[CODE]
2008-04-06,20:48:04
System Repair Engineer 2.6.2.928
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher]
<swg><C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe> [(Verified)Google Inc]
<Antispy ARP><C:\Program Files\Kingsoft\Antiarp\KASArp.EXE> [(Verified)KINGSOFT CORPORATION]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Windows Publisher]
<PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [(Verified)Microsoft Windows Component Publisher]
<PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [(Verified)Microsoft Windows Publisher]
<stup.exe><Rundll32.exe C:\PROGRA~1\TENCENT\SSPlus\SPlus1.dll,Rundll32 R> [(Verified)Tencent Technology(Shenzhen) Company Limited]
<CertificateRegistration><SafeSignCertReg.exe> [A.E.T. Europe B.V.]
<CloneCDElbyCDFL><"C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL> [Elaborate Bytes AG]
<Easy-PrintToolBox><C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon> [CANON INC.]
<NeroCheck><C:\WINDOWS\system32\\NeroCheck.exe> [Ahead Software Gmbh]
<BigDogPath><C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera> [File is missing]
<ssMgr_ccb><C:\Program Files\StarSec\ssMgr_ccb.exe -r> []
<TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.]
<TVTray><C:\PROGRA~1\10moons\天敏US~1\TVTray.exe> [10moons]
<NewsUpd><C:\Program Files\Creative\News\NewsUpd.EXE /q> [Creative Technology Ltd.]
<NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup> [(Verified)Microsoft Windows XP Publisher]
<nwiz><nwiz.exe /install> []
<NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit> [(Verified)Microsoft Windows Component Publisher]
<vtupdate><C:\WINDOWS\> [File is missing]
<RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup> [(Verified)BEIJING RISING SCIENCE AND TECHNOLOGY CORPORATION LIMITED]
<runeip><"C:\Program Files\Rising\AntiSpyware\runiep.exe" /startup> [Beijing Rising Technology Co., Ltd.]
<KernelFaultCheck><%systemroot%\system32\dumprep 0 -k> [File is missing]
<RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system> [(Verified)Beijing Rising Science and Technology Corporation Limited]
<fmsbbqi><C:\WINDOWS\fmsbbqi.exe> []
<mfchlp32><C:\WINDOWS\mfchlp32.exe> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
<KKDelay><C:\Program Files\Rising\AntiSpyware\RunOnce.exe> [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<DXDLG32><DXDLG.exe> [N/A]
<MSDWG32><LYLoadbr.exe> [N/A]
<MSDCG32 ><LYLeador.exe> [N/A]
<MSDOG32><LYLoador.exe> [N/A]
<MSDSG32><LYLoadar.exe> [N/A]
<MSDMG32><LYLoadmr.exe> [N/A]
<MSDHG32><LYLoadhr.exe> [N/A]
<MSDQG32><LYLoadqr.exe> [N/A]
<zsmstc><rundll32.exe C:\WINDOWS\system32\mxcdcsrv16_080321.dll start> [File is missing]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><mrjhtjd.dll,qrhhb.dll,xdfntt.dll,hgfhk.dll,hjaiq.dll,kduy.dll,frntrn.dll,dnteh.dll,chmfcmh.dll,jwlah.dll,crugd.dll,lariytrz.dll,thurh.dll,mgmgmm.dll,oqrthc.dll,ydgn.dll,dbfb.dll,fjnbv.dll,wmsat.dll,gmnait.dll,hfjg.dll,xdndn.dll,rgfjj.dll,dscef.dll,xfng.dll,njritc.dll,setrhes.dll,cdxbfxdb.dll,xfgnxfn.dll,gjkhj.dll,fxnfnh.dll,bjrvm.dll,ektvm.dll,fehom.dll,jyjlt.dll,ijatnaw.dll,sehhter.dll,fhjfg.dll,zdbdb.dll,rhs.dll,rdthr.dll,gjjte.dll,xgnfn.dll,xfgnhcgfm.dll,serger.dll,bnxnb.dll,fxgnfx.dll,jzijj.dll,xfgnfx.dll,serghjm.dll,thsddh.dll,xbcvxb.dll,zfdzb.dll,hkfgh.dll,drghszd.dll,fngn.dll,xdhdg.dll,zdbfbd.dll,fjyjy.dll,awef.dll,msepbe.dll,ieprot.dll> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
<{C0595A7E-2E2F-4B34-A83A-019270A0A464}><C:\WINDOWS\system32\tdffdl.dll> [File is missing]
<{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll> [(Verified)Beijing Rising Science and Technology Corporation Limited]
<{c4bf46a2-1c05-427d-992f-4e24f7d57f68}><C:\WINDOWS\system32\ttNNBNNB1047.dll> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellService
ObjectDelayLoad]
<WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3
