[CODE]

2007-04-07,08:25:01

System Repair Engineer 2.4.12.806
Smallfrogs (http://www.KZTechs.com)

Windows Vista Home Edition  (Build 6000) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <Sidebar><C:\Program Files\Windows Sidebar\sidebar.exe /autoRun>  [(Verified)Microsoft Windows]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <Windows Defender><%ProgramFiles%\Windows Defender\MSASCui.exe -hide>  [(Verified)Microsoft Windows]
    <avast!><C:\PROGRA~1\ALWILS~1\Avast\ashDisp.exe>  [(Verified)ALWIL Software]
    <MC315><"C:\Program Files\ZTE MC315\Startup.exe">  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><explorer.exe>  [(Verified)Microsoft Windows]
    <Userinit><C:\Windows\system32\userinit.exe,>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]

==================================
启动文件夹
N/A

==================================

==================================
服务
[avast! iAVS4 Control Service / aswUpdSv][Running/Auto Start]
  <"C:\Program Files\Alwil Software\Avast\aswUpdSv.exe"><N/A>
[avast! Antivirus / avast! Antivirus][Running/Auto Start]
  <"C:\Program Files\Alwil Software\Avast\ashServ.exe"><>
[avast! Mail Scanner / avast! Mail Scanner][Running/Manual Start]
  <"C:\Program Files\Alwil Software\Avast\ashMaiSv.exe" /service><ALWIL Software>
[avast! Web Scanner / avast! Web Scanner][Running/Manual Start]
  <"C:\Program Files\Alwil Software\Avast\ashWebSv.exe" /service><ALWIL Software>
[SmartLinkService / SLService][Running/Auto Start]
  <slserv.exe><>

==================================
驱动程序
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
  <system32\drivers\ac97intc.sys><Intel Corporation>
[adp94xx / adp94xx][Stopped/Disabled]
  <\SystemRoot\system32\drivers\adp94xx.sys><Adaptec, Inc.>
[adpahci / adpahci][Stopped/Disabled]
  <\SystemRoot\system32\drivers\adpahci.sys><Adaptec, Inc.>
[adpu160m / adpu160m][Stopped/Disabled]
  <\SystemRoot\system32\drivers\adpu160m.sys><Adaptec, Inc.>
[adpu320 / adpu320][Stopped/Disabled]
  <\SystemRoot\system32\drivers\adpu320.sys><Adaptec, Inc.>
[aic78xx / aic78xx][Stopped/Disabled]
  <\SystemRoot\system32\drivers\djsvs.sys><Adaptec, Inc.>
[aliide / aliide][Stopped/Disabled]
  <\SystemRoot\system32\drivers\aliide.sys><Acer Laboratories Inc.>
[amdide / amdide][Stopped/Disabled]
  <\SystemRoot\system32\drivers\amdide.sys><Microsoft Corporation>
[arc / arc][Stopped/Disabled]
  <\SystemRoot\system32\drivers\arc.sys><Adaptec, Inc.>
[arcsas / arcsas][Stopped/Disabled]
  <\SystemRoot\system32\drivers\arcsas.sys><Adaptec, Inc.>
[aswMonFlt / aswMonFlt][Running/Auto Start]
  <system32\DRIVERS\aswMonFlt.sys><N/A>
[blbdrive / blbdrive][Stopped/Disabled]
  <\SystemRoot\system32\drivers\blbdrive.sys><N/A>
[Brother USB Mass-Storage Lower Filter Driver / BrFiltLo][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\brfiltlo.sys><Brother Industries, Ltd.>
[Brother USB Mass-Storage Upper Filter Driver / BrFiltUp][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\brfiltup.sys><Brother Industries, Ltd.>
[Brother MFC Serial Port Interface Driver (WDM) / Brserid][Stopped/Disabled]
  <\SystemRoot\system32\drivers\brserid.sys><Brother Industries Ltd.>
[Brother WDM Serial driver / BrSerWdm][Stopped/Disabled]
  <\SystemRoot\system32\drivers\brserwdm.sys><Brother Industries Ltd.>
[Brother MFC USB Fax Only Modem / BrUsbMdm][Stopped/Disabled]
  <\SystemRoot\system32\drivers\brusbmdm.sys><Brother Industries Ltd.>
[Brother MFC USB Serial WDM Driver / BrUsbSer][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\brusbser.sys><Brother Industries Ltd.>
[cmdide / cmdide][Stopped/Disabled]
  <\SystemRoot\system32\drivers\cmdide.sys><CMD Technology, Inc.>
[Intel(R) PRO/1000 NDIS 6 Adapter Driver / E1G60][Stopped/Manual Start]
  <system32\DRIVERS\E1G60I32.sys><Intel Corporation>
[elxstor / elxstor][Stopped/Disabled]
  <\SystemRoot\system32\drivers\elxstor.sys><Emulex>
[HpCISSs / HpCISSs][Stopped/Disabled]
  <\SystemRoot\system32\drivers\hpcisss.sys><Hewlett-Packard Company>
[ialm / ialm][Running/Manual Start]
  <system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[Intel RAID Controller Vista / iaStorV][Stopped/Disabled]
  <\SystemRoot\system32\drivers\iastorv.sys><Intel Corporation>
[iirsp / iirsp][Stopped/Disabled]
  <\SystemRoot\system32\drivers\iirsp.sys><Intel Corp./ICP vortex GmbH>
[ITEATAPI_Service_Install / iteatapi][Stopped/Disabled]
  <\SystemRoot\system32\drivers\iteatapi.sys><Integrated Technology Express, Inc.>
[ITERAID_Service_Install / iteraid][Stopped/Disabled]
  <\SystemRoot\system32\drivers\iteraid.sys><Integrated Technology Express, Inc.>
[LSI_FC / LSI_FC][Stopped/Disabled]
  <\SystemRoot\system32\drivers\lsi_fc.sys><LSI Logic>
[LSI_SAS / LSI_SAS][Stopped/Disabled]
  <\SystemRoot\system32\drivers\lsi_sas.sys><LSI Logic>
[LSI_SCSI / LSI_SCSI][Stopped/Disabled]
  <\SystemRoot\system32\drivers\lsi_scsi.sys><LSI Logic>
[megasas / megasas][Stopped/Disabled]
  <\SystemRoot\system32\drivers\megasas.sys><LSI Logic Corporation>
[Mraid35x / Mraid35x][Stopped/Disabled]
  <\SystemRoot\system32\drivers\mraid35x.sys><LSI Logic Corporation>
[Mtlmnt5 / Mtlmnt5][Running/Manual Start]
  <system32\DRIVERS\Mtlmnt5.sys><>
[Mtlstrm / Mtlstrm][Stopped/Manual Start]
  <system32\DRIVERS\Mtlstrm.sys><>
[nfrd960 / nfrd960][Stopped/Disabled]
  <\SystemRoot\system32\drivers\nfrd960.sys><IBM Corporation>
[NtMtlFax / NtMtlFax][Stopped/Manual Start]
  <system32\DRIVERS\NtMtlFax.sys><>
[N-trig HID Tablet Driver / ntrigdigi][Stopped/Disabled]
  <\SystemRoot\system32\drivers\ntrigdigi.sys><N-trig Innovative Technologies>
[nvraid / nvraid][Stopped/Disabled]
  <\SystemRoot\system32\drivers\nvraid.sys><NVIDIA Corporation>
[nvstor / nvstor][Stopped/Disabled]
  <\SystemRoot\system32\drivers\nvstor.sys><NVIDIA Corporation>
[OX16C95x Serial port driver / oxser][Running/System Start]
  <system32\DRIVERS\oxser.sys><OEM>
[QLogic Fibre Channel Miniport Driver / ql2300][Stopped/Disabled]
  <\SystemRoot\system32\drivers\ql2300.sys><QLogic Corporation>
[QLogic iSCSI Miniport Driver / ql40xx][Stopped/Disabled]
  <\SystemRoot\system32\drivers\ql40xx.sys><QLogic Corporation>
[Realtek 10/100 NIC 系列 NDIS x86 驱动程序 / RTL8023xp][Running/Manual Start]
  <system32\DRIVERS\Rtnicxp.sys><Realtek Semiconductor Corporation>
[SiSRaid2 / SiSRaid2][Stopped/Disabled]
  <\SystemRoot\system32\drivers\sisraid2.sys><Silicon Integrated Systems Corp.>
[SiSRaid4 / SiSRaid4][Stopped/Disabled]
  <\SystemRoot\system32\drivers\sisraid4.sys><Silicon Integrated Systems>
[SmartLink AMR_PCI Driver / Slntamr][Running/Manual Start]
  <system32\DRIVERS\slntamr.sys><>
[SlNtHal / SlNtHal][Stopped/Manual Start]
  <system32\DRIVERS\Slnthal.sys><>
[SlWdmSup / SlWdmSup][Running/Manual Start]
  <system32\DRIVERS\SlWdmSup.sys><Vireo Software>
[SMSC 红外线设备驱动程序 / SMSCIRDA][Running/Manual Start]
  <system32\DRIVERS\SMSCirda.sys><SMSC>
[Symc8xx / Symc8xx][Stopped/Disabled]
  <\SystemRoot\system32\drivers\symc8xx.sys><LSI Logic>
[Sym_hi / Sym_hi][Stopped/Disabled]
  <\SystemRoot\system32\drivers\sym_hi.sys><LSI Logic>
[Sym_u3 / Sym_u3][Stopped/Disabled]
  <\SystemRoot\system32\drivers\sym_u3.sys><LSI Logic>
[uliahci / uliahci][Stopped/Disabled]
  <\SystemRoot\system32\drivers\uliahci.sys><ULi Electronics Inc.>
[UlSata / UlSata][Stopped/Disabled]
  <\SystemRoot\system32\drivers\ulsata.sys><Promise Technology, Inc.>
[ulsata2 / ulsata2][Stopped/Disabled]
  <\SystemRoot\system32\drivers\ulsata2.sys><Promise Technology, Inc.>
[viaide / viaide][Stopped/Disabled]
  <\SystemRoot\system32\drivers\viaide.sys><VIA Technologies, Inc.>
[vsmraid / vsmraid][Stopped/Disabled]
  <\SystemRoot\system32\drivers\vsmraid.sys><VIA Technologies Inc.,Ltd>

==================================

==================================
浏览器加载项
[Adobe PDF Reader Link Helper]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Adobe PDF Reader Link Helper]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[VistaWUWebControl Class]
  {12A66224-5E8A-4679-8941-0B9B960BF5EA} <%SystemRoot%\system32\wuwebv.dll, N/A>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\Windows\system32\LegitCheckControl.DLL, Microsoft Corporation>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\Windows\System32\wmpdxm.dll, Microsoft Corporation>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <%SystemRoot%\system32\wmp.dll, N/A>
[Microsoft Web Browser]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\Windows\system32\ieframe.dll, Microsoft Corporation>
[Wipe]
  {AF279B30-86EB-11D1-81BF-0000F87557DB} <C:\Windows\system32\Dxtmsft.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\Windows\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[XML HTTP Request]
  {ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\System32\msxml3.dll, N/A>
[XML HTTP]
  {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, N/A>
[上传到QQ网络硬盘]
  <C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[添加到QQ自定义面板]
  <C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>

==================================
正在运行的进程
[PID: 328][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 400][C:\Windows\system32\csrss.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1488][C:\Windows\system32\Dwm.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1540][C:\Windows\Explorer.EXE]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [C:\Windows\system32\icm32.dll]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1548][C:\Windows\system32\taskeng.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1756][C:\Program Files\Windows Defender\MSASCui.exe]  [Microsoft Corporation, 1.1.1505.0]
[PID: 1764][C:\Program Files\Alwil Software\Avast\ashDisp.exe]  [, 4, 7, 936, 0]
    [C:\Program Files\Alwil Software\Avast\aswCmnOS.dll]  [ALWIL Software, 4, 7, 936, 0]
    [C:\Windows\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Alwil Software\Avast\ashBase.dll]  [ALWIL Software, 4, 7, 936, 0]
    [C:\Program Files\Alwil Software\Avast\aswCmnB.dll]  [ALWIL Software, 4, 7, 936, 0]
    [C:\Program Files\Alwil Software\Avast\aswCmnS.dll]  [ALWIL Software, 4, 7, 936, 0]
    [C:\Program Files\Alwil Software\Avast\ashTask.dll]  [ALWIL Software, 4, 7, 936, 0]
    [C:\Program Files\Alwil Software\Avast\aswAux.dll]  [ALWIL Software, 4, 7, 936, 0]
    [C:\Program Files\Alwil Software\Avast\Aavm4h.dll]  [ALWIL Software, 4, 7, 936, 0]
    [C:\Program Files\Alwil Software\Avast\ChineseS\Base.dll]  [ALWIL Software, 4, 7, 936, 0]
    [C:\Program Files\Alwil Software\Avast\ChineseS\Lang.dll]  [ALWIL Software, 4, 7, 936, 0]
    [C:\Windows\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Alwil Software\Avast\AavmRpch.dll]  [ALWIL Software, 4, 7, 936, 0]
    [c:\program files\alwil software\avast\ahruijs.dll]  [, 4, 7, 936, 0]
    [C:\Program Files\Alwil Software\Avast\ashUInt.dll]  [ALWIL Software, 4, 7, 936, 0]
    [C:\Program Files\Alwil Software\Avast\XT1922.dll]  [Codejock Software, 1, 9, 4, 0]
    [c:\program files\alwil software\avast\ahruimai.dll]  [ALWIL Software, 4, 7, 936, 0]
    [c:\program files\alwil software\avast\ahruimes.dll]  [ALWIL Software, 4, 7, 936, 0]
    [c:\program files\alwil software\avast\ahruins.dll]  [ALWIL Software, 4, 7, 936, 0]
    [c:\program files\alwil software\avast\ahruiout.dll]  [ALWIL Software, 4, 7, 936, 0]
    [c:\program files\alwil software\avast\ahruip2p.dll]  [ALWIL Software, 4, 7, 936, 0]
    [c:\program files\alwil software\avast\ahruistd.dll]  [ALWIL Software, 4, 7, 936, 0]
    [c:\program files\alwil software\avast\ahruiws.dll]  [ALWIL Software, 4, 7, 936, 0]
[PID: 1836][C:\Program Files\Windows Sidebar\sidebar.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [C:\Program Files\Alwil Software\Avast\AhAScr.dll]  [ALWIL Software, 4, 7, 936, 0]
    [C:\Windows\system32\icm32.dll]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 2676][C:\Windows\system32\wbem\unsecapp.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 312][C:\Program Files\Tools\SReng\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]

==================================

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["%SystemRoot%\hh.exe" %1]
.HLP  OK. [%SystemRoot%\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. ["%SystemRoot%\System32\WScript.exe" "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost
::1            localhost

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]