我修改的启动项怎么又回复到原来了

fanuq

我曾用运行的msconfig修改了启动项。禁止了很多没用的进程。今天我运行System Repair Engineer (SREng)后看到了3个带颜色的启动，刷新后就都没有了。原后看msconfig和优化大师中的启动项都回来了，是不是种病毒了？

wangjay1980

既然有SRE，就扫个报告

fanuq

那三个蓝色的进程是WPDshserviceObj;winlogonNotify:Navlogon和winlogonNotify:wgalogon
我同时把报告也上传了

wangjay1980

1. 
   
2. 
   
3. 2007-05-23,07:47:22
   
4. 
   
5. System Repair Engineer 2.4.12.806
   
6. Smallfrogs ([url]http://www.KZTechs.com[/url])
   
7. 
   
8. Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
   
9. 
   
10. 以下内容被选中：
    
11.     所有的启动项目（包括注册表、启动文件夹、服务等）
    
12.     浏览器加载项
    
13.     正在运行的进程（包括进程模块信息）
    
14.     文件关联
    
15.     Winsock 提供者
    
16.     Autorun.inf
    
17.     HOSTS 文件
    
18. 
    
19. 
    
20. 启动项目
    
21. 注册表
    
22. [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    
23.     <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
    
24.     <ApabiAgent><; "d:\Program Files\Founder\Apabi Reader 3.0\ApabiAgent.exe">  []
    
25.     <Super Rabbit IEPro><; D:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE /LOAD>  [N/A]
    
26. [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    
27.     <run><>  [N/A]
    
28. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    
29.     <NvCplDaemon><; RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    
30.     <Logitech Hardware Abstraction Layer><; KHALMNPR.EXE>  [N/A]
    
31.     <ccApp><"C:\Program Files\Common Files\Symantec Shared\ccApp.exe">  [(Verified)Symantec Corporation]
    
32.     <vptray><C:\PROGRA~1\SYMANT~1\VPTray.exe>  [(Verified)Symantec Corporation]
    
33.     <Babylon Client><; D:\Program Files\Babylon\Babylon-Pro\Babylon.exe -AutoStart>  [Babylon Ltd.]
    
34.     <DAEMON Tools-2052><"D:\Program Files\D-Tools\daemon.exe"  -lang 2052>  [DAEMON'S HOME]
    
35.     <HControl><; C:\WINDOWS\ATK0100\HControl.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    
36.     <High Definition Audio 属性页快捷方式><; HDAShCut.exe>  [(Verified)Microsoft Windows XP Publisher]
    
37.     <IMSCMig><; C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [(Verified)Microsoft Corporation]
    
38.     <KsgUpdateRun><; C:\Program Files\Common Files\Kingsoft\KSG\client.exe>  [N/A]
    
39.     <NvMediaCenter><; RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    
40.     <nwiz><; nwiz.exe /install>  []
    
41.     <Power_Gear><; C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1>  [N/A]
    
42.     <runeip><; C:\Program Files\Rising\AntiSpyware\runiep.exe>  [N/A]
    
43.     <SMSERIAL><; C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    
44.     <StormCodec_Helper><; "D:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>  []
    
45.     <switch><; c:\windows\system32\壁纸自动换.exe>  []
    
46.     <SynTPEnh><; C:\Program Files\Synaptics\SynTP\SynTPEnh.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    
47.     <TkBellExe><; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [N/A]
    
48.     <LiveUpatePower><rem MyUpdate.exe>  [N/A]
    
49. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    
50.     <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    
51.     <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows XP Publisher]
    
52. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    
53.     <AppInit_DLLs><>  [N/A]
    
54. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    
55.     <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
    
56. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    
57.     <WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll>  [(Verified)Microsoft Windows Component Publisher]
    
58. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
    
59.     <WinlogonNotify: NavLogon><C:\WINDOWS\system32\NavLogon.dll>  [(Verified)Symantec Corporation]
    
60. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    
61.     <WinlogonNotify: WgaLogon><WgaLogon.dll>  [(Verified)Microsoft Corporation]
    
62. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
    
63.     <IE7 Uninstall Stub><C:\WINDOWS\system32\ieudinit.exe>  [(Verified)Microsoft Windows Component Publisher]
    
64. [HKEY_CURRENT_USER\Control Panel\Desktop]
    
65.     <SCRNSAVE.EXE><C:\WINDOWS\system32\梦幻水~1.SCR>  []
    
66. 
    
67. ==================================
    
68. 启动文件夹
    
69. N/A
    
70. 
    
71. ==================================
    
72. 服务
    
73. [Symantec Event Manager / ccEvtMgr][Running/Auto Start]
    
74.   <"C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"><Symantec Corporation>
    
75. [Symantec Password Validation / ccPwdSvc][Stopped/Manual Start]
    
76.   <"C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe"><Symantec Corporation>
    
77. [Symantec Settings Manager / ccSetMgr][Running/Auto Start]
    
78.   <"C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"><Symantec Corporation>
    
79. [Symantec AntiVirus Definition Watcher / DefWatch][Running/Auto Start]
    
80.   <"C:\Program Files\Symantec AntiVirus\DefWatch.exe"><Symantec Corporation>
    
81. [Human Interface Device Access / HidServ][Stopped/Disabled]
    
82.   <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
    
83. [LightScribeService Direct Disc Labeling Service / LightScribeService][Running/Auto Start]
    
84.   <"C:\Program Files\Common Files\LightScribe\LSSrvc.exe"><Hewlett-Packard Company>
    
85. [MazeSvr / MazeSvr][Running/Auto Start]
    
86.   <D:\Program Files\天网Maze\MazeSvr.exe><N/A>
    
87. [NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
    
88.   <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
    
89. [SavRoam / SavRoam][Stopped/Manual Start]
    
90.   <"C:\Program Files\Symantec AntiVirus\SavRoam.exe"><symantec>
    
91. [Symantec Network Drivers Service / SNDSrvc][Stopped/Manual Start]
    
92.   <"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"><Symantec Corporation>
    
93. [Symantec SPBBCSvc / SPBBCSvc][Stopped/Manual Start]
    
94.   <"C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe"><Symantec Corporation>
    
95. [Symantec AntiVirus / Symantec AntiVirus][Running/Auto Start]
    
96.   <"C:\Program Files\Symantec AntiVirus\Rtvscan.exe"><Symantec Corporation>
    
97. 
    
98. ==================================
    
99. 驱动程序
    
100. [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
     
101.   <system32\drivers\ac97intc.sys><Intel Corporation>
     
102. [ADI UAA Function Driver for High Definition Audio Service / ADIHdAudAddService][Running/Manual Start]
     
103.   <system32\drivers\ADIHdAud.sys><Analog Devices, Inc.>
     
104. [AliIde / AliIde][Running/Boot Start]
     
105.   <\SystemRoot\System32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
     
106. [AMD K8 Processor Driver / AmdK8][Stopped/Manual Start]
     
107.   <System32\DRIVERS\amdk8.sys><Advanced Micro Devices>
     
108. [bootdrv / bootdrv][Stopped/Boot Start]
     
109.   <\SystemRoot\System32\Drivers\bootdrv.sys><N/A>
     
110. [CmdIde / CmdIde][Running/Boot Start]
     
111.   <\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
     
112. [d347bus / d347bus][Running/Boot Start]
     
113.   <\SystemRoot\system32\DRIVERS\d347bus.sys><>
     
114. [Symantec Eraser Control driver / eeCtrl][Running/System Start]
     
115.   <\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys><Symantec Corporation>
     
116. [VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
     
117.   <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
     
118. [Microsoft 用于 High Definition Audio 服务的 UAA 功能驱动程序 / HdAudAddService][Stopped/Manual Start]
     
119.   <system32\drivers\HdAudio.sys><Windows (R) Server 2003 DDK provider>
     
120. [Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start]
     
121.   <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
     
122. [Logitech SetPoint USB Receiver device driver / LHidUsbK][Stopped/Manual Start]
     
123.   <System32\Drivers\LHidUsbK.Sys><Logitech, Inc.>
     
124. [Logitech SetPoint Mouse Filter Driver / LMouKE][Stopped/Manual Start]
     
125.   <System32\Drivers\LMouKE.sys><N/A>
     
126. [ATK0100 ACPI UTILITY / MTsensor][Running/Manual Start]
     
127.   <system32\DRIVERS\ATKACPI.sys><>
     
128. [NAVENG / NAVENG][Running/Manual Start]
     
129.   <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070521.019\naveng.sys><Symantec Corporation>
     
130. [NAVEX15 / NAVEX15][Running/Manual Start]
     
131.   <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070521.019\navex15.sys><Symantec Corporation>
     
132. [npkcrypt / npkcrypt][Running/Auto Start]
     
133.   <\??\D:\Program Files\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
     
134. [nv / nv][Running/Manual Start]
     
135.   <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
     
136. [PnpWmkDrv / PnpWmkDrv][Running/System Start]
     
137.   <\??\C:\WINDOWS\system32\drivers\PnpWmkDrv.sys><N/A>
     
138. [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
     
139.   <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
     
140. [rclili / rclili][Stopped/Boot Start]
     
141.   <\SystemRoot\System32\drivers\rclili.sys><N/A>
     
142. [rimmptsk / rimmptsk][Running/Manual Start]
     
143.   <system32\DRIVERS\rimmptsk.sys><REDC>
     
144. [rimsptsk / rimsptsk][Running/Manual Start]
     
145.   <system32\DRIVERS\rimsptsk.sys><REDC>
     
146. [Ricoh xD-Picture Card Driver / rismxdp][Running/Manual Start]
     
147.   <system32\DRIVERS\rixdptsk.sys><REDC>
     
148. [RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
     
149.   <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising>
     
150. [Realtek 10/100/1000 NIC Family all in one NDIS XP Driver / RTL8023xp][Running/Manual Start]
     
151.   <system32\DRIVERS\Rtenicxp.sys><Realtek Semiconductor Corporation>
     
152. [SAVRT / SAVRT][Running/System Start]
     
153.   <\??\C:\Program Files\Symantec AntiVirus\savrt.sys><Symantec Corporation>
     
154. [SAVRTPEL / SAVRTPEL][Running/System Start]
     
155.   <\??\C:\Program Files\Symantec AntiVirus\Savrtpel.sys><Symantec Corporation>
     
156. [Secdrv / Secdrv][Stopped/Manual Start]
     
157.   <system32\DRIVERS\secdrv.sys><N/A>
     
158. [SMC IrCC Miniport Device Driver / SMCIRDA][Running/Manual Start]
     
159.   <system32\DRIVERS\smcirda.sys><SMC>
     
160. [smserial / smserial][Running/Manual Start]
     
161.   <system32\DRIVERS\smserial.sys><Motorola Inc.>
     
162. [SPBBCDrv / SPBBCDrv][Stopped/Manual Start]
     
163.   <\??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys><Symantec Corporation>
     
164. [sptd / sptd][Running/Boot Start]
     
165.   <\SystemRoot\System32\Drivers\sptd.sys><N/A>
     
166. [SymEvent / SymEvent][Running/Manual Start]
     
167.   <\??\C:\Program Files\Symantec\SYMEVENT.SYS><Symantec Corporation>
     
168. [SYMREDRV / SYMREDRV][Running/Manual Start]
     
169.   <\SystemRoot\System32\Drivers\SYMREDRV.SYS><Symantec Corporation>
     
170. [SYMTDI / SYMTDI][Running/System Start]
     
171.   <\SystemRoot\System32\Drivers\SYMTDI.SYS><Symantec Corporation>
     
172. [Synaptics TouchPad Driver / SynTP][Running/Manual Start]
     
173.   <system32\DRIVERS\SynTP.sys><Synaptics, Inc.>
     
174. [vaxscsi / vaxscsi][Running/Manual Start]
     
175.   <\SystemRoot\System32\Drivers\vaxscsi.sys><N/A>
     
176. [Intel(R) PRO/Wireless 3945ABG Adapter Driver / w39n51][Running/Manual Start]
     
177.   <system32\DRIVERS\w39n51.sys><Intel? Corporation>
     
178. 
     
179. ==================================
     
180. 浏览器加载项
     
181. [ThunderAtOnce Class]
     
182.   {01443AEC-0FD1-40fd-9C87-E93D1494C233} <D:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
     
183. [Thunder Browser Helper]
     
184.   {06849E9E-C8D7-4D59-B87D-784B7D6BE0B3} <D:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
     
185. [AcroIEHlprObj Class]
     
186.   {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
     
187. [AcroIEToolbarHelper Class]
     
188.   {AE7CD045-E861-484f-8273-0445EE161910} <D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll, Adobe Systems Incorporated>
     
189. [Adobe PDF]
     
190.   {47833539-D0C5-4125-9FA8-0819E2EAAC93} <D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll, Adobe Systems Incorporated>
     
191. [SSReaderPlug]
     
192.   {1DE88635-1C72-401E-B23B-93FA86D30F3B} <C:\WINDOWS\system32\ssreaderplug.dll, 北京超星>
     
193. [Microsoft Outlook 8.0 Object Library]
     
194.   {0006F033-0000-0000-C000-000000000046} <, N/A>
     
195. [Microsoft Office Outlook]
     
196.   {0006F03A-0000-0000-C000-000000000046} <, N/A>
     
197. [ThunderAtOnce Class]
     
198.   {01443AEC-0FD1-40FD-9C87-E93D1494C233} <D:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
     
199. [Thunder Browser Helper]
     
200.   {06849E9E-C8D7-4D59-B87D-784B7D6BE0B3} <D:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
     
201. [AcroIEHlprObj Class]
     
202.   {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
     
203. [PeerDraw Class]
     
204.   {10072CEC-8CC1-11D1-986E-00A0C955B42E} <C:\WINDOWS\system32\dllcache\vgx.dll, Microsoft Corporation>
     
205. [Windows Genuine Advantage Validation Tool]
     
206.   {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, Microsoft Corporation>
     
207. [SSReaderPlug]
     
208.   {1DE88635-1C72-401E-B23B-93FA86D30F3B} <C:\WINDOWS\system32\ssreaderplug.dll, 北京超星>
     
209. [Windows Media Player]
     
210.   {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
     
211. [HTML Document]
     
212.   {25336920-03F9-11CF-8FD0-00AA00686F13} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
     
213. [XML DOM Document]
     
214.   {2933BF90-7B36-11D2-B20E-00C04F983E60} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
     
215. [DHTML Edit Control Safe for Scripting for IE5]
     
216.   {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\WINDOWS\system32\dllcache\dhtmled.ocx, Microsoft Corporation>
     
217. [SSReaderPlug Control]
     
218.   {3359C0B1-2363-40B3-AFCA-1ABC799AC486} <C:\WINDOWS\system32\SSREAD~1.OCX, CX>
     
219. [Adobe PDF]
     
220.   {47833539-D0C5-4125-9FA8-0819E2EAAC93} <D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll, Adobe Systems Incorporated>
     
221. [XML Document]
     
222.   {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
     
223. [Thunder Agent Class]
     
224.   {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <D:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll, Thunder Networking Technologies,LTD>
     
225. [Shell Name Space]
     
226.   {55136805-B2DE-11D1-B9F2-00A0C98BC547} <C:\WINDOWS\system32\ieframe.dll, Microsoft Corporation>
     
227. [WUWebControl Class]
     
228.   {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
     
229. [Windows Media Player]
     
230.   {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
     
231. [Active Desktop Mover]
     
232.   {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
     
233. [Microsoft Web Browser]
     
234.   {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\ieframe.dll, Microsoft Corporation>
     
235. [Thunder Browser Helper]
     
236.   {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
     
237. [XML DOM Document 4.0]
     
238.   {88D969C0-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml4.dll, Microsoft Corporation>
     
239. [AcroIEToolbarHelper Class]
     
240.   {AE7CD045-E861-484F-8273-0445EE161910} <D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll, Adobe Systems Incorporated>
     
241. [RDS.DataSpace]
     
242.   {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
     
243. [CheckReader Class]
     
244.   {C9E75CAD-ACA5-4074-81CC-5448FCCFE987} <d:\Program Files\Founder\Apabi Reader 3.0\Check.dll, >
     
245. [AUDIO__MP3 Moniker Class]
     
246.   {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
     
247. [AUDIO__X_MS_WMA Moniker Class]
     
248.   {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
     
249. [VIDEO__X_MS_ASF Moniker Class]
     
250.   {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
     
251. [RealPlayer G2 Control]
     
252.   {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
     
253. [Shockwave Flash Object]
     
254.   {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
     
255. [QuickTimeCheck Class]
     
256.   {DE4AF3B0-F4D4-11D3-B41A-0050DA2E6C21} <D:\Program Files\Ringz Studio\Storm Codec\QTSystem\QTCheck.ocx, Apple Computer, Inc.>
     
257. [RevealTrans]
     
258.   {E31E87C4-86EA-4940-9B8A-5BD5D179A737} <C:\WINDOWS\system32\Dxtmsft.dll, Microsoft Corporation>
     
259. [XML HTTP Request]
     
260.   {ED8C108E-4349-11D2-91A4-00C04F7969E8} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
     
261. [XML DOM Document 3.0]
     
262.   {F5078F32-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
     
263. [XML HTTP 3.0]
     
264.   {F5078F35-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
     
265. [XML DOM Document]
     
266.   {F6D90F11-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
     
267. [XML HTTP]
     
268.   {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
     
269. [使用迅雷下载]
     
270.   <D:\Program Files\Thunder Network\Thunder\Program\geturl.htm, N/A>
     
271. [使用迅雷下载全部链接]
     
272.   <D:\Program Files\Thunder Network\Thunder\Program\getallurl.htm, N/A>
     
273. [转换为 Adobe PDF]
     
274.   <res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html, N/A>
     
275. [转换为现有 PDF]
     
276.   <res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html, N/A>
     
277. [转换选定的链接为 Adobe PDF]
     
278.   <res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html, N/A>
     
279. [转换选定的链接为现有 PDF]
     
280.   <res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html, N/A>
     
281. [转换选项为 Adobe PDF]
     
282.   <res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html, N/A>
     
283. [转换选项为现有 PDF]
     
284.   <res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html, N/A>
     
285. [转换链接目标为 Adobe PDF]
     
286.   <res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html, N/A>
     
287. [转换链接目标为现有 PDF]
     
288.   <res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html, N/A>
     
289. 
     
290. ==================================
     
291. 正在运行的进程
     
292. [PID: 1392][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
     
293. [PID: 1440][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
     
294. [PID: 1472][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
     
295.     [C:\WINDOWS\system32\WgaLogon.dll]  [Microsoft Corporation, 1.7.0018.5]
     
296.     [C:\WINDOWS\system32\NavLogon.dll]  [Symantec Corporation, 10.0.0.359]
     
297.     [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
     
298. [PID: 1516][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
     
299.     [C:\WINDOWS\AppPatch\AcAdProc.dll]  [Microsoft Corporation, 5.1.2600.3008 (xpsp.061004-0027)]
     
300. [PID: 1528][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
     
301. [PID: 3436][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
     
302.     [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
     
303.     [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16441 (vista_gdr.070219-1500)]
     
304.     [C:\WINDOWS\system32\ieframe.dll]  [Microsoft Corporation, 7.00.6000.16441 (vista_gdr.070219-1500)]
     
305.     [C:\WINDOWS\system32\WPDShServiceObj.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
     
306.     [C:\WINDOWS\system32\PortableDeviceTypes.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
     
307.     [C:\WINDOWS\system32\PortableDeviceApi.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
     
308.     [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
     
309.     [D:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
     
310.     [D:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.CHS]  [Adobe Systems, Inc., 7.0.0.0]
     
311.     [D:\Program Files\Babylon\Babylon-Pro\CAPTLIB.DLL]  [Babylon Ltd., 6.0.0.27]
     
312.     [D:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 2, 17]
     
313.     [D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.0.2004121400]
     
314.     [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
     
315.     [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
     
316. [PID: 3648][C:\Program Files\Common Files\Symantec Shared\ccApp.exe]  [Symantec Corporation, 103.5.1.9]
     
317.     [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
     
318.     [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
     
319.     [C:\Program Files\Common Files\Symantec Shared\ccL35.dll]  [Symantec Corporation, 103.5.1.9]
     
320.     [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 103.5.1.9]
     
321.     [C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL]  [Symantec Corporation, 103.5.1.9]
     
322.     [C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL]  [Symantec Corporation, 103.5.1.9]
     
323.     [C:\WINDOWS\system32\SYMREDIR.DLL]  [Symantec Corporation, 5.5.1.6]
     
324.     [C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll]  [Symantec Corporation, 103.5.1.9]
     
325.     [C:\Program Files\Common Files\Symantec Shared\ccProSub.dll]  [Symantec Corporation, 103.5.1.9]
     
326.     [C:\Program Files\Symantec AntiVirus\SavEmail.dll]  [Symantec Corporation, 10.0.0.359]
     
327. [PID: 3656][C:\PROGRA~1\SYMANT~1\VPTray.exe]  [Symantec Corporation, 10.0.0.359]
     
328.     [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
     
329.     [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
     
330.     [C:\Program Files\Symantec AntiVirus\SAVRT32.DLL]  [Symantec Corporation, 9.5.0.44]
     
331.     [C:\Program Files\Symantec AntiVirus\Cliproxy.dll]  [Symantec Corporation, 10.0.0.359]
     
332.     [C:\PROGRA~1\SYMANT~1\NAVNTUTL.DLL]  [Symantec Corporation, 10.0.0.359]
     
333.     [c:\program files\common files\symantec shared\ssc\ScsComms.dll]  [Symantec Corporation, 10.0.0.359]
     
334.     [C:\WINDOWS\system32\nts.dll]  [Intel? Corporation, 6.12.0.130 E]
     
335.     [C:\WINDOWS\system32\cba.dll]  [Intel? Corporation, 6.12.0.130 E]
     
336.     [C:\WINDOWS\system32\MsgSys.dll]  [Intel? Corporation, 6.12.0.130 E]
     
337.     [C:\WINDOWS\system32\PDS.DLL]  [Intel? Corporation, 6.12.0.130 E]
     
338. [PID: 3696][D:\Program Files\D-Tools\daemon.exe]  [DAEMON'S HOME, 3.47.0.0]
     
339.     [C:\WINDOWS\daemon.dll]  [, 3.47.0.0]
     
340.     [D:\Program Files\D-Tools\PFCTOC.DLL]  [Padus(R), Inc., 1, 0, 0, 12]
     
341.     [D:\Program Files\D-Tools\Plugins\Images\ccdmount.dll]  [GENERIC, 1.02.0.0]
     
342.     [D:\Program Files\D-Tools\Plugins\Images\mdsmount.dll]  [GENERIC, 1.01.0.0]
     
343.     [D:\Program Files\D-Tools\Plugins\Images\pdimount.dll]  [GENERIC, 1.01.0.0]
     
344.     [D:\Program Files\D-Tools\Plugins\Images\nrgmount.dll]  [GENERIC, 1.02.0.0]
     
345.     [D:\Program Files\D-Tools\Plugins\Images\bw5mount.dll]  [, 1.0.2.0]
     
346. [PID: 3832][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
     
347. [PID: 4076][C:\WINDOWS\system32\wuauclt.exe]  [Microsoft Corporation, 5.8.0.2469 built by: lab01_n(wmbla)]
     
348.     [C:\WINDOWS\system32\wups2.dll]  [Microsoft Corporation, 5.8.0.2469 built by: lab01_n(wmbla)]
     
349. [PID: 1624][D:\Program Files\Babylon\Babylon-Pro\Babylon.exe]  [Babylon Ltd., 6.0.0.27]
     
350.     [D:\Program Files\Babylon\Babylon-Pro\BException.dll]  [Babylon Ltd., 6.0.0.27]
     
351.     [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16441 (vista_gdr.070219-1500)]
     
352.     [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
     
353.     [D:\Program Files\Babylon\Babylon-Pro\BabyServices.DLL]  [Babylon Ltd., 6.0.0.27]
     
354.     [D:\Program Files\Babylon\Babylon-Pro\CAPTLIB.DLL]  [Babylon Ltd., 6.0.0.27]
     
355.     [D:\Program Files\Babylon\Babylon-Pro\BContentServer.DLL]  [Babylon Ltd., 6.0.0.27]
     
356.     [C:\WINDOWS\system32\ieframe.dll]  [Microsoft Corporation, 7.00.6000.16441 (vista_gdr.070219-1500)]
     
357. [PID: 3160][D:\Program Files\完美卸载V2007 完整版\MainCon.exe]  [, 20.xx.xx]
     
358.     [D:\Program Files\完美卸载V2007 完整版\SkinMagic.dll]  [Appspeed Inc., 2, 4, 1, 1]
     
359.     [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
     
360.     [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16441 (vista_gdr.070219-1500)]
     
361.     [C:\WINDOWS\system32\ieframe.dll]  [Microsoft Corporation, 7.00.6000.16441 (vista_gdr.070219-1500)]
     
362.     [D:\Program Files\Babylon\Babylon-Pro\CAPTLIB.DLL]  [Babylon Ltd., 6.0.0.27]
     
363.     [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
     
364.     [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
     
365. [PID: 300][D:\Program Files\完美卸载V2007 完整版\MyUpdate.exe]  [, 2.0.0.0]
     
366.     [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
     
367.     [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16441 (vista_gdr.070219-1500)]
     
368.     [D:\Program Files\完美卸载V2007 完整版\SkinMagic.dll]  [Appspeed Inc., 2, 4, 1, 1]
     
369.     [C:\WINDOWS\system32\ieframe.dll]  [Microsoft Corporation, 7.00.6000.16441 (vista_gdr.070219-1500)]
     
370.     [D:\Program Files\Babylon\Babylon-Pro\CAPTLIB.DLL]  [Babylon Ltd., 6.0.0.27]
     
371. [PID: 2540][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 7.00.6000.16441 (vista_gdr.070219-1500)]
     
372.     [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16441 (vista_gdr.070219-1500)]
     
373.     [C:\WINDOWS\system32\IEFRAME.dll]  [Microsoft Corporation, 7.00.6000.16441 (vista_gdr.070219-1500)]
     
374.     [C:\WINDOWS\system32\IEUI.dll]  [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
     
375.     [C:\WINDOWS\system32\xmllite.dll]  [Microsoft Corporation, 1.00.1018.0]
     
376.     [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
     
377.     [C:\Program Files\Internet Explorer\ieproxy.dll]  [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
     
378.     [D:\Program Files\Babylon\Babylon-Pro\CAPTLIB.DLL]  [Babylon Ltd., 6.0.0.27]
     
379.     [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
     
380.     [D:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.0.4]
     
381.     [D:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 2, 17]
     
382.     [D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.0.2004121400]
     
383.     [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
     
384.     [D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll]  [Adobe Systems Incorporated, 7.0.0.0]
     
385.     [C:\WINDOWS\system32\ATL71.DLL]  [Microsoft Corporation, 7.10.3077.0]
     
386.     [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
     
387.     [D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.CHS]  [Adobe Systems Incorporated, 7.0.0.0]
     
388.     [C:\WINDOWS\system32\ieapfltr.dll]  [Microsoft Corporation, 7.0.6000.16461]
     
389.     [C:\WINDOWS\system32\msfeeds.dll]  [Microsoft Corporation, 7.00.6000.16441 (vista_gdr.070219-1500)]
     
390.     [D:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
     
391.     [D:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.CHS]  [Adobe Systems, Inc., 7.0.0.0]
     
392. [PID: 2024][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, ]
     
393.     [C:\WINDOWS\system32\wpdshext.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
     
394.     [C:\WINDOWS\system32\PortableDeviceApi.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
     
395.     [C:\WINDOWS\system32\Audiodev.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
     
396.     [D:\Program Files\Babylon\Babylon-Pro\CAPTLIB.DLL]  [Babylon Ltd., 6.0.0.27]
     
397.     [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16441 (vista_gdr.070219-1500)]
     
398.     [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
     
399.     [C:\WINDOWS\system32\ieframe.dll]  [Microsoft Corporation, 7.00.6000.16441 (vista_gdr.070219-1500)]
     
400. [PID: 1040][C:\DOCUME~1\asus\LOCALS~1\Temp\Rar$EX00.703\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]
     
401.     [C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
     
402.     [C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16441 (vista_gdr.070219-1500)]
     
403.     [D:\Program Files\Babylon\Babylon-Pro\CAPTLIB.DLL]  [Babylon Ltd., 6.0.0.27]
     
404. 
     
405. ==================================
     
406. 文件关联
     
407. .TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
     
408. .EXE  OK. ["%1" %*]
     
409. .COM  OK. ["%1" %*]
     
410. .PIF  OK. ["%1" %*]
     
411. .REG  OK. [regedit.exe "%1"]
     
412. .BAT  OK. ["%1" %*]
     
413. .SCR  OK. ["%1" /S]
     
414. .CHM  OK. ["C:\WINDOWS\hh.exe" %1]
     
415. .HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
     
416. .INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
     
417. .INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
     
418. .VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
     
419. .JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
     
420. .LNK  OK. [{00021401-0000-0000-C000-000000000046}]
     
421. 
     
422. ==================================
     
423. Winsock 提供者
     
424. N/A
     
425. 
     
426. ==================================
     
427. Autorun.inf
     
428. N/A
     
429. 
     
430. ==================================
     
431. HOSTS 文件
     
432. N/A
     
433. 
     
434. ==================================
     
435. API HOOK
     
436. N/A
     
437. 
     
438. ==================================
     
439. 隐藏进程
     
440. N/A
     
441. 
     
442. ==================================
     
443. 
     
444. 
     

复制代码

wangjay1980

没问题，不过确实启动项太多，你可以直接用SRE去掉一些软件的启动项。

fanuq

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion下所有以“run”开头的键值；
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion下所有以“run”开头的键值；
HKEY-USERS\Default\Software\Microsoft\Windows\CurrentVersion下所有以“run”开头的键值。
启动项除了这三个还有哪些，怎么改呢？

fanuq

我的启动改为：不知道还有什么可以删的不？

shuipao

你以前中过毒吗？有几个驱动感觉像是病毒残留。

xffsfy

是比较多....
有些自启动项（比如real）会自己恢复，比较郁闷

[ 本帖最后由 xffsfy 于 2007-5-26 10:22 编辑 ]

fanuq

中过病毒，那怎样才能把病毒残留去掉呢？