最近我的计算机中了很麻烦的病毒，开启计算机后有很多奇型怪状的特征，尝试用Norton Antivirus 2005及超级兔子魔法设置都无法清理 (因为计算机是繁体版，所以用不到瑞星此类软件)，弄得我都不知道是广告病毒还是其它病毒……特征如下︰
1.    开机后会自动开启「C:\Program Files\Microsoft」这个目录，该目录经「超级兔子魔法设置」清理后已无数据了，但开机后还是会自动开启。
2.    「C:\」内多了「tmp176.tmp」，「tmp177.tmp」，「sqmdata000.exe」，「sqmdata001.txt」及「sqmdata002.exe」，删除后还是会出现。
3.    工作管理员被系统管理员停止使用，以致工作管理员无法开启。
4.    开机后会自动连上网络，并不停地跳出多个网页。
5.    首页被改为「http://my123.com」
6.    有很多不同的error，如「c:\windows\bs3.dll」、「iPodService.exe」、「copynow.exe」、「Isasss.exe」、「UIupdate.exe」、「kerne0233.exe」、「logo1.exe」及「program manager」，还有「Runtime error 2004 at 00402404」、「Windows script error C:\boot.vbs」及「 “0x77f581bf”…..内存不能为 “written”」等等。

p.s. 我实在不知如何处理好了，以下附上hijackthis及SREngLOG的log檔，麻烦高人指教～谢谢！

Logfile of HijackThis v1.99.1
Scan saved at 18:04:01, on 12/12/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe
C:\Program Files\InterVideo\Common\Bin\WinRemote.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe
C:\WINDOWS\wt\updater\wcmdmgr.exe
C:\Program Files\WildTangent\Apps\GameChannel.exe
C:\WINDOWS\System32\UpdaterUI.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Ebates__MoeMoney__Maker\ebatesmmmv.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Ebates__MoeMoney__Maker\eb.exe
C:\WINDOWS\System32\gearsec.exe
C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
c:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\avp.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\program files\internet explorer\IEXPLORE.EXE
C:\WINDOWS\System32\svchost.exe
c:\windows\system32\wbem\lsass.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\Kerne0223.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\zh-hk\bin\WindowsSearch.exe
C:\Erica\WinZip\WZQKPICK.EXE
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\zh-hk\bin\WindowsSearchIndexer.exe
C:\Program Files\Super Rabbit\magicset\SRIECLI.EXE
C:\WINDOWS\System32\msiexec.exe
C:\WINDOWS\System32\conime.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\Rar$EX00.859\HijackThis.exe

R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\PROGRA~1\ABOBEF~1\tbhelper.dll
R3 - URLSearchHook: SrchHook Class - {EED92A43-CFCE-4548-BD73-B0A405470ED5} - C:\PROGRA~1\CNNIC\Cdn\iesrch.dll (file missing)
O2 - BHO: 超級兔子上網精靈 - {FEDF637B-F631-4583-A210-33CC828D42DB} - C:\PROGRA~1\SUPERR~1\magicset\HAOKAN~2.DLL
O3 - Toolbar: HP 檢視 - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\program files\hp\digital imaging\bin\hpdtlk02.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN 搜尋工具列 - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\zh-hk\msntb.dll
O3 - Toolbar: 收音機(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Abobe Flash Play 9 - {772546DC-8719-4F80-B82F-B3A92AAC96C7} - C:\Program Files\Abobe Flash Play 9\Cab301b48.dll
O3 - Toolbar: 妗蚚刲坰馱撿沭2.0 - {03465FF5-00AE-411a-9C34-960ED566EC03} - C:\Program Files\superutilbar\superutilbar.dll
O3 - Toolbar: 超級兔子上網精靈 - {FEDF637B-F631-4583-A210-33CC828D42DB} - C:\PROGRA~1\SUPERR~1\magicset\HAOKAN~2.DLL
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe"
O4 - HKLM\..\Run: [WINREMOTE] "C:\Program Files\InterVideo\Common\Bin\WinRemote.exe"
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [UpdateManager] "c:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [USIUDF_Eject_Monitor] C:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe
O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch
O4 - HKLM\..\Run: [WT GameChannel] C:\Program Files\WildTangent\Apps\GameChannel.exe
O4 - HKLM\..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [CJIMETIPSYNC] C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\CHANGJIE\CINTLCFG.EXE /CJIMETIPSync
O4 - HKLM\..\Run: [PHIMETIPSYNC] C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\PHONETIC\TINTLCFG.EXE /PHIMETIPSync

O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [UpdaterUI] C:\WINDOWS\System32\UpdaterUI.exe
O4 - HKLM\..\Run: [fzg] C:\WINDOWS\Config\svhost32.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [xwhzjb85] C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\xwhzjb85.dll,DllCanUnloadNow
O4 - HKLM\..\Run: [ebmmm] "C:\Program Files\Ebates__MoeMoney__Maker\ebatesmmmv.exe"
O4 - HKLM\..\Run: [rzt] C:\WINDOWS\Intel\rundll32.exe
O4 - HKLM\..\Run: [r] C:\WINDOWS\down\rundll32.exe
O4 - HKLM\..\Run: [wl] C:\WINDOWS\Download\svhost32.exe
O4 - HKLM\..\Run: [WinStar] C:\WINDOWS\IEXPL0RE.exe
O4 - HKLM\..\Run: [Realplayone1] C:\WINDOWS\Realplayone1.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Desktop] C:\WINDOWS\System32\rundll32.exe "C:\WINDOWS\system32\NTService32.dll" ,Run
O4 - HKLM\..\Run: [load] C:\WINDOWS\uninstall\rundl132.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Kerne0223] C:\WINDOWS\System32\Kerne0223.exe
O4 - HKCU\..\Run: [foxy] "C:\Program Files\Foxy\Foxy.exe" -tray
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKCU\..\Run: [Super Rabbit IEPro] C:\Program Files\Super Rabbit\magicset\SRIECLI.EXE /LOAD
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: 匯出至 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O10 - Unknown file in Winsock LSP: c:\windows\system32\wshcon32.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\aelupsvc32.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\fd5viewer.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\fd5viewer.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\aelupsvc32.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wshcon32.dll
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab
O16 - DPF: {20C2C286-BDE8-441B-B73D-AFA22D914DA5} (PowerList Control) - http://www.ppstream.com/bin/powerplayer.cab
O16 - DPF: {8A345F9D-011F-4BFC-9AF7-933D4A2B78E4} (HanGamePluginHk15 Class) - http://download.game.netvigator.com/dist/activex/HanGamePluginHk15.cab
O16 - DPF: {A20B1BB0-AC3D-4530-85F3-791B81303190} (ICQDevilImg Control) - http://xtraz.icq.com/xtraz/products/photo/english/ICQDevilImg.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Gear Security 服務 (GEARSecurity) - GEAR Software - C:\WINDOWS\System32\gearsec.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Unknown owner - c:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Audio Adapter (VGADown) - Unknown owner - C:\WINDOWS\avp.exe
O23 - Service: Windows NT Service32 - Unknown owner - C:\WINDOWS\System32\rundll32.exe" "C:\WINDOWS\System32\NTService32.dll",Start (file missing)
O23 - Service: windows_Server2.03 (windowsServer) - Unknown owner - C:\WINDOWS\G_Server2.03.exe
O23 - Service: Windows_Server Time - Unknown owner - C:\WINDOWS\System32\Svch0st.exe

2006-12-12,18:05:11

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Home Edition Service Pack 1 (Build 2600)
- Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
    All Boot Items (Including Registry, Startup Folders, Services and so on)
    Browser Add-ons
    Runing Processes (Including process model information)
    File Associations
    Winsock Provider
    Autorun.Inf
    HOSTS File


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe>  [(Verified)Microsoft Corporation]
    <Microsoft Works Update Detection><C:\Program Files\Microsoft Works\WkDetect.exe>  [N/A]
    <BackupNotify><c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe>  [Hewlett-Packard Company]
    <MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" /background>  [(Verified)Microsoft Corporation]
    <Kerne0223><C:\WINDOWS\System32\Kerne0223.exe>  [N/A]
    <foxy><"C:\Program Files\Foxy\Foxy.exe" -tray>  [N/A]
    <eMuleAutoStart><C:\Program Files\eMule\emule.exe -AutoStart>  [http://www.emule.org.cn]
    <Super Rabbit IEPro><C:\Program Files\Super Rabbit\magicset\SRIECLI.EXE /LOAD>  [Super Rabbit Soft]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <SunJavaUpdateSched><C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe>  [N/A]
    <hpsysdrv><c:\windows\system\hpsysdrv.exe>  [Hewlett-Packard Company]
    <HP Component Manager><"C:\Program Files\HP\hpcoretech\hpcmpmgr.exe">  [Hewlett-Packard Company]
    <HPHUPD05><c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe>  [Hewlett-Packard]
    <HPHmon05><C:\WINDOWS\System32\hphmon05.exe>  [Hewlett-Packard]
    <KBD><C:\HP\KBD\KBD.EXE>  [Hewlett-Packard Company]
    <Home Theater SchSvr><"C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe">  [InterVideo Inc.]
    <WINREMOTE><"C:\Program Files\InterVideo\Common\Bin\WinRemote.exe">  [InterVideo Inc.]
    <iTunesHelper><C:\Program Files\iTunes\iTunesHelper.exe>  [Apple Computer, Inc.]
    <Recguard><C:\WINDOWS\SMINST\RECGUARD.EXE>  []
    <VTTimer><VTTimer.exe>  [N/A]
    <PS2><C:\WINDOWS\system32\ps2.exe>  [(Verified)Hewlett-Packard Company]
    <ccApp><"c:\Program Files\Common Files\Symantec Shared\ccApp.exe">  [(Verified)Symantec Corporation]
    <SoundMan><SOUNDMAN.EXE>  [(Verified)Realtek Semiconductor Corp.]
    <ATIPTA><C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe>  [ATI Technologies, Inc.]
    <AlcWzrd><ALCWZRD.EXE>  [(Verified)RealTek Semicoductor Corp.]
    <Alcmtr><ALCMTR.EXE>  [(Verified)Realtek Semiconductor Corp.]
    <MSPY2002><C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC>  [(Verified)N/A]
    <UpdateManager><"c:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r>  [Sonic Solutions]
    <QuickTime Task><"C:\Program Files\QuickTime\qttask.exe" -atboottime>  [Apple Computer, Inc.]
    <USIUDF_Eject_Monitor><C:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe>  [Ulead Systems]
    <wcmdmgr><C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch>  [WildTangent, Inc.]
    <WT GameChannel><C:\Program Files\WildTangent\Apps\GameChannel.exe>  [(Verified)WildTangent]
    <ICQ Lite><C:\Program Files\ICQLite\ICQLite.exe -minimize>  [ICQ Ltd.]
    <Symantec NetDriver Monitor><C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer>  [(Verified)Symantec Corporation]
    <CJIMETIPSYNC><C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\CHANGJIE\CINTLCFG.EXE /CJIMETIPSync>  [(Verified)Microsoft Corp.]
    <PHIMETIPSYNC><C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\PHONETIC\TINTLCFG.EXE /PHIMETIPSync>  [(Verified)Microsoft Corp.]
    <SSC_UserPrompt><C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe>  [(Verified)Symantec Corporation]
    <UpdaterUI><C:\WINDOWS\System32\UpdaterUI.exe>  [Microsoft Corporation]
    <fzg><C:\WINDOWS\Config\svhost32.exe>  [N/A]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <xwhzjb85><C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\xwhzjb85.dll,DllCanUnloadNow>  [Microsoft Corporation]
    <ebmmm><"C:\Program Files\Ebates__MoeMoney__Maker\ebatesmmmv.exe">  [(Verified)N/A]
    <rzt><C:\WINDOWS\Intel\rundll32.exe>  [N/A]
    <r><C:\WINDOWS\down\rundll32.exe>  [N/A]
    <wl><C:\WINDOWS\Download\svhost32.exe>  [N/A]
    <WinStar><C:\WINDOWS\IEXPL0RE.exe>  [Microsoft Corporation]
    <Realplayone1><C:\WINDOWS\Realplayone1.exe>  [N/A]
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  [N/A]
    <Desktop><C:\WINDOWS\System32\rundll32.exe "C:\WINDOWS\system32\NTService32.dll" ,Run>  [N/A]
    <load><C:\WINDOWS\uninstall\rundl132.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\System32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]

==================================
Startup Folders
[Updates from HP]
  <C:\Documents and Settings\All Users\「開始」功能表\程式集\啟動\Updates from HP.lnk --> C:\PROGRA~1\UPDATE~1\137903\Program\BACKWE~1.EXE [N/A]><N>
[Windows 桌面搜尋]
  <C:\Documents and Settings\All Users\「開始」功能表\程式集\啟動\Windows 桌面搜尋.lnk --> C:\PROGRA~1\MSNTOO~1\DS\020500~1.111\zh-hk\bin\WINDOW~1.EXE [Microsoft Corporation]><N>
[WinZip Quick Pick]
  <C:\Documents and Settings\All Users\「開始」功能表\程式集\啟動\WinZip Quick Pick.lnk --> C:\Erica\WinZip\WZQKPICK.EXE [WinZip Computing, Inc.]><N>

==================================

Services
[Application Management / AppMgmt]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
[ASP.NET State Service / aspnet_state]
  <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[Ati HotKey Poller / Ati HotKey Poller]
  <C:\WINDOWS\System32\Ati2evxx.exe><N/A>
[Symantec Event Manager / ccEvtMgr]
  <"c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"><Symantec Corporation>
[Symantec Password Validation / ccPwdSvc]
  <"c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe"><Symantec Corporation>
[Symantec Settings Manager / ccSetMgr]
  <"c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"><Symantec Corporation>
[Gear Security 服務 / GEARSecurity]
  <C:\WINDOWS\System32\gearsec.exe><GEAR Software>
[iPod Service / iPodService]
  <C:\Program Files\iPod\bin\iPodService.exe><Apple Computer, Inc.>
[Security Machine Manager / iSPONER]
  <C:\WINDOWS\SYSTEM32\RUNDLL32.EXE C:\WINDOWS\SYSTEM32\WBEM\JQQYG.DLL,Export 1087><N/A>
[Norton AntiVirus Auto Protect Service / navapsvc]
  <"c:\Program Files\Norton AntiVirus\navapsvc.exe"><Symantec Corporation>
[WindowsNt Workstation / NTWorkStan]
  <C:\WINDOWS\System32\svchost.exe -k NTWorkStan-->c:\windows\system32\ntworkstan.dll><N/A>
[Volume Optimization / Relations]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\System32\pzwga.dll><Microsoft Corporation>
[SAVScan / SAVScan]
  <c:\Program Files\Norton AntiVirus\SAVScan.exe><N/A>
[Symantec Network Drivers Service / SNDSrvc]
  <C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe><Symantec Corporation>
[SymWMI Service / SymWSC]
  <C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe><Symantec Corporation>
[Ulead Burning Helper / UleadBurningHelper]
  <C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe><Ulead Systems, Inc.>
[Audio Adapter / VGADown]
  <C:\WINDOWS\avp.exe><N/A>
[Win32 DHCP Service / Win32DHCPsvc]
  <C:\WINDOWS\System32\rundll32.exe windhcp.dll,start><Microsoft Corporation>
[Windows DHCP Service / WinDHCPsvc]
  <C:\WINDOWS\System32\rundll32.exe windhcp.ocx,start><Microsoft Corporation>
[Windows NT Service32 / Windows NT Service32]
  <"C:\WINDOWS\System32\rundll32.exe" "C:\WINDOWS\System32\NTService32.dll",Start><Microsoft Corporation>
[windows_Server2.03 / windowsServer]
  <C:\WINDOWS\G_Server2.03.exe><N/A>
[Windows_Server Time / Windows_Server Time]
  <C:\WINDOWS\System32\Svch0st.exe><N/A>
[WindowsNt Network Engine / wnttech]
  <C:\WINDOWS\System32\svchost.exe -k wnttech-->c:\windows\system32\wnttech.dll><Microsoft Corporation>

==================================
Drivers
[AFS2K / AFS2K]
  <C:\WINDOWS\SYSTEM32\DRIVERS\AFS2K.SYS><Oak Technology Inc.>
[Service for WDM 3D Audio Driver / ALCXSENS]
  <system32\drivers\ALCXSENS.SYS><Sensaura Ltd>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[ati2mtag / ati2mtag]
  <System32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[ASUS TV7134 WDM Video Capture / Cap7134]
  <System32\DRIVERS\Cap7134.sys><Philips Semiconductors>
[GEAR CDRom Filter / GEARAspiWDM]
  <SYSTEM32\DRIVERS\GEARAspiWDM.sys><GEAR Software>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus]
  <System32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[HSFHWBS2 / HSFHWBS2]
  <System32\DRIVERS\HSFHWBS2.sys><Conexant Systems, Inc.>
[HSF_DP / HSF_DP]
  <System32\DRIVERS\HSF_DP.sys><Conexant Systems, Inc.>
[ialm / ialm]
  <System32\DRIVERS\ialmnt5.sys><Intel Corporation>
[iRiver Internet Audio Player IFP-100 / IFPUSB]
  <\SystemRoot\System32\DRIVERS\ifpusb.sys><iRiver, Inc.>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService]
  <system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[IVI ASPI Shell / Iviaspi]
  <system32\drivers\iviaspi.sys><InterVideo, Inc.>
[jclbnwi / jclbnwiu]
  <\SystemRoot\System32\DRIVERS\jclbnwiu.sys><Microsoft Corporation>
[mdmxsdk / mdmxsdk]
  <System32\DRIVERS\mdmxsdk.sys><Conexant>
[NAVENG / NAVENG]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20051130.006\NAVENG.Sys><Symantec Corporation>
[NAVEX15 / NAVEX15]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20051130.006\NavEx15.Sys><Symantec Corporation>
[Padus ASPI Shell / Pfc]
  <system32\drivers\pfc.sys><Padus, Inc.>
[ASUS WDM TV Tuner / PhTVTune]
  <System32\DRIVERS\PhTVTune.sys><Philips Semiconductors>
[Logitech QuickCam Express(PID_0920) / PID_0920]
  <System32\DRIVERS\LV532AV.SYS><Logitech Inc.>
[Intersil PRISM 802.11a/g Driver / PRISM_A00]
  <System32\DRIVERS\PCTELSAP.SYS><PCTEL Inc.>
[Ps2 / Ps2]
  <System32\DRIVERS\PS2.sys><Hewlett-Packard Company>
[直接平行連接埠連結驅動程式 / Ptilink]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20]
  <\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver / rtl8139]
  <System32\DRIVERS\R8139n51.SYS><Realtek Semiconductor Corporation>
[SAVRT / SAVRT]
  <\??\c:\Program Files\Norton AntiVirus\SAVRT.SYS><Symantec Corporation>
[SAVRTPEL / SAVRTPEL]
  <\??\c:\Program Files\Norton AntiVirus\SAVRTPEL.SYS><Symantec Corporation>
[Secdrv / Secdrv]
  <System32\DRIVERS\secdrv.sys><N/A>
[SiS315 / SiS315]
  <System32\DRIVERS\sisgrp.sys><Silicon Integrated Systems Corporation>
[SiS AGP Filter / SISAGP]
  <\SystemRoot\System32\DRIVERS\SISAGPX.sys><Silicon Integrated Systems Corporation>
[SymEvent / SymEvent]
  <\??\C:\Program Files\Symantec\SYMEVENT.SYS><Symantec Corporation>
[SYMREDRV / SYMREDRV]
  <\SystemRoot\System32\Drivers\SYMREDRV.SYS><Symantec Corporation>
[SYMTDI / SYMTDI]
  <\SystemRoot\System32\Drivers\SYMTDI.SYS><Symantec Corporation>
[TYKeeper / TYKeeper]
  <\SystemRoot\System32\drivers\TYKeeper.sys><YOK.Com>
[ULCDRHlp / ULCDRHlp]
  <System32\Drivers\ULCDRHlp.sys><Ulead Systems, Inc.>
[USIUDF / USIUDF]
  <System32\Drivers\USIUDF.sys><Ulead Systems, Inc.>
[VCD VNC Virtual Network Adapter / vcddev]
  <System32\DRIVERS\vcdvnic.sys><VNN B.J.>
[VIA AGP Filter / viaagp1]
  <\SystemRoot\System32\DRIVERS\viaagp1.sys><VIA Technologies, Inc.>
[viagfx / viagfx]
  <System32\DRIVERS\vtmini.sys><Copyright (C) VIA/S3 Graphics, Inc.>

Browser Add-ons
[超級兔子上網精靈]
  {FEDF637B-F631-4583-A210-33CC828D42DB} <C:\PROGRA~1\SUPERR~1\magicset\HAOKAN~2.DLL, 超?兔子>
[Ebates]
  {7F241C00-DAB6-11d5-AAA8-0001028DF1BC} <, N/A>
[Ebates]
  {F2B441CC-E026-47fb-BDC3-A07750FA3D2C} <, N/A>
[InstallerBehaviorFactory Class]
  {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} <C:\WINDOWS\Downloaded Program Files\MsnInstC.dll, Microsoft Corp.>
[PowerList Control]
  {20C2C286-BDE8-441B-B73D-AFA22D914DA5} <C:\PROGRA~1\PPStream\POWERL~1.OCX, PPStream.com>
[HanGamePluginHk15 Class]
  {8A345F9D-011F-4BFC-9AF7-933D4A2B78E4} <C:\WINDOWS\Downloaded Program Files\CONFLICT.3\HanGamePluginHk15.dll, >
[Java Plug-in 1.4.2_03]
  {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll, JavaSoft / Sun Microsystems, Inc.>
[ICQDevilImg Control]
  {A20B1BB0-AC3D-4530-85F3-791B81303190} <C:\PROGRA~1\ICQLite\ICQDEV~1.OCX, ICQ Ltd.>
[Java Plug-in 1.4.2_03]
  {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} <C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll, JavaSoft / Sun Microsystems, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash8.ocx, Macromedia, Inc.>
[YOKHttpFilter Class]
  {686D3343-D00D-49A1-96DF-66F3AF62F348} <C:\PROGRA~1\yok\adblock.dll, N/A>
[YOKAdBlock Class]
  {718F4AD3-70D4-425E-9159-5598DFC732ED} <C:\PROGRA~1\yok\adblock.dll, N/A>
[眈壽刲坰]
  {A29F7F71-DCDB-412D-B19A-2002DC966E33} <C:\PROGRA~1\yok\relband.dll, N/A>
[匯出至 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000, N/A>

==================================
Running Processes
[PID: 920][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 968][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 992][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\system32\Ati2evxx.dll]  [N/A, N/A]
[PID: 1036][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\wshcon32.dll]  [, 4, 1, 0, 0]
[PID: 1048][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 1216][C:\WINDOWS\System32\Ati2evxx.exe]  [N/A, N/A]
[PID: 1244][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\wshcon32.dll]  [, 4, 1, 0, 0]
[PID: 1348][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\wshcon32.dll]  [, 4, 1, 0, 0]
[PID: 1540][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\wshcon32.dll]  [, 4, 1, 0, 0]
[PID: 1744][c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe]  [Symantec Corporation, 2.0.0.635]
    [c:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 2.0.0.635]
[PID: 1860][c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe]  [Symantec Corporation, 2.0.0.635]
    [c:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 2.0.0.635]
    [c:\PROGRA~1\COMMON~1\SYMANT~1\ccSetEvt.dll]  [Symantec Corporation, 2.0.0.635]
    [c:\PROGRA~1\NORTON~1\NAVEvent.dll]  [Symantec Corporation, 10.00.13]
[PID: 240][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[PID: 1872][C:\WINDOWS\system32\Ati2evxx.exe]  [N/A, N/A]
[PID: 332][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\Downloaded Program Files\815455\ExDLL.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\System32\WebPageParser.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\Charset.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\CreateDomTree.dll]  [N/A, N/A]
    [C:\WINDOWS\Downloaded Program Files\815455\fshook.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\System32\windhcp.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\windhcp.ocx]  [N/A, N/A]
    [C:\WINDOWS\System32\Kerne0223.dll]  [N/A, N/A]
    [C:\ERICA\WINZIP\WZSHLSTB.DLL]  [WinZip Computing, Inc., 4.1 (32-bit)]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [c:\Program Files\Norton AntiVirus\NavShExt.dll]  [Symantec Corporation, 10.00.13]
    [C:\WINDOWS\System32\igfxpph.dll]  [Intel Corporation, 3.0.0.3818]
    [C:\WINDOWS\System32\hccutils.DLL]  [Intel Corporation, 3.0.0.3818]
    [C:\WINDOWS\System32\igfxres.dll]  [Intel Corporation, 3.0.0.3818]
    [C:\WINDOWS\System32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.3818]
    [C:\WINDOWS\System32\igfxdev.dll]  [Intel Corporation, 3.0.0.3818]
    [C:\Program Files\ICQLite\ICQLiteShell.dll]  [, 20, 50, 2335, 0]
    [C:\Documents and Settings\Owner\Application Data\Foxy\LinkMaker.dll]  [N/A, 1, 0, 9, 0]
    [C:\WINDOWS\system\iRiveriFPUmsMenu.dll]  [, 1, 0, 0, 1]
[PID: 824][C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe]  [N/A, N/A]
[PID: 796][C:\windows\system\hpsysdrv.exe]  [Hewlett-Packard Company, 1, 7, 0, 0]
[PID: 772][C:\Program Files\HP\hpcoretech\hpcmpmgr.exe]  [Hewlett-Packard Company, 2.1.1.0]
[PID: 852][C:\WINDOWS\System32\hphmon05.exe]  [Hewlett-Packard, 5,1,7]
[PID: 860][C:\HP\KBD\KBD.EXE]  [Hewlett-Packard Company, 1.0.2.0]
    [C:\HP\KBD\led.dll]  [Hewlett-Packard Company, 1.0.2.0]
    [C:\HP\KBD\USB.dll]  [Hewlett-Packard Company, 1.0.2.0]
    [C:\HP\KBD\ps2.dll]  [Hewlett-Packard Company, 1.0.2.2.911]
    [C:\HP\KBD\msg.dll]  [Hewlett-Packard Company, 1.0.2.2.911]
    [C:\HP\KBD\osd.dll]  [Hewlett-Packard Company, 1.0.2.1.815]
    [C:\HP\KBD\sct.dll]  [Hewlett-Packard Company, 1.0.2.1.514]
    [C:\HP\KBD\onl.dll]  [Hewlett-Packard Company, 1.0.2.1.109]
    [C:\HP\KBD\aol.dll]  [Hewlett-Packard Company, 1.0.2.0]
    [C:\HP\KBD\url.dll]  [Hewlett-Packard Company, 1.0.2.0]
    [C:\HP\KBD\cfg.dll]  [Hewlett-Packard Company, 1.0.2.1]
    [C:\HP\KBD\MSIKBDIF.DLL]  [Hewlett-Packard Company, 1.0.2.0]

[PID: 512][C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe]  [InterVideo Inc., 3.0.79.325]
[PID: 872][C:\Program Files\InterVideo\Common\Bin\WinRemote.exe]  [InterVideo Inc., 1.8.1]
[PID: 848][C:\Program Files\iTunes\iTunesHelper.exe]  [Apple Computer, Inc., 4.2.0.74]
[PID: 1292][C:\Program Files\Common Files\Symantec Shared\ccApp.exe]  [Symantec Corporation, 2.0.0.635]
    [C:\Program Files\Symantec\LiveUpdate\ProductRegCom.DLL]  [Symantec Corporation, 1.90.14.0]
    [C:\Program Files\Symantec\LiveUpdate\LuComServerPS.DLL]  [Symantec Corporation, 1.90.14.0]
    [c:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 2.0.0.635]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL]  [Symantec Corporation, 2.0.0.635]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL]  [Symantec Corporation, 2.0.0.635]
    [C:\WINDOWS\System32\SYMREDIR.dll]  [Symantec Corporation, 5.5.1.6]
    [C:\PROGRA~1\NORTON~1\CCIMSCAN.DLL]  [Symantec Corporation, 10.0.2.610]
    [C:\PROGRA~1\NORTON~1\DEFALERT.DLL]  [Symantec Corporation, 10.00.13]
    [C:\PROGRA~1\NORTON~1\NAVAPW32.DLL]  [Symantec Corporation, 10.00.13]
    [C:\PROGRA~1\NORTON~1\apwutil.dll]  [Symantec Corporation, 10.00.13]
    [C:\PROGRA~1\NORTON~1\SAVRT32.DLL]  [Symantec Corporation, ]
    [c:\Program Files\Norton AntiVirus\NAVOPTRF.DLL]  [Symantec Corporation, 10.00.109]
    [c:\Program Files\Norton AntiVirus\apwcmdnt.dll]  [Symantec Corporation, 10.00.13]
    [c:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll]  [Symantec Corporation, 2.0.0.635]
    [c:\Program Files\Common Files\Symantec Shared\ccProSub.dll]  [Symantec Corporation, 2.0.0.635]
    [c:\Program Files\Norton AntiVirus\NavEmail.dll]  [Symantec Corporation, 10.0.2.610]
    [C:\WINDOWS\System32\wshcon32.dll]  [, 4, 1, 0, 0]
    [c:\PROGRA~1\NORTON~1\NAVOpts.dll]  [Symantec Corporation, 10.00.13]
    [c:\PROGRA~1\NORTON~1\N32Exclu.dll]  [Symantec Corporation, 10.00.13]
    [c:\PROGRA~1\NORTON~1\S32NAVO.DLL]  [Symantec Corporation, 5.3.0.182]
    [c:\Program Files\Norton AntiVirus\NAVError.dll]  [Symantec Corporation, 10.00.13]
    [c:\Program Files\Norton AntiVirus\NAVAPSCR.dll]  [Symantec Corporation, 10.00.13]
    [C:\Program Files\Common Files\Symantec Shared\LiveReg\IraLsCl2.dll]  [Symantec Corporation, 2.4.0.2044]
    [C:\Program Files\Common Files\Symantec Shared\LiveReg\IraVcLc3.dll]  [Symantec Corporation, 2.4.0.2044]
[PID: 1296][C:\WINDOWS\SOUNDMAN.EXE]  [Realtek Semiconductor Corp., 1, 0, 0, 8]
[PID: 1400][C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe]  [ATI Technologies, Inc., 6.14.10.5102]
    [C:\Program Files\ATI Technologies\ATI Control Panel\atipdsxx.dll]  [ATI Technologies, Inc., 6.14.10.5102]
    [C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATRPUIXX.CHT]  [ATI Technologies, Inc., 6.14.10.5102]
    [C:\Program Files\ATI Technologies\ATI Control Panel\atipdxxx.dll]  [ATI Technologies, Inc., 6.14.10.5102]
[PID: 1412][C:\WINDOWS\ALCWZRD.EXE]  [RealTek Semicoductor Corp., 1.1.0.7]
[PID: 1472][C:\WINDOWS\ALCMTR.EXE]  [Realtek Semiconductor Corp., 1.3]
[PID: 1568][C:\Program Files\QuickTime\qttask.exe]  [Apple Computer, Inc., 6.5]
[PID: 1628][C:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe]  [Ulead Systems, 1, 0, 1, 13]
[PID: 1676][C:\WINDOWS\wt\updater\wcmdmgr.exe]  [WildTangent, Inc., 1.6.1.2]
[PID: 1684][C:\Program Files\WildTangent\Apps\GameChannel.exe]  [WildTangent, 1, 5, 2, 3]
    [C:\Program Files\WildTangent\Apps\wtKernel0100.dll]  [N/A,  ]
    [C:\Program Files\WildTangent\Components\SystemConfig0100.dll]  [WildTangent, Inc., 1.0.0.25]
    [C:\WINDOWS\wt\updater\wtisa.dll]  [WildTangent, Inc., 1, 0, 0, 4]
[PID: 1852][C:\WINDOWS\System32\UpdaterUI.exe]  [Microsoft Corporation, 5.0.2195.6605]
[PID: 1904][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.0.3510]
[PID: 2064][C:\Program Files\Ebates__MoeMoney__Maker\ebatesmmmv.exe]  [N/A, N/A]
    [C:\Program Files\Ebates__MoeMoney__Maker\ebmmm.dll]  [N/A, N/A]
[PID: 2336][C:\WINDOWS\System32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 3816][C:\Program Files\Ebates__MoeMoney__Maker\eb.exe]  [, 1, 0, 0, 1]
[PID: 2660][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\System32\wshcon32.dll]  [, 4, 1, 0, 0]
[PID: 2684][C:\WINDOWS\System32\gearsec.exe]  [GEAR Software, 1, 0, 0, 6]
[PID: 2740][C:\WINDOWS\SYSTEM32\RUNDLL32.EXE]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2776][c:\Program Files\Norton AntiVirus\navapsvc.exe]  [Symantec Corporation, 10.00.13]
    [c:\Program Files\Norton AntiVirus\SAVRT32.DLL]  [Symantec Corporation, ]
    [c:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 2.0.0.635]
[PID: 2940][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2108][C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe]  [Ulead Systems, Inc., 1, 0, 0, 4]
[PID: 3016][C:\WINDOWS\System32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 3040][C:\WINDOWS\avp.exe]  [N/A, N/A]
[PID: 3616][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
[PID: 3632][C:\program files\internet explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
[PID: 3656][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]

[PID: 3680][c:\windows\system32\wbem\lsass.exe]  [Microsoft, 1.0.0.0]
[PID: 1580][C:\Program Files\iPod\bin\iPodService.exe]  [Apple Computer, Inc., 4.2.0.74]
[PID: 3184][C:\Program Files\Messenger\msmsgs.exe]  [Microsoft Corporation, 4.7.2010]
    [c:\windows\system32\Prop7134.dll]  [Philips Semiconductors, 2, 3, 1, 2]
    [C:\WINDOWS\System32\wshcon32.dll]  [, 4, 1, 0, 0]
[PID: 3284][C:\WINDOWS\System32\Kerne0223.exe]  [N/A, N/A]
    [C:\WINDOWS\System32\Kerne0223.dll]  [N/A, N/A]
[PID: 3356][C:\Program Files\eMule\emule.exe]  [http://www.emule.org.cn, 0.47.0]
    [C:\Program Files\eMule\VNNClientS.Dll]  [VNN, 3.0.22.1]
    [C:\Program Files\eMule\ZipLib.dll]  [VNN, 1.0.0.1]
    [C:\Program Files\eMule\vdevstate.dll]  [N/A, N/A]
    [C:\Program Files\eMule\lang\zh_CN.dll]  [http://www.emule-project.net, 0.47.0]
    [C:\WINDOWS\System32\wshcon32.dll]  [, 4, 1, 0, 0]
[PID: 3940][C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\zh-hk\bin\WindowsSearch.exe]  [Microsoft Corporation, 02.05.0001.1119]
[PID: 4012][C:\Erica\WinZip\WZQKPICK.EXE]  [WinZip Computing, Inc., 1.0 (32-bit)]
[PID: 3152][C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\zh-hk\bin\WindowsSearchIndexer.exe]  [Microsoft Corporation, 2.5.1.1119]
[PID: 7876][C:\Program Files\Super Rabbit\magicset\SRIECLI.EXE]  [Super Rabbit Soft, 7.85]
    [C:\WINDOWS\system32\shlobj71.ocx]  [Sky Software (http://www.ssware.com), 7, 1, 0, 0]
[PID: 9980][C:\WINDOWS\System32\msiexec.exe]  [Microsoft Corporation, 2.0.2600.1106]
[PID: 1028][C:\WINDOWS\System32\conime.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 10516][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, N/A]
    [C:\WINDOWS\System32\Kerne0223.dll]  [N/A, N/A]
[PID: 12608][C:\DOCUME~1\Owner\LOCALS~1\Temp\Rar$EX00.047\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
    [C:\WINDOWS\System32\Kerne0223.dll]  [N/A, N/A]

==================================
File Associations
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
MSTCPChain Provider
    C:\WINDOWS\System32\wshcon32.dll(, MFClDLL)
MSTCPChain Provider
    C:\WINDOWS\System32\aelupsvc32.dll(, MFClDLL)
MSAFD Tcpip [TCP/IP]
    C:\WINDOWS\System32\fd5viewer.dll(N/A, N/A)
MSAFD Tcpip [RAW/IP]
    C:\WINDOWS\System32\fd5viewer.dll(N/A, N/A)
MSTCP Provider
    C:\WINDOWS\System32\aelupsvc32.dll(, MFClDLL)
MSTCP Provider
    C:\WINDOWS\System32\wshcon32.dll(, MFClDLL)

==================================
Autorun.Inf
N/A

==================================
HOSTS File
127.0.0.1      localhost

==================================

有沒有人可以幫幫我哦？THX~~~~

【回复“秋日里的蓝天”的帖子】

真的这么严重吗？

因为我的计算机内有很多数据一定做BACKUP，现在计算机运行得很慢，要做完所有的BACKUP可能会花上一个星期多的时间，所以一时之间不能重装系统，却又需要计算机工作，所以真的感到得头大……

如果可以的话，烦请帮帮我吧！感谢感谢！