-------------------计算机系统组件体检----------------------
[编号:0]
[名称:\SystemRoot\System32\smss.exe]
[类型:运行进程]
[内容:未知]

[编号:1]
[名称:\??\C:\WINDOWS\system32\csrss.exe]
[类型:运行进程]
[内容:未知]

[编号:2]
[名称:\??\C:\WINDOWS\system32\winlogon.exe]
[类型:运行进程]
[内容:未知]

[编号:3]
[名称:C:\WINDOWS\system32\services.exe]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:4 - 可疑级别:*]
[名称:C:\WINDOWS\system32\lsass.exe]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:5 - 可疑级别:*]
[名称:C:\WINDOWS\system32\svchost.exe]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:6 - 可疑级别:*]
[名称:C:\WINDOWS\system32\svchost.exe]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:7 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\CCenter.exe]
[类型:运行进程]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:8 - 可疑级别:*]
[名称:C:\WINDOWS\System32\svchost.exe]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:9]
[名称:E:\完美卸~1\PnpWMmng.exe]
[类型:运行进程]
[内容:完美卸载防毒服务 Copyright ? 2006 完美卸载]

[编号:10 - 可疑级别:*]
[名称:C:\WINDOWS\system32\svchost.exe]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:11 - 可疑级别:*]
[名称:C:\WINDOWS\system32\svchost.exe]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:12 - 可疑级别:*]
[名称:C:\PROGRAM FILES\RISING\RAV\Ravmond.exe]
[类型:运行进程]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:13 - 可疑级别:*]
[名称:C:\WINDOWS\Explorer.EXE]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:14 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rfw\rfwsrv.exe]
[类型:运行进程]
[内容:Rising Personal FireWall 2008 Rising Corp. All rights reserved.]

[编号:15 - 可疑级别:*]
[名称:C:\PROGRAM FILES\RISING\RAV\RavStub.exe]
[类型:运行进程]
[内容:RavStub Application Copyright (c) 1998-2005 Rising Corp.]

[编号:16 - 可疑级别:*]
[名称:C:\WINDOWS\system32\spoolsv.exe]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:17 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rfw\RfwMain.exe]
[类型:运行进程]
[内容:Rising Personal FireWall 2008 Rising Corp. All rights reserved.]

[编号:18 - 可疑级别:*]
[名称:C:\WINDOWS\system32\nvsvc32.exe]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:19 - 可疑级别:*]
[名称:C:\WINDOWS\system32\svchost.exe]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:20 - 可疑级别:*]
[名称:C:\PROGRAM FILES\RISING\RAV\RavMon.exe]
[类型:运行进程]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:21 - 可疑级别:*]
[名称:C:\WINDOWS\System32\alg.exe]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:22 - 可疑级别:*]
[名称:C:\WINDOWS\system32\wuauclt.exe]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:23 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\RavTask.exe]
[类型:运行进程]
[内容:Rising Antivirus 2008 Rising Corp.All rights reserved.]

[编号:24 - 可疑级别:*]
[名称:E:\完美卸载V2008\WmSysPro.exe]
[类型:运行进程]
[内容:系统保护防毒墙 版权所有 (C)剑锋工作室]

[编号:25 - 可疑级别:*]
[名称:C:\WINDOWS\system32\ctfmon.exe]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:26]
[名称:E:\完美卸载V2008\MainCon.exe]
[类型:运行进程]
[内容:完美卸载 主控台 版权所有 (C) 完美卸载]

[编号:27]
[名称:E:\完美卸载V2008\Syssec.exe]
[类型:运行进程]
[内容:完美卸载V2007-ChinaHijackThis 版权所有 (C) 2006]

[编号:28 - 可疑级别:*]
[名称:C:\Program Files\Internet Explorer\iexplore.exe]
[类型:运行进程]
[内容:Microsoft(R) Windows(R) Operating System (C) Microsoft Corporation. All rights reserved.]

[编号:29 - 可疑级别:*]
[名称:C:\WINDOWS\system32\Notepad.exe]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

------------------------------------------------------------------------------------------

[编号:31 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rfw\ijt_base.dll]
[类型:已加载DLL]
[内容:Rising Personal FireWall 2008 Rising Corp. All rights reserved.]

[编号:32 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rfw\olemon.dll]
[类型:已加载DLL]
[内容:Rising Personal FireWall 2008 Rising Corp. All rights reserved.]

[编号:33 - 可疑级别:*****]
[名称:C:\WINDOWS\system32\atgnehz.dll]
[类型:已加载DLL]
[内容:未知]

[编号:34 - 可疑级别:*****]
[名称:C:\WINDOWS\system32\jemnaw.dll]
[类型:已加载DLL]
[内容:未知]

[编号:35 - 可疑级别:*****]
[名称:C:\WINDOWS\system32\sve.dll]
[类型:已加载DLL]
[内容:未知]

[编号:36 - 可疑级别:*]
[名称:C:\PROGRAM FILES\RISING\RAV\BWList.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:37 - 可疑级别:*]
[名称:C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2006 Rising Corp. All rights reserved.]

[编号:38 - 可疑级别:*]
[名称:C:\PROGRAM FILES\RISING\RAV\CfgDll.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:39 - 可疑级别:*]
[名称:C:\PROGRAM FILES\RISING\RAV\RsLog.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:40 - 可疑级别:*]
[名称:C:\PROGRAM FILES\RISING\RAV\ProcCom.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:41 - 可疑级别:*]
[名称:C:\PROGRAM FILES\RISING\RAV\RsCommX2.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:42 - 可疑级别:*]
[名称:C:\PROGRAM FILES\RISING\RAV\MonRule.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:43 - 可疑级别:*]
[名称:C:\PROGRAM FILES\RISING\RAV\Hooksys.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Copyright (C) 2007]

[编号:44 - 可疑级别:*]
[名称:C:\PROGRAM FILES\RISING\RAV\HookReg.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Copyright (C) 2007]

[编号:45 - 可疑级别:*]
[名称:C:\PROGRAM FILES\RISING\RAV\HookNtos.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Copyright (C) 2007]

[编号:46 - 可疑级别:*]
[名称:C:\PROGRAM FILES\RISING\RAV\rswalmon.dll]
[类型:已加载DLL]
[内容:Rising WAL Monitor Copyright(c) 1998-2007 Beijing  Rising  Technology  Corporation  Limited]

[编号:47 - 可疑级别:*]
[名称:C:\PROGRAM FILES\RISING\RAV\recomp.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:48 - 可疑级别:*]
[名称:C:\PROGRAM FILES\RISING\RAV\refs.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:49 - 可疑级别:*]
[名称:C:\PROGRAM FILES\RISING\RAV\ffr.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:50 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\RsStore.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:51 - 可疑级别:*]
[名称:C:\PROGRAM FILES\RISING\RAV\HookCont.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Copyright (C) 2007]

[编号:52 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\fakescan.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:53 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\Scanner.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:54 - 可疑级别:*]
[名称:C:\PROGRAM FILES\RISING\RAV\viruslib.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:55 - 可疑级别:*]
[名称:C:\PROGRAM FILES\RISING\RAV\relibldr.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:56 - 可疑级别:*]
[名称:C:\PROGRAM FILES\RISING\RAV\HookWeb.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:57 - 可疑级别:*]
[名称:C:\PROGRAM FILES\RISING\RAV\nvfile.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:58 - 可疑级别:*]
[名称:C:\PROGRAM FILES\RISING\RAV\scanexec.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:59 - 可疑级别:*]
[名称:C:\PROGRAM FILES\RISING\RAV\unexe.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:60 - 可疑级别:*]
[名称:C:\PROGRAM FILES\RISING\RAV\scanex.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:61 - 可疑级别:*]
[名称:C:\PROGRAM FILES\RISING\RAV\pearc.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[用户系统信息]Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)

[编号:62 - 可疑级别:*]
[名称:C:\PROGRAM FILES\RISING\RAV\extfile.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:63 - 可疑级别:*]
[名称:C:\PROGRAM FILES\RISING\RAV\scanpack.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:64 - 可疑级别:*]
[名称:C:\PROGRAM FILES\RISING\RAV\revm.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:65 - 可疑级别:*]
[名称:C:\PROGRAM FILES\RISING\RAV\urutils.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:66 - 可疑级别:*]
[名称:C:\PROGRAM FILES\RISING\RAV\scriptci.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:67 - 可疑级别:*]
[名称:C:\PROGRAM FILES\RISING\RAV\uroutine.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:68 - 可疑级别:*]
[名称:C:\PROGRAM FILES\RISING\RAV\ur000.dat]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:69 - 可疑级别:*]
[名称:C:\PROGRAM FILES\RISING\RAV\ur001.dat]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:70 - 可疑级别:*]
[名称:C:\PROGRAM FILES\RISING\RAV\scansct.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:71 - 可疑级别:*****]
[名称:C:\WINDOWS\system32\mfdesy.dll]
[类型:已加载DLL]
[内容:未知]

[编号:72 - 可疑级别:*]
[名称:C:\WINDOWS\system32\nvshell.dll]
[类型:已加载DLL]
[内容:(null) (null)]

[编号:73 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rfw\ProcCom.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:74 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rfw\RsCommX2.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:75 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rfw\RSAPPMGR.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2006 Rising Corp. All rights reserved.]

[编号:76 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rfw\CfgDll.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:77 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rfw\RfwRule.dll]
[类型:已加载DLL]
[内容:Rising Personal FireWall 2008 Rising Corp. All rights reserved.]

[编号:78 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rfw\rfwlog.dll]
[类型:已加载DLL]
[内容:Rising Personal FireWall 2008 Rising Corp. All rights reserved.]

[编号:79 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rfw\Rfwdrv.dll]
[类型:已加载DLL]
[内容:Rising Personal FireWall 2008 Rising Corp. All rights reserved.]

[编号:80 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rfw\ijt_ctrl.dll]
[类型:已加载DLL]
[内容:Rising Personal FireWall 2008 Rising Corp. All rights reserved.]

[编号:81 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rfw\unvdet.dll]
[类型:已加载DLL]
[内容:Rising Personal Firewall 2008 Rising Corp. All rights reserved.]

[编号:82 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rfw\mPorts.dll]
[类型:已加载DLL]
[内容:Rising Personal Firewall 2008 Rising Corp. All rights reserved.]

[编号:83 - 可疑级别:*]
[名称:C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:84 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rfw\RsGuiLib.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:85 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rfw\RSCOMMON.DLL]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:86 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rfw\RfwCtrl.dll]
[类型:已加载DLL]
[内容:Rising Personal FireWall 2008 Rising Corp. All rights reserved.]

[编号:87 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rfw\RsXML.dll]
[类型:已加载DLL]
[内容:Rising Antivirus Software Copyright (c) 1998-2007 Rising Corp.]

[编号:88 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rfw\PngDll.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:89 - 可疑级别:*]
[名称:C:\PROGRAM FILES\RISING\RAV\PngDll.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:90 - 可疑级别:*]
[名称:C:\PROGRAM FILES\RISING\RAV\Rsguilib.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:91 - 可疑级别:*]
[名称:C:\PROGRAM FILES\RISING\RAV\RsXML.dll]
[类型:已加载DLL]
[内容:Rising Antivirus Software Copyright (c) 1998-2007 Rising Corp.]

[编号:92 - 可疑级别:*]
[名称:E:\完美卸载V2008\ScanEngine.dll]
[类型:已加载DLL]
[内容:ScanEngine 完美病毒引擎文件 版权所有 (C) 2007]

[编号:93]
[名称:E:\完美卸载V2008\SkinPlusPlus.dll]
[类型:已加载DLL]
[内容:完美卸载图形模块 完美卸载图形模块 Skin++提供]

[编号:94 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\RavScrCh.dll]
[类型:已加载DLL]
[内容:RavScrCh Module Copyright(c) 1998-2006 Beijing  Rising  Technology  Corporation  Limited]

[编号:95 - 可疑级别:*]
[名称:C:\WINDOWS\system32\RavExt.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:96]
[名称:E:\完美卸载V2008\CheckTrust.dll]
[类型:已加载DLL]
[内容:完美卸载数字验证模块 Copyright(C) 完美卸载. All rights reserved.]

[编号:97 - 可疑级别:*]
[名称:C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx]
[类型:已加载DLL]
[内容:Shockwave Flash Adobe? Flash? Player. Copyright ? 1996-2007 Adobe Systems Incorporated. All Rights Reserved. Protected by U.S. Patent 6,879,327; Patents Pending in the United States and other countries. Adobe and Flash are either trademarks or registered trademarks in the United States and/or other countries.]

------------------------------------------------------------------------------------------

[编号:99]
[名称:RfwMain]
[类型:开机启动]
[内容:"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup]

[编号:100]
[名称:RavTask]
[类型:开机启动]
[内容:"C:\Program Files\Rising\Rav\RavTask.exe" -system]

[编号:101]
[名称:POPO2004]
[类型:开机启动]
[内容:D:\POPO2004\Start.exe]

[编号:102]
[名称:RegFireWall]
[类型:开机启动]
[内容:E:\完美卸载V2008\WmSysPro.exe -PowerOn]

[编号:103]
[名称:NvCplDaemon]
[类型:开机启动]
[内容:RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup]

[编号:104]
[名称:ctfmon.exe]
[类型:开机启动]
[内容:C:\WINDOWS\system32\ctfmon.exe]

------------------------------------------------------------------------------------------

[编号:106 - 可疑级别:*****]
[名称:C:\Autorun.inf]
[类型:自动播放文件]
[内容:]

[编号:107 - 可疑级别:*****]
[名称:C:\\]
[类型:自动播放程序]
[内容:]

[编号:108 - 可疑级别:*****]
[名称:D:\Autorun.inf]
[类型:自动播放文件]
[内容:]

[编号:109 - 可疑级别:*****]
[名称:D:\\]
[类型:自动播放程序]
[内容:]

[编号:110 - 可疑级别:*****]
[名称:E:\Autorun.inf]
[类型:自动播放文件]
[内容:]

[编号:111 - 可疑级别:*****]
[名称:E:\\]
[类型:自动播放程序]
[内容:]

[编号:112 - 可疑级别:*****]
[名称:F:\Autorun.inf]
[类型:自动播放文件]
[内容:]

[编号:113 - 可疑级别:*****]
[名称:F:\\]
[类型:自动播放程序]
[内容:]

------------------------------------------------------------------------------------------

[编号:115 - 可疑级别:*****]
[名称:360TimeProt]
[类型:服务:未知]
[内容:c:\windows\system32\drivers\360timeprot.sys]

[编号:116 - 可疑级别:*****]
[名称:AFD]
[类型:服务:未知]
[内容:\SystemRoot\System32\drivers\afd.sys]

[编号:117]
[名称:AlcwWmDrv]
[类型:服务:未知]
[内容:c:\windows\system32\drivers\alcwwmdrv.sys]

[编号:118 - 可疑级别:*]
[名称:AMD Processor Driver]
[类型:服务:AMD Processor Driver Copyright (C) AMD, Inc.2002-2006]
[内容:C:\WINDOWS\system32\drivers\amdk8.sys]

[编号:119 - 可疑级别:*****]
[名称:ATI2HDDSRV]
[类型:服务:未知]
[内容:c:\windows\system32\drivers\ati32srv.sys]

[编号:120 - 可疑级别:*]
[名称:Basetdi]
[类型:服务:Rising PFW Copyright(c) 1998-2007 Beijing  Rising  Technology  Corporation  Limited]
[内容:c:\windows\system32\drivers\basetdi.sys]

[编号:121 - 可疑级别:*]
[名称:DCOM Server Process Launcher]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\svchost ]

[编号:122 - 可疑级别:*****]
[名称:HookCont]
[类型:服务:未知]
[内容:\SystemRoot\system32\drivers\HookCont.sys]

[编号:123 - 可疑级别:*****]
[名称:HookNtos]
[类型:服务:未知]
[内容:\SystemRoot\system32\drivers\HookNtos.sys]

[编号:124 - 可疑级别:*****]
[名称:HookReg]
[类型:服务:未知]
[内容:\SystemRoot\system32\drivers\HookReg.sys]

[编号:125 - 可疑级别:*****]
[名称:HookSys]
[类型:服务:未知]
[内容:\SystemRoot\system32\drivers\HookSys.sys]

[编号:126 - 可疑级别:*]
[名称:HookUrl]
[类型:服务:Rising Personal FireWall 2008 Rising Corp. All rights reserved.]
[内容:c:\program files\rising\rfw\hookurl.sys]

[编号:127 - 可疑级别:*****]
[名称:iCafe Update]
[类型:服务:未知]
[内容:c:\windows\system32\drivers\pcihdd2.sys]

[编号:128 - 可疑级别:*]
[名称:Service for Realtek HD Audio (WDM)]
[类型:服务:Realtek(r) High Definition Audio Function Driver (HRTF data Copyright 1994 by MIT Media Lab) Copyright (c) Realtek Semiconductor Corp.1998-2004]
[内容:C:\WINDOWS\system32\drivers\rtkhdaud.sys]

[编号:129 - 可疑级别:*****]
[名称:msertk]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\drivers\msyecp.sys]

[编号:130 - 可疑级别:*****]
[名称:msskye]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\drivers\msaclue.sys]

[编号:131 - 可疑级别:*****]
[名称:NVIDIA Display Driver Service]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\nvsvc32.exe]

[编号:132]
[名称:PnpWmkDrv]
[类型:服务:Windows (R) 2000 DDK driver ]
[内容:c:\windows\system32\drivers\pnpwmkdrv.sys]

[编号:133 - 可疑级别:*]
[名称:Rising  Rfwbase Driver]
[类型:服务:Rising Personal FireWall 2008 Rising Corp. All rights reserved.]
[内容:C:\WINDOWS\system32\drivers\rfwbase.sys]

[编号:134 - 可疑级别:*]
[名称:Rising Proxy  Service]
[类型:服务:Rising Personal FireWall 2008 Rising Corp. All rights reserved.]
[内容:C:\Program Files\Rising\Rfw\rfwProxy.exe]

[编号:135 - 可疑级别:*]
[名称:Rising Personal Firewall Service]
[类型:服务:Rising Personal FireWall 2008 Rising Corp. All rights reserved.]
[内容:C:\Program Files\Rising\Rfw\rfwsrv.exe]

[编号:136 - 可疑级别:*]
[名称:Remote Procedure Call (RPC)]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\svchost ]

[编号:137 - 可疑级别:*]
[名称:Rising Process Communication Center]
[类型:服务:Rising AntiVirus 2008 Rising Corp. All rights reserved.]
[内容:"C:\Program Files\Rising\Rav\CCenter.exe"]

[编号:138 - 可疑级别:*]
[名称:RsFwDrv]
[类型:服务:Rising Personal FireWall 2008 Rising Corp. All rights reserved.]
[内容:c:\program files\rising\rfw\rsfwdrv.sys]

[编号:139 - 可疑级别:*]
[名称:RsNTGDI]
[类型:服务:Rising AntiVirus 2008 Rising Corp. All rights reserved.]
[内容:C:\WINDOWS\system32\drivers\rsntgdi.sys]

[编号:140 - 可疑级别:*]
[名称:Rising RealTime Monitor]
[类型:服务:Rising AntiVirus 2008 Rising Corp. All rights reserved.]
[内容:"C:\PROGRAM FILES\RISING\RAV\Ravmond.exe"]

[编号:141 - 可疑级别:*****]
[名称:System Restore Filter Driver]
[类型:服务:未知]
[内容:\SystemRoot\system32\DRIVERS\sr.sys]

[编号:142 - 可疑级别:*]
[名称:Terminal Services]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\svchost ]

[编号:143 - 可疑级别:*]
[名称:TesSafe]
[类型:服务:TesSafe Protector Copyright (c) 2007 TENCENT Inc. All Rights Reserved]
[内容:c:\windows\system32\tessafe.sys]

[编号:144]
[名称:WmRegProDrv]
[类型:服务:Windows (R) 2000 DDK driver ]
[内容:C:\WINDOWS\system32\drivers\wmregprodrv.sys]

[编号:145 - 可疑级别:*]
[名称:NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller]
[类型:服务:Marvell Yukon Ethernet Controller ?Copyright 2002-2006 Marvell?. All rights reserved.]
[内容:C:\WINDOWS\system32\drivers\yk51x86.sys]

------------------------------------------------------------------------------------------

[编号:147]
[名称:Start Page]
[类型:IE主页-当前用户]
[内容:about:blank]

[编号:148]
[名称:Search Page]
[类型:IE搜索-当前用户]
[内容:http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch]

[编号:149]
[名称:Start Page]
[类型:IE主页-所有用户]
[内容:http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home]

[编号:150]
[名称:Search Page]
[类型:IE搜索-所有用户]
[内容:http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch]

[编号:151]
[名称:Default_Page_URL]
[类型:默认IE主页-所有用户]
[内容:http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome]

[编号:152]
[名称:Default_Search_URL]
[类型:默认IE搜索-所有用户]
[内容:http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch]

------------------------------------------------------------------------------------------

[编号:154]
[名称:使用迅雷下载]
[类型:IE 右键按钮]
[内容: 路径:4]

[编号:155]
[名称:使用迅雷下载全部链接]
[类型:IE 右键按钮]
[内容: 路径:4]

------------------------------------------------------------------------------------------

[编号:157]
[名称:{0002000D-0000-0000-C000-000000000046}]
[类型:IAVIStream & IAVIFile Proxy <IE控件>]
[内容:avifil32.dll]

[编号:158]
[名称:{00021401-0000-0000-C000-000000000046}]
[类型:快捷方式 <IE控件>]
[内容:shell32.dll]

[编号:159]
[名称:{01E04581-4EEE-11D0-BFE9-00AA005B4383}]
[类型:地址(&A) <IE控件>]
[内容:%SystemRoot%\system32\browseui.dll]

[编号:160]
[名称:{1AA06BA1-0E88-11D1-8391-00C04FBD7C09}]
[类型:CLSID_CCommAcctImport <IE控件>]
[内容:%SystemRoot%\system32\msoeacct.dll]

[编号:161]
[名称:{233A9694-667E-11D1-9DFB-006097D50408}]
[类型:Outlook Express Address Book <IE控件>]
[内容:%ProgramFiles%\Outlook Express\msoe.dll]

[编号:162]
[名称:{3050F391-98B5-11CF-BB82-00AA00BDCE0B}]
[类型:Microsoft HTML Window Security Proxy <IE控件>]
[内容:%SystemRoot%\system32\mshtml.dll]

[编号:163]
[名称:{3050F5C8-98B5-11CF-BB82-00AA00BDCE0B}]
[类型:Microsoft HTA Document 6.0 <IE控件>]
[内容:%SystemRoot%\system32\mshtml.dll]

[编号:164]
[名称:{40dd6e20-7c17-11ce-a804-00aa003ca9f6}]
[类型:Shell extensions for sharing <IE控件>]
[内容:ntshrui.dll]

[编号:165]
[名称:{4622AD11-FF23-11D0-8D34-00A0C90F2719}]
[类型:「开始」菜单 <IE控件>]
[内容:%SystemRoot%\system32\SHELL32.dll]

[编号:166]
[名称:{6e449686-c509-11cf-aafa-00aa00b6015c}]
[类型:Microsoft Active Setup Engine <IE控件>]
[内容:%SystemRoot%\system32\inseng.dll]

[编号:167]
[名称:{7057E952-BD1B-11D1-8919-00C04FC2C836}]
[类型:Microsoft DocHost User Interface Handler <IE控件>]
[内容:%SystemRoot%\system32\shdocvw.dll]

[编号:168]
[名称:{7849596A-48EA-486E-8937-A2A3009F31A9}]
[类型:PostBootReminder 对象 <IE控件>]
[内容:%SystemRoot%\system32\SHELL32.dll]

[编号:169]
[名称:{85BBD920-42A0-1069-A2E4-08002B30309D}]
[类型:公文包 <IE控件>]
[内容:syncui.dll]

[编号:170]
[名称:{AF604EFE-8897-11D1-B944-00A0C90312E1}]
[类型:Microsoft 常见浏览器构架 <IE控件>]
[内容:%SystemRoot%\system32\browseui.dll]

[编号:171]
[名称:{cae80521-f685-11d1-af32-00c04fa31b90}]
[类型:CLSID_OENote <IE控件>]
[内容:%ProgramFiles%\Outlook Express\msoe.dll]

[编号:172]
[名称:{f5078f1b-c551-11d3-89b9-0000f81fe221}]
[类型:XML DOM Document 2.6 <IE控件>]
[内容:%SystemRoot%\system32\msxml2.dll]

[编号:173]
[名称:{f5078f1c-c551-11d3-89b9-0000f81fe221}]
[类型:Free Threaded XML DOM Document 2.6 <IE控件>]
[内容:%SystemRoot%\system32\msxml2.dll]

[编号:174]
[名称:{f5078f1d-c551-11d3-89b9-0000f81fe221}]
[类型:XML Schema Cache 2.6 <IE控件>]
[内容:%SystemRoot%\system32\msxml2.dll]

[编号:175]
[名称:{f5078f1e-c551-11d3-89b9-0000f81fe221}]
[类型:XML HTTP 2.6 <IE控件>]
[内容:%SystemRoot%\system32\msxml2.dll]

[编号:176]
[名称:{f5078f1f-c551-11d3-89b9-0000f81fe221}]
[类型:XML Data Source Object 2.6 <IE控件>]
[内容:%SystemRoot%\system32\msxml2.dll]

[编号:177]
[名称:{f5078f20-c551-11d3-89b9-0000f81fe221}]
[类型:XML Parser 2.6 <IE控件>]
[内容:%SystemRoot%\system32\msxml2.dll]

[编号:178]
[名称:{f5078f21-c551-11d3-89b9-0000f81fe221}]
[类型:XSL Template 2.6 <IE控件>]
[内容:%SystemRoot%\system32\msxml2.dll]

[编号:179]
[名称:{f5078f22-c551-11d3-89b9-0000f81fe221}]
[类型:XML Document 2.6 <IE控件>]
[内容:%SystemRoot%\system32\msxml2.dll]

[编号:180]
[名称:{f5078f28-c551-11d3-89b9-0000f81fe221}]
[类型:XML Document 2.6 <IE控件>]
[内容:%SystemRoot%\system32\msxml2.dll]

[编号:181]
[名称:{f5078f29-c551-11d3-89b9-0000f81fe221}]
[类型:XML Moniker 2.6 <IE控件>]
[内容:%SystemRoot%\system32\msxml2.dll]

[编号:182]
[名称:{FBEB8A05-BEEE-4442-804E-409D6C4515E9}]
[类型:烧 CD 的 ShellFolder <IE控件>]
[内容:%SystemRoot%\system32\SHELL32.dll]

[编号:183]
[名称:{FD78D554-4C6E-11D0-970D-00A0C9191601}]
[类型:DiskManagement.Connection <IE控件>]
[内容:%SystemRoot%\System32\dmdskmgr.dll]

------------------------------------------------------------------------------------------

[编号:185]
[名称:PostBootReminder]
[类型:正常嵌入对象]
[内容:%SystemRoot%\system32\SHELL32.dll]

[编号:186]
[名称:CDBurn]
[类型:正常嵌入对象]
[内容:%SystemRoot%\system32\SHELL32.dll]

[编号:187]
[名称:WebCheck]
[类型:正常嵌入对象]
[内容:%SystemRoot%\system32\webcheck.dll]

[编号:188]
[名称:SysTray]
[类型:正常嵌入对象]
[内容:C:\WINDOWS\system32\stobject.dll]

------------------------------------------------------------------------------------------

[编号:190]
[名称:]
[类型:EXE关联]
[内容:"%1" %*]

[编号:191]
[名称:]
[类型:TXT关联]
[内容:C:\WINDOWS\notepad.exe %1]

[编号:192]
[名称:]
[类型:vbs关联]
[内容:%SystemRoot%\System32\WScript.exe "%1" %*]

[编号:193]
[名称:]
[类型:Js关联]
[内容:%SystemRoot%\System32\WScript.exe "%1" %*]

[编号:194]
[名称:]
[类型:htmlfile关联]
[内容:"C:\Program Files\Internet Explorer\iexplore.exe" -nohome]

[编号:195]
[名称:]
[类型:HTTP协议]
[内容:"C:\Program Files\Internet Explorer\iexplore.exe" -nohome]

[编号:196]
[名称:]
[类型:FTP协议]
[内容:"C:\Program Files\Internet Explorer\iexplore.exe" %1]

------------------------------------------------------------------------------------------

-----------------------------------危险级别比较高的项目--------------------------------------

[编号:33 - 可疑级别:*****]
[名称:C:\WINDOWS\system32\atgnehz.dll]
[类型:已加载DLL]
[内容:未知]



[编号:34 - 可疑级别:*****]
[名称:C:\WINDOWS\system32\jemnaw.dll]
[类型:已加载DLL]
[内容:未知]



[编号:35 - 可疑级别:*****]
[名称:C:\WINDOWS\system32\sve.dll]
[类型:已加载DLL]
[内容:未知]



[编号:71 - 可疑级别:*****]
[名称:C:\WINDOWS\system32\mfdesy.dll]
[类型:已加载DLL]
[内容:未知]



[编号:106 - 可疑级别:*****]
[名称:C:\Autorun.inf]
[类型:自动播放文件]
[内容:]



[编号:107 - 可疑级别:*****]
[名称:C:\\]
[类型:自动播放程序]
[内容:]



[编号:108 - 可疑级别:*****]
[名称:D:\Autorun.inf]
[类型:自动播放文件]
[内容:]



[编号:109 - 可疑级别:*****]
[名称:D:\\]
[类型:自动播放程序]
[内容:]



[编号:110 - 可疑级别:*****]
[名称:E:\Autorun.inf]
[类型:自动播放文件]
[内容:]



[编号:111 - 可疑级别:*****]
[名称:E:\\]
[类型:自动播放程序]
[内容:]



[编号:112 - 可疑级别:*****]
[名称:F:\Autorun.inf]
[类型:自动播放文件]
[内容:]



[编号:113 - 可疑级别:*****]
[名称:F:\\]
[类型:自动播放程序]
[内容:]



[编号:115 - 可疑级别:*****]
[名称:360TimeProt]
[类型:服务:未知]
[内容:c:\windows\system32\drivers\360timeprot.sys]



[编号:116 - 可疑级别:*****]
[名称:AFD]
[类型:服务:未知]
[内容:\SystemRoot\System32\drivers\afd.sys]



[编号:119 - 可疑级别:*****]
[名称:ATI2HDDSRV]
[类型:服务:未知]
[内容:c:\windows\system32\drivers\ati32srv.sys]



[编号:122 - 可疑级别:*****]
[名称:HookCont]
[类型:服务:未知]
[内容:\SystemRoot\system32\drivers\HookCont.sys]



[编号:123 - 可疑级别:*****]
[名称:HookNtos]
[类型:服务:未知]
[内容:\SystemRoot\system32\drivers\HookNtos.sys]



[编号:124 - 可疑级别:*****]
[名称:HookReg]
[类型:服务:未知]
[内容:\SystemRoot\system32\drivers\HookReg.sys]



[编号:125 - 可疑级别:*****]
[名称:HookSys]
[类型:服务:未知]
[内容:\SystemRoot\system32\drivers\HookSys.sys]



[编号:127 - 可疑级别:*****]
[名称:iCafe Update]
[类型:服务:未知]
[内容:c:\windows\system32\drivers\pcihdd2.sys]



[编号:129 - 可疑级别:*****]
[名称:msertk]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\drivers\msyecp.sys]



[编号:130 - 可疑级别:*****]
[名称:msskye]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\drivers\msaclue.sys]



[编号:131 - 可疑级别:*****]
[名称:NVIDIA Display Driver Service]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\nvsvc32.exe]



[编号:141 - 可疑级别:*****]
[名称:System Restore Filter Driver]
[类型:服务:未知]
[内容:\SystemRoot\system32\DRIVERS\sr.sys]

日志错了，看置顶帖