2009-06-26,18:19:57

System Repair Engineer 2.7.1.1261
Smallfrogs (http://www.KZTechs.com)

Windows 7 Ultimate Edition (Build 7100) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描
    计划任务
    API HOOK
    隐藏进程

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <RocketDock><"F:\RocketDock\RocketDock.exe"> []
    <ctfmon.exe><C:\Windows\system32\ctfmon.exe> [(Verified)Microsoft Windows]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <nod32kui><"C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE> [Eset ]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><explorer.exe> [(Verified)Microsoft Windows]
    <Userinit><C:\Windows\system32\userinit.exe,> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <WebCheck><C:\Windows\System32\webcheck.dll> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><C:\Windows\System32\ie4uinit.exe -UserIconConfig> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
    <Browser Customizations><"C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Windows Desktop Update><regsvr32.exe /s /n /i:U shell32.dll> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    <Internet Explorer><C:\Windows\System32\ie4uinit.exe -BaseSettings> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install> [(Verified)Microsoft Windows]

==================================
启动文件夹
N/A

==================================
服务
[NOD32 Kernel Service / NOD32krn][Running/Auto Start]
<"C:\Program Files\Eset\nod32krn.exe"><Eset>

==================================
驱动程序
[adp94xx / adp94xx][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\adp94xx.sys><Adaptec, Inc.>
[adpahci / adpahci][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\adpahci.sys><Adaptec, Inc.>
[adpu320 / adpu320][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\adpu320.sys><Adaptec, Inc.>
[aic78xx / aic78xx][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\djsvs.sys><Adaptec, Inc.>
[aliide / aliide][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[amdsata / amdsata][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\amdsata.sys><AMD>
[amdsbs / amdsbs][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\amdsbs.sys><AMD Technologies Inc.>
[amdxata / amdxata][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\amdxata.sys><AMD>
[AMON / AMON][Running/Auto Start]
<\SystemRoot\system32\drivers\amon.sys><Eset>
[arc / arc][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\arc.sys><Adaptec, Inc.>
[arcsas / arcsas][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\arcsas.sys><Adaptec, Inc.>
[Broadcom NetXtreme II VBD / b06bdrv][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\bxvbdx.sys><Broadcom Corporation>
[Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 / b57nd60x][Stopped/Manual Start]
<system32\DRIVERS\b57nd60x.sys><Broadcom Corporation>
[Brother USB Mass-Storage Lower Filter Driver / BrFiltLo][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\BrFiltLo.sys><Brother Industries, Ltd.>
[Brother USB Mass-Storage Upper Filter Driver / BrFiltUp][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\BrFiltUp.sys><Brother Industries, Ltd.>
[Brother MFC Serial Port Interface Driver (WDM) / Brserid][Stopped/Manual Start]
<\SystemRoot\System32\Drivers\Brserid.sys><Brother Industries Ltd.>
[Brother WDM Serial driver / BrSerWdm][Stopped/Manual Start]
<\SystemRoot\System32\Drivers\BrSerWdm.sys><Brother Industries Ltd.>
[Brother MFC USB Fax Only Modem / BrUsbMdm][Stopped/Manual Start]
<\SystemRoot\System32\Drivers\BrUsbMdm.sys><Brother Industries Ltd.>
[Brother MFC USB Serial WDM Driver / BrUsbSer][Stopped/Manual Start]
<\SystemRoot\System32\Drivers\BrUsbSer.sys><Brother Industries Ltd.>
[cmdide / cmdide][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[Broadcom NetXtreme II 10 GigE VBD / ebdrv][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\evbdx.sys><Broadcom Corporation>
[elxstor / elxstor][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\elxstor.sys><Emulex>
[Hauppauge Consumer Infrared Receiver / hcw85cir][Stopped/Manual Start]
<\SystemRoot\system32\drivers\hcw85cir.sys><Hauppauge Computer Works, Inc.>
[HpSAMD / HpSAMD][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\HpSAMD.sys><Hewlett-Packard Company>
[iaStorV / iaStorV][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\iaStorV.sys><Intel Corporation>
[iirsp / iirsp][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\iirsp.sys><Intel Corp./ICP vortex GmbH>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
<system32\drivers\RTKVHDA.sys><Realtek Semiconductor Corp.>
[LSI_FC / LSI_FC][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\lsi_fc.sys><LSI Corporation>
[LSI_SAS / LSI_SAS][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\lsi_sas.sys><LSI Corporation>
[LSI_SAS2 / LSI_SAS2][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\lsi_sas2.sys><LSI Corporation>
[LSI_SCSI / LSI_SCSI][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\lsi_scsi.sys><LSI Corporation>
[megasas / megasas][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\megasas.sys><LSI Corporation>
[MegaSR / MegaSR][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\MegaSR.sys><LSI Corporation, Inc.>
[nfrd960 / nfrd960][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\nfrd960.sys><IBM Corporation>
[nod32drv / nod32drv][Running/System Start]
<\SystemRoot\system32\drivers\nod32drv.sys><N/A>
[nvlddmkm / nvlddmkm][Running/Manual Start]
<system32\DRIVERS\nvlddmkm.sys><NVIDIA Corporation>
[nvraid / nvraid][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\nvraid.sys><NVIDIA Corporation>
[nvstor / nvstor][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\nvstor.sys><NVIDIA Corporation>
[ql2300 / ql2300][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\ql2300.sys><QLogic Corporation>
[ql40xx / ql40xx][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\ql40xx.sys><QLogic Corporation>
[Srramdisk Driver / RRamdisk][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\rramdisk.sys><gavotte>
[Realtek 8167 NT Driver / RTL8167][Running/Manual Start]
<system32\DRIVERS\Rt86win7.sys><Realtek Corporation>
[SiSRaid2 / SiSRaid2][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\SiSRaid2.sys><Silicon Integrated Systems Corp.>
[SiSRaid4 / SiSRaid4][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\sisraid4.sys><Silicon Integrated Systems>
[stexstor / stexstor][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\stexstor.sys><Promise Technology>
[TesDrvPt / TesDrvPt][Stopped/Manual Start]
<\??\C:\Windows\system32\TesDrvPt.sys><TENCENT>
[TesSafe / TesSafe][Stopped/Manual Start]
<\??\C:\Windows\system32\TesSafe.sys><TENCENT>
[viaide / viaide][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\viaide.sys><VIA Technologies, Inc.>
[vsmraid / vsmraid][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\vsmraid.sys><VIA Technologies Inc.,Ltd>
[VIMICRO USB PC Camera (VC0303) / ZSMC303][Running/Manual Start]
<System32\Drivers\usbVM303.sys><Vimicro Corporation>

==================================
浏览器加载项
[QQCycloneHelper Class]
{00000000-12C9-4305-82F9-43058F20E8D2} <D:\Tencent\QQDownload2\QQIEHelper01.dll, (Signed) Tencent Technology (Shenzhen) Company Limited>
[ThunderAtOnce Class]
{01443AEC-0FD1-40fd-9C87-E93D1494C233} <F:\Thunder Network\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <F:\Thunder Network\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[CBBrowerBuddy Class]
{A412E581-59B2-485E-834F-C5F0C0268C79} <F:\Kingsoft\PowerWord Lite\CBEBand.dll, (Signed) Copyright (c) Kingsoft Corporation Limited. All rights reserved.>
[CBBrowerBuddy Class]
{A412E581-59B2-485E-834F-C5F0C0268C79} <F:\Kingsoft\PowerWord Lite\CBEBand.dll, (Signed) Copyright (c) Kingsoft Corporation Limited. All rights reserved.>
[UploadControl Control]
{52FF336D-A05D-4A14-A3A1-7B6B4B427F88} <C:\Windows\system32\UPLOAD~1.OCX, 网易（杭州）网络有限公司>
[VodClient Control Class]
{A3C4EB4E-1883-4CE0-A4A3-90F3ADDA246D} <C:\Windows\system32\nagasoft\vjocx-oem-hnnn.dll, (Signed) 南京纳加软件有限公司>
[UploadFilePartition Class]
{A877BA28-1F7E-4876-B299-50B3199A1A5D} <C:\Windows\system32\TXGYMailActiveX.dll, (Signed) Tencent Inc.>
[PhotoUploadCtrlMini Control]
{D9306BD1-2325-4C28-8632-B02330C1BB02} <C:\Windows\system32\PHOTOU~1.OCX, 广州网易互动娱乐有限公司>
[QQCycloneHelper Class]
{00000000-12C9-4305-82F9-43058F20E8D2} <D:\Tencent\QQDownload2\QQIEHelper01.dll, (Signed) Tencent Technology (Shenzhen) Company Limited>
[ThunderAtOnce Class]
{01443AEC-0FD1-40FD-9C87-E93D1494C233} <F:\Thunder Network\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[]
{09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <, >
[VistaWUWebControl Class]
{12A66224-5E8A-4679-8941-0B9B960BF5EA} <%SystemRoot%\system32\wuwebv.dll, (Signed) N/A>
[Thunder Agent Class]
{485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <F:\Thunder Network\ComDlls\ThunderAgent_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[UploadControl Control]
{52FF336D-A05D-4A14-A3A1-7B6B4B427F88} <C:\Windows\system32\UPLOAD~1.OCX, 网易（杭州）网络有限公司>
[XMP Class]
{6483F145-A768-4C41-AACC-52D4D7845851} <C:\ProgramData\Thunder Network\KanKan\xplayer.dll_1_work, 深圳市迅雷网络技术有限公司>
[MediaComm Class]
{7670648D-461B-42AF-BDFE-46D26AF5EFF2} <F:\Thunder Network\Components\InMedia\MediaAddin.dll, (Signed) Thunder Networking Technologies,LTD>
[Microsoft Web Browser]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\Windows\System32\ieframe.dll, (Signed) Microsoft Corporation>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <F:\Thunder Network\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[OFrameObject Class]
{9701758C-4373-482E-B13C-776C048EC890} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.5902.179.(18).dll, (Signed) ShenZhen Thunder Networking Technologies Ltd.>
[VersionDetector Class]
{9EFF1953-9694-47B1-AEF6-B2A3FE8BFE9B} <C:\Program Files\Common Files\Thunder Network\KanKan\vd.1.1.0.15.(142).dll, (Signed) ShenZhen Thunder Networking Technologies,Ltd.>
[VodClient Control Class]
{A3C4EB4E-1883-4CE0-A4A3-90F3ADDA246D} <C:\Windows\system32\nagasoft\vjocx-oem-hnnn.dll, (Signed) 南京纳加软件有限公司>
[CBBrowerBuddy Class]
{A412E581-59B2-485E-834F-C5F0C0268C79} <F:\Kingsoft\PowerWord Lite\CBEBand.dll, (Signed) Copyright (c) Kingsoft Corporation Limited. All rights reserved.>
[UploadFilePartition Class]
{A877BA28-1F7E-4876-B299-50B3199A1A5D} <C:\Windows\system32\TXGYMailActiveX.dll, (Signed) Tencent Inc.>
[金山词霸浏览器栏]
{ABB7394C-91CD-42E9-88A3-23166137709D} <F:\Kingsoft\PowerWord Lite\CBEBand.dll, (Signed) Copyright (c) Kingsoft Corporation Limited. All rights reserved.>
[DapCtrl Class]
{ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.5902.179.(18).dll, (Signed) ShenZhen Thunder Networking Technologies Ltd.>
[Microsoft Url Search Hook]
{CFBFAE00-17A6-11D0-99CB-00C04FD64497} <C:\Windows\System32\ieframe.dll, (Signed) Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\Windows\system32\Macromed\Flash\Flash10b.ocx, (Signed) Adobe Systems, Inc.>
[PhotoUploadCtrlMini Control]
{D9306BD1-2325-4C28-8632-B02330C1BB02} <C:\Windows\system32\PHOTOU~1.OCX, 广州网易互动娱乐有限公司>
[XML HTTP Request]
{ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[XPPlayer Class]
{F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Program Files\Common Files\Thunder Network\KanKan\PPlayer.2.1.59010.253.(18).dll, (Signed) ShenZhen Thunder Networking Technologies Ltd.>
[&使用QQ旋风下载]
<D:\Tencent\QQDownload2\geturl.htm, N/A>
[&使用QQ旋风下载全部链接]
<D:\Tencent\QQDownload2\getAllurl.htm, N/A>
[使用迅雷下载]
<F:\Thunder Network\Program\GetUrl.htm, N/A>
[使用迅雷下载全部链接]
<F:\Thunder Network\Program\GetAllUrl.htm, N/A>
[添加到QQ表情]
<D:\Tencent\QQ\Bin\AddEmotion.htm, N/A>

==================================