升级瑞星的时候连不上。打开hosts文件一看，是这样的。

125.91.14.230 www.kzdh.com
125.91.14.230 www.7255.com
125.91.14.230 www.7322.com
125.91.14.230 www.7939.com
125.91.14.230 www.piaoxue.com
125.91.14.230 www.feixu.net
125.91.14.230 www.6781.com
125.91.14.230 www.7b.com.cn
125.91.14.230 7b.com.cn
125.91.14.230 www.918188.com
125.91.14.230 hao.allxue.com
125.91.14.230 good.allxue.com
125.91.14.230 baby.allxue.com
125.91.14.230 www.allxue.com
125.91.14.230 about.lank.la
125.91.14.230 www.x114x.com
125.91.14.230 www.37ss.com
125.91.14.230 www.7k.cc
125.91.14.230 www.73ss.com
125.91.14.230 www.hao123.com
125.91.14.230 www.81915.com
125.91.14.230 222.88.90.22
125.91.14.230 www.9991.com
125.91.14.230 www.my123.com
125.91.14.230 www.haokan123.com
125.91.14.230 www.5566.net
125.91.14.230 www.gjj.cc
125.91.14.230 www.2345.com
125.91.14.230 dl.hao318.com
125.91.14.230 www.123wa.com
125.91.14.230 www.ku886.com
125.91.14.230 www.5icrack.com
125.91.14.230 www.jjol.cn
127.0.0.1 www.rising.com.cn
127.0.0.1 tool.ikaka.com
127.0.0.1 www.ikaka.com
127.0.0.1 update.rising.com.cn
127.0.0.1 online.rising.com.cn
127.0.0.1 up.rising.com.cn
127.0.0.1 go.rising.com.cn
127.0.0.1 it.rising.com.cn
127.0.0.1 rising.com.cn
127.0.0.1 ikaka.com
不知道为什么给改成这样。我自己再改,但是关了打开又成这样了。也没查出病毒。请帮忙看一下.125.91.14.230也不知道是什么站。打不开。谢谢各位.

把后面的删了，关闭，过一会打开还会出现屏蔽现象。127.0.0.1里只有rising\kaka.跟卡卡助手有关系吗?

是不是超级兔子的问题。各位高手有时间的话装超级兔子做做实验。超级兔子运行的时候，瑞星能监控到它修改注册表,只是运行，没有操作也是，改许多项...

006-11-27,14:01:02

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <RavTask><"D:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]

==================================
启动文件夹
N/A

==================================
服务
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[PCTEL Speaker Phone / Pctspk]
  <C:\WINDOWS\system32\pctspk.exe><PCtel, Inc.>
[Rising Process Communication Center / RsCCenter]
  <"D:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon]
  <"D:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>

==================================
驱动程序
[Service for Avance AC97 Audio (WDM) / ALCXWDM]
  <system32\drivers\ALCXWDM.SYS><Avance Logic, Inc.>
[BaseTDI / BaseTDI]
  <\??\C:\WINDOWS\system32\drivers\basetdi.sys><Beijing Rising Technology Co., Ltd.>
[ExpScaner / ExpScaner]
  <\??\D:\Program Files\Rising\Rav\ExpScan.sys><>
[HookCont / HookCont]
  <\??\D:\Program Files\Rising\Rav\HOOKCONT.sys><Rising tech Co. ltd>
[HookReg / HookReg]
  <\??\D:\Program Files\Rising\Rav\HookReg.sys><>
[HookSys / HookSys]
  <\??\D:\Program Files\Rising\Rav\HookSys.sys><Rising>
[MEMSCAN / MEMSCAN]
  <\??\D:\Program Files\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[npkcrypt / npkcrypt]
  <\??\F:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv / nv]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PCTEL Serial Device Driver for PCI / Ptserlp]
  <system32\DRIVERS\ptserlp.sys><PCTEL, INC.>
[RsAntiSpyware / RsAntiSpyware]
  <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising>
[RSPPSYS / RSPPSYS]
  <\??\D:\Program Files\Rising\Rav\RSPPSYS.sys><Rising>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv]
  <system32\DRIVERS\secdrv.sys><N/A>
[VIA AGP Filter / viaagp1]
  <\SystemRoot\system32\DRIVERS\viaagp1.sys><VIA Technologies, Inc.>
[ViaIde / ViaIde]
  <\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>
[XP Vmodem / Vmodem]
  <\SystemRoot\system32\DRIVERS\vmodem.sys><PCTEL, INC.>
[XP Vpctcom / Vpctcom]
  <\SystemRoot\system32\DRIVERS\vpctcom.sys><PCtel, Inc.>
[XP Vvoice / Vvoice]
  <\SystemRoot\system32\DRIVERS\vvoice.sys><PCtel, Inc.>

==================================
浏览器加载项
N/A

==================================
正在运行的进程
[PID: 436][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 496][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 520][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 564][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 576][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 732][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 792][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 860][D:\Program Files\Rising\Rav\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 876][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 932][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1008][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1028][D:\Program Files\Rising\Rav\Ravmond.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 1, 47]
    [D:\Program Files\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
    [D:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [D:\Program Files\Rising\Rav\RsPPsys.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
    [D:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [D:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [D:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [D:\Program Files\Rising\Rav\RsLog.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
    [D:\Program Files\Rising\Rav\HOOKSYS.dll]  [Beijing Rising Technology Co., Ltd., 18, 1, 0, 12]
    [D:\Program Files\Rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 33]
    [D:\Program Files\Rising\Rav\libload.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [D:\Program Files\Rising\Rav\VirusLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [D:\Program Files\Rising\Rav\regmon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [D:\Program Files\Rising\Rav\HookWeb.dll]  [rising, 18, 0, 0, 2]
    [D:\Program Files\Rising\Rav\MemMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
    [D:\Program Files\Rising\Rav\expscan.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [D:\Program Files\Rising\Rav\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
    [D:\Program Files\Rising\Rav\MailMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [D:\Program Files\Rising\Rav\SpamEng.dll]  [N/A, 18, 0, 0, 6]
    [D:\Program Files\Rising\Rav\engine.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 35]
    [D:\Program Files\Rising\Rav\PostTrt.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 18]
    [D:\Program Files\Rising\Rav\UnExe.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [D:\Program Files\Rising\Rav\ScanExec.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 16]
    [D:\Program Files\Rising\Rav\ScanEx.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 34]
    [D:\Program Files\Rising\Rav\RSUnpack.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 21]
    [D:\Program Files\Rising\Rav\ExtFile.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 24]
    [D:\Program Files\Rising\Rav\NvFile.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 7]
    [D:\Program Files\Rising\Rav\ScanMac.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [D:\Program Files\Rising\Rav\ScanSct.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
    [D:\Program Files\Rising\Rav\Unpacker.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 7]
    [D:\Program Files\Rising\Rav\ExtOLE.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [D:\Program Files\Rising\Rav\RsStore.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
[PID: 1244][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\CNMLM6e.DLL]  [CANON INC., 1.80.2.50]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\CNMPD6e.DLL]  [CANON INC., 1.80.2.50]
[PID: 1508][D:\Program Files\Rising\Rav\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 16]
    [D:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [D:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[PID: 1692][D:\Program Files\Rising\Rav\RavTask.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 22]
    [D:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [D:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]

[D:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [D:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\WINDOWS\system32\drivers\0iw.sys]  [N/A, N/A]
[PID: 1708][D:\Program Files\Rising\Rav\Ravmon.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 1, 39]
    [D:\Program Files\Rising\Rav\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 26]
    [D:\Program Files\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
    [D:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [D:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [D:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [D:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [D:\Program Files\Rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\WINDOWS\system32\drivers\0iw.sys]  [N/A, N/A]
[PID: 1796][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\drivers\0iw.sys]  [N/A, N/A]
[PID: 1832][C:\WINDOWS\system32\wew.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\drivers\0iw.sys]  [N/A, N/A]
[PID: 452][C:\WINDOWS\system32\pctspk.exe]  [PCtel, Inc., 4.00]
[PID: 128][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 1324][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1844][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3224][F:\Program Files\Tencent\QQ\QQ.exe]  [TENCENT, 0, 0, 0, 0]
    [F:\Program Files\Tencent\QQ\CoralAssist.DLL]  [Coral Team, 4.5.0 build 20060515]
    [F:\Program Files\Tencent\QQ\CoralQQ.DLL]  [Coral Team, 4.5.4 Build 20061001]
    [F:\Program Files\Tencent\QQ\ipsearcher.dll]  [N/A, 1.0.0.4]
    [F:\Program Files\Tencent\QQ\QQBaseClassInDll.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\QQ\QQHelperDll.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\QQ\BasicCtrlDll.dll]  [Tencent, 5, 0, 200, 370]
    [C:\WINDOWS\system32\drivers\0iw.sys]  [N/A, N/A]
    [F:\Program Files\Tencent\QQ\QQAPI.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\QQ\LoginCtrl.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\QQ\npkcntc.dll]  [INCA Internet Co., Ltd., 2006, 6, 27, 1]
    [F:\Program Files\Tencent\QQ\npkpdb.dll]  [INCA Internet Co., Ltd., 2003, 10, 1, 1]
    [F:\Program Files\Tencent\QQ\QQRes.dll]  [tencent, 1, 0, 0, 1]
    [F:\Program Files\Tencent\QQ\QQMainFrame.dll]  [N/A, N/A]
    [F:\Program Files\Tencent\QQ\CQQApplication.dll]  [N/A, N/A]
    [F:\Program Files\Tencent\QQ\NewSkin.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\QQ\HostingMgr.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\QQ\CameraDll.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\QQ\MailSummary.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\QQ\QQSpace.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
    [F:\Program Files\Tencent\QQ\QQGroupMng.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\QQ\GroupLive.dll]  [N/A, N/A]
    [F:\Program Files\Tencent\QQ\QQSysMsgMng.dll]  [N/A, N/A]
    [F:\Program Files\Tencent\QQ\UserDefinedHead.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\QQ\QQPlugin.dll]  [N/A, N/A]
    [F:\Program Files\Tencent\QQ\QQConfigPlugin.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\QQ\QRingMng.dll]  [N/A, N/A]
    [F:\Program Files\Tencent\QQ\PhoneAPI.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\QQ\DialerAllinOne.dll]  [tencent, 1, 4, 0, 0]
    [F:\Program Files\Tencent\QQ\VPortal.dll]  [, 1, 0, 0, 4]
    [F:\Program Files\Tencent\QQ\QQAvatar.dll]  [N/A, N/A]
    [F:\Program Files\Tencent\QQ\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [F:\Program Files\Tencent\QQ\LongConnection.dll]  [tencent, 5, 0, 200, 160]
    [F:\Program Files\Tencent\QQ\QQPet.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\QQ\QQAllInOne.dll]  [N/A, N/A]
    [F:\Program Files\Tencent\QQ\SCCore.dll]  [TENCENT, 2, 0, 0, 1]
    [F:\Program Files\Tencent\QQ\QQCustomFace.dll]  [N/A, N/A]
    [F:\Program Files\Tencent\QQ\BQQApplication.dll]  [N/A, N/A]
    [F:\Program Files\Tencent\QQ\QQSceneMng.dll]  [N/A, N/A]
    [F:\Program Files\Tencent\QQ\ImageOle.dll]  [TODO: <Company name>, 1.0.0.1]
    [D:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [F:\Program Files\Tencent\QQ\GroupConnection.dll]  [Tencent, 0, 3, 3, 5]
    [F:\Program Files\Tencent\QQ\CommercesMng.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\QQ\PersonalDesktop.dll]  [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
    [F:\Program Files\Tencent\QQ\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 240]
    [F:\Program Files\Tencent\QQ\QQPhoneHelper.dll]  [腾讯科技（深圳）有限公司, 2, 0, 6, 60]
[PID: 2756][D:\Program Files\Rising\Rav\Rav.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 75]
    [D:\Program Files\Rising\Rav\PlugIn\RsPgScan.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 17]
    [D:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [D:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [D:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [D:\Program Files\Rising\Rav\RavUI.Dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 65]
    [D:\Program Files\Rising\Rav\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 26]
    [D:\Program Files\Rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\WINDOWS\system32\drivers\0iw.sys]  [N/A, N/A]
    [D:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [D:\Program Files\Rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 33]
    [D:\Program Files\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
    [D:\Program Files\Rising\Rav\RavUIMsg.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 27]
    [D:\Program Files\Rising\Rav\libload.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [D:\Program Files\Rising\Rav\VirusLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [D:\Program Files\Rising\Rav\MVEngine.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
    [D:\Program Files\Rising\Rav\Engine.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 35]
    [D:\Program Files\Rising\Rav\ScanExec.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 16]
    [D:\Program Files\Rising\Rav\Unpacker.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 7]
    [D:\Program Files\Rising\Rav\UnExe.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [D:\Program Files\Rising\Rav\ScanEx.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 34]
    [D:\Program Files\Rising\Rav\RSUnpack.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 21]
    [D:\Program Files\Rising\Rav\ExtFile.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 24]
    [D:\Program Files\Rising\Rav\PostTrt.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 18]
    [D:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [D:\Program Files\Rising\Rav\NvFile.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 7]
    [D:\Program Files\Rising\Rav\ScanMac.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [D:\Program Files\Rising\Rav\ScanSct.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
    [D:\Program Files\Rising\Rav\ExtOLE.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [D:\Program Files\Rising\Rav\ScanNet.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [D:\Program Files\Rising\Rav\ExtMail.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[PID: 676][C:\WINDOWS\explorer.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\drivers\0iw.sys]  [N/A, N/A]
[PID: 404][F:\Program Files\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
    [C:\WINDOWS\system32\drivers\0iw.sys]  [N/A, N/A]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
125.91.14.230 www.kzdh.com
125.91.14.230 www.7255.com
125.91.14.230 www.7322.com
125.91.14.230 www.7939.com
125.91.14.230 www.piaoxue.com
125.91.14.230 www.feixu.net
125.91.14.230 www.6781.com
125.91.14.230 www.7b.com.cn
125.91.14.230 7b.com.cn
125.91.14.230 www.918188.com
125.91.14.230 hao.allxue.com
125.91.14.230 good.allxue.com
125.91.14.230 baby.allxue.com
125.91.14.230 www.allxue.com
125.91.14.230 about.lank.la
125.91.14.230 www.x114x.com
125.91.14.230 www.37ss.com
125.91.14.230 www.7k.cc
125.91.14.230 www.73ss.com
125.91.14.230 www.hao123.com
125.91.14.230 www.81915.com
125.91.14.230 222.88.90.22
125.91.14.230 www.9991.com
125.91.14.230 www.my123.com
125.91.14.230 www.haokan123.com
125.91.14.230 www.5566.net
125.91.14.230 www.gjj.cc
125.91.14.230 www.2345.com
125.91.14.230 dl.hao318.com
125.91.14.230 www.123wa.com
125.91.14.230 www.ku886.com
125.91.14.230 www.5icrack.com
125.91.14.230 www.jjol.cn
127.0.0.1 www.rising.com.cn
127.0.0.1 tool.ikaka.com
127.0.0.1 www.ikaka.com
127.0.0.1 update.rising.com.cn
127.0.0.1 online.rising.com.cn
127.0.0.1 up.rising.com.cn
127.0.0.1 go.rising.com.cn
127.0.0.1 it.rising.com.cn
127.0.0.1 rising.com.cn
127.0.0.1 ikaka.com

==================================

再帮忙看看呀。不好意思，开着QQ扫描的。不行我就再扫一次

安全模式进不去。重装了系统。HOSTS还是被改.绝望了

用Spybot - Search & Destroy扫描的时候，发现这个。不知道是不是元凶，请高手再帮忙看看啊。WINDOWS REDIRECTED HOST