[CODE]

2007-07-22,04:40:25

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
    <MSMSGS><; "C:\Program Files\Messenger\msmsgs.exe" /background>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows Publisher]
    <SoundMan><; SOUNDMAN.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <mynewpad><; C:\Program Files\Handpad\mynewpad.exe>  [Ping-IT Computer System Inc.]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <TkBellExe><; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  [N/A]
    <SmCtrlDrv><"C:\WINDOWS\system32\Rundll32.exe" C:\WINDOWS\system32\cdnprh.dll Start>  [N/A]
    <IdnSvr><C:\Program Files\OCINS\idnsvr.exe>  [(Verified)China Internet Network Information Center]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    <WinlogonNotify: WgaLogon><WgaLogon.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cdnup.exe]
    <IFEO[cdnup.exe]><C:\WINDOWS\system32\rundll32.exe>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Explorer.exe]
    <IFEO[Explorer.exe]><C:\WINDOWS\system32\netdde32.exe>  []

==================================
启动文件夹
[Microsoft Office]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Microsoft Office.lnk --> C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [Microsoft Corporation]><N>
[QQ游戏启动加速程序]
  <C:\Documents and Settings\user\「开始」菜单\程序\启动\QQ游戏启动加速程序.lnk --> E:\郭宇专~1\QQGame\Accel.exe [深圳市腾讯计算机系统有限公司]><N>
[腾讯QQ]
  <C:\Documents and Settings\user\「开始」菜单\程序\启动\腾讯QQ.lnk --> E:\郭宇专~1\QQ\QQ.exe [TENCENT]><H>

服务
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[InterBase Guardian / InterBaseGuardian][Running/Auto Start]
  <C:\Program Files\Borland\InterBase\bin\ibguard.exe><Borland Software Corporation>
[InterBase Server / InterBaseServer][Running/Manual Start]
  <C:\Program Files\Borland\InterBase\bin\ibserver.exe><Borland Software Corporation>
[LexBce Server / LexBceS][Running/Auto Start]
  <C:\WINDOWS\system32\LEXBCES.EXE><Lexmark International, Inc.>
[Fax 2Client / ms_2fax][Running/Auto Start]
  <C:\WINDOWS\system32\60551.exe><N/A>
[Windows qsfn RunThem / qsfn][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\PROGRA~1\lnai\vxks.dll>< >
[Remote Locator RPC / Rpcaccess ][Stopped/Auto Start]
  <><N/A>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon][Running/Auto Start]
  <"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[Remote Access Connection Manager7 / Sc7][Stopped/Auto Start]
  <><N/A>
[Symantec Network Drivers Service / SNDSrvc][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"><Symantec Corporation>
[SymWMI Service / SymWSC][Stopped/Auto Start]
  <"C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe"><Symantec Corporation>
[XDownloadService / XDownloadService][Stopped/Auto Start]
  <C:\WINDOWS\system32\Rundll32.exe "C:\WINDOWS\Downloader.dll",Run><Microsoft Corporation>

==================================
驱动程序
[acpidisk / acpidisk][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\acpidisk.sys><N/A>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[BaseTDI / BaseTDI][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\basetdi.sys><Beijing Rising Technology Co., Ltd.>
[c19045786 / c19045786][Stopped/Disabled]
  <System32\drivers\c19045786.sys><N/A>
[cnprov / cnprov][Running/Boot Start]
  <\SystemRoot\system32\drivers\cnprov.sys><中国互联网络信息中心(CNNIC)>
[cpeiu / cpeiu5][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\cpeiu5.sys><N/A>
[dump_wmimmc / dump_wmimmc][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\dump_wmimmc.sys><N/A>
[EagleNT / EagleNT][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\EagleNT.sys><N/A>
[ExpScaner / ExpScaner][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\ExpScan.sys><>
[VIA Rhine-Family Fast Ethernet Adapter Driver Service / FETND5BV][Running/Manual Start]
  <system32\DRIVERS\fetnd5bv.sys><VIA Technologies, Inc.>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[filter / filter][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\filter.sys><>
[hcbxu / hcbxu][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\hcbxu.sys><>
[HookCont / HookCont][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\HOOKCONT.sys><Rising tech Co. ltd>
[HookReg / HookReg][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\HookSys.sys><Rising>
[idnaux / idnaux][Running/Auto Start]
  <system32\drivers\idnaux.sys><中国互联网络信息中心(CNNIC)>
[kmsinput / kmsinput][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\kmsinput.sys><N/A>
[MEMSCAN / MEMSCAN][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[MRxSmb / MRxSmb][Stopped/System Start]
  <system32\DRIVERS\mrxsmb.sys><N/A>
[nfuro9z / nfuro9z][Stopped/System Start]
  <\??\C:\WINDOWS\system32\drivers\nfuro9z.sys><N/A>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\E:\郭宇专用盘\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[NPPTNT2 / NPPTNT2][Running/System Start]
  <\??\C:\WINDOWS\system32\npptNT2.sys><INCA Internet Co., Ltd.>
[NTSIM / NTSIM][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\ntsim.sys><VIA Networking Technologies, Inc.>
[Padus ASPI Shell / pfc][Running/Manual Start]
  <system32\drivers\pfc.sys><Padus, Inc.>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\PxHelp20.sys><Sonic Solutions>
[qysrfm9 / qysrfm94][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\qysrfm94.sys><>
[Rdbss / Rdbss][Stopped/System Start]
  <system32\DRIVERS\rdbss.sys><N/A>
[Keyboard Spy / Rtvcan][Stopped/System Start]
  <\??\C:\WINDOWS\system32\Rtvcan.sys><N/A>
[rudcay1 / rudcay16][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\rudcay16.sys><N/A>
[Secdrv / Secdrv][Running/Auto Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[SymEvent / SymEvent][Running/Manual Start]
  <\??\C:\Program Files\Symantec\SYMEVENT.SYS><Symantec Corporation>
[SYMREDRV / SYMREDRV][Stopped/Manual Start]
  <\SystemRoot\System32\Drivers\SYMREDRV.SYS><Symantec Corporation>
[SYMTDI / SYMTDI][Running/System Start]
  <\SystemRoot\System32\Drivers\SYMTDI.SYS><Symantec Corporation>
[uxl1h0 / uxl1h0][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\uxl1h0.sys><N/A>
[viagfx / viagfx][Running/Manual Start]
  <system32\DRIVERS\vtmini.sys><Copyright (C) VIA/S3 Graphics Co, Ltd.>
[ViaIde / ViaIde][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>
[WINIO / WINIO][Stopped/Manual Start]
  <\??\C:\WINDOWS\Downloaded Program Files\winio.sys><N/A>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[ycfc / ycfc][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\ycfc.sys><N/A>
[ymupgj0 / ymupgj09][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\ymupgj09.sys><>

浏览器加载项
[超级兔子上网精灵]
  {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <E:\MAGICSET\haokanbar.dll, Xiang Feng Technology>
[ff Class]
  {FAAAC0F6-94BE-4466-934B-7C53666A2F41} <C:\WINDOWS\system32\4601.dll, TODO: <公司名>>
[浩方对战平台]
  {0A155D3C-68E2-4215-A47A-E800A446447A} <D:\浩方对战平台\GameClient.exe, 上海浩方在线信息技术有限公司>
[中文上网]
  {B012491E-8FA4-4851-AA9B-22E33784FBAD} <C:\Program Files\OCINS\config.exe, 中国互联网络信息中心(CNNIC)>
[快车]
  {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\FlashGet.exe, FlashGet.com>
[&Google]
  {2318C2B1-4965-11d4-9B18-009027A5CD4F} <, N/A>
[便民工具]
  {803E354A-8D70-4C6B-8AB7-7FCEBFD36FA8} <C:\WINDOWS\MailIEBand.dll, N/A>
[超级兔子上网精灵]
  {43869BB3-22FD-4F15-9B46-238106BA2F4E} <E:\MAGICSET\haokanbar.dll, Xiang Feng Technology>
[CEditCtrl Object]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com>
[PowerPlayer Control]
  {5EC7C511-CD0F-42E6-830C-1BD9882F3458} <C:\WINDOWS\DOWNLO~1\POWERP~1.DLL, PPStream Inc.>
[VnetAnprIns Class]
  {74447F9C-5691-4A9A-8BE4-564092E40B03} <C:\WINDOWS\Downloaded Program Files\anprins.dll, 中国电信股份有限公司>
[LiveMediaOcx Control]
  {9242BB35-0DB0-43AC-8DFC-8EA07E63B92A} <E:\郭宇专~1\QQLive\QQLive.ocx, Tencent>
[Fc2Boot Class]
  {ABA7CC7F-019D-47DB-A0D2-B3C2B3AC1B44} <, N/A>
[WebActivater Control]
  {C661F36D-DF85-4EF4-83C7-E107B83D04B1} <C:\WINDOWS\system32\3DShowVM.ocx, QQ>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx, Adobe Systems, Inc.>
[Rising Web Scan Object]
  {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <C:\WINDOWS\Downloaded Program Files\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[MMCPlayer Class]
  {05C1004E-2596-48E5-8E26-39362985EEB9} <C:\Program Files\Sogou PXP\MMCShell.dll, Sohu.com Inc.>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[&Google]
  {2318C2B1-4965-11D4-9B18-009027A5CD4F} <, N/A>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[FGCatchUrl]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <, N/A>
[Info cache]
  {385AB8C6-FB22-4D17-8834-064E2BA0A6F0} <C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll, N/A>
[超级兔子上网精灵]
  {43869BB3-22FD-4F15-9B46-238106BA2F4E} <E:\MAGICSET\haokanbar.dll, Xiang Feng Technology>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[超级兔子上网精灵]
  {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <E:\MAGICSET\haokanbar.dll, Xiang Feng Technology>
[便民工具]
  {803E354A-8D70-4C6B-8AB7-7FCEBFD36FA8} <C:\WINDOWS\MailIEBand.dll, N/A>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx, Adobe Systems, Inc.>
[FlashGet GetFlash Class]
  {F156768E-81EF-470C-9057-481BA8380DBA} <C:\PROGRA~1\FLASHGET\getflash.dll, www.flashget.com>
[FGAutoLive]
  {F90D830D-C175-4bbe-82C7-FF94669A4C42} <C:\PROGRA~1\FLASHGET\fgupdate.dll, www.flashget.com>
[ff Class]
  {FAAAC0F6-94BE-4466-934B-7C53666A2F41} <C:\WINDOWS\system32\4601.dll, TODO: <公司名>>
[FGCatchUrl]
  {FB5DA724-162B-11D3-8B9B-AA70B4B0B524} <, N/A>
[&使用快车(FlashGet)下载]
  <C:\PROGRA~1\FLASHGET\jc_link.htm, N/A>
[&使用快车(FlashGet)下载全部链接]
  <C:\PROGRA~1\FLASHGET\jc_all.htm, N/A>
[添加到QQ表情]
  <E:\郭宇专用盘\QQ\AddEmotion.htm, N/A>

奇怪?贴不上来?

正在运行的进程
[PID: 572 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 636 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 660 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\winlib .dll]  [N/A, ]
[PID: 712 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 724 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 900 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 968 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1064 / SYSTEM][C:\Program Files\Rising\Rav\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 1080 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1172 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1252 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1312 / SYSTEM][C:\Program Files\Rising\Rav\Ravmond.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 1, 29]
    [C:\Program Files\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\Rising\Rav\RsLog.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
    [C:\Program Files\Rising\Rav\HOOKSYS.dll]  [Rising, 18, 1, 0, 9]
    [C:\Program Files\Rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 30]
    [C:\Program Files\Rising\Rav\libload.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [C:\Program Files\Rising\Rav\VirusLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [C:\Program Files\Rising\Rav\regmon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [C:\Program Files\Rising\Rav\psapi.dll]  [Microsoft Corporation, 4.00]
    [C:\Program Files\Rising\Rav\HookWeb.dll]  [rising, 18, 0, 0, 2]
    [C:\Program Files\Rising\Rav\MemMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 9]
    [C:\Program Files\Rising\Rav\expscan.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\Rising\Rav\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
    [C:\Program Files\Rising\Rav\MailMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\Program Files\Rising\Rav\SpamEng.dll]  [, 18, 0, 0, 6]
    [C:\Program Files\Rising\Rav\engine.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 30]
    [C:\Program Files\Rising\Rav\PostTrt.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 9]
    [C:\Program Files\Rising\Rav\UnExe.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [C:\Program Files\Rising\Rav\ScanExec.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [C:\Program Files\Rising\Rav\ScanEx.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [C:\Program Files\Rising\Rav\NvFile.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 7]
    [C:\Program Files\Rising\Rav\ScanMac.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 8]
    [C:\Program Files\Rising\Rav\ScanSct.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 17]
    [C:\Program Files\Rising\Rav\Unpacker.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
    [C:\Program Files\Rising\Rav\ExtOLE.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
[PID: 1484 / SYSTEM][C:\WINDOWS\system32\LEXBCES.EXE]  [Lexmark International, Inc., 9.42]
    [C:\WINDOWS\system32\lexp2p32.dll]  [Lexmark International, Inc., 9.42]
    [C:\WINDOWS\system32\lex2kusb.dll]  [Lexmark International, Inc., 9.42]
[PID: 1520 / SYSTEM][C:\WINDOWS\system32\LEXPPS.EXE]  [Lexmark International, Inc., 9.42]
    [C:\WINDOWS\system32\LEXBCE.DLL]  [Lexmark International, Inc., 9.42]
    [c:\progra~1\lnai\yanv.dll]  [, 5, 0, 0, 4]
    [c:\progra~1\lnai\dfsa.dll]  [ , 5, 0, 0, 4]
[PID: 1528 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\LEXLMPM.DLL]  [Lexmark International, Inc., 96.9.42]
    [c:\progra~1\lnai\yanv.dll]  [, 5, 0, 0, 4]
    [c:\progra~1\lnai\dfsa.dll]  [ , 5, 0, 0, 4]
    [C:\WINDOWS\system32\LexBce.dll]  [Lexmark International, Inc., 9.42]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\LVCMPP5C.dll]  [Lenovo (Beijing) Ltd., 1.0.1.14]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\vprproc.dll]  [Windows (R) 2000 DDK provider, 5.00.2195.1620]
    [C:\WINDOWS\system32\LVCMpwr.dll]  [Lenovo (Beijing) Ltd., 1, 0, 1, 0]
[PID: 1724 / SYSTEM][C:\Program Files\Borland\InterBase\bin\ibguard.exe]  [Borland Software Corporation, WI-V6.5.0.28]
    [C:\WINDOWS\system32\gds32.dll]  [Borland Software Corporation, WI-V6.5.0.28]
    [c:\progra~1\lnai\yanv.dll]  [, 5, 0, 0, 4]
    [c:\progra~1\lnai\dfsa.dll]  [ , 5, 0, 0, 4]
[PID: 1756 / SYSTEM][C:\Program Files\Rising\Rav\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 16]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[PID: 1876 / SYSTEM][C:\WINDOWS\system32\60551.exe]  [N/A, ]
[PID: 1932 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\progra~1\lnai\vxks.dll]  [ , 5, 0, 0, 4]
    [c:\progra~1\lnai\yanv.dll]  [, 5, 0, 0, 4]
    [c:\progra~1\lnai\dfsa.dll]  [ , 5, 0, 0, 4]
    [c:\progra~1\lnai\acpx.dll]  [ , 5, 0, 0, 4]
    [c:\progra~1\lnai\rtgo.dll]  [, 5, 0, 0, 2]
[PID: 2032 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 560 / SYSTEM][C:\Program Files\Borland\InterBase\bin\ibserver.exe]  [Borland Software Corporation, WI-V6.5.0.28]
    [c:\progra~1\lnai\yanv.dll]  [, 5, 0, 0, 4]
    [c:\progra~1\lnai\dfsa.dll]  [ , 5, 0, 0, 4]
[PID: 1364 / user][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\KB908019.log]  [N/A, ]
    [c:\progra~1\lnai\yanv.dll]  [, 5, 0, 0, 4]
    [c:\progra~1\lnai\dfsa.dll]  [ , 5, 0, 0, 4]
    [C:\WINDOWS\netdde32.exe]  [N/A, ]
    [C:\WINDOWS\system32\netdde32.exe]  [N/A, ]
    [C:\WINDOWS\system32\z2euk9k0.dll]  [N/A, ]
    [C:\WINDOWS\system32\ymupgj09.dll]  [, 1, 1, 1, 1016]
    [C:\WINDOWS\system32\qysrfm94.dll]  [, 1, 1, 1, 1022]
    [C:\WINDOWS\system32\rudcay16.dll]  [, 1, 1, 1, 1049]
    [E:\郭宇专用盘\QQ\qdshm.dll]  [, 1, 0, 101, 20]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 21]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\4601.dll]  [TODO: <公司名>, 1.0.0.1]
[PID: 424 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

[PID: 2612 / user][C:\WINDOWS\system32\WgaTray.exe]  [Microsoft Corporation, 1.7.0018.5]
    [c:\progra~1\lnai\yanv.dll]  [, 5, 0, 0, 4]
    [c:\progra~1\lnai\dfsa.dll]  [ , 5, 0, 0, 4]
[PID: 3972 / user][C:\WINDOWS\system32\rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\b41.dll]  [  , 1, 0, 0, 3]
    [c:\progra~1\lnai\yanv.dll]  [, 5, 0, 0, 4]
    [c:\progra~1\lnai\dfsa.dll]  [ , 5, 0, 0, 4]
    [C:\WINDOWS\system32\qysrfm94.dll]  [, 1, 1, 1, 1022]
    [C:\WINDOWS\system32\ymupgj09.dll]  [, 1, 1, 1, 1016]
[PID: 3996 / user][C:\Program Files\Rising\Rav\RavTask.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 22]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [c:\progra~1\lnai\yanv.dll]  [, 5, 0, 0, 4]
    [c:\progra~1\lnai\dfsa.dll]  [ , 5, 0, 0, 4]
[PID: 4028 / user][C:\Program Files\Rising\Rav\Ravmon.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 1, 30]
    [C:\Program Files\Rising\Rav\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 24]
    [C:\Program Files\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [c:\progra~1\lnai\yanv.dll]  [, 5, 0, 0, 4]
    [c:\progra~1\lnai\dfsa.dll]  [ , 5, 0, 0, 4]
    [C:\WINDOWS\system32\ymupgj09.dll]  [, 1, 1, 1, 1016]
    [C:\WINDOWS\system32\qysrfm94.dll]  [, 1, 1, 1, 1022]
[PID: 428 / user][C:\Program Files\OCINS\idnsvr.exe]  [中国互联网信息中心(CNNIC), 2, 6, 0, 0]
    [c:\progra~1\lnai\yanv.dll]  [, 5, 0, 0, 4]
    [c:\progra~1\lnai\dfsa.dll]  [ , 5, 0, 0, 4]
    [C:\Program Files\OCINS\idnsvr.dll]  [中国互联网信息中心(CNNIC), 2, 6, 0, 0]
[PID: 2076 / user][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ymupgj09.dll]  [, 1, 1, 1, 1016]
    [c:\progra~1\lnai\yanv.dll]  [, 5, 0, 0, 4]
    [c:\progra~1\lnai\dfsa.dll]  [ , 5, 0, 0, 4]
    [C:\WINDOWS\system32\qysrfm94.dll]  [, 1, 1, 1, 1022]
[PID: 676 / user][E:\MagicSet\SRIECLI.EXE]  [Super Rabbit Soft, 7.99]
    [C:\WINDOWS\system32\vb6chs.dll]  [Microsoft Corporation, 6.00.8988]
    [C:\WINDOWS\system32\qysrfm94.dll]  [, 1, 1, 1, 1022]
    [C:\WINDOWS\system32\ymupgj09.dll]  [, 1, 1, 1, 1016]
    [c:\progra~1\lnai\yanv.dll]  [, 5, 0, 0, 4]
    [c:\progra~1\lnai\dfsa.dll]  [ , 5, 0, 0, 4]
    [E:\MagicSet\shlobj71.ocx]  [Sky Software (http://www.ssware.com), 7, 1, 0, 0]
[PID: 5048 / user][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\qysrfm94.dll]  [, 1, 1, 1, 1022]
    [C:\WINDOWS\system32\ymupgj09.dll]  [, 1, 1, 1, 1016]
    [c:\progra~1\lnai\yanv.dll]  [, 5, 0, 0, 4]
    [c:\progra~1\lnai\dfsa.dll]  [ , 5, 0, 0, 4]
[PID: 6036 / user][E:\郭宇专用盘\QQ\QQ.exe]  [TENCENT, 7,0,225,1651]
    [E:\郭宇专用盘\QQ\QQBaseClassInDll.dll]  [TENCENT, 7,0,225,1651]
    [E:\郭宇专用盘\QQ\QQHelperDll.dll]  [TENCENT, 7,0,225,1651]
    [E:\郭宇专用盘\QQ\BasicCtrlDll.dll]  [TENCENT, 7, 0, 225, 1651]
    [E:\郭宇专用盘\QQ\MFC42.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [C:\WINDOWS\system32\qysrfm94.dll]  [, 1, 1, 1, 1022]
    [C:\WINDOWS\system32\ymupgj09.dll]  [, 1, 1, 1, 1016]
    [c:\progra~1\lnai\yanv.dll]  [, 5, 0, 0, 4]
    [c:\progra~1\lnai\dfsa.dll]  [ , 5, 0, 0, 4]
    [E:\郭宇专用盘\QQ\RICHED32.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [E:\郭宇专用盘\QQ\RICHED20.dll]  [Microsoft Corporation, 5.31.23.1218]
    [E:\郭宇专用盘\QQ\QQAPI.dll]  [TENCENT, 7,0,225,1651]
    [E:\郭宇专用盘\QQ\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
    [E:\郭宇专用盘\QQ\LoginCtrl.dll]  [TENCENT, 7,0,225,1651]
    [E:\郭宇专用盘\QQ\LoginCtrlRes.dll]  [TENCENT, 7,0,225,1651]
    [E:\郭宇专用盘\QQ\QQRes.dll]  [TENCENT, 7,0,225,1651]
    [E:\郭宇专用盘\QQ\MailSummary.dll]  [TENCENT, 7,0,225,1651]
    [E:\郭宇专用盘\QQ\QQMainFrame.dll]  [N/A, ]
    [E:\郭宇专用盘\QQ\gdiplus.dll]  [Microsoft Corporation, 5.1.3102.2180 (xpsp_sp2_rtm.040803-2158)]
    [E:\郭宇专用盘\QQ\CQQApplication.dll]  [N/A, ]
    [E:\郭宇专用盘\QQ\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [E:\郭宇专用盘\QQ\NewSkin.dll]  [TENCENT, 7,0,225,1651]
    [E:\郭宇专用盘\QQ\HostingMgr.dll]  [TENCENT, 7,0,225,1651]
    [E:\郭宇专用盘\QQ\CameraDll.dll]  [TENCENT, 7,0,225,1651]
    [E:\郭宇专用盘\QQ\QQKnowledgeSearch.dll]  [TENCENT, 7,0,225,1651]
    [E:\郭宇专用盘\QQ\QQAllInOne.dll]  [TENCENT, 7,0,225,1651]
    [E:\郭宇专用盘\QQ\SCCore.dll]  [TENCENT, 1, 6, 0, 2]
    [E:\郭宇专用盘\QQ\QQSpace.dll]  [TENCENT, 7,0,225,1651]
    [E:\郭宇专用盘\QQ\vbscript.dll]  [Microsoft Corporation, 5.6.0.7426]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [E:\郭宇专用盘\QQ\QQGroupMng.dll]  [TENCENT, 7,0,225,1651]
    [E:\郭宇专用盘\QQ\QQSysMsgMng.dll]  [N/A, ]
    [E:\郭宇专用盘\QQ\UserDefinedHead.dll]  [TENCENT, 7,0,225,1651]
    [E:\郭宇专用盘\QQ\QQPlugin.dll]  [N/A, ]
    [E:\郭宇专用盘\QQ\QQConfigPlugin.dll]  [TENCENT, 7,0,225,1651]
    [E:\郭宇专用盘\QQ\QQAvatar.dll]  [N/A, ]
    [E:\郭宇专用盘\QQ\QRingMng.dll]  [N/A, ]
    [E:\郭宇专用盘\QQ\QQCustomFace.dll]  [N/A, ]
    [E:\郭宇专用盘\QQ\ImageOle.dll]  [TENCENT, 7,0,225,1651]
    [E:\郭宇专用盘\QQ\QQLiveQMng.dll]  [TENCENT, 7,0,225,1651]
    [E:\郭宇专用盘\QQ\QQPet.dll]  [TENCENT, 7,0,225,1651]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
    [E:\郭宇专用盘\QQ\qqgroupdisk.dll]  [深圳腾讯科技, 2, 7, 0, 1022]
    [E:\郭宇专用盘\QQ\LongConnection.dll]  [TENCENT, 7,0,225,1651]
    [E:\郭宇专用盘\QQ\PhoneAPI.dll]  [TENCENT, 7,0,225,1651]
    [E:\郭宇专用盘\QQ\DialerAllinOne.dll]  [tencent, 1, 4, 0, 0]
    [E:\郭宇专用盘\QQ\BQQApplication.dll]  [N/A, ]
    [E:\郭宇专用盘\QQ\CommercesMng.dll]  [TENCENT, 7,0,225,1651]
    [E:\郭宇专用盘\QQ\PersonalDesktop.dll]  [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
    [E:\郭宇专用盘\QQ\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 300]
    [E:\郭宇专用盘\QQ\QQSceneMng.dll]  [N/A, ]
    [E:\郭宇专用盘\QQ\QQPhoneHelper.dll]  [腾讯科技（深圳）有限公司, 2, 1, 9, 93]
    [E:\郭宇专用盘\QQ\GroupConnection.dll]  [TENCENT, 7,0,225,1651]
[PID: 3104 / user][E:\郭宇专用盘\QQ\TIMPlatform.exe]  [TENCENT, 7,0,225,1651]
    [C:\WINDOWS\system32\qysrfm94.dll]  [, 1, 1, 1, 1022]
    [C:\WINDOWS\system32\ymupgj09.dll]  [, 1, 1, 1, 1016]
    [c:\progra~1\lnai\yanv.dll]  [, 5, 0, 0, 4]
    [c:\progra~1\lnai\dfsa.dll]  [ , 5, 0, 0, 4]
    [E:\郭宇专用盘\QQ\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
[PID: 4424 / user][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\qysrfm94.dll]  [, 1, 1, 1, 1022]
    [C:\WINDOWS\system32\ymupgj09.dll]  [, 1, 1, 1, 1016]
    [c:\progra~1\lnai\yanv.dll]  [, 5, 0, 0, 4]
    [c:\progra~1\lnai\dfsa.dll]  [ , 5, 0, 0, 4]
    [E:\MAGICSET\haokanbar.dll]  [Xiang Feng Technology, 2, 2, 0, 1612]
    [C:\WINDOWS\system32\4601.dll]  [TODO: <公司名>, 1.0.0.1]
    [C:\WINDOWS\system32\winrfm94.dll]  [, 1, 1, 1, 1055]
    [C:\WINDOWS\system32\winpgj09.dll]  [, 1, 1, 1, 1029]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
    [E:\MAGICSET\xFoCtrl.dll]  [, 8, 0, 22, 0]
[PID: 6084 / user][C:\Documents and Settings\user\桌面\新建文件夹\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
    [C:\WINDOWS\system32\qysrfm94.dll]  [, 1, 1, 1, 1022]
    [C:\WINDOWS\system32\ymupgj09.dll]  [, 1, 1, 1, 1016]
    [c:\progra~1\lnai\yanv.dll]  [, 5, 0, 0, 4]
    [c:\progra~1\lnai\dfsa.dll]  [ , 5, 0, 0, 4]
    [C:\Documents and Settings\user\桌面\新建文件夹\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1                    localhost
127.0.0.1                    008.cn
127.0.0.1                    ultimate-best-hgh.0my.net
127.0.0.1                    www.139500.com
127.0.0.1                    www.1yin.net
127.0.0.1                    ****cn
127.0.0.1                    www.37021.com
127.0.0.1                    www.47555.net
127.0.0.1                    www.511ring.com
127.0.0.1                    me.5e163.com
127.0.0.1                    www.777888.com
127.0.0.1                    www.77ttt.com
127.0.0.1                    www.9p.cn
127.0.0.1                    abcdesign.ru
127.0.0.1                    gutemine.wu-wien.ac.at
127.0.0.1                    math.kobe-u.ac.jp
127.0.0.1                    www.aifind.info
127.0.0.1                    www.allyes.com
127.0.0.1                    www.aogo.net
127.0.0.1                    baltnet.ru
127.0.0.1                    quotes.barchart.com
127.0.0.1                    free.bestialityhost.com
127.0.0.1                    cctv1.net
127.0.0.1                    cctv8.net
127.0.0.1                    www.cctv8.net
127.0.0.1                    ciachoo.pl
127.0.0.1                    www.play.cn.gs
127.0.0.1                    www.cnqb.net
127.0.0.1                    www.feixue.net
127.0.0.1                    www.xiliao.com.cn
127.0.0.1                    alexey.pioneers.com.ru
127.0.0.1                    www.coolcdrom.com
127.0.0.1                    www.coolseach.com
127.0.0.1                    puldk490gj.da.ru
127.0.0.1                    dicto.ru
127.0.0.1                    www.dj3344.com
127.0.0.1                    www.donttrip.org
127.0.0.1                    www.ehomeday.com
127.0.0.1                    elemental.ru
127.0.0.1                    errorguard.com
127.0.0.1                    friendlygreeting.com
127.0.0.1                    zhp.gdynia.pl
127.0.0.1                    www.gg888.net
127.0.0.1                    gin.ru
127.0.0.1                    www.girlchinese.com
127.0.0.1                    glass-master.ru
127.0.0.1                    photo.gornet.ru
127.0.0.1                    relay.great.ru
127.0.0.1                    hack-gegen-rechts.com
127.0.0.1                    hgrstrailer.com
127.0.0.1                    www.homepage.com
127.0.0.1                    hotbar.com
127.0.0.1                    intellect.lvc
127.0.0.1                    interfoodtd.ru
127.0.0.1                    jewishgen.org
127.0.0.1                    www.jixian.net
127.0.0.1                    k2kapital.com
127.0.0.1                    security.kolla.de
127.0.0.1                    www.kuliao.com
127.0.0.1                    laugh-mail.net
127.0.0.1                    7b.com.cn
127.0.0.1                    9505.com
127.0.0.1                    www.piaoxue.com
127.0.0.1                    marketscore.com
127.0.0.1                    www.mir0.com
127.0.0.1                    momentum.ru
127.0.0.1                    www.mtv51.com
127.0.0.1                    www.mydj2005.com
127.0.0.1                    nefkom.net
127.0.0.1                    no-abi2003.de
127.0.0.1                    tdi-router.opola.pl
127.0.0.1                    packages.debian.or.jp
127.0.0.1                    perfectgirls.net
127.0.0.1                    peterstar.ru
127.0.0.1                    pgipearls.com
127.0.0.1                    phg.pl
127.0.0.1                    vip.pnet.pl
127.0.0.1                    sec.polbox.pl
127.0.0.1                    polobeer.de
127.0.0.1                    porno-mania.net
127.0.0.1                    home.profootball.ru
127.0.0.1                    qianbai.com
127.0.0.1                    ad.qingyule.com
127.0.0.1                    www.qq168.net
127.0.0.1                    www.qq3344.com
127.0.0.1                    www.qq92.com
127.0.0.1                    www.qqwz.com
127.0.0.1                    www.qu123.com
127.0.0.1                    republika.pl
127.0.0.1                    www.richfind.com
127.0.0.1                    rollenspielzirkel.de
127.0.0.1                    safer-networking.org
127.0.0.1                    sdsauto.ru
127.0.0.1                    www.searchpage.cc
127.0.0.1                    www.seekeasysoft.net
127.0.0.1                    shadkhan.ru
127.0.0.1                    slavarik.ru
127.0.0.1                    sovea.de
127.0.0.1                    spybot.info
127.0.0.1                    www.start-page.info
127.0.0.1                    lars-s.privat.t-online.de
127.0.0.1                    u.t2cn.com
127.0.0.1                    www.7939.com
127.0.0.1                    www.4199.com
127.0.0.1                    www.3448.com
127.0.0.1                    www.6781.com
127.0.0.1                    it.trendmicro-europe.com
127.0.0.1                    trendmicro.it
127.0.0.1                    truefriends.net
127.0.0.1                    www.tthao.com
127.0.0.1                    www.ttrx.net
127.0.0.1                    tuhart.net
127.0.0.1                    www.unionsky.cn
127.0.0.1                    www.unionsky.com
127.0.0.1                    www.unionsky.net
127.0.0.1                    vconsole.net
127.0.0.1                    virtumonde.com
127.0.0.1                    gamma.vyborg.ru
127.0.0.1                    financial.washingtonpost.com
127.0.0.1                    webpark.pl
127.0.0.1                    wishken.com
127.0.0.1                    www.yeapple.com
127.0.0.1                    www.yibinren.com
127.0.0.1                    www.youmiss.com
127.0.0.1                    www.yysky.net
127.0.0.1                    zelnet.ru
127.0.0.1                    www.zhengdian.com
127.0.0.1                    abc.265.com
127.0.0.1                    555.265.com
127.0.0.1                    www.baidu345.com
127.0.0.1                    www.37ss.com
127.0.0.1                    my123.com

==================================
进程特权扫描
特殊特权被允许： SeDebugPrivilege [PID = 3996, C:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 3996, C:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 4028, C:\PROGRAM FILES\RISING\RAV\RAVMON.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 4028, C:\PROGRAM FILES\RISING\RAV\RAVMON.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 676, E:\MAGICSET\SRIECLI.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 676, E:\MAGICSET\SRIECLI.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 6036, E:\郭宇专用盘\QQ\QQ.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 6036, E:\郭宇专用盘\QQ\QQ.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 3104, E:\郭宇专用盘\QQ\TIMPLATFORM.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 3104, E:\郭宇专用盘\QQ\TIMPLATFORM.EXE]

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]

就这些.麻烦高手教我怎么手动删啊,本来想下个灌水发帖器结果搞成这样,救命啊~

?