并且在进程中里面有几个异样的进程，也杀不掉，请帮忙看看。


Logfile of HijackThis v1.99.0
Scan saved at 10:04:40, on 2006-10-9
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
c:\windows\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\ZCfgsvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Maxthon131\Maxthon.exe
C:\WINDOWS\system32\conime.exe
C:\WINDOWS\system32\notepad.exe
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
D:\Tools\杀毒修补\HijackThis.exe

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\kakatool.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O10 - Broken Internet access because of LSP provider 'c:\windows\system32\cdnns.dll' missing
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: cdl - {3DD53D40-7B8B-11D0-B013-00AA0059CE02} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL
O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: file - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ftp - {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: gopher - {79EAC9E4-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: http - {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: https - {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ipp - (no CLSID) - (no file)
O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: local - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: mailto - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: mhtml - {05300401-BCBC-11D0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll
O18 - Protocol: mk - {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll
O18 - Protocol: msdaipp - (no CLSID) - (no file)
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll
O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: pdfFactory Pro 分配器 v2 - FinePrint Software, LLC - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SAVRoam - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

请下载 System Repair Engineer，使用“智能扫描”，按下“扫描”按钮进行扫描，扫描完成后按下“保存报告”按钮保存报告日志文件（SREng.LOG），把保存的报告日志文件内容复制-粘贴上来
下载网址
http://www.kztechs.com/sreng/sreng2.zip
http://forum.ikaka.com/topic.asp?board=67&artid=5188931
日志一次粘不完，分次粘完，请不要修改。

2006-10-09,18:43:56

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <ccApp><"C:\Program Files\Common Files\Symantec Shared\ccApp.exe">  [(Verified)Symantec Corporation]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <vptray><C:\PROGRA~1\SYMANT~1\VPTray.exe>  [(Verified)Symantec Corporation]
    <IntelZeroConfig><"C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe">  [Intel Corporation]
    <IntelWireless><"C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless>  [Intel Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <9><C:\WINDOWS\system32\Ravdm.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\Userinit.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Syncmgr]
    <WinlogonNotify: Syncmgr><C:\WINDOWS\system32\gpr0l39m1.dll>  [N/A]

==================================
启动文件夹
N/A

==================================
服务
[ASP.NET Work State Service / aspwstate]
  <C:\WINDOWS\System32\svchost.exe -k aspwstate-->c:\windows\system32\aspwswin.dll><Microsoft Corporation>
[Symantec Event Manager / ccEvtMgr]
  <"C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"><Symantec Corporation>
[Symantec Password Validation / ccPwdSvc]
  <"C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe"><Symantec Corporation>
[Symantec Settings Manager / ccSetMgr]
  <"C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"><Symantec Corporation>
[Symantec AntiVirus Definition Watcher / DefWatch]
  <"C:\Program Files\Symantec AntiVirus\DefWatch.exe"><Symantec Corporation>
[Intel(R) PROSet/Wireless Event Log / EvtEng]
  <C:\Program Files\Intel\Wireless\Bin\EvtEng.exe><Intel Corporation>
[ewido anti-spyware 4.0 guard / ewido anti-spyware 4.0 guard]
  <d:\Program Files\ewido anti-spyware 4.0\guard.exe><Anti-Malware Development a.s.>
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[NetFrame Wireless Configuration / NFSWZCSVC]
  <C:\WINDOWS\System32\svchost.exe -k NFSWZCSVC-->c:\windows\system32\nfswzwin32.dll><Microsoft Corporation>
[NICCONFIGSVC / NICCONFIGSVC]
  <C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe><Dell Inc.>
[O&O Defrag / O&O Defrag]
  <C:\WINDOWS\system32\oodag.exe><O&O Software GmbH>
[pdfFactory Pro 分配器 v2 / pdfFactory Pro 分配器 v2]
  <"C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe" /service><FinePrint Software, LLC>
[Intel(R) PROSet/Wireless Registry Service / RegSrvc]
  <C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe><Intel Corporation>
[Intel(R) PROSet/Wireless Service / S24EventMonitor]
  <C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe><Intel Corporation>
[SavRoam / SavRoam]
  <"C:\Program Files\Symantec AntiVirus\SavRoam.exe"><symantec>
[Symantec Network Drivers Service / SNDSrvc]
  <"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"><Symantec Corporation>
[Symantec AntiVirus / Symantec AntiVirus]
  <"C:\Program Files\Symantec AntiVirus\Rtvscan.exe"><Symantec Corporation>
[UpdateService / UpdateService]
  <C:\WINDOWS\system32\UpdateService.exe><N/A>

==================================
驱动程序
[AEGIS Protocol (IEEE 802.1x) v3.4.10.0 / AegisP]
  <system32\DRIVERS\AegisP.sys><Meetinghouse Data Communications>
[Appdrv / Appdrv]
  <\??\C:\Program Files\Dell\NICCONFIGSVC\Appdrv.sys><Dell Inc>
[标准 IDE/ESDI 硬盘控制器 / atapi]
  <\SystemRoot\system32\DRIVERS\atapi.sys><N/A>
[d346bus / d346bus]
  <\SystemRoot\system32\DRIVERS\d346bus.sys><>
[d346prt / d346prt]
  <\SystemRoot\System32\Drivers\d346prt.sys><>
[Dvd43 / Dvd43]
  <System32\DRIVERS\Dvd43.sys><Fengtao Software Inc.>
[Intel(R) PRO Adapter Driver / E100B]
  <system32\DRIVERS\e100b325.sys><Intel Corporation>
[ewido anti-spyware 4.0 driver / ewido anti-spyware 4.0 driver]
  <\??\d:\Program Files\ewido anti-spyware 4.0\guard.sys><N/A>
[HSFHWICH / HSFHWICH]
  <system32\DRIVERS\HSFHWICH.sys><Conexant Systems, Inc.>
[HSF_DP / HSF_DP]
  <system32\DRIVERS\HSF_DP.sys><Conexant Systems, Inc.>
[ialm / ialm]
  <system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[Intel Wireless Connection Agent Miniport for Win XP / IWCA]
  <system32\DRIVERS\iwca.sys><Intel Corporation>
[mdmxsdk / mdmxsdk]
  <system32\DRIVERS\mdmxsdk.sys><Conexant>
[NAVENG / NAVENG]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20061002.018\naveng.sys><Symantec Corporation>
[NAVEX15 / NAVEX15]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20061002.018\navex15.sys><Symantec Corporation>
[npkcrypt / npkcrypt]
  <\??\f:\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[nwupspx / nwupspx]
  <\SystemRoot\system32\drivers\nwupspx.sys><N/A>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[WLAN 传输 / s24trans]
  <system32\DRIVERS\s24trans.sys><Intel Corporation>
[SAVRT / SAVRT]
  <\??\C:\Program Files\Symantec AntiVirus\savrt.sys><Symantec Corporation>
[SAVRTPEL / SAVRTPEL]
  <\??\C:\Program Files\Symantec AntiVirus\Savrtpel.sys><Symantec Corporation>
[Secdrv / Secdrv]
  <system32\DRIVERS\secdrv.sys><N/A>
[SNIFFER Protocol Driver / Sniffer]
  <system32\DRIVERS\sniffer.sys><N/A>
[SigmaTel C-Major Audio / STAC97]
  <system32\drivers\STAC97.sys><SigmaTel, Inc.>
[SymEvent / SymEvent]
  <\??\C:\Program Files\Symantec\SYMEVENT.SYS><Symantec Corporation>
[SYMREDRV / SYMREDRV]
  <\SystemRoot\System32\Drivers\SYMREDRV.SYS><Symantec Corporation>
[SYMTDI / SYMTDI]
  <\SystemRoot\System32\Drivers\SYMTDI.SYS><Symantec Corporation>
[Synaptics TouchPad Driver / SynTP]
  <system32\DRIVERS\SynTP.sys><Synaptics, Inc.>
[U3SHLPDR / U3SHLPDR]
  <\??\C:\WINDOWS\System32\Drivers\U3SHLPDR.SYS><N/A>
[用于 Windows XP 的英特尔(R) PRO/无线 2200BG 网络连接驱动程序 / w29n51]
  <system32\DRIVERS\w29n51.sys><Intel? Corporation>

==================================
浏览器加载项
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[卡卡上网安全助手]
  {AFF6E516-CBE5-4F8A-9C2F-38A68013E766} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>

==================================
正在运行的进程
[PID: 1500][C:\Program Files\Common Files\Symantec Shared\ccApp.exe]  [Symantec Corporation, 2.2.0.577]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 2.2.0.577]
    [C:\Program Files\Symantec\LiveUpdate\ProductRegCom.DLL]  [Symantec Corporation, 2.0.39.0]
    [C:\Program Files\Symantec\LiveUpdate\LuComServerPS.DLL]  [Symantec Corporation, 2.0.39.0]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL]  [Symantec Corporation, 2.2.0.577]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL]  [Symantec Corporation, 2.2.0.577]
    [C:\WINDOWS\system32\SYMREDIR.dll]  [Symantec Corporation, 5.3.0.46]
    [C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll]  [Symantec Corporation, 2.2.0.577]
    [C:\Program Files\Symantec AntiVirus\SavEmail.dll]  [Symantec Corporation, 9.0.0.338]
    [C:\Program Files\Common Files\Symantec Shared\ccProSub.dll]  [Symantec Corporation, 2.2.0.577]
[PID: 1648][C:\PROGRA~1\SYMANT~1\VPTray.exe]  [Symantec Corporation, 9.0.0.338]
    [C:\Program Files\Symantec AntiVirus\SAVRT32.DLL]  [Symantec Corporation, 9.3.0.28]
    [C:\Program Files\Symantec AntiVirus\Cliproxy.dll]  [Symantec Corporation, 9.0.0.338]
    [C:\PROGRA~1\SYMANT~1\NAVNTUTL.DLL]  [Symantec Corporation, 9.0.0.338]
    [C:\Program Files\Symantec AntiVirus\Cliscan.dll]  [Symantec Corporation, 9.0.0.338]
[PID: 1092][C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe]  [Intel Corporation, 10, 1, 1, 45]
    [C:\Program Files\Intel\Wireless\bin\PfMgrApi.dll]  [Intel Corporation, 10, 1, 1, 48]
    [C:\Program Files\Intel\Wireless\bin\TraceAPI.DLL]  [Intel Corporation, 10, 1, 1, 5]
    [C:\Program Files\Intel\Wireless\bin\PsRegApi.dll]  [Intel Corporation, 10, 1, 1, 2]
    [C:\Program Files\Intel\Wireless\bin\DbEngine.dll]  [Intel Corporation, 10, 1, 1, 14]
    [C:\Program Files\Intel\Wireless\bin\LIBEAY32.dll]  [N/A, N/A]
    [C:\Program Files\Intel\Wireless\bin\IntStngs.dll]  [, 10, 1, 1, 3]
    [C:\Program Files\Intel\Wireless\bin\MurocApi.dll]  [Intel Corporation, 10, 1, 1, 39]
    [C:\Program Files\Intel\Wireless\bin\S24MUDLL.dll]  [Intel Corporation, 10, 1, 1, 1]
    [C:\Program Files\Intel\Wireless\Bin\ZcSvcCHS.dll]  [Intel Corporation, 10, 1, 1, 45]
[PID: 1076][C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe]  [Intel Corporation, 10, 1, 1, 19]
    [C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll]  [Intel Corporation, 10, 1, 1, 2]
    [C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll]  [N/A, N/A]
    [C:\Program Files\Intel\Wireless\Bin\IntStngs.dll]  [, 10, 1, 1, 3]
    [C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL]  [Intel Corporation, 10, 1, 1, 5]
    [C:\Program Files\Intel\Wireless\Bin\FrWrkCHS.dll]  [Intel Corporation, 10, 1, 1, 19]
    [C:\Program Files\Intel\Wireless\Bin\FrameworkPlugins\ConnMgr.dll]  [Intel Corporation, 10, 1, 1, 164]
    [C:\Program Files\Intel\Wireless\Bin\MurocApi.dll]  [Intel Corporation, 10, 1, 1, 39]
    [C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll]  [Intel Corporation, 10, 1, 1, 1]
    [C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll]  [Intel Corporation, 10, 1, 1, 48]
    [C:\Program Files\Intel\Wireless\Bin\DbEngine.dll]  [Intel Corporation, 10, 1, 1, 14]
    [C:\Program Files\Intel\Wireless\Bin\IntWACHS.dll]  [Intel Corporation, 10, 1, 1, 164]
[PID: 1036][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2604][C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe]  [Intel Corporation, 10, 1, 1, 84]
    [C:\PROGRA~1\Intel\Wireless\Bin\acAuth.dll]  [N/A, 4.0.23.0 2006-03-10 14:49:28]
    [C:\PROGRA~1\Intel\Wireless\Bin\C1XStngs.dll]  [Intel Corporation, 10, 1, 1, 31]
    [C:\PROGRA~1\Intel\Wireless\Bin\PsRegApi.dll]  [Intel Corporation, 10, 1, 1, 2]
    [C:\PROGRA~1\Intel\Wireless\Bin\IntStngs.dll]  [, 10, 1, 1, 3]
    [C:\PROGRA~1\Intel\Wireless\Bin\TraceAPI.DLL]  [Intel Corporation, 10, 1, 1, 5]
    [C:\PROGRA~1\Intel\Wireless\Bin\IWMSPROV.DLL]  [N/A, N/A]
    [C:\Program Files\Intel\Wireless\Bin\C8021CHS.dll]  [Intel Corporation, 10, 1, 1, 31]
    [C:\PROGRA~1\Intel\Wireless\Bin\LSAWRAPI.dll]  [Intel Corporation, 10, 1, 1, 1]
    [C:\PROGRA~1\Intel\Wireless\Bin\PfMgrApi.dll]  [Intel Corporation, 10, 1, 1, 48]
    [C:\PROGRA~1\Intel\Wireless\Bin\DbEngine.dll]  [Intel Corporation, 10, 1, 1, 14]
    [C:\PROGRA~1\Intel\Wireless\Bin\LIBEAY32.dll]  [N/A, N/A]
[PID: 3292][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3492][C:\WINDOWS\explorer.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\guard.tmp]  [N/A, N/A]
    [C:\Program Files\Adobe7.0\Acrobat 7.0\ActiveX\PDFShell.CHS]  [Adobe Systems, Inc., 7.0.0.0]
    [C:\Program Files\Adobe7.0\Acrobat 7.0\Acrobat Elements\ContextMenu.chs]  [Adobe Systems Inc., 7.0.0.2004121400\0]
    [C:\Program Files\Adobe7.0\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll]  [Symantec Corporation, 9.0.0.338]
    [C:\PROGRA~1\WINZIP\WZSHLSTB.DLL]  [WinZip Computing, Inc., 4.1 (32-bit)]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [d:\Program Files\ewido anti-spyware 4.0\context.dll]  [Anti-Malware Development a.s., 4, 0, 0, 172]
[PID: 712][D:\Tools\杀毒修补\sreng2\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  Error. [notepad.exe %1]
.INF  Error. [notepad.exe %1]
.VBS  Error. [wscript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================

我的是dell的笔记本，配置了intel的无线网卡，装了dell自己的应用软件。

现在是经常弹出网页，然后系统进程里面也有几个不对劲。

下午笔记本突然出现死机蓝屏，出现类似硬盘错误的文字提示，没仔细看，吓了一跳。请大侠看看。多谢了。

运行(双击)SRENG2，点“启动项目，服务，点“Win32服务应用程序”
勾选“隐藏微软服务”选中病毒服务ASP.NET Work State Service ,,,NetFrame Wireless Configuration ，选择“删除服务”
点“设置”选择“否”

运行SREng2,使用“启动项目”－－注册表－－选中以下的项删除
C:\WINDOWS\system32\Ravdm.exe
C:\WINDOWS\system32\gpr0l39m1.dll
C:\WINDOWS\system32\guard.tmp

运行SREng2,使用“启动项目”－－注册表－－选中以下的项删除
C:\WINDOWS\system32\Ravdm.exe
C:\WINDOWS\system32\gpr0l39m1.dll
C:\WINDOWS\system32\guard.tmp
c:\windows\system32\aspwswin.dll
c:\windows\system32\nfswzwin32.dll

修复后,还有异常,请重新扫描上来

多谢楼主的解答。

＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃

勾选“隐藏微软服务”选中病毒服务ASP.NET Work State Service ,,,NetFrame Wireless Configuration ，选择“删除服务”
点“设置”选择“否”

＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃

这个已经可以搞定。但是“运行SREng2,使用“启动项目”－－注册表－－选中以下的项删除”，里面没有这个项目啊。具体的看图片。我用的是System Repair Engineer 2.2.6.605版本。


可以看到winlogonNotify中对应的gpr0l39m1.dll，但是死活不让删。

建议追加这几项
打开System Repair Engineer（也就是你的扫描日志软件SREng.exe），使用“系统修复，文件关联，勾选“全选”点“修复”使所有扩展名都恢复正常。

打开System Repair Engineer（也就是你的扫描日志软件SREng.exe），点“启动项目，服务，点“Win32服务应用程序”勾选“隐藏微软服务”选中病毒服务UpdateService，选择“删除服务”点“设置”选择“否”

打开System Repair Engineer（也就是你的扫描日志软件SREng.exe），点“启动项目，服务，点“驱动程序”勾选“隐藏以认证的微软服务”选中病毒服务nwupspx，选择“删除服务”点“设置”选择“否”

重启后删除
C:\WINDOWS\system32\UpdateService.exe
C:\WINDOWS\system32\drivers\nwupspx.sys

楼主，还是不行啊。有广告页面弹出，并且机器变慢，不能够休眠。
另外进程中的spoolsv.exe 总杀不掉。如果正常的话，这个打印进程可以杀掉的啊。

2006-10-09,21:36:03

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <ccApp><"C:\Program Files\Common Files\Symantec Shared\ccApp.exe">  [(Verified)Symantec Corporation]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <vptray><C:\PROGRA~1\SYMANT~1\VPTray.exe>  [(Verified)Symantec Corporation]
    <IntelZeroConfig><"C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe">  [Intel Corporation]
    <IntelWireless><"C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless>  [Intel Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <9><C:\WINDOWS\system32\Ravdm.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\Userinit.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Winlogon]
    <WinlogonNotify: Winlogon><C:\WINDOWS\system32\h62olgf3162.dll>  [N/A]

==================================
启动文件夹
N/A

==================================
服务
[Symantec Event Manager / ccEvtMgr]
  <"C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"><Symantec Corporation>
[Symantec Password Validation / ccPwdSvc]
  <"C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe"><Symantec Corporation>
[Symantec Settings Manager / ccSetMgr]
  <"C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"><Symantec Corporation>
[Symantec AntiVirus Definition Watcher / DefWatch]
  <"C:\Program Files\Symantec AntiVirus\DefWatch.exe"><Symantec Corporation>
[Intel(R) PROSet/Wireless Event Log / EvtEng]
  <C:\Program Files\Intel\Wireless\Bin\EvtEng.exe><Intel Corporation>
[ewido anti-spyware 4.0 guard / ewido anti-spyware 4.0 guard]
  <d:\Program Files\ewido anti-spyware 4.0\guard.exe><Anti-Malware Development a.s.>
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[NICCONFIGSVC / NICCONFIGSVC]
  <C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe><Dell Inc.>
[O&O Defrag / O&O Defrag]
  <C:\WINDOWS\system32\oodag.exe><O&O Software GmbH>
[pdfFactory Pro 分配器 v2 / pdfFactory Pro 分配器 v2]
  <"C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe" /service><FinePrint Software, LLC>
[Intel(R) PROSet/Wireless Registry Service / RegSrvc]
  <C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe><Intel Corporation>
[Intel(R) PROSet/Wireless Service / S24EventMonitor]
  <C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe><Intel Corporation>
[SavRoam / SavRoam]
  <"C:\Program Files\Symantec AntiVirus\SavRoam.exe"><symantec>
[Symantec Network Drivers Service / SNDSrvc]
  <"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"><Symantec Corporation>
[Symantec AntiVirus / Symantec AntiVirus]
  <"C:\Program Files\Symantec AntiVirus\Rtvscan.exe"><Symantec Corporation>

==================================
驱动程序
[AEGIS Protocol (IEEE 802.1x) v3.4.10.0 / AegisP]
  <system32\DRIVERS\AegisP.sys><Meetinghouse Data Communications>
[Appdrv / Appdrv]
  <\??\C:\Program Files\Dell\NICCONFIGSVC\Appdrv.sys><Dell Inc>
[标准 IDE/ESDI 硬盘控制器 / atapi]
  <\SystemRoot\system32\DRIVERS\atapi.sys><N/A>
[d346bus / d346bus]
  <\SystemRoot\system32\DRIVERS\d346bus.sys><>
[d346prt / d346prt]
  <\SystemRoot\System32\Drivers\d346prt.sys><>
[Dvd43 / Dvd43]
  <System32\DRIVERS\Dvd43.sys><Fengtao Software Inc.>
[Intel(R) PRO Adapter Driver / E100B]
  <system32\DRIVERS\e100b325.sys><Intel Corporation>
[ewido anti-spyware 4.0 driver / ewido anti-spyware 4.0 driver]
  <\??\d:\Program Files\ewido anti-spyware 4.0\guard.sys><N/A>
[HSFHWICH / HSFHWICH]
  <system32\DRIVERS\HSFHWICH.sys><Conexant Systems, Inc.>
[HSF_DP / HSF_DP]
  <system32\DRIVERS\HSF_DP.sys><Conexant Systems, Inc.>
[ialm / ialm]
  <system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[Intel Wireless Connection Agent Miniport for Win XP / IWCA]
  <system32\DRIVERS\iwca.sys><Intel Corporation>
[mdmxsdk / mdmxsdk]
  <system32\DRIVERS\mdmxsdk.sys><Conexant>
[NAVENG / NAVENG]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20061002.018\naveng.sys><Symantec Corporation>
[NAVEX15 / NAVEX15]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20061002.018\navex15.sys><Symantec Corporation>
[npkcrypt / npkcrypt]
  <\??\f:\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[WLAN 传输 / s24trans]
  <system32\DRIVERS\s24trans.sys><Intel Corporation>
[SAVRT / SAVRT]
  <\??\C:\Program Files\Symantec AntiVirus\savrt.sys><Symantec Corporation>
[SAVRTPEL / SAVRTPEL]
  <\??\C:\Program Files\Symantec AntiVirus\Savrtpel.sys><Symantec Corporation>
[Secdrv / Secdrv]
  <system32\DRIVERS\secdrv.sys><N/A>
[SNIFFER Protocol Driver / Sniffer]
  <system32\DRIVERS\sniffer.sys><N/A>
[SigmaTel C-Major Audio / STAC97]
  <system32\drivers\STAC97.sys><SigmaTel, Inc.>
[SymEvent / SymEvent]
  <\??\C:\Program Files\Symantec\SYMEVENT.SYS><Symantec Corporation>
[SYMREDRV / SYMREDRV]
  <\SystemRoot\System32\Drivers\SYMREDRV.SYS><Symantec Corporation>
[SYMTDI / SYMTDI]
  <\SystemRoot\System32\Drivers\SYMTDI.SYS><Symantec Corporation>
[Synaptics TouchPad Driver / SynTP]
  <system32\DRIVERS\SynTP.sys><Synaptics, Inc.>
[U3SHLPDR / U3SHLPDR]
  <\??\C:\WINDOWS\System32\Drivers\U3SHLPDR.SYS><N/A>
[用于 Windows XP 的英特尔(R) PRO/无线 2200BG 网络连接驱动程序 / w29n51]
  <system32\DRIVERS\w29n51.sys><Intel? Corporation>
[winachsf / winachsf]
  <system32\DRIVERS\HSF_CNXT.sys><Conexant Systems, Inc.>

==================================

==================================
浏览器加载项
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[卡卡上网安全助手]
  {AFF6E516-CBE5-4F8A-9C2F-38A68013E766} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>

==================================
正在运行的进程
[PID: 144][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Adobe7.0\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [C:\Program Files\Adobe7.0\Acrobat 7.0\ActiveX\PDFShell.CHS]  [Adobe Systems, Inc., 7.0.0.0]
    [C:\PROGRA~1\WINZIP\WZSHLSTB.DLL]  [WinZip Computing, Inc., 4.1 (32-bit)]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll]  [Symantec Corporation, 9.0.0.338]
    [C:\Program Files\Adobe7.0\Acrobat 7.0\Acrobat Elements\ContextMenu.chs]  [Adobe Systems Inc., 7.0.0.2004121400\0]
    [C:\Program Files\UltraEdit\ue32ctmn.dll]  [, 1.0]
    [d:\Program Files\ewido anti-spyware 4.0\context.dll]  [Anti-Malware Development a.s., 4, 0, 0, 172]
    [C:\Program Files\Adobe7.0\Acrobat 7.0\Acrobat Elements\ContextMenu.dll]  [Adobe Systems Inc., 7.0.0.2004121400\0]
[PID: 1936][C:\Program Files\Common Files\Symantec Shared\ccApp.exe]  [Symantec Corporation, 2.2.0.577]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 2.2.0.577]
    [C:\Program Files\Symantec\LiveUpdate\ProductRegCom.DLL]  [Symantec Corporation, 2.0.39.0]
    [C:\Program Files\Symantec\LiveUpdate\LuComServerPS.DLL]  [Symantec Corporation, 2.0.39.0]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL]  [Symantec Corporation, 2.2.0.577]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL]  [Symantec Corporation, 2.2.0.577]
    [C:\WINDOWS\system32\SYMREDIR.dll]  [Symantec Corporation, 5.3.0.46]
    [C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll]  [Symantec Corporation, 2.2.0.577]
    [C:\Program Files\Symantec AntiVirus\SavEmail.dll]  [Symantec Corporation, 9.0.0.338]
    [C:\Program Files\Common Files\Symantec Shared\ccProSub.dll]  [Symantec Corporation, 2.2.0.577]
[PID: 244][C:\PROGRA~1\SYMANT~1\VPTray.exe]  [Symantec Corporation, 9.0.0.338]
    [C:\Program Files\Symantec AntiVirus\SAVRT32.DLL]  [Symantec Corporation, 9.3.0.28]
    [C:\Program Files\Symantec AntiVirus\Cliscan.dll]  [Symantec Corporation, 9.0.0.338]
    [C:\PROGRA~1\SYMANT~1\NAVNTUTL.DLL]  [Symantec Corporation, 9.0.0.338]
    [C:\Program Files\Symantec AntiVirus\Cliproxy.dll]  [Symantec Corporation, 9.0.0.338]
[PID: 424][C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe]  [Intel Corporation, 10, 1, 1, 45]
    [C:\Program Files\Intel\Wireless\bin\PfMgrApi.dll]  [Intel Corporation, 10, 1, 1, 48]
    [C:\Program Files\Intel\Wireless\bin\TraceAPI.DLL]  [Intel Corporation, 10, 1, 1, 5]
    [C:\Program Files\Intel\Wireless\bin\PsRegApi.dll]  [Intel Corporation, 10, 1, 1, 2]
    [C:\Program Files\Intel\Wireless\bin\DbEngine.dll]  [Intel Corporation, 10, 1, 1, 14]
    [C:\Program Files\Intel\Wireless\bin\LIBEAY32.dll]  [N/A, N/A]
    [C:\Program Files\Intel\Wireless\bin\IntStngs.dll]  [, 10, 1, 1, 3]
    [C:\Program Files\Intel\Wireless\bin\MurocApi.dll]  [Intel Corporation, 10, 1, 1, 39]
    [C:\Program Files\Intel\Wireless\bin\S24MUDLL.dll]  [Intel Corporation, 10, 1, 1, 1]
    [C:\Program Files\Intel\Wireless\Bin\ZcSvcCHS.dll]  [Intel Corporation, 10, 1, 1, 45]
[PID: 484][C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe]  [Intel Corporation, 10, 1, 1, 19]
    [C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll]  [Intel Corporation, 10, 1, 1, 2]
    [C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll]  [N/A, N/A]
    [C:\Program Files\Intel\Wireless\Bin\IntStngs.dll]  [, 10, 1, 1, 3]
    [C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL]  [Intel Corporation, 10, 1, 1, 5]
    [C:\Program Files\Intel\Wireless\Bin\FrWrkCHS.dll]  [Intel Corporation, 10, 1, 1, 19]
    [C:\Program Files\Intel\Wireless\Bin\FrameworkPlugins\ConnMgr.dll]  [Intel Corporation, 10, 1, 1, 164]
    [C:\Program Files\Intel\Wireless\Bin\MurocApi.dll]  [Intel Corporation, 10, 1, 1, 39]
    [C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll]  [Intel Corporation, 10, 1, 1, 1]
    [C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll]  [Intel Corporation, 10, 1, 1, 48]
    [C:\Program Files\Intel\Wireless\Bin\DbEngine.dll]  [Intel Corporation, 10, 1, 1, 14]
    [C:\Program Files\Intel\Wireless\Bin\IntWACHS.dll]  [Intel Corporation, 10, 1, 1, 164]
[PID: 500][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1320][C:\WINDOWS\system32\rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\guard.tmp]  [N/A, N/A]
[PID: 3584][C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe]  [Intel Corporation, 10, 1, 1, 84]
    [C:\PROGRA~1\Intel\Wireless\Bin\acAuth.dll]  [N/A, 4.0.23.0 2006-03-10 14:49:28]
    [C:\PROGRA~1\Intel\Wireless\Bin\C1XStngs.dll]  [Intel Corporation, 10, 1, 1, 31]
    [C:\PROGRA~1\Intel\Wireless\Bin\PsRegApi.dll]  [Intel Corporation, 10, 1, 1, 2]
    [C:\PROGRA~1\Intel\Wireless\Bin\IntStngs.dll]  [, 10, 1, 1, 3]
    [C:\PROGRA~1\Intel\Wireless\Bin\TraceAPI.DLL]  [Intel Corporation, 10, 1, 1, 5]
    [C:\PROGRA~1\Intel\Wireless\Bin\IWMSPROV.DLL]  [N/A, N/A]
    [C:\Program Files\Intel\Wireless\Bin\C8021CHS.dll]  [Intel Corporation, 10, 1, 1, 31]
    [C:\PROGRA~1\Intel\Wireless\Bin\LSAWRAPI.dll]  [Intel Corporation, 10, 1, 1, 1]
    [C:\PROGRA~1\Intel\Wireless\Bin\PfMgrApi.dll]  [Intel Corporation, 10, 1, 1, 48]
    [C:\PROGRA~1\Intel\Wireless\Bin\DbEngine.dll]  [Intel Corporation, 10, 1, 1, 14]
    [C:\PROGRA~1\Intel\Wireless\Bin\LIBEAY32.dll]  [N/A, N/A]
[PID: 664][C:\Program Files\Maxthon131\Maxthon.exe]  [Maxthon International Ltd., 1, 5, 6, 42]
    [C:\Program Files\Maxthon131\maxzlib.dll]  [ , 1, 0, 0, 2]
    [C:\Program Files\Maxthon131\Services\RealTime\real_time.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
[PID: 4008][D:\Tools\杀毒修补\sreng2\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================