2006-10-31,14:11:13
System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 1 (Build 2600)
- 管理权限用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINXP\System32\ctfmon.exe> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<MS04_028 Memory Patch><G:\aNews-sadu\pic.exe -Patch> [Beijing Rising Tech. Co., Ltd.]
<NvCplDaemon><RUNDLL32.EXE NvQTwk,NvCplDaemon initialize> [N/A]
<nwiz><nwiz.exe /install> [NVIDIA Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Corporation]
<Userinit><userinit.exe,> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\System Safety Monitor]
<WinlogonNotify: System Safety Monitor><SSMWinlogonEx.dll> [(Verified)System Safety Limited]
==================================
启动文件夹
[Microsoft Office]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Microsoft Office.lnk --> C:\PROGRA~1\MICROS~3\Office10\OSA.EXE [Microsoft Corporation]><N>
==================================
服务
[Apache / Apache]
<"C:\Program Files\Apache Group\Apache\Apache.exe" --ntservice><N/A>
[Human Interface Device Access / HidServ]
<C:\WINXP\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[MySQL / MySQL]
<"C:\Program Files\MySQL\MySQL Server 4.1\bin\mysqld-nt" --defaults-file="C:\Program Files\MySQL\MySQL Server 4.1\my.ini" MySQL><N/A>
[NVIDIA Driver Helper Service / NVSvc]
<C:\WINXP\System32\nvsvc32.exe><NVIDIA Corporation>
[SoundMAX Agent Service / SoundMAX Agent Service (default)]
<C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe><Analog Devices, Inc.>
==================================
驱动程序
[aeaudio / aeaudio]
<system32\drivers\aeaudio.sys><Andrea Electronics Corporation>
[gmer / gmer]
<System32\DRIVERS\gmer.sys><GMER>
[IdeBusDr / IdeBusDr]
<\SystemRoot\System32\DRIVERS\IdeBusDr.sys><Intel Corporation>
[Intel(R) Ultra ATA Controller / IdeChnDr]
<\SystemRoot\System32\DRIVERS\IdeChnDr.sys><Intel Corporation>
[IntelC51 / IntelC51]
<System32\DRIVERS\IntelC51.sys><Intel Corporation>
[IntelC52 / IntelC52]
<System32\DRIVERS\IntelC52.sys><Intel Corporation>
[IntelC53 / IntelC53]
<System32\DRIVERS\IntelC53.sys><Intel Corporation>
[mohfilt / mohfilt]
<System32\DRIVERS\mohfilt.sys><Intel Corporation>
[nv / nv]
<System32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink]
<System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[System Safety Monitor 2.0 Core Engine / safemon]
<\SystemRoot\system32\drivers\safemon.sys><System Safety Limited>
[Secdrv / Secdrv]
<System32\DRIVERS\secdrv.sys><N/A>
[smwdm / smwdm]
<system32\drivers\smwdm.sys><Analog Devices, Inc.>
==================================
浏览器加载项
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx, >
[Strider URL Tracer Class]
{B1CC6DA6-1341-40c2-9930-086ACD067289} <C:\Program Files\Microsoft\MSR Strider URL Tracer\UrlTrace.dll, N/A>
[MSR Strider URL Tracer]
{E1675C34-8EFD-4005-8911-1032912305C6} <"C:\Program Files\Microsoft\MSR Strider URL Tracer\TypoPatroller.exe", N/A>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINXP\System32\wuweb.dll, Microsoft Corporation>
[MUWebControl Class]
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINXP\System32\muweb.dll, Microsoft Corporation>
[导出到 Microsoft Excel(&x)]
<res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000, N/A>
==================================
正在运行的进程
[PID: 428][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 492][\??\C:\WINXP\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 516][\??\C:\WINXP\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.1557 (xpsp2_gdr.040517-1325)]
[C:\WINXP\System32\SYNCOR11.DLL] [SoundMAX, 1.2.2]
[C:\WINXP\system32\SSMWinlogonEx.dll] [System Safety Limited, 2.0.8.582]
[PID: 560][C:\WINXP\system32\services.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 572][C:\WINXP\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 728][C:\WINXP\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 784][C:\WINXP\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINXP\System32\SYNCOR11.DLL] [SoundMAX, 1.2.2]
[PID: 852][C:\WINXP\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 864][C:\WINXP\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 972][C:\WINXP\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.1699 (xpsp2.050610-1533)]
[PID: 1064][C:\Program Files\Apache Group\Apache\Apache.exe] [N/A, N/A]
[C:\Program Files\Apache Group\Apache\ApacheCore.dll] [N/A, N/A]
[C:\Program Files\Apache Group\Apache\Win9xConHook.dll] [N/A, N/A]
[PID: 1080][C:\WINXP\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe] [Microsoft Corporation, 2.0.50727.26 (RTM.050727-2600)]
[PID: 1088][C:\Program Files\Apache Group\Apache\Apache.exe] [N/A, N/A]
[C:\Program Files\Apache Group\Apache\ApacheCore.dll] [N/A, N/A]
[C:\Program Files\Apache Group\Apache\Win9xConHook.dll] [N/A, N/A]
[PID: 1336][C:\WINXP\System32\inetsrv\inetinfo.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1356][C:\Program Files\MySQL\MySQL Server 4.1\bin\mysqld-nt.exe] [N/A, N/A]
[PID: 1392][C:\WINXP\System32\nvsvc32.exe] [NVIDIA Corporation, 6.13.10.3100]
[PID: 1432][C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe] [Analog Devices, Inc., 3, 2, 5, 0]
[PID: 2024][C:\WINXP\Explorer.EXE] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
[C:\WINXP\System32\SYNCOR11.DLL] [SoundMAX, 1.2.2]
[C:\Program Files\WinRAR\rarext.dll] [N/A, N/A]
[C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx] [, 1, 0, 0, 1]
[PID: 692][C:\WINXP\System32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 2236][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
[C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx] [, 1, 0, 0, 1]
[C:\Program Files\Microsoft\MSR Strider URL Tracer\UrlTrace.dll] [N/A, N/A]
[C:\Program Files\Microsoft\MSR Strider URL Tracer\detoured.DLL] [N/A, N/A]
[C:\WINXP\System32\SYNCOR11.DLL] [SoundMAX, 1.2.2]
[C:\WINXP\System32\Macromed\Flash\Flash.ocx] [Macromedia, Inc., 6,0,84,0]
[PID: 2384][C:\WINXP\System32\conime.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 2632][G:\aNews\REGfix\20\sreng2\SREng2\SREng.exe] [Smallfrogs Studio, 2.0.21.505]
[C:\WINXP\System32\SYNCOR11.DLL] [SoundMAX, 1.2.2]
[PID: 2892][G:\aNews\REGfix\2.2.6\sreng2\SREng\SREng.exe] [Smallfrogs Studio, 2.2.6.605]
[C:\WINXP\System32\SYNCOR11.DLL] [SoundMAX, 1.2.2]
==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINXP\hh.exe" %1]
.HLP OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1 localhost
==================================
