附件: SREngLOG.log (2008-5-7 21:38:05, 39.44 K)
该附件被下载次数 130

各位朋友,有没有遇到QQ经常掉线?打开网页都一切正常,QQ音乐也一切正常,就是QQ不停的掉线,几秒钟就掉一次,已经用瑞星杀毒了不管用,卸了几次,又下载新的QQ版本,还是不行.

到底是什么原因啊????
郁闷死了,与朋友聊个天都不行.



以下是刚才扫描后的日志.

请帮忙看看.

在线等.......................

不是的.\
ADSL电信,通过公司网线接的.其他同事的都没问题,就我的有问题.

好的,谢谢.
试试看.

以下是刚才扫描的报告,请帮忙看看...老版..
[CODE]
2008-05-07,21:36:41
System Repair Engineer 2.6.8.980
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows Publisher]
    <MSPY2002><C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC>  [(Verified)Microsoft Windows Publisher]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <nwiz><nwiz.exe /install>  []
    <NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <RTHDCPL><RTHDCPL.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <SkyTel><SkyTel.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <Alcmtr><ALCMTR.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [(Verified)Microsoft Corporation]
    <360Safetray><E:\360safe\safemon\360tray.exe /start>  [(Verified)Qizhi Software (beijing) Co. Ltd]
    <51GG><C:\Program Files\51\Guagua\51GG.exe>  [www.51.com]
    <Picasa Media Detector><E:\Picasa2\PicasaMediaDetector.exe>  [Google Inc.]
    <WebThunder><E:\QQDownload\WebThunder.exe>  [(Verified)ShenZhen Thunder Networking Technologies Ltd.]
    <RavTask><"E:\Rising\Rav\RavTask.exe" -system>  [(Verified)Beijing Rising Science and Technology Corporation Limited]
    <runeip><"C:\Program Files\Rising\AntiSpyware\runiep.exe" /startup>  [Beijing Rising Technology Co., Ltd.]
    <360Safebox><"C:\Program Files\360Safebox\SafeBoxTray.exe" /r>  [(Verified)Qizhi Software (beijing) Co. Ltd]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Science and Technology Corporation Limited]
    <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path]
    <IFEO[Your Image File Name Here without a path]><ntsd -d>  [N/A]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\system32\Coopen.scr>  [File is missing]
==================================
启动文件夹
[QQ游戏启动加速程序]
  <C:\Documents and Settings\Admin\「开始」菜单\程序\启动\QQ游戏启动加速程序.lnk --> E:\QQGame\Accel.exe [深圳市腾讯计算机系统有限公司]><N>[腾讯QQ]
  <C:\Documents and Settings\Admin\「开始」菜单\程序\启动\腾讯QQ.lnk --> E:\qq\QQ.exe [TENCENT]><N>
==================================
服务
[Forceware Web Intexxxce / ForcewareWebIntexxxce][Running/Auto Start]
  <"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice><Apache Software Foundation>
[Human Intexxxce Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[ForceWare IP service / nSvcIp][Running/Auto Start]
  <C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe><NVIDIA Corporation>
[ForceWare user log service / nSvcLog][Running/Auto Start]
  <C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe><NVIDIA Corporation>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Office Source Engine / ose][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"><Microsoft Corporation>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"E:\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
  <"E:\RISING\RAV\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[Windows Network Media Service / UiPlayer][Running/Auto Start]
  <C:\Program Files\UitvDll\msrv.exe><>
[Contrl Center of Storm Media / ccosm][Running/Auto Start]
  <E:\影音风暴\stormliv.exe /asservice><北京暴风网际科技有限公司>
==================================
驱动程序
[AliIde / AliIde][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\aliide.sys><N/A>
[AMD Processor Driver / AmdK8][Running/System Start]
  <system32\DRIVERS\AmdK8.sys><Advanced Micro Devices>
[CmdIde / CmdIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[cpuz / cpuz][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\cpuz.sys><N/A>
[EagleNT / EagleNT][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\EagleNT.sys><N/A>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[HookCont / HookCont][Running/System Start]
  <\SystemRoot\system32\drivers\HookCont.sys><Beijing Rising Technology Co., Ltd>
[HookNtos / HookNtos][Running/System Start]
  <\SystemRoot\system32\drivers\HookNtos.sys><Beijing Rising Technology Co., Ltd>
[HookReg / HookReg][Running/System Start]
  <\SystemRoot\system32\drivers\HookReg.sys><Beijing Rising Technology Co., Ltd>
[HookSys / HookSys][Running/System Start]
  <\SystemRoot\system32\drivers\HookSys.sys><Beijing Rising Technology Co., Ltd>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
  <system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[MegaIDE / MegaIDE][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\MegaIDE.sys><LSI Logic Corporation.>
[ATK0110 ACPI UTILITY / MTsensor][Running/Manual Start]
  <system32\DRIVERS\ASACPI.sys><>
[npkcrypt / npkcrypt][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\npkcrypt.sys><N/A>
[npkycryp / npkycryp][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\npkycryp.sys><N/A>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[nvata / nvata][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\nvata.sys><NVIDIA Corporation>
[NVIDIA nForce Networking Controller Driver / NVENETFD][Running/Manual Start]
  <system32\DRIVERS\NVENETFD.sys><NVIDIA Corporation>
[NVIDIA Network Bus Enumerator / nvnetbus][Running/Manual Start]
  <system32\DRIVERS\nvnetbus.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
  <\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[QKeyServiceDisplay / QKeyService][Running/Boot Start]
  <\SystemRoot\system32\KeyCrypt.sys><Tencent Technology (Shenzhen) Company Limited>
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
  <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
  <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[TesSafe / TesSafe][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>

==================================
浏览器加载项
[WebThunder Browser Helper]
  {00000AAA-A363-466E-BEF5-9BB68697AA7F} <E:\QQDownload\WebThunderBHO_Now.dll, Thunder Networking Technologies,LTD>
[QQToolbar]
  {29CF293A-1E7D-4069-9E11-E39698D0AF95} <C:\Program Files\Tencent\QQToolbar\IEBar.dll, TENCENT>
[SafeMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <E:\360safe\safemon\safemon.dll, 360.CN>
[信息检索(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[启动WEB迅雷]
  {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} <http://my.xunlei.com, N/A>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[QQToolbar]
  {29CF293A-1E7D-4069-9E11-E39698D0AF95} <C:\Program Files\Tencent\QQToolbar\IEBar.dll, TENCENT>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
[WebThunder Browser Helper]
  {00000AAA-A363-466E-BEF5-9BB68697AA7F} <E:\QQDownload\WebThunderBHO_Now.dll, Thunder Networking Technologies,LTD>
[WebThunder Class]
  {03507A1A-E0C5-4404-AA26-205385C0892D} <, N/A>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[PhotoDraw Class]
  {2375BEE5-F175-4F1C-81EC-8E4E2E72E2DD} <E:\新建文件夹\Qzone\QQPhotoDraw.dll, N/A>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[QQToolbar]
  {29CF293A-1E7D-4069-9E11-E39698D0AF95} <C:\Program Files\Tencent\QQToolbar\IEBar.dll, TENCENT>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[WebThunder DapPlayer]
  {2EEDA47E-8D5C-4d7e-B4B6-E16E19218555} <E:\QQDownload\DownAndPlay\DapPlayer3.0.41.65.415.dll, ShenZhen Thunder Networking Technologies Ltd.>
[HtmlDlgSafeHelper Class]
  {3050F819-98B5-11CF-BB82-00AA00BDCE0B} <C:\WINDOWS\system32\mshtmled.dll, Microsoft Corporation>
[IETag Factory]
  {38481807-CA0E-42D2-BF39-B33AF135CC4D} <C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL, Microsoft Corporation>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
[XMP Class]
  {6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, >
[XDRM]
  {693571CB-54A3-4E90-9D52-EEAE1334E2D3} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, >
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Active Desktop Mover]
  {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[360SafeLive]
  {87515F61-A66C-4319-A0E0-D416CB8059E3} <E:\360safe\live.dll, 360.cn>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[ImageUploader Control]
  {97488D0C-D52F-4E0C-9B59-BCFCD3F7B390} <C:\PROGRA~1\51\PHOTOU~1\PHOTOU~1.OCX, www.51.com>
[RMGetLicense Class]
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[Thunder DapCtrl]
  {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\DapCtrl1.5.578.28.416.dll, ShenZhen Thunder Networking Technologies Ltd.>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[SafeMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <E:\360safe\safemon\safemon.dll, 360.CN>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[CUiCheckCtrl Object]
  {CC2FF467-0BD8-408A-B591-07F8790C7321} <C:\Program Files\UitvDll\UiCheck.dll, >
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[PasswordEditCtrl Class]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技（深圳）有限公司>
[Thunder DapCtrl]
  {EF1EA76E-5428-4e40-85A1-D4DD2893183A} <E:\QQDownload\DownAndPlay\DapCtrl1.3.17.20.508.dll, ShenZhen Thunder Networking Technologies Ltd.>
[XPPlayer Class]
  {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\pplayer.dll_1_work, Thunder>
[使用WEB迅雷下载]
  <E:\QQDownload\GetUrl.htm, N/A>
[使用WEB迅雷下载全部链接]
  <E:\QQDownload\GetAllUrl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ表情]
  <E:\qq\AddEmotion.htm, N/A>

==================================

正在运行的进程
[PID: 628 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 688 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 712 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 756 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 768 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 932 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 992 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1080 / SYSTEM][E:\Rising\Rav\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 20.0.0.28]
[PID: 1096 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1184 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1252 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1456 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\mdimon.dll]  [Microsoft Corporation, 11.3.1897.0]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll]  [Microsoft Corporation, 11.3.1897.0]
[PID: 1708 / Admin][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [E:\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 0, 1006]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [E:\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
    [E:\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.17]
    [C:\WINDOWS\system32\shlhook.dll]  [Beijing Rising Technology Co., Ltd., 4.0.0.9]
    [C:\WINDOWS\system32\nvcpl.dll]  [NVIDIA Corporation, 6.14.10.9163]
    [C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.9163]
    [C:\WINDOWS\system32\nvapi.dll]  [N/A, ]
    [C:\WINDOWS\system32\nvshell.dll]  [, ]
    [C:\WINDOWS\system32\icm32.dll]  [Microsoft Corporation, 5.1.2600.2709 (xpsp_sp2_gdr.050628-1518)]
    [E:\QQDownload\WebThunderBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 75]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
[PID: 1924 / Admin][C:\WINDOWS\system32\RUNDLL32.EXE]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\NvMcTray.dll]  [NVIDIA Corporation, 6.14.10.9163]
    [C:\WINDOWS\system32\nvapi.dll]  [N/A, ]
    [C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.9163]
[PID: 1932 / Admin][C:\WINDOWS\RTHDCPL.EXE]  [Realtek Semiconductor Corp., 2.1.4.2]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 196 / Admin][E:\Picasa2\PicasaMediaDetector.exe]  [Google Inc., 2.1.0]
[PID: 228 / Admin][E:\QQDownload\WebThunder.exe]  [深圳市迅雷网络技术有限公司, 1, 12, 3, 214]
    [E:\QQDownload\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [E:\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 0, 1006]
    [E:\QQDownload\TaskManager.dll]  [Thunder Networking Technologies,LTD, 1, 3, 1, 56]
    [E:\QQDownload\download_intexxxce.dll]  [Thunder Networking Technologies,LTD, 2, 21, 2, 217]
    [E:\QQDownload\stlport_vc646.dll]  [STLport Consulting, Inc., 4.6.2003.1031]
    [E:\QQDownload\asyn_dns.dll]  [Thunder Networking Technologies,LTD, 2, 21, 2, 217]
    [E:\QQDownload\streammedialib.dll]  [, 1, 3, 2, 124]
    [E:\QQDownload\al.dll]  [, 1, 0, 1, 3]
    [E:\QQDownload\xldc.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 14]
    [E:\QQDownload\bd.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 6]
    [E:\QQDownload\RegisterDll.dll]  [Thunder Networking Technologies,LTD, 2, 16, 5, 63]
    [E:\QQDownload\CacheServer.dll]  [, 1, 0, 0, 1]
    [E:\QQDownload\XLSafe\SafeInfo.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 1, 2]
    [E:\QQDownload\XLSafe\RMFScan.dll]  [N/A, ]
    [E:\QQDownload\XLNet.Dll]  [Thunder Networking Technologies,LTD, 1, 3, 4, 18]
    [E:\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
    [E:\QQDownload\DownAndPlay\WebDownAndPlay.dll]  [ShenZhen Thunder Networking Technologies Ltd., 1, 0, 3, 21]
    [E:\QQDownload\XLStatistic\XLStatisticAddin.dll]  [深圳市迅雷网络技术有限公司, 1, 4, 1, 5]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx]  [Adobe Systems, Inc., 9,0,124,0]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 268 / Admin][E:\Rising\Rav\RavTask.exe]  [Beijing Rising Technology Co., Ltd., 20.0.0.23]
    [E:\Rising\Rav\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [E:\Rising\Rav\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [E:\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [E:\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
    [E:\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.16]
[PID: 276 / Admin][C:\Program Files\Rising\AntiSpyware\runiep.exe]  [Beijing Rising Technology Co., Ltd., 5.0.0.16]
    [C:\Program Files\Rising\AntiSpyware\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Rising\AntiSpyware\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 17]
    [E:\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 0, 1006]
[PID: 328 / Admin][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [E:\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 0, 1006]
[PID: 528 / Admin][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [E:\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 0, 1006]
[PID: 840 / SYSTEM][C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe]  [Apache Software Foundation, 2.0.52]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libapr.dll]  [Apache Software Foundation, 0.0.0.0]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libaprutil.dll]  [Apache Software Foundation, 0.0.0.0]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libapriconv.dll]  [Apache Software Foundation, 0.0.0.0]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libhttpd.dll]  [Apache Software Foundation, 2.0.52]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_access.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_actions.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_alias.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_auth.so]  [N/A, ]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\nv_common.dll]  [NVIDIA, 2, 2, 0, 464]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_cgi.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_env.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_expires.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_headers.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_include.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_log_config.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_mime.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_negotiation.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_rewrite.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_setenvif.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_ssl.so]  [Apache Software Foundation, 2.0.47]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\SSLEAY32.dll]  [N/A, ]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\LIBEAY32.dll]  [N/A, ]
[PID: 1028 / SYSTEM][C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe]  [NVIDIA Corporation, 2, 2, 0, 464]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nv_common.dll]  [NVIDIA, 2, 2, 0, 464]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\NMI.dll]  [NVIDIA Corporation, 2, 2, 0, 464]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\MSVCP60.dll]  [Microsoft Corporation, 6.02.3104.0]
[PID: 1068 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.10.9163]
    [C:\WINDOWS\system32\nvapi.dll]  [N/A, ]
[PID: 1268 / SYSTEM][C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe]  [Apache Software Foundation, 2.0.52]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libapr.dll]  [Apache Software Foundation, 0.0.0.0]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libaprutil.dll]  [Apache Software Foundation, 0.0.0.0]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libapriconv.dll]  [Apache Software Foundation, 0.0.0.0]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libhttpd.dll]  [Apache Software Foundation, 2.0.52]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_access.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_actions.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_alias.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_auth.so]  [N/A, ]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\nv_common.dll]  [NVIDIA, 2, 2, 0, 464]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_cgi.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_env.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_expires.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_headers.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_include.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_log_config.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_mime.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_negotiation.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_rewrite.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_setenvif.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_ssl.so]  [Apache Software Foundation, 2.0.47]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\SSLEAY32.dll]  [N/A, ]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\LIBEAY32.dll]  [N/A, ]
[PID: 1676 / SYSTEM][C:\Program Files\UitvDll\msrv.exe]  [, 1, 0, 1, 2]
    [C:\Program Files\UitvDll\UiPlay.dll]  [, 3.0.4.3]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
[PID: 2080 / SYSTEM][C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe]  [NVIDIA Corporation, 2, 2, 0, 464]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nv_common.dll]  [NVIDIA, 2, 2, 0, 464]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nv_common_firewall.dll]  [NVIDIA, 2, 2, 0, 464]
[PID: 2700 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3188 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3332 / SYSTEM][E:\RISING\RAV\ravmond.exe]  [Beijing Rising Technology Co., Ltd., 20.0.0.76]
    [E:\RISING\RAV\BWList.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.4]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [E:\RISING\RAV\RSAPPMGR.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
    [E:\RISING\RAV\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.16]
    [E:\RISING\RAV\RsLog.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.34]
    [E:\RISING\RAV\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [E:\RISING\RAV\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [E:\RISING\RAV\MonRule.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.29]
    [E:\RISING\RAV\Hooksys.dll]  [Beijing Rising Technology Co., Ltd, 22, 0, 0, 9]
    [E:\RISING\RAV\HookReg.dll]  [Beijing Rising Technology Co., Ltd, 22, 0, 0, 4]
    [E:\RISING\RAV\HookNtos.dll]  [Beijing Rising Technology Co., Ltd, 22, 0, 0, 2]
    [E:\RISING\RAV\rswalmon.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 22]
    [E:\RISING\RAV\recomp.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 36]
    [E:\RISING\RAV\refs.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 17]
    [E:\RISING\RAV\ffr.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 13]
    [E:\Rising\Rav\RsStore.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.8]
    [E:\RISING\RAV\HookCont.dll]  [Beijing Rising Technology Co., Ltd, 22, 0, 0, 1]
    [E:\Rising\Rav\fakescan.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.13]
    [E:\Rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.36]
    [E:\RISING\RAV\viruslib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]
    [E:\RISING\RAV\relibldr.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [E:\RISING\RAV\HookWeb.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.2]
    [E:\RISING\RAV\nvfile.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 6]
    [E:\RISING\RAV\scanexec.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 17]
    [E:\RISING\RAV\unexe.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4]
    [E:\RISING\RAV\scanex.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 62]
    [E:\RISING\RAV\pearc.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 5]
    [E:\RISING\RAV\scansct.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9]
    [E:\RISING\RAV\extfile.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 29]
    [E:\RISING\RAV\scanpack.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9]
    [E:\RISING\RAV\revm.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 8]
    [E:\RISING\RAV\urutils.dll]  [, 20, 0, 0, 6]
    [E:\RISING\RAV\ur000.dat]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 18]
    [E:\RISING\RAV\scriptci.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
    [E:\RISING\RAV\uroutine.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]
    [E:\RISING\RAV\ur001.dat]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
    [E:\RISING\RAV\extmail.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9]
[PID: 3884 / SYSTEM][E:\RISING\RAV\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 20.0.0.9]
    [E:\RISING\RAV\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [E:\RISING\RAV\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [E:\RISING\RAV\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
[PID: 1584 / Admin][E:\Rising\Rav\RAVMON.EXE]  [Beijing Rising Technology Co., Ltd., 20.0.01.19]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [E:\Rising\Rav\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [E:\Rising\Rav\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [E:\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [E:\Rising\Rav\recomp.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 36]
    [E:\Rising\Rav\refs.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 17]
    [E:\Rising\Rav\viruslib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]
    [E:\Rising\Rav\relibldr.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [E:\Rising\Rav\RSAPPMGR.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
    [E:\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.16]
    [E:\Rising\Rav\MonRule.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.29]
    [E:\Rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4]
    [E:\Rising\Rav\Rsguilib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 88]
    [E:\Rising\Rav\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 0]
[PID: 3892 / Admin][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]

[E:\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 0, 1006]
    [E:\QQDownload\WebThunderBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 75]
    [C:\Program Files\Tencent\QQToolbar\IEBar.dll]  [TENCENT, 2, 0, 14, 12]
    [C:\Documents and Settings\Admin\Application Data\TENCENT\QQToolbar\buttons\Toolbar.dll]  [TENCENT, 2, 0, 23, 11]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
    [E:\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx]  [Adobe Systems, Inc., 9,0,124,0]
    [C:\WINDOWS\system32\JPWB.IME]  [常诚研制, 4.00.950]
[PID: 1644 / SYSTEM][E:\影音风暴\stormliv.exe]  [北京暴风网际科技有限公司, 3, 7, 12, 20]
    [E:\影音风暴\MSVCP60.dll]  [Microsoft Corporation, 6.02.3104.0]
[PID: 1672 / Admin][E:\WinRAR.exe]  [N/A, ]
    [E:\Formats\7z.fmt]  [N/A, ]
    [E:\Formats\ace.fmt]  [N/A, ]
    [E:\Formats\arj.fmt]  [N/A, ]
    [E:\Formats\bz2.fmt]  [N/A, ]
    [E:\Formats\cab.fmt]  [N/A, ]
    [E:\Formats\gz.fmt]  [N/A, ]
    [E:\Formats\iso.fmt]  [N/A, ]
    [E:\Formats\lzh.fmt]  [N/A, ]
    [E:\Formats\tar.fmt]  [N/A, ]
    [E:\Formats\uue.fmt]  [N/A, ]
    [E:\Formats\z.fmt]  [N/A, ]
    [E:\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 0, 1006]
[PID: 2456 / Admin][C:\DOCUME~1\Admin\LOCALS~1\Temp\Rar$EX00.484\SREngLdr.EXE]  [Smallfrogs Studio, 2.6.8.980]
[PID: 1788 / Admin][C:\DOCUME~1\Admin\LOCALS~1\Temp\Rar$EX00.484\SRE6238769a.EXE]  [Smallfrogs Studio, 2.6.8.980]
    [E:\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 0, 1006]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost
127.0.0.1  yu.8s7.net
127.0.0.1  1.jopanqc.com
127.0.0.1  2.joppnqq.com
127.0.0.1  wg.47255.com
127.0.0.1  1.joppnqq.com
127.0.0.1  xxx.m111.biz
127.0.0.1  1.jopenqc.com
127.0.0.1  1.jopenkk.com
127.0.0.1  xxx.vh7.biz
127.0.0.1  xxx.j41m.com
127.0.0.1  3.joppnqq.com
127.0.0.1  d.93se.com
127.0.0.1  www.868wg.com
127.0.0.1  xxx.mmma.biz
127.0.0.1  ilove.com
127.0.0.1  tp.shpzhan.cn
127.0.0.1  www.tomwg.com
127.0.0.1  www.cike007.cn
127.0.0.1  www.22aaa.com
127.0.0.1  xx.exiao01.com
127.0.0.1  www.exiao01.com
127.0.0.1  www.exiao01.com
127.0.0.1  new.749571.com
127.0.0.1  xtx.kv8.info
127.0.0.1  cao.kv8.info
127.0.0.1  1.jopmmqq.com
127.0.0.1  171817.171817.com
127.0.0.1  d2.llsging.com
127.0.0.1  down.malasc.cn
127.0.0.1  llboss.com
127.0.0.1  nx.51ylb.cn
127.0.0.1  my.531jx.cn
127.0.0.1  qqq.dzydhx.com
127.0.0.1  qqq.hao1658.com
127.0.0.1  www.333292.com
127.0.0.1  down.18dd.net
127.0.0.1  up.22x44.com
127.0.0.1  aaa.faba01.com
127.0.0.1  bad.tqdlt.cn
127.0.0.1  1.chsipo.com
127.0.0.1  c3.aishangai.net
127.0.0.1  c2.aishangai.net
127.0.0.1  xxx.188dm.com
127.0.0.1  x2.1a2b3c1.com
127.0.0.1  d1.163500.net
127.0.0.1  down.google-serv.cn
==================================
进程特权扫描
特殊特权被允许： SeLoadDriverPrivilege [PID = 196, E:\PICASA2\PICASAMEDIADETECTOR.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 276, C:\PROGRAM FILES\RISING\ANTISPYWARE\RUNIEP.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1028, C:\PROGRAM FILES\NVIDIA CORPORATION\NETWORKACCESSMANAGER\BIN\NSVCLOG.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2080, C:\PROGRAM FILES\NVIDIA CORPORATION\NETWORKACCESSMANAGER\BIN\NSVCIP.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1672, E:\WINRAR.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2456, C:\DOCUME~1\ADMIN\LOCALS~1\TEMP\RAR$EX00.484\SRENGLDR.EXE]
==================================
API HOOK
N/A
==================================
隐藏进程
N/A
==================================
[/CODE]