我得瑞星杀毒，为什么吗1个多小时才走了5%？

杀毒时候请不要同时开着其他的大型程序

什么也没开啊！

启动项目


注册表

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
(ctfmon.exe)(C:\WINDOWS\System32\ctfmon.exe) [(Verified)Microsoft Corporation]
(MSMSGS)("C:\Program Files\Messenger\msmsgs.exe" /background) [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
(wl)(C:\WINDOWS\System32\svvosts.exe) [N/A]
(zz)(C:\WINDOWS\System32\intenet.exe) [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
(load)() [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
(WebThunder)(d:\WebThunder\WebThunder.exe) [深圳市迅雷网络技术有限公司]
(RavTask)("d:\Rising\Rav\RavTask.exe" -system) [Beijing Rising Technology Co., Ltd.]
(RfwMain)("d:\Rising\Rfw\rfwmain.exe" -Startup) [Beijing Rising Technology Co., Ltd.]
(RavUpes)(C:\WINDOWS\System32\agetltfes.exe) [N/A]
(PHIME2002ASync)(C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC) [(Verified)Microsoft Corporation]
(PHIME2002A)(C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName) [(Verified)Microsoft Corporation]
(mdac_runonce)(C:\WINDOWS\SYSTEM\runonce.exe) [N/A]
(Ljx)(C:\WINDOWS\inf\rundll32.exe) [N/A]
(IMSCMIG40W)(C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40W\IMSCMIG.EXE /SetPreload /Log) [Microsoft Corporation]
(IMJPMIG8.1)("C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32) [(Verified)Microsoft Corporation]
(HP Software Update)("D:\HP\HP Software Update\HPWuSchd2.exe") [Hewlett-Packard Company]
(gcasServ)("E:\木马专杀工具\gcasServ.exe") [N/A]
(helper.dll)(C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32) []
(KernelFaultCheck)(%systemroot%\system32\dumprep 0 -k) [N/A]
(SOUNDM)(winsmd.exe) [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]
(SchedulingAgent)(mstask.exe) [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
(shell)(Explorer.exe) [(Verified)Microsoft Corporation]
(Userinit)(C:\WINDOWS\System32\userinit.exe,C:\WINDOWS\System32\myqq_.exe) [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
(AppInit_DLLs)() [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
(UIHost)(logonui.exe) [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
({B11F242B-242B-11FB-2B11-42B1F42B11FB})(C:\Program Files\Common Files\Microsoft Shared\MSINFO\242B11FB.dll) [N/A]
({32CD708B-60A7-4C00-9377-D73EAA495F0F})(C:\WINDOWS\system32\RavExt.dll) [Beijing Rising Technology Co., Ltd.]
({D91AFF37-45BF-4D4D-9E02-2D37C5EA6653})(C:\WINDOWS\System32\2Sy.dLL) [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
(CDBurner)(C:\WINDOWS\Downloaded Program Files\jaasnt.dll) [N/A]




--------------------------------------------------------------------------------



启动文件夹

[HP Image Zone 快速启动 ]
(C:\Documents and Settings\All Users\「开始」菜单\程序\启动\HP Image Zone 快速启动 .lnk --) D:\HP\DIGITA~1\bin\hpqthb08.exe [Hewlett-Packard Co.])(N)
[HP Digital Imaging Monitor]
(C:\Documents and Settings\All Users\「开始」菜单\程序\启动\HP Digital Imaging Monitor.lnk --) D:\HP\DIGITA~1\bin\hpqtra08.exe [Hewlett-Packard Co.])(N)



--------------------------------------------------------------------------------



服务

[ASP.NET State Service / aspnet_state]
(C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe)(Microsoft Corporation)
[BDWinIe / BDWinIe]
(C:\WINDOWS\System32\BDWin.exe -service)(Microsoft Corporation)
[Human Interface Device Access / HidServ]
(C:\WINDOWS\System32\svchost.exe -k netsvcs--)%SystemRoot%\System32\hidserv.dll)(N/A)
[MJQYYJEXYWQA / MJQYYJEXYWQA]
(C:\WINDOWS\System32\MJQYYJEXYWQA.EXE -service)(Microsoft Corporation)
[Pml Driver HPZ12 / Pml Driver HPZ12]
(C:\WINDOWS\System32\HPZipm12.exe)(HP)
[Rising Proxy Service / RfwProxySrv]
(d:\rising\rfw\rfwproxy.exe)(Beijing Rising Technology Co., Ltd.)
[Rising Personal Firewall Service / RfwService]
(d:\rising\rfw\rfwsrv.exe)(Beijing Rising Technology Co., Ltd.)
[Rising Process Communication Center / RsCCenter]
("d:\Rising\Rav\CCenter.exe")(Beijing Rising Technology Co., Ltd.)
[RsRavMon Service / RsRavMon]
("d:\Rising\Rav\Ravmond.exe")(Beijing Rising Technology Co., Ltd.)
[Portable Media Serial Number Service / WmdmPmSN]
(C:\WINDOWS\System32\svchost.exe -k netsvcs--)C:\WINDOWS\System32\mspmsnsv.dll)(Microsoft Corporation)



--------------------------------------------------------------------------------



驱动程序

[Rising TDI Base Driver / BaseTDI]
(System32\DRIVERS\BaseTDI.SYS)(Beijing Rising Technology Co., Ltd.)
[ExpScaner / ExpScaner]
(\??\d:\Rising\Rav\ExpScan.sys)()
[HookCont / HookCont]
(\??\d:\Rising\Rav\HOOKCONT.sys)(Rising tech Co. ltd)
[HookReg / HookReg]
(\??\d:\Rising\Rav\HookReg.sys)()
[HookSys / HookSys]
(\??\d:\Rising\Rav\HookSys.sys)(Rising)
[HOOKTDI1 / HOOKTDI1]
(\??\C:\Program Files\rising\rfw\tdihook.sys)(瑞星软件有限公司)
[HookUrl / HookUrl]
(\??\d:\Rising\Rfw\HookUrl.sys)(Beijing Rising Technology Co., Ltd.)
[IEEE-1284.4 Driver HPZid412 / HPZid412]
(System32\DRIVERS\HPZid412.sys)(HP)
[Print Class Driver for IEEE-1284.4 HPZipr12 / HPZipr12]
(System32\DRIVERS\HPZipr12.sys)(HP)
[USB to IEEE-1284.4 Translation Driver HPZius12 / HPZius12]
(System32\DRIVERS\HPZius12.sys)(HP)
[IPHOOK / IPHOOK]
(\??\C:\Program Files\rising\rfw\iphook.sys)(瑞星软件有限公司)
[MEMSCAN / MEMSCAN]
(\??\d:\Rising\Rav\MEMSCAN.sys)(瑞星软件有限公司)
[mProcRs / mProcRs]
(\??\d:\rising\rfw\mProcRs.sys)(Beijing Rising Technology Co., Ltd.)
[New0 / New0]
(\??\C:\WINDOWS\System32\new.sys)(N/A)
[npkcrypt / npkcrypt]
(\??\D:\Tencent\QQ\npkcrypt.sys)(INCA Internet Co., Ltd.)
[nv / nv]
(System32\DRIVERS\nv4_mini.sys)(NVIDIA Corporation)
[Direct Parallel Link Driver / Ptilink]
(System32\DRIVERS\ptilink.sys)(Parallel Technologies, Inc.)
[RsFwDrv / RsFwDrv]
(\??\d:\Rising\Rfw\RsFwDrv.sys)(Beijing Rising Technology Co., Ltd.)
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139]
(System32\DRIVERS\RTL8139.SYS)(Realtek Semiconductor Corporation)
[Secdrv / Secdrv]
(System32\DRIVERS\secdrv.sys)(N/A)



--------------------------------------------------------------------------------



浏览器加载项

[WebThunder Browser Helper]
{00000AAA-A363-466E-BEF5-9BB68697AA7F} (d:\WebThunder\WebThunderBHO_013.dll, Thunder Networking Technologies,LTD)
[ThunderIEHelper Class]
{0005A87D-D626-4B3A-84F9-1D9571695F55} (C:\WINDOWS\System32\xunleibho_v5.dll, )
[上网助手]
{BB936323-19FA-4521-BA29-ECA6A121BC78} (C:\PROGRA~1\3721\Assist\asbar.dll, 3721)
[启动Web迅雷]
{962EFB8E-2683-42d4-AC74-AAA4C759B9C6} (http://my.xunlei.com, N/A)
[@shdoclc.dll,-866@2052,相关站点]
{c95fe080-8f5d-11d2-a20b-00aa003c157a} (, N/A)
[@msdxmLC.dll,-1@2052,电台(&R)]
{8E718888-423F-11D2-876E-00A0C9082467} (C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation)
[BitComet工具栏]
{3F1ABCDB-A875-46c1-8345-B72A4567E486} (d:\BitComet\BitCometBar\BitCometBar0.6.dll, N/A)
[上网助手]
{BB936323-19FA-4521-BA29-ECA6A121BC78} (C:\PROGRA~1\3721\Assist\asbar.dll, 3721)
[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} (C:\WINDOWS\System32\kakatool.dll, Beijing Rising Technology Co., Ltd.)
[Get_ActiveX Control]
{AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (C:\WINDOWS\DOWNLO~1\HPGETD~1.OCX, Netopsystems AG)
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} (C:\WINDOWS\System32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.)
[AcPreview 控件]
{F281A59C-7B65-11D3-8617-0010830243BD} (C:\WINDOWS\DOWNLO~1\ACPREV~1.OCX, N/A)
[!搜一搜(&S)]
(res://C:\Program Files\YiSou\yisou.dll/232, N/A)
[上传到QQ网络硬盘]
(D:\Tencent\QQ\AddToNetDisk.htm, N/A)
[使用Web迅雷下载]
(d:\WebThunder\GetUrl.htm, N/A)
[使用Web迅雷下载全部链接]
(d:\WebThunder\GetAllUrl.htm, N/A)
[添加到QQ自定义面板]
(D:\Tencent\QQ\AddPanel.htm, N/A)
[添加到QQ表情]
(D:\Tencent\QQ\AddEmotion.htm, N/A)
[用QQ彩信发送该图片]
(D:\Tencent\QQ\SendMMS.htm, N/A)

正在运行的进程

[PID: 416][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 480][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 504][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 548][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 568][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 728][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 780][d:\Rising\Rav\CCenter.exe] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 796][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 928][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 956][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1048][d:\rising\rfw\rfwsrv.exe] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 33]
[d:\rising\rfw\RfwRule.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 13]
[d:\rising\rfw\rfwlog.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 6]
[d:\rising\rfw\Rfwdrv.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 21]
[d:\rising\rfw\MonDrv.dll] [rs, 1, 0, 0, 4]
[d:\rising\rfw\ProcLib.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 9]
[PID: 1328][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[C:\WINDOWS\system32\hpzlnt12.dll] [HP, 2.335.5.0]
[PID: 1536][d:\Rising\Rav\RavStub.exe] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 16]
[d:\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[d:\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[PID: 1656][d:\rising\rfw\RfwMain.exe] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 52]
[d:\rising\rfw\RsGuiLib.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 23]
[d:\rising\rfw\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[d:\rising\rfw\PngDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[C:\WINDOWS\System32\qq_mail.dll] [N/A, N/A]
[PID: 1680][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 1824][C:\WINDOWS\System32\HPZipm12.exe] [HP, 9, 0, 0, 0]
[C:\WINDOWS\System32\HPZidr12.dll] [HP, 9, 0, 0, 0]
[PID: 1896][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\System32\hpgwiamd.dll] [Hewlett-Packard, 3.2.2.789]
[PID: 1904][C:\WINDOWS\System32\Com\CSRSS.EXE] [N/A, 1.00]
[C:\WINDOWS\System32\qq_mail.dll] [N/A, N/A]
[PID: 316][D:\WebThunder\WebThunder.exe] [深圳市迅雷网络技术有限公司, 1, 2, 3, 53]
[D:\WebThunder\taskmanage.dll] [Thunder Networking Technologies,LTD, 1, 1, 0, 45]
[D:\WebThunder\download_interface.dll] [Thunder Networking Technologies,LTD, 1, 0, 4, 71]
[D:\WebThunder\asyn_dns.dll] [N/A, N/A]
[D:\WebThunder\RegisterDll.dll] [Thunder Networking Technologies,LTD, 2, 1, 0, 24]
[C:\PROGRA~1\3721\helper.dll] [, 1, 0, 1, 4]
[C:\WINDOWS\System32\qq_mail.dll] [N/A, N/A]
[D:\WebThunder\historyinfo_manage.dll] [Thunder Networking Technologies,LTD, 5, 2, 0, 150]
[D:\WebThunder\UpdateDownload.dll] [Thunder Networking Technologies,LTD, 1, 0, 1, 8]
[D:\WebThunder\UpdateExec.dll] [Thunder Networking Technologies,LTD, 1, 0, 1, 5]
[D:\WebThunder\iEmbedShell.dll] [　, 1, 0, 0, 12]
[d:\WebThunder\iEmbed05.dll] [　, 2, 3, 1, 41]
[d:\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\WINDOWS\System32\Macromed\Flash\Flash9.ocx] [Adobe Systems, Inc., 9,0,16,0]
[PID: 444][D:\Rising\Rav\RavTask.exe] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 22]
[D:\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[D:\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[D:\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
[D:\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[C:\WINDOWS\System32\qq_mail.dll] [N/A, N/A]
[PID: 900][D:\HP\HP Software Update\HPWuSchd2.exe] [Hewlett-Packard Company, 5, 0, 0, 0]
[C:\WINDOWS\System32\qq_mail.dll] [N/A, N/A]
[PID: 940][C:\WINDOWS\system32\rundll32.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\PROGRA~1\3721\helper.dll] [, 1, 0, 1, 4]
[C:\WINDOWS\System32\qq_mail.dll] [N/A, N/A]
[C:\PROGRA~1\3721\Autolive.dll] [, 1, 0, 3, 0]
[PID: 992][C:\WINDOWS\System32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[C:\PROGRA~1\3721\helper.dll] [, 1, 0, 1, 4]
[C:\WINDOWS\System32\qq_mail.dll] [N/A, N/A]
[PID: 688][C:\Program Files\Messenger\msmsgs.exe] [Microsoft Corporation, 4.7.0041]
[C:\PROGRA~1\3721\helper.dll] [, 1, 0, 1, 4]
[C:\WINDOWS\System32\qq_mail.dll] [N/A, N/A]
[C:\WINDOWS\System32\msdmo.dll] [N/A, N/A]
[PID: 1568][D:\HP\Digital Imaging\bin\hpqtra08.exe] [Hewlett-Packard Co., 45.4.157.000]
[C:\PROGRA~1\3721\helper.dll] [, 1, 0, 1, 4]
[C:\WINDOWS\System32\qq_mail.dll] [N/A, N/A]
[D:\HP\Digital Imaging\bin\hpqcxm08.dll] [Hewlett-Packard Co., 45.4.157.000]
[D:\HP\Digital Imaging\bin\hpquio08.dll] [Hewlett-Packard Co., 45.4.157.000]
[D:\HP\Digital Imaging\bin\hpqtra08.rsc] [Hewlett-Packard Co., 45.4.157.000]
[D:\HP\Digital Imaging\bin\hpqtao08.dll] [Hewlett-Packard Co., 45.4.157.000]
[D:\HP\Digital Imaging\bin\hpotra08.dll] [Hewlett-Packard Co., 47.0.1.000]
[D:\HP\Digital Imaging\bin\hpotra08.rsc] [Hewlett-Packard Co., 47.0.1.000]
[D:\HP\Digital Imaging\bin\hpodio08.dll] [Hewlett-Packard Co., 47.0.1.000]
[D:\HP\Digital Imaging\bin\hpotradd.dll] [Hewlett-Packard Co., 47.0.1.000]
[D:\HP\Digital Imaging\bin\hpoSTD08.dll] [Hewlett-Packard Co., 47.0.1.000]
[D:\HP\Digital Imaging\bin\hpqtap08.dll] [Hewlett-Packard Co., 45.4.157.000]
[D:\HP\Digital Imaging\bin\hpoSTD08.rsc] [Hewlett-Packard Co., 47.0.1.000]
[C:\WINDOWS\System32\hpzidr12.dll] [HP, 9, 0, 0, 0]
[C:\WINDOWS\System32\hpzipr12.dll] [HP, 9, 0, 0, 0]
[D:\HP\Digital Imaging\bin\hpodev08.dll] [Hewlett-Packard Co., 47.0.1.000]
[D:\HP\Digital Imaging\bin\hpqcob08.dll] [Hewlett-Packard Co., 45.4.157.000]
[D:\HP\Digital Imaging\bin\hpodeb08.dll] [Hewlett-Packard Co., 47.0.1.000]
[D:\HP\Digital Imaging\bin\hposcn08.dll] [Hewlett-Packard Co., 47.0.1.000]
[D:\HP\Digital Imaging\bin\hpoSCN08.rsc] [Hewlett-Packard Co., 47.0.1.000]
[D:\HP\Digital Imaging\bin\hpocxi08.dll] [Hewlett-Packard Co., 47.0.1.000]
[D:\HP\Digital Imaging\bin\hpodvd09.dll] [Hewlett-Packard Co., 47.0.1.000]
[D:\HP\Digital Imaging\bin\hpoddcomm09.dll] [Hewlett-Packard Co., 47.0.1.000]
[PID: 2432][D:\HP\Digital Imaging\bin\hpqgalry.exe] [Hewlett-Packard Co., 045.004.157.000]
[c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_7b4c90f8\mscorlib.dll] [N/A, N/A]
[C:\PROGRA~1\3721\helper.dll] [, 1, 0, 1, 4]
[C:\WINDOWS\System32\qq_mail.dll] [N/A, N/A]
[c:\windows\assembly\gac\hpqiface\3.0.0.0__a53cf5803f4c3827\hpqiface.dll] [Hewlett-Packard Co., 045.004.157.000]

[c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_7220f9fd\system.windows.forms.dll] [N/A, N/A]
[c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_317bed11\system.dll] [N/A, N/A]
[c:\windows\assembly\gac\hpqutils\3.0.0.0__a53cf5803f4c3827\hpqutils.dll] [Hewlett-Packard Co., 045.004.157.000]
[c:\windows\assembly\gac\hpqfmrsc\3.0.0.0__a53cf5803f4c3827\hpqfmrsc.dll] [Hewlett-Packard Co., 045.004.157.000]
[c:\windows\assembly\gac\hpqgldlg\3.0.0.0__a53cf5803f4c3827\hpqgldlg.dll] [Hewlett-Packard Co., 045.004.157.000]
[c:\windows\assembly\gac\hpqtray\3.0.0.0__a53cf5803f4c3827\hpqtray.dll] [Hewlett-Packard Co., 045.004.157.000]
[c:\windows\assembly\gac\hpqgskin\3.0.0.0__a53cf5803f4c3827\hpqgskin.dll] [Hewlett-Packard Co., 045.004.157.000]
[c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_f0a8f1e8\system.drawing.dll] [N/A, N/A]
[c:\windows\assembly\gac\hpqcmctl\3.0.0.0__a53cf5803f4c3827\hpqcmctl.dll] [Hewlett-Packard Co., 045.004.157.000]
[d:\hp\digital imaging\bin\zh-chs\hpqgalry.resources.dll] [ , 45.4.81.0]
[c:\windows\assembly\gac\hpqptfnd\3.0.0.0__a53cf5803f4c3827\hpqptfnd.dll] [Hewlett-Packard Co., 045.004.157.000]
[c:\windows\assembly\gac\interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\interop.hpqcxm08.dll] [ , 3.0.0.0]
[D:\HP\Digital Imaging\bin\hpqcxm08.dll] [Hewlett-Packard Co., 45.4.157.000]
[c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_afa0856a\system.xml.dll] [N/A, N/A]
[c:\windows\assembly\gac\lead\13.0.0.89__9cf889f53ea9b907\lead.dll] [LEAD Technologies, Inc., 13.0.0.89]
[c:\windows\assembly\gac\lead.wrapper\13.0.0.89__9cf889f53ea9b907\lead.wrapper.dll] [LEAD Technologies, Inc., 13.0.0.89]
[D:\HP\Digital Imaging\bin\ltkrn13n.dll] [LEAD Technologies, Inc., 13.0.0.098]
[c:\windows\assembly\gac\hpqimgrc\3.0.0.0__a53cf5803f4c3827\hpqimgrc.dll] [Hewlett-Packard Co., 045.004.157.000]
[c:\windows\assembly\gac\hpqtray.resources\3.0.0.0_zh-chs_a53cf5803f4c3827\hpqtray.resources.dll] [ , 45.4.64.0]
[c:\windows\assembly\gac\lead.windows.forms\13.0.0.89__9cf889f53ea9b907\lead.windows.forms.dll] [LEAD Technologies, Inc., 13.0.0.89]
[c:\windows\assembly\gac\lead.drawing\13.0.0.89__9cf889f53ea9b907\lead.drawing.dll] [LEAD Technologies, Inc., 13.0.0.89]
[c:\windows\assembly\gac\hpqfmrsc.resources\3.0.0.0_zh-chs_a53cf5803f4c3827\hpqfmrsc.resources.dll] [ , 45.4.64.0]
[c:\windows\assembly\gac\interop.hpqimgr\1.0.0.0__a53cf5803f4c3827\interop.hpqimgr.dll] [ , 1.0.0.0]
[D:\HP\Digital Imaging\Bin\hpqimgr.dll] [Hewlett-Packard Co., 45.4.157.000]
[c:\windows\assembly\gac\hpqasset\3.0.0.0__a53cf5803f4c3827\hpqasset.dll] [Hewlett-Packard Co., 045.004.157.000]
[c:\windows\assembly\gac\hpqccrsc\3.0.0.0__a53cf5803f4c3827\hpqccrsc.dll] [Hewlett-Packard Co., 045.004.157.000]
[d:\hp\digital imaging\bin\hpqmirsc.dll] [Hewlett-Packard Co., 045.004.157.000]
[d:\hp\digital imaging\bin\zh-chs\hpqmirsc.resources.dll] [ , 45.4.64.0]
[c:\windows\assembly\gac\hpqietpz\3.0.0.0__a53cf5803f4c3827\hpqietpz.dll] [Hewlett-Packard Co., 045.004.157.000]
[c:\windows\assembly\gac\hpqntrop\3.0.0.0__a53cf5803f4c3827\hpqntrop.dll] [Hewlett-Packard Co., 045.004.157.000]
[c:\windows\assembly\gac\lead.windows.forms.drawingcontainer\13.0.0.89__9cf889f53ea9b907\lead.windows.forms.drawingcontainer.dll] [LEAD Technologies, Inc., 13.0.0.89]
[c:\windows\assembly\gac\hpqmdmr\3.0.0.0__a53cf5803f4c3827\hpqmdmr.dll] [Hewlett-Packard Co., 045.004.157.000]
[c:\windows\assembly\gac\lead.drawing.imaging.imageprocessing\13.0.0.89__9cf889f53ea9b907\lead.drawing.imaging.imageprocessing.dll] [LEAD Technologies, Inc., 13.0.0.89]
[c:\windows\assembly\gac\hpqprrsc\3.0.0.0__a53cf5803f4c3827\hpqprrsc.dll] [Hewlett-Packard Co., 045.004.157.000]
[c:\windows\assembly\gac\hpqimlib\3.0.0.0__a53cf5803f4c3827\hpqimlib.dll] [Hewlett-Packard Co., 045.004.157.000]
[c:\windows\assembly\gac\hpqcmctl.resources\3.0.0.0_zh-chs_a53cf5803f4c3827\hpqcmctl.resources.dll] [ , 45.4.81.0]
[c:\windows\assembly\gac\hpqccrsc.resources\3.0.0.0_zh-chs_a53cf5803f4c3827\hpqccrsc.resources.dll] [ , 45.4.64.0]
[c:\windows\assembly\gac\hpqietpz.resources\3.0.0.0_zh-chs_a53cf5803f4c3827\hpqietpz.resources.dll] [ , 45.4.116.0]
[c:\windows\assembly\gac\interop.hpdarc\1.0.0.0__19565c63d39c2842\interop.hpdarc.dll] [ , 1.0.0.0]
[c:\windows\assembly\gac\interop.hprblog\3.0.0.0__a53cf5803f4c3827\interop.hprblog.dll] [ , 3.0.0.0]
[c:\windows\assembly\gac\hpqcprsc\3.0.0.0__a53cf5803f4c3827\hpqcprsc.dll] [Hewlett-Packard Co., 045.004.157.000]
[c:\windows\assembly\gac\hpqcprsc.resources\3.0.0.0_zh-chs_a53cf5803f4c3827\hpqcprsc.resources.dll] [ , 45.4.64.0]
[c:\windows\assembly\gac\hpqisrtb\4.0.0.0__a53cf5803f4c3827\hpqisrtb.dll] [Hewlett-Packard Co., 045.004.157.000]
[c:\windows\assembly\gac\hpqisrtb.resources\4.0.0.0_zh-chs_a53cf5803f4c3827\hpqisrtb.resources.dll] [Hewlett-Packard Co., 45.4.157.0]
[c:\windows\assembly\gac\hpqthumb\3.0.0.0__a53cf5803f4c3827\hpqthumb.dll] [Hewlett-Packard Co., 045.004.157.000]
[PID: 3424][D:\rising\rav\RsAgent.exe] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
[C:\PROGRA~1\3721\helper.dll] [, 1, 0, 1, 4]
[C:\WINDOWS\System32\qq_mail.dll] [N/A, N/A]
[D:\rising\rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[PID: 3444][C:\WINDOWS\msagent\AgentSvr.exe] [Microsoft Corporation, 2.00.0.3422]
[C:\PROGRA~1\3721\helper.dll] [, 1, 0, 1, 4]
[C:\WINDOWS\System32\qq_mail.dll] [N/A, N/A]
[PID: 3340][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]

[C:\PROGRA~1\3721\helper.dll] [, 1, 0, 1, 4]
[C:\WINDOWS\System32\qq_mail.dll] [N/A, N/A]
[C:\PROGRA~1\3721\Autolive.dll] [, 1, 0, 3, 0]
[C:\WINDOWS\System32\kakatool.dll] [Beijing Rising Technology Co., Ltd., 2, 0, 0, 9]
[C:\PROGRA~1\3721\Assist\asbar.dll] [3721, 1, 0, 0, 4]
[d:\WebThunder\WebThunderBHO_013.dll] [Thunder Networking Technologies,LTD, 6, 0, 0, 4]
[C:\WINDOWS\System32\xunleibho_v5.dll] [, 4, 3, 3, 30]
[d:\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\WINDOWS\System32\Macromed\Flash\Flash9.ocx] [Adobe Systems, Inc., 9,0,16,0]
[PID: 3124][D:\office 2000\Office\WINWORD.EXE] [, 1.0.0.0]
[PID: 2700][C:\WINDOWS\System32\cmd.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2664][C:\WINDOWS\System32\conime.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[C:\PROGRA~1\3721\helper.dll] [, 1, 0, 1, 4]
[C:\WINDOWS\System32\qq_mail.dll] [N/A, N/A]
[PID: 1428][C:\WINDOWS\System32\cmd.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2736][C:\WINDOWS\System32\cmd.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 768][C:\WINDOWS\System32\cmd.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2756][C:\WINDOWS\System32\cmd.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1440][C:\WINDOWS\System32\cmd.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2940][C:\WINDOWS\System32\cmd.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2908][C:\WINDOWS\System32\cmd.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2744][C:\WINDOWS\System32\cmd.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2964][C:\WINDOWS\System32\cmd.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1392][C:\WINDOWS\System32\cmd.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3228][C:\WINDOWS\System32\cmd.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3212][C:\WINDOWS\System32\cmd.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3516][C:\WINDOWS\System32\cmd.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3804][C:\WINDOWS\System32\cmd.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1468][D:\极速TOP 浏览器\TOP.exe] [$ www.a*****.com, 1.9.9.0]
[C:\PROGRA~1\3721\helper.dll] [, 1, 0, 1, 4]
[C:\WINDOWS\System32\qq_mail.dll] [N/A, N/A]
[d:\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\Program Files\3721\assist\assist.dll] [, 2, 0, 3, 3]
[d:\WebThunder\WebThunderBHO_013.dll] [Thunder Networking Technologies,LTD, 6, 0, 0, 4]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 21]
[C:\WINDOWS\System32\Macromed\Flash\Flash9.ocx] [Adobe Systems, Inc., 9,0,16,0]
[PID: 3936][D:\BitComet\BitComet.exe] [www.BitComet.com, 0.70]
[C:\PROGRA~1\3721\helper.dll] [, 1, 0, 1, 4]
[C:\WINDOWS\System32\qq_mail.dll] [N/A, N/A]
[d:\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[PID: 1720][C:\WINDOWS\cftmon.exe] [N/A, N/A]
[C:\WINDOWS\Downloaded Program Files\jar1.5.2.dll] [N/A, N/A]
[PID: 848][C:\WINDOWS\cftmon.exe] [N/A, N/A]
[C:\WINDOWS\Downloaded Program Files\jar1.5.2.dll] [N/A, N/A]
[PID: 3660][C:\WINDOWS\System32\MRTServ.exe] [Microsoft Corporation, 1.18.1507.0]
[PID: 1976][C:\WINDOWS\explorer.exe] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
[C:\WINDOWS\496973M.BMP] [N/A, N/A]
[C:\PROGRA~1\3721\helper.dll] [, 1, 0, 1, 4]
[C:\WINDOWS\System32\qq_mail.dll] [N/A, N/A]
[C:\WINDOWS\Downloaded Program Files\jar1.5.2.dll] [N/A, N/A]
[C:\Program Files\WinRAR\rarext.dll] [N/A, N/A]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 21]
[C:\PROGRA~1\3721\Autolive.dll] [, 1, 0, 3, 0]
[C:\PROGRA~1\3721\Assist\asbar.dll] [3721, 1, 0, 0, 4]
[d:\WebThunder\WebThunderBHO_013.dll] [Thunder Networking Technologies,LTD, 6, 0, 0, 4]
[C:\WINDOWS\System32\xunleibho_v5.dll] [, 4, 3, 3, 30]
[PID: 2268][d:\Rising\Rav\Ravmond.exe] [Beijing Rising Technology Co., Ltd., 18, 0, 1, 35]
[d:\Rising\Rav\BWList.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
[C:\WINDOWS\496973M.BMP] [N/A, N/A]
[d:\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[d:\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[d:\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
[d:\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[d:\Rising\Rav\RsLog.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
[d:\Rising\Rav\HOOKSYS.dll] [Beijing Rising Technology Co., Ltd., 18, 1, 0, 11]
[d:\Rising\Rav\Scanner.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 32]
[d:\Rising\Rav\libload.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
[d:\Rising\Rav\VirusLib.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
[d:\Rising\Rav\regmon.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
[d:\Rising\Rav\HookWeb.dll] [rising, 18, 0, 0, 2]
[d:\Rising\Rav\MemMon.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
[d:\Rising\Rav\expscan.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[d:\Rising\Rav\mPorts.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
[d:\Rising\Rav\MailMon.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[d:\Rising\Rav\SpamEng.dll] [N/A, 18, 0, 0, 6]
[d:\Rising\Rav\engine.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 34]
[d:\Rising\Rav\PostTrt.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 17]
[d:\Rising\Rav\UnExe.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
[d:\Rising\Rav\ScanExec.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 15]
[d:\Rising\Rav\ScanEx.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 30]
[d:\Rising\Rav\RSUnpack.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
[d:\Rising\Rav\NvFile.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 7]
[d:\Rising\Rav\ScanMac.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
[d:\Rising\Rav\ScanSct.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
[d:\Rising\Rav\Unpacker.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[d:\Rising\Rav\RsStore.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
[d:\Rising\Rav\posttrtx.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[d:\Rising\Rav\ExtOLE.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
[PID: 2968][d:\Rising\Rav\RAVMON.EXE] [Beijing Rising Technology Co., Ltd., 18, 0, 1, 33]
[d:\Rising\Rav\RsGuiLib.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 26]
[d:\Rising\Rav\BWList.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
[C:\WINDOWS\496973M.BMP] [N/A, N/A]
[d:\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[d:\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
[d:\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[d:\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[d:\Rising\Rav\PngDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[C:\PROGRA~1\3721\helper.dll] [, 1, 0, 1, 4]
[C:\WINDOWS\System32\qq_mail.dll] [N/A, N/A]
[PID: 3476][E:\木马专杀工具\SREng\SREng.exe] [Smallfrogs Studio, 2.2.6.605]
[C:\PROGRA~1\3721\helper.dll] [, 1, 0, 1, 4]
[C:\WINDOWS\System32\qq_mail.dll] [N/A, N/A]

文件关联

.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]