瑞星卡卡安全论坛

sreng2扫描
启动项目
注册表
[hkey_current_user\software\microsoft\windows\currentversion\run]
    <ctfmon.exe><c:\windows\system32\ctfmon.exe>  [(verified)microsoft windows publisher]
    <bgswitch><c:\windows\system32\bgswitch.exe>  []
    <nokia.pcsync><"c:\program files\nokia\nokia pc suite 6\pcsync2.exe" /nodialog>  [time information services ltd.]
    <pc suite tray><"c:\program files\nokia\nokia pc suite 6\pcsuite.exe" -onlytray>  [nokia]
[hkey_current_user\software\microsoft\windows\currentversion\runonce]
    <flashplayerupdate><c:\windows\system32\macromed\flash\flashutil9e.exe>  [(verified)adobe systems incorporated]
[hkey_local_machine\software\microsoft\windows\currentversion\run]
    <ravtask><"d:\瑞星\rising\rav\ravtask.exe" -system>  [(verified)beijing rising science and technology corporation limited]
    <rfwmain><"d:\瑞星\rising\rfw\rfwmain.exe" -startup>  [(verified)beijing rising science and technology corporation limited]
    <runeip><"c:\program files\rising\antispyware\runiep.exe" /startup>  [beijing rising technology co., ltd.]
    <tkbellexe><"c:\program files\common files\real\update_ob\realsched.exe"  -osboot>  [(verified)"realnetworks, inc."]
    <bigdogpath><c:\windows\vm_sti.exe vimicro usb pc camera>  [n/a]
    <zssnp211><c:\windows\zssnp211.exe>  [zsmc]
    <domino><c:\windows\domino.exe>  []
    <msprint32d><c:\windows\msprint32d.exe>  [n/a]
    <grid service><"c:\program files\gridservice\peer.exe" -n grid>  [mercury]
[hkey_local_machine\software\microsoft\windows nt\currentversion\winlogon]
    <shell><explorer.exe>  [(verified)microsoft windows publisher]
    <userinit><c:\windows\system32\userinit.exe,>  [(verified)microsoft windows publisher]
[hkey_local_machine\software\microsoft\windows nt\currentversion\windows]
    <appinit_dlls><womsoy.dll,yzztkmsn.dll,arjreler.dll,tisqatyu.dll,nhmxcjkl.dll,ietzbpaq.dll,akjsdkaq.dll>  []
[hkey_local_machine\software\microsoft\windows nt\currentversion\winlogon]
    <uihost><logonui.exe>  [(verified)microsoft windows publisher]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    <{32cd708b-60a7-4c00-9377-d73eaa495f0f}><c:\windows\system32\ravext.dll>  [(verified)beijing rising science and technology corporation limited]
    <{ac2dc2ef-5165-40a3-8cdf-41dca1b0901a}><c:\windows\system32\shlhook.dll>  [beijing rising technology co., ltd.]
    <{fd561258-45f3-a451-f908-a258458226df}><c:\windows\fonts\kvdxsoma.dll>  [n/a]
    <{a8907901-1416-3389-9981-37217856998a}><c:\windows\fonts\kawdjzy.dll>  [n/a]
    <{a9895933-6636-4281-bc58-ee6de2af96e3}><c:\windows\system32\ddserh.dll>  []
    <{c0595a7e-2e2f-4b34-a83a-019270a0a464}><c:\windows\system32\tdffdl.dll>  []
    <{dc3d30ae-0380-4151-8934-ee98a34b0370}><c:\windows\system32\mfdesy.dll>  []
    <{eb71e0b3-e97d-4d30-8733-e28266467617}><c:\windows\system32\wyhesm.dll>  []
    <{00010001-0001-0001-0001-00010001bb15}><c:\windows\system32\adsntzt.dll>  []
    <{6e6ca8a1-81bc-4707-a54c-f4903dd70bad}><c:\windows\system32\zgxfdx.dll>  []
    <{45aadfaa-dd36-42ab-83ad-0521bbf58c24}><c:\windows\system32\zgrjdx.dll>  []
    <{8c41b7f7-3168-400d-a702-0e7efe0ba304}><c:\windows\system32\sgdewg.dll>  []
    <{17dfd111-bf3a-4cb4-adb0-88fcbfe69821}><c:\windows\system32\hhrdxd.dll>  []
    <{841529cb-7f77-4b99-a895-b5441e0d302f}><c:\windows\system32\jfrwdh.dll>  []
    <{7c8d1401-a58d-a81c-cd24-a5915c4517c7}><c:\windows\system32\mnmhgsrv.dll>  []
    <{f99defdd-200b-4410-b572-e90883d527d2}><c:\windows\system32\wrqszl.dll>  []
    <{461d2ab4-29a5-45c2-9134-d52272d3de38}><c:\windows\system32\rfdswc.dll>  []
    <{011db9b9-44b4-44d9-b17e-bc7608f2e549}><c:\windows\system32\cdwqfs.dll>  []
    <{caed0f3b-df8b-4dbf-bb20-8dfbc3199068}><c:\windows\system32\jggtsr.dll>  []
    <{84143967-b645-4bff-b873-da1dc886e9a7}><c:\windows\system32\cedafb.dll>  []
    <{73ae86e6-7f03-4c3b-8980-fb1da157d3c7}><c:\windows\system32\fmcvxy.dll>  []
    <{81af1cf6-d1c9-4c6a-ac01-ede54e71945b}><c:\windows\system32\jfdses.dll>  []
    <{b490415f-65f8-b5c5-d8ba-9405fb12054b}><c:\windows\system32\yzztkmsn.dll>  []
    <{b629ff4f-acdb-5c90-a098-facb3456a26b}><c:\windows\system32\hdf453d.dll>  []
    <{528df602-9541-a985-210a-984a698c6f25}><c:\windows\system32\ptjhehlp.dll>  []
    <{7a041f13-a111-12a3-b0cf-f99818aa68a7}><c:\windows\system32\zxmsdwin.dll>  []
    <{aa59145f-315d-bc23-ac1f-145df81a34aa}><c:\windows\system32\zyzxjime.dll>  []
    <{6c648541-1025-9650-9057-6541258720c6}><c:\windows\system32\mndhfdwd.dll>  []
    <{50940f85-f015-14f1-a05f-f69858ac6d05}><c:\windows\system32\zptlcsys.dll>  []
    <{5a069845-2036-6084-9054-6087502480a5}><c:\windows\system32\ozfyebyt.dll>  []
    <{37a924af-1a5f-cf21-ab1d-1d5cf82a8a73}><c:\windows\system32\zywlcime.dll>  []
    <{7c69034a-f45f-d34d-a33a-c33c4d324fc7}><c:\windows\system32\arjreler.dll>  []
    <{7fd45a54-9875-698f-e56e-65102358fdf7}><c:\windows\system32\apsggjba.dll>  []
    <{5b1aef69-ddae-fdad-dcab-698f026abdb5}><c:\windows\system32\oohxdbyt.dll>  []
    <{35671234-7890-abcd-cdef-567801237653}><c:\windows\system32\yxcschlp.dll>  []
    <{1a698452-c5d8-c584-c256-c264c987c5a1}><c:\windows\system32\ijdyapaw.dll>  []
    <{43512378-9874-5641-1025-985420368734}><c:\windows\system32\oswxdttb.dll>  []
    <{18093456-9012-4568-9076-908765467181}><c:\windows\system32\tisqatyu.dll>  []
    <{25fd6584-698f-bcd2-602c-698745210352}><c:\windows\system32\rijxbkin.dll>  []
    <{4a698102-5904-afd0-20df-cd1a65829ca4}><c:\windows\system32\zycbdime.dll>  []
    <{91698482-6555-3666-1222-954784129019}><c:\windows\system32\zxptejpg.dll>  []
    <{3d698451-2015-6358-9871-2015987452d3}><c:\windows\system32\apzhctde.dll>  []
    <{37ac9076-c898-b098-d098-a18319080973}><c:\windows\system32\nhmxcjkl.dll>  []
    <{7c954872-1230-6541-9548-6541025884c7}><c:\windows\system32\fd233ds4f3.dll>  []
    <{2b69874a-c58c-458d-69f0-698f874e41b2}><c:\windows\system32\lassaplo.dll>  []
    <{29109876-7619-9101-7012-901938475192}><c:\windows\system32\ietzbpaq.dll>  []
    <{14698742-2059-3025-9058-954023874141}><c:\windows\system32\jkhxaklo.dll>  []
    <{4a908760-8000-4000-a000-9000322145a4}><c:\windows\system32\akjsdkaq.dll>  []
    <{20909876-4567-3908-4056-909834565102}><c:\windows\system32\erxybloe.dll>  []
    <{60a345cd-abcd-efab-cdef-abcd01020306}><c:\windows\system32\pqzfajke.dll>  []
[hkey_local_machine\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
    <adsntzt.dll><c:\windows\system32\adsntzt.dll>  []
[hkey_local_machine\software\microsoft\active setup\installed components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <internet explorer><%systemroot%\system32\shmgrate.exe ocinstalluserconfigie>  [n/a]
[hkey_local_machine\software\microsoft\active setup\installed components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <outlook express><%systemroot%\system32\shmgrate.exe ocinstalluserconfigoe>  [n/a]
[hkey_local_machine\software\microsoft\active setup\installed components\{2c7339cf-2b09-4501-b3f3-f3508c9228ed}]
    <themes setup><%systemroot%\system32\regsvr32.exe /s /n /i:/userinstall %systemroot%\system32\themeui.dll>  [n/a]
[hkey_local_machine\software\microsoft\active setup\installed components\{44bba840-cc51-11cf-aafa-00aa00b6015c}]
    <microsoft outlook express 6><"%programfiles%\outlook express\setup50.exe" /app:oe /caller:winnt /user /install>  [n/a]
[hkey_local_machine\software\microsoft\active setup\installed components\{44bba842-cc51-11cf-aafa-00aa00b6015b}]
    <netmeeting 3.01><rundll32.exe advpack.dll,launchinfsection c:\windows\inf\msnetmtg.inf,netmtg.remove.peruser.nt>  [(verified)microsoft windows publisher]
[hkey_local_machine\software\microsoft\active setup\installed components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <windows messenger 4.7><rundll32.exe advpack.dll,launchinfsection c:\windows\inf\msmsgs.inf,blc.quietinstall.peruser>  [(verified)microsoft windows publisher]
[hkey_local_machine\software\microsoft\active setup\installed components\{6bf52a52-394a-11d3-b153-00c04f79faa6}]
    <microsoft windows media player><rundll32.exe advpack.dll,launchinfsection c:\windows\inf\wmp10.inf,peruserstub>  [(verified)microsoft windows component publisher]
[hkey_local_machine\software\microsoft\active setup\installed components\{7790769c-0471-11d2-af11-00c04fa35d02}]
    <通讯簿 6><"%programfiles%\outlook express\setup50.exe" /app:wab /caller:winnt /user /install>  [n/a]

==================================
启动文件夹
[explorer]
  <c:\documents and settings\all users\「开始」菜单\程序\启动\explorer.exe -->  [n/a]><n>
[qq游戏启动加速程序]
  <c:\documents and settings\administrator\「开始」菜单\程序\启动\qq游戏启动加速程序.lnk --> d:\qq\qqgame\accel.exe [深圳市腾讯计算机系统有限公司]><n>

==================================
服务
[adobe lm service / adobe lm service][stopped/manual start]
  <"c:\program files\common files\adobe systems shared\service\adobelmsvc.exe"><adobe systems>
[dfservex / dfservex][running/auto start]
  <c:\program files\hypertechnologies\deep freeze\dfservex.exe><hyper technologies inc.>
[help and support / helpsvc][stopped/disabled]
  <c:\windows\system32\svchost.exe -k netsvcs-->%windir%\pchealth\helpctr\binaries\pchsvc.dll><n/a>
[human interface device access / hidserv][stopped/disabled]
  <c:\windows\system32\svchost.exe -k netsvcs-->%systemroot%\system32\hidserv.dll><n/a>
[netmeeting remote desktop sharing / mnmsrvc][stopped/manual start]
  <><n/a>
[rising proxy  service / rfwproxysrv][running/auto start]
  <d:\瑞星\rising\rfw\rfwproxy.exe><beijing rising technology co., ltd.>
[rising personal firewall service / rfwservice][running/auto start]
  <d:\瑞星\rising\rfw\rfwsrv.exe><beijing rising technology co., ltd.>
[remote packet capture protocol v.0 (experimental) / rpcapd][stopped/manual start]
  <"c:\program files\winpcap\rpcapd.exe" -d -f "c:\program files\winpcap\rpcapd.ini"><n/a>
[rising process communication center / rsccenter][running/auto start]
  <"d:\瑞星\rising\rav\ccenter.exe"><beijing rising technology co., ltd.>
[rising realtime monitor / rsravmon][stopped/auto start]
  <"d:\瑞星\rising\rav\ravmond.exe"><n/a>
[servicelayer / servicelayer][running/manual start]
  <"c:\program files\pc connectivity solution\servicelayer.exe"><nokia.>

==================================
驱动程序
[294296e014ff6e51 / 294296e014ff6e51][stopped/manual start]
  <\??\c:\294296e014ff6e51.dat><n/a>
[aha154x / aha154x][running/boot start]
  <\systemroot\system32\drivers\aha154x.sys><microsoft corporation>
[ahci8086 / ahci8086][running/boot start]
  <\systemroot\system32\drivers\ahci8086.sys><ati technologies inc.>
[aliide / aliide][stopped/boot start]
  <\systemroot\system32\drivers\aliide.sys><n/a>
[amdk8 compatible device / amdk8][stopped/manual start]
  <system32\drivers\amdk8.sys><advanced micro devices>
[arcsas / arcsas][stopped/boot start]
  <\systemroot\system32\drivers\arcsas.sys><n/a>
[rising tdi base driver / basetdi][running/auto start]
  <system32\drivers\basetdi.sys><beijing rising technology co., ltd.>
[cmdide / cmdide][stopped/boot start]
  <\systemroot\system32\drivers\cmdide.sys><n/a>
[c-media wdm audio interface / cmuda][running/manual start]
  <system32\drivers\cmuda.sys><c-media inc>
[via rhine-family fast ethernet adapter driver service / fetnd5bv][running/manual start]
  <system32\drivers\fetnd5bv.sys><via technologies, inc.>
[microsoft hid class driver / hidusb][stopped/manual start]
  <system32\drivers\hidusb.sys><n/a>
[hookcont / hookcont][running/system start]
  <\systemroot\system32\drivers\hookcont.sys><beijing rising technology co., ltd>
[hookntos / hookntos][running/system start]
  <\systemroot\system32\drivers\hookntos.sys><beijing rising technology co., ltd>
[hookreg / hookreg][running/system start]
  <\systemroot\system32\drivers\hookreg.sys><beijing rising technology co., ltd>
[hooksys / hooksys][running/system start]
  <\systemroot\system32\drivers\hooksys.sys><beijing rising technology co., ltd>
[hookurl / hookurl][running/auto start]
  <\??\d:\瑞星\rising\rfw\hookurl.sys><beijing rising technology co., ltd.>
[iis manager  / iis manager ][running/manual start]
  <\??\c:\docume~1\admini~1\locals~1\temp\1.tmp><n/a>
[keyboard hid driver / kbdhid][stopped/system start]
  <system32\drivers\kbdhid.sys><n/a>
[mouse hid driver / mouhid][stopped/manual start]
  <system32\drivers\mouhid.sys><n/a>
[mseqsy / mseqsy][stopped/auto start]
  <system32\drivers\msacpe.sys><n/a>
[netgroup packet filter / npf][stopped/manual start]
  <system32\drivers\npf.sys><n/a>
[npkcrypt / npkcrypt][stopped/manual start]
  <\??\c:\windows\system32\npkcrypt.sys><n/a>
[npkycryp / npkycryp][stopped/manual start]
  <\??\c:\windows\system32\npkycryp.sys><n/a>
[pccs mode change filter driver / pccsmcfd][stopped/manual start]
  <system32\drivers\pccsmcfd.sys><nokia>
[direct parallel link driver / ptilink][running/manual start]
  <system32\drivers\ptilink.sys><parallel technologies, inc.>
[rising  rfwbase driver / rfwbase][running/auto start]
  <system32\drivers\rfwbase.sys><beijing rising technology co., ltd.>
[rsantispyware / rsantispyware][running/boot start]
  <\systemroot\system32\drivers\rsboot.sys><beijing rising technology co., ltd.>
[rsfwdrv / rsfwdrv][running/system start]
  <\??\d:\瑞星\rising\rfw\rsfwdrv.sys><beijing rising technology co., ltd.>
[rsntgdi / rsntgdi][running/boot start]
  <\systemroot\system32\drivers\rsntgdi.sys><beijing rising technology co., ltd.>
[secdrv / secdrv][stopped/manual start]
  <system32\drivers\secdrv.sys><n/a>
[serial mouse driver / sermouse][stopped/manual start]
  <system32\drivers\sermouse.sys><n/a>
[sparrow / sparrow][running/boot start]
  <\systemroot\system32\drivers\sparrow.sys><adaptec, inc.>
[system restore filter driver / sr][stopped/boot start]
  <\systemroot\system32\drivers\sr.sys><n/a>
[syshostsvc / syshostsvc][running/auto start]
  <\??\c:\windows\system32\drivers\guihelp.sys><microsoft corporation>
[sp-cable / usb2vcom][stopped/manual start]
  <system32\drivers\usb2vcom.sys><speed science&technology electronic co. ltd>
[microsoft usb generic parent driver / usbccgp][stopped/manual start]
  <\systemroot\system32\drivers\usbccgp.sys><n/a>
[microsoft usb open host controller miniport driver / usbohci][stopped/boot start]
  <\systemroot\system32\drivers\usbohci.sys><n/a>
[viagfx / viagfx][running/manual start]
  <system32\drivers\vtmini.sys><copyright (c) via/s3 graphics co, ltd.>
[viaide / viaide][running/boot start]
  <\systemroot\system32\drivers\viaide.sys><microsoft corporation>
[viamraid / viamraid][running/boot start]
  <\systemroot\system32\drivers\viamraid.sys><via technologies inc,.ltd>
[world standard teletext codec / wstcodec][stopped/manual start]
  <system32\drivers\wstcodec.sys><microsoft corporation>
[usb pc camera (zs0211) / zsmc211][running/manual start]
  <system32\drivers\zs211.sys><zsmc corporation>
[vimicro usb pc camera / zsmc302][stopped/manual start]
  <system32\drivers\usbvm31b.sys><vm>

用户系统信息：mozilla/4.0 (compatible; msie 6.0; windows nt 5.1; sv1)

附件: SREngLOG.log

浏览器加载项
[]
  {14698742-2059-3025-9058-954023874141} <c:\windows\system32\jkhxaklo.dll, n/a>
[]
  {18093456-9012-4568-9076-908765467181} <c:\windows\system32\tisqatyu.dll, n/a>
[]
  {1a698452-c5d8-c584-c256-c264c987c5a1} <c:\windows\system32\ijdyapaw.dll, n/a>
[]
  {20909876-4567-3908-4056-909834565102} <c:\windows\system32\erxybloe.dll, n/a>
[]
  {25fd6584-698f-bcd2-602c-698745210352} <c:\windows\system32\rijxbkin.dll, n/a>
[]
  {29109876-7619-9101-7012-901938475192} <c:\windows\system32\ietzbpaq.dll, n/a>
[]
  {2b69874a-c58c-458d-69f0-698f874e41b2} <c:\windows\system32\lassaplo.dll, n/a>
[realplayer download and record plugin for internet explorer]
  {3049c3e9-b461-4bc5-8870-4c09146192ca} <c:\program files\real\realplayer\rpbrowserrecordplugin.dll, realplayer>
[]
  {35671234-7890-abcd-cdef-567801237653} <c:\windows\system32\yxcschlp.dll, n/a>
[]
  {37a924af-1a5f-cf21-ab1d-1d5cf82a8a73} <c:\windows\system32\zywlcime.dll, n/a>
[]
  {37ac9076-c898-b098-d098-a18319080973} <c:\windows\system32\nhmxcjkl.dll, n/a>
[]
  {3d698451-2015-6358-9871-2015987452d3} <c:\windows\system32\apzhctde.dll, n/a>
[]
  {43512378-9874-5641-1025-985420368734} <c:\windows\system32\oswxdttb.dll, n/a>
[]
  {4a698102-5904-afd0-20df-cd1a65829ca4} <c:\windows\system32\zycbdime.dll, n/a>
[]
  {4a908760-8000-4000-a000-9000322145a4} <c:\windows\system32\akjsdkaq.dll, n/a>
[vnetcookie class]
  {4e83d567-4697-4f7b-b1f0-a513b01db89a} <c:\progra~1\chinanet\vnettr~1.dll, n/a>
[]
  {50940f85-f015-14f1-a05f-f69858ac6d05} <c:\windows\system32\zptlcsys.dll, n/a>
[]
  {528df602-9541-a985-210a-984a698c6f25} <c:\windows\system32\ptjhehlp.dll, n/a>
[]
  {5a069845-2036-6084-9054-6087502480a5} <c:\windows\system32\ozfyebyt.dll, n/a>
[]
  {5b1aef69-ddae-fdad-dcab-698f026abdb5} <c:\windows\system32\oohxdbyt.dll, n/a>
[]
  {60a345cd-abcd-efab-cdef-abcd01020306} <c:\windows\system32\pqzfajke.dll, n/a>
[]
  {6c648541-1025-9650-9057-6541258720c6} <c:\windows\system32\mndhfdwd.dll, n/a>
[]
  {7a041f13-a111-12a3-b0cf-f99818aa68a7} <c:\windows\system32\zxmsdwin.dll, n/a>
[]
  {7c69034a-f45f-d34d-a33a-c33c4d324fc7} <c:\windows\system32\arjreler.dll, n/a>
[]
  {7c8d1401-a58d-a81c-cd24-a5915c4517c7} <c:\windows\system32\mnmhgsrv.dll, n/a>
[]
  {7c954872-1230-6541-9548-6541025884c7} <c:\windows\system32\fd233ds4f3.dll, n/a>
[]
  {7fd45a54-9875-698f-e56e-65102358fdf7} <c:\windows\system32\apsggjba.dll, n/a>
[thunder browser helper]
  {889d2feb-5411-4565-8998-1dd2c5261283} <c:\program files\thunder network\thunder\comdlls\xunleibho_006.dll, thunder networking technologies,ltd>
[]
  {91698482-6555-3666-1222-954784129019} <c:\windows\system32\zxptejpg.dll, n/a>
[]
  {9963387b-212e-4643-b207-82daea0e713d} <c:\program files\internet explorer\plugins\wn_sys8x.sys, n/a>
[]
  {aa59145f-315d-bc23-ac1f-145df81a34aa} <c:\windows\system32\zyzxjime.dll, n/a>
[]
  {b490415f-65f8-b5c5-d8ba-9405fb12054b} <c:\windows\system32\yzztkmsn.dll, n/a>
[]
  {b629ff4f-acdb-5c90-a098-facb3456a26b} <c:\windows\system32\hdf453d.dll, n/a>
[豪杰超级解霸v8]
  {367e0a21-8601-4986-9c9a-153bf5aca118} <c:\herosoft\herov8\sthsdvd.exe, n/a>
[信息检索(&r)]
  {92780b25-18cc-41c8-b9be-3c9c571a8263} <c:\progra~1\micros~2\office11\refiebar.dll, microsoft corporation>
[访问瑞星网站]
  {ff2de7a6-ecb1-4cbc-9c0e-d92a9e66e444} <http://www.rising.com.cn/?u=rstb, n/a>
[访问卡卡社区]
  {ff2de7a6-ecb1-4cbc-9c0e-d92a9e66e445} <http://www.ikaka.com/?u=rstb, n/a>
[金山快译(&k)]
  {6c3797d2-3fef-4cd4-b654-d3ae55b4128c} <c:\program files\common files\kingsoft\extract\addins\ieband.dll, 金山软件股份有限公司>
[卡卡上网安全助手]
  {db9ecd4f-fb8f-4311-b3ce-90b976c2707c} <c:\windows\system32\kakatool.dll, beijing rising technology co., ltd.>
[163uploader control]
  {8686f2a6-dc01-4e8f-bde3-dcc7dbbad6ae} <c:\windows\system32\163upl~1.ocx, 广州网易互动娱乐有限公司>
[activemoviecontrol object]
  {05589fa1-c356-11ce-bf01-00aa0055595a} <c:\windows\system32\wmpdxm.dll, microsoft corporation>
[web browser applet control]
  {08b0e5c0-4fcb-11cf-aaa5-00401c608501} <c:\windows\system32\msjava.dll, microsoft corporation>
[]
  {14698742-2059-3025-9058-954023874141} <c:\windows\system32\jkhxaklo.dll, n/a>
[]
  {18093456-9012-4568-9076-908765467181} <c:\windows\system32\tisqatyu.dll, n/a>
[]
  {1a698452-c5d8-c584-c256-c264c987c5a1} <c:\windows\system32\ijdyapaw.dll, n/a>
[itruspta class]
  {1e0dffcf-27ff-4574-849b-55007349feda} <c:\windows\system32\aliedit\pta.dll, >
[]
  {20909876-4567-3908-4056-909834565102} <c:\windows\system32\erxybloe.dll, n/a>
[windows media player]
  {22d6f312-b0f6-11d0-94ab-0080c74c7e95} <c:\windows\system32\wmpdxm.dll, microsoft corporation>
[html document]
  {25336920-03f9-11cf-8fd0-00aa00686f13} <%systemroot%\system32\mshtml.dll, n/a>
[]
  {25fd6584-698f-bcd2-602c-698745210352} <c:\windows\system32\rijxbkin.dll, n/a>
[]
  {29109876-7619-9101-7012-901938475192} <c:\windows\system32\ietzbpaq.dll, n/a>
[]
  {2b69874a-c58c-458d-69f0-698f874e41b2} <c:\windows\system32\lassaplo.dll, n/a>
[dhtml edit control safe for scripting for ie5]
  {2d360201-fff5-11d1-8d03-00a0c959bc0a} <c:\program files\common files\microsoft shared\triedit\dhtmled.ocx, microsoft corporation>
[realplayer ram download handler]
  {2f542a2e-edc9-4bf7-8cb1-87c9919f7f93} <c:\windows\system32\rmoc3260.dll, realnetworks, inc.>
[realplayer download and record plugin for internet explorer]
  {3049c3e9-b461-4bc5-8870-4c09146192ca} <c:\program files\real\realplayer\rpbrowserrecordplugin.dll, realplayer>
[]
  {35671234-7890-abcd-cdef-567801237653} <c:\windows\system32\yxcschlp.dll, n/a>
[]
  {37a924af-1a5f-cf21-ab1d-1d5cf82a8a73} <c:\windows\system32\zywlcime.dll, n/a>
[]
  {37ac9076-c898-b098-d098-a18319080973} <c:\windows\system32\nhmxcjkl.dll, n/a>
[]
  {3d698451-2015-6358-9871-2015987452d3} <c:\windows\system32\apzhctde.dll, n/a>
[]
  {43512378-9874-5641-1025-985420368734} <c:\windows\system32\oswxdttb.dll, n/a>
[xml document]
  {48123bc4-99d9-11d1-a6b3-00c04fd91555} <c:\windows\system32\msxml3.dll, microsoft corporation>
[editctrl class]
  {488a4255-3236-44b3-8f27-fa1aecaa8844} <c:\windows\system32\aliedit\aliedit.dll, >
[]
  {4a698102-5904-afd0-20df-cd1a65829ca4} <c:\windows\system32\zycbdime.dll, n/a>
[]
  {4a908760-8000-4000-a000-9000322145a4} <c:\windows\system32\akjsdkaq.dll, n/a>
[vnetcookie class]
  {4e83d567-4697-4f7b-b1f0-a513b01db89a} <c:\progra~1\chinanet\vnettr~1.dll, n/a>
[]
  {50940f85-f015-14f1-a05f-f69858ac6d05} <c:\windows\system32\zptlcsys.dll, n/a>
[]
  {528df602-9541-a985-210a-984a698c6f25} <c:\windows\system32\ptjhehlp.dll, n/a>
[shell name space]
  {55136805-b2de-11d1-b9f2-00a0c98bc547} <%systemroot%\system32\shdocvw.dll, n/a>
[]
  {5a069845-2036-6084-9054-6087502480a5} <c:\windows\system32\ozfyebyt.dll, n/a>
[]
  {5b1aef69-ddae-fdad-dcab-698f026abdb5} <c:\windows\system32\oohxdbyt.dll, n/a>
[powerplayer control]
  {5ec7c511-cd0f-42e6-830c-1bd9882f3458} <d:\ppstream\powerp~1.dll, ppstream inc.>
[]
  {60a345cd-abcd-efab-cdef-abcd01020306} <c:\windows\system32\pqzfajke.dll, n/a>
[wuwebcontrol class]
  {6414512b-b978-451d-a0d8-fcfdf33e833c} <c:\windows\system32\wuweb.dll, microsoft corporation>
[windows media player]
  {6bf52a52-394a-11d3-b153-00c04f79faa6} <c:\windows\system32\wmp.dll, microsoft corporation>
[金山快译(&k)]
  {6c3797d2-3fef-4cd4-b654-d3ae55b4128c} <c:\program files\common files\kingsoft\extract\addins\ieband.dll, 金山软件股份有限公司>
[]
  {6c648541-1025-9650-9057-6541258720c6} <c:\windows\system32\mndhfdwd.dll, n/a>
[wangwangobj class]
  {6e213fc7-dd5a-4115-b7e6-d4c7838c361e} <d:\阿里\wangwang\wangwangx6.dll, 阿里巴巴软件(上海)有限公司>
[axinputcontrol class]
  {73e4740c-08eb-4133-896b-8d0a7c9ee3cd} <c:\windows\system32\inputc~1.dll, >
[]
  {7a041f13-a111-12a3-b0cf-f99818aa68a7} <c:\windows\system32\zxmsdwin.dll, n/a>
[]
  {7c69034a-f45f-d34d-a33a-c33c4d324fc7} <c:\windows\system32\arjreler.dll, n/a>
[]
  {7c8d1401-a58d-a81c-cd24-a5915c4517c7} <c:\windows\system32\mnmhgsrv.dll, n/a>
[]
  {7c954872-1230-6541-9548-6541025884c7} <c:\windows\system32\fd233ds4f3.dll, n/a>
[]
  {7fd45a54-9875-698f-e56e-65102358fdf7} <c:\windows\system32\apsggjba.dll, n/a>
[163uploader control]
  {8686f2a6-dc01-4e8f-bde3-dcc7dbbad6ae} <c:\windows\system32\163upl~1.ocx, 广州网易互动娱乐有限公司>
[360safelive]
  {87515f61-a66c-4319-a0e0-d416cb8059e3} <d:\ie\360\360safe\live.dll, 360.cn>
[microsoft web 浏览器]
  {8856f961-340a-11d0-a96b-00c04fd705a2} <c:\windows\system32\shdocvw.dll, microsoft corporation>
[thunder browser helper]
  {889d2feb-5411-4565-8998-1dd2c5261283} <c:\program files\thunder network\thunder\comdlls\xunleibho_006.dll, thunder networking technologies,ltd>
[axsubmitcontrol class]
  {8d9e0b29-563c-4226-86c1-5ff2ae77e1d2} <c:\windows\system32\submit~1.dll, >
[]
  {91698482-6555-3666-1222-954784129019} <c:\windows\system32\zxptejpg.dll, n/a>
[]
  {9963387b-212e-4643-b207-82daea0e713d} <c:\program files\internet explorer\plugins\wn_sys8x.sys, n/a>
[]
  {aa59145f-315d-bc23-ac1f-145df81a34aa} <c:\windows\system32\zyzxjime.dll, n/a>
[microsoft scriptlet component]
  {ae24fdae-03c6-11d1-8b76-0080c744f389} <c:\windows\system32\mshtml.dll, microsoft corporation>
[searchassistantoc]
  {b45ff030-4447-11d2-85de-00c04fa35c89} <%systemroot%\system32\shdocvw.dll, n/a>
[]
  {b490415f-65f8-b5c5-d8ba-9405fb12054b} <c:\windows\system32\yzztkmsn.dll, n/a>
[]
  {b629ff4f-acdb-5c90-a098-facb3456a26b} <c:\windows\system32\hdf453d.dll, n/a>
[rds.dataspace]
  {bd96c556-65a3-11d0-983a-00c04fc29e36} <c:\program files\common files\system\msadc\msadco.dll, microsoft corporation>
[audio__mid moniker class]
  {cd3afa74-b84f-48f0-9393-7edc34128127} <c:\windows\system32\wmp.dll, microsoft corporation>
[audio__mp3 moniker class]
  {cd3afa76-b84f-48f0-9393-7edc34128127} <c:\windows\system32\wmp.dll, microsoft corporation>
[audio__wav moniker class]
  {cd3afa7b-b84f-48f0-9393-7edc34128127} <c:\windows\system32\wmp.dll, microsoft corporation>
[audio__x_ms_wma moniker class]
  {cd3afa84-b84f-48f0-9393-7edc34128127} <c:\windows\system32\wmp.dll, microsoft corporation>
[video__x_ms_asf moniker class]
  {cd3afa8f-b84f-48f0-9393-7edc34128127} <c:\windows\system32\wmp.dll, microsoft corporation>
[realplayer g2 control]
  {cfcdaa03-8be4-11cf-b84b-0020afbbccfa} <c:\windows\system32\rmoc3260.dll, realnetworks, inc.>
[shockwave flash object]
  {d27cdb6e-ae6d-11cf-96b8-444553540000} <c:\windows\system32\macromed\flash\flash9e.ocx, adobe systems, inc.>
[卡卡上网安全助手]
  {db9ecd4f-fb8f-4311-b3ce-90b976c2707c} <c:\windows\system32\kakatool.dll, beijing rising technology co., ltd.>
[使用迅雷下载]
  <c:\program files\thunder network\thunder\program\geturl.htm, n/a>
[使用迅雷下载全部链接]
  <c:\program files\thunder network\thunder\program\getallurl.htm, n/a>
[导出到 microsoft office excel(&x)]
  <res://c:\progra~1\micros~2\office11\excel.exe/3000, n/a>
[添加到qq表情]
  <d:\qq\qq\addemotion.htm, n/a>
[用比特精灵下载(&b)]
  <e:\比特精灵\bitspirit\bsurl.htm, n/a>
[百度flash搜索]
  <res://c:\windows\downlo~1\baidubar.dll/flashsearch.htm, n/a>
[百度mp3搜索]
  <res://c:\windows\downlo~1\baidubar.dll/baidump3.htm, n/a>
[百度信息快递搜索]
  <res://c:\windows\downlo~1\baidubar.dll/baiduie.htm, n/a>
[百度图片搜索]
  <res://c:\windows\downlo~1\baidubar.dll/baiduimg.htm, n/a>
[百度搜索]
  <res://c:\windows\downlo~1\baidubar.dll/baidusearch.htm, n/a>
[百度新闻搜索]
  <res://c:\windows\downlo~1\baidubar.dll/baidunews.htm, n/a>
[豪杰超级解霸v8实时播放]
  <c:\herosoft\herov8\mpurlget.htm, n/a>

正在运行的进程
[pid: 568 / system][\systemroot\system32\smss.exe]  [microsoft corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[pid: 636 / system][\??\c:\windows\system32\csrss.exe]  [microsoft corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [d:\瑞星\rising\rfw\ijt_base.dll]  [beijing rising technology co., ltd., 7.0.0.19]
    [d:\瑞星\rising\rfw\olemon.dll]  [beijing rising technology co., ltd., 7.0.0.6]
[pid: 660 / system][\??\c:\windows\system32\winlogon.exe]  [microsoft corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\yzztkmsn.dll]  [n/a, ]
    [c:\windows\system32\arjreler.dll]  [n/a, ]
    [c:\windows\system32\tisqatyu.dll]  [n/a, ]
    [c:\windows\system32\nhmxcjkl.dll]  [n/a, ]
    [c:\windows\system32\ietzbpaq.dll]  [n/a, ]
    [c:\windows\system32\akjsdkaq.dll]  [n/a, ]
    [d:\瑞星\rising\rfw\ijt_base.dll]  [beijing rising technology co., ltd., 7.0.0.19]
    [d:\瑞星\rising\rfw\olemon.dll]  [beijing rising technology co., ltd., 7.0.0.6]
    [c:\windows\system32\msacm32.drv]  [microsoft corporation, 5.1.2600.0 (xpclient.010817-1148)]
[pid: 728 / system][c:\windows\system32\services.exe]  [microsoft corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [d:\瑞星\rising\rfw\ijt_base.dll]  [beijing rising technology co., ltd., 7.0.0.19]
    [d:\瑞星\rising\rfw\olemon.dll]  [beijing rising technology co., ltd., 7.0.0.6]
[pid: 740 / system][c:\windows\system32\lsass.exe]  [microsoft corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [d:\瑞星\rising\rfw\ijt_base.dll]  [beijing rising technology co., ltd., 7.0.0.19]
    [d:\瑞星\rising\rfw\olemon.dll]  [beijing rising technology co., ltd., 7.0.0.6]
[pid: 888 / system][c:\program files\hypertechnologies\deep freeze\dfservex.exe]  [hyper technologies inc., 4.20.020.0613]
    [c:\windows\system32\yzztkmsn.dll]  [n/a, ]
    [c:\windows\system32\arjreler.dll]  [n/a, ]
    [c:\windows\system32\tisqatyu.dll]  [n/a, ]
    [c:\windows\system32\nhmxcjkl.dll]  [n/a, ]
    [c:\windows\system32\ietzbpaq.dll]  [n/a, ]
    [c:\windows\system32\akjsdkaq.dll]  [n/a, ]
    [d:\瑞星\rising\rfw\ijt_base.dll]  [beijing rising technology co., ltd., 7.0.0.19]
    [d:\瑞星\rising\rfw\olemon.dll]  [beijing rising technology co., ltd., 7.0.0.6]
[pid: 936 / system][c:\windows\system32\svchost.exe]  [microsoft corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [d:\瑞星\rising\rfw\ijt_base.dll]  [beijing rising technology co., ltd., 7.0.0.19]
    [d:\瑞星\rising\rfw\olemon.dll]  [beijing rising technology co., ltd., 7.0.0.6]
[pid: 1032 / network service][c:\windows\system32\svchost.exe]  [microsoft corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [d:\瑞星\rising\rfw\ijt_base.dll]  [beijing rising technology co., ltd., 7.0.0.19]
    [d:\瑞星\rising\rfw\olemon.dll]  [beijing rising technology co., ltd., 7.0.0.6]
[pid: 1148 / system][d:\瑞星\rising\rav\ccenter.exe]  [beijing rising technology co., ltd., 20.0.0.28]
    [d:\瑞星\rising\rfw\ijt_base.dll]  [beijing rising technology co., ltd., 7.0.0.19]
    [d:\瑞星\rising\rfw\olemon.dll]  [beijing rising technology co., ltd., 7.0.0.6]
[pid: 1164 / system][c:\windows\system32\svchost.exe]  [microsoft corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [d:\瑞星\rising\rfw\ijt_base.dll]  [beijing rising technology co., ltd., 7.0.0.19]
    [d:\瑞星\rising\rfw\olemon.dll]  [beijing rising technology co., ltd., 7.0.0.6]
[pid: 1244 / network service][c:\windows\system32\svchost.exe]  [microsoft corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [d:\瑞星\rising\rfw\ijt_base.dll]  [beijing rising technology co., ltd., 7.0.0.19]
    [d:\瑞星\rising\rfw\olemon.dll]  [beijing rising technology co., ltd., 7.0.0.6]
[pid: 1360 / local service][c:\windows\system32\svchost.exe]  [microsoft corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [d:\瑞星\rising\rfw\ijt_base.dll]  [beijing rising technology co., ltd., 7.0.0.19]
    [d:\瑞星\rising\rfw\olemon.dll]  [beijing rising technology co., ltd., 7.0.0.6]
[pid: 1392 / system][d:\瑞星\rising\rfw\rfwsrv.exe]  [beijing rising technology co., ltd., 7.0.0.73]
    [c:\windows\system32\mfc71.dll]  [microsoft corporation, 7.10.3077.0]
    [c:\windows\system32\msvcr71.dll]  [microsoft corporation, 7.10.3052.4]
    [c:\windows\system32\msvcp71.dll]  [microsoft corporation, 7.10.3077.0]
    [c:\windows\system32\yzztkmsn.dll]  [n/a, ]
    [c:\windows\system32\arjreler.dll]  [n/a, ]
    [c:\windows\system32\tisqatyu.dll]  [n/a, ]
    [c:\windows\system32\nhmxcjkl.dll]  [n/a, ]
    [c:\windows\system32\ietzbpaq.dll]  [n/a, ]
    [c:\windows\system32\akjsdkaq.dll]  [n/a, ]
    [d:\瑞星\rising\rfw\proccom.dll]  [beijing rising technology co., ltd., 20, 0, 0, 19]
    [d:\瑞星\rising\rfw\rscommx2.dll]  [beijing rising technology co., ltd., 20, 0, 0, 19]
    [d:\瑞星\rising\rfw\rsappmgr.dll]  [beijing rising technology co., ltd., 20.0.0.0]
    [d:\瑞星\rising\rfw\cfgdll.dll]  [beijing rising technology co., ltd., 20.0.0.18]
    [d:\瑞星\rising\rfw\rfwrule.dll]  [beijing rising technology co., ltd., 7.0.0.13]
    [d:\瑞星\rising\rfw\rfwlog.dll]  [beijing rising technology co., ltd., 7.0.0.12]
    [d:\瑞星\rising\rfw\rfwdrv.dll]  [beijing rising technology co., ltd., 7.0.0.45]
    [d:\瑞星\rising\rfw\psapi.dll]  [microsoft corporation, 4.00]
    [d:\瑞星\rising\rfw\ijt_ctrl.dll]  [beijing rising technology co., ltd., 7.0.0.0]
    [d:\瑞星\rising\rfw\ijt_base.dll]  [beijing rising technology co., ltd., 7.0.0.19]
    [d:\瑞星\rising\rfw\olemon.dll]  [beijing rising technology co., ltd., 7.0.0.6]
    [d:\瑞星\rising\rfw\unvdet.dll]  [beijing rising technology co., ltd., 7.0.0.5]
    [d:\瑞星\rising\rfw\mports.dll]  [beijing rising technology co., ltd., 7.0.0.3]
[pid: 1492 / system][d:\瑞星\rising\rfw\rfwproxy.exe]  [beijing rising technology co., ltd., 7.0.0.34]
    [c:\windows\system32\mfc71.dll]  [microsoft corporation, 7.10.3077.0]
    [c:\windows\system32\msvcr71.dll]  [microsoft corporation, 7.10.3052.4]
    [c:\windows\system32\yzztkmsn.dll]  [n/a, ]
    [c:\windows\system32\arjreler.dll]  [n/a, ]
    [c:\windows\system32\tisqatyu.dll]  [n/a, ]
    [c:\windows\system32\nhmxcjkl.dll]  [n/a, ]
    [c:\windows\system32\ietzbpaq.dll]  [n/a, ]
    [c:\windows\system32\akjsdkaq.dll]  [n/a, ]
    [d:\瑞星\rising\rfw\psapi.dll]  [microsoft corporation, 4.00]
    [d:\瑞星\rising\rfw\proccom.dll]  [beijing rising technology co., ltd., 20, 0, 0, 19]
    [d:\瑞星\rising\rfw\rscommx2.dll]  [beijing rising technology co., ltd., 20, 0, 0, 19]
    [d:\瑞星\rising\rfw\rfwrule.dll]  [beijing rising technology co., ltd., 7.0.0.13]
    [d:\瑞星\rising\rfw\urlrule.dll]  [beijing rising technology co., ltd., 1, 0, 0, 9]
    [d:\瑞星\rising\rfw\ijt_base.dll]  [beijing rising technology co., ltd., 7.0.0.19]
    [d:\瑞星\rising\rfw\olemon.dll]  [beijing rising technology co., ltd., 7.0.0.6]
    [d:\瑞星\rising\rfw\monmid.dll]  [beijing rising technology co., ltd., 7.0.0.4]
[pid: 1700 / administrator][c:\windows\explorer.exe]  [microsoft corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\yzztkmsn.dll]  [n/a, ]
    [c:\windows\system32\arjreler.dll]  [n/a, ]
    [c:\windows\system32\tisqatyu.dll]  [n/a, ]
    [c:\windows\system32\nhmxcjkl.dll]  [n/a, ]
    [c:\windows\system32\ietzbpaq.dll]  [n/a, ]
    [c:\windows\system32\akjsdkaq.dll]  [n/a, ]
    [d:\瑞星\rising\rfw\ijt_base.dll]  [beijing rising technology co., ltd., 7.0.0.19]
    [d:\瑞星\rising\rfw\olemon.dll]  [beijing rising technology co., ltd., 7.0.0.6]
    [c:\windows\system32\ddserh.dll]  [n/a, ]
    [c:\windows\system32\tdffdl.dll]  [n/a, ]
    [c:\windows\system32\mfdesy.dll]  [n/a, ]
    [c:\windows\system32\wyhesm.dll]  [n/a, ]
    [c:\windows\system32\adsntzt.dll]  [n/a, ]
    [c:\windows\system32\zgxfdx.dll]  [n/a, ]
    [c:\windows\system32\zgrjdx.dll]  [n/a, ]
    [c:\windows\system32\sgdewg.dll]  [n/a, ]
    [c:\windows\system32\hhrdxd.dll]  [n/a, ]
    [c:\windows\system32\jfrwdh.dll]  [n/a, ]
    [c:\windows\system32\mnmhgsrv.dll]  [n/a, ]
    [c:\windows\system32\wrqszl.dll]  [n/a, ]
    [c:\windows\system32\rfdswc.dll]  [n/a, ]
    [c:\windows\system32\cdwqfs.dll]  [n/a, ]
    [c:\windows\system32\jggtsr.dll]  [n/a, ]
    [c:\windows\system32\cedafb.dll]  [n/a, ]
    [c:\windows\system32\fmcvxy.dll]  [n/a, ]
    [c:\windows\system32\jfdses.dll]  [n/a, ]
    [c:\windows\system32\hdf453d.dll]  [n/a, ]
    [c:\windows\system32\ptjhehlp.dll]  [n/a, ]
    [c:\windows\system32\zxmsdwin.dll]  [n/a, ]
    [c:\windows\system32\zyzxjime.dll]  [n/a, ]
    [c:\windows\system32\mndhfdwd.dll]  [n/a, ]
    [c:\windows\system32\zptlcsys.dll]  [n/a, ]
    [c:\windows\system32\ozfyebyt.dll]  [n/a, ]
    [c:\windows\system32\zywlcime.dll]  [n/a, ]
    [c:\windows\system32\apsggjba.dll]  [n/a, ]
    [c:\windows\system32\oohxdbyt.dll]  [n/a, ]
    [c:\windows\system32\yxcschlp.dll]  [n/a, ]
    [c:\windows\system32\ijdyapaw.dll]  [n/a, ]
    [c:\windows\system32\oswxdttb.dll]  [n/a, ]
    [c:\windows\system32\rijxbkin.dll]  [n/a, ]
    [c:\windows\system32\zycbdime.dll]  [n/a, ]
    [c:\windows\system32\zxptejpg.dll]  [n/a, ]
    [c:\windows\system32\apzhctde.dll]  [n/a, ]
    [c:\windows\system32\fd233ds4f3.dll]  [n/a, ]
    [c:\windows\system32\lassaplo.dll]  [n/a, ]
    [c:\windows\system32\jkhxaklo.dll]  [n/a, ]
    [c:\windows\system32\erxybloe.dll]  [n/a, ]
    [c:\windows\system32\pqzfajke.dll]  [n/a, ]
    [c:\windows\system32\msacm32.drv]  [microsoft corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [c:\program files\thunder network\thunder\comdlls\xunleibho_006.dll]  [thunder networking technologies,ltd, 5, 0, 0, 3]
    [c:\program files\microsoft office\office11\msohev.dll]  [microsoft corporation, 11.0.5510]
    [c:\herosoft\herov8\vcvtshell.dll]  [herosoft, 1, 0, 0, 1]
    [d:\瑞星\rising\rav\rscommon.dll]  [beijing rising technology co., ltd., 20, 0, 0, 16]
    [c:\windows\system32\kakatool.dll]  [beijing rising technology co., ltd., 5.0.0.1]
    [d:\瑞星\rising\rav\ravscrch.dll]  [beijing rising technology co., ltd., 20, 0, 0, 3]
    [c:\windows\system32\macromed\flash\flash9e.ocx]  [adobe systems, inc., 9,0,115,0]
    [c:\windows\system32\xpsp3res.dll]  [microsoft corporation, 5.1.2600.3100 (xpsp_sp2_gdr.070309-0025)]
    [c:\program files\common files\microsoft shared\office11\msoxmlmf.dll]  [microsoft corporation, 11.0.5510]
    [c:\windows\system32\ravext.dll]  [beijing rising technology co., ltd., 20.0.0.17]
    [c:\windows\system32\shlhook.dll]  [beijing rising technology co., ltd., 4.0.0.9]
    [c:\program files\winrar\rarext.dll]  [n/a, ]
    [c:\program files\acdsee\plugins\picaview.dll]  [acd systems, ltd., 2, 0, 0, 84]
    [c:\program files\acdsee\plugins\ide_acdstd.apl]  [acd systems, ltd., 3,2,62,0]
    [c:\program files\acdsee\plugins\msvcp71.dll]  [microsoft corporation, 7.10.3077.0]
    [c:\program files\acdsee\plugins\msvcr71.dll]  [microsoft corporation, 7.10.3052.4]
    [c:\program files\nokia\nokia pc suite 6\phonebrowser.dll]  [nokia, 6, 86, 101, 2]
    [c:\program files\nokia\nokia pc suite 6\ngscm.dll]  [nokia, 6, 86, 134, 6]
    [c:\program files\nokia\nokia pc suite 6\lang\phonebrowser_chi-sc.nlr]  [nokia, 6, 86, 63, 0]
    [c:\program files\nokia\nokia pc suite 6\resource\phonebrowser_nokia.ngr]  [nokia, 6, 86, 20, 0]
    [c:\windows\system32\audiodev.dll]  [microsoft corporation, 5.2.3802.3802 built by: dnsrv(bld4act)]
[pid: 1876 / system][d:\瑞星\rising\rfw\rfwstub.exe]  [beijing rising technology co., ltd., 7.0.0.10]
    [c:\windows\system32\msvcp71.dll]  [microsoft corporation, 7.10.3077.0]
    [c:\windows\system32\msvcr71.dll]  [microsoft corporation, 7.10.3052.4]
    [c:\windows\system32\tisqatyu.dll]  [n/a, ]
    [c:\windows\system32\ietzbpaq.dll]  [n/a, ]
    [d:\瑞星\rising\rfw\rscommon.dll]  [beijing rising technology co., ltd., 20, 0, 0, 16]
    [d:\瑞星\rising\rfw\ijt_base.dll]  [beijing rising technology co., ltd., 7.0.0.19]
    [d:\瑞星\rising\rfw\olemon.dll]  [beijing rising technology co., ltd., 7.0.0.6]
[pid: 2000 / system][c:\program files\hypertechnologies\deep freeze\_$df\frzstate.exe]  [hyper technologies inc., 4.10.020.0448]
    [c:\windows\system32\yzztkmsn.dll]  [n/a, ]
    [c:\windows\system32\arjreler.dll]  [n/a, ]
    [c:\windows\system32\tisqatyu.dll]  [n/a, ]
    [c:\windows\system32\nhmxcjkl.dll]  [n/a, ]
    [c:\windows\system32\ietzbpaq.dll]  [n/a, ]
    [c:\windows\system32\akjsdkaq.dll]  [n/a, ]
    [d:\瑞星\rising\rfw\ijt_base.dll]  [beijing rising technology co., ltd., 7.0.0.19]
    [d:\瑞星\rising\rfw\olemon.dll]  [beijing rising technology co., ltd., 7.0.0.6]
[pid: 164 / system][c:\windows\system32\spoolsv.exe]  [microsoft corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [c:\windows\system32\yzztkmsn.dll]  [n/a, ]
    [c:\windows\system32\arjreler.dll]  [n/a, ]
    [c:\windows\system32\tisqatyu.dll]  [n/a, ]
    [c:\windows\system32\nhmxcjkl.dll]  [n/a, ]
    [c:\windows\system32\ietzbpaq.dll]  [n/a, ]
    [c:\windows\system32\akjsdkaq.dll]  [n/a, ]
    [d:\瑞星\rising\rfw\ijt_base.dll]  [beijing rising technology co., ltd., 7.0.0.19]
    [d:\瑞星\rising\rfw\olemon.dll]  [beijing rising technology co., ltd., 7.0.0.6]
    [c:\windows\system32\mdimon.dll]  [microsoft corporation, 11.3.2175.0]
    [c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll]  [microsoft corporation, 11.3.2175.0]
[pid: 244 / administrator][d:\瑞星\rising\rfw\rfwmain.exe]  [beijing rising technology co., ltd., 7.0.1.67]
    [c:\windows\system32\mfc71.dll]  [microsoft corporation, 7.10.3077.0]
    [c:\windows\system32\msvcr71.dll]  [microsoft corporation, 7.10.3052.4]
    [c:\windows\system32\msvcp71.dll]  [microsoft corporation, 7.10.3077.0]
    [d:\瑞星\rising\rfw\rsguilib.dll]  [beijing rising technology co., ltd., 20, 0, 0, 88]
    [c:\windows\system32\tisqatyu.dll]  [n/a, ]
    [c:\windows\system32\ietzbpaq.dll]  [n/a, ]
    [d:\瑞星\rising\rfw\proccom.dll]  [beijing rising technology co., ltd., 20, 0, 0, 19]
    [d:\瑞星\rising\rfw\rscommx2.dll]  [beijing rising technology co., ltd., 20, 0, 0, 19]
    [d:\瑞星\rising\rfw\rsappmgr.dll]  [beijing rising technology co., ltd., 20.0.0.0]
    [d:\瑞星\rising\rfw\cfgdll.dll]  [beijing rising technology co., ltd., 20.0.0.18]
    [d:\瑞星\rising\rfw\rscommon.dll]  [beijing rising technology co., ltd., 20, 0, 0, 16]
    [d:\瑞星\rising\rfw\rfwctrl.dll]  [beijing rising technology co., ltd., 7.0.0.7]
    [d:\瑞星\rising\rfw\rsxml.dll]  [beijing rising technology co., ltd., 20, 0, 0, 0]
    [d:\瑞星\rising\rfw\pngdll.dll]  [beijing rising technology co., ltd., 20, 0, 0, 4]
    [d:\瑞星\rising\rfw\ijt_base.dll]  [beijing rising technology co., ltd., 7.0.0.19]
    [d:\瑞星\rising\rfw\olemon.dll]  [beijing rising technology co., ltd., 7.0.0.6]
    [d:\瑞星\rising\rfw\rfwrule.dll]  [beijing rising technology co., ltd., 7.0.0.13]

[c:\windows\system32\ddserh.dll]  [n/a, ]
    [c:\windows\system32\mfdesy.dll]  [n/a, ]
    [c:\windows\system32\tdffdl.dll]  [n/a, ]
    [c:\windows\system32\fmcvxy.dll]  [n/a, ]
    [c:\windows\system32\jfdses.dll]  [n/a, ]
    [c:\windows\system32\cedafb.dll]  [n/a, ]
    [c:\windows\system32\jggtsr.dll]  [n/a, ]
    [c:\windows\system32\cdwqfs.dll]  [n/a, ]
    [c:\windows\system32\rfdswc.dll]  [n/a, ]
    [c:\windows\system32\wrqszl.dll]  [n/a, ]
    [c:\windows\system32\jfrwdh.dll]  [n/a, ]
    [c:\windows\system32\hhrdxd.dll]  [n/a, ]
    [c:\windows\system32\sgdewg.dll]  [n/a, ]
    [c:\windows\system32\zgrjdx.dll]  [n/a, ]
    [c:\windows\system32\zgxfdx.dll]  [n/a, ]
    [c:\windows\system32\wyhesm.dll]  [n/a, ]
    [c:\windows\system32\adsntzt.dll]  [n/a, ]
    [c:\herosoft\herov8\vcvtshell.dll]  [herosoft, 1, 0, 0, 1]
[pid: 960 / system][c:\windows\system32\svchost.exe]  [microsoft corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[pid: 1132 / local service][c:\windows\system32\wdfmgr.exe]  [microsoft corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
    [c:\windows\system32\yzztkmsn.dll]  [n/a, ]
    [c:\windows\system32\arjreler.dll]  [n/a, ]
    [c:\windows\system32\tisqatyu.dll]  [n/a, ]
    [c:\windows\system32\nhmxcjkl.dll]  [n/a, ]
    [c:\windows\system32\ietzbpaq.dll]  [n/a, ]
    [c:\windows\system32\akjsdkaq.dll]  [n/a, ]
[pid: 2244 / local service][c:\windows\system32\alg.exe]  [microsoft corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\tisqatyu.dll]  [n/a, ]
    [c:\windows\system32\ietzbpaq.dll]  [n/a, ]
[pid: 2452 / administrator][d:\瑞星\rising\rav\ravtask.exe]  [beijing rising technology co., ltd., 20.0.0.23]
    [c:\windows\system32\yzztkmsn.dll]  [n/a, ]
    [c:\windows\system32\arjreler.dll]  [n/a, ]
    [c:\windows\system32\tisqatyu.dll]  [n/a, ]
    [c:\windows\system32\nhmxcjkl.dll]  [n/a, ]
    [c:\windows\system32\ietzbpaq.dll]  [n/a, ]
    [c:\windows\system32\akjsdkaq.dll]  [n/a, ]
    [d:\瑞星\rising\rav\proccom.dll]  [beijing rising technology co., ltd., 20, 0, 0, 19]
    [d:\瑞星\rising\rav\rscommx2.dll]  [beijing rising technology co., ltd., 20, 0, 0, 19]
    [d:\瑞星\rising\rav\rscommon.dll]  [beijing rising technology co., ltd., 20, 0, 0, 16]
    [d:\瑞星\rising\rav\rsappmgr.dll]  [beijing rising technology co., ltd., 20.0.0.0]
    [d:\瑞星\rising\rav\cfgdll.dll]  [beijing rising technology co., ltd., 20.0.0.18]
    [c:\windows\system32\adsntzt.dll]  [n/a, ]
    [c:\windows\system32\mfdesy.dll]  [n/a, ]
    [c:\windows\system32\tdffdl.dll]  [n/a, ]
    [c:\windows\system32\fmcvxy.dll]  [n/a, ]
    [c:\windows\system32\jfdses.dll]  [n/a, ]
    [c:\windows\system32\cedafb.dll]  [n/a, ]
    [c:\windows\system32\jggtsr.dll]  [n/a, ]
    [c:\windows\system32\cdwqfs.dll]  [n/a, ]
    [c:\windows\system32\rfdswc.dll]  [n/a, ]
    [c:\windows\system32\ddserh.dll]  [n/a, ]
    [c:\windows\system32\wrqszl.dll]  [n/a, ]
    [c:\windows\system32\jfrwdh.dll]  [n/a, ]
    [c:\windows\system32\hhrdxd.dll]  [n/a, ]
    [c:\windows\system32\sgdewg.dll]  [n/a, ]
    [c:\windows\system32\zgrjdx.dll]  [n/a, ]
    [c:\windows\system32\zgxfdx.dll]  [n/a, ]
    [c:\windows\system32\wyhesm.dll]  [n/a, ]
    [c:\herosoft\herov8\vcvtshell.dll]  [herosoft, 1, 0, 0, 1]
[pid: 2512 / administrator][c:\program files\rising\antispyware\runiep.exe]  [beijing rising technology co., ltd., 5.0.0.12]
    [c:\program files\rising\antispyware\mfc71.dll]  [microsoft corporation, 7.10.3077.0]
    [c:\program files\rising\antispyware\msvcr71.dll]  [microsoft corporation, 7.10.3052.4]
    [c:\windows\system32\tisqatyu.dll]  [n/a, ]
    [c:\windows\system32\ietzbpaq.dll]  [n/a, ]
    [c:\windows\system32\adsntzt.dll]  [n/a, ]
    [c:\windows\system32\mfdesy.dll]  [n/a, ]
    [c:\windows\system32\tdffdl.dll]  [n/a, ]
    [c:\windows\system32\fmcvxy.dll]  [n/a, ]
    [c:\windows\system32\jfdses.dll]  [n/a, ]
    [c:\windows\system32\cedafb.dll]  [n/a, ]
    [c:\windows\system32\jggtsr.dll]  [n/a, ]
    [c:\windows\system32\cdwqfs.dll]  [n/a, ]
    [c:\windows\system32\rfdswc.dll]  [n/a, ]
    [c:\windows\system32\ddserh.dll]  [n/a, ]
    [c:\windows\system32\wrqszl.dll]  [n/a, ]
    [c:\windows\system32\jfrwdh.dll]  [n/a, ]
    [c:\windows\system32\hhrdxd.dll]  [n/a, ]
    [c:\windows\system32\sgdewg.dll]  [n/a, ]
    [c:\windows\system32\zgrjdx.dll]  [n/a, ]
    [c:\windows\system32\zgxfdx.dll]  [n/a, ]
    [c:\windows\system32\wyhesm.dll]  [n/a, ]
    [c:\herosoft\herov8\vcvtshell.dll]  [herosoft, 1, 0, 0, 1]
    [c:\windows\system32\mnmhgsrv.dll]  [n/a, ]
    [c:\windows\system32\yzztkmsn.dll]  [n/a, ]
    [c:\windows\system32\hdf453d.dll]  [n/a, ]
    [c:\windows\system32\ptjhehlp.dll]  [n/a, ]
    [c:\windows\system32\zxmsdwin.dll]  [n/a, ]
    [c:\windows\system32\zyzxjime.dll]  [n/a, ]
    [c:\windows\system32\mndhfdwd.dll]  [n/a, ]
    [c:\windows\system32\zptlcsys.dll]  [n/a, ]
    [c:\windows\system32\ozfyebyt.dll]  [n/a, ]
    [c:\windows\system32\zywlcime.dll]  [n/a, ]
    [c:\windows\system32\arjreler.dll]  [n/a, ]
    [c:\windows\system32\apsggjba.dll]  [n/a, ]
    [c:\windows\system32\oohxdbyt.dll]  [n/a, ]
    [c:\windows\system32\yxcschlp.dll]  [n/a, ]
    [c:\windows\system32\ijdyapaw.dll]  [n/a, ]
    [c:\windows\system32\oswxdttb.dll]  [n/a, ]
    [c:\windows\system32\rijxbkin.dll]  [n/a, ]
    [c:\windows\system32\zycbdime.dll]  [n/a, ]
    [c:\windows\system32\zxptejpg.dll]  [n/a, ]
    [c:\windows\system32\apzhctde.dll]  [n/a, ]
    [c:\windows\system32\nhmxcjkl.dll]  [n/a, ]
    [c:\windows\system32\fd233ds4f3.dll]  [n/a, ]
    [c:\windows\system32\lassaplo.dll]  [n/a, ]
    [c:\windows\system32\jkhxaklo.dll]  [n/a, ]
    [c:\windows\system32\akjsdkaq.dll]  [n/a, ]
    [c:\windows\system32\erxybloe.dll]  [n/a, ]
    [c:\windows\system32\pqzfajke.dll]  [n/a, ]
[pid: 2648 / administrator][c:\program files\common files\real\update_ob\realsched.exe]  [realnetworks, inc., 0.1.1.45]

[c:\windows\system32\yzztkmsn.dll]  [n/a, ]
    [c:\windows\system32\arjreler.dll]  [n/a, ]
    [c:\windows\system32\tisqatyu.dll]  [n/a, ]
    [c:\windows\system32\nhmxcjkl.dll]  [n/a, ]
    [c:\windows\system32\ietzbpaq.dll]  [n/a, ]
    [c:\windows\system32\akjsdkaq.dll]  [n/a, ]
    [d:\瑞星\rising\rfw\ijt_base.dll]  [beijing rising technology co., ltd., 7.0.0.19]
    [d:\瑞星\rising\rfw\olemon.dll]  [beijing rising technology co., ltd., 7.0.0.6]
    [c:\windows\system32\adsntzt.dll]  [n/a, ]
    [c:\windows\system32\mfdesy.dll]  [n/a, ]
    [c:\windows\system32\tdffdl.dll]  [n/a, ]
    [c:\windows\system32\fmcvxy.dll]  [n/a, ]
    [c:\windows\system32\jfdses.dll]  [n/a, ]
    [c:\windows\system32\cedafb.dll]  [n/a, ]
    [c:\windows\system32\jggtsr.dll]  [n/a, ]
    [c:\windows\system32\cdwqfs.dll]  [n/a, ]
    [c:\windows\system32\rfdswc.dll]  [n/a, ]
    [c:\windows\system32\ddserh.dll]  [n/a, ]
    [c:\windows\system32\wrqszl.dll]  [n/a, ]
    [c:\windows\system32\jfrwdh.dll]  [n/a, ]
    [c:\windows\system32\hhrdxd.dll]  [n/a, ]
    [c:\windows\system32\sgdewg.dll]  [n/a, ]
    [c:\windows\system32\zgrjdx.dll]  [n/a, ]
    [c:\windows\system32\zgxfdx.dll]  [n/a, ]
    [c:\windows\system32\wyhesm.dll]  [n/a, ]
    [c:\herosoft\herov8\vcvtshell.dll]  [herosoft, 1, 0, 0, 1]
[pid: 2696 / administrator][c:\windows\vm_sti.exe]  [bigdog, 4, 2, 610, 4]
    [c:\windows\system32\tisqatyu.dll]  [n/a, ]
    [c:\windows\system32\ietzbpaq.dll]  [n/a, ]
    [d:\瑞星\rising\rfw\ijt_base.dll]  [beijing rising technology co., ltd., 7.0.0.19]
    [d:\瑞星\rising\rfw\olemon.dll]  [beijing rising technology co., ltd., 7.0.0.6]
    [c:\windows\system32\adsntzt.dll]  [n/a, ]
    [c:\windows\system32\msdmo.dll]  [, ]
    [c:\windows\system32\zs211prp.ax]  [zsmc, 3, 6, 703, 15]
    [c:\windows\system32\mfdesy.dll]  [n/a, ]
    [c:\windows\system32\tdffdl.dll]  [n/a, ]
    [c:\windows\system32\fmcvxy.dll]  [n/a, ]
    [c:\windows\system32\jfdses.dll]  [n/a, ]
    [c:\windows\system32\cedafb.dll]  [n/a, ]
    [c:\windows\system32\jggtsr.dll]  [n/a, ]
    [c:\windows\system32\cdwqfs.dll]  [n/a, ]
    [c:\windows\system32\rfdswc.dll]  [n/a, ]
    [c:\windows\system32\ddserh.dll]  [n/a, ]
    [c:\windows\system32\wrqszl.dll]  [n/a, ]
    [c:\windows\system32\jfrwdh.dll]  [n/a, ]
    [c:\windows\system32\hhrdxd.dll]  [n/a, ]
    [c:\windows\system32\sgdewg.dll]  [n/a, ]
    [c:\windows\system32\zgrjdx.dll]  [n/a, ]
    [c:\windows\system32\zgxfdx.dll]  [n/a, ]
    [c:\windows\system32\wyhesm.dll]  [n/a, ]
    [c:\herosoft\herov8\vcvtshell.dll]  [herosoft, 1, 0, 0, 1]
[pid: 2756 / administrator][c:\windows\zssnp211.exe]  [zsmc, 4, 2, 812, 6]
    [c:\windows\system32\tisqatyu.dll]  [n/a, ]
    [c:\windows\system32\ietzbpaq.dll]  [n/a, ]
    [d:\瑞星\rising\rfw\ijt_base.dll]  [beijing rising technology co., ltd., 7.0.0.19]
    [d:\瑞星\rising\rfw\olemon.dll]  [beijing rising technology co., ltd., 7.0.0.6]
    [c:\windows\system32\adsntzt.dll]  [n/a, ]
    [c:\windows\system32\msdmo.dll]  [, ]
    [c:\windows\system32\zs211prp.ax]  [zsmc, 3, 6, 703, 15]
    [c:\windows\system32\mfdesy.dll]  [n/a, ]
    [c:\windows\system32\tdffdl.dll]  [n/a, ]
    [c:\windows\system32\fmcvxy.dll]  [n/a, ]
    [c:\windows\system32\jfdses.dll]  [n/a, ]
    [c:\windows\system32\cedafb.dll]  [n/a, ]
    [c:\windows\system32\jggtsr.dll]  [n/a, ]
    [c:\windows\system32\cdwqfs.dll]  [n/a, ]
    [c:\windows\system32\rfdswc.dll]  [n/a, ]
    [c:\windows\system32\ddserh.dll]  [n/a, ]
    [c:\windows\system32\wrqszl.dll]  [n/a, ]
    [c:\windows\system32\jfrwdh.dll]  [n/a, ]
    [c:\windows\system32\hhrdxd.dll]  [n/a, ]
    [c:\windows\system32\sgdewg.dll]  [n/a, ]
    [c:\windows\system32\zgrjdx.dll]  [n/a, ]
    [c:\windows\system32\zgxfdx.dll]  [n/a, ]
    [c:\windows\system32\wyhesm.dll]  [n/a, ]
    [c:\herosoft\herov8\vcvtshell.dll]  [herosoft, 1, 0, 0, 1]
[pid: 2784 / administrator][c:\windows\domino.exe]  [, 3, 6, 703, 6]
    [c:\windows\system32\tisqatyu.dll]  [n/a, ]
    [c:\windows\system32\ietzbpaq.dll]  [n/a, ]
    [d:\瑞星\rising\rfw\ijt_base.dll]  [beijing rising technology co., ltd., 7.0.0.19]
    [d:\瑞星\rising\rfw\olemon.dll]  [beijing rising technology co., ltd., 7.0.0.6]
    [c:\windows\system32\adsntzt.dll]  [n/a, ]
    [c:\windows\system32\msdmo.dll]  [, ]
[pid: 2844 / administrator][d:\瑞星\rising\rav\ravmon.exe]  [beijing rising technology co., ltd., 20.0.01.19]
    [c:\windows\system32\mfc71.dll]  [microsoft corporation, 7.10.3077.0]
    [c:\windows\system32\msvcr71.dll]  [microsoft corporation, 7.10.3052.4]
    [c:\windows\system32\msvcp71.dll]  [microsoft corporation, 7.10.3077.0]
    [c:\windows\system32\tisqatyu.dll]  [n/a, ]
    [c:\windows\system32\ietzbpaq.dll]  [n/a, ]
    [d:\瑞星\rising\rav\proccom.dll]  [beijing rising technology co., ltd., 20, 0, 0, 19]
    [d:\瑞星\rising\rav\rscommx2.dll]  [beijing rising technology co., ltd., 20, 0, 0, 19]
    [d:\瑞星\rising\rav\rscommon.dll]  [beijing rising technology co., ltd., 20, 0, 0, 16]
    [d:\瑞星\rising\rav\recomp.dll]  [beijing rising technology co., ltd., 20, 0, 0, 39]
    [d:\瑞星\rising\rav\refs.dll]  [beijing rising technology co., ltd., 20, 0, 0, 17]
    [d:\瑞星\rising\rav\viruslib.dll]  [beijing rising technology co., ltd., 20, 0, 0, 26]
    [d:\瑞星\rising\rav\relibldr.dll]  [beijing rising technology co., ltd., 20, 0, 0, 16]
    [d:\瑞星\rising\rav\rsappmgr.dll]  [beijing rising technology co., ltd., 20.0.0.0]
    [d:\瑞星\rising\rav\cfgdll.dll]  [beijing rising technology co., ltd., 20.0.0.18]
    [d:\瑞星\rising\rav\monrule.dll]  [beijing rising technology co., ltd., 20.0.0.29]
    [d:\瑞星\rising\rav\pngdll.dll]  [beijing rising technology co., ltd., 20, 0, 0, 4]
    [c:\windows\system32\adsntzt.dll]  [n/a, ]
    [d:\瑞星\rising\rav\rsguilib.dll]  [beijing rising technology co., ltd., 20, 0, 0, 89]
    [d:\瑞星\rising\rav\rsxml.dll]  [beijing rising technology co., ltd., 20, 0, 0, 0]
    [c:\windows\system32\mfdesy.dll]  [n/a, ]
    [c:\windows\system32\tdffdl.dll]  [n/a, ]
    [c:\windows\system32\fmcvxy.dll]  [n/a, ]
    [c:\windows\system32\jfdses.dll]  [n/a, ]
    [c:\windows\system32\cedafb.dll]  [n/a, ]
    [c:\windows\system32\jggtsr.dll]  [n/a, ]
    [c:\windows\system32\cdwqfs.dll]  [n/a, ]
    [c:\windows\system32\rfdswc.dll]  [n/a, ]
    [c:\windows\system32\ddserh.dll]  [n/a, ]
    [c:\windows\system32\wrqszl.dll]  [n/a, ]
    [c:\windows\system32\jfrwdh.dll]  [n/a, ]
    [c:\windows\system32\hhrdxd.dll]  [n/a, ]
    [c:\windows\system32\sgdewg.dll]  [n/a, ]
    [c:\windows\system32\zgrjdx.dll]  [n/a, ]
    [c:\windows\system32\zgxfdx.dll]  [n/a, ]
    [c:\windows\system32\wyhesm.dll]  [n/a, ]
    [c:\herosoft\herov8\vcvtshell.dll]  [herosoft, 1, 0, 0, 1]
[pid: 3016 / administrator][c:\program files\gridservice\peer.exe]  [mercury, 2, 0, 10, 7348]
    [c:\windows\system32\yzztkmsn.dll]  [n/a, ]
    [c:\windows\system32\arjreler.dll]  [n/a, ]
    [c:\windows\system32\tisqatyu.dll]  [n/a, ]
    [c:\windows\system32\nhmxcjkl.dll]  [n/a, ]
    [c:\windows\system32\ietzbpaq.dll]  [n/a, ]
    [c:\windows\system32\akjsdkaq.dll]  [n/a, ]
    [d:\瑞星\rising\rfw\ijt_base.dll]  [beijing rising technology co., ltd., 7.0.0.19]
    [d:\瑞星\rising\rfw\olemon.dll]  [beijing rising technology co., ltd., 7.0.0.6]
    [c:\windows\system32\adsntzt.dll]  [n/a, ]
    [c:\windows\system32\mfdesy.dll]  [n/a, ]
    [c:\windows\system32\tdffdl.dll]  [n/a, ]
    [c:\windows\system32\fmcvxy.dll]  [n/a, ]
    [c:\windows\system32\jfdses.dll]  [n/a, ]
    [c:\windows\system32\cedafb.dll]  [n/a, ]
    [c:\windows\system32\jggtsr.dll]  [n/a, ]
    [c:\windows\system32\cdwqfs.dll]  [n/a, ]
    [c:\windows\system32\rfdswc.dll]  [n/a, ]
    [c:\windows\system32\ddserh.dll]  [n/a, ]
    [c:\windows\system32\wrqszl.dll]  [n/a, ]
    [c:\windows\system32\jfrwdh.dll]  [n/a, ]
    [c:\windows\system32\hhrdxd.dll]  [n/a, ]
    [c:\windows\system32\sgdewg.dll]  [n/a, ]
    [c:\windows\system32\zgrjdx.dll]  [n/a, ]
    [c:\windows\system32\zgxfdx.dll]  [n/a, ]
    [c:\windows\system32\wyhesm.dll]  [n/a, ]
    [c:\herosoft\herov8\vcvtshell.dll]  [herosoft, 1, 0, 0, 1]
[pid: 3056 / administrator][c:\windows\system32\ctfmon.exe]  [microsoft corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\yzztkmsn.dll]  [n/a, ]
    [c:\windows\system32\arjreler.dll]  [n/a, ]
    [c:\windows\system32\tisqatyu.dll]  [n/a, ]
    [c:\windows\system32\nhmxcjkl.dll]  [n/a, ]
    [c:\windows\system32\ietzbpaq.dll]  [n/a, ]
    [c:\windows\system32\akjsdkaq.dll]  [n/a, ]
    [d:\瑞星\rising\rfw\ijt_base.dll]  [beijing rising technology co., ltd., 7.0.0.19]
    [d:\瑞星\rising\rfw\olemon.dll]  [beijing rising technology co., ltd., 7.0.0.6]
    [c:\windows\system32\adsntzt.dll]  [n/a, ]
    [c:\windows\system32\mfdesy.dll]  [n/a, ]
    [c:\windows\system32\tdffdl.dll]  [n/a, ]
    [c:\windows\system32\fmcvxy.dll]  [n/a, ]
    [c:\windows\system32\jfdses.dll]  [n/a, ]
    [c:\windows\system32\cedafb.dll]  [n/a, ]
    [c:\windows\system32\jggtsr.dll]  [n/a, ]
    [c:\windows\system32\cdwqfs.dll]  [n/a, ]
    [c:\windows\system32\rfdswc.dll]  [n/a, ]
    [c:\windows\system32\ddserh.dll]  [n/a, ]
    [c:\windows\system32\wrqszl.dll]  [n/a, ]
    [c:\windows\system32\jfrwdh.dll]  [n/a, ]
    [c:\windows\system32\hhrdxd.dll]  [n/a, ]
    [c:\windows\system32\sgdewg.dll]  [n/a, ]
    [c:\windows\system32\zgrjdx.dll]  [n/a, ]
    [c:\windows\system32\zgxfdx.dll]  [n/a, ]
    [c:\windows\system32\wyhesm.dll]  [n/a, ]
    [c:\herosoft\herov8\vcvtshell.dll]  [herosoft, 1, 0, 0, 1]
[pid: 3124 / administrator][c:\program files\nokia\nokia pc suite 6\pcsync2.exe]  [time information services ltd., 2.00 (633)]
    [c:\program files\nokia\nokia pc suite 6\ngscm.dll]  [nokia, 6, 86, 134, 6]
    [c:\program files\pc connectivity solution\connapi.dll]  [nokia., 7, 0, 7, 0]
    [c:\windows\system32\mfc71u.dll]  [microsoft corporation, 7.10.3077.0]
    [c:\windows\system32\msvcr71.dll]  [microsoft corporation, 7.10.3052.4]
    [c:\windows\system32\yzztkmsn.dll]  [n/a, ]
    [c:\windows\system32\arjreler.dll]  [n/a, ]
    [c:\windows\system32\tisqatyu.dll]  [n/a, ]
    [c:\windows\system32\nhmxcjkl.dll]  [n/a, ]
    [c:\windows\system32\ietzbpaq.dll]  [n/a, ]
    [c:\windows\system32\akjsdkaq.dll]  [n/a, ]
    [d:\瑞星\rising\rfw\ijt_base.dll]  [beijing rising technology co., ltd., 7.0.0.19]
    [d:\瑞星\rising\rfw\olemon.dll]  [beijing rising technology co., ltd., 7.0.0.6]
    [c:\program files\nokia\nokia pc suite 6\pcsl.dll]  [nokia, 6, 86, 12, 0]
    [c:\windows\system32\adsntzt.dll]  [n/a, ]
    [c:\program files\nokia\nokia pc suite 6\lang\pcsync2_chi-sc.nlr]  [time information services ltd., 9.00 (633)]
    [c:\program files\nokia\nokia pc suite 6\resource\pcsync2_nokia.ngr]  [time information services ltd., 9.00 (633)]
    [c:\windows\system32\mfdesy.dll]  [n/a, ]
    [c:\windows\system32\tdffdl.dll]  [n/a, ]
    [c:\windows\system32\fmcvxy.dll]  [n/a, ]
    [c:\windows\system32\jfdses.dll]  [n/a, ]
    [c:\windows\system32\cedafb.dll]  [n/a, ]
    [c:\windows\system32\jggtsr.dll]  [n/a, ]
    [c:\windows\system32\cdwqfs.dll]  [n/a, ]
    [c:\windows\system32\rfdswc.dll]  [n/a, ]
    [c:\windows\system32\ddserh.dll]  [n/a, ]
    [c:\windows\system32\wrqszl.dll]  [n/a, ]
    [c:\windows\system32\jfrwdh.dll]  [n/a, ]
    [c:\windows\system32\hhrdxd.dll]  [n/a, ]
    [c:\windows\system32\sgdewg.dll]  [n/a, ]
    [c:\windows\system32\zgrjdx.dll]  [n/a, ]
    [c:\windows\system32\zgxfdx.dll]  [n/a, ]
    [c:\windows\system32\wyhesm.dll]  [n/a, ]
    [c:\program files\pc connectivity solution\confserver.dll]  [nokia, 7, 0, 0, 0]
    [c:\program files\common files\microsoft shared\office11\msoxmlmf.dll]  [microsoft corporation, 11.0.5510]
    [c:\program files\common files\nokia\adapters\nclset.dll]  [nokia, 6.86.9.0]
    [c:\program files\common files\nokia\adapters\nclaeo.dsc]  [nokia mobile phones ltd., 4.00.008]
    [c:\program files\common files\nokia\mpapi\mpapips.dll]  [nokia corporation, 6.86.73.0]
    [c:\herosoft\herov8\vcvtshell.dll]  [herosoft, 1, 0, 0, 1]
[pid: 3168 / administrator][c:\program files\nokia\nokia pc suite 6\pcsuite.exe]  [nokia, 6, 86, 29, 9]
    [c:\program files\nokia\nokia pc suite 6\qtcore4.dll]  [n/a, ]
    [c:\program files\nokia\nokia pc suite 6\qtgui4.dll]  [n/a, ]
    [c:\program files\nokia\nokia pc suite 6\qtxml4.dll]  [n/a, ]
    [c:\program files\nokia\nokia pc suite 6\pcssupportsetup.dll]  [nokia, 6, 86, 28, 1]
    [c:\program files\nokia\nokia pc suite 6\ngscm.dll]  [nokia, 6, 86, 134, 6]

[c:\windows\system32\yzztkmsn.dll]  [n/a, ]
    [c:\windows\system32\arjreler.dll]  [n/a, ]
    [c:\windows\system32\tisqatyu.dll]  [n/a, ]
    [c:\windows\system32\nhmxcjkl.dll]  [n/a, ]
    [c:\windows\system32\ietzbpaq.dll]  [n/a, ]
    [c:\windows\system32\akjsdkaq.dll]  [n/a, ]
    [d:\瑞星\rising\rfw\ijt_base.dll]  [beijing rising technology co., ltd., 7.0.0.19]
    [d:\瑞星\rising\rfw\olemon.dll]  [beijing rising technology co., ltd., 7.0.0.6]
    [c:\windows\system32\adsntzt.dll]  [n/a, ]
    [c:\program files\nokia\nokia pc suite 6\pcsl.dll]  [nokia, 6, 86, 12, 0]
    [c:\program files\pc connectivity solution\connapi.dll]  [nokia., 7, 0, 7, 0]
    [c:\program files\pc connectivity solution\daapi.dll]  [nokia, 7, 0, 8, 0]
    [c:\program files\pc connectivity solution\pccs_dbapi.dll]  [nokia, 7, 0, 0, 0]
    [c:\program files\nokia\nokia pc suite 6\styles\nglstyle.dll]  [nokia, 6, 86, 24, 3]
    [c:\program files\nokia\nokia pc suite 6\imageformats\qjpeg4.dll]  [n/a, ]
    [c:\program files\pc connectivity solution\confserver.dll]  [nokia, 7, 0, 0, 0]
    [c:\program files\common files\microsoft shared\office11\msoxmlmf.dll]  [microsoft corporation, 11.0.5510]
    [c:\windows\system32\mfdesy.dll]  [n/a, ]
    [c:\windows\system32\tdffdl.dll]  [n/a, ]
    [c:\windows\system32\fmcvxy.dll]  [n/a, ]
    [c:\windows\system32\jfdses.dll]  [n/a, ]
    [c:\windows\system32\cedafb.dll]  [n/a, ]
    [c:\windows\system32\jggtsr.dll]  [n/a, ]
    [c:\windows\system32\cdwqfs.dll]  [n/a, ]
    [c:\windows\system32\rfdswc.dll]  [n/a, ]
    [c:\windows\system32\ddserh.dll]  [n/a, ]
    [c:\windows\system32\wrqszl.dll]  [n/a, ]
    [c:\windows\system32\jfrwdh.dll]  [n/a, ]
    [c:\windows\system32\hhrdxd.dll]  [n/a, ]
    [c:\windows\system32\sgdewg.dll]  [n/a, ]
    [c:\windows\system32\zgrjdx.dll]  [n/a, ]
    [c:\windows\system32\zgxfdx.dll]  [n/a, ]
    [c:\windows\system32\wyhesm.dll]  [n/a, ]
    [c:\herosoft\herov8\vcvtshell.dll]  [herosoft, 1, 0, 0, 1]
[pid: 3232 / administrator][c:\documents and settings\all users\「开始」菜单\程序\启动\explorer.exe]  [n/a, ]
    [d:\瑞星\rising\rfw\ijt_base.dll]  [beijing rising technology co., ltd., 7.0.0.19]
    [c:\windows\system32\yzztkmsn.dll]  [n/a, ]
    [c:\windows\system32\arjreler.dll]  [n/a, ]
    [c:\windows\system32\tisqatyu.dll]  [n/a, ]
    [c:\windows\system32\nhmxcjkl.dll]  [n/a, ]
    [c:\windows\system32\ietzbpaq.dll]  [n/a, ]
    [c:\windows\system32\akjsdkaq.dll]  [n/a, ]
    [d:\瑞星\rising\rfw\olemon.dll]  [beijing rising technology co., ltd., 7.0.0.6]
    [c:\windows\system32\adsntzt.dll]  [n/a, ]
    [c:\windows\system32\mfdesy.dll]  [n/a, ]
    [c:\windows\system32\tdffdl.dll]  [n/a, ]
    [c:\windows\system32\fmcvxy.dll]  [n/a, ]
    [c:\windows\system32\jfdses.dll]  [n/a, ]
    [c:\windows\system32\cedafb.dll]  [n/a, ]
    [c:\windows\system32\jggtsr.dll]  [n/a, ]
    [c:\windows\system32\cdwqfs.dll]  [n/a, ]
    [c:\windows\system32\rfdswc.dll]  [n/a, ]
    [c:\windows\system32\ddserh.dll]  [n/a, ]
    [c:\windows\system32\wrqszl.dll]  [n/a, ]
    [c:\windows\system32\jfrwdh.dll]  [n/a, ]
    [c:\windows\system32\hhrdxd.dll]  [n/a, ]
    [c:\windows\system32\sgdewg.dll]  [n/a, ]
    [c:\windows\system32\zgrjdx.dll]  [n/a, ]
    [c:\windows\system32\zgxfdx.dll]  [n/a, ]
    [c:\windows\system32\wyhesm.dll]  [n/a, ]
    [c:\herosoft\herov8\vcvtshell.dll]  [herosoft, 1, 0, 0, 1]
[pid: 3684 / system][c:\program files\pc connectivity solution\servicelayer.exe]  [nokia., 7, 0, 8, 0]
    [c:\windows\system32\yzztkmsn.dll]  [n/a, ]
    [c:\windows\system32\arjreler.dll]  [n/a, ]
    [c:\windows\system32\tisqatyu.dll]  [n/a, ]
    [c:\windows\system32\nhmxcjkl.dll]  [n/a, ]
    [c:\windows\system32\ietzbpaq.dll]  [n/a, ]
    [c:\windows\system32\akjsdkaq.dll]  [n/a, ]
    [c:\program files\pc connectivity solution\nclds.dll]  [nokia, 7, 0, 0, 0]
    [c:\program files\pc connectivity solution\ncltools.dll]  [nokia, 7, 0, 0, 0]
[pid: 3804 / administrator][c:\program files\common files\nokia\mpapi\mpapi3s.exe]  [nokia corporation, 6.86.162.0]
    [c:\windows\system32\tisqatyu.dll]  [n/a, ]
    [c:\windows\system32\ietzbpaq.dll]  [n/a, ]
    [d:\瑞星\rising\rfw\ijt_base.dll]  [beijing rising technology co., ltd., 7.0.0.19]
    [d:\瑞星\rising\rfw\olemon.dll]  [beijing rising technology co., ltd., 7.0.0.6]
    [c:\windows\system32\adsntzt.dll]  [n/a, ]
    [c:\program files\common files\nokia\mpapi\mpapips.dll]  [nokia corporation, 6.86.73.0]
    [c:\windows\system32\mfdesy.dll]  [n/a, ]
    [c:\windows\system32\tdffdl.dll]  [n/a, ]
    [c:\windows\system32\fmcvxy.dll]  [n/a, ]
    [c:\windows\system32\jfdses.dll]  [n/a, ]
    [c:\windows\system32\cedafb.dll]  [n/a, ]
    [c:\windows\system32\jggtsr.dll]  [n/a, ]
    [c:\windows\system32\cdwqfs.dll]  [n/a, ]
    [c:\windows\system32\rfdswc.dll]  [n/a, ]
    [c:\windows\system32\ddserh.dll]  [n/a, ]
    [c:\windows\system32\wrqszl.dll]  [n/a, ]
    [c:\windows\system32\jfrwdh.dll]  [n/a, ]
    [c:\windows\system32\hhrdxd.dll]  [n/a, ]
    [c:\windows\system32\sgdewg.dll]  [n/a, ]
    [c:\windows\system32\zgrjdx.dll]  [n/a, ]
    [c:\windows\system32\zgxfdx.dll]  [n/a, ]
    [c:\windows\system32\wyhesm.dll]  [n/a, ]
    [c:\herosoft\herov8\vcvtshell.dll]  [herosoft, 1, 0, 0, 1]
[pid: 3816 / system][c:\program files\pc connectivity solution\transports\nclusbsrv.exe]  [, 7, 0, 4, 0]
    [c:\windows\system32\yzztkmsn.dll]  [n/a, ]
    [c:\windows\system32\arjreler.dll]  [n/a, ]
    [c:\windows\system32\tisqatyu.dll]  [n/a, ]
    [c:\windows\system32\nhmxcjkl.dll]  [n/a, ]
    [c:\windows\system32\ietzbpaq.dll]  [n/a, ]
    [c:\windows\system32\akjsdkaq.dll]  [n/a, ]
[pid: 3900 / system][c:\program files\pc connectivity solution\transports\nclrssrv.exe]  [, 7, 0, 1, 0]
    [c:\windows\system32\tisqatyu.dll]  [n/a, ]
    [c:\windows\system32\ietzbpaq.dll]  [n/a, ]
[pid: 4076 / administrator][c:\windows\system32\conime.exe]  [microsoft corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\tisqatyu.dll]  [n/a, ]
    [c:\windows\system32\ietzbpaq.dll]  [n/a, ]
    [c:\windows\system32\adsntzt.dll]  [n/a, ]
    [c:\windows\system32\mfdesy.dll]  [n/a, ]
    [c:\windows\system32\tdffdl.dll]  [n/a, ]
    [c:\windows\system32\fmcvxy.dll]  [n/a, ]
    [c:\windows\system32\jfdses.dll]  [n/a, ]
    [c:\windows\system32\cedafb.dll]  [n/a, ]
    [c:\windows\system32\jggtsr.dll]  [n/a, ]
    [c:\windows\system32\cdwqfs.dll]  [n/a, ]
    [c:\windows\system32\rfdswc.dll]  [n/a, ]
    [c:\windows\system32\ddserh.dll]  [n/a, ]
    [c:\windows\system32\wrqszl.dll]  [n/a, ]
    [c:\windows\system32\jfrwdh.dll]  [n/a, ]
    [c:\windows\system32\hhrdxd.dll]  [n/a, ]
    [c:\windows\system32\sgdewg.dll]  [n/a, ]
    [c:\windows\system32\zgrjdx.dll]  [n/a, ]
    [c:\windows\system32\zgxfdx.dll]  [n/a, ]
    [c:\windows\system32\wyhesm.dll]  [n/a, ]
    [c:\herosoft\herov8\vcvtshell.dll]  [herosoft, 1, 0, 0, 1]
[pid: 3132 / administrator][c:\program files\internet explorer\iexplore.exe]  [microsoft corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\yzztkmsn.dll]  [n/a, ]
    [c:\windows\system32\arjreler.dll]  [n/a, ]
    [c:\windows\system32\tisqatyu.dll]  [n/a, ]
    [c:\windows\system32\nhmxcjkl.dll]  [n/a, ]
    [c:\windows\system32\ietzbpaq.dll]  [n/a, ]
    [c:\windows\system32\akjsdkaq.dll]  [n/a, ]
    [d:\瑞星\rising\rfw\ijt_base.dll]  [beijing rising technology co., ltd., 7.0.0.19]
    [d:\瑞星\rising\rfw\olemon.dll]  [beijing rising technology co., ltd., 7.0.0.6]
[pid: 2100 / administrator][c:\program files\internet explorer\iexplore.exe]  [microsoft corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\yzztkmsn.dll]  [n/a, ]
    [c:\windows\system32\arjreler.dll]  [n/a, ]
    [c:\windows\system32\tisqatyu.dll]  [n/a, ]
    [c:\windows\system32\nhmxcjkl.dll]  [n/a, ]
    [c:\windows\system32\ietzbpaq.dll]  [n/a, ]
    [c:\windows\system32\akjsdkaq.dll]  [n/a, ]
    [d:\瑞星\rising\rfw\ijt_base.dll]  [beijing rising technology co., ltd., 7.0.0.19]
    [d:\瑞星\rising\rfw\olemon.dll]  [beijing rising technology co., ltd., 7.0.0.6]
[pid: 3144 / administrator][d:\瑞星\rising\rav\smartup.exe]  [n/a, ]
    [c:\windows\system32\yzztkmsn.dll]  [n/a, ]
    [c:\windows\system32\arjreler.dll]  [n/a, ]
    [c:\windows\system32\tisqatyu.dll]  [n/a, ]
    [c:\windows\system32\nhmxcjkl.dll]  [n/a, ]
    [c:\windows\system32\ietzbpaq.dll]  [n/a, ]
    [c:\windows\system32\akjsdkaq.dll]  [n/a, ]
[pid: 228 / administrator][c:\docume~1\admini~1\locals~1\temp\rar$ex00.297\srengps.exe]  [smallfrogs studio, 2.5.16.900]
    [c:\windows\system32\yzztkmsn.dll]  [n/a, ]
    [c:\windows\system32\arjreler.dll]  [n/a, ]
    [c:\windows\system32\tisqatyu.dll]  [n/a, ]
    [c:\windows\system32\nhmxcjkl.dll]  [n/a, ]
    [c:\windows\system32\ietzbpaq.dll]  [n/a, ]
    [c:\windows\system32\akjsdkaq.dll]  [n/a, ]
    [c:\herosoft\herov8\vcvtshell.dll]  [herosoft, 1, 0, 0, 1]
    [c:\windows\system32\adsntzt.dll]  [n/a, ]
    [c:\windows\system32\jfdses.dll]  [n/a, ]
    [c:\windows\system32\hhrdxd.dll]  [n/a, ]
    [c:\windows\system32\wyhesm.dll]  [n/a, ]
    [c:\windows\system32\jfrwdh.dll]  [n/a, ]
    [c:\windows\system32\tdffdl.dll]  [n/a, ]
    [c:\windows\system32\wrqszl.dll]  [n/a, ]
    [c:\windows\system32\sgdewg.dll]  [n/a, ]
    [c:\windows\system32\zgrjdx.dll]  [n/a, ]
    [c:\windows\system32\zgxfdx.dll]  [n/a, ]
    [c:\windows\system32\jggtsr.dll]  [n/a, ]
    [c:\windows\system32\cedafb.dll]  [n/a, ]
    [c:\windows\system32\mfdesy.dll]  [n/a, ]
    [c:\windows\system32\fmcvxy.dll]  [n/a, ]
    [c:\windows\system32\cdwqfs.dll]  [n/a, ]
    [c:\windows\system32\rfdswc.dll]  [n/a, ]
    [c:\windows\system32\ddserh.dll]  [n/a, ]
    [c:\docume~1\admini~1\locals~1\temp\rar$ex00.297\upload\3rdupd.dll]  [smallfrogs studio, 2, 1, 0, 15]

==================================
文件关联
.txt  ok. [%systemroot%\system32\notepad.exe %1]
.exe  ok. ["%1" %*]
.com  ok. ["%1" %*]
.pif  ok. ["%1" %*]
.reg  ok. [regedit.exe "%1"]
.bat  ok. ["%1" %*]
.scr  ok. ["%1" /s]
.chm  ok. ["c:\windows\hh.exe" %1]
.hlp  ok. [%systemroot%\system32\winhlp32.exe %1]
.ini  ok. [%systemroot%\system32\notepad.exe %1]
.inf  ok. [%systemroot%\system32\notepad.exe %1]
.vbs  ok. [%systemroot%\system32\wscript.exe "%1" %*]
.js  ok. [%systemroot%\system32\wscript.exe "%1" %*]
.lnk  ok. [{00021401-0000-0000-c000-000000000046}]

==================================
winsock 提供者
n/a

==================================
autorun.inf
n/a

==================================
hosts 文件
127.0.0.1      localhost

==================================
进程特权扫描
特殊特权被允许： sedebugprivilege [pid = 2512, c:\program files\rising\antispyware\runiep.exe]
特殊特权被允许： seloaddriverprivilege [pid = 2512, c:\program files\rising\antispyware\runiep.exe]
特殊特权被允许： sedebugprivilege [pid = 2696, c:\windows\vm_sti.exe]
特殊特权被允许： seloaddriverprivilege [pid = 2696, c:\windows\vm_sti.exe]
特殊特权被允许： sedebugprivilege [pid = 2756, c:\windows\zssnp211.exe]
特殊特权被允许： seloaddriverprivilege [pid = 2756, c:\windows\zssnp211.exe]
特殊特权被允许： sedebugprivilege [pid = 2784, c:\windows\domino.exe]
特殊特权被允许： seloaddriverprivilege [pid = 2784, c:\windows\domino.exe]
特殊特权被允许： sedebugprivilege [pid = 3016, c:\program files\gridservice\peer.exe]
特殊特权被允许： seloaddriverprivilege [pid = 3016, c:\program files\gridservice\peer.exe]
特殊特权被允许： sedebugprivilege [pid = 3124, c:\program files\nokia\nokia pc suite 6\pcsync2.exe]
特殊特权被允许： seloaddriverprivilege [pid = 3124, c:\program files\nokia\nokia pc suite 6\pcsync2.exe]
特殊特权被允许： sedebugprivilege [pid = 3168, c:\program files\nokia\nokia pc suite 6\pcsuite.exe]
特殊特权被允许： seloaddriverprivilege [pid = 3168, c:\program files\nokia\nokia pc suite 6\pcsuite.exe]
特殊特权被允许： sedebugprivilege [pid = 3232, c:\documents and settings\all users\「开始」菜单\程序\启动\explorer.exe]
特殊特权被允许： seloaddriverprivilege [pid = 3232, c:\documents and settings\all users\「开始」菜单\程序\启动\explorer.exe]
特殊特权被允许： sedebugprivilege [pid = 3804, c:\program files\common files\nokia\mpapi\mpapi3s.exe]
特殊特权被允许： seloaddriverprivilege [pid = 3804, c:\program files\common files\nokia\mpapi\mpapi3s.exe]
特殊特权被允许： seloaddriverprivilege [pid = 3816, c:\program files\pc connectivity solution\transports\nclusbsrv.exe]
特殊特权被允许： sedebugprivilege [pid = 3144, d:\瑞星\rising\rav\smartup.exe]
特殊特权被允许： sedebugprivilege [pid = 3128, c:\program files\winrar\winrar.exe]
特殊特权被允许： seloaddriverprivilege [pid = 3128, c:\program files\winrar\winrar.exe]

==================================
api hook
n/a

==================================
隐藏进程
n/a

饿……好大一堆病毒文件

啊,谁能帮帮我啊

木马群。建议你先用windows清理助手处理一下，如未能清除干净再发新的报告上来。下载windows清理助手清理恶意软件
http://www.arswp.com/download/arswp/arswp2.rar

中了木马群，比较难缠~~

如果lz手动操作能力不强的话，我建议你重装系统~~

如果不能重装系统，那么，请把日志从附件上传，便于帮你编辑操作步骤（比较复杂）

建议先用hijackthis扫描，记录bho项中的*.dll文件名，重新启动电脑进入dos模式，可手工清除这些dll文件，清除后重新copy smartup.exe 至*\rising\rav目录下，重新自动更新下，或重新安装升级补丁即可

9楼的发的那个啥,都不能下的呀