我的E盘有autosys.exe程序，删除后无法打开E盘，
并且有时突然“我的文档”突然打开，伴随瑞星监控全部关闭
其表现为玩网络游戏卡，开机稍慢，其他正常。请高手帮帮忙给我想个法

[CODE]

2007-06-23,13:01:01

System Repair Engineer 2.4.12.806
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 1 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe>  [(Verified)Microsoft Windows XP Publisher]
    <MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" /background>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows XP Publisher]
    <PHIME2002ASync><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows XP Publisher]
    <PHIME2002A><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows XP Publisher]
    <IgfxTray><C:\WINDOWS\System32\igfxtray.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <HotKeysCmds><C:\WINDOWS\System32\hkcmd.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <Persistence><C:\WINDOWS\System32\igfxpers.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <SoundMan><SOUNDMAN.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <marsrmt><C:\Program Files\联想（Lenovo）\联想天骄遥控器（Mars）\marsrmt.exe>  []
    <SKDaemon><c:\Program Files\联想\联想标准键盘\skdaemon.exe>  []
    <Mydevice><"C:\Program Files\Common Files\Lenovo\digitalsuit\commondll\MyDevice.exe">  []
    <FileWatch><C:\Program Files\lenovo\幸福相册\AlbumFileWatch.exe>  []
    <MusicMonitor.exe><C:\Program Files\lenovo\幸福音乐\MusicMonitor.exe>  []
    <PPCListerner.exe><C:\Program Files\lenovo\幸福音乐\PPCListener.exe>  []
    <NeroFilterCheck><C:\WINDOWS\system32\NeroCheck.exe>  [Ahead Software Gmbh]
    <lenovo_daemon_update><C:\Program Files\联想宽带通\daemonUpdate.exe>  []
    <Thunder><"C:\Program Files\Thunder Network\Thunder\ThunderShell.exe" /s>  []
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <yok.exe><C:\Program Files\yok\yok.exe>  [YOK.Com]
    <upxdnd><C:\WINDOWS\upxdnd.exe>  []
    <Microsoft Autorun1><C:\WINDOWS\System32\nwizdh.exe>  []
    <TIMHost><C:\WINDOWS\TIMHost.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <RavStub><"C:\PROGRAM FILES\RISING\RAV\ravstub.exe" /RUNONCE>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <twin><C:\WINDOWS\System32\ctfnom.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows XP Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows XP Publisher]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
    <{D157330A-9EF3-49F8-9A67-4141AC41ADD4}><C:\WINDOWS\downlo~1\CnsHook.dll>  [北京三七二一科技有限公司]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    <WinlogonNotify: igfxcui><igfxdev.dll>  [(Verified)Microsoft Windows XP Publisher]

[CODE]

2007-06-23,13:01:01

System Repair Engineer 2.4.12.806
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 1 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe>  [(Verified)Microsoft Windows XP Publisher]
    <MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" /background>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows XP Publisher]
    <PHIME2002ASync><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows XP Publisher]
    <PHIME2002A><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows XP Publisher]
    <IgfxTray><C:\WINDOWS\System32\igfxtray.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <HotKeysCmds><C:\WINDOWS\System32\hkcmd.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <Persistence><C:\WINDOWS\System32\igfxpers.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <SoundMan><SOUNDMAN.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <marsrmt><C:\Program Files\联想（Lenovo）\联想天骄遥控器（Mars）\marsrmt.exe>  []
    <SKDaemon><c:\Program Files\联想\联想标准键盘\skdaemon.exe>  []
    <Mydevice><"C:\Program Files\Common Files\Lenovo\digitalsuit\commondll\MyDevice.exe">  []
    <FileWatch><C:\Program Files\lenovo\幸福相册\AlbumFileWatch.exe>  []
    <MusicMonitor.exe><C:\Program Files\lenovo\幸福音乐\MusicMonitor.exe>  []
    <PPCListerner.exe><C:\Program Files\lenovo\幸福音乐\PPCListener.exe>  []
    <NeroFilterCheck><C:\WINDOWS\system32\NeroCheck.exe>  [Ahead Software Gmbh]
    <lenovo_daemon_update><C:\Program Files\联想宽带通\daemonUpdate.exe>  []
    <Thunder><"C:\Program Files\Thunder Network\Thunder\ThunderShell.exe" /s>  []
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <yok.exe><C:\Program Files\yok\yok.exe>  [YOK.Com]
    <upxdnd><C:\WINDOWS\upxdnd.exe>  []
    <Microsoft Autorun1><C:\WINDOWS\System32\nwizdh.exe>  []
    <TIMHost><C:\WINDOWS\TIMHost.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <RavStub><"C:\PROGRAM FILES\RISING\RAV\ravstub.exe" /RUNONCE>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <twin><C:\WINDOWS\System32\ctfnom.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows XP Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows XP Publisher]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
    <{D157330A-9EF3-49F8-9A67-4141AC41ADD4}><C:\WINDOWS\downlo~1\CnsHook.dll>  [北京三七二一科技有限公司]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    <WinlogonNotify: igfxcui><igfxdev.dll>  [(Verified)Microsoft Windows XP Publisher]

启动文件夹
[Microsoft Office]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Microsoft Office.lnk --> C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [Microsoft Corporation]><N>

==================================
服务
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Lenovo TV Recoding / Lenovo TV Recoding][Running/Auto Start]
  <C:\Program Files\Lenovo\数码家电\lxRecSvr.exe><N/A>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
  <"C:\PROGRAM FILES\RISING\RAV\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[SCCMonitor / SCCMonitor][Running/Auto Start]
  <"C:\Program Files\Lenovo\联想智能控制中心\SCC\SCCMonitor.exe"><>
[Portable Media Serial Number Service / WmdmPmSN][Stopped/Manual Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\System32\mspmsnsv.dll><Microsoft Corporation>
[Windows DHCP Service / WinDHCPsvc][Stopped/Auto Start]
  <C:\WINDOWS\System32\rundll32.exe windhcp.ocx,input><Microsoft Corporation>
[Win32 Debug Service / MSDebugsvc][Stopped/Auto Start]
  <C:\WINDOWS\System32\rundll32.exe msdebug.dll,input><Microsoft Corporation>
[Win32 Display Driver / Win32DDS][Stopped/Auto Start]
  <C:\WINDOWS\System32\rundll32.exe windds32.dll,input><Microsoft Corporation>
[Wireless Service / WZCSRVC][Stopped/Auto Start]
  <C:\WINDOWS\System32\rundll32.exe netsrvcs.dll,input><Microsoft Corporation>
[WMI Performance API / WMIApiSrv][Stopped/Auto Start]
  <C:\WINDOWS\System32\rundll32.exe WMIApiSrv.dll,input><Microsoft Corporation>

==================================
驱动程序
[Service for WDM 3D Audio Driver / ALCXSENS][Running/Manual Start]
  <system32\drivers\ALCXSENS.SYS><Sensaura>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[BaseTDI / BaseTDI][Running/Auto Start]
  <\??\C:\WINDOWS\System32\drivers\basetdi.sys><Beijing Rising Technology Co., Ltd.>
[CnsMinKP / CnsMinKP][Running/Boot Start]
  <\SystemRoot\System32\drivers\CnsMinKP.sys><Copyright (C) 3721 Corporation.>
[Conexant 23880 Video Capture / CX23880][Running/Auto Start]
  <system32\drivers\cx88vid.sys><Conexant Systems, Inc.>
[Conexant 2388x Crossbar / CX88XBAR][Running/Auto Start]
  <system32\drivers\CX88XBAR.sys><Conexant Systems, Inc.>
[Conexant 2388x Tuner / CXTUNE][Running/Auto Start]
  <system32\drivers\CX88TUNE.sys><Conexant Systems, Inc.>
[ExpScaner / ExpScaner][Running/Auto Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\ExpScan.sys><>
[HookCont / HookCont][Running/Auto Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\HookSys.sys><Rising>
[ialm / ialm][Running/Manual Start]
  <System32\DRIVERS\ialmnt5.sys><Intel Corporation>
[kjmcrb / kjmcrb][Running/Boot Start]
  <\SystemRoot\\SystemRoot\System32\drivers\kjmcrb.sys><N/A>
[MEMSCAN / MEMSCAN][Running/Auto Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\MEMSCAN.sys><瑞星软件有限公司>
[Netgroup Packet Filter / NPF][Running/Manual Start]
  <system32\drivers\npf.sys><CACE Technologies>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
  <\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[QKeyServiceDisplay / QKeyService][Running/Boot Start]
  <\SystemRoot\System32\KeyCrypt.sys><Tencent Technology (Shenzhen) Company Limited>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\System32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\RSPPSYS.sys><Rising>
[Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver / RTL8023][Running/Manual Start]
  <System32\DRIVERS\Rtlnic51.sys><Realtek Semiconductor Corporation>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start]
  <System32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <System32\DRIVERS\secdrv.sys><N/A>
[PS/2 Keyboard Filter Driver for WinXp / Skkbdf][Running/Manual Start]
  <System32\DRIVERS\Skkbdf.sys><Silitek Corp.>
[TesSafe / TesSafe][Stopped/Manual Start]
  <\??\C:\WINDOWS\System32\TesSafe.sys><N/A>
[TYKeeper / TYKeeper][Running/Boot Start]
  <\SystemRoot\System32\drivers\TYKeeper.sys><YOK.Com>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  <System32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[R2A / R2A][Stopped/Disabled]
  <\??\C:\WINDOWS\System32a2.sys><N/A>
[PNDIO / PNDIO][Running/Manual Start]
  <\??\C:\Program Files\lenovo\联想智能控制中心\SCC\pndio.sys><N/A>

浏览器加载项
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\System32\xunleibho_v8.dll, >
[DragSearch BHO]
  {62EED7C6-9F02-42f9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, N/A>
[]
  {75FE2B5A-D3A4-4EFA-AC11-ADC9C9459688} <C:\PROGRA~1\yok\toolbar.dll, YOK.Com>
[CnsHook Class]
  {D157330A-9EF3-49F8-9A67-4141AC41ADD4} <C:\WINDOWS\downlo~1\CnsHook.dll, 北京三七二一科技有限公司>
[Yahoo 3.5G电邮]
  {507F9113-CD77-4866-BA92-0E86DA3D0B97} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail, N/A>
[名品折扣]
  {59BC54A2-56B3-44a0-93E5-432D58746E26} <http://adtaobao.allyes.com/main/adfclick?db=adtaobao&bid=138,140,18&cid=816,8,1&sid=5042&show=ignore&url=http://www.taobao.com/vertical/mall/pro.php?allyesPara=816, N/A>
[雅虎助手]
  {5D73EE86-05F1-49ed-B850-E423120EC338} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist, N/A>
[雅虎WIDGET]
  {6354ABE6-05F1-49ed-B850-E423120EC338} <http://cn.widget.yahoo.com/index.htm?source=Cns, N/A>
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[情景聊天]
  {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg, N/A>
[]
  {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair, N/A>
[]
  {FD00D911-7529-4084-9946-A29F1BDF4FE5} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean, N/A>
[电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash8.ocx, Macromedia, Inc.>
[YOKHttpFilter Class]
  {686D3343-D00D-49A1-96DF-66F3AF62F348} <C:\Program Files\yok\adblock.dll, YOK.Com>
[YOKAdBlock Class]
  {718F4AD3-70D4-425E-9159-5598DFC732ED} <C:\Program Files\yok\adblock.dll, YOK.Com>
[]
  {75FE2B5A-D3A4-4EFA-AC11-ADC9C9459688} <C:\PROGRA~1\yok\toolbar.dll, YOK.Com>
[AutoLive]
  {7CA83CF1-3AEA-42D0-A4E3-1594FC6E48B2} <C:\PROGRA~1\3721\autolive.dll, 北京三七二一科技有限公司>
[YOKAutoLive]
  {7D0E8987-BA21-483a-B1AC-149DA2F39A5A} <C:\Program Files\yok\autolive.dll, YOK.Com>
[ContextSearch Class]
  {88351CEF-BAC0-4A9B-8380-31A173E2926F} <C:\PROGRA~1\yok\toolbar.dll, YOK.Com>
[相关搜索]
  {A29F7F71-DCDB-412D-B19A-2002DC966E33} <C:\PROGRA~1\yok\relband.dll, YOK.Com>
[3721]
  {B83FC273-3522-4CC6-92EC-75CC86678DA4} <C:\WINDOWS\downlo~1\CnsMin.dll, 北京三七二一科技有限公司>
[]
  {F869BB38-FFEF-4589-B986-610B7AD0ADA2} <C:\PROGRA~1\yok\toolbar.dll, YOK.Com>
[&使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\geturl.htm, N/A>
[&使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\getAllurl.htm, N/A>
[上传到QQ网络硬盘]
  <C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[添加到QQ自定义面板]
  <C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[珊瑚虫超级搜索]
  <C:\PROGRA~1\yok\yoksch.htm, N/A>
[用QQ彩信发送该图片]
  <C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>

正在运行的进程
[PID: 476][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 560][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 584][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\System32\wdmaud.drv]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
    [C:\WINDOWS\System32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1232][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [C:\WINDOWS\downlo~1\CnsHook.dll]  [北京三七二一科技有限公司, 2.5.1.5]
    [C:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 6]
    [C:\WINDOWS\System32\wdmaud.drv]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
    [C:\WINDOWS\System32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\yok\yok.dll]  [YOK.Com, 3, 0, 0, 1005]
    [C:\Program Files\yok\adblock.dll]  [YOK.Com, 3, 0, 0, 1003]
    [C:\Program Files\yok\protect.dll]  [YOK.Com, 3, 0, 0, 1002]
    [C:\Program Files\yok\relband.dll]  [YOK.Com, 3, 1, 0, 1004]
    [C:\Program Files\yok\toolbar.dll]  [YOK.Com, 3, 1, 0, 1006]
    [C:\Program Files\yok\autolive.dll]  [YOK.Com, 3, 0, 0, 1002]
    [C:\WINDOWS\RichDll.dll]  [N/A, ]
    [C:\WINDOWS\System32\upxdnd.dll]  [N/A, ]
    [C:\WINDOWS\System32\nwiztlbb.dll]  [N/A, ]
    [C:\WINDOWS\System32\dh2104.dll]  [N/A, ]
    [C:\WINDOWS\System32\TIMHost.dll]  [N/A, ]
[PID: 456][C:\Program Files\lenovo\联想智能控制中心\SCC\LenovoSmartControlCenter.exe]  [N/A, ]
    [C:\Program Files\lenovo\联想智能控制中心\SCC\LxSimpleOsd.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\lenovo\联想智能控制中心\SCC\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\lenovo\联想智能控制中心\SCC\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\lenovo\联想智能控制中心\SCC\QuakeII.dll]  [http://www.lenovo.com, 2.0]
    [C:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 6]
    [C:\Program Files\lenovo\联想智能控制中心\SCC\Remled.dll]  [N/A, ]
[PID: 160][C:\WINDOWS\System32\hkcmd.exe]  [Intel Corporation, 3.0.0.4308]
    [C:\WINDOWS\System32\hccutils.DLL]  [Intel Corporation, 3.0.0.4308]
    [C:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 6]
    [C:\WINDOWS\System32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.4308]
[PID: 276][C:\WINDOWS\System32\igfxpers.exe]  [Intel Corporation, 3.0.0.4308]
    [C:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 6]
    [C:\WINDOWS\System32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.4308]
[PID: 352][C:\WINDOWS\SOUNDMAN.EXE]  [Realtek Semiconductor Corp., 5.1.0.27]
    [C:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 6]
[PID: 408][C:\Program Files\联想（Lenovo）\联想天骄遥控器（Mars）\marsrmt.exe]  [N/A, ]
    [C:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 6]
[PID: 556][C:\Program Files\联想\联想标准键盘\skdaemon.exe]  [, 1, 0, 0, 1]
    [C:\Program Files\联想\联想标准键盘\MacFun.dll]  [Silitek, 1, 0, 0, 0]
    [C:\Program Files\联想\联想标准键盘\OpenDriver.dll]  [Silitek, 1, 0, 0, 0]
    [C:\Program Files\联想\联想标准键盘\OSD.dll]  [silitek, 1, 0, 0, 1]
    [C:\Program Files\联想\联想标准键盘\lxkeyled.dll]  [Silitek, 1, 0, 0, 1]
    [C:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 6]
    [C:\WINDOWS\System32\wdmaud.drv]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
    [C:\WINDOWS\System32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 548][C:\Program Files\Common Files\Lenovo\digitalsuit\commondll\MyDevice.exe]  [, 1, 0, 0, 1]
    [C:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 6]
[PID: 976][C:\Program Files\lenovo\幸福相册\AlbumFileWatch.exe]  [N/A, ]
    [C:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 6]
    [C:\Program Files\lenovo\幸福相册\DirectoryWatch.dll]  [, 1, 0, 0, 1]
[PID: 988][C:\Program Files\lenovo\幸福音乐\MusicMonitor.exe]  [N/A, ]
    [C:\Program Files\lenovo\幸福音乐\SpecialMgr.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 6]
[PID: 1468][C:\Program Files\联想宽带通\daemonUpdate.exe]  [N/A, ]
    [C:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 6]
[PID: 1452][C:\Program Files\Rising\Rav\RavTask.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
    [C:\WINDOWS\System32\msdebug.dll]  [N/A, ]
    [C:\WINDOWS\System32\RemoteDbg.dll]  [N/A, ]
    [C:\WINDOWS\System32\WMIApiSrv.dll]  [N/A, ]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 6]
[PID: 1788][C:\WINDOWS\System32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 6]
[PID: 1860][C:\Program Files\Rising\Rav\Ravmon.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 45]
    [C:\Program Files\Rising\Rav\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
    [C:\Program Files\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [C:\WINDOWS\System32\msdebug.dll]  [N/A, ]
    [C:\WINDOWS\System32\RemoteDbg.dll]  [N/A, ]
    [C:\WINDOWS\System32\WMIApiSrv.dll]  [N/A, ]
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Rising\Rav\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [C:\Program Files\Rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 6]

[PID: 864][C:\Program Files\Messenger\msmsgs.exe]  [Microsoft Corporation, 4.7.0041]
    [C:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 6]
    [C:\Program Files\Messenger\MSGSLANG.DLL]  [Microsoft Corporation, 4.7.0041]
    [C:\PROGRA~1\MESSEN~1\rtcimsp.dll]  [Microsoft Corporation, 4.0.3599.0 (Lab02_N(ntvbl02).020107-1351)]
    [C:\WINDOWS\System32\wdmaud.drv]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
    [C:\WINDOWS\System32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\msdmo.dll]  [, ]
    [C:\WINDOWS\System32\l3codecx.ax]  [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 5, 0, 50]
    [C:\WINDOWS\System32\mp4sdmod.dll]  [Microsoft Corporation, 9.00.00.2980]
    [C:\WINDOWS\System32\mp43dmod.dll]  [Microsoft Corporation, 9.00.00.2980]
    [C:\WINDOWS\System32\acelpdec.ax]  [Sipro Lab Telecom Inc., 1.40]
    [C:\Program Files\Lenovo\数码家电\Common\Bin\iviaudio.ax]  [InterVideo Inc., 3.1.91.192]
    [C:\Program Files\Lenovo\数码家电\Common\Bin\ivivideo.ax]  [ InterVideo Inc., 3.1.91.192]
    [C:\WINDOWS\System32\wmspdmod.dll]  [Microsoft Corporation, 9.00.00.2980]
    [C:\Program Files\Common Files\Sonic Shared\sonicmcdsdv.ax]  [MainConcept AG (Sonic), 2, 1, 0, 4]
    [C:\Program Files\Common Files\Sonic Shared\SOnicMCDVD_32.DLL]  [MainConcept AG, 2.3.1]
    [C:\Program Files\Common Files\Ahead\DSFilter\NeAudio.ax]  [Ahead Software AG and its licensors, 1, 0, 4, 6]
    [C:\WINDOWS\System32\mpg2splt.ax]  [, ]
    [C:\Program Files\Common Files\Sonic Shared\DVDLPCMConverter.ax]  [Sonic Solutions, 1.00]
    [C:\WINDOWS\System32\MSVCP70.dll]  [Microsoft Corporation, 7.00.9466.0]
    [C:\WINDOWS\System32\MSVCR70.dll]  [Microsoft Corporation, 7.00.9466.0]
    [C:\WINDOWS\System32\wmpasf.dll]  [Microsoft Corporation, 9.00.00.2980]
    [C:\Program Files\Common Files\Sonic Shared\DVSceneDetector.ax]  [Sonic Solutions, 1.00]
    [C:\Program Files\Common Files\Sonic Shared\VidPerfMonitor.ax]  [Sonic Solutions, 1.00]
    [C:\Program Files\Common Files\Ahead\DSFilter\NeVideo.ax]  [Ahead Software AG, 2, 0, 2, 0]
    [C:\Program Files\Common Files\Ahead\Lib\AdvrCntr.dll]  [Ahead Software AG, 1,0,13, 2124]
    [C:\Program Files\Common Files\Ahead\DSFilter\NeQTVDec.ax]  [Ahead Software AG, 1, 0, 0, 3]
    [C:\Program Files\Common Files\Ahead\DSFilter\NeQTADec.ax]  [Ahead Software AG, 1, 0, 0, 3]
[PID: 2052][C:\Program Files\Thunder Network\Thunder\Thunder.exe]  [, 5.0.0.72]
    [C:\Program Files\Thunder Network\Thunder\UpdateDownload.dll]  [N/A, ]
    [C:\Program Files\Thunder Network\Thunder\download_interface.dll]  [N/A, ]
    [C:\Program Files\Thunder Network\Thunder\log4cplus.dll]  [N/A, ]
    [C:\Program Files\Thunder Network\Thunder\stlport_vc646.dll]  [STLport Consulting, Inc., 4.6.2003.1031]
    [C:\Program Files\Thunder Network\Thunder\historyinfo_manage.dll]  [N/A, ]
    [C:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 6]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\System32\Macromed\Flash\Flash8.ocx]  [Macromedia, Inc., 8,0,22,0]
    [C:\WINDOWS\System32\wdmaud.drv]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
    [C:\WINDOWS\System32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\TIMHost.dll]  [N/A, ]
    [C:\WINDOWS\System32\upxdnd.dll]  [N/A, ]
[PID: 2316][C:\WINDOWS\System32\wuauclt.exe]  [Microsoft Corporation, 5.4.3630.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 6]
[PID: 3672][F:\qi\Maxthon2\Maxthon.exe]  [Maxthon International ltd., 2, 0, 2, 615]
    [F:\qi\Maxthon2\mxpp.dll]  [Maxthon, 1, 0, 0, 50]
    [F:\qi\Maxthon2\MxSk.dll]  [Maxthon, 1, 0, 0, 119]
    [F:\qi\Maxthon2\MxProxy2.dll]  [, 1, 0, 0, 3115]
    [C:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 6]
    [F:\qi\Maxthon2\MxFav.dll]  [Maxthon, 1, 0, 0, 186]
    [F:\qi\Maxthon2\maxzlib.dll]  [, 1.2.3]
    [F:\qi\Maxthon2\mxtool.dll]  [, 1, 0, 0, 1]
    [F:\qi\Maxthon2\mxfeedU.dll]  [, 1, 0, 45, 45]
    [C:\WINDOWS\System32\msxml4.dll]  [Microsoft Corporation, 4.10.9404.0]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\System32\wdmaud.drv]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
    [C:\WINDOWS\System32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\Macromed\Flash\Flash8.ocx]  [Macromedia, Inc., 8,0,22,0]
    [C:\WINDOWS\System32\TIMHost.dll]  [N/A, ]
    [C:\WINDOWS\System32\upxdnd.dll]  [N/A, ]
[PID: 1240][C:\WINDOWS\System32\conime.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 6]
[PID: 396][C:\WINDOWS\system32\cmd.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2508][C:\WINDOWS\Logo1_.exe]  [, 1.0.0.0]
    [C:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 6]
[PID: 2524][C:\Program Files\Microsoft Office\Office\EXCEL.EXE]  [Microsoft Corporation, 9.0.2823]
    [C:\Program Files\Microsoft Office\Office\MSO9.DLL]  [Microsoft Corporation, 9.0.2812]

[C:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 6]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\System32\Macromed\Flash\Flash8.ocx]  [Macromedia, Inc., 8,0,22,0]
    [C:\WINDOWS\System32\wdmaud.drv]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
    [C:\WINDOWS\System32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\TIMHost.dll]  [N/A, ]
    [C:\WINDOWS\System32\upxdnd.dll]  [N/A, ]
[PID: 2316][C:\WINDOWS\System32\wuauclt.exe]  [Microsoft Corporation, 5.4.3630.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 6]
[PID: 3672][F:\qi\Maxthon2\Maxthon.exe]  [Maxthon International ltd., 2, 0, 2, 615]
    [F:\qi\Maxthon2\mxpp.dll]  [Maxthon, 1, 0, 0, 50]
    [F:\qi\Maxthon2\MxSk.dll]  [Maxthon, 1, 0, 0, 119]
    [F:\qi\Maxthon2\MxProxy2.dll]  [, 1, 0, 0, 3115]
    [C:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 6]
    [F:\qi\Maxthon2\MxFav.dll]  [Maxthon, 1, 0, 0, 186]
    [F:\qi\Maxthon2\maxzlib.dll]  [, 1.2.3]
    [F:\qi\Maxthon2\mxtool.dll]  [, 1, 0, 0, 1]
    [F:\qi\Maxthon2\mxfeedU.dll]  [, 1, 0, 45, 45]
    [C:\WINDOWS\System32\msxml4.dll]  [Microsoft Corporation, 4.10.9404.0]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\System32\wdmaud.drv]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
    [C:\WINDOWS\System32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\Macromed\Flash\Flash8.ocx]  [Macromedia, Inc., 8,0,22,0]
    [C:\WINDOWS\System32\TIMHost.dll]  [N/A, ]
    [C:\WINDOWS\System32\upxdnd.dll]  [N/A, ]
[PID: 1240][C:\WINDOWS\System32\conime.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 6]
[PID: 396][C:\WINDOWS\system32\cmd.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2508][C:\WINDOWS\Logo1_.exe]  [, 1.0.0.0]
    [C:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 6]
[PID: 2524][C:\Program Files\Microsoft Office\Office\EXCEL.EXE]  [Microsoft Corporation, 9.0.2823]
    [C:\Program Files\Microsoft Office\Office\MSO9.DLL]  [Microsoft Corporation, 9.0.2812]
    [C:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 6]
    [C:\PROGRA~1\MICROS~2\Office\2052\OBALLOON.DLL]  [Microsoft Corporation, 9.0.2720]
    [C:\PROGRA~1\MICROS~2\Office\BLNMGRPS.DLL]  [, ]
    [C:\PROGRA~1\MICROS~2\Office\Addins\SYMINPUT.DLL]  [Microsoft Corporation, 1.00]
    [C:\WINDOWS\System32\MSVBVM60.DLL]  [Microsoft Corporation, 6.00.9782]
    [C:\Program Files\Microsoft Office\Office\msohev.dll]  [Microsoft Corporation, 9.0.2626]
    [C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL]  [, ]
    [C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL]  [Microsoft Corporation, 8.103.5219.0]
    [C:\WINDOWS\downlo~1\CnsHook.dll]  [北京三七二一科技有限公司, 2.5.1.5]
    [C:\Program Files\Rising\Rav\RsPlugIn.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 14]
    [C:\PROGRA~1\COMMON~1\MICROS~1\VBA\VBA6\VBE6.DLL]  [Microsoft Corporation, 6.00.8435]
    [C:\PROGRA~1\COMMON~1\MICROS~1\VBA\VBA6\2052\VBE6INTL.DLL]  [Microsoft Corporation, 6.00.8435]
    [C:\WINDOWS\System32\TIMHost.dll]  [N/A, ]
    [C:\WINDOWS\System32\upxdnd.dll]  [N/A, ]
    [C:\WINDOWS\System32\wdmaud.drv]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
    [C:\WINDOWS\System32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1200][C:\WINDOWS\msagent\AgentSvr.exe]  [Microsoft Corporation, 2.00.0.3422]
    [C:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 6]
    [C:\Program Files\Microsoft Office\Office\BLNMGR.DLL]  [, ]
    [C:\WINDOWS\System32\wdmaud.drv]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
    [C:\WINDOWS\System32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\msadp32.acm]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\System32\TIMHost.dll]  [N/A, ]
    [C:\WINDOWS\System32\upxdnd.dll]  [N/A, ]
[PID: 356][C:\WINDOWS\System32\nslookupi.exe]  [N/A, ]
    [C:\WINDOWS\System32\msdebug.dll]  [N/A, ]
    [C:\WINDOWS\System32\RemoteDbg.dll]  [N/A, ]
    [C:\WINDOWS\System32\windhcp.ocx]  [N/A, ]
    [C:\WINDOWS\System32\WPCAP.DLL]  [CACE Technologies, 3, 1, 0, 27]
    [C:\WINDOWS\System32\packet.dll]  [CACE Technologies, 3, 1, 0, 27]
    [C:\WINDOWS\System32\WanPacket.dll]  [CACE Technologies, 3, 1, 0, 27]
    [C:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 6]
[PID: 2268][C:\Program Files\Rising\Rav\RsAgent.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 12]
    [C:\WINDOWS\System32\msdebug.dll]  [N/A, ]
    [C:\WINDOWS\System32\RemoteDbg.dll]  [N/A, ]
    [C:\WINDOWS\System32\WMIApiSrv.dll]  [N/A, ]
    [C:\WINDOWS\System32\windhcp.ocx]  [N/A, ]
    [C:\WINDOWS\System32\windds32.dll]  [N/A, ]
    [C:\WINDOWS\System32\netsrvcs.dll]  [N/A, ]
    [C:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 6]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
[PID: 2432][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, ]
    [C:\WINDOWS\System32\msdebug.dll]  [N/A, ]
    [C:\WINDOWS\System32\RemoteDbg.dll]  [N/A, ]
    [C:\WINDOWS\System32\WMIApiSrv.dll]  [N/A, ]
    [C:\WINDOWS\System32\windhcp.ocx]  [N/A, ]
    [C:\WINDOWS\System32\windds32.dll]  [N/A, ]
    [C:\WINDOWS\System32\netsrvcs.dll]  [N/A, ]
    [C:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 6]
    [C:\WINDOWS\System32\TIMHost.dll]  [N/A, ]
    [C:\WINDOWS\System32\upxdnd.dll]  [N/A, ]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [C:\WINDOWS\downlo~1\CnsHook.dll]  [北京三七二一科技有限公司, 2.5.1.5]
[PID: 2976][C:\DOCUME~1\lenovo\LOCALS~1\Temp\Rar$EX01.656\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]
    [C:\WINDOWS\System32\msdebug.dll]  [N/A, ]
    [C:\WINDOWS\System32\RemoteDbg.dll]  [N/A, ]
    [C:\WINDOWS\System32\WMIApiSrv.dll]  [N/A, ]
    [C:\WINDOWS\System32\windhcp.ocx]  [N/A, ]
    [C:\WINDOWS\System32\windds32.dll]  [N/A, ]
    [C:\WINDOWS\System32\netsrvcs.dll]  [N/A, ]
    [C:\WINDOWS\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 2, 5, 0, 6]
    [C:\WINDOWS\System32\TIMHost.dll]  [N/A, ]
    [C:\WINDOWS\System32\upxdnd.dll]  [N/A, ]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
[E:\]
[AutoRun]
open=SysAuto.exe
shellexecute=SysAuto.exe
shell\打开(&O)\command=SysAuto.exe

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

总算发完了大家帮帮忙吧

真对不起，这么多怎么删啊