Logfile of HijackThis v1.99.1
Scan saved at 12:27:40, on 2006-10-6
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\ups.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe
E:\临时下载的东西\HijackThis.exe

R3 - Default URLSearchHook is missing
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\kakatool.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: 卡巴斯基反黑客.lnk = C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe
O8 - Extra context menu item: &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\Program Files\AddToNetDisk.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\Program Files\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\Program Files\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\Program Files\SendMMS.htm
O16 - DPF: {C661F36D-DF85-4EF4-83C7-E107B83D04B1} (WebActivater Control) - http://dl_dir.qq.com/3dshow/3DShowVM.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CB2F99CF-BEFD-459A-9A2A-27ABA1D1BF82}: NameServer = 61.177.7.1
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

2006-10-06,12:29:05

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
    <run><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [NVIDIA Corporation]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <IMJPMIG8.1><C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32>  [Microsoft Corporation]
    <PHIME2002A><>  []
    <PHIME2002ASync><C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><LogonUI.EXE>  [Microsoft Corporation]

==================================
启动文件夹
[卡巴斯基反黑客]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\卡巴斯基反黑客.lnk><N>

==================================
服务
[JMediaService / JMediaService]
  <C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\MMSASS~1\MMSSVER.DLL,Service><N/A>
[kavsvc / kavsvc]
  <"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe"><Kaspersky Lab>
[NVIDIA Display Driver Service / NVSvc]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>

==================================
浏览器加载项
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[WebActivater Control]
  {C661F36D-DF85-4EF4-83C7-E107B83D04B1} <C:\WINDOWS\system32\3DShowVM.ocx, QQ>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[&使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[上传到QQ网络硬盘]
  <D:\Program Files\AddToNetDisk.htm, N/A>
[添加到QQ自定义面板]
  <D:\Program Files\AddPanel.htm, N/A>
[添加到QQ表情]
  <D:\Program Files\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <D:\Program Files\SendMMS.htm, N/A>

==================================
正在运行的进程
[PID: 652][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 720][\??\C:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 744][\??\C:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 796][C:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 808][C:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 956][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1020][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1060][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1148][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1224][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1380][C:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)>
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\vprproc.dll]  <Windows (R) 2000 DDK provider><5.00.2195.1620>
[PID: 1528][C:\WINDOWS\system32\nvsvc32.exe]  <NVIDIA Corporation><6.14.10.8198>
[PID: 1608][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1640][C:\WINDOWS\system32\wdfmgr.exe]  <Microsoft Corporation><5.2.3790.1230 built by: dnsrv(bld4act)>
[PID: 1668][C:\WINDOWS\System32\ups.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 240][C:\WINDOWS\System32\alg.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 592][C:\WINDOWS\Explorer.EXE]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\Program Files\WinRAR\rarext.dll]  <N/A><N/A>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\shellex.dll]  <Kaspersky Lab><5.0.388.1>
[PID: 684][C:\WINDOWS\system32\wuauclt.exe]  <Microsoft Corporation><5.8.0.2469 built by: lab01_n(wmbla)>
[PID: 1316][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  <RealNetworks, Inc.><0.1.0.3536>
[PID: 1408][C:\WINDOWS\system32\ctfmon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1468][C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe]  <Kaspersky Lab><1.8.0.180>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\BCGCB59.dll]  <BCGSoft Ltd><5, 84, 0, 0>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\perfiloc.dll]  <Kaspersky Lab><1.5.0.0>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\BCGCBRes.dll]  <BCGSoft Ltd><5, 84, 0, 0>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\wcswmi.dll]  <Kaspersky Lab><5.0.201.1>
[PID: 200][E:\临时下载的东西\streng扫描工具\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

LZ有UPS电源？？

不懂啊,那个不会弄,不知道有没有,怎么办啊?????

wa !我的机器也出现这种情况，用了很多方法了，不管用，不知道是电源有问题还是系统有问题！期待中！

我用的是2000和xp双系统，无论用哪个系统开机后均是出现，关机后自动重新启动，我是没招了，而且一用killbox就自动重新启动，郁闷啊！这些都是在安装了sp2以后出现的不知道是什么原因造成的！！顺别也看看我的！

Logfile of HijackThis v1.99.1
Scan saved at 14:09:23, on 2006-10-5
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\System32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Rising\Rav\CCenter.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Rising\Rav\Ravmond.exe
d:\program files\rising\rfw\rfwsrv.exe
D:\Program Files\Rising\Rav\RavStub.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\wscntfy.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
d:\program files\rising\rfw\RfwMain.exe
D:\Program Files\Rising\Rav\RavTask.exe
D:\WINDOWS\system32\rundll32.exe
D:\Program Files\Rising\Rav\Ravmon.exe
D:\WINDOWS\system32\wuauclt.exe
F:\Program Files\Maxthon\Maxthon.exe
D:\Program Files\Thunder Network\WebThunder\WebThunder.exe
D:\Program Files\Rising\Rav\RsAgent.exe
D:\WINDOWS\msagent\AgentSvr.exe
D:\WINDOWS\system32\Rundll32.exe
F:\查看系统工具\HijackThis.exe

R3 - URLSearchHook: Adobe Flash player 9.0 - {FB8A3D63-87AE-480C-BC6F-B28D720D5D62} - D:\Program Files\Adobe Flash player 9.0\toolbar.dll
O1 - Hosts: 219.139.58.97 www.hao123.com
O1 - Hosts: 219.139.58.97 hao123.com
O1 - Hosts: 219.139.58.97 www.7b.com.cn
O1 - Hosts: 219.139.58.97 7b.com.cn
O1 - Hosts: 219.139.58.97 www.7939.com
O1 - Hosts: 219.139.58.97 7939.com
O1 - Hosts: 219.139.58.97 www.maohehe.com
O1 - Hosts: 219.139.58.97 maohehe.com
O1 - Hosts: 219.139.58.97 www.sina-baidu.com
O1 - Hosts: 219.139.58.97 sina-baidu.com
O1 - Hosts: 219.139.58.97 60.191.60.107
O1 - Hosts: 219.139.58.97 www.maipao.com
O1 - Hosts: 219.139.58.97 maipao.com
O1 - Hosts: 219.139.58.97 update.virussky.com
O1 - Hosts: 219.139.58.97 down.virussky.com
O1 - Hosts: 219.139.58.97 219.139.58.97
O1 - Hosts: 219.139.58.97 59.34.148.81
O1 - Hosts: 219.139.58.97 60.191.60.114
O1 - Hosts: 219.139.58.97 www.ycdy.com
O1 - Hosts: 219.139.58.97 ycdy.com
O1 - Hosts: 219.139.58.97 www.2tu.cn
O1 - Hosts: 219.139.58.97 2tu.cn
O1 - Hosts: 219.139.58.97 www.91tu.cn
O1 - Hosts: 219.139.58.97 91tu.cn
O1 - Hosts: 219.139.58.97 www.haotop.com
O1 - Hosts: 219.139.58.97 news01.virussky.com
O1 - Hosts: 219.139.58.97 news02.virussky.com
O1 - Hosts: 219.139.58.97 news03.virussky.com
O1 - Hosts: 219.139.58.97 news04.virussky.com
O1 - Hosts: 219.139.58.97 www.an85.com
O1 - Hosts: 219.139.58.97 an85.com
O2 - BHO: WebThunderBHO - {00000AAA-A363-466E-BEF5-9BB68697AA7F} - D:\Program Files\Thunder Network\WebThunder\WebThunderBHO_013.dll
O2 - BHO: ThunderIEHelper - {0005A87D-D626-4B3A-84F9-1D9571695F55} - D:\WINDOWS\System32\xunleibho_v14.dll
O2 - BHO: (no name) - {046167AA-53C2-4576-B362-291D9E852269} - D:\WINDOWS\system32\BBDown.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX (file missing)
O2 - BHO: (no name) - {3D898C55-74CC-4B7C-B5F1-45913F368388} - D:\WINDOWS\System32\SecurityC1.dll
O2 - BHO: NaviHelperObj Class - {3E422F49-1566-40D3-B43D-077EF739AC32} - D:\WINDOWS\System32\NaviHelper.dll
O2 - BHO: XBTP08912 - {3F53F529-A79A-4d89-883A-3B628608C170} - D:\PROGRA~1\ADOBEF~1.0\toolbar.dll
O2 - BHO: raObject Class - {46F194EB-B7DB-4B7A-BD42-5FF39FD17664} - D:\PROGRA~1\pcast\hbcast.dll
O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - D:\Program Files\迅雷 Network\Thunder\ComDlls\XunLeiBHO_002.dll
O2 - BHO: (no name) - {8D139DD1-6BB5-4103-8C89-41560FF2E107} - D:\WINDOWS\system32\3721_5.dll (file missing)
O2 - BHO: Yahoo Bar - {A697BC46-BC93-4833-93F5-1E365011E88A} - D:\WINDOWS\ODBINT.dll (file missing)
O2 - BHO: (no name) - {E730189A-9973-4121-B046-AD1C161EC3AF} - D:\WINDOWS\system32\37211.dll (file missing)
O3 - Toolbar: (no name) - {F60C7D81-8471-4D40-AAFE-56D318F34C2D} - (no file)
O3 - Toolbar: Adobe Flash player 9.0 - {FB8A3D63-87AE-480C-BC6F-B28D720D5D62} - D:\Program Files\Adobe Flash player 9.0\toolbar.dll
O4 - HKLM\..\Run: [RavTask] "D:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [R] D:\WINDOWS\system32\rundll32.exe radm.dll s
O4 - HKLM\..\Run: [RfwMain] "D:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [rundll32] rundll32 rscfg.dll s
O4 - Startup: 腾讯QQ.lnk = F:\Program Files\Tencent\Qq\QQ.exe
O8 - Extra context menu item: &使用迅雷下载 - D:\Program Files\迅雷 Network\Thunder\Program\GetUrl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - D:\Program Files\迅雷 Network\Thunder\Program\GetAllUrl.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - F:\Program Files\Tencent\Qq\AddToNetDisk.htm
O8 - Extra context menu item: 使用Web迅雷下载 - D:\Program Files\Thunder Network\WebThunder\GetUrl.htm
O8 - Extra context menu item: 使用Web迅雷下载全部链接 - D:\Program Files\Thunder Network\WebThunder\GetAllUrl.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - F:\Program Files\Tencent\Qq\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - F:\Program Files\Tencent\Qq\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - F:\Program Files\Tencent\Qq\SendMMS.htm
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - f:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - f:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {3D8F74EE-8692-4F8F-B8D2-7522E732519E} (WebActivater Control) - http://game.qq.com/QQGame2.cab
O16 - DPF: {C07405FD-84D1-4A25-94E8-68609EA8335B} (iChatX Object) - http://chat.zbinfo.net/ichatx.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{276B8362-E94E-4BBF-A702-3B585DBEFAF2}: NameServer = 61.233.154.33 211.98.4.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{276B8362-E94E-4BBF-A702-3B585DBEFAF2}: NameServer = 61.233.154.33 211.98.4.1
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - d:\program files\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - D:\Program Files\Rising\Rav\CCenter.exe
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\Program Files\Rising\Rav\Ravmond.exe

【回复“光前裕后”的帖子】最直接的办法，去学校前拔电源，就ＯＫ了．．．