我爱电脑技术论坛 » 有问必答(520知道) » 系统问题，急急急

yvhk123 发表于 2008-6-5 21:31

系统问题，急急急

请诸位高手帮我看看系统是那里出错了！~~[code]
.@2J#Lz R1{ 5h
k2j&I[C+k}x
2000-06-05,15:23:43
5YG-a'o2{i'^(mA Dc&yd6TU
System Repair Engineer 2.5.16.900 Emergency Scan Mode
(\@%O
~'p|$~#u'J Smallfrogs (http://www.KZTechs.com)
%zjC$n$N o E!d | 0a_B%Ps.C;~'W
Windows XP Professional Service Pack 2 (Build 2600)
yq{#y{!xIq
MH_&CKD[0rq 以下内容被选中：`"h^e0R
    所有的启动项目（包括注册表、启动文件夹、服务等）5j/vN3{4{#e
    浏览器加载项
5c1n6u Y$s8j     正在运行的进程（包括进程模块信息）1G j6cl-j8t$U
    文件关联a1e;F'y6IN g;l7D
    Winsock 提供者$p#l%l'w1En
    Autorun.inf"Gk2U+x$jN^i
    HOSTS 文件i5D"B9w RM/\CD
    进程特权扫描sB+i8z}U


F6S+b"sb-wEA
+A U
K7dG)rt.l "Vn,r*?s9^2LRnaH
启动项目
`6Ox(ZmU
M_9y 注册表2Qb
O
AhZ#b
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
d&K3yl
|Cs Fkk     <Picasa Media Detector><C:\Program Files\Picasa2\PicasaMediaDetector.exe>  [(Verified)Google Inc.],I$R3i"H2jW1F
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
d7[E6m9gz(X     <switch><c:\windows\system32\壁纸自动换.exe>  []
v;nBt4w9H
WG     <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
C"n(V8\*?^(j     <nwiz><nwiz.exe /install>  []
{4v!zG0Z/q     <NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit>  [(Verified)Microsoft Windows Publisher]0I^z.Y/ru9K ZK'v
    <Cmaudio><RunDll32 cmicnfg.cpl,CMICtrlWnd>  [N/A]
[TXqG     <runeip><"C:\Program Files\Rising\AntiSpyware\runiep.exe" /startup>  [Beijing Rising Technology Co., Ltd.]Vzj.rl%G$fQLD
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [(Verified)Beijing Rising Science and Technology Corporation Limited]6EfuSu#v"}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]G2V{:Ycic"d'b
    <KKDelay><C:\Program Files\Rising\AntiSpyware\RunOnce.exe>  [Beijing Rising Technology Co., Ltd.]
} i"UF)Y;fMY [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon](cAmE2~:z6HO5Rn `
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]$H}%LMc4b
?Q)i
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
#Po#s%V4L [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]a$}sC#[KQ!^`
    <AppInit_DLLs><tisqatyu.dll,nhmxcjkl.dll,ieprot.dll>  [N/A]jk;wb%m!D'^g2g)v:o
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
!K7V&L$O ueW     <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
HU*pA8E~ Up [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]8w([Dx9r5w{+G#v
    <{6C8D1401-A58D-A81C-CD24-A5915C4517C6}><C:\WINDOWS\system32\mnmhfsrv.dll>  [N/A]8{$ADr&K LWG/R-L
    <{50940F85-F015-14F1-A05F-F69858AC6D05}><C:\WINDOWS\system32\zptlcsys.dll>  [N/A]
D/y$uD%l5Y%OB     <{6A041F13-A111-12A3-B0CF-F99818AA68A6}><C:\WINDOWS\system32\zxmscwin.dll>  [N/A]
aY1u1[.H@e     <{4F4F0064-71E0-4f0d-0015-708476C7815F}><C:\WINDOWS\system32\midimapmy.dll>  [N/A]cJ.vP.RaENn
    <{4C648541-1025-9650-9057-6541258720C4}><C:\WINDOWS\system32\mndhddwd.dll>  [N/A]#?q o"ZX&~t
T R
    <{4F4F0064-71E0-4f0d-0018-708476C7815F}><C:\WINDOWS\system32\midimapwd.dll>  [N/A]n%N0CY;UQw*k#A2P]
    <{4F4F0064-71E0-4f0d-0023-708476C7815F}><C:\WINDOWS\system32\midimapcq.dll>  [N/A]
'y
W)TD6p     <{35671234-7890-ABCD-CDEF-567801237653}><C:\WINDOWS\system32\yxcschlp.dll>  [N/A]W3Z)csO2Aw
h
    <{9A59145F-315D-BC23-AC1F-145DF81A34A9}><C:\WINDOWS\system32\zyzxiime.dll>  [N/A] WwI[a
q
    <{3A698102-5904-AFD0-20DF-CD1A65829CA3}><C:\WINDOWS\system32\zycbcime.dll>  [N/A]
|"Dv\.v:`)B"}     <{528DF602-9541-A985-210A-984A698C6F25}><C:\WINDOWS\system32\ptjhehlp.dll>  [N/A]U8s[
EeAc/hZ
    <{17DFD111-BF3A-4CB4-ADB0-88FCBFE69821}><C:\WINDOWS\system32\hhrdxd.dll>  [N/A]
"]L9pn,o/XS(I     <{33512378-9874-5641-1025-985420368733}><C:\WINDOWS\system32\oswxcttb.dll>  [N/A]
f!XKXMd     <{1DB3C525-5271-46F7-887A-D4E1ADAA7632}><C:\WINDOWS\system32\hfrdzx.dll>  [N/A]w#{9t\
tT
    <{28EB3777-3E23-4E72-8449-A992D09D24C3}><C:\WINDOWS\system32\zgfdet.dll>  []3]x~)S9E+N$yVos#l
    <{DC3D30AE-0380-4151-8934-EE98A34B0370}><C:\WINDOWS\system32\mfdesy.dll>  []Bw m1w%RF
    <{4F4F0064-71E0-4f0d-0005-708476C7815F}><C:\WINDOWS\system32\midimapzx.dll>  [N/A]%GI7mOl+S
    <{4F4F0064-71E0-4f0d-0022-708476C7815F}><C:\WINDOWS\system32\midimapqn3.dll>  [N/A]^-n cM5N@,|
    <{81954FAC-1023-154F-895A-1458258AD818}><C:\WINDOWS\system32\ypdjfbmp.dll>  [N/A]
%I*i^"]t8To~     <{2D698451-2015-6358-9871-2015987452D2}><C:\WINDOWS\system32\apzhbtde.dll>  [N/A]*sWC1E-~
    <{EB71E0B3-E97D-4D30-8733-E28266467617}><C:\WINDOWS\system32\wyhesm.dll>  [N/A]
9fWI5N
]#Z)J!U     <{841529CB-7F77-4B99-A895-B5441E0D302F}><C:\WINDOWS\system32\jfrwdh.dll>  [N/A]U9|ai8A9E4Qf
t
    <{4F4F0064-71E0-4f0d-0004-708476C7815F}><C:\WINDOWS\system32\midimapwl.dll>  [N/A]
ai!{'[
N'[&x     <{84143967-B645-4BFF-B873-DA1DC886E9A7}><C:\WINDOWS\system32\cedafb.dll>  [N/A]&\w+CI7GO]
    <{CAED0F3B-DF8B-4DBF-BB20-8DFBC3199068}><C:\WINDOWS\system32\jhrcar.dll>  [N/A]
~%y JGQK7F     <{8C41B7F7-3168-400D-A702-0E7EFE0BA304}><C:\WINDOWS\system32\sgrefg.dll>  [N/A] _~I&TT"BY
    <{4A069845-2036-6084-9054-6087502480A4}><C:\WINDOWS\system32\ozfydbyt.dll>  [N/A]
U+UG6S9x     <{18093456-9012-4568-9076-908765467181}><C:\WINDOWS\system32\tisqatyu.dll>  [N/A]
)^;QTu.ctr     <{17AC9076-C898-B098-D098-A18319080971}><C:\WINDOWS\system32\nhmxajkl.dll>  [N/A]
e3{G"r M     <{B29583D8-033A-4B9F-8553-7C5458F3FB8E}><C:\WINDOWS\system32\jdsaex.dll>  [N/A]
~1HN6oUN#~     <{1E51C0FD-EE36-434B-AD2A-FD1FF3731C38}><C:\WINDOWS\system32\wyrsdj.dll>  [N/A]
y*B!w0g_e P     <{19109876-7619-9101-7012-901938475191}><C:\WINDOWS\system32\ietzapaq.dll>  [N/A](P6E#Y:i5T0z!jVUp
    <{4F4F0064-71E0-4f0d-0003-708476C7815F}><C:\WINDOWS\system32\midimapgj.dll>  [N/A]
{ buH&?yA!l5@`~[     <{461D2AB4-29A5-45C2-9134-D52272D3DE38}><C:\WINDOWS\system32\rfdswc.dll>  [N/A] qT$Uw D%A\
    <{7C8D1401-A58D-A81C-CD24-A5915C4517C7}><C:\WINDOWS\system32\mnmhgsrv.dll>  [N/A]/~!A%x#}p0L
    <{4F4F0064-71E0-4f0d-0014-708476C7815F}><C:\WINDOWS\system32\midimapms.dll>  [N/A]
\jH(~ CZB     <{C0595A7E-2E2F-4B34-A83A-019270A0A464}><C:\WINDOWS\system32\tdffdl.dll>  [N/A]5a(K2lr$xRa&u
    <{E8A3B193-77E3-4FB3-986D-F4FA4828BAFC}><C:\WINDOWS\system32\wklsdd.dll>  [N/A]
:bc&RY;yd[     <{4F4F0064-71E0-4f0d-0012-708476C7815F}><C:\WINDOWS\system32\midimapjr.dll>  [N/A]
Q;{
D~R?+L^%C)w
~     <{EA5D4B0E-B8CE-4761-8C7E-5D26369F0EC6}><C:\WINDOWS\system32\fsrgeb.dll>  [N/A]
*e.rXd&c6mRp9`7IV     <{37AC9076-C898-B098-D098-A18319080973}><C:\WINDOWS\system32\nhmxcjkl.dll>  [N/A]1[QA n WY
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Science and Technology Corporation Limited]
(}+_4KVH1_ [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]:P{nY.fH,yr
    <WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll>  [(Verified)Microsoft Windows Component Publisher]+]^BTg!d
    <midimapms><C:\WINDOWS\system32\midimapms.dll>  [N/A]&mm"D"NkWp0f!i(F
    <midimapzx><C:\WINDOWS\system32\midimapzx.dll>  [N/A]
$c.O-X;D MWDKV     <midimapqn3><C:\WINDOWS\system32\midimapqn3.dll>  [N/A]8mX3d7q)h0||B}6Ak{
    <midimapgj><C:\WINDOWS\system32\midimapgj.dll>  [N/A]H"v$BF3u#e pt~Xls
    <midimapwl><C:\WINDOWS\system32\midimapwl.dll>  [N/A] X_x2V!s,q
    <midimapjr><C:\WINDOWS\system32\midimapjr.dll>  [N/A]m}fD7I&R5X
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
'ffe;c8?K!S     <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [N/A]*S6uoyI4A9Gw)k
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] t3q)fyc-hZf%e
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [N/A]Z{6Dp3XsuN7?'Iw
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
cXd8F)p sFb     <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
qm{2]+\MO} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]aaC%F%j {X
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [N/A]
:s\Ea4K6a8W1| [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
:fE,U nE-}?c0T     <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]4a6E c6h4yE5^
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
t,\%S7E&w0JA5A     <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
U3rG&kuN'^ [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
BF|?$t G4Y     <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub>  [(Verified)Microsoft Windows Publisher]h6Iw5{Pl$T3c@`
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
)s)}l+G/q9S#N$B[     <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]kK'z+~4I:V#Y
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360safebox.exe]
t5wL!_rGO7Fd5g)i     <IFEO[360safebox.exe]><TASKMAN.EXE>  [(Verified)Microsoft Windows Publisher]G3We&g3S7]v
\
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwProxy.exe]
c ggm+Jq M     <IFEO[rfwProxy.exe]><TASKMAN.EXE>  [(Verified)Microsoft Windows Publisher]
1v1z/N5D&W [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwstub.exe]2l5VT/`!H1u~.~R:A
}
    <IFEO[rfwstub.exe]><TASKMAN.EXE>  [(Verified)Microsoft Windows Publisher]
SD:[uF"m-r]-?m:z!g [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safeboxTray.exe]2{._Oa F:TM(]
    <IFEO[safeboxTray.exe]><TASKMAN.EXE>  [(Verified)Microsoft Windows Publisher]IK9Q4C l/I(f
[HKEY_CURRENT_USER\Control Panel\Desktop]
V3TEI^+RE     <SCRNSAVE.EXE><C:\WINDOWS\system32\梦幻水~1.SCR>  []o+a5NPQw
,PulRk;M

#mpO,yAbo/_ ==================================
#dl5P;Pr 启动文件夹*{B&`UvuK/Af*BKt(DA
[office]
hM zo2wC7\3|   <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\office.lnk --> C:\WINDOWS\system\sgcxcxxaspf080604.exe [N/A]><N>
%U f!l:mXe%[ [腾讯QQ]p!H(Tx*|R
  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\腾讯QQ.lnk --> D:\PROGRA~1\QQ2007\QQ.exe [TENCENT]><N>|c*E3g!q;XuAP
CLhZ6EL
R;m8Fvze4{a
==================================$o2G`9P!Q Cu
服务K6iZ:S
zg~)|/a
[Google Updater Service / gusvc][Stopped/Manual Start]
d;_R|7e(aRz   <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>0BA
UM![)N
[Human Interface Device Access / HidServ][Stopped/Disabled]
:up;mF!a,m
x2eQ,a   <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
?
c+E Df-g`2gf [NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
!sn~6rMj4a F   <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>L9S:JN\X%r
[Qvod Terminal / Qvod Terminal][Running/Auto Start]
&l%s-|,D\   <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>
^#`
P c^ [Rising Process Communication Center / RsCCenter][Running/Auto Start]nb/l_.D;o]3F
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
'ZUvRV0l$e)T [Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
7x6lf,Q#m(vf\4{*J   <"C:\PROGRAM FILES\RISING\RAV\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
V[7fR+X%HiL
,b)q,~G _2b'pz
*{(u$OR(wI:E$oxsK4|? ==================================
"\7d'~@*j:d 驱动程序
2UkgH)u-gFH7S3l6` [11b73e88efc8a90a / 11b73e88efc8a90a][Stopped/Manual Start]
-@,?1l.q:Q$D~   <\??\C:\11b73e88efc8a90a.dat><N/A>
}+x:G5p||1EN [9sk / 9sky][Stopped/Boot Start]%p3EJ?2_A_
  <\SystemRoot\System32\DRIVERS\9sky.sys><>
IUF.Xv&qO dNC [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]/aY%MC|3R U
  <system32\drivers\ac97intc.sys><Intel Corporation>
yF]R0R6b)N1U)c [AliIde / AliIde][Running/Boot Start]
:P&eW8c$c   <\SystemRoot\System32\DRIVERS\aliide.sys><Acer Laboratories Inc.>d2{,g(N2[~
[AMD K8 Processor Driver / AmdK8][Stopped/Manual Start]
%cu4N!S
SrJ1V   <System32\DRIVERS\amdk8.sys><Advanced Micro Devices>^_,w|!L:Ja q7M
[CmdIde / CmdIde][Running/Boot Start]bE ~4n/{]2s"g
  <\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
r}w#sbM\'jj
[C-Media WDM Audio Interface / cmuda][Running/Manual Start]NO5ls5c @
  <system32\drivers\cmuda.sys><C-Media Inc>
$Pw5Iy,?
` [f48803ccb2dec8c3 / f48803ccb2dec8c3][Stopped/Manual Start]

T ZP4W1Do   <\??\C:\f48803ccb2dec8c3.dat><N/A>*b+O1u7W ?b
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
J flw!mB%S   <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>4d,vl b4Y(yNr.k |
[VIA Rhine Family Fast Ethernet Adapter Driver Service / FETNDISB][Stopped/Manual Start]
%|*tF@!EA9T/k|,G   <system32\DRIVERS\fetnd5b.sys><VIA Technologies, Inc.>] Guc4T'p_
[HookCont / HookCont][Running/System Start]:{Q&wKk
  <\SystemRoot\system32\drivers\HookCont.sys><Beijing Rising Technology Co., Ltd>!HQ$n2t-e
U
[HookNtos / HookNtos][Running/System Start],aF;{!O`k:XJt
  <\SystemRoot\system32\drivers\HookNtos.sys><Beijing Rising Technology Co., Ltd>"X v2}cI
k
[HookReg / HookReg][Running/System Start]
(i*Jc%EEV A   <\SystemRoot\system32\drivers\HookReg.sys><Beijing Rising Technology Co., Ltd>|a ~ O WC/}
[HookSys / HookSys][Running/System Start]
xf4E q'y D6RX!N   <\SystemRoot\system32\drivers\HookSys.sys><Beijing Rising Technology Co., Ltd>{8_h}$pgNm
[IIS Manager  / IIS Manager ][Stopped/Manual Start]
w4l8Q8n m n:S   <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1.tmp><N/A>~,ZCaP|+S*A
[npkcrypt / npkcrypt][Stopped/Auto Start]7f E&~0R4_3{\
  <\??\C:\Program Files\QQ2006\npkcrypt.sys><N/A>
5v9E;c#N)E v [nq8bz5jd / nq8bz5jd][Stopped/Boot Start]
vg$LRG+@0Z9lPBO   <\SystemRoot\system32\drivers\nq8bz5jd.sys><N/A>
#P
V"c:k%Lk$E0]A
e2Y [nv / nv][Running/Manual Start]6m)s+Es`9_
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>$|k\ x#Eb
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
hT1HUMX/]\   <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
s%U"nhg#A7e
[PxHelp20 / PxHelp20][Running/Boot Start]4iEVqek
  <\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>7wc7~1Z^'\
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
DWVXb}5w7O   <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising Technology Co., Ltd.>
Sw_ Pq4J [RsNTGDI / RsNTGDI][Running/Boot Start]kW-e)Dst7]6V
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
3{E.I{%t~9G [Realtek 10/100/1000 PCI NIC Family NDIS XP Driver / RTL8023xp][Running/Manual Start]1wDgy~'dp
  <system32\DRIVERS\Rtnicxp.sys><Realtek Semiconductor Corporation>(i
Byv-E_
[Secdrv / Secdrv][Stopped/Manual Start]
#lSqkC6kIx   <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
(W0`Z\0w#D J7MNp [stqnll / stqnll][Stopped/Manual Start]
/i/m r W@ra#F0y   <\??\C:\WINDOWS\system32\stqnll><N/A>
b-kij(K/SuJ'Y9X [VIA AGP Filter / viaagp1][Running/Boot Start]vP,t'r&~ g
  <\SystemRoot\system32\DRIVERS\viaagp1.sys><VIA Technologies, Inc.>|z.`n`S2n
X N
[ViaIde / ViaIde][Running/Boot Start]S#vgFr:aebgf
  <\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>
&eI@ VBc)],x;x-c [viamraid / viamraid][Running/Boot Start]
;DEX{
d2C n+O,C,p'Ec   <\SystemRoot\system32\DRIVERS\viamraid.sys><VIA Technologies inc,.ltd>o
x6q#P\K ~F o4|
[VMware Pointing Device / vmmouse][Running/Manual Start]
d dyZX4eL+Jp:y   <system32\DRIVERS\vmmouse.sys><VMware, Inc.>
e D}$o`4U_L /Y:Z*KU8@d

i xV B7Uy9_l ==================================
s*}4b{8Nq7f8VT7TZs 浏览器加载项
T1vA2RkB,J [ThunderAtOnce Class]
y9t_B+^;OW   {01443AEC-0FD1-40fd-9C87-E93D1494C233} <C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
4O/q[ esX1M []
8yUnV
z   {18093456-9012-4568-9076-908765467181} <C:\WINDOWS\system32\tisqatyu.dll, N/A>5_0gvv:czpp0w6L]-i1c9K
[QQToolbar]
$N;o,b&h'sd:y7f0z/F   {29CF293A-1E7D-4069-9E11-E39698D0AF95} <C:\Program Files\Tencent\QQToolbar\IEBar.dll, TENCENT>%xJZ~Q3d\9kG1j
[]5i^1~X[5L_sE}
  {2D698451-2015-6358-9871-2015987452D2} <C:\WINDOWS\system32\apzhbtde.dll, N/A>wL+nneQ
[]
.s'g'UT4g%`Z j   {33512378-9874-5641-1025-985420368733} <C:\WINDOWS\system32\oswxcttb.dll, N/A>:U R;Ya~T
[]%@`"t3Gb7^_NC
  {35671234-7890-ABCD-CDEF-567801237653} <C:\WINDOWS\system32\yxcschlp.dll, N/A>
3i-V hn x []
Vm,Xk(juA   {37AC9076-C898-B098-D098-A18319080973} <C:\WINDOWS\system32\nhmxcjkl.dll, N/A>
3A^'~S(Q7E*K;`+eP3a$A'Z []
*U
w9Z3^q:]3~   {4C648541-1025-9650-9057-6541258720C4} <C:\WINDOWS\system32\mndhddwd.dll, N/A>wH%i|,I7T8j,j q4ox
[]NU;]*d2Mm yUv
  {7C8D1401-A58D-A81C-CD24-A5915C4517C7} <C:\WINDOWS\system32\mnmhgsrv.dll, N/A>
$x's-lT8YjJm []
C9xD{*U;D;]9H dy#T   {81954FAC-1023-154F-895A-1458258AD818} <C:\WINDOWS\system32\ypdjfbmp.dll, N/A>
`*DMR$`V [Thunder Browser Helper]
,KP$JJP.?`   {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
4v:ryhC'` [浩方对战平台]
S"o@A6X#~4H   {0A155D3C-68E2-4215-A47A-E800A446447A} <D:\浩方\Platform\GameClient.exe, 上海浩方在线信息技术有限公司>
i~2\4E| [快捷工具条3.21]
]r^R[q2c   {BE830FD4-E393-417F-9F4B-CC70ABB3384C} <C:\WINDOWS\system32\IETool.dll, N/A>
NI#~@H!cf1w2U2H\ [QQToolbar]GCk ju? RU
  {29CF293A-1E7D-4069-9E11-E39698D0AF95} <C:\Program Files\Tencent\QQToolbar\IEBar.dll, TENCENT>!j
H OT|&Z;tw V2F
[ThunderAtOnce Class]
I@(H^+CA xsq"g
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
6m]-j.C/u;o` Mu []G1J)XS$W9w0w
  {18093456-9012-4568-9076-908765467181} <C:\WINDOWS\system32\tisqatyu.dll, N/A>
$P]4toN5Fb7~Z [Windows Media Player]
;t|4t1R'Yl   {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>&Pj@"W,]D},W8N#h_
[QQToolbar]
.@\%D(rt w%u0@-E0F   {29CF293A-1E7D-4069-9E11-E39698D0AF95} <C:\Program Files\Tencent\QQToolbar\IEBar.dll, TENCENT>
F\M5@]F/A+v []
C%R[J*DL(u   {2D698451-2015-6358-9871-2015987452D2} <C:\WINDOWS\system32\apzhbtde.dll, N/A>
&l4\iZ
i#rm []g^ O J.C
D K0sr
  {33512378-9874-5641-1025-985420368733} <C:\WINDOWS\system32\oswxcttb.dll, N/A>
FgqFy"S9P6` _"e [])k-Nmz4l&m'i
  {35671234-7890-ABCD-CDEF-567801237653} <C:\WINDOWS\system32\yxcschlp.dll, N/A>
O/`t6e*H*pj/o'] []
T\ }U%h%E+F,z   {37AC9076-C898-B098-D098-A18319080973} <C:\WINDOWS\system32\nhmxcjkl.dll, N/A>
w&t8^'?9k.e!h0j [Thunder Agent Class]
(~tIRb+z   {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <C:\Program Files\Thunder\ComDlls\ThunderAgent_Now.dll, Thunder Networking Technologies,LTD>
uuq`cUb'D:S []Q6\l[bmS|_
a
  {4C648541-1025-9650-9057-6541258720C4} <C:\WINDOWS\system32\mndhddwd.dll, N/A>
Sz2en2zh
_ H3}Q [Windows Media Player];GY&cgIc/Cm
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>U0rr1~-F/H6}j
[]
!_d9STwq_`%?,m   {7C8D1401-A58D-A81C-CD24-A5915C4517C7} <C:\WINDOWS\system32\mnmhgsrv.dll, N/A>
T-x$I&se4p|4i
[]
"m
Jf`V&qS   {81954FAC-1023-154F-895A-1458258AD818} <C:\WINDOWS\system32\ypdjfbmp.dll, N/A>
uknK c [NeoPlayer Class]O2KEE3R$? z&u|)IO k"E
  {881DD649-257D-4683-91CA-3AB5EE5C1DBC} <C:\PROGRA~1\hnnn\NEOPLU~2.DLL, >u8H*B u^ d%wF;r
[Thunder Browser Helper]}N }KV-] hB\
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
j D'd8J My [RavOnline Class];?2PL0?{)z W
  {9FAFB576-6933-4CCC-AB3D-B988EC43D04E} <C:\WINDOWS\Downloaded Program Files\RavOLCtl.dll, Beijing Rising Technology Co., Ltd.>
3BRJj:h"xDu7x [快捷工具条3.21]
2c_z:~2b.W1r   {BE830FD4-E393-417F-9F4B-CC70ABB3384C} <C:\WINDOWS\system32\IETool.dll, N/A>7V:FQ X
R/e,NMj*Y
[Shockwave Flash Object]
jn"bd/T7HY5|   {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx, Adobe Systems, Inc.>
Sm(};x&i4P'F f [QvodCtrl Class]
&]]{'V%^4w#E E'df   {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>{ @(I*TUQ1B t
[&使用超级旋风下载]
Y9S6L
|? ~2K4Q$j   <D:\旋风\geturl.htm, N/A>
~,|L0A/@)~kg [&使用超级旋风下载全部链接]
n+fBD^I&E   <D:\旋风\getAllurl.htm, N/A>
SI2j|!av [使用迅雷下载];r%M/\o8dI
  <C:\Program Files\Thunder\Program\geturl.htm, N/A>4|3X.t](y!N
ZU
[使用迅雷下载全部链接]
FP ShN,C;Zp d   <C:\Program Files\Thunder\Program\getallurl.htm, N/A>3F/q*M/j*K5|
[导出到 Microsoft Office Excel(&X)] {T-V k4V1`}
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
0I$R&Pw:L{P!U [添加到QQ表情]
3n N1V wk/t G8T   <D:\Program Files\QQ2007\AddEmotion.htm, N/A>
*t O/F
k,['p^0N;} _?0@-V#x6_z

Jjk~]XS4] ==================================
w$Yv;nz1t/S.T#a 正在运行的进程Cq
tZ&w"c{
[PID: 432 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6w O?],M
F0B6@
[PID: 516 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]p1hE|h3d
    [F:\M01\GameGuard\npggNT.des]  [INCA Internet Co., Ltd., 2007, 8, 7, 1]
5A!m/c^7cnS8w [PID: 540 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
5TFb]^     [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
s,_!{_.U'g!pt     [F:\M01\GameGuard\npggNT.des]  [INCA Internet Co., Ltd., 2007, 8, 7, 1]sTT&|b"`6K&G-o
[PID: 588 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] n7j|8wHJ1Do
    [F:\M01\GameGuard\npggNT.des]  [INCA Internet Co., Ltd., 2007, 8, 7, 1]
`L:|!{X{,Z0i| [PID: 600 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
d1^9UQDF!}_5p     [F:\M01\GameGuard\npggNT.des]  [INCA Internet Co., Ltd., 2007, 8, 7, 1]
m(@h
T#c#r6U [PID: 744 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
9w~ P`
xz(n3N*}"\&s     [F:\M01\GameGuard\npggNT.des]  [INCA Internet Co., Ltd., 2007, 8, 7, 1]![.Gxm1e1P^F
[PID: 804 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
*E Y)x'_!K0g}     [F:\M01\GameGuard\npggNT.des]  [INCA Internet Co., Ltd., 2007, 8, 7, 1]
BIrk%@)] [PID: 844 / SYSTEM][C:\Program Files\Rising\Rav\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 20.0.0.28]6Ak4I%P/Q6R8L^
    [F:\M01\GameGuard\npggNT.des]  [INCA Internet Co., Ltd., 2007, 8, 7, 1]
| e(h1i5LP [PID: 904 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]-Q+@\ qrF
    [F:\M01\GameGuard\npggNT.des]  [INCA Internet Co., Ltd., 2007, 8, 7, 1]7}1T*w[;e Ur Q!{w
[PID: 964 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]ELX @C[+n
    [F:\M01\GameGuard\npggNT.des]  [INCA Internet Co., Ltd., 2007, 8, 7, 1]kxS2g3d,n/J
[PID: 1028 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]z:P/SOFK+^
    [F:\M01\GameGuard\npggNT.des]  [INCA Internet Co., Ltd., 2007, 8, 7, 1]EUgS*}x
[PID: 1252 / Administrator][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]6}&xpf)qw8a`
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
3yc2NBFrP     [c:\documents and settings\administrator\application data\ppstream\bin\1.0.0.2\vodrc.dll]  [ppstream.com, 1.0.0.2]
pL_9p!S     [C:\WINDOWS\system32\zgfdet.dll]  [N/A, ]r)m)ZJT&oO8t:iR.G7a
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]6nI"t;q)s A]B
    [C:\WINDOWS\system32\cedafb.dll]  [N/A, ]
lfh%Cv-v"J     [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.17]w4CRCv
    [C:\WINDOWS\system32\nvshell.dll]  [, ],X-li1bt(UFlin%z
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
'}+B"kJPG]{\Z     [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
uSv,f]5i5jB)S+E+q     [D:\Program Files\QQ2007\qdshm.dll]  [, 1, 0, 101, 20],[0Vsts
    [F:\M01\GameGuard\npggNT.des]  [INCA Internet Co., Ltd., 2007, 8, 7, 1]1u:OF"qT-ia5]{
    [C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.15]
Q%C*[ ^^X$NT     [C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 18]/F unP!Vt @R5b4J
[PID: 1304 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]qt5{M'HvW
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]?lDQ gI#x(oTw
    [F:\M01\GameGuard\npggNT.des]  [INCA Internet Co., Ltd., 2007, 8, 7, 1]
-s4A0QE\0a
u]@ [PID: 1540 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.10.9136]&Ll&ta~ZbQR
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]5cbTVw
    [F:\M01\GameGuard\npggNT.des]  [INCA Internet Co., Ltd., 2007, 8, 7, 1])HD'm4A x/u9{ mh
[PID: 1584 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe]  [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]5KZ$Do.d
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
j+D3}"T5y(N1ZN ~     [F:\M01\GameGuard\npggNT.des]  [INCA Internet Co., Ltd., 2007, 8, 7, 1]
#|$vmx d^r.z [PID: 304 / Administrator][C:\WINDOWS\system32\RUNDLL32.EXE]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
t"O"~g(E     [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]y.xjD }BAY
    [C:\WINDOWS\system32\NvMcTray.dll]  [NVIDIA Corporation, 6.14.10.9136]
|B/dM!qn8yc-W     [C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.9136]%zp hFz,X
    [C:\WINDOWS\system32\cedafb.dll]  [N/A, ]
Drj"sYE'b@     [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]{)\b4U*Ea%O*Tm
W
    [C:\WINDOWS\system32\zgfdet.dll]  [N/A, ]m/O`]V_'mz
    [F:\M01\GameGuard\npggNT.des]  [INCA Internet Co., Ltd., 2007, 8, 7, 1]
$k!X,Spz TmUjRq$h/} [PID: 464 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]| I(w Lh*Q8\4a-?
    [C:\WINDOWS\System32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]y-O+|XZ0bh2Z
    [F:\M01\GameGuard\npggNT.des]  [INCA Internet Co., Ltd., 2007, 8, 7, 1]} f/|
D$T{8h[
[PID: 992 / Administrator][C:\WINDOWS\system32\RunDll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]&q&X6L-o#t1?o&^
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
wR$Q5G1RI+B5Y     [C:\WINDOWS\system\cmicnfg.cpl]  [C-Media Corporation, 1, 0, 41, 16]Ui7[
^nld/Wz
    [C:\WINDOWS\System32\udaprop.dll]  [C-Media Corporation, 1.0.2.2]
G/D:H'w DZ     [C:\WINDOWS\system32\cedafb.dll]  [N/A, ]O}$S*x'o
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
X;B4K:RC     [C:\WINDOWS\system32\zgfdet.dll]  [N/A, ]
:B p.k(xn     [F:\M01\GameGuard\npggNT.des]  [INCA Internet Co., Ltd., 2007, 8, 7, 1]
3j9D,wI Iw1kY [PID: 880 / Administrator][C:\Program Files\Rising\AntiSpyware\runiep.exe]  [Beijing Rising Technology Co., Ltd., 5.0.0.16]hAvF ?7]6y4LHdO
    [C:\Program Files\Rising\AntiSpyware\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]qY
_B*ez(O
    [C:\Program Files\Rising\AntiSpyware\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]fZw6jd_
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]E:V1bRi6rfU
H
    [C:\WINDOWS\system32\cedafb.dll]  [N/A, ];j/t.K7g0J'`.r
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
']zOE7}-c7jA     [C:\WINDOWS\system32\zgfdet.dll]  [N/A, ]
z})D-X vAFX     [F:\M01\GameGuard\npggNT.des]  [INCA Internet Co., Ltd., 2007, 8, 7, 1]
"fC#U:fwnB%A [PID: 1064 / Administrator][C:\Program Files\Rising\Rav\RavTask.exe]  [Beijing Rising Technology Co., Ltd., 20.0.0.23]
p7EHb3}     [C:\Program Files\Rising\Rav\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
5el,L'v:g/ke     [C:\Program Files\Rising\Rav\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]0oF[};_Z6s8A0['?8v
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]M5q#X%Ry#K
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]/i3zNSNB
T B
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.16]
'A#n2_+B%T1~$wCI     [F:\M01\GameGuard\npggNT.des]  [INCA Internet Co., Ltd., 2007, 8, 7, 1]
`N9uI'XQU/i9u)R     [C:\WINDOWS\system32\cedafb.dll]  [N/A, ]
7r1rK {Gv tL     [C:\WINDOWS\system32\zgfdet.dll]  [N/A, ]
y[1w;Y$Gk$g R     [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
"\"Ll0q!]bXl [PID: 1120 / Administrator][C:\Program Files\Picasa2\PicasaMediaDetector.exe]  [Google Inc., 2.7.37.49]
]CL+Xf     [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]5G*`}'v X$nmv
    [C:\WINDOWS\system32\cedafb.dll]  [N/A, ]"?m]1aoS,n
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
\6gEI$Q-^     [C:\WINDOWS\system32\zgfdet.dll]  [N/A, ]
RuXPFz     [F:\M01\GameGuard\npggNT.des]  [INCA Internet Co., Ltd., 2007, 8, 7, 1]
0N tv9d7b&\3~ [PID: 944 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]kN l4Tj*Y
    [F:\M01\GameGuard\npggNT.des]  [INCA Internet Co., Ltd., 2007, 8, 7, 1]
Y5}(L4O6W8Fl [PID: 1232 / SYSTEM][C:\PROGRAM FILES\RISING\RAV\ravmond.exe]  [Beijing Rising Technology Co., Ltd., 20.0.0.76]
x E9IQ@g     [C:\PROGRAM FILES\RISING\RAV\BWList.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.4]JWc#\} MOGs
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
%L(M;o!q7g w'e     [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
D\uI T;Qs,E4_E     [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]j_+f {T2|!j4vc6J
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
d fL
c5BZQ_#d;K5x     [C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
l.\8S.~d|ZD     [C:\PROGRAM FILES\RISING\RAV\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.16]
`
N;{"y[ Wng:{7RG({
WD     [C:\PROGRAM FILES\RISING\RAV\RsLog.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.34]
4c5].[[ f-i     [C:\PROGRAM FILES\RISING\RAV\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]'q'W+D+E4kC3r&f3U
    [C:\PROGRAM FILES\RISING\RAV\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]| ee9\G;FGr:x
    [C:\PROGRAM FILES\RISING\RAV\MonRule.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.29]j5Bot A$X[
    [C:\PROGRAM FILES\RISING\RAV\Hooksys.dll]  [Beijing Rising Technology Co., Ltd, 22, 0, 0, 9]Wa9GY!x/w%H*L?p5g
    [C:\PROGRAM FILES\RISING\RAV\HookReg.dll]  [Beijing Rising Technology Co., Ltd, 22, 0, 0, 4]j;] F6KD\LB*T
    [C:\PROGRAM FILES\RISING\RAV\HookNtos.dll]  [Beijing Rising Technology Co., Ltd, 22, 0, 0, 2]0o u8uCu{*|s
    [C:\PROGRAM FILES\RISING\RAV\rswalmon.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 22]j z(iqsw
    [C:\PROGRAM FILES\RISING\RAV\recomp.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 39]
v/M_.s4@:dc}     [C:\PROGRAM FILES\RISING\RAV\refs.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 17]:_ g3pt(aOwK.h)N
    [C:\PROGRAM FILES\RISING\RAV\ffr.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 14] UF-I'ufdSYuR
    [C:\Program Files\Rising\Rav\RsStore.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.8] Zcy%M5D
    [C:\PROGRAM FILES\RISING\RAV\HookCont.dll]  [Beijing Rising Technology Co., Ltd, 22, 0, 0, 1]5r$|s"L ?9W
    [C:\Program Files\Rising\Rav\fakescan.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.13]'s6P?~Ae!sH
    [C:\Program Files\Rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.36]-nt/_e ~ p)Vo
    [C:\PROGRAM FILES\RISING\RAV\viruslib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]
y(W/O
MBS$uy$dc
    [C:\PROGRAM FILES\RISING\RAV\relibldr.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]Xh
FeT"f9u
    [C:\PROGRAM FILES\RISING\RAV\HookWeb.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.2]^d.ou/]1Aj
    [C:\PROGRAM FILES\RISING\RAV\nvfile.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 6]
#DF/r-S'}P1~     [C:\PROGRAM FILES\RISING\RAV\scanexec.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 17]@+dXi)E
    [C:\PROGRAM FILES\RISING\RAV\unexe.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 5]
7LfEF.v'w%W2D     [C:\PROGRAM FILES\RISING\RAV\scanex.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 75]
$|&@4]~uJj     [C:\PROGRAM FILES\RISING\RAV\pearc.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 5]
T yGj:Jm}     [C:\PROGRAM FILES\RISING\RAV\scanpack.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9]7E"?2K'v.OM-qJ6zpM
    [C:\PROGRAM FILES\RISING\RAV\revm.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 8]
i2P] \G'P     [C:\PROGRAM FILES\RISING\RAV\urutils.dll]  [, 20, 0, 0, 6]"W9e(S^S.f A/B
    [C:\PROGRAM FILES\RISING\RAV\ur000.dat]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 18] w6`G'ta R-p
    [C:\PROGRAM FILES\RISING\RAV\scriptci.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]8F*Nvd yT ?P
    [C:\PROGRAM FILES\RISING\RAV\ur023.dat]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 1]4Y P1l%s R#uD v!z;{){ ~N
    [C:\PROGRAM FILES\RISING\RAV\uroutine.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]\?mB${
    [C:\PROGRAM FILES\RISING\RAV\scansct.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9]T)J'Fz@%Xi.g
    [C:\PROGRAM FILES\RISING\RAV\extfile.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 29]
;Ib N;rg"tf%P     [C:\PROGRAM FILES\RISING\RAV\posttrt.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 21]fVei"fgy I
    [C:\PROGRAM FILES\RISING\RAV\ur001.dat]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
6l8q S#j@_,XcWN     [C:\PROGRAM FILES\RISING\RAV\extmail.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9]dB*k
D luw
[PID: 864 / Administrator][C:\Program Files\Rising\Rav\RAVMON.EXE]  [Beijing Rising Technology Co., Ltd., 20.0.01.19] e0V$F3mD}#R
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
2sZ*B-K%P     [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]9V,\z2[nT/E6]1j
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0];@g'J FlJ?Ot6Y+WJ
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]{M2h _L,M&p
    [C:\Program Files\Rising\Rav\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]nB!K4Uu+Lr
    [C:\Program Files\Rising\Rav\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
d6~*Ud"Z5ZT'Dn     [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]A4Y+S"omU
    [C:\Program Files\Rising\Rav\recomp.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 39].T3zDAL
    [C:\Program Files\Rising\Rav\refs.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 17]g;W*V(s4l(E1V7o
    [C:\Program Files\Rising\Rav\viruslib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]8w}Z0_[ B1C
    [C:\Program Files\Rising\Rav\relibldr.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16],_+Nl!v}1]"t[:]
    [C:\Program Files\Rising\Rav\RSAPPMGR.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
-P5V9tQ;@%Vv     [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.16] SG9u9}0bj2P
    [C:\Program Files\Rising\Rav\MonRule.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.29]-C:dL+n[KwZ&?
    [C:\Program Files\Rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4]
_%u3\F,x     [C:\Program Files\Rising\Rav\Rsguilib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 89]
Q/|q5\4U     [C:\Program Files\Rising\Rav\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 0]
!Zw2i9eV [PID: 3244 / SYSTEM][C:\PROGRAM FILES\RISING\RAV\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 20.0.0.9]#hQdTWt M,x3j
    [C:\PROGRAM FILES\RISING\RAV\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]VP$jM/\:O g#Kt
    [C:\PROGRAM FILES\RISING\RAV\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]x"r:[L+a{S3^
    [C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]C h6nD;^)Z'}?
F8B
[PID: 312 / Administrator][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]z3L!Nz7n1U
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
Qm'u'du)Dt     [c:\documents and settings\administrator\application data\ppstream\bin\1.0.0.2\vodrc.dll]  [ppstream.com, 1.0.0.2]
.Kr'M&Z![!}]'f0V     [C:\Program Files\Tencent\QQToolbar\IEBar.dll]  [TENCENT, 2, 1, 2, 12](l;aW#}.N5tHbjO
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\Toolbar.dll]  [TENCENT, 2, 1, 2, 12] oMK;`KX]Y)fo
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\QQMail.dll]  [TENCENT, 2, 1, 2, 20]B$UQ7J*k
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\Shuqian.dll]  [TENCENT, 2, 1, 1, 12]
$u4l%_hL)u     [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\Wenwen.dll]  [TENCENT, 2, 1, 2, 10]
[P5yo9}oH'A     [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\Weather.dll]  [TENCENT, 2, 1, 1, 13]
Q+qH8E w9@I     [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\PopupBlocker.dll]  [TENCENT, 2, 1, 1, 11]+| ar6Q-~3Pnt7T.q
    [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\HighLight.dll]  [TENCENT, 2, 1, 1, 10]
^ v5f3W6ii_     [C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\QQDoctor.dll]  [TENCENT, 2, 1, 1, 10]w}.fr y}x9x
    [C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.15]UJ*oFb|;WL AaEn
    [C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 18]
O+Uw5?2] q     [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
j7W8cQmj     [C:\WINDOWS\system32\zgfdet.dll]  [N/A, ]8@/I:} DYnL:nD }E
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
+zP],mX,Z.o     [C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx]  [Adobe Systems, Inc., 9,0,47,0]WYL#|kcp
[PID: 2736 / Administrator][E:\系统修复工具\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]&p/\%Q+d
bKG_
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
j^%\ \|     [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]NgQwRB)L
    [C:\WINDOWS\system32\zgfdet.dll]  [N/A, ]
4APHC(Y+Tx7ErU[8Z vB
PEf:[-` 8K"t?)]@f
==================================(p Rt*ly
文件关联
&U'|_-v+w0S5O ^ x3V .TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1](roh[Gms
.EXE  OK. ["%1" %*]1ghH,_E1g
@E
.COM  OK. ["%1" %*]
cQ(n}jo1vM?P0nD .PIF  OK. ["%1" %*]2f0cP {5nI&yB1[
.REG  OK. [regedit.exe "%1"]g,~#C0},t,qwtX$@/n
.BAT  OK. ["%1" %*]
V"D~*gm$D6| .SCR  OK. ["%1" /S]we~}|yr8jn
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
!YuK7I"k"O Dp| .HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
7Pp#vLw!vx$g2k .INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]!d+bT)r$Wx
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]k O7{Y-C_T
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
1z?0@@+R .JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
!u'y a5j1go o&K1Q .LNK  OK. [{00021401-0000-0000-C000-000000000046}]
^ex }|r?[
[4q!c`m|'xri F
3`lD+XE\7rr ==================================
:qW*cU\ Winsock 提供者
.M}%IG7rH:nS N/A+B*@_x4@DA\?
x/feL8e8m%{2[W
==================================
D+l(P.i!\y'F Autorun.inf#Aiw ?:N]|
N/A f-lRsHi

$~yx$_HRop\O~F ==================================8NjLk_Z9ebJ
HOSTS 文件
#h/[\5Z0[ 127.0.0.1       localhost
Viiw"HX3wIY ,\DkI [#n

Z*B~)V%G,d ==================================eIr"]Kp
进程特权扫描
3eN;m2d5Z${8i7x 特殊特权被允许： SeLoadDriverPrivilege [PID = 540, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
BGsaJt[ 特殊特权被允许： SeLoadDriverPrivilege [PID = 880, C:\PROGRAM FILES\RISING\ANTISPYWARE\RUNIEP.EXE]
m9v(c f]8`V
^2RD6n%G,L{Q*I F@Xj+T)u8T
==================================
k@OA%_ API HOOK2`y1oV(@Zj
入口点错误：NtCreateFile (危险等级: 高,  被下面模块所HOOK: 0x003C427D)CW}h2i
`T0kh
入口点错误：NtWriteFile (危险等级: 高,  被下面模块所HOOK: 0x003C431D)$dV8g Cc
入口点错误：ZwCreateFile (危险等级: 高,  被下面模块所HOOK: 0x003C427D)
1\(SvnyB6a9^ a b(mT 入口点错误：ZwWriteFile (危险等级: 高,  被下面模块所HOOK: 0x003C431D)
T@)D"S)OG #m N"AbCIA`8I!u


D/{l;R+t$XD,}F ==================================/o0w ](h,^w1_co6oSX(T
隐藏进程i
i%_"r6vF"jM|
N/AV&i{0v#Ye)H7V/t

(|9^&waT |0w/@n [/code]

447452869 发表于 2008-6-5 22:46

360 诊断？？ 建议去360问题区 询问。。他们看的懂代码。。$xJ {!Nw"j
另外请说明你遇到的问题。。。

查看完整版本: 系统问题，急急急