系统重装过了
杀毒软件和防火墙也已经重装过了
结果重启一下就变成找不到文件了
在安装文件夹下双击也没有反应或者跳出来1秒又关掉了
安全模式下也打不开
求教

用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Mozilla/4.0(Compatible Mozilla/4.0(Compatible-EmbeddedWB 14.58 http://bsalsa.com/ EmbeddedWB- 14.58  from: http://bsalsa.com/ ; Mozilla/4.0(Compatible RogueCleanerEmbeddedWB- 14.58  from: http://bsalsa.com/ )

1.下载“建立安全环境工具”
链接地址：http://bbs.ikaka.com/showtopic-8547280.aspx
2.下载木马群专杀工具专杀：
http://dl.rising.com.cn/DownLoadInfo/VirusTools_More.shtml
3：下载橙色八月专用提取清除工具：
http://dl.rising.com.cn/DownLoadInfo/2008-04-26/1209209418d46489.shtml
使用这些工具后再运行瑞星查杀

到 http://bbs.ikaka.com/showtopic-8442813-1.aspx
下载SReng工具 或者瑞星听诊器
分析一下日志 判断病毒
方便找出专杀

不过要是嫌麻烦可以先试一试楼上的办法 不行再用这个

好像中了很多
用了2楼方法没用
各位大侠帮帮忙吧
日志如下

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <RFWTray><"D:\RFW\RsTray.exe" -system>  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <updater><C:\WINDOWS\system32\updater.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <KKDelay><D:\KAKA\RunOnce.exe>  [(Verified)Beijing Rising Information Technology Corporation Limited]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <{CEBB8F8A-308B-43E9-9789-B6FD6BE1BD97}><C:\WINDOWS\system32\v54M9wWBuNGTf2m.dll>  []
    <{427E02E6-39DB-4424-A49C-7553CD1331F5}><C:\WINDOWS\system32\WcCtgJ4zcxHF.dll>  []
    <{B8898C49-7B3A-4306-A9EF-8E186EDEE5EA}><C:\WINDOWS\system32\Qh6xX7VN48sVPnK.dll>  []
    <{69B265A2-A172-4D27-BDF1-917E6D8B1DCC}><C:\WINDOWS\fonts\jUxfqJDwmfQEHcy2.fon>  []
    <{54DE8BF2-906A-445A-8575-CCB08E809495}><C:\WINDOWS\fonts\sbzjqregd6tch.fon>  []
    <{D6129F8A-6F6E-41D7-BBC9-AC7426759CED}><C:\WINDOWS\system32\w7uds3zyayg9.dll>  []
    <{122B901E-493F-4AD9-BC69-7DE8C3E52FCC}><C:\WINDOWS\system32\122B901E.dll>  []
    <{5405A7B2-F3F5-446F-8715-2A4EF674E079}><C:\WINDOWS\system32\rfpz9wwyy2np.dll>  []
    <{AB900155-F1F0-4165-9E73-67BC13BBCE89}><C:\WINDOWS\system32\xg4hAPNygs29.dll>  []
    <{F1455861-8C40-4095-ABD8-7BEAE5ADF92E}><C:\WINDOWS\system32\Rwad8sdv4e7V8xpKZ.dll>  []
    <{76B9BA7A-81D0-4979-8598-8471F2AB5186}><C:\WINDOWS\system32\76B9BA7A.dll>  []
    <{9726072A-8039-4958-B609-565CF7A16B38}><C:\WINDOWS\system32\JPccCJnKygDdp3.dll>  []
    <{704C3595-DB85-40F6-A601-8D6F346907BD}><C:\WINDOWS\system32\704C3595.dll>  []
    <{08223B03-1B38-4A33-A83A-A4D3CC1D6E4E}><C:\WINDOWS\system32\08223B03.dll>  []
    <{8708994F-1758-4C2C-9A3F-FA22D6CCCB41}><C:\WINDOWS\fonts\A97CRaCB.fon>  []
    <{36AC68E6-0C26-4D39-B98E-54B49DAB6BAA}><C:\WINDOWS\system32\dhDhwS7fFW.dll>  []
    <{1055CA44-51F8-486B-8CBD-DC7AD4213F1E}><C:\WINDOWS\fonts\bQgc5yHMSD4yd.fon>  []
    <{91F5C9DB-ACD1-4812-BAB9-6F5AE433930A}><C:\WINDOWS\fonts\MbsV2QQJe.fon>  []
    <{CD478099-014D-4B3A-A4BB-B518F1019BC7}><C:\WINDOWS\system32\SCEVFJRCmaB7.dll>  []
    <{E0528BDA-C850-4F23-93E4-7F907C1EF30E}><C:\WINDOWS\system32\BRv8dETwEzcN.dll>  []
    <{23DA65D2-C696-4EE4-BEE8-B4841DEC3E30}><C:\WINDOWS\system32\ndxq9awMc.dll>  []
    <{11B10F7F-FB23-466D-BDC3-9591CF02EC17}><C:\WINDOWS\fonts\uXUsF2RrQy.fon>  []
    <{F51687A3-607D-433E-B121-BD950D81E4DD}><C:\WINDOWS\system32\mz9BpCYkEfEa.dll>  []
    <{93DA1E7D-7C46-4F90-8674-EC90511FCA72}><C:\WINDOWS\system32\CDuAUVkGy9.dll>  []
    <{41912A21-4337-4E99-8C30-80A8434B0793}><C:\WINDOWS\system32\zHvqM6hMxwpem.dll>  []
    <{A23CA53C-731F-4033-92E8-C1DFB4E71D34}><C:\WINDOWS\system32\JBn2ypqY23vWX.dll>  []
    <{A5CA6C70-7185-4466-AB45-B1C34E7A37CA}><C:\WINDOWS\system32\ed78ab9.dll>  []
    <{DA112397-5376-4E52-A333-A85284658DEA}><C:\WINDOWS\fonts\NPPVWvYEyCe8H.fon>  []
    <{F8C6B7B5-DAE0-4B78-BF2A-101C9A9CCA27}><C:\WINDOWS\system32\Va7SpUWgCA5f.dll>  []
    <{38FEFE05-702C-440D-AD5C-B796209A1CC5}><C:\WINDOWS\system32\Y4npJWJNr.dll>  []
    <{50EBD6A5-0CF6-4E59-AE08-CCD991AA0596}><C:\WINDOWS\system32\GU6f5sW42mdc.dll>  []
    <{93F33500-527E-4E33-AECA-69B15243A90E}><C:\WINDOWS\system32\cRsAQd4hw.dll>  []
    <{737858A9-9AEA-4838-9B49-54DA731F7F37}><C:\WINDOWS\system32\BMsg6pdMD4ht.dll>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <WebCheck><%SystemRoot%\system32\webcheck.dll>  [(Verified)Microsoft Windows Component Publisher]
    <SysTray><C:\WINDOWS\system32\stobject.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    <WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    <WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    <WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
    <WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    <WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    <WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    <WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    <WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    <WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    <WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
    <浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    <Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360hotfix.exe]
    <IFEO[360hotfix.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360rpt.exe]
    <IFEO[360rpt.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360safe.exe]
    <IFEO[360safe.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360Safebox.exe]
    <IFEO[360Safebox.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360tray.exe]
    <IFEO[360tray.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\agentsvr.exe]
    <IFEO[agentsvr.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\apvxdwin.exe]
    <IFEO[apvxdwin.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ast.exe]
    <IFEO[ast.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avcenter.exe]
    <IFEO[avcenter.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avengine.exe]
    <IFEO[avengine.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgnt.exe]
    <IFEO[avgnt.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avguard.exe]
    <IFEO[avguard.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avltmain.exe]
    <IFEO[avltmain.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp32.exe]
    <IFEO[avp32.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avtask.exe]
    <IFEO[avtask.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdagent.exe]
    <IFEO[bdagent.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdwizreg.exe]
    <IFEO[bdwizreg.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\boxmod.exe]
    <IFEO[boxmod.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccapp.exe]
    <IFEO[ccapp.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccenter.exe]
    <IFEO[ccenter.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccevtmgr.exe]
    <IFEO[ccevtmgr.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccregvfy.exe]
    <IFEO[ccregvfy.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccsetmgr.exe]
    <IFEO[ccsetmgr.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cqw32.exe]
    <IFEO[cqw32.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DrvAnti.exe]
    <IFEO[DrvAnti.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe]
    <IFEO[egui.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ekrn.exe]
    <IFEO[ekrn.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\enc98.EXE]
    <IFEO[enc98.EXE]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\extdb.exe]
    <IFEO[extdb.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\frameworkservice.exe]
    <IFEO[frameworkservice.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\frwstub.exe]
    <IFEO[frwstub.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\guardfield.exe]
    <IFEO[guardfield.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iparmor.exe]
    <IFEO[iparmor.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kaccore.exe]
    <IFEO[kaccore.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kasmain.exe]
    <IFEO[kasmain.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kav32.exe]
    <IFEO[kav32.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kavstart.exe]
    <IFEO[kavstart.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kavsvc.exe]
    <IFEO[kavsvc.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kavsvcui.exe]
    <IFEO[kavsvcui.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kislnchr.exe]
    <IFEO[kislnchr.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kissvc.exe]
    <IFEO[kissvc.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kmailmon.exe]
    <IFEO[kmailmon.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\knownsvr.exe]
    <IFEO[knownsvr.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kpfw32.exe]
    <IFEO[kpfw32.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kpfwsvc.exe]
    <IFEO[kpfwsvc.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kregex.exe]
    <IFEO[kregex.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvfw.exe]
    <IFEO[kvfw.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvmonxp.exe]
    <IFEO[kvmonxp.exe]><ntsd -d>  [N/A]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvmonxp.kxp]
    <IFEO[kvmonxp.kxp]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvol.exe]
    <IFEO[kvol.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvprescan.exe]
    <IFEO[kvprescan.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvsrvxp.exe]
    <IFEO[kvsrvxp.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvwsc.exe]
    <IFEO[kvwsc.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvxp.kxp]
    <IFEO[kvxp.kxp]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kwatch.exe]
    <IFEO[kwatch.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\livesrv.exe]
    <IFEO[livesrv.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcagent.exe]
    <IFEO[mcagent.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcdash.exe]
    <IFEO[mcdash.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcdetect.exe]
    <IFEO[mcdetect.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcshield.exe]
    <IFEO[mcshield.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mctskshd.exe]
    <IFEO[mctskshd.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcvsescn.exe]
    <IFEO[mcvsescn.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcvsshld.exe]
    <IFEO[mcvsshld.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mghtml.exe]
    <IFEO[mghtml.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\naprdmgr.exe]
    <IFEO[naprdmgr.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navapsvc.exe]
    <IFEO[navapsvc.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navapw32.exe]
    <IFEO[navapw32.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navw32.exe]
    <IFEO[navw32.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nmain.exe]
    <IFEO[nmain.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32.exe]
    <IFEO[nod32.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32krn.exe]
    <IFEO[nod32krn.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32kui.exe]
    <IFEO[nod32kui.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\npfmntor.exe]
    <IFEO[npfmntor.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\oasclnt.exe]
    <IFEO[oasclnt.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pavsrv51.exe]
    <IFEO[pavsrv51.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pfw.exe]
    <IFEO[pfw.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\psctrls.exe]
    <IFEO[psctrls.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\psimreal.exe]
    <IFEO[psimreal.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\psimsvc.exe]
    <IFEO[psimsvc.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qqdoctormain.exe]
    <IFEO[qqdoctormain.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ras.exe]
    <IFEO[ras.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ravmon.exe]
    <IFEO[ravmon.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ravmond.exe]
    <IFEO[ravmond.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ravstub.exe]
    <IFEO[ravstub.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ravtask.exe]
    <IFEO[ravtask.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwcfg.exe]
    <IFEO[rfwcfg.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwmain.exe]
    <IFEO[rfwmain.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwproxy.exe]
    <IFEO[rfwproxy.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwsrv.exe]
    <IFEO[rfwsrv.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rsagent.exe]
    <IFEO[rsagent.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rsmain.exe]
    <IFEO[rsmain.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rsnetsvr.exe]
    <IFEO[rsnetsvr.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rssafety.exe]
    <IFEO[rssafety.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RsTray.exe]
    <IFEO[RsTray.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safebank.exe]
    <IFEO[safebank.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safeboxTray.exe]
    <IFEO[safeboxTray.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scan32.exe]
    <IFEO[scan32.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scanfrm.exe]
    <IFEO[scanfrm.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sched.exe]
    <IFEO[sched.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\seccenter.exe]
    <IFEO[seccenter.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\secnotifier.exe]
    <IFEO[secnotifier.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SetupLD.exe]
    <IFEO[SetupLD.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\shstat.exe]
    <IFEO[shstat.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\smartup.exe]
    <IFEO[smartup.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sndsrvc.exe]
    <IFEO[sndsrvc.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spbbcsvc.exe]
    <IFEO[spbbcsvc.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\symlcsvc.exe]
    <IFEO[symlcsvc.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbmon.exe]
    <IFEO[tbmon.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\uihost.exe]
    <IFEO[uihost.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ulibcfg.exe]
    <IFEO[ulibcfg.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\updaterui.exe]
    <IFEO[updaterui.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\uplive.exe]
    <IFEO[uplive.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vcr32.exe]
    <IFEO[vcr32.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vcrmon.exe]
    <IFEO[vcrmon.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vptray.exe]
    <IFEO[vptray.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsserv.exe]
    <IFEO[vsserv.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vstskmgr.exe]
    <IFEO[vstskmgr.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\webproxy.exe]
    <IFEO[webproxy.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\xcommsvr.exe]
    <IFEO[xcommsvr.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\xnlscn.exe]
    <IFEO[xnlscn.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\修复工具.]
    <IFEO[修复工具.]><ntsd -d>  [N/A]

==================================
启动文件夹
N/A

==================================
服务
[6to4 / 6to4][Stopped/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\6to4.dll><N/A>
[Application Management / AppMgmt][Stopped/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
[Contrl Center of Storm Media / ccosm][Stopped/Auto Start]
  <C:\Program Files\StormII\stormliv.exe /asservice><(File is missing)>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Ias / Ias][Stopped/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\Ias.dll><N/A>
[Irmon / Irmon][Stopped/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\Irmon.dll><N/A>
[NWCWorkstation / NWCWorkstation][Stopped/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\NWCWorkstation.dll><N/A>
[Rising RavTask Manager / RavTask][Stopped/Disabled]
  <"D:\Rising\Rav\RavTask.exe" RavTask><Beijing Rising Information Technology Co., Ltd.>
[Rfw Process Communication Center / RfwCCenter][Stopped/Auto Start]
  <D:\RFW\CCENTER.EXE><Beijing Rising Information Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Stopped/Auto Start]
  <D:\RFW\rfwsrv.exe><Beijing Rising Information Technology Co., Ltd.>
[Rising RfwTask Manager / RfwTask][Stopped/Auto Start]
  <"D:\RFW\RavTask.exe" RfwTask><Beijing Rising Information Technology Co., Ltd.>
[Rising Scan Service / RsScanSrv][Stopped/Disabled]
  <D:\Rising\Rav\ScanFrm.exe><Beijing Rising Information Technology Co., Ltd.>
[Portable Media Serial Number Service / WmdmPmSN][Stopped/Manual Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\MsPMSNSv.dll><N/A>
[WmdmPmSp / WmdmPmSp][Stopped/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\WmdmPmSp.dll><N/A>
[Iprip / Iprip][Stopped/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\Iprip.dll><N/A>

==================================
驱动程序
[Microsoft Kernel Acoustic Echo Canceller / aec][Running/Manual Start]
  <system32\drivers\aec.sys><N/A>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AMD AGP Bus Filter Driver / amdagp][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\amdagp.sys><Advanced Micro Devices, Inc.>
[AMD Processor Driver / AmdK8][Running/System Start]
  <system32\DRIVERS\AmdK8.sys><Advanced Micro Devices>
[AMD Low Level Device Driver / AmdLLD][Stopped/Manual Start]
  <system32\DRIVERS\AmdLLD.sys><AMD, Inc.>
[RAS Asynchronous Media Driver / AsyncMac][Stopped/Manual Start]
  <system32\DRIVERS\asyncmac.sys><N/A>
[Dritek Keyboard Filter Driver / DKbFltr][Running/Manual Start]
  <system32\DRIVERS\DKbFltr.sys><Dritek System Inc.>
[VIA Rhine-Family Fast-Ethernet Adapter Driver Service / FET5X86V][Running/Manual Start]
  <system32\DRIVERS\fetnd5bv.sys><VIA Technologies, Inc.>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Stopped/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[hookcont / hookcont][Stopped/System Start]
  <system32\drivers\HookCont.sys><N/A>
[hooksys / hooksys][Stopped/System Start]
  <system32\drivers\HookSys.sys><N/A>
[hptpro / hptpro][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\hptpro.sys><HighPoint Technologies, Inc.>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Rising RfwBase Driver / RfwBase9][Running/Manual Start]
  <system32\DRIVERS\rfwbase.sys><Beijing Rising Information Technology Co., Ltd.>
[rfwtdi / rfwtdi][Running/Auto Start]
  <\??\D:\RFW\rfwtdi.sys><Beijing Rising Information Technology Co., Ltd.>
[rsfwdrv / rsfwdrv][Running/System Start]
  <\??\D:\RFW\rsfwdrv.sys><Beijing Rising Information Technology Co., Ltd.>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[SATALink driver accelerator / SiFilter][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\SiWinAcc.sys><Silicon Image, Inc.>
[SATALink External Device Filter / SiRemFil][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[VIA AGP Filter / viaagp1][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\viaagp1.sys><VIA Technologies, Inc.>
[viagfx / viagfx][Running/Manual Start]
  <system32\DRIVERS\vtmini.sys><Copyright (C) VIA/S3 Graphics Co, Ltd.>
[ViBus / ViBus][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\ViBus.sys><VIA Technologies, Inc.>
[videX32 / videX32][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\videX32.sys><VIA Technologies, Inc.>
[VIA SATA IDE Device Driver / ViPrt][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\ViPrt.sys><VIA Technologies, Inc.>
[WmiSvc / WmiSvc][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\WmiSvc.sys><N/A>
[rspp / rspp][Stopped/System Start]
  <\??\C:\WINDOWS\system32\Drivers\Rspp.sys><Beijing Rising Information Technology Co., Ltd.>
[pcidump / pcidump][Running/Disabled]
  <\??\C:\WINDOWS\system32\drivers\pcidump.sys><N/A>

==================================
浏览器加载项
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <E:\迅雷\ComDlls\TDAtOnce_Now.dll, N/A>
[]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <, >
[信息检索(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL, (Signed) Microsoft Corporation>
[]
  {e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, (Signed) N/A>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <E:\迅雷\ComDlls\TDAtOnce_Now.dll, N/A>
[]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <, >
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx, (Signed) Adobe Systems, Inc.>
[]
  {E2E2DD38-D088-4134-82B7-F2BA38496583} <, >
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000, N/A>

==================================
正在运行的进程
[PID: 808][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 864][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 888][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
[PID: 932][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
[PID: 944][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1108][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
[PID: 1176][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
[PID: 1320][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\System32\COMRes.dll]  [N/A, ]
    [c:\windows\system32\iprip.dll]  [N/A, ]
    [C:\WINDOWS\system32\v54M9wWBuNGTf2m.dll]  [N/A, ]
    [C:\WINDOWS\system32\WcCtgJ4zcxHF.dll]  [N/A, ]
    [C:\WINDOWS\system32\Qh6xX7VN48sVPnK.dll]  [N/A, ]
    [C:\WINDOWS\fonts\jUxfqJDwmfQEHcy2.fon]  [N/A, ]
    [C:\WINDOWS\fonts\sbzjqregd6tch.fon]  [N/A, ]
    [C:\WINDOWS\system32\w7uds3zyayg9.dll]  [N/A, ]
    [C:\WINDOWS\system32\122B901E.dll]  [N/A, ]
    [C:\WINDOWS\system32\rfpz9wwyy2np.dll]  [N/A, ]
    [C:\WINDOWS\system32\xg4hAPNygs29.dll]  [N/A, ]
    [C:\WINDOWS\system32\Rwad8sdv4e7V8xpKZ.dll]  [N/A, ]
    [C:\WINDOWS\system32\76B9BA7A.dll]  [N/A, ]
    [C:\WINDOWS\system32\JPccCJnKygDdp3.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\fonts\A97CRaCB.fon]  [N/A, ]
    [C:\WINDOWS\system32\dhDhwS7fFW.dll]  [N/A, ]
    [C:\WINDOWS\fonts\bQgc5yHMSD4yd.fon]  [N/A, ]
    [C:\WINDOWS\fonts\MbsV2QQJe.fon]  [N/A, ]
    [C:\WINDOWS\system32\SCEVFJRCmaB7.dll]  [N/A, ]
    [C:\WINDOWS\system32\BRv8dETwEzcN.dll]  [N/A, ]
    [C:\WINDOWS\system32\ndxq9awMc.dll]  [N/A, ]
    [C:\WINDOWS\fonts\uXUsF2RrQy.fon]  [N/A, ]
    [C:\WINDOWS\system32\mz9BpCYkEfEa.dll]  [N/A, ]
    [C:\WINDOWS\system32\CDuAUVkGy9.dll]  [N/A, ]
    [C:\WINDOWS\system32\zHvqM6hMxwpem.dll]  [N/A, ]
    [C:\WINDOWS\system32\JBn2ypqY23vWX.dll]  [N/A, ]
    [C:\WINDOWS\system32\ed78ab9.dll]  [N/A, ]
    [C:\WINDOWS\fonts\NPPVWvYEyCe8H.fon]  [N/A, ]
    [C:\WINDOWS\system32\Va7SpUWgCA5f.dll]  [N/A, ]
    [C:\WINDOWS\system32\Y4npJWJNr.dll]  [N/A, ]
    [C:\WINDOWS\system32\GU6f5sW42mdc.dll]  [N/A, ]
    [C:\WINDOWS\system32\cRsAQd4hw.dll]  [N/A, ]
    [C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
[PID: 1372][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1432][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
[PID: 1788][C:\WINDOWS\explorer.exe]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
    [C:\WINDOWS\system32\v54M9wWBuNGTf2m.dll]  [N/A, ]
    [C:\WINDOWS\system32\WcCtgJ4zcxHF.dll]  [N/A, ]
    [C:\WINDOWS\system32\Qh6xX7VN48sVPnK.dll]  [N/A, ]
    [C:\WINDOWS\fonts\jUxfqJDwmfQEHcy2.fon]  [N/A, ]
    [C:\WINDOWS\fonts\sbzjqregd6tch.fon]  [N/A, ]
    [C:\WINDOWS\system32\w7uds3zyayg9.dll]  [N/A, ]
    [C:\WINDOWS\system32\122B901E.dll]  [N/A, ]
    [C:\WINDOWS\system32\rfpz9wwyy2np.dll]  [N/A, ]
    [C:\WINDOWS\system32\xg4hAPNygs29.dll]  [N/A, ]
    [C:\WINDOWS\system32\Rwad8sdv4e7V8xpKZ.dll]  [N/A, ]
    [C:\WINDOWS\system32\76B9BA7A.dll]  [N/A, ]
    [C:\WINDOWS\system32\JPccCJnKygDdp3.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\fonts\A97CRaCB.fon]  [N/A, ]
    [C:\WINDOWS\system32\dhDhwS7fFW.dll]  [N/A, ]
    [C:\WINDOWS\fonts\bQgc5yHMSD4yd.fon]  [N/A, ]
    [C:\WINDOWS\fonts\MbsV2QQJe.fon]  [N/A, ]
    [C:\WINDOWS\system32\SCEVFJRCmaB7.dll]  [N/A, ]
    [C:\WINDOWS\system32\BRv8dETwEzcN.dll]  [N/A, ]
    [C:\WINDOWS\system32\ndxq9awMc.dll]  [N/A, ]
    [C:\WINDOWS\fonts\uXUsF2RrQy.fon]  [N/A, ]
    [C:\WINDOWS\system32\mz9BpCYkEfEa.dll]  [N/A, ]
    [C:\WINDOWS\system32\CDuAUVkGy9.dll]  [N/A, ]
    [C:\WINDOWS\system32\zHvqM6hMxwpem.dll]  [N/A, ]
    [C:\WINDOWS\system32\JBn2ypqY23vWX.dll]  [N/A, ]
    [C:\WINDOWS\system32\ed78ab9.dll]  [N/A, ]
    [C:\WINDOWS\fonts\NPPVWvYEyCe8H.fon]  [N/A, ]
    [C:\WINDOWS\system32\Va7SpUWgCA5f.dll]  [N/A, ]
    [C:\WINDOWS\system32\Y4npJWJNr.dll]  [N/A, ]
    [C:\WINDOWS\system32\GU6f5sW42mdc.dll]  [N/A, ]
    [C:\WINDOWS\system32\cRsAQd4hw.dll]  [N/A, ]
    [C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
    [C:\WINDOWS\system32\msi.dll]  [Microsoft Corporation, 4.5.6001.22159]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
[PID: 1868][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
[PID: 1912][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp.tmp]  [N/A, ]
    [C:\WINDOWS\system32\Qh6xX7VN48sVPnK.dll]  [N/A, ]
    [C:\WINDOWS\system32\WcCtgJ4zcxHF.dll]  [N/A, ]
    [C:\WINDOWS\fonts\bQgc5yHMSD4yd.fon]  [N/A, ]
    [C:\WINDOWS\fonts\A97CRaCB.fon]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
    [C:\WINDOWS\system32\JPccCJnKygDdp3.dll]  [N/A, ]
    [C:\WINDOWS\system32\76B9BA7A.dll]  [N/A, ]
    [C:\WINDOWS\system32\Rwad8sdv4e7V8xpKZ.dll]  [N/A, ]
    [C:\WINDOWS\system32\xg4hAPNygs29.dll]  [N/A, ]
    [C:\WINDOWS\fonts\sbzjqregd6tch.fon]  [N/A, ]
    [C:\WINDOWS\fonts\uXUsF2RrQy.fon]  [N/A, ]
    [C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
    [C:\WINDOWS\system32\cRsAQd4hw.dll]  [N/A, ]
    [C:\WINDOWS\system32\GU6f5sW42mdc.dll]  [N/A, ]
    [C:\WINDOWS\system32\Y4npJWJNr.dll]  [N/A, ]
    [C:\WINDOWS\system32\Va7SpUWgCA5f.dll]  [N/A, ]
    [C:\WINDOWS\system32\JBn2ypqY23vWX.dll]  [N/A, ]
[PID: 432][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
    [C:\WINDOWS\system32\cRsAQd4hw.dll]  [N/A, ]
    [C:\WINDOWS\system32\GU6f5sW42mdc.dll]  [N/A, ]
    [C:\WINDOWS\system32\Y4npJWJNr.dll]  [N/A, ]
    [C:\WINDOWS\system32\Va7SpUWgCA5f.dll]  [N/A, ]
    [C:\WINDOWS\system32\JBn2ypqY23vWX.dll]  [N/A, ]
    [C:\WINDOWS\fonts\uXUsF2RrQy.fon]  [N/A, ]
    [C:\WINDOWS\fonts\bQgc5yHMSD4yd.fon]  [N/A, ]
    [C:\WINDOWS\fonts\A97CRaCB.fon]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
    [C:\WINDOWS\system32\JPccCJnKygDdp3.dll]  [N/A, ]
    [C:\WINDOWS\system32\76B9BA7A.dll]  [N/A, ]
    [C:\WINDOWS\system32\Rwad8sdv4e7V8xpKZ.dll]  [N/A, ]
    [C:\WINDOWS\system32\xg4hAPNygs29.dll]  [N/A, ]
    [C:\WINDOWS\fonts\sbzjqregd6tch.fon]  [N/A, ]
    [C:\WINDOWS\system32\Qh6xX7VN48sVPnK.dll]  [N/A, ]
    [C:\WINDOWS\system32\WcCtgJ4zcxHF.dll]  [N/A, ]
[PID: 408][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\System32\COMRes.dll]  [N/A, ]
[PID: 860][C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE]  [Microsoft Corporation, 7.00.9466]
    [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\2052\mdmui.dll]  [Microsoft Corporation, 7.00.9466]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
    [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MSDBG2.DLL]  [Microsoft Corporation, 7.00.9466]
[PID: 288][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 3060][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
    [C:\WINDOWS\system32\cRsAQd4hw.dll]  [N/A, ]
    [C:\WINDOWS\system32\GU6f5sW42mdc.dll]  [N/A, ]
    [C:\WINDOWS\system32\Y4npJWJNr.dll]  [N/A, ]
    [C:\WINDOWS\system32\Va7SpUWgCA5f.dll]  [N/A, ]
    [C:\WINDOWS\system32\JBn2ypqY23vWX.dll]  [N/A, ]
    [C:\WINDOWS\fonts\uXUsF2RrQy.fon]  [N/A, ]
    [C:\WINDOWS\fonts\bQgc5yHMSD4yd.fon]  [N/A, ]
    [C:\WINDOWS\fonts\A97CRaCB.fon]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
    [C:\WINDOWS\system32\JPccCJnKygDdp3.dll]  [N/A, ]
    [C:\WINDOWS\system32\76B9BA7A.dll]  [N/A, ]
    [C:\WINDOWS\system32\Rwad8sdv4e7V8xpKZ.dll]  [N/A, ]
    [C:\WINDOWS\system32\xg4hAPNygs29.dll]  [N/A, ]
    [C:\WINDOWS\fonts\sbzjqregd6tch.fon]  [N/A, ]
    [C:\WINDOWS\system32\Qh6xX7VN48sVPnK.dll]  [N/A, ]
    [C:\WINDOWS\system32\WcCtgJ4zcxHF.dll]  [N/A, ]
[PID: 924][c:\program files\internet explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
    [C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
    [C:\WINDOWS\system32\cRsAQd4hw.dll]  [N/A, ]
    [C:\WINDOWS\system32\GU6f5sW42mdc.dll]  [N/A, ]
    [C:\WINDOWS\system32\Y4npJWJNr.dll]  [N/A, ]
    [C:\WINDOWS\system32\Va7SpUWgCA5f.dll]  [N/A, ]
    [C:\WINDOWS\system32\JBn2ypqY23vWX.dll]  [N/A, ]
    [C:\WINDOWS\fonts\uXUsF2RrQy.fon]  [N/A, ]
    [C:\WINDOWS\fonts\bQgc5yHMSD4yd.fon]  [N/A, ]
    [C:\WINDOWS\fonts\A97CRaCB.fon]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
    [C:\WINDOWS\system32\JPccCJnKygDdp3.dll]  [N/A, ]
    [C:\WINDOWS\system32\76B9BA7A.dll]  [N/A, ]
    [C:\WINDOWS\system32\Rwad8sdv4e7V8xpKZ.dll]  [N/A, ]
    [C:\WINDOWS\system32\xg4hAPNygs29.dll]  [N/A, ]
    [C:\WINDOWS\fonts\sbzjqregd6tch.fon]  [N/A, ]
    [C:\WINDOWS\system32\Qh6xX7VN48sVPnK.dll]  [N/A, ]
    [C:\WINDOWS\system32\WcCtgJ4zcxHF.dll]  [N/A, ]
    [C:\WINDOWS\system32\BRv8dETwEzcN.dll]  [N/A, ]
    [C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx]  [Adobe Systems, Inc., 10,0,22,87]
    [C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 120]
    [C:\WINDOWS\system32\SOGOUPY.IME]  [Sogou.com Inc., 4.1.0.2303]
[PID: 3504][C:\Documents and Settings\Administrator\桌面\sreng2[1].71.1261版\sr-engldr.EXE]  [Smallfrogs Studio, 2.7.1.1261]
[PID: 3588][C:\Documents and Settings\Administrator\桌面\sreng2[1].71.1261版\SRE759769c.EXE]  [Smallfrogs Studio, 2.7.1.1261]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
    [C:\WINDOWS\system32\cRsAQd4hw.dll]  [N/A, ]
    [C:\WINDOWS\system32\GU6f5sW42mdc.dll]  [N/A, ]
    [C:\WINDOWS\system32\Y4npJWJNr.dll]  [N/A, ]
    [C:\WINDOWS\system32\Va7SpUWgCA5f.dll]  [N/A, ]
    [C:\WINDOWS\system32\JBn2ypqY23vWX.dll]  [N/A, ]
    [C:\WINDOWS\fonts\uXUsF2RrQy.fon]  [N/A, ]
    [C:\WINDOWS\fonts\bQgc5yHMSD4yd.fon]  [N/A, ]
    [C:\WINDOWS\fonts\A97CRaCB.fon]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
    [C:\WINDOWS\system32\JPccCJnKygDdp3.dll]  [N/A, ]
    [C:\WINDOWS\system32\76B9BA7A.dll]  [N/A, ]
    [C:\WINDOWS\system32\Rwad8sdv4e7V8xpKZ.dll]  [N/A, ]
    [C:\WINDOWS\system32\xg4hAPNygs29.dll]  [N/A, ]
    [C:\WINDOWS\fonts\sbzjqregd6tch.fon]  [N/A, ]
    [C:\WINDOWS\system32\Qh6xX7VN48sVPnK.dll]  [N/A, ]
    [C:\WINDOWS\system32\WcCtgJ4zcxHF.dll]  [N/A, ]
    [C:\WINDOWS\system32\BRv8dETwEzcN.dll]  [N/A, ]
    [C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\Documents and Settings\Administrator\桌面\sreng2[1].71.1261版\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
进程特权扫描
特殊特权被允许： SeDebugPrivilege [PID = 3504, C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\SRENG2[1].71.1261版\SR-ENGLDR.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 3504, C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\SRENG2[1].71.1261版\SR-ENGLDR.EXE]

==================================
计划任务
[已启用] SogouImeMgr.job
        C:\PROGRA~1\SOGOUI~1\410~1.230\PinyinRepair.exe

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================

很长  分了3次发
在线等

病毒文件确实很多，手动处理起来可能比较麻烦
试试用winpe引导杀毒http://bbs.ikaka.com/showtopic-8561485.aspx

下载一个AV终结者的专杀试一下,在安全模式下杀

日志分析结果：
杀毒软件、360卫士被劫持  ，你电脑里装了瑞星和金山的软件？

C:\WINDOWS\system32\目录下的系统文件userinit.exe、appmgmts.dll被病毒更改
部分病毒文件：
Ias.dll
Irmon.dll
NWCWorkstation.dll
MsPMSNSv.dll
WmdmPmSp.dll
Iprip.dll

进程里被插入太多病毒文件