2006-10-03,07:29:26

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 1 (Build 2600)
- Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
    All Boot Items (Including Registry, Startup Folders, Services and so on)
    Browser Add-ons
    Runing Processes (Including process model information)
    File Associations
    Winsock Provider
    Autorun.Inf
    HOSTS File


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" /background>  [Microsoft Corporation]
    <ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <QuickTime Task><"C:\Program Files\QuickTime\qttask.exe" -atboottime>  [Apple Computer, Inc.]
    <vptray><C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe>  [Symantec Corporation]
    <IgfxTray><C:\WINDOWS\System32\igfxtray.exe>  [(Verified)Intel Corporation]
    <HotKeysCmds><C:\WINDOWS\System32\hkcmd.exe>  [(Verified)Intel Corporation]
    <Persistence><C:\WINDOWS\System32\igfxpers.exe>  [(Verified)Intel Corporation]
    <SoundMAXPnP><C:\Program Files\Analog Devices\Core\smax4pnp.exe>  [(Verified)Analog Devices, Inc.]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <MSPY2002><C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC>  [(Verified)N/A]
    <PHIME2002ASync><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <spoolsv><C:\WINDOWS\System32\spoolsv\spoolsv.exe -printer>  [广州傲讯信息科技有限公司]
    <Desktop><C:\WINDOWS\System32\rundll32.exe "C:\Program Files\DeskAdTop\Run.dll" ,Rundll>  [N/A]
    <CSCAdvantage><"C:\Program Files\Help Desk\CSCAdv.exe" /s>  [N/A]
    <CSCLogonInfo><C:\WINDOWS\UsrLogon.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    <WinlogonNotify: igfxcui><igfxdev.dll>  [(Verified)Intel Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
    <WinlogonNotify: NavLogon><C:\WINDOWS\System32\NavLogon.dll>  [N/A]

==================================
Startup Folders
[Adobe Reader Speed Launch]
  <D:\Profiles\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk --> C:\PROGRA~1\Adobe\Reader\READER~1.EXE [Adobe Systems Incorporated]><N>
[金山词霸 2002 共享版]
  <D:\Profiles\All Users\Start Menu\Programs\Startup\金山词霸 2002 共享版.lnk --> D:\Profiles\qch7028.DS\NEWFOL~1\XDICT.EXE [Kingsoft Co, Ltd.]><N>

==================================
Services
[ASP.NET State Service / aspnet_state]
  <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[BlackICE / BlackICE]
  <"C:\Program Files\ISS\DesktopProtection\blackd.exe"><Internet Security Systems, Inc.>
[DefWatch / DefWatch]
  <C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe><Symantec Corporation>
[DameWare NT Utilities 2.6 / DNTUS26]
  <C:\WINDOWS\SYSTEM32\DNTUS26.EXE><DameWare Development LLC>
[Hummingbird Inetd / HCLInetd]
  <C:\WINDOWS\System32\Hummbird\inetd32.exe><Hummingbird Communications Ltd.>
[Symantec AntiVirus Client / Norton AntiVirus Server]
  <C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe><Symantec Corporation>
[P4P Service / P4P Service]
  <C:\Program Files\Common Files\Sogou PXP\p2psvr.exe><Sohu.com Inc.>
[RapApp / RapApp]
  <"C:\Program Files\ISS\DesktopProtection\RapApp.exe"><Internet Security Systems, Inc.>

==================================
Drivers
[abp480n5 / abp480n5]
  <\SystemRoot\System32\DRIVERS\ABP480N5.SYS><Microsoft Corporation>
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc]
  <system32\drivers\ac97intc.sys><Intel Corporation>
[adpu160m / adpu160m]
  <\SystemRoot\System32\DRIVERS\adpu160m.sys><Microsoft Corporation>
[Aha154x / Aha154x]
  <\SystemRoot\System32\DRIVERS\aha154x.sys><Microsoft Corporation>
[aic78u2 / aic78u2]
  <\SystemRoot\System32\DRIVERS\aic78u2.sys><Microsoft Corporation>
[aic78xx / aic78xx]
  <\SystemRoot\System32\DRIVERS\aic78xx.sys><Microsoft Corporation>
[AliIde / AliIde]
  <\SystemRoot\System32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AMD AGP Bus Filter Driver / amdagp]
  <\SystemRoot\System32\DRIVERS\amdagp.sys><Advanced Micro Devices, Inc.>
[asc / asc]
  <\SystemRoot\System32\DRIVERS\asc.sys><Advanced System Products, Inc.>
[asc3350p / asc3350p]
  <\SystemRoot\System32\DRIVERS\asc3350p.sys><Microsoft Corporation>
[asc3550 / asc3550]
  <\SystemRoot\System32\DRIVERS\asc3550.sys><Advanced System Products, Inc.>
[Broadcom NetXtreme 57xx Gigabit Controller / b57w2k]
  <System32\DRIVERS\b57xp32.sys><Broadcom Corporation>
[black / black]
  <System32\drivers\BlackDrv.sys><Internet Security Systems, Inc.>
[cd20xrnt / cd20xrnt]
  <\SystemRoot\System32\DRIVERS\cd20xrnt.sys><Microsoft Corporation>
[CmdIde / CmdIde]
  <\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[dac2w2k / dac2w2k]
  <\SystemRoot\System32\DRIVERS\dac2w2k.sys><Mylex Corporation>
[dpti2o / dpti2o]
  <\SystemRoot\System32\DRIVERS\dpti2o.sys><Microsoft Corporation>
[3Com EtherLink XL 90XB/C Adapter Driver / EL90XBC]
  <System32\DRIVERS\el90xbc5.sys><3Com Corporation>
[i81x / i81x]
  <System32\DRIVERS\i81xnt5.sys><Intel Corporation>
[iAimFP0 / iAimFP0]
  <System32\DRIVERS\wADV01nt.sys><Intel Corporation>
[iAimFP1 / iAimFP1]
  <System32\DRIVERS\wADV02NT.sys><Intel Corporation>
[iAimFP2 / iAimFP2]
  <System32\DRIVERS\wADV05NT.sys><Intel Corporation>
[iAimFP3 / iAimFP3]
  <System32\DRIVERS\wSiINTxx.sys><Intel Corporation>
[iAimFP4 / iAimFP4]
  <System32\DRIVERS\wVchNTxx.sys><Intel Corporation>
[iAimTV0 / iAimTV0]
  <System32\DRIVERS\wATV01nt.sys><Intel Corporation>
[iAimTV1 / iAimTV1]
  <System32\DRIVERS\wATV02NT.sys><Intel Corporation>
[iAimTV2 / iAimTV2]
  <System32\DRIVERS\wATV03nt.sys><Intel Corporation>
[iAimTV3 / iAimTV3]
  <System32\DRIVERS\wATV04nt.sys><Intel Corporation>
[iAimTV4 / iAimTV4]
  <System32\DRIVERS\wCh7xxNT.sys><Intel Corporation>
[ialm / ialm]
  <System32\DRIVERS\ialmnt5.sys><Intel Corporation>
[ini910u / ini910u]
  <\SystemRoot\System32\DRIVERS\ini910u.sys><Microsoft Corporation>
[mraid35x / mraid35x]
  <\SystemRoot\System32\DRIVERS\mraid35x.sys><American Megatrends Inc.>
[NAVAP / NAVAP]
  <\??\C:\PROGRA~1\SYMANT~1\SYMANT~1\NAVAP.sys><Symantec Corporation>
[NAVAPEL / NAVAPEL]
  <\??\C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NAVAPEL.SYS><Symantec Corporation>
[NAVENG / NAVENG]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20061002.018\NAVENG.sys><Symantec Corporation>
[NAVEX15 / NAVEX15]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20061002.018\NAVEX15.sys><Symantec Corporation>
[npkcrypt / npkcrypt]
  <\??\C:\WINDOWS\System32\qqedit\npkcrypt.sys><INCA Internet Co., Ltd.>
[npkcusb / npkcusb]
  <\??\C:\WINDOWS\System32\qqedit\npkcusb.sys><INCA Internet Co., Ltd.>
[Direct Parallel Link Driver / Ptilink]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[ql1080 / ql1080]
  <\SystemRoot\System32\DRIVERS\ql1080.sys><QLogic Corporation>
[Ql10wnt / Ql10wnt]
  <\SystemRoot\System32\DRIVERS\ql10wnt.sys><Microsoft Corporation>
[ql12160 / ql12160]
  <\SystemRoot\System32\DRIVERS\ql12160.sys><QLogic Corporation>
[ql1280 / ql1280]
  <\SystemRoot\System32\DRIVERS\ql1280.sys><QLogic Corporation>
[RapFile / RapFile]
  <\??\C:\WINDOWS\System32\drivers\RapFile.sys><Internet Security Systems, Inc.>
[RapNet / RapNet]
  <\??\C:\WINDOWS\System32\drivers\RapNet.sys><Internet Security Systems, Inc.>
[Secdrv / Secdrv]
  <System32\DRIVERS\secdrv.sys><N/A>
[senfilt / senfilt]
  <system32\drivers\senfilt.sys><Creative Technology Ltd.>
[SIS AGP Bus Filter / sisagp]
  <\SystemRoot\System32\DRIVERS\sisagp.sys><Silicon Integrated Systems Corporation>
[smwdm / smwdm]
  <system32\drivers\smwdm.sys><Analog Devices, Inc.>
[Sparrow / Sparrow]
  <\SystemRoot\System32\DRIVERS\sparrow.sys><Adaptec, Inc.>
[symc810 / symc810]
  <\SystemRoot\System32\DRIVERS\symc810.sys><Symbios Logic Inc.>
[symc8xx / symc8xx]
  <\SystemRoot\System32\DRIVERS\symc8xx.sys><LSI Logic>
[SymEvent / SymEvent]
  <\??\C:\Program Files\Symantec\SYMEVENT.SYS><Symantec Corporation>
[Symmpi / Symmpi]
  <\SystemRoot\System32\DRIVERS\symmpi.sys><LSI Logic>
[sym_hi / sym_hi]
  <\SystemRoot\System32\DRIVERS\sym_hi.sys><LSI Logic>
[sym_u3 / sym_u3]
  <\SystemRoot\System32\DRIVERS\sym_u3.sys><LSI Logic>
[TosIde / TosIde]
  <\SystemRoot\System32\DRIVERS\toside.sys><Microsoft Corporation>
[ultra / ultra]
  <\SystemRoot\System32\DRIVERS\ultra.sys><Promise Technology, Inc.>

==================================
Browser Add-ons
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[MonitorURL Class]
  {08A312BB-5409-49FC-9347-54BB7D069AC6} <C:\PROGRA~1\DESKAD~1\deskipn.dll, >
[wmpdrm]
  {0E674588-66B7-4E19-9D0E-2053B800F69F} <C:\WINDOWS\System32\wmpdrm.dll, Allsum Info. Tech. Ltd.>
[]
  {E730189A-9973-4121-B046-AD1C161EC3AF} <C:\WINDOWS\system32\37211.dll, 3721公司<推荐使用>>
[&Research]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\MSMSGS.EXE, Microsoft Corporation>
[&Radio]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, N/A>
[MMCPlayer Class]
  {05C1004E-2596-48E5-8E26-39362985EEB9} <C:\WINDOWS\Downloaded Program Files\MMCShell.dll, Sohu.com Inc.>
[iTrusPTA Class]
  {1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\System32\aliedit\pta.dll, >
[金山毒霸在线产品升级]
  {52DF16E3-6C4F-4B22-8BAF-09263E463B48} <C:\WINDOWS\System32\kingsoft\KOS\KOSInit.ocx, 金山软件股份有限公司>
[Oracle JInitiator 1.1.8.18]
  {5e2a3510-4371-11d6-b64c-00c04faedb18} <C:\Program Files\Oracle\JInitiator 1.1.8.19\bin\beans.ocx, Oracle Corporation>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\System32\wuweb.dll, Microsoft Corporation>
[Oracle JInitiator 1.1.8.16]
  {9b935470-ad4a-11d5-b63e-00c04faedb18} <C:\Program Files\Oracle\JInitiator 1.1.8.16\bin\beans.ocx, Oracle Corporation>
[Java Plug-in 1.3.1_02]
  {CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA} <C:\Program Files\JavaSoft\JRE\1.3.1_02\bin\npjava131_02.dll, JavaSoft / Sun Microsystems, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[CPasswordEditCtrl Object]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\System32\qqedit\qqedit.dll, 腾讯科技（深圳）有限公司>
[E&xport to Microsoft Excel]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>

==================================
Running Processes
[PID: 312][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 420][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 444][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.1557 (xpsp2_gdr.040517-1325)]
    [C:\WINDOWS\System32\msplus.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\System32\WINABCX.IME]  [PKUETI, 5.22.216]
    [C:\WINDOWS\System32\NavLogon.dll]  [N/A, N/A]
[PID: 488][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\msplus.dll]  [, 1, 0, 0, 1]
[PID: 500][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\System32\msplus.dll]  [, 1, 0, 0, 1]
[PID: 676][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\msplus.dll]  [, 1, 0, 0, 1]
[PID: 744][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\msplus.dll]  [, 1, 0, 0, 1]
[PID: 904][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 932][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\msplus.dll]  [, 1, 0, 0, 1]
[PID: 1036][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.1699 (xpsp2.050610-1533)]
    [C:\WINDOWS\system32\Hummbird\hcllpr.dll]  [Hummingbird Communications Ltd., 6.1.0.0]
    [C:\WINDOWS\system32\Hummbird\hcllpr.nls]  [Hummingbird Communications Ltd., 6.1.0.0]
[PID: 1176][C:\Program Files\ISS\DesktopProtection\blackd.exe]  [Internet Security Systems, Inc., 7.0.322]
    [C:\Program Files\ISS\DesktopProtection\FileSec.dll]  [Internet Security Systems, Inc., 7.0.319]
    [C:\Program Files\ISS\DesktopProtection\AC_Base.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\blackdll.dll]  [Internet Security Systems, Inc., 7.0.321]
    [C:\Program Files\ISS\DesktopProtection\iss-pam1.dll]  [Internet Security Systems, 1.10.106.269]
    [C:\Program Files\ISS\DesktopProtection\RapAd.dll]  [Internet Security Systems, Inc., 7.0.05.0]
    [C:\Program Files\ISS\DesktopProtection\VpnICE.dll]  [Internet Security Systems, Inc., 7.0.320]
    [C:\WINDOWS\System32\msplus.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\ISS\DesktopProtection\Comply\AC_McAfee.dll]  [Internet Security Systems, Inc., 7.0.320]
    [C:\Program Files\ISS\DesktopProtection\Comply\AC_Norton.dll]  [Internet Security Systems, Inc., 7.0.320]
[PID: 1196][C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe]  [Symantec Corporation, 8.1.1.323]
[PID: 1220][C:\WINDOWS\SYSTEM32\DNTUS26.EXE]  [DameWare Development LLC, 4, 1, 0, 0]
[PID: 1240][C:\WINDOWS\System32\Hummbird\inetd32.exe]  [Hummingbird Communications Ltd., 6.1.0.0]
    [C:\WINDOWS\System32\HCLNLS.dll]  [Hummingbird Communications Ltd., 6.1.0.0]
    [C:\WINDOWS\System32\Hummbird\HCINETD.NLS]  [N/A, N/A]
[PID: 1268][C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe]  [Symantec Corporation, 8.1.1.323]
    [C:\WINDOWS\System32\CBA.DLL]  [Intel? Corporation, 6.12.0.112 E]
    [C:\WINDOWS\System32\MsgSys.dll]  [Intel? Corporation, 6.12.0.112 E]
    [C:\WINDOWS\System32\NTS.dll]  [Intel? Corporation, 6.12.0.112 E]
    [C:\WINDOWS\System32\PDS.DLL]  [Intel? Corporation, 6.12.0.112 E]
    [C:\PROGRA~1\SYMANT~1\SYMANT~1\NAVLU.dll]  [Symantec Corporation, 8.1.1.323]
    [C:\PROGRA~1\SYMANT~1\SYMANT~1\NAVNTUTL.DLL]  [Symantec Corporation, 8.1.1.323]
    [C:\PROGRA~1\SYMANT~1\SYMANT~1\i2ldvp3.dll]  [Symantec Corporation, 8.1.1.323]
    [C:\PROGRA~1\SYMANT~1\SYMANT~1\NAVAPI32.DLL]  [Symantec Corp., 4.2.0.7]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NotesExt.dll]  [Symantec Corporation, 8.1.1.323]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\vpmsece.dll]  [Symantec Corporation, 8.1.1.323]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20061002.018\NAVEX32a.DLL]  [Symantec Corporation, 20061.2.0.26]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20061002.018\NAVENG32.DLL]  [Symantec Corporation, 20061.2.0.26]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NAVAP32.DLL]  [Symantec Corporation, 9.1.1.0]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DecSDK.dll]  [Symantec Corporation, 3.02.10.03]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Dec2.dll]  [Symantec Corporation, 3.02.10.03]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Dec2ZIP.dll]  [Symantec Corporation, 3.02.10.03]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\SSC\Scandlgs.dll]  [Symantec Corporation, 8.1.1.323]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Dec2ID.dll]  [Symantec Corporation, 3.02.10.03]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Dec2UUE.dll]  [Symantec Corporation, 3.02.10.03]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Dec2AMG.dll]  [Symantec Corporation, 3.02.10.03]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Dec2ARJ.dll]  [Symantec Corporation, 3.02.10.03]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Dec2CAB.dll]  [Symantec Corporation, 3.02.10.03]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Dec2GZIP.dll]  [Symantec Corporation, 3.02.10.03]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Dec2HQX.dll]  [Symantec Corporation, 3.02.10.03]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Dec2LHA.dll]  [Symantec Corporation, 3.02.10.03]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Dec2LZ.dll]  [Symantec Corporation, 3.02.10.03]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Dec2MIME.dll]  [Symantec Corporation, 3.02.10.03]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Dec2SS.dll]  [Symantec Corporation, 3.02.10.03]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Dec2RTF.dll]  [Symantec Corporation, 3.02.10.03]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Dec2TAR.dll]  [Symantec Corporation, 3.02.10.03]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Dec2TNEF.dll]  [Symantec Corporation, 3.02.10.03]
[PID: 1344][C:\Program Files\Common Files\Sogou PXP\p2psvr.exe]  [Sohu.com Inc., 2, 0, 0, 23]
    [C:\WINDOWS\System32\msplus.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Sogou PXP\vodsvr.dll]  [Sohu.com Inc., 2, 0, 0, 15]
    [C:\Program Files\Sogou PXP\pxpnet.dll]  [Sohu.com Inc., 1, 0, 0, 2]
    [C:\Program Files\Sogou PXP\p2pclient.dll]  [Sohu.com Inc., 1, 0, 0, 2]
    [C:\Program Files\Sogou PXP\PluginClient.dll]  [Sohu.com Inc., 1, 0, 0, 26]
[PID: 1392][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]

[PID: 1492][C:\WINDOWS\System32\CCM\CLICOMP\RemCtrl\Wuser32.exe]  [Microsoft Corporation, 2.50.4160.2000]
    [C:\WINDOWS\System32\msplus.dll]  [, 1, 0, 0, 1]
[PID: 1612][C:\WINDOWS\System32\CCM\CcmExec.exe]  [Microsoft Corporation, 2.50.4160.2000 built by: SMS]
    [C:\WINDOWS\System32\msplus.dll]  [, 1, 0, 0, 1]
[PID: 652][C:\WINDOWS\System32\wbem\wmiprvse.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 896][C:\WINDOWS\System32\wbem\wmiprvse.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 1752][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\System32\WINABCX.IME]  [PKUETI, 5.22.216]
    [C:\WINDOWS\System32\msicn\msibm.dll]  [广州傲讯信息科技有限公司, 2, 0, 0, 1]
    [C:\WINDOWS\System32\msicn\plugins\as.dll]  [广州傲讯信息科技有限公司, 2, 0, 0, 1]
    [C:\WINDOWS\System32\msicn\plugins\bm.dll]  [广州傲讯信息科技有限公司, 2, 0, 0, 1]
    [C:\WINDOWS\System32\msicn\plugins\bse.dll]  [广州傲讯信息科技有限公司, 2, 0, 0, 1]
    [C:\WINDOWS\System32\msicn\plugins\lup.dll]  [广州傲讯信息科技有限公司, 2, 0, 0, 1]
    [D:\Profiles\qch7028.DS\New Folder\Cjktl32.dll]  [N/A, N/A]
    [C:\Program Files\Adobe\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.5.2005092300]
    [C:\WINDOWS\system32\37211.dll]  [3721公司<推荐使用>, 1.0.0.0]
    [C:\Program Files\Exceed.nt\HESHELL.DLL]  [Hummingbird Communications Ltd., Version: 6.2.0.0]
    [C:\PROGRA~1\WINZIP\WZSHLSTB.DLL]  [WinZip Computing, Inc., 4.1 (32-bit)]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [C:\Program Files\Adobe\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
[PID: 1436][C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe]  [Symantec Corporation, 8.1.1.323]
    [C:\WINDOWS\System32\WINABCX.IME]  [PKUETI, 5.22.216]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Cliproxy.dll]  [Symantec Corporation, 8.1.1.323]
    [C:\PROGRA~1\SYMANT~1\SYMANT~1\NAVNTUTL.DLL]  [Symantec Corporation, 8.1.1.323]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Cliscan.dll]  [Symantec Corporation, 8.1.1.323]
    [D:\Profiles\qch7028.DS\New Folder\Cjktl32.dll]  [N/A, N/A]
[PID: 720][C:\WINDOWS\System32\conime.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\System32\WINABCX.IME]  [PKUETI, 5.22.216]
    [C:\WINDOWS\System32\msicn\msibm.dll]  [广州傲讯信息科技有限公司, 2, 0, 0, 1]
    [D:\Profiles\qch7028.DS\New Folder\Cjktl32.dll]  [N/A, N/A]
[PID: 572][C:\WINDOWS\System32\hkcmd.exe]  [Intel Corporation, 3.0.0.4299]
    [C:\WINDOWS\System32\hccutils.DLL]  [Intel Corporation, 3.0.0.4299]
    [C:\WINDOWS\System32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.4299]
    [C:\WINDOWS\System32\WINABCX.IME]  [PKUETI, 5.22.216]
    [D:\Profiles\qch7028.DS\New Folder\Cjktl32.dll]  [N/A, N/A]
[PID: 840][C:\WINDOWS\System32\igfxpers.exe]  [Intel Corporation, 3.0.0.4299]
    [C:\WINDOWS\System32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.4299]
    [C:\WINDOWS\System32\WINABCX.IME]  [PKUETI, 5.22.216]
    [D:\Profiles\qch7028.DS\New Folder\Cjktl32.dll]  [N/A, N/A]
[PID: 1320][C:\Program Files\Analog Devices\Core\smax4pnp.exe]  [Analog Devices, Inc., 5, 2, 0, 5]
    [C:\Program Files\Analog Devices\Core\SMWDMIF.dll]  [Analog Devices, Inc., 5, 2, 3, 000]
    [C:\WINDOWS\System32\EDCrypt.DLL]  [Analog Devices Incorporated, 1.0.0.8]
    [C:\WINDOWS\System32\WINABCX.IME]  [PKUETI, 5.22.216]
    [D:\Profiles\qch7028.DS\New Folder\Cjktl32.dll]  [N/A, N/A]
[PID: 2120][C:\WINDOWS\System32\rundll32.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\DeskAdTop\Run.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\System32\WINABCX.IME]  [PKUETI, 5.22.216]
    [D:\Profiles\qch7028.DS\New Folder\Cjktl32.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\msplus.dll]  [, 1, 0, 0, 1]
[PID: 2160][C:\Program Files\Messenger\msmsgs.exe]  [Microsoft Corporation, 4.6.0079]
    [C:\WINDOWS\System32\WINABCX.IME]  [PKUETI, 5.22.216]
    [C:\WINDOWS\System32\msplus.dll]  [, 1, 0, 0, 1]
    [D:\Profiles\qch7028.DS\New Folder\Cjktl32.dll]  [N/A, N/A]
[PID: 2196][C:\WINDOWS\System32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\System32\WINABCX.IME]  [PKUETI, 5.22.216]
    [C:\WINDOWS\System32\msicn\msibm.dll]  [广州傲讯信息科技有限公司, 2, 0, 0, 1]
    [C:\WINDOWS\System32\msplus.dll]  [, 1, 0, 0, 1]
    [D:\Profiles\qch7028.DS\New Folder\Cjktl32.dll]  [N/A, N/A]
[PID: 2384][D:\Profiles\qch7028.DS\New Folder\XDICT.EXE]  [Kingsoft Co, Ltd., 5, 5, 0, 0]
    [D:\Profiles\qch7028.DS\New Folder\IHooks.dll]  [N/A, N/A]
    [D:\Profiles\qch7028.DS\New Folder\ITextOut.dll]  [N/A, N/A]
    [D:\Profiles\qch7028.DS\New Folder\CJKTAB32.dll]  [N/A, N/A]
    [D:\Profiles\qch7028.DS\New Folder\XImage32.dll]  [N/A, N/A]
    [D:\Profiles\qch7028.DS\New Folder\NewWord.dll]  [N/A, N/A]
    [D:\Profiles\qch7028.DS\New Folder\xfile.dll]  [N/A, N/A]
    [D:\Profiles\qch7028.DS\New Folder\ITTSEngine.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\WINABCX.IME]  [PKUETI, 5.22.216]
    [D:\Profiles\qch7028.DS\New Folder\Cjktl32.dll]  [N/A, N/A]
[PID: 3036][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [D:\Profiles\qch7028.DS\New Folder\Cjktl32.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\WINABCX.IME]  [PKUETI, 5.22.216]
    [C:\Program Files\Adobe\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.5.2005092300]
    [C:\PROGRA~1\DESKAD~1\deskipn.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\System32\wmpdrm.dll]  [Allsum Info. Tech. Ltd., 2, 0, 0, 1]
    [C:\WINDOWS\system32\37211.dll]  [3721公司<推荐使用>, 1.0.0.0]
    [C:\WINDOWS\System32\msplus.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\System32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
    [C:\WINDOWS\System32\Macromed\Common\SwSupport.dll]  [Macromedia, Inc., 8.5r321]
[PID: 736][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [D:\Profiles\qch7028.DS\New Folder\Cjktl32.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\WINABCX.IME]  [PKUETI, 5.22.216]
    [C:\Program Files\Adobe\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.5.2005092300]
    [C:\PROGRA~1\DESKAD~1\deskipn.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\System32\wmpdrm.dll]  [Allsum Info. Tech. Ltd., 2, 0, 0, 1]
    [C:\WINDOWS\system32\37211.dll]  [3721公司<推荐使用>, 1.0.0.0]
    [C:\WINDOWS\System32\msplus.dll]  [, 1, 0, 0, 1]
[PID: 2452][D:\Profiles\QCH7154.DS\Desktop\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
    [D:\Profiles\qch7028.DS\New Folder\Cjktl32.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\WINABCX.IME]  [PKUETI, 5.22.216]
    [C:\WINDOWS\System32\msplus.dll]  [, 1, 0, 0, 1]
    [D:\Profiles\QCH7154.DS\Desktop\SREng\Plugins\SRECXTMG.SRE]  [Smallfrogs Studio, 1, 5, 0, 55]

==================================
File Associations
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
MSTCPChain Provider
    C:\WINDOWS\System32\msplus.dll(, Adplus Module)
MSTCP Provider
    C:\WINDOWS\System32\msplus.dll(, Adplus Module)

==================================
Autorun.Inf
N/A

==================================
HOSTS File
127.0.0.1      localhost
125.90.64.22  www.djdj110.com
125.90.64.22  www.bookom.com

==================================

ddd

C:\WINDOWS\System32\msplus.dll
请下载LSPFix和WinsockXPFix这两个软件，
小软件下载
http://free5.ys168.com/?ufwihgu168
　　重新启动电脑, 进入安全模式。运行LSPFix.exe，删除：
msplus.dll
点“Finish”即可。
修复后重启计算机，如果无法上网，请运行WinsockXPFix，
让它修复一下。

运行SREng2,使用：系统修复－－浏览器加载项－－查找以下的项－－删除所选内容
C:\PROGRA~1\DESKAD~1\deskipn.dll
C:\WINDOWS\System32\wmpdrm.dll
C:\WINDOWS\system32\37211.dll
C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
C:\WINDOWS\System32\msdxm.ocx
C:\WINDOWS\System32\aliedit\pta.dll

删除
C:\PROGRA~1\DESKAD~1\deskipn.dll
C:\WINDOWS\System32\wmpdrm.dll
C:\WINDOWS\system32\37211.dll
C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
C:\WINDOWS\System32\msdxm.ocx
C:\WINDOWS\System32\aliedit\pta.dll

运行SREng2,使用：系统修复－－HOSTS文件--删除
125.90.64.22 www.djdj110.com
125.90.64.22 www.bookom.com