2006-10-15,11:00:32
System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Corporation]
<DrvMon.exe><C:\WINDOWS\system32\DrvMon.exe> [Alcor Micro, Corp.]
<Stamp><; "H:\Programe Files\it's important\Stamp\Stamp.exe" /background> [Fashion Now]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<kis><"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"> [Kaspersky Lab]
<RTHDCPL><RTHDCPL.EXE> [(Verified)Realtek Semiconductor Corp.]
<Alcmtr><ALCMTR.EXE> [(Verified)Realtek Semiconductor Corp.]
<NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup> [(Verified)NVIDIA Corporation]
<Power_Gear><C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1> [N/A]
<SynTPLpr><C:\Program Files\Synaptics\SynTP\SynTPLpr.exe> [(Verified)Synaptics, Inc.]
<SynTPEnh><C:\Program Files\Synaptics\SynTP\SynTPEnh.exe> [(Verified)Synaptics, Inc.]
<PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [(Verified)Microsoft Corporation]
<PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [(Verified)Microsoft Corporation]
<IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload> [(Verified)Microsoft Corporation]
<IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Corporation]
<High Definition Audio 属性页快捷方式><HDAShCut.exe> [(Verified)Windows (R) Server 2003 DDK provider]
<nwiz><nwiz.exe /install> [N/A]
<NeroFilterCheck><C:\WINDOWS\system32\NeroCheck.exe> [Ahead Software Gmbh]
<HControl><C:\WINDOWS\ATK0100\HControl.exe> [(Verified)]
<CnsMin><C:\WINDOWS\system32\NeroCheck.exe> [Ahead Software Gmbh]
<SearchNet_Up><; C:\WINDOWS\Downlo~1\SearchNet\ServeUp.exe> [N/A]
<SrvNet32><; RunDll32 "C:\WINDOWS\Downlo~1\SearchNet\SrvNet32.dll",Run> [中搜在线]
<vd3k><; RunDll32 "C:\WINDOWS\Downlo~1\vd3k.dll",Run> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll> [Kaspersky Lab]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellService
ObjectDelayLoad]
<SysTime><C:\PROGRA~1\WinKld\WinKld.dll> [www.88dog.com]
<themeadp><C:\WINDOWS\system32\themeadp.dll> [N/A]
<MediaCheck><H:\PROGRA~1\IT'SIM~1\Kuree\MService.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
<WinlogonNotify: klogon><C:\WINDOWS\system32\klogon.dll> [Kaspersky Lab]
[HKEY_CURRENT_USER\Control Panel\Desktop]
<SCRNSAVE.EXE><c:\windows\sunyan~1.scr> [N/A]
==================================
启动文件夹
[快捷方式 到 Rainlendar]
<C:\Documents and Settings\ASUS\「开始」菜单\程序\启动\快捷方式 到 Rainlendar.lnk --> H:\PROGRA~1\IT'SIM~1\RAINLE~1\RAINLE~1.EXE [N/A]><N>
==================================
服务
[aucup / aucup]
<C:\WINDOWS\TEMP\wincup\wincup.exe -R><N/A>
[aukld / aukld]
<C:\WINDOWS\TEMP\aukld\aukld.exe -R><N/A>
[卡巴斯基互联网安全套装 6.0 / AVP]
<"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r><Kaspersky Lab>
[JMediaService / JMediaService]
<C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\MMSASS~1\MMSSVER.DLL,Service><Microsoft Corporation>
[LightScribeService Direct Disc Labeling Service / LightScribeService]
<"C:\Program Files\Common Files\LightScribe\LSSrvc.exe"><Hewlett-Packard Company>
[NVIDIA Display Driver Service / NVSvc]
<C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[StdService / StdService]
<C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\System32\STDSVER.DLL,Service><Microsoft Corporation>
==================================
驱动程序
[Albus / Albus]
<\SystemRoot\system32\drivers\Albus.SYS><N/A>
[BisonCam, NB Pro / Cam5603D]
<System32\Drivers\BisonCam.sys><Bison Electronics. Inc.>
[dtscsi / dtscsi]
<\SystemRoot\System32\Drivers\dtscsi.sys><DT Soft Ltd.>
[dump_wmimmc / dump_wmimmc]
<\??\C:\WINDOWS\system32\drivers\dump_wmimmc.sys><N/A>
[Microsoft 用于 High Definition Audio 服务的 UAA 功能驱动程序 / HdAudAddService]
<system32\drivers\HdAudio.sys><Windows (R) Server 2003 DDK provider>
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus]
<system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[HidProcess / HidProcess]
<system32\drivers\hprocess.sys><N/A>
[hunv / hunv]
<\??\C:\WINDOWS\system32\drivers\hunv.sys><N/A>
[ids00035 / ids00035]
<\??\C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00035.sys><N/A>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService]
<system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[kl1 / kl1]
<\SystemRoot\system32\drivers\kl1.sys><Kaspersky Lab>
[klif / klif]
<\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>
[ATK0100 ACPI UTILITY / MTsensor]
<system32\DRIVERS\ATKACPI.sys><>
[npkcrypt / npkcrypt]
<\??\C:\Program Files\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[npkcusb / npkcusb]
<\??\C:\Program Files\QQ\npkcusb.sys><INCA Internet Co., Ltd.>
[nv / nv]
<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[R592 / R592]
<\SystemRoot\system32\DRIVERS\R592.sys><REDC>
[risdpntk / risdpntk]
<\SystemRoot\system32\DRIVERS\risdpntk.sys><REDC>
[Secdrv / Secdrv]
<system32\DRIVERS\secdrv.sys><N/A>
[sptd / sptd]
<\SystemRoot\System32\Drivers\sptd.sys><N/A>
[USB2.0 1.3M Web Cam / SynMini]
<System32\Drivers\SynMini.sys><Syntek America Inc.>
[USB2.0 1.3M Web Cam Still Image / SynScan]
<System32\Drivers\SynScan.sys><Syntek America Inc.>
[Synaptics TouchPad Driver / SynTP]
<system32\DRIVERS\SynTP.sys><Synaptics, Inc.>
[TCP/IP Protocol Driver / Tcpip]
<system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[TSP / TSP]
<\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>
[World Standard Teletext Codec / WSTCODEC]
<system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
==================================
浏览器加载项
[Vision]
{6671A431-5C3D-463d-A7CF-5587F9B7E191} <C:\PROGRA~1\MMSASS~1\mmsass~1.dll, N/A>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <H:\Programe Files\it's important\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[bho Class]
{ED8DFC5C-10EF-45AB-9DC2-0639AFF5A270} <C:\PROGRA~1\COMMON~1\Wnwb\wnwbio.dll, 深圳世强软件开发部>
[启动迅雷]
{0062C9BD-B349-40DE-91A0-755F37ACD559} <H:\Programe Files\it's important\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[信息检索(&R)]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[MUWebControl Class]
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, Microsoft Corporation>
[Shockwave Flash
Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[pCastPanel Class]
{FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} <C:\Program Files\PCAST\pCastCtl\pcastctl.dll, >
[IEMonitor Class]
{08A312BB-5409-49FC-9347-54BB7D069AC6} <C:\Program Files\DeskAdTop\deskipn.dll, N/A>
[Windows Genuine Advantage Validation Tool]
{17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, Microsoft Corporation>
[EWA Control]
{18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\COMMON~1\Synacast\SynaLive\SYNACA~1.OCX, Synacast>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[Tabular Data Control]
{333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\WINDOWS\system32\tdc.ocx, Microsoft Corporation>
[IE Browser Helper]
{3CE496D1-1746-41CD-9489-3C0B93DF10E2} <C:\WINDOWS\Downlo~1\ldv8c2.dll, N/A>
[NaviHelperObj Class]
{3E422F49-1566-40D3-B43D-077EF739AC32} <C:\WINDOWS\system32\NaviHelper.dll, N/A>
[TVAnts ActiveX Control]
{4C833081-D026-4FF8-968F-7EAB660D2FBA} <C:\PROGRA~1\TVAnts\TvantsX.ocx, Zhejiang University>
[HHCtrl
Object]
{52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[QQBrowserHelper
Object Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, N/A>
[Shell Name Space]
{55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
[CImWebObj
Object]
{5C56F4A7-71FC-4FFD-A9D7-18FB87A9DFC6} <H:\Programe Files\it's important\5q校园通\校园通\5QImWeb.dll, TODO: <公司名>>
[PowerPlayer Control]
{5EC7C511-CD0F-42E6-830C-1BD9882F3458} <C:\DOCUME~1\ASUS\APPLIC~1\ppStream\100~1.138\POWERP~1.DLL, PPStream Inc.>
[Vision]
{6671A431-5C3D-463D-A7CF-5587F9B7E191} <C:\PROGRA~1\MMSASS~1\mmsass~1.dll, N/A>
[stdup]
{6A512BF7-EC78-4E8D-9841-6C02E8FA9838} <C:\WINDOWS\SYSTEM32\stdup.dll, N/A>
