老杀不完！！！
2007-01-24,00:53:18

System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <MsnMsgr><"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background>  [Microsoft Corporation]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <C-Media Mixer><Mixer.exe /startup>  [(Verified)C-Media Electronic Inc. (www.cmedia.com.tw)]
    <ATICCC><"C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime>  [N/A]
    <ASUS Probe><C:\Program Files\ASUS\Probe\AsusProb.exe>  [N/A]
    <LogitechVideoRepair><C:\Program Files\Logitech\Video\ISStart.exe>  [N/A]
    <WangWang><"C:\Program Files\淘宝网\淘宝旺旺\WangWang.EXE">  [淘宝（中国）软件有限公司]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [N/A]
    <RavTask><"C:\Program Files\rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <Super Rabbit SRRestore><D:\SUPERR~1\IEPro\SRRest.exe /autosave>  [Super Rabbit Soft]
    <RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <StormCodec_Helper><"d:\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>  [N/A]
    <KsgUpdateRun><C:\Program Files\Common Files\kingsoft\KSG\client.exe>  [N/A]
    <NeroFilterCheck><C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe>  [Nero AG]
    <wdfmgr32><C:\WINDOWS\system32\wdfmgr32.exe>  [N/A]
    <CloneCDTray><"d:\SlySoft\CloneCD\CloneCDTray.exe" /s>  [SlySoft, Inc.]
    <Super Rabbit IEPro><D:\Super Rabbit\IEPro\SRIECLI.EXE /load>  [Super Rabbit Soft]
    <XDeskWeather><D:\鱼鱼软件\桌面天气秀\XDeskWeather.exe>  [www.CFishSoft.com]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
    <{5DBEF4E5-A6FF-11E0-9A84-00C04FD8DBD8}><C:\WINDOWS\system32\HDBEF4E5.log>  [N/A]

启动文件夹
N/A

==================================
服务
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
  <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
  <C:\WINDOWS\System32\Ati2evxx.exe><ATI Technologies Inc.>
[ATI Smart / ATI Smart][Stopped/Auto Start]
  <C:\WINDOWS\system32\ati2sgag.exe><>
[COM+ Messages / COM+ Messages][Stopped/Auto Start]
  <"C:\WINDOWS\system32\svchosts.exe" -e te-110-12-0000129><N/A>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[NBService / NBService][Stopped/Manual Start]
  <C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe><Nero AG>
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
  <c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"C:\Program Files\rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
  <"C:\Program Files\rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[Windows Video2 / Windows Video2][Stopped/Auto Start]
  <C:\WINDOWS\system32\msvd2.exe><>
[Windows Media Connect (WMC) / WmcCds][Stopped/Manual Start]
  <c:\program files\windows media connect\mswmccds.exe><Microsoft Corporation>
[Windows Media Connect (WMC) 帮助程序 / WmcCdsLs][Stopped/Manual Start]
  <C:\Program Files\Windows Media Connect\mswmcls.exe><Microsoft Corporation>

==================================
驱动程序
[Adaptec USB 2.0 Enhanced Host Controller Driver / ADPTEHCD][Running/Manual Start]
  <System32\DRIVERS\asusehcd.sys><Asustek Company Inc.>
[AMD AGP Bus Filter Driver / amdagp][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\amdagp.sys><Advanced Micro Devices, Inc.>
[aslm75 / aslm75][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\aslm75.sys><N/A>
[ati2mtag / ati2mtag][Running/Manual Start]
  <System32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[Adaptec USB 2.0 Port Enumeration Driver / AUSBD_FilterService][Running/Manual Start]
  <System32\DRIVERS\asususbd.sys><Asustek Company Inc.>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[Arrowkey Device Access / CDRPDACC][Running/Auto Start]
  <\??\D:\321Studios\Shared\CDRPDACC.SYS><Arrowkey>
[CMBProtector / CMBProtector][Running/Auto Start]
  <\??\C:\WINDOWS\system32\Drivers\CMBProtector.dat><N/A>
[C-Media PCI Audio Driver (WDM) / cmpci][Running/Manual Start]
  <system32\drivers\cmaudio.sys><C-Media Inc>
[ehicdgbb / ehicdgbb][Stopped/System Start]
  <\??\C:\WINDOWS\system32\drivers\ehicdgbb.sys><N/A>
[3Com EtherLink XL 90XB/C Adapter Driver / EL90XBC][Running/Manual Start]
  <System32\DRIVERS\el90xbc5.sys><3Com Corporation>
[ElbyCDFL / ElbyCDFL][Running/Manual Start]
  <System32\Drivers\ElbyCDFL.sys><SlySoft, Inc.>
[ElbyCDIO Driver / ElbyCDIO][Running/Auto Start]
  <System32\Drivers\ElbyCDIO.sys><Elaborate Bytes AG>
[ElbyDelay / ElbyDelay][Running/Manual Start]
  <System32\Drivers\ElbyDelay.sys><Elaborate Bytes AG>
[ExpScaner / ExpScaner][Running/Auto Start]
  <\??\C:\Program Files\rising\Rav\ExpScan.sys><>
[EZWINIT / EZWINIT][Stopped/Auto Start]
  <System32\Drivers\ezwinit.sys><USTC>
[EZWRITER / EZWRITER][Running/Auto Start]
  <System32\Drivers\ezwriter.sys><N/A>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[hbjdjbch / hbjdjbch][Stopped/System Start]
  <\??\C:\WINDOWS\system32\drivers\hbjdjbch.sys><N/A>
[HOOKAPI / HOOKAPI][Stopped/Manual Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\HOOKAPI.SYS><瑞星软件有限公司>
[HookCont / HookCont][Running/Auto Start]
  <\??\C:\Program Files\rising\Rav\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
  <\??\C:\Program Files\rising\Rav\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
  <\??\C:\Program Files\rising\Rav\HookSys.sys><Rising>
[HOOKTDI1 / HOOKTDI1][Running/System Start]
  <\??\C:\Program Files\Rising\Rfw\rfw\tdihook.sys><Beijing Rising Technology Corporation Limited>
[HookUrl / HookUrl][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[IPHOOK / IPHOOK][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rfw\rfw\iphook.sys><Beijing Rising Technology Corporation Limited>
[MEMSCAN / MEMSCAN][Running/Auto Start]
  <\??\C:\Program Files\rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[mProcRs / mProcRs][Running/Auto Start]
  <\??\c:\program files\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[New0 / New0][Running/Auto Start]
  <\??\C:\WINDOWS\System32\new.sys><N/A>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\D:\qq\npkcrypt.sys><INCA Internet Co., Ltd.>
[Low level access layer for CD devices / Pcouffin][Running/Manual Start]
  <System32\Drivers\Pcouffin.sys><VSO Software>
[Padus ASPI Shell / pfc][Running/Manual Start]
  <system32\drivers\pfc.sys><Padus, Inc.>
[Logitech QuickCam Pro 3000(PID_08B0) / PhilCam8116][Running/Manual Start]
  <system32\DRIVERS\CamDrL21.sys><Logitech Inc.>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsFwDrv / RsFwDrv][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
  <\??\C:\Program Files\rising\Rav\RSPPSYS.sys><Rising>
[Secdrv / Secdrv][Running/Auto Start]
  <System32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[Prolific2 Serial port driver / Ser2pl][Running/Manual Start]
  <system32\DRIVERS\ser2pl.sys><Prolific Technology Inc.>
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1][Stopped/Manual Start]
  <system32\DRIVERS\SONYPVU1.SYS><Sony Corporation>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
  <System32\DRIVERS\tcpip.sys><Microsoft Corporation>
[ultra / ultra][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\ultra.sys><Promise Technology, Inc.>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>

浏览器加载项
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <d:\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[快车]
  {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <d:\flashget\FlashGet.exe, FlashGet.com>
[Quick!]
  {4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2C} <C:\PROGRA~1\quickbar\quickbar.dll, >
[快车(FlashGet)]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <d:\flashget\fgiebar.dll, Amaze Soft>
[珊瑚虫 工具栏]
  {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} <C:\Program Files\Infofo Bar\infofobar.dll, 珊瑚虫工作室 泰格工作室>
[金山快译(&K)]
  {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} <D:\Kingsoft\FastAIT 2006\IEBand.dll, 金山软件股份有限公司>
[Bar888]
  {C1B4DEC2-2623-438e-9CA2-C9043AB28508} <C:\PROGRA~1\COMMON~1\{3D3D1~1\Bar888.dll, N/A>
[Edit Class]
  {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINDOWS\system32\CMBEdit.dll, >
[Office Update Installation Engine]
  {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} <C:\WINDOWS\opuc.dll, Microsoft Corporation>
[CEditCtrl Object]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[Edit Class]
  {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINDOWS\system32\CMBEdit.dll, >
[iTrusPTA Class]
  {1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\aliedit\pta.dll, >
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\System32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[Flashget Catch Url Class]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <d:\flashget\jccatch.dll, www.flashget.com>
[BitComet Helper]
  {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <D:\BitComet\tools\BitCometBHO.dll, BitComet>
[HHCtrl Object]
  {41B23C28-488E-4E5C-ACE2-BB0BBABE99E8} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[CEditCtrl Object]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com>
[Quick!]
  {4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2C} <C:\PROGRA~1\quickbar\quickbar.dll, >
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[金山快译(&K)]
  {6C3797D2-3FEF-4CD4-B654-D3AE55B4128C} <D:\Kingsoft\FastAIT 2006\IEBand.dll, 金山软件股份有限公司>
[WangWangObj Class]
  {6E213FC7-DD5A-4115-B7E6-D4C7838C361E} <C:\Program Files\淘宝网\淘宝旺旺\WangWangX4.dll, 阿里软件（中国）有限公司>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\System32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <d:\Thunder Network\Thunder\ComDlls\XunLeiBHO_007.dll, Thunder Networking Technologies,LTD>
[Navigator Class]
  {96FC3938-C6CA-475D-8D3B-45F323A6B62B} <C:\Documents and Settings\All Users\Application Data\Microsoft\Office\NAVDATA\webnav_2031.dll, >
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\System32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\System32\shdocvw.dll, N/A>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[Bar888]
  {C1B4DEC2-2623-438E-9CA2-C9043AB28508} <C:\PROGRA~1\COMMON~1\{3D3D1~1\Bar888.dll, N/A>
[VIDEO__X_MS_ASF Moniker Class]
  {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[Microsoft Agent Control 2.0]
  {D45FD31B-5C6E-11D1-9EC1-00C04FD7081F} <C:\WINDOWS\msagent\agentctl.dll, Microsoft Corporation>
[珊瑚虫 工具栏]
  {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} <C:\Program Files\Infofo Bar\infofobar.dll, 珊瑚虫工作室 泰格工作室>
[快车(FlashGet)]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <d:\flashget\fgiebar.dll, Amaze Soft>
[]
  {E9020D2E-DEC9-4EBE-B38D-E1E6AE13D13F} <C:\WINDOWS\system32\zaipiekudhspv.dll, N/A>
[FlashGet GetFlash Class]
  {F156768E-81EF-470C-9057-481BA8380DBA} <d:\flashget\getflash.dll, www.flashget.com>
[PBActiveX40 Control]
  {F2EB8999-766E-4BF6-AAAD-188D398C0D0B} <C:\WINDOWS\system32\PersonalBankMain.ocx, China Merchants Bank>
[JetCarNetscape Class]
  {FB5DA724-162B-11D3-8B9B-AA70B4B0B524} <d:\flashget\jccatch.dll, www.flashget.com>
[&使用快车(FlashGet)下载]
  <d:\flashget\jc_link.htm, N/A>
[&使用快车(FlashGet)下载全部链接]
  <d:\flashget\jc_all.htm, N/A>
[&使用迅雷下载]
  <d:\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <d:\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[导出到 Microsoft Excel(&x)]
  <res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000, N/A>

正在运行的进程
[PID: 456][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 520][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 544][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Ati2evxx.dll]  [ATI Technologies Inc., 6.14.10.4115]
[PID: 588][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 600][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 756][C:\WINDOWS\System32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4115]
    [C:\WINDOWS\System32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2497]
[PID: 772][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 844][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 912][C:\Program Files\rising\Rav\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 928][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 976][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1060][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1072][C:\Program Files\rising\Rav\Ravmond.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 43]
    [C:\Program Files\rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [C:\Program Files\rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\rising\Rav\rfwctrl.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
    [C:\Program Files\rising\Rav\RsPPsys.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
    [C:\Program Files\rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [C:\Program Files\rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\Program Files\rising\Rav\RsLog.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
    [C:\Program Files\rising\Rav\HOOKSYS.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 0]
    [C:\Program Files\rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 12]
    [C:\Program Files\rising\Rav\libload.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
    [C:\Program Files\rising\Rav\VirusLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [C:\Program Files\rising\Rav\regmon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [C:\Program Files\rising\Rav\HookWeb.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 1]
    [C:\Program Files\rising\Rav\MemMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
    [C:\Program Files\rising\Rav\expscan.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\rising\Rav\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
    [C:\Program Files\rising\Rav\HookCont.dll]  [Rising, 19, 0, 0, 0]
    [C:\Program Files\rising\Rav\SpamEng.dll]  [N/A, 18, 0, 0, 6]
    [C:\Program Files\rising\Rav\engine.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 23]
    [C:\Program Files\rising\Rav\PostTrt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 8]
    [C:\Program Files\rising\Rav\UnExe.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [C:\Program Files\rising\Rav\ScanExec.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
    [C:\Program Files\rising\Rav\ScanEx.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 35]
    [C:\Program Files\rising\Rav\ExtFile.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 25]
    [C:\Program Files\rising\Rav\NvFile.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
    [C:\Program Files\rising\Rav\ScanMac.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 13]
    [C:\Program Files\rising\Rav\ScanSct.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
    [C:\Program Files\rising\Rav\Unpacker.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 17]
    [C:\Program Files\rising\Rav\ScanPack.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
    [C:\Program Files\rising\Rav\RsVM.dll]  [N/A, 19, 0, 0, 15]
    [C:\Program Files\rising\Rav\Uroutine.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 21]
    [C:\Program Files\rising\Rav\ScanNet.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\Program Files\rising\Rav\Uscript.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 18]
    [C:\Program Files\rising\Rav\ExtOLE.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
[PID: 1220][c:\program files\rising\rfw\rfwsrv.exe]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 30]
    [c:\program files\rising\rfw\RfwRule.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 3]
    [c:\program files\rising\rfw\rfwlog.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 2]
    [c:\program files\rising\rfw\Rfwdrv.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 10]
    [c:\program files\rising\rfw\MonDrv.dll]  [rs, 1, 0, 0, 4]
    [c:\program files\rising\rfw\ProcLib.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 5]
    [c:\program files\rising\rfw\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
[PID: 1348][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\CNMLMON.DLL]  [CANON INC., 1.10.2.2]
[PID: 1444][C:\Program Files\rising\Rav\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 4]
    [C:\Program Files\rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[PID: 1652][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4115]
    [C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2497]
[PID: 1724][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]

[C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll]  [Nero AG, 2, 7, 2, 0]
    [C:\Program Files\rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[PID: 1828][c:\program files\rising\rfw\RfwMain.exe]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 70]
    [c:\program files\rising\rfw\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 31]
    [c:\program files\rising\rfw\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [c:\program files\rising\rfw\RfwCtrl.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
    [c:\program files\rising\rfw\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [c:\program files\rising\rfw\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[PID: 1932][C:\WINDOWS\Mixer.exe]  [C-Media Electronic Inc. (www.cmedia.com.tw), 1.42]
    [C:\WINDOWS\System32\cmnprop.dll]  [C-Media Corporation, 5.00.2195.7]
[PID: 1940][C:\Program Files\ATI Technologies\ATI.ACE\cli.exe]  [ATI Technologies Inc., 1.2.1949.42411]
    [c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_44fc1401\mscorlib.dll]  [N/A, N/A]
    [c:\program files\ati technologies\ati.ace\log.foundation.dll]  [ATI Technologies Inc., 1.2.1949.42160]
    [c:\program files\ati technologies\ati.ace\cli.foundation.dll]  [ATI Technologies Inc., 1.2.1949.42161]
    [c:\program files\ati technologies\ati.ace\log.foundation.service.dll]  [ATI Technologies Inc., 1.2.1949.42410]
    [c:\program files\ati technologies\ati.ace\log.foundation.shared.dll]  [ATI Technologies Inc., 1.2.1949.42165]
    [c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_8870c36c\system.dll]  [N/A, N/A]
    [c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_7e59c24e\system.windows.forms.dll]  [N/A, N/A]
    [c:\program files\ati technologies\ati.ace\cli.foundation.xmanifestation.dll]  [ATI Technologies Inc., 1.2.1949.42358]
    [c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_8897e98f\system.xml.dll]  [N/A, N/A]
    [c:\program files\ati technologies\ati.ace\cli.component.runtime.dll]  [ATI Technologies Inc., 1.2.1949.42410]
    [c:\program files\ati technologies\ati.ace\aem.foundation.dll]  [ATI Technologies Inc., 1.2.1949.42160]
    [c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_1df33927\system.drawing.dll]  [N/A, N/A]
    [c:\program files\ati technologies\ati.ace\cli.caste.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.1949.42393]
    [c:\program files\ati technologies\ati.ace\cli.component.runtime.shared.dll]  [ATI Technologies Inc., 1.2.1949.42162]
    [c:\program files\ati technologies\ati.ace\cli.caste.graphics.shared.dll]  [ATI Technologies Inc., 1.2.1949.42161]
    [c:\program files\ati technologies\ati.ace\dem.foundation.dll]  [ATI Technologies Inc., 1.2.1949.42160]
    [c:\program files\ati technologies\ati.ace\dem.graphics.displaysmanager.shared.dll]  [ATI Technologies Inc., 1.2.1949.42161]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demosinfo.dll]  [ATI Technologies Inc., 1.2.1949.42163]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demosadapterinfo.dll]  [ATI Technologies Inc., 1.2.1949.42164]
    [c:\program files\ati technologies\ati.ace\dem.graphics.dematiadapterinfo.dll]  [ATI Technologies Inc., 1.2.1949.42163]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demdriversettings.dll]  [ATI Technologies Inc., 1.2.1949.42162]
    [c:\program files\ati technologies\ati.ace\atidemgr.dll]  [ATI Technologies Inc., 1.2.1949.42358]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demosmodeinfo.dll]  [ATI Technologies Inc., 1.2.1949.42163]
    [c:\program files\ati technologies\ati.ace\dem.graphics.dematidisplaysmanagersettings.dll]  [ATI Technologies Inc., 1.2.1949.42163]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demdisplayscoloursettings.dll]  [ATI Technologies Inc., 1.2.1949.42162]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demvideooverlaysettings.dll]  [ATI Technologies Inc., 1.2.1949.42165]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demsmartgartsettings.dll]  [ATI Technologies Inc., 1.2.1949.42166]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demumaframebuffersettings.dll]  [ATI Technologies Inc., 1.2.1949.42166]
    [c:\program files\ati technologies\ati.ace\dem.graphics.dempowerplaysettings.dll]  [ATI Technologies Inc., 1.2.1949.42173]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demoverdrivesettings.dll]  [ATI Technologies Inc., 1.2.1949.42174]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demoverdrive3settings.dll]  [ATI Technologies Inc., 1.2.1949.42166]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demdisplaysmanageroptionssettings.dll]  [ATI Technologies Inc., 1.2.1949.42167]
    [c:\program files\ati technologies\ati.ace\dem.graphics.workstationsettings.dll]  [ATI Technologies Inc., 1.2.1949.42175]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demdevicecommonsettings.dll]  [ATI Technologies Inc., 1.2.1949.42165]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demdevicecrtsettings.dll]  [ATI Technologies Inc., 1.2.1949.42174]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demdevicecomponentvideosettings.dll]  [ATI Technologies Inc., 1.2.1949.42162]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demdevicetvsettings.dll]  [ATI Technologies Inc., 1.2.1949.42174]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demdevicedfpsettings.dll]  [ATI Technologies Inc., 1.2.1949.42174]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demdevicelcdsettings.dll]  [ATI Technologies Inc., 1.2.1949.42174]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demvpurecoverinfo.dll]  [ATI Technologies Inc., 1.2.1949.42165]
    [c:\program files\ati technologies\ati.ace\dem.graphics.mmoverlaysettings.dll]  [ATI Technologies Inc., 1.2.1949.42164]
    [c:\program files\ati technologies\ati.ace\dem.graphics.mmdeintlacingsettings.dll]  [ATI Technologies Inc., 1.2.1949.42164]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demvideotheatermodesettings.dll]  [ATI Technologies Inc., 1.2.1949.42164]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demdevicetv2settings.dll]  [ATI Technologies Inc., 1.2.1949.42163]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demmultivpusettings.dll]  [ATI Technologies Inc., 1.2.1949.42163]
    [c:\program files\ati technologies\ati.ace\cli.aspect.radeon3d.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.1949.42391]
    [c:\program files\ati technologies\ati.ace\cli.aspect.radeon3dlegacy.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.1949.42352]
    [c:\program files\ati technologies\ati.ace\cli.aspect.radeon3dlegacy.graphics.shared.dll]  [ATI Technologies Inc., 1.2.1949.42164]
    [c:\program files\ati technologies\ati.ace\cli.aspect.displayscolour.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.1949.42165]
    [c:\program files\ati technologies\ati.ace\cli.aspect.displayscolour.graphics.shared.dll]  [ATI Technologies Inc., 1.2.1949.42162]
    [c:\program files\ati technologies\ati.ace\cli.aspect.videooverlay.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.1949.42285]
    [c:\program files\ati technologies\ati.ace\cli.aspect.videooverlay.graphics.runtime.shared.dll]  [ATI Technologies Inc., 1.2.1949.42167]
    [c:\program files\ati technologies\ati.ace\dem.graphics.videooverlay.shared.dll]  [ATI Technologies Inc., 1.2.1949.42162]
    [c:\program files\ati technologies\ati.ace\cli.aspect.smartgart.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.1949.42320]
    [c:\program files\ati technologies\ati.ace\cli.aspect.vpurecover.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.1949.42320]
    [c:\program files\ati technologies\ati.ace\cli.aspect.vpurecover.graphics.shared.dll]  [ATI Technologies Inc., 1.2.1949.42175]
    [c:\program files\ati technologies\ati.ace\cli.aspect.workstationconfig.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.1949.42316]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicecrt.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.1949.42180]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicelcd.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.1949.42291]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicelcd.graphics.shared.dll]  [ATI Technologies Inc., 1.2.1949.42166]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicecv.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.1949.42256]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicecv.graphics.shared.dll]  [ATI Technologies Inc., 1.2.1949.42167]

[c:\program files\ati technologies\ati.ace\cli.aspect.customformats.graphics.shared.dll]  [ATI Technologies Inc., 1.2.1949.42162]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicetv.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.1949.42290]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicedfp.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.1949.42290]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicedfp.graphics.shared.dll]  [ATI Technologies Inc., 1.2.1949.42166]
    [c:\program files\ati technologies\ati.ace\cli.aspect.overdrive3.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.1949.42221]
    [c:\program files\ati technologies\ati.ace\cli.aspect.overdrive3.graphics.shared.dll]  [ATI Technologies Inc., 1.2.1949.42173]
    [c:\program files\ati technologies\ati.ace\cli.aspect.overdrive2.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.1949.42245]
    [c:\program files\ati technologies\ati.ace\cli.aspect.powerplay3.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.1949.42273]
    [c:\program files\ati technologies\ati.ace\cli.aspect.powerplay3.graphics.shared.dll]  [ATI Technologies Inc., 1.2.1949.42167]
    [c:\program files\ati technologies\ati.ace\cli.aspect.displaysoptions.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.1949.42194]
    [c:\program files\ati technologies\ati.ace\cli.aspect.integratedumaframebuffer.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.1949.42291]
    [c:\program files\ati technologies\ati.ace\cli.aspect.infocentre.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.1949.42220]
    [c:\program files\ati technologies\ati.ace\cli.aspect.infocentre.graphics.shared.dll]  [ATI Technologies Inc., 1.2.1949.42173]
    [c:\program files\ati technologies\ati.ace\cli.aspect.multivpu.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.1949.42381]
    [c:\program files\ati technologies\ati.ace\cli.aspect.multivpu.graphics.shared.dll]  [ATI Technologies Inc., 1.2.1949.42163]
    [c:\program files\ati technologies\ati.ace\cli.aspect.hotkeyshandling.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.1949.42411]
    [c:\program files\ati technologies\ati.ace\cli.aspect.hotkeyshandling.graphics.shared.dll]  [ATI Technologies Inc., 1.2.1949.42175]
    [c:\program files\ati technologies\ati.ace\cli.aspect.videooverlay.graphics.shared.dll]  [ATI Technologies Inc., 1.2.1949.42167]
    [c:\program files\ati technologies\ati.ace\cli.aspect.smartgart.graphics.shared.dll]  [ATI Technologies Inc., 1.2.1949.42165]
    [c:\program files\ati technologies\ati.ace\cli.aspect.deviceproperty.graphics.shared.dll]  [ATI Technologies Inc., 1.2.1949.42161]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicecrt.graphics.shared.dll]  [ATI Technologies Inc., 1.2.1949.42175]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicetv.graphics.shared.dll]  [ATI Technologies Inc., 1.2.1949.42167]
    [c:\program files\ati technologies\ati.ace\cli.aspect.displaysoptions.graphics.shared.dll]  [ATI Technologies Inc., 1.2.1949.42174]
    [c:\program files\ati technologies\ati.ace\apm.foundation.dll]  [ATI Technologies Inc., 1.2.1949.42175]
[PID: 1956][C:\Program Files\ASUS\Probe\AsusProb.exe]  [N/A, N/A]
    [C:\WINDOWS\system\VCL35.bpl]  [Borland International, 3.0.3.70]
    [C:\WINDOWS\system\cp3240mt.dll]  [Borland International, 4.0]
    [C:\WINDOWS\system\borlndmm.dll]  [Borland International, 3.0.3.70]
    [C:\Program Files\ASUS\Probe\CODISK.DLL]  [N/A, N/A]
    [C:\Program Files\ASUS\Probe\DiskIco.dll]  [N/A, N/A]
    [C:\Program Files\ASUS\Probe\COLM7578.DLL]  [N/A, N/A]
    [C:\WINDOWS\system\bcbsmp35.bpl]  [, 1.0.0.0]
    [C:\WINDOWS\system\vclx35.bpl]  [Borland International, 3.0.3.70]
    [C:\Program Files\ASUS\Probe\Asus.dll]  [ASUS, 3, 0, 0, 2]
    [C:\Program Files\ASUS\Probe\ASMIAHD.dll]  [ASUS, 3, 0, 0, 1]
    [C:\Program Files\ASUS\Probe\AsmiCtrl.dll]  [ASUS, 3, 0, 0, 1]
    [C:\Program Files\ASUS\Probe\ASMIDMI.dll]  [ASUS, 3, 1, 0, 1]
    [C:\Program Files\ASUS\Probe\AsmiEnum.dll]  [ASUS, 3, 0, 0, 1]
    [C:\Program Files\ASUS\Probe\AsmiHwIo.dll]  [ASUS, 3, 1, 0, 1]
    [C:\Program Files\ASUS\Probe\AsmiAmd.dll]  [N/A, N/A]
    [C:\Program Files\ASUS\Probe\AsmiAsus.dll]  [ASUS, 4, 0, 0, 2]
    [C:\Program Files\ASUS\Probe\COLMIco.dll]  [N/A, N/A]
    [C:\Program Files\ASUS\Probe\CODMI.DLL]  [N/A, N/A]
[PID: 1964][C:\Program Files\淘宝网\淘宝旺旺\WangWang.EXE]  [淘宝（中国）软件有限公司, 1, 9, 6, 1221]
    [C:\Program Files\淘宝网\淘宝旺旺\AliViewCtrl.dll]  [vline, 1, 0, 0, 1]
    [C:\Program Files\淘宝网\淘宝旺旺\VLNetwork.dll]  [, 1, 0, 0, 6]
    [C:\Program Files\淘宝网\淘宝旺旺\AliViewMedia.dll]  [vline, 1, 0, 0, 1]
    [C:\Program Files\淘宝网\淘宝旺旺\VideoCAP.dll]  [, 1, 0, 0, 4]
    [C:\Program Files\淘宝网\淘宝旺旺\VLAudio.dll]  [, 1, 0, 0, 4]
    [C:\Program Files\淘宝网\淘宝旺旺\JsmShow.dll]  [, 1, 0, 0, 3]
    [C:\Program Files\淘宝网\淘宝旺旺\ww_network.dll]  [N/A, 1, 0, 1, 18]
    [C:\Program Files\淘宝网\淘宝旺旺\Ali_Res.DLL]  [N/A, N/A]
    [C:\Program Files\淘宝网\淘宝旺旺\WangWangX4.dll]  [阿里软件（中国）有限公司, 1, 0, 0, 1]
    [C:\Program Files\淘宝网\淘宝旺旺\RichOne.dll]  [淘宝(中国)软件有限公司, 1.0.0.1]
    [C:\Program Files\淘宝网\淘宝旺旺\TBProgress.dll]  [淘宝(中国)软件有限公司, 1.0.0.1]
    [C:\Program Files\rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[PID: 1984][C:\Program Files\rising\Rav\RavTask.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
    [C:\Program Files\rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\Program Files\rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [C:\Program Files\rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
[PID: 2012][C:\Program Files\rising\Rav\Ravmon.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 36]
    [C:\Program Files\rising\Rav\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 28]
    [C:\Program Files\rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [C:\Program Files\rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [C:\Program Files\rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\Program Files\rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\rising\Rav\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [C:\Program Files\rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[PID: 296][D:\Super Rabbit\IEPro\SRIECLI.EXE]  [Super Rabbit Soft, 6.95]
[PID: 412][D:\鱼鱼软件\桌面天气秀\XDeskWeather.exe]  [www.CFishSoft.com, 4.5.1.818]
[PID: 484][C:\Program Files\MSN Messenger\MsnMsgr.Exe]  [Microsoft Corporation, 7.5.0324]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
    [C:\Program Files\rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[PID: 724][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1516][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1020][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2052][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: DNSRV(bld4act)]
[PID: 2980][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2384][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll]  [Nero AG, 2, 0, 0, 8]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
[PID: 1732][d:\Thunder Network\Thunder\Program\Thunder5.exe]  [Thunder Networking Technologies,LTD, 5, 5, 3, 264]
    [d:\Thunder Network\Thunder\Program\TaskManager.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 14]
    [d:\Thunder Network\Thunder\Program\download_interface.dll]  [Thunder Networking Technologies,LTD, 2, 12, 2, 42]
    [d:\Thunder Network\Thunder\Program\asyn_dns.dll]  [Thunder Networking Technologies,LTD, 2, 12, 2, 42]
    [d:\Thunder Network\Thunder\Program\BHOStub.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 8]
    [d:\Thunder Network\Thunder\Program\iTargetAD.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 13]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [d:\Thunder Network\Thunder\Components\DiagnoseHelper\DiagnoseHelper.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 10]
    [d:\Thunder Network\Thunder\Components\PortVerify\PortVerify.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 1]
    [d:\Thunder Network\Thunder\Components\ExplorerHelper\ExplorerHelper.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 1]
    [d:\Thunder Network\Thunder\Components\DTAG\DTAG.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 1]
    [d:\Thunder Network\Thunder\Program\LiveUpdate.dll]  [, 1, 0, 1, 16]
    [d:\Thunder Network\Thunder\Components\InMedia\iEmbedShell.dll]  [　, 1, 0, 0, 15]
    [d:\Thunder Network\Thunder\Components\InMedia\iEmbed08.dll]  [　, 3, 2, 0, 63]
    [d:\Thunder Network\Thunder\Components\Community\XLCommunity.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 13]
    [d:\Thunder Network\Thunder\Program\RegisterDll.dll]  [Thunder Networking Technologies,LTD, 2, 2, 1, 43]
    [d:\Thunder Network\Thunder\Components\Search\XLSearch.dll]  [Thunder Networking Technologies,LTD, 1, 0, 1, 6]
    [d:\Thunder Network\Thunder\Components\P4PClient\P4PClient.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 13]
    [d:\Thunder Network\Thunder\Components\VPSHELL\VPSHELL.dll]  [, 1, 0, 0, 1]
    [d:\Thunder Network\Thunder\Components\VPSHELL\VideoPicture.dll]  [XunLei, 1, 0, 0, 1]
    [d:\Thunder Network\Thunder\Program\msgmanage.dll]  [Thunder Networking Technologies,LTD, 2, 0, 0, 24]
    [d:\Thunder Network\Thunder\Plugins\BhoAdv\bho_adv.dll]  [深圳市迅雷网络技术有限公司, 1.0.1.0]
    [C:\Program Files\rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [d:\Thunder Network\Thunder\Components\InMedia\MediaAddin11.dll]  [Thunder Networking Technologies,LTD, 3, 1, 0, 63]
[PID: 1644][F:\新建文件夹 (2)\sreng2\SREng.EXE]  [Smallfrogs Studio, 2.3.13.690]

文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1                    localhost
127.0.0.1www.ccnnic.com
127.0.0.1www.ccnnic.net
127.0.0.1www.ccnnic.cn
127.0.0.1www.ccnnic.com.cn
127.0.0.1www.ccnnic.net.cn
127.0.0.1www.ccnnlc.com
127.0.0.1www.ccnnlc.com.cn
127.0.0.1www.ccnnlc.net
127.0.0.1www.ccnnlc.cn
127.0.0.1www.ccnnlc.net.cn
127.0.0.1www.bodoto.com
127.0.0.1bj.bodoto.com
127.0.0.1nb.bodoto.com
127.0.0.1hangzhou.bodoto.com
127.0.0.1jh.bodoto.com
127.0.0.1shangh.bodoto.com
127.0.0.1my.bodoto.com
127.0.0.1mail.bodoto.com
127.0.0.1www.bodoto.net
127.0.0.1www.bodoto.cn
127.0.0.1www.bodoto.com.cn
127.0.0.1www.bodoto.net.cn
127.0.0.1www.bodoto.org
127.0.0.1www.edmchina.com
127.0.0.1www.edmchina.net
127.0.0.1www.edmchina.cn
127.0.0.1www.edmchina.com.cn
127.0.0.1www.edmchina.net.cn
127.0.0.1ad.edmchina.com
127.0.0.1agent.edmchina.com
127.0.0.1sales.edmchina.com
127.0.0.1mail.edmchina.com
127.0.0.1edmchina.com
127.0.0.1edmchina.net
127.0.0.1edmchina.cn
127.0.0.1edmchina.com.cn
127.0.0.1www.pk265.com
127.0.0.1www.pk265.net
127.0.0.1www.pk265.com.cn
127.0.0.1www.pk265.cn
127.0.0.1pk265.com
127.0.0.1pk265.net
127.0.0.1pk265.com.cn
127.0.0.1www.qqbao.com
127.0.0.1www.qqbao.net
127.0.0.1www.qqbao.cn
127.0.0.1www.qqbao.com.cn
127.0.0.1qqbao.com
127.0.0.1qqbao.cn
127.0.0.1qqbao.com.cn
127.0.0.1www.pvka.com.cn
127.0.0.1ad.pvka.com
127.0.0.1da.pvka.com
127.0.0.1www.20060106.com
127.0.0.120060106.com
127.0.0.1www.huajundown.com
127.0.0.1www.huajundown.net
127.0.0.1huajundown.net
127.0.0.1huajundown.com.cn
127.0.0.1www.pvka.net.cn
127.0.0.1www.huajundown.com.cn
127.0.0.1www.huajundown.cn
127.0.0.1www.huajundown.net.cn
127.0.0.1pvka.com.cn

==================================
API HOOK
N/A

==================================


[/CODE]

运行SREng2,使用“启动项目”－－注册表－－删除
<wdfmgr32><C:\WINDOWS\system32\wdfmgr32.exe> [N/A]
<{5DBEF4E5-A6FF-11E0-9A84-00C04FD8DBD8}><C:\WINDOWS\system32\HDBEF4E5.log> [N/A]

运行(双击)SRENG2，点“启动项目，服务，点“Win32服务应用程序”
勾选“隐藏微软服务”选中病毒服务
[COM+ Messages / COM+ Messages][Stopped/Auto Start]
<"C:\WINDOWS\system32\svchosts.exe" -e te-110-12-0000129><N/A>
[Windows Video2 / Windows Video2][Stopped/Auto Start]
<C:\WINDOWS\system32\msvd2.exe><>
，选择“删除服务”
点“设置”选择“否”


重启按F８进入安全模式下
显示隐藏文件
删除：
C:\WINDOWS\system32\svchosts.exe
C:\WINDOWS\system32\wdfmgr32.exe
C:\WINDOWS\system32\HDBEF4E5.log
C:\WINDOWS\system32\msvd2.exe


红色的为可疑项楼主确认..你也不清楚的话 建议删除..