以下是系統掃描日志:[code]2008-11-25,11:11:10
System Repair Engineer 2.6.12.1018
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 2 (Build 2600) - 管理許可權用戶 - 完整功能
以下內容被選中：
    所有的啟動項目（包括註冊表、開機檔案夾、服務等）
    流覽器載入項
    正在運行的進程（包括進程模組資訊）
    文件關聯
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    進程特權掃描

啟動專案
註冊表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><D:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Component Publisher]
    <MSMSGS><"D:\Program Files\Messenger\msmsgs.exe" /background>  [(Verified)Microsoft Windows Component Publisher]
    <swg><D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe>  [(Verified)Google Inc]
    <Skype><"D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized>  [(Verified)Skype Technologies SA]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Publisher]
    <CJIMETIPSYNC><D:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\CHANGJIE\CINTLCFG.EXE /CJIMETIPSync>  [(Verified)Microsoft Corporation]
    <PHIMETIPSYNC><D:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\PHONETIC\TINTLCFG.EXE /PHIMETIPSync>  [(Verified)Microsoft Corporation]
    <Cmaudio><RunDll32 cmicnfg.cpl,CMICtrlWnd>  [N/A]
    <igfxtray><D:\WINDOWS\system32\igfxtray.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <igfxhkcmd><D:\WINDOWS\system32\hkcmd.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <igfxpers><D:\WINDOWS\system32\igfxpers.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <SysExplr><D:\HEROSOFT\Hero3000\SYSEXPLR.EXE>  []
    <ISUSPM Startup><D:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup>  [InstallShield Software Corporation]
    <ISUSScheduler><"D:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start>  [InstallShield Software Corporation]
    <RavTask><"D:\Program Files\Rising\Rav\RavTask.exe" -system>  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <LogMeIn GUI><"D:\Program Files\LogMeIn\x86\LogMeInSystray.exe">  [(Verified)"LogMeIn, Inc."]
    <Cobian Backup 9 interface><"D:\Program Files\Cobian Backup 9\cbInterface.exe" -service>  [Luis Cobian]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><EXPLORER.EXE>  [(Verified)Microsoft Windows Component Publisher]
    <Userinit><D:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><D:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Corporation Limited]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    <WinlogonNotify: igfxcui><igfxdev.dll>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit]
    <WinlogonNotify: LMIinit><LMIinit.dll>  [(Verified)"LogMeIn, Inc."]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection D:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection D:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection D:\WINDOWS\INF\wmp10.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <Address Book 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <stup.exe><; Rundll32.exe D:\PROGRA~1\TENCENT\SSPlus\SPlus.dll,Rundll32 R>  [File is missing]
==================================
開機檔案夾
[督昢奪燴]
  <D:\Documents and Settings\All Users\「開始」功能表\程式集\啟動\督昢奪燴.lnk --> D:\PROGRA~1\MICROS~4\80\Tools\Binn\sqlmangr.exe [Microsoft Corporation]><N>
==================================
服務
[Cobian Backup 9 服務 / CobianBackupAmanita][Running/Auto Start]
  <D:\Program Files\Cobian Backup 9\cbService.exe><Luis Cobian>
[Google Updater Service / gusvc][Stopped/Manual Start]
  <"D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <D:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[LogMeIn Maintenance Service / LMIMaint][Stopped/Disabled]
  <"D:\Program Files\LogMeIn\x86\RaMaint.exe"><LogMeIn, Inc.>
[LogMeIn / LogMeIn][Stopped/Disabled]
  <"D:\Program Files\LogMeIn\x86\LogMeIn.exe"><LogMeIn, Inc.>
[MSSQLSERVER / MSSQLSERVER][Running/Auto Start]
  <D:\PROGRA~1\MICROS~4\MSSQL\binn\sqlservr.exe><Microsoft Corporation>
[MSSQLServerADHelper / MSSQLServerADHelper][Stopped/Manual Start]
  <D:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe><Microsoft Corporation>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"D:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Information Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
  <"D:\PROGRAM FILES\RISING\RAV\Ravmond.exe"><Beijing Rising Information Technology Co., Ltd.>
[SQLSERVERAGENT / SQLSERVERAGENT][Stopped/Manual Start]
  <D:\PROGRA~1\MICROS~4\MSSQL\binn\sqlagent.exe><Microsoft Corporation>
==================================
驅動程式
[C-Media WDM Audio Interface / cmuda][Running/Manual Start]
  <system32\drivers\cmuda.sys><C-Media Inc>
[Hamachi Network Interface / hamachi][Stopped/Manual Start]
  <system32\DRIVERS\hamachi.sys><LogMeIn, Inc.>
[HookCont / HookCont][Running/System Start]
  <\SystemRoot\system32\drivers\HookCont.sys><Beijing Rising Information Technology Co., Ltd.>
[HookNtos / HookNtos][Running/System Start]
  <\SystemRoot\system32\drivers\HookNtos.sys><Beijing Rising Information Technology Co., Ltd.>
[HookReg / HookReg][Running/System Start]
  <\SystemRoot\system32\drivers\HookReg.sys><Beijing Rising Information Technology Co., Ltd.>
[HookSys / HookSys][Running/System Start]
  <\SystemRoot\system32\drivers\HookSys.sys><Beijing Rising Information Technology Co., Ltd.>
[ialm / ialm][Running/Manual Start]
  <system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[LogMeIn Kernel Information Provider / LMIInfo][Running/Auto Start]
  <\??\D:\Program Files\LogMeIn\x86\RaInfo.sys><LogMeIn, Inc.>
[lmimirr / lmimirr][Running/Manual Start]
  <system32\DRIVERS\lmimirr.sys><LogMeIn, Inc.>
[LogMeIn Remote File System Driver / LMIRfsDriver][Running/Auto Start]
  <\??\D:\WINDOWS\system32\drivers\LMIRfsDriver.sys><LogMeIn, Inc.>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\E:\0\0\npkcrypt.sys><INCA Internet Co., Ltd.>
[Padus ASPI Shell / pfc][Running/Manual Start]
  <system32\drivers\pfc.sys><Padus, Inc.>
[直接平行連接埠連結驅動程式 / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Information Technology Co., Ltd.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
==================================

用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; User-agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; http://bsalsa.com) )

流覽器載入項
[Yodao Toolbar Helper]
  {6516E5BB-1186-4E2B-B8B8-2DC0E35AB1FA} <D:\Program Files\Yodao\Toolbar\ydtbv1.01\YodaoToolbar.dll, (Signed) 网易公司>
[Google Toolbar Helper]
  {AA58ED58-01DD-4d91-8333-CF10577473F7} <d:\program files\google\googletoolbar2.dll, (Signed) Google Inc.>
[Google Toolbar Notifier BHO]
  {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <D:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll, (Signed) Google Inc.>
[hero player]
  {367E0A21-8601-4986-9C9A-153BF5ACA118} <D:\HEROSOFT\Hero3000\MPLAYER.EXE, N/A>
[參考資料(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, (Signed) Microsoft Corporation>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <E:\0\0\QQ.EXE, TENCENT>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <E:\0\0\QQIEHelper.dll, 深圳市???算机系?有限公司>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <D:\Program Files\Messenger\msmsgs.exe, (Signed) Microsoft Corporation>
[衄耋馱撿戲]
  {7B434A2A-9E4C-48F2-8373-5801F316A4D5} <D:\Program Files\Yodao\Toolbar\ydtbv1.01\YodaoToolbar.dll, (Signed) 网易公司>
[&Google]
  {2318C2B1-4965-11d4-9B18-009027A5CD4F} <d:\program files\google\googletoolbar2.dll, (Signed) Google Inc.>
[]
  {00000162-9980-0010-8000-00AA00389B71} <, >
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <D:\WINDOWS\system32\LegitCheckControl.DLL, (Signed) Microsoft Corporation>
[ScreenCapture Class]
  {BFB79EE1-04AE-4D4A-B85E-27EE5F30C095} <D:\WINDOWS\system32\TXGYMailActiveX.dll, (Signed) Tencent Inc.>
[Google Script Object]
  {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <d:\program files\google\googletoolbar2.dll, (Signed) Google Inc.>
[]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <, >
[]
  {1345F3CB-7C40-41C2-9AC2-87CF8B68E34E} <, >
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <D:\WINDOWS\system32\LegitCheckControl.DLL, (Signed) Microsoft Corporation>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <D:\WINDOWS\system32\wmpdxm.dll, (Signed) Microsoft Corporation>
[&Google]
  {2318C2B1-4965-11D4-9B18-009027A5CD4F} <d:\program files\google\googletoolbar2.dll, (Signed) Google Inc.>
[PhotoDraw Class]
  {2375BEE5-F175-4F1C-81EC-8E4E2E72E2DD} <D:\Program Files\Tencent\QQ\Qzone\QQPhotoDraw.dll, N/A>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, (Signed) N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <D:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation>
[]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <, >
[]
  {367E0A21-8601-4986-9C9A-153BF5ACA118} <, >
[IETag Factory]
  {38481807-CA0E-42D2-BF39-B33AF135CC4D} <D:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL, (Signed) Microsoft Corporation>
[Microsoft Office Control]
  {4453D895-F2A1-4A38-A285-1EF9BD3F6D5D} <D:\PROGRA~1\MICROS~2\OFFICE11\AUTHZAX.DLL, (Signed) Microsoft Corporation>
[XML Document]
  {48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <D:\WINDOWS\system32\hhctrl.ocx, (Signed) Microsoft Corporation>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A>
[Yodao Toolbar Helper]
  {6516E5BB-1186-4E2B-B8B8-2DC0E35AB1FA} <D:\Program Files\Yodao\Toolbar\ydtbv1.01\YodaoToolbar.dll, (Signed) 网易公司>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <D:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[Active Desktop Mover]
  {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, (Signed) N/A>
[衄耋馱撿戲]
  {7B434A2A-9E4C-48F2-8373-5801F316A4D5} <D:\Program Files\Yodao\Toolbar\ydtbv1.01\YodaoToolbar.dll, (Signed) 网易公司>
[Microsoft Web Browser]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <D:\WINDOWS\system32\shdocvw.dll, (Signed) Microsoft Corporation>
[]
  {8CF6E9E0-4FC0-48F6-A744-800A09D79D6B} <, >
[]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <, >
[Google Toolbar Helper]
  {AA58ED58-01DD-4D91-8333-CF10577473F7} <d:\program files\google\googletoolbar2.dll, (Signed) Google Inc.>
[Google Toolbar Notifier BHO]
  {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <D:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll, (Signed) Google Inc.>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A>
[Messenger Object]
  {B69003B3-C55E-4B48-836C-BC5946FC3B28} <D:\Program Files\Messenger\msgsc.dll, (Signed) Microsoft Corporation>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <D:\Program Files\Common Files\System\msadc\msadco.dll, (Signed) Microsoft Corporation>
[]
  {C95FE080-8F5D-11D2-A20B-00AA003C157B} <, >
[VIDEO__X_MS_ASF Moniker Class]
  {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <D:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <D:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <D:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx, (Signed) Adobe Systems, Inc.>
[]
  {D6E814A0-E0C5-11D4-8D29-0050BA6940E3} <, >
[]
  {DEDEB80D-FA35-45D9-9460-4983E5A8AFE6} <, >
[]
  {F156768E-81EF-470C-9057-481BA8380DBA} <, >
[]
  {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <, >
[]
  {F90D830D-C175-4bbe-82C7-FF94669A4C42} <, >
[]
  {FB5DA724-162B-11D3-8B9B-AA70B4B0B524} <, >
[]
  {FB5F1910-F110-11D2-BB9E-00C04F795683} <, >
[&Yodao搜索]
  <res://D:\Program Files\Yodao\Toolbar\ydtbv1.01\YodaoToolbar.dll/158.htm, N/A>
[Heroplayer Online]
  <D:\HEROSOFT\Hero3000\MPURLGET.HTM, N/A>
[上傳到QQ網路硬碟]
  <E:\0\0\AddToNetDisk.htm, N/A>
[匯出至 Microsoft Office Excel(&X)]
  <res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[新增到QQ自定義面板]
  <E:\0\0\AddPanel.htm, N/A>
[新增到QQ表情]
  <E:\0\0\AddEmotion.htm, N/A>
[添加到QQ自定義面板]
  <E:\0\0\AddPanel.htm, N/A>
[添加到QQ表情]
  <E:\0\0\AddEmotion.htm, N/A>
[用QQ MMS傳送該圖片]
  <E:\0\0\SendMMS.htm, N/A>
[用QQ彩信發送該圖片]
  <E:\0\0\SendMMS.htm, N/A>
==================================

正在運行的進程
[PID: 460 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 524 / SYSTEM][\??\D:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 548 / SYSTEM][\??\D:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\WINDOWS\system32\LMIinit.dll]  [LogMeIn, Inc., 4.0.734]
    [D:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 592 / SYSTEM][D:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 604 / SYSTEM][D:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 756 / SYSTEM][D:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 800 / NETWORK SERVICE][D:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 864 / SYSTEM][D:\Program Files\Rising\Rav\CCenter.exe]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.33]
[PID: 884 / SYSTEM][D:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 932 / NETWORK SERVICE][D:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1056 / LOCAL SERVICE][D:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1132 / SYSTEM][D:\PROGRAM FILES\RISING\RAV\ravmond.exe]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.80]
    [D:\PROGRAM FILES\RISING\RAV\BWList.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.5]
    [D:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [D:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [D:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [D:\PROGRAM FILES\RISING\RAV\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.1]
    [D:\PROGRAM FILES\RISING\RAV\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.19]
    [D:\PROGRAM FILES\RISING\RAV\RsLog.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.36]
    [D:\PROGRAM FILES\RISING\RAV\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [D:\PROGRAM FILES\RISING\RAV\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [D:\PROGRAM FILES\RISING\RAV\MonRule.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.29]
    [D:\PROGRAM FILES\RISING\RAV\Hooksys.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 12]
    [D:\PROGRAM FILES\RISING\RAV\HookReg.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6]
    [D:\PROGRAM FILES\RISING\RAV\HookNtos.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5]
    [D:\PROGRAM FILES\RISING\RAV\rswalmon.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 24]
    [D:\PROGRAM FILES\RISING\RAV\recomp.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 41]
    [D:\PROGRAM FILES\RISING\RAV\refs.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18]
    [D:\PROGRAM FILES\RISING\RAV\ffr.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17]
    [D:\Program Files\Rising\Rav\RsStore.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.9]
    [D:\PROGRAM FILES\RISING\RAV\HookCont.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3]
    [D:\Program Files\Rising\Rav\fakescan.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.14]
    [D:\Program Files\Rising\Rav\Scanner.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.39]
    [D:\PROGRAM FILES\RISING\RAV\viruslib.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27]
    [D:\PROGRAM FILES\RISING\RAV\relibldr.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17]
    [D:\PROGRAM FILES\RISING\RAV\HookWeb.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.3]
    [D:\PROGRAM FILES\RISING\RAV\extfile.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 32]
    [D:\PROGRAM FILES\RISING\RAV\pearc.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 8]
    [D:\PROGRAM FILES\RISING\RAV\nvfile.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7]
    [D:\PROGRAM FILES\RISING\RAV\scanexec.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 22]
    [D:\PROGRAM FILES\RISING\RAV\unexe.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 6]
    [D:\PROGRAM FILES\RISING\RAV\scanex.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 99]
    [D:\PROGRAM FILES\RISING\RAV\scanpack.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10]
    [D:\PROGRAM FILES\RISING\RAV\revm.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11]
    [D:\PROGRAM FILES\RISING\RAV\urutils.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7]
    [D:\PROGRAM FILES\RISING\RAV\ur000.dat]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 22]
    [D:\PROGRAM FILES\RISING\RAV\scansct.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11]
    [D:\PROGRAM FILES\RISING\RAV\extmail.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10]
[PID: 1372 / SYSTEM][D:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [D:\WINDOWS\system32\LMIport.dll]  [LogMeIn, Inc., 0.2.0.0]
    [D:\WINDOWS\system32\mdimon.dll]  [Microsoft Corporation, 11.3.1897.0]
    [D:\WINDOWS\System32\spool\PRTPROCS\W32X86\LMIproc.dll]  [LogMeIn, Inc., 0.3.0.0]
    [D:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll]  [Microsoft Corporation, 11.3.1897.0]
[PID: 1528 / SYSTEM][D:\PROGRAM FILES\RISING\RAV\RavStub.exe]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.10]
    [D:\PROGRAM FILES\RISING\RAV\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [D:\PROGRAM FILES\RISING\RAV\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [D:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17]
[PID: 1796 / sc001][D:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
    [D:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [D:\WINDOWS\system32\LMIRfsClientNP.dll]  [LogMeIn, Inc., 2.1.3.0]
    [D:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.18]
[PID: 1944 / sc001][D:\PROGRAM FILES\RISING\RAV\RavMon.exe]  [Beijing Rising Information Technology Co., Ltd., 20.0.01.27]
    [D:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [D:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [D:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [D:\PROGRAM FILES\RISING\RAV\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [D:\PROGRAM FILES\RISING\RAV\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [D:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17]
    [D:\PROGRAM FILES\RISING\RAV\recomp.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 41]
    [D:\PROGRAM FILES\RISING\RAV\refs.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18]
    [D:\PROGRAM FILES\RISING\RAV\viruslib.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27]
    [D:\PROGRAM FILES\RISING\RAV\relibldr.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17]
    [D:\PROGRAM FILES\RISING\RAV\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.1]
    [D:\PROGRAM FILES\RISING\RAV\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.19]
    [D:\PROGRAM FILES\RISING\RAV\MonRule.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.29]
    [D:\PROGRAM FILES\RISING\RAV\PngDll.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5]
    [D:\PROGRAM FILES\RISING\RAV\Rsguilib.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90]
    [D:\PROGRAM FILES\RISING\RAV\RsXML.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2]
[PID: 2020 / sc001][D:\WINDOWS\system32\RunDll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\WINDOWS\system\cmicnfg.cpl]  [C-Media Corporation, 1, 0, 41, 16]
    [D:\WINDOWS\System32\udaprop.dll]  [C-Media Corporation, 1.0.2.2]
    [D:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 192 / SYSTEM][D:\Program Files\Cobian Backup 9\cbService.exe]  [Luis Cobian, 9.1.1.176]
    [D:\Program Files\Cobian Backup 9\cbEngine.dll]  [Luis Cobian, 9.1.1.238]
    [D:\Program Files\Cobian Backup 9\cbNTSecW.dll]  [Luis Cobian, 9.1.1.194]
[PID: 196 / sc001][D:\WINDOWS\system32\hkcmd.exe]  [Intel Corporation, 3.0.0.4396]
    [D:\WINDOWS\system32\hccutils.DLL]  [Intel Corporation, 3.0.0.4396]
    [D:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.4396]
    [D:\WINDOWS\system32\igfxres.dll]  [Intel Corporation, 3.0.0.4396]
[PID: 180 / sc001][D:\WINDOWS\system32\igfxpers.exe]  [Intel Corporation, 3.0.0.4396]
    [D:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.4396]
[PID: 212 / sc001][D:\HEROSOFT\Hero3000\SYSEXPLR.EXE]  [N/A, ]
    [D:\HEROSOFT\Hero3000\AVCDROM.dll]  [N/A, ]
    [D:\HEROSOFT\Hero3000\CoolMenu.dll]  [N/A, ]
[PID: 240 / sc001][D:\Program Files\Common Files\InstallShield\UpdateService\issch.exe]  [InstallShield Software Corporation, 3, 00, 100, 1161]
[PID: 248 / sc001][D:\Program Files\Rising\Rav\RavTask.exe]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.24]
    [D:\Program Files\Rising\Rav\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [D:\Program Files\Rising\Rav\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [D:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17]
    [D:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.1]
    [D:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.19]
[PID: 252 / sc001][D:\Program Files\LogMeIn\x86\LogMeInSystray.exe]  [LogMeIn, Inc., 3.0.596]
    [D:\Program Files\LogMeIn\x86\LogMeInSystray.dll]  [LogMeIn, Inc., 4.0.734]
    [D:\Program Files\LogMeIn\x86\rntfywnd.dll]  [LogMeIn, Inc., 4.0.734]
[PID: 264 / sc001][D:\Program Files\Cobian Backup 9\cbInterface.exe]  [Luis Cobian, 9.1.1.178]
[PID: 304 / sc001][D:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 368 / sc001][D:\Program Files\Messenger\msmsgs.exe]  [Microsoft Corporation, 4.7.3001]
[PID: 380 / sc001][D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe]  [Google Inc., 2, 0, 301, 1654]
    [D:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\gtn.dll]  [Google Inc., 3, 1, 807, 1746]
    [D:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll]  [Google Inc., 3, 1, 807, 1746]
[PID: 400 / sc001][D:\Program Files\Skype\Phone\Skype.exe]  [Skype Technologies S.A., 3.8.4.44]
    [D:\Program Files\Skype\Phone\skmsg.dll]  [TOM Online Inc., 1, 0, 0, 2]
    [D:\Program Files\Skype\Phone\sktransfer.dll]  [, 1, 0, 0, 3]
    [D:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [D:\WINDOWS\system32\msdmo.dll]  [, ]
    [D:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5]
    [D:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx]  [Adobe Systems, Inc., 9,0,115,0]
[PID: 484 / sc001][D:\Program Files\LogMeIn\x86\LMIGuardian.exe]  [LogMeIn, Inc., 8.0.734]
    [D:\Program Files\LogMeIn\x86\LMIGuardianDll.dll]  [LogMeIn, Inc., 8.0.734]
[PID: 1016 / sc001][D:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe]  [Microsoft Corporation, 2000.080.0194.00]
    [D:\Program Files\Microsoft SQL Server\80\Tools\Binn\W95SCM.dll]  [Microsoft Corporation, 2000.080.0194.00]
    [D:\Program Files\Microsoft SQL Server\80\Tools\Binn\SQLSVC.dll]  [Microsoft Corporation, 2000.080.0194.00]
    [D:\Program Files\Microsoft SQL Server\80\Tools\Binn\SQLRESLD.dll]  [Microsoft Corporation, 2000.080.0194.00]
    [D:\Program Files\Microsoft SQL Server\80\Tools\Binn\Resources\1033\SQLSVC.RLL]  [Microsoft Corporation, 2000.080.0194.00]
    [D:\Program Files\Microsoft SQL Server\80\Tools\Binn\Resources\1033\sqlmangr.RLL]  [Microsoft Corporation, 2000.080.0194.00]
[PID: 1120 / SYSTEM][D:\PROGRA~1\MICROS~4\MSSQL\binn\sqlservr.exe]  [Microsoft Corporation, 2000.080.0194.00]
    [D:\PROGRA~1\MICROS~4\MSSQL\binn\OPENDS60.DLL]  [Microsoft Corporation, 2000.080.0194.00]
    [D:\PROGRA~1\MICROS~4\MSSQL\binn\UMS.DLL]  [Microsoft Corporation, 2000.080.0194.00]
    [D:\PROGRA~1\MICROS~4\MSSQL\binn\SQLSORT.DLL]  [Microsoft Corporation, 2000.080.0194.00]
    [D:\PROGRA~1\MICROS~4\MSSQL\binn\Resources\1033\sqlevn70.RLL]  [Microsoft Corporation, 2000.080.0194.00]
    [D:\PROGRA~1\MICROS~4\MSSQL\binn\SSNETLIB.dll]  [Microsoft Corporation, 2000.080.0194.00]
    [D:\PROGRA~1\MICROS~4\MSSQL\binn\SSNMPN70.dll]  [Microsoft Corporation, 2000.080.0194.00]
    [D:\PROGRA~1\MICROS~4\MSSQL\binn\SSmsLPCn.dll]  [Microsoft Corporation, 2000.080.0194.00]
[PID: 2180 / SYSTEM][D:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2212 / LOCAL SERVICE][D:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 2720 / LOCAL SERVICE][D:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 288 / SYSTEM][D:\WINDOWS\system32\wuauclt.exe]  [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)]
[PID: 3376 / sc001][J:\tools\sreng2\SREngLdr.EXE]  [Smallfrogs Studio, 2.6.12.1018]
[PID: 3396 / sc001][J:\tools\sreng2\SRE2b8d85b4.EXE]  [Smallfrogs Studio, 2.6.12.1018]
    [J:\tools\sreng2\Lang\1028.DLL]  [System Repair Engineer, 2.6.12.1018]
    [J:\tools\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
==================================
文件關聯
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["D:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  Error. [HeroVideo]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1      localhost
==================================
進程特權掃描
特殊特權被允許： SeLoadDriverPrivilege [PID = 264, D:\PROGRAM FILES\COBIAN BACKUP 9\CBINTERFACE.EXE]
特殊特權被允許： SeLoadDriverPrivilege [PID = 1016, D:\PROGRAM FILES\MICROSOFT SQL SERVER\80\TOOLS\BINN\SQLMANGR.EXE]
特殊特權被允許： SeLoadDriverPrivilege [PID = 3376, J:\TOOLS\SRENG2\SRENGLDR.EXE]
==================================
API HOOK
N/A
==================================
隱藏進程
N/A
==================================[/code]

因為系統是繁體的,如果上傳記事本文件也許大家打開會是亂xxx.所以就分三段貼上了.給大家造成閱讀不便還請諒解!謝謝大家幫助!

没看出什么异常进程。
只有安装的豪杰超级解霸有些怀疑，如果没注册过，有可能会出现这种现象，卸载后看看情况吧。

好的,我試一下!
我想把瀏覽器加載項里面幾項空的刪了,還有qq的幾項也刪了,應該不會影響系統吧!

清理ie加载项，会加快ie的打开速度，不会对系统有负面影响的。

還是沒有解決問題.現在關機都不能關了,要直接關電源才行.任務管理器還是不出來.

去D:\WINDOWS\system32\文件夹里找taskmgr.exe文件

找到压缩发来看

用解压工具WinRAR依路径打开文件夹找文件：

把版主都驚動了!謝謝幫助!
任務管理器現在正常了.我範了一個低級錯誤,原來用鼠標雙擊就OK了.現在還是把taskmgr文件傳上來,和另一臺正常的電腦是一樣的.是繁體中文版的.
現在打開空白網頁還是會現,不能解決.