当前运行的进程:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\WINDOWS\smss.exe
C:\Program Files\Intel\rundll32.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe
C:\WINDOWS\MSDHCP.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\SoftUpdate.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
D:\SREng2\SREng.exe
C:\PROGRA~1\INTERN~1\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\conime.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Network Associates\VirusScan\scan32.exe
D:\Super Rabbit\IEG\SRIECLI.EXE
D:\Super Rabbit\IEG\iepro.exe
C:\PROGRA~1\INTERN~1\iexplore.exe
D:\Super Rabbit\IEG\winspeed.exe
D:\Super Rabbit\IEG\iehelp.exe
D:\hijackthis1.99.1\HijackThis1991汉化版\HijackThis1991zww.exe
F2 - REG:system.ini: Shell=explorer.exe 1
O2 - BHO: MyIEHelper Class - {16B770A0-0E87-4278-B748-2460D64A8386} - C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper_5028.dll (file missing)
O2 - BHO: 超级兔子上网精灵 - {FEDF637B-F631-4583-A210-33CC828D42DB} - D:\SUPERR~1\IEG\HAOKAN~2.DLL
O3 - IE工具栏增项: 超级兔子上网精灵 - {FEDF637B-F631-4583-A210-33CC828D42DB} - D:\SUPERR~1\IEG\HAOKAN~2.DLL
O4 - 启动项HKLM\\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - 启动项HKLM\\Run: [NvCplDaemon] ; RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - 启动项HKLM\\Run: [TProgram] C:\WINDOWS\smss.exe
O4 - 启动项HKLM\\Run: [zt] C:\Program Files\Intel\rundll32.exe
O4 - 启动项HKLM\\Run: [wdfmgr32] C:\WINDOWS\system32\wdfmgr32.exe
O4 - 启动项HKLM\\Run: [McAfeeUpdaterUI] ; "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - 启动项HKLM\\Run: [NvMediaCenter] ; RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - 启动项HKLM\\Run: [nwiz] ; nwiz.exe /install
O4 - 启动项HKLM\\Run: [SoundMan] ; SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [TkBellExe] ; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [Super Rabbit IEPro] D:\Super Rabbit\IEG\SRIECLI.EXE /LOAD
O4 - HKCU\..\Run: [自动换壁纸] ; C:\WINDOWS\system32\bgswitch.exe
O10 - 未知的文件在 Winsock LSP: c:\windows\system32\tcpipdogr0.dll
O10 - 未知的文件在 Winsock LSP: c:\windows\system32\tcpipdogr0.dll
O14 - IERESET.INF: START_PAGE_URL=
about:blank
O14 - IERESET.INF: MS_START_PAGE_URL=
about:blank
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1157108606890
O17 - HKLM\System\CCS\Services\Tcpip\..\{E4131079-9D73-4EDE-93ED-53B77B419B13}: NameServer = 61.128.128.68 61.128.192.68
O21 - SSODL: DelayRun - {5A6F2F95-3191-433B-8533-EB0B596A7BAC} - C:\WINDOWS\91ddac30.dll (file missing)
O23 - NT 服务: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - NT 服务: McAfee Framework 服务 (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - NT 服务: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - NT 服务: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - NT 服务: DHCP Service (MSDHCP) - Unknown owner - C:\WINDOWS\MSDHCP.exe
O23 - NT 服务: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - NT 服务: Update Service For Windows (SoftUpdate) - Unknown owner - C:\WINDOWS\SoftUpdate.exe
