刚开机就跳出来CMD的对话筐  不停的跳网页 大部分程序用行不了  任务管理器大不开  自动关机  一直跳对话筐 自动关闭对话筐 自动下载东西  进程里有数百个乱码的进程 

都不知道怎么办好  帮帮忙  太恐怖了


SREn不能 用

http://bbs.ikaka.com/showtopic.aspx?topicid=8442813&page=5的41楼的工具！

病毒还没启动时才能用你上面哪个程序  还好程序运行快




未知家族病毒分析
扫描结果:
无可疑文件


系统活动进程
C:\WINDOWS\SYSTEM32\SMSS.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
C:\WINDOWS\SYSTEM32\ATI2EVXX.DLL
C:\WINDOWS\SYSTEM32\WGALOGON.DLL
C:\WINDOWS\SYSTEM32\MSACM32.DRV

C:\WINDOWS\SYSTEM32\SERVICES.EXE
C:\WINDOWS\SYSTEM32\LSASS.EXE
C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
C:\WINDOWS\SYSTEM32\ATI2EDXX.DLL
C:\WINDOWS\SYSTEM32\ATIPDLXX.DLL

C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\IMON.DLL
C:\PROGRAM FILES\ESET\PR_IMON.DLL

C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\IMON.DLL
C:\PROGRAM FILES\ESET\PR_IMON.DLL

C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
C:\WINDOWS\SYSTEM32\ATI2EDXX.DLL
C:\WINDOWS\SYSTEM32\ATIPDLXX.DLL
C:\WINDOWS\SYSTEM32\ATI2EVXX.DLL

C:\WINDOWS\SYSTEM32\USERINIT.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM32\MSACM32.DRV

C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\1234.EXE

普通自启动项

系统文件关联
.exe ==> exefile = "%1" %*
.com ==> comfile = "%1" %*
.cmd ==> cmdfile = "%1" %*
.bat ==> batfile = "%1" %*
.txt ==> txtfile = C:\WINDOWS\notepad.exe %1
.scr ==> scrfile = "%1" /S
.reg ==> regfile = regedit.exe "%1"
.doc ==> WordPad.Document.1 = "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1"

其它启动项
WIN.INI
无信息

SYSTEM.INI
SHELL = Explorer.exe
SCRNSAVE.EXE = C:\WINDOWS\system32\aurora.scr


Winlogon 启动项
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
AtiExtEvent = ATI2EVXX.DLL
crypt32chain = CRYPT32.DLL
cryptnet = CRYPTNET.DLL
cscdll = CSCDLL.DLL
ScCertProp = WLNOTIFY.DLL
Schedule = WLNOTIFY.DLL
sclgntfy = SCLGNTFY.DLL
SensLogn = WLNOTIFY.DLL
termsrv = WLNOTIFY.DLL
WgaLogon = WGALOGON.DLL
wlballoon = WLNOTIFY.DLL

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Userinit = C:\WINDOWS\SYSTEM32\USERINIT.EXE,
shell = EXPLORER.EXE


IE - BHO
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
{00000000-12C9-4305-82F9-43058F20E8D2} = C:\Program Files\Tencent\QQDownload\QQIEHelper01.dll
{01443AEC-0FD1-40fd-9C87-E93D1494C233} = C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll
{3049C3E9-B461-4BC5-8870-4C09146192CA} = C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
{889D2FEB-5411-4565-8998-1DD2C5261283} = C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll
{B69F34DD-F0F9-42DC-9EDD-957187DA688D} = C:\Program Files\360safe\safemon\safemon.dll
{E5A1691B-D188-4419-AD02-90002030B8EE} = C:\PROGRA~1\FlashFXP\IEFlash.dll


Winsock SPI
NOD32 protected [MSAFD Tcpip [TCP/IP]] = C:\WINDOWS\SYSTEM32\IMON.DLL
NOD32 protected [MSAFD Tcpip [UDP/IP]] = C:\WINDOWS\SYSTEM32\IMON.DLL
NOD32 protected [MSAFD Tcpip [RAW/IP]] = C:\WINDOWS\SYSTEM32\IMON.DLL
NOD32 protected [RSVP UDP Service Provider] = C:\WINDOWS\SYSTEM32\IMON.DLL
NOD32 protected [RSVP TCP Service Provider] = C:\WINDOWS\SYSTEM32\IMON.DLL
MSAFD Tcpip [TCP/IP] = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD Tcpip [UDP/IP] = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD Tcpip [RAW/IP] = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
RSVP UDP Service Provider = C:\WINDOWS\SYSTEM32\RSVPSP.DLL
RSVP TCP Service Provider = C:\WINDOWS\SYSTEM32\RSVPSP.DLL
NOD32 = C:\WINDOWS\SYSTEM32\IMON.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{AC69FF0E-D54C-467B-A05B-6D40F8BB1550}] SEQPACKET 5 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{AC69FF0E-D54C-467B-A05B-6D40F8BB1550}] DATAGRAM 5 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{66EF0B2E-BB24-4850-96B5-2A91776527A3}] SEQPACKET 0 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{66EF0B2E-BB24-4850-96B5-2A91776527A3}] DATAGRAM 0 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{062F929F-6F28-4E13-A4E8-B83021660110}] SEQPACKET 1 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{062F929F-6F28-4E13-A4E8-B83021660110}] DATAGRAM 1 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{241D4D37-C0F1-4584-B1BD-87EED6D0F1FC}] SEQPACKET 2 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{241D4D37-C0F1-4584-B1BD-87EED6D0F1FC}] DATAGRAM 2 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{99B4C189-4FB8-4511-8424-BA511927880C}] SEQPACKET 3 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{99B4C189-4FB8-4511-8424-BA511927880C}] DATAGRAM 3 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{5BFB67D3-CD47-4B5B-8226-5F5E3246DC2D}] SEQPACKET 4 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{5BFB67D3-CD47-4B5B-8226-5F5E3246DC2D}] DATAGRAM 4 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL

系统服务项
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
03TV2 = C:\WINDOWS\03TV2.EXE -C4ESO47MY1F
07J94V0UONKH = C:\WINDOWS\07J94V0UONKH.EXE -PNFT41
0BQQR6J5OUI = C:\WINDOWS\0BQQR6J5OUI.EXE -4A2W4UMK2JA0
0OVWSWE = C:\WINDOWS\SYSTEM32\0OVWSWE.EXE -BVUM5D5SRS2P
1NIOK = C:\WINDOWS\1NIOK.EXE -VPXP8
1P8TR0ISQEWJ = C:\WINDOWS\SYSTEM32\1P8TR0ISQEWJ.EXE -5GZMLWD2
1YB767L3TYB = C:\WINDOWS\1YB767L3TYB.EXE -S15HZD0
2ALHNBPX = C:\WINDOWS\2ALHNBPX.EXE -W71LCUPU8TK2
3M123XPH19 = C:\WINDOWS\SYSTEM32\3M123XPH19.EXE -6Z744H24
409XEUZUBV9 = C:\WINDOWS\SYSTEM32\409XEUZUBV9.EXE -UUDEF
40B3W6 = C:\WINDOWS\40B3W6.EXE -I91B36GCZ8
48SH2RD = C:\WINDOWS\SYSTEM32\48SH2RD.EXE -AYKJ82
4ASLYQ = C:\WINDOWS\4ASLYQ.EXE -V0QBUF93KP2
4JMJ0HG15 = C:\WINDOWS\4JMJ0HG15.EXE -NZVEXA
4LQPGL0IRA89 = C:\WINDOWS\SYSTEM32\4LQPGL0IRA89.EXE -NVUAPHADL
50R72 = C:\WINDOWS\SYSTEM32\50R72.EXE -265XXDH8
56XJJYNH8P31 = C:\WINDOWS\SYSTEM32\56XJJYNH8P31.EXE -7ZHD9L4
5BKJ03 = C:\WINDOWS\5BKJ03.EXE -LP3QNEO3S
5HT8IQQB1JF = C:\WINDOWS\5HT8IQQB1JF.EXE -YRBDUAYN6
5WFCPU76H6Q2 = C:\WINDOWS\SYSTEM32\5WFCPU76H6Q2.EXE -IL9B7GH6B
6OOCECELAA5 = C:\WINDOWS\SYSTEM32\6OOCECELAA5.EXE -O4Z1DD2X0MBE
6QLXXK9CY1E = C:\WINDOWS\6QLXXK9CY1E.EXE -D7GKPZ5I9K
6YRDEZP1NTZ = C:\WINDOWS\6YRDEZP1NTZ.EXE -5HXXSY0LEE
76UEDINM = C:\WINDOWS\76UEDINM.EXE -QP73QP
7BTG94UHJP1W = C:\WINDOWS\7BTG94UHJP1W.EXE -SYX2VP0P
7K6NXM7HK1K = C:\WINDOWS\SYSTEM32\7K6NXM7HK1K.EXE -CR5U5
7M5J9X3UB = C:\WINDOWS\SYSTEM32\7M5J9X3UB.EXE -Y2WD2NPOEMVF
7TXJH28 = C:\WINDOWS\SYSTEM32\7TXJH28.EXE -91EGV
89NXI = C:\WINDOWS\SYSTEM32\89NXI.EXE -MEUKB7U6EORD
8G3390CGAKD9 = C:\WINDOWS\8G3390CGAKD9.EXE -8VFPHR8PF
8X0PSV1 = C:\WINDOWS\8X0PSV1.EXE -M98FFY
9TINC = C:\WINDOWS\9TINC.EXE -K633R5RN
Alerter = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE
ALG = C:\WINDOWS\SYSTEM32\ALG.EXE
AppMgmt = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
Ati HotKey Poller = C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
AudioSrv = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
BCSG5DQ2 = C:\WINDOWS\SYSTEM32\BCSG5DQ2.EXE -RARFF
BITS = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
Browser = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
BUU6XBO7J9I = C:\WINDOWS\BUU6XBO7J9I.EXE -DZTA12
BYYDH7AJ41 = C:\WINDOWS\BYYDH7AJ41.EXE -5SJBRH
C32OFK8 = C:\WINDOWS\C32OFK8.EXE -18OMWUK9
ccosm = C:\PROGRAM FILES\STORMII\STORMLIV.EXE /ASSERVICE
CDK1R7IL = C:\WINDOWS\CDK1R7IL.EXE -YSWA8CEYWC
CiSvc = C:\WINDOWS\SYSTEM32\CISVC.EXE
CIZ4WMGDC2JA = C:\WINDOWS\SYSTEM32\CIZ4WMGDC2JA.EXE -3JT0ZQB9UYOS
ClipSrv = C:\WINDOWS\SYSTEM32\CLIPSRV.EXE
COMSysApp = C:\WINDOWS\SYSTEM32\DLLHOST.EXE /PROCESSID:{02D4B3F1-FD88-11D1-960D-00805FC79235}
CryptSvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
D30C0L = C:\WINDOWS\SYSTEM32\D30C0L.EXE -K3LKII1J
D3WZXKT = C:\WINDOWS\D3WZXKT.EXE -9YJW0K3PU
DcomLaunch = C:\WINDOWS\SYSTEM32\SVCHOST -K DCOMLAUNCH
Dhcp = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
dmadmin = C:\WINDOWS\SYSTEM32\DMADMIN.EXE /COM
dmserver = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
Dnscache = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETWORKSERVICE
E1PCLSF4G3YE = C:\WINDOWS\E1PCLSF4G3YE.EXE -K97V97A7
E1RK4K = C:\WINDOWS\E1RK4K.EXE -VGIDSA2
EHBMJ3E = C:\WINDOWS\EHBMJ3E.EXE -45SQNBEGU3
EJBIXQXTR0EK = C:\WINDOWS\EJBIXQXTR0EK.EXE -4CMC9YPZRU9
EM41HNVBJKAX = C:\WINDOWS\EM41HNVBJKAX.EXE -VD7GOQSFKSG7
ERSvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
Eventlog = C:\WINDOWS\SYSTEM32\SERVICES.EXE
EventSystem = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
F5SP82E20 = C:\WINDOWS\SYSTEM32\F5SP82E20.EXE -ZOTN6O
FastUserSwitchingCompatibility = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
FTIHOCQSS1 = C:\WINDOWS\FTIHOCQSS1.EXE -42VQ25DUPTNE
GJ2AV = C:\WINDOWS\GJ2AV.EXE -GOXV7PTTWUZC
H93PAN6HB = C:\WINDOWS\H93PAN6HB.EXE -OKNHO0E6087C
helpsvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
HidServ = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
HTTPFilter = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K HTTPFILTER
ImapiService = C:\WINDOWS\SYSTEM32\IMAPI.EXE
IPN7QWA0F = C:\WINDOWS\IPN7QWA0F.EXE -PVAONIA
IQMDP = C:\WINDOWS\IQMDP.EXE -ZQX2FIWXVIQN
JA0MA4T = C:\WINDOWS\JA0MA4T.EXE -3V8M0KSV0
JNMZUO = C:\WINDOWS\JNMZUO.EXE -UKTV5LSTTY2
JS7AA = C:\WINDOWS\JS7AA.EXE -SY6HHNP
K0B9X3JTMB = C:\WINDOWS\SYSTEM32\K0B9X3JTMB.EXE -JWXTTUE
L04C8 = C:\WINDOWS\SYSTEM32\L04C8.EXE -98Z9A
lanmanserver = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
lanmanworkstation = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
LEB2QNZF2 = C:\WINDOWS\SYSTEM32\LEB2QNZF2.EXE -AX2150
LIEOW = C:\WINDOWS\LIEOW.EXE -Q8CU8
LmHosts = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE
LQ0UAE2CBDI = C:\WINDOWS\LQ0UAE2CBDI.EXE -MAVBZV7P
M4YY3L8P = C:\WINDOWS\SYSTEM32\M4YY3L8P.EXE -P78H6W6
Messenger = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
mnmsrvc = C:\WINDOWS\SYSTEM32\MNMSRVC.EXE
MSDTC = C:\WINDOWS\SYSTEM32\MSDTC.EXE
MSIServer = C:\WINDOWS\SYSTEM32\MSIEXEC.EXE /V
NetDDE = C:\WINDOWS\SYSTEM32\NETDDE.EXE
NetDDEdsdm = C:\WINDOWS\SYSTEM32\NETDDE.EXE
Netlogon = C:\WINDOWS\SYSTEM32\LSASS.EXE
Netman = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
Nla = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
NOD32krn = "C:\PROGRAM FILES\ESET\NOD32KRN.EXE"
NOYIT2OLLNW4 = C:\WINDOWS\NOYIT2OLLNW4.EXE -E5FSUDCA80V
NtLmSsp = C:\WINDOWS\SYSTEM32\LSASS.EXE
NtmsSvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
OOBS6EUG = C:\WINDOWS\SYSTEM32\OOBS6EUG.EXE -H4UAF3LGT3ED
OOQQAM = C:\WINDOWS\SYSTEM32\OOQQAM.EXE -S91898RPETN
P4P Service = C:\PROGRAM FILES\COMMON FILES\SOGOU PXP\P2PSVR.EXE
P9BIBNIBBEGP = C:\WINDOWS\P9BIBNIBBEGP.EXE -3XR6KX6M5
PBO7D19 = C:\WINDOWS\PBO7D19.EXE -GRWKHTG1
PlugPlay = C:\WINDOWS\SYSTEM32\SERVICES.EXE
PO1D8360RU2 = C:\WINDOWS\SYSTEM32\PO1D8360RU2.EXE -0Z883WL
PolicyAgent = C:\WINDOWS\SYSTEM32\LSASS.EXE
ProtectedStorage = C:\WINDOWS\SYSTEM32\LSASS.EXE
PWPXL2RS = C:\WINDOWS\PWPXL2RS.EXE -Y3KGA1QL95
QIBSDK11Q8Q = C:\WINDOWS\QIBSDK11Q8Q.EXE -00PNI
QXS5PP9BW284 = C:\WINDOWS\QXS5PP9BW284.EXE -PNB1J3Y73SAU
RasAuto = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
RasMan = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
RDSessMgr = C:\WINDOWS\SYSTEM32\SESSMGR.EXE
RemoteAccess = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
RemoteRegistry = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE
RNN7H6YL96 = C:\WINDOWS\RNN7H6YL96.EXE -MYZENS4W6SKT
RpcLocator = C:\WINDOWS\SYSTEM32\LOCATOR.EXE
RpcSs = C:\WINDOWS\SYSTEM32\SVCHOST -K RPCSS
RSVP = C:\WINDOWS\SYSTEM32\RSVP.EXE
RYOK66HGX = C:\WINDOWS\SYSTEM32\RYOK66HGX.EXE -D6MVM5
SamSs = C:\WINDOWS\SYSTEM32\LSASS.EXE
SCardSvr = C:\WINDOWS\SYSTEM32\SCARDSVR.EXE
Schedule = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
seclogon = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
SENS = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
SGCBPA44X = C:\WINDOWS\SGCBPA44X.EXE -47E6XL18HD
SharedAccess = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
ShellHWDetection = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
Spooler = C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
srservice = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
SSDPSRV = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE
stisvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K IMGSVC
SwPrv = C:\WINDOWS\SYSTEM32\DLLHOST.EXE /PROCESSID:{AE46E88E-DF39-40D6-8995-E4D74EC975B8}
SysmonLog = C:\WINDOWS\SYSTEM32\SMLOGSVC.EXE
T4BU891 = C:\WINDOWS\T4BU891.EXE -4QUIL4D
TapiSrv = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
TermService = C:\WINDOWS\SYSTEM32\SVCHOST -K DCOMLAUNCH
Themes = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
TIYLVX7UA = C:\WINDOWS\TIYLVX7UA.EXE -KIEHI5
TlntSvr = C:\WINDOWS\SYSTEM32\TLNTSVR.EXE
TrkWks = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
U3I80YV751 = C:\WINDOWS\U3I80YV751.EXE -WWPDPQIF
UMWdf = C:\WINDOWS\SYSTEM32\WDFMGR.EXE
UODCYJ = C:\WINDOWS\UODCYJ.EXE -7G6QD4AIJN
upnphost = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE
UPS = C:\WINDOWS\SYSTEM32\UPS.EXE
VAK8W = C:\WINDOWS\VAK8W.EXE -AX76A2Z
VAMUWBCBS8 = C:\WINDOWS\SYSTEM32\VAMUWBCBS8.EXE -GK87ZF7TC
VNOF8MCFTPL = C:\WINDOWS\VNOF8MCFTPL.EXE -CFEDG
VO5TV = C:\WINDOWS\VO5TV.EXE -WMW14KLO44B
VSS = C:\WINDOWS\SYSTEM32\VSSVC.EXE
W32Time = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
WebClient = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE
winmgmt = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
WmdmPmSN = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
Wmi = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
WmiApSrv = C:\WINDOWS\SYSTEM32\WBEM\WMIAPSRV.EXE
wscsvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
WT397ODPS5 = C:\WINDOWS\WT397ODPS5.EXE -X4XB0ZN16MS9
wuauserv = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
WUFGGR1J447G = C:\WINDOWS\WUFGGR1J447G.EXE -8JZ41C16
WZCSVC = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
X7KUFEOR = C:\WINDOWS\X7KUFEOR.EXE -92OQ5YDB
XDH7R = C:\WINDOWS\XDH7R.EXE -RWF7AZWKPQ8Y
xmlprov = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
XQVHU = C:\WINDOWS\XQVHU.EXE -RFUGICCM
YDYN9B4I = C:\WINDOWS\YDYN9B4I.EXE -GMJ2IZBPGJA
YQ5CJDAKC = C:\WINDOWS\SYSTEM32\YQ5CJDAKC.EXE -D9EUO
Z41O5ZI2 = C:\WINDOWS\SYSTEM32\Z41O5ZI2.EXE -1FHJ30TIAI


文件驱动
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
FltMgr = C:\WINDOWS\SYSTEM32\DRIVERS\FLTMGR.SYS
MRxDAV = C:\WINDOWS\SYSTEM32\DRIVERS\MRXDAV.SYS
MRxSmb = C:\WINDOWS\SYSTEM32\DRIVERS\MRXSMB.SYS
NetBIOS = C:\WINDOWS\SYSTEM32\DRIVERS\NETBIOS.SYS
Rdbss = C:\WINDOWS\SYSTEM32\DRIVERS\RDBSS.SYS
sr = C:\WINDOWS\SYSTEM32\DRIVERS\SR.SYS
Srv = C:\WINDOWS\SYSTEM32\DRIVERS\SRV.SYS


系统驱动项
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
2X4S1 = C:\WINDOWS\5FICEKYQN9R.TXT
569C0DA25K = C:\WINDOWS\BJPR21FNSY.TXT
ACPI = C:\WINDOWS\SYSTEM32\DRIVERS\ACPI.SYS
aec = C:\WINDOWS\SYSTEM32\DRIVERS\AEC.SYS
AFD = C:\WINDOWS\SYSTEM32\DRIVERS\AFD.SYS
ALCXWDM = C:\WINDOWS\SYSTEM32\DRIVERS\ALCXWDM.SYS
AMON = C:\WINDOWS\SYSTEM32\DRIVERS\AMON.SYS
AsyncMac = C:\WINDOWS\SYSTEM32\DRIVERS\ASYNCMAC.SYS
atapi = C:\WINDOWS\SYSTEM32\DRIVERS\ATAPI.SYS
ati2mtag = C:\WINDOWS\SYSTEM32\DRIVERS\ATI2MTAG.SYS
Atmarpc = C:\WINDOWS\SYSTEM32\DRIVERS\ATMARPC.SYS
audstub = C:\WINDOWS\SYSTEM32\DRIVERS\AUDSTUB.SYS
CCDECODE = C:\WINDOWS\SYSTEM32\DRIVERS\CCDECODE.SYS
Cdrom = C:\WINDOWS\SYSTEM32\DRIVERS\CDROM.SYS
Disk = C:\WINDOWS\SYSTEM32\DRIVERS\DISK.SYS
dmboot = C:\WINDOWS\SYSTEM32\DRIVERS\DMBOOT.SYS
dmio = C:\WINDOWS\SYSTEM32\DRIVERS\DMIO.SYS
dmload = C:\WINDOWS\SYSTEM32\DRIVERS\DMLOAD.SYS
DMusic = C:\WINDOWS\SYSTEM32\DRIVERS\DMUSIC.SYS
drmkaud = C:\WINDOWS\SYSTEM32\DRIVERS\DRMKAUD.SYS
Fdc = C:\WINDOWS\SYSTEM32\DRIVERS\FDC.SYS
Flpydisk = C:\WINDOWS\SYSTEM32\DRIVERS\FLPYDISK.SYS
FsVga = C:\WINDOWS\SYSTEM32\DRIVERS\FSVGA.SYS
Ftdisk = C:\WINDOWS\SYSTEM32\DRIVERS\FTDISK.SYS
Gpc = C:\WINDOWS\SYSTEM32\DRIVERS\MSGPC.SYS
HTTP = C:\WINDOWS\SYSTEM32\DRIVERS\HTTP.SYS
i8042prt = C:\WINDOWS\SYSTEM32\DRIVERS\I8042PRT.SYS
Imapi = C:\WINDOWS\SYSTEM32\DRIVERS\IMAPI.SYS
intelppm = C:\WINDOWS\SYSTEM32\DRIVERS\INTELPPM.SYS
Ip6Fw = C:\WINDOWS\SYSTEM32\DRIVERS\IP6FW.SYS
IpFilterDriver = C:\WINDOWS\SYSTEM32\DRIVERS\IPFLTDRV.SYS
IpInIp = C:\WINDOWS\SYSTEM32\DRIVERS\IPINIP.SYS
IpNat = C:\WINDOWS\SYSTEM32\DRIVERS\IPNAT.SYS
IPSec = C:\WINDOWS\SYSTEM32\DRIVERS\IPSEC.SYS
IRENUM = C:\WINDOWS\SYSTEM32\DRIVERS\IRENUM.SYS
isapnp = C:\WINDOWS\SYSTEM32\DRIVERS\ISAPNP.SYS
J08EDAE8 = C:\WINDOWS\DR9C3XW.TXT
Kbdclass = C:\WINDOWS\SYSTEM32\DRIVERS\KBDCLASS.SYS
kmixer = C:\WINDOWS\SYSTEM32\DRIVERS\KMIXER.SYS
LXFWBLL6F = C:\WINDOWS\7C35UI.TXT
LZ7CGFV8 = C:\WINDOWS\LY66LS01A4A.TXT
Mouclass = C:\WINDOWS\SYSTEM32\DRIVERS\MOUCLASS.SYS
MSKSSRV = C:\WINDOWS\SYSTEM32\DRIVERS\MSKSSRV.SYS
MSPCLOCK = C:\WINDOWS\SYSTEM32\DRIVERS\MSPCLOCK.SYS
MSPQM = C:\WINDOWS\SYSTEM32\DRIVERS\MSPQM.SYS
mssmbios = C:\WINDOWS\SYSTEM32\DRIVERS\MSSMBIOS.SYS
MSTEE = C:\WINDOWS\SYSTEM32\DRIVERS\MSTEE.SYS
NABTSFEC = C:\WINDOWS\SYSTEM32\DRIVERS\NABTSFEC.SYS
NdisIP = C:\WINDOWS\SYSTEM32\DRIVERS\NDISIP.SYS
NdisTapi = C:\WINDOWS\SYSTEM32\DRIVERS\NDISTAPI.SYS
Ndisuio = C:\WINDOWS\SYSTEM32\DRIVERS\NDISUIO.SYS
NdisWan = C:\WINDOWS\SYSTEM32\DRIVERS\NDISWAN.SYS
NESCU0FF4 = C:\WINDOWS\GKOVDOB4NPY.TXT
NetBT = C:\WINDOWS\SYSTEM32\DRIVERS\NETBT.SYS
nod32drv = C:\WINDOWS\SYSTEM32\DRIVERS\NOD32DRV.SYS
npkcrypt = C:\WINDOWS\SYSTEM32\NPKCRYPT.SYS
npkycryp = C:\WINDOWS\SYSTEM32\NPKYCRYP.SYS
NwlnkFlt = C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKFLT.SYS
NwlnkFwd = C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKFWD.SYS
O3XM4U8V9H9 = C:\WINDOWS\J3VNG26ANIEY.TXT
Parport = C:\WINDOWS\SYSTEM32\DRIVERS\PARPORT.SYS
PCI = C:\WINDOWS\SYSTEM32\DRIVERS\PCI.SYS
PCIIde = C:\WINDOWS\SYSTEM32\DRIVERS\PCIIDE.SYS
PptpMiniport = C:\WINDOWS\SYSTEM32\DRIVERS\RASPPTP.SYS
PSched = C:\WINDOWS\SYSTEM32\DRIVERS\PSCHED.SYS
Ptilink = C:\WINDOWS\SYSTEM32\DRIVERS\PTILINK.SYS
QT0P7I6OS9UW = C:\WINDOWS\KDN7V2VOBEH.TXT
RasAcd = C:\WINDOWS\SYSTEM32\DRIVERS\RASACD.SYS
Rasl2tp = C:\WINDOWS\SYSTEM32\DRIVERS\RASL2TP.SYS
RasPppoe = C:\WINDOWS\SYSTEM32\DRIVERS\RASPPPOE.SYS
Raspti = C:\WINDOWS\SYSTEM32\DRIVERS\RASPTI.SYS
RDPCDD = C:\WINDOWS\SYSTEM32\DRIVERS\RDPCDD.SYS
rdpdr = C:\WINDOWS\SYSTEM32\DRIVERS\RDPDR.SYS
redbook = C:\WINDOWS\SYSTEM32\DRIVERS\REDBOOK.SYS
rtl8139 = C:\WINDOWS\SYSTEM32\DRIVERS\RTL8139.SYS
Secdrv = C:\WINDOWS\SYSTEM32\DRIVERS\SECDRV.SYS
serenum = C:\WINDOWS\SYSTEM32\DRIVERS\SERENUM.SYS
Serial = C:\WINDOWS\SYSTEM32\DRIVERS\SERIAL.SYS
SLIP = C:\WINDOWS\SYSTEM32\DRIVERS\SLIP.SYS
splitter = C:\WINDOWS\SYSTEM32\DRIVERS\SPLITTER.SYS
streamip = C:\WINDOWS\SYSTEM32\DRIVERS\STREAMIP.SYS
swenum = C:\WINDOWS\SYSTEM32\DRIVERS\SWENUM.SYS
swmidi = C:\WINDOWS\SYSTEM32\DRIVERS\SWMIDI.SYS
sysaudio = C:\WINDOWS\SYSTEM32\DRIVERS\SYSAUDIO.SYS
Tcpip = C:\WINDOWS\SYSTEM32\DRIVERS\TCPIP.SYS
TermDD = C:\WINDOWS\SYSTEM32\DRIVERS\TERMDD.SYS
TesSafe = C:\WINDOWS\SYSTEM32\TESSAFE.SYS
Update = C:\WINDOWS\SYSTEM32\DRIVERS\UPDATE.SYS
usbehci = C:\WINDOWS\SYSTEM32\DRIVERS\USBEHCI.SYS
usbhub = C:\WINDOWS\SYSTEM32\DRIVERS\USBHUB.SYS
USBSTOR = C:\WINDOWS\SYSTEM32\DRIVERS\USBSTOR.SYS
usbuhci = C:\WINDOWS\SYSTEM32\DRIVERS\USBUHCI.SYS
V8ZDSBZH1 = C:\WINDOWS\O35KY.TXT
VgaSave = C:\WINDOWS\SYSTEM32\DRIVERS\VGA.SYS
Wanarp = C:\WINDOWS\SYSTEM32\DRIVERS\WANARP.SYS
wdmaud = C:\WINDOWS\SYSTEM32\DRIVERS\WDMAUD.SYS
WS2IFSL = C:\WINDOWS\SYSTEM32\DRIVERS\WS2IFSL.SYS
WSTCODEC = C:\WINDOWS\SYSTEM32\DRIVERS\WSTCODEC.SYS
Z9Y07EG3 = C:\WINDOWS\DH4PBOMQPM.TXT
ZSMC0305 = C:\WINDOWS\SYSTEM32\DRIVERS\USBVM305.SYS

病毒没启动你扫日志有什么用？？？？？？？

嘛都没看到。

病毒启动了 啥也打不开 你看 系统服务项  除基本启动项外 其他都是

系统服务项

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
03TV2 = C:\WINDOWS\03TV2.EXE -C4ESO47MY1F
07J94V0UONKH = C:\WINDOWS\07J94V0UONKH.EXE -PNFT41
0BQQR6J5OUI = C:\WINDOWS\0BQQR6J5OUI.EXE -4A2W4UMK2JA0
0OVWSWE = C:\WINDOWS\SYSTEM32\0OVWSWE.EXE -BVUM5D5SRS2P
1NIOK = C:\WINDOWS\1NIOK.EXE -VPXP8
1P8TR0ISQEWJ = C:\WINDOWS\SYSTEM32\1P8TR0ISQEWJ.EXE -5GZMLWD2
1YB767L3TYB = C:\WINDOWS\1YB767L3TYB.EXE -S15HZD0
2ALHNBPX = C:\WINDOWS\2ALHNBPX.EXE -W71LCUPU8TK2
3M123XPH19 = C:\WINDOWS\SYSTEM32\3M123XPH19.EXE -6Z744H24
409XEUZUBV9 = C:\WINDOWS\SYSTEM32\409XEUZUBV9.EXE -UUDEF
40B3W6 = C:\WINDOWS\40B3W6.EXE -I91B36GCZ8
48SH2RD = C:\WINDOWS\SYSTEM32\48SH2RD.EXE -AYKJ82
4ASLYQ = C:\WINDOWS\4ASLYQ.EXE -V0QBUF93KP2
4JMJ0HG15 = C:\WINDOWS\4JMJ0HG15.EXE -NZVEXA
4LQPGL0IRA89 = C:\WINDOWS\SYSTEM32\4LQPGL0IRA89.EXE -NVUAPHADL
50R72 = C:\WINDOWS\SYSTEM32\50R72.EXE -265XXDH8
56XJJYNH8P31 = C:\WINDOWS\SYSTEM32\56XJJYNH8P31.EXE -7ZHD9L4
5BKJ03 = C:\WINDOWS\5BKJ03.EXE -LP3QNEO3S
5HT8IQQB1JF = C:\WINDOWS\5HT8IQQB1JF.EXE -YRBDUAYN6
5WFCPU76H6Q2 = C:\WINDOWS\SYSTEM32\5WFCPU76H6Q2.EXE -IL9B7GH6B
6OOCECELAA5 = C:\WINDOWS\SYSTEM32\6OOCECELAA5.EXE -O4Z1DD2X0MBE
6QLXXK9CY1E = C:\WINDOWS\6QLXXK9CY1E.EXE -D7GKPZ5I9K
6YRDEZP1NTZ = C:\WINDOWS\6YRDEZP1NTZ.EXE -5HXXSY0LEE
76UEDINM = C:\WINDOWS\76UEDINM.EXE -QP73QP
7BTG94UHJP1W = C:\WINDOWS\7BTG94UHJP1W.EXE -SYX2VP0P
7K6NXM7HK1K = C:\WINDOWS\SYSTEM32\7K6NXM7HK1K.EXE -CR5U5
7M5J9X3UB = C:\WINDOWS\SYSTEM32\7M5J9X3UB.EXE -Y2WD2NPOEMVF
7TXJH28 = C:\WINDOWS\SYSTEM32\7TXJH28.EXE -91EGV
89NXI = C:\WINDOWS\SYSTEM32\89NXI.EXE -MEUKB7U6EORD
8G3390CGAKD9 = C:\WINDOWS\8G3390CGAKD9.EXE -8VFPHR8PF
8X0PSV1 = C:\WINDOWS\8X0PSV1.EXE -M98FFY
9TINC = C:\WINDOWS\9TINC.EXE -K633R5RN

BUU6XBO7J9I = C:\WINDOWS\BUU6XBO7J9I.EXE -DZTA12
BYYDH7AJ41 = C:\WINDOWS\BYYDH7AJ41.EXE -5SJBRH
C32OFK8 = C:\WINDOWS\C32OFK8.EXE -18OMWUK9

CDK1R7IL = C:\WINDOWS\CDK1R7IL.EXE -YSWA8CEYWC

CIZ4WMGDC2JA = C:\WINDOWS\SYSTEM32\CIZ4WMGDC2JA.EXE -3JT0ZQB9UYOS

E1PCLSF4G3YE = C:\WINDOWS\E1PCLSF4G3YE.EXE -K97V97A7
E1RK4K = C:\WINDOWS\E1RK4K.EXE -VGIDSA2
EHBMJ3E = C:\WINDOWS\EHBMJ3E.EXE -45SQNBEGU3
EJBIXQXTR0EK = C:\WINDOWS\EJBIXQXTR0EK.EXE -4CMC9YPZRU9
EM41HNVBJKAX = C:\WINDOWS\EM41HNVBJKAX.EXE -VD7GOQSFKSG7

F5SP82E20 = C:\WINDOWS\SYSTEM32\F5SP82E20.EXE -ZOTN6O

IPN7QWA0F = C:\WINDOWS\IPN7QWA0F.EXE -PVAONIA
IQMDP = C:\WINDOWS\IQMDP.EXE -ZQX2FIWXVIQN
JA0MA4T = C:\WINDOWS\JA0MA4T.EXE -3V8M0KSV0
JNMZUO = C:\WINDOWS\JNMZUO.EXE -UKTV5LSTTY2
JS7AA = C:\WINDOWS\JS7AA.EXE -SY6HHNP
K0B9X3JTMB = C:\WINDOWS\SYSTEM32\K0B9X3JTMB.EXE -JWXTTUE
L04C8 = C:\WINDOWS\SYSTEM32\L04C8.EXE -98Z9A

LQ0UAE2CBDI = C:\WINDOWS\LQ0UAE2CBDI.EXE -MAVBZV7P
M4YY3L8P = C:\WINDOWS\SYSTEM32\M4YY3L8P.EXE -P78H6W6
NOYIT2OLLNW4 = C:\WINDOWS\NOYIT2OLLNW4.EXE -E5FSUDCA80V
OOBS6EUG = C:\WINDOWS\SYSTEM32\OOBS6EUG.EXE -H4UAF3LGT3ED
OOQQAM = C:\WINDOWS\SYSTEM32\OOQQAM.EXE -S91898RPETN
P9BIBNIBBEGP = C:\WINDOWS\P9BIBNIBBEGP.EXE -3XR6KX6M5
PBO7D19 = C:\WINDOWS\PBO7D19.EXE -GRWKHTG1
PO1D8360RU2 = C:\WINDOWS\SYSTEM32\PO1D8360RU2.EXE -0Z883WL
PWPXL2RS = C:\WINDOWS\PWPXL2RS.EXE -Y3KGA1QL95
QIBSDK11Q8Q = C:\WINDOWS\QIBSDK11Q8Q.EXE -00PNI
QXS5PP9BW284 = C:\WINDOWS\QXS5PP9BW284.EXE -PNB1J3Y73SAU
RNN7H6YL96 = C:\WINDOWS\RNN7H6YL96.EXE -MYZENS4W6SKT
RpcLocator = C:\WINDOWS\SYSTEM32\LOCATOR.EXE

U3I80YV751 = C:\WINDOWS\U3I80YV751.EXE -WWPDPQIF
UODCYJ = C:\WINDOWS\UODCYJ.EXE -7G6QD4AIJN


实在看不下去了，这些好像都有问题，
断网，在安全模式下。
清理服务项，把没用的全删掉。

问题好像比较多，建议重装得了。

啊

没注意

又是那个假卡巴

没办法，不可改变的，所有其他分区的感染文件都只能放弃了

下载Dr.Web CureIt 到桌面,免安装的，直接启动全盘扫描
ftp://ftp.drweb.com/pub/drweb/cureit/cureit.exe
或
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe

有可能的话，试试安全模式下启动运行

安全模式进不去  我运行诊断模式 也加载
感谢CCTV 我终于用SREngLOG扫描出来了 谢谢 大哥 大姐们

[CODE]

2008-07-18,18:02:07

System Repair Engineer 2..4
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    <WinlogonNotify: WgaLogon><WgaLogon.dll>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\system32\aurora.scr>  [Axialis Software]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <bgswitch><; C:\WINDOWS\system32\bgswitch.exe>  []
    <ctfmon.exe><; C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
    <PPS Accelerator><; E:\PPStream\ppsap.exe>  [PPStream Inc]

==================================
启动文件夹
[0U4PQ]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\0U4PQ.BAT -->  [N/A]><N>
[0U4PQ]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\0U4PQ.lnk --> C:\WINDOWS\NQYT4O~1.EXE [Ms Company]><H>
[2FEEVXWD6NY]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\2FEEVXWD6NY.BAT -->  [N/A]><N>
[2FEEVXWD6NY]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\2FEEVXWD6NY.lnk --> C:\WINDOWS\XMMLUHI4.exe [Ms Company]><H>
[4OY5EO]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\4OY5EO.BAT -->  [N/A]><N>
[4OY5EO]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\4OY5EO.lnk --> C:\WINDOWS\9ICNZ2AF.exe [Ms Company]><H>
[4V3HPG5]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\4V3HPG5.lnk --> C:\WINDOWS\0BQQR6J5OUI.exe [N/A]><H>
[52WDGBM]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\52WDGBM.BAT -->  [N/A]><N>
[52WDGBM]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\52WDGBM.lnk --> C:\WINDOWS\L9SF8J.exe [Ms Company]><H>
[B0IMWW28R795]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\B0IMWW28R795.lnk --> C:\WINDOWS\4JMJ0HG15.exe [N/A]><H>
[BHZJ18L6Y]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\BHZJ18L6Y.lnk --> C:\WINDOWS\M6GRCH~1.EXE [Ms Company]><H>
[BIKW8FB]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\BIKW8FB.lnk --> C:\WINDOWS\40B3W6.exe [N/A]><H>
[BILWRI1N4F]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\BILWRI1N4F.lnk --> C:\WINDOWS\U3I80YV751.exe [N/A]><H>
[BP30A3D9]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\BP30A3D9.lnk --> C:\WINDOWS\IQMDP.exe [N/A]><H>
[C97Y63]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\C97Y63.BAT -->  [N/A]><N>
[C97Y63]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\C97Y63.lnk --> C:\WINDOWS\G209T.exe [Ms Company]><H>
[CU5ADZZIAE9]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\CU5ADZZIAE9.BAT -->  [N/A]><N>
[CU5ADZZIAE9]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\CU5ADZZIAE9.lnk --> C:\WINDOWS\UFEVYFS.exe [Ms Company]><H>
[DCXXHZUMW4U7]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\DCXXHZUMW4U7.lnk --> C:\WINDOWS\LQ0UAE2CBDI.exe [N/A]><H>
[DHSBV36XP]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\DHSBV36XP.lnk --> C:\WINDOWS\C32OFK8.exe [N/A]><H>
[DRFQ2DJKQH]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\DRFQ2DJKQH.BAT -->  [N/A]><N>
[DRFQ2DJKQH]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\DRFQ2DJKQH.lnk --> C:\WINDOWS\NSKVWM~1.EXE [Ms Company]><H>
[DT2CT]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\DT2CT.BAT -->  [N/A]><N>
[DT2CT]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\DT2CT.lnk --> C:\WINDOWS\HJAFMF~1.EXE [Ms Company]><H>
[E9AIT7F]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\E9AIT7F.lnk --> C:\WINDOWS\SGCBPA44X.exe [N/A]><H>
[FN383]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\FN383.lnk --> C:\WINDOWS\6QLXXK9CY1E.exe [N/A]><H>
[FS9RKH38ME]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\FS9RKH38ME.lnk --> C:\WINDOWS\H93PAN6HB.exe [N/A]><H>
[GYD1C]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\GYD1C.BAT -->  [N/A]><N>
[GYD1C]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\GYD1C.lnk --> C:\WINDOWS\W3XFIH~1.EXE [Ms Company]><H>
[HAKRIWJXCS4]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\HAKRIWJXCS4.lnk --> C:\WINDOWS\VAK8W.exe [N/A]><H>
[HGMGTXGNEFR]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\HGMGTXGNEFR.BAT -->  [N/A]><N>
[HGMGTXGNEFR]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\HGMGTXGNEFR.lnk --> C:\WINDOWS\PM3GOP.exe [Ms Company]><H>
[JGMJNVPTJJIU]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\JGMJNVPTJJIU.lnk --> C:\WINDOWS\E1RK4K.exe [N/A]><H>
[JP3CG]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\JP3CG.lnk --> C:\WINDOWS\P77W7.exe [Ms Company]><H>
[K9ZA2]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\K9ZA2.lnk --> C:\WINDOWS\JZQEIZ~1.EXE [Ms Company]><H>
[KJBYM]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\KJBYM.BAT -->  [N/A]><N>
[KJBYM]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\KJBYM.lnk --> C:\WINDOWS\RX29BR~1.EXE [Ms Company]><H>
[L5Z6ID]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\L5Z6ID.lnk --> C:\WINDOWS\T4BU891.exe [N/A]><H>
[L98Y2AP]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\L98Y2AP.lnk --> C:\WINDOWS\R5U0B96H.exe [Ms Company]><H>
[LOS5SNLGF]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\LOS5SNLGF.lnk --> C:\WINDOWS\E1PCLSF4G3YE.exe [N/A]><H>
[MXCKJBYMU]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\MXCKJBYMU.lnk --> C:\WINDOWS\X29BRJ.exe [N/A]><H>
[N1YBWGWXSP0]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\N1YBWGWXSP0.lnk --> C:\WINDOWS\WUFGGR1J447G.exe [N/A]><H>
[NK7FFA]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\NK7FFA.lnk --> C:\WINDOWS\1YB767L3TYB.exe [N/A]><H>
[O3JUI1UBH5Z]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\O3JUI1UBH5Z.lnk --> C:\WINDOWS\IPN7QWA0F.exe [N/A]><H>
[O67V9]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\O67V9.lnk --> C:\WINDOWS\2ALHNBPX.exe [N/A]><H>
[ON61HC39]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\ON61HC39.lnk --> C:\WINDOWS\4ASLYQ.exe [N/A]><H>
[OU41VN4DH2]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\OU41VN4DH2.lnk --> C:\WINDOWS\EM41HNVBJKAX.exe [N/A]><H>
[PM33CIZV5XZ]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\PM33CIZV5XZ.lnk --> C:\WINDOWS\5BKJ03.exe [N/A]><H>
[PQHC8]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\PQHC8.lnk --> C:\WINDOWS\LIEOW.exe [N/A]><H>
[QXF5VR]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\QXF5VR.lnk --> C:\WINDOWS\8X0PSV1.exe [N/A]><H>
[RD5ZXAFTAP6Y]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\RD5ZXAFTAP6Y.lnk --> C:\WINDOWS\JA0MA4T.exe [N/A]><H>
[RQ6EPEUOU10]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\RQ6EPEUOU10.BAT -->  [N/A]><N>
[RQ6EPEUOU10]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\RQ6EPEUOU10.lnk --> C:\WINDOWS\PL3H65~1.EXE [Ms Company]><H>
[S0XPSXNL8YEA]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\S0XPSXNL8YEA.lnk --> C:\WINDOWS\07J94V0UONKH.exe [N/A]><H>
[S1VY13L8ZLQ]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\S1VY13L8ZLQ.lnk --> C:\WINDOWS\5HT8IQQB1JF.exe [N/A]><H>
[SFQZS]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\SFQZS.lnk --> C:\WINDOWS\76UEDINM.exe [N/A]><H>
[SIK4HT5]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\SIK4HT5.lnk --> C:\WINDOWS\6YRDEZP1NTZ.exe [N/A]><H>
[T2KPIJM2SFHG]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\T2KPIJM2SFHG.BAT -->  [N/A]><N>
[T2KPIJM2SFHG]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\T2KPIJM2SFHG.lnk --> C:\WINDOWS\PRP796.exe [Ms Company]><H>
[TPEH1LKJR5CV]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\TPEH1LKJR5CV.lnk --> C:\WINDOWS\8G3390CGAKD9.exe [N/A]><H>
[UTCUZ7FY6]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\UTCUZ7FY6.lnk --> C:\WINDOWS\PBO7D19.exe [N/A]><H>
[UTZ70LM]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\UTZ70LM.BAT -->  [N/A]><N>
[UTZ70LM]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\UTZ70LM.lnk --> C:\WINDOWS\ONQHGNA4.exe [Ms Company]><H>
[UYCN3HPQOZ5]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\UYCN3HPQOZ5.lnk --> C:\WINDOWS\JS7AA.exe [N/A]><H>
[VNI0Q8QRTB]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\VNI0Q8QRTB.lnk --> C:\WINDOWS\CDK1R7IL.exe [N/A]><H>
[XKKYY4GWU548]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\XKKYY4GWU548.lnk --> C:\WINDOWS\RNN7H6YL96.exe [N/A]><H>
[XRZJ6ZRHX]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\XRZJ6ZRHX.lnk --> C:\WINDOWS\FTIHOCQSS1.exe [N/A]><H>
[XTICAS38QSEN]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\XTICAS38QSEN.lnk --> C:\WINDOWS\9TINC.exe [N/A]><H>
[Y4XUYU9S7OFV]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Y4XUYU9S7OFV.BAT -->  [N/A]><N>
[Y4XUYU9S7OFV]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Y4XUYU9S7OFV.lnk --> C:\WINDOWS\6UEX3.exe [Ms Company]><H>
[YSJ9AGZWF5]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\YSJ9AGZWF5.BAT -->  [N/A]><N>
[YSJ9AGZWF5]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\YSJ9AGZWF5.lnk --> C:\WINDOWS\ECH37A9O.exe [Ms Company]><H>
[Z8XMOW5F]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Z8XMOW5F.lnk --> C:\WINDOWS\TZ7G5P.exe [Ms Company]><H>
[ZRC1ULXG5]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\ZRC1ULXG5.lnk --> C:\WINDOWS\QXS5PP9BW284.exe [N/A]><H>
[ZS0UPUVGGPF]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\ZS0UPUVGGPF.lnk --> C:\WINDOWS\QIBSDK11Q8Q.exe [N/A]><H>

服务
[TNK7L1L4YDE / 03TV2][Stopped/Auto Start]
  <C:\WINDOWS\03TV2.exe -C4ESO47MY1F><N/A>
[OJTEE97MYM6 / 07J94V0UONKH][Stopped/Auto Start]
  <C:\WINDOWS\07J94V0UONKH.exe -PNFT41><N/A>
[YCAWLKASP / 0BQQR6J5OUI][Stopped/Auto Start]
  <C:\WINDOWS\0BQQR6J5OUI.exe -4A2W4UMK2JA0><N/A>
[IMJS9FG / 0OVWSWE][Stopped/Auto Start]
  <C:\WINDOWS\system32\0OVWSWE.exe -BVUM5D5SRS2P><N/A>
[GKVD6V2RK / 1NIOK][Stopped/Auto Start]
  <C:\WINDOWS\1NIOK.exe -VPXP8><N/A>
[QA0UU5J / 1P8TR0ISQEWJ][Stopped/Auto Start]
  <C:\WINDOWS\system32\1P8TR0ISQEWJ.exe -5GZMLWD2><N/A>
[2Y6HYWGEVZC / 1YB767L3TYB][Stopped/Auto Start]
  <C:\WINDOWS\1YB767L3TYB.exe -S15HZD0><N/A>
[LZLEQ / 2ALHNBPX][Stopped/Auto Start]
  <C:\WINDOWS\2ALHNBPX.exe -W71LCUPU8TK2><N/A>
[QD1EJIMB / 3M123XPH19][Stopped/Auto Start]
  <C:\WINDOWS\system32\3M123XPH19.exe -6Z744H24><N/A>
[E00DZCW72 / 409XEUZUBV9][Stopped/Auto Start]
  <C:\WINDOWS\system32\409XEUZUBV9.exe -UUDEF><N/A>
[F14SOQDRBV / 40B3W6][Stopped/Auto Start]
  <C:\WINDOWS\40B3W6.exe -I91B36GCZ8><N/A>
[1Z1TMLQ / 48SH2RD][Stopped/Auto Start]
  <C:\WINDOWS\system32\48SH2RD.exe -AYKJ82><N/A>
[E6CITSM4K / 4ASLYQ][Stopped/Auto Start]
  <C:\WINDOWS\4ASLYQ.exe -V0QBUF93KP2><N/A>
[E23JT6ZBF / 4JMJ0HG15][Stopped/Auto Start]
  <C:\WINDOWS\4JMJ0HG15.exe -NZVEXA><N/A>
[R1VWOA79 / 4LQPGL0IRA89][Stopped/Auto Start]
  <C:\WINDOWS\system32\4LQPGL0IRA89.exe -NVUAPHADL><N/A>
[7I0TRU1VCC6 / 50R72][Stopped/Auto Start]
  <C:\WINDOWS\system32\50R72.exe -265XXDH8><N/A>
[G8PJR8U / 56XJJYNH8P31][Stopped/Auto Start]
  <C:\WINDOWS\system32\56XJJYNH8P31.exe -7ZHD9L4><N/A>
[SIBKD77O9 / 5BKJ03][Stopped/Auto Start]
  <C:\WINDOWS\5BKJ03.exe -LP3QNEO3S><N/A>
[AI9GSE15 / 5HT8IQQB1JF][Stopped/Auto Start]
  <C:\WINDOWS\5HT8IQQB1JF.exe -YRBDUAYN6><N/A>
[LAS14QW1PPD7 / 5WFCPU76H6Q2][Stopped/Auto Start]
  <C:\WINDOWS\system32\5WFCPU76H6Q2.exe -IL9B7GH6B><N/A>
[RJQMK / 6OOCECELAA5][Stopped/Auto Start]
  <C:\WINDOWS\system32\6OOCECELAA5.exe -O4Z1DD2X0MBE><N/A>
[0K7WRC2T44SZ / 6QLXXK9CY1E][Stopped/Auto Start]
  <C:\WINDOWS\6QLXXK9CY1E.exe -D7GKPZ5I9K><N/A>
[DEW0X2U6 / 6UEX3][Running/Auto Start]
  <C:\WINDOWS\6UEX3.exe -A0HRI0><Ms Company>
[Z4O0Y1NYT6FW / 6YRDEZP1NTZ][Stopped/Auto Start]
  <C:\WINDOWS\6YRDEZP1NTZ.exe -5HXXSY0LEE><N/A>
[Y19KLNNBFNEO / 76UEDINM][Stopped/Auto Start]
  <C:\WINDOWS\76UEDINM.exe -QP73QP><N/A>
[VZYW4DRZT3 / 7BTG94UHJP1W][Stopped/Auto Start]
  <C:\WINDOWS\7BTG94UHJP1W.exe -SYX2VP0P><N/A>
[OMARV76K3 / 7K6NXM7HK1K][Stopped/Auto Start]
  <C:\WINDOWS\system32\7K6NXM7HK1K.exe -CR5U5><N/A>
[FQCI8O / 7M5J9X3UB][Stopped/Auto Start]
  <C:\WINDOWS\system32\7M5J9X3UB.exe -Y2WD2NPOEMVF><N/A>
[EWLYPJMQ9A / 7TXJH28][Stopped/Auto Start]
  <C:\WINDOWS\system32\7TXJH28.exe -91EGV><N/A>
[MH1RWA / 89NXI][Stopped/Auto Start]
  <C:\WINDOWS\system32\89NXI.exe -MEUKB7U6EORD><N/A>
[DT43ED6ITZC / 8G3390CGAKD9][Stopped/Auto Start]
  <C:\WINDOWS\8G3390CGAKD9.exe -8VFPHR8PF><N/A>
[XNQN9R / 8X0PSV1][Stopped/Auto Start]
  <C:\WINDOWS\8X0PSV1.exe -M98FFY><N/A>
[A458QL / 9ICNZ2AF][Running/Auto Start]
  <C:\WINDOWS\9ICNZ2AF.exe -MPAAYOUMNT><Ms Company>
[7C4L0IY / 9TINC][Stopped/Auto Start]
  <C:\WINDOWS\9TINC.exe -K633R5RN><N/A>
[Ati HotKey Poller / Ati HotKey Poller][Stopped/Auto Start]
  <C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[P0PMUTD / BCSG5DQ2][Stopped/Auto Start]
  <C:\WINDOWS\system32\BCSG5DQ2.exe -RARFF><N/A>
[AIX6JFE7M / BUU6XBO7J9I][Stopped/Auto Start]
  <C:\WINDOWS\BUU6XBO7J9I.exe -DZTA12><N/A>
[EE4J48X / BYYDH7AJ41][Running/Auto Start]
  <C:\WINDOWS\BYYDH7AJ41.exe -5SJBRH><Ms Company>
[OCLQL5OOQ / C32OFK8][Stopped/Auto Start]
  <C:\WINDOWS\C32OFK8.exe -18OMWUK9><N/A>
[Contrl Center of Storm Media / ccosm][Running/Auto Start]
  <C:\Program Files\StormII\stormliv.exe /asservice><北京暴风网际科技有限公司>
[8RT2M / CDK1R7IL][Stopped/Auto Start]
  <C:\WINDOWS\CDK1R7IL.exe -YSWA8CEYWC><N/A>
[JVCQCMC / CIZ4WMGDC2JA][Stopped/Auto Start]
  <C:\WINDOWS\system32\CIZ4WMGDC2JA.exe -3JT0ZQB9UYOS><N/A>
[2XFHZDXMZ / D30C0L][Stopped/Auto Start]
  <C:\WINDOWS\system32\D30C0L.exe -K3LKII1J><N/A>
[N1S4GHA56K7J / D3WZXKT][Stopped/Auto Start]
  <C:\WINDOWS\D3WZXKT.exe -9YJW0K3PU><N/A>
[BI9BDL / E1PCLSF4G3YE][Stopped/Auto Start]
  <C:\WINDOWS\E1PCLSF4G3YE.exe -K97V97A7><N/A>
[UTZFVIMM / E1RK4K][Stopped/Auto Start]
  <C:\WINDOWS\E1RK4K.exe -VGIDSA2><N/A>
[OYVSTWB7 / ECH37A9O][Running/Auto Start]
  <C:\WINDOWS\ECH37A9O.exe -DZ4S7ZNPE><Ms Company>
[H1OXHI / EHBMJ3E][Stopped/Auto Start]
  <C:\WINDOWS\EHBMJ3E.exe -45SQNBEGU3><N/A>
[4Q0C6W / EJBIXQXTR0EK][Stopped/Auto Start]
  <C:\WINDOWS\EJBIXQXTR0EK.exe -4CMC9YPZRU9><N/A>
[BUM3M642BY / EM41HNVBJKAX][Stopped/Auto Start]
  <C:\WINDOWS\EM41HNVBJKAX.exe -VD7GOQSFKSG7><N/A>
[VNPVC72BER / F5SP82E20][Stopped/Auto Start]
  <C:\WINDOWS\system32\F5SP82E20.exe -ZOTN6O><N/A>
[2OICFFQADT / FTIHOCQSS1][Stopped/Auto Start]
  <C:\WINDOWS\FTIHOCQSS1.exe -42VQ25DUPTNE><N/A>
[GULS0D4L7A / G209T][Running/Auto Start]
  <C:\WINDOWS\G209T.exe -SKLUD95TIRA><Ms Company>
[VSDWRB / GJ2AV][Stopped/Auto Start]
  <C:\WINDOWS\GJ2AV.exe -GOXV7PTTWUZC><N/A>
[QACWUP3JAR / H93PAN6HB][Stopped/Auto Start]
  <C:\WINDOWS\H93PAN6HB.exe -OKNHO0E6087C><N/A>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[H0MQLV / HJAFMF6JX][Running/Auto Start]
  <C:\WINDOWS\HJAFMF6JX.exe -ITMMX><Ms Company>
[A1KRARXZHA / IPN7QWA0F][Stopped/Auto Start]
  <C:\WINDOWS\IPN7QWA0F.exe -PVAONIA><N/A>
[UZWBQPOF / IQMDP][Stopped/Auto Start]
  <C:\WINDOWS\IQMDP.exe -ZQX2FIWXVIQN><N/A>
[QS1HRJR5CV / JA0MA4T][Stopped/Auto Start]
  <C:\WINDOWS\JA0MA4T.exe -3V8M0KSV0><N/A>
[M4TT40NXA / JNMZUO][Stopped/Auto Start]
  <C:\WINDOWS\JNMZUO.exe -UKTV5LSTTY2><N/A>
[V5X102T0 / JS7AA][Stopped/Auto Start]
  <C:\WINDOWS\JS7AA.exe -SY6HHNP><N/A>
[27HZYP8 / K0B9X3JTMB][Stopped/Auto Start]
  <C:\WINDOWS\system32\K0B9X3JTMB.exe -JWXTTUE><N/A>
[1OAOXBW / L04C8][Stopped/Auto Start]
  <C:\WINDOWS\system32\L04C8.exe -98Z9A><N/A>
[0OPTTZF / L9SF8J][Running/Auto Start]
  <C:\WINDOWS\L9SF8J.exe -OMTN8HMU3SC><Ms Company>
[9WH68W / LEB2QNZF2][Stopped/Auto Start]
  <C:\WINDOWS\system32\LEB2QNZF2.exe -AX2150><N/A>
[J1WX8ESYH8B4 / LIEOW][Stopped/Auto Start]
  <C:\WINDOWS\LIEOW.exe -Q8CU8><N/A>
[L07P79 / LQ0UAE2CBDI][Stopped/Auto Start]
  <C:\WINDOWS\LQ0UAE2CBDI.exe -MAVBZV7P><N/A>
[XQO31KO3AA / M4YY3L8P][Stopped/Auto Start]
  <C:\WINDOWS\system32\M4YY3L8P.exe -P78H6W6><N/A>
[2JXMOFH63PJA / NNDPF][Stopped/Auto Start]
  <C:\WINDOWS\system32\NNDPF.exe -7H70XHHTE><N/A>
[NOD32 Kernel Service / NOD32krn][Running/Auto Start]
  <"C:\Program Files\Eset\nod32krn.exe"><Eset>
[4VCXJ / NOYIT2OLLNW4][Stopped/Auto Start]
  <C:\WINDOWS\NOYIT2OLLNW4.exe -E5FSUDCA80V><N/A>
[WES7UNCI / NQYT4ON5D][Running/Auto Start]
  <C:\WINDOWS\NQYT4ON5D.exe -2RWC3PBSN2Q><Ms Company>
[FT412BBFGQN / NSKVWM5EVLO][Running/Auto Start]
  <C:\WINDOWS\NSKVWM5EVLO.exe -P13856XFDF><Ms Company>
[FN89QMSQO / ONQHGNA4][Running/Auto Start]
  <C:\WINDOWS\ONQHGNA4.exe -XV1HEZZC><Ms Company>
[CSJV7IVC9P / OOBS6EUG][Stopped/Auto Start]
  <C:\WINDOWS\system32\OOBS6EUG.exe -H4UAF3LGT3ED><N/A>
[SKUIV5Y1 / OOQQAM][Stopped/Auto Start]
  <C:\WINDOWS\system32\OOQQAM.exe -S91898RPETN><N/A>
[P4P Service / P4P Service][Running/Auto Start]
  <C:\Program Files\Common Files\Sogou PXP\p2psvr.exe><Sohu.com Inc.>
[TAM9R / P9BIBNIBBEGP][Stopped/Auto Start]
  <C:\WINDOWS\P9BIBNIBBEGP.exe -3XR6KX6M5><N/A>
[ZS894UZ / PBO7D19][Stopped/Auto Start]
  <C:\WINDOWS\PBO7D19.exe -GRWKHTG1><N/A>
[AFCBJK0 / PL3H65A3B7][Running/Auto Start]
  <C:\WINDOWS\PL3H65A3B7.exe -2JZ91><Ms Company>
[0J7BKNNCZ / PM3GOP][Running/Auto Start]
  <C:\WINDOWS\PM3GOP.exe -90L837><Ms Company>
[O3A77XYEOKX / PO1D8360RU2][Stopped/Auto Start]
  <C:\WINDOWS\system32\PO1D8360RU2.exe -0Z883WL><N/A>
[8W8H4UIEWEH / PRP796][Running/Auto Start]
  <C:\WINDOWS\PRP796.exe -QI2NYE4H4L><Ms Company>
[8MS6BIJXN / PWPXL2RS][Stopped/Auto Start]
  <C:\WINDOWS\PWPXL2RS.exe -Y3KGA1QL95><N/A>
[6CL5J03U / QIBSDK11Q8Q][Stopped/Auto Start]
  <C:\WINDOWS\QIBSDK11Q8Q.exe -00PNI><N/A>
[5XK7A8 / QXS5PP9BW284][Stopped/Auto Start]
  <C:\WINDOWS\QXS5PP9BW284.exe -PNB1J3Y73SAU><N/A>
[TFY6ENPQV7GG / R5U0B96H][Running/Auto Start]
  <C:\WINDOWS\R5U0B96H.exe -DTQ8RMIDGJ><Ms Company>
[6CHXN / REHWKDC4G5B][Running/Auto Start]
  <C:\WINDOWS\system32\REHWKDC4G5B.exe -8YY9D><Ms Company>
[N3YUXLWRX / RNN7H6YL96][Stopped/Auto Start]
  <C:\WINDOWS\RNN7H6YL96.exe -MYZENS4W6SKT><N/A>
[I25VYC / RYOK66HGX][Stopped/Auto Start]
  <C:\WINDOWS\system32\RYOK66HGX.exe -D6MVM5><N/A>
[IRSYHJ23TBXR / SGCBPA44X][Stopped/Auto Start]
  <C:\WINDOWS\SGCBPA44X.exe -47E6XL18HD><N/A>
[BPG1PD / T4BU891][Stopped/Auto Start]
  <C:\WINDOWS\T4BU891.exe -4QUIL4D><N/A>
[9CRGZ0LMBAZZ / TIYLVX7UA][Stopped/Auto Start]
  <C:\WINDOWS\TIYLVX7UA.exe -KIEHI5><N/A>
[WM5QFHNI1D / U3I80YV751][Stopped/Auto Start]
  <C:\WINDOWS\U3I80YV751.exe -WWPDPQIF><N/A>
[OJBFZT / UFEVYFS][Running/Auto Start]
  <C:\WINDOWS\UFEVYFS.exe -GB614HXVE><Ms Company>
[N7T3JQWIGXEW / UODCYJ][Stopped/Auto Start]
  <C:\WINDOWS\UODCYJ.exe -7G6QD4AIJN><N/A>
[A0PK92 / VAK8W][Stopped/Auto Start]
  <C:\WINDOWS\VAK8W.exe -AX76A2Z><N/A>
[765BAZQX6OMD / VAMUWBCBS8][Stopped/Auto Start]
  <C:\WINDOWS\system32\VAMUWBCBS8.exe -GK87ZF7TC><N/A>
[7866GEFHW / VNOF8MCFTPL][Stopped/Auto Start]
  <C:\WINDOWS\VNOF8MCFTPL.exe -CFEDG><N/A>
[G8J57I51 / VO5TV][Stopped/Auto Start]
  <C:\WINDOWS\VO5TV.exe -WMW14KLO44B><N/A>
[WYJ19GQ7IXP / W3XFIHIUIV2E][Running/Auto Start]
  <C:\WINDOWS\W3XFIHIUIV2E.exe -0KRUOZ><Ms Company>
[71LUQPGX4PE / WT397ODPS5][Stopped/Auto Start]
  <C:\WINDOWS\WT397ODPS5.exe -X4XB0ZN16MS9><N/A>
[NCT1XX3C0 / WUFGGR1J447G][Stopped/Auto Start]
  <C:\WINDOWS\WUFGGR1J447G.exe -8JZ41C16><N/A>
[SHOEZT / X29BRJ][Stopped/Auto Start]
  <C:\WINDOWS\X29BRJ.exe -4Q2GRF7P><N/A>
[SXV79H1 / X7KUFEOR][Stopped/Auto Start]
  <C:\WINDOWS\X7KUFEOR.exe -92OQ5YDB><N/A>
[81U722TWT / XDH7R][Stopped/Auto Start]
  <C:\WINDOWS\XDH7R.exe -RWF7AZWKPQ8Y><N/A>
[K2E75TPP / XMMLUHI4][Running/Auto Start]
  <C:\WINDOWS\XMMLUHI4.exe -NTM2YE6J><Ms Company>
[YDBRHHM2Z / XQVHU][Stopped/Auto Start]
  <C:\WINDOWS\XQVHU.exe -RFUGICCM><N/A>
[D0GFL6UGVR / YDYN9B4I][Stopped/Auto Start]
  <C:\WINDOWS\YDYN9B4I.exe -GMJ2IZBPGJA><N/A>
[W3NMHLJU7 / YQ5CJDAKC][Stopped/Auto Start]
  <C:\WINDOWS\system32\YQ5CJDAKC.exe -D9EUO><N/A>
[CBR6FHI5V3 / Z41O5ZI2][Stopped/Auto Start]
  <C:\WINDOWS\system32\Z41O5ZI2.exe -1FHJ30TIAI><N/A>
[S6IUN / JZQEIZJ6TJX][Stopped/Auto Start]
  <C:\WINDOWS\JZQEIZJ6TJX.exe -9AQMYI3Y><Ms Company>
[QEMZRQ64 / HAT3K][Stopped/Auto Start]
  <C:\WINDOWS\system32\HAT3K.exe -D7ENOS><Ms Company>

==================================

驱动程序
[000674a6 / 000674a6][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\Drivers\000674a6.sys><N/A>
[RXTUJML2 / 2X4S1][Stopped/Manual Start]
  <\??\C:\WINDOWS\5FICEKYQN9R.txt><N/A>
[T8MY1 / 569C0DA25K][Stopped/Manual Start]
  <\??\C:\WINDOWS\BJPR21FNSY.txt><N/A>
[70IOZHP2L710 / 9F25RPV][Stopped/Manual Start]
  <\??\C:\WINDOWS\5MQZW8O3DT34.txt><N/A>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AMON / AMON][Running/Auto Start]
  <\SystemRoot\system32\drivers\amon.sys><Eset>
[ati2mtag / ati2mtag][Running/Manual Start]
  <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[8ZQMNSFOK0SU / J08EDAE8][Stopped/Manual Start]
  <\??\C:\WINDOWS\DR9C3XW.txt><N/A>
[RAN9GLR94A9D / LXFWBLL6F][Stopped/Manual Start]
  <\??\C:\WINDOWS\7C35UI.txt><N/A>
[0K968VNVG0 / LZ7CGFV8][Stopped/Manual Start]
  <\??\C:\WINDOWS\LY66LS01A4A.txt><N/A>
[L38PSX / NESCU0FF4][Stopped/Manual Start]
  <\??\C:\WINDOWS\GKOVDOB4NPY.txt><N/A>
[nod32drv / nod32drv][Running/System Start]
  <\SystemRoot\system32\drivers\nod32drv.sys><N/A>
[npkcrypt / npkcrypt][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\npkcrypt.sys><N/A>
[npkycryp / npkycryp][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\npkycryp.sys><N/A>
[2T1EO / O3XM4U8V9H9][Stopped/Manual Start]
  <\??\C:\WINDOWS\J3VNG26ANIEY.txt><N/A>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[AXEZVABNN / QT0P7I6OS9UW][Stopped/Manual Start]
  <\??\C:\WINDOWS\KDN7V2VOBEH.txt><N/A>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[TesSafe / TesSafe][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
[2L7WQHJ3 / V8ZDSBZH1][Stopped/Manual Start]
  <\??\C:\WINDOWS\O35KY.txt><N/A>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[I4PWY0T / Z0H1460KLYR][Stopped/Manual Start]
  <\??\C:\WINDOWS\LBAOI6MZGLL.txt><N/A>
[4E0VPI / Z9Y07EG3][Stopped/Manual Start]
  <\??\C:\WINDOWS\DH4PBOMQPM.txt><N/A>
[VIMICRO USB PC Camera V / ZSMC0305][Running/Manual Start]
  <System32\Drivers\usbVM305.sys><Vimicro Corporation>

==================================
浏览器加载项
[QQCycloneHelper Class]
  {00000000-12C9-4305-82F9-43058F20E8D2} <C:\Program Files\Tencent\QQDownload\QQIEHelper01.dll, N/A>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[RealPlayer Download and Record Plugin for Internet Explorer]
  {3049C3E9-B461-4BC5-8870-4C09146192CA} <C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll, RealPlayer>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[SafeMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
[FlashFXP Helper for Internet Explorer]
  {E5A1691B-D188-4419-AD02-90002030B8EE} <C:\PROGRA~1\FlashFXP\IEFlash.dll, IniCom Networks, Inc.>
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[番茄花园]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.tomatolei.com, N/A>
[PPLive]
  {95B3F550-91C4-4627-BCC4-521288C52977} <C:\Program Files\PPLive\PPLive.exe, N/A>
[Edit Class]
  {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINDOWS\system32\CMBEdit.dll, >
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
[QQCycloneHelper Class]
  {00000000-12C9-4305-82F9-43058F20E8D2} <C:\Program Files\Tencent\QQDownload\QQIEHelper01.dll, N/A>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[GerneralPeerID Class]
  {0A47E819-F82E-4D5D-B806-6A9EA94D68CD} <C:\Program Files\Thunder Network\Thunder\Components\InMedia\peerid.dll, >
[Edit Class]
  {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINDOWS\system32\CMBEdit.dll, >
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[PhotoDraw Class]
  {2375BEE5-F175-4F1C-81EC-8E4E2E72E2DD} <C:\Program Files\Tencent\QQ\Qzone\QQPhotoDraw.dll, N/A>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[RealPlayer RAM Download Handler]
  {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[RealPlayer Download and Record Plugin for Internet Explorer]
  {3049C3E9-B461-4BC5-8870-4C09146192CA} <C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll, RealPlayer>
[XML Document]
  {48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\system32\msxml3.dll, N/A>
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <C:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll, Thunder Networking Technologies,LTD>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[XMP Class]
  {6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, >
[XDRM]
  {693571CB-54A3-4E90-9D52-EEAE1334E2D3} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, >
[StormPlayer Object]
  {6BE52E1D-E586-474F-A6E2-1A85A9B4D9FB} <C:\Program Files\StormII\mps.dll, 北京暴风网际科技有限公司>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Active Desktop Mover]
  {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[MediaComm Class]
  {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <C:\Program Files\Thunder Network\Thunder\Components\InMedia\MediaAddin16.dll, Thunder Networking Technologies,LTD>
[360SafeLive]
  {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[RMGetLicense Class]
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[DapCtrl COM Module]
  {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.1.6.5711.41.449.dll, ShenZhen Thunder Networking Technologies Ltd.>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[SafeMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
[PlayerCtrl Class]
  {E05BC2A3-9A46-4A32-80C9-023A473F5B23} <C:\Program Files\Tencent\QQ\QzoneMusic.dll, N/A>
[FlashFXP Helper for Internet Explorer]
  {E5A1691B-D188-4419-AD02-90002030B8EE} <C:\PROGRA~1\FlashFXP\IEFlash.dll, IniCom Networks, Inc.>
[Thunder DapPlayer]
  {EEDD6FF9-13DE-496B-9A1C-D78B3215E266} <C:\Program Files\Thunder Network\Thunder\Components\DownAndPlay\DapPlayer3.0.5712.71.449.dll, ShenZhen Thunder Networking Technologies Ltd.>
[XPPlayer Class]
  {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\pplayer.dll_1_work, Thunder>
[&使用超级旋风下载]
  <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
[&使用超级旋风下载全部链接]
  <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
[使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\Program\getallurl.htm, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>

==================================
正在运行的进程
[PID: 440][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 496][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 524][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Ati2evxx.dll]  [ATI Technologies Inc., 6.14.10.4155]
    [C:\WINDOWS\system32\WgaLogon.dll]  [Microsoft Corporation, 1.7.0018.7]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 568][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 580][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 748][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 812][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\imon.dll]  [Eset , 2, 70, 39 ]
    [C:\Program Files\Eset\pr_imon.dll]  [N/A, ]
[PID: 884][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\imon.dll]  [Eset , 2, 70, 39 ]
    [C:\Program Files\Eset\pr_imon.dll]  [N/A, ]
    [C:\WINDOWS\system32\wups2.dll]  [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)]
[PID: 924][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1312][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1400][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1972][C:\Documents and Settings\Administrator\桌面\1234.exe]  [11111, 11111]
[PID: 1980][C:\Documents and Settings\Administrator\桌面\修改的2.4版SREng.EXE]  [1111, 2..4]
[PID: 360][C:\WINDOWS\6UEX3.exe]  [Ms Company, 2.0.0.1]
[PID: 372][C:\WINDOWS\9ICNZ2AF.exe]  [Ms Company, 2.0.0.1]
[PID: 396][C:\WINDOWS\BYYDH7AJ41.exe]  [Ms Company, 2.0.0.1]
[PID: 424][C:\Program Files\StormII\stormliv.exe]  [北京暴风网际科技有限公司, 3, 8, 6, 20]
    [C:\Program Files\StormII\MSVCP60.dll]  [Microsoft Corporation, 6.02.3104.0]
    [C:\WINDOWS\system32\imon.dll]  [Eset , 2, 70, 39 ]
    [C:\Program Files\Eset\pr_imon.dll]  [N/A, ]
[PID: 484][C:\WINDOWS\ECH37A9O.exe]  [Ms Company, 2.0.0.1]
[PID: 1000][C:\WINDOWS\G209T.exe]  [Ms Company, 2.0.0.1]
[PID: 1188][C:\WINDOWS\HJAFMF6JX.exe]  [Ms Company, 2.0.0.1]
[PID: 1284][C:\WINDOWS\L9SF8J.exe]  [Ms Company, 2.0.0.1]
[PID: 1108][C:\Program Files\Eset\nod32krn.exe]  [Eset , 2, 70, 39 ]
    [C:\Program Files\Eset\nod32krr.dll]  [Eset , 2, 70, 39 ]
    [C:\Program Files\Eset\ps_amon.dll]  [Eset , 2, 70, 39 ]
    [C:\Program Files\Eset\pr_amon.dll]  [Eset , 2, 70, 39 ]
    [C:\Program Files\Eset\ps_dmon.dll]  [Eset , 2, 70, 39 ]
    [C:\Program Files\Eset\pr_dmon.dll]  [N/A, ]
    [C:\Program Files\Eset\ps_emon.dll]  [Eset , 2, 70, 39 ]
    [C:\Program Files\Eset\pr_emon.dll]  [N/A, ]
    [C:\WINDOWS\system32\imon.dll]  [Eset , 2, 70, 39 ]
    [C:\Program Files\Eset\pr_imon.dll]  [N/A, ]
    [C:\Program Files\Eset\ps_nod32.dll]  [Eset , 2, 70, 39 ]
    [C:\Program Files\Eset\pr_nod32.dll]  [Eset , 2, 70, 39 ]
    [C:\Program Files\Eset\ps_upd.dll]  [Eset , 2, 70, 39 ]
    [C:\Program Files\Eset\pr_upd.dll]  [N/A, ]