启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
    <swg><C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe>  [(Verified)Google Inc]
    <bm><C:\DOCUME~1\LLL~1.LXS\LOCALS~1\Temp\winlog0n.exe>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows Publisher]
    <SysExplr><d:\HEROSOFT\Hero3000\SYSEXPLR.EXE>  []
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <WebThunder><"C:\Program Files\Thunder Network\WebThunder\WebThunder.exe">  [(Verified)ShenZhen Thunder Networking Technologies Ltd.]
    <miniqqlive><"C:\Program Files\Tencent\QQLive\MiniQQLive.exe">  [N/A]
    <Flashget><"D:\新建文件夹 (15)\FlashGet.exe" /min>  [FlashGet.com]
    <Thunder><"C:\Program Files\Thunder Network\Thunder\Thunder.exe" /s>  [N/A]
    <YLive.exe><C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe>  [(Verified)"beijing yahoo consulting and service co., ltd."]
    <System><C:\Program Files\Common Files\system\Updaterun.exe>  []
    <stup.exe><Rundll32.exe C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll,Rundll32 R>  [TENCENT]
    <CdnCtr><C:\Program Files\CNNIC\Cdn\cdnup.exe>  [CNNIC]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><userinit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
    <{4BAB150F-DD97-476D-9C1E-41B6CDC0CA7A}><>  [N/A]
    <{E568441B-9EF3-49F8-9A67-4141AC41ADD4}><C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll>  [(Verified)"beijing yahoo consulting and service co., ltd."]
    <{D157330A-9EF3-49F8-9A67-4141AC41ADD4}><C:\WINDOWS\DOWNLO~1\CnsHook.dll>  [北京三七二一科技有限公司]
    <{C883F785-2E24-2157-7ADD-5B002D13D076}><C:\WINDOWS\system32\武林外传私服登陆器3qso.dll>  []
    <{754FB7D8-B8FE-4810-B363-A788CD060F1F}><C:\Program Files\Internet Explorer\PLUGINS\System64.Sys>  []
    <{C5E87A05-F463-4841-B19E-DD3EC3862368}><C:\Program Files\Internet Explorer\IEXPLORE32.Sys>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    <WinlogonNotify: WgaLogon><WgaLogon.dll>  [(Verified)Microsoft Corporation]
[]
    <C:><; >  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <helper.dll><; C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32>  []
    <hxgame-update><; C:\Program Files\hxupdate\hxgame-update.exe>  [N/A]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <MSMSGS><; "C:\Program Files\Messenger\msmsgs.exe" /background>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <PDF Converter Registry Controller><; "C:\Program Files\ScanSoft\PDF Converter 2.0\\RegistryController.exe">  [ScanSoft, Inc.]
    <PDFConverterReminder><; "C:\Program Files\ScanSoft\PDF Converter 2.0\Ereg\Ereg.exe" -r "C:\Program Files\ScanSoft\PDF Converter 2.0\Ereg\ereg.ini">  [N/A]
    <popo2004><; D:\xian\QQGame\popo2004\Start.exe>  [N/A]
    <run><; C:\WINDOWS\system32\rundll32.exe rsrc.dll s>  [N/A]
    <SSBkgdUpdate><; "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot>  [Scansoft, Inc.]
    <StormCodec_Helper><; "D:\storm\Storm Codec\StormSet.exe" /S /opti>  []
    <stup.exe><; C:\PROGRA~1\TENCENT\Adplus\stup.exe>  [N/A]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <swg><; C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <yassistse><; "C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe">  [N/A]
    <YLive.exe><; C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe>  [(Verified)"beijing yahoo consulting and service co., ltd."]

服务
[Network Security / AtHome][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\qeczj.dll><Microsoft Corporation>
[CoolWare / CoolWare][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\struts.dll><>
[Google Updater Service / gusvc][Stopped/Manual Start]
  <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Windows hwnc RunThem / hwnc][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\PROGRA~1\crix\mbsh.dll>< >
[ijjafo / ijjafo][Stopped/Auto Start]
  <C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\COMMON~1\vjjalo\vjjalo.dll,Service -s><Microsoft Corporation>
[Fax 2Client / ms_2fax][Running/Auto Start]
  <C:\WINDOWS\system32\340e1.exe><N/A>
[Fantasia Sango 3 CH (Pro_CD) Drivers Auto Removal (pr2ahvub) / pr2ahvub][Stopped/Auto Start]
  <C:\WINDOWS\system32\pr2ahvub.exe svc><USERJOY>
[Rising Proxy  Service / RfwProxySrv][Stopped/Manual Start]
  <c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
  <c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
  <"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[FrontLine Drivers Auto Removal (v2) / sfrem02][Stopped/Auto Start]
  <C:\WINDOWS\system32\sfrem02.exe svc><Protection Technology (StarForce)>
[Distributed Application Client / WIDETS][Running/Auto Start]
  <C:\WINDOWS\SYSTEM32\RUNDLLFOROUR.EXE C:\WINDOWS\SYSTEM32\WBEM\TFLOH.DLL,DllRegisterServer 1087><Microsoft Corporation>
驱动程序
[21121 / 21121][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\21121.sys><N/A>
[76541 / 76541][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\76541.sys><N/A>
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
  <system32\drivers\ac97intc.sys><Intel Corporation>
[acpidisk / acpidisk][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\acpidisk.sys><N/A>
[ADProt / ADProt][Stopped/System Start]
  <system32\drivers\ADProt.sys><腾讯科技（深圳）有限公司>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[cdnprot / cdnprot][Running/Boot Start]
  <\SystemRoot\system32\drivers\cdnprot.sys><中国互联网络信息中心(CNNIC)>
[cdntran / cdntran][Running/Auto Start]
  <system32\drivers\cdntran.sys><CNNIC>
[EagleNT / EagleNT][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\EagleNT.sys><N/A>
[ExpScaner / ExpScaner][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\ExpScan.sys><>
[ghfachcg / ghfachcg][Stopped/System Start]
  <\??\C:\WINDOWS\system32\drivers\ghfachcg.sys><N/A>
[gyromuc / gyromuc][Running/Boot Start]
  <\SystemRoot\system32\drivers\gyromuc.sys><>
[HookCont / HookCont][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\HookSys.sys><Rising>
[HookUrl / HookUrl][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[IGALIVE / IGALIVE][Running/Auto Start]
  <\??\C:\Program Files\IGALIVE\IGALIVE.sys><N/A>
[kalclcqir / kalclcqir][Stopped/Boot Start]
  <\SystemRoot\\SystemRoot\System32\drivers\kalclcqir.sys><N/A>
[MEMSCAN / MEMSCAN][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[mProcRs / mProcRs][Running/Auto Start]
  <\??\c:\program files\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[msqmx / msqmx][Running/Boot Start]
  <\SystemRoot\system32\drivers\msqmx.sys><N/A>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\D:\xian\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[npkycryp / npkycryp][Stopped/Manual Start]
  <\??\D:\xian\QQ\npkycryp.sys><N/A>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[odto / odtod][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\odtod.sys><N/A>
[oreans32 / oreans32][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\oreans32.sys><N/A>
[Fantasia Sango 3 CH (Pro_CD) Environment Driver (pe3ahvub) / pe3ahvub][Running/Boot Start]
  <\SystemRoot\system32\drivers\pe3ahvub.sys><USERJOY>
[Fantasia Sango 3 CH (Pro_CD) File System Driver (pf2ahvub) / pf2ahvub][Running/Boot Start]
  <\SystemRoot\system32\drivers\pf2ahvub.sys><USERJOY>
[Fantasia Sango 3 CH (Pro_CD) Synchronization Driver (ps6ahvub) / ps6ahvub][Running/Boot Start]
  <\SystemRoot\system32\drivers\ps6ahvub.sys><USERJOY>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[QKeyServiceDisplay / QKeyService][Running/Boot Start]
  <\SystemRoot\system32\KeyCrypt.sys><Tencent Technology (Shenzhen) Company Limited>
[RsFwDrv / RsFwDrv][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\RSPPSYS.sys><Rising>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[StarForce Protection Environment Driver (version 1.x) / sfdrv01][Running/Boot Start]
  <\SystemRoot\System32\drivers\sfdrv01.sys><Protection Technology>
[StarForce Protection Environment Driver (version 1.x.a) / sfdrv01a][Running/Boot Start]
  <\SystemRoot\System32\drivers\sfdrv01a.sys><Protection Technology (StarForce)>
[FrontLine Environment Driver (v2) / sfdrv02][Running/Boot Start]
  <\SystemRoot\system32\drivers\sfdrv02.sys><Protection Technology (StarForce)>
[StarForce Protection Helper Driver (version 2.x) / sfhlp02][Running/Boot Start]
  <\SystemRoot\System32\drivers\sfhlp02.sys><Protection Technology (StarForce)>
[StarForce Protection Synchronization Driver (version 3.x) / sfsync03][Running/Boot Start]
  <\SystemRoot\System32\drivers\sfsync03.sys><Protection Technology>
[StarForce Protection Synchronization Driver (version 4.x) / sfsync04][Running/Boot Start]
  <\SystemRoot\System32\drivers\sfsync04.sys><Protection Technology (StarForce)>
[FrontLine Synchronization Driver (v5) / sfsync05][Running/Boot Start]
  <\SystemRoot\system32\drivers\sfsync05.sys><Protection Technology (StarForce)>
[StarForce Protection VFS Driver (version 2.x) / sfvfs02][Running/Boot Start]
  <\SystemRoot\system32\drivers\sfvfs02.sys><Protection Technology (StarForce)>
[thjmvvpb / thjmvvpb][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\thjmvvpb.sys><Yahoo! China Corporation>
[R2A / R2A][Stopped/Disabled]
  <\??\C:\WINDOWS\system32a2.sys><N/A>

浏览器加载项
[WebThunder Browser Helper]
  {00000AAA-A363-466E-BEF5-9BB68697AA7F} <C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll, Thunder Networking Technologies,LTD>
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v5.dll, >
[Ad Engine]
  {077FD0C3-1291-4104-A356-41E36B252682} <C:\Program Files\Yayad\AdCore.dll, CDM>
[Tencent Browser Helper]
  {0C7C23EF-A848-485B-873C-0ED954731014} <C:\Program Files\TENCENT\SSPlus\SAddr.dll, Tencent>
[CAdLogic Object]
  {11F09AFD-75AD-4E51-AB43-E09E9351CE16} <C:\Program Files\Common Files\CPUSH\cpush1.dll, N/A>
[FGCatchUrl]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <D:\新建文件夹 (15)\jccatch.dll, www.flashget.com>
[Yahoo!Photo]
  {33BBE430-0E42-4f12-B075-8D21ACB10DCB} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll, Yahoo! China>
[Cbho Object]
  {352E3B3A-CAB5-4DBC-B940-C7F84D0447D8} <C:\PROGRA~1\CNNIC\Cdn\cdndrag.dll, CNNIC>
[Info cache]
  {385AB8C6-FB22-4D17-8834-064E2BA0A6F0} <C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll, N/A>
[AntiFish Class]
  {38928D50-8A48-44C2-945F-D2F23F771410} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll, N/A>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <D:\xian\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[CdnForIE Class]
  {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[DragSearch BHO]
  {62EED7C6-9F02-42f9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, yahoo! china>
[]
  {669751ED-D558-49AE-B01A-3B374CC7910E} <C:\WINDOWS\system32\ssup.dll, TENCENT>
[实用搜索]
  {6CFD436C-7AAD-4e50-992F-C0C87A94CAD2} <C:\Program Files\superutilbar\superutilbar.dll, N/A>
[PopBlocker Class]
  {7648AC4A-76F6-4d95-B2C4-F0DBD88E5DD5} <C:\WINDOWS\system32\svrhost.dll, Microsoft Corporation>
[BandIE Class]
  {77FEF28E-EB96-44FF-B511-3185DEA48697} <C:\PROGRA~1\baidu\bar\baidubar.dll, Baidu.com, Inc.>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_006.dll, Thunder Networking Technologies,LTD>
[Google Toolbar Helper]
  {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar3.dll, Google Inc.>
[Google Toolbar Notifier BHO]
  {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
[CnsHook Class]
  {D157330A-9EF3-49F8-9A67-4141AC41ADD4} <C:\WINDOWS\DOWNLO~1\CnsHook.dll, 北京三七二一科技有限公司>
[Flash Assistant]
  {E29F0B13-0D84-45aa-81EC-CC629BC07566} <C:\WINDOWS\system32\Flasher0.dll, N/A>
[FlashGet GetFlash Class]
  {F156768E-81EF-470C-9057-481BA8380DBA} <D:\新建文件夹 (15)\getflash.dll, www.flashget.com>
[WMHlprObj Class]
  {F5824EFB-728A-4726-A5A5-85A68B20EDC3} <C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll, CNNIC>
[ff Class]
  {FAAAC0F6-94BE-4466-934B-7C53666A2F41} <C:\WINDOWS\system32\f341.dll, TODO: <公司名>>
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, N/A>
[浩方对战平台]
  {0A155D3C-68E2-4215-A47A-E800A446447A} <E:\新建文件夹 (9)\浩方对战平台\GameClient.exe, 上海浩方在线信息技术有限公司>
[解霸]
  {367E0A21-8601-4986-9C9A-153BF5ACA118} <d:\HEROSOFT\Hero3000\MPLAYER.EXE, N/A>
[Yahoo 3.5G电邮]
  {507F9113-CD77-4866-BA92-0E86DA3D0B97} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail, N/A>
[名品折扣]
  {59BC54A2-56B3-44a0-93E5-432D58746E26} <http://adtaobao.allyes.com/main/adfclick?db=adtaobao&bid=138,140,18&cid=816,8,1&sid=5042&show=ignore&url=http://www.taobao.com/vertical/mall/pro.php?allyesPara=816, N/A>
[CdnForIE Class]
  {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[雅虎助手]
  {5D73EE86-05F1-49ed-B850-E423120EC338} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist, N/A>
[雅虎WIDGET]
  {6354ABE6-05F1-49ed-B850-E423120EC338} <http://cn.widget.yahoo.com/index.htm?source=Cns, N/A>
[启动Web迅雷]
  {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} <http://my.xunlei.com, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <D:\xian\QQ\QQ.EXE, TENCENT>
[快车]
  {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <D:\新建文件夹 (15)\FlashGet.exe, FlashGet.com>
[易趣购物]
  {DE607142-AC19-422e-869A-9D70ABDF119A} <http://click2.ad4all.net/url2/urlmanage/url.asp?id=5, N/A>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <D:\xian\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[情景聊天]
  {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg, N/A>
[]
  {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair, N/A>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[]
  {FD00D911-7529-4084-9946-A29F1BDF4FE5} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean, N/A>
[雅虎助手]
  {406F94F0-504F-4a40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, yahoo! china>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[百度超级搜霸]
  {B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\PROGRA~1\baidu\bar\baidubar.dll, Baidu.com, Inc.>
[&Google]
  {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar3.dll, Google Inc.>
[实用搜索工具条2.0]
  {03465FF5-00AE-411a-9C34-960ED566EC03} <C:\Program Files\superutilbar\superutilbar.dll, N/A>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[WebThunder Browser Helper]
  {00000AAA-A363-466E-BEF5-9BB68697AA7F} <C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll, Thunder Networking Technologies,LTD>
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v5.dll, >
[Google Script Object]
  {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar3.dll, Google Inc.>
[实用搜索工具条2.0]
  {03465FF5-00AE-411A-9C34-960ED566EC03} <C:\Program Files\superutilbar\superutilbar.dll, N/A>
[WebThunder Class]
  {03507A1A-E0C5-4404-AA26-205385C0892D} <, N/A>

[Ad Engine]
  {077FD0C3-1291-4104-A356-41E36B252682} <C:\Program Files\Yayad\AdCore.dll, CDM>
[Tencent Browser Helper]
  {0C7C23EF-A848-485B-873C-0ED954731014} <C:\Program Files\TENCENT\SSPlus\SAddr.dll, Tencent>
[CAdLogic Object]
  {11F09AFD-75AD-4E51-AB43-E09E9351CE16} <C:\Program Files\Common Files\CPUSH\cpush1.dll, N/A>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
[&Google]
  {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar3.dll, Google Inc.>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[Vod Class]
  {2EEDA47E-8D5C-4d7e-B4B6-E16E19218555} <C:\Program Files\Thunder Network\WebThunder\DownAndPlay\DapPlayer1.1.0.46.dll, XunLei>
[FGCatchUrl]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <D:\新建文件夹 (15)\jccatch.dll, www.flashget.com>
[Yahoo!Photo]
  {33BBE430-0E42-4F12-B075-8D21ACB10DCB} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll, Yahoo! China>
[Cbho Object]
  {352E3B3A-CAB5-4DBC-B940-C7F84D0447D8} <C:\PROGRA~1\CNNIC\Cdn\cdndrag.dll, CNNIC>
[Info cache]
  {385AB8C6-FB22-4D17-8834-064E2BA0A6F0} <C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll, N/A>
[AntiFish Class]
  {38928D50-8A48-44C2-945F-D2F23F771410} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll, N/A>
[雅虎助手]
  {406F94F0-504F-4A40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, yahoo! china>
[XML Document]
  {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <D:\xian\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Yahoo!Live]
  {57421194-58FB-49AE-9B4F-FD48869B9AD4} <C:\Program Files\Yahoo!\Assistant\yalive.dll, yahoo! china>
[CdnForIE Class]
  {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[DragSearch BHO]
  {62EED7C6-9F02-42F9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, yahoo! china>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[Microsoft 外壳 UI 帮助程序]
  {64AB4BB7-111E-11D1-8F79-00C04FC2FBE1} <%SystemRoot%\system32\shdocvw.dll, N/A>
[]
  {669751ED-D558-49AE-B01A-3B374CC7910E} <C:\WINDOWS\system32\ssup.dll, TENCENT>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[实用搜索]
  {6CFD436C-7AAD-4E50-992F-C0C87A94CAD2} <C:\Program Files\superutilbar\superutilbar.dll, N/A>
[Active Desktop Mover]
  {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[PopBlocker Class]
  {7648AC4A-76F6-4D95-B2C4-F0DBD88E5DD5} <C:\WINDOWS\system32\svrhost.dll, Microsoft Corporation>
[MediaComm Class]
  {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <C:\Program Files\Thunder Network\WebThunder\InMedia\MediaAddin13.dll, Thunder Networking Technologies,LTD>
[BandIE Class]
  {77FEF28E-EB96-44FF-B511-3185DEA48697} <C:\PROGRA~1\baidu\bar\baidubar.dll, Baidu.com, Inc.>
[AutoLive]
  {7CA83CF1-3AEA-42D0-A4E3-1594FC6E48B2} <C:\PROGRA~1\3721\autolive.dll, 国风因特软件（北京）有限公司>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_006.dll, Thunder Networking Technologies,LTD>
[Google Toolbar Helper]
  {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar3.dll, Google Inc.>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[Google Toolbar Notifier BHO]
  {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[百度超级搜霸]
  {B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\PROGRA~1\baidu\bar\baidubar.dll, Baidu.com, Inc.>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__WAV Moniker Class]
  {CD3AFA7B-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[CnsHook Class]
  {D157330A-9EF3-49F8-9A67-4141AC41ADD4} <C:\WINDOWS\DOWNLO~1\CnsHook.dll, 北京三七二一科技有限公司>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[TencentVmpCtl Class]
  {D9819BD5-422B-4281-8523-726466ED692B} <C:\Program Files\Tencent\Viewpoint Media Player\AxMetaStream.dll, Viewpoint Corporation>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[Flash Assistant]
  {E29F0B13-0D84-45AA-81EC-CC629BC07566} <C:\WINDOWS\system32\Flasher0.dll, N/A>
[CPasswordEditCtrl Object]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技（深圳）有限公司>
[FlashGet GetFlash Class]
  {F156768E-81EF-470C-9057-481BA8380DBA} <D:\新建文件夹 (15)\getflash.dll, www.flashget.com>
[WMHlprObj Class]
  {F5824EFB-728A-4726-A5A5-85A68B20EDC3} <C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll, CNNIC>
[ff Class]
  {FAAAC0F6-94BE-4466-934B-7C53666A2F41} <C:\WINDOWS\system32\f341.dll, TODO: <公司名>>
[FGCatchUrl]
  {FB5DA724-162B-11D3-8B9B-AA70B4B0B524} <D:\新建文件夹 (15)\jccatch.dll, www.flashget.com>
[&使用快车(FlashGet)下载]
  <D:\新建文件夹 (15)\jc_link.htm, N/A>
[&使用快车(FlashGet)下载全部链接]
  <D:\新建文件夹 (15)\jc_all.htm, N/A>
[&使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[Open PDF in Word (PDF Converter 2.0)]
  <res://C:\Program Files\ScanSoft\PDF Converter 2.0\IEShellExt.dll /100, N/A>
[上传到QQ网络硬盘]
  <D:\xian\QQ\AddToNetDisk.htm, N/A>
[使用Web迅雷下载]
  <C:\Program Files\Thunder Network\WebThunder\GetUrl.htm, N/A>
[使用Web迅雷下载全部链接]
  <C:\Program Files\Thunder Network\WebThunder\GetAllUrl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
  <D:\xian\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <D:\xian\QQ\AddEmotion.htm, N/A>
[添加到雅虎订阅(&Y)]
  <res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrss.dll/YRSSMENUEXT, N/A>
[用QQ彩信发送该图片]
  <D:\xian\QQ\SendMMS.htm, N/A>
[访问通用网址]
  <C:\Program Files\CNNIC\Cdn\cnnic.htm, N/A>
[雅虎搜索]
  <res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll/203, N/A>

正在运行的进程
[PID: 468][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 536][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 560][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WgaLogon.dll]  [Microsoft Corporation, 1.7.0018.5]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 604][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 616][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 772][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 816][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
[PID: 912][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\qeczj.dll]  [Microsoft Corporation, 5.1.2600.0]
    [c:\windows\system32\struts.dll]  [, 1, 0, 0, 4]
    [C:\WINDOWS\system32\wups2.dll]  [Microsoft Corporation, 7.0.6000.374 (winmain(wmbla).070416-2057)]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
[PID: 1016][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1108][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1392][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
[PID: 1516][C:\Program Files\Rising\Rav\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 4]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[PID: 1860][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\mscat1.dll]  [N/A, ]
    [C:\WINDOWS\system32\MCI321.dll]  [N/A, ]
    [C:\WINDOWS\system32\mmtask1.dll]  [N/A, ]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll]  [Yahoo! China, 3, 1, 7, 1023]
    [C:\WINDOWS\DOWNLO~1\CnsHook.dll]  [北京三七二一科技有限公司, 2.5.1.5]
    [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys]  [N/A, ]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [国风因特软件（北京）有限公司, 2.5.1.0]
    [c:\progra~1\crix\pevk.dll]  [, 5, 0, 0, 4]
    [c:\progra~1\crix\ujap.dll]  [ , 5, 0, 0, 4]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 12]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 5, 0, 0]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 4, 1022]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [TENCENT, 5, 0, 1, 19]
    [c:\windows\system32\qeczj.dll]  [Microsoft Corporation, 5.1.2600.0]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\yalive.dll]  [yahoo! china, 3, 7, 4, 1133]
    [C:\Program Files\Internet Explorer\IEXPLORE32.Sys]  [N/A, ]
    [C:\WINDOWS\downlo~1\Rfwkt.dll]  [Tencent, 5, 0, 1, 17]
    [C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 2, 10]
    [C:\WINDOWS\system32\xunleibho_v5.dll]  [, 4, 3, 3, 30]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll]  [Yahoo! China, 3, 0, 7, 1009]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL]  [yahoo! china, 3, 0, 4, 1006]
    [C:\PROGRA~1\baidu\bar\baidubar.dll]  [Baidu.com, Inc., 2, 0, 2, 144]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_006.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 3]
    [C:\WINDOWS\system32\f341.dll]  [TODO: <公司名>, 1.0.0.1]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
[PID: 1876][c:\program files\rising\rfw\RfwMain.exe]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 72]
    [c:\program files\rising\rfw\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
    [c:\program files\rising\rfw\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [c:\program files\rising\rfw\RfwCtrl.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
    [c:\program files\rising\rfw\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [c:\program files\rising\rfw\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 12]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 5, 0, 0]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [国风因特软件（北京）有限公司, 2.5.1.0]
    [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys]  [N/A, ]
    [c:\progra~1\crix\pevk.dll]  [, 5, 0, 0, 4]
    [c:\progra~1\crix\ujap.dll]  [ , 5, 0, 0, 4]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [TENCENT, 5, 0, 1, 19]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 4, 1022]
    [c:\program files\rising\rfw\PSAPI.DLL]  [Microsoft Corporation, 4.00]
    [C:\Program Files\Internet Explorer\IEXPLORE32.Sys]  [N/A, ]
[PID: 1892][C:\Program Files\CNNIC\Cdn\cdnup.exe]  [CNNIC, 2, 5, 0, 8]
    [C:\Program Files\CNNIC\Cdn\cdnuplib.dll]  [CNNIC, 2, 5, 0, 11]
    [C:\Program Files\CNNIC\Cdn\cdnprh.dll]  [CNNIC, 2, 4, 0, 7]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 5, 0, 0]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 12]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [C:\Program Files\CNNIC\Cdn\cdntdns.dll]  [CNNIC, 2, 2, 0, 3]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [国风因特软件（北京）有限公司, 2.5.1.0]
    [c:\progra~1\crix\pevk.dll]  [, 5, 0, 0, 4]
    [c:\progra~1\crix\ujap.dll]  [ , 5, 0, 0, 4]
    [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys]  [N/A, ]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [TENCENT, 5, 0, 1, 19]
    [C:\Program Files\Internet Explorer\IEXPLORE32.Sys]  [N/A, ]
[PID: 2340][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [国风因特软件（北京）有限公司, 2.5.1.0]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 12]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 5, 0, 0]
    [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys]  [N/A, ]
    [c:\progra~1\crix\pevk.dll]  [, 5, 0, 0, 4]
    [c:\progra~1\crix\ujap.dll]  [ , 5, 0, 0, 4]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [TENCENT, 5, 0, 1, 19]
    [C:\Program Files\Internet Explorer\IEXPLORE32.Sys]  [N/A, ]
[PID: 2612][D:\HEROSOFT\Hero3000\SYSEXPLR.EXE]  [N/A, ]
    [D:\HEROSOFT\Hero3000\AVCDROM.dll]  [N/A, ]
    [D:\HEROSOFT\Hero3000\CoolMenu.dll]  [N/A, ]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [国风因特软件（北京）有限公司, 2.5.1.0]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 12]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 5, 0, 0]
    [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys]  [N/A, ]
    [c:\progra~1\crix\pevk.dll]  [, 5, 0, 0, 4]
    [c:\progra~1\crix\ujap.dll]  [ , 5, 0, 0, 4]
    [D:\HEROSOFT\Hero3000\Sys936.DLL]  [N/A, ]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [TENCENT, 5, 0, 1, 19]
    [C:\Program Files\Internet Explorer\IEXPLORE32.Sys]  [N/A, ]
[PID: 2760][C:\Program Files\Thunder Network\WebThunder\WebThunder.exe]  [深圳市迅雷网络技术有限公司, 1, 9, 1, 146]
    [C:\Program Files\Thunder Network\WebThunder\RegisterDll.dll]  [Thunder Networking Technologies,LTD, 2, 13, 4, 58]
    [C:\Program Files\Thunder Network\WebThunder\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [国风因特软件（北京）有限公司, 2.5.1.0]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 12]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 5, 0, 0]
    [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys]  [N/A, ]
    [c:\progra~1\crix\pevk.dll]  [, 5, 0, 0, 4]
    [c:\progra~1\crix\ujap.dll]  [ , 5, 0, 0, 4]
    [C:\Program Files\Thunder Network\WebThunder\TaskManager.dll]  [Thunder Networking Technologies,LTD, 1, 1, 2, 26]
    [C:\Program Files\Thunder Network\WebThunder\download_interface.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 46]
    [C:\Program Files\Thunder Network\WebThunder\stlport_vc646.dll]  [STLport Consulting, Inc., 4.6.2003.1031]
    [C:\Program Files\Thunder Network\WebThunder\asyn_dns.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 46]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [C:\Program Files\Thunder Network\WebThunder\Inmedia\iEmbedShell.dll]  [　, 1, 0, 0, 19]
    [C:\Program Files\Thunder Network\WebThunder\InMedia\iEmbed10.dll]  [　, 3, 3, 1, 82]
    [C:\Program Files\Thunder Network\WebThunder\DownAndPlay\WebDownAndPlay.dll]  [xl, 1, 0, 0, 18]
    [C:\Program Files\Thunder Network\WebThunder\CacheServer.dll]  [, 1, 0, 0, 1]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 4, 1022]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [TENCENT, 5, 0, 1, 19]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\Internet Explorer\IEXPLORE32.Sys]  [N/A, ]
[PID: 3092][C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe]  [Yahoo! China, 3, 2, 4, 1030]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 4, 1022]

[C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [国风因特软件（北京）有限公司, 2.5.1.0]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 12]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 5, 0, 0]
    [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys]  [N/A, ]
    [c:\progra~1\crix\pevk.dll]  [, 5, 0, 0, 4]
    [c:\progra~1\crix\ujap.dll]  [ , 5, 0, 0, 4]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\yalive.dll]  [yahoo! china, 3, 7, 4, 1133]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [TENCENT, 5, 0, 1, 19]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [C:\Program Files\Internet Explorer\IEXPLORE32.Sys]  [N/A, ]
[PID: 3156][C:\WINDOWS\system32\Rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [TENCENT, 5, 0, 1, 19]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 4, 1022]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [国风因特软件（北京）有限公司, 2.5.1.0]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 12]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 5, 0, 0]
    [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys]  [N/A, ]
    [c:\progra~1\crix\pevk.dll]  [, 5, 0, 0, 4]
    [c:\progra~1\crix\ujap.dll]  [ , 5, 0, 0, 4]
    [C:\Program Files\Internet Explorer\IEXPLORE32.Sys]  [N/A, ]
[PID: 3256][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe]  [Google Inc., 2, 0, 301, 1654]
    [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll]  [Google Inc., 2, 0, 301, 7164]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 4, 1022]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [国风因特软件（北京）有限公司, 2.5.1.0]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 12]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 5, 0, 0]
    [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys]  [N/A, ]
    [c:\progra~1\crix\pevk.dll]  [, 5, 0, 0, 4]
    [c:\progra~1\crix\ujap.dll]  [ , 5, 0, 0, 4]
    [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll]  [Google Inc., 2, 0, 301, 7164]
    [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll]  [Google Inc., 2, 0, 301, 7164]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [TENCENT, 5, 0, 1, 19]
    [C:\Program Files\Internet Explorer\IEXPLORE32.Sys]  [N/A, ]
[PID: 2276][C:\WINDOWS\system32\rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\af1.dll]  [  , 1, 0, 0, 3]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [TENCENT, 5, 0, 1, 19]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 4, 1022]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [国风因特软件（北京）有限公司, 2.5.1.0]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 12]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 5, 0, 0]
    [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys]  [N/A, ]
    [c:\progra~1\crix\pevk.dll]  [, 5, 0, 0, 4]
    [c:\progra~1\crix\ujap.dll]  [ , 5, 0, 0, 4]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [C:\Program Files\Internet Explorer\IEXPLORE32.Sys]  [N/A, ]
[PID: 2600][C:\WINDOWS\system32\rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\af1.dll]  [  , 1, 0, 0, 3]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [TENCENT, 5, 0, 1, 19]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 4, 1022]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [国风因特软件（北京）有限公司, 2.5.1.0]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 12]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 5, 0, 0]
    [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys]  [N/A, ]
    [c:\progra~1\crix\pevk.dll]  [, 5, 0, 0, 4]
    [c:\progra~1\crix\ujap.dll]  [ , 5, 0, 0, 4]
[PID: 1348][D:\xian\QQ\TIMPlatform.exe]  [tencent, 0, 3, 1, 8]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [TENCENT, 5, 0, 1, 19]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 4, 1022]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [国风因特软件（北京）有限公司, 2.5.1.0]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 12]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 5, 0, 0]
    [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys]  [N/A, ]
    [c:\progra~1\crix\pevk.dll]  [, 5, 0, 0, 4]
    [c:\progra~1\crix\ujap.dll]  [ , 5, 0, 0, 4]
    [D:\xian\QQ\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
[PID: 5468][D:\xian\QQ\QQ.EXE]  [TENCENT, 0, 0, 0, 0]
    [D:\xian\QQ\QQBaseClassInDll.dll]  [, 1, 0, 0, 1]
    [D:\xian\QQ\QQHelperDll.dll]  [, 1, 0, 0, 1]
    [D:\xian\QQ\BasicCtrlDll.dll]  [Tencent, 6, 0, 200, 320]
    [D:\xian\QQ\MFC42.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [TENCENT, 5, 0, 1, 19]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 4, 1022]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [国风因特软件（北京）有限公司, 2.5.1.0]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 12]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 5, 0, 0]
    [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys]  [N/A, ]
    [c:\progra~1\crix\pevk.dll]  [, 5, 0, 0, 4]
    [D:\xian\QQ\RICHED32.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [D:\xian\QQ\RICHED20.dll]  [Microsoft Corporation, 5.31.23.1218]
    [D:\xian\QQ\QQAPI.dll]  [, 1, 0, 0, 1]
    [D:\xian\QQ\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
    [D:\xian\QQ\LoginCtrl.dll]  [, 1, 0, 0, 1]
    [D:\xian\QQ\npkcntc.dll]  [INCA Internet Co., Ltd., 2006, 6, 27, 1]
    [D:\xian\QQ\npkpdb.dll]  [INCA Internet Co., Ltd., 2003, 10, 1, 1]
    [D:\xian\QQ\QQRes.dll]  [tencent, 1, 0, 0, 1]
    [D:\xian\QQ\QQMainFrame.dll]  [N/A, ]
    [D:\xian\QQ\CQQApplication.dll]  [N/A, ]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [D:\xian\QQ\NewSkin.dll]  [, 1, 0, 0, 1]
    [D:\xian\QQ\HostingMgr.dll]  [, 1, 0, 0, 1]
    [D:\xian\QQ\CameraDll.dll]  [, 1, 0, 0, 1]
    [D:\xian\QQ\MailSummary.dll]  [, 1, 0, 0, 1]
    [D:\xian\QQ\QQKnowledgeSearch.dll]  [, 1, 0, 0, 1]
    [D:\xian\QQ\QQAllInOne.dll]  [N/A, ]
    [D:\xian\QQ\GroupLive.dll]  [N/A, ]
    [D:\xian\QQ\SCCore.dll]  [TENCENT, 2, 0, 0, 1]
    [D:\xian\QQ\gdiplus.dll]  [Microsoft Corporation, 5.1.3102.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\xian\QQ\QQSpace.dll]  [, 1, 0, 0, 1]
    [D:\xian\QQ\vbscript.dll]  [Microsoft Corporation, 5.6.0.7426]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [D:\xian\QQ\QQGroupMng.dll]  [, 1, 0, 0, 1]
    [D:\xian\QQ\QQSysMsgMng.dll]  [N/A, ]
    [D:\xian\QQ\UserDefinedHead.dll]  [, 1, 0, 0, 1]
    [D:\xian\QQ\QQPlugin.dll]  [N/A, ]
    [D:\xian\QQ\QQAvatar.dll]  [N/A, ]
    [D:\xian\QQ\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [D:\xian\QQ\QQConfigPlugin.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [D:\xian\QQ\QRingMng.dll]  [N/A, ]
    [D:\xian\QQ\LongConnection.dll]  [tencent, 5, 0, 200, 160]
    [D:\xian\QQ\QQFileTransfer.dll]  [Tencent, 0, 3, 3, 5]
    [D:\xian\QQ\PhoneAPI.dll]  [, 1, 0, 0, 1]
    [D:\xian\QQ\DialerAllinOne.dll]  [tencent, 1, 4, 0, 0]
    [D:\xian\QQ\QQPet.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll]  [Yahoo! China, 3, 1, 7, 1023]

[C:\WINDOWS\DOWNLO~1\CnsHook.dll]  [北京三七二一科技有限公司, 2.5.1.5]
    [D:\xian\QQ\BQQApplication.dll]  [N/A, ]
    [D:\xian\QQ\CommercesMng.dll]  [, 1, 0, 0, 1]
    [D:\xian\QQ\PersonalDesktop.dll]  [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
    [D:\xian\QQ\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 271]
    [D:\xian\QQ\QQCustomFace.dll]  [N/A, ]
    [C:\WINDOWS\system32\msadp32.acm]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [D:\xian\QQ\GroupConnection.dll]  [Tencent, 0, 3, 3, 5]
    [D:\xian\QQ\QQSceneMng.dll]  [N/A, ]
    [D:\xian\QQ\QQPhoneHelper.dll]  [腾讯科技（深圳）有限公司, 2, 1, 9, 93]
    [D:\xian\QQ\OEMApplication.dll]  [, 1, 0, 0, 1]
    [D:\xian\QQGAME\GamePublic.dll]  [N/A, ]
    [D:\xian\QQGAME\Common\Utility.dll]  [N/A, ]
    [D:\xian\QQGAME\Factory.dll]  [N/A, ]
    [D:\xian\QQGAME\Logic\UIStyle.dll]  [N/A, ]
    [D:\xian\QQGAME\ProtHand\QQProt.dll]  [N/A, ]
    [D:\xian\QQGAME\Socket\NetMod.dll]  [N/A, ]
    [D:\xian\QQ\QQMsgFriendMng.dll]  [N/A, ]
    [D:\xian\QQ\QQZip.dll]  [tencent, 0, 3, 2, 4]
    [D:\xian\QQ\ImageOle.dll]  [TODO: <Company name>, 1.0.0.1]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
    [C:\WINDOWS\system32\NQWB98.IME]  [念青：http://nq.yeah.net, 2.00.05.08]
    [D:\xian\QQ\QQMagicFace.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Internet Explorer\IEXPLORE32.Sys]  [N/A, ]
[PID: 5976][D:\xian\QQ\QZone\Qzone.exe]  [腾讯公司, 1, 8, 102, 15]
    [D:\xian\QQ\QZone\MFC42.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [TENCENT, 5, 0, 1, 19]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 4, 1022]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [国风因特软件（北京）有限公司, 2.5.1.0]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 12]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 5, 0, 0]
    [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys]  [N/A, ]
    [c:\progra~1\crix\pevk.dll]  [, 5, 0, 0, 4]
    [c:\progra~1\crix\ujap.dll]  [ , 5, 0, 0, 4]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [C:\Program Files\Internet Explorer\IEXPLORE32.Sys]  [N/A, ]
[PID: 120][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [TENCENT, 5, 0, 1, 19]
    [C:\WINDOWS\downlo~1\Rfwkt.dll]  [Tencent, 5, 0, 1, 17]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 4, 1022]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 5, 0, 0]
    [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys]  [N/A, ]
    [c:\progra~1\crix\pevk.dll]  [, 5, 0, 0, 4]
    [c:\progra~1\crix\ujap.dll]  [ , 5, 0, 0, 4]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\yalive.dll]  [yahoo! china, 3, 7, 4, 1133]
    [C:\PROGRA~1\baidu\bar\baidubar.dll]  [Baidu.com, Inc., 2, 0, 2, 144]
    [c:\program files\google\googletoolbar3.dll]  [Google Inc., 4, 0, 1601, 4978]
    [C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 2, 10]
    [C:\WINDOWS\system32\xunleibho_v5.dll]  [, 4, 3, 3, 30]
    [C:\Program Files\Yayad\AdCore.dll]  [CDM, 1.0.0.1]
    [C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL]  [Microsoft Corporation, 11.0.5510]
    [D:\新建文件夹 (15)\jccatch.dll]  [www.flashget.com, 1, 8, 1, 1006]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll]  [Yahoo! China, 3, 0, 7, 1009]
    [C:\PROGRA~1\CNNIC\Cdn\cdndrag.dll]  [CNNIC, 1.0.0.7]
    [D:\xian\QQ\QQIEHelper.dll]  [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL]  [yahoo! china, 3, 0, 4, 1006]
    [C:\WINDOWS\system32\ssup.dll]  [TENCENT, 5, 0, 1, 17]
    [C:\WINDOWS\system32\svrhost.dll]  [Microsoft Corporation, 1, 0, 0, 1]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_006.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 3]
    [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll]  [Google Inc., 2, 0, 301, 7164]
    [D:\新建文件夹 (15)\getflash.dll]  [www.flashget.com, 1, 8, 1, 1002]
    [C:\WINDOWS\system32\f341.dll]  [TODO: <公司名>, 1.0.0.1]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL]  [Microsoft Corporation, 5.10.2925.0]
    [C:\WINDOWS\system32\NQWB98.IME]  [念青：http://nq.yeah.net, 2.00.05.08]
    [C:\Program Files\Internet Explorer\IEXPLORE32.Sys]  [N/A, ]
[PID: 4280][C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE]  [Microsoft Corporation, 11.0.6359]
    [C:\Program Files\Common Files\Microsoft Shared\office11\mso.dll]  [Microsoft Corporation, 11.0.6360]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [TENCENT, 5, 0, 1, 19]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 4, 1022]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [国风因特软件（北京）有限公司, 2.5.1.0]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 12]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 5, 0, 0]
    [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys]  [N/A, ]
    [c:\progra~1\crix\pevk.dll]  [, 5, 0, 0, 4]
    [c:\progra~1\crix\ujap.dll]  [ , 5, 0, 0, 4]
    [C:\Program Files\Common Files\Microsoft Shared\office11\riched20.dll]  [Microsoft Corporation, 5.50.99.2009]
    [C:\WINDOWS\DOWNLO~1\CnsHook.dll]  [北京三七二一科技有限公司, 2.5.1.5]
    [C:\Program Files\Rising\Rav\RsPlugIn.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 14]
    [C:\PROGRA~1\MICROS~2\OFFICE11\ADDINS\SYMINPUT.DLL]  [Microsoft Corporation, 1.02]
    [C:\WINDOWS\system32\MSVBVM60.DLL]  [Microsoft Corporation, 6.00.9690]
    [C:\PROGRA~1\ScanSoft\PDFCON~1.0\PDFCWO~1.DLL]  [ScanSoft, Inc., 2.0.2004.5122]
    [C:\PROGRA~1\ScanSoft\PDFCON~1.0\PdfHand.dll]  [ScanSoft, Inc., 2.0.2004.5122]
    [C:\PROGRA~1\ScanSoft\PDFCON~1.0\RecDiag.dll]  [ScanSoft, Inc., 2.0.2004.5122]
    [C:\PROGRA~1\ScanSoft\PDFCON~1.0\EngShrd.dll]  [ScanSoft, Inc., 2.0.2004.5122]
    [C:\PROGRA~1\ScanSoft\PDFCON~1.0\LecsoMgr.dll]  [ScanSoft, Inc., 2.0.2004.5122]
    [C:\PROGRA~1\ScanSoft\PDFCON~1.0\Formatter.dll]  [ScanSoft, Inc., 2.0.2004.5122]
    [C:\PROGRA~1\ScanSoft\PDFCON~1.0\Rendering.dll]  [ScanSoft, Inc., 2.0.2004.5122]
    [C:\PROGRA~1\ScanSoft\PDFCON~1.0\CRX.dll]  [ScanSoft, Inc., 2.0.2004.5122]
    [C:\PROGRA~1\ScanSoft\PDFCON~1.0\PreRendering.dll]  [ScanSoft, Inc., 2.0.2004.5122]
    [C:\PROGRA~1\ScanSoft\PDFCON~1.0\XOcr.dll]  [ScanSoft, Inc., 2.0.2004.5122]
    [C:\PROGRA~1\ScanSoft\PDFCON~1.0\RNERR.dll]  [ScanSoft, Inc., 2.0.2004.5122]
    [C:\Program Files\Common Files\Microsoft Shared\PROOF\mslid.dll]  [Microsoft Corporation, 1.0.2305]
    [C:\WINDOWS\IME\IMJP8_1\Dicts\IMJPCD.DIC]  [Microsoft Corporation, 8.1.4202.0]
    [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\PS5UI.DLL]  [Microsoft Corporation, 5.2.3790.122 (srv03_qfe.040117-1806)]
    [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\PSCRIPT5.DLL]  [Microsoft Corporation, 5.2.3790.120 (srv03_qfe.031205-1652)]
    [C:\Program Files\Common Files\Microsoft Shared\PROOF\1033\MSGR3EN.DLL]  [Microsoft Corporation, 3.1.2303]
    [C:\PROGRA~1\COMMON~1\MICROS~1\VBA\VBA6\VBE6.DLL]  [Microsoft Corporation, 6.04.9972]
    [C:\PROGRA~1\COMMON~1\MICROS~1\VBA\VBA6\2052\VBE6INTL.DLL]  [Microsoft Corporation, 6.03.9070]
    [C:\Program Files\Microsoft Office\OFFICE11\msostyle.dll]  [Microsoft Corporation, 11.0.5510]
    [C:\WINDOWS\system32\NQWB98.IME]  [念青：http://nq.yeah.net, 2.00.05.08]
    [C:\Program Files\Common Files\Microsoft Shared\PROOF\MSSPELL3.DLL]  [Microsoft Corporation, 1.1.6215]
    [C:\Program Files\Internet Explorer\IEXPLORE32.Sys]  [N/A, ]
[PID: 8004][E:\新建文件夹 (12)\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [TENCENT, 5, 0, 1, 19]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 4, 1022]
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  [国风因特软件（北京）有限公司, 2.5.1.0]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 12]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 5, 0, 0]
    [C:\Program Files\Internet Explorer\PLUGINS\System64.Sys]  [N/A, ]
    [c:\progra~1\crix\pevk.dll]  [, 5, 0, 0, 4]
    [c:\progra~1\crix\ujap.dll]  [ , 5, 0, 0, 4]
    [C:\Program Files\Internet Explorer\IEXPLORE32.Sys]  [N/A, ]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]

文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  Error. [超级解霸3000]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]
Winsock 提供者
N/A

==================================
Autorun.inf
[E:\]
[AutoRun]
open=SysAuto.exe
shellexecute=SysAuto.exe
shell\打开(&O)\command=SysAuto.exe

==================================
HOSTS 文件
127.0.0.1      localhost
127.0.0.1      www.sq1000.net
127.0.0.1      www.175rxjhsf.com
127.0.0.1      www.bs50.cn
127.0.0.1      www.qz50.cn
127.0.0.1      www.bz50.cn
127.0.0.1      www.qa50.cn
127.0.0.1      www.qc50.cn
127.0.0.1      www.ba50.cn
127.0.0.1      www.qc50.cn
127.0.0.1      www.ba50.cn
127.0.0.1      www.bc50.cn
127.0.0.1      www.qb50.cn
127.0.0.1      www.qs50.cn
127.0.0.1      www.4f50.cn
127.0.0.1      www.4f50.com
127.0.0.1      www.za50.cn
127.0.0.1      www.zs50.cn
127.0.0.1      www.zc50.cn
127.0.0.1      www.4f53.cn
127.0.0.1      www.4f55.cn
127.0.0.1      www.sf53.cn
127.0.0.1      www.zt50.cn
127.0.0.1      www.zz50.cn

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]

这是查到的 删除不了，删了还有 还有好多就都不写了

========Content========
1 禁止服務産生
[Fax 2Client / ms_2fax][Running/Auto Start]
<C:\WINDOWS\system32\340e1.exe><N/A>
[Windows hwnc RunThem / hwnc][Running/Auto Start]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\PROGRA~1\crix\mbsh.dll>< >
[ijjafo / ijjafo][Stopped/Auto Start]
<C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\COMMON~1\vjjalo\vjjalo.dll,Service -s><Microsoft Corporation>
[Network Security / AtHome][Running/Auto Start]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\qeczj.dll><Microsoft Corporation>
[FrontLine Drivers Auto Removal (v2) / sfrem02][Stopped/Auto Start]
<C:\WINDOWS\system32\sfrem02.exe svc><Protection Technology (StarForce)>


2 删除
C:\DOCUME~1\LLL~1.LXS\LOCALS~1\Temp\winlog0n.exe
C:\Program Files\Common Files\system\Updaterun.exe
C:\Program Files\Internet Explorer\IEXPLORE32.Sys
rsrc.dll
\SystemRoot\system32\drivers\21121.sys
\SystemRoot\system32\drivers\76541.sys
\??\C:\WINDOWS\system32\drivers\ghfachcg.sys
\SystemRoot\system32\drivers\gyromuc.sys
\C:\Program Files\IGALIVE\IGALIVE.sys
\SystemRoot\\SystemRoot\System32\drivers\kalclcqir.sys
\SystemRoot\system32\drivers\msqmx.sys
\SystemRoot\System32\DRIVERS\odtod.sys
\??\C:\WINDOWS\system32\drivers\oreans32.sys
C:\WINDOWS\system32a2.sys
C:\Program Files\Internet Explorer\PLUGINS\System64.Sys
C:\WINDOWS\system32\mscat1.dll
C:\WINDOWS\system32\MCI321.dll
C:\WINDOWS\system32\mmtask1.dll
c:\windows\system32\qeczj.dll
C:\WINDOWS\system32\f341.dll
c:\progra~1\crix\pevk.dll
c:\progra~1\crix\ujap.dll
C:\Program Files\Internet Explorer\IEXPLORE32.Sys
C:\WINDOWS\system32\af1.dll
C:\WINDOWS\system32\NQWB98.IME
SysAuto.exe
E:\Autorun.inf

3 修复文件关联