsoft Corporation, 1.00.2409.8 built by: Lab06_N]
[PID: 1240][C:\WINNT\system32\ctfmon.exe]  [Microsoft Corporation, 1.00.2409.7 built by: Lab06_N]
    [C:\WINNT\system32\MSCTF.dll]  [Microsoft Corporation, 1.00.2409.8 built by: Lab06_N]
    [C:\WINNT\system32\MSUTB.dll]  [Microsoft Corporation, 1.00.2409.7 built by: Lab06_N]
    [C:\Program Files\TENCENT\Adplus\Adplus.dll]  [Tencent, 4, 5, 1, 15]
    [C:\WINNT\system32\winabc.ime]  [Microsoft Corporation, 5.00.2195.6601]
    [C:\WINNT\mui\fallback\0804\msutb.dll.mui]  [Microsoft Corporation, 1.00.2409.7 built by: Lab06_N]
    [C:\WINNT\mui\fallback\0804\msctf.dll.mui]  [Microsoft Corporation, 1.00.2409.8 built by: Lab06_N]
[PID: 1456][C:\WINNT\system32\notepad.exe]  [Microsoft Corporation, 5.00.2140.1]
    [C:\Program Files\TENCENT\Adplus\Adplus.dll]  [Tencent, 4, 5, 1, 15]
    [C:\WINNT\system32\MSCTF.dll]  [Microsoft Corporation, 1.00.2409.8 built by: Lab06_N]
    [C:\WINNT\system32\winabc.ime]  [Microsoft Corporation, 5.00.2195.6601]
[PID: 820][C:\WINNT\system32\notepad.exe]  [Microsoft Corporation, 5.00.2140.1]
    [C:\Program Files\TENCENT\Adplus\Adplus.dll]  [Tencent, 4, 5, 1, 15]
    [C:\WINNT\system32\MSCTF.dll]  [Microsoft Corporation, 1.00.2409.8 built by: Lab06_N]
    [C:\WINNT\system32\winabc.ime]  [Microsoft Corporation, 5.00.2195.6601]
[PID: 1068][C:\WINNT\system32\notepad.exe]  [Microsoft Corporation, 5.00.2140.1]
    [C:\Program Files\TENCENT\Adplus\Adplus.dll]  [Tencent, 4, 5, 1, 15]
    [C:\WINNT\system32\MSCTF.dll]  [Microsoft Corporation, 1.00.2409.8 built by: Lab06_N]
    [C:\WINNT\system32\winabc.ime]  [Microsoft Corporation, 5.00.2195.6601]
[PID: 1832][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2800.1106]
    [C:\Program Files\TENCENT\Adplus\Adplus.dll]  [Tencent, 4, 5, 1, 15]
    [C:\Program Files\TENCENT\Adplus\SSAddr.dll]  [Tencent, 4, 4, 3, 30]
    [C:\WINNT\system32\MSCTF.dll]  [Microsoft Corporation, 1.00.2409.8 built by: Lab06_N]
    [C:\WINNT\system32\winabc.ime]  [Microsoft Corporation, 5.00.2195.6601]
    [C:\WINNT\system32\AcSignIcon.dll]  [Autodesk, 16.1.63.0]
    [E:\QQDownload\QQIEHelper02.dll]  [腾讯公司, 1, 1, 0, 5]
    [F:\PROGRA~1\FLASHGET\jccatch.dll]  [FlashGet, 1, 1, 5, 0]
    [E:\QQ\QQIEHelper.dll]  [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
    [F:\PROGRA~1\FLASHGET\getflash.dll]  [, 1, 0, 0, 1]
    [C:\WINNT\mui\fallback\0804\msctf.dll.mui]  [Microsoft Corporation, 1.00.2409.8 built by: Lab06_N]
    [E:\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINNT\system32\msimtf.dll]  [Microsoft Corporation, 1.00.2409.7 built by: Lab06_N]
    [C:\Program Files\Microsoft Office\Office10\msohev.dll]  [Microsoft Corporation, 10.0.2609]
    [C:\DOCUME~1\admin\LOCALS~1\Temp\Rav21.dll]  [N/A, ]
    [C:\DOCUME~1\admin\LOCALS~1\Temp\LgSy0.dll]  [N/A, ]
    [C:\DOCUME~1\admin\LOCALS~1\Temp\Gjzo1.dll]  [N/A, ]
    [C:\DOCUME~1\admin\LOCALS~1\Temp\Kavs0.dll]  [N/A, ]
    [C:\DOCUME~1\admin\LOCALS~1\Temp\fyzo0.dll]  [N/A, ]
    [C:\DOCUME~1\admin\LOCALS~1\Temp\Msxo0.dll]  [N/A, ]
    [C:\WINNT\TEMP\LgSy0.dll]  [N/A, ]
[PID: 728][D:\121\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]
    [C:\Program Files\TENCENT\Adplus\Adplus.dll]  [Tencent, 4, 5, 1, 15]
    [C:\WINNT\system32\MSCTF.dll]  [Microsoft Corporation, 1.00.2409.8 built by: Lab06_N]
    [C:\WINNT\system32\winabc.ime]  [Microsoft Corporation, 5.00.2195.6601]
    [C:\WINNT\mui\fallback\0804\msctf.dll.mui]  [Microsoft Corporation, 1.00.2409.8 built by: Lab06_N]
    [C:\DOCUME~1\admin\LOCALS~1\Temp\Rav21.dll]  [N/A, ]
    [C:\DOCUME~1\admin\LOCALS~1\Temp\LgSy0.dll]  [N/A, ]
    [C:\DOCUME~1\admin\LOCALS~1\Temp\Gjzo1.dll]  [N/A, ]
    [C:\DOCUME~1\admin\LOCALS~1\Temp\Kavs0.dll]  [N/A, ]
    [C:\DOCUME~1\admin\LOCALS~1\Temp\fyzo0.dll]  [N/A, ]
    [C:\DOCUME~1\admin\LOCALS~1\Temp\Msxo0.dll]  [N/A, ]
    [C:\WINNT\TEMP\LgSy0.dll]  [N/A, ]
    [C:\WINNT\system32\AcSignIcon.dll]  [Autodesk, 16.1.63.0]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINNT\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost
127.0.0.1      mmm.caifu18.net
127.0.0.1      www.18dmm.com
127.0.0.1      d.qbbd.com
127.0.0.1      www.5117music.com
127.0.0.1      www.union123.com
127.0.0.1      www.wu7x.cn
127.0.0.1      www.54699.com
127.0.0.1      60.169.0.66
127.0.0.1      60.169.1.29
127.0.0.1      www.97725.com
127.0.0.1      down.97725.com
127.0.0.1      ip.315hack.com
127.0.0.1      ip.54liumang.com
127.0.0.1      www.41ip.com
127.0.0.1      xulao.com
127.0.0.1      www.heixiou.com
127.0.0.1      www.9cyy.com
127.0.0.1      www.hunll.com
127.0.0.1      www.down.hunll.com
127.0.0.1      do.77276.com
127.0.0.1      www.baidulink.com
127.0.0.1      adnx.yygou.cn
127.0.0.1      222.73.220.45
127.0.0.1      www.f5game.com
127.0.0.1      www.guazhan.cn
127.0.0.1      wm,103715.com
127.0.0.1      www.my6688.cn
127.0.0.1      i.96981.com
127.0.0.1      d.77276.com
127.0.0.1      www1.cw988.cn
127.0.0.1      cool.47555.com
127.0.0.1      www.asdwc.com
127.0.0.1      55880.cn
127.0.0.1      61.152.169.234
127.0.0.1      cc.wzxqy.com
127.0.0.1      www.54699.com
127.0.0.1      t.gcuj.com
127.0.0.1      www.puma163.com
127.0.0.1      ceoww.com

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]

QQ还是弹不出来，把以下内容保存到记事本，另存为“清除系统垃圾文件.bat”，然后双击就可以删除临时文件了。

@echo off
echo 正在清除系统垃圾文件，请稍等......
del /f /s /q %systemdrive%\*.tmp
del /f /s /q %systemdrive%\*._mp
del /f /s /q %systemdrive%\*.log
del /f /s /q %systemdrive%\*.gid
del /f /s /q %systemdrive%\*.chk
del /f /s /q %systemdrive%\*.old
del /f /s /q %systemdrive%\recycled\*.*
del /f /s /q %windir%\*.bak
del /f /s /q %windir%\prefetch\*.*
rd /s /q %windir%\temp & md %windir%\temp
del /f /q %userprofile%\cookies\*.*
del /f /q %userprofile%\recent\*.*
del /f /s /q "%userprofile%\Local Settings\Temporary Internet Files\*.*"
del /f /s /q "%userprofile%\Local Settings\Temp\*.*"
del /f /s /q "%userprofile%\recent\*.*"
echo 清除系统LJ完成！
echo. & pause
这个不会操作。我的电脑开始这里没有记事本

<vy2><C:\DOCUME~1\admin\LOCALS~1\Temp\crasos.exe> []
<xq52fz972><C:\DOCUME~1\admin\LOCALS~1\Temp\1explore.exe> []
<hkgrh6r><C:\DOCUME~1\admin\LOCALS~1\Temp\Servera.exe> []
<b><C:\DOCUME~1\admin\LOCALS~1\Temp\winlog0n.exe> []
<zk8><C:\DOCUME~1\admin\LOCALS~1\Temp\rundl132.exe> []
<5ke><C:\DOCUME~1\admin\LOCALS~1\Temp\c0nime.exe> []
<cmdbcs><C:\WINNT\cmdbcs.exe> []
<\??\C:\WINNT\Downloaded Program Files\winio.sys><N/A>

HOSTS 文件
127.0.0.1 localhost
127.0.0.1 mmm.caifu18.net
127.0.0.1 www.18dmm.com
127.0.0.1 d.qbbd.com
127.0.0.1 www.5117music.com
127.0.0.1 www.union123.com
127.0.0.1 www.wu7x.cn
127.0.0.1 www.54699.com
127.0.0.1 60.169.0.66
127.0.0.1 60.169.1.29
127.0.0.1 www.97725.com
127.0.0.1 down.97725.com
127.0.0.1 ip.315hack.com
127.0.0.1 ip.54liumang.com
127.0.0.1 www.41ip.com
127.0.0.1 xulao.com
127.0.0.1 www.heixiou.com
127.0.0.1 www.9cyy.com
127.0.0.1 www.hunll.com
127.0.0.1 www.down.hunll.com
127.0.0.1 do.77276.com
127.0.0.1 www.baidulink.com
127.0.0.1 adnx.yygou.cn
127.0.0.1 222.73.220.45
127.0.0.1 www.f5game.com
127.0.0.1 www.guazhan.cn
127.0.0.1 wm,103715.com
127.0.0.1 www.my6688.cn
127.0.0.1 i.96981.com
127.0.0.1 d.77276.com
127.0.0.1 www1.cw988.cn
127.0.0.1 cool.47555.com
127.0.0.1 www.asdwc.com
127.0.0.1 55880.cn
127.0.0.1 61.152.169.234
127.0.0.1 cc.wzxqy.com
127.0.0.1 www.54699.com
127.0.0.1 t.gcuj.com
127.0.0.1 www.puma163.com
127.0.0.1 ceoww.com


留下127.0.0.1 localhost
其余删除

http://forum.ikaka.com/topic.asp?board=28&artid=8290293

看看这里