启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
    <dianlei><; "G:\Dianlei\dianlei.exe" -Tray>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <BigDog303><C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)>  [N/A]
    <vmware-tray><G:\虚拟机\vmware-tray.exe>  [(Verified)"VMware, Inc."]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]

==================================
启动文件夹
N/A

==================================
服务
[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Maya 7.0 Documentation Server / maya70docserver][Stopped/Auto Start]
  <E:\MAYA7.0\docs\wrapper.exe -s E:\MAYA7.0\docs\Wrapper.conf><N/A>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Rising Proxy  Service / RfwProxySrv][Stopped/Manual Start]
  <d:\防火墙\rising\rfw\rfwproxy.exe><N/A>
[Rising Personal Firewall Service / RfwService][Stopped/Auto Start]
  <d:\防火墙\rising\rfw\rfwsrv.exe><N/A>
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
  <"D:\防毒\RISING\RISING\RAV\Ravmond.exe"><N/A>
[VMware Agent Service / ufad-ws60][Stopped/Manual Start]
  <G:\虚拟机\vmware-ufad.exe -d "G:\虚拟机\\" -s ufad-p2v.xml><VMware, Inc.>
[VMware Authorization Service / VMAuthdService][Running/Auto Start]
  <G:\虚拟机\vmware-authd.exe><VMware, Inc.>
[VMware DHCP Service / VMnetDHCP][Running/Auto Start]
  <C:\WINDOWS\system32\vmnetdhcp.exe><VMware, Inc.>
[VMware Virtual Mount Manager Extended / vmount2][Running/Auto Start]
  <"C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe"><VMware, Inc.>
[VMware NAT Service / VMware NAT Service][Running/Auto Start]
  <C:\WINDOWS\system32\vmnat.exe><VMware, Inc.>

==================================
驱动程序
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[Ctrl2cap / Ctrl2cap][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\Ctrl2cap.sys><N/A>
[EagleNT / EagleNT][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\EagleNT.sys><N/A>
[ExpScaner / ExpScaner][Running/Auto Start]
  <\??\D:\防毒\RISING\RISING\RAV\ExpScan.sys><N/A>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[VMware hcmon / hcmon][Running/Auto Start]
  <\??\C:\WINDOWS\system32\Drivers\hcmon.sys><VMware, Inc.>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[HookCont / HookCont][Running/Auto Start]
  <\??\D:\防毒\RISING\RISING\RAV\HOOKCONT.sys><N/A>
[HookReg / HookReg][Running/Auto Start]
  <\??\D:\防毒\RISING\RISING\RAV\HookReg.sys><N/A>
[HookSys / HookSys][Running/Auto Start]
  <\??\D:\防毒\RISING\RISING\RAV\HookSys.sys><N/A>
[HookUrl / HookUrl][Stopped/Auto Start]
  <\??\D:\防火墙\Rising\Rfw\HookUrl.sys><N/A>
[MEMSCAN / MEMSCAN][Running/Auto Start]
  <\??\D:\防毒\RISING\RISING\RAV\MEMSCAN.sys><N/A>
[mProcRs / mProcRs][Stopped/Auto Start]
  <\??\d:\防火墙\rising\rfw\mProcRs.sys><N/A>
[ATK0110 ACPI UTILITY / MTsensor][Running/Manual Start]
  <system32\DRIVERS\ASACPI.sys><>
[NetGroup Packet Filter Driver / NPF][Stopped/Manual Start]
  <system32\drivers\npf.sys><NetGroup - Politecnico di Torino>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\F:\冒险岛\npkcrypt.sys><INCA Internet Co., Ltd.>
[npkycryp / npkycryp][Stopped/Manual Start]
  <\??\C:\Program Files\QQ2006\npkycryp.sys><N/A>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[nvata / nvata][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\nvata.sys><NVIDIA Corporation>
[NVIDIA nForce Networking Controller Driver / NVENETFD][Running/Manual Start]
  <system32\DRIVERS\NVENETFD.sys><NVIDIA Corporation>
[NVIDIA Network Bus Enumerator / nvnetbus][Running/Manual Start]
  <system32\DRIVERS\nvnetbus.sys><NVIDIA Corporation>
[p2pfilter / p2pfilter][Stopped/Manual Start]
  <\??\D:\P2P\p2pfilter.sys><N/A>
[PnpWmkDrv / PnpWmkDrv][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\PnpWmkDrv.sys><N/A>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\PxHelp20.sys><Sonic Solutions>
[RsFwDrv / RsFwDrv][Stopped/Auto Start]
  <\??\D:\防火墙\Rising\Rfw\RsFwDrv.sys><N/A>
[RSPPSYS / RSPPSYS][Running/Auto Start]
  <\??\D:\防毒\RISING\RISING\RAV\RSPPSYS.sys><N/A>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[SenFilt Service / SenFiltService][Stopped/Manual Start]
  <system32\drivers\Senfilt.sys><Sensaura>
[Sentinel / Sentinel][Running/Auto Start]
  <\SystemRoot\System32\Drivers\SENTINEL.SYS><Rainbow Technologies, Inc.>
[Rainbow USB SuperPro / Sntnlusb][Stopped/Manual Start]
  <system32\DRIVERS\SNTNLUSB.SYS><Rainbow Technologies Inc.>
[vmfilter303 / vmfilter303][Stopped/Manual Start]
  <system32\drivers\vmfilter303.sys><Vimicro Corporation>
[VMware kbd / vmkbd][Running/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\VMkbd.sys><VMware, Inc.>
[VMware Virtual Ethernet Adapter Driver / VMnetAdapter][Running/Manual Start]
  <system32\DRIVERS\vmnetadapter.sys><VMware, Inc.>
[VMware Bridge Protocol / VMnetBridge][Running/Auto Start]
  <system32\DRIVERS\vmnetbridge.sys><VMware, Inc.>
[VMware Network Application Interface / VMnetuserif][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\vmnetuserif.sys><VMware, Inc.>
[VMware VMparport / VMparport][Running/Auto Start]
  <\??\C:\WINDOWS\system32\Drivers\VMparport.sys><VMware, Inc.>
[VMware vmx86 / vmx86][Running/Auto Start]
  <\??\C:\WINDOWS\system32\Drivers\vmx86.sys><VMware, Inc.>
[Vstor2 Virtual Storage Driver / vstor2][Running/Auto Start]
  <\??\C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys><VMware, Inc.>
[Vstor2 WS60 Virtual Storage Driver / vstor2-ws60][Running/Auto Start]
  <\??\G:\虚拟机\vstor2-ws60.sys><VMware, Inc.>
[DVC USB PC Camera (Vimicro301 Neptune) / ZSMC303][Stopped/Manual Start]
  <System32\Drivers\usbVM303.sys><Vimicro Corporation>

浏览器加载项
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <D:\应用软件\迅雷\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[IeHelper Class]
  {0D42E1BD-09DD-4873-A826-9C7E793EB7B6} <D:\应用软件\迅雷\Components\ResWorker\DSIeHelper.dll, Thunder Networking Technologies,LTD>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\应用软件\迅雷\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <D:\应用软件\迅雷\Thunder.exe, Thunder Networking Technologies,LTD>
[浩方对战平台]
  {0A155D3C-68E2-4215-A47A-E800A446447A} <F:\浩方\浩方对战平台\GameClient.exe, 上海浩方在线信息技术有限公司>
[趋势科技在线扫毒程序]
  {74D05D43-3236-11D4-BDCD-00C04F9A3B61} <C:\WINDOWS\DOWNLO~1\xscan53.ocx, Trend Micro Inc.>
[Rising Web Scan Object]
  {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <C:\WINDOWS\Downloaded Program Files\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <D:\应用软件\迅雷\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[IeHelper Class]
  {0D42E1BD-09DD-4873-A826-9C7E793EB7B6} <D:\应用软件\迅雷\Components\ResWorker\DSIeHelper.dll, Thunder Networking Technologies,LTD>
[PeerDraw Class]
  {10072CEC-8CC1-11D1-986E-00A0C955B42E} <C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll, Microsoft Corporation>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\Mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[趋势科技在线扫毒程序]
  {74D05D43-3236-11D4-BDCD-00C04F9A3B61} <C:\WINDOWS\DOWNLO~1\xscan53.ocx, Trend Micro Inc.>
[Microsoft Forms 2.0 SpinButton]
  {79176FB0-B7F2-11CE-97EF-00AA006D2776} <C:\WINDOWS\system32\FM20.DLL, Microsoft Corporation>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\应用软件\迅雷\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[WebVGPlayer Class]
  {AA899B43-24BD-4B6B-BBD0-45557D8D11E0} <C:\PROGRA~1\VIEWGOOD\WEBPLA~1\VGPlayer.dll, >
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\Mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[Rising Web Scan Object]
  {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <C:\WINDOWS\Downloaded Program Files\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[上传到QQ网络硬盘]
  <E:\QQ\AddToNetDisk.htm, N/A>
[使用迅雷下载]
  <D:\应用软件\迅雷\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <D:\应用软件\迅雷\Program\getallurl.htm, N/A>
[添加到QQ自定义面板]
  <E:\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <E:\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <E:\QQ\SendMMS.htm, N/A>

==================================

正在运行的进程
[PID: 764][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 812][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 836][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 880][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 892][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1060][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1120][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1544][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1748][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1868][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 268][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 480][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\nvcpl.dll]  [NVIDIA Corporation, 6.14.10.8421]
    [C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.8421]
    [C:\WINDOWS\system32\nvshell.dll]  [, ]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [D:\应用软件\迅雷\Components\ResWorker\DSIeHelper.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 2]
    [D:\应用软件\迅雷\Components\ResWorker\DataProcessor.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 1]
    [D:\应用软件\迅雷\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 2, 17]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
    [C:\WINDOWS\system32\Audiodev.dll]  [Microsoft Corporation, 5.2.3802.3802 built by: dnsrv(bld4act)]
[PID: 392][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 780][C:\WINDOWS\VM303_STI.EXE]  [Vimicro, 3, 6, 227, 13]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
[PID: 800][G:\虚拟机\vmware-tray.exe]  [VMware, Inc., 6.0.0 build-44426]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [G:\虚拟机\vmwarebase.DLL]  [VMware, Inc., 6.0.0 build-44426]
    [G:\虚拟机\vmcryptolib.DLL]  [VMware, Inc., 6.0.0 build-43577]
    [G:\虚拟机\libxml2.dll]  [N/A, ]
    [G:\虚拟机\iconv.dll]  [Free Software Foundation, 1.9]
    [G:\虚拟机\zlib1.dll]  [, 1.2.3]
    [G:\虚拟机\vmcuiutil.dll]  [VMware, Inc., 6.0.0 build-44426]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [G:\虚拟机\sigc-2.0.dll]  [The libsigc++ development team (see AUTHORS), 2.0.17]
    [G:\虚拟机\libeay32.dll]  [Eric Young, The OpenSSL Project, VMware Inc., OpenSSL 0.9.7l (VMware build 100)]
    [G:\虚拟机\ssleay32.dll]  [Eric Young, The OpenSSL Project, VMware Inc., OpenSSL 0.9.7l (VMware build 100)]
    [G:\虚拟机\vmnetMgr.dll]  [VMware, Inc., 6.0.0 build-44426]
    [G:\虚拟机\VNETLIB.dll]  [VMware, Inc., 6.0.0 build-44426]
[PID: 956][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 376][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [C:\WINDOWS\system32\xpsp3res.dll]  [Microsoft Corporation, 5.1.2600.3100 (xpsp_sp2_gdr.070309-0025)]
    [C:\WINDOWS\system32\Audiodev.dll]  [Microsoft Corporation, 5.2.3802.3802 built by: dnsrv(bld4act)]
    [C:\WINDOWS\DOWNLO~1\xscan53.ocx]  [Trend Micro Inc., 5, 70, 0, 1079]
    [C:\WINDOWS\TmUpdate.dll]  [Trend Micro Inc., 1,81,0,1011]
    [D:\应用软件\迅雷\Components\ResWorker\DSIeHelper.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 2]
    [D:\应用软件\迅雷\Components\ResWorker\DataProcessor.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 1]
    [D:\应用软件\迅雷\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 2, 17]
    [D:\应用软件\迅雷\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.0.4]
    [C:\WINDOWS\Downloaded Program Files\OL2005.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 7]
    [C:\WINDOWS\Downloaded Program Files\OLUpdate.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 1]
    [C:\Program Files\Rising\RavWeb\CopyRun\Update.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 35]
[PID: 1676][D:\应用软件\迅雷\Program\Thunder5.exe]  [Thunder Networking Technologies,LTD, 5, 6, 1, 292]
    [D:\应用软件\迅雷\Program\TaskManager.dll]  [Thunder Networking Technologies,LTD, 1, 1, 0, 20]
    [D:\应用软件\迅雷\Program\download_interface.dll]  [Thunder Networking Technologies,LTD, 2, 14, 2, 77]
    [D:\应用软件\迅雷\Program\stlport_vc646.dll]  [STLport Consulting, Inc., 4.6.2003.1031]
    [D:\应用软件\迅雷\Program\asyn_dns.dll]  [Thunder Networking Technologies,LTD, 2, 14, 2, 77]
    [D:\应用软件\迅雷\Program\iTargetAD.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 26]
    [D:\应用软件\迅雷\Program\BHOStub.dll]  [Thunder Networking Technologies,LTD, 1, 1, 0, 8]
    [D:\应用软件\迅雷\Components\DownAndPlay\DownAndPlay.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [D:\应用软件\迅雷\Components\InMedia\iEmbedShell.dll]  [　, 1, 0, 0, 17]
    [D:\应用软件\迅雷\Components\InMedia\iEmbed09.dll]  [　, 3, 3, 0, 80]
    [D:\应用软件\迅雷\Components\Community\XLCommunity.dll]  [Thunder Networking Technologies,LTD, 1, 0, 6, 26]
    [D:\应用软件\迅雷\Program\RegisterDll.dll]  [Thunder Networking Technologies,LTD, 2, 13, 2, 61]
    [D:\应用软件\迅雷\Program\LiveUpdate.dll]  [Thunder Networking Technologies,LTD, 1, 1, 1, 20]
    [D:\应用软件\迅雷\Components\Search\XLSearch.dll]  [Thunder Networking Technologies,LTD, 1, 1, 1, 10]
    [D:\应用软件\迅雷\Components\P4PClient\P4PClient.dll]  [Thunder Networking Technologies,LTD, 2, 2, 0, 39]
    [D:\应用软件\迅雷\Plugins\BhoAdv\bho_adv.dll]  [深圳市迅雷网络技术有限公司, 1.0.1.0]
    [D:\应用软件\迅雷\Components\DiagnoseHelper\DiagnoseHelper.dll]  [Thunder Networking Technologies,LTD, 1, 1, 1, 16]
    [D:\应用软件\迅雷\Components\ExplorerHelper\ExplorerHelper.dll]  [Thunder Networking Technologies,LTD, 1, 0, 4, 15]
    [D:\应用软件\迅雷\ComDlls\ThunderAgent_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 2, 17]
    [D:\应用软件\迅雷\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 2, 17]
    [D:\应用软件\迅雷\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.0.4]
    [D:\应用软件\迅雷\Components\Tips\TipsClient.dll]  [Thunder Networking Technologies,LTD, 2, 1, 3, 58]
    [D:\应用软件\迅雷\Components\VPSHELL\VPSHELL.dll]  [XunLei, 1, 2, 0, 8]
    [D:\应用软件\迅雷\Components\VPSHELL\VideoPicture.dll]  [XunLei, 1, 2, 0, 9]
    [D:\应用软件\迅雷\Components\UserExperience\UserExperience.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 1]
    [D:\应用软件\迅雷\Components\ResWorker\DsXlCom.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 4]
    [D:\应用软件\迅雷\Components\ResWorker\DataProcessor.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 1]
    [D:\应用软件\迅雷\Program\XLNet.Dll]  [Thunder Networking Technologies,LTD, 1, 2, 0, 8]
    [D:\应用软件\迅雷\Components\ResWorker\MediaWorker.dll]  [Thunder Networking Technologies,LTD, 1, 2, 0, 8]
    [F:\--3=2-4=2-5==1142;4;3;2q4414''1;;1''341'41===6--(!@&@&&#&^@^!&!((!((!(!@@(@!!!!.com]  [Smallfrogs Studio, 2.4.12.806]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost
0.0.0.0 182838.com
0.0.0.0 204.177.92.68
0.0.0.0 asiafriendfinder.com
0.0.0.0 asqin123.51.net
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 music.v111.com
0.0.0.0 www.jpbeauty.com
0.0.0.0 beautishow.com
0.0.0.0 goodmovies88.com
0.0.0.0 hothack.home.chinaren.com
0.0.0.0 hualiao.net
0.0.0.0 iplus.allyes.com
0.0.0.0 jjkafei.longcity.net
0.0.0.0 kaomm.8m.cn
0.0.0.0 l3iaoliao.com
0.0.0.0 lingaonbvm.myrice.com
0.0.0.0 lovejava.boy.net.cn
0.0.0.0 love7liao.com
0.0.0.0 asqin123.51.net
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 jjkafei.longcity.net
0.0.0.0 kaomm.8m.cn
0.0.0.0 l3iaoliao.com
0.0.0.0 l3iaoliao.com
0.0.0.0 lingaonbvm.myrice.com
0.0.0.0 lovejava.boy.net.cn
0.0.0.0 love7liao.com
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 music.v111.com
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 jjkafei.longcity.net
0.0.0.0 kaomm.8m.cn
0.0.0.0 l3iaoliao.com
0.0.0.0 l3iaoliao.com
0.0.0.0 lingaonbvm.myrice.com
0.0.0.0 lovejava.boy.net.cn
0.0.0.0 love7liao.com
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 music.v111.com

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]

[Ctrl2cap / Ctrl2cap][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\drivers\Ctrl2cap.sys><N/A>
[EagleNT / EagleNT][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\drivers\EagleNT.sys><N/A>
这两个看不懂,不知道是啥...

先用SR#ENG修复HOST文件
其他的我实在是看不出来有啥问题,不好意思

清理下HOSTS 文件,保留127.0.0.1 localhost
删除下面的:
0.0.0.0 182838.com
0.0.0.0 204.177.92.68
0.0.0.0 asiafriendfinder.com
0.0.0.0 asqin123.51.net
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 music.v111.com
0.0.0.0 www.jpbeauty.com
0.0.0.0 beautishow.com
0.0.0.0 goodmovies88.com
0.0.0.0 hothack.home.chinaren.com
0.0.0.0 hualiao.net
0.0.0.0 iplus.allyes.com
0.0.0.0 jjkafei.longcity.net
0.0.0.0 kaomm.8m.cn
0.0.0.0 l3iaoliao.com
0.0.0.0 lingaonbvm.myrice.com
0.0.0.0 lovejava.boy.net.cn
0.0.0.0 love7liao.com
0.0.0.0 asqin123.51.net
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 jjkafei.longcity.net
0.0.0.0 kaomm.8m.cn
0.0.0.0 l3iaoliao.com
0.0.0.0 l3iaoliao.com
0.0.0.0 lingaonbvm.myrice.com
0.0.0.0 lovejava.boy.net.cn
0.0.0.0 love7liao.com
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 music.v111.com
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 jjkafei.longcity.net
0.0.0.0 kaomm.8m.cn
0.0.0.0 l3iaoliao.com
0.0.0.0 l3iaoliao.com
0.0.0.0 lingaonbvm.myrice.com
0.0.0.0 lovejava.boy.net.cn
0.0.0.0 love7liao.com
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 music.v111.com

【回复“桃子CiCi”的帖子】
那两个驱动项好像没问题....

驱动项不比启动项,不认识的,不能乱删的...删了就回不来了..



楼主说下什么问题?

刚才用趋势网上查毒查下了。。
    解图发在1楼那``
    和杀毒有关的几乎都被关了。`
其他倒没什么。`。就是看着病毒烦啊。。