2006-03-20,18:57:04

System Repair Engineer 2.0.12.350 (2.0 RC 1)
    Windows XP Home Edition Service Pack 2 - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  <MSMSGS><; "C:\Program Files\Messenger\msmsgs.exe" /background>
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <load><; ?矹?词矵?    逷矵???胸熚??>
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <run><; ?矹?词矵?    逷矵???胸熚??>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <Symantec NetDriver Monitor><C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <ccApp><"C:\Program Files\Common Files\Symantec Shared\ccApp.exe">
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <NvCplDaemon><; RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <BigDog303><; C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <ExFilter><; Rundll32.exe "C:\PROGRA~1\CNNIC\Cdn\cdnspie.dll,ExecFilter solo">
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <KernelFaultCheck><; %systemroot%\system32\dumprep 0 -k>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <LegendRemDriver><; C:\Program Files\LEGEND\联想遥控器驱动\Remsev.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <NeroFilterCheck><; C:\WINDOWS\system32\NeroCheck.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <NvMediaCenter><; RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <nwiz><; nwiz.exe /install>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <SoundMan><; soundman.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <StormCodec_Helper><; "d:\Storm Codec\StormSet.exe" /S /opti>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <Update><; C:\Program Files\Common Files\UPDATE\Update.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <VDRun><; ; D:\VDMagic393\VDMagic.exe /Run>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <VVSN><; C:\Program Files\VVSN\VVSN.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
  <DTService><rundll32.exe C:\DOCUME~1\USER_C~1\LOCALS~1\Temp\XP68TM~1.DLL,Load>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
  <ip_sec><rundll32.exe C:\PROGRA~1\COMMON~1\system\msdc32.dll,_S1>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
  <Power><rundll32.exe C:\DOCUME~1\USER_C~1\LOCALS~1\Temp\f3\pnxpwf.dll,Start>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <shell><Explorer.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <Userinit><C:\WINDOWS\SYSTEM32\Userinit.exe,>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <AppInit_DLLs><APIHookDll.dll>

==================================
启动文件夹
服务
[Symantec Event Manager / ccEvtMgr]
  <"C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"><Symantec Corporation>
[Symantec Network Proxy / ccProxy]
  <"C:\Program Files\Common Files\Symantec Shared\ccProxy.exe"><Symantec Corporation>
[Symantec Password Validation / ccPwdSvc]
  <"C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe"><Symantec Corporation>
[Symantec Settings Manager / ccSetMgr]
  <"C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"><Symantec Corporation>
[ewido security suite control / ewido security suite control]
  <d:\ewido\security suite\ewidoctrl.exe><ewido networks>
[ewido security suite guard / ewido security suite guard]
  <d:\ewido\security suite\ewidoguard.exe><ewido networks>
[LexBce Server / LexBceS]
  <C:\WINDOWS\system32\LEXBCES.EXE><Lexmark International, Inc.>
[Norton AntiVirus Auto Protect Service / navapsvc]
  <"C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe"><Symantec Corporation>
[npkcsvc / npkcsvc]
  <C:\WINDOWS\system32\npkcsvc.exe><INCA Internet Co., Ltd.>
[NVIDIA Display Driver Service / NVSvc]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[SAVScan / SAVScan]
  <C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe><Symantec Corporation>
[ScriptBlocking Service / SBService]
  <C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe><Symantec Corporation>
[Symantec Network Drivers Service / SNDSrvc]
  <"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"><Symantec Corporation>
[SymWMI Service / SymWSC]
  <C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe><Symantec Corporation>

==================================
浏览器加载项
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v8.dll, >
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <d:\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx, >
[CNisExtBho Class]
  {9ECB9560-04F9-4bbc-943D-298DDF1699E1} <C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll, Symantec Corporation>
[CNavExtBho Class]
  {BDF3E430-B101-42AD-A544-FADC6B084872} <C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll, Symantec Corporation>
[浩方对战平台]
  {0A155D3C-68E2-4215-A47A-E800A446447A} <D:\浩方对战平台\Gameclient.exe, 上海浩方在线信息技术有限公司>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <D:\Tencent\QQ.EXE, TENCENT>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <D:\下略载毓工ぞ具運\FLASHGET\fgiebar.dll, N/A>
[Web 助手]
  {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} <C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll, Symantec Corporation>
[Norton AntiVirus]
  {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} <C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll, Symantec Corporation>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, Microsoft Corp.>
[LSSupCtl Class]
  {1F2F4C9E-6F09-47BC-970D-3C54734667FE} <C:\WINDOWS\Downloaded Program Files\LSSupCtl.dll, Symantec Corporation>
[SLAProbe Control]
  {7A97B026-F3BB-49F6-BEAC-75021AD45B4E} <C:\WINDOWS\DOWNLO~1\SLAProbe.ocx, AKAZAM Communications>
[IEDown Class]
  {99888952-AC62-437C-AFC6-7B5CF05A7F2F} <C:\WINDOWS\System32\GLIEDown.dll, N/A>
[ActiveDataInfo Class]
  {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} <C:\WINDOWS\Downloaded Program Files\SymAData.dll, >
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8a.ocx, Macromedia, Inc.>
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v8.dll, >
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <d:\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx, >
[Web 助手]
  {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} <C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll, Symantec Corporation>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, Microsoft Corp.>

[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\System32\mshtml.dll, N/A>
[Norton AntiVirus]
  {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} <C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll, Symantec Corporation>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[CNisExtBho Class]
  {9ECB9560-04F9-4BBC-943D-298DDF1699E1} <C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll, Symantec Corporation>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\System32\mshtml.dll, Microsoft Corporation>
[CNavExtBho Class]
  {BDF3E430-B101-42AD-A544-FADC6B084872} <C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll, Symantec Corporation>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8a.ocx, Macromedia, Inc.>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <D:\下略载毓工ぞ具運\FLASHGET\fgiebar.dll, N/A>
[&使用迅雷下载]
  <D:\下载工具\Sandai Technologies Inc\Thunder\geturl.htm, N/A>
[&使用迅雷下载全部链接]
  <D:\下载工具\Sandai Technologies Inc\Thunder\getallurl.htm, N/A>
[上传到QQ网络硬盘]
  <D:\Tencent\AddToNetDisk.htm, N/A>
[使用网际快车下载]
  <D:\下载工具\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <D:\下载工具\FlashGet\jc_all.htm, N/A>
[导入当前页到超星阅览器(&A)]
  <D:\SSREADER36\ss_all.htm, N/A>
[导入选中部分到超星阅览器(&S)]
  <D:\SSREADER36\ss_select.htm, N/A>
[添加到QQ自定义面板]
  <D:\Tencent\AddPanel.htm, N/A>
[添加到QQ表情]
  <D:\Tencent\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <D:\Tencent\SendMMS.htm, N/A>

==================================
正在运行的进程
[PID: 520][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 580][\??\C:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 604][\??\C:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 656][C:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 668][C:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 820][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 892][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 976][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1052][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1156][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1500][C:\WINDOWS\system32\LEXBCES.EXE]  <Lexmark International, Inc.><7.4>
    [C:\WINDOWS\system32\lexp2p32.dll]  <Lexmark International, Inc.><7.4>
    [C:\WINDOWS\system32\lex2kusb.dll]  <Lexmark International, Inc.><7.4>
[PID: 1524][C:\WINDOWS\system32\LEXPPS.EXE]  <Lexmark International, Inc.><7.4>
    [C:\WINDOWS\system32\LEXBCE.DLL]  <Lexmark International, Inc.><7.4>
[PID: 1532][C:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)>
    [C:\WINDOWS\system32\LEXLMPM.DLL]  <Lexmark International, Inc.><7.4>
    [C:\WINDOWS\system32\LexBce.dll]  <Lexmark International, Inc.><7.4>
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\LGAXPP5C.dll]  <Lexmark International><1.0.4.0>
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\vprproc.dll]  <Windows (R) 2000 DDK provider><5.00.2195.1620>
    [C:\WINDOWS\system32\LGAXpwr.dll]  <Lexmark International, Inc.><1, 0, 1, 0>
[PID: 1684][C:\Program Files\Common Files\Symantec Shared\ccProxy.exe]  <Symantec Corporation><2.1.3.4>
    [C:\WINDOWS\system32\SYMREDIR.dll]  <Symantec Corporation><5.5.1.6>
    [C:\WINDOWS\system32\SymNeti.DLL]  <Symantec Corporation><5.5.1.6>
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  <Symantec Corporation><2.1.3.4>
    [C:\Program Files\Common Files\Symantec Shared\ccSet.dll]  <Symantec Corporation><2.1.3.4>
    [C:\Program Files\Common Files\Symantec Shared\DPHTML.dll]  <Symantec Corporation><2.1.3.4>
    [C:\Program Files\Common Files\Symantec Shared\SymIConv.dll]  <Symantec Corporation><2.1.3.4>
    [C:\Program Files\Common Files\Symantec Shared\DPJS.dll]  <Symantec Corporation><2.1.3.4>
    [C:\Program Files\Common Files\Symantec Shared\DPVBS.dll]  <Symantec Corporation><2.1.3.4>
    [C:\Program Files\Common Files\Symantec Shared\PFPriv.dll]  <Symantec Corporation><2.0.2.806>
    [C:\Program Files\Common Files\Symantec Shared\StrmFilt.dll]  <Symantec Corporation><2.1.3.4>
    [C:\Program Files\Common Files\Symantec Shared\PFRes.dll]  <Symantec Corporation><2.0.2.806>
    [C:\Program Files\Norton Internet Security\SYMURL.DLL]  <Symantec Corporation><7.0.6.16>
    [C:\Program Files\Norton Internet Security\NISRES.DLL]  <Symantec Corporation><7.0.0.177>
    [C:\Program Files\Common Files\Symantec Shared\PFSec.dll]  <Symantec Corporation><2.0.2.806>
    [C:\Program Files\Common Files\Symantec Shared\ccProSub.dll]  <Symantec Corporation><2.1.3.4>
    [C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll]  <Symantec Corporation><2.1.3.4>
    [C:\Program Files\Common Files\Symantec Shared\PFAdBlk.dll]  <Symantec Corporation><2.0.1.714>
    [C:\Program Files\Common Files\Symantec Shared\PFMisc.dll]  <Symantec Corporation><2.0.2.806>
    [C:\Program Files\Common Files\Symantec Shared\PxyHTTP.dll]  <Symantec Corporation><2.1.3.4>
    [C:\Program Files\Common Files\Symantec Shared\DPHTTP.dll]  <Symantec Corporation><2.1.3.4>
    [C:\Program Files\Common Files\Symantec Shared\PxyIM.dll]  <Symantec Corporation><2.0.2.806>
    [C:\Program Files\Common Files\Symantec Shared\PxyNNTP.dll]  <Symantec Corporation><2.1.1.700>
    [C:\Program Files\Common Files\Symantec Shared\ccPxyEvt.dll]  <Symantec Corporation><2.1.3.4>
    [C:\Program Files\Common Files\Symantec Shared\ccLogin.dll]  <Symantec Corporation><2.1.3.4>
[PID: 1700][C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe]  <Symantec Corporation><2.1.3.4>
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  <Symantec Corporation><2.1.3.4>
    [C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll]  <Symantec Corporation><2.1.3.4>
[PID: 1748][C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe]  <Symantec Corporation><10.00.2>
    [C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRT32.DLL]  <Symantec Corporation><>
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  <Symantec Corporation><2.1.3.4>
[PID: 1992][C:\WINDOWS\system32\nvsvc32.exe]  <NVIDIA Corporation><6.14.10.7801>
[PID: 2016][C:\WINDOWS\Explorer.EXE]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\DOCUME~1\USER_C~1\LOCALS~1\Temp\XP68TM~1.DLL]  <><1, 3, 0, 0>
    [C:\PROGRA~1\COMMON~1\system\msdc32.dll]  <Microsoft Corporation><1, 0, 0, 1>
    [C:\DOCUME~1\USER_C~1\LOCALS~1\Temp\f3\pnxpwf.dll]  <><1, 0, 0, 0>
    [C:\PROGRA~1\COMMON~1\SYMANT~1\ANTISPAM\asOEHook.dll]  <Symantec Corporation><2004.1.00.147>
    [d:\ewido\security suite\shellhook.dll]  <N/A><N/A>
    [C:\PROGRA~1\COMMON~1\system\mod\mstd.dll]  <><1, 5, 0, 1>
    [C:\PROGRA~1\COMMON~1\system\mod\msdw.dll]  <><1, 0, 0, 1>
    [C:\WINDOWS\system32\xunleibho_v8.dll]  <><4, 5, 1, 33>
    [d:\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx]  <><1, 0, 0, 1>
    [C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll]  <Symantec Corporation><10.00.13>
    [C:\WINDOWS\system32\mp3infp.dll]  <win32lab.com><2.50.5.0>
    [D:\压缩解压\WinRAR\rarext.dll]  <N/A><N/A>
    [d:\ewido\security suite\context.dll]  <ewido networks><1.0.0.1>

[C:\PROGRA~1\COMMON~1\SYMANT~1\ANTISPAM\asOEHook.dll]  <Symantec Corporation><2004.1.00.147>
    [C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll]  <Symantec Corporation><10.00.13>
    [C:\WINDOWS\system32\kakatool.dll]  <Beijing Rising Technology Co., Ltd.><2, 0, 0, 8>
    [C:\WINDOWS\system32\xunleibho_v8.dll]  <><4, 5, 1, 33>
    [d:\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx]  <><1, 0, 0, 1>
    [C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll]  <Symantec Corporation><7.0.0.177>
    [C:\Program Files\Common Files\Symantec Shared\Script Blocking\scrauth.dll]  <Symantec Corporation><1, 1, 1, 131>
    [C:\Program Files\Common Files\Symantec Shared\Script Blocking\ScrBlock.dll]  <Symantec Corporation><1, 1, 1, 131>
    [C:\WINDOWS\system32\Macromed\Flash\Flash8a.ocx]  <Macromedia, Inc.><8,0,24,0>
    [d:\ewido\security suite\shellhook.dll]  <N/A><N/A>
[PID: 3900][C:\WINDOWS\system32\taskmgr.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\PROGRA~1\COMMON~1\SYMANT~1\ANTISPAM\asOEHook.dll]  <Symantec Corporation><2004.1.00.147>
[PID: 4016][I:\sreng2\SREng.exe]  <Smallfrogs Studio><2.0.12.350>
    [C:\PROGRA~1\COMMON~1\SYMANT~1\ANTISPAM\asOEHook.dll]  <Symantec Corporation><2004.1.00.147>
[PID: 400][C:\Program Files\Messenger\msmsgs.exe]  <Microsoft Corporation><4.7.3001>
    [C:\PROGRA~1\COMMON~1\SYMANT~1\ANTISPAM\asOEHook.dll]  <Symantec Corporation><2004.1.00.147>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================

LOG很长，实在麻烦了，谢谢！

修复
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><; ?矹? 词矵? 逷矵? ? ? 胸熚??>
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<run><; ?矹? 词矵? 逷矵? ? ? 胸熚??>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<Update><; C:\Program Files\Common Files\UPDATE\Update.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<DTService><rundll32.exe C:\DOCUME~1\USER_C~1\LOCALS~1\Temp\XP68TM~1.DLL,Load>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<ip_sec><rundll32.exe C:\PROGRA~1\COMMON~1\system\msdc32.dll,_S1>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<Power><rundll32.exe C:\DOCUME~1\USER_C~1\LOCALS~1\Temp\f3\pnxpwf.dll,Start>

删除

C:\Program Files\Common Files\UPDATE\Update.exe
C:\DOCUME~1\USER_C~1\LOCALS~1\Temp\XP68TM~1.DLL
C:\PROGRA~1\COMMON~1\system\msdc32.dll
C:\DOCUME~1\USER_C~1\LOCALS~1\Temp\f3\pnxpwf.dll