经常不定时的弹出两个网页

1、hXXp://www.dc338.com/ （这个出现的是无法显示页面）

2、涨停牛股免费送hxxp://www.hltz.com.cn/free/index.aspx?uid=4

用卡卡助手检查没有问题，360安全卫士及WINDOWS清理大师检查也没有发现异样！

请问下各位高手有没有解决的办法？先谢谢了！

PS：前段时间同时出现的还有互联星空的增值广告！后来通过电信客服10000取消了该广告！

还想请问下：在启动项中出现C:\WINNT\system32\web3.exe  这个是什么东西呢？可以删除么？我已经用优化大师禁止随系统启动了！

HijackThis_zww汉化版扫描日志 V1.99.1
保存于      20:39:16, 日期 2007-05-23
操作系统：  Windows 2000 SP4 (WinNT 5.00.2195)
浏览器：    Internet Explorer v6.00 SP1 (6.00.2800.1106)

当前运行的进程：         
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
c:\program files\rising\rfw\rfwsrv.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\rising\Rav\CCenter.exe
C:\Program Files\rising\Rav\Ravmond.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\ATKKBService.exe
C:\WINNT\system32\DRIVERS\CDANTSRV.EXE
C:\WINNT\system32\svchost.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\rising\Rav\RavStub.exe
C:\WINNT\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
c:\program files\rising\rfw\RfwMain.exe
C:\Program Files\rising\Rav\RavTask.exe
C:\Program Files\rising\Rav\Ravmon.exe
C:\Program Files\Rising\AntiSpyware\runiep.exe
C:\WINNT\system32\internat.exe
E:\QQ\AresQQ\QQ.exe
C:\Program Files\Internet Explorer\iexplore.exe
E:\TEMP\Rar$EX00.828\upiea\upiea.exe
E:\HijackThis1[1].99.1\SREng\SREng.exe
E:\HijackThis1[1].99.1\HijackThis1991zww.exe

O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - E:\FLASHGET\jccatch.dll
O3 - IE工具栏增项: @msdxmLC.dll,-1@2052,电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - IE工具栏增项: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINNT\system32\KakaTool.dll
O4 - 启动项HKLM\\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - 启动项HKLM\\Run: [RavTask] "C:\Program Files\rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [runeip] C:\Program Files\Rising\AntiSpyware\runiep.exe
O4 - 启动项HKLM\\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - 启动项HKLM\\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKCU\..\Run: [internat.exe] internat.exe
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - E:\FlashGet\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - E:\FlashGet\jc_all.htm
O12 - IE插件，支持文件类型.UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll
O15 - “受信任的站点”中添加项: http://www.icbc.com.cn
O16 - DPF: {1F831FA1-42FC-11D4-95A6-0080AD30DCE1} (InstaFred) -
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} - https://img.alipay.com/download/aliedit.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1134805719593
O16 - DPF: {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (AxInputControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday 控件) -
O16 - DPF: {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} (AxSubmitControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab
O16 - DPF: {A3CD7F74-93C9-4BC4-B892-CCDF1514F714} (Submit Class) - https://pbank.95559.com.cn/personbank/ocx/safe.cab
O16 - DPF: {AE563722-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) -
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {E787FD25-8D7C-4693-AE67-9406BC6E22DF} (CPasswordEditCtrl Object) - https://www.tenpay.com/download/qqedit.cab
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview 控件) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{C51AC59F-8C58-4D6B-A831-4C766CFF7047}: NameServer = 202.98.198.168,202.98.192.68
O23 - NT 服务: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - NT 服务: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINNT\ATKKBService.exe
O23 - NT 服务: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - NT 服务: C-DillaSrv - C-Dilla Ltd - C:\WINNT\system32\DRIVERS\CDANTSRV.EXE
O23 - NT 服务: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - NT 服务: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - NT 服务: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - NT 服务: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - NT 服务: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe
O23 - NT 服务: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe
O23 - NT 服务: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\rising\Rav\CCenter.exe
O23 - NT 服务: Rising RealTime Monitor (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\rising\Rav\Ravmond.exe
O23 - NT 服务: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

2007-05-23,20:41:22

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows 2000 Professional Service Pack 4 (Build 2195)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <internat.exe><internat.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <RavTask><"C:\Program Files\rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <runeip><C:\Program Files\Rising\AntiSpyware\runiep.exe>  [Beijing Rising Technology Co., Ltd.]
    <NvCplDaemon><RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup>  [(Verified)NVIDIA Corporation]
    <Synchronization Manager><mobsync.exe /logon>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINNT\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINNT\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]

==================================
启动文件夹
N/A

==================================
服务
[Adobe LM Service / Adobe LM Service]
  <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[ASP.NET State Service / aspnet_state]
  <C:\WINNT\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[ATK Keyboard Service / ATKKeyboardService]
  <C:\WINNT\ATKKBService.exe><ASUSTeK COMPUTER INC.>
[Autodesk Licensing Service / Autodesk Licensing Service]
  <"C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"><Autodesk>
[C-DillaSrv / C-DillaSrv]
  <C:\WINNT\system32\DRIVERS\CDANTSRV.EXE><C-Dilla Ltd>
[Logical Disk Manager Administrative Service / dmadmin]
  <C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[InstallDriver Table Manager / IDriverT]
  <"C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe"><Macrovision Corporation>
[LightScribeService Direct Disc Labeling Service / LightScribeService]
  <"C:\Program Files\Common Files\LightScribe\LSSrvc.exe"><Hewlett-Packard Company>
[NVIDIA Display Driver Service / NVSvc]
  <C:\WINNT\system32\nvsvc32.exe><NVIDIA Corporation>
[Pml Driver HPZ12 / Pml Driver HPZ12]
  <C:\WINNT\system32\HPZipm12.exe><HP>
[Rising Proxy  Service / RfwProxySrv]
  <c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
  <c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Remote Packet Capture Protocol v.0 (experimental) / rpcapd]
  <"C:\Program Files\WinPcap\rpcapd.exe" -d -f "C:\Program Files\WinPcap\rpcapd.ini"><N/A>
[Rising Process Communication Center / RsCCenter]
  <"C:\Program Files\rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon]
  <"C:\Program Files\rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[SoundMAX Agent Service / SoundMAX Agent Service (default)]
  <C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe><Analog Devices, Inc.>

==================================
驱动程序
[aeaudio / aeaudio]
  <system32\drivers\aeaudio.sys><Andrea Electronics Corporation>
[AFS2K / AFS2K]
  <C:\WINNT\SYSTEM32\DRIVERS\AFS2K.SYS><Oak Technology Inc.>
[Enhanced Display Driver Helper Service / asuskbnt]
  <system32\drivers\atkkbnt.sys><ASUSTeK COMPUTER INC.>
[Rising TDI Base Driver / BaseTDI]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[Icatch(II) Video Camera Device / Ca50xav]
  <System32\Drivers\Ca50xav.sys><N/A>
[Cdr4_2K / Cdr4_2K]
  <C:\WINNT\SYSTEM32\DRIVERS\Cdr4_2K.SYS><Roxio>
[Cdralw2k / Cdralw2k]
  <C:\WINNT\SYSTEM32\DRIVERS\Cdralw2k.SYS><Roxio>
[dmboot / dmboot]
  <System32\drivers\dmboot.sys><VERITAS Software Corp.>
[Logical Disk Manager Driver / dmio]
  <\SystemRoot\System32\drivers\dmio.sys><VERITAS Software Corp.>
[dmload / dmload]
  <\SystemRoot\System32\drivers\dmload.sys><VERITAS Software Corp.>
[EIO / EIO]
  <\??\C:\WINNT\system32\drivers\EIO.sys><ASUSTeK Computer Inc.>
[ExpScaner / ExpScaner]
  <\??\C:\Program Files\rising\Rav\ExpScan.sys><>
[HookCont / HookCont]
  <\??\C:\Program Files\rising\Rav\HOOKCONT.sys><Rising>
[HookReg / HookReg]
  <\??\C:\Program Files\rising\Rav\HookReg.sys><>
[HookSys / HookSys]
  <\??\C:\Program Files\rising\Rav\HookSys.sys><Rising>
[HookUrl / HookUrl]
  <\??\C:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[IEEE-1284.4 Driver HPZid412 / HPZid412]
  <system32\DRIVERS\HPZid412.sys><HP>
[Print Class Driver for IEEE-1284.4 HPZipr12 / HPZipr12]
  <system32\DRIVERS\HPZipr12.sys><HP>
[USB to IEEE-1284.4 Translation Driver HPZius12 / HPZius12]
  <system32\DRIVERS\HPZius12.sys><HP>
[iTouch Keyboard Filter / itchfltr]
  <system32\DRIVERS\itchfltr.sys><Logitech, Inc.>
[kmsinput / kmsinput]
  <\??\C:\WINNT\system32\drivers\kmsinput.sys><N/A>
[Logitech PS/2 Mouse Filter Driver / L8042pr2]
  <system32\DRIVERS\L8042pr2.Sys><Logitech, Inc.>
[Logitech HID/USB Mouse Filter Driver / LHidFlt2]
  <system32\DRIVERS\LHidFlt2.Sys><Logitech, Inc.>
[Logitech USB Receiver device driver / LHidUsb]
  <System32\Drivers\LHidUsb.Sys><Logitech, Inc.>
[Logitech Mouse Class Filter Driver / LMouFlt2]
  <system32\DRIVERS\LMouFlt2.Sys><Logitech, Inc.>
[MEMSCAN / MEMSCAN]
  <\??\C:\Program Files\rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[MidiSyn / MidiSyn]
  <system32\drivers\MidiSyn.sys><Analog Devices Inc>
[mProcRs / mProcRs]
  <\??\c:\program files\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[MxlW2k / MxlW2k]
  <C:\WINNT\SYSTEM32\DRIVERS\MxlW2k.SYS><MusicMatch, Inc.>
[NetGroup Packet Filter Driver / NPF]
  <system32\drivers\npf.sys><Politecnico di Torino>
[npkcrypt / npkcrypt]
  <\??\E:\QQ\qq2005\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv / nv]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[PnpWmkDrv / PnpWmkDrv]
  <\??\C:\WINNT\system32\drivers\PnpWmkDrv.sys><N/A>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsAntiSpyware / RsAntiSpyware]
  <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising>
[RsFwDrv / RsFwDrv]
  <\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS]
  <\??\C:\Program Files\rising\Rav\RSPPSYS.sys><Rising>
[SFC4 / SFC4]
  <System32\drivers\SFC4.sys><N/A>
[smwdm / smwdm]
  <system32\drivers\smwdm.sys><Analog Devices, Inc.>
[Sony Digital Imaging Base / sonyhcb]
  <\SystemRoot\system32\DRIVERS\sonyhcb.sys><Sony Corporation>
[Sony Digital Imaging Video / sonyhcs]
  <system32\DRIVERS\sonyhcs.sys><Sony Corporation>
[Sony Memory Stick Driver(SONYPVM1) / SONYPVM1]
  <\SystemRoot\system32\DRIVERS\SONYPVM1.SYS><Sony Corporation>
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1]
  <system32\DRIVERS\SONYPVU1.SYS><Sony Corporation>
[SAMSUNG Mobile USB Device 1.0 driver (WDM) / ss_bus]
  <system32\DRIVERS\ss_bus.sys><MCCI>
[SAMSUNG Mobile USB Modem 1.0 Filter / ss_mdfl]
  <system32\DRIVERS\ss_mdfl.sys><MCCI>
[SAMSUNG Mobile USB Modem 1.0 Drivers / ss_mdm]
  <system32\DRIVERS\ss_mdm.sys><MCCI>
[StarOpen / StarOpen]
  <C:\WINNT\SYSTEM32\DRIVERS\StarOpen.SYS><N/A>
[TVICHW32 / TVICHW32]
  <\??\C:\WINNT\system32\DRIVERS\TVICHW32.SYS><EnTech Taiwan>
[Icatch(II) Still Camera Device / USBCamera]
  <System32\Drivers\Bulk50x.sys><N/A>
[Sony Ericsson W700 Driver driver (WDM) / W700bus]
  <system32\DRIVERS\W700bus.sys><MCCI>
[Sony Ericsson W700 USB WMC Modem Filter / W700mdfl]
  <system32\DRIVERS\W700mdfl.sys><MCCI>
[Sony Ericsson W700 USB WMC Modem Driver / W700mdm]
  <system32\DRIVERS\W700mdm.sys><MCCI>
[Sony Ericsson W700 USB WMC Device Management Drivers (WDM) / W700mgmt]
  <system32\DRIVERS\W700mgmt.sys><MCCI>
[Sony Ericsson W700 USB WMC OBEX Interface / W700obex]
  <system32\DRIVERS\W700obex.sys><MCCI>

==================================
浏览器加载项
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <E:\FLASHGET\jccatch.dll, Amaze Soft>
[@msdxmLC.dll,-1@2052,电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINNT\system32\msdxm.ocx, Microsoft Corporation>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINNT\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[Microsoft Office Template and Media Control]
  {02BCC737-B171-4746-94C9-0D8A0B2C0089} <C:\WINNT\Downloaded Program Files\IEAWSDC.DLL, N/A>
[InstaFred]
  {1F831FA1-42FC-11D4-95A6-0080AD30DCE1} <C:\WINNT\DOWNLO~1\InstFred.ocx, Autodesk, Inc.>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINNT\system32\wuweb.dll, Microsoft Corporation>
[AxInputControl Class]
  {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINNT\system32\INPUTC~1.DLL, >
[AcDcToday 控件]
  {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} <C:\WINNT\DOWNLO~1\ACDCTO~1.OCX, Autodesk>
[AxSubmitControl Class]
  {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINNT\system32\SUBMIT~1.DLL, >
[Submit Class]
  {A3CD7F74-93C9-4BC4-B892-CCDF1514F714} <C:\WINNT\Downloaded Program Files\safein.dll, Beijing eChannels Century Technology Co.,Ltd>
[NOXLATE-BANR]
  {AE563722-B4F5-11D4-A415-00108302FDFD} <C:\WINNT\DOWNLO~1\InstBanr.ocx, Autodesk, Inc.>
[MsnMessengerSetupDownloadControl Class]
  {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} <C:\WINNT\Downloaded Program Files\MsnMessengerSetupDownloader.ocx, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINNT\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[CPasswordEditCtrl Object]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINNT\system32\qqedit\qqedit.dll, 腾讯科技（深圳）有限公司>
[AcPreview 控件]
  {F281A59C-7B65-11D3-8617-0010830243BD} <C:\WINNT\DOWNLO~1\ACPREV~1.OCX, Autodesk>
[使用网际快车下载]
  <E:\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <E:\FlashGet\jc_all.htm, N/A>

==================================
正在运行的进程
[PID: 144][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.00.2195.6601]
[PID: 172][\??\C:\WINNT\system32\csrss.exe]  [Microsoft Corporation, 5.00.2195.6601]
[PID: 192][\??\C:\WINNT\system32\winlogon.exe]  [Microsoft Corporation, 5.00.2195.6997]
[PID: 220][C:\WINNT\system32\services.exe]  [Microsoft Corporation, 5.00.2195.7035]
    [C:\WINNT\system32\dmserver.dll]  [VERITAS Software Corp., 2195.6605.297.3]
[PID: 232][C:\WINNT\system32\lsass.exe]  [Microsoft Corporation, 5.00.2195.7011]
[PID: 412][C:\WINNT\system32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 548][C:\WINNT\system32\spoolsv.exe]  [Microsoft Corporation, 5.00.2195.7059]
    [C:\WINNT\system32\hpzlnt09.dll]  [HP, 2.245.1.0]
    [C:\WINNT\system32\mdimon.dll]  [Microsoft Corporation, 11.3.1897.0]
    [C:\WINNT\system32\spool\PRTPROCS\W32X86\mdippr.dll]  [Microsoft Corporation, 11.3.1897.0]
[PID: 576][C:\WINNT\ATKKBService.exe]  [ASUSTeK COMPUTER INC., 1, 0, 0, 0]
[PID: 588][C:\WINNT\system32\DRIVERS\CDANTSRV.EXE]  [C-Dilla Ltd, 3.23.000]
[PID: 612][C:\WINNT\system32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 640][C:\Program Files\Common Files\LightScribe\LSSrvc.exe]  [Hewlett-Packard Company, 1.4.109.1]
    [C:\Program Files\Common Files\LightScribe\LSSProxy.dll]  [Hewlett-Packard Company, 1.4.109.1]
    [C:\Program Files\Common Files\LightScribe\LSLog.dll]  [Hewlett-Packard Company, 1.4.109.1]
    [C:\Program Files\Common Files\LightScribe\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [C:\Program Files\Common Files\LightScribe\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.42]
[PID: 724][C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE]  [Microsoft Corporation, 7.00.9466]
    [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\2052\mdmui.dll]  [Microsoft Corporation, 7.00.9466]
[PID: 784][C:\Program Files\rising\Rav\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 4]
    [C:\Program Files\rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[PID: 708][C:\WINNT\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.10.6672]
[PID: 900][C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe]  [Analog Devices, Inc., 3, 2, 6, 0]
[PID: 840][C:\WINNT\system32\stisvc.exe]  [Microsoft Corporation, 5.00.2195.6656]
    [C:\WINNT\system32\VM305STI.dll]  [VM, 4.2.510.21]
[PID: 940][C:\WINNT\System32\WBEM\WinMgmt.exe]  [Microsoft Corporation, 1.50.1085.0100]
[PID: 964][C:\WINNT\system32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 972][C:\WINNT\system32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 1144][C:\WINNT\Explorer.EXE]  [Microsoft Corporation, 5.00.3700.6690]
    [C:\WINNT\system32\AcSignIcon.dll]  [Autodesk, 16.2.54.0]
    [C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll]  [Autodesk, 16.2.54.0]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\WINNT\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [C:\Program Files\Common Files\Xerox Shared\drop2exe.dll]  [Xerox ScanSoft, 2, 0, 0, 1]
    [C:\Program Files\Common Files\Xerox Shared\easytb32.dll]  [N/A, N/A]
    [C:\Program Files\Common Files\Xerox Shared\VGFILE.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Common Files\Xerox Shared\Xfile.dll]  [Xerox Corp., 1.0g]
    [E:\FLASHGET\jccatch.dll]  [Amaze Soft, 1, 1, 4, 0]
    [C:\Program Files\rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\WINNT\system32\msimtf.dll]  [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
    [C:\WINNT\system32\MSCTF.dll]  [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
[PID: 1188][c:\program files\rising\rfw\RfwMain.exe]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 72]
    [C:\WINNT\system32\MSVCP60.dll]  [Microsoft Corporation, 6.00.8972.0]
    [c:\program files\rising\rfw\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
    [c:\program files\rising\rfw\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [c:\program files\rising\rfw\RfwCtrl.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
    [c:\program files\rising\rfw\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [c:\program files\rising\rfw\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 1312][C:\Program Files\Rising\AntiSpyware\runiep.exe]  [Beijing Rising Technology Co., Ltd., 1, 0, 1, 6]
    [C:\Program Files\Rising\AntiSpyware\iep_ctrl.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 4]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 1384][C:\WINNT\system32\internat.exe]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 288][E:\QQ\AresQQ\QQ.exe]  [TENCENT, 0, 0, 0, 0]
    [E:\QQ\AresQQ\CoralAssist.dll]  [Coral Team, 5.0.0 build 20060829]
    [E:\QQ\AresQQ\CoralQQ.dll]  [Coral Team, 5.0 Build 20070301]
    [E:\QQ\AresQQ\kql.dll]  [Coral Team, 5.0.0 build 20070301]
    [E:\QQ\AresQQ\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [E:\QQ\AresQQ\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [E:\QQ\AresQQ\ipsearcher.dll]  [N/A, 1.0.0.4]
    [E:\QQ\AresQQ\QQBaseClassInDll.dll]  [, 1, 0, 0, 1]
    [E:\QQ\AresQQ\QQHelperDll.dll]  [, 1, 0, 0, 1]
    [E:\QQ\AresQQ\BasicCtrlDll.dll]  [Tencent, 7, 0, 101, 80]
    [C:\WINNT\system32\MSVCP60.dll]  [Microsoft Corporation, 6.00.8972.0]
    [E:\QQ\AresQQ\NoDisturbFilter.cqx]  [Coral Team, 1.0]
    [E:\QQ\AresQQ\ConfigHotkey.cqx]  [Coral Team, 1.0]
    [E:\QQ\qq2005\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [E:\QQ\AresQQ\LoginCtrl.dll]  [N/A, N/A]
    [E:\QQ\AresQQ\npkcntc.dll]  [INCA Internet Co., Ltd., 2006, 6, 27, 1]
    [E:\QQ\AresQQ\npkpdb.dll]  [INCA Internet Co., Ltd., 2003, 10, 1, 1]
    [E:\QQ\AresQQ\LoginCtrlRes.dll]  [, 1, 0, 0, 1]
    [E:\QQ\AresQQ\QQRes.dll]  [tencent, 1, 0, 0, 1]
    [E:\QQ\AresQQ\QQMainFrame.dll]  [N/A, N/A]
    [E:\QQ\AresQQ\CQQApplication.dll]  [N/A, N/A]
    [E:\QQ\AresQQ\NewSkin.dll]  [, 1, 0, 0, 1]
    [E:\QQ\AresQQ\HostingMgr.dll]  [, 1, 0, 0, 1]
    [E:\QQ\AresQQ\CameraDll.dll]  [, 1, 0, 0, 1]
    [E:\QQ\AresQQ\CoralHotkey.cqx]  [Coral Team, 1.0]
    [E:\QQ\AresQQ\AutoReconnect.cqx]  [Coral Team, 1.0.0]
    [E:\QQ\AresQQ\QQAllInOne.dll]  [N/A, N/A]
    [E:\QQ\AresQQ\GroupLive.dll]  [N/A, N/A]
    [E:\QQ\AresQQ\SCCore.dll]  [TENCENT, 2, 0, 0, 1]
    [E:\QQ\AresQQ\QQSpace.dll]  [, 1, 0, 0, 1]
    [E:\QQ\AresQQ\vbscript.dll]  [Microsoft Corporation, 5.6.0.7426]
    [C:\WINNT\system32\msdmo.dll]  [N/A, N/A]
    [E:\QQ\AresQQ\QQGroupMng.dll]  [, 1, 0, 0, 1]
    [E:\QQ\AresQQ\QQSysMsgMng.dll]  [N/A, N/A]
    [E:\QQ\AresQQ\UserDefinedHead.dll]  [, 1, 0, 0, 1]
    [E:\QQ\AresQQ\QQPlugin.dll]  [N/A, N/A]
    [E:\QQ\AresQQ\QQConfigPlugin.dll]  [, 1, 0, 0, 1]
    [E:\QQ\AresQQ\QQAvatar.dll]  [N/A, N/A]
    [E:\QQ\AresQQ\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [E:\QQ\AresQQ\LongConnection.dll]  [tencent, 5, 0, 200, 160]
    [C:\WINNT\system32\AcSignIcon.dll]  [Autodesk, 16.2.54.0]
    [E:\QQ\AresQQ\QQPhoneHelper.dll]  [腾讯科技（深圳）有限公司, 2, 1, 9, 92]
    [E:\QQ\AresQQ\QQCustomFace.dll]  [N/A, N/A]
    [E:\QQ\AresQQ\ImageOle.dll]  [TODO: <Company name>, 1.0.0.1]
    [C:\WINNT\system32\msimtf.dll]  [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
    [C:\WINNT\system32\MSCTF.dll]  [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
    [C:\WINNT\system32\WINABCX.IME]  [PKUETI, 5.22.216]
    [E:\QQ\AresQQ\GroupConnection.dll]  [Tencent, 0, 3, 3, 5]
[PID: 1176][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2800.1106]
    [C:\WINNT\system32\AcSignIcon.dll]  [Autodesk, 16.2.54.0]
    [C:\WINNT\system32\KakaTool.dll]  [Beijing Rising Technology Co., Ltd., 2, 0, 3, 0]
    [E:\FLASHGET\jccatch.dll]  [Amaze Soft, 1, 1, 4, 0]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\WINNT\system32\msimtf.dll]  [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
    [C:\WINNT\system32\MSCTF.dll]  [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
    [C:\WINNT\system32\mscoree.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [C:\WINNT\Microsoft.NET\Framework\v1.1.4322\mscorie.dll]  [Microsoft Corporation, 1.1.4322.573]
    [C:\WINNT\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINNT\Microsoft.NET\Framework\v1.1.4322\mscorld.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll]  [Autodesk, 16.2.54.0]
    [C:\WINNT\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
[PID: 4296][E:\TEMP\Rar$EX00.828\upiea\upiea.exe]  [欧鹏, V2 Beta7]
    [C:\DOCUME~1\网络管~1\LOCALS~1\Temp\E_4\krnln.fnr]  [, 1, 0, 0, 1]
    [C:\DOCUME~1\网络管~1\LOCALS~1\Temp\E_4\iext.fnr]  [, 1, 0, 0, 1]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\DOCUME~1\网络管~1\LOCALS~1\Temp\E_4\eAPI.fne]  [, 1, 0, 0, 1]
[PID: 3412][E:\HijackThis1[1].99.1\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [E:\HijackThis1[1].99.1\SREng\Plugins\SRECXTMG.SRE]  [Smallfrogs Studio, 1, 5, 0, 55]
[PID: 3852][E:\HijackThis1[1].99.1\HijackThis1991zww.exe]  [Soeperman Enterprises Ltd., 1.99.0001]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\WINNT\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [C:\WINNT\system32\AcSignIcon.dll]  [Autodesk, 16.2.54.0]
[PID: 3424][C:\WINNT\system32\NOTEPAD.EXE]  [Microsoft Corporation, 5.00.2140.1]
    [C:\WINNT\system32\AcSignIcon.dll]  [Autodesk, 16.2.54.0]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]

==================================
文件关联
.TXT  Error. [NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINNT\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================

自己顶起来请大家帮下忙！谢谢先！