2007-04-12,11:48:02
System Repair Engineer 2.4.12.806
Smallfrogs ([url]http://www.KZTechs.com[/url])
Windows XP Professional Service Pack 1 (Build 2600) - Administrative User - Completed Functions Allowed
Follow item(s) have been choosed:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Runing Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File
Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe> [(Verified)Microsoft Windows XP Publisher]
<MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" /background> [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
<run><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Windows XP Publisher]
<PHIMETIPSYNC><C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\PHONETIC\TINTLCFG.EXE /PHIMETIPSync> [(Verified)Microsoft Corporation]
<OfficeScanNT Monitor><"C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow> [Trend Micro Inc.]
<Matrox Powerdesk><C:\WINDOWS\System32\PDesk\PDesk.exe /Autolaunch> [(Verified)Microsoft Windows XP Publisher]
<avast!><C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe> [(Verified)ALWIL Software]
<Outpost Firewall><C:\PROGRA~1\Agnitum\OUTPOS~1.0\outpost.exe /waitservice> [Agnitum]
<CJIMETIPSYNC><; C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\CHANGJIE\CINTLCFG.EXE /CJIMETIPSync> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows XP Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Windows XP Publisher]
[HKEY_CURRENT_USER\Control Panel\Desktop]
<SCRNSAVE.EXE><C:\WINDOWS\System32\AVASTSS.scr> [ALWIL Software]
==================================
Startup Folders
[REBECCA]
<C:\Documents and Settings\sinotech.54-573\「開始」功能表\程式集\啟動\REBECCA.lnk --> E:\RIMARTS\REBECCA\REBECCA.EXE [RimArts, Inc.]><N>
[Reminder]
<C:\Documents and Settings\sinotech.54-573\「開始」功能表\程式集\啟動\Reminder.lnk --> E:\REMINDER\Reminder.exe [Kana Solution]><N>
[標點符號.exe]
<C:\Documents and Settings\sinotech.54-573\「開始」功能表\程式集\啟動\標點符號.exe.lnk --> E:\原DISK~1\C\game\FU\標點符號.exe [台灣鉅軟科技 HZYSoft Corporation]><N>
==================================
Services
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
<C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[avast! iAVS4 Control Service / aswUpdSv][Running/Auto Start]
<"C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"><N/A>
[avast! Antivirus / avast! Antivirus][Running/Auto Start]
<"C:\Program Files\Alwil Software\Avast4\ashServ.exe"><>
[avast! Mail Scanner / avast! Mail Scanner][Running/Manual Start]
<"C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service><ALWIL Software>
[avast! Web Scanner / avast! Web Scanner][Running/Manual Start]
<"C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service><ALWIL Software>
[Human Interface Device Access / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[MGABGEXE / MGABGEXE][Running/Auto Start]
<C:\WINDOWS\System32\mgabg.exe><Matrox Graphics Inc.>
[OfficeScanNT 即時掃瞄 / ntrtscan][Running/Auto Start]
<C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe><Trend Micro Inc.>
[OfficeScanNT 防火牆 / OfcPfwSvc][Running/Auto Start]
<C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwSvc.exe><Trend Micro Inc.>
[Outpost Firewall Service / OutpostFirewall][Running/Auto Start]
<C:\PROGRA~1\Agnitum\OUTPOS~1.0\outpost.exe /service><Agnitum>
[OfficeScanNT Listener / tmlisten][Running/Auto Start]
<C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe><Trend Micro Inc.>
==================================
Drivers
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
<system32\drivers\ac97intc.sys><Intel Corporation>
[Outpost Firewall PlugIn (CONTENT.DLL) / CONTENT.DLL][Running/Manual Start]
<\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\CONTENT.DLL><Agnitum>
[CO_Mon / CO_Mon][Stopped/Manual Start]
<\??\C:\WINDOWS\System32\Drivers\CO_Mon.sys><N/A>
[Outpost Firewall PlugIn (DNSCACHE.DLL) / DNSCACHE.DLL][Running/Manual Start]
<\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\DNSCACHE.DLL><Agnitum>
[Intel(R) PRO Adapter Driver / E100B][Running/Manual Start]
<System32\DRIVERS\e100b325.sys><Intel Corporation>
[Filseclab Dynamic Defense System Driver / filar][Stopped/System Start]
<\??\C:\PROGRA~1\COMMON~1\FILSEC~1\filar.sys><N/A>
[Outpost Firewall PlugIn (FTPFILT.DLL) / FTPFILT.DLL][Running/Manual Start]
<\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\FTPFILT.DLL><Agnitum>
[G400 / G400][Stopped/Manual Start]
<System32\DRIVERS\G400m.sys><Matrox Graphics Inc.>
[G400DH / G400DH][Running/Manual Start]
<System32\DRIVERS\g400dhm.sys><Matrox Graphics Inc.>
[Outpost Firewall PlugIn (HTMLFILT.DLL) / HTMLFILT.DLL][Running/Manual Start]
<\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\HTMLFILT.DLL><Agnitum>
[Outpost Firewall PlugIn (HTTPFILT.DLL) / HTTPFILT.DLL][Running/Manual Start]
<\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\HTTPFILT.DLL><Agnitum>
[i81x / i81x][Stopped/Manual Start]
<System32\DRIVERS\i81xnt5.sys><Intel Corporation>
[iAimFP0 / iAimFP0][Stopped/Manual Start]
<System32\DRIVERS\wADV01nt.sys><Intel Corporation>
[iAimFP1 / iAimFP1][Stopped/Manual Start]
<System32\DRIVERS\wADV02NT.sys><Intel Corporation>
[iAimFP2 / iAimFP2][Stopped/Manual Start]
<System32\DRIVERS\wADV05NT.sys><Intel Corporation>
[iAimFP3 / iAimFP3][Stopped/Manual Start]
<System32\DRIVERS\wSiINTxx.sys><Intel Corporation>
[iAimFP4 / iAimFP4][Stopped/Manual Start]
<System32\DRIVERS\wVchNTxx.sys><Intel Corporation>
[iAimTV0 / iAimTV0][Stopped/Manual Start]
<System32\DRIVERS\wATV01nt.sys><Intel Corporation>
[iAimTV1 / iAimTV1][Stopped/Manual Start]
<System32\DRIVERS\wATV02NT.sys><Intel Corporation>
[iAimTV2 / iAimTV2][Stopped/Manual Start]
<System32\DRIVERS\wATV03nt.sys><Intel Corporation>
[iAimTV3 / iAimTV3][Stopped/Manual Start]
<System32\DRIVERS\wATV04nt.sys><Intel Corporation>
[iAimTV4 / iAimTV4][Stopped/Manual Start]
<System32\DRIVERS\wCh7xxNT.sys><Intel Corporation>
[Outpost Firewall PlugIn (IMAPFILT.DLL) / IMAPFILT.DLL][Running/Manual Start]
<\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\IMAPFILT.DLL><Agnitum>
[Outpost Firewall PlugIn (MAILFILT.DLL) / MAILFILT.DLL][Running/Manual Start]
<\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\MAILFILT.DLL><Agnitum>
[MEMSWEEP2 / MEMSWEEP2][Stopped/Manual Start]
<\??\C:\WINDOWS\System32\3.tmp><N/A>
[Outpost Firewall PlugIn (NNTPFILT.DLL) / NNTPFILT.DLL][Running/Manual Start]
<\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\NNTPFILT.DLL><Agnitum>
[Outpost Firewall PlugIn (POP3FILT.DLL) / POP3FILT.DLL][Running/Manual Start]
<\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\POP3FILT.DLL><Agnitum>
[Outpost Firewall PlugIn (PROTECT.DLL) / PROTECT.DLL][Running/Manual Start]
<\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\PROTECT.DLL><Agnitum>
[直接平行連接埠連結驅動程式 / Ptilink][Running/Manual Start]
<System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
<\SystemRoot\System32\drivers\RsBoot.sys><N/A>
[Secdrv / Secdrv][Stopped/Manual Start]
<System32\DRIVERS\secdrv.sys><N/A>
[Trend Micro Filter / TmFilter][Running/Auto Start]
<\??\C:\Program Files\Trend Micro\OfficeScan Client\TmXPFlt.sys><Trend Micro Inc.>
[Trend Micro PreFilter / TmPreFilter][Running/Auto Start]
<\??\C:\Program Files\Trend Micro\OfficeScan Client\TmPreFlt.sys><Trend Micro Inc.>
[U3sHlpDr / U3sHlpDr][Running/Auto Start]
<\??\C:\WINDOWS\System32\Drivers\U3sHlpDr.sys><N/A>
[Outpost Firewall Kernel Driver / VFILT][Running/System Start]
<\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\2000\FILTNT.SYS><Agnitum>
[Trend Micro VSAPI NT / VSApiNt][Running/Auto Start]
<\??\C:\Program Files\Trend Micro\OfficeScan Client\VSApiNt.sys><Trend Micro Inc.>
==================================
Browser Add-ons
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[參考資料(&R)]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[@C:\Program Files\Messenger\Msgslang.dll,-61144]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[收音機(&R)]
{8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[CKAVWebScan Object]
{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} <, N/A>
[Symantec AntiVirus scanner]
{2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} <C:\WINDOWS\Downloaded Program Files\avsniff.dll, Symantec Corporation>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\System32\wuweb.dll, Microsoft Corporation>
[Symantec RuFSI Utility Class]
{644E432F-49D3-41A1-8DD5-E099162EEEC5} <C:\WINDOWS\Downloaded Program Files\rufsi.dll, Symantec Corporation>
[MUWebControl Class]
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\System32\muweb.dll, Microsoft Corporation>
[WScanCtl Class]
{7B297BFD-85E4-4092-B2AF-16A91B2EA103} <C:\WINDOWS\Downloaded Program Files\webscan.dll, CA>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[Rising Web Scan Object]
{E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <C:\WINDOWS\Downloaded Program Files\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[McFreeScan Class]
{EF791A6B-FC12-4C68-99EF-FB9E207A39E6} <C:\WINDOWS\McAfee.com\FreeScan\mcfscan.dll, McAfee, Inc.>
[匯出至 Microsoft Office Excel(&X)]
<res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[及時添加轉換用語]
<res://C:\WINDOWS\System32\tcscconv.dll/wnaddindex, N/A>
[更新用語轉碼檔案]
<res://C:\WINDOWS\System32\tcscconv.dll/update, N/A>
[龍之旅簡轉繁體(&T)]
<res://C:\WINDOWS\System32\tcscconv.dll/totrad, N/A>
[龍之旅繁轉簡體(&S)]
<res://C:\WINDOWS\System32\tcscconv.dll/tosimp, N/A>
==================================
Running Processes
[PID: 552][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 656][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2032][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2800.1221 (xpsp2.030511-1403)]
[C:\WINDOWS\System32\PDesk\PDKERNEL.DLL] [Matrox Graphics Inc., 6.93.009]
[C:\WINDOWS\System32\PDesk\PDTOOLS.DLL] [Matrox Graphics Inc., 6.93.009]
[C:\WINDOWS\System32\PDesk\PDRESENG.DLL] [Matrox Graphics Inc., 6.93.009]
[E:\soft\WhoLockMe\WhoLockMe.dll] [Bitmind, 1, 0, 3, 0]
[C:\Program Files\Alwil Software\Avast4\ashShell.dll] [ALWIL Software, 4, 7, 936, 0]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 7.0.0.2004121400]
[C:\WINDOWS\System32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 7.0.0.0]
[PID: 380][C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe] [Trend Micro Inc., 7.0.0.1077]
[C:\Program Files\Trend Micro\OfficeScan Client\loadhttp.dll] [Trend Micro Inc., 7.0.0.1077]
[C:\Program Files\Trend Micro\OfficeScan Client\Pwd.dll] [Trend Micro Inc., 7.0.0.1077]
[C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInAPI.dll] [Trend Micro Inc., 7.0.0.1077]
[C:\Program Files\Trend Micro\OfficeScan Client\OfcPIPC.dll] [N/A, ]
[C:\Program Files\Trend Micro\OfficeScan Client\TimeString.dll] [N/A, ]
[C:\Program Files\Trend Micro\OfficeScan Client\ntmonres.dll] [Trend Micro Inc., 7.0.0.1077]
[C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInMain.dll] [Trend Micro Inc., 7.0.0.1077]
[C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInTray.dll] [Trend Micro Inc., 7.0.0.1077]
[C:\Program Files\Trend Micro\OfficeScan Client\tmdbg20.dll] [trend_company_name, 1, 0, 0, 1]
[PID: 388][C:\WINDOWS\System32\PDesk\PDesk.exe] [Matrox Graphics Inc., 6.93.009]
[C:\WINDOWS\System32\PDesk\PDTOOLS.DLL] [Matrox Graphics Inc., 6.93.009]
[C:\WINDOWS\System32\PDesk\PDRESENG.DLL] [Matrox Graphics Inc., 6.93.009]
[PID: 396][C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe] [, 4, 7, 936, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 936, 0]
[C:\WINDOWS\System32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\System32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\PROGRA~1\ALWILS~1\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 936, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 936, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 936, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 936, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 936, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 936, 0]
[C:\Program Files\Alwil Software\Avast4\ChineseT\Base.dll] [ALWIL Software, 4, 7, 936, 0]
[C:\Program Files\Alwil Software\Avast4\ChineseT\Lang.dll] [ALWIL Software, 4, 7, 936, 0]
[C:\WINDOWS\System32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\PROGRA~1\ALWILS~1\Avast4\AavmRpch.dll] [ALWIL Software, 4, 7, 936, 0]
[c:\program files\alwil software\avast4\ahruimai.dll] [ALWIL Software, 4, 7, 936, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\ashUInt.dll] [ALWIL Software, 4, 7, 936, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\XT1922.dll] [Codejock Software, 1, 9, 4, 0]
[c:\program files\alwil software\avast4\ahruimes.dll] [ALWIL Software, 4, 7, 936, 0]
[c:\program files\alwil software\avast4\ahruins.dll] [ALWIL Software, 4, 7, 936, 0]
[c:\program files\alwil software\avast4\ahruiout.dll] [ALWIL Software, 4, 7, 936, 0]
[c:\program files\alwil software\avast4\ahruip2p.dll] [ALWIL Software, 4, 7, 936, 0]
[c:\program files\alwil software\avast4\ahruistd.dll] [ALWIL Software, 4, 7, 936, 0]
[c:\program files\alwil software\avast4\ahruiws.dll] [ALWIL Software, 4, 7, 936, 0]
[PID: 412][C:\WINDOWS\System32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 436][E:\RIMARTS\REBECCA\REBECCA.EXE] [RimArts, Inc., 1, 2, 4, 16]
[E:\RIMARTS\REBECCA\SSCE4132.dll] [Wintertree Software Inc., 3.10.061]
[PID: 456][E:\REMINDER\Reminder.exe] [Kana Solution, 1.5.0.60]
[PID: 612][E:\原Disk J\C\game\FU\標點符號.exe] [台灣鉅軟科技 HZYSoft Corporation, 3. 0. 0. 0]
[PID: 1320][C:\Program Files\Trend Micro\OfficeScan Client\Pop3Trap.exe] [Trend Micro Incorporated., 10.0.4.1141]
[C:\Program Files\Trend Micro\OfficeScan Client\POP3UTIL.dll] [Trend Micro Incorporated., 10.0.4.1141]
[C:\Program Files\Trend Micro\OfficeScan Client\tmdbg.dll] [N/A, ]
[C:\Program Files\Trend Micro\OfficeScan Client\pewnt2.dll] [Trend Micro Incorporated., 10.0.4.1141]
[C:\Program Files\Trend Micro\OfficeScan Client\tmCfwApi.dll] [Trend Micro Inc., 1.2.0.1020]
[PID: 3040][E:\soft\電腦檢測\sreng2\SREng.EXE] [Smallfrogs Studio, 2.4.12.806]
==================================
File Associations
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock Provider
N/A
==================================
Autorun.Inf
N/A
==================================
HOSTS File
127.0.0.1 localhost
==================================
API HOOK
N/A
==================================
Hidden Process
N/A
==================================