2007-04-19,16:17:47
System Repair Engineer 2.4.12.806
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
启动项目
注册表
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
<ctfmon.exe><C:WINDOWSsystem32ctfmon.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USERSoftwareMicrosoftWindows NTCurrentVersionWindows]
<load><> [N/A]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
<IMJPMIG8.1><"C:WINDOWSIMEimjp8_1IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Windows Publisher]
<PHIME2002ASync><C:WINDOWSsystem32IMETINTLGNTTINTSETP.EXE /SYNC> [(Verified)Microsoft Windows Publisher]
<PHIME2002A><C:WINDOWSsystem32IMETINTLGNTTINTSETP.EXE /IMEName> [(Verified)Microsoft Windows Publisher]
<IgfxTray><C:WINDOWSsystem32igfxtray.exe> [(Verified)Microsoft Windows Publisher]
<HotKeysCmds><C:WINDOWSsystem32hkcmd.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<Persistence><C:WINDOWSsystem32igfxpers.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<RTHDCPL><RTHDCPL.EXE> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<SkyTel><SkyTel.EXE> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<Alcmtr><ALCMTR.EXE> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<IMSCMig><C:PROGRA~1COMMON~1MICROS~1IMEIMSC40AIMSCMIG.EXE /Preload> [(Verified)Microsoft Corporation]
<WinVNC><"c:winsockwinvncwinvnc.exe" -servicehelper> [RealVNC Ltd.]
<NuTCSetupEnviron><C:Program FilesRationalRational Testnutcrootbinncoeenv.exe> []
<Acrobat Assistant 7.0><"C:Program FilesAdobeAcrobat 7.0DistillrAcrotray.exe"> [Adobe Systems Inc.]
<kav><"C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0avp.exe"> [Kaspersky Lab]
<360Safetray><C:Program Files360safesafemon360Tray.exe /start> [奇虎网]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunOnce]
<avp6_post_uninstall><> [N/A]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionWinlogon]
<shell><EXPLORER.EXE> [(Verified)Microsoft Windows Publisher]
<Userinit><C:WINDOWSsystem32userinit.exe,> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionWindows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionWinlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
<{57954A45-4A45-7956-4579-A4595A457956}><C:Program FilesCommon FilesMicrosoft SharedMSINFO4A457956.dll> [N/A]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyigfxcui]
<WinlogonNotify: igfxcui><igfxdev.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyklogon]
<WinlogonNotify: klogon><C:WINDOWSsystem32klogon.dll> [Kaspersky Lab]
==================================
启动文件夹
[Adobe Acrobat Speed Launcher]
<C:Documents and SettingsAll Users「开始」菜单程序启动Adobe Acrobat Speed Launcher.lnk --> C:WINDOWSInstaller{AC76BA86-2052-0000-7760-100000000002}SC_Acrobat.exe [N/A]><N>
[Rainlendar精美日历]
<C:Documents and Settingsyl「开始」菜单程序启动Rainlendar精美日历.lnk --> C:PROGRA~1RAINLE~1RAINLE~1.EXE [N/A]><N>
==================================
服务
[Human Interface Device Access / HidServ][Stopped/Disabled]
<C:WINDOWSSystem32svchost.exe -k netsvcs-->%SystemRoot%System32hidserv.dll><N/A>
[Rational ClearQuest Mail Service / MailService][Stopped/Auto Start]
<"C:Program FilesRationalClearQuestmailservice.exe"><N/A>
[NuTCRACKERService / NuTCRACKERService][Running/Auto Start]
<C:WINDOWSsystem32nutsrv4.exe><DataFocus, Inc.>
[ProxyServer Service / ProxyServerService][Stopped/Manual Start]
<"C:Program FilesRationalRational Testrtpxsr.exe"><Rational Software>
[Rational Test Agent Service / RationalTestAgentService][Stopped/Manual Start]
<"C:Program FilesRationalRational Testrtpsvc.exe"><Rational Software>
[Remote Packet Capture Protocol v.0 (experimental) / rpcapd][Stopped/Manual Start]
<"C:Program FilesWinPcaprpcapd.exe" -d -f "C:Program FilesWinPcaprpcapd.ini"><CACE Technologies>
[Visual Studio Analyzer RPC bridge / Visual Studio Analyzer RPC bridge][Stopped/Manual Start]
<C:Program FilesMicrosoft Visual StudioCommonToolsVS-Ent98Vanalyzrvarpc.exe><Microsoft Corporation>
[Windows FileExe / WindowsDown][Stopped/Auto Start]
<C:WINDOWSsystem32servet.exe><N/A>
[VNC Server / winvnc][Running/Auto Start]
<"c:winsockwinvncwinvnc.exe" -service><RealVNC Ltd.>
[卡巴斯基反病毒6.0 / AVP][Stopped/Auto Start]
<"C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0avp.exe" -r><Kaspersky Lab>
==================================
驱动程序
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
<system32DRIVERSHDAudBus.sys><Windows (R) Server 2003 DDK provider>
[ialm / ialm][Running/Manual Start]
<system32DRIVERSigxpmp32.sys><Intel Corporation>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
<system32driversRtkHDAud.sys><Realtek Semiconductor Corp.>
[NetGroup Packet Filter Driver / NPF][Stopped/Manual Start]
<system32driversnpf.sys><CACE Technologies>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32DRIVERSptilink.sys><Parallel Technologies, Inc.>
[Realtek 10/100/1000 NIC Family all in one NDIS XP Driver / RTL8023xp][Running/Manual Start]
<system32DRIVERSRtlnicxp.sys><Realtek Semiconductor Corporation>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start]
<system32DRIVERSRTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32DRIVERSsecdrv.sys><N/A>
[klif / klif][Running/System Start]
<??C:WINDOWSsystem32driversklif.sys><Kaspersky Lab>
[kl1 / kl1][Stopped/Boot Start]
<SystemRootsystem32driverskl1.sys><Kaspersky Lab>
==================================
浏览器加载项
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll, Adobe Systems Incorporated>
[IeCatch2 Class]
{A5366673-E8CA-11D3-9CD9-0090271D075B} <C:PROGRA~1FLASHGETjccatch.dll, Amaze Soft>
[AcroIEToolbarHelper Class]
{AE7CD045-E861-484f-8273-0445EE161910} <C:Program FilesAdobeAcrobat 7.0AcrobatAcroIEFavClient.dll, Adobe Systems Incorporated>
[NavigatMon Class]
{B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:PROGRA~1360safesafemonsafemon.dll, >
[江民在线杀毒]
{06926B30-424E-4f1c-8EE3-543CD96573DC} <http://online.jiangmin.com/online.asp, N/A>
[Web反病毒保护]
{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0scieplugin.dll, Kaspersky Lab>
[信息检索(&R)]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL, Microsoft Corporation>
[FlashGet]
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <C:PROGRA~1FLASHGETflashget.exe, Amaze Soft>
[DigitalTrafic Control]
{7FC22A16-79E6-4787-9C96-B6359BB1106D} <C:WINDOWSDIGITA~1.OCX, Broad-way>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:WINDOWSsystem32MacromedFlashFlash9b.ocx, Adobe Systems, Inc.