最近临时文件夹里总出现oprar.exe这个文件，删除后总会自己重新出现，把注册表里的有关项删除也没有用，而且系统总是提示它调用cmd.exe错误，开机也会弹出“系统错误，需要关闭”的提示，哪位大侠知道它的底细和查杀方法？

应该是病毒...
清理临时文件夹...
请下载 System Repair Engineer，使用“智能扫描”，按下“扫描”按钮进行扫描，扫描完成后按下“保存报告”按钮保存报告日志文件（SREng.LOG），把保存的报告日志文件内容复制-粘贴上来
下载网址
http://www.kztechs.com/sreng/sreng2.zip
http://forum.ikaka.com/topic.asp?board=67&artid=5188931
日志一次粘不完，分次粘完，请不要修改。谢谢．．．

谢谢.我正好也有这个oprar.exe..

ME Too!

粘贴到这里来吗?

2006-08-21,10:54:05

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 1 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><D:\WINDOWS\System32\ctfmon.exe>  [Microsoft Corporation]
    <Windows Security Protocol><win32sprot.exe>  []
    <Win32 Security Protocol><secure32.exe>  []
    <Intec Drivers32><intec32.exe>  []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunServices]
    <Intec Drivers32><intec32.exe>  []
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [Microsoft Corporation]
    <PHIME2002ASync><D:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [Microsoft Corporation]
    <PHIME2002A><D:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [Microsoft Corporation]
    <ATIPTA><D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe>  [ATI Technologies, Inc.]
    <YLive.exe><D:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe>  [ ]
    <NVMixerTray><"D:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe">  [NVIDIA Corporation]
    <SKYNET Personal FireWall><D:\其他\天网防~1\Firewall\pfw.exe>  [广州众达天网技术有限公司]
    <msconfig38><mssvcc.exe>  []
    <TkBellExe><"D:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <Win32 Kernel Update><D:\WINDOWS\System32\win32update.exe>  []
    <Microsoft (R) Windows Update Manager Tool><D:\WINDOWS\update\updmangr.exe>  []
    <VVSN><D:\Program Files\VVSN\VVSN.exe>  [WhenU.com]
    <DAEMON Tools><"D:\其他\DAEMON Tools\daemon.exe" -lang 1033>  [DT Soft Ltd.]
    <winsystems25><winsystems.exe>  []
    <Windows Security Protocol><win32sprot.exe>  []
    <Win32 Security Protocol><secure32.exe>  []
    <Windows Core Kernel Update><D:\WINDOWS\System32\win32bootcfg.exe>  []
    <Windows Update Manager><win32.exe>  []
    <CnsMin><Rundll32.exe D:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32>  [北京三七二一科技有限公司]
    <Local Security Authority Service><D:\WINDOWS\System32\lssas.exe>  []
    <Intec Drivers32><intec32.exe>  []
    <HF_GameClient><D:\其他\浩方对战平台\gameclient.exe>  [上海浩方在线信息技术有限公司]
    <RemoteControl><D:\其他\1234\PDVDServ.exe>  [Cyberlink Corp.]
    <LanguageShortcut><D:\其他\1234\Language\Language.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]
    <msconfig38><mssvcc.exe>  []
    <winsystems25><winsystems.exe>  []
    <Windows Security Protocol><win32sprot.exe>  []
    <Win32 Security Protocol><secure32.exe>  []
    <Windows Update Manager><win32.exe>  []
    <Intec Drivers32><intec32.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><D:\WINDOWS\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><KB455373M.LOG>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <DLMon><D:\WINDOWS\System32\DLMain.dll>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    <WinlogonNotify: AtiExtEvent><Ati2evxx.dll>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\pmkjh]
    <WinlogonNotify: pmkjh><D:\WINDOWS\System32\pmkjh.dll>  []

==================================
启动文件夹
[InterVideo WinCinema Manager]
  <D:\Documents and Settings\All Users.WINDOWS\「开始」菜单\程序\启动\InterVideo WinCinema Manager.lnk><N>

==================================
服务
[Aol Instant Messenger / AIM]
  <"D:\WINDOWS\system\aim.exe"><N/A>
[Ati HotKey Poller / Ati HotKey Poller]
  <D:\WINDOWS\System32\Ati2evxx.exe><N/A>
[ATI Smart / ATI Smart]
  <D:\WINDOWS\system32\ati2sgag.exe><>
[Gray_Pigeon_Server / GrayPigeonServer]
  <D:\WINDOWS\G_Server.exe><N/A>
[MsLS32 / MsLS32]
  <"D:\WINDOWS\MsLS32.exe"><N/A>
[P4P Service / P4P Service]
  <D:\Program Files\Common Files\Sogou PXP\p2psvr.exe><Sohu.com Inc.>
[Cyberlink RichVideo Service(CRVS) / RichVideo]
  <"D:\Program Files\Cyberlink\Shared files\RichVideo.exe"><>
[Service Hosts / ServiceHost]
  <"D:\WINDOWS\shost.exe"><N/A>
[Windows Update Manager Tool / UpdateManagerTool]
  <D:\WINDOWS\update\updmangr.exe /updatemgr><N/A>
[Win32 Kernel Update / Win32Kernel]
  <"D:\WINDOWS\win32host.exe"><N/A>

==================================
浏览器加载项
[Ad Engine]
  {077FD0C3-1291-4104-A356-41E36B252682} <D:\Program Files\Yayad\AdCore.dll, CDM>
[雅虎助手]
  {406F94F0-504F-4a40-8DFD-58B0666ABEBD} <D:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, Yahoo!>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <D:\其他\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[]
  {97324BE8-D10C-4C8B-BC7C-8CAA7400DAE6} <D:\WINDOWS\System32\pmkjh.dll, N/A>
[浩方对战平台]
  {0A155D3C-68E2-4215-A47A-E800A446447A} <D:\其他\浩方对战平台\gameclient.exe, 上海浩方在线信息技术有限公司>
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <D:\其他\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <D:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[雅虎助手]
  {406F94F0-504F-4a40-8DFD-58B0666ABEBD} <D:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, Yahoo!>
[MMCPlayer Class]
  {05C1004E-2596-48E5-8E26-39362985EEB9} <D:\WINDOWS\Downloaded Program Files\MMCShell.dll, Sohu.com Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <D:\WINDOWS\System32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[上传到QQ网络硬盘]
  <D:\其他\QQ\AddToNetDisk.htm, N/A>
[使用网际快车下载]
  <D:\其他\网快车\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <D:\其他\网快车\FlashGet\jc_all.htm, N/A>
[添加到QQ自定义面板]
  <D:\其他\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <D:\其他\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <D:\其他\QQ\SendMMS.htm, N/A>
[雅虎搜索]
  <res://D:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll/246, N/A>

==================================
正在运行的进程
[PID: 444][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 504][\??\D:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
[PID: 528][\??\D:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\WINDOWS\system32\Ati2evxx.dll]  <N/A><N/A>
    [D:\WINDOWS\System32\pmkjh.dll]  <N/A><N/A>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
[PID: 768][D:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
[PID: 780][D:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
[PID: 952][D:\WINDOWS\System32\Ati2evxx.exe]  <N/A><N/A>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
[PID: 984][D:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
[PID: 1096][D:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
[PID: 1364][D:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
[PID: 1416][D:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
[PID: 1524][D:\WINDOWS\system32\Ati2evxx.exe]  <N/A><N/A>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 1>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
[PID: 1600][D:\WINDOWS\Explorer.EXE]  <Microsoft Corporation><6.00.2800.1106 (xpsp1.020828-1920)>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\WINDOWS\System32\pmkjh.dll]  <N/A><N/A>
    [D:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 0, 1013>
    [D:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 1>
    [D:\WINDOWS\System32\DLMon.dll]  <N/A><N/A>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
    [D:\PROGRA~1\Yahoo!\ASSIST~1\YAlive.dll]  <><2, 1, 4, 1044>
    [D:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll]  < ><2, 0, 0, 1006>
    [D:\Program Files\WinRAR\rarext.dll]  <N/A><N/A>
[PID: 1752][D:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.1.2600.0 (XPClient.010817-1148)>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
[PID: 1984][D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe]  <ATI Technologies, Inc.><6.14.10.5090>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 0, 1013>
    [D:\Program Files\ATI Technologies\ATI Control Panel\atipdsxx.dll]  <ATI Technologies, Inc.><6.14.10.5090>
    [D:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATRPUIXX.CHS]  <ATI Technologies, Inc.><6.14.10.5090>
    [D:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 1>
    [D:\Program Files\ATI Technologies\ATI Control Panel\atipdxxx.dll]  <ATI Technologies, Inc.><6.14.10.5090>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
[PID: 1992][D:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe]  < ><2, 0, 0, 1002>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 0, 1013>
    [D:\PROGRA~1\Yahoo!\ASSIST~1\YAlive.dll]  <><2, 1, 4, 1044>
    [D:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll]  < ><2, 0, 0, 1006>
    [D:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 1>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
    [D:\PROGRA~1\Yahoo!\ASSIST~1\Ynotifier.dll]  <><1, 0, 0, 5>
[PID: 2036][D:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe]  <NVIDIA Corporation><1.0.444>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 0, 1013>
    [D:\Program Files\NVIDIA Corporation\NvMixer\NvMixerZHC.dll]  <NVIDIA Corporation><1.0.444>
    [D:\Program Files\Common Files\NVIDIA Shared\Audio\NVAudioMod.dll]  <NVIDIA Corporation><1.0.444>
    [D:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 1>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
[PID: 2044][D:\其他\天网防~1\Firewall\pfw.exe]  <广州众达天网技术有限公司><2.7.7.1004>
    [D:\其他\天网防~1\Firewall\SKYMISC.DLL]  <N/A><N/A>
    [D:\其他\天网防~1\Firewall\COMPRESSWRAP.DLL]  <N/A><N/A>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 0, 1013>
    [D:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 1>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
[PID: 188][D:\WINDOWS\System32\mssvcc.exe]  <N/A><N/A>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
[PID: 196][D:\Program Files\Common Files\Real\Update_OB\realsched.exe]  <RealNetworks, Inc.><0.1.0.3510>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 0, 1013>
    [D:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 1>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
[PID: 240][D:\WINDOWS\System32\win32update.exe]  <N/A><N/A>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
[PID: 288][D:\Program Files\VVSN\VVSN.exe]  <WhenU.com><1, 0, 1, 5>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 0, 1013>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
    [D:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 1>

PID: 316][D:\其他\DAEMON Tools\daemon.exe]  <DT Soft Ltd.><4.03.0.0>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\其他\DAEMON Tools\daemon.dll]  <DT Soft Ltd.><4.03.0.0>
    [D:\其他\DAEMON Tools\PFCTOC.DLL]  <Padus(R), Inc.><1, 0, 0, 12>
    [D:\其他\DAEMON Tools\Plugins\Images\bw5mount.dll]  <N/A><1.0.6.0>
    [D:\其他\DAEMON Tools\Plugins\Images\ccdmount.dll]  <GENERIC><1.10.0.0>
    [D:\其他\DAEMON Tools\Plugins\Images\mdsmount.dll]  <GENERIC><1.12.0.0>
    [D:\其他\DAEMON Tools\Plugins\Images\nrgmount.dll]  <GENERIC><1.11.0.0>
    [D:\其他\DAEMON Tools\Plugins\Images\pdimount.dll]  <GENERIC><1.01.0.0>
    [D:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 0, 1013>
    [D:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 1>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
[PID: 348][D:\WINDOWS\System32\winsystems.exe]  <N/A><N/A>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
[PID: 364][D:\WINDOWS\System32\win32sprot.exe]  <N/A><N/A>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
[PID: 380][D:\WINDOWS\System32\secure32.exe]  <N/A><N/A>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
[PID: 428][D:\WINDOWS\System32\win32bootcfg.exe]  <N/A><N/A>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
[PID: 320][D:\WINDOWS\System32\Rundll32.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 1>
    [D:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 0, 1013>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
[PID: 580][D:\WINDOWS\System32\lssas.exe]  <N/A><N/A>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
[PID: 620][D:\WINDOWS\System32\intec32.exe]  <N/A><N/A>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
[PID: 704][D:\其他\1234\PDVDServ.exe]  <Cyberlink Corp.><5.00.0910>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 0, 1013>
    [D:\其他\1234\CLRCEngine3.dll]  <CyberLink Corp.><4, 5, 0, 1711>
    [D:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 1>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
[PID: 1348][D:\WINDOWS\System32\ctfmon.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 1>
    [D:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 0, 1013>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
[PID: 2004][D:\其他\Common\Bin\WinCinemaMgr.exe]  <InterVideo Inc.><1.8.2>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 1>
    [D:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 0, 1013>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
[PID: 480][D:\WINDOWS\system\aim.exe]  <N/A><N/A>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
[PID: 1056][D:\WINDOWS\MsLS32.exe]  <N/A><N/A>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
[PID: 1088][D:\Program Files\Yayad\AdPop.Exe]  <CDM><1.0.0.1>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\Program Files\Yayad\autoupdate.dll]  <CDM><1.0.0.1>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
[PID: 1480][D:\Program Files\Cyberlink\Shared files\RichVideo.exe]  <><1.1.0808  >
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
[PID: 1976][D:\WINDOWS\shost.exe]  <N/A><N/A>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
[PID: 1924][D:\WINDOWS\update\updmangr.exe]  <N/A><N/A>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
[PID: 1672][D:\WINDOWS\win32host.exe]  <N/A><N/A>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
[PID: 9100][D:\WINDOWS\system32\sysdtc32.exe]  <Microsoft Corporation><5, 1 2600, 0 (windows client)>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
[PID: 2168][D:\其他\tt\TTraveler.exe]  <腾讯公司><3.1.0.256>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
    [D:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 1>
    [D:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 0, 1013>
    [D:\PROGRA~1\Yahoo!\ASSIST~1\YAlive.dll]  <><2, 1, 4, 1044>
    [D:\其他\tt\Plugins\QQFloatBar\QQFloatBar4TT2.dll]  <腾讯公司><1, 1, 0, 5>
    [D:\其他\tt\Plugins\TWeather\TWeather.dll]  <><1, 0, 0, 3>
    [D:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll]  < ><2, 0, 0, 1006>
    [D:\其他\tt\PersonalDesktop.dll]  <深圳市腾讯计算机系统公司QQ工作小组><1, 0, 0, 4>
    [D:\WINDOWS\System32\Macromed\Flash\Flash8b.ocx]  <Macromedia, Inc.><8,0,24,0>
[PID: 4148][D:\Program Files\Internet Explorer\iexplore.exe]  <Microsoft Corporation><6.00.2800.1106 (xpsp1.020828-1920)>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
    [D:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 1>
    [D:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 0, 1013>
    [D:\PROGRA~1\Yahoo!\ASSIST~1\yscrblock.dll]  <Yahoo><1, 0, 1, 1000>
    [D:\PROGRA~1\Yahoo!\ASSIST~1\YAlive.dll]  <><2, 1, 4, 1044>
    [D:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll]  < ><2, 0, 0, 1006>
    [D:\Program Files\Yayad\AdCore.dll]  <CDM><1.0.0.1>
    [D:\其他\QQ\QQIEHelper.dll]  <深圳市腾讯计算机系统有限公司><1, 1, 0, 5>
    [D:\WINDOWS\System32\pmkjh.dll]  <N/A><N/A>
[PID: 39116][D:\WINDOWS\System32\conime.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
    [D:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 1>
    [D:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 0, 1013>
[PID: 56884][D:\其他\sreng2\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>
    [D:\WINDOWS\KB455373M.LOG]  <N/A><N/A>
    [D:\WINDOWS\G_Server_Hook.DLL]  <N/A><N/A>
    [D:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 1>
    [D:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 0, 1013>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["D:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================

我用的是系统服务器，扫描结果比较乱。

2006-08-21,11:34:37

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows Server 2003 Enterprise Edition  (Build 3790)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [Microsoft Corporation]
    <PhMain><C:\Program Files\PeanutHull3\Phmain.exe>  [广东网域]
    <ScanRegistry><C:\Program Files\Common Files\update\update.exe>  []
    <3721><; C:\$NtUninstallQ5926809$\3721.bat>  []
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
    <run><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <icd><"C:\Program Files\icd\Icd.exe">  [编程小屋 http://www.bcxw.com]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <iSpirit><C:\Program Files\ispirit\ispirit.exe>  [北京极限通科技有限公司]
    <NTdhcp><C:\WINDOWS\system32\NTdhcp.exe>  []
    <p5u2><RunDll32 "C:\WINDOWS\Downlo~1\p5u2.dll",Run>  [Microsoft Corporation]
    <SearchNet_Up><C:\Program Files\SearchNet\ServeUp.exe>  [中搜在线]
    <CdnCtr><8V-
x
?>  []
    <SrvNet32><RunDll32 "C:\Program Files\SearchNet\SrvNet32.dll",Run>  []
    <MyOASMS><; C:\Program Files\MYOASMS\MyOASMS.exe -1 -2>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <CheckFaultKernel><C:\WINDOWS\system32\mswdm.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><%SystemRoot%\system32\logonui.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
    <{288BD9BD-F0DC-46B1-81B5-2B61DF8077CE}><C:\WINDOWS\system32\CC.dll>  []
    <{F3D0D422-CE6D-47B3-9CE6-C54DD63F1ADB}><C:\Program Files\Internet Explorer\PLUGINS\new123.sys>  []
    <{CF49F9F2-A8D3-464F-83EC-6AFC6573C267}><C:\WINDOWS\system32\jhcmd2.dll>  []

==================================
启动文件夹
[Adobe Reader Speed Launch]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Reader Speed Launch.lnk><N>
[极限应用服务监视器]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\极限应用服务监视器.lnk><N>

==================================
服务
[C-DillaCdaC11BA / C-DillaCdaC11BA]
  <C:\WINDOWS\system32\drivers\CDAC11BA.EXE><Macrovision>
[IMA_Server / IMA_Server]
  <d:\MYOA\IMA\IMAServer.exe><N/A>
[Macromedia Licensing Service / Macromedia Licensing Service]
  <"C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe"><N/A>
[MeChat / MeChat]
  <d:\MYOA\MeChat\MeChat.exe><N/A>
[MySQL_OA / MySQL_OA]
  <D:\MYOA\mysql\bin\mysqld-nt.exe MySQL_OA><N/A>
[OA_Service / OA_Service]
  <"d:\MYOA\bin\apache.exe" -k runservice><Apache Software Foundation>
[PeanuthullCore / PeanuthullCore]
  <C:\Program Files\PeanutHull3\PhCore.exe -service><广东网域>
[88IP V6.0 Service / PRO88IPService]
  <C:\Program Files\CasinTech\88ip Client\88ip.exe><N/A>
[Rising Proxy  Service / RfwProxySrv]
  <d:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
  <d:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>

==================================
浏览器加载项
正在运行的进程
文件关联
Winsock 提供者

==================================