我把瑞星 防火墙升级到最新杀毒后  电脑重起就出现Trojan.PSW.Win32.XYOnline.bt这个病毒 文件被删除。每次出。还有我的电脑的每个分区双击鼠标打不开，要右键打开才行
而且右键里边还有一个Auto不知道是什么！！！  下边是日志！！高手帮忙看看！  谢谢

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <ATIPTA><C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe>  [ATI Technologies, Inc.]
    <High Definition Audio 属性页快捷方式><HDAudPropShortcut.exe>  [(Verified)Windows (R) Server 2003 DDK provider]
    <StormCodec_Helper><"D:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>  [N/A]
    <SoundMan><SOUNDMAN.EXE>  [Realtek Semiconductor Corp.]
    <AlcWzrd><ALCWZRD.EXE>  [RealTek Semicoductor Corp.]
    <Alcmtr><ALCMTR.EXE>  [Realtek Semiconductor Corp.]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <BigDog305><C:\WINDOWS\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305)>  [N/A]
    <ztsa><C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ztso.exe>  [N/A]
    <zxsa><C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\zxso.exe>  [N/A]
    <TIMHost><C:\WINDOWS\TIMHost.exe>  [N/A]
    <wdsa><C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wdso.exe>  [N/A]
    <qjsa><C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\qjso.exe>  [N/A]
    <rxsa><C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\rxso.exe>  [N/A]
    <tlsa><C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tlso.exe>  [N/A]
    <wgsa><C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wgso.exe>  [N/A]
    <WinDCP32><C:\WINDOWS\WinDCP32.exe>  [N/A]
    <KVP><C:\WINDOWS\System32\drivers\svchost.exe>  [N/A]
    <load><C:\WINDOWS\uninstall\rundl132.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\System32\Userinit.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><wgdpri.dll>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
    <{754FB7D8-B8FE-4810-B363-A788CD060F1F}><C:\Program Files\Internet Explorer\PLUGINS\System64.Sys>  [N/A]
    <{0EA66AD2-CF26-2E23-532B-B292E22F3266}><C:\Program Files\Internet Explorer\PLUGINS\NewTemp.dll>  [N/A]
    <{713AF41A-21B1-131B-1BFC-D2A90DF4A2B7}><C:\WINDOWS\System32\xyfpri.dll>  [N/A]
    <{40117B96-998D-4D80-8F89-5E9DBD9F3460}><C:\Program Files\Internet Explorer\PLUGINS\SysWin64.Sys>  [N/A]
    <{22311A42-AC1B-158F-FD32-5674345F23A2}><C:\WINDOWS\System32\dhbpri.dll>  [N/A]
    <{26368135-64FA-BC34-DA32-DCF4FD431C92}><C:\WINDOWS\System32\qhbpri.dll>  [N/A]
    <{3562452F-FA36-BA4F-892A-FF5FBBAC5313}><C:\WINDOWS\System32\mycpri.dll>  [N/A]
    <{2F12545B-1212-1314-5679-4512ACEF8902}><C:\WINDOWS\System32\wdbpri.dll>  [N/A]
    <{212BC423-3713-224D-3F55-32B35C62B112}><C:\WINDOWS\System32\tlmpri.dll>  [N/A]
    <{54123FF1-8371-9834-9021-184518451FA5}><C:\WINDOWS\System32\qjepri.dll>  [N/A]
    <{425AB2F3-234A-7469-2F43-E341713ABFA4}><C:\WINDOWS\System32\wgdpri.dll>  [N/A]
    <{559AFD5B-159F-ACD8-954C-ACD545FA6585}><C:\WINDOWS\System32\jzepri.dll>  [N/A]

==================================
启动文件夹
N/A

==================================
服务
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
  <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
  <C:\WINDOWS\System32\Ati2evxx.exe><ATI Technologies Inc.>
[ATI Smart / ATI Smart][Stopped/Auto Start]
  <C:\WINDOWS\system32\ati2sgag.exe><>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Rising Proxy  Service / RfwProxySrv][Stopped/Manual Start]
  <c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
  <c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
  <"C:\PROGRAM FILES\RISING\RAV\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[Networ VSA / Visual VSA WEB][Stopped/Auto Start]
  <C:\WINDOWS\System32\wniapsvr.exe -Run><N/A>
[Windows DHCP Service / WinDHCPsvc][Stopped/Auto Start]
  <C:\WINDOWS\System32\rundll32.exe windhcp.ocx,input><Microsoft Corporation>

==================================
驱动程序
[ati2mtag / ati2mtag][Running/Manual Start]
  <System32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[ExpScaner / ExpScaner][Running/Auto Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\ExpScan.sys><>
[Microsoft 用于 High Definition Audio 服务的 UAA 功能驱动程序 / HdAudAddService][Stopped/Manual Start]
  <system32\drivers\HdAudio.sys><Windows (R) Server 2003 DDK provider>
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start]
  <System32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[HookCont / HookCont][Running/Auto Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\HookSys.sys><Rising>
[HookUrl / HookUrl][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
  <system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[MEMSCAN / MEMSCAN][Running/Auto Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\MEMSCAN.sys><瑞星软件有限公司>
[mProcRs / mProcRs][Running/Auto Start]
  <\??\c:\program files\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsFwDrv / RsFwDrv][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\System32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\RSPPSYS.sys><Rising>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
  <System32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <System32\DRIVERS\secdrv.sys><N/A>
[Intel (R) System Management BIOS Service / SMBios][Running/Manual Start]
  <System32\DRIVERS\SMBios.sys><Intel Corporation>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  <System32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[VIMICRO USB PC Camera VC0305 / ZSMC0305][Running/Manual Start]
  <System32\Drivers\usbVM305.sys><Vimicro Corporation>

==================================

[用户系统信息]Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322)

浏览器加载项
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\System32\xunleibho_v14.dll, Thunder Networking Technologies,LTD>
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[WangWangObj Class]
  {6E213FC7-DD5A-4115-B7E6-D4C7838C361E} <D:\Program Files\淘宝网\淘宝旺旺\WangWangX4.dll, 阿里软件（中国）有限公司>
[&使用迅雷下载]
  <d:\Program Files\Thunder Network\Thunder\geturl.htm, N/A>
[&使用迅雷下载全部链接]
  <d:\Program Files\Thunder Network\Thunder\getallurl.htm, N/A>
[上传到QQ网络硬盘]
  <D:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[添加到QQ自定义面板]
  <D:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <D:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <D:\Program Files\Tencent\QQ\SendMMS.htm, N/A>
[用比特精灵下载(&B)]
  <D:\Program Files\BitSpirit\bsurl.htm, N/A>

==================================
正在运行的进程
[PID: 456][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 528][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 552][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\System32\xyfpri.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\Ati2evxx.dll]  [ATI Technologies Inc., 6.14.10.4109]
[PID: 600][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\xyfpri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\LYMANGR.DLL]  [N/A, N/A]
[PID: 612][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\system32\xyfpri.dll]  [N/A, N/A]
[PID: 760][C:\WINDOWS\System32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4109]
    [C:\WINDOWS\System32\xyfpri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2495]
[PID: 804][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\xyfpri.dll]  [N/A, N/A]
[PID: 884][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\xyfpri.dll]  [N/A, N/A]
[PID: 968][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\xyfpri.dll]  [N/A, N/A]
[PID: 1048][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\xyfpri.dll]  [N/A, N/A]
[PID: 1292][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
    [C:\WINDOWS\system32\xyfpri.dll]  [N/A, N/A]
[PID: 1384][C:\PROGRAM FILES\RISING\RAV\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 4]
    [C:\PROGRAM FILES\RISING\RAV\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[PID: 1504][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\System32\xyfpri.dll]  [N/A, N/A]
[PID: 1584][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\xyfpri.dll]  [N/A, N/A]
[PID: 160][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4109]
    [C:\WINDOWS\system32\xyfpri.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2495]
    [C:\Program Files\Internet Explorer\PLUGINS\SysWin64.Sys]  [N/A, N/A]
[PID: 216][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\System32\xyfpri.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [C:\Program Files\Internet Explorer\PLUGINS\NewTemp.dll]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\PLUGINS\SysWin64.Sys]  [N/A, N/A]
    [C:\WINDOWS\System32\dhbpri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\qhbpri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\mycpri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\wdbpri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\tlmpri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\qjepri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\wgdpri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\jzepri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\TIMHost.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\WinDCP32.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\xunleibho_v14.dll]  [Thunder Networking Technologies,LTD, 4, 6, 0, 62]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [d:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
[PID: 652][c:\program files\rising\rfw\RfwMain.exe]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 72]
    [c:\program files\rising\rfw\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
    [c:\program files\rising\rfw\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [c:\program files\rising\rfw\RfwCtrl.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
    [c:\program files\rising\rfw\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [c:\program files\rising\rfw\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\Program Files\Internet Explorer\PLUGINS\SysWin64.Sys]  [N/A, N/A]
    [C:\WINDOWS\System32\WinDCP32.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\TIMHost.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\jzepri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\wgdpri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\qjepri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\tlmpri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\wdbpri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\mycpri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\qhbpri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\dhbpri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\xyfpri.dll]  [N/A, N/A]
[PID: 1040][C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe]  [ATI Technologies, Inc., 6.14.10.5131]
    [C:\Program Files\Internet Explorer\PLUGINS\SysWin64.Sys]  [N/A, N/A]
    [C:\Program Files\ATI Technologies\ATI Control Panel\atipdsxx.dll]  [ATI Technologies, Inc., 6.14.10.5131]
    [C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATRPUIXX.CHS]  [ATI Technologies, Inc., 6.14.10.5131]
    [C:\Program Files\ATI Technologies\ATI Control Panel\atipdxxx.dll]  [ATI Technologies, Inc., 6.14.10.5131]
[PID: 1160][C:\WINDOWS\SOUNDMAN.EXE]  [Realtek Semiconductor Corp., 1, 0, 0, 9]
    [C:\Program Files\Internet Explorer\PLUGINS\SysWin64.Sys]  [N/A, N/A]
[PID: 1364][C:\WINDOWS\ALCWZRD.EXE]  [RealTek Semicoductor Corp., 1.1.0.12]
    [C:\WINDOWS\System32\qhbpri.dll]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\PLUGINS\SysWin64.Sys]  [N/A, N/A]
[PID: 1528][C:\WINDOWS\System32\conime.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\Program Files\Internet Explorer\PLUGINS\SysWin64.Sys]  [N/A, N/A]
[PID: 1796][C:\WINDOWS\VM305_STI.EXE]  [Vimicro, 4, 3, 625, 61]
    [C:\Program Files\Internet Explorer\PLUGINS\SysWin64.Sys]  [N/A, N/A]
    [C:\WINDOWS\System32\msdmo.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\VM305Prp.Ax]  [Vimicro, 4.3. 625.61]
[PID: 2444][C:\WINDOWS\System32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\Program Files\Internet Explorer\PLUGINS\SysWin64.Sys]  [N/A, N/A]
[PID: 3940][C:\Program Files\Rising\Rav\RsAgent.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 12]
    [C:\Program Files\Internet Explorer\PLUGINS\SysWin64.Sys]  [N/A, N/A]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
[PID: 3956][C:\WINDOWS\msagent\AgentSvr.exe]  [Microsoft Corporation, 2.00.0.3422]
    [C:\WINDOWS\System32\qhbpri.dll]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\PLUGINS\SysWin64.Sys]  [N/A, N/A]
    [C:\WINDOWS\System32\WinDCP32.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\TIMHost.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\jzepri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\wgdpri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\qjepri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\tlmpri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\wdbpri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\mycpri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\dhbpri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\xyfpri.dll]  [N/A, N/A]
[PID: 3448][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\System32\mycpri.dll]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\PLUGINS\SysWin64.Sys]  [N/A, N/A]
    [C:\WINDOWS\System32\xunleibho_v14.dll]  [Thunder Networking Technologies,LTD, 4, 6, 0, 62]
    [C:\WINDOWS\System32\WinDCP32.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\TIMHost.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\jzepri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\wgdpri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\qjepri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\tlmpri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\wdbpri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\qhbpri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\dhbpri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\xyfpri.dll]  [N/A, N/A]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\System32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
    [C:\WINDOWS\System32\DDRAW.dll]  [Microsoft Corporation, 5.3.0000000.900 built by: DIRECTX]
[PID: 3208][D:\sreng2\SREng.EXE]  [Smallfrogs Studio, 2.3.13.690]
    [C:\Program Files\Internet Explorer\PLUGINS\SysWin64.Sys]  [N/A, N/A]
    [C:\WINDOWS\System32\WinDCP32.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\TIMHost.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\jzepri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\wgdpri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\qjepri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\tlmpri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\wdbpri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\mycpri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\qhbpri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\dhbpri.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\xyfpri.dll]  [N/A, N/A]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================

Winsock 提供者
N/A

==================================
Autorun.inf
[C:\]
[autorun]
open=PegeFile.pif
shellexecute=PegeFile.pif
shell\Auto\command=PegeFile.pif
shell=Auto
[D:\]
[autorun]
open=PegeFile.pif
shellexecute=PegeFile.pif
shell\Auto\command=PegeFile.pif
shell=Auto
[E:\]
[autorun]
open=PegeFile.pif
shellexecute=PegeFile.pif
shell\Auto\command=PegeFile.pif
shell=Auto
[F:\]
[autorun]
open=PegeFile.pif
shellexecute=PegeFile.pif
shell\Auto\command=PegeFile.pif
shell=Auto
[G:\]
[autorun]
open=PegeFile.pif
shellexecute=PegeFile.pif
shell\Auto\command=PegeFile.pif
shell=Auto
[H:\]
[autorun]
open=PegeFile.pif
shellexecute=PegeFile.pif
shell\Auto\command=PegeFile.pif
shell=Auto

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
API HOOK
警告！System Repair Engineer 提醒
你下面的函数内容与预期值不符，他
们可能被一些恶意的软件所修改：
入口点错误：CreateProcessA
入口点错误：CreateProcessW

==================================


[/CODE]