现在可以说可能是瑞星的一个BUG,12月29日升级前的误报,目前升级到1月4日就不再有了
已经解决了。升级到1月4日新版本后，就不再报有了
谢谢各位

各位老大:本人不知道何时中了灰鸽子病毒.按照本论坛上的精华指引操作，也没能把病毒驱除,用了很多工具软件都不行.
本人感到疑惑，谁能提供帮助?

利用HIJACKTHIS扫描,看不出有可疑的内容
HijackThis_zww汉化版扫描日志 V1.99.1
保存于      8:38:13, 日期 2006-12-30
操作系统：  Windows XP SP2 (WinNT 5.01.2600)
浏览器：    Internet Explorer v6.00 SP2 (6.00.2900.2180)

当前运行的进程：         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Rising\Rav\Ravmond.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AhnLab\Smart Update Utility\AhnSDsv.exe
C:\Program Files\AhnLab\AhnLab SpyZero 2.0\AszMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\AhnLab\Smart Update Utility\AhnSD.exe
C:\Program Files\Rising\Rav\Ravmon.exe
C:\Program Files\Rising\AntiSpyware\runiep.exe
C:\Program Files\AhnLab\AhnLab SpyZero 2.0\AszTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\conime.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
E:\software\EWIDO3.5专业查杀木马\EWIDO3.5\ewido.exe
E:\software\EWIDO3.5专业查杀木马\EWIDO3.5\SecuritySuite.exe
C:\mySingle\Component\EpTray.exe
C:\Program Files\mySingle\messenger\messenger.exe
C:\Program Files\mySingle\messenger\myMailMonitor.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
E:\software\灰鸽子木马专杀\HijackThis 1.99.0\HijackThis1991汉化版\HijackThis1991zww.exe

O1 - Hosts: 109.10.1.17 bjdccs
O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file)
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - 启动项HKLM\\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - 启动项HKLM\\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [AHNSD] "C:\Program Files\AhnLab\Smart Update Utility\AhnSD.exe"
O4 - 启动项HKLM\\Run: [runeip] C:\Program Files\Rising\AntiSpyware\runiep.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: desktop.ini
O4 - Global Startup: desktop.ini
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - C:\Program Files\FlashGet\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - C:\Program Files\FlashGet\jc_all.htm
O15 - “受信任的站点”中添加项: *.samsung-emp.com
O15 - “受信任的站点”中添加项: *.samsung.net
O15 - “受信任的站点”中添加项: *.samsunggsbn.com
O15 - “受信任的站点”中添加项: *.samsungwireless.com
O16 - DPF: {00B4EB57-5F54-4A6A-BC1A-DE9ABA26C0E2} (EPWrapsodyVersion Class) - http://drm.samsung.net/activex/EPDRM.fasoo.cab
O16 - DPF: {011605F4-3A7F-44F8-828A-E2F3BC2BEC2E} (MyUpDown Control) - http://edms-ab.sec.samsung.net/edms/lib/myUpDown_U.cab
O16 - DPF: {03F49E0E-C43A-4037-BBD6-D681E998A08E} (CodeAx Class) - http://sso.sec.samsung.net/cabfiles/CM_CodeAx.cab
O16 - DPF: {1B954045-CB17-46CF-A596-BC59E7861D79} (mySingle.ClsLocal) - http://www.samsung.net/cabs/localmailfolder/mySingle_XPSP2.CAB
O16 - DPF: {2207EDAD-5731-4CCD-B79B-E489022E47AF} (GSBN.CHINA) - http://www.samsunggsbn.com/PSI3/China/Cab/GSBN_CHINA.CAB
O16 - DPF: {223216F6-B9FE-406D-9ED6-143FCE3A07B8} (MxLogicalTRU Class) - http://eofficech.sec.samsung.net/eoffice3/gauce/MxLogicalTRU.cab
O16 - DPF: {2F98EA90-EAE1-4AB5-AE89-DA073D824589} (MxBinderU Class) - http://gcms.sec.samsung.net/comp/cabfiles/MxBinderU.cab
O16 - DPF: {2FF8F8B7-1B3F-4E5F-93B1-FEF1D703C0F4} (LocalTree.LocalXMLTree) - http://www.samsung.net/cabs/LocalFolder2004/Cab/mySingleLocal_U.cab
O16 - DPF: {34B5A473-9696-4F9A-9BA1-41B8185A9798} (EpFTP3 Control) - http://www.samsung.net/cabs/EpFTP3/EpFTP3_U.cab
O16 - DPF: {3D6C131D-AE95-4484-B2D0-275D4EC62DFD} (Enc Class) - http://109.10.1.88:7001/ghr/pdssghr.cab
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (CEditCtrl Object) - https://img.alipay.com/download/1007/aliedit.cab
O16 - DPF: {4C77B4AB-C802-4E0D-A763-4F6E9EE37118} (SRW711.SRW_711_C) - http://218.249.63.211:4000/REGISTER_O/SRW711.CAB
O16 - DPF: {52DF16E3-6C4F-4B22-8BAF-09263E463B48} - http://zs.kingsoft.com/KOSInit.cab
O16 - DPF: {71E7ACA0-EF63-4055-9894-229B056E9C31} (MxGridU Class) - http://eofficech.sec.samsung.net/eoffice3/gauce/MxGridU.cab
O16 - DPF: {80017034-D4F8-410D-9B03-0E713C34CEAD} (Chart Object) - http://www.samsunggsbn.com/chartfx62/download/ChartFX.ComIEClient.Core.cab
O16 - DPF: {859A7EB3-35E6-434B-A82B-08B4F8DDE1B6} (NamoWeCtl 6.0 for samsung_mysingle) - http://www.samsung.net/cabs/Namo/NamoWec.cab
O16 - DPF: {8686F2A6-DC01-4E8F-BDE3-DCC7DBBAD6AE} (163Uploader Control) - http://upload.photo.163.com/163Uploader.cab
O16 - DPF: {922DEB6A-364A-49C3-83EB-8B9FA3CE4B82} (NamoWeCtl 5.0 for Samsung_SIMS3) - http://simschina.sec.samsung.net/webeditor/NamoWec.cab
O16 - DPF: {9B3E5AA6-A9D6-46C4-99E4-B01AF6ABDD04} (IxTree Control) - http://edms-ab.sec.samsung.net/edms/lib/IxTree_R.CAB
O16 - DPF: {9F0AA341-1D10-4B18-B70B-6AA49CE7F5D6} (MxImageSetU Class) - http://eofficech.sec.samsung.net/eoffice3/gauce/MxImageSetU.cab
O16 - DPF: {A93FB56D-2F76-4DD7-8E38-9B1EB38C88A5} (SecureSession Class) - http://gcms.sec.samsung.net/comp/cabfiles/SecuiSECIE_eng.cab
O16 - DPF: {AF989B7C-8AC3-40BC-B749-EB335BDFD190} (MxDataSetU Class) - http://eofficech.sec.samsung.net/eoffice3/gauce/MxDataSetU.cab
O16 - DPF: {BB4533A0-85E0-4657-9BF2-E8E7B100D47E} (MxComboU Class) - http://gcms.sec.samsung.net/comp/cabfiles/MxComboU.cab
O16 - DPF: {C63E3330-049F-4C31-B47E-425C84A5A725} (EpAdm2 Control) - http://www.samsung.net/cabs/Tray/EpAdm2.cab
O16 - DPF: {D7779973-9954-464E-9708-DA774CA50E13} (MxMaskEditU Class) - http://gcms.sec.samsung.net/comp/cabfiles/MxMaskEditU.cab
O16 - DPF: {D7B715F5-F1E1-4904-93A6-1B53E07221A3} (SRW840.SRW_840_C) - http://218.249.63.211:4000/REGISTER_O/SRW840.CAB
O16 - DPF: {DE6ABA6A-095B-43E3-BEBB-879868DC5C8A} (SSLinks Control) - http://www.samsung.net/cabs/messenger/SSLinks.cab
O16 - DPF: {DF1AD5D9-977A-4A1F-9392-2AFFCCE6211F} (IxSheet Control) - http://edms-ab.sec.samsung.net/edms/lib/IxSheet_U.cab
O16 - DPF: {E1D1DACA-5BA2-4376-89AD-3A213B916779} (IBLeaders IBSheet For Unicode Control) - http://109.10.1.88:7001/ghr/common/sheet/IBSheet4Unicode.CAB
O16 - DPF: {E463DD62-1D07-425E-B82A-539FBA2F4162} (GSBN_Updater.UserControl1) - http://www.samsunggsbn.com/PSI3/Cab/GSBN_Updater.CAB
O16 - DPF: {F3E92562-1B4D-4BFA-B2D4-E9BCABE3B6A3} (Iesign Control) - https://ebanks.spdb.com.cn/per/gb/js/iesign.ocx
O16 - DPF: {F80FFA1F-348B-4FA4-B1E6-BC63A82090A0} (SRL101.SRL_101_C) - http://218.249.63.211:4000/SRL101.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{B84A5880-EDDA-4259-8113-69DC9B5511DE}: NameServer = 203.241.132.34,203.241.132.85
O23 - NT 服务: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - NT 服务: AhnLab Task Scheduler - AhnLab, Inc. - C:\Program Files\AhnLab\Smart Update Utility\AhnSDsv.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: Rising RealTime Monitor (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe
O23 - NT 服务: SpyZero_Monitor - AhnLab, Inc. - C:\Program Files\AhnLab\AhnLab SpyZero 2.0\AszMon.exe

问题在于
1.如果开机后不打开IE浏览器,瑞星查不到有病毒
2.只要一打开IE浏览器，瑞星就可以查获内存有驻留灰鸽子病毒，清除的同时IE浏览器被关掉.如果再打开IE浏览器再查杀还有,见图
是c:\Program Files\Internet Explorer\IEXPLORE.EXE报鸽子

注册表里我也看过，也找不到需要删除的东西.
在%windows%等相关系统文件夹下找不到可疑_hook.dll文件

现在电脑到是不影响任何使用
但是每次瑞星查杀都能显示内存IEXPLORER.EXE中了灰鸽子病毒,每次清除后，IE浏览器窗口自动被关闭.

请注意:奇怪的是
1.如果我不打开IE浏览器,瑞星查杀检查不出任何病毒
2.只要一打开IE浏览器,肯定能查出灰鸽子病毒，即使清除后，再打开IE浏览器还是能查出

可以见图,哪位高手能帮助解决这个问题，谢谢

引用:

【高歌猛进的贴子】 勾选修复： O1 - Hosts: 109.10.1.17 bjdccs O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file) 016项 谁报的鸽子？路径名称？ ………………

01 项目  HOSTS是我们公司用的SAP系统

引用:

【仙剑VS景天的贴子】把一群016项先给修复了. 还有那些受信任站点是干什么的?顺便没鸽子 ………………

那些受信任站点都是公司工作上需要用的

引用:

【水树雨下的贴子】什么报的鸽子？ewido.exe这个东西不用也罢 ………………

是IEXPLORER.EXE报的鸽子

引用:

【水树雨下的贴子】 只要报鸽子都是这个IEXPLORER.EXE，问的是什么杀软报的，鸽子名…… ………………

是瑞星报查出鸽子,用金山就查不出.用木马专杀也查不出
鸽子名字是Backdoor.Gpigeon.lxb

引用:

【仙剑VS景天的贴子】 老大.你瑞星升级到哪了? ………………

是升级到最新的啊.元旦前19.03.50版本查杀的结果
节后还没有查杀，没有升级.但是肯定结果依旧

【回复“仙剑VS景天”的帖子】
扫描报告
[CODE]

2007-01-04,15:22:41

System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
    <KavPFW><"C:\KAV2006\KPFW32.EXE">  [Kingsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <MSPY2002><C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC>  [(Verified)N/A]
    <IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [(Verified)Microsoft Corporation]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <AHNSD><"C:\Program Files\AhnLab\Smart Update Utility\AhnSD.exe">  [(Verified)AhnLab, Inc.]
    <runeip><C:\Program Files\Rising\AntiSpyware\runiep.exe>  [Beijing Rising Technology Co., Ltd.]
    <KavStart><"C:\KAV2006\KAVStart.exe" -startup>  [Kingsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <AtiPTA><; atiptaxx.exe>  [ATI Technologies, Inc.]
    <HP Component Manager><; "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe">  [Hewlett-Packard Company]
    <HP Software Update><; C:\Program Files\HP\HP Software Update\HPWuSchd2.exe>  [Hewlett-Packard Co.]
    <KavStart><; "C:\KAV2006\KAVStart.exe" -startup>  [Kingsoft Corporation]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <MSMSGS><; "C:\Program Files\Messenger\msmsgs.exe" /background>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <QuickTime Task><; "C:\Program Files\QuickTime\qttask.exe" -atboottime>  [Apple Computer, Inc.]
    <TkBellExe><; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]

==================================
启动文件夹
N/A

==================================
服务
[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[AhnLab Task Scheduler / AhnLab Task Scheduler][Running/Auto Start]
  <"C:\Program Files\AhnLab\Smart Update Utility\AhnSDsv.exe"><AhnLab, Inc.>
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
  <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
  <"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[SpyZero_Monitor / SpyZero_Monitor][Running/Auto Start]
  <"C:\Program Files\AhnLab\AhnLab SpyZero 2.0\AszMon.exe"><AhnLab, Inc.>
[Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
  <C:\KAV2006\KWatch.EXE><Kingsoft Corporation>
[Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
  <"C:\KAV2006\KPfwSvc.EXE"><Kingsoft Corporation>

==================================
驱动程序
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
  <system32\drivers\ac97intc.sys><Intel Corporation>
[AhnFlt2K / AhnFlt2K][Running/Manual Start]
  <\??\C:\WINDOWS\system32\Drivers\AhnFlt2K.sys><AhnLab, Inc.>
[AhnRec2K / AhnRec2K][Running/Manual Start]
  <\??\C:\WINDOWS\system32\Drivers\AhnRec2K.sys><AhnLab, Inc.>
[AhnRghNt / AhnRghNt][Running/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\AhnRghNt.sys><AhnLab, Inc.>
[AhnSZE / AhnSZE][Running/Manual Start]
  <system32\drivers\AhnSZE.sys><AhnLab, Inc.>
[AliIde / AliIde][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\aliide.sys><N/A>
[AnfdIont / AnfdIont][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\AnfdIont.sys><AhnLab, Inc.>
[AnfdTDnt / AnfdTDnt][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\AnfdTDnt.sys><AhnLab, Inc.>
[ASZFltNt / ASZFltNt][Running/Manual Start]
  <\??\C:\Program Files\AhnLab\AhnLab SpyZero 2.0\ASZFltNt.sys><AhnLab, Inc.>
[ati2mtaa / ati2mtaa][Running/Manual Start]
  <system32\DRIVERS\ati2mtaa.sys><ATI Technologies Inc.>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[Bluetooth Audio Service / BlueletAudio][Stopped/Manual Start]
  <system32\DRIVERS\blueletaudio.sys><IVT Corporation>
[Bluetooth PAN Network Adapter / BT][Stopped/Manual Start]
  <system32\DRIVERS\btnetdrv.sys><IVT Corporation>
[Bluetooth USB For Bluetooth Service / Btcsrusb][Stopped/Manual Start]
  <System32\Drivers\btcusb.sys><IVT Corporation>
[Bluetooth HID Enumerator / BTHidEnum][Stopped/Manual Start]
  <system32\DRIVERS\vbtenum.sys><N/A>
[Bluetooth HID Manager Service / BTHidMgr][Running/Boot Start]
  <\SystemRoot\System32\Drivers\BTHidMgr.sys><IVT Corporation>
[ICatch (VI) PC Camera / CA561][Stopped/Manual Start]
  <System32\Drivers\SPCA561.SYS><SP>
[CmdIde / CmdIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[Team MFP Comm Driver / DgiVecp][Running/Auto Start]
  <System32\Drivers\DgiVecp.sys><DeviceGuys, Inc.>
[3Com EtherLink XL 90XB/C Adapter Driver / EL90XBC][Running/Manual Start]
  <system32\DRIVERS\el90xbc5.sys><3Com Corporation>
[ExpScaner / ExpScaner][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\ExpScan.sys><>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[HookCont / HookCont][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\HookSys.sys><Rising>
[KWatch3 / KWatch3][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
[MegaIDE / MegaIDE][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\MegaIDE.sys><LSI Logic Corporation.>
[MEMSCAN / MEMSCAN][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[Netgroup Packet Filter / NPF][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\packet.sys><N/A>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\C:\Program Files\Tencent2006\TMDlls\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv / nv][Stopped/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
  <\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[Hisense USB CDC Driver (PID 3100) / qccdcmdm0][Stopped/Manual Start]
  <system32\DRIVERS\qcusbmdm.sys><QUALCOMM Incorporated>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\RSPPSYS.sys><Rising>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[V3NfeNt / V3NfeNt][Running/Auto Start]
  <\??\C:\Program Files\Ahnlab\V3\V3NfeNt.sys><AhnLab, Inc.>
[Virtual Serial port driver / VComm][Stopped/Manual Start]
  <system32\DRIVERS\VComm.sys><IVT Corporation>
[Bluetooth VComm Manager Service / VcommMgr][Stopped/Manual Start]
  <System32\Drivers\VcommMgr.sys><IVT Corporation>
[ViaIde / ViaIde][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[KNetWch / KNetWch][Running/System Start]
  <\??\C:\KAV2006\KNetWch.SYS><Kingsoft Corporation>

==================================
浏览器加载项
[CBrowseStakeout Class]
  {55302805-482E-470E-8A57-6795A1487F90} <C:\KAV2006\KAVAFish.DLL, Kingsoft Corporation>
[EPWrapsodyVersion Class]
  {00B4EB57-5F54-4A6A-BC1A-DE9ABA26C0E2} <C:\WINDOWS\ep_fver.dll, >
[MyUpDown Control]
  {011605F4-3A7F-44F8-828A-E2F3BC2BEC2E} <C:\WINDOWS\DOWNLO~1\CONFLICT.1\myUpDown.ocx, SAMSUNG SDS>
[CodeAx Class]
  {03F49E0E-C43A-4037-BBD6-D681E998A08E} <C:\WINDOWS\DOWNLO~1\CONFLICT.1\CM_COD~1.DLL, >
[mySingle.ClsLocal]
  {1B954045-CB17-46CF-A596-BC59E7861D79} <C:\WINDOWS\Downloaded Program Files\CONFLICT.1\mySingle_XPSP2.dll, SDS>
[GSBN.CHINA]
  {2207EDAD-5731-4CCD-B79B-E489022E47AF} <C:\WINDOWS\Downloaded Program Files\GSBN_CHINA.ocx, ??SDS>
[MxLogicalTRU Class]
  {223216F6-B9FE-406D-9ED6-143FCE3A07B8} <C:\WINDOWS\Downloaded Program Files\CONFLICT.1\MxLogicalTRU.dll, sift infomation & communication>
[MxBinderU Class]
  {2F98EA90-EAE1-4AB5-AE89-DA073D824589} <C:\WINDOWS\Downloaded Program Files\CONFLICT.1\MxBinderU.dll, SHIFT Infomation & Communication Co., Ltd.>
[LocalTree.LocalXMLTree]
  {2FF8F8B7-1B3F-4E5F-93B1-FEF1D703C0F4} <C:\WINDOWS\system32\mySingleTree.ocx, Samsung SDS Co., Ltd.>
[EpFTP3 Control]
  {34B5A473-9696-4F9A-9BA1-41B8185A9798} <C:\WINDOWS\system32\EpFTP3.ocx, Samsung SDS Co., Ltd.>
[Enc Class]
  {3D6C131D-AE95-4484-B2D0-275D4EC62DFD} <C:\WINDOWS\Downloaded Program Files\CONFLICT.1\pdssex.dll, >
[CEditCtrl Object]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com>
[SRW711.SRW_711_C]
  {4C77B4AB-C802-4E0D-A763-4F6E9EE37118} <C:\WINDOWS\Downloaded Program Files\SRW711.ocx, Waremec>
[MxGridU Class]
  {71E7ACA0-EF63-4055-9894-229B056E9C31} <C:\WINDOWS\Downloaded Program Files\CONFLICT.1\MxGridU.dll, SHIFT Infomation & Communication Co., Ltd.>
[Chart Object]
  {80017034-D4F8-410D-9B03-0E713C34CEAD} <C:\WINDOWS\Downloaded Program Files\ChartFX.ComIEClient.Core.dll, Software FX, Inc.>
[NamoWeCtl 6.0 for samsung_mysingle]
  {859A7EB3-35E6-434B-A82B-08B4F8DDE1B6} <C:\WINDOWS\system32\NamoWec6_samsung_mysingle.dll, Sejoong Namo Interactive, Inc.>
[163Uploader Control]
  {8686F2A6-DC01-4E8F-BDE3-DCC7DBBAD6AE} <C:\WINDOWS\system32\163UPL~1.OCX, 广州网易互动娱乐有限公司>
[NamoWeCtl 5.0 for Samsung_SIMS3]
  {922DEB6A-364A-49C3-83EB-8B9FA3CE4B82} <C:\WINDOWS\system32\NamoWec5_Samsung_SIMS3.dll, Sejoong Namo Interactive, Inc.>
[IxTree Control]
  {9B3E5AA6-A9D6-46C4-99E4-B01AF6ABDD04} <C:\WINDOWS\DOWNLO~1\CONFLICT.1\IxTree.ocx, Samsung SDS>
[MxImageSetU Class]
  {9F0AA341-1D10-4B18-B70B-6AA49CE7F5D6} <C:\WINDOWS\Downloaded Program Files\MxImageSetU.dll, sift infomation & communication>
[SecureSession Class]
  {A93FB56D-2F76-4DD7-8E38-9B1EB38C88A5} <C:\WINDOWS\system32\SecuiSecIE.dll, >
[MxDataSetU Class]
  {AF989B7C-8AC3-40BC-B749-EB335BDFD190} <C:\WINDOWS\Downloaded Program Files\CONFLICT.1\MxDataSetU.dll, SHIFT Infomation & Communication Co., Ltd.>
[MxComboU Class]
  {BB4533A0-85E0-4657-9BF2-E8E7B100D47E} <C:\WINDOWS\Downloaded Program Files\CONFLICT.1\MxComboU.dll, SHIFT Infomation & Communication Co., Ltd.>
[EpAdm2 Control]
  {C63E3330-049F-4C31-B47E-425C84A5A725} <C:\WINDOWS\system32\EpAdm2.ocx, Samsung SDS Co., Ltd>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[MxMaskEditU Class]
  {D7779973-9954-464E-9708-DA774CA50E13} <C:\WINDOWS\Downloaded Program Files\CONFLICT.1\MxMaskEditU.dll, SHIFT Infomation & Communication Co., Ltd.>
[SRW840.SRW_840_C]
  {D7B715F5-F1E1-4904-93A6-1B53E07221A3} <C:\WINDOWS\Downloaded Program Files\SRW840.ocx, Waremec>
[SSLinks Control]
  {DE6ABA6A-095B-43E3-BEBB-879868DC5C8A} <C:\WINDOWS\system32\SSLinks.ocx, LeadingSoft>
[IxSheet Control]
  {DF1AD5D9-977A-4A1F-9392-2AFFCCE6211F} <C:\WINDOWS\DOWNLO~1\CONFLICT.1\IxSheet.ocx, Samsung SDS>
[IBLeaders IBSheet For Unicode Control]
  {E1D1DACA-5BA2-4376-89AD-3A213B916779} <C:\WINDOWS\Downloaded Program Files\CONFLICT.1\IBSheet4Unicode.ocx, IB Leaders Co., Ltd.>
[GSBN_Updater.UserControl1]
  {E463DD62-1D07-425E-B82A-539FBA2F4162} <C:\WINDOWS\system32\GSBN_Updater.ocx, Samsung SDS CO, LTD>
[Iesign Control]
  {F3E92562-1B4D-4BFA-B2D4-E9BCABE3B6A3} <C:\WINDOWS\DOWNLO~1\iesign.ocx, csii>
[SRL101.SRL_101_C]
  {F80FFA1F-348B-4FA4-B1E6-BC63A82090A0} <C:\WINDOWS\Downloaded Program Files\SRL101.ocx, WareMec>
[EPWrapsodyVersion Class]
  {00B4EB57-5F54-4A6A-BC1A-DE9ABA26C0E2} <C:\WINDOWS\ep_fver.dll, >
[MyUpDown Control]
  {011605F4-3A7F-44F8-828A-E2F3BC2BEC2E} <C:\WINDOWS\DOWNLO~1\CONFLICT.1\myUpDown.ocx, SAMSUNG SDS>
[CodeAx Class]
  {03F49E0E-C43A-4037-BBD6-D681E998A08E} <C:\WINDOWS\DOWNLO~1\CONFLICT.1\CM_COD~1.DLL, >
[CEnroll Class]
  {127698E4-E730-4E5C-A2B1-21490A70C8A1} <C:\WINDOWS\system32\xenroll.dll, Microsoft Corporation>
[mySingle.ClsLocal]
  {1B954045-CB17-46CF-A596-BC59E7861D79} <C:\WINDOWS\Downloaded Program Files\CONFLICT.1\mySingle_XPSP2.dll, SDS>
[GSBN.CHINA]
  {2207EDAD-5731-4CCD-B79B-E489022E47AF} <C:\WINDOWS\Downloaded Program Files\GSBN_CHINA.ocx, ??SDS>
[MxLogicalTRU Class]
  {223216F6-B9FE-406D-9ED6-143FCE3A07B8} <C:\WINDOWS\Downloaded Program Files\CONFLICT.1\MxLogicalTRU.dll, sift infomation & communication>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[PSI3_Operation.UC_Operation]
  {2ACC5506-BDA0-4064-A949-1033FF69CF75} <C:\WINDOWS\System32\PSI3_Operation.ocx, SAMSUNG SDS CO., LTD>
[MenuCtrl Class]
  {2DAAD547-FA98-498C-8FB7-63A7FCBDC0AF} <C:\WINDOWS\Downloaded Program Files\pdssctrl.dll, >
[TrustSession Class]
  {2F932BDC-AE12-4CCA-B58A-2C850955579E} <C:\WINDOWS\system32\SecuiSecIE.dll, >
[MxBinderU Class]
  {2F98EA90-EAE1-4AB5-AE89-DA073D824589} <C:\WINDOWS\Downloaded Program Files\CONFLICT.1\MxBinderU.dll, SHIFT Infomation & Communication Co., Ltd.>
[LocalTree.LocalXMLTree]
  {2FF8F8B7-1B3F-4E5F-93B1-FEF1D703C0F4} <C:\WINDOWS\system32\mySingleTree.ocx, Samsung SDS Co., Ltd.>
[EpFTP3 Control]
  {34B5A473-9696-4F9A-9BA1-41B8185A9798} <C:\WINDOWS\system32\EpFTP3.ocx, Samsung SDS Co., Ltd.>
[SVG Document]
  {377B5106-3B4E-4A2D-8520-8767590CAC86} <C:\PROGRA~1\COMMON~1\Adobe\SVGVIE~1.0\NPSVG3.dll, Adobe Systems Incorporated>
[IETag Factory]
  {38481807-CA0E-42D2-BF39-B33AF135CC4D} <C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL, Microsoft Corporation>
[Enc Class]
  {3D6C131D-AE95-4484-B2D0-275D4EC62DFD} <C:\WINDOWS\Downloaded Program Files\CONFLICT.1\pdssex.dll, >
[CEditCtrl Object]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com>
[SRW711.SRW_711_C]
  {4C77B4AB-C802-4E0D-A763-4F6E9EE37118} <C:\WINDOWS\Downloaded Program Files\SRW711.ocx, Waremec>
[Microsoft Licensed Class Manager 1.0]
  {5220CB21-C88D-11CF-B347-00AA00A28331} <C:\WINDOWS\system32\licmgr10.dll, Microsoft Corporation>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
[CBrowseStakeout Class]
  {55302805-482E-470E-8A57-6795A1487F90} <C:\KAV2006\KAVAFish.DLL, Kingsoft Corporation>
[金山毒霸在线杀毒]
  {577A1997-6FD0-4972-B234-885DA583F9CE} <C:\PROGRA~1\KOS\KOSClean.ocx, N/A>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[PdssTreeControl Class]
  {70699325-2302-45EF-91A1-2B8950606B04} <C:\WINDOWS\Downloaded Program Files\pdssTree.dll, Samsung SDS>
[MxGridU Class]
  {71E7ACA0-EF63-4055-9894-229B056E9C31} <C:\WINDOWS\Downloaded Program Files\CONFLICT.1\MxGridU.dll, SHIFT Infomation & Communication Co., Ltd.>
[Active Desktop Mover]
  {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[CSNChecker Control]
  {77E9DD66-4E41-4226-9782-88F8A2FA8FCF} <C:\WINDOWS\DOWNLO~1\CSNCHE~1.OCX, Onsori.com>
[PdssRun Class]
  {7D73D9AC-9E28-47E7-B496-867A2341DD6F} <C:\WINDOWS\Downloaded Program Files\pdssx.dll, >
[Chart Object]
  {80017034-D4F8-410D-9B03-0E713C34CEAD} <C:\WINDOWS\Downloaded Program Files\ChartFX.ComIEClient.Core.dll, Software FX, Inc.>
[NamoWeCtl 6.0 for samsung_mysingle]
  {859A7EB3-35E6-434B-A82B-08B4F8DDE1B6} <C:\WINDOWS\system32\NamoWec6_samsung_mysingle.dll, Sejoong Namo Interactive, Inc.>
[163Uploader Control]
  {8686F2A6-DC01-4E8F-BDE3-DCC7DBBAD6AE} <C:\WINDOWS\system32\163UPL~1.OCX, 广州网易互动娱乐有限公司>

[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[NamoWeCtl 5.0 for Samsung_SIMS3]
  {922DEB6A-364A-49C3-83EB-8B9FA3CE4B82} <C:\WINDOWS\system32\NamoWec5_Samsung_SIMS3.dll, Sejoong Namo Interactive, Inc.>
[IxTree Control]
  {9B3E5AA6-A9D6-46C4-99E4-B01AF6ABDD04} <C:\WINDOWS\DOWNLO~1\CONFLICT.1\IxTree.ocx, Samsung SDS>
[MxImageSetU Class]
  {9F0AA341-1D10-4B18-B70B-6AA49CE7F5D6} <C:\WINDOWS\Downloaded Program Files\MxImageSetU.dll, sift infomation & communication>
[SecureSession Class]
  {A93FB56D-2F76-4DD7-8E38-9B1EB38C88A5} <C:\WINDOWS\system32\SecuiSecIE.dll, >
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[MxDataSetU Class]
  {AF989B7C-8AC3-40BC-B749-EB335BDFD190} <C:\WINDOWS\Downloaded Program Files\CONFLICT.1\MxDataSetU.dll, SHIFT Infomation & Communication Co., Ltd.>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[]
  {B69003B3-C55E-4B48-836C-BC5946FC3B28} <C:\Program Files\Messenger\msgsc.dll, Microsoft Corporation>
[MxComboU Class]
  {BB4533A0-85E0-4657-9BF2-E8E7B100D47E} <C:\WINDOWS\Downloaded Program Files\CONFLICT.1\MxComboU.dll, SHIFT Infomation & Communication Co., Ltd.>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[EpAdm2 Control]
  {C63E3330-049F-4C31-B47E-425C84A5A725} <C:\WINDOWS\system32\EpAdm2.ocx, Samsung SDS Co., Ltd>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__WAV Moniker Class]
  {CD3AFA7B-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[CSNWeb Control]
  {CEEA7925-1643-40EB-A646-3EC2AA845DD2} <C:\WINDOWS\DOWNLO~1\CSNWeb.ocx, (C) Onsori>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[MxMaskEditU Class]
  {D7779973-9954-464E-9708-DA774CA50E13} <C:\WINDOWS\Downloaded Program Files\CONFLICT.1\MxMaskEditU.dll, SHIFT Infomation & Communication Co., Ltd.>
[SRW840.SRW_840_C]
  {D7B715F5-F1E1-4904-93A6-1B53E07221A3} <C:\WINDOWS\Downloaded Program Files\SRW840.ocx, Waremec>
[SSLinks Control]
  {DE6ABA6A-095B-43E3-BEBB-879868DC5C8A} <C:\WINDOWS\system32\SSLinks.ocx, LeadingSoft>
[IxSheet Control]
  {DF1AD5D9-977A-4A1F-9392-2AFFCCE6211F} <C:\WINDOWS\DOWNLO~1\CONFLICT.1\IxSheet.ocx, Samsung SDS>
[IBLeaders IBSheet For Unicode Control]
  {E1D1DACA-5BA2-4376-89AD-3A213B916779} <C:\WINDOWS\Downloaded Program Files\CONFLICT.1\IBSheet4Unicode.ocx, IB Leaders Co., Ltd.>
[GSBN_Updater.UserControl1]
  {E463DD62-1D07-425E-B82A-539FBA2F4162} <C:\WINDOWS\system32\GSBN_Updater.ocx, Samsung SDS CO, LTD>
[PDSSPrint Class]
  {E4D476CA-2BB9-43F3-8974-63C19C9ECD79} <C:\WINDOWS\Downloaded Program Files\pdssctrl.dll, >
[Iesign Control]
  {F3E92562-1B4D-4BFA-B2D4-E9BCABE3B6A3} <C:\WINDOWS\DOWNLO~1\iesign.ocx, csii>
[SRL101.SRL_101_C]
  {F80FFA1F-348B-4FA4-B1E6-BC63A82090A0} <C:\WINDOWS\Downloaded Program Files\SRL101.ocx, WareMec>
[MyDms Class]
  {FE255843-316B-46F5-B568-3B8A6F81CAEB} <C:\Documentum\DmsExe\DmsVer.dll, Samsung SDS>
[EPPackager Class]
  {FE56C700-D542-47EE-980D-A98C4FD0AE7C} <C:\WINDOWS\ep_fapi.dll, fasoo.com>
[使用网际快车下载]
  <C:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <C:\Program Files\FlashGet\jc_all.htm, N/A>
[金山毒霸反钓鱼...]
  <C:\KAV2006\KAF\ShowSet.htm, N/A>