防火墙OK.但是瑞星红伞.请求高手指点一下!
怕大家没时间下，把日志写在后面了，希望能帮下我~

电脑不敢用了，请高手紧急指点一下
瑞星红伞，开了会说应用程序错误，然后就关了
....

[CODE]
2000-06-16,14:36:25
System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描

启动项目
注册表
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <SoundMan><SOUNDMAN.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <runeip><"C:\Program Files\Rising\KakaToolBar\runiep.exe" /startup>  [Beijing Rising Technology Co., Ltd.]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [(Verified)Beijing Rising Science and Technology Corporation Limited]
    <RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [(Verified)BEIJING RISING SCIENCE AND TECHNOLOGY CORPORATION LIMITED]
    <StormCodec_Helper><"E:\Storm Codec\StormSet.exe" /S /opti>  []
    <WebThunder><E:\web讯雷\WebThunder.exe>  [(Verified)ShenZhen Thunder Networking Technologies Ltd.]
    <Sony Ericsson PC Suite><"C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions>  [Sony Ericsson Mobile Communications AB]
    <UnlockerAssistant><"C:\Program Files\Unlocker\UnlockerAssistant.exe">  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <KKDelay><C:\Program Files\Rising\KakaToolBar\RunOnce.exe>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <Userinit><c:\windows\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><  ,yzztimsn.dll,ieprot.dll>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Science and Technology Corporation Limited]
    <{528DF602-9541-A985-210A-984A698C6F25}><C:\WINDOWS\system32\ptjhehlp.dll>  [N/A]
    <{5A069845-2036-6084-9054-6087502480A5}><C:\WINDOWS\system32\ozfyebyt.dll>  []
    <{9490415F-65F8-B5C5-D8BA-9405FB120549}><C:\WINDOWS\system32\yzztimsn.dll>  [N/A]
    <{6FD45A54-9875-698F-E56E-65102358FDF6}><C:\WINDOWS\system32\apsgfjba.dll>  [N/A]
    <{22596546-2036-9451-6058-658402589722}><C:\WINDOWS\system32\opshbbty.dll>  []
    <{5B1AEF69-DDAE-FDAD-DCAB-698F026ABDB5}><C:\WINDOWS\system32\oohxdbyt.dll>  []
    <{7C8D1401-A58D-A81C-CD24-A5915C4517C7}><C:\WINDOWS\system32\mnmhgsrv.dll>  []
    <{6A041F13-A111-12A3-B0CF-F99818AA68A6}><C:\WINDOWS\system32\zxmscwin.dll>  []
    <{81954FAC-1023-154F-895A-1458258AD818}><C:\WINDOWS\system32\ypdjfbmp.dll>  []
    <{37AC9076-C898-B098-D098-A18319080973}><C:\WINDOWS\system32\nhmxcjkl.dll>  [N/A]
    <{4F4F0064-71E0-4f0d-0015-708476C7815F}><C:\WINDOWS\system32\midimapmy.dll>  []
    <{4F4F0064-71E0-4f0d-0006-708476C7815F}><C:\WINDOWS\system32\midimapcb.dll>  []
    <{4F4F0064-71E0-4f0d-0017-708476C7815F}><C:\WINDOWS\system32\midimaptl.dll>  []
    <{4F4F0064-71E0-4f0d-0021-708476C7815F}><C:\WINDOWS\system32\midimappt.dll>  []
    <{4F4F0064-71E0-4f0d-0012-708476C7815F}><C:\WINDOWS\system32\midimapjr.dll>  []
    <{4F4F0064-71E0-4f0d-0004-708476C7815F}><C:\WINDOWS\system32\midimapwl.dll>  []
    <{4F4F0064-71E0-4f0d-0005-708476C7815F}><C:\WINDOWS\system32\midimapzx.dll>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <midimapzx><C:\WINDOWS\system32\midimapzx.dll>  []
    <midimapmy><C:\WINDOWS\system32\midimapmy.dll>  []
    <midimapwl><C:\WINDOWS\system32\midimapwl.dll>  []
    <midimaptl><C:\WINDOWS\system32\midimaptl.dll>  []
    <midimapcb><C:\WINDOWS\system32\midimapcb.dll>  []
    <midimapjr><C:\WINDOWS\system32\midimapjr.dll>  []
    <midimappt><C:\WINDOWS\system32\midimappt.dll>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [Microsoft Corporation]
==================================
启动文件夹
[彩虹QQ显IP]
  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\彩虹QQ显IP.lnk --> C:\PROGRA~1\彩虹QQ\CaiHong.exe [N/A]><N>
==================================
服务
[18 / 2008][Stopped/Auto Start]
  <C:\WINDOWS\RemoteAbc.exe><N/A>
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
  <C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Rising Proxy  Service / RfwProxySrv][Running/Auto Start]
  <c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
  <c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
  <"C:\PROGRAM FILES\RISING\RAV\Ravmond.exe"><N/A>
==================================
驱动程序
[963d29e0fc67dcf6 / 963d29e0fc67dcf6][Stopped/Manual Start]
  <\??\C:\963d29e0fc67dcf6.dat><N/A>
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
  <system32\drivers\ac97intc.sys><Intel Corporation>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AliIde / AliIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AMD K8 Processor Driver / AmdK8][Stopped/Manual Start]
  <System32\DRIVERS\amdk8.sys><Advanced Micro Devices>
[ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter / AN983][Running/Manual Start]
  <system32\DRIVERS\AN983.sys><ADMtek Incorporated.>
[ati2mtag / ati2mtag][Running/Manual Start]
  <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[CmdIde / CmdIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[HiddFldy / HiddFldy][Running/Auto Start]
  <\??\C:\WINDOWS\system32\d32dx9.sys><N/A>
[HookCont / HookCont][Running/System Start]
  <\SystemRoot\system32\drivers\HookCont.sys><Beijing Rising Technology Co., Ltd>
[HookNtos / HookNtos][Running/System Start]
  <\SystemRoot\system32\drivers\HookNtos.sys><Beijing Rising Technology Co., Ltd>
[HookReg / HookReg][Running/System Start]
  <\SystemRoot\system32\drivers\HookReg.sys><Beijing Rising Technology Co., Ltd>
[HookSys / HookSys][Running/System Start]
  <\SystemRoot\system32\drivers\HookSys.sys><Beijing Rising Technology Co., Ltd>
[HookUrl / HookUrl][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[KAVSafe / KAVSafe][Running/Auto Start]
  <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
[nv / nv][Stopped/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[NVATABUS / NVATABUS][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\NVATABUS.SYS><NVIDIA Corporation>
[NVIDIA nForce Networking Controller Driver / NVENETFD][Running/Manual Start]
  <system32\DRIVERS\NVENETFD.sys><NVIDIA Corporation>
[NVIDIA Network Bus Enumerator / nvnetbus][Running/Manual Start]
  <system32\DRIVERS\nvnetbus.sys><NVIDIA Corporation>
[NVIDIA nForce AGP Bus Filter / nv_agp][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\nv_agp.sys><NVIDIA Corporation>
[PciHardDisk / PciHardDisk][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\pcidisk.sys><N/A>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[QKeyServiceDisplay / QKeyService][Running/Boot Start]
  <\SystemRoot\system32\KeyCrypt.sys><Tencent Technology (Shenzhen) Company Limited>
[Rising  Rfwbase Driver / RfwBase][Running/Auto Start]
  <System32\DRIVERS\rfwbase.SYS><Beijing Rising Technology Co., Ltd.>
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
  <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising Technology Co., Ltd.>
[RsFwDrv / RsFwDrv][Running/System Start]
  <\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[Sony Ericsson Device 038 Driver driver (WDM) / SE26bus][Stopped/Manual Start]
  <system32\DRIVERS\SE26bus.sys><MCCI>
[Sony Ericsson Device 038 USB WMC Modem Filter / SE26mdfl][Stopped/Manual Start]
  <system32\DRIVERS\SE26mdfl.sys><MCCI>
[Sony Ericsson Device 038 USB WMC Modem Driver / SE26mdm][Stopped/Manual Start]
  <system32\DRIVERS\SE26mdm.sys><MCCI>
[Sony Ericsson Device 038 USB WMC Device Management Drivers (WDM) / SE26mgmt][Stopped/Manual Start]
  <system32\DRIVERS\SE26mgmt.sys><MCCI>
[Sony Ericsson Device 038 USB Ethernet Emulation SEMC38 (NDIS) / se26nd5][Stopped/Manual Start]
  <system32\DRIVERS\se26nd5.sys><MCCI>
[Sony Ericsson Device 038 USB WMC OBEX Interface / SE26obex][Stopped/Manual Start]
  <system32\DRIVERS\SE26obex.sys><MCCI>
[Sony Ericsson Device 038 USB Ethernet Emulation SEMC38 (WDM) / se26unic][Stopped/Manual Start]
  <system32\DRIVERS\se26unic.sys><MCCI>
[Secdrv / Secdrv][Running/Auto Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[sptd / sptd][Running/Boot Start]
  <\SystemRoot\System32\Drivers\sptd.sys><N/A>
[TesSafe / TesSafe][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
[Sony Ericsson Z550  driver (WDM) / Z550bus][Stopped/Manual Start]
  <system32\DRIVERS\Z550bus.sys><MCCI>
[PCANDIS5 NDIS Protocol Driver / PCANDIS5][Running/Manual Start]
  <\??\C:\WINDOWS\system32\PCANDIS5.SYS><Printing Communications Assoc., Inc. (PCAUSA)>
==================================
浏览器加载项
[WebThunder Browser Helper]
  {00000AAA-A363-466E-BEF5-9BB68697AA7F} <E:\web讯雷\WebThunderBHO_Now.dll, Thunder Networking Technologies,LTD>
[]
  {22596546-2036-9451-6058-658402589722} <C:\WINDOWS\system32\opshbbty.dll, N/A>
[]
  {37AC9076-C898-B098-D098-A18319080973} <C:\WINDOWS\system32\nhmxcjkl.dll, N/A>
[]
  {528DF602-9541-A985-210A-984A698C6F25} <C:\WINDOWS\system32\ptjhehlp.dll, N/A>
[]
  {5A069845-2036-6084-9054-6087502480A5} <C:\WINDOWS\system32\ozfyebyt.dll, N/A>
[]
  {5B1AEF69-DDAE-FDAD-DCAB-698F026ABDB5} <C:\WINDOWS\system32\oohxdbyt.dll, N/A>
[]
  {6A041F13-A111-12A3-B0CF-F99818AA68A6} <C:\WINDOWS\system32\zxmscwin.dll, N/A>
[]
  {6FD45A54-9875-698F-E56E-65102358FDF6} <C:\WINDOWS\system32\apsgfjba.dll, N/A>
[]
  {7C8D1401-A58D-A81C-CD24-A5915C4517C7} <C:\WINDOWS\system32\mnmhgsrv.dll, N/A>
[]
  {81954FAC-1023-154F-895A-1458258AD818} <C:\WINDOWS\system32\ypdjfbmp.dll, N/A>
[]
  {9490415F-65F8-B5C5-D8BA-9405FB120549} <C:\WINDOWS\system32\yzztimsn.dll, N/A>
[浩方对战平台]
  {0A155D3C-68E2-4215-A47A-E800A446447A} <E:\HFGameOPT\HFGameOPT\GameClient.exe, 上海浩方在线信息技术有限公司>
[PPLive]
  {95B3F550-91C4-4627-BCC4-521288C52977} <D:\PPLive\PPLive.exe, N/A>
[启动WEB迅雷]
  {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} <http://my.xunlei.com, N/A>
[IE搜索工具条]
  {BE830FD4-E393-417F-9F4B-CC70ABB3384C} <C:\WINDOWS\system32\IETool.dll, N/A>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[Edit Class]
  {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINDOWS\system32\CMBEdit.dll, >
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx, Adobe Systems, Inc.>
[WebThunder Browser Helper]
  {00000AAA-A363-466E-BEF5-9BB68697AA7F} <E:\web讯雷\WebThunderBHO_Now.dll, Thunder Networking Technologies,LTD>
[WebThunder Class]
  {03507A1A-E0C5-4404-AA26-205385C0892D} <, N/A>
[]
  {22596546-2036-9451-6058-658402589722} <C:\WINDOWS\system32\opshbbty.dll, N/A>
[]
  {37AC9076-C898-B098-D098-A18319080973} <C:\WINDOWS\system32\nhmxcjkl.dll, N/A>
[]
  {528DF602-9541-A985-210A-984A698C6F25} <C:\WINDOWS\system32\ptjhehlp.dll, N/A>
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[]
  {5A069845-2036-6084-9054-6087502480A5} <C:\WINDOWS\system32\ozfyebyt.dll, N/A>
[]
  {5B1AEF69-DDAE-FDAD-DCAB-698F026ABDB5} <C:\WINDOWS\system32\oohxdbyt.dll, N/A>
[PowerPlayer Control]
  {5EC7C511-CD0F-42E6-830C-1BD9882F3458} <C:\DOCUME~1\ADMINI~1\APPLIC~1\ppStream\2258~1.577\POWERP~1.DLL, PPStream Inc.>
[]
  {6A041F13-A111-12A3-B0CF-F99818AA68A6} <C:\WINDOWS\system32\zxmscwin.dll, N/A>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[]
  {6FD45A54-9875-698F-E56E-65102358FDF6} <C:\WINDOWS\system32\apsgfjba.dll, N/A>
[]
  {7C8D1401-A58D-A81C-CD24-A5915C4517C7} <C:\WINDOWS\system32\mnmhgsrv.dll, N/A>
[]
  {81954FAC-1023-154F-895A-1458258AD818} <C:\WINDOWS\system32\ypdjfbmp.dll, N/A>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[SopCore Control]
  {8FEFF364-6A5F-4966-A917-A3AC28411659} <D:\SopCast\sopocx.ocx, www.sopcast.com>
[]
  {9490415F-65F8-B5C5-D8BA-9405FB120549} <C:\WINDOWS\system32\yzztimsn.dll, N/A>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[IE搜索工具条]
  {BE830FD4-E393-417F-9F4B-CC70ABB3384C} <C:\WINDOWS\system32\IETool.dll, N/A>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx, Adobe Systems, Inc.>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[使用WEB迅雷下载]
  <E:\web讯雷\GetUrl.htm, N/A>
[使用WEB迅雷下载全部链接]
  <E:\web讯雷\GetAllUrl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ表情]
  <D:\QQ\AddEmotion.htm, N/A

==================================
正在运行的进程
[PID: 636 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 696 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
[PID: 724 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Ati2evxx.dll]  [ATI Technologies Inc., 6.14.10.4146]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
[PID: 768 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
[PID: 780 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
[PID: 920 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4146]
    [C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2504]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
[PID: 948 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
[PID: 1024 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
[PID: 1136 / SYSTEM][C:\Program Files\Rising\Rav\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 20.0.0.28]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
[PID: 1152 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
[PID: 1216 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4146]
    [C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2504]
    [C:\WINDOWS\system32\ati2evxx.dll]  [ATI Technologies Inc., 6.14.10.4146]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
[PID: 1256 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
[PID: 1360 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
[PID: 1424 / SYSTEM][c:\program files\rising\rfw\rfwsrv.exe]  [Beijing Rising Technology Co., Ltd., 7.0.0.68]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Rising\Rfw\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [c:\program files\rising\rfw\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [c:\program files\rising\rfw\RSAPPMGR.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
    [c:\program files\rising\rfw\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.16]
    [c:\program files\rising\rfw\RfwRule.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.13]
    [c:\program files\rising\rfw\rfwlog.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.12]
    [c:\program files\rising\rfw\Rfwdrv.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.41]
    [c:\program files\rising\rfw\ijt_ctrl.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.0]
    [c:\program files\rising\rfw\unvdet.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.5]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [c:\program files\rising\rfw\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.3]
[PID: 1648 / SYSTEM][c:\program files\rising\rfw\rfwstub.exe]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [c:\program files\rising\rfw\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
[PID: 1692 / SYSTEM][c:\program files\rising\rfw\rfwproxy.exe]  [Beijing Rising Technology Co., Ltd., 7.0.0.33]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Rising\Rfw\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [c:\program files\rising\rfw\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [c:\program files\rising\rfw\RfwRule.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.13]
    [c:\program files\rising\rfw\urlrule.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 9]
    [c:\program files\rising\rfw\MonMid.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.4]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
[PID: 1820 / Administrator][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.17]
    [C:\WINDOWS\system32\ozfyebyt.dll]  [N/A, ]
    [C:\WINDOWS\system32\opshbbty.dll]  [N/A, ]
    [C:\WINDOWS\system32\oohxdbyt.dll]  [N/A, ]
    [C:\WINDOWS\system32\mnmhgsrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\zxmscwin.dll]  [N/A, ]
    [C:\WINDOWS\system32\ypdjfbmp.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapmy.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapcb.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimaptl.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimappt.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapjr.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapwl.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapzx.dll]  [N/A, ]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
[PID: 1908 / Administrator][c:\program files\rising\rfw\RfwMain.exe]  [Beijing Rising Technology Co., Ltd., 7.0.1.65]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [c:\program files\rising\rfw\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 88]
    [C:\Program Files\Rising\Rfw\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [c:\program files\rising\rfw\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [c:\program files\rising\rfw\RSAPPMGR.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
    [c:\program files\rising\rfw\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.16]
    [c:\program files\rising\rfw\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [c:\program files\rising\rfw\RfwCtrl.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.7]
    [c:\program files\rising\rfw\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 0]
    [c:\program files\rising\rfw\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [c:\program files\rising\rfw\RfwRule.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.13]
    [C:\WINDOWS\system32\midimapzx.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapwl.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapjr.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimappt.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimaptl.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapcb.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapmy.dll]  [N/A, ]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
[PID: 1988 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
[PID: 572 / Administrator][C:\WINDOWS\SOUNDMAN.EXE]  [Realtek Semiconductor Corp., 5, 1, 0, 52]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\WINDOWS\system32\midimapzx.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapwl.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapjr.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimappt.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimaptl.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapcb.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapmy.dll]  [N/A, ]
[PID: 588 / Administrator][C:\Program Files\Rising\KakaToolBar\runiep.exe]  [Beijing Rising Technology Co., Ltd., 5.0.0.16]
    [C:\Program Files\Rising\KakaToolBar\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Rising\KakaToolBar\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapzx.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapwl.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapjr.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimappt.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimaptl.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapcb.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapmy.dll]  [N/A, ]
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [C:\WINDOWS\system32\ozfyebyt.dll]  [N/A, ]
    [C:\WINDOWS\system32\opshbbty.dll]  [N/A, ]
    [C:\WINDOWS\system32\oohxdbyt.dll]  [N/A, ]
    [C:\WINDOWS\system32\mnmhgsrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\zxmscwin.dll]  [N/A, ]
    [C:\WINDOWS\system32\ypdjfbmp.dll]  [N/A, ]
[PID: 352 / Administrator][C:\Program Files\Rising\Rav\RavTask.exe]  [Beijing Rising Technology Co., Ltd., 20.0.0.23]
    [C:\Program Files\Rising\Rav\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [C:\Program Files\Rising\Rav\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.16]
    [C:\WINDOWS\system32\midimapzx.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapwl.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapjr.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimappt.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimaptl.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapcb.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapmy.dll]  [N/A, ]
[PID: 676 / Administrator][E:\web讯雷\WebThunder.exe]  [深圳市迅雷网络技术有限公司, 1, 12, 3, 214]
    [E:\web讯雷\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapzx.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapwl.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapjr.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimappt.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimaptl.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapcb.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapmy.dll]  [N/A, ]
    [E:\web讯雷\TaskManager.dll]  [Thunder Networking Technologies,LTD, 1, 3, 1, 56]
    [E:\web讯雷\download_interface.dll]  [Thunder Networking Technologies,LTD, 2, 21, 2, 217]
    [E:\web讯雷\stlport_vc646.dll]  [STLport Consulting, Inc., 4.6.2003.1031]
    [E:\web讯雷\asyn_dns.dll]  [Thunder Networking Technologies,LTD, 2, 21, 2, 217]
    [E:\web讯雷\streammedialib.dll]  [, 1, 3, 2, 124]
    [E:\web讯雷\al.dll]  [, 1, 0, 1, 3]
    [E:\web讯雷\xldc.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 14]
    [E:\web讯雷\bd.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 6]
    [E:\web讯雷\RegisterDll.dll]  [Thunder Networking Technologies,LTD, 2, 16, 5, 63]
    [E:\web讯雷\CacheServer.dll]  [, 1, 0, 0, 1]
    [E:\web讯雷\XLSafe\SafeInfo.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 1, 2]
    [E:\web讯雷\XLSafe\RMFScan.dll]  [N/A, ]
    [E:\web讯雷\XLNet.Dll]  [Thunder Networking Technologies,LTD, 1, 3, 4, 18]
    [E:\web讯雷\DownAndPlay\WebDownAndPlay.dll]  [ShenZhen Thunder Networking Technologies Ltd., 1, 0, 3, 21]
    [E:\web讯雷\XLStatistic\XLStatisticAddin.dll]  [深圳市迅雷网络技术有限公司, 1, 4, 1, 5]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx]  [Adobe Systems, Inc., 9,0,115,0]
[PID: 932 / Administrator][C:\Program Files\Rising\Rav\Ravmon.exe]  [Beijing Rising Technology Co., Ltd., 20.0.01.19]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Rising\Rav\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [C:\Program Files\Rising\Rav\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [C:\Program Files\Rising\Rav\recomp.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 39]
    [C:\Program Files\Rising\Rav\refs.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 17]
    [C:\Program Files\Rising\Rav\viruslib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]
    [C:\Program Files\Rising\Rav\relibldr.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [C:\Program Files\Rising\Rav\RSAPPMGR.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.16]
    [C:\Program Files\Rising\Rav\MonRule.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.29]
    [C:\Program Files\Rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapzx.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapwl.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapjr.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimappt.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimaptl.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapcb.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapmy.dll]  [N/A, ]
    [C:\Program Files\Rising\Rav\Rsguilib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 89]
    [C:\Program Files\Rising\Rav\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 0]
[PID: 1088 / Administrator][C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe]  [Sony Ericsson Mobile Communications AB, 1.1.1.3]

[C:\Program Files\Common Files\Teleca Shared\Telecalib_logging.dll]  [Teleca/Popwire AB, 1, 0, 2, 3]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\Teleca Shared\boost_log-vc71-mt-1_32.dll]  [N/A, ]
    [C:\WINDOWS\system32\MFC71U.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application LauncherLg.dll]  [Sony Ericsson Mobile Communications AB, 1.0.6.1]
    [C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application LauncherBmp.dll]  [Sony Ericsson Mobile Communications AB, 1.0.6.1]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\midimapzx.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapwl.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapjr.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimappt.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimaptl.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapcb.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapmy.dll]  [N/A, ]
    [C:\Program Files\Sony Ericsson\Mobile2\InstSupport\TC Device Mgmt.dll]  [Teleca Software Solutions, 1, 0, 1, 1]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
[PID: 1108 / Administrator][C:\Program Files\Unlocker\UnlockerAssistant.exe]  [N/A, ]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapzx.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapwl.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapjr.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimappt.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimaptl.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapcb.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapmy.dll]  [N/A, ]
[PID: 1180 / Administrator][C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe]  [Popwire AB, 1.2.0.70]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\Teleca Shared\tlib_log.dll]  [Popwire AB, 1, 0, 3, 3]
    [C:\Program Files\Common Files\Teleca Shared\boost_log-vc71-mt-1_33.dll]  [N/A, ]
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapzx.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapwl.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapjr.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimappt.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimaptl.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapcb.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapmy.dll]  [N/A, ]
    [C:\WINDOWS\system32\msxml4.dll]  [Microsoft Corporation, 4.20.9818.0]
[PID: 1324 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 3280 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
[PID: 3296 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapzx.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapwl.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapjr.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimappt.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimaptl.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapcb.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapmy.dll]  [N/A, ]
    [E:\web讯雷\WebThunderBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 75]
    [C:\WINDOWS\system32\opshbbty.dll]  [N/A, ]
    [C:\WINDOWS\system32\ozfyebyt.dll]  [N/A, ]
    [C:\WINDOWS\system32\oohxdbyt.dll]  [N/A, ]
    [C:\WINDOWS\system32\zxmscwin.dll]  [N/A, ]
    [C:\WINDOWS\system32\mnmhgsrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\ypdjfbmp.dll]  [N/A, ]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx]  [Adobe Systems, Inc., 9,0,115,0]
[PID: 3812 / Administrator][C:\Program Files\Common Files\Teleca Shared\Generic.exe]  [Teleca Software Solutions, 1, 0, 3, 2]
    [C:\Program Files\Common Files\Teleca Shared\Telecalib_logging.dll]  [Teleca/Popwire AB, 1, 0, 2, 3]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\Teleca Shared\boost_log-vc71-mt-1_32.dll]  [N/A, ]
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\WINDOWS\system32\msxml4.dll]  [Microsoft Corporation, 4.20.9818.0]
    [C:\Program Files\Sony Ericsson\Mobile2\InstSupport\TC Device Mgmt.dll]  [Teleca Software Solutions, 1, 0, 1, 1]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapzx.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapwl.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapjr.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimappt.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimaptl.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapcb.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapmy.dll]  [N/A, ]
    [C:\Program Files\Sony Ericsson\Mobile2\Device Manager\SpecificMPM.dll]  [SonyEricsson, 1, 0, 2, 1]
    [C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\anubisps.dll]  [N/A, ]
    [C:\Program Files\Common Files\Teleca Shared\SpecificUSB.dll]  [Popwire AB, 1, 2, 1, 1]
    [C:\Program Files\Common Files\Teleca Shared\tlib_log.dll]  [Popwire AB, 1, 0, 3, 3]
    [C:\Program Files\Common Files\Teleca Shared\boost_log-vc71-mt-1_33.dll]  [N/A, ]
[PID: 3912 / Administrator][C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe]  [Sony Ericsson Mobile Communications AB, 1, 2, 0,1190]
    [C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\ShowMfcDialog.dll]  [Sony Ericsson Mobile Communications AB, 1, 0, 0,122]
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapzx.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapwl.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapjr.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimappt.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimaptl.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapcb.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapmy.dll]  [N/A, ]
    [C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\anubisps.dll]  [N/A, ]
    [C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\cellphone_object.dll]  [Sony Ericsson Mobile Communications AB, 1, 0, 0,1194]
    [C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\ecsmoddata.dll]  [Sony Ericsson Mobile Communications AB, 1, 2, 0,309]
    [C:\WINDOWS\system32\msxml4.dll]  [Microsoft Corporation, 4.20.9818.0]
    [C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\Capires0804.DLL]  [Popwire AB, 1, 0, 0,2018]
    [C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\msmeirsock_object.dll]  [Sony Ericsson Mobile Communications AB, 1, 0, 0,946]
    [C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\ms98irsock_object.dll]  [Sony Ericsson Mobile Communications AB, 1, 0, 0,991]
    [C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\msirsock_object.dll]  [Sony Ericsson Mobile Communications AB, 1, 0, 0,1003]
    [C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\cabmain.dll]  [Sony Ericsson Mobile Communications AB, 1, 0, 0,1226]
[PID: 4052 / Administrator][C:\Program Files\锐捷网络\Ruijie Supplicant\8021x.exe]  [锐捷网络, 3, 2, 0, 0]
    [C:\WINDOWS\system32\W32N50.dll]  [Printing Communications Assoc., Inc. (PCAUSA), 5.03.16.54]
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapzx.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapwl.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapjr.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimappt.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimaptl.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapcb.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapmy.dll]  [N/A, ]
    [C:\PROGRA~1\锐捷网络\RUIJIE~1\EXRGPA~1.OCX]  [锐捷网络, 1, 0, 0, 1]
    [C:\PROGRA~1\锐捷网络\RUIJIE~1\HIDetect.dll]  [锐捷网络, 1, 0, 0, 1]
    [C:\PROGRA~1\锐捷网络\RUIJIE~1\Vx_API.dll]  [锐捷网络, 1, 0, 0, 1]
    [C:\WINDOWS\system32\ozfyebyt.dll]  [N/A, ]
    [C:\WINDOWS\system32\opshbbty.dll]  [N/A, ]
    [C:\WINDOWS\system32\oohxdbyt.dll]  [N/A, ]
    [C:\WINDOWS\system32\mnmhgsrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\zxmscwin.dll]  [N/A, ]
    [C:\WINDOWS\system32\ypdjfbmp.dll]  [N/A, ]
[PID: 2424 / Administrator][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapzx.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapwl.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapjr.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimappt.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimaptl.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapcb.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapmy.dll]  [N/A, ]
[PID: 2892 / Administrator][F:\Xunlei\sreng2\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapzx.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapwl.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapjr.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimappt.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimaptl.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapcb.dll]  [N/A, ]
    [C:\WINDOWS\system32\midimapmy.dll]  [N/A, ]
    [F:\Xunlei\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1      localhost
0.0.0.0 182838.com
0.0.0.0 204.177.92.68
0.0.0.0 asiafriendfinder.com
0.0.0.0 asqin123.51.net
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 music.v111.com
0.0.0.0 www.jpbeauty.com
0.0.0.0 beautishow.com
0.0.0.0 goodmovies88.com
0.0.0.0 hothack.home.chinaren.com
0.0.0.0 hualiao.net
0.0.0.0 iplus.allyes.com
0.0.0.0 jjkafei.longcity.net
0.0.0.0 kaomm.8m.cn
0.0.0.0 l3iaoliao.com
0.0.0.0 lingaonbvm.myrice.com
0.0.0.0 lovejava.boy.net.cn
0.0.0.0 love7liao.com
0.0.0.0 asqin123.51.net
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 jjkafei.longcity.net
0.0.0.0 kaomm.8m.cn
0.0.0.0 l3iaoliao.com
0.0.0.0 l3iaoliao.com
0.0.0.0 lingaonbvm.myrice.com
0.0.0.0 lovejava.boy.net.cn
0.0.0.0 love7liao.com
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 music.v111.com
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 jjkafei.longcity.net
0.0.0.0 kaomm.8m.cn
0.0.0.0 l3iaoliao.com
0.0.0.0 l3iaoliao.com
0.0.0.0 lingaonbvm.myrice.com
0.0.0.0 lovejava.boy.net.cn
0.0.0.0 love7liao.com
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 music.v111.com
219.153.32.215 auto.search.msn.com
==================================
进程特权扫描
特殊特权被允许： SeDebugPrivilege [PID = 588, C:\PROGRAM FILES\RISING\KAKATOOLBAR\RUNIEP.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 588, C:\PROGRAM FILES\RISING\KAKATOOLBAR\RUNIEP.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 1088, C:\PROGRAM FILES\SONY ERICSSON\MOBILE2\APPLICATION LAUNCHER\APPLICATION LAUNCHER.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1088, C:\PROGRAM FILES\SONY ERICSSON\MOBILE2\APPLICATION LAUNCHER\APPLICATION LAUNCHER.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 1108, C:\PROGRAM FILES\UNLOCKER\UNLOCKERASSISTANT.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1108, C:\PROGRAM FILES\UNLOCKER\UNLOCKERASSISTANT.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 1180, C:\PROGRAM FILES\COMMON FILES\TELECA SHARED\CAPABILITYMANAGER.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1180, C:\PROGRAM FILES\COMMON FILES\TELECA SHARED\CAPABILITYMANAGER.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 3812, C:\PROGRAM FILES\COMMON FILES\TELECA SHARED\GENERIC.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 3812, C:\PROGRAM FILES\COMMON FILES\TELECA SHARED\GENERIC.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 3912, C:\PROGRAM FILES\SONY ERICSSON\MOBILE2\MOBILE PHONE MONITOR\EPMWORKER.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 3912, C:\PROGRAM FILES\SONY ERICSSON\MOBILE2\MOBILE PHONE MONITOR\EPMWORKER.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 4052, C:\PROGRAM FILES\锐捷网络\RUIJIE SUPPLICANT\8021X.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 4052, C:\PROGRAM FILES\锐捷网络\RUIJIE SUPPLICANT\8021X.EXE]
==================================
API HOOK
入口点错误：NtCreateFile (危险等级: 高,  被下面模块所HOOK: 0x003D4355)
入口点错误：NtWriteFile (危险等级: 高,  被下面模块所HOOK: 0x003D43F5)
入口点错误：ZwCreateFile (危险等级: 高,  被下面模块所HOOK: 0x003D4355)
入口点错误：ZwWriteFile (危险等级: 高,  被下面模块所HOOK: 0x003D43F5)
入口点错误：CreateProcessA (危险等级: 高,  被下面模块所HOOK: 0x00F91FFD)
入口点错误：CreateProcessW (危险等级: 高,  被下面模块所HOOK: 0x00F920E5)
==================================
隐藏进程
N/A
==================================

[/CODE]

谢谢楼上斑竹大哥.
我按照你的方法处理了.但是瑞星杀软依旧在运行时出现那个应用程序出错情况.依旧红伞.
...尴尬.我厚颜再扫描了一次.发了日志.希望能再费心稍看一下~.
真的，不胜感激..