主題: SREng常用操作說明 (2.0 RC2)
查看單個文章
舊 2006-06-28, 05:26 AM   #11 (permalink)
psac
榮譽會員
 
psac 的頭像
榮譽勳章
UID - 3662
在線等級: 級別:30 | 在線時長:1048小時 | 升級還需:37小時級別:30 | 在線時長:1048小時 | 升級還需:37小時級別:30 | 在線時長:1048小時 | 升級還需:37小時級別:30 | 在線時長:1048小時 | 升級還需:37小時級別:30 | 在線時長:1048小時 | 升級還需:37小時
註冊日期: 2002-12-07
住址: 木柵市立動物園
文章: 17381
現金: 5253 金幣
資產: 33853 金幣
預設
Q:
一个嫌疑分子,注册表项目不能删除?
http://img444.imageshack.us/img444/9251/6427075f8251a3b0860ba2he.jpg
在註冊表:
localmachine\SYSTEM\ControlSet001\Enum\Root\LEGACY_RDPSSW32
下..
整個LEGACY_RDPSSW32項都沒有辦法刪除~下面還有個0000的項..都沒有辦法刪除.
開始的時候開機自動執行C:\windows\rdpssw32.exe 程式..被我刪除了.我用了流氓軟件清理後說發現,但是無法清除之..

2006-06-27,15:45:45

System Repair Engineer 2.0.12.350 (2.0 RC 1)
Windows XP Professional Service Pack 2 - 管理權限用戶 - 完整功能

以下內容被選中:
所有的啟動專案(包括註冊表、啟動資料夾、服務等)
瀏覽器載入項
正在執行的工作行程(包括工作行程模塊訊息)
文件關聯


啟動專案
註冊表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><>
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<run><>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<KvMonXP><"F:\Program Files\KV2006\KVMonXP.kxp" /auto>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<Userinit><C:\WINDOWS\system32\userinit.exe,>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><>

==================================
啟動資料夾
[802.1X認證客戶端]
<C:\Documents and Settings\kingsgame\「開始」表菜單\程式\啟動\802.1X認證客戶端.lnk><N>

==================================
服務
[Ati HotKey Poller / Ati HotKey Poller]
<C:\WINDOWS\System32\Ati2evxx.exe><N/A>
[ATI Smart / ATI Smart]
<C:\WINDOWS\system32\ati2sgag.exe><>
[KVSrvXP / KVSrvXP]
<F:\Program Files\KV2006\KVSrvXP.exe /Service><Jiangmin Co. Ltd>
[KVWSC / KVWSC]
<"F:\Program Files\KV2006\KVWsc.exe"><Jiangmin Co.Ltd>
[RDPSSW32 / RDPSSW32]
<><N/A>
[SVCHOST / SVCHOST]
<C:\WINDOWS\SVCHOST.EXE><N/A>

==================================
瀏覽器載入項
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} <, N/A>
[江民殺毒工具欄]
{B5A34A93-D538-43A7-8371-864CB6148D12} <F:\Program Files\KV2006\KvShell.dll, Jiangmin Co.Ltd>
[TegoSoft SmartLoader ActiveX Control]
{1C960AA3-FAEE-11D0-9262-00A0243D2412} <C:\WINDOWS\DOWNLO~1\TegoLoad.OCX, TegoSoft Inc. http://www.tegosoft.com>
[UploadListView Class]
{474F00F5-3853-492C-AC3A-476512BBC336} <C:\WINDOWS\Downloaded Program Files\UploaderX.dll, >
[PhotoUploadCtrl Control]
{A96C48EA-AA88-4BBD-B58C-7B41146A6EAC} <f:\PROGRA~1\Tencent\QZone\PHOTOU~1.OCX, tencent>
[Java Plug-in 1.5.0_01]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <, N/A>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash8a.ocx, Macromedia, Inc.>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[FiltrateWebObj Class]
{42AFACEE-2A77-41EB-9EE2-D9F8AF827F90} <F:\Program Files\KV2006\KVBHO.dll, Jiangmin Co.Ltd>
[超級兔子上網精靈]
{43869BB3-22FD-4F15-9B46-238106BA2F4E} <, N/A>
[Shell Name Space]
{55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\SHDOCVW.DLL, N/A>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[超級兔子上網精靈]
{7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <, N/A>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\SHDOCVW.DLL, N/A>
[江民殺毒工具欄]
{B5A34A93-D538-43A7-8371-864CB6148D12} <F:\Program Files\KV2006\KvShell.dll, Jiangmin Co.Ltd>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash8a.ocx, Macromedia, Inc.>
[上傳到QQ網路硬碟]
<{DEDEB80D-FA35-45D9-9460-4983E5A8AFE6}, N/A>
[匯出到 Microsoft Office Excel(&X)]
<res://F:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000, N/A>
[新增到QQ自定義面板]
<, N/A>
[新增到QQ表情]
<, N/A>
[用QQ彩信發送該圖片]
<F:\Program Files\Tencent\SendMMS.htm, N/A>
[用迅雷下載(&D)]
<F:\Program Files\Thunder5.1.3.168 綠色版 by令狐雨辰\geturl.htm, N/A>
[用迅雷下載全部(&A)]
<F:\Program Files\Thunder5.1.3.168 綠色版 by令狐雨辰\getallurl.htm, N/A>

==================================
正在執行的工作行程
[PID: 580][\SystemRoot\System32\smss.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 644][\??\C:\WINDOWS\system32\csrss.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 668][\??\C:\WINDOWS\system32\winlogon.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\Ati2evxx.dll] <N/A><N/A>
[C:\WINDOWS\system32\antiwpa.dll] <N/A><N/A>
[PID: 712][C:\WINDOWS\system32\services.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 724][C:\WINDOWS\system32\lsass.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 884][C:\WINDOWS\System32\Ati2evxx.exe] <N/A><N/A>
[PID: 896][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1004][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1088][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1300][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1312][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1524][C:\WINDOWS\system32\spoolsv.exe] <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)>
[PID: 1732][F:\Program Files\KV2006\KVSrvXP.exe] <Jiangmin Co. Ltd><9.2.0.50822>
[F:\Program Files\KV2006\UpdateX.dll] <JiangMin Co.Ltd.><9, 0, 5, 831>
[F:\Program Files\KV2006\SvcSafe.dll] <Jiangmin Co. Ltd><9, 2, 0, 51107>
[F:\Program Files\KV2006\lang\SvcSafe0804.lng] <N/A><N/A>
[F:\Program Files\KV2006\RegProt.dll] <Jiangmin Co.Ltd><9, 0, 5, 1212>
[F:\Program Files\KV2006\Scan.dll] <Jiangmin Co., Ltd.><1.0.6.05190>
[F:\Program Files\KV2006\FileGD.dll] <Jiangmin Co.Ltd><9.2.0.50809>
[F:\Program Files\KV2006\KvSPI.dll] <Jiangmin Co. Ltd.><1.0.6.06030>
[F:\Program Files\KV2006\lang\KVSpi0804.lng] <N/A><N/A>
[F:\Program Files\KV2006\ScanHost.dll] <Jiangmin Co. Ltd><9, 2, 0, 50822>
[F:\Program Files\KV2006\KVWPSet.dll] <Jiangmin Co.Ltd><9, 0, 0, 60220>
[F:\Program Files\KV2006\KVEnhS.dll] <Jiangmin Co., Ltd.><9, 2, 6, 02040>
[F:\Program Files\KV2006\KVEnhJ.dll] <Jiangmin Co.Ltd><9, 1, 0, 50822>
[F:\Program Files\KV2006\KVExtCab.dll] <JiangMin Co. Ltd><9, 2, 0, 50822>
[F:\Program Files\KV2006\KVExtEml.dll] <Jiangmin Co. Ltd.><9, 2, 0, 51207>
[F:\Program Files\KV2006\lang\KVExtEml0804.lng] <N/A><N/A>
[F:\Program Files\KV2006\KvExtZip.dll] <JiangMin Co Ltd.><9, 2, 0, 50822>
[F:\Program Files\KV2006\KVExtZ.dll] <Jiangmin Co. Ltd><9.2.0.503>
[F:\Program Files\KV2006\KVExtTar.dll] <Jiangmin Co. Ltd><9, 2, 0, 50822>
[F:\Program Files\KV2006\KVExtLZH.dll] <JiangMin Co. Ltd.><9, 2, 6, 0316>
[F:\Program Files\KV2006\KvExtRar.dll] <JiangMin Co. Ltd.><9, 2, 6, 04020>
[F:\Program Files\KV2006\KVExtGz_1.dll] <Jiangmin Co. Ltd><9, 0, 6, 04200>
[F:\Program Files\KV2006\KVEnhK.dll] <Jiangmin Co.Ltd><9, 1, 0, 51209>
[F:\Program Files\KV2006\Fix.dll] <Jiangmin Co.Ltd><9, 2, 0, 51011>
[F:\Program Files\KV2006\KvCkMail.dll] <N/A><9, 0, 6, 605>
[F:\Program Files\KV2006\lang\KvMailRes0804.lng] <N/A><N/A>
[F:\Program Files\KV2006\EngPS.dll] <Jiangmin Co.Ltd><9, 2, 0, 50817>
[F:\Program Files\KV2006\lang\PrivateCfg0804.lng] <TODO: <Company name>><1.0.0.1>
[PID: 432][C:\WINDOWS\system32\Ati2evxx.exe] <N/A><N/A>
[PID: 616][C:\WINDOWS\Explorer.EXE] <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[F:\Program Files\WinRAR\rarext.dll] <N/A><N/A>
[F:\Program Files\KV2006\KvShell.dll] <Jiangmin Co.Ltd><9, 0, 5, 830>
[F:\Program Files\KV2006\UpdateX.dll] <JiangMin Co.Ltd.><9, 0, 5, 831>
[F:\Program Files\KV2006\lang\Kvxp0804_1.lng] <N/A><N/A>
[F:\Program Files\KV2006\APIImpl.dll] <JiangMin Ltd.><9.0.0.500>
[F:\Program Files\Tencent\qdshm.dll] <><1, 0, 101, 20>
[F:\Program Files\SPX Capture\engine.dll] <N/A><N/A>
[PID: 640][C:\WINDOWS\System32\alg.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[F:\Program Files\KV2006\KVMonXP.kxp] <Jiangmin Co.Ltd><9, 2, 0, 60103>
[F:\Program Files\KV2006\UpdateX.dll] <JiangMin Co.Ltd.><9, 0, 5, 831>
[F:\Program Files\KV2006\lang\Kvxp0804_1.lng] <N/A><N/A>
[F:\Program Files\KV2006\GUIExt.dll] <Jiangmin Co.Ltd><9, 0, 5, 927>
[F:\Program Files\KV2006\lang\GUIExt0804.lng] <JiangMin Ltd.><7, 1, 0, 200>
[F:\Program Files\KV2006\EngFace.dll] <Jiangmin Co.Ltd><9.0.0.50809>
[F:\Program Files\KV2006\EngPS.dll] <Jiangmin Co.Ltd><9, 2, 0, 50817>
[F:\Program Files\KV2006\KvMemory.dll] <Jiangmin Co. Ltd.><9, 0, 6, 0214>
[F:\Program Files\KV2006\KvOffice.dll] <JiangMin New Tech.><9.0.0.1213>
[F:\Program Files\KV2006\lang\KVOffice0804.lng] <N/A><N/A>
[F:\Program Files\KV2006\VirusUpload.dll] <N/A><2, 0, 0, 0>
[F:\Program Files\KV2006\lang\PrivateCfg0804.lng] <TODO: <Company name>><1.0.0.1>
[F:\Program Files\KV2006\PProtect.dll] <Jiangmin Co. Ltd.><9.0.0.921>
[PID: 1196][C:\WINDOWS\system32\ctfmon.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[F:\Program Files\KV2006\TrojDie.kxp] <Jiangmin Co.Ltd><9.0.6.0413>
[F:\Program Files\KV2006\UpdateX.dll] <JiangMin Co.Ltd.><9, 0, 5, 831>
[F:\Program Files\KV2006\lang\TrojDie0804.lng] <Jiangmin Co.Ltd><9.0.0.0813>
[F:\Program Files\KV2006\GUIExt.dll] <Jiangmin Co.Ltd><9, 0, 5, 927>
[F:\Program Files\KV2006\lang\GUIExt0804.lng] <JiangMin Ltd.><7, 1, 0, 200>
[F:\Program Files\KV2006\PProtect.dll] <Jiangmin Co. Ltd.><9.0.0.921>
[F:\Program Files\KV2006\ComUIPS.dll] <Jiangmin Ltd.><9. 5. 5. 20>
[PID: 1456][C:\Program Files\802.1X認證客戶端\Dot1XClient.exe] <huawei><2.00>
[C:\WINDOWS\system32\W32N50.dll] <Printing Communications Assoc., Inc. (PCAUSA)><5.03.16.54>
[PID: 1964][F:\Program Files\KV2006\KRegEx.exe] <Jiangmin Co.Ltd><9.0.6.210>
[F:\Program Files\KV2006\KRegEx.dll] <Jiangmin Co. Ltd.><9.0.6.0119>
[F:\Program Files\KV2006\KRegTrust.dll] <Jiangmin Co. Ltd.><9.0.0.825>
[PID: 200][F:\Program Files\KV2006\UIHost.exe] <Jiangmin Co. Ltd><9.2.0.50822>
[F:\Program Files\KV2006\UpdateX.dll] <JiangMin Co.Ltd.><9, 0, 5, 831>
[F:\Program Files\KV2006\ComUI.dll] <Jiangmin Ltd.><9. 0. 0.509>
[F:\Program Files\KV2006\ComUIPS.dll] <Jiangmin Ltd.><9. 5. 5. 20>
[PID: 356][C:\WINDOWS\system32\wuauclt.exe] <Microsoft Corporation><5.8.0.2469 built by: lab01_n(wmbla)>
[PID: 1408][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1868][F:\PROGRA~1\TheWorld\TheWorld.exe] <Phoenix Studio><1, 2, 3, 5>
[C:\WINDOWS\System32\Macromed\Flash\Flash8a.ocx] <Macromedia, Inc.><8,0,24,0>
[C:\WINDOWS\system32\FREEWB.IME] <Delphi Fan Studio><5.1>
[F:\Program Files\freewb\plugin\date.plg] <><1, 0, 0, 1>
[F:\Program Files\SPX Capture\engine.dll] <N/A><N/A>
[PID: 1616][F:\Program Files\SPX Capture\Spx.exe] <MoodySoft><4.0.0.0>
[F:\Program Files\SPX Capture\ICQMAPI.dll] <N/A><N/A>
[F:\Program Files\SPX Capture\lpng.dll] <N/A><N/A>
[F:\Program Files\SPX Capture\freeze.dll] <N/A><N/A>
[F:\Program Files\SPX Capture\engine.dll] <N/A><N/A>
[PID: 1368][F:\download\sreng2\SREng.exe] <Smallfrogs Studio><2.0.12.350>
[F:\Program Files\SPX Capture\engine.dll] <N/A><N/A>

==================================
文件關聯
.TXT Error. [emeditor.txt]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================





A:

再次執行 System Repair Engineer 在「啟動專案」->「服務」 中刪除下面專案

[RDPSSW32 / RDPSSW32]
<><N/A>
[SVCHOST / SVCHOST]
<C:\WINDOWS\SVCHOST.EXE><N/A>




Q:
2006-06-27,20:05:54

System Repair Engineer 2.0.12.350 (2.0 RC 1)
Windows XP Professional Service Pack 2 - 管理權限用戶 - 完整功能

以下內容被選中:
所有的啟動專案(包括註冊表、啟動資料夾、服務等)
瀏覽器載入項
正在執行的工作行程(包括工作行程模塊訊息)
文件關聯


啟動專案
註冊表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><>
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<run><>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<KvMonXP><"F:\Program Files\KV2006\KVMonXP.kxp" /auto>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
<Super Rabbit Winspeed><"F:\Program Files\Super Rabbit\MagicSet\winspeed.exe" /autokill:117>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<Userinit><C:\WINDOWS\system32\userinit.exe,>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><>

==================================
啟動資料夾
[802.1X認證客戶端]
<C:\Documents and Settings\kingsgame\「開始」表菜單\程式\啟動\802.1X認證客戶端.lnk><N>

==================================
服務
[Ati HotKey Poller / Ati HotKey Poller]
<C:\WINDOWS\System32\Ati2evxx.exe><N/A>
[ATI Smart / ATI Smart]
<C:\WINDOWS\system32\ati2sgag.exe><>
[KVSrvXP / KVSrvXP]
<F:\Program Files\KV2006\KVSrvXP.exe /Service><Jiangmin Co. Ltd>
[KVWSC / KVWSC]
<"F:\Program Files\KV2006\KVWsc.exe"><Jiangmin Co.Ltd>

==================================
瀏覽器載入項
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} <, N/A>
[江民殺毒工具欄]
{B5A34A93-D538-43A7-8371-864CB6148D12} <F:\Program Files\KV2006\KvShell.dll, Jiangmin Co.Ltd>
[TegoSoft SmartLoader ActiveX Control]
{1C960AA3-FAEE-11D0-9262-00A0243D2412} <C:\WINDOWS\DOWNLO~1\TegoLoad.OCX, TegoSoft Inc. http://www.tegosoft.com>
[UploadListView Class]
{474F00F5-3853-492C-AC3A-476512BBC336} <C:\WINDOWS\Downloaded Program Files\UploaderX.dll, >
[PhotoUploadCtrl Control]
{A96C48EA-AA88-4BBD-B58C-7B41146A6EAC} <f:\PROGRA~1\Tencent\QZone\PHOTOU~1.OCX, tencent>
[Java Plug-in 1.5.0_01]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <, N/A>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash8a.ocx, Macromedia, Inc.>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[FiltrateWebObj Class]
{42AFACEE-2A77-41EB-9EE2-D9F8AF827F90} <F:\Program Files\KV2006\KVBHO.dll, Jiangmin Co.Ltd>
[超級兔子上網精靈]
{43869BB3-22FD-4F15-9B46-238106BA2F4E} <, N/A>
[Shell Name Space]
{55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\SHDOCVW.DLL, N/A>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[超級兔子上網精靈]
{7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <, N/A>
[]
{A9930D97-9CF0-42A0-A10D-4F28836579D5} <F:\PROGRA~1\KuGoo2\KUGOO3~1.OCX, N/A>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\SHDOCVW.DLL, N/A>
[江民殺毒工具欄]
{B5A34A93-D538-43A7-8371-864CB6148D12} <F:\Program Files\KV2006\KvShell.dll, Jiangmin Co.Ltd>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash8a.ocx, Macromedia, Inc.>
[上傳到QQ網路硬碟]
<{DEDEB80D-FA35-45D9-9460-4983E5A8AFE6}, N/A>
[使用KuGoo3下載(&K)]
<F:\Program Files\KuGoo2\KuGoo3DownX.htm, N/A>
[匯出到 Microsoft Office Excel(&X)]
<res://F:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000, N/A>
[新增到QQ自定義面板]
<, N/A>
[新增到QQ表情]
<, N/A>
[用QQ彩信發送該圖片]
<F:\Program Files\Tencent\SendMMS.htm, N/A>
[用迅雷下載(&D)]
<F:\Program Files\Thunder5.1.3.168 綠色版 by令狐雨辰\geturl.htm, N/A>
[用迅雷下載全部(&A)]
<F:\Program Files\Thunder5.1.3.168 綠色版 by令狐雨辰\getallurl.htm, N/A>

==================================
正在執行的工作行程
[PID: 580][\SystemRoot\System32\smss.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 644][\??\C:\WINDOWS\system32\csrss.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 668][\??\C:\WINDOWS\system32\winlogon.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\Ati2evxx.dll] <N/A><N/A>
[C:\WINDOWS\system32\antiwpa.dll] <N/A><N/A>
[PID: 712][C:\WINDOWS\system32\services.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 724][C:\WINDOWS\system32\lsass.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 896][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1004][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1088][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1300][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1312][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1524][C:\WINDOWS\system32\spoolsv.exe] <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)>
[PID: 1732][F:\Program Files\KV2006\KVSrvXP.exe] <Jiangmin Co. Ltd><9.2.0.50822>
[F:\Program Files\KV2006\UpdateX.dll] <JiangMin Co.Ltd.><9, 0, 5, 831>
[F:\Program Files\KV2006\SvcSafe.dll] <Jiangmin Co. Ltd><9, 2, 0, 51107>
[F:\Program Files\KV2006\lang\SvcSafe0804.lng] <N/A><N/A>
[F:\Program Files\KV2006\RegProt.dll] <Jiangmin Co.Ltd><9, 0, 5, 1212>
[F:\Program Files\KV2006\Scan.dll] <Jiangmin Co., Ltd.><1.0.6.05190>
[F:\Program Files\KV2006\FileGD.dll] <Jiangmin Co.Ltd><9.2.0.50809>
[F:\Program Files\KV2006\KvSPI.dll] <Jiangmin Co. Ltd.><1.0.6.06030>
[F:\Program Files\KV2006\lang\KVSpi0804.lng] <N/A><N/A>
[F:\Program Files\KV2006\ScanHost.dll] <Jiangmin Co. Ltd><9, 2, 0, 50822>
[F:\Program Files\KV2006\KVWPSet.dll] <Jiangmin Co.Ltd><9, 0, 0, 60220>
[F:\Program Files\KV2006\KvCkMail.dll] <N/A><9, 0, 6, 605>
[F:\Program Files\KV2006\lang\KvMailRes0804.lng] <N/A><N/A>
[F:\Program Files\KV2006\EngPS.dll] <Jiangmin Co.Ltd><9, 2, 0, 50817>
[F:\Program Files\KV2006\lang\PrivateCfg0804.lng] <TODO: <Company name>><1.0.0.1>
[PID: 616][C:\WINDOWS\Explorer.EXE] <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[F:\Program Files\KV2006\KvShell.dll] <Jiangmin Co.Ltd><9, 0, 5, 830>
[F:\Program Files\KV2006\UpdateX.dll] <JiangMin Co.Ltd.><9, 0, 5, 831>
[F:\Program Files\KV2006\lang\Kvxp0804_1.lng] <N/A><N/A>
[F:\Program Files\KV2006\APIImpl.dll] <JiangMin Ltd.><9.0.0.500>
[F:\Program Files\Tencent\qdshm.dll] <><1, 0, 101, 20>
[F:\Program Files\WinRAR\rarext.dll] <N/A><N/A>
[F:\PROGRA~1\KuGoo2\KUGOO3~1.OCX] <N/A><N/A>
[PID: 640][C:\WINDOWS\System32\alg.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1196][C:\WINDOWS\system32\ctfmon.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 356][C:\WINDOWS\system32\wuauclt.exe] <Microsoft Corporation><5.8.0.2469 built by: lab01_n(wmbla)>
[PID: 1408][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1492][C:\Program Files\802.1X認證客戶端\Dot1XClient.exe] <huawei><2.00>
[C:\WINDOWS\system32\W32N50.dll] <Printing Communications Assoc., Inc. (PCAUSA)><5.03.16.54>
[PID: 1668][F:\PROGRA~1\TheWorld\TheWorld.exe] <Phoenix Studio><1, 2, 3, 5>
[C:\WINDOWS\System32\Macromed\Flash\Flash8a.ocx] <Macromedia, Inc.><8,0,24,0>
[C:\WINDOWS\system32\FREEWB.IME] <Delphi Fan Studio><5.1>
[F:\Program Files\freewb\plugin\date.plg] <><1, 0, 0, 1>
[C:\WINDOWS\System32\xunleibho_v13.dll] <Thunder Networking Technologies,LTD><4, 6, 0, 48>
[C:\WINDOWS\system32\msdmo.dll] <N/A><N/A>
[F:\Program Files\Ringz Studio\Storm Codec\Codecs\VSFilter.dll] <Gabest><1, 0, 1, 2>
[F:\Program Files\Ringz Studio\Storm Codec\Codecs\OGGSplt.ax] <Gabest><1, 0, 0, 0>
[C:\WINDOWS\system32\RealMediaSplitter.ax] <Gabest><1, 0, 1, 1>
[F:\Program Files\Ringz Studio\Storm Codec\Codecs\MkvSplt.ax] <Gabest><1, 0, 2, 6>
[C:\WINDOWS\System32\ffdshow.ax] <N/A><1, 0, 0, 1>
[C:\DOCUME~1\KINGSG~1\APPLIC~1\ppStream\100~1.138\POWERL~1.OCX] <PPStream.com><1, 0, 0, 1216>
[C:\DOCUME~1\KINGSG~1\APPLIC~1\ppStream\100~1.138\POWERP~1.DLL] <PPStream Inc.><1,0,0,1566>
[C:\DOCUME~1\KINGSG~1\APPLIC~1\ppStream\100~1.138\PSNetwork.dll] <PPStream, inc.><1, 0, 0, 2296>
[PID: 940][F:\網號\QQ相關\Q工具\myQQC\myQQC.exe] <N/A><V2.2>
[PID: 3664][F:\download\sreng2\SREng.exe] <Smallfrogs Studio><2.0.12.350>

==================================
文件關聯
.TXT Error. [emeditor.txt]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================



A:新的掃瞄報告沒問題了
__________________
http://bbsimg.qianlong.com/upload/01/08/29/68/1082968_1136014649812.gif
psac 目前離線  
送花文章: 3, 收花文章: 1631 篇, 收花: 3205 次