System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 1 (Build 2600)
- Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
    All Boot Items (Including Registry, Startup Folders, Services and so on)
    Browser Add-ons
    Runing Processes (Including process model information)
    File Associations
    Winsock Provider
    Autorun.Inf
    HOSTS File


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <Syss><; C:\DOCUME~1\w7880c\LOCALS~1\Temp\ehuupdate.exe>  [Micorsoft EXE]
    <MyShares><; c:\program Files\忆多多\MyShares.exe /tray>  [N/A]
    <MsnMsgr><; "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background>  [N/A]
    <MSMSGS><; "C:\Program Files\Messenger\MSMSGS.EXE" /background>  [Microsoft Corporation]
    <Realplayer.exe><C:\WINDOWS\System32\Realplayer.exe>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <svhoost><C:\WINDOWS\System32\checksys.exe>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><C:\WINDOWS\System32\checksys.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <spoolsv><; >  [N/A]
    <YLive.exe><; C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe>  [N/A]
    <yassistse><; "C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe">  [N/A]
    <xBarUpdate><; C:\Program Files\xBar\xBarUpdate.exe>  [N/A]
    <wdfmgr32><; C:\WINDOWS\System32\wdfmgr32.exe>  [N/A]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <RavMont><; C:\WINDOWS\System32\RavMon.exe>  [China]
    <PHIME2002ASync><; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <PHIME2002A><; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <KernelFaultCheck><; %systemroot%\system32\dumprep 0 -k>  [N/A]
    <iMookUpdate><; C:\iMookSetup_14-776.exe>  [N/A]
    <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <hxgame-update><; C:\Program Files\hxupdate\hxgame-update.exe>  [N/A]
    <HupooShell><"C:\HupShell.exe " >  [Hupoo Tech]
    <helper.dll><; C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32>  []
    <CnsMin><; Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32>  [N/A]
    <RichMedia><C:\WINDOWS\System32\Rundll32.exe  "C:\PROGRA~1\pcast\hbcast.dll",WaitWindows>  [Shanghai Henbang Technology Co., Ltd]
    <Realplayer.exe><C:\WINDOWS\System32\Realplayer.exe>  [N/A]
    <svhoost><C:\WINDOWS\System32\checksys.exe>  [N/A]
    <CdnCtr><C:\Program Files\CNNIC\Cdn\cdnup.exe>  [N/A]
    <Desktop><C:\WINDOWS\System32\rundll32.exe "C:\Program Files\DeskAdTop\Run.dll" ,Rundll>  [N/A]
    <rundll32><rundll32 rscfg.dll s>  [N/A]
    <Torjan Program><C:\WINDOWS\WINLOGON.EXE>  [lFVjBhx2wUsWKHo8Rznh]
    <realtpsk><C:\WINDOWS\system\realsched.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <DTService><rundll32.exe C:\WINDOWS\System32\soundmix.dll,Load>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe 1>  [N/A]
    <Userinit><C:\WINDOWS\System32\Userinit.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><KB205910M.LOG>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{11760322-2400-4AC3-9605-6CAF086E809E}><C:\Program Files\Internet Explorer\PLUGINS\Windows.sys>  [N/A]
    <{99F1D023-7CEB-4586-80F7-BB1A98DB7602}><C:\Program Files\Internet Explorer\IEXPLORE.Sys>  [N/A]
    <{FEB94F5A-69F3-4645-8C2B-9E71D270AF2E}><C:\Program Files\Internet Explorer\IEXPLORE.Dat>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <DLMon><C:\WINDOWS\System32\DLMain.dll>  [N/A]
    <DVDBurn><C:\WINDOWS\Downloaded Program Files\AfxEdit.dll>  [N/A]

==================================
Startup Folders
[腾讯QQ]
  <C:\Documents and Settings\qch7154.DS\Start Menu\Programs\Startup\腾讯QQ.lnk --> C:\TDdownload\65421\QQ.exe [N/A]><N>

==================================
Services
[AutoUpgrade / AutoUpgrade]
  <C:\WINDOWS\System32\svchost.exe -k AutoUpgrade-->c:\windows\system32\tasklist.dll><N/A>
[ClipBook / ClipSrv]
  <C:\WINDOWS\system32\clipsrv.exe><N/A>
[COM+ Event System Helper / COMEventHelper]
  <C:\WINDOWS\System32\svchost.exe -k COMEventHelper-->c:\windows\system32\comeventhelper.dll><Microsoft Corporation>
[SVCH0ST.EXE / Curity Center]
  <C:\WINDOWS\system32\ver2006.exe><N/A>
[DameWare Mini Remote Control / DWMRCS]
  <C:\WINDOWS\SYSTEM32\DWRCS.EXE -service><DameWare Development LLC>
[Ftp-Server / Ftp_Server_Admin]
  <C:\WINDOWS\FtpServer.exe><N/A>
[Hummingbird Inetd / HCLInetd]
  <C:\WINDOWS\System32\Hummbird\inetd32.exe><Hummingbird Communications Ltd.>
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Spectrum24 Events Monitor / IPRIP]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\System32\acss.dll><LINKMEDIA Tech>
[NetMeeting Remote Desktop Agent / Nwsapagent]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\System32\Nwsapagent.dll><LINKMEDIA Tech>
[system  / system ]
  <C:\WINDOWS\system.exe><N/A>
[Windows_rejoice / Windows_rejoice]
  <C:\Program Files\Common Files\Microsoft Shared\MSINFO\je2006_4.exe><N/A>

==================================
Drivers
[57274246 / 57274246]
  <\SystemRoot\System32\drivers\57274246.sys><N/A>
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc]
  <system32\drivers\ac97intc.sys><Intel Corporation>
[atssse / atssse]
  <\??\C:\WINDOWS\System32\sosdrp.sys><N/A>
[bhacfjeh / bhacfjeh]
  <\??\C:\WINDOWS\system32\drivers\bhacfjeh.sys><N/A>
[cdnprot / cdnprot]
  <\SystemRoot\system32\drivers\cdnprot.sys><中国互联网络信息中心(CNNIC)>
[ecejbffe / ecejbffe]
  <\??\C:\WINDOWS\system32\drivers\ecejbffe.sys><N/A>
[3Com EtherLink XL 90XB/C Adapter Driver / EL90XBC]
  <System32\DRIVERS\el90xbc5.sys><3Com Corporation>
[i81x / i81x]
  <System32\DRIVERS\i81xnt5.sys><Intel Corporation>
[iAimFP0 / iAimFP0]
  <System32\DRIVERS\wADV01nt.sys><Intel Corporation>
[iAimFP1 / iAimFP1]
  <System32\DRIVERS\wADV02NT.sys><Intel Corporation>
[iAimFP2 / iAimFP2]
  <System32\DRIVERS\wADV05NT.sys><Intel Corporation>
[iAimFP3 / iAimFP3]
  <System32\DRIVERS\wSiINTxx.sys><Intel Corporation>
[iAimFP4 / iAimFP4]
  <System32\DRIVERS\wVchNTxx.sys><Intel Corporation>
[iAimTV0 / iAimTV0]
  <System32\DRIVERS\wATV01nt.sys><Intel Corporation>
[iAimTV1 / iAimTV1]
  <System32\DRIVERS\wATV02NT.sys><Intel Corporation>
[iAimTV2 / iAimTV2]
  <System32\DRIVERS\wATV03nt.sys><Intel Corporation>
[iAimTV3 / iAimTV3]
  <System32\DRIVERS\wATV04nt.sys><Intel Corporation>
[iAimTV4 / iAimTV4]
  <System32\DRIVERS\wCh7xxNT.sys><Intel Corporation>
[Netgroup Packet Filter / NPF]
  <system32\drivers\npf.sys><CACE Technologies>
[npkcrypt / npkcrypt]
  <\??\C:\TDdownload\65421\npkcrypt.sys><N/A>
[npkcusb / npkcusb]
  <\??\D:\simulator\TM\TMDlls\npkcusb.sys><N/A>
[nwupspx / nwupspx]
  <\SystemRoot\System32\drivers\nwupspx.sys><N/A>
[Padus ASPI Shell / pfc]
  <system32\drivers\pfc.sys><Padus, Inc.>
[Direct Parallel Link Driver / Ptilink]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Secdrv / Secdrv]
  <System32\DRIVERS\secdrv.sys><N/A>
[USB Data Cable driver / vusbser]
  <System32\DRIVERS\vusbser.sys><N/A>
[Sony Ericsson W550 driver (WDM) / w550bus]
  <System32\DRIVERS\w550bus.sys><MCCI>
[Sony Ericsson W550 USB WMC Modem Filter / w550mdfl]
  <System32\DRIVERS\w550mdfl.sys><MCCI>
[Sony Ericsson W550 USB WMC Modem Drivers / w550mdm]
  <System32\DRIVERS\w550mdm.sys><MCCI>

==================================
Browser Add-ons
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\System32\xunleibho_v14.dll, Thunder Networking Technologies,LTD>
[IEMonitor Class]
  {08A312BB-5409-49FC-9347-54BB7D069AC6} <C:\Program Files\DeskAdTop\deskipn.dll, >
[ChajianHelper Class]
  {0CB66BA8-5E1F-4963-93D1-E1D6B78FE9A2} <C:\WINDOWS\System32\SYSREA~1.DLL, Kmedia>
[MyIEHelper Class]
  {16B770A0-0E87-4278-B748-2460D64A8386} <C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper_5025.dll, N/A>
[raObject Class]
  {46F194EB-B7DB-4B7A-BD42-5FF39FD17664} <C:\PROGRA~1\pcast\hbcast.dll, Shanghai Henbang Technology Co., Ltd>
[CdnForIE Class]
  {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[DragSearch BHO]
  {62EED7C6-9F02-42f9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\assist\YDRAGS~1.DLL, N/A>
[BHOImp Class]
  {70AFF2CB-9DA2-499C-8D15-900729FCE83D} <C:\WINDOWS\system32\YHBO.dll, YHBO>
[Status Class]
  {7BDAF75A-0D6F-4F50-AFE9-333D08DF4005} <C:\Program Files\baigoo\BGooBHO.dll, >
[conimehlp Class]
  {B10343BD-1DC6-442F-9BA2-D44C708CEE83} <C:\WINDOWS\System32\mskey32.dll, Microsoft>
[Macromedia. Flash8 Object]
  {C61A70F3-505E-4B90-916F-627A8706B4BC} <C:\WINDOWS\system32\COMBoHEvent.dll, N/A>
[51导航]
  {D271A289-57EB-4D0E-9131-A0CD25D4D1F8} <C:\WINDOWS\system32\browsewmzero.dll, N/A>
[InteSearch]
  {EBBC6E6D-7B65-46be-B509-86CED2D17876} <C:\WINDOWS\system32\Inte.dll, N/A>
[Yahoo 1G mail]
  {507F9113-CD77-4866-BA92-0E86DA3D0B97} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail, N/A>
[E bazar]
  {59BC54A2-56B3-44a0-93E5-432D58746E26} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=taobao, N/A>
[CdnForIE Class]
  {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[Yahoo Assistant]
  {5D73EE86-05F1-49ed-B850-E423120EC338} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\TDdownload\65421\QQ.EXE, N/A>
[Instant Messenger]
  {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg, N/A>
[]
  {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair, N/A>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\MSMSGS.EXE, Microsoft Corporation>
[]
  {FD00D911-7529-4084-9946-A29F1BDF4FE5} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean, N/A>
[&Radio]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, N/A>
[HBHelper.HBActivex]
  {038318E8-0C2D-4DF5-A7AF-B4FB373F501E} <C:\WINDOWS\DOWNLO~1\hbhelper.dll, Shanghai Henbang Technology Co., Ltd>
[photo_uploader Control]
  {A984ED9F-E8DA-44E5-BC18-C14B9ABEF79D} <C:\WINDOWS\DOWNLO~1\PHOTO_~1.OCX, N/A>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[上传到QQ网络硬盘]
  <C:\TDdownload\65421\AddToNetDisk.htm, N/A>
[使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[发送到手机]
  <C:\Program Files\xBar\xBar.htm, N/A>
[添加到QQ自定义面板]
  <C:\TDdownload\65421\AddPanel.htm, N/A>
[添加到QQ表情]
  <C:\TDdownload\65421\AddEmotion.htm, N/A>
[添加到雅虎收藏+]
  <http://myweb.cn.yahoo.com/post.html?F=D2_A, N/A>
[用QQ彩信发送该图片]
  <C:\TDdownload\65421\SendMMS.htm, N/A>
[访问通用网址]
  <C:\Program Files\CNNIC\Cdn\cnnic.htm, N/A>
[雅虎搜索]
  <res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll/246, N/A>

==================================
Running Processes
[PID: 340][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 484][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 508][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\KB205910M.LOG]  [N/A, N/A]
    [C:\WINDOWS\System32\quartz32.dll]  [, 4, 1, 0, 0]
    [C:\WINDOWS\FtpServerKey.DLL]  [N/A, N/A]
[PID: 556][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\KB205910M.LOG]  [N/A, N/A]
    [C:\WINDOWS\System32\quartz32.dll]  [, 4, 1, 0, 0]
[PID: 568][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\KB205910M.LOG]  [N/A, N/A]
    [C:\WINDOWS\System32\quartz32.dll]  [, 4, 1, 0, 0]
[PID: 748][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\KB205910M.LOG]  [N/A, N/A]
    [C:\WINDOWS\System32\quartz32.dll]  [, 4, 1, 0, 0]
    [C:\WINDOWS\FtpServerKey.DLL]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Sys]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\PLUGINS\Windows.sys]  [N/A, N/A]
[PID: 840][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\KB205910M.LOG]  [N/A, N/A]
    [C:\WINDOWS\System32\quartz32.dll]  [, 4, 1, 0, 0]
    [c:\windows\system32\acss.dll]  [LINKMEDIA Tech, 1, 5, 0, 4]
    [c:\windows\system32\nwsapagent.dll]  [LINKMEDIA Tech, 1, 5, 0, 4]
[PID: 988][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\KB205910M.LOG]  [N/A, N/A]
    [C:\WINDOWS\System32\quartz32.dll]  [, 4, 1, 0, 0]
[PID: 1028][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\KB205910M.LOG]  [N/A, N/A]
    [C:\WINDOWS\System32\quartz32.dll]  [, 4, 1, 0, 0]
[PID: 1148][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.1699 (xpsp2.050610-1533)]
    [C:\WINDOWS\KB205910M.LOG]  [N/A, N/A]
    [C:\WINDOWS\system32\Hummbird\hcllpr.dll]  [Hummingbird Communications Ltd., 6.1.0.0]
    [C:\WINDOWS\system32\Hummbird\hcllpr.nls]  [Hummingbird Communications Ltd., 6.1.0.0]
[PID: 1272][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\KB205910M.LOG]  [N/A, N/A]
    [C:\WINDOWS\System32\quartz32.dll]  [, 4, 1, 0, 0]
[PID: 1292][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [c:\windows\system32\tasklist.dll]  [N/A, N/A]
    [C:\WINDOWS\KB205910M.LOG]  [N/A, N/A]
    [C:\WINDOWS\System32\quartz32.dll]  [, 4, 1, 0, 0]
[PID: 1312][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\KB205910M.LOG]  [N/A, N/A]
    [C:\WINDOWS\System32\quartz32.dll]  [, 4, 1, 0, 0]
    [C:\WINDOWS\system32\COMAdEvent.dll]  [N/A, N/A]
    [C:\WINDOWS\FtpServerKey.DLL]  [N/A, N/A]
[PID: 1372][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\KB205910M.LOG]  [N/A, N/A]
    [C:\WINDOWS\system32\ver2006.DLL]  [N/A, N/A]
    [C:\WINDOWS\System32\quartz32.dll]  [, 4, 1, 0, 0]
[PID: 1392][C:\WINDOWS\SYSTEM32\DWRCS.EXE]  [DameWare Development LLC, 4, 1, 0, 0]
    [C:\WINDOWS\KB205910M.LOG]  [N/A, N/A]
    [C:\WINDOWS\System32\quartz32.dll]  [, 4, 1, 0, 0]
    [C:\WINDOWS\FtpServerKey.DLL]  [N/A, N/A]
[PID: 1516][C:\WINDOWS\System32\Hummbird\inetd32.exe]  [Hummingbird Communications Ltd., 6.1.0.0]
    [C:\WINDOWS\System32\HCLNLS.dll]  [Hummingbird Communications Ltd., 6.1.0.0]
    [C:\WINDOWS\KB205910M.LOG]  [N/A, N/A]
    [C:\WINDOWS\System32\Hummbird\HCINETD.NLS]  [N/A, N/A]
[PID: 1576][C:\WINDOWS\System32\inetsrv\inetinfo.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\KB205910M.LOG]  [N/A, N/A]
[PID: 1696][C:\WINDOWS\System32\snmp.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\KB205910M.LOG]  [N/A, N/A]
[PID: 1784][C:\WINDOWS\System32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
    [C:\WINDOWS\KB205910M.LOG]  [N/A, N/A]
[PID: 1804][C:\WINDOWS\system32\sysmgr.exe]  [N/A, N/A]
    [C:\WINDOWS\KB205910M.LOG]  [N/A, N/A]
[PID: 264][C:\program files\internet explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\KB205910M.LOG]  [N/A, N/A]
    [C:\WINDOWS\FtpServerKey.DLL]  [N/A, N/A]

[C:\WINDOWS\System32\quartz32.dll]  [, 4, 1, 0, 0]
[PID: 2904][c:\windows\system32\inetsrv\csrss.exe]  [Microsoft, 1.0.0.0]
    [C:\WINDOWS\KB205910M.LOG]  [N/A, N/A]
    [C:\WINDOWS\FtpServerKey.DLL]  [N/A, N/A]
[PID: 1264][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.0.3510]
    [C:\WINDOWS\KB205910M.LOG]  [N/A, N/A]
    [C:\WINDOWS\FtpServerKey.DLL]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\PLUGINS\Windows.sys]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Sys]  [N/A, N/A]
[PID: 3352][C:\WINDOWS\System32\Realplayer.exe]  [N/A, N/A]
    [C:\WINDOWS\KB205910M.LOG]  [N/A, N/A]
[PID: 4012][C:\Program Files\CNNIC\Cdn\cdnup.exe]  [, 2, 4, 0, 6]
    [C:\WINDOWS\KB205910M.LOG]  [N/A, N/A]
    [C:\WINDOWS\FtpServerKey.DLL]  [N/A, N/A]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 0, 0, 2]
    [C:\Program Files\Internet Explorer\PLUGINS\Windows.sys]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Sys]  [N/A, N/A]
[PID: 4048][C:\WINDOWS\WINLOGON.EXE]  [lFVjBhx2wUsWKHo8Rznh, 0.00.0118]
    [C:\WINDOWS\KB205910M.LOG]  [N/A, N/A]
    [C:\WINDOWS\FtpServerKey.DLL]  [N/A, N/A]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 0, 0, 2]
    [C:\Program Files\Internet Explorer\IEXPLORE.Sys]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\PLUGINS\Windows.sys]  [N/A, N/A]
[PID: 3172][C:\WINDOWS\System32\conime.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\KB205910M.LOG]  [N/A, N/A]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 0, 0, 2]
    [C:\WINDOWS\FtpServerKey.DLL]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\PLUGINS\Windows.sys]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Sys]  [N/A, N/A]
[PID: 2692][C:\WINDOWS\System32\rundll32.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\KB205910M.LOG]  [N/A, N/A]
    [C:\WINDOWS\System32\sdmAgent20.dll]  [LINKMEDIA Tech, 1, 5, 0, 7]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 0, 0, 2]
    [C:\WINDOWS\FtpServerKey.DLL]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\PLUGINS\Windows.sys]  [N/A, N/A]
    [C:\WINDOWS\System32\quartz32.dll]  [, 4, 1, 0, 0]
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Sys]  [N/A, N/A]
[PID: 192][D:\Softwares\123\Luxor AR.exe]  [MumboJumbo, LLC, 1.5.5.8]
    [C:\WINDOWS\KB205910M.LOG]  [N/A, N/A]
    [D:\Softwares\123\core.dll]  [N/A, N/A]
    [D:\Softwares\123\file.dll]  [N/A, N/A]
    [D:\Softwares\123\logger.dll]  [N/A, N/A]
    [D:\Softwares\123\ui2.dll]  [N/A, N/A]
    [D:\Softwares\123\gfx2d.dll]  [N/A, N/A]
    [D:\Softwares\123\imglib.dll]  [N/A, N/A]
    [D:\Softwares\123\jpeg.dll]  [N/A, N/A]
    [D:\Softwares\123\snd3d.dll]  [N/A, N/A]
    [D:\Softwares\123\crash.dll]  [N/A, N/A]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 0, 0, 2]
    [C:\WINDOWS\FtpServerKey.DLL]  [N/A, N/A]
    [D:\Softwares\123\gfx2d_dx8.dll]  [N/A, N/A]
    [D:\Softwares\123\snd3d_fmod.dll]  [N/A, N/A]
    [D:\Softwares\123\fmod.dll]  [Firelight Technologies Pty, Ltd, 3.74]
    [C:\Program Files\Internet Explorer\PLUGINS\Windows.sys]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Sys]  [N/A, N/A]
[PID: 3204][C:\WINDOWS\Explorer.exe]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\KB205910M.LOG]  [N/A, N/A]
    [C:\WINDOWS\System32\Rsvtub.dll]  [N/A, N/A]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 0, 0, 2]
    [C:\WINDOWS\FtpServerKey.DLL]  [N/A, N/A]
    [C:\WINDOWS\System32\quartz32.dll]  [, 4, 1, 0, 0]
    [C:\Program Files\Internet Explorer\PLUGINS\Windows.sys]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Sys]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
    [C:\WINDOWS\System32\DLMon.dll]  [N/A, N/A]
    [C:\WINDOWS\Downloaded Program Files\swflash.dll]  [N/A, N/A]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\xunleibho_v14.dll]  [Thunder Networking Technologies,LTD, 4, 6, 0, 62]
    [C:\Program Files\baigoo\BGooBHO.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\System32\mskey32.dll]  [Microsoft, 1, 0, 0, 1]
    [C:\WINDOWS\system32\browsewmzero.dll]  [N/A, N/A]
    [C:\Program Files\Exceed.nt\HESHELL.DLL]  [Hummingbird Communications Ltd., Version: 6.2.0.0]
[PID: 3232][C:\WINDOWS\System32\Rundll32.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\KB205910M.LOG]  [N/A, N/A]
    [C:\PROGRA~1\pcast\hbcast.dll]  [Shanghai Henbang Technology Co., Ltd, 1, 1, 3, 8]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 0, 0, 2]
    [C:\Program Files\Internet Explorer\PLUGINS\Windows.sys]  [N/A, N/A]
    [C:\WINDOWS\FtpServerKey.DLL]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Sys]  [N/A, N/A]
[PID: 3376][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\KB205910M.LOG]  [N/A, N/A]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 0, 0, 2]
    [C:\Program Files\Internet Explorer\PLUGINS\Windows.sys]  [N/A, N/A]
    [C:\WINDOWS\FtpServerKey.DLL]  [N/A, N/A]
    [C:\WINDOWS\System32\xunleibho_v14.dll]  [Thunder Networking Technologies,LTD, 4, 6, 0, 62]
    [C:\Program Files\DeskAdTop\deskipn.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\System32\SYSREA~1.DLL]  [Kmedia, 1, 0, 0, 2]
    [C:\PROGRA~1\pcast\hbcast.dll]  [Shanghai Henbang Technology Co., Ltd, 1, 1, 3, 8]
    [C:\WINDOWS\system32\YHBO.dll]  [YHBO, 1.0.0.1]
    [C:\Program Files\baigoo\BGooBHO.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\System32\mskey32.dll]  [Microsoft, 1, 0, 0, 1]
    [C:\WINDOWS\system32\COMBoHEvent.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\browsewmzero.dll]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Sys]  [N/A, N/A]
    [C:\WINDOWS\system32\Inte.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\HTTPDll.dll]  [TODO: <公司名>, 1.0.0.1]
    [C:\WINDOWS\system32\COMAdEvent.dll]  [N/A, N/A]
[PID: 2448][Z:\LOGISTICS\Receiving\B班文件\Tools\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
    [C:\WINDOWS\KB205910M.LOG]  [N/A, N/A]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 0, 0, 2]
    [C:\Program Files\Internet Explorer\PLUGINS\Windows.sys]  [N/A, N/A]
    [C:\WINDOWS\FtpServerKey.DLL]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\IEXPLORE.Sys]  [N/A, N/A]

==================================
File Associations
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  Error. [winfiles]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  Error. []
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
MSTCPChain Provider
    C:\WINDOWS\System32\quartz32.dll(, MFClDLL)
MSTCP Provider
    C:\WINDOWS\System32\quartz32.dll(, MFClDLL)

==================================
Autorun.Inf
[C:\]
[AutoRun]
open=pagefile.pif
shellexecute=pagefile.pif
shell\Auto\command=pagefile.pif
[D:\]
[autorun]
OPEN=D:\pagefile.pif

==================================
HOSTS File
127.0.0.1      localhost
59.34.148.98      www.hao123.com

==================================

别忘了 还有我啊

交班了？

我的我的