[CODE]

2007-02-02,11:26:50

System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <internat.exe><; internat.exe>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <LClock><rem C:\Program Files\LClock\LClock.exe>  [N/A]
    <HotKeysCmds><C:\WINDOWS\system32\hkcmd.exe>  [(Verified)Intel Corporation]
    <paTray><rem "C:\Program Files\AhnLab\APC2\Policy Agent\patray.exe">  [N/A]
    <AHNSD><"C:\Program Files\AhnLab\Smart Update Utility\AhnSD.exe">  [(Verified)AhnLab, Inc.]
    <webService><C:\WINDOWS\services.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\Userinit.exe,rundll32.exe C:\WINDOWS\system32\winsys16_070127.dll start>  [N/A]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{99F1D023-7CEB-4586-80F7-BB1A98DB7602}><C:\Program Files\Internet Explorer\IEXPLORE.Sys>  [N/A]
    <{4ED6E0B5-F47A-4609-A940-11CF60FDC3C3}><C:\WINDOWS\system32\mctet.dll>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptimg]
    <WinlogonNotify: cryptimg><cryptimg.dll>  [Microsoft Corporation]

==================================
启动文件夹
N/A

==================================
服务
[4FEB270 / 4FEB270][Stopped/Auto Start]
  <C:\WINDOWS\system32\4FEB270.EXE -service><Microsoft Corporation>
[9FFD0DA0 / 9FFD0DA0][Stopped/Auto Start]
  <C:\WINDOWS\system32\9FFD0DA0.EXE -service><Microsoft Corporation>
[AhnLab Task Scheduler / AhnLab Task Scheduler][Running/Auto Start]
  <"C:\Program Files\AhnLab\Smart Update Utility\AhnSDsv.exe"><AhnLab, Inc.>
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
  <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Imsvc / Imsvc][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\Webmail.dll><>
[Remote Registry Protect / Investor][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\cgjhq.dll><Microsoft Corporation>
[Logical Disk Manager Administrator Service / Logical Disk Manager Administrator Service][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\ntxml.dll><>
[MonSvcNT / MonSvcNT][Running/Auto Start]
  <C:\PROGRA~1\AhnLab\V3\MonSvcNT.exe><AhnLab, Inc.>
[Policy Agent Service V2.5 / paSvc][Running/Auto Start]
  <"C:\Program Files\AhnLab\APC2\Policy Agent\pasvc.exe"><AhnLab, Inc.>
[Remote Managements Instrumenta / Remss_Ser][Stopped/Auto Start]
  <C:\WINDOWS\system32\netstart.exe -service><N/A>
[SysServiceStart / ServiceStart][Running/Auto Start]
  <C:\Windows\system32\RWBIQXEKRY.EXE><N/A>
[Security Machine Manager / SOCEESe][Running/Auto Start]
  <C:\WINDOWS\SYSTEM32\RUNDLL32.EXE C:\WINDOWS\SYSTEM32\WBEM\EKBMM.DLL,Export 1087><N/A>
[Provisioning Transaction Service / ttt_14][Running/Auto Start]
  <C:\WINDOWS\system32\win.exe><N/A>
[Vsn vsxx Service / vsxx][Running/Auto Start]
  <C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\bfda\imkh.dll,Service><Microsoft Corporation>
[Windows DHCP Service / WinDHCPsvc][Stopped/Auto Start]
  <C:\WINDOWS\system32\rundll32.exe windhcp.ocx,start><Microsoft Corporation>
[Windows_ServerDdos / Windows_ServerDdos][Stopped/Auto Start]
  <C:\WINDOWS\system32\kaven.exe><N/A>
[WinXP DHCP Service / WinXPDHCPsvc][Stopped/Auto Start]
  <C:\WINDOWS\system32\rundll32.exe xpdhcp.dll,start><Microsoft Corporation>

驱动程序
[acpidisk / acpidisk][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\acpidisk.sys><N/A>
[AhnFlt2K / AhnFlt2K][Running/Manual Start]
  <\??\C:\WINDOWS\system32\Drivers\AhnFlt2K.sys><AhnLab, Inc.>
[AhnRec2K / AhnRec2K][Running/Manual Start]
  <\??\C:\WINDOWS\system32\Drivers\AhnRec2K.sys><AhnLab, Inc.>
[Service for WDM 3D Audio Driver / ALCXSENS][Stopped/Manual Start]
  <system32\drivers\ALCXSENS.SYS><N/A>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Stopped/Manual Start]
  <system32\drivers\ALCXWDM.SYS><N/A>
[AnfdIont / AnfdIont][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\AnfdIont.sys><AhnLab, Inc.>
[AnfdTDnt / AnfdTDnt][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\AnfdTDnt.sys><AhnLab, Inc.>
[ApfIPXX / ApfIPXX][Stopped/Manual Start]
  <\??\C:\PROGRA~1\AhnLab\V3\ApfIPXX.sys><AhnLab, Inc.>
[ast / ast][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\ast.sys><N/A>
[cxuppos / cxuppos][Running/Boot Start]
  <\SystemRoot\system32\drivers\cxuppos.sys><N/A>
[ffpbek / ffpbek][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\ffpbek.sys><Microsoft Corporation>
[HOSTNT / HOSTNT][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\hostnt.sys><N/A>
[ialm / ialm][Running/Manual Start]
  <system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[IdeBusDr / IdeBusDr][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\IdeBusDr.sys><Intel Corporation>
[Intel(R) Ultra ATA Controller / IdeChnDr][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\IdeChnDr.sys><Intel Corporation>
[IP Network Address Translator / IpNat][Running/Manual Start]
  <system32\DRIVERS\ipnat.sys><Microsoft Corporation>
[lxyp / lxypc][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\lxypc.sys><N/A>
[ESS Maestro2E Audio Driver (WDM) / Maestro][Running/Manual Start]
  <system32\drivers\essm2e.sys><ESS Technology, Inc.>
[MHDRV / MHDRV][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\mhdrv.sys><Rainbow China Co., Ltd.>
[msqmx / msqmx][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\msqmx.sys><N/A>
[plisdpz / plisdpz][Running/Boot Start]
  <\SystemRoot\system32\drivers\plisdpz.sys><N/A>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RCMHDOG / RCMHDOG][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\rcmhdog.sys><Rainbow China Co., Ltd.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[SVKP / SVKP][Running/Auto Start]
  <\??\C:\WINDOWS\system32\SVKP.sys><AntiCracking>
[Rainbow China UMC Driver / UsbC][Stopped/Manual Start]
  <System32\Drivers\rcusbwdm.sys><Rainbow China Co. Ltd.>
[v3engine / v3engine][Running/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\v3engine.sys><AhnLab, Inc.>
[V3Flt2K / V3Flt2K][Running/Manual Start]
  <\??\C:\PROGRA~1\AhnLab\V3\V3Flt2K.sys><AhnLab, Inc.>
[V3IFt2K / V3IFt2K][Running/Manual Start]
  <\??\C:\PROGRA~1\AhnLab\V3\V3IFt2K.sys><AhnLab, Inc.>
[V3IPXX / V3IPXX][Stopped/Manual Start]
  <\??\C:\PROGRA~1\AhnLab\V3\V3IPXX.sys><AhnLab, Inc.>
[V3NfeNt / V3NfeNt][Running/Auto Start]
  <\??\C:\Program Files\AhnLab\V3\V3NfeNt.sys><AhnLab, Inc.>
[voodoo / voodoo][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\voodoo.sys><N/A>
[Intel(R) Graphics Platform (SoftBIOS) Driver / {6080A529-897E-4629-A488-ABA0C29B635E}][Running/Manual Start]
  <system32\drivers\ialmsbw.sys><Intel Corporation>
[Intel(R) Graphics Chipset (KCH) Driver / {D31A0762-0CEB-444e-ACFF-B049A1F6FE91}][Running/Manual Start]
  <system32\drivers\ialmkchw.sys><Intel Corporation>

==================================
浏览器加载项
[CPub Object]
  {0CA51D02-7739-43EA-8D9A-1E8AD4327B03} <C:\Program Files\P4P\sodaie.dll, N/A>
[Info cache]
  {385AB8C6-FB22-4D17-8834-064E2BA0A6F0} <C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll, 金泰丰(广州)科技有限公司>
[vwxu]
  {48BC7505-4B0F-4289-985D-3EF79A203B60} <C:\PROGRA~1\bfda\fjhe.dll, >
[XBTP07757 Class]
  {5F915F24-69C2-4ef0-BF74-8A69E4D28E0B} <C:\PROGRA~1\搜阉索骼栏竆\eqiso.dll, N/A>
[]
  {6671A431-5C3D-463d-A7CF-5587F9B7E191} <C:\PROGRA~1\bfda\.dll, N/A>
[YDKRZGMTZGMTZ]
  {72D93625-D049-4B9E-9D7D-1131D0AFCAD4} <C:\WINDOWS\system32\PVAHPVCIP.DLL, N/A>
[V3BOH Class]
  {76EAE03C-F2B1-4397-97E8-390920B7C2DC} <C:\Program Files\AhnLab\V3\V3Bar.dll, AhnLab, Inc.>
[af6a]
  {DFCB34B6-902D-426E-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\42c4ntos.dll, N/A>
[af6a]
  {DFCB34B6-902D-426E-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\42c4ntos.dll, N/A>
[V3]
  {9E3849D6-41EF-4B2F-86B7-632EF90758E4} <"C:\Program Files\AhnLab\V3\V3Bar.dll", N/A>
[搜索栏]
  {A1A77F56-C12B-45AF-997E-C1D8505E2E68} <C:\Program Files\搜索栏\eqiso.dll, IE Toolbar>
[CPub Object]
  {0CA51D02-7739-43EA-8D9A-1E8AD4327B03} <C:\Program Files\P4P\sodaie.dll, N/A>
[Info cache]
  {385AB8C6-FB22-4D17-8834-064E2BA0A6F0} <C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll, 金泰丰(广州)科技有限公司>
[vwxu]
  {48BC7505-4B0F-4289-985D-3EF79A203B60} <C:\PROGRA~1\bfda\fjhe.dll, >
[XBTP07757 Class]
  {5F915F24-69C2-4EF0-BF74-8A69E4D28E0B} <C:\PROGRA~1\搜阉索骼栏竆\eqiso.dll, N/A>
[]
  {6671A431-5C3D-463D-A7CF-5587F9B7E191} <C:\PROGRA~1\bfda\.dll, N/A>
[YDKRZGMTZGMTZ]
  {72D93625-D049-4B9E-9D7D-1131D0AFCAD4} <C:\WINDOWS\system32\PVAHPVCIP.DLL, N/A>
[V3BOH Class]
  {76EAE03C-F2B1-4397-97E8-390920B7C2DC} <C:\Program Files\AhnLab\V3\V3Bar.dll, AhnLab, Inc.>
[V3]
  {9E3849D6-41EF-4B2F-86B7-632EF90758E4} <"C:\Program Files\AhnLab\V3\V3Bar.dll", N/A>
[搜索栏]
  {A1A77F56-C12B-45AF-997E-C1D8505E2E68} <C:\Program Files\搜索栏\eqiso.dll, IE Toolbar>
[af6a]
  {DFCB34B6-902D-426E-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\42c4ntos.dll, N/A>

正在运行的进程
[PID: 472][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 528][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 552][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\winlib .dll]  [N/A, N/A]
[PID: 596][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 608][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 752][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 812][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 848][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\webmail.dll]  [, 1, 0, 0, 2]
    [c:\windows\system32\ntxml.dll]  [, 1, 0, 0, 1]
[PID: 896][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 948][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1244][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\mctet.dll]  [, 5, 3, 1, 120]
    [C:\WINDOWS\system32\vrcqt.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\plisdpz.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\cxuppos.dll]  [N/A, N/A]
    [C:\Windows\system32\TYEKTZGMTAH.DLL]  [N/A, 1.0.0.1]
    [C:\WINDOWS\system32\windhcp.ocx]  [N/A, N/A]
    [C:\WINDOWS\system32\xpdhcp.dll]  [N/A, N/A]
    [C:\PROGRA~1\bfda\fjhe.dll]  [, 1, 2, 0, 8]
    [C:\WINDOWS\system32\PVAHPVCIP.DLL]  [N/A, N/A]
    [C:\Program Files\AhnLab\V3\V3Bar.dll]  [AhnLab, Inc., 6, 0, 0, 23]
    [C:\Program Files\AhnLab\V3\NLS\bar0804.nls]  [AhnLab, Inc., 6, 0, 0, 7]
[PID: 1276][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 1412][C:\WINDOWS\system32\RUNDLL32.EXE]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\umtcap.dll]  [, 5.1.1800.2813]
[PID: 1548][C:\WINDOWS\system32\7B73C970.exe]  [N/A, N/A]
[PID: 1588][C:\Program Files\AhnLab\Smart Update Utility\AhnSDsv.exe]  [AhnLab, Inc., 5, 5, 0, 2]
    [C:\Program Files\AhnLab\Smart Update Utility\NLS\ASD0804.nls]  [AhnLab, Inc., 5, 0, 0, 5]
[PID: 1712][C:\PROGRA~1\AhnLab\V3\MonSvcNT.exe]  [AhnLab, Inc., 6, 1, 0, 12]
    [C:\PROGRA~1\AhnLab\V3\AhnGICF.dll]  [AhnLab, Inc., 6, 0, 0, 2]
    [C:\PROGRA~1\AhnLab\V3\V3DrEx.dll]  [AhnLab, Inc., 7, 0, 0, 112]
    [C:\PROGRA~1\AhnLab\V3\v3svcctr.dll]  [AhnLab, Inc., 6, 1, 0, 1]
    [C:\PROGRA~1\AhnLab\V3\V3CfgE.dll]  [AhnLab, Inc., 6, 0, 0, 96]
    [C:\PROGRA~1\AhnLab\V3\V3Flt.dll]  [AhnLab, Inc., 6, 1, 0, 8]
    [C:\PROGRA~1\AhnLab\V3\AhnCtlKD.dll]  [AhnLab, Inc., 1, 0, 1, 7]
    [C:\PROGRA~1\AhnLab\V3\v3if.dll]  [AhnLab, Inc., 6, 1, 0, 3]
    [C:\PROGRA~1\AhnLab\V3\V3STScan.dll]  [AhnLab, Inc., 6, 1, 0, 2]
    [C:\PROGRA~1\AhnLab\V3\AhnDMZ.dll]  [AhnLab, Inc., 6, 0, 0, 73]
    [C:\PROGRA~1\AhnLab\V3\V3Track.dll]  [AhnLab, Inc., 6, 0, 0, 26]
    [C:\PROGRA~1\AhnLab\V3\V3IMSvc.dll]  [AhnLab, Inc., 6, 0, 0, 33]
    [C:\PROGRA~1\AhnLab\V3\V3Ift.dll]  [AhnLab, Inc., 6, 0, 0, 5]
    [C:\PROGRA~1\AhnLab\V3\NLS\V3Dr0804.nls]  [AhnLab, Inc., 7, 0, 0, 8]
    [C:\PROGRA~1\AhnLab\V3\v3logex.dll]  [AhnLab, Inc., 6, 1, 0, 2]
    [C:\PROGRA~1\AhnLab\V3\V3NETINT.dll]  [AhnLab, Inc., 6, 0, 0, 20]
    [C:\PROGRA~1\AhnLab\V3\System\27\V3pro32e.dll]  [AhnLab, Inc., 2007,01,31,03]
    [C:\WINDOWS\system32\v3w32se2.dll]  [Ahnlab, Inc., 2002, 12, 16, 1]
    [C:\PROGRA~1\AhnLab\V3\V3SR32.dll]  [AhnLab, Inc., 5, 0, 0, 2]
[PID: 1816][C:\Program Files\AhnLab\APC2\Policy Agent\pasvc.exe]  [AhnLab, Inc., 2.5.5.76]
    [C:\Program Files\AhnLab\APC2\Policy Agent\SLogW.dll]  [AhnLab, 2, 1, 0, 0]
    [C:\Program Files\AhnLab\APC2\Policy Agent\SSync.dll]  [AhnLab, 2, 1, 0, 0]
    [C:\Program Files\AhnLab\APC2\Policy Agent\IniRW.dll]  [AhnLab, 2, 1, 0, 0]
    [C:\Program Files\AhnLab\APC2\Policy Agent\TPool.dll]  [AhnLab, 2, 1, 0, 0]
    [C:\Program Files\AhnLab\APC2\Policy Agent\MaCfgRw.dll]  [AhnLab, 2, 5, 5, 11]
    [C:\Program Files\AhnLab\APC2\Policy Agent\SBase64.dll]  [AhnLab, 2, 1, 0, 0]
    [C:\Program Files\AhnLab\APC2\Policy Agent\PaNetApi.dll]  [Ahnlab, Inc., 2, 5, 5, 90]
[PID: 364][C:\Windows\system32\RWBIQXEKRY.EXE]  [N/A, N/A]
[PID: 432][C:\WINDOWS\SYSTEM32\RUNDLL32.EXE]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 488][C:\WINDOWS\system32\win.exe]  [N/A, N/A]
[PID: 876][C:\WINDOWS\system32\rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\bfda\imkh.dll]  [, 1, 2, 0, 8]
[PID: 2132][C:\WINDOWS\system32\hkcmd.exe]  [Intel Corporation, 3,0,0,2104]
    [C:\WINDOWS\system32\hccutils.DLL]  [Intel Corporation, 3,0,0,2104]
    [C:\WINDOWS\system32\igfxdev.dll]  [Intel Corporation, 3,0,0,2104]
    [C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 3,0,0,2104]
    [C:\WINDOWS\system32\igfxhk.dll]  [Intel Corporation, 3,0,0,2104]
    [C:\WINDOWS\system32\igfxres.dll]  [Intel Corporation, 3,0,0,2104]
[PID: 2140][C:\Program Files\AhnLab\Smart Update Utility\AhnSD.exe]  [AhnLab, Inc., 5, 5, 0, 2]
    [C:\Program Files\AhnLab\Smart Update Utility\NLS\ASD0804.nls]  [AhnLab, Inc., 5, 0, 0, 5]
[PID: 2148][C:\WINDOWS\services.exe]  [N/A, N/A]
[PID: 2184][C:\Program Files\AhnLab\V3\MonSysNT.exe]  [AhnLab, Inc., 6, 1, 0, 91]
    [C:\Program Files\AhnLab\V3\V3CfgE.dll]  [AhnLab, Inc., 6, 0, 0, 96]
    [C:\Program Files\AhnLab\V3\V3SSCtrl.dll]  [AhnLab, Inc., 6, 0, 0, 100]
    [C:\Program Files\AhnLab\V3\AhnI18N.dll]  [AhnLab, Inc., 6, 0, 0, 18]
    [C:\Program Files\AhnLab\V3\NLS\Mon0804.nls]  [AhnLab, Inc., 6, 0, 0, 26]
    [C:\Program Files\AhnLab\V3\AhnAlert.dll]  [AhnLab, Inc., 6, 0, 0, 17]
[PID: 2192][C:\Program Files\AhnLab\V3\V3P3AT.exe]  [AhnLab, Inc., 6, 1, 0, 201]
    [C:\Program Files\AhnLab\V3\v3if.dll]  [AhnLab, Inc., 6, 1, 0, 3]
    [C:\Program Files\AhnLab\V3\V3CfgE.dll]  [AhnLab, Inc., 6, 0, 0, 96]
    [C:\Program Files\AhnLab\V3\V3DrEx.dll]  [AhnLab, Inc., 7, 0, 0, 112]
    [C:\Program Files\AhnLab\V3\V3P3ATHL.dll]  [AhnLab, Inc., 6, 0, 0, 23]
    [C:\Program Files\AhnLab\V3\AhnI18N.dll]  [AhnLab, Inc., 6, 0, 0, 18]
    [C:\Program Files\AhnLab\V3\V3MsgFlt.dll]  [AhnLab, Inc., 6, 0, 0, 63]
    [C:\Program Files\AhnLab\V3\V3NfCtl.dll]  [AhnLab, Inc., 6, 0, 0, 3]
    [C:\Program Files\AhnLab\V3\AnfdCtrl.dll]  [AhnLab, Inc., 2, 0, 0, 12]
    [C:\Program Files\AhnLab\V3\AhnCtlKD.dll]  [AhnLab, Inc., 1, 0, 1, 7]
    [C:\Program Files\AhnLab\V3\AhnIConv.dll]  [AhnLab, Inc., 1, 0, 0, 1]
    [C:\Program Files\AhnLab\V3\NLS\V3Dr0804.nls]  [AhnLab, Inc., 7, 0, 0, 8]
    [C:\Program Files\AhnLab\V3\NLS\V3MF0804.nls]  [AhnLab, Inc., 6, 0, 0, 8]
    [C:\Program Files\AhnLab\V3\v3logex.dll]  [AhnLab, Inc., 6, 1, 0, 2]
    [C:\Program Files\AhnLab\V3\NLS\p3at0804.nls]  [AhnLab, Inc., 6, 0, 0, 14]
    [C:\Program Files\AhnLab\V3\System\27\V3pro32e.dll]  [AhnLab, Inc., 2007,01,31,03]
    [C:\WINDOWS\system32\v3w32se2.dll]  [Ahnlab, Inc., 2002, 12, 16, 1]
    [C:\Program Files\AhnLab\V3\V3SR32.dll]  [AhnLab, Inc., 5, 0, 0, 2]
    [C:\Program Files\AhnLab\V3\V3azex.dll]  [AhnLab, Inc., 5, 0, 0, 14]
    [C:\Program Files\AhnLab\V3\AZMain.DLL]  [ESTSoft Corp, 3.6.9.543]
    [C:\Program Files\AhnLab\V3\V3MailDt.dll]  [AhnLab, Inc., 6, 0, 0, 91]
[PID: 2200][C:\Program Files\AhnLab\V3\V3IMPro.exe]  [AhnLab, Inc., 6, 0, 0, 33]
    [C:\Program Files\AhnLab\V3\V3IM.dll]  [AhnLab, Inc., 6, 0, 0, 47]
    [C:\Program Files\AhnLab\V3\V3Ift.dll]  [AhnLab, Inc., 6, 0, 0, 5]
    [C:\Program Files\AhnLab\V3\AhnCtlKD.dll]  [AhnLab, Inc., 1, 0, 1, 7]
    [C:\Program Files\AhnLab\V3\NLS\V3IM0804.nls]  [AhnLab, Inc., 6, 0, 0, 8]
    [C:\Program Files\AhnLab\V3\V3CfgE.dll]  [AhnLab, Inc., 6, 0, 0, 96]
[PID: 2316][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2652][C:\WINDOWS\system32\wuauclt.exe]  [Microsoft Corporation, 5.8.0.2469 built by: lab01_n(wmbla)]
[PID: 2828][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, N/A]
[PID: 2852][C:\DOCUME~1\Boss\LOCALS~1\Temp\Rar$EX02.390\SREng.EXE]  [Smallfrogs Studio, 2.3.13.690]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
API HOOK
N/A

==================================


[/CODE]