系统日志:


2006-10-17,10:11:48

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows 2000 Professional Service Pack 4 (Build 2195)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><; ctfmon.exe>  [Microsoft Corporation]
    <BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}><; ; "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe">  [N/A]
    <caishowmanage><; ; C:\Program Files\CaiShow Tech\CaiShow\UpdateManager.EXE>  [N/A]
    <PcSync><; C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog>  [N/A]
    <Sony Ericsson PC Suite><; "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /Minimized>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <OfficeScanNT Monitor><"C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow>  [Trend Micro Inc.]
    <Synchronization Manager><; mobsync.exe /logon>  [(Verified)Microsoft Corporation]
    <Cmaudio><; ; RunDll32 cmicnfg.cpl,CMICtrlWnd>  [N/A]
    <CnsMHlp.exe><; ; C:\WINNT\Downloaded Program files\CnsMHlp.exe>  [N/A]
    <EXPLOEER><; ; C:\Program Files\Internet Explorer\Mui\0112_16.exe>  [N/A]
    <ezShieldProtector for Px><; ; C:\WINNT\system32\ezSP_Px.exe>  [Easy Systems Japan Ltd.]
    <hxgame-update><; C:\Program Files\hxupdate\hxgame-update.exe>  [N/A]
    <IESAddr><; ; C:\Program Files\Internet Explorer\Mui\0112_16.exe>  [N/A]
    <IMSCMig><; C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [(Verified)Microsoft Corporation]
    <ISUSPM Startup><; ; C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup>  [InstallShield Software Corporation]
    <ISUSScheduler><; ; "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start>  [N/A]
    <KService><; ; C:\WINNT\system32\KService.exe>  [N/A]
    <NetVideoNews><; ; C:\Program Files\BBsee\BBsee.exe>  [N/A]
    <RichMedia><; ; C:\WINNT\system32\Rundll32.exe  "C:\PROGRA~1\HBClient\hbhelper.dll",WaitWindows>  [N/A]
    <Super Rabbit Desktop Set><; C:\Program Files\Super Rabbit\MagicSet\DS.EXE /Load>  [Super Rabbit Software]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINNT\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <webwork><C:\WINNT\webwork\webwork.dll>  [MSWebwork Cop.]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINNT\system32\sstext3d.scr>  [(Verified)Microsoft Corporation]

==================================
启动文件夹
N/A

==================================
服务
[ASP.NET State Service / aspnet_state]
  <C:\WINNT\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[C-DillaCdaC11BA / C-DillaCdaC11BA]
  <C:\WINNT\system32\drivers\CDAC11BA.EXE><Macrovision>
[Logical Disk Manager Administrative Service / dmadmin]
  <C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[InstallDriver Table Manager / IDriverT]
  <"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"><Macrovision Corporation>
[JMediaService / JMediaService]
  <C:\WINNT\system32\rundll32.exe C:\PROGRA~1\MMSASS~1\MMSSVER.DLL,Service><Microsoft Corporation>
[MD Simple Burner Service / NetMDSB]
  <C:\Program Files\Sony\MD Simple Burner\NetMDSB.exe><Sony Corporation>
[OfficeScanNT 实时扫描 / ntrtscan]
  <"C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe"><Trend Micro Inc.>
[OfficeScanNT 个人防火墙 / OfcPfwSvc]
  <"C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwSvc.exe"><Trend Micro Inc.>
[PACSPTISVR / PACSPTISVR]
  <"C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe"><Sony Corporation>
[Sony SPTI Service / SPTISRV]
  <"C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe"><Sony Corporation>
[OfficeScanNT 侦听程序 / tmlisten]
  <"C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe"><Trend Micro Inc.>

==================================
驱动程序
[Albus / Albus]
  <\SystemRoot\system32\drivers\Albus.SYS><N/A>
[CdaC15BA / CdaC15BA]
  <\??\C:\WINNT\system32\drivers\CDAC15BA.SYS><Macrovision Europe Ltd>
[C-Media WDM Audio Interface / cmuda]
  <system32\drivers\cmuda.sys><C-Media Inc>
[dmboot / dmboot]
  <System32\drivers\dmboot.sys><VERITAS Software Corp.>
[Logical Disk Manager Driver / dmio]
  <\SystemRoot\System32\drivers\dmio.sys><VERITAS Software Corp.>
[dmload / dmload]
  <\SystemRoot\System32\drivers\dmload.sys><VERITAS Software Corp.>
[dtscsi / dtscsi]
  <\SystemRoot\System32\Drivers\dtscsi.sys><N/A>
[InCD File System / InCDFs]
  <system32\drivers\InCDFs.sys><N/A>
[InCDPass / InCDPass]
  <system32\drivers\InCDPass.sys><N/A>
[InCD Reader / InCDRm]
  <system32\drivers\InCDRm.sys><N/A>
[Net MD / NETMDUSB]
  <System32\Drivers\NETMDUSB.sys><Sony Corporation>
[Nokia USB Generic / Nokia USB Generic]
  <system32\drivers\nmwcdc.sys><Nokia>
[Nokia USB Phone Parent / Nokia USB Phone Parent]
  <system32\drivers\nmwcd.sys><Nokia>
[npkcrypt / npkcrypt]
  <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv4 / nv4]
  <System32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[PCTINDIS5 NDIS Protocol Driver / PCTINDIS5]
  <\??\C:\WINNT\system32\PCTINDIS5.SYS><N/A>
[Direct Parallel Link Driver / Ptilink]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[pwd_2K / pwd_2K]
  <C:\WINNT\SYSTEM32\DRIVERS\pwd_2K.SYS><Roxio>
[PxHelp20 / PxHelp20]
  <\SystemRoot\system32\DRIVERS\PxHelp20.sys><VERITAS Software, Inc.>
[Realtek RTL8139-based PCI Fast Ethernet Adapter NT Driver / rtl8139]
  <System32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[SiS AGP Filter / SISAGP]
  <\SystemRoot\System32\DRIVERS\SISAGPx.sys><Silicon Integrated Systems Corporation>
[Sony USBSTOR.SYS Filter / SONYFILT]
  <System32\Drivers\SonyUSBF.sys><Sony Corporation>
[Sony Memory Stick Driver(SONYPVM1) / SONYPVM1]
  <\SystemRoot\System32\DRIVERS\SONYPVM1.SYS><Sony Corporation>
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1]
  <System32\DRIVERS\SONYPVU1.SYS><Sony Corporation>
[Sony USB Mass Storage Driver / SonySDK2]
  <\SystemRoot\system32\DRIVERS\SonySDK2.sys><Sony Corporation>
[sptd / sptd]
  <\SystemRoot\System32\Drivers\sptd.sys><N/A>
[Trend Micro Filter / TmFilter]
  <\??\C:\Program Files\Trend Micro\OfficeScan Client\TmFilter.sys><Trend Micro Inc.>
[Trend Micro VSAPI NT / VSApiNt]
  <\??\C:\Program Files\Trend Micro\OfficeScan Client\VSApiNt.sys><Trend Micro Inc.>
[Sony Ericsson W550 driver (WDM) / w550bus]
  <system32\DRIVERS\w550bus.sys><N/A>
[Sony Ericsson W550 USB WMC Modem Filter / w550mdfl]
  <system32\DRIVERS\w550mdfl.sys><N/A>

==================================

浏览器加载项
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINNT\System32\msdxm.ocx, Microsoft Corporation>
[Edit Class]
  {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINNT\system32\CMBEdit.dll, >
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINNT\system32\Macromed\Flash\Flash8a.ocx, Macromedia, Inc.>
[导出到 Microsoft Office Excel(&X)]
  <res://E:\工具目录\office\OFFICE11\EXCEL.EXE/3000, N/A>

==================================
正在运行的进程
[PID: 192][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.00.2195.6601]
[PID: 216][\??\C:\WINNT\system32\csrss.exe]  [Microsoft Corporation, 5.00.2195.6601]
[PID: 236][\??\C:\WINNT\system32\winlogon.exe]  [Microsoft Corporation, 5.00.2195.6997]
    [C:\WINNT\system32\JPWB.IME]  [常诚研制, 4.00.950]
[PID: 268][C:\WINNT\system32\services.exe]  [Microsoft Corporation, 5.00.2195.7035]
    [C:\WINNT\system32\dmserver.dll]  [VERITAS Software Corp., 2195.6605.297.3]
[PID: 280][C:\WINNT\system32\lsass.exe]  [Microsoft Corporation, 5.00.2195.7011]
[PID: 460][C:\WINNT\system32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 484][C:\WINNT\system32\spoolsv.exe]  [Microsoft Corporation, 5.00.2195.7059]
    [C:\WINNT\system32\E_SL2070.DLL]  [SEIKO EPSON CORPORATION, 2, 8, 0, 0]
    [C:\WINNT\system32\E_SL2602.DLL]  [SEIKO EPSON CORPORATION, 1, 3, 0, 0]
[PID: 552][C:\WINNT\System32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 624][C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcDog.dll]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInAPI.dll]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\TimeString.dll]  [N/A, N/A]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcPIPC.dll]  [N/A, N/A]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInMain.dll]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInTray.dll]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\tmdbg20.dll]  [trend_company_name, 1, 0, 0, 1]
[PID: 684][C:\WINNT\system32\MSTask.exe]  [Microsoft Corporation, 4.71.2195.6972]
[PID: 744][C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\TMSOCK.dll]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\loadhttp.dll]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInAPI.dll]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcPIPC.dll]  [N/A, N/A]
    [C:\Program Files\Trend Micro\OfficeScan Client\libTmCAV.dll]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\Pwd.dll]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcDog.dll]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\tmdbg20.dll]  [trend_company_name, 1, 0, 0, 1]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInMain.dll]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInTray.dll]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\TmUpdate.dll]  [Trend Micro Inc., 2,63,0,1007]
[PID: 804][C:\WINNT\System32\WBEM\WinMgmt.exe]  [Microsoft Corporation, 1.50.1085.0100]
[PID: 828][C:\WINNT\System32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 840][C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwSvc.exe]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwCommon.dll]  [N/A, N/A]
    [C:\Program Files\Trend Micro\OfficeScan Client\ZLib.dll]  [Trend Micro Inc., 1.31.0.1708]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcPIPC.dll]  [N/A, N/A]
    [C:\Program Files\Trend Micro\OfficeScan Client\tmdbg20.dll]  [trend_company_name, 1, 0, 0, 1]
    [C:\Program Files\Trend Micro\OfficeScan Client\tmCfwApi.dll]  [Trend Micro Inc., 1.2.0.1020]
    [C:\WINNT\system32\JPWB.IME]  [常诚研制, 4.00.950]
[PID: 1100][C:\WINNT\Explorer.EXE]  [Microsoft Corporation, 5.00.3700.6690]
    [C:\WINNT\system32\JPWB.IME]  [常诚研制, 4.00.950]
    [C:\WINNT\system32\AcSignIcon.dll]  [Autodesk, 16.0.0.86]
    [C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll]  [Autodesk, 16.0.0.86]
    [C:\WINNT\webwork\webwork.nls]  [MSWebwork Cop., 1, 0, 0, 1]
    [C:\WINNT\system32\vp6dec_settings.cpl]  [N/A, N/A]
    [C:\WINNT\System\cmicnfg.cpl]  [C-Media Corporation, 1, 0, 0, 14]
    [C:\WINNT\system32\styleman.cpl]  [Autodesk, Inc., 8.0.16.86]
    [C:\WINNT\system32\plotman.cpl]  [Autodesk, Inc., 8.0.16.86]
    [E:\工具目录\Adobe Reader 7.07 简体中文版\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [E:\工具目录\压缩文件目录\rarext.dll]  [N/A, N/A]
[PID: 652][C:\WINNT\TEMP\KFE98A.EXE]  [N/A, N/A]
[PID: 1124][C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\loadhttp.dll]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\Pwd.dll]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInAPI.dll]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcPIPC.dll]  [N/A, N/A]
    [C:\Program Files\Trend Micro\OfficeScan Client\TimeString.dll]  [N/A, N/A]
    [C:\Program Files\Trend Micro\OfficeScan Client\ntmonres.dll]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInMain.dll]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInTray.dll]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\tmdbg20.dll]  [trend_company_name, 1, 0, 0, 1]
    [C:\WINNT\system32\JPWB.IME]  [常诚研制, 4.00.950]
[PID: 1160][C:\WINNT\system32\ctfmon.exe]  [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
    [C:\WINNT\system32\JPWB.IME]  [常诚研制, 4.00.950]
[PID: 1408][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2800.1106]
    [C:\WINNT\system32\JPWB.IME]  [常诚研制, 4.00.950]
    [C:\WINNT\system32\AcSignIcon.dll]  [Autodesk, 16.0.0.86]
[PID: 1332][F:\杀毒软件\新建文件夹\sreng最新版\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINNT\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

2006-11-09,13:44:42

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows 2000 Professional Service Pack 4 (Build 2195)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><ctfmon.exe>  [Microsoft Corporation]
    <BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}><; ; "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe">  [N/A]
    <caishowmanage><; ; C:\Program Files\CaiShow Tech\CaiShow\UpdateManager.EXE>  [N/A]
    <PcSync><; C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog>  [N/A]
    <Sony Ericsson PC Suite><; "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /Minimized>  [N/A]
    <Super Rabbit IEPro><C:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE /LOAD>  [Super Rabbit Soft]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <OfficeScanNT Monitor><"C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow>  [Trend Micro Inc.]
    <Synchronization Manager><mobsync.exe /logon>  [(Verified)Microsoft Corporation]
    <CnsMHlp.exe><; ; C:\WINNT\Downloaded Program files\CnsMHlp.exe>  [N/A]
    <IMSCMig><; C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [(Verified)Microsoft Corporation]
    <ISUSPM Startup><; ; C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup>  [InstallShield Software Corporation]
    <ISUSScheduler><; ; "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start>  [N/A]
    <KService><; ; C:\WINNT\system32\KService.exe>  [N/A]
    <NetVideoNews><; ; C:\Program Files\BBsee\BBsee.exe>  [N/A]
    <Super Rabbit Desktop Set><; C:\Program Files\Super Rabbit\MagicSet\DS.EXE /Load>  [Super Rabbit Software]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINNT\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINNT\system32\sstext3d.scr>  [(Verified)Microsoft Corporation]

==================================
启动文件夹
N/A

==================================
服务
[ASP.NET State Service / aspnet_state]
  <C:\WINNT\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[C-DillaCdaC11BA / C-DillaCdaC11BA]
  <C:\WINNT\system32\drivers\CDAC11BA.EXE><Macrovision>
[Logical Disk Manager Administrative Service / dmadmin]
  <C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[InstallDriver Table Manager / IDriverT]
  <"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"><Macrovision Corporation>
[MD Simple Burner Service / NetMDSB]
  <C:\Program Files\Sony\MD Simple Burner\NetMDSB.exe><Sony Corporation>
[OfficeScanNT 实时扫描 / ntrtscan]
  <"C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe"><Trend Micro Inc.>
[OfficeScanNT 个人防火墙 / OfcPfwSvc]
  <"C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwSvc.exe"><Trend Micro Inc.>
[PACSPTISVR / PACSPTISVR]
  <"C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe"><Sony Corporation>
[Servicel / Servicel]
  <C:\WINNT\System32\svchost.exe -k netsvcs-->C:\WINNT\system32\jetspeed.dll><>
[Sony SPTI Service / SPTISRV]
  <"C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe"><Sony Corporation>
[OfficeScanNT 侦听程序 / tmlisten]
  <"C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe"><Trend Micro Inc.>
[WMDM PMSP Service / WMDM PMSP Service]
  <C:\WINNT\system32\mspmspsv.exe><Microsoft Corporation>

==================================
驱动程序
[CdaC15BA / CdaC15BA]
  <\??\C:\WINNT\system32\drivers\CDAC15BA.SYS><Macrovision Europe Ltd>
[C-Media WDM Audio Interface / cmuda]
  <system32\drivers\cmuda.sys><C-Media Inc>
[dmboot / dmboot]
  <System32\drivers\dmboot.sys><VERITAS Software Corp.>
[Logical Disk Manager Driver / dmio]
  <\SystemRoot\System32\drivers\dmio.sys><VERITAS Software Corp.>
[dmload / dmload]
  <\SystemRoot\System32\drivers\dmload.sys><VERITAS Software Corp.>
[dtscsi / dtscsi]
  <\SystemRoot\System32\Drivers\dtscsi.sys><N/A>
[InCD File System / InCDFs]
  <system32\drivers\InCDFs.sys><N/A>
[InCDPass / InCDPass]
  <system32\drivers\InCDPass.sys><N/A>
[InCD Reader / InCDRm]
  <system32\drivers\InCDRm.sys><N/A>
[Net MD / NETMDUSB]
  <System32\Drivers\NETMDUSB.sys><Sony Corporation>
[Nokia USB Generic / Nokia USB Generic]
  <system32\drivers\nmwcdc.sys><Nokia>
[Nokia USB Phone Parent / Nokia USB Phone Parent]
  <system32\drivers\nmwcd.sys><Nokia>
[npkcrypt / npkcrypt]
  <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv4 / nv4]
  <System32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[PCTINDIS5 NDIS Protocol Driver / PCTINDIS5]
  <\??\C:\WINNT\system32\PCTINDIS5.SYS><N/A>
[Direct Parallel Link Driver / Ptilink]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[pwd_2K / pwd_2K]
  <C:\WINNT\SYSTEM32\DRIVERS\pwd_2K.SYS><Roxio>
[PxHelp20 / PxHelp20]
  <\SystemRoot\system32\DRIVERS\PxHelp20.sys><VERITAS Software, Inc.>
[Realtek RTL8139-based PCI Fast Ethernet Adapter NT Driver / rtl8139]
  <System32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[SiS AGP Filter / SISAGP]
  <\SystemRoot\System32\DRIVERS\SISAGPx.sys><Silicon Integrated Systems Corporation>
[Sony USBSTOR.SYS Filter / SONYFILT]
  <System32\Drivers\SonyUSBF.sys><Sony Corporation>
[Sony Memory Stick Driver(SONYPVM1) / SONYPVM1]
  <\SystemRoot\System32\DRIVERS\SONYPVM1.SYS><Sony Corporation>
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1]
  <System32\DRIVERS\SONYPVU1.SYS><Sony Corporation>
[Sony USB Mass Storage Driver / SonySDK2]
  <\SystemRoot\system32\DRIVERS\SonySDK2.sys><Sony Corporation>
[sptd / sptd]
  <\SystemRoot\System32\Drivers\sptd.sys><N/A>
[Trend Micro Filter / TmFilter]
  <\??\C:\Program Files\Trend Micro\OfficeScan Client\TmFilter.sys><Trend Micro Inc.>
[Trend Micro VSAPI NT / VSApiNt]
  <\??\C:\Program Files\Trend Micro\OfficeScan Client\VSApiNt.sys><Trend Micro Inc.>
[Sony Ericsson W550 driver (WDM) / w550bus]
  <system32\DRIVERS\w550bus.sys><N/A>
[Sony Ericsson W550 USB WMC Modem Filter / w550mdfl]
  <system32\DRIVERS\w550mdfl.sys><N/A>

==================================

浏览器加载项
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINNT\System32\msdxm.ocx, Microsoft Corporation>
[Edit Class]
  {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINNT\system32\CMBEdit.dll, >
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINNT\system32\Macromed\Flash\Flash8a.ocx, Macromedia, Inc.>
[导出到 Microsoft Office Excel(&X)]
  <res://E:\工具目录\office\OFFICE11\EXCEL.EXE/3000, N/A>

==================================
正在运行的进程
[PID: 192][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.00.2195.6601]
[PID: 216][\??\C:\WINNT\system32\csrss.exe]  [Microsoft Corporation, 5.00.2195.6601]
[PID: 236][\??\C:\WINNT\system32\winlogon.exe]  [Microsoft Corporation, 5.00.2195.6997]
    [C:\WINNT\system32\JPWB.IME]  [常诚研制, 4.00.950]
[PID: 268][C:\WINNT\system32\services.exe]  [Microsoft Corporation, 5.00.2195.7035]
    [C:\WINNT\system32\dmserver.dll]  [VERITAS Software Corp., 2195.6605.297.3]
[PID: 280][C:\WINNT\system32\lsass.exe]  [Microsoft Corporation, 5.00.2195.7011]
[PID: 452][C:\WINNT\system32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 480][C:\WINNT\system32\spoolsv.exe]  [Microsoft Corporation, 5.00.2195.7059]
    [C:\WINNT\system32\E_SL2070.DLL]  [SEIKO EPSON CORPORATION, 2, 8, 0, 0]
    [C:\WINNT\system32\E_SL2602.DLL]  [SEIKO EPSON CORPORATION, 1, 3, 0, 0]
[PID: 540][C:\WINNT\System32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
    [c:\winnt\system32\jetspeed.dll]  [, 1, 0, 0, 1]
[PID: 576][C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcDog.dll]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInAPI.dll]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\TimeString.dll]  [N/A, N/A]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcPIPC.dll]  [N/A, N/A]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInMain.dll]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInTray.dll]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\tmdbg20.dll]  [trend_company_name, 1, 0, 0, 1]
[PID: 644][C:\WINNT\system32\MSTask.exe]  [Microsoft Corporation, 4.71.2195.6972]
[PID: 668][C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\TMSOCK.dll]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\loadhttp.dll]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInAPI.dll]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcPIPC.dll]  [N/A, N/A]
    [C:\Program Files\Trend Micro\OfficeScan Client\libTmCAV.dll]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\Pwd.dll]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcDog.dll]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\tmdbg20.dll]  [trend_company_name, 1, 0, 0, 1]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInMain.dll]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInTray.dll]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\TmUpdate.dll]  [Trend Micro Inc., 2,63,0,1007]
[PID: 748][C:\WINNT\System32\WBEM\WinMgmt.exe]  [Microsoft Corporation, 1.50.1085.0100]
[PID: 764][C:\WINNT\System32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 776][C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwSvc.exe]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwCommon.dll]  [N/A, N/A]
    [C:\Program Files\Trend Micro\OfficeScan Client\ZLib.dll]  [Trend Micro Inc., 1.31.0.1708]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcPIPC.dll]  [N/A, N/A]
    [C:\Program Files\Trend Micro\OfficeScan Client\tmdbg20.dll]  [trend_company_name, 1, 0, 0, 1]
    [C:\Program Files\Trend Micro\OfficeScan Client\tmCfwApi.dll]  [Trend Micro Inc., 1.2.0.1020]
    [C:\WINNT\system32\JPWB.IME]  [常诚研制, 4.00.950]
[PID: 1052][C:\WINNT\TEMP\MCA0D0.EXE]  [N/A, N/A]
[PID: 1176][C:\WINNT\Explorer.EXE]  [Microsoft Corporation, 5.00.3700.6690]
    [C:\WINNT\system32\JPWB.IME]  [常诚研制, 4.00.950]
    [C:\WINNT\system32\AcSignIcon.dll]  [Autodesk, 16.0.0.86]
    [C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll]  [Autodesk, 16.0.0.86]
    [E:\工具目录\Adobe Reader 7.07 简体中文版\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [E:\工具目录\压缩文件目录\rarext.dll]  [N/A, N/A]
    [C:\WINNT\system32\vp6dec_settings.cpl]  [N/A, N/A]
    [C:\WINNT\System\cmicnfg.cpl]  [C-Media Corporation, 1, 0, 0, 14]
    [C:\WINNT\system32\styleman.cpl]  [Autodesk, Inc., 8.0.16.86]
    [C:\WINNT\system32\plotman.cpl]  [Autodesk, Inc., 8.0.16.86]
[PID: 1248][C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\loadhttp.dll]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\Pwd.dll]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInAPI.dll]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcPIPC.dll]  [N/A, N/A]
    [C:\Program Files\Trend Micro\OfficeScan Client\TimeString.dll]  [N/A, N/A]
    [C:\Program Files\Trend Micro\OfficeScan Client\ntmonres.dll]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInMain.dll]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInTray.dll]  [Trend Micro Inc., 7.3.0.1028]
    [C:\Program Files\Trend Micro\OfficeScan Client\tmdbg20.dll]  [trend_company_name, 1, 0, 0, 1]
    [C:\WINNT\system32\JPWB.IME]  [常诚研制, 4.00.950]
[PID: 1264][C:\WINNT\system32\ctfmon.exe]  [Microsoft Corporation, 1.00.2409.34 built by: Lab06_N]
    [C:\WINNT\system32\JPWB.IME]  [常诚研制, 4.00.950]
[PID: 1268][E:\工具目录\office\OFFICE11\WINWORD.EXE]  [Microsoft Corporation, 11.0.5604]
    [C:\WINNT\system32\JPWB.IME]  [常诚研制, 4.00.950]
    [C:\WINNT\system32\AcSignIcon.dll]  [Autodesk, 16.0.0.86]
    [C:\WINNT\system32\spool\DRIVERS\W32X86\3\EPTAK7AC.DLL]  [SEIKO EPSON CORPORATION, 3.5.0]
    [C:\WINNT\system32\spool\DRIVERS\W32X86\3\EPTAK7CC.DLL]  [SEIKO EPSON CORPORATION, 3.5.0]
    [C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll]  [Autodesk, 16.0.0.86]
    [C:\Program Files\Common Files\Microsoft Shared\Web Folders\2052\nsextint.dll]  [N/A, N/A]
    [E:\工具目录\Adobe Reader 7.07 简体中文版\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
[PID: 1168][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2800.1106]
    [C:\WINNT\system32\AcSignIcon.dll]  [Autodesk, 16.0.0.86]
    [C:\WINNT\system32\Macromed\Flash\Flash8a.ocx]  [Macromedia, Inc., 8,0,24,0]
[PID: 880][F:\杀毒软件\sreng最新版\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINNT\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================