系统XP

前两天卡巴突然很奇怪的出问题
然后就在右下角的托盘区消失了
可进程还在 而且还不能关闭 “拒绝访问”
这之后系统速度越来越慢
今天晚上还不能浏览网页和上QQ了
前者提示找不到服务器 后者提示QQ.EXE出了什么问题
我上RISING.COM查了一下
有7 8种五花八门的病毒 木马的说
然后我把系统切到WIN2000 用那边的江民和灰鸽子专杀查杀
切回XP后 还是不能浏览
我调出进程 看到一个叫VIPTRAY.EXE的奇怪东东
马上把它OFF掉
然后就可以浏览了
可是速度减慢了N倍
我又到安全模式下把这个文件DELETE掉
结果速度提升了
网页却不能浏览了
而且会提示SVCHOST和EXPLORER错误的
更可怕的是 提示完错误系统就不行了
很少看到XP这样惨的
无数次重启后我知道这样没意义了
又回到安全模式 用超级兔子做了完整的修复
结果一点没变 就是系统在提示完错误后不会死了
然后我有用WinsockxpFix 不管用
我又试验了一下QQ 结果发现每次开始登录这个进程就OFF了

2006-07-12,22:06:49

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><D:\WINDOWS\system32\ctfmon.exe>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
    <run><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <SoundMAXPnP><D:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe>  [Analog Devices, Inc.]
    <SoundMAX><"D:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray>  [Analog Devices, Inc.]
    <BigDogPath><D:\WINDOWS\VM_STI.EXE USB PC Camera 301P>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><D:\WINDOWS\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><D:\Documents and Settings\Luke\桌面\Pooh with friends.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    <WinlogonNotify: AtiExtEvent><Ati2evxx.dll>  [ATI Technologies Inc.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <AddrPlus2><; RUNDLL32.EXE D:\PROGRA~1\TENCENT\AddrPlus\QAHook1.dll,Rundll32>  []
    <AddrPlus3><; D:\PROGRA~1\TENCENT\AddrPlus\Runner.exe D:\PROGRA~1\TENCENT\AddrPlus\QAHook1.dll Rundll32>  []
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><; D:\WINDOWS\system32\ctfmon.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><; "D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [Microsoft Corporation]
    <IMSCMig><; D:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [Microsoft Corporation]
    <KAVPersonal50><; "D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize>  []
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <LDM><; D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe>  []
    <LetsCool><; D:\Program Files\LetsCool\LetsCool.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <LogitechVideoRepair><; D:\Program Files\Logitech\Video\ISStart.exe>  []
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <MSMSGS><; "D:\Program Files\Messenger\msmsgs.exe" /background>  [Microsoft Corporation]
    <msq><; D:\WINDOWS\system32\msq.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <MSService_v1.0><; D:\WINDOWS\system\servicess.exe>  []
    <mynewpad><; D:\Program Files\Handpad\mynewpad.exe>  [Ping-IT Computer System Inc.]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <MyShares><; d:\program Files\易虎\MyShares.exe /tray>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <PHIME2002A><; D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [Microsoft Corporation]
    <PHIME2002ASync><; D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [Microsoft Corporation]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <RegBar><; regsvr32.exe /u D:\progra~1\blogmark\bocaitoolbar.dll /s /i /n>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <RoxioAudioCentral><; "D:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe">  [Roxio, Inc.]
    <RoxioDragToDisc><; "D:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe">  [Roxio]
    <RoxioEngineUtility><; "D:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe">  [Roxio]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <SDO2005><; D:\Program Files\盛大圈圈\SDOClient.exe>  [上海盛大网络发展有限公司]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <spoolsv><; D:\WINDOWS\system32\spoolsv\spoolsv.exe -printer>  []
    <StatusClient><; D:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto>  [Hewlett-Packard]
    <StormCodec_Helper><; "c:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>  []
    <SunJavaUpdateSched><; D:\Program Files\Java\jre1.5.0_04\bin\jusched.exe>  [Sun Microsystems, Inc.]
    <supdate2.dll><; RUNDLL32.EXE D:\WINDOWS\system32\supdate2.dll,Run>  []
    <Symantec NetDriver Monitor><; D:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer>  [Symantec Corporation]
    <Thunder><; "D:\Program Files\Thunder Network\Thunder\ThunderShell.exe" /s>  []
    <ThunderMini><; D:\Program Files\Thunder Network\ThunderMini\ThunderMiniShell.exe>  []
    <TkBellExe><; "D:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <TomcatStartup><; D:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe>  [Hewlett-Packard]
    <Ulead Video@Home Scheduling Wizard><; D:\Program Files\Ulead Systems\Ulead Video@Home 2.0\monitor.exe>  [Ulead Systems, Inc.]
    <WangWang><; "D:\Program Files\淘宝网\淘宝旺旺\WangWang.EXE">  [淘宝（中国）软件有限公司]
    <Windows木马防火墙><; D:\Program Files\ftc\Trojanwall.exe>  []
    <yassistse><; "D:\PROGRA~1\Yahoo!\Assistant\yassistse.exe">  []
    <YLive.exe><; D:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe>  []
    <YOKAssiant><; Rundll32.exe D:\PROGRA~1\YOK.com\SUPERS~1\YOK_SuperSearch.dll,YOKAssiant>  []
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <词霸Online自启动><; D:\Program Files\Kingsoft\iciba\Iciba.exe>  []

==================================
启动文件夹
服务
[Adobe LM Service / Adobe LM Service]
  <"D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[Ati HotKey Poller / Ati HotKey Poller]
  <D:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[ATI Smart / ATI Smart]
  <D:\WINDOWS\system32\ati2sgag.exe><>
[Macromedia Licensing Service / Macromedia Licensing Service]
  <"D:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe"><N/A>
[Pml Driver HPZ12 / Pml Driver HPZ12]
  <D:\WINDOWS\system32\HPZipm12.exe><HP>
[Symantec Network Drivers Service / SNDSrvc]
  <"D:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"><Symantec Corporation>
[SoundMAX Agent Service / SoundMAX Agent Service (default)]
  <D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe><Analog Devices, Inc.>
[windows / windows]
  <D:\Program Files\Windows NT\htrn_jis_nhv.exe><N/A>

==================================
浏览器加载项
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <e:\Program Files\Tencent\qq\QQ.EXE, TENCENT>
[CEditCtrl Object]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <D:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com>
[Java Plug-in 1.5.0_04]
  {8AD9C840-044E-11D1-B3E9-00805F499D93} <D:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll, Sun Microsystems, Inc.>
[]
  {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} <D:\WINDOWS\system32\macromed\download\Download.dll, Macromedia, Inc.>
[Java Plug-in 1.5.0_04]
  {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} <D:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll, Sun Microsystems, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <D:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[Rising Web Scan Object]
  {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <D:\WINDOWS\Downloaded Program Files\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <D:\WINDOWS\system32\xunleibho_v13.dll, N/A>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, N/A>
[实用搜索]
  {15ADF205-4C54-4CFE-AC88-1EA0BA6D06A0} <, N/A>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <D:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <D:\WINDOWS\system32\dllcache\dhtmled.ocx, Microsoft Corporation>
[RealPlayer RAM Download Handler]
  {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <D:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[IETag Factory]
  {38481807-CA0E-42D2-BF39-B33AF135CC4D} <D:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL, Microsoft Corporation>
[NaviHelperObj Class]
  {3E422F49-1566-40D3-B43D-077EF739AC32} <D:\WINDOWS\system32\NaviHelper.dll, TODO: <公司名>>
[KmediaHelper Class]
  {42D25F15-CF07-4A72-B191-DB0792BF310C} <D:\WINDOWS\system32\Kmedia.dll, Kmedia>
[CEditCtrl Object]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <D:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com>
[AdsHlpObj Class]
  {49A94665-B1F5-4F05-B9C7-FB6E336E49BD} <D:\WINDOWS\system32\AdsObj.dll, N/A>
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <D:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[SAVCtrl Control]
  {54515250-473C-413E-8194-A18D367E8936} <D:\WINDOWS\system32\SAVCtrl.ocx, 上海盛大网络发展有限公司>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <D:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Active Desktop Mover]
  {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[Windows Media Services DRM Storage object]
  {760C4B83-E211-11D2-BF3E-00805FBE84A6} <D:\WINDOWS\system32\drmstor.dll, Microsoft Corporation>
[MediaComm Class]
  {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <D:\Program Files\Thunder Network\ThunderMini\Components\InMedia\MediaAddin04.dll, N/A>
[搜虎]
  {7A38130D-BEB7-4D60-BE7A-4C4AB6A85CD1} <, N/A>
[AdsObj2 Class]
  {7DDEA238-3E32-43FD-8223-A5E15D9666FF} <D:\WINDOWS\system32\AdsHlp2.dll, N/A>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <D:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_001.dll, Thunder Networking Technologies,LTD>
[Java Plug-in 1.5.0_04]
  {8AD9C840-044E-11D1-B3E9-00805F499D93} <D:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll, Sun Microsystems, Inc.>
[ThunderMini Browser Helper]
  {8E6C1C49-F9CE-4311-9FB4-D70E8B0AEAEB} <D:\Program Files\Thunder Network\ThunderMini\ComDlls\XunLeiMiniBHO_002.dll, N/A>
[Qzone Media Tools]
  {AC3A36A8-9BFF-410A-A33D-2279FFEB69D2} <e:\PROGRA~1\Tencent\qq\VQQPLA~1.OCX, Tencent Technology (Shenzhen) Company Limited>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <D:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Messenger Object]
  {B69003B3-C55E-4B48-836C-BC5946FC3B28} <D:\Program Files\Messenger\msgsc.dll, Microsoft Corporation>
[AUDIO__MID Moniker Class]
  {CD3AFA74-B84F-48F0-9393-7EDC34128127} <D:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <D:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <D:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <D:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <D:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <D:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[Rising Web Scan Object]
  {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <D:\WINDOWS\Downloaded Program Files\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[Letscool System Helper]
  {F0C15012-7DBD-4068-95A2-0A82DB03AC35} <D:\WINDOWS\system32\CoolBho.dll, LETSCOOL Network Technology>
[google bar]
  {F651FCAA-F826-4922-8990-C6F99CC67AFC} <D:\WINDOWS\Win32ef.dll, N/A>
[上传到QQ网络硬盘]
  <E:\Program Files\Tencent\qq\AddToNetDisk.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
  <E:\Program Files\Tencent\qq\AddPanel.htm, N/A>
[添加到QQ表情]
  <E:\Program Files\Tencent\qq\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <E:\Program Files\Tencent\qq\SendMMS.htm, N/A>

==================================
正在运行的进程
[PID: 452][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 500][\??\D:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 524][\??\D:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [D:\WINDOWS\system32\Ati2evxx.dll]  <ATI Technologies Inc.><6.14.10.4109>
[PID: 568][D:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 580][D:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 728][D:\WINDOWS\system32\Ati2evxx.exe]  <ATI Technologies Inc.><6.14.10.4109>
    [D:\WINDOWS\system32\Ati2edxx.dll]  <ATI Technologies, Inc.><6, 14, 10, 2495>
[PID: 744][D:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 812][D:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 872][D:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 968][D:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1016][D:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1216][D:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)>
    [D:\WINDOWS\system32\HPBMMON.DLL]  <Hewlett-Packard><10.00.16>
    [D:\WINDOWS\system32\hppamon0.dll]  <HP><5, 0, 5, 0>
    [D:\WINDOWS\system32\hpdomon.dll]  <Hewlett-Packard><03.42.00>
    [D:\WINDOWS\system32\HPBHealr.dll]  <N/A><N/A>
    [D:\WINDOWS\System32\spool\PRTPROCS\W32X86\IMFPrint.DLL]  <Zenographics, Inc.><5, 54, 330, 0>
    [D:\WINDOWS\system32\Imf32.dll]  <Zenographics, Inc.><5, 60, 1204, 0>
    [D:\WINDOWS\system32\ZTAG32.dll]  <Zenographics, Inc.><5, 60, 1210, 0>
    [D:\WINDOWS\system32\ZSPOOL.dll]  <Zenographics, Inc.><5, 51, 709, 0>
    [D:\WINDOWS\System32\spool\PRTPROCS\W32X86\vprproc.dll]  <Windows (R) 2000 DDK provider><5.00.2195.1620>
[PID: 1592][D:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE]  <Microsoft Corporation><7.00.9466>
[PID: 1720][D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe]  <Analog Devices, Inc.><3, 2, 6, 0>
[PID: 1748][D:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 228][D:\WINDOWS\system32\Ati2evxx.exe]  <ATI Technologies Inc.><6.14.10.4109>
    [D:\WINDOWS\system32\Ati2edxx.dll]  <ATI Technologies, Inc.><6, 14, 10, 2495>
[PID: 1080][D:\WINDOWS\Explorer.EXE]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 416][D:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe]  <Analog Devices, Inc.><4, 0, 4, 11>
    [D:\Program Files\Analog Devices\SoundMAX\SMWDMIF.dll]  <Analog Device, Inc.><1, 0, 22, 26>
[PID: 472][D:\Program Files\Analog Devices\SoundMAX\Smax4.exe]  <Analog Devices, Inc.><4, 0, 4, 25>
[PID: 480][D:\WINDOWS\VM_STI.EXE]  <VM.><4.2.610.4>
    [D:\WINDOWS\system32\msdmo.dll]  <N/A><N/A>
[PID: 492][D:\WINDOWS\system32\ctfmon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1316][D:\Program Files\WinRAR\WinRAR.exe]  <Eugene Roshal><3.30>
[PID: 1344][D:\DOCUME~1\Luke\LOCALS~1\Temp\Rar$EX00.781\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["D:\WINDOWS\hh.exe" %1]
.HLP  Error. [D:\WINDOWS\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  Error. []
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================

重装系统了 而且把卡巴想办法卸载重装了
现在除了迅雷 都没问题了
还是按您老说的做了一下 servicess没找到
2006-07-13,08:34:45

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><D:\WINDOWS\system32\ctfmon.exe>  [Microsoft Corporation]
    <LDM><; D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe>  []
    <LetsCool><; D:\Program Files\LetsCool\LetsCool.exe>  []
    <MSMSGS><; "D:\Program Files\Messenger\msmsgs.exe" /background>  [Microsoft Corporation]
    <MyShares><; d:\program Files\易虎\MyShares.exe /tray>  []
    <RegBar><; regsvr32.exe /u D:\progra~1\blogmark\bocaitoolbar.dll /s /i /n>  []
    <SDO2005><; D:\Program Files\盛大圈圈\SDOClient.exe>  [上海盛大网络发展有限公司]
    <词霸Online自启动><; D:\Program Files\Kingsoft\iciba\Iciba.exe>  []
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
    <run><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <SoundMAXPnP><D:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe>  [Analog Devices, Inc.]
    <SoundMAX><"D:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray>  [Analog Devices, Inc.]
    <BigDogPath><D:\WINDOWS\VM_STI.EXE USB PC Camera 301P>  []
    <AddrPlus2><; RUNDLL32.EXE D:\PROGRA~1\TENCENT\AddrPlus\QAHook1.dll,Rundll32>  []
    <AddrPlus3><; D:\PROGRA~1\TENCENT\AddrPlus\Runner.exe D:\PROGRA~1\TENCENT\AddrPlus\QAHook1.dll Rundll32>  []
    <IMJPMIG8.1><"D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [Microsoft Corporation]
    <IMSCMig><; D:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [Microsoft Corporation]
    <KAVPersonal50><"G:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize>  [Kaspersky Lab]
    <LogitechVideoRepair><; D:\Program Files\Logitech\Video\ISStart.exe>  []
    <MSService_v1.0><; D:\WINDOWS\system\servicess.exe>  []
    <mynewpad><; D:\Program Files\Handpad\mynewpad.exe>  [Ping-IT Computer System Inc.]
    <PHIME2002A><D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [Microsoft Corporation]
    <PHIME2002ASync><D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [Microsoft Corporation]
    <RoxioAudioCentral><; "D:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe">  [Roxio, Inc.]
    <RoxioDragToDisc><; "D:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe">  [Roxio]
    <RoxioEngineUtility><; "D:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe">  [Roxio]
    <StatusClient><; D:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto>  [Hewlett-Packard]
    <StormCodec_Helper><; "c:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>  []
    <SunJavaUpdateSched><; D:\Program Files\Java\jre1.5.0_04\bin\jusched.exe>  [Sun Microsystems, Inc.]
    <supdate2.dll><; RUNDLL32.EXE D:\WINDOWS\system32\supdate2.dll,Run>  []
    <Symantec NetDriver Monitor><; D:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer>  [Symantec Corporation]
    <Thunder><; "D:\Program Files\Thunder Network\Thunder\ThunderShell.exe" /s>  []
    <ThunderMini><; D:\Program Files\Thunder Network\ThunderMini\ThunderMiniShell.exe>  []
    <TkBellExe><; "D:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <TomcatStartup><; D:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe>  [Hewlett-Packard]
    <Ulead Video@Home Scheduling Wizard><; D:\Program Files\Ulead Systems\Ulead Video@Home 2.0\monitor.exe>  [Ulead Systems, Inc.]
    <WangWang><; "D:\Program Files\淘宝网\淘宝旺旺\WangWang.EXE">  [淘宝（中国）软件有限公司]
    <Windows木马防火墙><; D:\Program Files\ftc\Trojanwall.exe>  []
    <yassistse><; "D:\PROGRA~1\Yahoo!\Assistant\yassistse.exe">  []
    <YLive.exe><; D:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe>  []
    <YOKAssiant><; Rundll32.exe D:\PROGRA~1\YOK.com\SUPERS~1\YOK_SuperSearch.dll,YOKAssiant>  []
    <IMEKRMIG6.1><D:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE>  [Microsoft Corporation]
    <MSPY2002><D:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC>  []
    <DAYEESPEEDCD><G:\Program Files\大易极速??光?\dyspeedcd.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><D:\WINDOWS\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><E:\wjc'sd\studa_国外最新发布XP登陆画面(16个)\new\宇智波佐助Sasuke\LogonUI.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    <WinlogonNotify: AtiExtEvent><Ati2evxx.dll>  [ATI Technologies Inc.]

==================================
启动文件夹
服务
[Adobe LM Service / Adobe LM Service]
  <"D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[Ati HotKey Poller / Ati HotKey Poller]
  <D:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[ATI Smart / ATI Smart]
  <D:\WINDOWS\system32\ati2sgag.exe><>
[kavsvc / kavsvc]
  <"G:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe"><Kaspersky Lab>
[Macromedia Licensing Service / Macromedia Licensing Service]
  <"D:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe"><N/A>
[Pml Driver HPZ12 / Pml Driver HPZ12]
  <D:\WINDOWS\system32\HPZipm12.exe><HP>
[Symantec Network Drivers Service / SNDSrvc]
  <"D:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"><Symantec Corporation>
[SoundMAX Agent Service / SoundMAX Agent Service (default)]
  <D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe><Analog Devices, Inc.>

重装系统了 而且把卡巴想办法卸载重装了
现在除了迅雷 都没问题了
还是按您老说的做了一下 servicess没找到
2006-07-13,08:34:45

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><D:\WINDOWS\system32\ctfmon.exe>  [Microsoft Corporation]
    <LDM><; D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe>  []
    <LetsCool><; D:\Program Files\LetsCool\LetsCool.exe>  []
    <MSMSGS><; "D:\Program Files\Messenger\msmsgs.exe" /background>  [Microsoft Corporation]
    <MyShares><; d:\program Files\易虎\MyShares.exe /tray>  []
    <RegBar><; regsvr32.exe /u D:\progra~1\blogmark\bocaitoolbar.dll /s /i /n>  []
    <SDO2005><; D:\Program Files\盛大圈圈\SDOClient.exe>  [上海盛大网络发展有限公司]
    <词霸Online自启动><; D:\Program Files\Kingsoft\iciba\Iciba.exe>  []
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
    <run><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <SoundMAXPnP><D:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe>  [Analog Devices, Inc.]
    <SoundMAX><"D:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray>  [Analog Devices, Inc.]
    <BigDogPath><D:\WINDOWS\VM_STI.EXE USB PC Camera 301P>  []
    <AddrPlus2><; RUNDLL32.EXE D:\PROGRA~1\TENCENT\AddrPlus\QAHook1.dll,Rundll32>  []
    <AddrPlus3><; D:\PROGRA~1\TENCENT\AddrPlus\Runner.exe D:\PROGRA~1\TENCENT\AddrPlus\QAHook1.dll Rundll32>  []
    <IMJPMIG8.1><"D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [Microsoft Corporation]
    <IMSCMig><; D:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [Microsoft Corporation]
    <KAVPersonal50><"G:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize>  [Kaspersky Lab]
    <LogitechVideoRepair><; D:\Program Files\Logitech\Video\ISStart.exe>  []
    <MSService_v1.0><; D:\WINDOWS\system\servicess.exe>  []
    <mynewpad><; D:\Program Files\Handpad\mynewpad.exe>  [Ping-IT Computer System Inc.]
    <PHIME2002A><D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [Microsoft Corporation]
    <PHIME2002ASync><D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [Microsoft Corporation]
    <RoxioAudioCentral><; "D:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe">  [Roxio, Inc.]
    <RoxioDragToDisc><; "D:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe">  [Roxio]
    <RoxioEngineUtility><; "D:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe">  [Roxio]
    <StatusClient><; D:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto>  [Hewlett-Packard]
    <StormCodec_Helper><; "c:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>  []
    <SunJavaUpdateSched><; D:\Program Files\Java\jre1.5.0_04\bin\jusched.exe>  [Sun Microsystems, Inc.]
    <supdate2.dll><; RUNDLL32.EXE D:\WINDOWS\system32\supdate2.dll,Run>  []
    <Symantec NetDriver Monitor><; D:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer>  [Symantec Corporation]
    <Thunder><; "D:\Program Files\Thunder Network\Thunder\ThunderShell.exe" /s>  []
    <ThunderMini><; D:\Program Files\Thunder Network\ThunderMini\ThunderMiniShell.exe>  []
    <TkBellExe><; "D:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <TomcatStartup><; D:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe>  [Hewlett-Packard]
    <Ulead Video@Home Scheduling Wizard><; D:\Program Files\Ulead Systems\Ulead Video@Home 2.0\monitor.exe>  [Ulead Systems, Inc.]
    <WangWang><; "D:\Program Files\淘宝网\淘宝旺旺\WangWang.EXE">  [淘宝（中国）软件有限公司]
    <Windows木马防火墙><; D:\Program Files\ftc\Trojanwall.exe>  []
    <yassistse><; "D:\PROGRA~1\Yahoo!\Assistant\yassistse.exe">  []
    <YLive.exe><; D:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe>  []
    <YOKAssiant><; Rundll32.exe D:\PROGRA~1\YOK.com\SUPERS~1\YOK_SuperSearch.dll,YOKAssiant>  []
    <IMEKRMIG6.1><D:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE>  [Microsoft Corporation]
    <MSPY2002><D:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC>  []
    <DAYEESPEEDCD><G:\Program Files\大易极速??光?\dyspeedcd.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><D:\WINDOWS\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><E:\wjc'sd\studa_国外最新发布XP登陆画面(16个)\new\宇智波佐助Sasuke\LogonUI.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    <WinlogonNotify: AtiExtEvent><Ati2evxx.dll>  [ATI Technologies Inc.]

==================================
启动文件夹
服务
[Adobe LM Service / Adobe LM Service]
  <"D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[Ati HotKey Poller / Ati HotKey Poller]
  <D:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[ATI Smart / ATI Smart]
  <D:\WINDOWS\system32\ati2sgag.exe><>
[kavsvc / kavsvc]
  <"G:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe"><Kaspersky Lab>
[Macromedia Licensing Service / Macromedia Licensing Service]
  <"D:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe"><N/A>
[Pml Driver HPZ12 / Pml Driver HPZ12]
  <D:\WINDOWS\system32\HPZipm12.exe><HP>
[Symantec Network Drivers Service / SNDSrvc]
  <"D:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"><Symantec Corporation>
[SoundMAX Agent Service / SoundMAX Agent Service (default)]
  <D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe><Analog Devices, Inc.>

==================================
浏览器加载项
[免费精彩视频超流畅在线观看]
  {022C4009-5283-4365-97BF-144054B40E2E} <http://itv.mop.com, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <e:\Program Files\Tencent\qq\QQ.EXE, TENCENT>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <D:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[CEditCtrl Object]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <D:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com>
[Java Plug-in 1.5.0_04]
  {8AD9C840-044E-11D1-B3E9-00805F499D93} <D:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll, Sun Microsystems, Inc.>
[]
  {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} <D:\WINDOWS\system32\macromed\download\Download.dll, Macromedia, Inc.>
[Java Plug-in 1.5.0_04]
  {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} <D:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll, Sun Microsystems, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <D:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[Rising Web Scan Object]
  {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <D:\WINDOWS\Downloaded Program Files\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[pCastPanel Class]
  {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} <D:\WINDOWS\Downloaded Program Files\pCastCtl.dll, >
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <D:\WINDOWS\system32\xunleibho_v13.dll, N/A>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, N/A>
[实用搜索]
  {15ADF205-4C54-4CFE-AC88-1EA0BA6D06A0} <, N/A>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <D:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <D:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[RealPlayer RAM Download Handler]
  {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <D:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[IETag Factory]
  {38481807-CA0E-42D2-BF39-B33AF135CC4D} <D:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL, Microsoft Corporation>
[NaviHelperObj Class]
  {3E422F49-1566-40D3-B43D-077EF739AC32} <D:\WINDOWS\system32\NaviHelper.dll, TODO: <公司名>>
[KmediaHelper Class]
  {42D25F15-CF07-4A72-B191-DB0792BF310C} <D:\WINDOWS\system32\Kmedia.dll, Kmedia>
[CEditCtrl Object]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <D:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com>
[AdsHlpObj Class]
  {49A94665-B1F5-4F05-B9C7-FB6E336E49BD} <D:\WINDOWS\system32\AdsObj.dll, N/A>
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <D:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[SAVCtrl Control]
  {54515250-473C-413E-8194-A18D367E8936} <D:\WINDOWS\system32\SAVCtrl.ocx, 上海盛大网络发展有限公司>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <D:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Active Desktop Mover]
  {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[Windows Media Services DRM Storage object]
  {760C4B83-E211-11D2-BF3E-00805FBE84A6} <D:\WINDOWS\system32\drmstor.dll, Microsoft Corporation>
[MediaComm Class]
  {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <D:\Program Files\Thunder Network\ThunderMini\Components\InMedia\MediaAddin04.dll, N/A>
[搜虎]
  {7A38130D-BEB7-4D60-BE7A-4C4AB6A85CD1} <, N/A>
[AdsObj2 Class]
  {7DDEA238-3E32-43FD-8223-A5E15D9666FF} <D:\WINDOWS\system32\AdsHlp2.dll, N/A>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <D:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_001.dll, Thunder Networking Technologies,LTD>
[Java Plug-in 1.5.0_04]
  {8AD9C840-044E-11D1-B3E9-00805F499D93} <D:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll, Sun Microsystems, Inc.>
[ThunderMini Browser Helper]
  {8E6C1C49-F9CE-4311-9FB4-D70E8B0AEAEB} <D:\Program Files\Thunder Network\ThunderMini\ComDlls\XunLeiMiniBHO_002.dll, N/A>
[Qzone Media Tools]
  {AC3A36A8-9BFF-410A-A33D-2279FFEB69D2} <e:\PROGRA~1\Tencent\qq\VQQPLA~1.OCX, Tencent Technology (Shenzhen) Company Limited>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <D:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Messenger Object]
  {B69003B3-C55E-4B48-836C-BC5946FC3B28} <D:\Program Files\Messenger\msgsc.dll, Microsoft Corporation>
[AUDIO__MID Moniker Class]
  {CD3AFA74-B84F-48F0-9393-7EDC34128127} <D:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <D:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <D:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <D:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <D:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <D:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[Rising Web Scan Object]
  {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <D:\WINDOWS\Downloaded Program Files\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[Letscool System Helper]
  {F0C15012-7DBD-4068-95A2-0A82DB03AC35} <D:\WINDOWS\system32\CoolBho.dll, LETSCOOL Network Technology>
[google bar]
  {F651FCAA-F826-4922-8990-C6F99CC67AFC} <D:\WINDOWS\Win32ef.dll, N/A>
[pCastPanel Class]
  {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} <D:\WINDOWS\Downloaded Program Files\pCastCtl.dll, >
[上传到QQ网络硬盘]
  <E:\Program Files\Tencent\qq\AddToNetDisk.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
  <E:\Program Files\Tencent\qq\AddPanel.htm, N/A>
[添加到QQ表情]
  <E:\Program Files\Tencent\qq\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <E:\Program Files\Tencent\qq\SendMMS.htm, N/A>

==================================
正在运行的进程
[PID: 728][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 776][\??\D:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 800][\??\D:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [D:\WINDOWS\system32\Ati2evxx.dll]  <ATI Technologies Inc.><6.14.10.4109>
[PID: 844][D:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 856][D:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1016][D:\WINDOWS\system32\Ati2evxx.exe]  <ATI Technologies Inc.><6.14.10.4109>
    [D:\WINDOWS\system32\Ati2edxx.dll]  <ATI Technologies, Inc.><6, 14, 10, 2495>
[PID: 1032][D:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1108][D:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1204][D:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1272][D:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1400][D:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1604][D:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [D:\WINDOWS\system32\HPBMMON.DLL]  <Hewlett-Packard><10.00.16>
    [D:\WINDOWS\system32\hppamon0.dll]  <HP><5, 0, 5, 0>
    [D:\WINDOWS\system32\hpdomon.dll]  <Hewlett-Packard><03.42.00>
    [D:\WINDOWS\system32\HPBHealr.dll]  <N/A><N/A>
    [D:\WINDOWS\System32\spool\PRTPROCS\W32X86\IMFPrint.DLL]  <Zenographics, Inc.><5, 54, 330, 0>
    [D:\WINDOWS\system32\Imf32.dll]  <Zenographics, Inc.><5, 60, 1204, 0>
    [D:\WINDOWS\system32\ZTAG32.dll]  <Zenographics, Inc.><5, 60, 1210, 0>
    [D:\WINDOWS\system32\ZSPOOL.dll]  <Zenographics, Inc.><5, 51, 709, 0>
    [D:\WINDOWS\System32\spool\PRTPROCS\W32X86\vprproc.dll]  <Windows (R) 2000 DDK provider><5.00.2195.1620>
[PID: 456][D:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE]  <Microsoft Corporation><7.00.9466>
[PID: 716][D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe]  <Analog Devices, Inc.><3, 2, 6, 0>
[PID: 768][D:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1312][D:\WINDOWS\System32\alg.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1964][D:\WINDOWS\system32\Ati2evxx.exe]  <ATI Technologies Inc.><6.14.10.4109>
    [D:\WINDOWS\system32\Ati2edxx.dll]  <ATI Technologies, Inc.><6, 14, 10, 2495>
[PID: 496][D:\WINDOWS\Explorer.EXE]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  <Adobe Systems, Inc.><7.0.0.0>
    [D:\WINDOWS\system32\msdmo.dll]  <N/A><N/A>
    [c:\Program Files\Ringz Studio\Storm Codec\Codecs\OGGSplt.ax]  <Gabest><1, 0, 0, 0>
    [D:\WINDOWS\system32\ffdshow.ax]  <N/A><1.0.2.24>
    [c:\Program Files\Ringz Studio\Storm Codec\Codecs\TTL2Dec.dll]  <N/A><N/A>
    [c:\Program Files\Ringz Studio\Storm Codec\Codecs\Vid1Dec.dll]  <N/A><N/A>
    [c:\Program Files\Ringz Studio\Storm Codec\Codecs\mpeg2dmx.ax]  <Moonlight Cordless Ltd.><3, 1, 200, 50117>
    [G:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\shellex.dll]  <Kaspersky Lab><5.0.388.1>
    [E:\Program Files\Tencent\qq\qdshm.dll]  <><1, 0, 1, 2>
    [D:\Program Files\WinRAR\rarext.dll]  <N/A><N/A>
[PID: 1280][D:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe]  <Analog Devices, Inc.><4, 0, 4, 11>
    [D:\Program Files\Analog Devices\SoundMAX\SMWDMIF.dll]  <Analog Device, Inc.><1, 0, 22, 26>
[PID: 772][D:\Program Files\Analog Devices\SoundMAX\Smax4.exe]  <Analog Devices, Inc.><4, 0, 4, 25>
[PID: 708][D:\WINDOWS\VM_STI.EXE]  <VM.><4.2.610.4>
    [D:\WINDOWS\system32\msdmo.dll]  <N/A><N/A>
[PID: 1696][D:\WINDOWS\system32\ctfmon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 3488][D:\Program Files\Internet Explorer\iexplore.exe]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [G:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\scrchpg.dll]  <Kaspersky Lab><5.0.1.18>
    [G:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\scrch_ag.dll]  <Kaspersky Lab><5.0.388.1>
    [G:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\FSSync.dll]  <Kaspersky Lab><5.0.388.0>
    [G:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\pr_rmt.dll]  <Kaspersky Lab><5.0.388.0>
    [G:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\ccclient.dll]  <Kaspersky Lab><5.0.388.1>
    [G:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\klipc.dll]  <Kaspersky Lab><5.0.388.0>
    [G:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\KLUtil.dll]  <Kaspersky Lab><5.0.388.1>
    [G:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\rpt.dll]  <Kaspersky Lab><5.0.388.2>
    [G:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\CCIFACE.dll]  <Kaspersky Lab><5.0.388.1>
    [G:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\prloader.dll]  <Kaspersky Lab><5.0.388.0>
    [G:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\prkernel.ppl]  <Kaspersky Lab><5.0.388.0>
    [g:\program files\kaspersky lab\kaspersky anti-virus personal\prstring.ppl]  <Kaspersky Lab><5.0.388.0>
    [g:\program files\kaspersky lab\kaspersky anti-virus personal\pr_srv.ppl]  <Kaspersky Lab><5.0.388.0>
    [g:\program files\kaspersky lab\kaspersky anti-virus personal\pr_clnt.ppl]  <Kaspersky Lab><5.0.388.0>
    [g:\program files\kaspersky lab\kaspersky anti-virus personal\tempfile.ppl]  <Kaspersky Lab><5.0.388.0>
    [D:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx]  <Macromedia, Inc.><8,0,24,0>
[PID: 2824][G:\sreng2\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["D:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================

顶顶 不要沉了

还是沉了
接着顶

那个文件找不到啊
兔兔不管用 在安全模式下也不行
重装只能保证72个小时正常