大家帮我分析一下sreng日至 bbs.ikaka.com

稻香321 - 2009-10-10 20:23:00

[code]2009-10-10,17:16:34
System Repair Engineer 2.8.1.1279
Smallfrogs (http://www.KZTechs.com)
Windows Vista Home Premium Edition Service Pack 1 (Build 6001) - 管理权限用户 - 完整功能
以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描
计划任务
Windows 安全更新检查
API HOOK
隐藏进程

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<Sidebar><C:\Program Files\Windows Sidebar\sidebar.exe /autoRun> [(Verified)Microsoft Windows]
<WindowsWelcomeCenter><rundll32.exe oobefldr.dll,ShowWelcomeCenter> [(Verified)Microsoft Windows]
<ehTray.exe><C:\Windows\ehome\ehTray.exe> [(Verified)Microsoft Windows]
<KavPFW><; "C:\KAV2007\KPFW32.EXE"> [File is missing]
<QvodPlayer><C:\QvodPlayer\QvodTerminal.exe> [(Verified)"Shenzhen QVOD Technology Co.,Ltd"]
<ApabiAgent><; "C:\Program Files\Founder\Apabi Reader 3.0\ApabiAgent.exe"> []
<MsnMsgr><; "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background> [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<Windows Defender><%ProgramFiles%\Windows Defender\MSASCui.exe -hide> [(Verified)Microsoft Windows]
<SynTPStart><C:\Program Files\Synaptics\SynTP\SynTPStart.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<IAAnotif><C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe> [(Verified)Intel Corporation]
<FIC HotKey><C:\Program Files\Hotkey Utility\tray.exe> []
<StarCenter2.5><C:\Program Files\StarSoftComm\StarCenter2.5\SMBPlatForm.exe> [StarSoftComm Corporation]
<360Safetray><"C:\Program Files\360safe\safemon\360Tray.exe" /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
<KavStart><; "C:\KAV2007\KAVStart.exe" -startup> [File is missing]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows]
<Userinit><C:\Windows\system32\Userinit.exe> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<WebCheck><C:\Windows\System32\webcheck.dll> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
<WinlogonNotify: igfxcui><igfxdev.dll> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
<{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
<Microsoft Windows Media Player><C:\Windows\system32\unregmp2.exe /ShowWMP> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><C:\Windows\system32\ie4uinit.exe -UserIconConfig> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
<Browser Customizations><"C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Windows Mail 7><"%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
<Windows Desktop Update><regsvr32.exe /s /n /i:U shell32.dll> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
<Internet Explorer><C:\Windows\system32\ie4uinit.exe -BaseSettings> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install> [(Verified)Microsoft Windows]
[HKEY_CURRENT_USER\Control Panel\Desktop]
<SCRNSAVE.EXE><C:\Windows\system32\Mystify.scr> [(Verified)Microsoft Windows]
==================================
启动文件夹
[Bluetooth Manager]
<C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk --> C:\PROGRA~1\Toshiba\BLUETO~1\TosBtMng.exe [TOSHIBA CORPORATION.]><N>
[Bluetooth Manager]
<C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk --> C:\PROGRA~1\Toshiba\BLUETO~1\TosBtMng.exe [TOSHIBA CORPORATION.]><N>
==================================
服务
[Contrl Center of Storm Media / ccosm][Stopped/Auto Start]
<D:\暴风\stormliv.exe /asservice><北京暴风网际科技有限公司>
[Intel(R) PROSet/Wireless Event Log / EvtEng][Stopped/Auto Start]
<C:\Program Files\Intel\Wireless\Bin\EvtEng.exe><Intel Corporation>
[Intel(R) Matrix Storage Event Monitor / IAANTMON][Stopped/Auto Start]
<C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe><Intel Corporation>
[Kingsoft Basic Service / kaccore][Stopped/Manual Start]
<"C:\Program Files\Kingsoft\KAC\Service\kaccore.exe"><Kingsoft Corporation>
[Kingsoft Antivirus WebShield Service / Kingsoft Antivirus WebShield Service][Stopped/Auto Start]
<C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\webshield\KSWebShield.exe><Kingsoft Corporation>
[Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
<C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>
[Kingsoft Personal Firewall Service / KPfwSvc][Stopped/Auto Start]
<"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
[Kingsoft Antivirus KWatch Service / KWatchSvc][Stopped/Auto Start]
<"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
[Intel(R) PROSet/Wireless Registry Service / RegSrvc][Stopped/Auto Start]
<C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe><Intel Corporation>
[SOSSrv / SOSSrv][Stopped/Auto Start]
<C:\Program Files\StarSoftComm\StarOS3.0\SOSSrv.exe><StarSoftComm Corporation>
[TOSHIBA Bluetooth Service / TOSHIBA Bluetooth Service][Stopped/Auto Start]
<C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe><TOSHIBA CORPORATION>
==================================
驱动程序
[360SelfProtection / 360SelfProtection][Stopped/System Start]
<system32\drivers\360SelfProtection.sys><360安全中心>
[adp94xx / adp94xx][Stopped/Disabled]
<\SystemRoot\system32\drivers\adp94xx.sys><Adaptec, Inc.>
[adpahci / adpahci][Stopped/Disabled]
<\SystemRoot\system32\drivers\adpahci.sys><Adaptec, Inc.>
[adpu160m / adpu160m][Stopped/Disabled]
<\SystemRoot\system32\drivers\adpu160m.sys><Adaptec, Inc.>
[adpu320 / adpu320][Stopped/Disabled]
<\SystemRoot\system32\drivers\adpu320.sys><Adaptec, Inc.>
[aic78xx / aic78xx][Stopped/Disabled]
<\SystemRoot\system32\drivers\djsvs.sys><Adaptec, Inc.>
[aliide / aliide][Stopped/Disabled]
<\SystemRoot\system32\drivers\aliide.sys><Acer Laboratories Inc.>
[Apaidi / Apaidi][Stopped/Auto Start]
<\??\C:\Windows\system32\drivers\Apaidi.sys><N/A>
[arc / arc][Stopped/Disabled]
<\SystemRoot\system32\drivers\arc.sys><Adaptec, Inc.>
[arcsas / arcsas][Stopped/Disabled]
<\SystemRoot\system32\drivers\arcsas.sys><Adaptec, Inc.>
[BFSDRV / BFSDRV][Stopped/System Start]
<\??\C:\Windows\system32\drivers\bfsdrv.sys><360安全中心>
[blbdrive / blbdrive][Stopped/Disabled]
<\SystemRoot\system32\drivers\blbdrive.sys><N/A>
[BREGDRV / BREGDRV][Stopped/System Start]
<\??\C:\Windows\system32\drivers\bregdrv.sys><360安全中心>
[Brother USB Mass-Storage Lower Filter Driver / BrFiltLo][Stopped/Manual Start]
<\SystemRoot\system32\drivers\brfiltlo.sys><Brother Industries, Ltd.>
[Brother USB Mass-Storage Upper Filter Driver / BrFiltUp][Stopped/Manual Start]
<\SystemRoot\system32\drivers\brfiltup.sys><Brother Industries, Ltd.>
[Brother MFC Serial Port Interface Driver (WDM) / Brserid][Stopped/Disabled]
<\SystemRoot\system32\drivers\brserid.sys><Brother Industries Ltd.>
[Brother WDM Serial driver / BrSerWdm][Stopped/Disabled]
<\SystemRoot\system32\drivers\brserwdm.sys><Brother Industries Ltd.>
[Brother MFC USB Fax Only Modem / BrUsbMdm][Stopped/Disabled]
<\SystemRoot\system32\drivers\brusbmdm.sys><Brother Industries Ltd.>
[Brother MFC USB Serial WDM Driver / BrUsbSer][Stopped/Manual Start]
<\SystemRoot\system32\drivers\brusbser.sys><Brother Industries Ltd.>
[BisonCam / Cam5607][Stopped/Manual Start]
<System32\Drivers\BisonC07.sys><Bison Electronics. Inc.>
[cmdide / cmdide][Stopped/Disabled]
<\SystemRoot\system32\drivers\cmdide.sys><CMD Technology, Inc.>
[Intel(R) PRO/1000 PCI Express Network Connection Driver / e1express][Stopped/Manual Start]
<system32\DRIVERS\e1e6032.sys><Intel Corporation>
[Intel(R) PRO/1000 NDIS 6 Adapter Driver / E1G60][Stopped/Manual Start]
<system32\DRIVERS\E1G60I32.sys><Intel Corporation>
[EagleNT / EagleNT][Stopped/Manual Start]
<\??\C:\Windows\system32\drivers\EagleNT.sys><N/A>
[EfiSystemMon / EfiMon][Stopped/System Start]
<System32\Drivers\Efimon.sys><奇虎网>
[elxstor / elxstor][Stopped/Disabled]
<\SystemRoot\system32\drivers\elxstor.sys><Emulex>
[HookPort / HookPort][Stopped/Boot Start]
<\SystemRoot\System32\Drivers\Hookport.sys><360安全中心>
[HpCISSs / HpCISSs][Stopped/Disabled]
<\SystemRoot\system32\drivers\hpcisss.sys><Hewlett-Packard Company>
[Intel AHCI Controller / iaStor][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\iaStor.sys><Intel Corporation>
[Intel RAID Controller Vista / iaStorV][Stopped/Disabled]
<\SystemRoot\system32\drivers\iastorv.sys><Intel Corporation>
[igfx / igfx][Stopped/Manual Start]
<system32\DRIVERS\igdkmd32.sys><Intel Corporation>
[iirsp / iirsp][Stopped/Disabled]
<\SystemRoot\system32\drivers\iirsp.sys><Intel Corp./ICP vortex GmbH>
[IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start]
<system32\DRIVERS\ipinip.sys><N/A>
[ITEATAPI_Service_Install / iteatapi][Stopped/Disabled]
<\SystemRoot\system32\drivers\iteatapi.sys><Integrated Technology Express, Inc.>
[ITERAID_Service_Install / iteraid][Stopped/Disabled]
<\SystemRoot\system32\drivers\iteraid.sys><Integrated Technology Express, Inc.>
[KAVBase / KAVBase][Stopped/Auto Start]
<\??\C:\Windows\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
[KAVBootC / KAVBootC][Stopped/Boot Start]
<\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
[KAVSafe / KAVSafe][Stopped/Auto Start]
<\??\C:\Windows\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
[KNetWch / KNetWch][Stopped/System Start]
<\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>
[Kingsoft Firewall NDIS Filter / KNetWchV][Stopped/System Start]
<system32\DRIVERS\KNetWchV.SYS><Kingsoft Corporation>
[KWatch3 / KWatch3][Stopped/Auto Start]
<\??\C:\Windows\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
[LSI_FC / LSI_FC][Stopped/Disabled]
<\SystemRoot\system32\drivers\lsi_fc.sys><LSI Logic>
[LSI_SAS / LSI_SAS][Stopped/Disabled]
<\SystemRoot\system32\drivers\lsi_sas.sys><LSI Logic>
[LSI_SCSI / LSI_SCSI][Stopped/Disabled]
<\SystemRoot\system32\drivers\lsi_scsi.sys><LSI Logic>
[megasas / megasas][Stopped/Disabled]
<\SystemRoot\system32\drivers\megasas.sys><LSI Logic Corporation>
[Mraid35x / Mraid35x][Stopped/Disabled]
<\SystemRoot\system32\drivers\mraid35x.sys><LSI Logic Corporation>
[Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit / NETw3v32][Stopped/Manual Start]
<system32\DRIVERS\NETw3v32.sys><Intel? Corporation>
[Intel(R) Wireless WiFi Link 适配器驱动程序（适用于 Windows Vista 32 位） / NETw4v32][Stopped/Manual Start]
<system32\DRIVERS\NETw4v32.sys><Intel Corporation>
[nfrd960 / nfrd960][Stopped/Disabled]
<\SystemRoot\system32\drivers\nfrd960.sys><IBM Corporation>
[N-trig HID Tablet Driver / ntrigdigi][Stopped/Disabled]
<\SystemRoot\system32\drivers\ntrigdigi.sys><N-trig Innovative Technologies>
[nvraid / nvraid][Stopped/Disabled]
<\SystemRoot\system32\drivers\nvraid.sys><NVIDIA Corporation>
[nvstor / nvstor][Stopped/Disabled]
<\SystemRoot\system32\drivers\nvstor.sys><NVIDIA Corporation>
[IPX Traffic Filter Driver / NwlnkFlt][Stopped/Manual Start]
<system32\DRIVERS\nwlnkflt.sys><N/A>
[IPX Traffic Forwarder Driver / NwlnkFwd][Stopped/Manual Start]
<system32\DRIVERS\nwlnkfwd.sys><N/A>
[QLogic Fibre Channel Miniport Driver / ql2300][Stopped/Disabled]
<\SystemRoot\system32\drivers\ql2300.sys><QLogic Corporation>
[QLogic iSCSI Miniport Driver / ql40xx][Stopped/Disabled]
<\SystemRoot\system32\drivers\ql40xx.sys><QLogic Corporation>
[USB Mass Storage Device / RTSTOR][Running/Manual Start]
<system32\drivers\RTSTOR.SYS><Realtek Semiconductor Corp.>
[SafeBoxKrnl / SafeBoxKrnl][Stopped/System Start]
<\??\C:\Windows\system32\Drivers\safeboxkrnl.sys><360安全中心>
[StarCenter Backup Volume Filter Driver / ScbkEx][Running/Boot Start]
<\SystemRoot\system32\drivers\ScbkEx.sys><Windows (R) 2000 DDK provider>
[ScCchMgr / ScCchMgr][Running/System Start]
<system32\drivers\sccchmgr.sys><Windows (R) 2000 DDK provider>
[SiSRaid2 / SiSRaid2][Stopped/Disabled]
<\SystemRoot\system32\drivers\sisraid2.sys><Silicon Integrated Systems Corp.>
[SiSRaid4 / SiSRaid4][Stopped/Disabled]
<\SystemRoot\system32\drivers\sisraid4.sys><Silicon Integrated Systems>
[sptd / sptd][Running/Boot Start]
<\SystemRoot\System32\Drivers\sptd.sys><N/A>
[sscfs / sscfs][Running/System Start]
<system32\drivers\sscfs.sys><StarSoftComm>
[ssfltpt / ssfltpt][Running/Boot Start]
<\SystemRoot\system32\drivers\ssfltpt.sys><StarSoftComm Corporation>
[Symc8xx / Symc8xx][Stopped/Disabled]
<\SystemRoot\system32\drivers\symc8xx.sys><LSI Logic>
[Sym_hi / Sym_hi][Stopped/Disabled]
<\SystemRoot\system32\drivers\sym_hi.sys><LSI Logic>
[Sym_u3 / Sym_u3][Stopped/Disabled]
<\SystemRoot\system32\drivers\sym_u3.sys><LSI Logic>
[Synaptics TouchPad Driver / SynTP][Running/Manual Start]
<system32\DRIVERS\SynTP.sys><Synaptics, Inc.>
[tcphoc / tcphoc][Stopped/Manual Start]
<\??\D:\新建文件夹 (20)\Program\tcphoc.sys><N/A>
[TesDrvPt / TesDrvPt][Stopped/Manual Start]
<\??\C:\Windows\system32\TesDrvPt.sys><TENCENT>
[TesSafe / TesSafe][Stopped/Manual Start]
<\??\C:\Windows\system32\TesSafe.sys><TENCENT>
[Bluetooth HID Port / toshidpt][Stopped/Manual Start]
<system32\drivers\Toshidpt.sys><TOSHIBA Corporation.>
[Bluetooth COM Port / tosporte][Stopped/Manual Start]
<system32\DRIVERS\tosporte.sys><TOSHIBA Corporation>
[Bluetooth RFBUS / tosrfbd][Stopped/Manual Start]
<system32\DRIVERS\tosrfbd.sys><TOSHIBA CORPORATION>
[Bluetooth RFBNEP / tosrfbnp][Stopped/Manual Start]
<System32\Drivers\tosrfbnp.sys><TOSHIBA Corporation>
[Bluetooth RFCOMM / Tosrfcom][Stopped/System Start]
<System32\Drivers\tosrfcom.sys><TOSHIBA Corporation>
[Bluetooth RFHID / Tosrfhid][Stopped/Manual Start]
<system32\DRIVERS\Tosrfhid.sys><TOSHIBA Corporation.>
[Bluetooth Personal Area Network / tosrfnds][Stopped/Manual Start]
<system32\DRIVERS\tosrfnds.sys><TOSHIBA Corporation.>
[Bluetooth Audio / TosRfSnd][Stopped/Manual Start]
<system32\drivers\tosrfsnd.sys><TOSHIBA Corporation>
[Bluetooth USB Controller / Tosrfusb][Stopped/Manual Start]
<system32\DRIVERS\tosrfusb.sys><TOSHIBA CORPORATION>
[uliahci / uliahci][Stopped/Disabled]
<\SystemRoot\system32\drivers\uliahci.sys><ULi Electronics Inc.>
[UlSata / UlSata][Stopped/Disabled]
<\SystemRoot\system32\drivers\ulsata.sys><Promise Technology, Inc.>
[ulsata2 / ulsata2][Stopped/Disabled]
<\SystemRoot\system32\drivers\ulsata2.sys><Promise Technology, Inc.>
[vaxscsi / vaxscsi][Stopped/Manual Start]
<\SystemRoot\System32\Drivers\vaxscsi.sys><N/A>
[viaide / viaide][Stopped/Disabled]
<\SystemRoot\system32\drivers\viaide.sys><VIA Technologies, Inc.>
[vsmraid / vsmraid][Stopped/Disabled]
<\SystemRoot\system32\drivers\vsmraid.sys><VIA Technologies Inc.,Ltd>
[WINIO / WINIO][Stopped/Manual Start]
<\??\C:\Windows\system32\WinIo.sys><http://www.internals.com>
[360FkAdv / 360FkAdv][Stopped/Manual Start]
<2 - 系统找不到指定的文件。
><N/A>
==================================

用户系统信息：Mozilla/4.0 (compatible;ak; MSIE 8.0; Windows NT 6.0; Trident/4.0; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.30618; .NET CLR 3.5.30729)

稻香321 - 2009-10-10 20:23:00

浏览器加载项
[WebThunder Browser Helper]
{00000AAA-A363-466E-BEF5-9BB68697AA7F} <D:\新建文件夹 (9)\WebThunderBHO_Now.dll, N/A>
[QvodExtend]
{53AC8551-0DE0-4606-8A1E-A51AF20ADD60} <C:\QvodPlayer\QvodExtend.dll, (Signed) Shenzhen QVOD Technology Co.,Ltd>
[]
{669751ED-D558-49AE-B01A-3B374CC7910E} <, >
[]
{7E853D72-626A-48EC-A868-BA8D5E23E045} <, >
[SafeMon Class]
{B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, (Signed) 360.CN>
[kingsoft browser shield]
{D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, (Signed) Kingsoft Corporation>
[]
{0A155D3C-68E2-4215-A47A-E800A446447A} <, >
[PhotoDraw Class]
{2375BEE5-F175-4F1C-81EC-8E4E2E72E2DD} <C:\Windows\system32\QQPhotoDraw.dll, TENCENT>
[ScreenCapture Class]
{B4D9857D-8A55-4442-A577-6B3ED5D4E41B} <C:\Windows\system32\FMO.dll, Tencent Inc.>
[WebActivater Control]
{C661F36D-DF85-4EF4-83C7-E107B83D04B1} <C:\Windows\system32\3DShowVM.ocx, QQ>
[]
{EC0978ED-24E3-403C-AB7A-060E388553E6} <, >
[]
{00000000-0000-0000-0000-000000000000} <, >
[WebThunder Browser Helper]
{00000AAA-A363-466E-BEF5-9BB68697AA7F} <D:\新建文件夹 (9)\WebThunderBHO_Now.dll, N/A>
[ThunderAtOnce Class]
{01443AEC-0FD1-40FD-9C87-E93D1494C233} <D:\新建文件夹 (20)\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[]
{03507A1A-E0C5-4404-AA26-205385C0892D} <, >
[PhotoDrawEx Class]
{05F5F404-7C24-4B39-B5CC-340CEDEB9C0D} <D:\QQ2009\Plugin\Com.Tencent.Qzone\bin\QQPhotoDrawEx\QQPhotoDrawEx.dll, (Signed) Tencent>
[]
{09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <, >
[]
{0A155D3C-68E2-4215-A47A-E800A446447A} <, >
[GerneralPeerID Class]
{0A47E819-F82E-4D5D-B806-6A9EA94D68CD} <D:\新建文件夹\Components\InMedia\peerid.dll, N/A>
[]
{0C7C23EF-A848-485B-873C-0ED954731014} <, >
[Player Class]
{11F2A418-94B2-4e16-9B0C-B00C0435F903} <D:\新建文件夹 (4)\LiveMedia.dll, (Signed) Tencent>
[XDownloaddManager Class]
{15BD4A12-BEDA-4A4D-8FB1-04553F1FD1CB} <D:\新建文件夹 (9)\WebThunderBHO_Now.dll, N/A>
[]
{1663ED61-23EB-11D2-B92F-008048FDD814} <, >
[Fade]
{16B280C5-EE70-11D1-9066-00C04FD9189D} <C:\Windows\system32\Dxtmsft.dll, (Signed) Microsoft Corporation>
[]
{19EFFC12-25FB-479A-A0F2-1569AE1B3365} <, >
[InstallHelper Class]
{1DABF8D5-8430-4985-9B7F-A30E53D709B3} <D:\新建文件夹 (4)\QQLiveInstaller.dll, (Signed) >
[UploadFilePartition Class]
{2030B925-DF6E-4535-AB9A-C2787F2FEB53} <C:\Windows\system32\TXGYUploader.dll, (Signed) Tencent >
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\Windows\System32\wmpdxm.dll, (Signed) Microsoft Corporation>
[PhotoDraw Class]
{2375BEE5-F175-4F1C-81EC-8E4E2E72E2DD} <C:\Windows\system32\QQPhotoDraw.dll, TENCENT>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <C:\Windows\system32\mshtml.dll, (Signed) Microsoft Corporation>
[XML DOM Document]
{2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[]
{29CF293A-1E7D-4069-9E11-E39698D0AF95} <, >
[]
{2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <, >
[HtmlDlgSafeHelper Class]
{3050F819-98B5-11CF-BB82-00AA00BDCE0B} <C:\Windows\system32\mshtmled.dll, (Signed) Microsoft Corporation>
[IETag Factory]
{38481807-CA0E-42D2-BF39-B33AF135CC4D} <C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL, (Signed) Microsoft Corporation>
[]
{3AECD3C1-7085-4731-96DC-47B6CF7EF749} <, >
[QuickTime Object]
{4063BE15-3B08-470D-A0D5-B37161CFFD69} <C:\Program Files\StormII\Codec\QTSystem\QTPlugin.ocx, N/A>
[XML Document]
{48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[Thunder Agent Class]
{485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <D:\新建文件夹 (20)\ComDlls\ThunderAgent_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[IE2EMUrlTaker Class]
{48618374-565F-4CA0-B8CD-6F496C997FAF} <D:\新建文件夹 (2)\eMule\IE2EM.dll, N/A>
[EditCtrl Class]
{488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\Windows\system32\aliedit\aliedit.dll, (Signed) >
[Kingsoft Trojan Webshield]
{4E8A5278-C04E-4FE3-BF78-8A7CCD6EF333} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll, (Signed) Kingsoft Corporation>
[VaCom.Application]
{51E88884-1306-4444-B22D-C34119E44232} <D:\新建文~2\飞速TU~1\TDVaCom.Dll, 土豆网>
[HHCtrl Object]
{52A2AAAE-085D-4187-97EA-8C30DB990436} <%SystemRoot%\System32\hhctrl.ocx, (Signed) N/A>
[QvodExtend]
{53AC8551-0DE0-4606-8A1E-A51AF20ADD60} <C:\QvodPlayer\QvodExtend.dll, (Signed) Shenzhen QVOD Technology Co.,Ltd>
[Shell Name Space]
{55136805-B2DE-11D1-B9F2-00A0C98BC547} <C:\Windows\system32\ieframe.dll, (Signed) Microsoft Corporation>
[]
{55302805-482E-470E-8A57-6795A1487F90} <, >
[WangWangX Class]
{5D09DD40-CDC4-4C56-B615-0D1E3B357C2B} <D:\啊里旺旺\AliIMX.dll, (Signed) Alibaba software (Shanghai) Corporation.>
[]
{5EE6BFED-B016-4FE4-9781-789522416391} <, >
[]
{642D2749-A4FC-49C5-8384-E39E009EBCDD} <, >
[XMP Class]
{6483F145-A768-4C41-AACC-52D4D7845851} <C:\ProgramData\Thunder Network\KanKan\xplayer.dll_1_work, Xunlei Networking Technologies,LTD>
[]
{669751ED-D558-49AE-B01A-3B374CC7910E} <, >
[XDRM]
{693571CB-54A3-4E90-9D52-EEAE1334E2D3} <C:\ProgramData\Thunder Network\KanKan\xdrm.dll_1_work, >
[QQLiveFile Class]
{6B232760-90F1-41c3-9902-C8552C1D8A72} <D:\新建文件夹 (4)\FileVersion.dll, (Signed) Tencent>
[StormPlayer Object]
{6BE52E1D-E586-474F-A6E2-1A85A9B4D9FB} <D:\暴风\mps.dll, (Signed) 北京暴风网际科技有限公司>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\Windows\system32\wmp.dll, (Signed) Microsoft Corporation>
[QvodShare Class]
{7139E26A-49CA-4344-B063-C702858627D9} <C:\QvodPlayer\ShareModule.dll, (Signed) Shenzhen QVOD Technology Co.,Ltd>
[MediaComm Class]
{7670648D-461B-42AF-BDFE-46D26AF5EFF2} <D:\新建文件夹 (20)\Components\InMedia\MediaAddin.dll, (Signed) Thunder Networking Technologies,LTD>
[]
{7E853D72-626A-48EC-A868-BA8D5E23E045} <, >
[XDownloaddManager Class]
{802F530B-A8F6-4631-AE49-6BACAAC6373E} <D:\新建文件夹 (20)\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[360SafeLive]
{87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, (Signed) 360.cn>
[Microsoft Web Browser]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\Windows\system32\ieframe.dll, (Signed) Microsoft Corporation>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <D:\新建文件夹 (20)\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[XML DOM 文档 5.0]
{88D969E5-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL, (Signed) Microsoft Corporation>
[XML HTTP 5.0]
{88D969EA-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL, (Signed) Microsoft Corporation>
[XML DOM Document 6.0]
{88D96A05-F192-11D4-A65F-0040963251E5} <%SystemRoot%\System32\msxml6.dll, (Signed) N/A>
[XML HTTP 6.0]
{88D96A0A-F192-11D4-A65F-0040963251E5} <%SystemRoot%\System32\msxml6.dll, (Signed) N/A>
[Uploader Class]
{8A990A37-B746-43CC-BF08-400740854928} <C:\Windows\system32\FMO.dll, Tencent Inc.>
[SSOForPTLogin Class]
{8FC1EE75-72B3-4A23-B987-2B1C4C8A611B} <C:\Program Files\Common Files\Tencent\TXSSO\Bin\SSOAxCtrlForPTLogin.dll, (Signed) Tencent>
[]
{95B3F550-91C4-4627-BCC4-521288C52977} <, >
[]
{962EFB8E-2683-42D4-AC74-AAA4C759B9C6} <, >
[OFrameObject Class]
{9701758C-4373-482E-B13C-776C048EC890} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.5905.197.(801).dll, N/A>
[]
{9EFF1953-9694-47B1-AEF6-B2A3FE8BFE9B} <, >
[]
{A692062A-11A1-461B-BE98-B520F01F96FC} <, >
[APlayer Control]
{A9322148-C691-4B9D-91FC-B9C461DBE9DD} <C:\Program Files\Common Files\Thunder Network\APlayer\APlayer_001.dll, (Signed) ShenZhen Thunder Networking Technologies, LTD>
[]
{AC414988-E5BB-4C2C-873B-EA53D2F3D23A} <, >
[]
{ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <, >
[]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <, >
[ScreenCapture Class]
{B4D9857D-8A55-4442-A577-6B3ED5D4E41B} <C:\Windows\system32\FMO.dll, Tencent Inc.>
[SafeMon Class]
{B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, (Signed) 360.CN>
[WebPlayer Class]
{B965124A-7C58-45f8-91BF-28A981CE7594} <D:\新建文件夹 (4)\WebLiveMedia.dll, (Signed) Tencent>
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <%CommonProgramFiles%\System\msadc\msadco.dll, (Signed) N/A>
[FTNUpload Class]
{BDEACC50-F56D-4D60-860F-CF6ED1766D65} <C:\Program Files\Common Files\Tencent\TXFTN\TXFTNActiveX.dll, (Signed) Tencent>
[WebActivater Control]
{C661F36D-DF85-4EF4-83C7-E107B83D04B1} <C:\Windows\system32\3DShowVM.ocx, QQ>
[CheckReader Class]
{C9E75CAD-ACA5-4074-81CC-5448FCCFE987} <C:\Program Files\Founder\Apabi Reader 3.0\Check.dll, (Signed) >
[QQPlayerCtrl Class]
{CD108273-D434-43E6-AA90-1469F97EB398} <D:\QQ2009\Plugin\Com.Tencent.QQMusic\bin\QQMusic\QzoneMusic.dll, (Signed) Tencent>
[AUDIO__MPEGURL Moniker Class]
{CD3AFA78-B84F-48F0-9393-7EDC34128127} <C:\Windows\system32\wmp.dll, (Signed) Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
{CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\Windows\system32\wmp.dll, (Signed) Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
{CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\Windows\system32\wmp.dll, (Signed) Microsoft Corporation>
[VIDEO__X_MS_WM Moniker Class]
{CD3AFA92-B84F-48F0-9393-7EDC34128127} <C:\Windows\system32\wmp.dll, (Signed) Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
{CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\Windows\system32\wmp.dll, (Signed) Microsoft Corporation>
[Microsoft Url Search Hook]
{CFBFAE00-17A6-11D0-99CB-00C04FD64497} <C:\Windows\system32\ieframe.dll, (Signed) Microsoft Corporation>
[RealPlayer G2 Control]
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <D:\暴风\Codec\rmoc3260.dll, (Signed) RealNetworks, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\Windows\system32\Macromed\Flash\Flash10c.ocx, (Signed) Adobe Systems, Inc.>
[Microsoft Agent Control 2.0]
{D45FD31B-5C6E-11D1-9EC1-00C04FD7081F} <%SystemRoot%\MSAgent\agentctl.dll, (Signed) N/A>
[]
{D6E814A0-E0C5-11D4-8D29-0050BA6940E3} <, >
[kingsoft browser shield]
{D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, (Signed) Kingsoft Corporation>
[TencentVmpCtl Class]
{D9819BD5-422B-4281-8523-726466ED692B} <C:\Program Files\Tencent\Viewpoint Media Player\AxMetaStream.dll, Viewpoint Corporation>
[QQLive Class]
{D9EBCF5D-3F8F-4b6a-89BA-70577BE73C62} <D:\新建文件夹 (4)\LiveAPI.dll, (Signed) Tencent>
[Microsoft Silverlight]
{DFEAF541-F3E1-4C24-ACAC-99C30715084A} <C:\Program Files\Microsoft Silverlight\2.0.31005.0\npctrl.dll, (Signed) Microsoft Corporation>
[PlayerCtrl Class]
{E05BC2A3-9A46-4A32-80C9-023A473F5B23} <D:\QQ2009\Plugin\Com.Tencent.QQMusic\bin\QQMusic\QzoneMusic.dll, (Signed) Tencent>
[EditCtrl Class]
{E0E9F6EF-871B-42AE-89C9-CD6AF7A2E5D3} <C:\Windows\system32\SecEdit\SecEdit.dll, >
[]
{E1771B7F-98BE-407F-BA67-AA16ADA5D0C5} <C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGSC8~1.DLL, (Signed) Microsoft Corporation>
[RevealTrans]
{E31E87C4-86EA-4940-9B8A-5BD5D179A737} <C:\Windows\system32\Dxtmsft.dll, (Signed) Microsoft Corporation>
[]
{E8F87883-C795-452E-B41D-354558F0811E} <, >
[]
{EC0978ED-24E3-403C-AB7A-060E388553E6} <, >
[TimwpDll.TimwpCheck]
{ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4} <D:\QQ2009\Bin\Timwp.dll, (Signed) Tencent>
[XML HTTP Request]
{ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[]
{EEDD6FF9-13DE-496B-9A1C-D78B3215E266} <, >
[]
{F156768E-81EF-470C-9057-481BA8380DBA} <, >
[QvodCtrl Class]
{F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\QvodPlayer\QvodInsert.dll, (Signed) Shenzhen QVOD Technology Co.,Ltd>
[]
{F3E70CEA-956E-49CC-B444-73AFE593AD7F} <, >
[XML DOM Document 3.0]
{F5078F32-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[Free Threaded XML DOM Document 3.0]
{F5078F33-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[XML HTTP 3.0]
{F5078F35-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[XSL Template 3.0]
{F5078F36-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[XML Document 3.0]
{F5078F40-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[XML DOM Document]
{F6D90F11-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[XML HTTP]
{F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[IERPCtl Class]
{FDC7A535-4070-4B92-A0EA-D9994BCC0DC5} <D:\新陆建ㄎ文募件夹? (3)\rpplugins\ierpplug.dll, N/A>
[使用迅雷下载]
<D:\新建文件夹 (20)\Program\GetUrl.htm, N/A>
[使用迅雷下载全部链接]
<D:\新建文件夹 (20)\Program\GetAllUrl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
<res://C:\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ表情]
<D:\QQ2009\Bin\AddEmotion.htm, N/A>
[百度一下所选文字 (&B)]
<C:\Program Files\Common Files\Baidu\Baidu.html, N/A>
==================================
正在运行的进程
[PID: 292 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[PID: 428 / SYSTEM][C:\Windows\system32\csrss.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 464 / SYSTEM][C:\Windows\system32\csrss.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 472 / SYSTEM][C:\Windows\system32\wininit.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 516 / SYSTEM][C:\Windows\system32\winlogon.exe] [(Verified) Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[PID: 548 / SYSTEM][C:\Windows\system32\services.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 560 / SYSTEM][C:\Windows\system32\lsass.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 568 / SYSTEM][C:\Windows\system32\lsm.exe] [(Verified) Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[PID: 712 / SYSTEM][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 768 / NETWORK SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 804 / SYSTEM][C:\Windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 884 / LOCAL SERVICE][C:\Windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 912 / SYSTEM][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 980 / NETWORK SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1184 / jsd][C:\Windows\Explorer.EXE] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\system32\igfxpph.dll] [Intel Corporation, 7.14.10.1364]
[C:\Windows\system32\hccutils.DLL] [Intel Corporation, 7.14.10.1364]
[C:\Windows\system32\igfxres.dll] [Intel Corporation, 7.14.10.1364]
[C:\Windows\system32\igfxress.dll] [Intel Corporation, 7.14.10.1364]
[C:\Windows\system32\igfxsrvc.dll] [Intel Corporation, 7.14.10.1364]
[C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1021]
[C:\Windows\system32\TosBtExt.dll] [TOSHIBA, 5.00.2829.ALL]
[PID: 1396 / jsd][C:\Windows\system32\igfxsrvc.exe] [Intel Corporation, 7.14.10.1364]
[C:\Windows\system32\igfxsrvc.dll] [Intel Corporation, 7.14.10.1364]
[C:\Windows\system32\igfxdev.dll] [Intel Corporation, 7.14.10.1364]
[PID: 1484 / jsd][C:\Program Files\360safe\safemon\360Tray.exe] [360安全中心, 5, 2, 0, 1015]
[C:\Program Files\360safe\safemon\360compro.dll] [360安全中心, 1, 0, 0, 1013]
[C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1021]
[C:\Program Files\360safe\safemon\urlproc.dll] [360.CN, 1, 0, 0, 1006]
[C:\Program Files\360safe\safemon\SafeKrnl.dll] [奇虎网, 5, 0, 0, 1006]
[C:\Program Files\360safe\AntiAdwa.dll] [360Safe.com, 4, 2, 0, 1002]
[C:\Program Files\360safe\safemon\360webpro.dll] [360.CN, 1, 3, 0, 1030]
[C:\Program Files\360safe\safemon\360procmon.dll] [360.CN, 1, 1, 0, 1015]
[C:\Program Files\360safe\live.dll] [360.cn, 1, 0, 2, 1007]
[C:\Program Files\360safe\safemon\SelfProtectAPI2.dll] [360.CN, 1, 1, 0, 1006]
[C:\Program Files\360safe\efiproc.dll] [奇虎360安全卫士, 1, 0, 0, 1004]
[PID: 1716 / jsd][D:\新建文件夹\SREngLdr.EXE] [Smallfrogs Studio, 2.8.1.1279]
[PID: 624 / jsd][D:\新建文件夹\SRE95e0d642.EXE] [Smallfrogs Studio, 2.8.1.1279]
[C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1021]
[D:\新建文件夹\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["%SystemRoot%\hh.exe" %1]
.HLP OK. [%SystemRoot%\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. ["%SystemRoot%\System32\WScript.exe" "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
N/A
==================================
进程特权扫描
N/A
==================================
计划任务
N/A
==================================
Windows 安全更新检查
N/A
==================================
API HOOK
N/A
==================================
隐藏进程
N/A
==================================[/code]

瑞星卡卡安全论坛