从昨天开始我进程里多了这些进程，具体请看图，就是那些.tmp的进程，基本上每30分钟-1个小时，又会生成个新的，在占用我的内存，我已经把正版瑞星升级了，依然杀不掉，请高手们帮忙看看，谢谢。

我是2000系统，这些.tmp文件在c:\winnt\Temp下，每隔30分钟-1个小时自动生成一个，然后自动运行，进程里结束不了，我用正版瑞星查毒的话，查不出来

Logfile of HijackThis v1.99.1
Scan saved at 20:42:23, on 2006-7-21
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\System32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\Program Files\Rising\Rav\Ravmond.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Rising\Rav\RavStub.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINNT\system32\Ati2evxx.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINNT\SOUNDMAN.EXE
C:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Rising\Rav\Ravmon.exe
E:\D-Tools\daemon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINNT\system32\internat.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINNT\system32\conime.exe
c:\program files\rising\rfw\rfwsrv.exe
E:\QQ\QQ.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\TEMP\E3D7.tmp
C:\Program Files\Real\RealPlayer\RealPlay.exe
c:\program files\rising\rfw\RfwMain.exe
C:\WINNT\TEMP\A6A5.tmp
C:\WINNT\explorer.exe
E:\Mabinogi\client.exe
C:\WINNT\TEMP\3F69.tmp
C:\WINNT\TEMP\177.tmp
C:\WINNT\TEMP\555D.tmp
C:\WINNT\TEMP\B490.tmp
C:\WINNT\TEMP\144E.tmp
C:\WINNT\TEMP\F7A3.tmp
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\everwind\桌面\ha_hijackthis_1991(1)\HijackThis.exe

O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - E:\FLASHGET\jccatch.dll
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - e:\QQ\QQIEHelper.dll
O3 - Toolbar: @msdxmLC.dll,-1@2052,电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - E:\FLASHGET\fgiebar.dll
O3 - Toolbar: BitComet工具栏 - {3F1ABCDB-A875-46c1-8345-B72A4567E486} - C:\Program Files\BitComet\BitCometBar\BitCometBar0.6.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [DAEMON Tools-2052] "E:\D-Tools\daemon.exe"  -lang 2052
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [SysTray] c:\Program Files\wsybcq.exe
O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\RunOnce: [Q828026] "C:\WINNT\INF\unregmp2.exe" /UpdateWMP
O4 - HKCU\..\Run: [Internat.exe] internat.exe
O4 - Startup: 腾讯QQ.lnk = E:\QQ\QQ.exe
O8 - Extra context menu item: 上传到QQ网络硬盘 - E:\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 使用网际快车下载 - E:\FLASHGET\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - E:\FLASHGET\jc_all.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - E:\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - E:\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - E:\QQ\SendMMS.htm
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - e:\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - e:\QQ\QQ.EXE
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\FLASHGET\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\FLASHGET\flashget.exe
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - e:\QQ\QQIEHelper.dll
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - e:\QQ\QQIEHelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1153241643906
O16 - DPF: {7623BE59-D4CF-4379-ABC4-B39E11854D66} (MabinogiWebAvatarRenderer Class) - http://avatarluoqi.tiancity.com/Modules/mabiweb.cab
O20 - Winlogon Notify: 1_32bean32_1reg - C:\Documents and Settings\All Users.WINNT\Documents\Settings\1_32bean32_1.dll
O20 - Winlogon Notify: SensSrv - C:\WINNT\SYSTEM32\senssrv.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINNT\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINNT\system32\ati2sgag.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe

不言放弃 大大你看这样行了吗？帮忙看看，谢谢。

楼上的大大，做到运行Hijackthis修复后出问题啦，我打不开system32文件夹了，一打开就蓝屏，内容如下（我用笔抄下来又打上来的，累死。。。）
stop:0x00000044 (0x821d2e68,0x00000d39,0x00000000,0x00000000)
if this is the first time you've seen this stop error screen
restart your computer.if this screen appears again,follow
check to make sure any new hardware or software is properly installed
for any windows 200 updates you might need
if problems continue,disable or remove any newly installed hardware or software,disable BIOS memory options such as caching or shadowing your computer,press F8 to select Advanced Statup options,and the select safe mode
Refer to your getting started manual for more information on troubleshooting stop errors.

蓝屏后任何键无用，包括热启动键，重启后依然存在这问题，而且鼠标指针变成指针旁边带沙漏，沙漏随时在闪动

2006-07-21,22:41:55

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows 2000 Professional Service Pack 4 (Build 2195)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <Internat.exe><internat.exe>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <Synchronization Manager><mobsync.exe /logon>  [Microsoft Corporation]
    <ATIPTA><C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe>  [ATI Technologies, Inc.]
    <SoundMan><SOUNDMAN.EXE>  [Avance Logic, Inc.]
    <Logitech Utility><Logi_MwX.Exe>  [Logitech Inc.]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <DAEMON Tools-2052><"E:\D-Tools\daemon.exe"  -lang 2052>  [DAEMON'S HOME]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINNT\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINNT\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\1_32bean32_1reg]
    <WinlogonNotify: 1_32bean32_1reg><C:\Documents and Settings\All Users.WINNT\Documents\Settings\1_32bean32_1.dll>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    <WinlogonNotify: AtiExtEvent><Ati2evxx.dll>  [ATI Technologies Inc.]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><(无)>  []

==================================
启动文件夹
[腾讯QQ]
  <C:\Documents and Settings\everwind\「开始」菜单\程序\启动\腾讯QQ.lnk><N>

==================================
服务
[Ati HotKey Poller / Ati HotKey Poller]
  <C:\WINNT\System32\Ati2evxx.exe><ATI Technologies Inc.>
[ATI Smart / ATI Smart]
  <C:\WINNT\system32\ati2sgag.exe><>
[Logical Disk Manager Administrative Service / dmadmin]
  <C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[Rising Proxy  Service / RfwProxySrv]
  <c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
  <c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>

==================================
浏览器加载项
[IeCatch5 Class]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <E:\FLASHGET\jccatch.dll, FlashGet>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <e:\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <e:\QQ\QQ.EXE, TENCENT>
[FlashGet]
  {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <E:\FLASHGET\flashget.exe, FlashGet.com>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <e:\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[@msdxmLC.dll,-1@2052,电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINNT\System32\msdxm.ocx, Microsoft Corporation>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <E:\FLASHGET\fgiebar.dll, Amaze Soft>
[BitComet工具栏]
  {3F1ABCDB-A875-46c1-8345-B72A4567E486} <C:\Program Files\BitComet\BitCometBar\BitCometBar0.6.dll, N/A>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINNT\System32\wuweb.dll, Microsoft Corporation>
[MabinogiWebAvatarRenderer Class]
  {7623BE59-D4CF-4379-ABC4-B39E11854D66} <C:\WINNT\Downloaded Program Files\mabiwebframe.dll, devcat>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINNT\System32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[上传到QQ网络硬盘]
  <E:\QQ\AddToNetDisk.htm, N/A>
[使用网际快车下载]
  <E:\FLASHGET\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <E:\FLASHGET\jc_all.htm, N/A>
[添加到QQ自定义面板]
  <E:\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <E:\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <E:\QQ\SendMMS.htm, N/A>

==================================

正在运行的进程
[PID: 160][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.00.2195.6601>
[PID: 184][\??\C:\WINNT\system32\csrss.exe]  <Microsoft Corporation><5.00.2195.6601>
[PID: 180][\??\C:\WINNT\system32\winlogon.exe]  <Microsoft Corporation><5.00.2195.6997>
    [C:\Documents and Settings\All Users.WINNT\Documents\Settings\1_32bean32_1.dll]  <N/A><N/A>
    [C:\WINNT\system32\Ati2evxx.dll]  <ATI Technologies Inc.><6.14.10.4113>
[PID: 232][C:\WINNT\system32\services.exe]  <Microsoft Corporation><5.00.2195.7035>
    [C:\WINNT\system32\dmserver.dll]  <VERITAS Software Corp.><2195.6605.297.3>
[PID: 244][C:\WINNT\system32\lsass.exe]  <Microsoft Corporation><5.00.2195.7011>
[PID: 352][C:\WINNT\System32\Ati2evxx.exe]  <ATI Technologies Inc.><6.14.10.4113>
    [C:\WINNT\System32\Ati2edxx.dll]  <ATI Technologies, Inc.><6, 14, 10, 2496>
[PID: 416][c:\program files\rising\rfw\rfwsrv.exe]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 32>
    [c:\program files\rising\rfw\RfwRule.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 13>
    [c:\program files\rising\rfw\rfwlog.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 6>
    [c:\program files\rising\rfw\Rfwdrv.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 21>
    [c:\program files\rising\rfw\MonDrv.dll]  <rs><1, 0, 0, 4>
    [c:\program files\rising\rfw\ProcLib.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 9>
[PID: 436][C:\WINNT\system32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 464][C:\Program Files\Rising\Rav\CCenter.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
[PID: 488][C:\Program Files\Rising\Rav\Ravmond.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 1, 29>
    [C:\Program Files\Rising\Rav\BWList.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
    [C:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [C:\Program Files\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\Program Files\Rising\Rav\RsLog.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 20>
    [C:\Program Files\Rising\Rav\HOOKSYS.dll]  <Rising><18, 1, 0, 9>
    [C:\Program Files\Rising\Rav\Scanner.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 30>
    [C:\Program Files\Rising\Rav\libload.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [C:\Program Files\Rising\Rav\VirusLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [C:\Program Files\Rising\Rav\regmon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
    [C:\Program Files\Rising\Rav\HookWeb.dll]  <rising><18, 0, 0, 2>
    [C:\Program Files\Rising\Rav\MemMon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 9>
    [C:\Program Files\Rising\Rav\expscan.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\Program Files\Rising\Rav\mPorts.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 3>
    [C:\Program Files\Rising\Rav\MailMon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [C:\Program Files\Rising\Rav\SpamEng.dll]  <N/A><18, 0, 0, 6>
    [C:\Program Files\Rising\Rav\engine.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 30>
    [C:\Program Files\Rising\Rav\PostTrt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 9>
    [C:\Program Files\Rising\Rav\UnExe.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [C:\Program Files\Rising\Rav\ScanExec.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [C:\Program Files\Rising\Rav\ScanEx.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 12>
[PID: 580][C:\WINNT\system32\spoolsv.exe]  <Microsoft Corporation><5.00.2195.7059>
[PID: 624][C:\WINNT\System32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 684][C:\WINNT\system32\MSTask.exe]  <Microsoft Corporation><4.71.2195.6972>
[PID: 720][C:\WINNT\System32\WBEM\WinMgmt.exe]  <Microsoft Corporation><1.50.1085.0100>
[PID: 732][C:\WINNT\system32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 836][C:\Program Files\Rising\Rav\RavStub.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 16>
    [C:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[PID: 1112][C:\WINNT\system32\Ati2evxx.exe]  <ATI Technologies Inc.><6.14.10.4113>
    [C:\WINNT\system32\Ati2edxx.dll]  <ATI Technologies, Inc.><6, 14, 10, 2496>
    [C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll]  <Logitech Inc.><1.1.0>
[PID: 1128][C:\WINNT\Explorer.EXE]  <Microsoft Corporation><5.00.3700.6690>
    [C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll]  <Logitech Inc.><1.1.0>
    [C:\Program Files\Logitech\MouseWare\System\LgWndHk.dll]  <Logitech Inc.><9.80.019>
    [C:\WINNT\system32\RavExt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
    [E:\FLASHGET\jccatch.dll]  <FlashGet><1, 1, 5, 0>

[PID: 1184][c:\program files\rising\rfw\RfwMain.exe]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 51>
    [c:\program files\rising\rfw\RsGuiLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 23>
    [c:\program files\rising\rfw\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [c:\program files\rising\rfw\PngDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll]  <Logitech Inc.><1.1.0>
    [C:\Program Files\Logitech\MouseWare\System\LgWndHk.dll]  <Logitech Inc.><9.80.019>
[PID: 1272][C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe]  <ATI Technologies, Inc.><6.14.10.5142>
    [C:\Program Files\ATI Technologies\ATI Control Panel\atipdsxx.dll]  <ATI Technologies, Inc.><6.14.10.5142>
    [C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATRPUIXX.CHS]  <ATI Technologies, Inc.><6.14.10.5142>
    [C:\Program Files\ATI Technologies\ATI Control Panel\atipdxxx.dll]  <ATI Technologies, Inc.><6.14.10.5142>
    [C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll]  <Logitech Inc.><1.1.0>
[PID: 1292][C:\WINNT\SOUNDMAN.EXE]  <Avance Logic, Inc.><5.0>
    [C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll]  <Logitech Inc.><1.1.0>
[PID: 1312][C:\Program Files\Rising\Rav\RavTask.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 22>
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [C:\Program Files\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [C:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll]  <Logitech Inc.><1.1.0>
[PID: 1364][E:\D-Tools\daemon.exe]  <DAEMON'S HOME><3.47.0.0>
    [C:\WINNT\daemon.dll]  <N/A><3.47.0.0>
    [E:\D-Tools\PFCTOC.DLL]  <Padus(R), Inc.><1, 0, 0, 12>
    [E:\D-Tools\Plugins\Images\ccdmount.dll]  <GENERIC><1.02.0.0>
    [E:\D-Tools\Plugins\Images\mdsmount.dll]  <GENERIC><1.01.0.0>
    [E:\D-Tools\Plugins\Images\pdimount.dll]  <GENERIC><1.01.0.0>
    [E:\D-Tools\Plugins\Images\nrgmount.dll]  <GENERIC><1.02.0.0>
    [E:\D-Tools\Plugins\Images\bw5mount.dll]  <N/A><1.0.2.0>
    [C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll]  <Logitech Inc.><1.1.0>
[PID: 1376][C:\Program Files\Rising\Rav\Ravmon.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 1, 30>
    [C:\Program Files\Rising\Rav\RsGuiLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 24>
    [C:\Program Files\Rising\Rav\BWList.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [C:\Program Files\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [C:\Program Files\Rising\Rav\PngDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll]  <Logitech Inc.><1.1.0>
    [C:\Program Files\Logitech\MouseWare\System\LgWndHk.dll]  <Logitech Inc.><9.80.019>
[PID: 1256][C:\Program Files\Logitech\MouseWare\system\em_exec.exe]  <Logitech Inc.><9.80.019>
    [C:\Program Files\Logitech\MouseWare\system\EVENTEX.dll]  <Logitech Inc.><9.80.019>
    [C:\WINNT\system32\COMNCTR.dll]  <Logitech Inc.><9.80.019>
    [C:\Program Files\Logitech\MouseWare\system\ccresrce.dll]  <Logitech Inc.><9.80.019>
    [C:\Program Files\Logitech\MouseWare\system\GlbResLt.dll]  <Logitech Inc.><9.80.019>
    [C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll]  <Logitech Inc.><1.1.0>
    [C:\Program Files\Logitech\MouseWare\System\devices.dll]  <Logitech Inc.><9.80.019>
    [C:\Program Files\Logitech\MouseWare\system\ccstmglb.dll]  <Logitech Inc.><9.80.019>
    [C:\Program Files\Logitech\MouseWare\system\ccustom.dll]  <Logitech Inc.><9.80.019>
    [C:\Program Files\Logitech\MouseWare\system\ccmsghk.dll]  <Logitech Inc.><9.80.019>
    [C:\Program Files\Logitech\MouseWare\System\LgWndHk.dll]  <Logitech Inc.><9.80.019>
[PID: 1276][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  <RealNetworks, Inc.><0.1.0.3510>
    [C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll]  <Logitech Inc.><1.1.0>
[PID: 1380][C:\WINNT\system32\internat.exe]  <Microsoft Corporation><5.00.2920.0000>
    [C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll]  <Logitech Inc.><1.1.0>
    [C:\Program Files\Logitech\MouseWare\System\LgWndHk.dll]  <Logitech Inc.><9.80.019>
[PID: 1392][E:\QQ\QQ.exe]  <TENCENT><14, 45, 0, 110>
    [E:\QQ\QQBaseClassInDll.dll]  <><1, 0, 0, 1>
    [E:\QQ\QQHelperDll.dll]  <><1, 0, 0, 1>
    [E:\QQ\BasicCtrlDll.dll]  <Tencent><0, 3, 3, 6>
    [C:\Program Files\Logitech\MouseWare\System\LgWndHk.dll]  <Logitech Inc.><9.80.019>
    [E:\QQ\QQAPI.dll]  <><1, 0, 0, 1>
    [E:\QQ\LoginCtrl.dll]  <><1, 0, 0, 1>
    [E:\QQ\npkcntc.dll]  <INCA Internet Co., Ltd.><2005, 9, 1, 1>
    [E:\QQ\npkpdb.dll]  <INCA Internet Co., Ltd.><2003, 10, 1, 1>
    [C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll]  <Logitech Inc.><1.1.0>
    [E:\QQ\QQRes.dll]  <tencent><1, 0, 0, 1>
    [E:\QQ\QQMainFrame.dll]  <N/A><N/A>
    [E:\QQ\CQQApplication.dll]  <N/A><N/A>
    [E:\QQ\NewSkin.dll]  <><1, 0, 0, 1>
    [E:\QQ\HostingMgr.dll]  <><1, 0, 0, 1>
    [E:\QQ\MailSummary.dll]  <><1, 0, 0, 1>
    [E:\QQ\QQSpace.dll]  <><1, 0, 0, 1>
    [C:\WINNT\system32\msdmo.dll]  <N/A><N/A>
    [E:\QQ\QQSysMsgMng.dll]  <N/A><N/A>
    [E:\QQ\QQConfigPlugin.dll]  <><1, 0, 0, 1>
    [E:\QQ\UserDefinedHead.dll]  <><1, 0, 0, 1>
    [E:\QQ\QRingMng.dll]  <N/A><N/A>
    [E:\QQ\PhoneAPI.dll]  <><1, 0, 0, 1>
    [E:\QQ\DialerAllinOne.dll]  <tencent><1, 4, 0, 0>
    [E:\QQ\LongConnection.dll]  <tencent><0, 3, 3, 8>
    [E:\QQ\QQAvatar.dll]  <N/A><N/A>
    [E:\QQ\FlashAvatarDll.dll]  <><1, 4, 0, 1>
    [E:\QQ\QQPet.dll]  <><1, 0, 0, 1>
    [E:\QQ\BQQApplication.dll]  <N/A><N/A>
    [E:\QQ\QQPlugin.dll]  <N/A><N/A>
    [E:\QQ\PersonalDesktop.dll]  <深圳市腾讯计算机系统公司QQ工作小组><1, 0, 0, 2>
    [C:\WINNT\system32\RavExt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
    [E:\QQ\CommercesMng.dll]  <><1, 0, 0, 1>
    [E:\QQ\QQUdpGetFileLib.dll]  <tencent><0, 2, 2, 3>
    [E:\QQ\QQAddr.dll]  <深圳市腾讯计算机系统有限公司><4, 0, 200, 32>
    [E:\QQ\QQSceneMng.dll]  <N/A><N/A>
    [E:\QQ\QQPhoneHelper.dll]  <腾讯科技（深圳）有限公司><2, 0, 4, 40>
[PID: 928][C:\Program Files\Internet Explorer\iexplore.exe]  <Microsoft Corporation><6.00.2800.1106>
    [C:\Program Files\Logitech\MouseWare\System\LgWndHk.dll]  <Logitech Inc.><9.80.019>
    [E:\FLASHGET\jccatch.dll]  <FlashGet><1, 1, 5, 0>
    [e:\QQ\QQIEHelper.dll]  <深圳市腾讯计算机系统有限公司><1, 1, 0, 5>
    [C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll]  <Logitech Inc.><1.1.0>
    [C:\WINNT\System32\Macromed\Flash\Flash9.ocx]  <Adobe Systems, Inc.><9,0,16,0>
[PID: 320][C:\Documents and Settings\everwind\桌面\sreng2\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>
    [C:\Program Files\Logitech\MouseWare\System\LgWndHk.dll]  <Logitech Inc.><9.80.019>
    [C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll]  <Logitech Inc.><1.1.0>

==================================

文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINNT\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================