瑞星防火墙提示，我电脑总有数据包PING入，除了外星人，什么地方的IP都有，请问这怎么解决啊？？
2006-11-24,15:40:00

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows 2000 Professional Service Pack 4 (Build 2195)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><ctfmon.exe>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <Synchronization Manager><mobsync.exe /logon>  [(Verified)Microsoft Corporation]
    <RfwMain><"D:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <RavTask><"D:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINNT\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><C:\WINNT\system32\SoDAHK.DLL>  [Sogou.com Inc.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINNT\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
    <{5ABC9058-B89D-4DE8-A161-A586EA168798}><C:\WINNT\system32\msjdlxt.dll>  [Microsoft Corporation]

==================================
启动文件夹
[星空极速]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\星空极速.lnk --> C:\PROGRA~1\ChinaNet\VNETCL~1.EXE []><N>

==================================
服务
[Adobe LM Service / Adobe LM Service]
  <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[ASP.NET State Service / aspnet_state]
  <C:\WINNT\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[Ati HotKey Poller / Ati HotKey Poller]
  <C:\WINNT\System32\Ati2evxx.exe><ATI Technologies Inc.>
[ATI Smart / ATI Smart]
  <C:\WINNT\system32\ati2sgag.exe><>
[Logical Disk Manager Administrative Service / dmadmin]
  <C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[AMD PowerNow! (tm) Technology Service / GemServ]
  <C:\Program Files\AMD\PowerNow!\GemServ.exe><Advanced Micro Devices>
[Macromedia Licensing Service / Macromedia Licensing Service]
  <"C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe"><N/A>
[P4P Service / P4P Service]
  <C:\Program Files\Common Files\Sogou PXP\p2psvr.exe><Sohu.com Inc.>
[Rising Proxy  Service / RfwProxySrv]
  <d:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
  <d:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Remote Packet Capture Protocol v.0 (experimental) / rpcapd]
  <"C:\Program Files\WinPcap\rpcapd.exe" -d -f "C:\Program Files\WinPcap\rpcapd.ini"><N/A>
[Rising Process Communication Center / RsCCenter]
  <"D:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon]
  <"D:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[WebClient XML / WebClient XML]
  <C:\WINNT\system32\webcxml.exe><N/A>

==================================
驱动程序
[ahjjdggb / ahjjdggb]
  <\??\C:\WINNT\system32\drivers\ahjjdggb.sys><中国互联网络信息中心(CNNIC)>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AMDMSRIO / AMDMSRIO]
  <\??\C:\DOCUME~1\hd\LOCALS~1\Temp\{55638DD9-D5A9-11D3-B74B-204C4F4F5020}\AMDMSRIO.sys><N/A>
[ati2mtag / ati2mtag]
  <System32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[Rising TDI Base Driver / BaseTDI]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[Cdr4_2K / Cdr4_2K]
  <C:\WINNT\SYSTEM32\DRIVERS\Cdr4_2K.SYS><Adaptec>
[Cdralw2k / Cdralw2k]
  <C:\WINNT\SYSTEM32\DRIVERS\Cdralw2k.SYS><Adaptec>
[d347bus / d347bus]
  <\SystemRoot\system32\DRIVERS\d347bus.sys><>
[d347prt / d347prt]
  <\SystemRoot\System32\Drivers\d347prt.sys><>
[dmboot / dmboot]
  <System32\drivers\dmboot.sys><VERITAS Software Corp.>
[Logical Disk Manager Driver / dmio]
  <\SystemRoot\System32\drivers\dmio.sys><VERITAS Software Corp.>
[dmload / dmload]
  <\SystemRoot\System32\drivers\dmload.sys><VERITAS Software Corp.>
[DS1410D / DS1410D]
  <SYSTEM32\drivers\DS1410D.SYS><Dallas Semiconductor MAXIM>
[EagleNT / EagleNT]
  <\??\C:\WINNT\System32\drivers\EagleNT.sys><N/A>
[ExpScaner / ExpScaner]
  <\??\D:\Program Files\Rising\Rav\ExpScan.sys><>
[AMD PowerNow! (tm) Technology / gemwdm]
  <System32\DRIVERS\gemwdm.sys><Advanced Micro Devices>
[WAN Miniport Driver For PPPoE Protocol / GNetPPPoE]
  <system32\DRIVERS\PPPoE.SYS><Guangdong Data Communications Network Co.Ltd.>
[hardlock / hardlock]
  <\??\C:\WINNT\system32\drivers\hardlock.sys><Aladdin Knowledge Systems>
[Haspnt / Haspnt]
  <\??\C:\WINNT\system32\drivers\Haspnt.sys><Aladdin Knowledge Systems>
[HOOKAPI / HOOKAPI]
  <\??\D:\PROGRAM FILES\RISING\RAV\HookApi.Sys><瑞星软件有限公司>
[HookCont / HookCont]
  <\??\D:\Program Files\Rising\Rav\HOOKCONT.sys><Rising tech Co. ltd>
[HookReg / HookReg]
  <\??\D:\Program Files\Rising\Rav\HookReg.sys><>
[HookSys / HookSys]
  <\??\D:\Program Files\Rising\Rav\HookSys.sys><Rising>
[HookUrl / HookUrl]
  <\??\D:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[InCD File System / InCDFs]
  <system32\drivers\InCDFs.sys><N/A>
[InCDPass / InCDPass]
  <system32\drivers\InCDPass.sys><N/A>
[InCD Reader / InCDRm]
  <system32\drivers\InCDRm.sys><N/A>
[kmsinput / kmsinput]
  <\??\C:\WINNT\system32\drivers\kmsinput.sys><N/A>
[MEMSCAN / MEMSCAN]
  <\??\D:\Program Files\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[mProcRs / mProcRs]
  <\??\d:\program files\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[NetGroup Packet Filter Driver / NPF]
  <system32\drivers\npf.sys><Politecnico di Torino>
[npkcrypt / npkcrypt]
  <\??\E:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[NVIDIA nForce Networking Controller Driver / NVENETFD]
  <System32\DRIVERS\NVENETFD.sys><NVIDIA Corporation>
[NVIDIA Network Bus Enumerator / nvnetbus]
  <System32\DRIVERS\nvnetbus.sys><NVIDIA Corporation>
[oreans32 / oreans32]
  <\??\C:\WINNT\system32\drivers\oreans32.sys><N/A>
[Direct Parallel Link Driver / Ptilink]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[QuakeDRV / QuakeDRV]
  <\SystemRoot\system32\DRIVERS\quakedrv.sys><N/A>
[RsFwDrv / RsFwDrv]
  <\??\D:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS]
  <\??\D:\PROGRAM FILES\RISING\RAV\RSPPSYS.sys><Rising>
[Sentinel / Sentinel]
  <\SystemRoot\System32\Drivers\SENTINEL.SYS><Rainbow Technologies, Inc.>
[Rainbow USB SuperPro / Sntnlusb]
  <system32\DRIVERS\SNTNLUSB.SYS><Rainbow Technologies Inc.>
[SSIPDDP / SSIPDDP]
  <\??\C:\WINNT\system32\drivers\SSIPDDP.SYS><N/A>
[SVKP / SVKP]
  <\??\C:\WINNT\system32\SVKP.sys><AntiCracking>

==================================
浏览器加载项
[Adobe PDF Reader Link Helper]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <E:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[MonitorURL Class]
  {08A312BB-5409-49FC-9347-54BB7D069AC6} <C:\PROGRA~1\DESKAD~1\deskipn.dll, N/A>
[CPub Object]
  {0CA51D02-7739-43EA-8D9A-1E8AD4327B03} <e:\Program Files\P4P\sodaie.dll, Sogou.com Inc.>
[VnetCookie Class]
  {4E83D567-4697-4F7B-B1F0-A513B01DB89A} <c:\PROGRA~1\chinanet\VNETTR~1.DLL, >
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <e:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <E:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[Letscool System Helper]
  {F0C15012-7DBD-4068-95A2-0A82DB03AC35} <C:\WINNT\System32\CoolBho.dll, LETSCOOL Network Technology>
[启动迅雷]
  {0062C9BD-B349-40DE-91A0-755F37ACD559} <E:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[我的订阅]
  {8755CE6E-0BF7-4441-8751-FB728941B0B4} <e:\Program Files\P4P\rss.dll, Sohu.com Inc.>
[信息检索(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <E:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[易趣购物]
  {DE607145-AC19-425e-868A-8D70ABDF119A} <http://click2.ad4all.net/url2/urlmanage/url.asp?id=5, N/A>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <e:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[YOK超级搜索]
  {F869BB38-FFEF-4589-B986-610B7AD0ADA2} <http://www.yok.com, N/A>
[搜狗工具条]
  {DBBB7978-AF21-4EF4-9AD1-B2F4BC75696C} <e:\Program Files\P4P\ToolBar.dll, Sogou.com Inc.>
[电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINNT\system32\msdxm.ocx, Microsoft Corporation>
[MMCPlayer Class]
  {05C1004E-2596-48E5-8E26-39362985EEB9} <C:\WINNT\Downloaded Program Files\MMCShell.dll, Sohu.com Inc.>
[Shockwave ActiveX Control]
  {166B1BCA-3F9C-11CF-8075-444553540000} <C:\WINNT\System32\macromed\Shockwave 10\Download.dll, Adobe Systems, Inc.>
[FlashCapture Control]
  {73BA7F9A-955A-4C62-9C1A-D1759D670F77} <C:\WINNT\DOWNLO~1\FLASHC~1.OCX, ????>
[DigitalTrafic Control]
  {7FC22A16-79E6-4787-9C96-B6359BB1106D} <C:\WINNT\DOWNLO~1\DIGITA~1.OCX, Broad-way>
[AxSubmitControl Class]
  {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINNT\DOWNLO~1\SUBMIT~1.DLL, >
[Download Class]
  {ADC16E87-FAFB-4A89-95BA-87C51DC42E66} <C:\WINNT\Downloaded Program Files\DownloadMusic.dll, Sohu.com Inc.>
[WebActivater Control]
  {C661F36D-DF85-4EF4-83C7-E107B83D04B1} <C:\WINNT\System32\3DShowVM.ocx, QQ>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINNT\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[CPasswordEditCtrl Object]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINNT\system32\qqedit\qqedit.dll, 腾讯科技（深圳）有限公司>
[&使用迅雷下载]
  <E:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <E:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[上传到QQ网络硬盘]
  <E:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[使用搜狗直通车下载]
  <e:\Program Files\P4P\dl.htm, N/A>
[发送图片到手机]
  <e:\Program Files\P4P\cx.htm, N/A>
[添加到QQ自定义面板]
  <E:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <E:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[添加到“我的订阅”]
  <e:\Program Files\P4P\rss.htm, N/A>
[用QQ彩信发送该图片]
  <E:\Program Files\Tencent\QQ\SendMMS.htm, N/A>

==================================

正在运行的进程
[PID: 184][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.00.2195.6601]
[PID: 208][\??\C:\WINNT\system32\csrss.exe]  [Microsoft Corporation, 5.00.2195.6601]
[PID: 228][\??\C:\WINNT\system32\winlogon.exe]  [Microsoft Corporation, 5.00.2195.6970]
    [C:\WINNT\system32\Ati2evxx.dll]  [ATI Technologies Inc., 6.14.10.4116]
[PID: 256][C:\WINNT\system32\services.exe]  [Microsoft Corporation, 5.00.2195.6700]
    [C:\WINNT\system32\dmserver.dll]  [VERITAS Software Corp., 2195.6605.297.3]
[PID: 268][C:\WINNT\system32\lsass.exe]  [Microsoft Corporation, 5.00.2195.6902]
[PID: 436][C:\WINNT\system32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 464][C:\WINNT\System32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 480][d:\program files\rising\rfw\rfwsrv.exe]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 33]
    [d:\program files\rising\rfw\RfwRule.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 13]
    [d:\program files\rising\rfw\rfwlog.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 6]
    [d:\program files\rising\rfw\Rfwdrv.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 21]
    [d:\program files\rising\rfw\MonDrv.dll]  [rs, 1, 0, 0, 4]
    [d:\program files\rising\rfw\ProcLib.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 9]
[PID: 516][D:\Program Files\Rising\Rav\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 616][C:\WINNT\system32\spoolsv.exe]  [Microsoft Corporation, 5.00.2195.7059]
    [C:\WINNT\system32\EBPMON24.DLL]  [SEIKO EPSON CORPORATION, 1, 10, 0, 0]
[PID: 728][C:\WINNT\system32\regsvc.exe]  [Microsoft Corporation, 5.00.2195.6701]
[PID: 760][C:\WINNT\system32\MSTask.exe]  [Microsoft Corporation, 4.71.2195.6920]
[PID: 884][C:\WINNT\system32\stisvc.exe]  [Microsoft Corporation, 5.00.2195.6656]
[PID: 944][C:\WINNT\System32\WBEM\WinMgmt.exe]  [Microsoft Corporation, 1.50.1085.0100]
[PID: 840][C:\WINNT\System32\mspmspsv.exe]  [Microsoft Corporation, 7.10.00.3068]
[PID: 976][C:\WINNT\system32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 1036][D:\Program Files\Rising\Rav\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 16]
    [D:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [D:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[PID: 1252][C:\WINNT\Explorer.EXE]  [Microsoft Corporation, 5.00.3700.6690]
    [C:\WINNT\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 21]
    [E:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
    [E:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.7.2006011200]
    [D:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINNT\system32\ALSNDMGR.CPL]  [Realtek Semiconductor Corp., 2.2.0.38]
    [E:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
[PID: 1564][C:\WINNT\system32\ctfmon.exe]  [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
[PID: 1600][C:\Program Files\ChinaNet\VnetClient.exe]  [, 2006, 3, 17, 1]
    [C:\Program Files\ChinaNet\Communicate.dll]  [GDCN, 2006, 2, 15, 1]
    [C:\Program Files\ChinaNet\DialModule.dll]  [GDCN, 2006, 3, 8, 18]
    [C:\PROGRA~1\ChinaNet\CLIENT~1.DLL]  [, 2004, 2, 28, 1]
    [C:\PROGRA~1\ChinaNet\PLUGIN~1.OCX]  [, 2006, 2, 8, 1]
    [C:\PROGRA~1\ChinaNet\sign.dll]  [0, 2004, 12, 1, 1]
    [C:\PROGRA~1\ChinaNet\WEBPLU~1.DLL]  [, 2005, 8, 18, 1]
    [C:\PROGRA~1\ChinaNet\PlugIns\SMSPLU~1\SMSPLU~1.DLL]  [, 1, 0, 0, 1]
    [C:\PROGRA~1\ChinaNet\PostPlug.dll]  [, 2004, 12, 16, 2]
    [C:\PROGRA~1\ChinaNet\ADVERT~1.OCX]  [, 2006, 2, 20, 1]
    [C:\PROGRA~1\ChinaNet\Gif89a.dll]  [, 2005, 6, 21, 1]
    [C:\PROGRA~1\ChinaNet\VnetBs.ocx]  [, 2004, 11, 18, 1]
    [C:\PROGRA~1\ChinaNet\ACCOUN~2.DLL]  [, 2006, 5, 29, 14]
    [C:\PROGRA~1\ChinaNet\AccountMgr.dll]  [, 2006, 5, 26, 9]
    [C:\PROGRA~1\ChinaNet\VnetSkin.ocx]  [GDDC, 2005, 11, 14, 1]
    [C:\PROGRA~1\ChinaNet\DialogStyle.dll]  [, 1, 0, 0, 1]
    [C:\PROGRA~1\ChinaNet\Timer.ocx]  [, 2006, 3, 24, 9]
    [C:\PROGRA~1\ChinaNet\PLUGIN~2.OCX]  [, 2006, 4, 4, 1]
    [C:\PROGRA~1\ChinaNet\NEWMES~1.DLL]  [, 2006, 5, 24, 16]
    [C:\PROGRA~1\ChinaNet\PassCtrl.dll]  [GDCN, 2006, 3, 1, 16]
    [C:\WINNT\system32\wpcap.dll]  [Politecnico di Torino, 3, 0, 0, 18]
    [C:\WINNT\system32\pthreadVC.dll]  [N/A, N/A]
    [C:\WINNT\system32\packet.dll]  [Politecnico di Torino, 3, 0, 0, 18]
    [C:\PROGRA~1\ChinaNet\PlugPush.dll]  [, 2004, 12, 21, 1]
    [C:\PROGRA~1\ChinaNet\ALLINT~1.DLL]  [, 2006, 5, 29, 11]
    [C:\PROGRA~1\ChinaNet\VNETLO~1.OCX]  [, 2005, 10, 9, 1]
    [C:\PROGRA~1\ChinaNet\StatNum.dll]  [, 2006, 3, 1, 1]
    [C:\PROGRA~1\ChinaNet\VNETON~1.OCX]  [, 2005, 3, 2, 1]
    [C:\PROGRA~1\ChinaNet\ALLFUN~1.DLL]  [GDCN, 2006, 5, 24, 14]
    [C:\PROGRA~1\ChinaNet\VnetOptLog.dll]  [, 2006, 3, 14, 10]
    [C:\PROGRA~1\ChinaNet\MAGICD~1.OCX]  [, 1, 0, 0, 1]
    [D:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINNT\system32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
    [C:\PROGRA~1\ChinaNet\DlgSkin.ocx]  [, 2005, 11, 14, 1]
[PID: 820][D:\dzh\internet\hypwise.exe]  [大智慧, 1, 0, 0, 1]
[PID: 1692][C:\Program Files\Common Files\Teleca Shared\Generic.exe]  [Teleca Software Solutions, 1, 0, 3, 2]
    [C:\Program Files\Common Files\Teleca Shared\Telecalib_logging.dll]  [Teleca/Popwire AB, 1, 0, 2, 3]
    [C:\Program Files\Common Files\Teleca Shared\boost_log-vc71-mt-1_32.dll]  [N/A, N/A]
    [C:\Program Files\Common Files\Teleca Shared\TC Device Mgmt.dll]  [Teleca Software Solutions, 1, 0, 1, 1]
    [C:\Program Files\Sony Ericsson\Mobile2\Device Manager\SpecificMPM.dll]  [SonyEricsson, 1, 0, 2, 1]
    [C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\anubisps.dll]  [N/A, N/A]
    [C:\Program Files\Common Files\Teleca Shared\SpecificUSB.dll]  [Popwire AB, 1, 2, 1, 1]
    [C:\Program Files\Common Files\Teleca Shared\tlib_log.dll]  [Popwire AB, 1, 0, 3, 3]
    [C:\Program Files\Common Files\Teleca Shared\boost_log-vc71-mt-1_33.dll]  [N/A, N/A]
[PID: 1812][C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe]  [Sony Ericsson Mobile Communications AB, 1, 2, 0,1183]
    [C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\ShowMfcDialog.dll]  [Sony Ericsson Mobile Communications AB, 1, 0, 0,115]
    [C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\db_objects.dll]  [Sony Ericsson Mobile Communications AB, 1, 0, 0,1194]
    [C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\msmeirsock_object.dll]  [Sony Ericsson Mobile Communications AB, 1, 0, 0,938]
    [C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\anubisps.dll]  [N/A, N/A]
    [C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\cabmain.dll]  [Sony Ericsson Mobile Communications AB, 1, 0, 0,1219]
    [C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\ms98irsock_object.dll]  [Sony Ericsson Mobile Communications AB, 1, 0, 0,983]
    [C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\msirsock_object.dll]  [Sony Ericsson Mobile Communications AB, 1, 0, 0,995]
    [C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\xpbtsock_2_object.dll]  [Sony Ericsson Mobile Communications AB, 1, 0, 0,131]
    [C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\anubisutils.dll]  [Sony Ericsson Mobile Communications AB, 1, 0, 0,831]
[PID: 776][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.0.3536]
[PID: 1780][E:\Program Files\Tencent\TT\TTraveler.exe]  [腾讯公司, 3.0.0.250]
    [C:\WINNT\system32\SoDAHK.DLL]  [Sogou.com Inc., 1, 0, 1, 5]
    [e:\Program Files\P4P\sodaie.dll]  [Sogou.com Inc., 1, 2, 1, 5]
    [e:\Program Files\P4P\ToolBar.dll]  [Sogou.com Inc., 1, 4, 8, 18]
    [e:\Program Files\P4P\autolink.dll]  [Sohu.com Inc., 1, 0, 2, 3]
    [E:\Program Files\Tencent\TT\Plugins\TWeather\TWeather.dll]  [, 1, 0, 0, 3]
    [E:\Program Files\Tencent\TT\PersonalDesktop.dll]  [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 4]
    [C:\WINNT\system32\socul.dll]  [, 1, 0, 1, 3]
    [D:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINNT\system32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
    [C:\WINNT\system32\wmpcore.dll]  [N/A, N/A]
    [C:\WINNT\system32\wmpcd.dll]  [N/A, N/A]
    [C:\WINNT\system32\msdmo.dll]  [N/A, N/A]
    [C:\WINNT\system32\ffdshow.ax]  [N/A, 1.0.2.2028]
    [d:\Program Files\Ringz Studio\Storm Codec\Codecs\VSFilter.dll]  [Gabest, 1, 0, 1, 3]
[PID: 896][C:\WINNT\system32\RUNDLL32.exe]  [Microsoft Corporation, 5.00.2134.1]
    [C:\WINNT\system32\SoDAHK.DLL]  [Sogou.com Inc., 1, 0, 1, 5]
    [e:\PROGRA~1\P4P\Feed.dll]  [Sohu.com Inc., 1, 1, 0, 0]
    [e:\PROGRA~1\P4P\Toolbar.dll]  [Sogou.com Inc., 1, 4, 8, 18]
[PID: 1628][C:\WINNT\system32\RUNDLL32.exe]  [Microsoft Corporation, 5.00.2134.1]
    [C:\WINNT\system32\SoDAHK.DLL]  [Sogou.com Inc., 1, 0, 1, 5]
    [e:\PROGRA~1\P4P\ToolBar.dll]  [Sogou.com Inc., 1, 4, 8, 18]
[PID: 1520][C:\WINNT\system32\taskmgr.exe]  [Microsoft Corporation, 5.00.2195.6620]
[PID: 1700][D:\Program Files\Rising\Rav\RsAgent.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
    [D:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
[PID: 1456][C:\WINNT\msagent\AgentSvr.exe]  [Microsoft Corporation, 2.00.0.3422]
[PID: 344][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, N/A]
[PID: 1872][C:\DOCUME~1\hd\LOCALS~1\Temp\Rar$EX02.797\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINNT\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================