我是网管论坛's Archiver

wufnxbyg 发表于 2008-6-5 16:44

各位帮我看看

各位帮我看看我机器,是不是中毒了?装诺顿装不上,在别的机器上就能装,麻烦各位帮忙看一下,谢谢tb~!`'E3O h%Z8d
~f0}4qS'_6E YO0Zj
以下是日志:
/dpU ^}WE `4e*C
*l [ Lon!i [code]
.u%r\7E p| 2008-06-05,16:38:48
Cg-T"RE7d System Repair Engineer 2.6.8.980
j%m7G5g zxnV$z Smallfrogs (http://www.KZTechs.com)
WV&ihc1V3_3I Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能5Q TF"AM7KZ
以下内容被选中:z+IW(_4]4r6q2Q:U
    所有的启动项目(包括注册表、启动文件夹、服务等)W Xo}8tf hlP
    浏览器加载项
Ux#F1}!d_     正在运行的进程(包括进程模块信息)
4]h2`Q{'e2[     文件关联.s#ha_!chp
    Winsock 提供者
mIM!am8P8b x Q     Autorun.inf
lz3j9v WXc2N*P     HOSTS 文件
z1|#? DC@     进程特权扫描r{(kb s_+z\6TY

vM(S)mod 启动项目$nPf)`K,@i%`1V
注册表O2o3Ce&Wgh f`
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
y\Q@2Ro(M     <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]|`y2l n5@:s
    <swg><C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe>  [(Verified)Google Inc]
i(p+QD j     <H/PC Connection Agent><"E:\Program Files\Microsoft ActiveSync\wcescomm.exe">  [(Verified)Microsoft Corporation]
RU{!_5_Ov [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run])OZ]l C3])H'T
    <ATIPTA><C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe>  [ATI Technologies, Inc.]^g`5he;z\
    <EZEJMNAP><C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe>  [IBM Corp.]E7~,S:v%k#WcQ4k
    <IMEKRMIG6.1><C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE>  [(Verified)Microsoft Windows Publisher]4O-e F1e1L w2PX6A
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Publisher]iR i0I)e*k9pA}{
    <IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [(Verified)Microsoft Corporation]s4BO(JC:Zl}
    <MSPY2002><C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC>  [(Verified)Microsoft Windows Publisher]
T6jbth(m;i9o8\     <PHIME2002A><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows Publisher]
3@;[ VLLD(n2m5x     <PHIME2002ASync><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows Publisher]
[9yv{XBb     <TP4EX><tp4ex.exe>  [IBM Corporation].pH;PB;b ps)pT6Q
    <TPHOTKEY><C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe>  []5}/y.j:lx#TDb
    <TpShocks><TpShocks.exe>  [IBM Corp.]5n)GH[?
    <360Safetray><C:\Program Files\360safe\safemon\360Tray.exe /start>  [(Verified)Qizhi Software (beijing) Co. Ltd]u l1KY.B%ulGI
    <ATIModeChange><Ati2mdxx.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
;x(|Ln9uwv9vl&F(r     <Net-It Launcher><C:\WINDOWS\system32\NILaunch.exe>  []K4gU KOWY T
    <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r>  [(Verified)Qizhi Software (beijing) Co. Ltd]Fp#y m Y+y~o*?|$N0@
    <WebThunder><C:\Program Files\Thunder Network\WebThunder\WebThunder.exe>  [(Verified)ShenZhen Thunder Networking Technologies Ltd.]
;^"~*[5{C,L R [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]lWt ~xYx!v'k]$Q
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
#nj X/?-bl?     <Userinit><userinit.exe,>  [(Verified)Microsoft Windows Component Publisher]7[:YQu Y$s#G_b;B
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
+^I%FGc o [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
\x9j;W5w/oHa     <WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll>  [(Verified)Microsoft Windows Publisher]] }2t-i7Os U
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
4`qY&P+?g*ZK     <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [File is missing] r"a2rGF(E&ta
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
:u`I7^6b2T}p{T7j     <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]$_?G0Q6gR s
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
t!n'd]"w;HO#h     <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
8G%L%r(\ \-HA [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
g,n'R o1n|d|1J     <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]3|5O4Tbpu$i@
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
ptdn/A8Iu     <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
+L pT^;e1E M [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] g5gD3z+X?h,{8r/L
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]s{.Iv a4Z
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]%E:~&r"f l.jf:`,v#T#i,H
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]&d"K^'de&Q1h&l
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]O \_/b0LC&a
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]M@%K,jH&b6^#I
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path]
`w b/n j'F \     <IFEO[Your Image File Name Here without a path]><ntsd -d>  [N/A]9y.FWC }_#`
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
,i*WfM&{8A     <CdnCtr><; C:\Program Files\CNNIC\Cdn\cdnup.exe>  [File is missing]
G&qBlV.n4Ku3V iY [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] qJ2r3U9Z
    <DesktopSprite><; C:\Program Files\SnowFox\DesktopSprite2\DesktopSprite.exe>  [File is missing]4kZe0W7W
    <H/PC Connection Agent><; "E:\Program Files\Microsoft ActiveSync\wcescomm.exe">  [(Verified)Microsoft Corporation];NUANa?G
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
1s&J/xdTI9g |4|!P     <helper.dll><; C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32>  [File is missing]
)Pm:NU3?     <hxgame-update><; C:\Program Files\hxupdate\hxgame-update.exe>  [File is missing]7u&Il!F*KqZ*X
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
-t`z@L0T4W-G     <MsnMsgr><; "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background>  [(Verified)Microsoft Corporation] @!@)C7z%fO
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
v os'al Ua     <PCSuiteTrayApplication><; C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup>  [File is missing]
n6w(c,W(^ @'esE     <QuickTime Task><; "C:\Program Files\QuickTime\qttask.exe" -atboottime>  [File is missing][L t#v#C+[
    <renewup><; C:\Program Files\CNNIC\Cdn\cdnrenew.exe>  [File is missing] O nRE3xS0\
    <TkBellExe><; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
OiK6CZ(xrl,L     <YLive.exe><; C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe>  [File is missing] J].D-su&s
==================================J%D0XWp U
启动文件夹i;@r:H\uk,^
[Lotus Organizer EasyClip]K)a BfMC
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Lotus Organizer EasyClip.lnk --> C:\lotus\organize\easyclip.exe [Lotus Development Corporation]><N>
-j.R gPy,C2m B [Lotus QuickStart] k1A`i1HXU [
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Lotus QuickStart.lnk --> C:\lotus\wordpro\ltsstart.exe [Lotus Development Corporation]><N> OOS$?$sU%b
[Lotus SmartCenter 中文版]E4kr5a[%L Oc1v9T
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Lotus SmartCenter 中文版.lnk --> C:\lotus\organize\easyclip.exe [Lotus Development Corporation]><N>
"FVnn:T [Lotus SuiteStart ],D'u N0x0H
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Lotus SuiteStart .lnk --> C:\lotus\organize\easyclip.exe [Lotus Development Corporation]><N>`#i Exe5a
[腾讯QQ]
0h.QN)Q,X)ga#_E   <C:\Documents and Settings\IBMTEST\「开始」菜单\程序\启动\腾讯QQ.lnk --> C:\PROGRA~1\Tencent\QQ\QQ.exe [TENCENT]><N>0uJa.Z-{.yTb
==================================b,c3l%A0t%B)QaP
服务'WmS9T+R
[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
ED9AHa T [   <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>9hY+n.N vp0Vp6M
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]}|9Kd1q.W*x+j
  <C:\WINDOWS\System32\Ati2evxx.exe><>
'ye2\g1P.U [Contrl Center of Storm Media / ccosm][Running/Auto Start]C M4w&ec A0I
  <C:\Program Files\StormII\stormliv.exe /asservice><北京暴风网际科技有限公司>
g-{"z7_1E:]j&v+D [Google Updater Service / gusvc][Stopped/Manual Start]
.W%s-prs1?WL   <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>x(u p'sqL
[Human Interface Device Access / HidServ][Stopped/Disabled]6uf!}B,~^CL
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>[l A g0S"l@ i _
[IBM PM Service / IBMPMSVC][Running/Auto Start]+} z,G`I9u"l
  <C:\WINDOWS\system32\ibmpmsvc.exe><N/A>
4\&n&R3S i;XRh [InterBase Guardian / InterBaseGuardian][Running/Auto Start]BS \ z,l/T4I Md
  <E:\suda\bin\ibguard.exe -s><InterBase Software Corp.>
]-^k!XZG [InterBase Server / InterBaseServer][Running/Manual Start]
&c'sbd}ZEs|   <E:\suda\bin\ibserver.exe -s -g><InterBase Software Corp.>
.dQi%df:? a5x [Office Source Engine / ose][Stopped/Manual Start] E.~|p6Duy
  <"C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"><Microsoft Corporation>i e_iFd
[IBM KCU Service / TpKmpSVC][Running/Auto Start],X5E?` @ |
  <C:\WINDOWS\system32\TpKmpSVC.exe><N/A>:bB7orY5pn&XP
[Messenger 共享文件夹 USN 杂志阅读器服务 / usnjsvc][Stopped/Manual Start]AUEk/z
  <"C:\Program Files\MSN Messenger\usnsvc.exe"><Microsoft Corporation>\n1h~:C:OC5tK
[Windows Media Player Network Sharing Service / WMPNetworkSvc][Stopped/Manual Start] `)b;X+?q+II
  <"C:\Program Files\Windows Media Player\WMPNetwk.exe"><Microsoft Corporation>
NlXm(y BM =================================="T8N%|J'A,Pum
驱动程序_2] y[;Gid
[360AntiArp / 360AntiArp][Running/System Start]
:y3Nm9C#eCV*k   <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>A7mV%|y"wr
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]C&a4`/n j)^
  <system32\drivers\ac97intc.sys><Intel Corporation>
af2aq"NP [aeaudio / aeaudio][Running/Manual Start]
pM.K t-j*L6Y3N   <system32\drivers\aeaudio.sys><Andrea Electronics Corporation>2e"m \S U:{
[Agere Systems Soft Modem / AgereSoftModem][Running/Manual Start].{#dzQSd3Z%f
  <System32\DRIVERS\AGRSM.sys><Agere Systems>L6j f"k)V:g+W
[AliIde / AliIde][Stopped/Disabled]
O mGr9IH*H!UA   <\SystemRoot\System32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
nm ]r,gt6meBa [AMD AGP Bus Filter Driver / amdagp][Stopped/Disabled][p+Ee[ M
  <\SystemRoot\System32\DRIVERS\amdagp.sys><Advanced Micro Devices, Inc.>
;aKrG"AIf'` z [ANC / ANC][Stopped/Manual Start]ld+VN'c s-Bz`m@
  <System32\drivers\ANC.SYS><N/A>;aJQD6vjM }
[asc / asc][Stopped/Disabled]
N3})Di4lCjg}K   <\SystemRoot\System32\DRIVERS\asc.sys><Advanced System Products, Inc.>
MS)ts f#L Ej @ut [asc3550 / asc3550][Stopped/Disabled] O*rs)x1|
  <\SystemRoot\System32\DRIVERS\asc3550.sys><Advanced System Products, Inc.>W#?a3y:NT!IL
[ati2mtag / ati2mtag][Running/Manual Start]
'p'}1E&S gt EZI E   <System32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
`IMH7]2ZF [bafhibdf / bafhibdf][Stopped/Boot Start]
1egD^.E Mp   <\SystemRoot\system32\drivers\bafhibdf.sys><N/A>
"oF;M [){3J#zM'L,A [Rising TDI Base Driver / BaseTDI][Running/Auto Start])T.y!e bzv t;O3t n?
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>-q|4W!~.e6F;Nh4o
[BFB / BFB][Stopped/Manual Start]
`0k V_#W   <system32\DRIVERS\BFB.sys><OEM>
%S xyV"XDY g [bootdrv / bootdrv][Stopped/Boot Start]
8{@YN[L3y8I1g@q   <\SystemRoot\System32\Drivers\bootdrv.sys><N/A>'} Y d/fru*Q;fq
[CmdIde / CmdIde][Stopped/Auto Start]
;t1M6dI t#w   <\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>f/r(}-\L0Ty
[dac2w2k / dac2w2k][Stopped/Disabled]
)w&T5h%|)Q0AcK`m   <\SystemRoot\System32\DRIVERS\dac2w2k.sys><Mylex Corporation>
q?4B)Y{+A'T`D [drvmcdb / drvmcdb][Running/Boot Start]bo2\,x#AuQ]
  <\SystemRoot\system32\drivers\drvmcdb.sys><Sonic Solutions>
"g yOYj [drvnddm / drvnddm][Running/Auto Start].OKTF| t$rv
  <system32\drivers\drvnddm.sys><Sonic Solutions>
/Kd%Vc*b [Intel(R) PRO/1000 Adapter Driver / E1000][Stopped/Manual Start]
{u7l0tSg S\   <System32\DRIVERS\e1000325.sys><Intel Corporation>2e-@9LM {V`1\ F7n
[Intel(R) PRO Adapter Driver / E100B][Running/Manual Start]*Mr0zD(Q9tr
  <System32\DRIVERS\e100b325.sys><Intel Corporation>
k1d$~A7K @6}Q [usb Card Device / ft2kEnum][Running/Manual Start]
$_6S!KnS-B WQ0F'@   <system32\DRIVERS\ic2kenum.sys><OEM Corporation>_cdWl0Z
[USB Chip Holder Service / GDBaseSmc][Running/Manual Start]
1D,]Ii\T.iz   <system32\DRIVERS\Chip_smc.sys><OEM>
~Zi/F [$B [IBMPMDRV / IBMPMDRV][Running/Manual Start]
GoJ7a5wc/V   <System32\DRIVERS\ibmpmdrv.sys><IBM Corp.>Qq!mblCu y d
[IBMTPCHK / IBMTPCHK][Running/System Start]
9GE:e nNaF)Z"@6?   <System32\drivers\IBMBLDID.SYS><N/A>
&lI1T Tk8X [ifaecgef / ifaecgef][Stopped/Boot Start]
7byGp'W tbF   <\SystemRoot\system32\drivers\ifaecgef.sys><N/A>0D7S&sz9Y6o;s:z
[kcrbne / kcrbne][Running/Boot Start]\ M3H4E&y
  <\SystemRoot\\SystemRoot\System32\drivers\kcrbne.sys><N/A>
:y?7@ nV] [Lucent Technologies Soft Modem / LucentSoftModem][Stopped/Manual Start] d'?6j!_^@/F*Wp1f2Z
  <System32\DRIVERS\LTSM.sys><Lucent Technologies>
-K(WM*X;i oj7d [AEGIS Protocol (IEEE 802.1x) v2.2.1.0 / MDC8021X][Running/Auto Start]$f\8bZ B&MS3Y w
  <System32\DRIVERS\mdc8021x.sys><Meetinghouse Data Communications>
&jZ2F)h"@A C`7} [mraid35x / mraid35x][Stopped/Disabled]
F7QO)jX0p1Qwu3q'h   <\SystemRoot\System32\DRIVERS\mraid35x.sys><American Megatrends Inc.>7Jg!JW@+^_mX
[npkcrypt / npkcrypt][Stopped/Auto Start](g7X Dpq\E
  <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><N/A>*|5E Bnj4viB
[npkycryp / npkycryp][Stopped/Manual Start]
]qa{!MAuRI   <\??\C:\Program Files\Tencent\QQ\npkycryp.sys><N/A>F(_ yb,~6rM}
[NSC Infrared Device Driver / NSCIRDA][Running/Manual Start]
Pg:~]+sa AgB   <System32\DRIVERS\nscirda.sys><National Semiconductor Corporation>%@A/y d)Z
[DDK PACKET Protocol / Packet][Stopped/Manual Start]
P"V R9cr!}   <system32\DRIVERS\ProtoDrv.sys><360安全中心>
t0m V Q9j8N8F n [PMEM / PMEM][Running/Auto Start]
N$a(J-x*aN   <\??\C:\WINDOWS\system32\drivers\PMEMNT.SYS><Microsoft Corporation>m#]RK$i5q6N N
[Direct Parallel Link Driver / Ptilink][Running/Manual Start] D6Nj*s7`
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
I*Tw yl;W NUU [PxHelp20 / PxHelp20][Running/Boot Start]
C%Q!A7L[;@GQ1i   <\SystemRoot\System32\DRIVERS\PxHelp20.sys><Sonic Solutions>r L1f G.S b
[ql1080 / ql1080][Stopped/Disabled] f}5J,SK2Qe!B
  <\SystemRoot\System32\DRIVERS\ql1080.sys><QLogic Corporation>SXQY(`;Ap
[ql12160 / ql12160][Stopped/Disabled]
I;Xh3Rk8mo   <\SystemRoot\System32\DRIVERS\ql12160.sys><QLogic Corporation>
F#i7_1u0SJI5D%auO*G [ql1280 / ql1280][Stopped/Disabled]5U&Gs.g OS
  <\SystemRoot\System32\DRIVERS\ql1280.sys><QLogic Corporation> Z(t;j'z#zr/S\JB
[SmartCard Reader Device  / Reader_Device][Running/Manual Start]/NB IJ2m4x'O[
  <system32\DRIVERS\usbic2k.sys><OEM>3zj.\8S&@}kz
[WLAN Transport / s24trans][Running/Auto Start]
%B{[ g RmT.S   <System32\DRIVERS\s24trans.sys><Intel Corporation>
Uyqkl [S3SSavage / S3SSavage][Stopped/Manual Start][/U+wx b"?4C"uw5No+L?
  <System32\DRIVERS\s3ssavm.sys><S3 Graphics, Inc.>
2j} H0C:G.Ghd [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
(lC Jr"Q)kOQy   <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
0m,C4?/e,[MQ ~U [Secdrv / Secdrv][Stopped/Manual Start]
U&t A8UKf W   <System32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
']&kR D6T4^T [SIS AGP Bus Filter / sisagp][Stopped/Disabled]9I|2[}lQTwSP1I
  <\SystemRoot\System32\DRIVERS\sisagp.sys><Silicon Integrated Systems Corporation>
^Pv$V,\:i,Nl [Smapint / Smapint][Running/System Start]2Woe+C8E/T
  <System32\drivers\Smapint.sys><Microsoft Corporation>
iF o&z,Ty ?aCiA [smwdm / smwdm][Running/Manual Start]0HO!n2E;h A8Iu
  <system32\drivers\smwdm.sys><Analog Devices, Inc.>
&AC`yL ]'Yp\"|5bd [Sparrow / Sparrow][Stopped/Disabled]tc`qg0x(y
  <\SystemRoot\System32\DRIVERS\sparrow.sys><Adaptec, Inc.>
!l OmHb:\-F [sscdbhk5 / sscdbhk5][Running/System Start]
Uu\"w~S   <system32\drivers\sscdbhk5.sys><Sonic Solutions>
w[fc-ag [ssrtln / ssrtln][Running/System Start]yMJ\9W7Z
  <system32\drivers\ssrtln.sys><Sonic Solutions>
|:T!X9^D,W@zh [symc810 / symc810][Stopped/Disabled]
'Q+^t/m-\WJ4SQ   <\SystemRoot\System32\DRIVERS\symc810.sys><Symbios Logic Inc.>gb3bE B]m.OV
[symc8xx / symc8xx][Stopped/Disabled]
VRb A-iG4E$T   <\SystemRoot\System32\DRIVERS\symc8xx.sys><LSI Logic>
-J TO3U/mw;D` [sym_hi / sym_hi][Stopped/Disabled]%e f}#o it5Q'I
  <\SystemRoot\System32\DRIVERS\sym_hi.sys><LSI Logic>
J a2`j"tm-Y6G [sym_u3 / sym_u3][Stopped/Disabled]'^4o7QA'x1z je @
  <\SystemRoot\System32\DRIVERS\sym_u3.sys><LSI Logic>YdzbBM RTr
[Synaptics TouchPad Driver / SynTP][Stopped/Manual Start]
V j+WJ RL   <System32\DRIVERS\SynTP.sys><Synaptics, Inc.>3I+E;N#X3\.aO
[TDSMAPI / TDSMAPI][Running/System Start]6|0S&lc7M1o*P
  <System32\drivers\TDSMAPI.SYS><N/A>CCO8pZ%gG n
[USB / Test1][Stopped/Manual Start]\NRL6]/{f k
  <System32\Drivers\ZxtUsb2.sys><Your Corporation>l:v\Pdo~
[tfsnboio / tfsnboio][Running/Auto Start] q(? z%T {!RXQ
  <system32\dla\tfsnboio.sys><Sonic Solutions>
YB c.RS"o%W"Xv] [tfsncofs / tfsncofs][Running/Auto Start]
9mi/?yV hl   <system32\dla\tfsncofs.sys><Sonic Solutions>"BYFN+{ S/k
[tfsndrct / tfsndrct][Running/Auto Start]
!r}^"k5c   <system32\dla\tfsndrct.sys><Sonic Solutions>
2N1ro3G:kKfrC@o6j [tfsndres / tfsndres][Running/Auto Start]V$xW7m]K
  <system32\dla\tfsndres.sys><Sonic Solutions>
u:U#|P@O;Dta2? [tfsnifs / tfsnifs][Running/Auto Start]
J `f7I"[N   <system32\dla\tfsnifs.sys><Sonic Solutions>#m};a-kph]b nNQp
[tfsnopio / tfsnopio][Running/Auto Start]
Ee#J[ i   <system32\dla\tfsnopio.sys><Sonic Solutions>
5Jt^m4I.ypMc [tfsnpool / tfsnpool][Running/Auto Start]
b n o_FRK2T   <system32\dla\tfsnpool.sys><Sonic Solutions>a3fv0L OWAd
[tfsnudf / tfsnudf][Running/Auto Start]
#g)ZSt"Z O-LJ   <system32\dla\tfsnudf.sys><Sonic Solutions>4kX#e)X:q
[tfsnudfa / tfsnudfa][Running/Auto Start]-hcTa4i4gk
  <system32\dla\tfsnudfa.sys><Sonic Solutions>
v"N*w~ue#A'Z [IBM PS/2 TrackPoint Driver / Tp4Track][Running/Manual Start]
&fU@u C?;G$K   <System32\DRIVERS\tp4track.sys><IBM Corporation>
J _] N,]%Im [TPPWR / TPPWR][Running/System Start] {JNvnlWMH
  <System32\drivers\Tppwr.sys><IBM Corp.>+t.K;p$| s j
[TSMAPIP / TSMAPIP][Running/System Start]
{C c.o!jR!l{M   <System32\drivers\TSMAPIP.SYS><N/A>jbvf;Cg
[IBM PS/2 TrackPoint Filter Driver / TwoTrack][Stopped/Manual Start]
\J.oa yD   <System32\DRIVERS\TwoTrack.sys><IBM Corporation>m3b-dX L
[ultra / ultra][Stopped/Disabled]
:[Jb[kyw\A   <\SystemRoot\System32\DRIVERS\ultra.sys><Promise Technology, Inc.>
Y @^#[TKG9U#H [Intel(R) PRO/Wireless 7100 Adapter 驱动程序 / w70n51][Stopped/Manual Start]4y/jCe O#`t
  <System32\DRIVERS\w70n51.sys><Intel? Corporation>+O%Eu OD
[Windows Driver Foundation - User-mode Driver Framework Platform Driver / WudfPf][Stopped/Manual Start]
yt},Kw.W0sh!`'d   <system32\DRIVERS\WudfPf.sys><Microsoft Corporation>
8h$blMH;_,F5Z;s [Windows Driver Foundation - User-mode Driver Framework Reflector / WudfRd][Stopped/Manual Start]
9@Y"c2j0L9t[   <system32\DRIVERS\wudfrd.sys><Microsoft Corporation>~oj}{6Q'z6c
[USB PC Camera 301P / ZSMC301b][Stopped/Manual Start]
B%]eaq#n8ZK)?i:eq   <System32\Drivers\usbVM31b.sys><N/A>A#d%ZN6S v"p.~
[VIMICRO USB PC Camera (ZC0301PLH) / ZSMC303][Stopped/Manual Start]
VC$R;F3O*J L,jc-q   <System32\Drivers\usbVM303.sys><N/A>/UN Z"wq
==================================Ih;ck:v{0T]|U
浏览器加载项3YK'c$@6h#p'ziq%d
[QQCycloneHelper Class]
cX9p0`K C6nB   {00000000-12C9-4305-82F9-43058F20E8D2} <C:\Program Files\Tencent\QQDownload\QQIEHelper01.dll, 腾讯公司>
7z^3Q3`:}m;^ [WebThunder Browser Helper]2j(gVm&]JPyl#b
  {00000AAA-A363-466E-BEF5-9BB68697AA7F} <C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll, Thunder Networking Technologies,LTD>"{%v k|:cQ @
[ThunderAtOnce Class]
Tn0]J@o u   {01443AEC-0FD1-40fd-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>u8mf X0~+Q}-n-I3n+w
[FG2CatchUrl]n8i0d&}uwr#Za,e
  {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} <C:\Program Files\FlashGet Network\Flashget\ComDlls\bhoCATCH.dll, FlashGet>[T(~Q~7D(xu\Y1a
[DriveLetterAccess]
7dhM(d%uHSd   {5CA3D70E-1895-11CF-8E15-001234567890} <C:\WINDOWS\system32\dla\tfswshx.dll, Sonic Solutions>
m)uu^?a:A*G [Thunder Browser Helper]wDWJt4E
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
`$Co ]4T$G3\:OP,d [Google Toolbar Helper]
P3hu-Z3T&tw7~z$P   {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>(L"N#|MIv8^0~*J
[Google Toolbar Notifier BHO]&`;z.|hLs%Q4x$g+R
  {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
D9P%}G;pu\1[ [SafeMon Class]
d-Ki+x3hx   {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
WY9d8B ? ct [启动迅雷5];P?e/MWA\v4o
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
j O{K%^8m0O,@ [启动WEB迅雷]
mk~zAz'W[v0J   {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} <http://my.xunlei.com, N/A>
6^#SUYY r [&Google] m dsk4pO/}
  {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
w EI7X}*Fj [Shockwave Flash Object]
6V[+M,| j*xnhr   {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
&zKwT6_z$EY"I/g [QQCycloneHelper Class]Qe\ K(@$r [:O,~
  {00000000-12C9-4305-82F9-43058F20E8D2} <C:\Program Files\Tencent\QQDownload\QQIEHelper01.dll, 腾讯公司>j@1{eU7E
[WebThunder Browser Helper]-] ]H.`fe*I GHr
  {00000AAA-A363-466E-BEF5-9BB68697AA7F} <C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll, Thunder Networking Technologies,LTD>m \jQ+c.LRa+x5E j6nH
[ThunderAtOnce Class]
%z|&pX/o(W$\(u EZEw   {01443AEC-0FD1-40FD-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
w&S4J2N4s.HZ [WebThunder Class]twq*p S1m
  {03507A1A-E0C5-4404-AA26-205385C0892D} <, N/A>TP*L.lnh;Pl9m$FX
[GerneralPeerID Class]
^.y}R:q Sr|   {0A47E819-F82E-4D5D-B806-6A9EA94D68CD} <C:\Program Files\Thunder Network\Thunder\Components\InMedia\peerid.dll, > x5Y/|;^7G_ jr
[BJCASecClt Control]
'M/G;{%ov5e   {1BFD2B7F-AAED-4319-8776-C5A0F2698249} <C:\WINDOWS\system32\BJCASE~1.OCX, CAPINFO>#M-lZ8Pc H
[FG2CatchUrl]nqB U&fp0k
  {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} <C:\Program Files\FlashGet Network\Flashget\ComDlls\bhoCATCH.dll, FlashGet>vaoW_!I4v
[&Google]
"d6]c9dp   {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.> h1c#m5iH6im/X
[WebThunder DapPlayer] _ {,d9^pe?0~F
  {2EEDA47E-8D5C-4d7e-B4B6-E16E19218555} <C:\Program Files\Thunder Network\WebThunder\DownAndPlay\DapPlayer3.0.41.65.758.dll, ShenZhen Thunder Networking Technologies Ltd.>
T)Z;}E5PV0^aX [Thunder Agent Class]
1f`)^?+m!C [;U   {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <C:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll, Thunder Networking Technologies,LTD>u N0emctD;}
[DriveLetterAccess]
xD$dOVMu+rS   {5CA3D70E-1895-11CF-8E15-001234567890} <C:\WINDOWS\system32\dla\tfswshx.dll, Sonic Solutions>
&K[HlCK#O/i [XMP Class]
1Go.O,qk o%c0i8|7H   {6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, >*ZX-AA^ U4p7?"w
[XDRM]%{ wHt5QHSa9h
  {693571CB-54A3-4E90-9D52-EEAE1334E2D3} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, > L |D&u1\2i BN
[WangWangObj Class] R?8G]-d%k A~ i
  {6E213FC7-DD5A-4115-B7E6-D4C7838C361E} <C:\Program Files\淘宝网\淘宝旺旺\WangWangX6.dll, 阿里巴巴软件(上海)有限公司>O6Uod'G3}2A H
[MediaComm Class]
;EP5Y.m0K{G   {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <C:\Program Files\Thunder Network\Thunder\Components\InMedia\MediaAddin15.dll, Thunder Networking Technologies,LTD>7}&|G*gH@ n0v L
[360SafeLive] CF&d[ Kv
  {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>S+{3hS9f$ZF.[:]e
[Thunder Browser Helper]
Z%AlmF,r   {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
)lBPG3J ^/rzu\e [RMGetLicense Class]k_W:o%l,{|0\H
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
O/@g eIb [Google Toolbar Helper]6\ {\ iS&?D
  {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
5}~ tW0}\ Sq'z\ [Thunder DapCtrl]w2x_F%M'i;] t&W w
  {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.1.6.5710.37.696.dll, ShenZhen Thunder Networking Technologies Ltd.>-LI)AQ8`/K4^3R a
[Google Toolbar Notifier BHO]
2dJ4xB8{2|   {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
O6w.vt@/o[ [SafeMon Class]
O2T:f"Y"p l5t   {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>'d7hQxQ$A'w
[Shockwave Flash Object]
2EK0L)eIz)i Z   {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
:G$UZ*T'e [Thunder DapPlayer]Gqt*Im"g5}
  {EEDD6FF9-13DE-496B-9A1C-D78B3215E266} <C:\Program Files\Thunder Network\Thunder\Components\DownAndPlay\DapPlayer3.0.44.68.802.dll, ShenZhen Thunder Networking Technologies Ltd.>q mD'J,x1sDw ]R
[XPPlayer Class]%b6L k:^-h#J!db
  {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\pplayer.dll_1_work, Thunder>_nA)P3MzC G.A\
[FG2CatchUrl]
2U J7{8Tm1B L7M   {FB5DA724-162B-11D3-8B9B-AA70B4B0B525} <C:\Program Files\FlashGet Network\Flashget\ComDlls\bhoCATCH.dll, FlashGet>b!L"@.}M9n
[&使用超级旋风下载]
+PR/dT,YA-W2G   <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>.^d!h/Eu?*| p%M m g
[&使用超级旋风下载全部链接])C(ol%f;p}Ke u-G
  <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
)TBn:k*xwV(].C [使用WEB迅雷下载].^#\A"rjv5[
  <C:\Program Files\Thunder Network\WebThunder\GetUrl.htm, N/A>
n1ZR W?Sf.~e G [使用WEB迅雷下载全部链接]9y EQpo1x&O
  <C:\Program Files\Thunder Network\WebThunder\GetAllUrl.htm, N/A>.l,Q6wH EDV
[使用快车(Flas&hGet)下载]
,kp\Q Mlc;o @   <C:\Program Files\FlashGet Network\Flashget\ComDlls\Bholink.htm, N/A>Cxy(AQj4F y*c
[使用快车(Flash&Get)下载全部链接]
jKs?"M#CL   <C:\Program Files\FlashGet Network\Flashget\ComDlls\Bhoall.htm, N/A>&qJ/n ?[.JO
[使用迅雷下载] Y"c(r CGIU e G
  <C:\Program Files\Thunder Network\Thunder\Program\geturl.htm, N/A>6Lh g6^ FC[,Pi
[使用迅雷下载全部链接]+`1s,z ?_
  <C:\Program Files\Thunder Network\Thunder\Program\getallurl.htm, N/A>
MjD/T6? [在Foxmail中添加该RSS频道/频道组]
?G,M6U GD   <res://C:\WINDOWS\system32\fmrsslink.dll/201, N/A>
-Rc {^/[f)J FV [导出到 Microsoft Office Excel(&X)]
:S8K,r su;~v8_   <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
Xi H$O:x"Vs;A [添加到QQ表情]
'D8kdC4p&wV8K   <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>&U.t#jx'sj`7M
==================================
Y ]9r G e7{Hn 正在运行的进程.wom5Ub g.Q
[PID: 664 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]E2` ?,y5a,KS
[PID: 712 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
(ftlt Z4S-W:R [PID: 740 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]'T|3o|*Pn8p
    [C:\WINDOWS\system32\Ati2evxx.dll]  [, ]
-js5hf8Y@     [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]&D6f6O:~:}Ae8c+e E
[PID: 784 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
aA$g&D@ tI"Ni3O     [C:\WINDOWS\AppPatch\AcAdProc.dll]  [Microsoft Corporation, 5.1.2600.3008 (xpsp.061004-0027)]
M#E7^-RF [PID: 796 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]Ls+kiQ_G&}$U
[PID: 960 / SYSTEM][C:\WINDOWS\system32\ibmpmsvc.exe]  [N/A, ]5m.CQ"l0Dt|P0}
[PID: 1024 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
3I&qxhPb*s [PID: 1096 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
/[ R'o,C^iq't!j7_ [PID: 1188 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
,?t{1J4e)[%Pt     [C:\WINDOWS\system32\wups2.dll]  [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)]?2A(\*Eh1vI5~LJ3k
[PID: 1316 / NETWORK SERVICE][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
MZ gOczx'`;a [PID: 1552 / LOCAL SERVICE][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)](y&x4E\9QT&x fn
[PID: 1740 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
t4n9['`x J     [C:\WINDOWS\system32\hpzll3xu.dll]  [Hewlett-Packard Company, 60.051.641.00]
?wKSX     [C:\WINDOWS\system32\mdimon.dll]  [Microsoft Corporation, 11.3.1897.0]5C!P,W0w(w?
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpzpp3xu.dll]  [Hewlett-Packard Corporation, 60.051.641.00]
;Mt8f6z3hJ(y     [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\jDocPrc.dll]  [N/A, ]
lCWc3A'j     [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll]  [Microsoft Corporation, 11.3.1897.0]8@A;^+g6C7a
[PID: 220 / SYSTEM][C:\WINDOWS\System32\Ati2evxx.exe]  [, ]
,w-@q^$Y6H [PID: 288 / SYSTEM][C:\Program Files\StormII\stormliv.exe]  [北京暴风网际科技有限公司, 3, 8, 3, 15]Wkr#d'\t5JX
    [C:\Program Files\StormII\MSVCP60.dll]  [Microsoft Corporation, 6.02.3104.0]
w,RT!T@#~1OwD(Q m [PID: 304 / IBMTEST][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
sTpu;^V     [C:\WINDOWS\system32\WPDShServiceObj.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
`8D$}R!gQ*Xr)Z     [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1001]iZ.If!|/sL;})S
    [C:\WINDOWS\system32\PortableDeviceTypes.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
Uh{*q-R*hM _     [C:\WINDOWS\system32\PortableDeviceApi.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
!k0T3m7rG"R     [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
pg0nY*V'v3E)g;I     [C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 75]
z&m\,H _'qx     [C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.16]
h1`f7Tc+r(F&P     [C:\WINDOWS\system32\dla\tfswshx.dll]  [Sonic Solutions, 1.04.21a]6PL9W[#YnW0@
    [C:\WINDOWS\system32\tfswapi.dll]  [Sonic Solutions, 1.04.21a]
,o,g#RoQ OCF7L     [C:\WINDOWS\system32\dla\tfswcres.dll]  [Sonic Solutions, 1.04.21a]
)nbc)Tcbi'NH     [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 96]
^ \E2s'n"t)m6zPO     [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [, 1, 0, 0, 17]
lH{.s"J$k     [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
@fy;hp{6HI2jj     [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
v?vWF!F NH     [C:\TDDOWN~1\木马清~1.8\WINDOW~1.8上\ftcsetup\Commenu.dll]  [Fygsoft and Microsoft, 3.0.0.63]
,}SLL6g#n'YQ#_     [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510];N4P$]T yb
[PID: 376 / SYSTEM][E:\suda\bin\ibguard.exe]  [InterBase Software Corp., WI-V5.6.0.29]
R~nHC7De     [C:\WINDOWS\system32\gds32.dll]  [InterBase Software Corp., WI-V5.6.0.29]({ m+w'ajuAB#U1c
[PID: 488 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
&_;qnD$_/Y,? [PID: 696 / SYSTEM][C:\WINDOWS\system32\TpKmpSVC.exe]  [N/A, ]
Q|{Y;[?1SlbO [PID: 1648 / IBMTEST][C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe]  [IBM Corp., 1, 0, 0, 0]
J-Y1h]bs8Q"| [PID: 1832 / IBMTEST][C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe]  [N/A, ]
y%JY @P2YydX m O4]k'`     [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1001]C YZJ.D*UK
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
&elD(E6HG%z%x x9Bd-a     [C:\Program Files\ThinkPad\PkgMgr\HOTKEY_2\tphk_2k.dll]  [N/A, ]][7M}c~^
    [C:\WINDOWS\system32\Oemdspif.dll]  [ATI Technologies, Inc., 6.14.0008]
Omn dz;c.tA [PID: 1872 / IBMTEST][C:\WINDOWS\system32\NILaunch.exe]  [N/A, ]4aT!T`Y$U"AV af
[PID: 1888 / IBMTEST][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] La'p c0z~-{
[PID: 1896 / IBMTEST][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe]  [Google Inc., 2, 0, 301, 1654]
0}(@(O2r&GF5y W,w     [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll]  [Google Inc., 2, 0, 301, 7164]
*v L@3}l0L`:}2|     [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll]  [Google Inc., 2, 0, 301, 7164]
~&^o }O hv n     [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll]  [Google Inc., 2, 0, 301, 7164]5Bx(c3W[+lCH1U
    [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1001]
2CV+OouuL'qvU}0l [PID: 1908 / IBMTEST][E:\Program Files\Microsoft ActiveSync\wcescomm.exe]  [Microsoft Corporation, 4.5.5096.0] ]V4KUw$r pY
    [C:\WINDOWS\system32\CEUTIL.dll]  [Microsoft Corporation, 4.5.5096.0]
`1c-s J0ug     [C:\WINDOWS\system32\RAPI.dll]  [Microsoft Corporation, 4.5.5096.0]8{+VI"i hz
    [E:\Program Files\Microsoft ActiveSync\TCP2UDP.dll]  [Microsoft Corporation, 4.5.5096.0]
l:s~"k:wP+d     [E:\Program Files\Microsoft ActiveSync\rapiproxystub.dll]  [Microsoft Corporation, 4.5.5096.0]-BV;@[+n%rzG*A
    [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1001]
T;V,}e0f-G     [E:\Program Files\Microsoft ActiveSync\dtptdns.dll]  [Microsoft Corporation, 4.5.5096.0]
'c ^6q.s l6^ [PID: 1488 / IBMTEST][E:\PROGRA~1\MICROS~1\rapimgr.exe]  [Microsoft Corporation, 4.5.5096.0]8i/G/t4Hm
    [C:\WINDOWS\system32\CEUTIL.dll]  [Microsoft Corporation, 4.5.5096.0]
B6r d'~'r8XX     [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1001]j%Q m Uj7v#U"]
    [E:\Program Files\Microsoft ActiveSync\rapiproxystub.dll]  [Microsoft Corporation, 4.5.5096.0]&A^n"Hd\`k
[PID: 1484 / IBMTEST][C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe]  [N/A, ]
5Tn9]SmYyCH     [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1001]
7v"q&x"B.a.i(g*a2vg [PID: 2244 / IBMTEST][C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe]  [IBM Corporation, 1.06]*?u/Q&~e8lS
    [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1001]
@*iv5z'j-D [PID: 2764 / SYSTEM][E:\suda\bin\ibserver.exe]  [InterBase Software Corp., WI-V5.6.0.29]FC dr"W'mZT
[PID: 2984 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
:Ejf [:h`;?e7i1ue [PID: 3796 / IBMTEST][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, ]1e)^SbJ5l
    [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1001]
+@:uh3B*u,Rs]!E*f     [C:\Program Files\MSN Messenger\fsshext.8.1.0178.00.dll]  [Microsoft Corporation, 8.1.0178.00]
&Tgn6m2ve1i7A4M     [C:\WINDOWS\system32\wpdshext.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
{+jE+F\$iz     [C:\WINDOWS\system32\PortableDeviceApi.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]gO8I ^:DX0[ A
    [C:\WINDOWS\system32\Audiodev.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]1NI,]#MaKi1x
[PID: 1960 / IBMTEST][C:\DOCUME~1\IBMTEST\LOCALS~1\Temp\Rar$EX00.462\SREngLdr.EXE]  [Smallfrogs Studio, 2.6.8.980]A1wpWa"QH6jW
[PID: 3936 / IBMTEST][C:\DOCUME~1\IBMTEST\LOCALS~1\Temp\Rar$EX00.462\SRE106c08c3.EXE]  [Smallfrogs Studio, 2.6.8.980] _;Q"Vj6x4vp
    [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1001]
5_?1rk5G@q ==================================
5`x7kaj'OG3D 文件关联
vDG\hRWy .TXT  Error. [C:\WINDOWS\notepad.exe %1]| w Z4RA~
.EXE  OK. ["%1" %*]+tLT*J;SIZ z1e
.COM  OK. ["%1" %*]
q!S:o_"flb:B .PIF  OK. ["%1" %*]
7|K z['R1h'Ul,i.K`ZH .REG  OK. [regedit.exe "%1"]&Ya+x}$z0o i
.BAT  OK. ["%1" %*];y Od];P%s l
.SCR  OK. ["%1" /S]
#l)x1[&l-a7Wp .CHM  Error. ["hh.exe" %1]
RC5GFQ l{ .HLP  Error. [C:\WINDOWS\winhlp32.exe %1]
!e8U\ _7v%kUe2A .INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1] ^muF D&K5vI(X9}XX
.INF  Error. [C:\WINDOWS\NOTEPAD.EXE %1]
!C ]8y$j!as .VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]cn@2k(IH
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
*] @M_~ q1w .LNK  OK. [{00021401-0000-0000-C000-000000000046}]
]da F7I%K ==================================
+N5F#J#r+u4u }#md k Winsock 提供者[R4G O n:Ah
N/A
iQ$v%|!Djz0j~ ==================================
m.qVkO0C Autorun.infDIE#ju+z#qa
N/A
1]K.jb0I a&DA`^ ==================================,s4d:w)X8_ K-MX4H ?
HOSTS 文件
#C Az-`j)k Y*EI7~ 127.0.0.1                     about-blank.cc9s~mK?t
127.0.0.1                     hao.allxun.com%o"M8RH&a1F3V5q
127.0.0.1                     kzxf.com9mU'~d4Knv
127.0.0.1                     vod.mmdy.org
&[%S&\i)r3hc!W P 127.0.0.1                     www.123wa.com`k Y x3Rzu
127.0.0.1                     www.4199.com
ei"\I.w9_ X k'w-Y 127.0.0.1                     www.71791.com;DEs4Vh3FRK(\
127.0.0.1                     www.7939.com
}usO8W!j 127.0.0.1                     www.9505.com
G5m%k}6YgN uV9`9I 127.0.0.1                     www.feixue.net
y6C-X-k*dG 127.0.0.1                     www.kzxf.comNQ5}c DkM!Y ]Q"s
127.0.0.1                     www.my123.com
LC8@.x3^kjo.z 127.0.0.1                     www.piaoxue.com
,FH C!hv*{+P_4\ 127.0.0.1                     www.xfkz.com
t.T$L X^H |;w8o] t 127.0.0.1                     xfkz.comp _/cVy
==================================
O.Ym CpMVd b 进程特权扫描
Yt#KI.h 特殊特权被允许: SeLoadDriverPrivilege [PID = 1648, C:\PROGRA~1\THINKPAD\UTILIT~1\EZEJMNAP.EXE]
*hU mBH D9[%TD 特殊特权被允许: SeLoadDriverPrivilege [PID = 1832, C:\PROGRA~1\THINKPAD\PKGMGR\HOTKEY\TPHKMGR.EXE]
-s9u!g;s2C4S/\.Z3?(zJ 特殊特权被允许: SeLoadDriverPrivilege [PID = 1872, C:\WINDOWS\SYSTEM32\NILAUNCH.EXE]!C(N;udRz?
特殊特权被允许: SeLoadDriverPrivilege [PID = 1484, C:\PROGRAM FILES\THINKPAD\PKGMGR\HOTKEY\TPONSCR.EXE]e$s R Q%Cu
特殊特权被允许: SeLoadDriverPrivilege [PID = 2244, C:\PROGRAM FILES\THINKPAD\PKGMGR\HOTKEY_1\TPSCREX.EXE]
uq7z~:O^&g$g i 特殊特权被允许: SeLoadDriverPrivilege [PID = 3796, C:\PROGRAM FILES\WINRAR\WINRAR.EXE]
}'{2wYVPr9j 特殊特权被允许: SeLoadDriverPrivilege [PID = 1960, C:\DOCUME~1\IBMTEST\LOCALS~1\TEMP\RAR$EX00.462\SRENGLDR.EXE]}(}-Aia |:V,uSkIp
==================================
#TDEV`\7y? API HOOK
D\:h ?TY7Gt.Y N/Ar1Q&p-o2`Sk3E nA
==================================
k/N&Qvf FC-n$~ 隐藏进程
`'`x]#jD-E N/A`5R%{yUgHD&goV
==================================
/j7Uou3Ge s [/code]

LMC.Slidol 发表于 2008-6-5 17:17

<ATIPTA><C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe>  [ATI Technologies, Inc.] Q;Z$Nq#o
    <EZEJMNAP><C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe>  [IBM Corp.]O aM%Mbg^W-~6[
    <IMEKRMIG6.1><C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE> 这里有问题吧T/`0x4edJ;E
==================================
:Nx[h1b 启动文件夹S3T!ZYqm1UE uE4U
[Lotus Organizer EasyClip]5[ ZZU~|A
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Lotus Organizer EasyClip.lnk --> C:\lotus\organize\easyclip.exe [Lotus Development Corporation]><N>
,q4q-^,er!vB8d K9v K*b [Lotus QuickStart]7bWV+jNrZ"J^
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Lotus QuickStart.lnk --> C:\lotus\wordpro\ltsstart.exe [Lotus Development Corporation]><N>K1u^-w"tN:F-g
[Lotus SmartCenter 中文版]!q#}A9S4q)V5sX
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Lotus SmartCenter 中文版.lnk --> C:\lotus\organize\easyclip.exe [Lotus Development Corporation]><N>
|%G&[*LnY.l,TI.m [Lotus SuiteStart ]9g WV$a1W,V
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Lotus SuiteStart .lnk --> C:\lotus\organize\easyclip.exe [Lotus Development Corporation]><N>
O P$sz2O"J [腾讯QQ]1njN7k bT#ktB
  <C:\Documents and Settings\IBMTEST\「开始」菜单\程序\启动\腾讯QQ.lnk --> C:\PROGRA~1\Tencent\QQ\QQ.exe [TENCENT]><N>           启动项太多了!!!
s.cu OW)EkX.\NX^ ==================================  
;jV7L"q3z8i D q 太多我也看不过来,我看有两种可能:第一,你真的中病毒了。第二是,你系统里有什么软件冲突。|K a h;R{
解决方法:
n8r9s,Q1T.Na 开始运行里打:msconfig   把多佘启动项清除下。
;xFB.w-@c 不会与我联系

爱丽舍 发表于 2008-6-6 09:26

[bafhibdf / bafhibdf][Stopped/Boot Start]5iSK(?3O/q
  <\SystemRoot\system32\drivers\bafhibdf.sys><N/A>@GUq/z
[ifaecgef / ifaecgef][Stopped/Boot Start]
4t,Fgn$B5v   <\SystemRoot\system32\drivers\ifaecgef.sys><N/A>_ @J!B ["}T k;y
[kcrbne / kcrbne][Running/Boot Start]1Lx1G(v2t vu,uE
  <\SystemRoot\\SystemRoot\System32\drivers\kcrbne.sys><N/A>
w p%Lg5G:Ge c \;M 这几个驱动删除掉
i}UE s7?f 删除服务(驱动)的方法:运行SRENG--->启动项目--->服务--->win32服务应用程序--->勾选“隐藏已认证的微软项目”--->选择要删除的服务--->选择删除服务--->点击设置--->出现提示里选择No(否),确认删除
zP X8[d7g SU
9q Y T!U,}m 修复文件关联错误项"y}0h{ UjG3Wowq
6d%Ux)w9A3A z
用windows清理助手删除哑虎助手、GoogleToolbar之类的流氓程序!|%QGtK aM+r ?

'j&a4t2Jp)F@/N{H 在SREng最新的这个版本中,一般都有这项
\i}"M8\^A [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path]:m3w&I+@:~^BeN\
    <IFEO[Your Image File Name Here without a path]><ntsd -d>  [N/A]
8ni9p0wi!P%P0| 感觉不处理应该也没事,当然直接删除了也没事+n(Q U:HM!m;C*|$c'@n

cp0`{4bsk 应该是个本吧,加载的好多没用的东东,估计用windows清理助手清理后应该能装杀毒了

爱丽舍 发表于 2008-6-6 10:02

还有,诺顿装不上?不知有什么提示

wufnxbyg 发表于 2008-6-6 12:08

谢谢  安装时出现发送错误信息

页: [1]

Powered by Discuz! Archiver 7.0.0  © 2001-2009 Comsenz Inc.