2006-11-23,08:14:32

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
    <bgswitch><C:\WINDOWS\system32\bgswitch.exe>  [N/A]
    <eMuleAutoStart><C:\Program Files\eMule\emule.exe -AutoStart>  [http://www.emule.org.cn]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <SoundMan><SOUNDMAN.EXE>  [(Verified)Realtek Semiconductor Corp.]
    <IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [(Verified)Microsoft Corporation]
    <ShStatEXE><"C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE>  [Network Associates, Inc.]
    <McAfeeUpdaterUI><"C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey>  [Network Associates, Inc.]
    <Network Associates Error Reporting Service><"C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe">  [Network Associates, Inc.]
    <DAEMON Tools><"C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033>  [(Verified)DT Soft Ltd.]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <dla><C:\WINDOWS\system32\dla\tfswctrl.exe>  [Sonic Solutions]
    <ISUSPM Startup><C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup>  [InstallShield Software Corporation]
    <ISUSScheduler><"C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start>  [InstallShield Software Corporation]
    <MM Player><D:\Program Files\Caiping.com.cn\MM Player\MMPlayer.exe>  [N/A]
    <GADServer><C:\WINDOWS\system32\\GAdServer.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
    <UIHost><"\Program Files\Logonui\Logonui.exe">  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <MediaCheck><C:\PROGRA~1\Kuree\MService.dll>  [N/A]

==================================
启动文件夹
[Monitor Apache Servers]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Monitor Apache Servers.lnk --> C:\PROGRA~1\APACHE~1\Apache2\bin\APACHE~1.EXE [Apache Software Foundation]><N>

==================================
服务
[Apache2 / Apache2]
  <"C:\Program Files\Apache Group\Apache2\bin\Apache.exe" -k runservice><Apache Software Foundation>
[Autodesk Licensing Service / Autodesk Licensing Service]
  <"C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"><Autodesk, Inc.>
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[McAfee Framework 服务 / McAfeeFramework]
  <C:\Program Files\Network Associates\Common Framework\FrameworkService.exe /ServiceStart><Network Associates, Inc.>
[Network Associates McShield / McShield]
  <"C:\Program Files\Network Associates\VirusScan\Mcshield.exe"><Network Associates, Inc.>
[Network Associates Task Manager / McTaskManager]
  <"C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe"><Network Associates, Inc.>
[msdtc.exe / msdtc.exe]
  <C:\WINDOWS\msdtc.exe><N/A>
[SVCHOST.EXE / SVCHOST.EXE]
  <C:\Program Files\Common Files\Microsoft Shared\MSINFO\SVCHOST.EXE><N/A>
[Apache Tomcat / Tomcat5]
  <"C:\Tomcat 5.0\bin\tomcat5.exe" //RS//Tomcat5><Apache Software Foundation>
[Visual Studio Analyzer RPC bridge / Visual Studio Analyzer RPC bridge]
  <C:\Program Files\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\varpc.exe><Microsoft Corporation>

==================================
驱动程序
[369062 / 369062]
  <\SystemRoot\System32\drivers\369062.sys><N/A>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[cda1000 / cda1000]
  <C:\WINDOWS\SYSTEM32\DRIVERS\cda1000.SYS><Adaptec, Inc.>
[Cinemsup / Cinemsup]
  <C:\WINDOWS\SYSTEM32\DRIVERS\Cinemsup.SYS><Sonic Solutions>
[drvmcdb / drvmcdb]
  <\SystemRoot\system32\DRIVERS\drvmcdb.sys><Sonic Solutions>
[drvnddm / drvnddm]
  <system32\drivers\drvnddm.sys><Sonic Solutions>
[dtscsi / dtscsi]
  <\SystemRoot\System32\Drivers\dtscsi.sys><N/A>
[NaiAvFilter1 / NaiAvFilter1]
  <system32\drivers\naiavf5x.sys><Network Associates, Inc.>
[NaiAvTdi1 / NaiAvTdi1]
  <system32\drivers\mvstdi5x.sys><Network Associates, Inc.>
[nv / nv]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20]
  <\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv]
  <system32\DRIVERS\secdrv.sys><N/A>
[Si3112 / Si3112]
  <C:\WINDOWS\SYSTEM32\DRIVERS\Si3112.SYS><Silicon Image, Inc.>
[sptd / sptd]
  <\SystemRoot\System32\Drivers\sptd.sys><N/A>
[sscdbhk5 / sscdbhk5]
  <system32\drivers\sscdbhk5.sys><Sonic Solutions>
[ssrtln / ssrtln]
  <system32\drivers\ssrtln.sys><Sonic Solutions>
[TCP/IP Protocol Driver / Tcpip]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[tfsnboio / tfsnboio]
  <system32\dla\tfsnboio.sys><Sonic Solutions>
[tfsncofs / tfsncofs]
  <system32\dla\tfsncofs.sys><Sonic Solutions>
[tfsndrct / tfsndrct]
  <system32\dla\tfsndrct.sys><Sonic Solutions>
[tfsndres / tfsndres]
  <system32\dla\tfsndres.sys><Sonic Solutions>
[tfsnifs / tfsnifs]
  <system32\dla\tfsnifs.sys><Sonic Solutions>
[tfsnopio / tfsnopio]
  <system32\dla\tfsnopio.sys><Sonic Solutions>
[tfsnpool / tfsnpool]
  <system32\dla\tfsnpool.sys><Sonic Solutions>
[tfsnudf / tfsnudf]
  <system32\dla\tfsnudf.sys><Sonic Solutions>
[tfsnudfa / tfsnudfa]
  <system32\dla\tfsnudfa.sys><Sonic Solutions>

浏览器加载项
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[IeCatch5 Class]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <C:\PROGRA~1\FlashGet\jccatch.dll, FlashGet>
[gFlash Class]
  {F156768E-81EF-470C-9057-481BA8380DBA} <C:\PROGRA~1\FlashGet\getflash.dll, N/A>
[Web Browser Applet Control]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\system32\Msjava.dll, Microsoft Corporation>
[豪杰超级解霸9]
  {367E0A21-8601-4986-9C9A-153BF5ACA118} <C:\Program Files\Herosoft\Hero 9\STHSDVD.EXE, herosoft>
[番茄花园]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.tomatolei.com, N/A>
[信息检索(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[FlashGet]
  {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <C:\PROGRA~1\FlashGet\flashget.exe, FlashGet.com>
[精彩图铃]
  {EE60714F-AC27-427e-861A-FD60CBDF119A} <http://click2.ad4all.net/url2/urlmanage/url.asp?id=163, N/A>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FlashGet\fgiebar.dll, Amaze Soft>
[Java Plug-in 1.4.2]
  {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll, JavaSoft / Sun Microsystems, Inc.>
[Java Plug-in 1.4.2]
  {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} <C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll, JavaSoft / Sun Microsystems, Inc.>
[Rising Web Scan Object]
  {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <C:\WINDOWS\Downloaded Program Files\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Web Browser Applet Control]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\system32\Msjava.dll, Microsoft Corporation>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, Microsoft Corporation>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\Mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[IeCatch5 Class]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <C:\PROGRA~1\FlashGet\jccatch.dll, FlashGet>
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[DriveLetterAccess]
  {5CA3D70E-1895-11CF-8E15-001234567890} <C:\WINDOWS\system32\dla\tfswshx.dll, Sonic Solutions>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\Mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\system\msadc\msadco.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8.ocx, Macromedia, Inc.>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FlashGet\fgiebar.dll, Amaze Soft>
[Rising Web Scan Object]
  {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <C:\WINDOWS\Downloaded Program Files\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[gFlash Class]
  {F156768E-81EF-470C-9057-481BA8380DBA} <C:\PROGRA~1\FlashGet\getflash.dll, N/A>
[使用网际快车下载]
  <C:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <C:\Program Files\FlashGet\jc_all.htm, N/A>
[使用超级解霸播放]
  <C:\Program Files\Herosoft\Hero 9\MPURLGET.HTM, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[精彩图铃]
  <C:\Program Files\AD4All\link2\phone.htm, N/A>

==================================
正在运行的进程
[PID: 524][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 572][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 596][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 644][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\EntApi.dll]  [Network Associates, Inc, 8.0.0.277]
[PID: 656][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\EntApi.dll]  [Network Associates, Inc, 8.0.0.277]
[PID: 860][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\EntApi.dll]  [Network Associates, Inc, 8.0.0.277]
[PID: 908][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\EntApi.dll]  [Network Associates, Inc, 8.0.0.277]
[PID: 972][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\EntApi.dll]  [Network Associates, Inc, 8.0.0.277]
[PID: 1036][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\EntApi.dll]  [Network Associates, Inc, 8.0.0.277]
[PID: 1096][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\EntApi.dll]  [Network Associates, Inc, 8.0.0.277]
[PID: 1272][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp.050610-1527)]
[PID: 1508][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\msdtcKey1.DLL]  [N/A, N/A]
    [C:\WINDOWS\system32\Hook.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\mmhook.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\SpecialDraw.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\EntApi.dll]  [Network Associates, Inc, 8.0.0.277]
    [D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 6.0.1.2003110300]
    [C:\PROGRA~1\FlashGet\jccatch.dll]  [FlashGet, 1, 1, 5, 0]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [C:\Program Files\Network Associates\VirusScan\shext.dll]  [Network Associates, Inc., 8.0.0.912]
    [C:\Program Files\Network Associates\VirusScan\RES04\ShExtRes.dll]  [Network Associates, Inc., 8.0.0.912]
    [C:\Program Files\Sonic\MyDVD Studio Deluxe\RecordNow!\shlext.dll]  [N/A, 7.0.0.0]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
    [C:\PROGRA~1\Kuree\kpfa.dll]  [, 1, 0, 0, 1]
[PID: 1588][C:\Program Files\Apache Group\Apache2\bin\Apache.exe]  [Apache Software Foundation, 2.0.59]
    [C:\Program Files\Apache Group\Apache2\bin\libapr.dll]  [Apache Software Foundation, 0.9.12]
    [C:\Program Files\Apache Group\Apache2\bin\libaprutil.dll]  [Apache Software Foundation, 0.9.12]
    [C:\Program Files\Apache Group\Apache2\bin\libapriconv.dll]  [Apache Software Foundation, 0.9.7]
    [C:\Program Files\Apache Group\Apache2\bin\libhttpd.dll]  [Apache Software Foundation, 2.0.59]
    [C:\Program Files\Apache Group\Apache2\modules\mod_access.so]  [Apache Software Foundation, 2.0.59]
    [C:\Program Files\Apache Group\Apache2\modules\mod_actions.so]  [Apache Software Foundation, 2.0.59]
    [C:\Program Files\Apache Group\Apache2\modules\mod_alias.so]  [Apache Software Foundation, 2.0.59]
    [C:\Program Files\Apache Group\Apache2\modules\mod_asis.so]  [Apache Software Foundation, 2.0.59]
    [C:\Program Files\Apache Group\Apache2\modules\mod_auth.so]  [Apache Software Foundation, 2.0.59]
    [C:\Program Files\Apache Group\Apache2\modules\mod_autoindex.so]  [Apache Software Foundation, 2.0.59]
    [C:\Program Files\Apache Group\Apache2\modules\mod_cgi.so]  [Apache Software Foundation, 2.0.59]
    [C:\Program Files\Apache Group\Apache2\modules\mod_dir.so]  [Apache Software Foundation, 2.0.59]
    [C:\Program Files\Apache Group\Apache2\modules\mod_env.so]  [Apache Software Foundation, 2.0.59]
    [C:\Program Files\Apache Group\Apache2\modules\mod_imap.so]  [Apache Software Foundation, 2.0.59]
    [C:\Program Files\Apache Group\Apache2\modules\mod_include.so]  [Apache Software Foundation, 2.0.59]
    [C:\Program Files\Apache Group\Apache2\modules\mod_isapi.so]  [Apache Software Foundation, 2.0.59]
    [C:\Program Files\Apache Group\Apache2\modules\mod_log_config.so]  [Apache Software Foundation, 2.0.59]
    [C:\Program Files\Apache Group\Apache2\modules\mod_mime.so]  [Apache Software Foundation, 2.0.59]
    [C:\Program Files\Apache Group\Apache2\modules\mod_negotiation.so]  [Apache Software Foundation, 2.0.59]
    [C:\Program Files\Apache Group\Apache2\modules\mod_setenvif.so]  [Apache Software Foundation, 2.0.59]
    [C:\Program Files\Apache Group\Apache2\modules\mod_userdir.so]  [Apache Software Foundation, 2.0.59]
[PID: 1616][C:\Program Files\Apache Group\Apache2\bin\Apache.exe]  [Apache Software Foundation, 2.0.59]
    [C:\Program Files\Apache Group\Apache2\bin\libapr.dll]  [Apache Software Foundation, 0.9.12]
    [C:\Program Files\Apache Group\Apache2\bin\libaprutil.dll]  [Apache Software Foundation, 0.9.12]
    [C:\Program Files\Apache Group\Apache2\bin\libapriconv.dll]  [Apache Software Foundation, 0.9.7]
    [C:\Program Files\Apache Group\Apache2\bin\libhttpd.dll]  [Apache Software Foundation, 2.0.59]
    [C:\Program Files\Apache Group\Apache2\modules\mod_access.so]  [Apache Software Foundation, 2.0.59]
    [C:\Program Files\Apache Group\Apache2\modules\mod_actions.so]  [Apache Software Foundation, 2.0.59]
    [C:\Program Files\Apache Group\Apache2\modules\mod_alias.so]  [Apache Software Foundation, 2.0.59]
    [C:\Program Files\Apache Group\Apache2\modules\mod_asis.so]  [Apache Software Foundation, 2.0.59]
    [C:\Program Files\Apache Group\Apache2\modules\mod_auth.so]  [Apache Software Foundation, 2.0.59]
    [C:\Program Files\Apache Group\Apache2\modules\mod_autoindex.so]  [Apache Software Foundation, 2.0.59]
    [C:\Program Files\Apache Group\Apache2\modules\mod_cgi.so]  [Apache Software Foundation, 2.0.59]
    [C:\Program Files\Apache Group\Apache2\modules\mod_dir.so]  [Apache Software Foundation, 2.0.59]
    [C:\Program Files\Apache Group\Apache2\modules\mod_env.so]  [Apache Software Foundation, 2.0.59]
    [C:\Program Files\Apache Group\Apache2\modules\mod_imap.so]  [Apache Software Foundation, 2.0.59]
    [C:\Program Files\Apache Group\Apache2\modules\mod_include.so]  [Apache Software Foundation, 2.0.59]
    [C:\Program Files\Apache Group\Apache2\modules\mod_isapi.so]  [Apache Software Foundation, 2.0.59]
    [C:\Program Files\Apache Group\Apache2\modules\mod_log_config.so]  [Apache Software Foundation, 2.0.59]
    [C:\Program Files\Apache Group\Apache2\modules\mod_mime.so]  [Apache Software Foundation, 2.0.59]
    [C:\Program Files\Apache Group\Apache2\modules\mod_negotiation.so]  [Apache Software Foundation, 2.0.59]
    [C:\Program Files\Apache Group\Apache2\modules\mod_setenvif.so]  [Apache Software Foundation, 2.0.59]
    [C:\Program Files\Apache Group\Apache2\modules\mod_userdir.so]  [Apache Software Foundation, 2.0.59]

[PID: 1624][C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe]  [Autodesk, Inc., 2.51.000]
[PID: 2064][C:\Program Files\Network Associates\Common Framework\FrameworkService.exe]  [Network Associates, Inc., 3.5.0.412]
    [C:\Program Files\Network Associates\Common Framework\nailog.dll]  [Network Associates, Inc., 3.5.0.474]
    [C:\Program Files\Network Associates\Common Framework\naXML.dll]  [Network Associates, Inc., 3.5.0.474]
    [C:\Program Files\Network Associates\Common Framework\naCmnLib.dll]  [Network Associates, Inc., 3.5.0.474]
    [C:\Program Files\Network Associates\Common Framework\applib.dll]  [Network Associates, Inc., 3.5.0.412]
    [C:\Program Files\Network Associates\Common Framework\0804\AgentRes.dll]  [Network Associates, Inc., 3.5.0.412]
    [C:\Program Files\Network Associates\Common Framework\Logging.dll]  [Network Associates, Inc., 3.5.0.412]
    [C:\Program Files\Network Associates\Common Framework\InternetManager.dll]  [Network Associates, Inc., 3.5.0.412]
    [C:\Program Files\Network Associates\Common Framework\naInet.dll]  [Network Associates, Inc., 3.5.0.474]
    [C:\Program Files\Network Associates\Common Framework\UserSpace.dll]  [Network Associates, Inc., 3.5.0.412]
    [C:\Program Files\Network Associates\Common Framework\SecureFrameworkFactory.dll]  [Network Associates, Inc., 3.5.0.412]
    [C:\Program Files\Network Associates\Common Framework\Management.dll]  [Network Associates, Inc., 3.5.0.412]
    [C:\Program Files\Network Associates\Common Framework\cmalib.dll]  [Network Associates, Inc., 3.5.0.412]
    [C:\Program Files\Network Associates\Common Framework\naPolicyManager.dll]  [Network Associates, Inc., 3.5.0.412]
    [C:\Program Files\Network Associates\Common Framework\ScriptSubSys.dll]  [Network Associates, Inc., 3.5.0.412]
    [C:\Program Files\Network Associates\Common Framework\UpdateSubSys.dll]  [Network Associates, Inc., 3.5.0.412]
    [C:\Program Files\Network Associates\Common Framework\Scheduler.dll]  [Network Associates, Inc., 3.5.0.412]
    [C:\Program Files\Network Associates\Common Framework\TCSubSys.dll]  [Network Associates, Inc., 3.5.0.412]
    [C:\WINDOWS\system32\EntApi.dll]  [Network Associates, Inc, 8.0.0.277]
[PID: 2100][C:\Program Files\Network Associates\VirusScan\Mcshield.exe]  [Network Associates, Inc., 8.0.0.251]
    [C:\Program Files\Network Associates\VirusScan\Res04\McShield.DLL]  [Network Associates, Inc., 8.0.0.251]
    [C:\Program Files\Network Associates\VirusScan\FTL.Dll]  [Network Associates, Inc., 8.0.0.135]
    [C:\Program Files\Network Associates\VirusScan\naiann.dll]  [Network Associates, Inc., 8.0.0.251]
    [C:\Program Files\Network Associates\VirusScan\mytilus.dll]  [Network Associates, Inc., 8.0.0.251]
    [C:\Program Files\Network Associates\Common Framework\GenEvtInf.dll]  [Network Associates, Inc., 3.5.0.412]
    [C:\Program Files\Network Associates\VirusScan\NaEventU.DLL]  [Network Associates, Inc., 8.0.0.342]
    [C:\Program Files\Network Associates\VirusScan\Res04\naEvtRes.dll]  [Network Associates, Inc., 8.0.0.342]
    [C:\Program Files\Network Associates\VirusScan\VSIDSvr.dll]  [Network Associates, Inc., 8.0.0.251]
    [C:\Program Files\Common Files\Network Associates\Engine\MCSCAN32.DLL]  [McAfee, Inc., 5.1.00]
    [C:\Program Files\Network Associates\Common Framework\SecureFrameworkFactory.dll]  [Network Associates, Inc., 3.5.0.412]
    [C:\Program Files\Network Associates\VirusScan\EntSrv.Dll]  [Network Associates, Inc, 8.0.0.277]
[PID: 2104][C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe]  [Network Associates, Inc., 3.5.0.412]
    [C:\PROGRA~1\NETWOR~1\COMMON~1\nailog.dll]  [Network Associates, Inc., 3.5.0.474]
    [C:\PROGRA~1\NETWOR~1\COMMON~1\naCmnLib.dll]  [Network Associates, Inc., 3.5.0.474]
    [C:\PROGRA~1\NETWOR~1\COMMON~1\naXML.dll]  [Network Associates, Inc., 3.5.0.474]
    [C:\PROGRA~1\NETWOR~1\COMMON~1\0804\AgentRes.dll]  [Network Associates, Inc., 3.5.0.412]
    [C:\Program Files\Network Associates\VirusScan\VsPlugin.dll]  [Network Associates, Inc., 8.0.0.912]
    [C:\WINDOWS\system32\EntApi.dll]  [Network Associates, Inc, 8.0.0.277]
[PID: 2144][C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe]  [Network Associates, Inc., 8.0.0.912]
    [C:\Program Files\Network Associates\VirusScan\SHUTIL.dll]  [Network Associates, Inc., 8.0.0.912]
    [C:\Program Files\Network Associates\VirusScan\naiwmain.dll]  [Network Associates, Inc., 8.0.0.912]
    [C:\Program Files\Network Associates\VirusScan\naicondl.dll]  [Network Associates, Inc., 8.0.0.912]
    [C:\Program Files\Network Associates\VirusScan\RES04\VsTskMgr.dll]  [Network Associates, Inc., 8.0.0.912]
    [C:\Program Files\Network Associates\VirusScan\MIDUtil.Dll]  [McAfee, Inc., 8.0.0.152]
    [C:\Program Files\Network Associates\VirusScan\BBCpl.dll]  [Network Associates, Inc., 8.0.0.912]
    [C:\Program Files\Network Associates\VirusScan\coptcpl.dll]  [Network Associates, Inc., 8.0.0.912]
    [C:\Program Files\Network Associates\VirusScan\EmCfgCpl.dll]  [Network Associates, Inc., 8.0.0.912]
    [C:\Program Files\Network Associates\VirusScan\RES04\SEmalRes.dll]  [Network Associates, Inc., 8.0.0.912]
    [C:\Program Files\Network Associates\VirusScan\RES04\Product.dll]  [Network Associates, Inc., 8.0.0.912]
    [C:\Program Files\Network Associates\VirusScan\nvpcpl.dll]  [Network Associates, Inc., 8.0.0.912]
    [C:\Program Files\Network Associates\VirusScan\ftcfg.dll]  [Network Associates, Inc., 8.0.0.912]
    [C:\Program Files\Network Associates\VirusScan\mytilus.dll]  [Network Associates, Inc., 8.0.0.251]
    [C:\Program Files\Network Associates\VirusScan\Res04\McShield.dll]  [Network Associates, Inc., 8.0.0.251]
    [C:\Program Files\Network Associates\VirusScan\OASCpl.dll]  [Network Associates, Inc., 8.0.0.912]
    [C:\Program Files\Network Associates\VirusScan\vsodscpl.dll]  [Network Associates, Inc., 8.0.0.912]
    [C:\Program Files\Network Associates\VirusScan\ftl.dll]  [Network Associates, Inc., 8.0.0.135]
    [C:\Program Files\Network Associates\VirusScan\vsupdcpl.dll]  [Network Associates, Inc., 8.0.0.912]
[PID: 2192][C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE]  [Microsoft Corporation, 7.00.9466]
    [C:\WINDOWS\msdtcKey1.DLL]  [N/A, N/A]
[PID: 2560][C:\WINDOWS\SOUNDMAN.EXE]  [Realtek Semiconductor Corp., 5, 1, 0, 51]
    [C:\WINDOWS\msdtcKey1.DLL]  [N/A, N/A]
    [C:\WINDOWS\system32\Hook.dll]  [N/A, N/A]

[PID: 2684][C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe]  [Network Associates, Inc., 3.5.0.412]
    [C:\Program Files\Network Associates\Common Framework\nailog.dll]  [Network Associates, Inc., 3.5.0.474]
    [C:\Program Files\Network Associates\Common Framework\naCmnLib.dll]  [Network Associates, Inc., 3.5.0.474]
    [C:\Program Files\Network Associates\Common Framework\naXML.dll]  [Network Associates, Inc., 3.5.0.474]
    [C:\Program Files\Network Associates\Common Framework\0804\UpdRes.dll]  [Network Associates, Inc., 3.5.0.412]
    [C:\Program Files\Network Associates\Common Framework\0804\AgentRes.dll]  [Network Associates, Inc., 3.5.0.412]
    [C:\Program Files\Network Associates\Common Framework\SecureFrameworkFactory.dll]  [Network Associates, Inc., 3.5.0.412]
    [C:\WINDOWS\msdtcKey1.DLL]  [N/A, N/A]
    [C:\WINDOWS\system32\Hook.dll]  [N/A, N/A]
[PID: 2720][C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe]  [Network Associates, Inc., 2.0.275.0]
    [C:\WINDOWS\msdtcKey1.DLL]  [N/A, N/A]
    [C:\WINDOWS\system32\Hook.dll]  [N/A, N/A]
[PID: 2760][C:\PROGRA~1\Kuree\kpupdate.exe]  [N/A, N/A]
    [C:\WINDOWS\msdtcKey1.DLL]  [N/A, N/A]
    [C:\WINDOWS\system32\Hook.dll]  [N/A, N/A]
[PID: 2768][C:\Program Files\DAEMON Tools\daemon.exe]  [DT Soft Ltd., 4.03.0.0]
    [C:\Program Files\DAEMON Tools\daemon.dll]  [DT Soft Ltd., 4.03.0.0]
    [C:\Program Files\DAEMON Tools\PFCTOC.DLL]  [Padus(R), Inc., 1, 0, 0, 12]
    [C:\Program Files\DAEMON Tools\Plugins\Images\bw5mount.dll]  [N/A, 1.0.6.0]
    [C:\Program Files\DAEMON Tools\Plugins\Images\ccdmount.dll]  [GENERIC, 1.10.0.0]
    [C:\Program Files\DAEMON Tools\Plugins\Images\mdsmount.dll]  [GENERIC, 1.12.0.0]
    [C:\Program Files\DAEMON Tools\Plugins\Images\nrgmount.dll]  [GENERIC, 1.11.0.0]
    [C:\Program Files\DAEMON Tools\Plugins\Images\pdimount.dll]  [GENERIC, 1.01.0.0]
    [C:\WINDOWS\msdtcKey1.DLL]  [N/A, N/A]
    [C:\WINDOWS\system32\Hook.dll]  [N/A, N/A]
[PID: 2788][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.0.3536]
    [C:\WINDOWS\msdtcKey1.DLL]  [N/A, N/A]
    [C:\WINDOWS\system32\Hook.dll]  [N/A, N/A]
[PID: 2804][C:\WINDOWS\system32\dla\tfswctrl.exe]  [Sonic Solutions, 1.04.07b]
    [C:\WINDOWS\system32\tfswapi.dll]  [Sonic Solutions, 1.04.07b]
    [C:\WINDOWS\system32\dla\tfswcres.dll]  [Sonic Solutions, 1.04.07b]
    [C:\WINDOWS\msdtcKey1.DLL]  [N/A, N/A]
    [C:\WINDOWS\system32\Hook.dll]  [N/A, N/A]
[PID: 2968][C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe]  [InstallShield Software Corporation, 3, 10, 100, 1155]
    [C:\WINDOWS\system32\Hook.dll]  [N/A, N/A]
[PID: 3060][D:\Program Files\Caiping.com.cn\MM Player\MMPlayer.exe]  [N/A, 2, 0, 0, 0]
    [C:\WINDOWS\system32\mmhook.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\SpecialDraw.dll]  [N/A, N/A]
    [C:\WINDOWS\msdtcKey1.DLL]  [N/A, N/A]
    [d:\Program Files\Caiping.com.cn\MM Player\appsetup.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\Hook.dll]  [N/A, N/A]
    [C:\PROGRA~1\Kuree\Codec\ffdshow.ax]  [N/A, 1.0.2.1997]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
    [C:\PROGRA~1\Kuree\Codec\VSFilter.dll]  [Gabest, 1, 0, 1, 3]
    [C:\PROGRA~1\Kuree\Codec\empgdmx.ax]  [Elecard Ltd., 1, 0, 19, 51017]
    [C:\PROGRA~1\Kuree\Codec\libavcodec.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\ac3filter.cpl]  [, 0.68b]
    [C:\WINDOWS\system32\l3codecx.ax]  [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0311]
    [C:\PROGRA~1\Kuree\Codec\libmplayer.dll]  [N/A, N/A]
[PID: 3092][C:\WINDOWS\system32\GAdServer.exe]  [N/A, N/A]
    [C:\DOCUME~1\wcg\LOCALS~1\Temp\E_4\krnln.fnr]  [, 1, 0, 0, 1]
    [C:\WINDOWS\msdtcKey1.DLL]  [N/A, N/A]
    [C:\WINDOWS\system32\Hook.dll]  [N/A, N/A]
    [C:\DOCUME~1\wcg\LOCALS~1\Temp\E_4\shell.fne]  [N/A, N/A]
[PID: 3124][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\msdtcKey1.DLL]  [N/A, N/A]
    [C:\WINDOWS\system32\Hook.dll]  [N/A, N/A]
[PID: 3168][C:\Program Files\eMule\emule.exe]  [http://www.emule.org.cn, 0.47.0]
    [C:\Program Files\eMule\pthreadVC.dll]  [Open Source Software community project, 1, 0, 0, 0]
    [C:\WINDOWS\msdtcKey1.DLL]  [N/A, N/A]
    [C:\Program Files\eMule\lang\zh_CN.dll]  [http://www.emule-project.net, 0.47.0]
    [C:\WINDOWS\system32\Hook.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\Macromed\Flash\Flash8.ocx]  [Macromedia, Inc., 8,0,22,0]
[PID: 3264][C:\Program Files\Apache Group\Apache2\bin\ApacheMonitor.exe]  [Apache Software Foundation, 2.0.59]
    [C:\WINDOWS\msdtcKey1.DLL]  [N/A, N/A]
    [C:\WINDOWS\system32\Hook.dll]  [N/A, N/A]
[PID: 2544][C:\WINDOWS\system32\WISPTIS.EXE]  [Microsoft Corporation, 1.0.2201.0 (xpsp1.020820-1800)]
    [C:\WINDOWS\msdtcKey1.DLL]  [N/A, N/A]
    [C:\WINDOWS\system32\Hook.dll]  [N/A, N/A]
[PID: 1568][C:\WINDOWS\system32\SNDVOL32.EXE]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\msdtcKey1.DLL]  [N/A, N/A]
    [C:\WINDOWS\system32\Hook.dll]  [N/A, N/A]
[PID: 5616][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\msdtcKey1.DLL]  [N/A, N/A]
    [C:\WINDOWS\system32\Hook.dll]  [N/A, N/A]

[PID: 5604][C:\WINDOWS\system32\RpcS.exe]  [Microsoft Corporation, 5.2.3790.1830]
[PID: 4104][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\EntApi.dll]  [Network Associates, Inc, 8.0.0.277]
    [C:\WINDOWS\msdtcKey1.DLL]  [N/A, N/A]
    [D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 6.0.1.2003110300]
    [C:\PROGRA~1\FlashGet\jccatch.dll]  [FlashGet, 1, 1, 5, 0]
    [C:\PROGRA~1\FlashGet\getflash.dll]  [N/A, 1, 0, 0, 1]
    [C:\WINDOWS\system32\RpcS.dll]  [N/A, N/A]
[PID: 5380][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2868][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 5436][C:\Program Files\Logonui\Logonui.exe]  [N/A, N/A]
[PID: 3532][C:\WINDOWS\system32\rdpclip.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\msdtcKey1.DLL]  [N/A, N/A]
    [C:\WINDOWS\system32\Hook.dll]  [N/A, N/A]
[PID: 3676][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, N/A]
    [C:\WINDOWS\msdtcKey1.DLL]  [N/A, N/A]
    [C:\WINDOWS\system32\Hook.dll]  [N/A, N/A]
[PID: 5256][C:\DOCUME~1\wcg\LOCALS~1\Temp\Rar$EX00.031\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
    [C:\WINDOWS\msdtcKey1.DLL]  [N/A, N/A]
    [C:\WINDOWS\system32\Hook.dll]  [N/A, N/A]
    [C:\DOCUME~1\wcg\LOCALS~1\Temp\Rar$EX00.031\SREng\Plugins\SRECXTMG.SRE]  [Smallfrogs Studio, 1, 5, 0, 55]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================