2006-11-26,14:30:30
System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)
Windows XP Home Edition Service Pack 1 (Build 2600)
- 管理权限用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe> [(Verified)Microsoft Corporation]
<MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" /background> [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<{19381CE6-0640-2052-1225-010928000056}><"C:\Program Files\Common Files\{19381CE6-0640-2052-1225-010928000056}\Update.exe" mc-110-12-0000144> [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMJPMIG8.1><C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Corporation]
<PHIME2002ASync><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [(Verified)Microsoft Corporation]
<PHIME2002A><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [(Verified)Microsoft Corporation]
<HuaShanTGEKBDPS2><C:\Program Files\联想\联想键盘驱动\Ps2Kbdriver.exe> [N/A]
<RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup> [N/A]
<RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system> [Beijing Rising Technology Co., Ltd.]
<StormCodec_Helper><"D:\影音风暴\Storm Codec\StormSet.exe" /S /opti> [N/A]
<Timer Service><C:\WINDOWS\System32\2.exe> [N/A]
<Windows Explorer><C:\WINDOWS\System32\explorer.exe> [N/A]
<Services><C:\di21.exe> [N/A]
<Application Layer Gateway Service><C:\WINDOWS\System32\algs.exe> [N/A]
<Torjan Program><C:\WINDOWS\WINLOGON.EXE> [China]
<dynsys><C:\WINDOWS\System32\dynsys.exe> [N/A]
<sklrr7y7768158><C:\WINDOWS\System32\sklrr7y7768158.exe> [N/A]
<dior4f48329931><C:\WINDOWS\System32\dior4f48329931.exe> [N/A]
<IpWins><C:\Program Files\ipwins\ipwins.exe> [N/A]
<cjnr4r4891140><C:\WINDOWS\System32\cjnr4r4891140.exe> [N/A]
<dior4f47667196><C:\WINDOWS\System32\dior4f47667196.exe> [N/A]
<SKYNET Personal FireWall><D:\Program Files\SkyNet\FireWall\PFW.exe> [广州众达天网技术有限公司]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]
<Torjan Program><C:\WINDOWS\WINLOGON.EXE> [China]
<dynsys><C:\WINDOWS\System32\dynsys.exe> [N/A]
<sklrr7y7768158><C:\WINDOWS\System32\sklrr7y7768158.exe> [N/A]
<dior4f48329931><C:\WINDOWS\System32\dior4f48329931.exe> [N/A]
<cjnr4r4891140><C:\WINDOWS\System32\cjnr4r4891140.exe> [N/A]
<dior4f47667196><C:\WINDOWS\System32\dior4f47667196.exe> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe 1> [N/A]
<Userinit><C:\WINDOWS\System32\userinit.exe,> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{9A36CEDC-2619-43F0-8108-50A321AD3057}><C:\WINDOWS\System32\efcawxu.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\efcawxu]
<WinlogonNotify: efcawxu><efcawxu.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\gebcd]
<WinlogonNotify: gebcd><C:\WINDOWS\System32\gebcd.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\rpcc]
<WinlogonNotify: rpcc><C:\WINDOWS\System32\rpcc.dll> [N/A]
==================================
启动文件夹
[幸福之家]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\幸福之家.lnk --> C:\HAPPYH~1\主控程序\LxHome60.exe []><N>
[Adobe Gamma Loader]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Gamma Loader.lnk --> C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [Adobe Systems, Inc.]><N>
[腾讯QQ]
<C:\Documents and Settings\user_child\「开始」菜单\程序\启动\腾讯QQ.lnk --> D:\QQ\QQ.exe [TENCENT]><N>
==================================
服务
[Application Management / AppMgmt]
<C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
[卡巴斯基互联网安全套装 6.0 / AVP]
<D:\aaa\avp.exe -r><N/A>
[Print Spooler Service / d951eaqeoaiepnoe]
<C:\WINDOWS\System32\cjnr4r4891140.exe /service><N/A>
[Human Interface Device Access / HidServ]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[LexBce Server / LexBceS]
<C:\WINDOWS\system32\LEXBCES.EXE><Lexmark International, Inc.>
[NVIDIA Driver Helper Service / NVSvc]
<C:\WINDOWS\System32\nvsvc32.exe><NVIDIA Corporation>
[Rising Personal Firewall Service / RfwService]
<c:\program files\rising\rfw\rfwsrv.exe><N/A>
[Remote Procedure Call System(RPCS) / RpcS]
<C:\WINDOWS\System32\RpcS.exe><Microsoft Corporation>
[Rising Process Communication Center / RsCCenter]
<"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
<"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[TGE CardReader Mgr Host v2 / TGECardReaderMgrHost.2]
<C:\Program Files\联想\联想键盘驱动\TGESrvLogon.exe><>
==================================
驱动程序
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc]
<system32\drivers\ac97intc.sys><Intel Corporation>
[Rising TDI Base Driver / BaseTDI]
<System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[basic2 / basic2]
<System32\DRIVERS\basic2.sys><Conexant Systems>
[d347bus / d347bus]
<\SystemRoot\System32\DRIVERS\d347bus.sys><>
[d347prt / d347prt]
<\SystemRoot\System32\Drivers\d347prt.sys><>
[EagleNT / EagleNT]
<\??\C:\WINDOWS\System32\drivers\EagleNT.sys><N/A>
[ExpScaner / ExpScaner]
<\??\C:\Program Files\Rising\Rav\ExpScan.sys><>
[Fallback / Fallback]
<System32\DRIVERS\fallback.sys><Conexant Systems>
[Fsks / Fsks]
<System32\DRIVERS\fsksnt.sys><Conexant Systems>
[HookCont / HookCont]
<\??\C:\Program Files\Rising\Rav\HOOKCONT.sys><Rising tech Co. ltd>
[HookReg / HookReg]
<\??\C:\Program Files\Rising\Rav\HookReg.sys><>
[HookSys / HookSys]
<\??\C:\Program Files\Rising\Rav\HookSys.sys><Rising>
[HookUrl / HookUrl]
<\??\C:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[K56 / K56]
<System32\DRIVERS\k56nt.sys><Conexant Systems>
[Keyboard Filter Example / kbfiltr]
<System32\DRIVERS\kbfiltr.sys><Windows (R) 2000 DDK provider>
[kl1 / kl1]
<\SystemRoot\System32\drivers\kl1.sys><N/A>
[klif / klif]
<\??\C:\WINDOWS\System32\drivers\klif.sys><N/A>
[kmsinput / kmsinput]
<\??\C:\WINDOWS\System32\drivers\kmsinput.sys><N/A>
[mdmxsdk / mdmxsdk]
<System32\DRIVERS\mdmxsdk.sys><Conexant>
[MEMSCAN / MEMSCAN]
<\??\C:\Program Files\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[mProcRs / mProcRs]
<\??\c:\program files\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[npkcrypt / npkcrypt]
<\??\D:\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv4 / nv4]
<System32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[oreans32 / oreans32]
<\??\C:\WINDOWS\system32\drivers\oreans32.sys><N/A>
[Direct Parallel Link Driver / Ptilink]
<System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Rksample / Rksample]
<System32\DRIVERS\rksample.sys><Conexant Systems>
[RsFwDrv / RsFwDrv]
<\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139]
<System32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv]
<System32\DRIVERS\secdrv.sys><N/A>
[SKNFW / SKNFW]
<\??\C:\WINDOWS\System32\Drivers\SKNFW.sys><N/A>
[SkyProcs / SkyProcs]
<\??\D:\Program Files\SkyNet\FireWall\SkyProcs.sys><N/A>
[SoftFax / SoftFax]
<System32\DRIVERS\faxnt.sys><Conexant Systems>
[Tones / Tones]
<System32\DRIVERS\tonesnt.sys><Conexant Systems>
==================================
浏览器加载项
[]
{013A653B-49A6-4f76-8B68-E4875EA6BA54} <C:\WINDOWS\System32\iuidcrbv.dll, N/A>
[]
{46A4E9D9-B30E-452A-8157-DBBEC8573B03} <C:\Program Files\VSAdd-in\VSAdd-in.dll, N/A>
[]
{9A36CEDC-2619-43F0-8108-50A321AD3057} <C:\WINDOWS\System32\efcawxu.dll, N/A>
[888Bar]
{C004DEC2-2623-438e-9CA2-C9043AB28508} <C:\PROGRA~1\COMMON~1\{39381~1\888Bar.dll, N/A>
[]
{E03E7C41-B173-4E51-B513-A2F5FE5DCA3E} <C:\WINDOWS\System32\gebcd.dll, N/A>
[免费精彩视频超流畅在线观看]
{022C4009-5283-4365-97BF-144054B40E2E} <http://itv.mop.com, N/A>
[CibaCtrl Class]
{8DE0FCD4-5EB5-11D3-AD25-00002100131B} <c:\HAPPYH~1\XDict\IEPlugin.dll, >
[启动Web迅雷]
{962EFB8E-2683-42d4-AC74-AAA4C759B9C6} <http://my.xunlei.com, N/A>
[JoyoCtrl Class]
{C8CE29C5-7589-11D3-B81B-0080C8DC5DC8} <c:\HAPPYH~1\XDict\IEPlugin.dll, >
[@shdoclc.dll,-866]
{c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} <D:\QQ\QQ.EXE, TENCENT>
[电台(&R)]
{8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[&Google]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar1.dll, N/A>
[&VSAdd-in]
{74DD705D-6834-439C-A735-A6DBE2677452} <C:\Program Files\VSAdd-in\VSAdd-in.dll, N/A>
[888Bar]
{C004DEC2-2623-438e-9CA2-C9043AB28508} <C:\PROGRA~1\COMMON~1\{39381~1\888Bar.dll, N/A>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\System32\wuweb.dll, Microsoft Corporation>
[Shockwave Flash
Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[VCR.Scan]
{E4F500BF-C1A3-11D6-9697-0090961B771E} <C:\WINDOWS\Downloaded Program Files\VCRSCAN.OCX, New Technology Wave Inc.>
[pCastPanel Class]
{FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} <C:\WINDOWS\Downloaded Program Files\pCastCtl.dll, >
[&Google Search]
<res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html, N/A>
[上传到QQ网络硬盘]
<D:\QQ\AddToNetDisk.htm, N/A>
[使用Web迅雷下载]
<D:\XL\GetUrl.htm, N/A>
[使用Web迅雷下载全部链接]
<D:\XL\GetAllUrl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
<res://D:\新建文~1\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
<D:\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
<D:\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
<D:\QQ\SendMMS.htm, N/A>
