不知道为什么,电脑会有时候屏幕突然停住几秒,不会动的....过了几秒后,才恢复正常

是不是中毒了??帮忙看下~~

[CODE]

2008-02-08,03:18:58

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
    <BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}><"C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe">  [Nero AG]
    <MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" /background>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002ASync><; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002A><; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows Publisher]
    <RTHDCPL><RTHDCPL.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <Alcmtr><ALCMTR.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <RavTask><"E:\Rav\RavTask.exe" -system>  [(Verified)Beijing Rising Science and Technology Corporation Limited]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <nwiz><; nwiz.exe /install>  []
    <NvMediaCenter><; RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit>  [(Verified)Microsoft Windows Publisher]
    <QuickTime Task><; "E:\QuickTime\qttask.exe" -atboottime>  [Apple Computer, Inc.]
    <NeroFilterCheck><C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe>  [Nero AG]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [(Verified)"RealNetworks, Inc."]
    <Sony Ericsson PC Suite><"E:\Sony Ericsson\Application Launcher\Application Launcher.exe" /startoptions>  []
    <IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [(Verified)Microsoft Corporation]
    <RemoteControl><E:\PowerDVD\PDVDServ.exe>  [(Verified)CyberLink]
    <LanguageShortcut><E:\PowerDVD\Language\Language.exe>  [(Verified)CyberLink]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Science and Technology Corporation Limited]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
    <IE7 Uninstall Stub><C:\WINDOWS\system32\ieudinit.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]

==================================
启动文件夹
N/A

==================================
服务
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
  <"C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe"><Macrovision Corporation>
[NMIndexingService / NMIndexingService][Running/Manual Start]
  <"C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe"><Nero AG>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\System32\nvsvc32.exe><NVIDIA Corporation>
[Cyberlink RichVideo Service(CRVS) / RichVideo][Running/Auto Start]
  <"C:\Program Files\Cyberlink\Shared Files\RichVideo.exe"><>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"E:\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
  <"E:\RAV\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>

==================================
驱动程序
[BIOS / BIOS][Running/System Start]
  <\??\C:\WINDOWS\System32\drivers\BIOS.sys><BIOSTAR Group>
[geiuzb71d5 / geiuzb71d5][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\geiuzb71d5.sys><N/A>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
  <System32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[HookCont / HookCont][Running/System Start]
  <\SystemRoot\system32\drivers\HookCont.sys><Beijing Rising Technology Co., Ltd>
[HookNtos / HookNtos][Running/System Start]
  <\SystemRoot\system32\drivers\HookNtos.sys><Beijing Rising Technology Co., Ltd>
[HookReg / HookReg][Running/System Start]
  <\SystemRoot\system32\drivers\HookReg.sys><Beijing Rising Technology Co., Ltd>
[HookSys / HookSys][Running/System Start]
  <\SystemRoot\system32\drivers\HookSys.sys><Beijing Rising Technology Co., Ltd>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
  <system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[nv / nv][Running/Manual Start]
  <System32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[ot8aacfs / ot8aacfs4][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\ot8aacfs4.sys><N/A>
[Padus ASPI Shell / pfc][Running/Manual Start]
  <system32\drivers\pfc.sys><Padus, Inc.>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
  <\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[QKeyServiceDisplay / QKeyService][Running/Boot Start]
  <\SystemRoot\system32\KeyCrypt.sys><Tencent Technology (Shenzhen) Company Limited>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\System32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[Realtek 10/100/1000 PCI NIC Family NDIS XP Driver / RTL8023xp][Running/Manual Start]
  <System32\DRIVERS\Rtnicxp.sys><Realtek Semiconductor Corporation>
[Sony Ericsson Device 070 driver (WDM) / se46bus][Stopped/Manual Start]
  <system32\DRIVERS\se46bus.sys><MCCI>
[Sony Ericsson Device 070 USB WMC Modem Filter / se46mdfl][Stopped/Manual Start]
  <system32\DRIVERS\se46mdfl.sys><MCCI>
[Sony Ericsson Device 070 USB WMC Modem Driver / se46mdm][Stopped/Manual Start]
  <system32\DRIVERS\se46mdm.sys><MCCI>
[Sony Ericsson Device 070 USB WMC Device Management Drivers (WDM) / se46mgmt][Stopped/Manual Start]
  <system32\DRIVERS\se46mgmt.sys><MCCI>
[Sony Ericsson Device 070 USB Ethernet Emulation SEMC46 (NDIS) / se46nd5][Stopped/Manual Start]
  <system32\DRIVERS\se46nd5.sys><MCCI>
[Sony Ericsson Device 070 USB WMC OBEX Interface / se46obex][Stopped/Manual Start]
  <system32\DRIVERS\se46obex.sys><MCCI>
[Sony Ericsson Device 070 USB Ethernet Emulation SEMC46 (WDM) / se46unic][Stopped/Manual Start]
  <system32\DRIVERS\se46unic.sys><MCCI>
[Secdrv / Secdrv][Stopped/Manual Start]
  <System32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[TesSafe / TesSafe][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
[{95808DC4-FA4A-4C74-92FE-5B863F82066B} / {95808DC4-FA4A-4C74-92FE-5B863F82066B}][Running/Auto Start]
  <\??\E:\PowerDVD\000.fcl><N/A>

==================================

[用户系统信息]Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; TencentTraveler )

浏览器加载项
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <E:\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[BitComet Helper]
  {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <E:\BitComet\tools\BitCometBHO_1.1.11.30.dll, BitComet>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <E:\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[SafeMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <E:\360safe\safemon\safemon.dll, 奇虎网>
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <E:\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[信息检索(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <E:\MICROS~1\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[BitComet]
  {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} <, N/A>
[InstallHelper Class]
  {1DABF8D5-8430-4985-9B7F-A30E53D709B3} <C:\WINDOWS\system32\QQLiveInstaller.dll, >
[UploadControl Control]
  {52FF336D-A05D-4A14-A3A1-7B6B4B427F88} <C:\WINDOWS\system32\UPLOAD~1.OCX, 广州网易互动娱乐有限公司>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[DivXBrowserPlugin Object]
  {67DABFBF-D0AB-41FA-9C46-CC0F21721616} <E:\DivX\DivX Web Player\npdivx32.dll, DivX,Inc.>
[MofileUploadX Control]
  {7260569F-1D40-4E7F-B95B-2E68D35668B9} <C:\WINDOWS\DOWNLO~1\MoUpload.ocx, >
[AxInputControl Class]
  {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\DOWNLO~1\INPUTC~1.DLL, >
[163Uploader Control]
  {8686F2A6-DC01-4E8F-BDE3-DCC7DBBAD6AE} <C:\WINDOWS\system32\163UPL~1.OCX, 广州网易互动娱乐有限公司>
[ScreenCapture Class]
  {BFB79EE1-04AE-4D4A-B85E-27EE5F30C095} <C:\WINDOWS\system32\TXGYMailActiveX.dll, Tencent Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash9e.ocx, Adobe Systems, Inc.>
[PhotoUploadCtrlMini Control]
  {D9306BD1-2325-4C28-8632-B02330C1BB02} <C:\WINDOWS\system32\PHOTOU~1.OCX, 广州网易互动娱乐有限公司>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <E:\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[XML DOM Document]
  {2933BF90-7B36-11D2-B20E-00C04F983E60} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[RealPlayer Download and Record Plugin for Internet Explorer]
  {3049C3E9-B461-4BC5-8870-4C09146192CA} <E:\RealPlayer\rpbrowserrecordplugin.dll, RealPlayer>
[BitComet Helper]
  {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <E:\BitComet\tools\BitCometBHO_1.1.11.30.dll, BitComet>
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <E:\Thunder\ComDlls\ThunderAgent_Now.dll, Thunder Networking Technologies,LTD>
[XMP Class]
  {6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, >
[XDRM]
  {693571CB-54A3-4E90-9D52-EEAE1334E2D3} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, >
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[MediaComm Class]
  {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <E:\Thunder\Components\InMedia\MediaAddin14.dll, Thunder Networking Technologies,LTD>
[360SafeLive]
  {87515F61-A66C-4319-A0E0-D416CB8059E3} <E:\360safe\live.dll, 360safe.com>
[Microsoft Web Browser]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\ieframe.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <E:\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[XML DOM Document 4.0]
  {88D969C0-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml4.dll, Microsoft Corporation>
[Free Threaded XML DOM Document 4.0]
  {88D969C1-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml4.dll, Microsoft Corporation>
[XSL Template 4.0]
  {88D969C3-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml4.dll, Microsoft Corporation>
[XML HTTP 4.0]
  {88D969C5-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml4.dll, Microsoft Corporation>
[XML DOM 文档 5.0]
  {88D969E5-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL, Microsoft Corporation>
[RMGetLicense Class]
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[SafeMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <E:\360safe\safemon\safemon.dll, 奇虎网>
[QQPlayerSvr Proxy Control]
  {CD108273-D434-43E6-AA90-1469F97EB398} <E:\腾讯QQ\QzoneMusic.dll, 腾讯科技>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash9e.ocx, Adobe Systems, Inc.>
[QuickTimeCheck Class]
  {DE4AF3B0-F4D4-11D3-B41A-0050DA2E6C21} <E:\QuickTime\QTSystem\QuickTimeCheck.ocx, Apple Computer, Inc.>
[]
  {E1771B7F-98BE-407F-BA67-AA16ADA5D0C5} <C:\PROGRA~1\MSNMES~1\MSGSC8~1.DLL, Microsoft Corporation>
[TimwpDll.TimwpCheck]
  {ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4} <E:\腾讯QQ\Timwp.dll, TENCENT>
[XML HTTP Request]
  {ED8C108E-4349-11D2-91A4-00C04F7969E8} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[XPPlayer Class]
  {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\pplayer.dll_1_work, Thunder>
[XML DOM Document 3.0]
  {F5078F32-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[Free Threaded XML DOM Document 3.0]
  {F5078F33-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[XML HTTP 3.0]
  {F5078F35-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[XSL Template 3.0]
  {F5078F36-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[XML HTTP]
  {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[&使用BitComet下载]
  <res://E:\BitComet\BitComet.exe/AddLink.htm, N/A>
[&使用BitComet下载全部链接]
  <res://E:\BitComet\BitComet.exe/AddAllLink.htm, N/A>
[&使用BitComet下载本页视频]
  <res://E:\BitComet\BitComet.exe/AddVideo.htm, N/A>
[使用迅雷下载]
  <E:\Thunder\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <E:\Thunder\Program\getallurl.htm, N/A>
[导出到 Microsoft Excel(&x)]
  <res://E:\MICROS~1\Office10\EXCEL.EXE/3000, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://E:\MICROS~1\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ表情]
  <E:\腾讯QQ\AddEmotion.htm, N/A>
[添加到我的网易博客]
  <C:\WINDOWS\system32\NetEase.html, N/A>

==================================

正在运行的进程
[PID: 604 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 668 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 692 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 736 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 748 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 900 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 980 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1076 / SYSTEM][E:\Rav\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 20.0.0.28]
[PID: 1092 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1172 / NETWORK SERVICE][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1252 / LOCAL SERVICE][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1272 / SYSTEM][E:\RAV\Ravmond.exe]  [Beijing Rising Technology Co., Ltd., 20.0.0.60]
    [E:\RAV\BWList.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.4]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [E:\RAV\RSAPPMGR.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
    [E:\RAV\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.10]
    [E:\RAV\RsLog.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.30]
    [E:\RAV\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [E:\RAV\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [E:\RAV\MonRule.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.24]
    [E:\RAV\Hooksys.dll]  [Beijing Rising Technology Co., Ltd, 22, 0, 0, 7]
    [E:\RAV\HookReg.dll]  [Beijing Rising Technology Co., Ltd, 22, 0, 0, 2]
    [E:\RAV\HookNtos.dll]  [Beijing Rising Technology Co., Ltd, 22, 0, 0, 2]
    [E:\RAV\rswalmon.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 22]
    [E:\RAV\recomp.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]
    [E:\RAV\refs.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 13]
    [E:\RAV\ffr.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 10]
    [E:\Rav\RsStore.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.8]
    [E:\RAV\HookCont.dll]  [Beijing Rising Technology Co., Ltd, 22, 0, 0, 1]
    [E:\Rav\fakescan.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.13]
    [E:\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.35]
    [E:\RAV\viruslib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 17]
    [E:\RAV\relibldr.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 13]
    [E:\RAV\HookWeb.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.2]
    [E:\RAV\nvfile.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
    [E:\RAV\scanexec.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 14]
    [E:\RAV\unexe.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4]
    [E:\RAV\scanex.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 41]
    [E:\RAV\extfile.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 29]
    [E:\RAV\pearc.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 5]
    [E:\RAV\scanpack.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 8]
    [E:\RAV\revm.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 8]
    [E:\RAV\urutils.dll]  [, 20, 0, 0, 3]
    [E:\RAV\ur000.dat]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
    [E:\RAV\scriptci.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
    [E:\RAV\uroutine.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]
    [E:\RAV\extmail.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9]
    [E:\RAV\ur001.dat]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 1]
    [E:\RAV\scansct.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 6]
[PID: 1588 / SYSTEM][E:\RAV\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 20.0.0.9]
    [E:\RAV\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [E:\RAV\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [E:\RAV\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
[PID: 1788 / 林广豪][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Common Files\Ahead\Lib\NeroSearchBar.dll]  [Nero AG, 1, 5, 13, 0]
    [C:\Program Files\Common Files\Ahead\Lib\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\Ahead\Lib\MFC71U.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Common Files\Ahead\Lib\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Common Files\Ahead\Lib\BCGCBPRO800u.dll]  [BCGSoft Ltd, 8, 00, 0, 0]
    [C:\WINDOWS\System32\nvcpl.dll]  [NVIDIA Corporation, 6.14.11.5822]
    [C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.11.5822]
    [C:\WINDOWS\system32\nvapi.dll]  [NVIDIA Corporation, 6.14.11.5822]
    [C:\WINDOWS\System32\nvshell.dll]  [, ]

[E:\Thunder\Components\ResWorker\DsBho_00.dll]  [, 1, 0, 0, 12]
    [E:\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 13]
[PID: 1804 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\mdimon.dll]  [Microsoft Corporation, 11.3.1897.0]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll]  [Microsoft Corporation, 11.3.1897.0]
[PID: 1996 / 林广豪][C:\WINDOWS\RTHDCPL.EXE]  [Realtek Semiconductor Corp., 2.1.3.9]
[PID: 120 / 林广豪][E:\Rav\RavTask.exe]  [Beijing Rising Technology Co., Ltd., 20.0.0.22]
    [E:\Rav\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [E:\Rav\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [E:\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [E:\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
    [E:\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.10]
[PID: 148 / 林广豪][E:\Rav\Ravmon.exe]  [Beijing Rising Technology Co., Ltd., 20.0.01.11]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [E:\Rav\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [E:\Rav\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [E:\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [E:\Rav\recomp.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]
    [E:\Rav\refs.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 13]
    [E:\Rav\viruslib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 17]
    [E:\Rav\relibldr.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 13]
    [E:\Rav\RSAPPMGR.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
    [E:\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.10]
    [E:\Rav\MonRule.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.24]
    [E:\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4]
    [E:\Rav\Rsguilib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 88]
    [E:\Rav\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 0]
[PID: 232 / 林广豪][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.0.4279]
[PID: 320 / 林广豪][E:\PowerDVD\PDVDServ.exe]  [Cyberlink Corp., 7.00.2406]
    [E:\PowerDVD\CLRCEngine3.dll]  [CyberLink Corp., 7.00.1711    ]
[PID: 408 / 林广豪][C:\WINDOWS\ALCFDRTM.EXE]  [Realtek Semiconductor Corp., 1, 3, 0, 1]
[PID: 428 / 林广豪][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 448 / 林广豪][C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe]  [Nero AG, 1, 5, 13, 0]
    [C:\Program Files\Common Files\Ahead\Lib\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Common Files\Ahead\Lib\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\Ahead\Lib\AdvrCntr2.dll]  [Nero AG, 5,22,2, 10400]
    [C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvrPS.dll]  [Nero AG, 1, 5, 13, 0]
    [C:\Program Files\Common Files\Ahead\Lib\NMDataServices.dll]  [Nero AG, 1, 5, 13, 0]
[PID: 460 / 林广豪][C:\Program Files\Messenger\msmsgs.exe]  [Microsoft Corporation, 4.7.3001]
[PID: 516 / 林广豪][C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe]  [Nero AG, 1, 5, 13, 0]
    [C:\Program Files\Common Files\Ahead\Lib\NMSQLDB.dll]  [Nero AG, 1, 5, 13, 0]
    [C:\Program Files\Common Files\Ahead\Lib\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Common Files\Ahead\Lib\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\Ahead\Lib\NMLogCxx.dll]  [Nero AG, 1, 5, 13, 0]
    [C:\Program Files\Common Files\Ahead\Lib\log4cxx.dll]  [Nero AG, 1, 0, 0, 0]
    [C:\Program Files\Common Files\Ahead\Lib\NMCoFoundation.dll]  [Nero AG, 1, 5, 13, 0]
    [C:\Program Files\Common Files\Ahead\Lib\NMPluginBase.dll]  [Nero AG, 1, 5, 13, 0]
    [C:\Program Files\Common Files\Ahead\Lib\NMFullTextExtraction.dll]  [Nero AG, 1, 5, 13, 0]
    [C:\Program Files\Common Files\Ahead\Lib\NMSearchPluginSimilarImages.dll]  [Nero AG, 1, 5, 13, 0]
    [C:\Program Files\Common Files\Ahead\Lib\NeroIPP.dll]  [Nero AG, 4,5,17,1]
    [C:\Program Files\Common Files\Ahead\Lib\NMDataServices.dll]  [Nero AG, 1, 5, 13, 0]
    [C:\Program Files\Common Files\Ahead\Lib\NMIndexingServicePS.dll]  [Nero AG, 1, 5, 13, 0]
    [C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvrPS.dll]  [Nero AG, 1, 5, 13, 0]
[PID: 1912 / 林广豪][C:\Documents and Settings\林广豪\桌面\SREng\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
    [C:\Documents and Settings\林广豪\桌面\SREng\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
[PID: 620 / SYSTEM][C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe]  [Microsoft Corporation, 7.00.9466]
    [C:\Program Files\Common Files\Microsoft Shared\VS7Debug\2052\mdmui.dll]  [Microsoft Corporation, 7.00.9466]
[PID: 1192 / SYSTEM][C:\WINDOWS\System32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.11.5822]
    [C:\WINDOWS\System32\nvapi.dll]  [NVIDIA Corporation, 6.14.11.5822]
[PID: 1512 / SYSTEM][C:\Program Files\Cyberlink\Shared Files\RichVideo.exe]  [, 2.0.0425  ]
[PID: 1720 / LOCAL SERVICE][C:\WINDOWS\System32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 2156 / SYSTEM][C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe]  [Nero AG, 1, 5, 13, 0]
    [C:\Program Files\Common Files\Ahead\Lib\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Common Files\Ahead\Lib\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\Ahead\Lib\NMIndexingServicePS.dll]  [Nero AG, 1, 5, 13, 0]
    [C:\Program Files\Common Files\Ahead\Lib\NMLogCxx.dll]  [Nero AG, 1, 5, 13, 0]
    [C:\Program Files\Common Files\Ahead\Lib\log4cxx.dll]  [Nero AG, 1, 0, 0, 0]
    [C:\Program Files\Common Files\Ahead\Lib\NMDataServices.dll]  [Nero AG, 1, 5, 13, 0]
[PID: 2372 / 林广豪][C:\WINDOWS\system32\wscntfy.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2528 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3084 / SYSTEM][C:\WINDOWS\system32\wuauclt.exe]  [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)]
[PID: 3152 / NETWORK SERVICE][C:\WINDOWS\System32\wbem\wmiprvse.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

==================================

文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost
127.0.0.1  yu.8s7.net
127.0.0.1  1.jopanqc.com
127.0.0.1  2.joppnqq.com
127.0.0.1  wg.47255.com
127.0.0.1  1.joppnqq.com
127.0.0.1  xxx.m111.biz
127.0.0.1  1.jopenqc.com
127.0.0.1  1.jopenkk.com
127.0.0.1  xxx.vh7.biz
127.0.0.1  xxx.j41m.com
127.0.0.1  3.joppnqq.com
127.0.0.1  d.93se.com
127.0.0.1  www.868wg.com
127.0.0.1  xxx.mmma.biz
127.0.0.1  ilove.com
127.0.0.1  tp.shpzhan.cn
127.0.0.1  www.tomwg.com
127.0.0.1  www.177dvd.cn
127.0.0.1  www.cike007.cn
127.0.0.1  www.22aaa.com
127.0.0.1  xx.exiao01.com
127.0.0.1  www.exiao01.com
127.0.0.1  www.exiao01.com
127.0.0.1  new.749571.com
127.0.0.1  xtx.kv8.info
127.0.0.1  cao.kv8.info
127.0.0.1  1.jopmmqq.com
127.0.0.1  171817.171817.com
127.0.0.1  d2.llsging.com
127.0.0.1  down.malasc.cn
127.0.0.1  llboss.com
127.0.0.1  nx.51ylb.cn
127.0.0.1  my.531jx.cn
127.0.0.1  qqq.dzydhx.com
127.0.0.1  qqq.hao1658.com
127.0.0.1  www.333292.com
127.0.0.1  down.18dd.net
127.0.0.1  up.22x44.com

==================================
进程特权扫描
特殊特权被允许： SeLoadDriverPrivilege [PID = 408, C:\WINDOWS\ALCFDRTM.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 448, C:\PROGRAM FILES\COMMON FILES\AHEAD\LIB\NMBGMONITOR.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 516, C:\PROGRAM FILES\COMMON FILES\AHEAD\LIB\NMINDEXSTORESVR.EXE]

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]

顶~~~~帮下忙啊......不会看~~

有人知道吗??

是不是有病毒了??

[geiuzb71d5 / geiuzb71d5][Running/Auto Start]
<\??\C:\WINDOWS\system32\drivers\geiuzb71d5.sys><N/A>

[ot8aacfs / ot8aacfs4][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\ot8aacfs4.sys><N/A>

这两个都在驱动程序里面

究竟是什么来的....帮下忙啦~

文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]


这里不知道为什么

经常这样的~~

[]
  {E1771B7F-98BE-407F-BA67-AA16ADA5D0C5} <C:\PROGRA~1\MSNMES~1\MSGSC8~1.DLL, Microsoft Corporation>

是什么来的...在"浏览器加载项"