2006-10-27,12:41:38

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
    <91cast><>  [N/A]
    <svc><C:\WINDOWS\svchost.exe>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><C:\WINDOWS\system\tpkIM32.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <\\Rich\EPSON Stylus Photo R230 Series><C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /P37 "\\Rich\EPSON Stylus Photo R230 Series" /O6 "USB001" /M "Stylus Photo R230">  [N/A]
    <SoundMam><C:\WINDOWS\system32\SVOHOST.exe>  [N/A]
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  [N/A]
    <UpdateRun><C:\Program Files\Common Files\updat\Update.exe>  [N/A]
    <QuickSearch><C:\WINDOWS\system32\Rundll32.exe  "C:\PROGRA~1\COMMON~1\yehoo\yehoo.dll",WaitWindows>  [Shanghai Henbang Technology Co., Ltd]
    <91cast><>  [N/A]
    <svc><C:\WINDOWS\svchost.exe>  [N/A]
    <RichMedia><C:\WINDOWS\system32\Rundll32.exe  "C:\PROGRA~1\pcast\hbcast.dll",WaitWindows>  [Shanghai Henbang Technology Co., Ltd]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\Userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <webwork><C:\WINDOWS\webwork\webwork.dll>  [MSWebwork Cop.]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><; C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <KernelFaultCheck><; %systemroot%\system32\dumprep 0 -k>  [N/A]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    <Load><; C:\windows\system32\wincfgs.exe>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <RavAV><; C:\WINDOWS\RavMonE.exe>  [N/A]
    <SiSPower><; Rundll32.exe SiSPower.dll,ModeAgent>  [Silicon Integrated Systems Corporation]
    <SoundMan><; SOUNDMAN.EXE>  [(Verified)Realtek Semiconductor Corp.]
    <stup.exe><; C:\PROGRA~1\TENCENT\Adplus\stup.exe>  [N/A]

==================================
启动文件夹
N/A

==================================
服务
[ASP.NET State Service / aspnet_state]
  <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[AutoUpgrade / AutoUpgrade]
  <C:\WINDOWS\System32\svchost.exe -k AutoUpgrade-->C:\WINDOWS\system32\rsaci.dll><N/A>
[Background Intelligent Transfer Services / BITS32]
  <C:\WINDOWS\System32\svchost.exe -k BITS32-->c:\windows\system32\wmerrchs32.dll><N/A>
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[JMediaService / JMediaService]
  <C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\MMSASS~1\MMSSVER.DLL,Service><Microsoft Corporation>
[Windows Desktop Multimedia / ntkrnl]
  <ntkrnl.exe><N/A>
[DNS SystemServices / RpcSs32]
  <C:\WINDOWS\System32\svchost.exe -k RpcSs32-->c:\windows\system32\mciwave32.dll><N/A>
[Servicel / Servicel]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\jetspeed.dll><>
[Distributed Console Manager / SmallCenter]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\urgnxx75.dll><Microsoft Corporation>
[Standard Update Net Service / stdupnet]
  <C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\stdupnet.dll,Service -s><Microsoft Corporation>
[Distributed Link Tracking Server / TrkWks]
  <C:\WINDOWS\system32\svchost.exe -k netsvsc-->%SystemRoot%\system32\est.dll><Microsoft Corporation>
[Distributed Link Tracking Server / TrkWsk]
  <C:\WINDOWS\system32\svchost.exe -k netsvsc-->%SystemRoot%\system32\ES2.dll><Microsoft Corporation>

==================================
驱动程序
[ADProt / ADProt]
  <\SystemRoot\system32\drivers\ADProt.sys><N/A>
[Albus / Albus]
  <\SystemRoot\system32\drivers\Albus.SYS><N/A>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AliIde / AliIde]
  <\SystemRoot\System32\DRIVERS\aliide.sys><N/A>
[CmdIde / CmdIde]
  <\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[HOSTNT / HOSTNT]
  <\??\C:\WINDOWS\system32\drivers\hostnt.sys><N/A>
[kmsinput / kmsinput]
  <\??\C:\WINDOWS\system32\drivers\kmsinput.sys><N/A>
[MegaIDE / MegaIDE]
  <\SystemRoot\System32\DRIVERS\MegaIDE.sys><LSI Logic Corporation.>
[MHDRV / MHDRV]
  <\??\C:\WINDOWS\system32\drivers\mhdrv.sys><SafeNet China Ltd.>
[npkcrypt / npkcrypt]
  <\??\C:\WINDOWS\system32\qqedit\npkcrypt.sys><INCA Internet Co., Ltd.>
[npkycryp / npkycryp]
  <\??\C:\Program Files\Tencent\qq\npkycryp.sys><N/A>
[nv / nv]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RCMHDOG / RCMHDOG]
  <\??\C:\WINDOWS\system32\drivers\rcmhdog.sys><SafeNet China Ltd.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv]
  <system32\DRIVERS\secdrv.sys><N/A>
[SiS315 / SiS315]
  <system32\DRIVERS\sisgrp.sys><Silicon Integrated Systems Corporation>
[SiSkp / SiSkp]
  <system32\DRIVERS\srvkp.sys><Silicon Integrated Systems Corporation>
[sttvyq7 / sttvyq75]
  <\SystemRoot\System32\DRIVERS\sttvyq75.sys><N/A>
[SafeNet MicroDog USB Device Driver / UsbC]
  <System32\Drivers\rcusbwdm.sys><SafeNet China Ltd.>
[ViaIde / ViaIde]
  <\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>

==================================
浏览器加载项
[CAdLogic Object]
  {11F09AFD-75AD-4E51-AB43-E09E9351CE16} <C:\Program Files\Common Files\CPUSH\cpush0.dll, N/A>
[MyIEHelper Class]
  {16B770A0-0E87-4278-B748-2460D64A8386} <C:\Documents and Settings\All Users\Application Data\Microsoft\UserData\IEHelper_5001.dll, N/A>
[raObject Class]
  {46F194EB-B7DB-4B7A-BD42-5FF39FD17664} <C:\PROGRA~1\pcast\hbcast.dll, Shanghai Henbang Technology Co., Ltd>
[CdnForIE Class]
  {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[IEObject Class]
  {5F5422F7-7159-4CB6-BE7D-2C7EED492762} <C:\PROGRA~1\COMMON~1\yehoo\yehoo.dll, Shanghai Henbang Technology Co., Ltd>
[Vision]
  {6671A431-5C3D-463d-A7CF-5587F9B7E191} <C:\PROGRA~1\MMSASS~1\mmsass~1.dll, >
[BHOImp Class]
  {70AFF2CB-9DA2-499C-8D15-900729FCE83D} <C:\WINDOWS\system32\YHBO.dll, N/A>
[WinSC Class]
  {9ACEEE31-1440-471B-AA46-72B061FE7D61} <C:\WINDOWS\system32\WinSC32.dll, N/A>
[Spoolsv Class]
  {9C363D55-07D7-433d-A13E-D9C105202F6F} <C:\WINDOWS\system32\drivers\spoolsv.dll, N/A>
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FLASHGET\jccatch.dll, Amaze Soft>
[Webacc Class]
  {CAC068F3-A608-406B-8581-458788A67694} <C:\WINDOWS\system32\svchost.dll, N/A>
[Windows Shell]
  {D4821F47-791E-4D6E-AAF3-178A70097664} <C:\WINDOWS\system32\kbdlt32.dll, N/A>
[IEHlprObj Class]
  {EAACBF9E-4B91-45FF-93ED-B297093951EA} <C:\Program Files\Internet Explorer\PLUGINS\Flash_Player.dll, Adobe System>
[WMHlprObj Class]
  {F5824EFB-728A-4726-A5A5-85A68B20EDC3} <C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll, CNNIC>
[MMSAssistMenu]
  {6671A433-5C3D-463d-A7CF-5587F9B7E191} <C:\PROGRA~1\MMSASS~1\mmsass~1.dll, >
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ\QQ.EXE, N/A>
[FlashGet]
  {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\flashget.exe, Amaze Soft>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[ActiveMovieControl Object]
  {05589FA1-C356-11CE-BF01-00AA0055595A} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[Web Browser Applet Control]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\system32\msjava.dll, Microsoft Corporation>
[CAdLogic Object]
  {11F09AFD-75AD-4E51-AB43-E09E9351CE16} <C:\Program Files\Common Files\CPUSH\cpush0.dll, N/A>
[MyIEHelper Class]
  {16B770A0-0E87-4278-B748-2460D64A8386} <C:\Documents and Settings\All Users\Application Data\Microsoft\UserData\IEHelper_5001.dll, N/A>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[raObject Class]
  {46F194EB-B7DB-4B7A-BD42-5FF39FD17664} <C:\PROGRA~1\pcast\hbcast.dll, Shanghai Henbang Technology Co., Ltd>
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[CdnForIE Class]
  {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[IEObject Class]
  {5F5422F7-7159-4CB6-BE7D-2C7EED492762} <C:\PROGRA~1\COMMON~1\yehoo\yehoo.dll, Shanghai Henbang Technology Co., Ltd>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[Vision]
  {6671A431-5C3D-463D-A7CF-5587F9B7E191} <C:\PROGRA~1\MMSASS~1\mmsass~1.dll, >
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[BHOImp Class]
  {70AFF2CB-9DA2-499C-8D15-900729FCE83D} <C:\WINDOWS\system32\YHBO.dll, N/A>
[Active Desktop Mover]
  {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[WinSC Class]
  {9ACEEE31-1440-471B-AA46-72B061FE7D61} <C:\WINDOWS\system32\WinSC32.dll, N/A>
[Spoolsv Class]
  {9C363D55-07D7-433D-A13E-D9C105202F6F} <C:\WINDOWS\system32\drivers\spoolsv.dll, N/A>
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FLASHGET\jccatch.dll, Amaze Soft>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[Webacc Class]
  {CAC068F3-A608-406B-8581-458788A67694} <C:\WINDOWS\system32\svchost.dll, N/A>
[AUDIO__WAV Moniker Class]
  {CD3AFA7B-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[Windows Shell]
  {D4821F47-791E-4D6E-AAF3-178A70097664} <C:\WINDOWS\system32\kbdlt32.dll, N/A>
[TencentVmpCtl Class]
  {D9819BD5-422B-4281-8523-726466ED692B} <C:\Program Files\Tencent\Viewpoint Media Player\AxMetaStream.dll, Viewpoint Corporation>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[IEHlprObj Class]
  {EAACBF9E-4B91-45FF-93ED-B297093951EA} <C:\Program Files\Internet Explorer\PLUGINS\Flash_Player.dll, Adobe System>
[WMHlprObj Class]
  {F5824EFB-728A-4726-A5A5-85A68B20EDC3} <C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll, CNNIC>
[>>彩信发送<<]
  <res://C:\PROGRA~1\MMSASS~1\mmsass~1.dll/mms.htm, N/A>
[使用网际快车下载]
  <C:\PROGRA~1\FLASHGET\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <C:\PROGRA~1\FLASHGET\jc_all.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>

==================================
正在运行的进程
[PID: 440][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 496][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 520][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 564][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 576][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 724][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 768][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
[PID: 848][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\jetspeed.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
[PID: 924][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1164][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FUICAIP.DLL]  [SEIKO EPSON CORP., 0. 3. 40, 31]
    [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\CNMUI75.DLL]  [CANON INC., 1.90.2.21]
    [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\CNMDR75.DLL]  [CANON INC., 1.90.2.21]
[PID: 1284][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\rsaci.dll]  [N/A, N/A]
[PID: 1296][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\wmerrchs32.dll]  [N/A, N/A]
[PID: 1328][C:\WINDOWS\system32\rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\MMSASS~1\MMSSVER.DLL]  [, 1, 2, 0, 6]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [C:\WINDOWS\system32\stdstub.dll]  [MS Stdup, 1, 0, 0, 4]
    [C:\WINDOWS\system32\stdplay.dll]  [ , 1, 0, 0, 5]
[PID: 1368][C:\WINDOWS\system32\ntkrnl.exe]  [N/A, N/A]
    [C:\WINDOWS\system32\dmshell.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\302~1.9\dmplayer.dll]  [千橡互联, 3, 0, 2, 8]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
[PID: 1416][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\mciwave32.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
[PID: 1444][C:\WINDOWS\system32\rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\stdupnet.dll]  [ , 4, 1, 0, 3]
    [C:\WINDOWS\system32\albus.dll]  [Albus, 1, 0, 0, 3]
    [C:\WINDOWS\system32\stdstub.dll]  [MS Stdup, 1, 0, 0, 4]
    [C:\WINDOWS\system32\stdplay.dll]  [ , 1, 0, 0, 5]
    [C:\WINDOWS\system32\stdvote.dll]  [ , 1, 0, 0, 5]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
[PID: 1520][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
[PID: 1536][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 196][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1632][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\stdstub.dll]  [MS Stdup, 1, 0, 0, 4]
    [C:\WINDOWS\system32\stdplay.dll]  [ , 1, 0, 0, 5]
    [C:\WINDOWS\system32\sttvyq75.dll]  [N/A, N/A]
    [C:\WINDOWS\webwork\webwork.nls]  [MSWebwork Cop., 1, 0, 0, 1]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [C:\PROGRA~1\MMSASS~1\albus.dll]  [Albus, 1, 0, 0, 2]
    [C:\WINDOWS\system32\kbdlt32.dll]  [N/A, N/A]
    [C:\PROGRA~1\MMSASS~1\mmsass~1.dll]  [, 1, 2, 0, 6]
    [C:\WINDOWS\system32\WinSC32.dll]  [N/A, N/A]
    [C:\PROGRA~1\FLASHGET\jccatch.dll]  [Amaze Soft, 1, 1, 4, 0]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
[PID: 1572][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\stdstub.dll]  [MS Stdup, 1, 0, 0, 4]
    [C:\WINDOWS\system32\stdplay.dll]  [ , 1, 0, 0, 5]
    [C:\Program Files\Common Files\CPUSH\cpush0.dll]  [N/A, 1.0.1.5]
    [C:\PROGRA~1\pcast\hbcast.dll]  [Shanghai Henbang Technology Co., Ltd, 1, 1, 3, 8]
    [C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 0, 0, 6]
    [C:\PROGRA~1\COMMON~1\yehoo\yehoo.dll]  [Shanghai Henbang Technology Co., Ltd, 1, 1, 6, 0]
    [C:\PROGRA~1\MMSASS~1\mmsass~1.dll]  [, 1, 2, 0, 6]
    [C:\PROGRA~1\MMSASS~1\albus.dll]  [Albus, 1, 0, 0, 2]
    [C:\WINDOWS\system32\WinSC32.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [C:\PROGRA~1\FLASHGET\jccatch.dll]  [Amaze Soft, 1, 1, 4, 0]
    [C:\WINDOWS\system32\kbdlt32.dll]  [N/A, N/A]
    [C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll]  [CNNIC, 1, 1, 0, 0]
    [C:\Program Files\Media Player Classic\Codecs\vsfilter.dll]  [Gabest, 1, 0, 0, 9]
    [C:\Program Files\Media Player Classic\codecs\OggSplitter.ax]  [Gabest, 1, 0, 0, 0]
    [C:\Program Files\KooWo\Lyric\RMSplt.ax]  [Gabest, 1, 0, 1, 1]
    [C:\WINDOWS\system32\MatroskaSplitter.ax]  [Gabest, 1, 0, 2, 4]
    [C:\Program Files\Media Player Classic\codecs\mpeg2dmx.ax]  [Moonlight Cordless Ltd., 3, 1, 190, 41018]
    [C:\Program Files\Media Player Classic\Codecs\ffdshow.ax]  [N/A, 1, 0, 0, 1]
    [C:\WINDOWS\system32\ac3filter.cpl]  [, 1.01a]
[PID: 1024][C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE]  [SEIKO EPSON CORPORATION, 4.00]
    [C:\WINDOWS\system32\stdstub.dll]  [MS Stdup, 1, 0, 0, 4]
    [C:\WINDOWS\system32\stdplay.dll]  [ , 1, 0, 0, 5]
[PID: 1508][C:\WINDOWS\system32\Rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\COMMON~1\yehoo\yehoo.dll]  [Shanghai Henbang Technology Co., Ltd, 1, 1, 6, 0]
    [C:\WINDOWS\system32\stdstub.dll]  [MS Stdup, 1, 0, 0, 4]
    [C:\WINDOWS\system32\stdplay.dll]  [ , 1, 0, 0, 5]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
[PID: 1496][C:\WINDOWS\system32\Rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\pcast\hbcast.dll]  [Shanghai Henbang Technology Co., Ltd, 1, 1, 3, 8]
    [C:\WINDOWS\system32\stdstub.dll]  [MS Stdup, 1, 0, 0, 4]
    [C:\WINDOWS\system32\stdplay.dll]  [ , 1, 0, 0, 5]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
[PID: 1804][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\stdstub.dll]  [MS Stdup, 1, 0, 0, 4]
    [C:\WINDOWS\system32\stdplay.dll]  [ , 1, 0, 0, 5]
[PID: 648][C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE]  [Microsoft Corporation, 11.0.6355]
    [C:\WINDOWS\system32\stdstub.dll]  [MS Stdup, 1, 0, 0, 4]
    [C:\WINDOWS\system32\stdplay.dll]  [ , 1, 0, 0, 5]
[PID: 3804][D:\hanson\drp6_etp\drp6_etp.exe]  [广州市易神软件科技有限公司, 6.109.102]
    [C:\WINDOWS\system32\stdstub.dll]  [MS Stdup, 1, 0, 0, 4]
    [C:\WINDOWS\system32\stdplay.dll]  [ , 1, 0, 0, 5]
[PID: 3952][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\stdstub.dll]  [MS Stdup, 1, 0, 0, 4]
    [C:\WINDOWS\system32\stdplay.dll]  [ , 1, 0, 0, 5]
[PID: 1676][E:\工具\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
    [C:\WINDOWS\system32\stdstub.dll]  [MS Stdup, 1, 0, 0, 4]
    [C:\WINDOWS\system32\stdplay.dll]  [ , 1, 0, 0, 5]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
[PID: 3108][C:\Program Files\Maxthon\Maxthon.exe]  [MY Soft Technology, 1, 1, 0, 90]
    [C:\Program Files\Maxthon\zlib.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\stdstub.dll]  [MS Stdup, 1, 0, 0, 4]
    [C:\WINDOWS\system32\stdplay.dll]  [ , 1, 0, 0, 5]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [C:\Program Files\Maxthon\Plugin\FloatBar\FloatBar.dll]  [, 1, 8, 0, 0]
    [C:\Program Files\Maxthon\Services\RealTime\real_time.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]

=================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1 www.8000qq.com
127.0.0.1 www.800f.net
127.0.0.1 www.1000sf.cn
127.0.0.1 jfengsha.comfb
127.0.0.1 www.1000yf.net
127.0.0.1 www.159sifu.com
127.0.0.1 www.9s5.cn
127.0.0.1 www.spbuy.net
127.0.0.1 www.wym.cn
127.0.0.1 www.cc4f.cn
127.0.0.1 mafan.net
127.0.0.1 www.6688qn.net
127.0.0.1 www.177z.com
127.0.0.1 www.131sf.net
127.0.0.1 tj.cntg.cn
127.0.0.1 www.spbuy.net
127.0.0.1 www.china45.net
127.0.0.1 www.ok22.com
127.0.0.1 www.17mi.net
127.0.0.1 www.sf8.com.cn
127.0.0.1 www.13177.com
127.0.0.1 ip94.fd4f.com
127.0.0.1 www.521it.net
127.0.0.1 www.ytdj.cn
127.0.0.1 www.fwoool.cn
127.0.0.1 www.5u37.net
127.0.0.1 www.87sf.com
127.0.0.1 ww1.swoool.com
127.0.0.1 wooljsz.cn
127.0.0.1 www.57wool.com
127.0.0.1 www.58816.com
127.0.0.1 www.spbuy.net
127.0.0.1 chuanqisjsf.blwool.com
127.0.0.1 www.woool188.com
127.0.0.1 www.sf1260.com
127.0.0.1 linf23.b12.cnwg.cn
127.0.0.1 www.wooolweb.com
127.0.0.1 www.yq520.net
127.0.0.1 www.cs222.com
127.0.0.1 www.ok22.com
127.0.0.1 www.7100sf.com
127.0.0.1 www.1352sf.com
127.0.0.1 www.458wool.cn
127.0.0.1 www.555woool.cn
127.0.0.1 www.kaosf.com
127.0.0.1 www.siyuwl.com
127.0.0.1 www.csjsz.cn
127.0.0.1 www.13177.com
127.0.0.1 www.458cs.com
127.0.0.1 www.5573.com
127.0.0.1 www.02945.com
127.0.0.1 www.pkchina.net
127.0.0.1 www.5181314.com
127.0.0.1 www.fknf2.com
127.0.0.1 www2.yoursf.com
127.0.0.1 www.paocs.com
127.0.0.1 www.sfboke.com
127.0.0.1 www.tt878.com
127.0.0.1 ww1.woool188.com
127.0.0.1 www.cs119.com
127.0.0.1 www.xdwoool.net
127.0.0.1 www.tt515.com
127.0.0.1 www.cs176.com
127.0.0.1 www.552sf.com
127.0.0.1 www.ipmir.com
127.0.0.1 www.898woool.com
127.0.0.1 www.qqks.com
127.0.0.1 www.368idc.com
127.0.0.1 www.csbaba.com
127.0.0.1 www.4745.cn
127.0.0.1 www.636400.com
127.0.0.1 www.oursf.cn
127.0.0.1 www.laiba173.com
127.0.0.1 www.14455.com
127.0.0.1 www.zheshan.net
127.0.0.1 zt.aaaaasf.cn
127.0.0.1 www.zt1314.cn
127.0.0.1 www.zt4f.net
127.0.0.1 www.zt002.com
127.0.0.1 www.amir3.com
127.0.0.1 www.sf1717.com
127.0.0.1 www.cq333.cn
127.0.0.1 www.3316.cn
127.0.0.1 www.sosmir3.com
127.0.0.1 www.95279.com
127.0.0.1 www.sf1788.com
127.0.0.1 www.4fboss.com
127.0.0.1 www.45net.net
127.0.0.1 www.ytdj.cn
127.0.0.1 www.laiba173.com
127.0.0.1 www.wow1314.com
127.0.0.1 www.zgwow.com
127.0.0.1 www.1000wow.net
127.0.0.1 www.gowowsf.com
127.0.0.1 www.wowsf.com
127.0.0.1 www.wxwow.com
127.0.0.1 520.xinwow.com
127.0.0.1 www.wowhelp.cn
127.0.0.1 www.800wow.com
127.0.0.1 www.56wow.com
127.0.0.1 www.45wow.com
127.0.0.1 www.sfhao123.net
127.0.0.1 www.lian2.cn
127.0.0.1 www.14455.com
127.0.0.1 www.sfgoogle.cn
127.0.0.1 www.45top.com
127.0.0.1 www.915mu.com
127.0.0.1 www.gm911.net
127.0.0.1 www.4000mu.com
127.0.0.1 www.99musf.com
127.0.0.1 www.mu45.com
127.0.0.1 www.369mu.com
127.0.0.1 www.525sf.com
127.0.0.1 www.2345w.com
127.0.0.1 www.3jsf.net
127.0.0.1 www.ttfsf.com
127.0.0.1 www.521ee.com
127.0.0.1 www.997j.com
127.0.0.1 www.wz4f.net
127.0.0.1 www.hott2.com
127.0.0.1 www.398q.com
127.0.0.1 www.tt1314.com
127.0.0.1 www.tt2sf.net
127.0.0.1 www.sifu114.com
127.0.0.1 www.2z2.cn
127.0.0.1 www.haosf.com
127.0.0.1 www.cqsf999.com
127.0.0.1 www.zhaosf.com
127.0.0.1 www.920666.com
127.0.0.1 www.450666.com
127.0.0.1 www.3000ok.com
127.0.0.1 www.3000ok.net

==================================