这些天 瑞星检总测到一个病毒 杀了好多次都有 就是杀不掉
该病毒名：packer.win32.mian007.a
高人请帮帮忙哇！谢谢哦！
附srenglog.log文件记事

[CODE]

2008-07-08,17:06:31

System Repair Engineer 2.6.11.992
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <switch><c:\windows\system32\壁纸自动换.exe>  []
    <SoundMan><SOUNDMAN.EXE>  [Realtek Semiconductor Corp.]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [NVIDIA Corporation]
    <nwiz><nwiz.exe /install>  []
    <SW20><C:\WINDOWS\system32\sw20.exe>  []
    <SW24><C:\WINDOWS\system32\sw24.exe>  []
    <NvMediaCenter><RunDLL32.exe NvMCTray.dll,NvTaskbarInit>  [NVIDIA Corporation]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [(Verified)Beijing Rising Science and Technology Corporation Limited]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    <WinlogonNotify: WgaLogon><WgaLogon.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
    <IE7 Uninstall Stub><C:\WINDOWS\system32\ieudinit.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]

==================================
启动文件夹
[腾讯QQ]
  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\腾讯QQ.lnk --> E:\QQ2008\QQ.exe [TENCENT]><N>

==================================
服务
[Contrl Center of Storm Media / ccosm][Running/Auto Start]
  <E:\暴风\文件\stormliv.exe /asservice><北京暴风网际科技有限公司>
[Data Connection Cache Poll / dccp][Stopped/Auto Start]
  <C:\Program Files\Common Files\ltaos\vonose.exe><N/A>
[Google Updater Service / gusvc][Stopped/Manual Start]
  <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
  <"C:\PROGRAM FILES\RISING\RAV\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>

==================================
驱动程序
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
  <system32\drivers\ac97intc.sys><Intel Corporation>
[ADProt / ADProt][Running/System Start]
  <\SystemRoot\system32\drivers\ADProt.sys><腾讯科技（深圳）有限公司>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AliIde / AliIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AMD K8 Processor Driver / AmdK8][Stopped/Manual Start]
  <System32\DRIVERS\amdk8.sys><Advanced Micro Devices>
[CmdIde / CmdIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[VIA Rhine Family Fast Ethernet Adapter Driver Service / FETNDISB][Running/Manual Start]
  <system32\DRIVERS\fetnd5b.sys><VIA Technologies, Inc.>
[GMSIPCI / GMSIPCI][Stopped/Manual Start]
  <\??\I:\INSTALL\GMSIPCI.SYS><N/A>
[h0gwmaa2 / h0gwmaa2][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\h0gwmaa2.sys><N/A>
[HookCont / HookCont][Running/System Start]
  <\SystemRoot\system32\drivers\HookCont.sys><Beijing Rising Technology Co., Ltd>
[HookNtos / HookNtos][Running/System Start]
  <\SystemRoot\system32\drivers\HookNtos.sys><Beijing Rising Technology Co., Ltd>
[HookReg / HookReg][Running/System Start]
  <\SystemRoot\system32\drivers\HookReg.sys><Beijing Rising Technology Co., Ltd>
[HookSys / HookSys][Running/System Start]
  <\SystemRoot\system32\drivers\HookSys.sys><Beijing Rising Technology Co., Ltd>
[kelgqam / kelgqam][Stopped/Boot Start]
  <\SystemRoot\\SystemRoot\System32\drivers\kelgqam.sys><N/A>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[Secdrv / Secdrv][Running/Auto Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[sptd / sptd][Running/Boot Start]
  <\SystemRoot\System32\Drivers\sptd.sys><N/A>
[tck2j / tck2jf][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\tck2jf.sys><>
[ViaIde / ViaIde][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\viaidexp.sys><VIA Technologies, Inc.>
[VIAMRAID / VIAMRAID][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\viamraid.sys><VIA Technologies inc,.ltd>
[WINIO / WINIO][Stopped/Manual Start]
  <\??\F:\大航海\按键精灵\按键精灵\qmnms.sys><N/A>

==================================
浏览器加载项
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <E:\迅雷\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[BitComet Helper]
  {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <G:\BT\BitComet\tools\BitCometBHO_1.2.2.28.dll, BitComet>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <E:\迅雷\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[知识库]
  {06926B30-424E-4f1c-8EE3-543CD96573DC} <http://blank.la/?h, N/A>
[Yahoo 3.5G电邮]
  {507F9113-CD77-4866-BA92-0E86DA3D0B97} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail, N/A>
[名品折扣]
  {59BC54A2-56B3-44a0-93E5-432D58746E26} <http://adtaobao.allyes.com/main/adfclick?db=adtaobao&bid=138,140,18&cid=816,8,1&sid=5042&show=ignore&url=http://www.taobao.com/vertical/mall/pro.php?allyesPara=816, N/A>
[雅虎助手]
  {5D73EE86-05F1-49ed-B850-E423120EC338} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist, N/A>
[雅虎WIDGET]
  {6354ABE6-05F1-49ed-B850-E423120EC338} <http://cn.widget.yahoo.com/index.htm?source=Cns, N/A>
[BitComet]
  {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} <, N/A>
[情景聊天]
  {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg, N/A>
[]
  {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair, N/A>
[]
  {FD00D911-7529-4084-9946-A29F1BDF4FE5} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean, N/A>
[IE搜索工具条]
  {BE830FD4-E393-417F-9F4B-CC70ABB3384C} <C:\WINDOWS\system32\IETool.dll, N/A>
[&Google]
  {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, N/A>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
[Google Script Object]
  {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, N/A>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <E:\迅雷\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[KuGoo3Down Control]
  {162AF25B-5A2A-448E-A842-194653EF3E05} <C:\WINDOWS\system32\KuGoo3DownXControl.ocx, N/A>
[Fade]
  {16B280C5-EE70-11D1-9066-00C04FD9189D} <C:\WINDOWS\system32\Dxtmsft.dll, Microsoft Corporation>
[CXLGameShell.XLGameShellProxy]
  {1DC1F424-0876-485D-A4E9-9E568548BF37} <, N/A>
[FG2CatchUrl]
  {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} <E:\网际快车\fgcn_101\FlashGet\ComDlls\bhoCATCH.dll, N/A>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[&Google]
  {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, N/A>
[GLAvatar Control]
  {26174E2F-0B86-4D78-812B-A8063CBF4333} <F:\联众\Game\Share\GLAvatar.ocx, >
[]
  {28C291DE-8EF2-4E53-ADF2-E410F3C966A3} <C:\WINDOWS\system32\zlfyefmxvqmis.dll, N/A>
[XML DOM Document]
  {2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\system32\msxml3.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[Tabular Data Control]
  {333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\WINDOWS\system32\tdc.ocx, Microsoft Corporation>
[BitComet Helper]
  {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <G:\BT\BitComet\tools\BitCometBHO_1.2.2.28.dll, BitComet>
[XML Document]
  {48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\system32\msxml3.dll, N/A>
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <E:\迅雷\Thunder\ComDlls\ThunderAgent_Now.dll, Thunder Networking Technologies,LTD>
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[XMP Class]
  {6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, >
[]
  {669751ED-D558-49AE-B01A-3B374CC7910E} <C:\WINDOWS\system32\SSup.dll, TENCENT>
[XDRM]
  {693571CB-54A3-4E90-9D52-EEAE1334E2D3} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, >
[AddTask Class]
  {6A19C29D-ED45-4483-8999-9F939C8161F2} <F:\看书工具\eREAD7.0Setup\eREAD\WebHook.dll, N/A>
[StormPlayer Object]
  {6BE52E1D-E586-474F-A6E2-1A85A9B4D9FB} <E:\暴风\文件\mps.dll, 北京暴风网际科技有限公司>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Microsoft Web Browser]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\ieframe.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <E:\迅雷\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[XML DOM 文档 5.0]
  {88D969E5-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL, Microsoft Corporation>
[Free Threaded XML DOM Document 5.0]
  {88D969E6-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL, Microsoft Corporation>
[XSL Template 5.0]
  {88D969E8-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL, Microsoft Corporation>
[XML HTTP 5.0]
  {88D969EA-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL, Microsoft Corporation>
[RMGetLicense Class]
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[Google Toolbar Helper]
  {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, N/A>
[Thunder DapCtrl]
  {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.1.6.5710.37.492.dll, ShenZhen Thunder Networking Technologies Ltd.>
[Google Toolbar Notifier BHO]
  {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[IE搜索工具条]
  {BE830FD4-E393-417F-9F4B-CC70ABB3384C} <C:\WINDOWS\system32\IETool.dll, N/A>
[QQPlayerSvr Proxy Control]
  {CD108273-D434-43E6-AA90-1469F97EB398} <E:\QQ2008\QzoneMusic.dll, 腾讯科技>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
  {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <E:\暴风\文件\Codec\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
[XML HTTP Request]
  {ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\system32\msxml3.dll, N/A>
[Thunder DapPlayer]
  {EEDD6FF9-13DE-496B-9A1C-D78B3215E266} <E:\迅雷\Thunder\Components\DownAndPlay\DapPlayer3.0.44.68.912.dll, ShenZhen Thunder Networking Technologies Ltd.>
[SrchHook Class]
  {F08555B0-9CC3-11D2-AA8E-000000000000} <C:\WINDOWS\system32\IEBHO.dll, N/A>
[XPPlayer Class]
  {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\pplayer.dll_1_work, Thunder>
[XML DOM Document 3.0]
  {F5078F32-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, N/A>
[Free Threaded XML DOM Document 3.0]
  {F5078F33-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, N/A>
[XML HTTP 3.0]
  {F5078F35-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, N/A>
[XSL Template 3.0]
  {F5078F36-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, N/A>
[XML DOM Document]
  {F6D90F11-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\system32\msxml3.dll, N/A>
[XML HTTP]
  {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\system32\msxml3.dll, N/A>
[IEDown Class]
  {F917534D-535B-416B-8E8F-0C04756C31A8} <C:\WINDOWS\system32\GLIEDown2.dll, 联众公司>
[FG2CatchUrl]
  {FB5DA724-162B-11D3-8B9B-AA70B4B0B525} <E:\网际快车\fgcn_101\FlashGet\ComDlls\bhoCATCH.dll, N/A>
[&使用BitComet下载]
  <res://G:\BT\BitComet\BitComet.exe/AddLink.htm, N/A>
[&使用BitComet下载全部链接]
  <res://G:\BT\BitComet\BitComet.exe/AddAllLink.htm, N/A>
[&使用BitComet下载本页视频]
  <res://G:\BT\BitComet\BitComet.exe/AddVideo.htm, N/A>
[使用快车(Flas&hGet)下载]
  <E:\网际快车\fgcn_101\FlashGet\ComDlls\Bholink.htm, N/A>
[使用快车(Flash&Get)下载全部链接]
  <E:\网际快车\fgcn_101\FlashGet\ComDlls\Bhoall.htm, N/A>
[使用迅雷下载]
  <E:\迅雷\Thunder\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <E:\迅雷\Thunder\Program\getallurl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ表情]
  <E:\QQ2008\AddEmotion.htm, N/A>
[用比特精灵下载(&B)]
  <G:\比特精灵\比特精灵\bsv3.3.2.132.CN\BitSpirit\BitSpirit\bsurl.htm, N/A>



用户系统信息：Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)

接上贴。。。字数有点多-0-。。。

==================================
正在运行的进程
[PID: 588 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 656 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 696 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 740 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 752 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 896 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 988 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1028 / SYSTEM][C:\Program Files\Rising\Rav\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 20.0.0.28]
[PID: 1044 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1124 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1152 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1196 / SYSTEM][C:\PROGRAM FILES\RISING\RAV\ravmond.exe]  [Beijing Rising Technology Co., Ltd., 20.0.0.76]
    [C:\PROGRAM FILES\RISING\RAV\BWList.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.4]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
    [C:\PROGRAM FILES\RISING\RAV\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.18]
    [C:\PROGRAM FILES\RISING\RAV\RsLog.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.35]
    [C:\PROGRAM FILES\RISING\RAV\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [C:\PROGRAM FILES\RISING\RAV\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [C:\PROGRAM FILES\RISING\RAV\MonRule.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.29]
    [C:\PROGRAM FILES\RISING\RAV\Hooksys.dll]  [Beijing Rising Technology Co., Ltd, 22, 0, 0, 9]
    [C:\PROGRAM FILES\RISING\RAV\HookReg.dll]  [Beijing Rising Technology Co., Ltd, 22, 0, 0, 4]
    [C:\PROGRAM FILES\RISING\RAV\HookNtos.dll]  [Beijing Rising Technology Co., Ltd, 22, 0, 0, 2]
    [C:\PROGRAM FILES\RISING\RAV\rswalmon.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 22]
    [C:\PROGRAM FILES\RISING\RAV\recomp.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 39]
    [C:\PROGRAM FILES\RISING\RAV\refs.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 17]
    [C:\PROGRAM FILES\RISING\RAV\ffr.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 15]
    [C:\Program Files\Rising\Rav\RsStore.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.8]
    [C:\PROGRAM FILES\RISING\RAV\HookCont.dll]  [Beijing Rising Technology Co., Ltd, 22, 0, 0, 1]
    [C:\Program Files\Rising\Rav\fakescan.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.13]
    [C:\Program Files\Rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.36]
    [C:\PROGRAM FILES\RISING\RAV\viruslib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]
    [C:\PROGRAM FILES\RISING\RAV\relibldr.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [C:\PROGRAM FILES\RISING\RAV\extfile.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 29]
    [C:\PROGRAM FILES\RISING\RAV\pearc.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 5]
    [C:\PROGRAM FILES\RISING\RAV\HookWeb.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.2]
    [C:\PROGRAM FILES\RISING\RAV\nvfile.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 6]
    [C:\PROGRAM FILES\RISING\RAV\scanexec.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [C:\PROGRAM FILES\RISING\RAV\unexe.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 5]
    [C:\PROGRAM FILES\RISING\RAV\scanex.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 79]
    [C:\PROGRAM FILES\RISING\RAV\scanpack.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9]
    [C:\PROGRAM FILES\RISING\RAV\revm.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 8]
    [C:\PROGRAM FILES\RISING\RAV\urutils.dll]  [, 20, 0, 0, 6]
    [C:\PROGRAM FILES\RISING\RAV\ur000.dat]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 18]
    [C:\PROGRAM FILES\RISING\RAV\scriptci.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
    [C:\PROGRAM FILES\RISING\RAV\ur023.dat]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 1]
    [C:\PROGRAM FILES\RISING\RAV\uroutine.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]
    [C:\PROGRAM FILES\RISING\RAV\ur001.dat]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
    [C:\PROGRAM FILES\RISING\RAV\scansct.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9]
    [C:\PROGRAM FILES\RISING\RAV\extole.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 12]
    [C:\PROGRAM FILES\RISING\RAV\extmail.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9]
[PID: 1424 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 1532 / SYSTEM][E:\暴风\文件\stormliv.exe]  [北京暴风网际科技有限公司, 3, 8, 6, 20]
[PID: 1604 / SYSTEM][C:\PROGRAM FILES\RISING\RAV\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 20.0.0.9]
    [C:\PROGRAM FILES\RISING\RAV\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [C:\PROGRAM FILES\RISING\RAV\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
[PID: 1696 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.10.9131]
[PID: 1756 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1776 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 516 / Administrator][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
    [C:\WINDOWS\system32\nvcpl.dll]  [NVIDIA Corporation, 6.14.10.9131]
    [C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.9131]
    [C:\WINDOWS\system32\nvshell.dll]  [, ]
    [E:\迅雷\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 96]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.17]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [E:\迅雷\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.16]
[PID: 1088 / Administrator][C:\Program Files\Common Files\ltaos\stota.exe]  [N/A, ]
    [C:\Program Files\Common Files\ltaos\nefos\sotims.dll]  [N/A, ]
    [C:\Program Files\Common Files\ltaos\nefos\wutels.dll]  [N/A, ]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
[PID: 1104 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1680 / Administrator][C:\PROGRAM FILES\RISING\RAV\RavMon.exe]  [Beijing Rising Technology Co., Ltd., 20.0.01.19]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\PROGRAM FILES\RISING\RAV\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [C:\PROGRAM FILES\RISING\RAV\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [C:\PROGRAM FILES\RISING\RAV\recomp.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 39]
    [C:\PROGRAM FILES\RISING\RAV\refs.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 17]
    [C:\PROGRAM FILES\RISING\RAV\viruslib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]
    [C:\PROGRAM FILES\RISING\RAV\relibldr.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
    [C:\PROGRAM FILES\RISING\RAV\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.18]
    [C:\PROGRAM FILES\RISING\RAV\MonRule.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.29]
    [C:\PROGRAM FILES\RISING\RAV\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4]
    [C:\PROGRAM FILES\RISING\RAV\Rsguilib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 89]
    [C:\PROGRAM FILES\RISING\RAV\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 0]
[PID: 2344 / Administrator][C:\WINDOWS\SOUNDMAN.EXE]  [Realtek Semiconductor Corp., 5, 1, 0, 52]
[PID: 2488 / Administrator][C:\WINDOWS\system32\RUNDLL32.EXE]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\NvMCTray.DLL]  [NVIDIA Corporation, 6.14.10.9131]
    [C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.9131]
[PID: 2504 / Administrator][C:\Program Files\Rising\Rav\RavTask.exe]  [Beijing Rising Technology Co., Ltd., 20.0.0.23]
    [C:\Program Files\Rising\Rav\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [C:\Program Files\Rising\Rav\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.18]
[PID: 2528 / Administrator][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 720 / Administrator][E:\华林软件\TdxW.exe]  [, ]
    [E:\华林软件\TCalc.dll]  [, 1, 0, 0, 1]
    [E:\华林软件\MFC42.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [E:\华林软件\MSVCP60.dll]  [Microsoft Corporation, 6.00.8972.0]
    [E:\华林软件\Viewthem.dll]  [, 1, 0, 0, 1]
    [E:\华林软件\invest.dll]  [, 1.15]
    [E:\华林软件\Dbf.dll]  [N/A, ]
    [E:\华林软件\Secure.dll]  [通达信, 1.00.00]
    [E:\华林软件\TTools.dll]  [, 1.00]
    [E:\华林软件\TList.dll]  [, 1.00]
    [E:\华林软件\TInfo.dll]  [, 1.00]
    [E:\华林软件\calcer.dll]  [, 1, 0, 0, 1]
    [E:\华林软件\Advhq.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
[PID: 2840 / Administrator][C:\Program Files\Rising\Rav\RsAgent.exe]  [Beijing Rising Technology Co., Ltd., 20.0.0.9]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Rising\Rav\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [C:\Program Files\Rising\Rav\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
[PID: 3152 / Administrator][C:\WINDOWS\msagent\AgentSvr.exe]  [Microsoft Corporation, 2.00.0.3424]
[PID: 3948 / Administrator][F:\看书工具\SSREADER36\ssreader.exe]  [读天下软件工作室, 4.0.0.401]
    [F:\看书工具\SSREADER36\HistoryRecord.dll]  [N/A, ]
    [C:\WINDOWS\system32\pdg2.dll]  [, 4, 0, 0, 0]
[PID: 2540 / Administrator][E:\迅雷\Thunder\Program\Thunder5.exe]  [Thunder Networking Technologies,LTD, 5.7.7.441]
    [E:\迅雷\Thunder\Program\BugReport.dll]  [迅雷网络, 1, 0, 1, 4]
    [E:\迅雷\Thunder\Program\ThunderEx.dll]  [, 1, 2, 3, 20]
    [E:\迅雷\Thunder\Program\TaskManager.dll]  [Thunder Networking Technologies,LTD, 1, 3, 1, 56]
    [E:\迅雷\Thunder\Program\download_interface.dll]  [Thunder Networking Technologies,LTD, 2, 21, 2, 217]
    [E:\迅雷\Thunder\Program\stlport_vc646.dll]  [STLport Consulting, Inc., 4.6.2003.1031]
    [E:\迅雷\Thunder\Program\asyn_dns.dll]  [Thunder Networking Technologies,LTD, 2, 21, 2, 217]
    [E:\迅雷\Thunder\Program\streammedialib.dll]  [, 1, 3, 2, 124]
    [E:\迅雷\Thunder\Program\al.dll]  [, 1, 0, 1, 3]
    [E:\迅雷\Thunder\Program\xldc.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 14]
    [E:\迅雷\Thunder\Program\bd.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 6]
    [E:\迅雷\Thunder\Program\XLNet.Dll]  [Thunder Networking Technologies,LTD, 1, 3, 4, 18]
    [E:\迅雷\Thunder\Program\BHOStub.dll]  [Thunder Networking Technologies,LTD, 1, 1, 0, 8]
    [E:\迅雷\Thunder\Components\DownAndPlay\DownAndPlay.dll]  [, 1, 0, 8, 26]
    [E:\迅雷\Thunder\Program\iTargetAD.dll]  [N/A, ]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
    [E:\迅雷\Thunder\Components\Community\XLCommunity.dll]  [Thunder Networking Technologies,LTD, 1, 5, 0, 16]
    [E:\迅雷\Thunder\Program\XLCommunityEx.dll]  [N/A, ]
    [E:\迅雷\Thunder\Program\RegisterDll.dll]  [Thunder Networking Technologies,LTD, 2, 16, 5, 63]
    [E:\迅雷\Thunder\Program\MSVCIRT.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [E:\迅雷\Thunder\Components\Security\ThunderSafe.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 7, 71]
    [E:\迅雷\Thunder\Program\ATL71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [E:\迅雷\Thunder\Components\Security\XLSafeUI.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 7, 71]
    [E:\迅雷\Thunder\Components\Search\XLSearch.dll]  [Thunder Networking Technologies,LTD, 1, 1, 6, 20]
    [E:\迅雷\Thunder\Program\LiveUpdate.dll]  [Thunder Networking Technologies,LTD, 1, 2, 2, 22]
    [E:\迅雷\Thunder\Plugins\XLSafeHost\XLSafeHost.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 7, 57]
    [E:\迅雷\Thunder\Plugins\XLSafeHost\ThunderRAV\ThunderRAV.dll]  [N/A, ]
    [E:\迅雷\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\rsscan.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4]
    [E:\迅雷\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\recomp.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 39]
    [E:\迅雷\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\refs.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 17]
    [E:\迅雷\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\viruslib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]
    [E:\迅雷\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\relibldr.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [E:\迅雷\Thunder\Plugins\GouGouTop\GouGouTop.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 4]
    [E:\迅雷\Thunder\Plugins\KanKanTop\KanKanTop.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 4]
    [E:\迅雷\Thunder\Components\ExplorerHelper\ExplorerHelper.dll]  [Thunder Networking Technologies,LTD, 1, 0, 4, 16]
    [E:\迅雷\Thunder\ComDlls\ThunderAgent_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 4, 23]
    [E:\迅雷\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 96]
    [E:\迅雷\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.16]
    [E:\迅雷\Thunder\Components\Tips\TipsClient.dll]  [Thunder Networking Technologies,LTD, 2, 2, 11, 106]
    [E:\迅雷\Thunder\Components\DownloadStat\DownloadStat.dll]  [深圳市迅雷网络技术有限公司, 1, 3, 1, 4]
    [E:\迅雷\Thunder\Components\Tips\XLIPC.DLL]  [Thunder Networking Technologies,LTD, 1, 0, 0, 2]
    [E:\迅雷\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\ffr.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 15]
    [E:\迅雷\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\scanexec.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [E:\迅雷\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\unexe.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 5]
    [E:\迅雷\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\scanex.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 79]
    [E:\迅雷\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\extfile.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 29]
    [E:\迅雷\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\pearc.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 5]
    [E:\迅雷\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\scanpack.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9]
    [E:\迅雷\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\revm.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 8]
    [E:\迅雷\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\urutils.dll]  [, 20, 0, 0, 6]
    [E:\迅雷\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\ur000.dat]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 18]
    [E:\迅雷\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\scriptci.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
    [E:\迅雷\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\ur023.dat]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 1]
    [E:\迅雷\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\uroutine.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]
    [E:\迅雷\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\extmail.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9]
    [E:\迅雷\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\scansct.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9]
[PID: 4000 / Administrator][G:\杀毒\sreng2\SREngLdr.EXE]  [Smallfrogs Studio, 2.6.11.992]
[PID: 640 / Administrator][G:\杀毒\sreng2\SRE9b4eb966.EXE]  [Smallfrogs Studio, 2.6.11.992]
    [G:\杀毒\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
[PID: 3052 / Administrator][C:\WINDOWS\notepad.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

最后一点

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [UltraEdit.ini]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost
0.0.0.0 182838.com
0.0.0.0 204.177.92.68
0.0.0.0 asiafriendfinder.com
0.0.0.0 asqin123.51.net
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 music.v111.com
0.0.0.0 www.jpbeauty.com
0.0.0.0 beautishow.com
0.0.0.0 goodmovies88.com
0.0.0.0 hothack.home.chinaren.com
0.0.0.0 hualiao.net
0.0.0.0 iplus.allyes.com
0.0.0.0 jjkafei.longcity.net
0.0.0.0 kaomm.8m.cn
0.0.0.0 l3iaoliao.com
0.0.0.0 lingaonbvm.myrice.com
0.0.0.0 lovejava.boy.net.cn
0.0.0.0 love7liao.com
0.0.0.0 asqin123.51.net
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 jjkafei.longcity.net
0.0.0.0 kaomm.8m.cn
0.0.0.0 l3iaoliao.com
0.0.0.0 l3iaoliao.com
0.0.0.0 lingaonbvm.myrice.com
0.0.0.0 lovejava.boy.net.cn
0.0.0.0 love7liao.com
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 music.v111.com
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 jjkafei.longcity.net
0.0.0.0 kaomm.8m.cn
0.0.0.0 l3iaoliao.com
0.0.0.0 l3iaoliao.com
0.0.0.0 lingaonbvm.myrice.com
0.0.0.0 lovejava.boy.net.cn
0.0.0.0 love7liao.com
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 music.v111.com
219.153.32.215 auto.search.msn.com

==================================
进程特权扫描
特殊特权被允许： SeLoadDriverPrivilege [PID = 1696, C:\WINDOWS\SYSTEM32\NVSVC32.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1088, C:\PROGRAM FILES\COMMON

FILES\LTAOS\STOTA.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2344, C:\WINDOWS\SOUNDMAN.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 720, E:\华林软件\TDXW.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 3948, F:\看书工具\SSREADER36\SSREADER.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2540, E:\迅雷\THUNDER\PROGRAM\THUNDER5.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 4000, G:\杀毒\SRENG2\SRENGLDR.EXE]

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]

确定C:\Program Files\Common Files\ltaos\vonose.exe，这是什么软件？能否描述一下

先删除项目中的文件：
    启动项目 －－ 服务 －－ Win32服务应用程序如下项删除：
[Data Connection Cache Poll / dccp]    <C:\Program Files\Common Files\ltaos\vonose.exe>
没有见过或运行过就删除


    启动项目 －－ 服务－－ 驱动程序如下项删除：
[tck2j / tck2jf]    <\SystemRoot\System32\DRIVERS\tck2jf.sys>
[kelgqam / kelgqam]    <\SystemRoot\\SystemRoot\System32\drivers\kelgqam.sys>
[h0gwmaa2 / h0gwmaa2]    <\SystemRoot\system32\drivers\h0gwmaa2.sys>
[GMSIPCI / GMSIPCI]    <\??\I:\INSTALL\GMSIPCI.SYS>
[tck2j / tck2jf]    <\SystemRoot\System32\DRIVERS\tck2jf.sys>
[kelgqam / kelgqam]    <\SystemRoot\\SystemRoot\System32\drivers\kelgqam.sys>
[h0gwmaa2 / h0gwmaa2]    <\SystemRoot\system32\drivers\h0gwmaa2.sys>
[GMSIPCI / GMSIPCI]    <\??\I:\INSTALL\GMSIPCI.SYS>  //这个是什么？
然后用SRENG修复上面的项目后，
下载并使用WINDOWS清理助手等等
清理一下浏览器插件

删除重启后使用SREng修复上面面各项

谢谢指教哈~

我正在删[Data Connection Cache Poll / dccp]    <C:\Program Files\Common Files\ltaos\vonose.exe>
然后软件弹出警告了，说本操作是不被推荐的。。
高人能不能再指导一下

ITAOS
道系统。。。。如果是你有用的就不要删了

十分感谢~-~