这是怎么回事？

日志上来按智能扫描，然后勾选检查进程模块的签名，然后再按扫描，最后保存结果

2007-04-19,19:56:45

System Repair Engineer 2.4.12.806
Smallfrogs (http://www.KZTechs.com)

Windows 2000 Advanced Server Service Pack 4 (Build 2195) - 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件

启动项目


注册表

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
(Internat.exe)(internat.exe) [(Verified)Microsoft Windows 2000 Publisher]
(QQDownload)("C:\Program Files\Tencent\QQDownload\QQDownload.exe" autostart) [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
(load)() [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
(SoundMan)(SOUNDMAN.EXE) [(Verified)Microsoft Windows Hardware Compatibility Publisher]
(nwiz)(nwiz.exe /install) [(Verified)Microsoft Windows Hardware Compatibility Publisher]
(RavTask)("C:\Program Files\Rising\Rav\RavTask.exe" -system) [Beijing Rising Technology Co., Ltd.]
(RfwMain)("C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup) [Beijing Rising Technology Co., Ltd.]
(runeip)(C:\Program Files\Rising\KakaToolBar\runiep.exe) [Beijing Rising Technology Co., Ltd.]
(StormCodec_Helper)("C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti) []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
(shell)(Explorer.exe) [(Verified)Microsoft Windows 2000 Publisher]
(Userinit)(C:\WINNT\system32\UserInit.exe,) [(Verified)Microsoft Windows 2000 Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
(AppInit_DLLs)() [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
({32CD708B-60A7-4C00-9377-D73EAA495F0F})(C:\WINNT\system32\RavExt.dll) [Beijing Rising Technology Co., Ltd.]




--------------------------------------------------------------------------------



启动文件夹

[Adobe Gamma Loader]
(C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Gamma Loader.lnk --) C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [Adobe Systems, Inc.])(N)
[Microsoft Office]
(C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Microsoft Office.lnk --) C:\PROGRA~1\MICROS~3\Office\OSA9.EXE [Microsoft Corporation])(N)
[腾讯QQ]
(C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\腾讯QQ.lnk --) C:\PROGRA~1\Tencent\QQ\QQ.exe [TENCENT])(N)



--------------------------------------------------------------------------------



服务

[Logical Disk Manager Administrative Service / dmadmin][Stopped/Manual Start]
(C:\WINNT\System32\dmadmin.exe /com)(VERITAS Software Corp.)
[Google Updater Service / gusvc][Stopped/Manual Start]
("C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe")(Google)
[NVIDIA Driver Helper Service / NVSvc][Running/Auto Start]
(C:\WINNT\system32\nvsvc32.exe)(NVIDIA Corporation)
[Rising Proxy Service / RfwProxySrv][Stopped/Manual Start]
(c:\program files\rising\rfw\rfwproxy.exe)(Beijing Rising Technology Co., Ltd.)
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
(c:\program files\rising\rfw\rfwsrv.exe)(Beijing Rising Technology Co., Ltd.)
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
("C:\Program Files\Rising\Rav\CCenter.exe")(Beijing Rising Technology Co., Ltd.)
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
("C:\Program Files\Rising\Rav\Ravmond.exe")(Beijing Rising Technology Co., Ltd.)
[VMware Authorization Service / VMAuthdService][Running/Auto Start]
(C:\Program Files\VMware\VMware Workstation\vmware-authd.exe)(VMware, Inc.)
[VMware DHCP Service / VMnetDHCP][Stopped/Disabled]
(C:\WINNT\system32\vmnetdhcp.exe)(VMware, Inc.)
[VMware NAT Service / VMware NAT Service][Stopped/Disabled]
(C:\WINNT\system32\vmnat.exe)(VMware, Inc.)
[WAPM-APACHE / WAPM-APACHE][Running/Auto Start]
("C:\usr\local\Apache2\bin\Apache.exe" -k runservice)(Apache Software Foundation)
[WAPM-MYSQL / WAPM-MYSQL][Running/Auto Start]
(C:\usr\local\mysql4\bin\mysqld-nt.exe --defaults-file=C:\usr\local\etc\mysql\my.ini WAPM-MYSQL)(N/A)
[Portable Media Serial Number Service / WmdmPmSN][Stopped/Manual Start]
(C:\WINNT\System32\svchost.exe -k netsvcs--)C:\WINNT\system32\mspmsnsv.dll)(Microsoft Corporation)



--------------------------------------------------------------------------------



驱动程序

[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
(system32\drivers\ALCXWDM.SYS)(Realtek Semiconductor Corp.)
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
(System32\DRIVERS\BaseTDI.SYS)(Beijing Rising Technology Co., Ltd.)
[dmboot / dmboot][Stopped/Disabled]
(System32\drivers\dmboot.sys)(VERITAS Software Corp.)
[Logical Disk Manager Driver / dmio][Running/Boot Start]
(\SystemRoot\System32\drivers\dmio.sys)(VERITAS Software Corp.)
[dmload / dmload][Running/Boot Start]
(\SystemRoot\System32\drivers\dmload.sys)(VERITAS Software Corp.)
[Intel(R) PRO Adapter Driver / E100B][Running/Manual Start]
(System32\DRIVERS\e100bnt5.sys)(Intel Corporation)
[ExpScaner / ExpScaner][Running/Auto Start]
(\??\C:\Program Files\Rising\Rav\ExpScan.sys)()
[VMware hcmon / hcmon][Running/Auto Start]
(\??\C:\WINNT\system32\Drivers\hcmon.sys)(VMware, Inc.)
[HookCont / HookCont][Running/Auto Start]
(\??\C:\Program Files\Rising\Rav\HOOKCONT.sys)(Rising)
[HookReg / HookReg][Running/Auto Start]
(\??\C:\Program Files\Rising\Rav\HookReg.sys)()
[HookSys / HookSys][Running/Auto Start]
(\??\C:\Program Files\Rising\Rav\HookSys.sys)(Rising)
[HookUrl / HookUrl][Running/Auto Start]
(\??\C:\Program Files\Rising\Rfw\HookUrl.sys)(Beijing Rising Technology Co., Ltd.)
[IdeBusDr / IdeBusDr][Running/Boot Start]
(\SystemRoot\System32\DRIVERS\IdeBusDr.sys)(Intel Corporation)
[Intel(R) Ultra ATA Controller / IdeChnDr][Running/Boot Start]
(\SystemRoot\System32\DRIVERS\IdeChnDr.sys)(Intel Corporation)
[MEMSCAN / MEMSCAN][Running/Auto Start]
(\??\C:\Program Files\Rising\Rav\MEMSCAN.sys)(瑞星软件有限公司)
[mProcRs / mProcRs][Running/Auto Start]
(\??\c:\program files\rising\rfw\mProcRs.sys)(Beijing Rising Technology Co., Ltd.)
[npkcrypt / npkcrypt][Running/Auto Start]
(\??\C:\Program Files\Tencent\QQ\npkcrypt.sys)(INCA Internet Co., Ltd.)
[nv / nv][Running/Manual Start]
(system32\DRIVERS\nv4_mini.sys)(NVIDIA Corporation)
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
(System32\DRIVERS\ptilink.sys)(Parallel Technologies, Inc.)
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
(\SystemRoot\system32\drivers\RsBoot.sys)(Beijing Rising)
[RsFwDrv / RsFwDrv][Running/Auto Start]
(\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys)(Beijing Rising Technology Co., Ltd.)
[RsNTGDI / RsNTGDI][Running/Boot Start]
(\SystemRoot\system32\Drivers\RsNTGdi.sys)(Beijing Rising Technology Co., Ltd.)
[RSPPSYS / RSPPSYS][Running/Auto Start]
(\??\C:\Program Files\Rising\Rav\RSPPSYS.sys)(Rising)
[Intel (R) System Managment BIOS Service / SMBios][Running/Manual Start]
(System32\DRIVERS\SMBios.sys)(Intel Corporation)
[VMware Virtual Ethernet Adapter Driver / VMnetAdapter][Running/Manual Start]
(system32\DRIVERS\vmnetadapter.sys)(VMware, Inc.)
[VMware Bridge Protocol / VMnetBridge][Running/Auto Start]
(system32\DRIVERS\vmnetbridge.sys)(VMware, Inc.)
[VMware Network Application Interface / VMnetuserif][Running/Auto Start]
(\??\C:\WINNT\system32\drivers\vmnetuserif.sys)(VMware, Inc.)
[VMware VMparport / VMparport][Running/Auto Start]
(\??\C:\WINNT\system32\Drivers\VMparport.sys)(VMware, Inc.)
[VMware vmx86 / vmx86][Running/Auto Start]
(\??\C:\WINNT\system32\Drivers\vmx86.sys)(VMware, Inc.)
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
(system32\DRIVERS\WSTCODEC.SYS)(Microsoft Corporation)

数字签名日志：
[CODE]

2007-04-22,14:21:50

System Repair Engineer 2.4.12.806
Smallfrogs (http://www.KZTechs.com)

Windows 2000 Advanced Server Service Pack 4 (Build 2195) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <Internat.exe><internat.exe>  [(Verified)Microsoft Windows 2000 Publisher]
    <QQDownload><"C:\Program Files\Tencent\QQDownload\QQDownload.exe" autostart>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <SoundMan><SOUNDMAN.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <nwiz><nwiz.exe /install>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <runeip><C:\Program Files\Rising\KakaToolBar\runiep.exe>  [Beijing Rising Technology Co., Ltd.]
    <StormCodec_Helper><"C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows 2000 Publisher]
    <Userinit><C:\WINNT\system32\UserInit.exe,>  [(Verified)Microsoft Windows 2000 Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINNT\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]

==================================
启动文件夹
[Adobe Gamma Loader]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Gamma Loader.lnk --> C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [Adobe Systems, Inc.]><N>
[Microsoft Office]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Microsoft Office.lnk --> C:\PROGRA~1\MICROS~3\Office\OSA9.EXE [Microsoft Corporation]><N>
[腾讯QQ]
  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\腾讯QQ.lnk --> C:\PROGRA~1\Tencent\QQ\QQ.exe [TENCENT]><N>

==================================
服务
[Logical Disk Manager Administrative Service / dmadmin][Stopped/Manual Start]
  <C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[Google Updater Service / gusvc][Stopped/Manual Start]
  <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[NVIDIA Driver Helper Service / NVSvc][Running/Auto Start]
  <C:\WINNT\system32\nvsvc32.exe><NVIDIA Corporation>
[Rising Proxy  Service / RfwProxySrv][Stopped/Manual Start]
  <c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
  <c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
  <"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[VMware Authorization Service / VMAuthdService][Running/Auto Start]
  <C:\Program Files\VMware\VMware Workstation\vmware-authd.exe><VMware, Inc.>
[VMware DHCP Service / VMnetDHCP][Stopped/Disabled]
  <C:\WINNT\system32\vmnetdhcp.exe><VMware, Inc.>
[VMware NAT Service / VMware NAT Service][Stopped/Disabled]
  <C:\WINNT\system32\vmnat.exe><VMware, Inc.>
[WAPM-APACHE / WAPM-APACHE][Running/Auto Start]
  <"C:\usr\local\Apache2\bin\Apache.exe" -k runservice><Apache Software Foundation>
[WAPM-MYSQL / WAPM-MYSQL][Running/Auto Start]
  <C:\usr\local\mysql4\bin\mysqld-nt.exe --defaults-file=C:\usr\local\etc\mysql\my.ini WAPM-MYSQL><N/A>
[Portable Media Serial Number Service / WmdmPmSN][Stopped/Manual Start]
  <C:\WINNT\System32\svchost.exe -k netsvcs-->C:\WINNT\system32\mspmsnsv.dll><Microsoft Corporation>

驱动程序
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[dmboot / dmboot][Stopped/Disabled]
  <System32\drivers\dmboot.sys><VERITAS Software Corp.>
[Logical Disk Manager Driver / dmio][Running/Boot Start]
  <\SystemRoot\System32\drivers\dmio.sys><VERITAS Software Corp.>
[dmload / dmload][Running/Boot Start]
  <\SystemRoot\System32\drivers\dmload.sys><VERITAS Software Corp.>
[Intel(R) PRO Adapter Driver / E100B][Running/Manual Start]
  <System32\DRIVERS\e100bnt5.sys><Intel Corporation>
[ExpScaner / ExpScaner][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\ExpScan.sys><>
[VMware hcmon / hcmon][Running/Auto Start]
  <\??\C:\WINNT\system32\Drivers\hcmon.sys><VMware, Inc.>
[HookCont / HookCont][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\HookSys.sys><Rising>
[HookUrl / HookUrl][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[IdeBusDr / IdeBusDr][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\IdeBusDr.sys><Intel Corporation>
[Intel(R) Ultra ATA Controller / IdeChnDr][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\IdeChnDr.sys><Intel Corporation>
[MEMSCAN / MEMSCAN][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[mProcRs / mProcRs][Running/Auto Start]
  <\??\c:\program files\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
  <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising>
[RsFwDrv / RsFwDrv][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\RSPPSYS.sys><Rising>
[Intel (R) System Managment BIOS Service / SMBios][Running/Manual Start]
  <System32\DRIVERS\SMBios.sys><Intel Corporation>
[VMware Virtual Ethernet Adapter Driver / VMnetAdapter][Running/Manual Start]
  <system32\DRIVERS\vmnetadapter.sys><VMware, Inc.>
[VMware Bridge Protocol / VMnetBridge][Running/Auto Start]
  <system32\DRIVERS\vmnetbridge.sys><VMware, Inc.>
[VMware Network Application Interface / VMnetuserif][Running/Auto Start]
  <\??\C:\WINNT\system32\drivers\vmnetuserif.sys><VMware, Inc.>
[VMware VMparport / VMparport][Running/Auto Start]
  <\??\C:\WINNT\system32\Drivers\VMparport.sys><VMware, Inc.>
[VMware vmx86 / vmx86][Running/Auto Start]
  <\??\C:\WINNT\system32\Drivers\vmx86.sys><VMware, Inc.>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>

==================================
浏览器加载项
[QQCycloneHelper Class]
  {00000000-12C9-4305-82F9-43058F20E8D2} <C:\Program Files\Tencent\QQDownload\QQIEHelper02.dll, 腾讯公司>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx, >
[Google Toolbar Helper]
  {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[CyberArticle Express]
  {769A6A36-ED24-4376-BC7C-80225BF35698} <C:\Program Files\CyberArticle\CAExp.dll, Wizissoft>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINNT\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[&Google]
  {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINNT\system32\msdxm.ocx, Microsoft Corporation>
[XML DOM Document 4.0]
  {88D969C0-F192-11D4-A65F-0040963251E5} <C:\WINNT\system32\msxml4.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINNT\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[Rising Web Scan Object]
  {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <C:\WINNT\DOWNLO~1\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[CPasswordEditCtrl Object]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINNT\system32\qqedit\qqedit.dll, 腾讯科技（深圳）有限公司>
[&使用超级旋风下载]
  <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
[&使用超级旋风下载全部链接]
  <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
[上传到QQ网络硬盘]
  <C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[保存: 完整网页...]
  <C:\Program Files\CyberArticle\script\Save.htm, N/A>
[保存: 更多保存内容...]
  <C:\Program Files\CyberArticle\script\SaveAuto.htm, N/A>
[添加到QQ自定义面板]
  <C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>

正在运行的进程
[PID: 164][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.00.2195.6601]
[PID: 2576][C:\WINNT\Explorer.EXE]  [Microsoft Corporation, 5.00.3700.6690]
    [C:\WINNT\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [C:\Program Files\Rising\KakaToolBar\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\qdshm.dll]  [, 1, 0, 101, 20]
    [C:\Program Files\Tencent\QQ\MFC42.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\Program Files\Common Files\Adobe\Shell\PSICON.DLL]  [Adobe Systems, Incorporated, 7.0]
[PID: 2596][c:\program files\rising\rfw\RfwMain.exe]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 70]
    [C:\WINNT\system32\MSVCP60.dll]  [Microsoft Corporation, 6.00.8972.0]
    [c:\program files\rising\rfw\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
    [c:\program files\rising\rfw\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [c:\program files\rising\rfw\RfwCtrl.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
    [c:\program files\rising\rfw\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [c:\program files\rising\rfw\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\Program Files\Rising\KakaToolBar\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 2656][C:\WINNT\SOUNDMAN.EXE]  [Realtek Semiconductor Corp., 5.1.00]
    [C:\Program Files\Rising\KakaToolBar\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 2712][C:\Program Files\Rising\KakaToolBar\runiep.exe]  [Beijing Rising Technology Co., Ltd., 1, 0, 1, 6]
    [C:\Program Files\Rising\KakaToolBar\iep_ctrl.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 4]
    [C:\Program Files\Rising\KakaToolBar\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 2752][C:\WINNT\system32\internat.exe]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\Program Files\Rising\KakaToolBar\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 2776][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2800.1106]
    [c:\program files\google\googletoolbar2.dll]  [Google Inc., 4, 0, 1601, 4978]
    [C:\Program Files\Tencent\QQDownload\QQIEHelper02.dll]  [腾讯公司, 1, 1, 0, 5]
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx]  [, 1, 0, 0, 1]
    [C:\Program Files\Rising\KakaToolBar\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\WINNT\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
[PID: 2780][E:\VirusUp\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]
    [C:\Program Files\Rising\KakaToolBar\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [E:\VirusUp\Plugins\NWMON.SRE]  [Smallfrogs Studio, 1, 0, 0, 8]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINNT\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]

没事.

那怎么回事？？