哪位高人可以帮帮忙呀

那你可得看啊

[CODE]

2007-02-07,18:09:22

System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" /background>  [(Verified)Microsoft Corporation]
    <9zgyi16q><C:\WINDOWS\iexp1ore.exe>  [N/A]
    <8ihxr5rm9><C:\WINDOWS\iexpl0re.exe>  [N/A]
    <u7mktvlme><C:\WINDOWS\winlog0n.exe>  [N/A]
    <xrl807r0y><C:\WINDOWS\svch0st.exe>  [N/A]
    <0dy5b59hh><C:\WINDOWS\crasos.exe>  [N/A]
    <h1><C:\WINDOWS\rundl132.exe>  [N/A]
    <2er3x24mwxdgdql><C:\WINDOWS\c0nime.exe>  [N/A]
    <svc><C:\DOCUME~1\ljs\LOCALS~1\Temp\kwatlog.exe>  [Microsoft Corporation]
    <SGMIGEX><C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system\WINS0C~1.DLL,Run>  [mcsoft]
    <swg><C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe>  [(Verified)Google Inc.]
    <3chvjvsgzlswxk><; C:\WINDOWS\winlog0n.exe>  [N/A]
    <ctfmon.exe><; C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
    <sdy8l9lfqbi6d><; C:\WINDOWS\iexpl0re.exe>  [N/A]
    <zd798><; C:\WINDOWS\winlog0n.exe>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <TkBellExe><; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot>  [RealNetworks, Inc.]
    <CdnCtr><C:\Program Files\CNNIC\Cdn\cdnup.exe>  [CNNIC]
    <StormCodec_Helper><"C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>  [N/A]
    <helper.dll><; C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32>  []
    <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <RavTask><; "C:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <runeip><; C:\Program Files\Rising\AntiSpyware\runiep.exe>  [Beijing Rising Technology Co., Ltd.]
    <stup.exe><; C:\PROGRA~1\TENCENT\Adplus\stup.exe>  [N/A]
    <task32.exe><; C:\WINDOWS\system32\task32.exe>  [N/A]
    <WinampAgent><; C:\Program Files\Winamp\winampa.exe>  [N/A]
    <wpsautoupdate><; C:\Program Files\Kingsoft\WPS Office 2005 PersonalTrial\Office6\wpsupdate.exe InstallAfterReStart>  [N/A]
    <yassistse><; "C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe">  [N/A]
    <YLive.exe><; C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <twin><C:\WINDOWS\system32\twunk32.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]

==================================
启动文件夹
N/A

==================================
服务
[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[Google Updater Service / gusvc][Stopped/Manual Start]
  <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[MICR0SOFT SVCH0ST / MS_SVCH0ST][Running/Auto Start]
  <C:\WINDOWS\system\SVCH0ST.EXE><N/A>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon][Running/Auto Start]
  <"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[Windows DHCP Service / WinDHCPsvc][Stopped/Auto Start]
  <C:\WINDOWS\system32\\rundll32.exe windhcp.ocx,input><Microsoft Corporation>

==================================
驱动程序
[ADProt / ADProt][Stopped/System Start]
  <\SystemRoot\system32\drivers\ADProt.sys><N/A>
[BaseTDI / BaseTDI][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\basetdi.sys><Beijing Rising Technology Co., Ltd.>
[cdnprot / cdnprot][Running/Boot Start]
  <\SystemRoot\system32\drivers\cdnprot.sys><中国互联网络信息中心(CNNIC)>
[cdntran / cdntran][Running/Auto Start]
  <system32\drivers\cdntran.sys><CNNIC>
[EagleNT / EagleNT][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\EagleNT.sys><N/A>
[Creative AudioPCI (ES1371,ES1373) (WDM) / es1371][Running/Manual Start]
  <system32\drivers\es1371mp.sys><Creative Technology Ltd.>
[ExpScaner / ExpScaner][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\ExpScan.sys><>
[HookCont / HookCont][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\HookSys.sys><Rising>
[huadio / huadio][Stopped/Manual Start]
  <\??\c:\huadio.tmp><N/A>
[kmsinput / kmsinput][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\kmsinput.sys><N/A>
[lalimgsg / lalimgsg][Running/Boot Start]
  <\SystemRoot\\SystemRoot\System32\drivers\lalimgsg.sys><N/A>
[MEMSCAN / MEMSCAN][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[Netgroup Packet Filter / NPF][Running/Manual Start]
  <system32\DRIVERS\npf.sys><CACE Technologies>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\D:\qq\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[pqgahivi / pqgahivi][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\pqgahivi.sys><N/A>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
  <\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
  <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\RSPPSYS.sys><Rising>
[Realtek RTL8029(AS)-based PCI Ethernet Adapter NT Driver / rtl8029][Running/Manual Start]
  <system32\DRIVERS\RTL8029.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[ViaIde / ViaIde][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>
[vs / vs][Stopped/Manual Start]
  <\??\C:\DOCUME~1\ljs\LOCALS~1\Temp\vsosu><N/A>
[squellabcd / squellabcd][Stopped/Manual Start]
  <2 - 系统找不到指定的文件。
><N/A>

==================================
浏览器加载项
[Thunder Browser Helper]
  {0C7C23EE-A848-485B-873C-0ED954731014} <E:\迅雷\ComDlls\XunLeiBHO_007.dll, Thunder Networking Technologies,LTD>
[Cbho Object]
  {352E3B3A-CAB5-4DBC-B940-C7F84D0447D8} <C:\PROGRA~1\CNNIC\Cdn\cdndrag.dll, CNNIC>
[CdnForIE Class]
  {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[BandIE Class]
  {77FEF28E-EB96-44FF-B511-3185DEA48697} <C:\PROGRA~1\baidu\bar\baidubar.dll, Baidu.com, Inc.>
[Google Toolbar Helper]
  {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[IEHelp Class]
  {ED863792-FADB-4D21-8B20-409DA940B7A2} <C:\WINDOWS\system\PDFAid.dll, adobe system>
[WMHlprObj Class]
  {F5824EFB-728A-4726-A5A5-85A68B20EDC3} <C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll, CNNIC>
[名品折扣]
  {59BC54A2-56B3-44a0-93E5-432D58746E26} <http://adtaobao.allyes.com/main/adfclick?db=adtaobao&bid=138,140,18&cid=816,8,1&sid=5042&show=ignore&url=http://www.taobao.com/vertical/mall/pro.php?allyesPara=816, N/A>
[CdnForIE Class]
  {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[雅虎WIDGET]
  {6354ABE6-05F1-49ed-B850-E423120EC338} <http://cn.widget.yahoo.com/index.htm?source=Cns, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <D:\qq\QQ.EXE, TENCENT>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[百度超级搜霸]
  {B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\PROGRA~1\baidu\bar\baidubar.dll, Baidu.com, Inc.>
[&Google]
  {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[Google Script Object]
  {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[ActiveMovieControl Object]
  {05589FA1-C356-11CE-BF01-00AA0055595A} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {0C7C23EE-A848-485B-873C-0ED954731014} <E:\迅雷\ComDlls\XunLeiBHO_007.dll, Thunder Networking Technologies,LTD>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[&Google]
  {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[HtmlDlgSafeHelper Class]
  {3050F819-98B5-11CF-BB82-00AA00BDCE0B} <C:\WINDOWS\system32\mshtmled.dll, Microsoft Corporation>
[Cbho Object]
  {352E3B3A-CAB5-4DBC-B940-C7F84D0447D8} <C:\PROGRA~1\CNNIC\Cdn\cdndrag.dll, CNNIC>
[CdnForIE Class]
  {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Active Desktop Mover]
  {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[BandIE Class]
  {77FEF28E-EB96-44FF-B511-3185DEA48697} <C:\PROGRA~1\baidu\bar\baidubar.dll, Baidu.com, Inc.>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[RMGetLicense Class]
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[Google Toolbar Helper]
  {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[WebVGPlayer Class]
  {AA899B43-24BD-4B6B-BBD0-45557D8D11E0} <C:\PROGRA~1\VIEWGOOD\WEBPLA~1\VGPlayer.dll, >
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[百度超级搜霸]
  {B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\PROGRA~1\baidu\bar\baidubar.dll, Baidu.com, Inc.>
[3721]
  {B83FC273-3522-4CC6-92EC-75CC86678DA4} <C:\WINDOWS\Downloaded Program Files\CnsMin.dll, 北京三七二一科技有限公司>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[CPasswordEditCtrl Object]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技（深圳）有限公司>
[IEHelp Class]
  {ED863792-FADB-4D21-8B20-409DA940B7A2} <C:\WINDOWS\system\PDFAid.dll, adobe system>
[WMHlprObj Class]
  {F5824EFB-728A-4726-A5A5-85A68B20EDC3} <C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll, CNNIC>
[IEDown Class]
  {F917534D-535B-416B-8E8F-0C04756C31A8} <C:\WINDOWS\system32\GLIEDown2.dll, 联众公司>
[上传到QQ网络硬盘]
  <D:\qq\AddToNetDisk.htm, N/A>
[添加到QQ自定义面板]
  <D:\qq\AddPanel.htm, N/A>
[添加到QQ表情]
  <D:\qq\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <D:\qq\SendMMS.htm, N/A>
[访问通用网址]
  <C:\Program Files\CNNIC\Cdn\cnnic.htm, N/A>

==================================
正在运行的进程
[PID: 452][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 508][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 532][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 576][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 588][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 740][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 788][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
[PID: 856][C:\Program Files\Rising\Rav\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 872][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1032][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1132][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1196][C:\Program Files\Rising\Rav\Ravmond.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 43]
    [C:\Program Files\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Rising\Rav\rfwctrl.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
    [C:\Program Files\Rising\Rav\RsPPsys.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\Program Files\Rising\Rav\RsLog.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
    [C:\Program Files\Rising\Rav\HOOKSYS.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 0]
    [C:\Program Files\Rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 12]
    [C:\Program Files\Rising\Rav\libload.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
    [C:\Program Files\Rising\Rav\VirusLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [C:\Program Files\Rising\Rav\regmon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [C:\Program Files\Rising\Rav\HookWeb.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 1]
    [C:\Program Files\Rising\Rav\MemMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
    [C:\Program Files\Rising\Rav\expscan.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\Rising\Rav\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
    [C:\Program Files\Rising\Rav\HookCont.dll]  [Rising, 19, 0, 0, 0]
    [C:\Program Files\Rising\Rav\SpamEng.dll]  [N/A, 18, 0, 0, 6]
    [C:\Program Files\Rising\Rav\engine.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 24]
    [C:\Program Files\Rising\Rav\PostTrt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 8]
    [C:\Program Files\Rising\Rav\UnExe.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [C:\Program Files\Rising\Rav\ScanExec.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
    [C:\Program Files\Rising\Rav\ScanEx.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 36]
    [C:\Program Files\Rising\Rav\ExtFile.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 25]
    [C:\Program Files\Rising\Rav\NvFile.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
    [C:\Program Files\Rising\Rav\ScanMac.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 13]
    [C:\Program Files\Rising\Rav\ScanSct.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
    [C:\Program Files\Rising\Rav\Unpacker.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 17]
    [C:\Program Files\Rising\Rav\ScanPack.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
    [C:\Program Files\Rising\Rav\RsVM.dll]  [N/A, 19, 0, 0, 15]
    [C:\Program Files\Rising\Rav\Uroutine.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 21]
    [C:\Program Files\Rising\Rav\ExtOLE.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
    [C:\Program Files\Rising\Rav\Uscript.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 18]
[PID: 1212][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 5, 0, 0]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 9]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [C:\WINDOWS\system32\LgSyl.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\LgSym.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\LgSyzr.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\Kav26.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\Gjzos.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\Myros.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\Msxos.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\windhcp.ocx]  [N/A, N/A]
    [C:\PROGRA~1\baidu\bar\baidubar.dll]  [Baidu.com, Inc., 2, 0, 2, 124]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[PID: 1372][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
[PID: 1412][C:\Program Files\Rising\Rav\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 4]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[PID: 1504][C:\Program Files\CNNIC\Cdn\cdnup.exe]  [CNNIC, 2, 5, 0, 8]
    [C:\Program Files\CNNIC\Cdn\cdnuplib.dll]  [CNNIC, 2, 5, 0, 11]
    [C:\Program Files\CNNIC\Cdn\cdnprh.dll]  [CNNIC, 2, 4, 0, 7]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 5, 0, 0]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 9]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [C:\Program Files\CNNIC\Cdn\cdntdns.dll]  [CNNIC, 2, 2, 0, 3]
[PID: 1724][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.0.1622]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 9]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 5, 0, 0]
[PID: 212][C:\WINDOWS\iexp1ore.exe]  [N/A, N/A]
    [C:\WINDOWS\system32\LgSyzr.dll]  [N/A, N/A]
[PID: 232][C:\WINDOWS\iexpl0re.exe]  [N/A, N/A]
    [C:\WINDOWS\system32\LgSym.dll]  [N/A, N/A]
[PID: 268][C:\WINDOWS\winlog0n.exe]  [N/A, N/A]
    [C:\WINDOWS\system32\LgSyl.dll]  [N/A, N/A]
[PID: 408][C:\WINDOWS\svch0st.exe]  [N/A, N/A]
    [C:\WINDOWS\system32\Kav26.dll]  [N/A, N/A]
[PID: 448][C:\WINDOWS\crasos.exe]  [N/A, N/A]
    [C:\WINDOWS\system32\Msxos.dll]  [N/A, N/A]
[PID: 680][C:\WINDOWS\rundl132.exe]  [N/A, N/A]
    [C:\WINDOWS\system32\Myros.dll]  [N/A, N/A]
[PID: 840][C:\WINDOWS\c0nime.exe]  [N/A, N/A]
    [C:\WINDOWS\system32\Gjzos.dll]  [N/A, N/A]
[PID: 892][C:\DOCUME~1\ljs\LOCALS~1\Temp\kwatlog.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\DOCUME~1\ljs\LOCALS~1\Temp\ljl.dll]  [N/A, N/A]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 9]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 5, 0, 0]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [C:\DOCUME~1\ljs\LOCALS~1\Temp\packet.dll]  [CACE Technologies, 3, 1, 0, 27]
    [C:\DOCUME~1\ljs\LOCALS~1\Temp\WanPacket.dll]  [CACE Technologies, 3, 1, 0, 27]
[PID: 1012][C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe]  [Google Inc., 1, 2, 1128, 5462]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 9]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 5, 0, 0]
    [C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\res_zh-CN.dll]  [Google Inc., 1, 2, 1128, 5462]
    [C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\swg.dll]  [Google Inc., 1, 2, 1128, 5462]
[PID: 676][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1996][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 9]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 5, 0, 0]
[PID: 844][C:\WINDOWS\system\SVCH0ST.EXE]  [N/A, N/A]
[PID: 1788][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\baidu\bar\baidubar.dll]  [Baidu.com, Inc., 2, 0, 2, 124]
    [c:\program files\google\googletoolbar2.dll]  [Google Inc., 4, 0, 1601, 4978]
    [C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_016.dll]  [Thunder Networking Technologies,LTD, 6, 0, 0, 5]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [E:\迅雷\ComDlls\XunLeiBHO_007.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [C:\PROGRA~1\CNNIC\Cdn\cdndrag.dll]  [CNNIC, 1.0.0.7]
    [C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 9]
    [C:\PROGRA~1\CNNIC\Cdn\cdnuplib.dll]  [CNNIC, 2, 5, 0, 11]
    [C:\WINDOWS\system\PDFAid.dll]  [adobe system, 1.0.0.1]
    [C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll]  [CNNIC, 1, 1, 0, 0]
[PID: 2288][C:\WINDOWS\system32\wscntfy.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 9]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 5, 0, 0]

[PID: 2332][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3660][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\baidu\bar\baidubar.dll]  [Baidu.com, Inc., 2, 0, 2, 124]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [c:\program files\google\googletoolbar2.dll]  [Google Inc., 4, 0, 1601, 4978]
    [C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_016.dll]  [Thunder Networking Technologies,LTD, 6, 0, 0, 5]
    [E:\迅雷\ComDlls\XunLeiBHO_007.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [C:\PROGRA~1\CNNIC\Cdn\cdndrag.dll]  [CNNIC, 1.0.0.7]
    [C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 9]
    [C:\PROGRA~1\CNNIC\Cdn\cdnuplib.dll]  [CNNIC, 2, 5, 0, 11]
    [C:\WINDOWS\system\PDFAid.dll]  [adobe system, 1.0.0.1]
    [C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll]  [CNNIC, 1, 1, 0, 0]
[PID: 3736][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\baidu\bar\baidubar.dll]  [Baidu.com, Inc., 2, 0, 2, 124]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [c:\program files\google\googletoolbar2.dll]  [Google Inc., 4, 0, 1601, 4978]
    [C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_016.dll]  [Thunder Networking Technologies,LTD, 6, 0, 0, 5]
    [E:\迅雷\ComDlls\XunLeiBHO_007.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [C:\PROGRA~1\CNNIC\Cdn\cdndrag.dll]  [CNNIC, 1.0.0.7]
    [C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 9]
    [C:\PROGRA~1\CNNIC\Cdn\cdnuplib.dll]  [CNNIC, 2, 5, 0, 11]
    [C:\WINDOWS\system\PDFAid.dll]  [adobe system, 1.0.0.1]
    [C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll]  [CNNIC, 1, 1, 0, 0]
[PID: 3920][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [C:\PROGRA~1\baidu\bar\baidubar.dll]  [Baidu.com, Inc., 2, 0, 2, 124]
    [c:\program files\google\googletoolbar2.dll]  [Google Inc., 4, 0, 1601, 4978]
    [C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_016.dll]  [Thunder Networking Technologies,LTD, 6, 0, 0, 5]
    [E:\迅雷\ComDlls\XunLeiBHO_007.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [C:\PROGRA~1\CNNIC\Cdn\cdndrag.dll]  [CNNIC, 1.0.0.7]
    [C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 9]
    [C:\PROGRA~1\CNNIC\Cdn\cdnuplib.dll]  [CNNIC, 2, 5, 0, 11]
    [C:\WINDOWS\system\PDFAid.dll]  [adobe system, 1.0.0.1]
    [C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll]  [CNNIC, 1, 1, 0, 0]
[PID: 196][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [C:\PROGRA~1\baidu\bar\baidubar.dll]  [Baidu.com, Inc., 2, 0, 2, 124]
    [c:\program files\google\googletoolbar2.dll]  [Google Inc., 4, 0, 1601, 4978]
    [C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_016.dll]  [Thunder Networking Technologies,LTD, 6, 0, 0, 5]
    [E:\迅雷\ComDlls\XunLeiBHO_007.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [C:\PROGRA~1\CNNIC\Cdn\cdndrag.dll]  [CNNIC, 1.0.0.7]
    [C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 9]
    [C:\PROGRA~1\CNNIC\Cdn\cdnuplib.dll]  [CNNIC, 2, 5, 0, 11]
    [C:\WINDOWS\system\PDFAid.dll]  [adobe system, 1.0.0.1]
    [C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll]  [CNNIC, 1, 1, 0, 0]
[PID: 260][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\baidu\bar\baidubar.dll]  [Baidu.com, Inc., 2, 0, 2, 124]
    [c:\program files\google\googletoolbar2.dll]  [Google Inc., 4, 0, 1601, 4978]
    [C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_016.dll]  [Thunder Networking Technologies,LTD, 6, 0, 0, 5]
    [E:\迅雷\ComDlls\XunLeiBHO_007.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [C:\PROGRA~1\CNNIC\Cdn\cdndrag.dll]  [CNNIC, 1.0.0.7]
    [C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 9]
    [C:\PROGRA~1\CNNIC\Cdn\cdnuplib.dll]  [CNNIC, 2, 5, 0, 11]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [C:\WINDOWS\system\PDFAid.dll]  [adobe system, 1.0.0.1]
    [C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll]  [CNNIC, 1, 1, 0, 0]
[PID: 1860][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\baidu\bar\baidubar.dll]  [Baidu.com, Inc., 2, 0, 2, 124]
    [c:\program files\google\googletoolbar2.dll]  [Google Inc., 4, 0, 1601, 4978]
    [C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_016.dll]  [Thunder Networking Technologies,LTD, 6, 0, 0, 5]
    [E:\迅雷\ComDlls\XunLeiBHO_007.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [C:\PROGRA~1\CNNIC\Cdn\cdndrag.dll]  [CNNIC, 1.0.0.7]
    [C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 9]
    [C:\PROGRA~1\CNNIC\Cdn\cdnuplib.dll]  [CNNIC, 2, 5, 0, 11]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [C:\WINDOWS\system\PDFAid.dll]  [adobe system, 1.0.0.1]
    [C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll]  [CNNIC, 1, 1, 0, 0]
[PID: 1952][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\baidu\bar\baidubar.dll]  [Baidu.com, Inc., 2, 0, 2, 124]
    [c:\program files\google\googletoolbar2.dll]  [Google Inc., 4, 0, 1601, 4978]
    [C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_016.dll]  [Thunder Networking Technologies,LTD, 6, 0, 0, 5]
    [E:\迅雷\ComDlls\XunLeiBHO_007.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [C:\PROGRA~1\CNNIC\Cdn\cdndrag.dll]  [CNNIC, 1.0.0.7]
    [C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 9]
    [C:\PROGRA~1\CNNIC\Cdn\cdnuplib.dll]  [CNNIC, 2, 5, 0, 11]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [C:\WINDOWS\system\PDFAid.dll]  [adobe system, 1.0.0.1]
    [C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll]  [CNNIC, 1, 1, 0, 0]
[PID: 2112][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\baidu\bar\baidubar.dll]  [Baidu.com, Inc., 2, 0, 2, 124]
    [c:\program files\google\googletoolbar2.dll]  [Google Inc., 4, 0, 1601, 4978]
    [C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_016.dll]  [Thunder Networking Technologies,LTD, 6, 0, 0, 5]
    [E:\迅雷\ComDlls\XunLeiBHO_007.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [C:\PROGRA~1\CNNIC\Cdn\cdndrag.dll]  [CNNIC, 1.0.0.7]
    [C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 9]
    [C:\PROGRA~1\CNNIC\Cdn\cdnuplib.dll]  [CNNIC, 2, 5, 0, 11]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [C:\WINDOWS\system\PDFAid.dll]  [adobe system, 1.0.0.1]
    [C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll]  [CNNIC, 1, 1, 0, 0]
[PID: 2140][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\baidu\bar\baidubar.dll]  [Baidu.com, Inc., 2, 0, 2, 124]
    [c:\program files\google\googletoolbar2.dll]  [Google Inc., 4, 0, 1601, 4978]
    [C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_016.dll]  [Thunder Networking Technologies,LTD, 6, 0, 0, 5]
    [E:\迅雷\ComDlls\XunLeiBHO_007.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [C:\PROGRA~1\CNNIC\Cdn\cdndrag.dll]  [CNNIC, 1.0.0.7]
    [C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 9]
    [C:\PROGRA~1\CNNIC\Cdn\cdnuplib.dll]  [CNNIC, 2, 5, 0, 11]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [C:\WINDOWS\system\PDFAid.dll]  [adobe system, 1.0.0.1]
    [C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll]  [CNNIC, 1, 1, 0, 0]
[PID: 2820][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\baidu\bar\baidubar.dll]  [Baidu.com, Inc., 2, 0, 2, 124]
    [c:\program files\google\googletoolbar2.dll]  [Google Inc., 4, 0, 1601, 4978]
    [C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_016.dll]  [Thunder Networking Technologies,LTD, 6, 0, 0, 5]
    [E:\迅雷\ComDlls\XunLeiBHO_007.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [C:\PROGRA~1\CNNIC\Cdn\cdndrag.dll]  [CNNIC, 1.0.0.7]
    [C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 9]
    [C:\PROGRA~1\CNNIC\Cdn\cdnuplib.dll]  [CNNIC, 2, 5, 0, 11]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [C:\WINDOWS\system\PDFAid.dll]  [adobe system, 1.0.0.1]
    [C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll]  [CNNIC, 1, 1, 0, 0]

[PID: 3748][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [C:\PROGRA~1\baidu\bar\baidubar.dll]  [Baidu.com, Inc., 2, 0, 2, 124]
    [c:\program files\google\googletoolbar2.dll]  [Google Inc., 4, 0, 1601, 4978]
    [C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_016.dll]  [Thunder Networking Technologies,LTD, 6, 0, 0, 5]
    [E:\迅雷\ComDlls\XunLeiBHO_007.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [C:\PROGRA~1\CNNIC\Cdn\cdndrag.dll]  [CNNIC, 1.0.0.7]
    [C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 9]
    [C:\PROGRA~1\CNNIC\Cdn\cdnuplib.dll]  [CNNIC, 2, 5, 0, 11]
    [C:\WINDOWS\system\PDFAid.dll]  [adobe system, 1.0.0.1]
    [C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll]  [CNNIC, 1, 1, 0, 0]
[PID: 3340][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 9]
    [C:\Program Files\CNNIC\Cdn\cdnuplib.dll]  [CNNIC, 2, 5, 0, 11]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 5, 0, 0]
    [c:\program files\google\googletoolbar2.dll]  [Google Inc., 4, 0, 1601, 4978]
    [C:\PROGRA~1\baidu\bar\baidubar.dll]  [Baidu.com, Inc., 2, 0, 2, 124]
    [E:\迅雷\ComDlls\XunLeiBHO_007.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [C:\PROGRA~1\CNNIC\Cdn\cdndrag.dll]  [CNNIC, 1.0.0.7]
    [C:\WINDOWS\system\PDFAid.dll]  [adobe system, 1.0.0.1]
    [C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll]  [CNNIC, 1, 1, 0, 0]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [C:\WINDOWS\system32\Gjzos.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\Myros.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\Msxos.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\Kav26.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\LgSyl.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\LgSym.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\LgSyzr.dll]  [N/A, N/A]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [C:\WINDOWS\system32\JPWB.IME]  [常诚研制, 4.00.950]
[PID: 816][C:\WINDOWS\system32\rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system\WINS0C~1.DLL]  [mcsoft, 1, 0, 0, 0]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 9]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 5, 0, 0]
[PID: 5052][E:\m\魔卡少女樱\SREng.EXE]  [Smallfrogs Studio, 2.3.13.690]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 9]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 5, 0, 0]
    [C:\WINDOWS\system32\Gjzos.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\Myros.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\Msxos.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\Kav26.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\LgSyl.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\LgSym.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\LgSyzr.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  Error. ["C:\Program Files\Macromedia\Dreamweaver MX\Dreamweaver.exe" "%1"]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
API HOOK
N/A

==================================


[/CODE]

每次瑞星杀完了过一断时间又会出现病毒,反正现在开机要十几分钟,又不知道它在等什么

Trojan.PSW.ZhengTu.afq
Trojan.PSW.ZhengTu.afq
Trojan.PSW.XYOnline.lg
Trojan.PSW.WoWar.wu
Trojan.PSW.JHOnline.fbd
Trojan.PSW.XYOnline.lg
Trojan.PSW.WLOnline.eg
Trojan.PSW.YBOnline.at
Trojan.PSW.WLOnline.eg
Trojan.PSW.YBOnline.at
Trojan.PSW.XYOnline.lg
Trojan.Tiny.d
Trojan.Tiny.d
Dropper.Agent.fij
Trojan.DL.Agent.blq
Dropper.Agent.fij
Trojan.DL.Agent.blq
Trojan.DL.Agent.bsd
Trojan.Agent.zwu
Trojan.PSW.LMir.lxq
Trojan.PSW.LMir.lxq
Dropper.Agent.fij
Trojan.DL.Agent.blq
Trojan.DL.Agent.bsd
Trojan.Agent.zwu
Trojan.DL.Agent.htu
Trojan.PSW.LMir.lxq
Trojan.PSW.LMir.lxq
Trojan.PSW.LMir.lxq
瑞星杳到的

手工删除：

一个名字为LoadHW.exe的可执行程序调用了这个dll文件 然后自行终止 并把msitinit.dll加载到explorer.exe中运行，所以江民没有删掉病毒，重启后还存在。运行regedit，找到HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce 删除它，再找到HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Npf，删除它，trojan.psw病毒测试删除

RUNONCE下什么都没啊