启动文件夹
[ykdkgj]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\ykdkgj.lnk --> C:\PROGRA~1\Fastcopy\ykdkgjg.exe [N/A]><N>

==================================
服务
[error monitor / EmonSrv][Running/Auto Start]
  <C:\WINDOWS\system32\lfrmewrk.exe><N/A>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[SmartLinkService / SLService][Running/Auto Start]
  <slserv.exe><>
[Fax Client / ms_fax][Running/Auto Start]
  <C:\WINDOWS\system32\ef42.exe><N/A>

==================================
驱动程序
[ati2mtag / ati2mtag][Stopped/Manual Start]
  <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[CSB6IDE / CSB6IDE][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\csb6ide.sys><ServerWorks Corporation>
[Intel(R) PRO Network Connection Driver / E100B][Running/Manual Start]
  <system32\DRIVERS\e100b325.sys><Intel Corporation>
[ialm / ialm][Running/Manual Start]
  <system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[M5287 / M5287][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\m5287.sys><ULi Electronics Inc.>
[M5288 / M5288][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\m5288.sys><ULi Electronics Inc.>
[M5289 / M5289][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\m5289.sys><ULi Electronics Inc.>
[MSAHCI / MSAHCI][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\msahci.sys><Microsoft Corporation>
[Mtlmnt5 / Mtlmnt5][Running/Manual Start]
  <system32\DRIVERS\Mtlmnt5.sys><>
[Mtlstrm / Mtlstrm][Stopped/Manual Start]
  <system32\DRIVERS\Mtlstrm.sys><>
[NtMtlFax / NtMtlFax][Stopped/Manual Start]
  <system32\DRIVERS\NtMtlFax.sys><>
[NVATABUS / NVATABUS][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\NVATABUS.SYS><NVIDIA Corporation>
[prio driver / prio][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\prio.sys><Xeno>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RecAgent / RecAgent][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\DRIVERS\RecAgent.sys><>
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
  <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[SISRAID2 / SISRAID2][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\SiSRaid2.sys><Silicon Integrated Systems Corp>
[SISRAID4 / SISRAID4][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\SiSRaid4.sys><Silicon Integrated Systems>
[SmartLink AMR_PCI Driver / Slntamr][Running/Manual Start]
  <system32\DRIVERS\slntamr.sys><>
[SlNtHal / SlNtHal][Stopped/Manual Start]
  <system32\DRIVERS\Slnthal.sys><>
[SlWdmSup / SlWdmSup][Running/Manual Start]
  <system32\DRIVERS\SlWdmSup.sys><Vireo Software>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[Microcode Update Driver / Update][Running/Manual Start]
  <system32\DRIVERS\update.sys><Microsoft Corporation>
[usb8028 / usb8028][Stopped/]
  <2 - 系统找不到指定的文件。
><N/A>
[usb8028x / usb8028x][Stopped/]
  <2 - 系统找不到指定的文件。
><N/A>
[VIA AC'97 Audio Controller (WDM) / VIAudio][Running/Manual Start]
  <system32\drivers\viaudios.sys><VIA Technologies, Inc.>
[VMware Pointing Device / vmmouse][Running/Manual Start]
  <system32\DRIVERS\vmmouse.sys><VMware, Inc.>

浏览器加载项
[Abho Class]
  {1238F6B9-C123-4049-B07E-7A71AF320032} <C:\WINDOWS\system32\3ef.dll, TODO: <公司名>>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder\ComDlls\XunLeiBHO_001.dll, Thunder Networking Technologies,LTD>
[CPPIE Class]
  {C6844939-C324-41E0-84D0-D42F8DA5EBAD} <C:\WINDOWS\system32\hbcmd.dll, TODO: <公司名>>
[信息检索(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[AxInputControl Class]
  {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\DOWNLO~1\INPUTC~1.DLL, >
[Rising Web Scan Object]
  {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <C:\WINDOWS\Downloaded Program Files\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[Abho Class]
  {1238F6B9-C123-4049-B07E-7A71AF320032} <C:\WINDOWS\system32\3ef.dll, TODO: <公司名>>
[AxInputControl Class]
  {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\DOWNLO~1\INPUTC~1.DLL, >
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder\ComDlls\XunLeiBHO_001.dll, Thunder Networking Technologies,LTD>
[AxSubmitControl Class]
  {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\DOWNLO~1\SUBMIT~1.DLL, >
[CPPIE Class]
  {C6844939-C324-41E0-84D0-D42F8DA5EBAD} <C:\WINDOWS\system32\hbcmd.dll, TODO: <公司名>>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9a.ocx, Adobe Systems, Inc.>
[Rising Web Scan Object]
  {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <C:\WINDOWS\Downloaded Program Files\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[&使用迅雷下载]
  <C:\Program Files\Thunder\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <C:\Program Files\Thunder\Program\GetAllUrl.htm, N/A>
[上传到QQ网络硬盘]
  <E:\QQ\AddToNetDisk.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
  <E:\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <E:\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <E:\QQ\SendMMS.htm, N/A>

注册表:
<thfedgf><C:\Program Files\Uninstall Information\thfedgf.exe> []
启动里删除
ykdkgj]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\ykdkgj.lnk --> C:\PROGRA~1\Fastcopy\ykdkgjg.exe [N/A]><N>

服务删除:
[error monitor / EmonSrv][Running/Auto Start]
<C:\WINDOWS\system32\lfrmewrk.exe><N/A>
驱动删除:
[usb8028 / usb8028][Stopped/]
<2 - 系统找不到指定的文件。
><N/A>
[usb8028x / usb8028x][Stopped/]
<2 - 系统找不到指定的文件。
><N/A>
貌似不完全的日志,我只找到这些,希望高手补充和修改

正在运行的进程这部分呢？