[CODE]

2007-01-18,09:06:57

System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)

Windows 2000 Server Service Pack 4 (Build 2195)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <Internat.exe><internat.exe>  [(Verified)Microsoft Corporation]
    <Cn99QDNS><C:\Program Files\cn99qdns\Cn99qdns.exe>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <FTGateIcon><C:\Program Files\FTGate\FTGateIcon.exe>  [Floosietek Ltd]
    <DU Meter><C:\Program Files\DU Meter\DUMeter.exe>  [Hagel Technologies]
    <VxTaskbarMgr><C:\Program Files\VERITAS\VxUpdate\VxTaskbarMgr.exe>  [(Verified)VERITAS Software Corporation]
    <RavTask><"C:\Program Files\Rising123\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <Super Rabbit Desktop Set><C:\Program Files\Super Rabbit\MagicSet\DS.EXE /Load>  [Super Rabbit Software]
    <RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <runeip><C:\Program Files\rising\AntiSpyware\runiep.exe>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINNT\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]

==================================
启动文件夹
N/A

==================================
服务
[Backup Exec Remote Agent for Windows Servers / BackupExecAgentAccelerator][Running/Auto Start]
  <"C:\Program Files\VERITAS\Backup Exec\NT\beremote.exe"><VERITAS Software Corporation>
[Backup Exec Agent Browser / BackupExecAgentBrowser][Running/Auto Start]
  <"C:\Program Files\VERITAS\Backup Exec\NT\benetns.exe"><VERITAS Software Corporation>
[Backup Exec Device & Media Service / BackupExecDeviceMediaService][Running/Auto Start]
  <"C:\Program Files\VERITAS\Backup Exec\NT\pvlsvr.exe"><VERITAS Software Corporation>
[Backup Exec Job Engine / BackupExecJobEngine][Running/Auto Start]
  <"C:\Program Files\VERITAS\Backup Exec\NT\bengine.exe"><VERITAS Software Corporation>
[Backup Exec Naming Service / BackupExecNamingService][Running/Auto Start]
  <"C:\Program Files\VERITAS\Backup Exec\NT\benser.exe"><VERITAS Software Corporation>
[Backup Exec Server / BackupExecRPCService][Running/Auto Start]
  <"C:\Program Files\VERITAS\Backup Exec\NT\beserver.exe"><VERITAS Software Corporation>
[HP Insight Event Notifier / CIMnotify][Stopped/Disabled]
  <C:\WINNT\System32\CIMntfy\cimntfy.exe><Hewlett-Packard Company>
[HP Insight NIC Agent / CpqNicMgmt][Stopped/Disabled]
  <C:\WINNT\System32\CPQNiMgt\cpqnimgt.exe><Hewlett-Packard Company>
[Compaq Remote Monitor Service / CpqRcmc][Running/Auto Start]
  <C:\WINNT\System32\CpqRcmc.exe><Compaq>
[Version Control Agent / cpqvcagent][Stopped/Auto Start]
  <C:\Compaq\vcagent\vcagent.exe><N/A>
[HP Insight Web Agent / CpqWebMgmt][Stopped/Disabled]
  <C:\WINNT\System32\CPQMgmt\cpqwmgmt.exe><HP Corporation>

[HP Insight Foundation Agent / CqMgHost][Stopped/Disabled]
  <C:\WINNT\System32\CPQMgmt\CqMgHost\cqmghost.exe><Hewlett-Packard Company>
[HP Insight Server Agents / CqMgServ][Stopped/Disabled]
  <C:\WINNT\System32\CPQMgmt\CqMgServ\cqmgserv.exe><Hewlett-Packard Company>
[HP Insight Storage Agents / CqMgStor][Stopped/Disabled]
  <C:\WINNT\System32\CPQMgmt\CqMgStor\cqmgstor.exe><Hewlett-Packard Company>
[Logical Disk Manager Administrative Service / dmadmin][Stopped/Manual Start]
  <C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[ExecView Communication Module (ECM) / ECM Service][Running/Manual Start]
  <"C:\Program Files\VERITAS\Backup Exec\NT\ECM\ECM.exe"><VERITAS Software Corporation>
[FTGate Mail Server / FTGate Mail Server][Running/Auto Start]
  <C:\Program Files\FTGate\FTGateSrv.exe><Floosietek Ltd>
[Microsoft Exchange Event / MSExchangeES][Stopped/Disabled]
  <C:\Program Files\Exchsrvr\bin\events.exe><N/A>
[Microsoft Exchange Information Store / MSExchangeIS][Stopped/Disabled]
  <C:\Program Files\Exchsrvr\bin\store.exe><N/A>
[Microsoft Exchange MTA Stacks / MSExchangeMTA][Stopped/Disabled]
  <C:\Program Files\Exchsrvr\bin\emsmta.exe><N/A>
[Microsoft Exchange System Attendant / MSExchangeSA][Stopped/Disabled]
  <C:\Program Files\Exchsrvr\bin\mad.exe><N/A>
[Microsoft Exchange Site Replication Service / MSExchangeSRS][Stopped/Disabled]
  <C:\Program Files\Exchsrvr\bin\srsmain.exe><N/A>
[Microsoft Search / MSSEARCH][Stopped/Auto Start]
  <"C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe"><Microsoft Corporation>
[MSSQL$BKUPEXEC / MSSQL$BKUPEXEC][Running/Auto Start]
  <C:\Program Files\Microsoft SQL Server\MSSQL$BKUPEXEC\Binn\sqlservr.exe -sBKUPEXEC><Microsoft Corporation>
[MSSQLServerADHelper / MSSQLServerADHelper][Stopped/Manual Start]
  <C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe><Microsoft Corporation>
[Rising Proxy  Service / RfwProxySrv][Stopped/Manual Start]
  <c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
  <C:\Program Files\Rising\Rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"C:\Program Files\Rising123\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
  <"C:\Program Files\Rising123\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[SQLAgent$BKUPEXEC / SQLAgent$BKUPEXEC][Stopped/Manual Start]
  <C:\Program Files\Microsoft SQL Server\MSSQL$BKUPEXEC\Binn\sqlagent.EXE -i BKUPEXEC><Microsoft Corporation>
[Surveyor / Surveyor][Running/Auto Start]
  <C:\compaq\survey\Surveyor.EXE><Hewlett-Packard Development Group, L.P.>
[HP ProLiant System Shutdown Service / sysdown][Stopped/Disabled]
  <C:\WINNT\System32\sysdown.exe><Compaq Computer Corporation>
[TapeWare / TapeWare][Stopped/Disabled]
  <C:\Program Files\TapeWare\TWWINSDR.EXE><N/A>

==================================
驱动程序
[4mmdat--VRTS / 4mmdat--VRTS][Running/System Start]
  <system32\DRIVERS\04mmdat.sys><VERITAS Software>
[adpu160m / adpu160m][Running/Boot Start]
  <\SystemRoot\system32\drivers\adpu160m.sys><Adaptec, Inc.>
[atirage3 / atirage3][Running/Manual Start]
  <System32\DRIVERS\atimpab.sys><ATI Technologies Inc.>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[Network Management Protocol Driver / CNMPROT][Stopped/Manual Start]
  <System32\DRIVERS\cnmprot.sys><N/A>
[HP ProLiant iLO Advanced System Management Controller / cpqasm2][Running/Manual Start]
  <System32\DRIVERS\cpqasm2.sys><Compaq Computer Corporation>
[HP Integrated Lights-Out / CpqCiDrv][Running/Manual Start]
  <System32\DRIVERS\CpqCiDrv.sys><Hewlett-Packard Company>
[CPQCISSE / CPQCISSE][Running/Manual Start]

<System32\DRIVERS\CPQCISSE.sys><Hewlett-Packard Company>
[cpqcissm / cpqcissm][Running/Boot Start]
  <\SystemRoot\system32\drivers\cpqcissm.sys><Hewlett-Packard Company>
[HP Network Configuration Utility 7 / CPQTeam][Stopped/Manual Start]
  <System32\DRIVERS\cpqteam.sys><N/A>
[dmboot / dmboot][Stopped/Disabled]
  <System32\drivers\dmboot.sys><VERITAS Software Corp.>
[Logical Disk Manager Driver / dmio][Running/Boot Start]
  <\SystemRoot\System32\drivers\dmio.sys><VERITAS Software Corp.>
[dmload / dmload][Running/Boot Start]
  <\SystemRoot\System32\drivers\dmload.sys><VERITAS Software Corp.>
[EXIFS / EXIFS][Running/Auto Start]
  <\??\C:\WINNT\System32\drivers\exifs.sys><Microsoft Corporation>
[ExpScaner / ExpScaner][Running/Auto Start]
  <\??\C:\Program Files\Rising123\Rav\ExpScan.sys><>
[HookCont / HookCont][Running/Auto Start]
  <\??\C:\Program Files\Rising123\Rav\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
  <\??\C:\Program Files\Rising123\Rav\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
  <\??\C:\Program Files\Rising123\Rav\HookSys.sys><Rising>
[HP 10/100TX PCI LAN Adapter NT Driver / HPTX][Stopped/Manual Start]
  <System32\DRIVERS\hptxnt5.sys><Hewlett-Packard Company>
[LsiCsb6 / LsiCsb6][Running/Boot Start]
  <\SystemRoot\system32\drivers\LsiCsb6.sys><LSI Logic Corporation.>
[MegaIDE / MegaIDE][Stopped/Disabled]
  <\SystemRoot\system32\drivers\MegaIDE.sys><LSI Logic Corporation>
[MEMSCAN / MEMSCAN][Running/Auto Start]
  <\??\C:\Program Files\Rising123\Rav\MEMSCAN.sys><瑞星软件有限公司>
[mProcRs / mProcRs][Running/Auto Start]
  <\??\c:\program files\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[npkcrypt / npkcrypt][Stopped/Manual Start]
  <\??\UNC\li\c$\Program Files\Tencent\QQ\npkcrypt.sys><N/A>
[npkycryp / npkycryp][Stopped/Manual Start]
  <\??\UNC\li\c$\Program Files\Tencent\QQ\npkycryp.sys><N/A>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[HP NC7781 Gigabit Server Adapter / q57w2k][Running/Manual Start]
  <System32\DRIVERS\q57w2k.sys><Hewlett-Packard Company>
[RsAntiSpyware / RsAntiSpyware][Stopped/Disabled]
  <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising>
[RsFwDrv / RsFwDrv][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
  <\??\C:\Program Files\Rising123\Rav\RSPPSYS.sys><Rising>
[SCSIChanger / SCSIChanger][Stopped/System Start]
  <System32\DRIVERS\scsichng.sys><VERITAS Software>
[symc810 / symc810][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\symc810.sys><Symbios Logic Inc.>
[symc8xx / symc8xx][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\symc8xx.sys><LSI Logic>
[symmpi / symmpi][Running/Boot Start]
  <\SystemRoot\system32\drivers\symmpi.sys><LSI Logic>
[sym_hi / sym_hi][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\sym_hi.sys><Symbios Inc.>
[HP ProLiant System Management Interface Driver / sysmgmt][Running/Manual Start]

  <System32\DRIVERS\sysmgmt.sys><Compaq Computer Corporation>

==================================
浏览器加载项
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINNT\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[SysMonOCX Control]
  {9BDBC41E-C335-4263-83C0-ECE78EE28A33} <C:\WINNT\DOWNLO~1\SYSMON~1.OCX, AhnLab>

==================================
正在运行的进程
[PID: 228][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.00.2195.6601]
[PID: 252][\??\C:\WINNT\system32\csrss.exe]  [Microsoft Corporation, 5.00.2195.6601]
[PID: 276][\??\C:\WINNT\system32\winlogon.exe]  [Microsoft Corporation, 5.00.2195.6997]
[PID: 304][C:\WINNT\system32\services.exe]  [Microsoft Corporation, 5.00.2195.7035]
    [C:\WINNT\system32\dmserver.dll]  [VERITAS Software Corp., 2195.6605.297.3]
[PID: 316][C:\WINNT\system32\lsass.exe]  [Microsoft Corporation, 5.00.2195.7011]
[PID: 424][C:\WINNT\System32\termsrv.exe]  [Microsoft Corporation, 5.00.2195.6696]
[PID: 552][C:\WINNT\system32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 632][C:\Program Files\Rising123\Rav\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 640][C:\WINNT\System32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 728][C:\WINNT\system32\spoolsv.exe]  [Microsoft Corporation, 5.00.2195.7059]
    [C:\WINNT\system32\spool\DRIVERS\W32X86\3\SDNT5UI.DLL]  [Zenographics, Inc., 5.50.1811.0]
    [C:\WINNT\system32\spool\DRIVERS\W32X86\3\SDDM32.DLL]  [Zenographics, Inc., 5, 52, 1023, 0]
    [C:\WINNT\system32\spool\DRIVERS\W32X86\3\ZSPOOL.dll]  [Zenographics, Inc., 5, 51, 709, 0]
    [C:\WINNT\system32\spool\DRIVERS\W32X86\3\ZGDI32.dll]  [Zenographics, Inc., 5, 51, 628, 0]
    [C:\WINNT\system32\spool\DRIVERS\W32X86\3\ZTAG32.dll]  [Zenographics, Inc., 5, 50, 1725, 0]
    [C:\WINNT\system32\spool\DRIVERS\W32X86\3\SDDMUI.DLL]  [Zenographics, Inc., 5, 51, 1211, 0]
    [C:\WINNT\system32\spool\DRIVERS\W32X86\3\ZLANG.dll]  [Zenographics, Inc., 1, 2, 1414, 0]
    [C:\WINNT\system32\spool\DRIVERS\W32X86\3\SR32.dll]  [Zenographics, Inc., 5, 54, 315, 0]
[PID: 796][C:\Program Files\Rising123\Rav\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 4]
    [C:\Program Files\Rising123\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Rising123\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[PID: 504][C:\Program Files\VERITAS\Backup Exec\NT\benetns.exe]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\benetutl.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\beclass.dll]  [VERITAS Software Corporation, 9.0.4367]
[PID: 1120][C:\Program Files\VERITAS\Backup Exec\NT\benser.exe]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\beclass.dll]  [VERITAS Software Corporation, 9.0.4367]
[PID: 1144][C:\WINNT\system32\Dfssvc.exe]  [Microsoft Corporation, 5.00.2195.6664]
[PID: 1200][C:\WINNT\System32\llssrv.exe]  [Microsoft Corporation, 5.00.2195.7021]
[PID: 1268][C:\Program Files\Microsoft SQL Server\MSSQL$BKUPEXEC\Binn\sqlservr.exe]  [Microsoft Corporation, 2000.080.0534.00]
[PID: 1280][C:\WINNT\system32\ntfrs.exe]  [Microsoft Corporation, 5.00.2195.6709]
[PID: 1364][C:\WINNT\System32\locator.exe]  [Microsoft Corporation, 5.00.2195.6619]
[PID: 1384][C:\WINNT\system32\MSTask.exe]  [Microsoft Corporation, 4.71.2195.6972]
[PID: 1416][C:\compaq\survey\Surveyor.EXE]  [Hewlett-Packard Development Group, L.P., 2.56]
    [C:\compaq\survey\CpqHMMO.dll]  [HP, 5.91.0]
    [C:\compaq\survey\expat.dll]  [N/A, N/A]
    [C:\compaq\survey\mssngrus.dll]  [Hewlett-Packard Development Group, L.P., 2.56]
[PID: 1524][C:\WINNT\System32\WBEM\WinMgmt.exe]  [Microsoft Corporation, 1.50.1085.0100]
[PID: 396][C:\WINNT\System32\wins.exe]  [Microsoft Corporation, 5.00.2195.7005]
[PID: 1544][C:\WINNT\system32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 1624][C:\WINNT\System32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 1636][C:\WINNT\System32\CpqRcmc.exe]  [Compaq, 5.0.2.0]
[PID: 1656][C:\WINNT\System32\tcpsvcs.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 1688][C:\WINNT\System32\dns.exe]  [Microsoft Corporation, 5.00.2195.6715]
[PID: 1592][C:\WINNT\System32\ismserv.exe]  [Microsoft Corporation, 5.00.2195.6684]
[PID: 2048][C:\WINNT\system32\inetsrv\inetinfo.exe]  [Microsoft Corporation, 5.00.0984]
[PID: 2208][C:\WINNT\System32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 1168][C:\Program Files\FTGate\FTGateSrv.exe]  [Floosietek Ltd, 1, 2, 0, 0]
    [C:\Program Files\FTGate\Core.dll]  [Floosietek, 1, 2, 0, 0]
    [C:\Program Files\FTGate\ScriptSupport.dll]  [N/A, N/A]
[PID: 568][C:\Program Files\FTGate\FTGate.exe]  [N/A, N/A]
    [C:\Program Files\FTGate\Core.dll]  [Floosietek, 1, 2, 0, 0]
    [C:\Program Files\FTGate\ScriptSupport.dll]  [N/A, N/A]
    [C:\Program Files\FTGate\Executive.dll]  [Floosietek, 1, 2, 0, 0]
    [C:\Program Files\FTGate\sock.dll]  [Floosietek, 1, 2, 0, 0]
    [C:\Program Files\FTGate\Mailbox.dll]  [Floosietek, 1, 2, 0, 0]
    [C:\Program Files\FTGate\MsgStore.dll]  [Floosietek, 1, 2, 0, 0]
    [C:\Program Files\FTGate\DataStore.dll]  [N/A, N/A]
    [C:\Program Files\FTGate\edbnt.dll]  [Simple Software Solutions, Inc., 4, 1, 1, 1]
    [C:\Program Files\FTGate\script.dll]  [Floosietek, 1, 2, 0, 0]
    [C:\Program Files\FTGate\Schedule.dll]  [Floosietek, 1, 2, 0, 0]
    [C:\Program Files\FTGate\Spool.dll]  [Floosietek, 1, 2, 0, 0]
    [C:\Program Files\FTGate\WebServ.dll]  [N/A, N/A]
    [C:\Program Files\FTGate\ext.dll]  [N/A, N/A]

[C:\Program Files\FTGate\edb1nt.dll]  [Simple Software Solutions, Inc., 4, 1, 1, 1]
    [C:\Program Files\FTGate\zavScan.avs]  [N/A, N/A]
    [C:\Program Files\FTGate\FTGMon.fxt]  [Floosietek, 1, 2, 0, 0]
    [C:\Program Files\FTGate\inifile.fxt]  [N/A, N/A]
    [C:\Program Files\FTGate\LdapEx.fxt]  [Floosietek, 1, 2, 0, 0]
    [C:\Program Files\FTGate\Replicator.fxt]  [N/A, N/A]
    [C:\Program Files\FTGate\ScriptLib.fxt]  [Floosietek, 1, 2, 0, 0]
    [C:\Program Files\FTGate\SigInsert.fxt]  [N/A, N/A]
[PID: 2156][C:\Program Files\VERITAS\Backup Exec\NT\beremote.exe]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\bestdutl.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\beclass.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\engine_ZH.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\ndmpsrvr.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\ndmpcomm.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\bedscomn.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\bedssms.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\bebsdu.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\benetapi.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\benetutl.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\bedsnt5.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\intranw.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\beerrors_ZH.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\bedssql2.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\bedsxchg.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\bedsxese.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\bedspush.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\bedsnote.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\bedsmdoc.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\bedsupfs.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\bedsshadow.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\bedsagnt.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\bedssmsp.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\benettcp.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\benetspx.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\BESMDR.DLL]  [VERITAS Software Corporation, 9.0.4367]
[PID: 768][C:\Program Files\VERITAS\Backup Exec\NT\pvlsvr.exe]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\bestdutl.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\beclass.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\bemsdk.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\SigComp230.dll]  [N/A, 2.30.003]
    [C:\Program Files\VERITAS\Backup Exec\NT\pvltypes.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\pvlsvr_ZH.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\devtypes.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\PROGRA~1\VERITAS\BACKUP~1\NT\ipvlapi.dll]  [VERITAS Software Corporation, 9.0.4367]
[PID: 2468][C:\Program Files\VERITAS\Backup Exec\NT\beserver.exe]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\BeSQL.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\beclass.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\bemsdk.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\SigComp230.dll]  [N/A, 2.30.003]
    [C:\Program Files\VERITAS\Backup Exec\NT\CRPE32.dll]  [Seagate Software, Inc., 8.5.0.217]
    [C:\Program Files\VERITAS\Backup Exec\NT\bestdutl.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\vxace502.dll]  [N/A, 5.2]
    [C:\Program Files\VERITAS\Backup Exec\NT\msgq.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\InstOps.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\BeCatDrv.dll]  [VERITAS Software Corporation, 9.0.4367]

[C:\Program Files\VERITAS\Backup Exec\NT\bebsdu.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\bedscomn.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\shuie.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\engine_ZH.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\PROGRA~1\VERITAS\BACKUP~1\NT\schedmgrur.dll]  [VERITAS Software Corporation, 1.00.053]
    [C:\PROGRA~1\VERITAS\BACKUP~1\NT\sfcwall30u.dll]  [Seagate Software, Inc., 3, 0, 17, ]
    [C:\PROGRA~1\VERITAS\BACKUP~1\NT\schedu.dll]  [VERITAS Software Corporation, 1.00.053]
    [C:\Program Files\VERITAS\Backup Exec\NT\NS300.DLL]  [VERITAS Software Corporation, 3.00.046]
    [C:\Program Files\VERITAS\Backup Exec\NT\xerces-c_1_3.dll]  [Apache Software Foundation, 1, 3, 0]
    [C:\Program Files\VERITAS\Backup Exec\NT\SIGMAPIMAIL300U.DLL]  [N/A, 3.00.018.0]
    [C:\Program Files\VERITAS\Backup Exec\NT\SIGVIMMAIL100.DLL]  [N/A, 1.00.019]
    [C:\Program Files\VERITAS\Backup Exec\NT\SIGPRINTNOTE100.DLL]  [VERITAS Software Corporation, 1.00.005]
    [C:\Program Files\VERITAS\Backup Exec\NT\PAGER300.DLL]  [N/A, 3.00.013]
    [C:\Program Files\VERITAS\Backup Exec\NT\SigFCL250U.dll]  [N/A, 2.50.021]
    [C:\Program Files\VERITAS\Backup Exec\NT\SMTPMAIL300.DLL]  [N/A, 3.00.009]
    [C:\WINNT\system32\mapi32.dll]  [Mozilla Foundation, 1.7: 2004061610]
    [C:\PROGRA~1\VERITAS\BACKUP~1\NT\ipvlapi.dll]  [VERITAS Software Corporation, 9.0.4367]
[PID: 756][C:\Program Files\VERITAS\Backup Exec\NT\bengine.exe]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\benetapi.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\beclass.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\benetutl.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\bedscomn.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\bestdutl.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\bebsdu.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\becatsrv.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\BeCatDrv.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\daoview.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\bemsdk.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\SigComp230.dll]  [N/A, 2.30.003]
    [C:\Program Files\VERITAS\Backup Exec\NT\ndmpcomm.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\shuie.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\BECATDRV_ZH.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\engine_ZH.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\PROGRA~1\VERITAS\BACKUP~1\NT\ipvlapi.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\BeCatSrv_ZH.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\bedsnt5.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\intranw.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\bedssql2.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\bedsagnt.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\bedssms.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\bedsxchg.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\bedsxese.dll]  [VERITAS Software Corporation, 9.0.4367]

[C:\Program Files\VERITAS\Backup Exec\NT\beerrors_ZH.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\bedspush.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\bedssmsp.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\bedsnote.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\bedsmdoc.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\bedsupfs.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\bedsshadow.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\benettcp.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\benetspx.dll]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\VERITAS\Backup Exec\NT\BESMDR.DLL]  [VERITAS Software Corporation, 9.0.4367]
[PID: 1976][C:\Program Files\VERITAS\Backup Exec\NT\ECM\ECM.exe]  [VERITAS Software Corporation, 3.1.0229]
[PID: 2940][C:\WINNT\Logo1_.exe]  [N/A, N/A]
[PID: 2912][C:\WINNT\system32\regsvc.exe]  [Microsoft Corporation, 5.00.2195.6701]
[PID: 2172][C:\WINNT\Explorer.EXE]  [Microsoft Corporation, 5.00.3700.6690]
    [C:\Program Files\rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
    [C:\WINNT\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
    [C:\Program Files\Rising123\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[PID: 2668][C:\Program Files\FTGate\FTGateIcon.exe]  [Floosietek Ltd, 1, 2, 0, 0]
    [C:\Program Files\rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 2212][C:\Program Files\DU Meter\DUMeter.exe]  [Hagel Technologies, 3.07 Build 192]
    [C:\Program Files\DU Meter\DUData.dll]  [Hagel Technologies, 3.07 Build 192]
    [C:\Program Files\rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 2532][C:\Program Files\VERITAS\VxUpdate\VxTaskbarMgr.exe]  [VERITAS Software Corporation, 9.0.4367]
    [C:\Program Files\rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 2124][C:\Program Files\rising\AntiSpyware\runiep.exe]  [Beijing Rising Technology Co., Ltd., 1, 0, 1, 3]
    [C:\Program Files\rising\AntiSpyware\iep_ctrl.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 4]
    [C:\Program Files\rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 544][C:\WINNT\system32\internat.exe]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\Program Files\rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 2600][C:\Program Files\cn99qdns\Cn99qdns.exe]  [, 2, 0, 0, 1]
    [C:\Program Files\rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 2276][C:\Documents and Settings\Administrator.SERVER.000\桌面\sreng2_PConline\SREng.EXE]  [Smallfrogs Studio, 2.3.13.690]
    [C:\Program Files\rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINNT\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
API HOOK
N/A

==================================


[/CODE]

没人帮忙看看吗?