2006-10-16,15:41:16
System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><D:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<run><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<AVP><"E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"> [Kaspersky Lab]
<Wopti Memory Defreg><E:\Program Files\Wopti\WoptiMem.exe> [N/A]
<TkBellExe><"D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
<uninsrest><D:\DOCUME~1\林浩然~1\LOCALS~1\Temp\uninrest.exe> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Corporation]
<Userinit><D:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
<WinlogonNotify: klogon><D:\WINDOWS\system32\klogon.dll> [Kaspersky Lab]
==================================
启动文件夹
N/A
==================================
服务
[Kaspersky Anti-Virus 6.0 / AVP]
<"E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r><Kaspersky Lab>
[Brother Popup Suspend service for Resource manager / brmfrmps]
<"D:\WINDOWS\system32\Brmfrmps.exe" -service ><Brother Industries, Ltd.>
[BrSplService / Brother XP spl Service]
<D:\WINDOWS\system32\brsvc01a.exe><brother Industries Ltd>
[Gray_Pigeon / GrayPigeon]
<><N/A>
[Human Interface Device Access / HidServ]
<D:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[InstallDriver Table Manager / IDriverT]
<"D:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe"><Macrovision Corporation>
[iPodService / iPodService]
<><N/A>
[VMware DHCP Service / VMnetDHCP]
<><N/A>
[VMware NAT Service / VMware NAT Service]
<><N/A>
==================================
驱动程序
[Service for Realtek AC97 Audio (WDM) / ALCXWDM]
<system32\drivers\ALCXWDM.SYS><N/A>
[ati2mtag / ati2mtag]
<system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[Rising TDI Base Driver / BaseTDI]
<System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[Brother MFC Filter Driver / brfilt]
<System32\Drivers\Brfilt.sys><Brother Industries Ltd.>
[Brother Serial driver / BrSerWDM]
<System32\Drivers\BrSerWdm.sys><Brother Industries Ltd.>
[Brother MFC USB Fax Only Modem / BrUsbMdm]
<System32\Drivers\BrUsbMdm.sys><Brother Industries Ltd.>
[Brother MFC USB Scanner driver / BrUsbScn]
<System32\Drivers\BrUsbScn.sys><Brother Industries Ltd.>
[cdnprot / cdnprot]
<\SystemRoot\system32\drivers\cdnprot.sys><中国互联网络信息中心(CNNIC)>
[Cdr4_XP / Cdr4_XP]
<D:\WINDOWS\SYSTEM32\DRIVERS\Cdr4_XP.SYS><Roxio>
[Cdralw2k / Cdralw2k]
<D:\WINDOWS\SYSTEM32\DRIVERS\Cdralw2k.SYS><Roxio>
[cdrbsdrv / cdrbsdrv]
<D:\WINDOWS\SYSTEM32\DRIVERS\cdrbsdrv.SYS><B.H.A Corporation>
[Cdsys / Cdsys]
<\??\D:\WINDOWS\system32\cdcd.sys><N/A>
[CKG005 / CKG005]
<\??\D:\WINDOWS\TEMP\2q.syszhrcqw.sys><N/A>
[fdfidhib / fdfidhib]
<\??\D:\WINDOWS\system32\drivers\fdfidhib.sys><N/A>
[fjghhefc / fjghhefc]
<\??\D:\WINDOWS\system32\drivers\fjghhefc.sys><N/A>
[GEARAspiWDM / GEARAspiWDM]
<System32\Drivers\GEARAspiWDM.sys><GEAR Software Inc.>
[HOOKAPI / HOOKAPI]
<\??\E:\PROGRAM FILES\RISING\RAV\HookApi.Sys><N/A>
[ids0004C / ids0004C]
<\??\D:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0004C.sys><N/A>
[iiidfhjc / iiidfhjc]
<\??\D:\WINDOWS\system32\drivers\iiidfhjc.sys><N/A>
[jdy#hook / jdy#hook]
<\??\D:\Documents and Settings\★林☆\hknm.sys><N/A>
[kl1 / kl1]
<\SystemRoot\system32\drivers\kl1.sys><Kaspersky Lab>
[klif / klif]
<\??\D:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>
[kmsinput / kmsinput]
<\??\D:\WINDOWS\system32\drivers\kmsinput.sys><N/A>
[npkcrypt / npkcrypt]
<\??\E:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[npkycryp / npkycryp]
<\??\E:\Program Files\Tencent\QQ\npkycryp.sys><N/A>
[NPPTNT2 / NPPTNT2]
<\??\D:\WINDOWS\system32\npptNT2.sys><INCA Internet Co., Ltd.>
[PnpWmkDrv / PnpWmkDrv]
<\??\D:\WINDOWS\system32\drivers\PnpWmkDrv.sys><N/A>
[Direct Parallel Link Driver / Ptilink]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver / rtl8139]
<system32\DRIVERS\R8139n51.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv]
<system32\DRIVERS\secdrv.sys><N/A>
[Sony Digital Imaging Video2 / sonypvs1]
<system32\DRIVERS\sonypvs1.sys><Sony Corporation>
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1]
<system32\DRIVERS\SONYPVU1.SYS><Sony Corporation>
[TCP/IP Protocol Driver / Tcpip]
<system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[TSP / TSP]
<\??\D:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>
[UCAM-N1C30 SERIES / USBZC0301]
<System32\Drivers\usbcam.sys><ZSMC>
[ViaIde / ViaIde]
<\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>
[Vinyl AC'97 Audio Controller (WDM) / VIAudio]
<system32\drivers\vinyl97.sys><VIA Technologies, Inc.>
==================================
浏览器加载项
[QQBrowserHelper
Object Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <E:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[CdnForIE Class]
{5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <D:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <e:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[启动迅雷]
{0062C9BD-B349-40DE-91A0-755F37ACD559} <e:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[Web Anti-Virus]
{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll, Kaspersky Lab>
[CdnForIE Class]
{5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <D:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[QQIEFloatBarCfgCmd Class]
{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <E:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <D:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[BitComet工具栏]
{3F1ABCDB-A875-46c1-8345-B72A4567E486} <E:\Program Files\BitComet\BitCometBar\BitCometBar0.6.dll, N/A>
[BitComet工具栏]
{3F1ABCDB-A875-46C1-8345-B72A4567E486} <E:\Program Files\BitComet\BitCometBar\BitCometBar0.6.dll, N/A>
[QQBrowserHelper
Object Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <E:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[CdnForIE Class]
{5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <D:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <D:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <e:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Shockwave Flash
Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <D:\WINDOWS\system32\Macromed\flash\flash8.ocx, Macromedia, Inc.>
[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <D:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[&使用迅雷下载]
<e:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
<e:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
==================================
正在运行的进程
N/A
==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM Error. [hh.exe %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI Error. [notepad.exe %1]
.INF Error. [notepad.exe %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
MSAFD Tcpip [TCP/IP]
D:\WINDOWS\system32\ESPI11.dll(DYWT, ESPI)
MSAFD Tcpip [UDP/IP]
D:\WINDOWS\system32\ESPI11.dll(DYWT, ESPI)
MSAFD Tcpip [RAW/IP]
D:\WINDOWS\system32\ESPI11.dll(DYWT, ESPI)
RSVP UDP Service Provider
D:\WINDOWS\system32\ESPI11.dll(DYWT, ESPI)
RSVP TCP Service Provider
D:\WINDOWS\system32\ESPI11.dll(DYWT, ESPI)
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1 localhost
==================================
