[CODE]

2007-02-14,19:23:57

System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)

Windows XP Home Edition Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IgfxTray><C:\WINDOWS\System32\igfxtray.exe>  [Intel Corporation]
    <IMEKRMIG6.1><C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE>  [(Verified)Microsoft Corporation]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [(Verified)Microsoft Corporation]
    <MSPY2002><C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC>  [(Verified)N/A]
    <PHIME2002A><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <SKYNET Personal FireWall><C:\Program Files\SkyNet\FireWall\PFW.exe>  [天网]
    <vptray><C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe>  [Symantec Corporation]
    <iparmor><C:\good\Iparmor\Iparmor\iparmor.exe mini>  [N/A]
    <MSConfig><C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptimg]
    <WinlogonNotify: cryptimg><cryptimg.dll>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <ibmmessages><; C:\Program Files\IBM\Messages By IBM\\ibmmessages.exe>  [IBM]
    <KernelFaultCheck><; %systemroot%\system32\dumprep 0 -k>  [N/A]
    <Mouse Suite 98 Daemon><; ICO.EXE>  [(Verified)Primax Electronics Ltd.]
    <PRONoMgrWired><; C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe>  [Intel(R) Corporation]

==================================
启动文件夹
N/A

==================================
服务
[Application Management / AppMgmt][Stopped/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
  <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[BEA ProcMGR V2.2 / BEA ProcMGR V2.2][Running/Auto Start]
  <C:\Tuxedo\bin\tuxipc.exe><N/A>
[DefWatch / DefWatch][Running/Auto Start]
  <"C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe"><Symantec Corporation>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[IBM Rapid Restore Ultra Service / IBM Rapid Restore Ultra Service][Running/Auto Start]
  <C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe><>
[Internet Connection Manager / Internet Connection Manager][Stopped/Auto Start]
  <"C:\WINDOWS\system32\internet.exe"><N/A>
[Intel NCS NetService / NetSvc][Stopped/Manual Start]
  <C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe><Intel(R) Corporation>
[Symantec AntiVirus Client / Norton AntiVirus Server][Running/Auto Start]
  <"C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe"><Symantec Corporation>
[IBM PSA Access Driver Control / PsaSrv][Stopped/Manual Start]
  <><N/A>
[SoundMAX Agent Service / SoundMAX Agent Service (default)][Running/Auto Start]
  <C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe><Analog Devices, Inc.>
[TListen (Port: 3050) / TUXEDO Listener on Port 3050][Stopped/Auto Start]
  <C:\Tuxedo\bin\slisten.exe><N/A>

==================================
驱动程序
[abp480n5 / abp480n5][Stopped/Disabled]
  <\SystemRoot\System32\DRIVERS\ABP480N5.SYS><Microsoft Corporation>
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
  <system32\drivers\ac97intc.sys><Intel Corporation>
[adpu160m / adpu160m][Stopped/Disabled]
  <\SystemRoot\System32\DRIVERS\adpu160m.sys><Microsoft Corporation>
[aeaudio / aeaudio][Running/Manual Start]
  <system32\drivers\aeaudio.sys><Andrea Electronics Corporation>
[Aha154x / Aha154x][Stopped/Disabled]
  <\SystemRoot\System32\DRIVERS\aha154x.sys><Microsoft Corporation>
[aic78u2 / aic78u2][Stopped/Disabled]
  <\SystemRoot\System32\DRIVERS\aic78u2.sys><Microsoft Corporation>
[aic78xx / aic78xx][Stopped/Disabled]
  <\SystemRoot\System32\DRIVERS\aic78xx.sys><Microsoft Corporation>
[AliIde / AliIde][Stopped/Disabled]
  <\SystemRoot\System32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AMD AGP Bus Filter Driver / amdagp][Stopped/Disabled]
  <\SystemRoot\System32\DRIVERS\amdagp.sys><Advanced Micro Devices, Inc.>
[asc / asc][Stopped/Disabled]
  <\SystemRoot\System32\DRIVERS\asc.sys><Advanced System Products, Inc.>
[asc3350p / asc3350p][Stopped/Disabled]
  <\SystemRoot\System32\DRIVERS\asc3350p.sys><Microsoft Corporation>
[asc3550 / asc3550][Stopped/Disabled]
  <\SystemRoot\System32\DRIVERS\asc3550.sys><Advanced System Products, Inc.>
[标准 IDE/ESDI 硬盘控制器 / atapi][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\atapi.sys><Microsoft Corporation>
[BM Win32 Network Adapter / bmnadapter][Running/Manual Start]
  <system32\DRIVERS\bmnet.sys><The OpenVPN Project>
[cd20xrnt / cd20xrnt][Stopped/Disabled]
  <\SystemRoot\System32\DRIVERS\cd20xrnt.sys><Microsoft Corporation>
[CdnHook / CdnHook][Running/System Start]
  <System32\drivers\cdnhook.sys><N/A>
[CmdIde / CmdIde][Stopped/Disabled]
  <\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[dac2w2k / dac2w2k][Stopped/Disabled]
  <\SystemRoot\System32\DRIVERS\dac2w2k.sys><Mylex Corporation>
[dpti2o / dpti2o][Stopped/Disabled]
  <\SystemRoot\System32\DRIVERS\dpti2o.sys><Microsoft Corporation>
[dtscsi / dtscsi][Stopped/Manual Start]
  <\SystemRoot\System32\Drivers\dtscsi.sys><DT Soft Ltd.>
[Intel(R) PRO Adapter Driver / E100B][Running/Manual Start]
  <System32\DRIVERS\e100b325.sys><Intel Corporation>
[IBM Access Support / EGATHDRV][Running/Auto Start]
  <\??\C:\WINDOWS\SYSTEM32\EGATHDRV.SYS><IBM Corporation>
[gbgqpt6 / gbgqpt64][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\gbgqpt64.sys><N/A>
[ialm / ialm][Running/Manual Start]
  <System32\DRIVERS\ialmnt5.sys><Intel Corporation>
[ibmfilter / ibmfilter][Running/Auto Start]
  <\??\C:\WINDOWS\System32\drivers\ibmfilter.sys><IBM>
[ini910u / ini910u][Stopped/Disabled]
  <\SystemRoot\System32\DRIVERS\ini910u.sys><Microsoft Corporation>
[PS USB Enum Control / KPENUM][Stopped/Manual Start]
  <System32\DRIVERS\kpenum.sys><American Megatrends, Inc. Japan>
[KYOCERA PHS Modem Driver / KPMDM2K][Stopped/Manual Start]
  <System32\DRIVERS\kpmdm2k.sys><American Megatrends, Inc. Japan>
[PS Data Port / KPPORT2K][Stopped/Manual Start]
  <System32\DRIVERS\kpport2k.sys><American Megatrends, Inc. Japan>
[PS USB Control / KPUSB][Stopped/Manual Start]
  <System32\DRIVERS\kpusb.sys><American Megatrends, Inc. Japan>
[mraid35x / mraid35x][Stopped/Disabled]
  <\SystemRoot\System32\DRIVERS\mraid35x.sys><American Megatrends Inc.>
[mspcidrv / mspcidrv][Running/System Start]
  <system32\DRIVERS\mspcidrv.sys><Windows (R) 2000 DDK provider>
[NAVAP / NAVAP][Running/Manual Start]
  <\??\C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NAVAP.sys><Symantec Corporation>
[NAVAPEL / NAVAPEL][Running/Auto Start]
  <\??\C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NAVAPEL.SYS><Symantec Corporation>
[NAVENG / NAVENG][Running/Manual Start]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070213.034\NAVENG.sys><Symantec Corporation>
[NAVEX15 / NAVEX15][Running/Manual Start]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070213.034\NAVEX15.sys><Symantec Corporation>
[Ndis112 / Ndis112][Running/Boot Start]
  <\SystemRoot\System32\Drivers\ms112.sys><Copyright (C) 3721 Corporation.>
[Netpas Win32 Virtual Network Adapter / netpasadapter1][Stopped/Manual Start]
  <system32\DRIVERS\netpas.sys><Netpas>
[npkcrypt / npkcrypt][Stopped/Auto Start]
  <\??\C:\Documents and Settings\wg6\桌面\npkcrypt.sys><N/A>
[nv / nv][Stopped/Manual Start]
  <System32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Mouse Suite Driver / pelmouse][Stopped/Manual Start]
  <System32\DRIVERS\pelmouse.sys><Primax Electronics Ltd.>
[USB Mouse Low Filter Driver / pelusblf][Stopped/Manual Start]
  <System32\DRIVERS\pelusblf.sys><Primax Electronics Ltd.>
[PMEM / PMEM][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\PMEMNT.SYS><Microsoft Corporation>
[IBM PSA Access Driver / psadd][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\Drivers\psadd.sys><Windows (R) 2000 DDK provider>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\PxHelp20.sys><Sonic Solutions>
[ql1080 / ql1080][Stopped/Disabled]
  <\SystemRoot\System32\DRIVERS\ql1080.sys><QLogic Corporation>
[Ql10wnt / Ql10wnt][Stopped/Disabled]
  <\SystemRoot\System32\DRIVERS\ql10wnt.sys><Microsoft Corporation>
[ql12160 / ql12160][Stopped/Disabled]
  <\SystemRoot\System32\DRIVERS\ql12160.sys><QLogic Corporation>
[ql1280 / ql1280][Stopped/Disabled]
  <\SystemRoot\System32\DRIVERS\ql1280.sys><QLogic Corporation>
[Secdrv / Secdrv][Running/Auto Start]
  <System32\DRIVERS\secdrv.sys><N/A>
[StarForce Protection Environment Driver (version 1.x) / sfdrv01][Running/Boot Start]
  <\SystemRoot\System32\drivers\sfdrv01.sys><Protection Technology>
[StarForce Protection Helper Driver (version 2.x) / sfhlp02][Running/Boot Start]
  <\SystemRoot\System32\drivers\sfhlp02.sys><Protection Technology>
[StarForce Protection Synchronization Driver (version 3.x) / sfsync03][Running/Boot Start]
  <\SystemRoot\System32\drivers\sfsync03.sys><Protection Technology>
[StarForce Protection VFS Driver (version 2.x) / sfvfs02][Running/Boot Start]
  <\SystemRoot\System32\drivers\sfvfs02.sys><Protection Technology>
[SIS AGP Bus Filter / sisagp][Stopped/Disabled]
  <\SystemRoot\System32\DRIVERS\sisagp.sys><Silicon Integrated Systems Corporation>
[SKNFW / SKNFW][Running/System Start]
  <\??\C:\WINDOWS\system32\Drivers\SKNFW.sys><N/A>
[smwdm / smwdm][Running/Manual Start]
  <system32\drivers\smwdm.sys><Analog Devices, Inc.>
[Sparrow / Sparrow][Stopped/Disabled]
  <\SystemRoot\System32\DRIVERS\sparrow.sys><Adaptec, Inc.>
[sptd / sptd][Running/Boot Start]
  <\SystemRoot\System32\Drivers\sptd.sys><N/A>
[symc810 / symc810][Stopped/Disabled]
  <\SystemRoot\System32\DRIVERS\symc810.sys><Symbios Logic Inc.>
[symc8xx / symc8xx][Stopped/Disabled]
  <\SystemRoot\System32\DRIVERS\symc8xx.sys><LSI Logic>
[SymEvent / SymEvent][Running/Manual Start]
  <\??\C:\Program Files\Symantec\SYMEVENT.SYS><Symantec Corporation>
[sym_hi / sym_hi][Stopped/Disabled]
  <\SystemRoot\System32\DRIVERS\sym_hi.sys><LSI Logic>
[sym_u3 / sym_u3][Stopped/Disabled]
  <\SystemRoot\System32\DRIVERS\sym_u3.sys><LSI Logic>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
  <System32\DRIVERS\tcpip.sys><Microsoft Corporation>
[TosIde / TosIde][Stopped/Disabled]
  <\SystemRoot\System32\DRIVERS\toside.sys><Microsoft Corporation>
[ultra / ultra][Stopped/Disabled]
  <\SystemRoot\System32\DRIVERS\ultra.sys><Promise Technology, Inc.>
[ViaIde / ViaIde][Stopped/Disabled]
  <\SystemRoot\System32\DRIVERS\viaide.sys><Microsoft Corporation>
[voodoo / voodoo][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\voodoo.sys><N/A>
[wmpsznv / wmpsznv][Running/Boot Start]
  <\SystemRoot\system32\drivers\wmpsznv.sys><N/A>
[Intel(R) Graphics Platform (SoftBIOS) Driver / {6080A529-897E-4629-A488-ABA0C29B635E}][Running/Manual Start]
  <system32\drivers\ialmsbw.sys><Intel Corporation>
[Intel(R) Graphics Chipset (KCH) Driver / {D31A0762-0CEB-444e-ACFF-B049A1F6FE91}][Running/Manual Start]
  <system32\drivers\ialmkchw.sys><Intel Corporation>

==================================
浏览器加载项
[BitComet Helper]
  {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <C:\Program Files\BitComet\tools\BitCometBHO.dll, N/A>
[Advance Helper]
  {8E25AC4A-B129-451B-BEE2-3B510BB751DA} <C:\WINDOWS\system32\NTDLL32.dll, N/A>
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FlashGet\jccatch.dll, Amaze Soft>
[IE Browser Helper]
  {D0903A3B-F0EA-434a-9742-98C5335C7946} <, N/A>
[SFP Class]
  {F236CC5A-F6E4-4011-9EED-C52FDF51CE3D} <C:\WINDOWS\system32\Sbhoplin.dll, 广州众达天网技术有限公司>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FlashGet\fgiebar.dll, Amaze Soft>
[BitComet工具栏]
  {3F1ABCDB-A875-46c1-8345-B72A4567E486} <C:\Program Files\BitComet\BitCometBar\BitCometBar0.6.dll, N/A>
[TVAnts ActiveX Control]
  {4C833081-D026-4FF8-968F-7EAB660D2FBA} <C:\PROGRA~1\TVAntsX\TvantsX.ocx, Zhejiang University>
[Office Update Installation Engine]
  {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} <C:\WINDOWS\opuc.dll, Microsoft Corporation>
[BitComet Helper]
  {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <C:\Program Files\BitComet\tools\BitCometBHO.dll, N/A>
[Advance Helper]
  {8E25AC4A-B129-451B-BEE2-3B510BB751DA} <C:\WINDOWS\system32\NTDLL32.dll, N/A>
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FlashGet\jccatch.dll, Amaze Soft>
[IE Browser Helper]
  {D0903A3B-F0EA-434A-9742-98C5335C7946} <, N/A>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[SFP Class]
  {F236CC5A-F6E4-4011-9EED-C52FDF51CE3D} <C:\WINDOWS\system32\Sbhoplin.dll, 广州众达天网技术有限公司>
[使用网际快车下载]
  <C:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <C:\Program Files\FlashGet\jc_all.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>

==================================
正在运行的进程
[PID: 828][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 880][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 904][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
    [C:\WINDOWS\system32\cryptimg.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 952][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
[PID: 964][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
    [C:\WINDOWS\system32\pwdmon.dll]  [N/A, N/A]
[PID: 1116][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
[PID: 1212][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
[PID: 1396][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
[PID: 1592][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
[PID: 1672][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
[PID: 2020][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
    [C:\WINDOWS\system32\mdimon.dll]  [Microsoft Corporation, 11.3.1897.0]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll]  [Microsoft Corporation, 11.3.1897.0]
[PID: 348][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
    [C:\WINDOWS\system32\wmpsznv.dll]  [N/A, N/A]
    [C:\PROGRA~1\FlashGet\jccatch.dll]  [Amaze Soft, 1, 1, 4, 0]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [C:\WINDOWS\System32\igfxpph.dll]  [Intel Corporation, 3.0.0.2249]
    [C:\WINDOWS\System32\hccutils.DLL]  [Intel Corporation, 3.0.0.2249]
    [C:\WINDOWS\system32\igfxres.dll]  [Intel Corporation, 3.0.0.2249]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll]  [Symantec Corporation, 8.00.00.9374]
    [C:\Program Files\Common Files\Adobe\Shell\PSICON.DLL]  [Adobe Systems, Incorporated, 7.0]
    [C:\WINDOWS\system32\mscoree.dll]  [Microsoft Corporation, 1.1.4322.573]
    [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Shfusion.dll]  [Microsoft Corporation, 1.1.4322.573]
    [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[PID: 712][C:\Program Files\SkyNet\FireWall\PFW.exe]  [天网, 2.7.3.1100]
    [C:\Program Files\SkyNet\FireWall\SKYMISC.DLL]  [N/A, N/A]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
[PID: 728][C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe]  [Symantec Corporation, 8.00.00.9374]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Cliscan.dll]  [Symantec Corporation, 8.00.00.9374]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
    [C:\PROGRA~1\SYMANT~1\SYMANT~1\NAVNTUTL.DLL]  [Symantec/Peter Norton Group, 1, 0, 0, 1]
[PID: 744][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
[PID: 820][C:\Tuxedo\bin\tuxipc.exe]  [N/A, N/A]
    [C:\Tuxedo\bin\LIBENGINE.dll]  [N/A, N/A]
[PID: 1368][C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe]  [Symantec Corporation, 8.00.00.9374]
[PID: 1428][C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe]  [, 4,0,0,4026]
[PID: 1744][C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe]  [Symantec Corporation, 8.00.00.9374]
    [C:\WINDOWS\system32\CBA.DLL]  [Intel? Corporation, 6.12.0.71 E]
    [C:\WINDOWS\system32\MsgSys.dll]  [Intel? Corporation, 6.12.0.71 E]
    [C:\WINDOWS\system32\NTS.dll]  [Intel? Corporation, 6.12.0.71 E]
    [C:\WINDOWS\system32\PDS.DLL]  [Intel? Corporation, 6.12.0.71 E]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NAVLU.dll]  [Symantec Corporation, 8.00.00.9374]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NAVNTUTL.DLL]  [Symantec/Peter Norton Group, 1, 0, 0, 1]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\i2ldvp3.dll]  [Symantec Corporation, 8.00.00.9374]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NAVAPI32.DLL]  [Symantec Corp., 4.1.0.15]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NotesExt.dll]  [Symantec Corporation, 8.00.00.9374]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\vpmsece.dll]  [Symantec Corporation, 8.00.00.9374]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\SSC\Scandlgs.dll]  [Symantec Corporation, 8.00.00.9374]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070213.034\NAVEX32a.DLL]  [Symantec Corporation, 20071.1.1.10]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070213.034\NAVENG32.DLL]  [Symantec Corporation, 20071.1.1.10]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NAVAP32.DLL]  [Symantec Corporation, 9.0.0.14]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DecSDK.dll]  [Symantec Corporation, 3.02.07.19]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Dec2.dll]  [Symantec Corporation, 3.02.07.19]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Dec2ZIP.dll]  [Symantec Corporation, 3.02.07.19]
[PID: 416][C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe]  [Analog Devices, Inc., 3, 2, 6, 0]
[PID: 1300][C:\WINDOWS\System32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: DNSRV(bld4act)]
[PID: 640][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
[PID: 1064][C:\Documents and Settings\wg6\桌面\sreng2\SREng.EXE]  [Smallfrogs Studio, 2.3.13.690]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. [C:\WINDOWS\hh.exe %1]
.HLP  Error. [C:\WINDOWS\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\NOTEPAD.EXE %1]
.INF  Error. [C:\WINDOWS\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost
134.34.51.60    lsqyw01

==================================
API HOOK
N/A

==================================


[/CODE]

高手快来呀，急等着呢

用过 差不到病毒

那些专杀工具根本查不到毒呀