谢谢，请各位老大帮我分析一下！！

我不知道有没有发错地方，要是发错了，请各位包涵！！

请各位帮我分析一下！！我最近中了木马，实在不知道该怎么办了！！

多谢各位了！！

用户系统信息：Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; QQDownload 1.7; Mozilla/4.0(Compatible Mozilla/4.0(Compatible-EmbeddedWB 14.59 http://bsalsa.com/ EmbeddedWB- 14.59  from: http://bsalsa.com/ ; .NET CLR 2.0.50727)

--------------------------系统环境-------------------------
检测日期: 2008-5-6 19:21
Windows: Microsoft Windows XP
ServicePack: Service Pack 2
Update: 2600.xpsp_sp2_gdr.070227-2254
Internet Explorer: 7.0.5840.16384


-----------------------网络基础安全测试--------------------
密码安全检测:已经设置了管理员密码,建议:将密码复杂度和长度提高!
网络漏洞检测:存在IPC$空连接,但已经禁止匿名访问,安全!

服务名称        是否运行              描述
RemoteRegistry [运行中] [说明:这个服务可能被利用远程操作注册表]
Windows Time  [运行中] [说明:这个服务可能被黑客利用来启动木马]
Telnet        [已停止] [说明:这个服务可能被黑客登录到您计算机]
Messenger      [已停止] [说明:这个服务常被广告商用来发垃圾广告]
Server        [运行中] [说明:如果你的电脑不用局域网中,可以关闭]
建议在[控制面板]-[管理工具]-[服务]中,找到这些服务关闭并设置为[禁用].

--------------------计算机系统组件体检----------------------
[编号:0]
[名称:\SystemRoot\System32\smss.exe]
[类型:运行进程]
[内容:未知]

[编号:1]
[名称:\??\C:\WINDOWS\system32\csrss.exe]
[类型:运行进程]
[内容:未知]

[编号:2]
[名称:\??\C:\WINDOWS\system32\winlogon.exe]
[类型:运行进程]
[内容:未知]

[编号:3]
[名称:C:\WINDOWS\system32\services.exe]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:4 - 可疑级别:*]
[名称:C:\WINDOWS\system32\lsass.exe]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:5 - 可疑级别:*]
[名称:C:\WINDOWS\system32\svchost.exe]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:6 - 可疑级别:*]
[名称:C:\WINDOWS\system32\svchost.exe]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:7 - 可疑级别:*]
[名称:C:\WINDOWS\System32\svchost.exe]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:8]
[名称:C:\PROGRA~1\完美卸~1\PnpWMmng.exe]
[类型:运行进程]
[内容:完美卸载防毒服务 Copyright ? 2006 完美卸载]

[编号:9 - 可疑级别:*]
[名称:C:\WINDOWS\system32\svchost.exe]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:10 - 可疑级别:*]
[名称:C:\WINDOWS\system32\svchost.exe]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:11 - 可疑级别:*]
[名称:C:\WINDOWS\system32\svchost.exe]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:12 - 可疑级别:*]
[名称:C:\WINDOWS\Explorer.EXE]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:13 - 可疑级别:*]
[名称:C:\WINDOWS\system32\spoolsv.exe]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:14 - 可疑级别:*]
[名称:C:\WINDOWS\system32\BoBoTurbo\BoBoTurbo.exe]
[类型:运行进程]
[内容:BoBo P2P多媒体网络点播/广播/直播系统 加速器 Copyright (C) 2005-2007 17BoBo.com]

[编号:15 - 可疑级别:*]
[名称:C:\WINDOWS\system32\svchost.exe]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:16 - 可疑级别:*]
[名称:C:\WINDOWS\System32\alg.exe]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:17 - 可疑级别:*]
[名称:C:\WINDOWS\system32\wuauclt.exe]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:18 - 可疑级别:*]
[名称:C:\WINDOWS\VM_STI.EXE]
[类型:运行进程]
[内容:VM., 2002. VM., 2002.]

[编号:19 - 可疑级别:*]
[名称:C:\WINDOWS\system32\Rundll32.exe]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:20 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\RavTask.exe]
[类型:运行进程]
[内容:Rising Antivirus 2008 Rising Corp.All rights reserved.]

[编号:21 - 可疑级别:*]
[名称:C:\Program Files\Rising\KakaToolBar\runiep.exe]
[类型:运行进程]
[内容:runiep 应用程序 Rising Corp. All rights reserved.]

[编号:22 - 可疑级别:*]
[名称:C:\Program Files\OCINS\idnsvr.exe]
[类型:运行进程]
[内容: Copyright CNNIC 2006 - 2007]

[编号:23 - 可疑级别:*]
[名称:C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe]
[类型:运行进程]
[内容:  YLive Copyright  2005 Yahoo! China]

[编号:24 - 可疑级别:*]
[名称:C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe]
[类型:运行进程]
[内容:Yahoo! AssistSetting Copyright cn.yahoo.com 2004]

[编号:25 - 可疑级别:*]
[名称:C:\WINDOWS\system32\ctfmon.exe]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:7 - 可疑级别:*]
[名称:C:\WINDOWS\System32\svchost.exe]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:8]
[名称:C:\PROGRA~1\完美卸~1\PnpWMmng.exe]
[类型:运行进程]
[内容:完美卸载防毒服务 Copyright ? 2006 完美卸载]

[编号:9 - 可疑级别:*]
[名称:C:\WINDOWS\system32\svchost.exe]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:10 - 可疑级别:*]
[名称:C:\WINDOWS\system32\svchost.exe]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:11 - 可疑级别:*]
[名称:C:\WINDOWS\system32\svchost.exe]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:12 - 可疑级别:*]
[名称:C:\WINDOWS\Explorer.EXE]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:13 - 可疑级别:*]
[名称:C:\WINDOWS\system32\spoolsv.exe]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:14 - 可疑级别:*]
[名称:C:\WINDOWS\system32\BoBoTurbo\BoBoTurbo.exe]
[类型:运行进程]
[内容:BoBo P2P多媒体网络点播/广播/直播系统 加速器 Copyright (C) 2005-2007 17BoBo.com]

[编号:15 - 可疑级别:*]
[名称:C:\WINDOWS\system32\svchost.exe]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:16 - 可疑级别:*]
[名称:C:\WINDOWS\System32\alg.exe]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:17 - 可疑级别:*]
[名称:C:\WINDOWS\system32\wuauclt.exe]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:18 - 可疑级别:*]
[名称:C:\WINDOWS\VM_STI.EXE]
[类型:运行进程]
[内容:VM., 2002. VM., 2002.]

[编号:19 - 可疑级别:*]
[名称:C:\WINDOWS\system32\Rundll32.exe]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:20 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\RavTask.exe]
[类型:运行进程]
[内容:Rising Antivirus 2008 Rising Corp.All rights reserved.]

[编号:21 - 可疑级别:*]
[名称:C:\Program Files\Rising\KakaToolBar\runiep.exe]
[类型:运行进程]
[内容:runiep 应用程序 Rising Corp. All rights reserved.]

[编号:22 - 可疑级别:*]
[名称:C:\Program Files\OCINS\idnsvr.exe]
[类型:运行进程]
[内容: Copyright CNNIC 2006 - 2007]

[编号:23 - 可疑级别:*]
[名称:C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe]
[类型:运行进程]
[内容:  YLive Copyright  2005 Yahoo! China]

[编号:24 - 可疑级别:*]
[名称:C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe]
[类型:运行进程]
[内容:Yahoo! AssistSetting Copyright cn.yahoo.com 2004]

[编号:25 - 可疑级别:*]
[名称:C:\WINDOWS\system32\ctfmon.exe]
[类型:运行进程]
[内容:Microsoft 数字验证通过!]

[编号:26 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\Rav.exe]
[类型:运行进程]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:27]
[名称:C:\Program Files\完美卸载V2007 完整版\MainCon.exe]
[类型:运行进程]
[内容:完美卸载 主控台 版权所有 (C) 完美卸载]

[编号:28]
[名称:C:\Program Files\完美卸载V2007 完整版\SysSec.exe]
[类型:运行进程]
[内容:完美卸载V2007-ChinaHijackThis 版权所有 (C) 2006]

[编号:29 - 可疑级别:*]
[名称:C:\Program Files\完美卸载V2007 完整版\WmNetPro.exe]
[类型:运行进程]
[内容:天盾网络防火墙 版权所有 (C) 2005 王剑锋]

------------------------------------------------------------------------------------------

[编号:31 - 可疑级别:*]
[名称:C:\Documents and Settings\Administrator\桌面\新建文件夹\Rising\Rfw\ijt_base.dll]
[类型:已加载DLL]
[内容:Rising Personal FireWall 2008 Rising Corp. All rights reserved.]

[编号:32 - 可疑级别:*]
[名称:C:\Documents and Settings\Administrator\桌面\新建文件夹\Rising\Rfw\olemon.dll]
[类型:已加载DLL]
[内容:Rising Personal FireWall 2008 Rising Corp. All rights reserved.]

[编号:33 - 可疑级别:xxx**]
[名称:C:\WINDOWS\system32\msosdohs02.dll]
[类型:已加载DLL]
[内容:未知]

[编号:34 - 可疑级别:xxx**]
[名称:C:\WINDOWS\system32\msosping00.dll]
[类型:已加载DLL]
[内容:未知]

[编号:35 - 可疑级别:*]
[名称:C:\WINDOWS\TEMP\dat9.tmp]
[类型:已加载DLL]
[内容:PowerMgr Dynamic Link Library 版权所有 (C) 2007]

[编号:36 - 可疑级别:*]
[名称:C:\WINDOWS\system32\AcSignIcon.dll]
[类型:已加载DLL]
[内容:AcSignIcon Module Copyright (c) 1982-2006 by Autodesk, Inc.]

[编号:37 - 可疑级别:*]
[名称:C:\WINDOWS\system32\shlhook.dll]
[类型:已加载DLL]
[内容:瑞星卡卡上网安全助手4.0 Rising Corp. All rights reserved.]

[编号:38 - 可疑级别:*]
[名称:C:\WINDOWS\system32\RavExt.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:39 - 可疑级别:xxx**]
[名称:C:\WINDOWS\system32\mfdesy.dll]
[类型:已加载DLL]
[内容:未知]

[编号:40 - 可疑级别:xxx**]
[名称:C:\WINDOWS\system32\tdffdl.dll]
[类型:已加载DLL]
[内容:未知]

[编号:41 - 可疑级别:xxx**]
[名称:C:\WINDOWS\system32\wfrdvq.dll]
[类型:已加载DLL]
[内容:未知]

[编号:42 - 可疑级别:xxx**]
[名称:C:\WINDOWS\system32\zjydcx.dll]
[类型:已加载DLL]
[内容:未知]

[编号:43 - 可疑级别:xxx**]
[名称:C:\WINDOWS\system32\hhrdxd.dll]
[类型:已加载DLL]
[内容:未知]

[编号:44 - 可疑级别:xxx**]
[名称:C:\WINDOWS\system32\wyrsdj.dll]
[类型:已加载DLL]
[内容:未知]

[编号:45 - 可疑级别:xxx**]
[名称:C:\WINDOWS\system32\jdsaex.dll]
[类型:已加载DLL]
[内容:未知]

[编号:46 - 可疑级别:xxx**]
[名称:C:\WINDOWS\system32\hfrdzx.dll]
[类型:已加载DLL]
[内容:未知]

[编号:47 - 可疑级别:xxx**]
[名称:C:\WINDOWS\system32\pedadt.dll]
[类型:已加载DLL]
[内容:未知]

[编号:48 - 可疑级别:xxx**]
[名称:C:\WINDOWS\system32\sqavpw0.dll]
[类型:已加载DLL]
[内容:未知]

[编号:49 - 可疑级别:xxx**]
[名称:C:\WINDOWS\system32\tfsdmz.dll]
[类型:已加载DLL]
[内容:未知]

[编号:50 - 可疑级别:xxx**]
[名称:C:\WINDOWS\system32\mxavpw0.dll]
[类型:已加载DLL]
[内容:未知]

[编号:51 - 可疑级别:xxx**]
[名称:C:\WINDOWS\system32\ttDXYDXY1014.dll]
[类型:已加载DLL]
[内容:未知]

[编号:52 - 可疑级别:xxx**]
[名称:C:\WINDOWS\system32\ttNNBNNB1056.dll]
[类型:已加载DLL]
[内容:未知]

[编号:53 - 可疑级别:xxx**]
[名称:C:\WINDOWS\system32\ttHADHAD1071.dll]
[类型:已加载DLL]
[内容:未知]

[编号:54 - 可疑级别:xxx**]
[名称:C:\WINDOWS\system32\fsrgeb.dll]
[类型:已加载DLL]
[内容:未知]

[编号:55 - 可疑级别:xxx**]
[名称:C:\WINDOWS\system32\seprhg.dll]
[类型:已加载DLL]
[内容:未知]

[编号:56 - 可疑级别:xxx**]
[名称:C:\WINDOWS\system32\hikadx.dll]
[类型:已加载DLL]
[内容:未知]

[编号:57 - 可疑级别:xxx**]
[名称:C:\WINDOWS\system32\jgnomr.dll]
[类型:已加载DLL]
[内容:未知]

[编号:58 - 可疑级别:xxx**]
[名称:C:\WINDOWS\system32\juquvh.dll]
[类型:已加载DLL]
[内容:未知]

[编号:59 - 可疑级别:xxx**]
[名称:C:\WINDOWS\system32\zuuugx.dll]
[类型:已加载DLL]
[内容:未知]

[编号:60 - 可疑级别:xxx**]
[名称:C:\WINDOWS\system32\fqqhhh.dll]
[类型:已加载DLL]
[内容:未知]

[编号:61 - 可疑级别:xxx**]
[名称:C:\WINDOWS\system32\wqvlrj.dll]
[类型:已加载DLL]
[内容:未知]

[编号:62 - 可疑级别:xxx**]
[名称:C:\WINDOWS\system32\qlsopow.dll]
[类型:已加载DLL]
[内容:未知]

[编号:63 - 可疑级别:*]
[名称:C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll]
[类型:已加载DLL]
[内容:AcSignCore Module Copyright (c) 1982-2006 by Autodesk, Inc.]

[编号:64 - 可疑级别:*]
[名称:C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]
[类型:已加载DLL]
[内容:Helper Module Copyright 2004]

[编号:65 - 可疑级别:xxx**]
[名称:C:\WINDOWS\system32\fmsjhif.dll]
[类型:已加载DLL]
[内容:未知]

[编号:66 - 可疑级别:xxx**]
[名称:C:\WINDOWS\system32\fmsbbqi.dll]
[类型:已加载DLL]
[内容:未知]

[编号:67 - 可疑级别:xxx**]
[名称:C:\WINDOWS\system32\yuiabct.dll]
[类型:已加载DLL]
[内容:未知]

[编号:68 - 可疑级别:*]
[名称:C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]
[类型:已加载DLL]
[内容:SPlus Module 腾讯科技（深圳）有限公司 版权所有 (C) 2007]

[编号:69 - 可疑级别:xxx**]
[名称:C:\WINDOWS\system32\mfchlp64.dll]
[类型:已加载DLL]
[内容:未知]

[编号:70 - 可疑级别:xxx**]
[名称:C:\WINDOWS\system32\fiosectc.dll]
[类型:已加载DLL]
[内容:未知]

[编号:71 - 可疑级别:xxx**]
[名称:C:\WINDOWS\system32\bincdwsa.dll]
[类型:已加载DLL]
[内容:未知]

[编号:72 - 可疑级别:*]
[名称:C:\PROGRA~1\Yahoo!\ASSIST~1\yalive.dll]
[类型:已加载DLL]
[内容:YAlive Module Copyright 2005]

[编号:73 - 可疑级别:*]
[名称:C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll]
[类型:已加载DLL]
[内容:  LiveEx Copyright ? 2005]

[编号:74 - 可疑级别:xxx**]
[名称:C:\Program Files\WinRAR\rarext.dll]
[类型:已加载DLL]
[内容:未知]

[编号:75 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\RSCOMMON.DLL]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:76 - 可疑级别:*]
[名称:C:\WINDOWS\system32\VM31bPrp.Ax]
[类型:已加载DLL]
[内容:VM., 2002. VM., 2002.]

[编号:77 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\ProcCom.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:78 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\RsCommX2.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:79 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\RSAPPMGR.DLL]
[类型:已加载DLL]
[内容:Rising AntiVirus 2006 Rising Corp. All rights reserved.]

[编号:80 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\CfgDll.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:81 - 可疑级别:*]
[名称:C:\WINDOWS\system32\ieprot.dll]
[类型:已加载DLL]
[内容:IE Protector Copyright(c) 1998-2006 Beijing  Rising  Technology  Corporation  Limited]

[编号:82 - 可疑级别:*]
[名称:C:\Program Files\OCINS\idnsvr.dll]
[类型:已加载DLL]
[内容: Copyright CNNIC 2006 - 2007]

[编号:83 - 可疑级别:*]
[名称:C:\PROGRA~1\Yahoo!\Assistant\shell\yAssecblk.dll]
[类型:已加载DLL]
[内容:yassecblk module ]

[编号:84 - 可疑级别:*]
[名称:C:\PROGRA~1\Yahoo!\Assistant\shell\yMenuInfo.dll]
[类型:已加载DLL]
[内容:Yahoo MenuInfo Copyright Yahoo!]

[编号:85 - 可疑级别:*]
[名称:C:\PROGRA~1\Yahoo!\Assistant\shell\yIEAngel.dll]
[类型:已加载DLL]
[内容:Yahoo IEAngel Copyright Yahoo! 2004]

[编号:86 - 可疑级别:*]
[名称:C:\PROGRA~1\Yahoo!\Assistant\shell\yAsMenu.dll]
[类型:已加载DLL]
[内容:yAsMenu module ]

[编号:87 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\Rsguilib.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:88 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\RsXML.dll]
[类型:已加载DLL]
[内容:Rising Antivirus Software Copyright (c) 1998-2007 Rising Corp.]

[编号:89 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\PngDll.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:90 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\ravpagem.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:91 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\htmllib.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:92 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\ravpagew.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:93 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\fakescan.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:94 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\Scanner.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:95 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\BWList.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:96 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\SysMail.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:97 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\recomp.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:98 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\refs.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:99 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\viruslib.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:100 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\relibldr.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:101 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\mvengine.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:102 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\posttrt.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:103 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\ffr.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:104 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\nvfile.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:105 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\scanexec.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:106 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\unexe.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:107 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\scanex.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:108 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\pearc.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:109 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\extfile.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:110 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\scanpack.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:111 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\revm.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:112 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\urutils.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:113 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\ur000.dat]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:114 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\extole.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:115 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\scansct.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:116 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\RsStore.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:117 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\RsLog.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:118 - 可疑级别:*]
[名称:C:\Program Files\Rising\Rav\extmail.dll]
[类型:已加载DLL]
[内容:Rising AntiVirus 2008 Rising Corp. All rights reserved.]

[编号:119]
[名称:C:\Program Files\完美卸载V2007 完整版\SkinPlusPlus.dll]
[类型:已加载DLL]
[内容:完美卸载图形模块 完美卸载图形模块 Skin++提供]

[编号:120]
[名称:C:\Program Files\完美卸载V2007 完整版\CheckTrust.dll]
[类型:已加载DLL]
[内容:完美卸载数字验证模块 Copyright(C) 完美卸载. All rights reserved.]

[编号:145 - 可疑级别:xxx**]
[名称:7E8B4556]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\90491126.EXE -7E8B4556]

[编号:146 - 可疑级别:xxx**]
[名称:9CBBA979]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\A628C60E.EXE -d]

[编号:147 - 可疑级别:*]
[名称:Intel(r) 82801 Audio Driver Install Service (WDM)]
[类型:服务:Intel(r) Integrated Controller Hub Audio Driver Copyright (C) Intel Corporation 1998-2001]
[内容:C:\WINDOWS\system32\drivers\ac97intc.sys]

[编号:148 - 可疑级别:xxx**]
[名称:ADProt]
[类型:服务:未知]
[内容:\SystemRoot\system32\drivers\ADProt.sys]

[编号:149 - 可疑级别:xxx**]
[名称:AFD]
[类型:服务:未知]
[内容:\SystemRoot\System32\drivers\afd.sys]

[编号:150]
[名称:AlcwNetDrv]
[类型:服务:未知]
[内容:c:\windows\system32\drivers\alcwnetdrv.sys]

[编号:151]
[名称:AlcwWmDrv]
[类型:服务:未知]
[内容:c:\windows\system32\drivers\alcwwmdrv.sys]

[编号:152 - 可疑级别:xxx**]
[名称:ASP.NET 状态服务]
[类型:服务:未知]
[内容:C:\WINDOWS\microsoft.net\framework\v2.0.50727\aspnet_state.exe]

[编号:153 - 可疑级别:xxx**]
[名称:ATSpy]
[类型:服务:未知]
[内容:c:\windows\system32\atspy.sys]

[编号:154 - 可疑级别:*]
[名称:Autodesk Licensing Service]
[类型:服务:Autodesk Licensing Service (null)]
[内容:"C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"]

[编号:155 - 可疑级别:*]
[名称:Rising TDI Base Driver]
[类型:服务:Rising PFW Copyright(c) 1998-2006 Beijing  Rising  Technology  Corporation  Limited]
[内容:C:\WINDOWS\system32\drivers\basetdi.sys]

[编号:156 - 可疑级别:*]
[名称:BoBoTurbo]
[类型:服务:BoBo P2P多媒体网络点播/广播/直播系统 加速器 Copyright (C) 2005-2007 17BoBo.com]
[内容:C:\WINDOWS\system32\BoBoTurbo\BoBoTurbo.exe]

[编号:157 - 可疑级别:*]
[名称:cnprov]
[类型:服务:中文上网官方版 Copyright (c) . All rights reserved.]
[内容:C:\WINDOWS\system32\drivers\cnprov.sys]

[编号:158 - 可疑级别:*]
[名称:DCOM Server Process Launcher]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\svchost ]

[编号:159 - 可疑级别:xxx**]
[名称:dohs]
[类型:服务:未知]
[内容:c:\windows\temp\tmpc.tmp]

[编号:160 - 可疑级别:xxx**]
[名称:ExpScaner]
[类型:服务:未知]
[内容:e:\program files\rising\rav\expscan.sys]

[编号:161 - 可疑级别:xxx**]
[名称:FwDrv]
[类型:服务:未知]
[内容:e:\program files\rising\rfw\fwdrv.sys]

[编号:162 - 可疑级别:xxx**]
[名称:HOOKAPI]
[类型:服务:未知]
[内容:e:\program files\rising\rav\hookapi.sys]

[编号:163 - 可疑级别:xxx**]
[名称:HookCont]
[类型:服务:未知]
[内容:\SystemRoot\system32\drivers\HookCont.sys]

[编号:164 - 可疑级别:xxx**]
[名称:HookNtos]
[类型:服务:未知]
[内容:\SystemRoot\system32\drivers\HookNtos.sys]

[编号:165 - 可疑级别:xxx**]
[名称:HookReg]
[类型:服务:未知]
[内容:\SystemRoot\system32\drivers\HookReg.sys]

[编号:166 - 可疑级别:xxx**]
[名称:HookSys]
[类型:服务:未知]
[内容:\SystemRoot\system32\drivers\HookSys.sys]

[编号:167 - 可疑级别:xxx**]
[名称:idgen]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\drivers\idgen.sys]

[编号:168 - 可疑级别:xxx**]
[名称:ipdname]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\drivers\ipdname.sys]

[编号:169 - 可疑级别:xxx**]
[名称:MEMSCAN]
[类型:服务:未知]
[内容:e:\program files\rising\rav\memscan.sys]

[编号:170 - 可疑级别:xxx**]
[名称:mhfp]
[类型:服务:未知]
[内容:c:\windows\temp\tmp4.tmp]

[编号:171 - 可疑级别:xxx**]
[名称:msp2p32]
[类型:服务:未知]
[内容:c:\windows\system32\drivers\msosmsp2p32.sys]

[编号:172 - 可疑级别:*]
[名称:npkcrypt]
[类型:服务:nProtect KeyCrypt Driver Copyright (C) INCA Internet. 2000-2005]
[内容:c:\program files\tencent\qq\npkcrypt.sys]

[编号:173 - 可疑级别:xxx**]
[名称:npkycryp]
[类型:服务:未知]
[内容:c:\program files\tencent\qq\npkycryp.sys]

[编号:174 - 可疑级别:xxx**]
[名称:pbtddas]
[类型:服务: ]
[内容:C:\WINDOWS\system32\drivers\pbtddas.sys]

[编号:175 - 可疑级别:xxx**]
[名称:ping]
[类型:服务:未知]
[内容:c:\windows\temp\tmp14.tmp]

[编号:176]
[名称:PnpWmkDrv]
[类型:服务:Windows (R) 2000 DDK driver ]
[内容:c:\windows\system32\drivers\pnpwmkdrv.sys]

[编号:177 - 可疑级别:*]
[名称:QKeyServiceDisplay]
[类型:服务:  KeyCrypt Copyright (c) 1998 - 2007 TENCENT Inc. All rights reserved.]
[内容:C:\WINDOWS\system32\keycrypt.sys]

[编号:178 - 可疑级别:*]
[名称:Remote Procedure Call (RPC)]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\svchost ]

[编号:179 - 可疑级别:*]
[名称:RsAntiSpyware]
[类型:服务:Rising KaKa Rising Corp. All rights reserved.]
[内容:C:\WINDOWS\system32\drivers\rsboot.sys]

[编号:180 - 可疑级别:*]
[名称:Rising Process Communication Center]
[类型:服务:Rising AntiVirus 2008 Rising Corp. All rights reserved.]
[内容:"C:\Program Files\Rising\Rav\CCenter.exe"]

[编号:181 - 可疑级别:*]
[名称:RsNTGDI]
[类型:服务:Rising AntiVirus 2008 Rising Corp. All rights reserved.]
[内容:C:\WINDOWS\system32\drivers\rsntgdi.sys]

[编号:182 - 可疑级别:*]
[名称:Rising RealTime Monitor]
[类型:服务:Rising AntiVirus 2008 Rising Corp. All rights reserved.]
[内容:"C:\PROGRAM FILES\RISING\RAV\Ravmond.exe"]

[编号:183 - 可疑级别:*]
[名称:Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver]
[类型:服务:Realtek RTL8139 Family Fast Ethernet Adapter Copyright (C) 1994-2003 Realtek Semiconductor Corporation]
[内容:C:\WINDOWS\system32\drivers\rtl8139.sys]

[编号:184 - 可疑级别:xxx**]
[名称:rwbqv]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\drivers\rwbqv.sys]

[编号:185 - 可疑级别:xxx**]
[名称:Windows Install Helper]
[类型:服务:未知]
[内容:C:\WINDOWS\SYSTEM32\RUNDLLFOROUR.EXE C:\WINDOWS\SYSTEM32\WBEM\DMHVN.DLL,DllRegisterServer 1087]

[编号:186 - 可疑级别:*]
[名称:Terminal Services]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\svchost ]

[编号:187 - 可疑级别:*]
[名称:TesSafe]
[类型:服务:TesSafe Protector Copyright (c) 2007 TENCENT Inc. All Rights Reserved]
[内容:c:\windows\system32\tessafe.sys]

[编号:188 - 可疑级别:xxx**]
[名称:uzvrrq85]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\drivers\uzvrrq85.sys]

[编号:189 - 可疑级别:xxx**]
[名称:vrbiiv03]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\drivers\vrbiiv03.sys]

[编号:190]
[名称:WmNdisDrv]
[类型:服务:Windows (R) 2000 DDK driver ]
[内容:C:\WINDOWS\system32\drivers\wmndisdrv.sys]

[编号:191]
[名称:WmRegProDrv]
[类型:服务:Windows (R) 2000 DDK driver ]
[内容:C:\WINDOWS\system32\drivers\wmregprodrv.sys]

[编号:192 - 可疑级别:xxx**]
[名称:WmTimeProDrv]
[类型:服务:未知]
[内容:c:\windows\system32\drivers\wmtimeprodrv.sys]

[编号:193 - 可疑级别:*]
[名称:USB PC Camera 301P]
[类型:服务:VM., 2002. VM., 2002.]
[内容:C:\WINDOWS\system32\drivers\usbvm31b.sys]

------------------------------------------------------------------------------------------

[编号:195]
[名称:Start Page]
[类型:IE主页-当前用户]
[内容:about:blank]

[编号:196]
[名称:Search Page]
[类型:IE搜索-当前用户]
[内容:http://go.microsoft.com/fwlink/?LinkId=54896]

[编号:197]
[名称:Start Page]
[类型:IE主页-所有用户]
[内容:about:blank]

[编号:198]
[名称:Search Page]
[类型:IE搜索-所有用户]
[内容:http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch]

[编号:199]
[名称:Default_Page_URL]
[类型:默认IE主页-所有用户]
[内容:http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome]

[编号:200]
[名称:Default_Search_URL]
[类型:默认IE搜索-所有用户]
[内容:http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch]

------------------------------------------------------------------------------------------

[编号:202 - 可疑级别:*]
[名称:QQCycloneHelper Class]
[类型:IE 嵌入对象]
[内容:C:\Program Files\Tencent\QQDownload\QQIEHelper01.dll]

[编号:203 - 可疑级别:*]
[名称:WebThunder Browser Helper]
[类型:IE 嵌入对象]
[内容:C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll]

[编号:204 - 可疑级别:*]
[名称:sosHlpr Class]
[类型:IE 嵌入对象]
[内容:C:\WINDOWS\system32\obcts.dll]

[编号:205 - 可疑级别:*]
[名称:Tencent Browser Helper]
[类型:IE 嵌入对象]
[内容:C:\Program Files\TENCENT\SSPlus\SAddr.dll]

[编号:206 - 可疑级别:*]
[名称:Yahoo!Photo]
[类型:IE 嵌入对象]
[内容:C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll]

[编号:207 - 可疑级别:*]
[名称:AntiFish Class]
[类型:IE 嵌入对象]
[内容:C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll]

[编号:208 - 可疑级别:*]
[名称:雅虎助手]
[类型:IE 嵌入对象]
[内容:C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll]

[编号:209 - 可疑级别:*]
[名称:DragSearch BHO]
[类型:IE 嵌入对象]
[内容:C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL]

[编号:210 - 可疑级别:*]
[名称:]
[类型:IE 嵌入对象]
[内容:C:\WINDOWS\system32\SSup.dll]

[编号:211 - 可疑级别:*]
[名称:IEAux Class]
[类型:IE 嵌入对象]
[内容:C:\PROGRA~1\OCINS\ieaux.dll]

[编号:212 - 可疑级别:*]
[名称:QuickFlash]
[类型:IE 嵌入对象]
[内容:C:\WINDOWS\system32\fsutk.dll]