用瑞星杀毒提示有两个Rootkit.Ads.h在C:\WINDOWS\system32\drivers里面,要求重启后删除文件,可每次都删除不掉,有程序在使用,发上日志,请斑竹帮忙

HijackThis_815汉化版扫描日志 V1.99.1
保存于      21:49:03, 日期 2006-10-20
操作系统：  Windows XP SP2 (WinNT 5.01.2600)
浏览器：    Internet Explorer v6.00 SP2 (6.00.2900.2180)

当前运行的进程：         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
D:\瑞星\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
D:\瑞星\Rising\Rav\Ravmond.exe
C:\WINDOWS\system32\spoolsv.exe
D:\瑞星\Rising\Rav\RavStub.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
D:\瑞星\Rising\Rav\RavTask.exe
D:\瑞星\Rising\Rav\Ravmon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\VM_STI.EXE
C:\WINDOWS\system32\ctfmon.exe
D:\超级兔子\MagicSet\SRIECLI.EXE
D:\瑞星\Rising\Rav\Rav.exe
D:\瑞星\Rising\Rav\RsAgent.exe
C:\WINDOWS\msagent\AgentSvr.exe
D:\遨游\Maxthon\Maxthon.exe
D:\RAR\WinRAR.exe
C:\DOCUME~1\MUYANG~1\LOCALS~1\Temp\Rar$EX00.625\HijackThis1991zww.exe

R3 - 默认的URLSearchHook丢失。用HijackThis修复
F2 - REG:system.ini: UserInit=userinit.exe,
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] ; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - 启动项HKLM\\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - 启动项HKLM\\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - 启动项HKLM\\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - 启动项HKLM\\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - 启动项HKLM\\Run: [RavTask] "D:\瑞星\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [StormCodec_Helper] "D:\暴风影音\Storm Codec\StormSet.exe" /S /opti
O4 - 启动项HKLM\\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - 启动项HKLM\\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - 启动项HKLM\\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - 启动项HKLM\\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE FAMETECH USB PC CAMERA - 深圳金科 - VRMO.com
O4 - 启动项HKLM\\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Super Rabbit IEPro] D:\超级兔子\MagicSet\SRIECLI.EXE /LOAD
O16 - DPF: {52FF336D-A05D-4A14-A3A1-7B6B4B427F88} (UploadControl Control) - http://blog.163.com/bin/UploadControl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AF6C9564-5CDF-497C-93AF-4573E98994A3}: NameServer = 202.96.134.134,202.96.128.68
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - NT 服务: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - NT 服务: Service (AdServer) - Adobe Systems - (no file)
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - D:\瑞星\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\瑞星\Rising\Rav\Ravmond.exe
O23 - NT 服务: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

在线等候中....

顶上去

救命帖啊,大家别怪我

有知道解决办法的吗

日志来了,请帮忙看一下

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
    <Super Rabbit IEPro><D:\超级兔子\MagicSet\SRIECLI.EXE /LOAD>  [Super Rabbit Soft]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <MSPY2002><C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC>  [(Verified)N/A]
    <IgfxTray><C:\WINDOWS\system32\igfxtray.exe>  [(Verified)Intel Corporation]
    <HotKeysCmds><C:\WINDOWS\system32\hkcmd.exe>  [(Verified)Intel Corporation]
    <SoundMAXPnP><C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe>  [Analog Devices, Inc.]
    <SoundMAX><"C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray>  [Analog Devices, Inc.]
    <RavTask><"D:\瑞星\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <StormCodec_Helper><"D:\暴风影音\Storm Codec\StormSet.exe" /S /opti>  [N/A]
    <IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [(Verified)Microsoft Corporation]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <ISUSScheduler><"C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start>  [InstallShield Software Corporation]
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  [N/A]
    <BigDogPath><C:\WINDOWS\VM_STI.EXE FAMETECH USB PC CAMERA - 深圳金科 - VRMO.com>  [N/A]
    <ISUSPM Startup><C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup>  [InstallShield Software Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><userinit.exe,>  [(Verified)Microsoft Corporation]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]

==================================
启动文件夹
N/A

==================================
服务
[Adobe LM Service / Adobe LM Service]
  <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[Service / AdServer]
  <><N/A>
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Rising Process Communication Center / RsCCenter]
  <"D:\瑞星\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"D:\瑞星\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[SoundMAX Agent Service / SoundMAX Agent Service (default)]
  <C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe><Analog Devices, Inc.>
[Aication / tographicServices]
  <><N/A>

==================================
驱动程序
[AliIde / AliIde]
  <\SystemRoot\System32\DRIVERS\aliide.sys><N/A>
[Rising TDI Base Driver / BaseTDI]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[CmdIde / CmdIde]
  <\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[ExpScaner / ExpScaner]
  <\??\D:\瑞星\Rising\Rav\ExpScan.sys><>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[HookCont / HookCont]
  <\??\D:\瑞星\Rising\Rav\HOOKCONT.sys><Rising tech Co. ltd>
[HookReg / HookReg]
  <\??\D:\瑞星\Rising\Rav\HookReg.sys><>
[HookSys / HookSys]
  <\??\D:\瑞星\Rising\Rav\HookSys.sys><Rising>
[ialm / ialm]
  <system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[lhrqtma / lhrqtmag]
  <\SystemRoot\System32\DRIVERS\lhrqtmag.sys><N/A>
[MegaIDE / MegaIDE]
  <\SystemRoot\System32\DRIVERS\MegaIDE.sys><LSI Logic Corporation.>
[MEMSCAN / MEMSCAN]
  <\??\D:\瑞星\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[MidiSyn / MidiSyn]
  <system32\drivers\MidiSyn.sys><Analog Devices Inc>
[npkcrypt / npkcrypt]
  <\??\C:\WINDOWS\system32\qqedit\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv / nv]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv]
  <system32\DRIVERS\secdrv.sys><N/A>
[senfilt / senfilt]
  <system32\drivers\senfilt.sys><Sensaura>
[smwdm / smwdm]
  <system32\drivers\smwdm.sys><Analog Devices, Inc.>
[svarizq / svarizqv]
  <\SystemRoot\System32\DRIVERS\svarizqv.sys><N/A>
[ViaIde / ViaIde]
  <\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>
[WmRegProDrv / WmRegProDrv]
  <System32\Drivers\WmRegProDrv.sys><N/A>

==================================
浏览器加载项
[UploadControl Control]
  {52FF336D-A05D-4A14-A3A1-7B6B4B427F88} <C:\WINDOWS\system32\UPLOAD~1.OCX, 广州网易互动娱乐有限公司>
[]
  {29A8B48F-9AB3-43D3-8B87-7D1888197563} <C:\WINDOWS\system32\ATIDEMGRED.dll, N/A>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>

==================================
正在运行的进程
[PID: 456][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 504][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 528][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 572][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 584][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 736][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 784][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 876][D:\瑞星\Rising\Rav\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 908][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 988][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1052][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1068][D:\瑞星\Rising\Rav\Ravmond.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 1, 35]
    [D:\瑞星\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
    [D:\瑞星\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [D:\瑞星\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [D:\瑞星\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [D:\瑞星\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [D:\瑞星\Rising\Rav\RsLog.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
    [D:\瑞星\Rising\Rav\HOOKSYS.dll]  [Beijing Rising Technology Co., Ltd., 18, 1, 0, 11]
    [D:\瑞星\Rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 32]
    [D:\瑞星\Rising\Rav\libload.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [D:\瑞星\Rising\Rav\VirusLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
    [D:\瑞星\Rising\Rav\regmon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [D:\瑞星\Rising\Rav\HookWeb.dll]  [rising, 18, 0, 0, 2]
    [D:\瑞星\Rising\Rav\MemMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [D:\瑞星\Rising\Rav\expscan.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [D:\瑞星\Rising\Rav\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
    [D:\瑞星\Rising\Rav\MailMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [D:\瑞星\Rising\Rav\SpamEng.dll]  [N/A, 18, 0, 0, 6]
    [D:\瑞星\Rising\Rav\engine.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 34]
    [D:\瑞星\Rising\Rav\PostTrt.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 17]
    [D:\瑞星\Rising\Rav\UnExe.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [D:\瑞星\Rising\Rav\ScanExec.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 15]
    [D:\瑞星\Rising\Rav\ScanEx.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 30]
    [D:\瑞星\Rising\Rav\RSUnpack.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [D:\瑞星\Rising\Rav\NvFile.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 7]
    [D:\瑞星\Rising\Rav\ScanMac.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [D:\瑞星\Rising\Rav\ScanSct.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
    [D:\瑞星\Rising\Rav\Unpacker.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [D:\瑞星\Rising\Rav\ExtOLE.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [D:\瑞星\Rising\Rav\RsStore.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
[PID: 1220][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1316][D:\瑞星\Rising\Rav\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 16]
    [D:\瑞星\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [D:\瑞星\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[PID: 1660][C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe]  [Analog Devices, Inc., 3, 2, 6, 0]
[PID: 1752][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\瑞星\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [D:\RAR\rarext.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 21]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
[PID: 1800][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 220][C:\WINDOWS\system32\hkcmd.exe]  [Intel Corporation, 3.0.0.3943]
    [C:\WINDOWS\system32\hccutils.DLL]  [Intel Corporation, 3.0.0.3943]
    [C:\WINDOWS\system32\igfxdev.dll]  [Intel Corporation, 3.0.0.3943]
    [C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.3943]
    [C:\WINDOWS\system32\igfxhk.dll]  [Intel Corporation, 3.0.0.3943]
    [C:\WINDOWS\system32\igfxres.dll]  [Intel Corporation, 3.0.0.3943]
[PID: 228][C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe]  [Analog Devices, Inc., 5, 0, 1, 57]
    [C:\Program Files\Analog Devices\SoundMAX\SMWDMIF.dll]  [Analog Devices, Inc., 5, 0, 0, 460]
[PID: 260][D:\瑞星\Rising\Rav\RavTask.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 22]
    [D:\瑞星\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [D:\瑞星\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [D:\瑞星\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [D:\瑞星\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
[PID: 320][D:\瑞星\Rising\Rav\Ravmon.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 1, 33]
    [D:\瑞星\Rising\Rav\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 26]
    [D:\瑞星\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
    [D:\瑞星\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [D:\瑞星\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [D:\瑞星\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [D:\瑞星\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [D:\瑞星\Rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[PID: 588][C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe]  [InstallShield Software Corporation, 3, 10, 100, 1143]
[PID: 700][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 636][C:\WINDOWS\VM_STI.EXE]  [VM., 4.2.610.4]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
[PID: 976][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1248][D:\超级兔子\MagicSet\SRIECLI.EXE]  [Super Rabbit Soft, 7.84]
    [D:\超级兔子\MagicSet\shlobj71.ocx]  [Sky Software (http://www.ssware.com), 7, 1, 0, 0]
[PID: 1836][D:\遨游\Maxthon\Maxthon.exe]  [Maxthon International Ltd., 1, 5, 1, 39]
    [D:\遨游\Maxthon\maxzlib.dll]  [ , 1, 0, 0, 2]
    [D:\遨游\Maxthon\Services\RealTime\real_time.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
[PID: 3892][D:\暴风影音\Storm Codec\mplayerc.exe]  [Gabest, 6, 4, 9, 0]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\tssoft32.acm]  [DSP GROUP, INC., 1.01]
    [C:\WINDOWS\system32\tsd32.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\sl_anet.acm]  [Sipro Lab Telecom Inc., 3.02]
    [C:\WINDOWS\system32\iac25_32.ax]  [Intel Corporation, 2.05.53]
    [C:\WINDOWS\system32\l3codeca.acm]  [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]
    [C:\WINDOWS\system32\vorbis.acm]  [HMS http://hp.vector.co.jp/authors/VA012897/, 0, 0, 3, 6]
    [C:\WINDOWS\system32\vct3216.acm]  [Voxware, Inc., 1.6.0.17]
    [C:\WINDOWS\system32\vct3216.dll]  [Voxware, Inc., 1.6.0.12]
    [C:\WINDOWS\system32\msms001.vwp]  [Voxware, Inc., 2.0.2.61]
    [C:\WINDOWS\system32\mvoice.vwp]  [Voxware, Inc., 2.0.0.12.01]
    [C:\Program Files\Common Files\Real\Codecs\SIPR.dll]  [RealNetworks, Inc., 10.0.0.3004]
    [C:\WINDOWS\system32\PNCRT.dll]  [Real Networks, Inc, 6.0.0.0]
    [C:\WINDOWS\system32\ffdshow.ax]  [N/A, 1.0.2.2028]
    [C:\Program Files\Common Files\Real\Codecs\drvc.dll]  [RealNetworks, Inc., 10.0.0.1707]
    [D:\暴风影音\Storm Codec\Codecs\TTL2Dec.dll]  [N/A, N/A]
[PID: 1252][D:\RAR\WinRAR.exe]  [N/A, N/A]
[PID: 1132][C:\DOCUME~1\MUYANG~1\LOCALS~1\Temp\Rar$EX00.000\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

=================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1                    localhost
127.0.0.1                    008.cn
127.0.0.1                    ultimate-best-hgh.0my.net
127.0.0.1                    www.139500.com
127.0.0.1                    www.1yin.net
127.0.0.1                    ****cn
127.0.0.1                    www.37021.com
127.0.0.1                    www.47555.net
127.0.0.1                    www.511ring.com
127.0.0.1                    me.5e163.com
127.0.0.1                    www.777888.com
127.0.0.1                    www.77ttt.com
127.0.0.1                    www.9p.cn
127.0.0.1                    abcdesign.ru
127.0.0.1                    gutemine.wu-wien.ac.at
127.0.0.1                    math.kobe-u.ac.jp
127.0.0.1                    www.aifind.info
127.0.0.1                    www.allyes.com
127.0.0.1                    www.aogo.net
127.0.0.1                    baltnet.ru
127.0.0.1                    quotes.barchart.com
127.0.0.1                    free.bestialityhost.com
127.0.0.1                    cctv1.net
127.0.0.1                    cctv8.net
127.0.0.1                    www.cctv8.net
127.0.0.1                    ciachoo.pl
127.0.0.1                    www.play.cn.gs
127.0.0.1                    www.cnqb.net
127.0.0.1                    www.xiliao.com.cn
127.0.0.1                    alexey.pioneers.com.ru
127.0.0.1                    www.coolcdrom.com
127.0.0.1                    www.coolseach.com
127.0.0.1                    puldk490gj.da.ru
127.0.0.1                    dicto.ru
127.0.0.1                    www.dj3344.com
127.0.0.1                    www.donttrip.org
127.0.0.1                    www.ehomeday.com
127.0.0.1                    elemental.ru
127.0.0.1                    errorguard.com
127.0.0.1                    friendlygreeting.com
127.0.0.1                    zhp.gdynia.pl
127.0.0.1                    www.gg888.net
127.0.0.1                    gin.ru
127.0.0.1                    www.girlchinese.com
127.0.0.1                    glass-master.ru
127.0.0.1                    photo.gornet.ru
127.0.0.1                    relay.great.ru
127.0.0.1                    hack-gegen-rechts.com
127.0.0.1                    hgrstrailer.com
127.0.0.1                    www.homepage.com
127.0.0.1                    hotbar.com
127.0.0.1                    intellect.lvc
127.0.0.1                    interfoodtd.ru
127.0.0.1                    jewishgen.org
127.0.0.1                    www.jixian.net
127.0.0.1                    k2kapital.com
127.0.0.1                    security.kolla.de
127.0.0.1                    www.kuliao.com
127.0.0.1                    laugh-mail.net
127.0.0.1                    marketscore.com
127.0.0.1                    www.mir0.com
127.0.0.1                    momentum.ru
127.0.0.1                    www.mtv51.com
127.0.0.1                    www.mydj2005.com
127.0.0.1                    nefkom.net
127.0.0.1                    no-abi2003.de
127.0.0.1                    tdi-router.opola.pl
127.0.0.1                    packages.debian.or.jp
127.0.0.1                    perfectgirls.net
127.0.0.1                    peterstar.ru
127.0.0.1                    pgipearls.com
127.0.0.1                    phg.pl
127.0.0.1                    vip.pnet.pl
127.0.0.1                    sec.polbox.pl
127.0.0.1                    polobeer.de
127.0.0.1                    porno-mania.net
127.0.0.1                    home.profootball.ru
127.0.0.1                    qianbai.com
127.0.0.1                    ad.qingyule.com
127.0.0.1                    www.qq168.net
127.0.0.1                    www.qq3344.com
127.0.0.1                    www.qq92.com
127.0.0.1                    www.qqwz.com
127.0.0.1                    www.qu123.com
127.0.0.1                    republika.pl
127.0.0.1                    www.richfind.com
127.0.0.1                    rollenspielzirkel.de
127.0.0.1                    safer-networking.org
127.0.0.1                    sdsauto.ru
127.0.0.1                    www.searchpage.cc
127.0.0.1                    www.seekeasysoft.net
127.0.0.1                    shadkhan.ru
127.0.0.1                    slavarik.ru
127.0.0.1                    sovea.de
127.0.0.1                    spybot.info
127.0.0.1                    www.start-page.info
127.0.0.1                    lars-s.privat.t-online.de
127.0.0.1                    u.t2cn.com
127.0.0.1                    it.trendmicro-europe.com
127.0.0.1                    trendmicro.it
127.0.0.1                    truefriends.net
127.0.0.1                    www.tthao.com
127.0.0.1                    www.ttrx.net
127.0.0.1                    tuhart.net
127.0.0.1                    www.unionsky.cn
127.0.0.1                    www.unionsky.com
127.0.0.1                    www.unionsky.net
127.0.0.1                    vconsole.net
127.0.0.1                    virtumonde.com
127.0.0.1                    gamma.vyborg.ru
127.0.0.1                    financial.washingtonpost.com
127.0.0.1                    webpark.pl
127.0.0.1                    wishken.com
127.0.0.1                    www.yeapple.com
127.0.0.1                    www.yibinren.com
127.0.0.1                    www.youmiss.com
127.0.0.1                    www.yysky.net
127.0.0.1                    zelnet.ru
127.0.0.1                    www.zhengdian.com
127.0.0.1                    abc.265.com
127.0.0.1                    555.265.com

==================================