HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run           

+ RfwMain    Rising Personal FireWall Main Program    Beijing Rising Technology Corporation Limited    c:\program files\rising\rfw\rfwmain.exe

+ Thunder            c:\program files\thunder network\thunder\thundershell.exe

+ TkBellExe    RealNetworks Scheduler    RealNetworks, Inc.    c:\program files\common files\real\update_ob\realsched.exe

C:\Documents and Settings\yangying\「开始」菜单\程序\启动           

+ 腾讯QQ.lnk    QQ    TENCENT    d:\program files\tencent\qq\qq.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks           

+ Rising Execute File Exts hook    Rising Shell Ext Module    Beijing Rising Technology Co., Ltd.    c:\windows\system32\ravext.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved           

+ RISING    Rising Shell Ext Module    Beijing Rising Technology Co., Ltd.    c:\windows\system32\ravext.dll

+ Shell Extensions for RealOne Player    RealPlayer Shell Extensions    RealNetworks, Inc.    d:\program files\real\realplayer\rpshell.dll

+ WinRAR shell extension            c:\program files\winrar\rarext.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects           

+ NXIECatcher Class    NetXfer IE Helper Module    Xi    d:\program files\xi\netxfer\nxiehelper.dll

+ QQBrowserHelperObject Class    QQIEHelper Module    深圳市腾讯计算机系统有限公司    d:\program files\tencent\qq\qqiehelper.dll

+ ThunderIEHelper Class    xunleibho BHO        c:\windows\system32\xunleibho_v8.dll

HKLM\Software\Microsoft\Internet Explorer\Extensions           

+ 腾讯QQ    QQ    TENCENT    d:\program files\tencent\qq\qq.exe

HKLM\System\CurrentControlSet\Services           

+ RfwService    Rising Personal Firewall Service    Beijing Rising Technology Corporation Limited    c:\program files\rising\rfw\rfwsrv.exe

+ RsCCenter    CCenter    Beijing Rising Technology Co., Ltd.    c:\program files\rising\rav\ccenter.exe

+ RsRavMon    RavMond    Beijing Rising Technology Co., Ltd.    c:\program files\rising\rav\ravmond.exe

HKLM\System\CurrentControlSet\Services           

+ BaseTDI    basetdi    Beijing Rising Technology Co., Ltd.    c:\windows\system32\drivers\basetdi.sys

+ EagleNT            File not found: C:\WINDOWS\System32\drivers\EagleNT.sys

+ ExpScaner    ExpScan.sys        c:\program files\rising\rav\expscan.sys

+ HookCont    TDI HOOK Driver    Rising tech Co. ltd    c:\program files\rising\rav\hookcont.sys

+ HookReg            c:\program files\rising\rav\hookreg.sys

+ HookSys    Hooksys    Rising    c:\program files\rising\rav\hooksys.sys

+ MEMSCAN    MemScan Driver    瑞星软件有限公司    c:\program files\rising\rav\memscan.sys

+ npkcrypt    nProtect KeyCrypt Driver    INCA Internet Co., Ltd.    d:\program files\tencent\qq\npkcrypt.sys

+ nv    NVIDIA Compatible Windows 2000 Miniport Driver, Version 56.73     NVIDIA Corporation    c:\windows\system32\drivers\nv4_mini.sys

+ Ptilink    Direct Parallel Link Driver    Parallel Technologies, Inc.    c:\windows\system32\drivers\ptilink.sys

+ RsFwDrv    nt_fwdrv    Rising    c:\program files\rising\rfw\rsfwdrv.sys

+ rtl8139    Realtek RTL8139 NDIS 5.0 Driver    Realtek Semiconductor Corporation    c:\windows\system32\drivers\rtl8139.sys

+ Secdrv    SafeDisc driver        c:\windows\system32\drivers\secdrv.sys

+ TrojanFindDriverNT            File not found: C:\WINDOWS\System32\NtDriver.sys
+ VIAudio    Vinyl AC'97 Codec Combo WDM Driver    VIA Technologies, Inc.    c:\windows\system32\drivers\vinyl97.sys

+ TrojanFindDriverNT File not found: C:\WINDOWS\System32\NtDriver.sys
这个是不是木马啊。为什么我家电脑最近上网，发送的字节比收到的多啊。郁闷………………