[CODE]

2007-06-22,21:42:26

System Repair Engineer 2.4.12.806
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
    <Xplus><rem "D:\网络阅览器\Xplus_Wait.exe" /min>  []
    <MSMSGS><rem "C:\Program Files\Messenger\msmsgs.exe" /background>  [N/A]
    <28gsezf41s><C:\DOCUME~1\lenovo-1\LOCALS~1\Temp\c0nime.exe>  [N/A]
    <swg><C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe>  [(Verified)Google Inc]
    <q70xi92y4u6kj6><C:\DOCUME~1\lenovo-1\LOCALS~1\Temp\Rav.exe>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <wm><C:\WINDOWS\Syswm8\svchost.exe>  [N/A]
    <sun><C:\WINDOWS\SysSun2\svchost.exe>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><C:\PROGRA~1\COMMON~1\onlinegame\fs2online.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows Publisher]
    <SoundMan><rem SOUNDMAN.EXE>  [N/A]
    <AGRSMMSG><AGRSMMSG.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <QkOnBtn><rem C:\Program Files\QBU\QkOnBtn.EXE>  [N/A]
    <IgfxTray><rem C:\WINDOWS\system32\igfxtray.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <HotKeysCmds><rem C:\WINDOWS\system32\hkcmd.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <NeroFilterCheck><rem C:\WINDOWS\system32\NeroCheck.exe>  [Ahead Software Gmbh]
    <BigDogPath><C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera>  [N/A]
    <WebThunder><D:\迅雷工具\WebThunder.exe>  [(Verified)ShenZhen Thunder Networking Technologies Ltd.]
    <tckgjld><C:\Program Files\Uninstall Information\tckgjld.exe>  []
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  [N/A]
    <CdnCtr><C:\Program Files\CNNIC\Cdn\cdnup.exe>  [CNNIC]
    <RavTask><"D:\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <RfwMain><"D:\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <wosa><C:\DOCUME~1\lenovo-1\LOCALS~1\Temp\woso.exe>  [N/A]
    <ztsa><C:\DOCUME~1\lenovo-1\LOCALS~1\Temp\ztso.exe>  [N/A]
    <mhsa><C:\DOCUME~1\lenovo-1\LOCALS~1\Temp\mhso.exe>  [N/A]
    <fysa><C:\DOCUME~1\lenovo-1\LOCALS~1\Temp\fyso.exe>  [N/A]
    <jtsa><C:\DOCUME~1\lenovo-1\LOCALS~1\Temp\jtso.exe>  [N/A]
    <wlsa><C:\DOCUME~1\lenovo-1\LOCALS~1\Temp\wlso.exe>  [N/A]
    <wgsa><C:\DOCUME~1\lenovo-1\LOCALS~1\Temp\wgso.exe>  [N/A]
    <wmsa><C:\DOCUME~1\lenovo-1\LOCALS~1\Temp\wmso.exe>  [N/A]
    <qjsa><C:\DOCUME~1\lenovo-1\LOCALS~1\Temp\qjso.exe>  [N/A]
    <rxsa><C:\DOCUME~1\lenovo-1\LOCALS~1\Temp\rxso.exe>  [N/A]
    <wdsa><C:\DOCUME~1\lenovo-1\LOCALS~1\Temp\wdso.exe>  [N/A]
    <tlsa><C:\DOCUME~1\lenovo-1\LOCALS~1\Temp\tlso.exe>  [N/A]
    <dasa><C:\DOCUME~1\lenovo-1\LOCALS~1\Temp\daso.exe>  [N/A]
    <A><C:\WINDOWS\system32\rundll32.exe 1.1 s>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <RavStub><"D:\RISING\RAV\ravstub.exe" /RUNONCE>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\UserInit.exe,>  [(Verified)Microsoft Windows Publisher]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{4BAB150F-DD97-476D-9C1E-41B6CDC0CA7A}><C:\PROGRA~1\Yahoo!\ASSIST~1\yclickon.dll>  [N/A]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
    <{0CD68AC9-FF63-3E61-626B-B663E62F6236}><C:\Program Files\Internet Explorer\romdrivers.dll>  [N/A]
    <{FEDCBA98-FEDC-FEDC-FEDC-FEDCBA987654}><C:\WINDOWS\system32\LYLYLYLY.dll>  []

==================================

启动文件夹
[ylgkdc]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\ylgkdc.lnk --> C:\PROGRA~1\REALTE~2\ylgkdce.exe [N/A]><N>
[QQ游戏启动加速程序]
  <C:\Documents and Settings\lenovo-1\「开始」菜单\程序\启动\QQ游戏启动加速程序.lnk --> D:\QQGame\Accel.exe [深圳市腾讯计算机系统有限公司]><N>
[Zcom 娱乐空间]
  <C:\Documents and Settings\lenovo-1\「开始」菜单\程序\启动\Zcom 娱乐空间.lnk --> C:\PROGRA~1\Zcom\E-Space.exe [智通无限]><N>

==================================
服务
[CoolWare / CoolWare][Stopped/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\yquv.dll><N/A>
[FspadSvc / FspadSvc][Running/Auto Start]
  <C:\Program Files\AVC Finger-sensing Pad Driver\FspadSvr.exe><N/A>
[Google Updater Service / gusvc][Stopped/Manual Start]
  <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Print Manager / MOBILL][Stopped/Auto Start]
  <C:\WINDOWS\SYSTEM32\RUNDLLFOROUR.EXE C:\WINDOWS\SYSTEM32\WBEM\OYBLF.DLL,Export 1087><Microsoft Corporation>
[Win32 Debug Service / MSDebugsvc][Stopped/Auto Start]
  <C:\WINDOWS\system32\rundll32.exe msdebug.dll,input><Microsoft Corporation>
[Navoct / Navoct][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\Program Files\iesnap\navoct.dll>< >
[Rising Proxy  Service / RfwProxySrv][Stopped/Manual Start]
  <d:\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
  <d:\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"D:\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
  <"D:\RISING\RAV\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[Remote Route Service / Security][Stopped/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\iwjqt.dll><N/A>
[Win32 Display Driver / Win32DDS][Stopped/Auto Start]
  <C:\WINDOWS\system32\rundll32.exe windds32.dll,input><Microsoft Corporation>
[Windows xptu RunThem / xptu][Stopped/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\PROGRA~1\skop\cuyz.dll><N/A>

==================================
驱动程序
[Lenovo Virtual Power Controller Driver / ACPIVPC][Running/Manual Start]
  <system32\DRIVERS\AcpiVpc.sys><Lenovo Corporation>
[Agere Systems Soft Modem / AgereSoftModem][Running/Manual Start]
  <system32\DRIVERS\AGRSM.sys><Agere Systems>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[Broadcom 440x 10/100 Integrated Controller XP Driver / bcm4sbxp][Running/Manual Start]
  <system32\DRIVERS\bcm4sbxp.sys><Broadcom Corporation>
[cdnprot / cdnprot][Running/Boot Start]
  <\SystemRoot\system32\drivers\cdnprot.sys><中国互联网络信息中心(CNNIC)>
[cdntran / cdntran][Running/Auto Start]
  <system32\drivers\cdntran.sys><CNNIC>
[CelInDrv / CelInDrv][Stopped/Disabled]
  <\??\C:\WINDOWS\system32\Drivers\CelInDriver.sys><N/A>
[CnsMinKP / CnsMinKP][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\CnsMinKP.sys><Copyright (C) 3721 Corporation.>
[Dritek HotKey Keyboard Filter Driver / DKbFltr][Running/Manual Start]
  <System32\Drivers\DKbFltr.sys><Dritek System Inc.>
[eehadbfd / eehadbfd][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\eehadbfd.sys><N/A>
[ExpScaner / ExpScaner][Running/Auto Start]
  <\??\D:\RISING\RAV\ExpScan.sys><>
[AVC Finger-sensing Pad Driver for Windows 2000/XP / fspad][Running/Manual Start]
  <system32\DRIVERS\fspad.sys><Asia Vital Components Co.,Ltd.>
[HookCont / HookCont][Running/Auto Start]
  <\??\D:\RISING\RAV\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
  <\??\D:\RISING\RAV\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
  <\??\D:\RISING\RAV\HookSys.sys><Rising>
[HookUrl / HookUrl][Running/Auto Start]
  <\??\D:\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[ialm / ialm][Running/Manual Start]
  <system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[IsDrv120 / IsDrv120][Running/System Start]
  <\SystemRoot\System32\Drivers\IsDrv120.sys><N/A>
[MEMSCAN / MEMSCAN][Running/Auto Start]
  <\??\D:\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[mProcRs / mProcRs][Running/Auto Start]
  <\??\d:\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[Netgroup Packet Filter / NPF][Stopped/Manual Start]
  <system32\drivers\npf.sys><CACE Technologies>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\D:\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsFwDrv / RsFwDrv][Running/Auto Start]
  <\??\D:\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
  <\??\D:\RISING\RAV\RSPPSYS.sys><Rising>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[tifm21 / tifm21][Running/Manual Start]
  <system32\drivers\tifm21.sys><Texas Instruments>
[uoaz / uoazv][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\uoazv.sys><N/A>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[VIMICRO USB PC Camera / ZSMC301b][Stopped/Manual Start]
  <System32\Drivers\usbVM31b.sys><VM>

==================================