2006-08-22,22:04:16

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [Microsoft Corporation]
    <bgswitch><C:\WINDOWS\system32\bgswitch.exe>  []
    <91cast><>  []
    <svc><C:\WINDOWS\svchost.exe>  []
    <MyShares><c:\program Files\忆多多\MyShares.exe /tray>  []
    <NetCounter><c:\Program Files\NetCounter\NetCount.exe>  []
    <Syss><C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ehuupdate.exe>  [Micorsoft EXE]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><C:\WINDOWS\73bif34.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [Microsoft Corporation]
    <SoundMan><SOUNDMAN.EXE>  [Realtek Semiconductor Corp.]
    <MSService_v1.0><C:\WINDOWS\system\realsched.exe>  []
    <Desktop><C:\WINDOWS\system32\rundll32.exe "C:\Program Files\DeskAdTop\Run.dll" ,Rundll>  []
    <91cast><>  []

<svc><C:\WINDOWS\svchost.exe>  []
    <pbmini><C:\Program Files\pcast\PodcastbarMini\PodcastBar.exe -hide>  []
    <sysmini><C:\WINDOWS\system32\sysmini.exe>  []
    <spoolsv><C:\WINDOWS\system32\spoolsv\spoolsv.exe -printer>  [广州傲讯信息科技有限公司]
    <ourmini><C:\WINDOWS\System\svchost.exe>  [MicroSoft Corporation]
    <defender><c:\\dfndrff_12.exe>  [ewjiruweru8tu389uu54389refju8eu]
    <keyboard><c:\\kybrdff_12.exe>  [*&&*#&$*#RU*#Y&*#YR&Y#&RY#R]
    <newname><c:\\nwnmff_12.exe>  [04399289e8uwhru243y5r78f73yh3t7y3]
    <><C:\WINDOWS\system32\intenat.exe>  []
    <SoundMam><C:\WINDOWS\system32\SVOHOST.exe>  []
    <RichMedia><C:\WINDOWS\system32\Rundll32.exe  "C:\PROGRA~1\pcast\hbcast.dll",WaitWindows>  [Shanghai Henbang Technology Co., Ltd]
    <ToP><C:\WINDOWS\LSASS.exe>  [nYVmLJNNBoK0PT1Uvl2f]
    <TProgram><C:\WINDOWS\SMSS.EXE>  [Xs5kzBEUMw1vRVHCJxSh]
    <Torjan Program><C:\WINDOWS\WINLOGON.EXE>  [nYVmKIMNAnJPS1Tul2fq]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <uninsrest><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <SoundMix><rundll32.exe C:\WINDOWS\system32\soundmix.dll,Load>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\hhkgkah.exe>  []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <DelayRun><C:\WINDOWS\73bdf340.dll>  []
    <webwork><C:\WINDOWS\webwork\webwork.dll>  [MSWebwork Cop.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Extensions]
    <WinlogonNotify: Extensions><C:\WINDOWS\system32\amrsvc.dll>  []

==================================
启动文件夹
[IE-Bar]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\IE-Bar.lnk><N>

==================================
服务
[JMediaService / JMediaService]
  <C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\MMSASS~1\MMSSVER.DLL,Service><N/A>
[UpdateService / UpdateService]

<C:\WINDOWS\system32\UpdateService.exe><N/A>

==================================
浏览器加载项
[MyIEHelper Class]
  {16B770A0-0E87-4278-B748-2460D64A8386} <C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper_4683.dll, Microsoft Corporation>
[JUJU猫]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.jujumao.com, N/A>
[MMSAssistMenu]
  {6671A433-5C3D-463d-A7CF-5587F9B7E191} <C:\PROGRA~1\MMSASS~1\mmsass~1.dll, >
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll,

Microsoft Corporation>
[internet explorer helper]
  {02C9B9AB-6372-46C5-B356-773FAF3B6B1E} <C:\WINDOWS\fonts\msshapi.dll, N/A>
[MonitorURL Class]
  {08A312BB-5409-49FC-9347-54BB7D069AC6} <C:\PROGRA~1\DESKAD~1\deskipn.dll, >
[wmpdrm]
  {0E674588-66B7-4E19-9D0E-2053B800F69F} <C:\WINDOWS\system32\wmpdrm.dll, Allsum Info. Tech. Ltd.>
[Shockwave Flash Object]
  {14A21378-5BB1-4BC4-95D5-5D3F51527F6F} <C:\WINDOWS\system32\smflash.ocx, Macromedia, Inc.>
[MyIEHelper Class]
  {16B770A0-0E87-4278-B748-2460D64A8386} <C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper_4683.dll, Microsoft Corporation>
[FltSetUp Class]
  {1D49D58D-5C84-4B50-8359-D9809BEB2B32} <C:\Program Files\Internet Explorer\Connection Wizard\icwuti1.dll, Microsoft Corporation>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[Wbho Class]
  {40E3A34A-3282-41F8-AD2C-051BAB96AD4A} <C:\WINDOWS\system32\usign.dll, N/A>
[HHCtrl Object]

{52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[JMX.JmxCenter]
  {63859236-76BF-493C-A587-DF479EBA2D4B} <C:\WINDOWS\system32\EJMX.dll, 广州盛行网络有限公司>
[ActiveBHO Class]
  {63C55A7F-6E29-8D4F-5C76-4F850F28D13A} <C:\Progra~1\DoDoorRSSFinder\ActiveBandObject.dll, >
[Vision]
  {6671A431-5C3D-463D-A7CF-5587F9B7E191} <C:\PROGRA~1\MMSASS~1\mmsass~1.dll, >
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[MSHlper Class]
  {721E6521-4CAD-4A8D-A7F1-4E230B31EF19} <C:\WINDOWS\system32\MSHLP.DLL, >
[CpapView Class]
  {77962960-536E-47EC-9DDB-52651519705F} <C:\WINDOWS\system32\rundll32.dll, >
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>

[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_001.dll, Thunder Networking Technologies,LTD>
[WinSC Class]
  {9ACEEE31-1440-471B-AA46-72B061FE7D61} <C:\WINDOWS\system32\WinSC.dll, N/A>
[estAliveObj Class]
  {A2B7A0F0-B697-4A71-8D91-43443F57D7BB} <C:\WINDOWS\estAlive.dll, Eastday Corporation>
[Yahoo Bar]
  {A697BC46-BC93-4833-93F5-1E365011E88A} <C:\WINDOWS\ODBINT.dll, N/A>
[DeskbarBHO]
  {A8B28872-3324-4CD2-8AA3-7D555C872D96} <C:\Program Files\Deskbar\deskbar.dll, Deskbar>
[Java Enhancer]
  {AF098F95-7CEA-407A-8552-3846737CC4B2} <C:\WINDOWS\system32\contwin.dll, Sun MicroSystems, Inc.>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RealPlayer Control]
  {BDBFE1F2-14C7-42D3-ACC7-4C2757F27F55} <C:\WINDOWS\system32\RMOC3360.DLL, RealNetworks,Inc.>
[Webacc Class]

{CAC068F3-A608-406B-8581-458788A67694} <C:\WINDOWS\system32\svchost.dll, >
[XrqRigqe Class]
  {D10AB699-13CD-77C4-6654-8F7D36406486} <C:\WINDOWS\DOWNLO~1\qsvr.dll, lyipusoft>
[51导航]
  {D271A289-57EB-4D0E-9131-A0CD25D4D1F8} <C:\WINDOWS\system32\browsewmzero.dll, N/A>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[DuiSo.com Search]
  {E2218499-2FD4-4EED-A94A-7F0B9C6E300E} <C:\WINDOWS\system32\Inte32.dll, N/A>
[BHelper Class]
  {F2E37336-BFDB-409B-8D0E-6F013C438B20} <C:\WINDOWS\system32\73bof340.dll, N/A>
[上传到QQ网络硬盘]
  <C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>

[添加到QQ自定义面板]
  <C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>

==================================
正在运行的进程
[PID: 352][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 408][\??\C:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 432][\??\C:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\amrsvc.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\msplus.dll]  <><1, 0, 0, 1>
    [C:\WINDOWS\system32\quartz32.dll]  <><4, 0, 0, 0>
[PID: 476][C:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\msplus.dll]  <><1, 0, 0, 1>
    [C:\WINDOWS\system32\quartz32.dll]  <><4, 0, 0, 0>
[PID: 488][C:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>