当前运行的进程：         

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
G:\RISING\RAV\CCENTER.EXE
c:\program files\rising\rfw\rfwsrv.exe
G:\Rising\Rav\Ravmond.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
G:\Rising\Rav\RavStub.exe
c:\program files\rising\rfw\RfwMain.exe
G:\Rising\Rav\RavTask.exe
G:\Rising\Rav\Ravmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Tencent\TT\TTraveler.exe
C:\Documents and Settings\A\桌面\HijackThis1991日志扫描工具.exe

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,

--------------------------------------------------

注册表中的启动项:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

PHIME2002ASync = C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
PHIME2002A = C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
NeroFilterCheck = C:\WINDOWS\system32\NeroCheck.exe
MSPY2002 = C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
IMSCMig = C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
IMJPMIG8.1 = "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
RavTask = "G:\Rising\Rav\RavTask.exe" -system
瑞星监控 = D:\Program Files\Rising\Rav\RavMon.exe

--------------------------------------------------

注册表中的启动项:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce

RavStub = "G:\Rising\Rav\ravstub.exe" /RUNONCE

--------------------------------------------------

注册表中的启动项:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe
bgswitch = C:\WINDOWS\system32\bgswitch.exe

--------------------------------------------------

Load/Run keys from C:\WINDOWS\WIN.INI:

load=* 未找到INI相关项目值 *       
run=* 未找到INI相关项目值 *       

Load/Run keys from Registry:

HKLM\..\Windows NT\CurrentVersion\WinLogon: load=* 未找到相关注册表键值 *           
HKLM\..\Windows NT\CurrentVersion\WinLogon: run=* 未找到相关注册表键值 *           
HKLM\..\Windows\CurrentVersion\WinLogon: load=* 未找到相关注册表键值 *         
HKLM\..\Windows\CurrentVersion\WinLogon: run=* 未找到相关注册表键值 *         
HKCU\..\Windows NT\CurrentVersion\WinLogon: load=* 未找到相关注册表键值 *           
HKCU\..\Windows NT\CurrentVersion\WinLogon: run=* 未找到相关注册表键值 *           
HKCU\..\Windows\CurrentVersion\WinLogon: load=* 未找到相关注册表键值 *         
HKCU\..\Windows\CurrentVersion\WinLogon: run=* 未找到相关注册表键值 *         
HKCU\..\Windows NT\CurrentVersion\Windows: load=
HKCU\..\Windows NT\CurrentVersion\Windows: run=* 未找到相关注册表键值 *           
HKLM\..\Windows NT\CurrentVersion\Windows: load=* 未找到相关注册表键值 *           
HKLM\..\Windows NT\CurrentVersion\Windows: run=* 未找到相关注册表键值 *           
HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=

--------------------------------------------------

外壳扩展和屏幕保护程序的键值  从            C:\WINDOWS\SYSTEM.INI:

Shell=* 未找到INI相关项目值 *       
SCRNSAVE.EXE=* 未找到INI相关项目值 *       
drivers=* 未找到INI相关项目值 *       

外壳扩展和屏幕保护程序的键值  从  注册表             

Shell=EXPLORER.EXE
SCRNSAVE.EXE=* 未找到相关注册表键值 *           
drivers=* 未找到相关注册表键值 *           

Policies Shell key:

HKCU\..\Policies: Shell=* 未找到相关注册表键值 *           
HKLM\..\Policies: Shell=* 未找到相关注册表键值 *           

--------------------------------------------------


列举IE浏览器辅助对象(BHO模块):               

(no name) - C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper2006817_.dll (file missing) - {16B770A0-0E87-4278-B748-2460D64A8386}
(no name) - C:\PROGRA~1\FLASHGET\jccatch.dll - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7}
(no name) - C:\WINDOWS\DOWNLO~1\yiqouv.dll (file missing) - {409ABDE3-F3C0-2D4D-8F3C-82E647C552FD}
QQIEHelper - D:\Program Files\Tencent\QQ\QQIEHelper.dll - {54EBD53A-9BC1-480B-966A-843A333CA162}
(no name) - C:\WINDOWS\DOWNLO~1\BDHelper.dll - {CA92B524-BC8A-4610-BD2C-6BD3E28155D0}

--------------------------------------------------

列举“计划任务”服务:                   

DM_Install_Program.job

--------------------------------------------------

列举下载的程序文件：                       

[updatePanelX Control]
InProcServer32 = C:\WINDOWS\system32\uusee\internet\updateC.ocx
CODEBASE = http://www.uusee.com/player/updateC.cab

[WUWebControl Class]
InProcServer32 = C:\WINDOWS\system32\wuweb.dll
CODEBASE = http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1139452948525

[Rising Web Scan Object]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\OL2005.dll
CODEBASE = http://download.rising.com.cn/register/pcver/autoupgradepad/pcver2006new/OL2006.cab

--------------------------------------------------

列举 Winsock LSP 文件：           

NameSpace #4: C:\WINDOWS\system32\cdnns.dll (file MISSING)

--------------------------------------------------

列举 ShellServiceObjectDelayLoad 项目：           

PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\system32\webcheck.dll
SysTray: C:\WINDOWS\system32\stobject.dll

--------------------------------------------------

扫描hijackthis的日志