轩辕剑5乱码问题_百度知道
轩辕剑5乱码问题
提问者采纳
去太平洋游戏网或“玩游戏网”下载,直接是简体中文的!
其他类似问题
为您推荐:
您可能关注的推广
轩辕剑5的相关知识
其他1条回答
虽然我管不着。猪猪有简体中文的破解。。。请购买正版。
等待您来回答
下载知道APP
随时随地咨询
出门在外也不愁求 轩辕剑4外传苍之涛Swdmd.exe执行文件 谢谢 _百度知道
求 轩辕剑4外传苍之涛Swdmd.exe执行文件 谢谢
提问者采纳
。,去邮箱查收已发送
来自团队:
其他类似问题
为您推荐:
您可能关注的推广
轩辕剑4外传苍之涛的相关知识
等待您来回答
下载知道APP
随时随地咨询
出门在外也不愁北大未名站 同主题阅读: qq自动发送的exe文件,附log
点击右上角,“分享到朋友圈”或“发送给好友”↑
北大未名站 ○ 病毒与计算机安全
讨论区 [Virus_Security]
主题:qq自动发送的exe文件,附log
发信人: wayabroad (wayabroad), 信区: Virus_Security
题: qq自动发送的exe文件
发信站: 北大未名站 (日12:00:15 星期二), 站内信件
前天跟同学聊天,给同学发送一照片,没有发送成功。结果第二天早上我那同学的q
q给我发了一个相同文件名的文件,文件格式是.rar的。我接收之后,点开,发现里面是
个.exe的文件,我手一抖,双击了。结果就悲剧了,电脑不能上网了,用诸多杀软和查木
马的软件都查不出木马,期间重启的时候还出现过蓝屏。求高手相助,感激不尽。
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Google\Google Pinyin 2\GooglePinyinDaemon.exe
D:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\ccc\AppData\Roaming\Google\Google Talk\googletalk.exe
C:\Users\ccc\AppData\Local\TOMSkypeData\TOMSkypeData.exe
D:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Google\Google Pinyin 2\GooglePinyinService.exe
D:\Program Files\SogouInput\5.0.1.4185\pinyinup.exe
d:\Program Files\SogouInput\5.0.1.4185\ImeUtil.exe
C:\Windows\system32\taskeng.exe
E:\安装包\杀毒\ccc\HiJackThis202\HijackThis.exe
d:\Program Files\SogouInput\5.0.1.4185\PinyinUp.exe
d:\Program Files\SogouInput\5.0.1.4185\ImeUtil.exe
d:\Program Files\SogouInput\5.0.1.4185\ImeUtil.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD--FA578C2EBDC3} - C:\Prog
ram Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: QQ工具栏 - {29CF293A-1E7D--E} - C:\Program File
s\Tencent\QQToolbar\IEBar.dll
O2 - BHO: Groove GFS Browser Helper - {C5-4D22-B7F9-0BBC1D38A37E}
- D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live 登录帮助程序 - {C02-4ABF-8ECC-C6}
- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogi
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-
EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClie
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\PRO
GRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: SmartSelect - {F4971EE7-DAA0-5D8EE6A077} - C:\Program F
iles\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: QQ工具栏 - {29CF293A-1E7D--E} - C:\Program
Files\Tencent\QQToolbar\IEBar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-A-4E364A424E17} -
C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Adobe PDF - {C5--0819E2EAAC93} - C:\Program
Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [BCSSync] "D:\Program Files\Microsoft Office\Office14\BCSSy
nc.exe" /DelayServices
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
" /hide /waitservice
O4 - HKLM\..\Run: [Google Pinyin 2 Autoupdater] "C:\Program Files\Google\Goog
le Pinyin 2\GooglePinyinDaemon.exe"
O4 - HKLM\..\Run: [IME14 CHS Setup] C:\PROGRA~1\COMMON~1\MICROS~1\IME14\SHARE
D\IMEKLMG.EXE /SetPreload /CHS /Log
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "D:\Program Files\Adobe\Acro
bat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "D:\Program Files\Adobe\Acrobat 9.0
\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [MazeSvr] d:\Program Files\天网Maze\MazeSvr.exe
O4 - HKLM\..\Run: [Microsoft Pinyin IME Migration] C:\PROGRA~1\COMMON~1\MICRO
S~1\IME12\IMESC\IMSCMIG.EXE /INSTALL
O4 - HKLM\..\Run: [FileZilla Server Interface] "d:\Program Files\FileZilla Se
rver\FileZilla Server Interface.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /aut
O4 - HKCU\..\Run: [uTorrent] "E:\安装包\已装\uTorrent\utorrent.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\ccc\AppData\Local\Google\Update\G
oogleUpdate.exe" /c
O4 - HKCU\..\Run: [googletalk] C:\Users\ccc\AppData\Roaming\Google\Google Tal
k\googletalk.exe /autostart
O4 - HKCU\..\Run: [TOMSkypeData] C:\Users\ccc\AppData\Local\TOMSkypeData\TOMS
kypeData.exe
O4 - HKCU\..\Run: [PC Suite Tray] "D:\Program Files\Nokia\Nokia PC Suite 7\PC
Suite.exe" -onlytray
O4 - Startup: OneNote 2010 屏幕剪辑程序和 Launcher.lnk = D:\Program Files\Mic
rosoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: 分享到淘江湖 - d:\Program Files\AliWangWang\Sha
reToTJH.htm
O8 - Extra context menu item: 发送至 OneNote(&N) - res://D:\PROGRA~1\MICROS~1
\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: 导出到 Microsoft Excel(&X) - res://D:\PROGRA~1\
MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: 将转换链接目标为 Adobe PDF - res://C:\Program F
iles\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelL
O8 - Extra context menu item: 将链接目标转换为 Adobe PDF - res://C:\Program F
iles\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelL
O8 - Extra context menu item: 将链接目标转换到现有的 PDF - res://C:\Program F
iles\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLi
O8 - Extra context menu item: 将链接目标追加到现有的 PDF - res://C:\Program F
iles\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLi
O8 - Extra context menu item: 添加为阿里旺旺表情 - d:\Program Files\AliWangWa
ng\AddNewEmotion.htm
O8 - Extra context menu item: 转换为 Adobe PDF - res://C:\Program Files\Commo
n Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: 追加到现有的 PDF - res://C:\Program Files\Commo
n Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: 发送至 OneNote - {50-4f3c-EE0C6C49} -
D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: 发送至 OneNote(&N) - {50-4f3c-8081-56
63EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote 链接笔记(&K) - {789FE86F-6FC4-46A1-9849-EDE0DB0C95
CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote 链接笔记(&K) - {789FE86F-6FC4-46A1-9849-
EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNote
O9 - Extra button: Research - {CC-41C8-B9BE-3C9C571A8263} - C:\PRO
GRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.
O15 - Trusted Zone: http://*.
O15 - Trusted Zone: http://*.
O15 - Trusted Zone: .cn
O15 - Trusted Zone: http://*.
O15 - Trusted Zone: http://*. (HKLM)
O15 - Trusted Zone: http://*. (HKLM)
O15 - Trusted Zone: http://*. (HKLM)
O15 - ESC Trusted Zone: http://*.
O18 - Protocol: about - {B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\S
ystem32\mshtml.dll
O18 - Protocol: cdl - {3DD53D40-7B8B-11D0-B013-00AA0059CE02} - C:\Windows\sys
tem32\urlmon.dll
O18 - Protocol: dvd - {12D-46FE-A120-47A3D7D937CC} - C:\Windows\Sys
tem32\msvidctl.dll
O18 - Protocol: file - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\sy
stem32\urlmon.dll
O18 - Protocol: ftp - {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\sys
tem32\urlmon.dll
O18 - Protocol: gopher - {79EAC9E4-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\
system32\urlmon.dll
O18 - Protocol: http - {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\sy
stem32\urlmon.dll
O18 - Protocol: https - {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\s
ystem32\urlmon.dll
O18 - Protocol: its - {9DC8-11D0-A4CC-F6} - C:\Windows\Sys
tem32\itss.dll
O18 - Protocol: javascript - {-98B5-11CF-BB82-00AA00BDCE0B} - C:\Wind
ows\System32\mshtml.dll
O18 - Protocol: livecall - {-22C1-EF} - C:\PROGRA
~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: local - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\s
ystem32\urlmon.dll
O18 - Protocol: mailto - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\
System32\mshtml.dll
O18 - Protocol: mhtml - {-BCBC-11D0-85E3-00C04FD85AB4} - C:\Windows\s
ystem32\inetcomm.dll
O18 - Protocol: mk - {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\syst
em32\urlmon.dll
O18 - Protocol: ms-help - {-A502-11D2-BBCA-00C04F8EC294} - C:\Program
Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: ms-its - {9DC8-11D0-A4CC-F6} - C:\Windows\
System32\itss.dll
O18 - Protocol: msnim - {-22C1-EF} - C:\PROGRA~1\
WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\Sys
tem32\mshtml.dll
O18 - Protocol: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\Syst
em32\msvidctl.dll
O18 - Protocol: vbscript - {-98B5-11CF-BB82-00AA00BDCE0B} - C:\Window
s\System32\mshtml.dll
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesr
O23 - Service: ANSYS FLEXlm license manager - Macrovision Corporation - C:\Pr
ogram Files\Ansys Inc\Shared Files\Licensing\intel\lmgrd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Fil
es\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour 服务 (Bonjour Service) - Apple Inc. - C:\Program Files
\Bonjour\mDNSResponder.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32
Antivirus\ekrn.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Pro
ject - d:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program
Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.
O23 - Service: lmazesvr - 北京大学 网络与分布式系统实验室 P2P组 - d:\Program
Files\AmazingStore\lmazesvr.exe
O23 - Service: lmazeupdated - 北京大学 网络与分布式系统实验室 P2P组 - d:\Prog
ram Files\AmazingStore\lmazeupdated.exe
O23 - Service: mental ray 3.8 Satellite for Autodesk 3ds Max 2011 32-bit 32-b
it (mi-raysat_3dsmax2011_32) - Unknown owner - D:\Program Files\Autodesk\3ds
Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solut
ion\ServiceLayer.exe
※ 来源:?北大未名站 bdwm.net?[FROM: 162.105.77.99]
※ 修改:?wayabroad 於 11月09日12:00:39
修改本文?[FROM: 162.105.77.99]
文章数: 127积分: 2.9等级: 一般站友原创分: 0
发信人: elfandi (Virus版诚征bm), 信区: Virus_Security
题: Re: qq自动发送的exe文件,附log
发信站: 北大未名站 (日13:13:14 星期二), 转信
用sreng做log吧
这个信息太少
【 在 wayabroad (wayabroad) 的大作中提到: 】
前天跟同学聊天,给同学发送一照片,没有发送成功。结果第二天早上我那同学的q
: q给我发了一个相同文件名的文件,文件格式是.rar的。我接收之后,点开,发现里面是
: 个.exe的文件,我手一抖,双击了。结果就悲剧了,电脑不能上网了,用诸多杀软和查木
: 马的软件都查不出木马,期间重启的时候还出现过蓝屏。求高手相助,感激不尽。
: 附上log:
: Running processes:
: C:\Windows\system32\Dwm.exe
: C:\Windows\Explorer.EXE
: C:\Windows\system32\taskhost.exe
: ...........................
※ 来源:?北大未名站 bdwm.net?[FROM: 162.105.173.146]
文章数: 9545积分: 5.2等级: 山泉原创分: 0
发信人: wayabroad (wayabroad), 信区: Virus_Security
题: Re: qq自动发送的exe文件,附log
发信站: 北大未名站 (日13:45:19 星期二), 站内信件
System Repair Engineer 2.8.2.1321
Smallfrogs ()
(Build 7600) - 管理权限用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描
Windows 安全更新检查
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
&Sidebar&&C:\Program Files\Windows Sidebar\sidebar.exe /autoRun&
ied)Microsoft Windows]
&uTorrent&&"E:\安装包\已装\uTorrent\utorrent.exe"&
[(Verified)BitTorrent
&Google Update&&"C:\Users\ccc\AppData\Local\Google\Update\GoogleUpdate.ex
[(Verified)Google Inc]
&googletalk&&C:\Users\ccc\AppData\Roaming\Google\Google Talk\googletalk.e
xe /autostart&
&TOMSkypeData&&C:\Users\ccc\AppData\Local\TOMSkypeData\TOMSkypeData.exe&
[Mind Works Limited]
&PC Suite Tray&&"D:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -on
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
&BCSSync&&"D:\Program Files\Microsoft Office\Office14\BCSSync.exe" /Delay
[(Verified)Microsoft Corporation]
&egui&&"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waits
[(Verified)ESET, spol. s r.o.]
&Google Pinyin 2 Autoupdater&&"C:\Program Files\Google\Google Pinyin 2\Go
oglePinyinDaemon.exe"&
[(Verified)Google Inc]
&IME14 CHS Setup&&C:\PROGRA~1\COMMON~1\MICROS~1\IME14\SHARED\IMEKLMG.EXE
/SetPreload /CHS /Log&
[(Verified)Microsoft Corporation]
&Adobe Acrobat Speed Launcher&&"D:\Program Files\Adobe\Acrobat 9.0\Acroba
t\Acrobat_sl.exe"&
[(Verified)Adobe Systems, Incorporated]
&Acrobat Assistant 8.0&&"D:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrot
[(Verified)Adobe Systems, Incorporated]
&MazeSvr&&d:\Program Files\天网Maze\MazeSvr.exe&
&Microsoft Pinyin IME Migration&&C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMES
C\IMSCMIG.EXE /INSTALL&
[(Verified)Microsoft Corporation]
&FileZilla Server Interface&&"d:\Program Files\FileZilla Server\FileZilla
Server Interface.exe"&
[FileZilla Project]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
&shell&&Explorer.exe&
[(Verified)Microsoft Windows]
&Userinit&&C:\Windows\system32\userinit.exe,&
[(Verified)Microsoft Windo
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
&AppInit_DLLs&&&
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellE
xecuteHooks]
&{B5A7F190-DDA6-4420-B3BA-CD}&&D:\PROGRA~1\MICROS~1\Office14\GR
OOVEEX.DLL&
[(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObj
ectDelayLoad]
&WebCheck&&&
&WPDShServiceObj&&%SystemRoot%\system32\wpdshserviceobj.dll&
[(Verified)
Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\&{22
d6f312-b0f6-11d0-94ab-e95}]
&Microsoft Windows Media Player&&%SystemRoot%\system32\unregmp2.exe /Show
[(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\&{26
923b43-4d38-484f-9b9e-dec}]
&Internet Explorer&&C:\Windows\System32\ie4uinit.exe -UserIconConfig&
Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\&{60
B49E34-C7CC-11D0-C90347FF}]
&Browser Customizations&&"C:\Windows\System32\rundll32.exe" "C:\Windows\S
ystem32\iedkcs32.dll",BrandIEActiveSetup SIGNUP&
[(Verified)Microsoft Window
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7
339CF-2B09--FED}]
&Themes Setup&&%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %
SystemRoot%\system32\themeui.dll&
[File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44B
BA840-CC51-11CF-AAFA-00AA00B6015C}]
&Microsoft Windows&&"%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUs
erConfigOE&
[File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF
52A52-394A-11d3-B153-00C04F79FAA6}]
&Microsoft Windows Media Player&&%SystemRoot%\system32\unregmp2.exe /Firs
tLogon /Shortcuts /RegBrowsers /ResetMUI&
[(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{898
20200-ECBD-11cf-8B85-00AA005B4340}]
&Windows Desktop Update&®svr32.exe /s /n /i:U shell32.dll&
[(Verified
)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{898
20200-ECBD-11cf-8B85-00AA005B4383}]
&Web Platform Customizations&&C:\Windows\System32\ie4uinit.exe -BaseSetti
[(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B
4C1CD-B018--5476DBF70820}]
&N/A&&C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,I
[(Verified)Microsoft Corporation]
==================================
启动文件夹
[OneNote 2010 屏幕剪辑程序和 Launcher]
&C:\Users\ccc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
\OneNote 2010 屏幕剪辑程序和 Launcher.lnk --& D:\PROGRA~1\MICROS~1\Office14\O
NENOTEM.EXE [Microsoft Corporation]&&N&
[OneNote 2010 屏幕剪辑程序和 Launcher]
&C:\Users\ccc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
\OneNote 2010 屏幕剪辑程序和 Launcher.lnk --& D:\PROGRA~1\MICROS~1\Office14\O
NENOTEM.EXE [Microsoft Corporation]&&N&
==================================
[AMD External Events Utility / AMD External Events Utility][Running/Auto Star
&C:\Windows\system32\atiesrxx.exe&&AMD&
[ANSYS FLEXlm license manager / ANSYS FLEXlm license manager][Stopped/Manual
&C:\Program Files\Ansys Inc\Shared Files\Licensing\intel\lmgrd.exe&&Macrovi
sion Corporation&
[Apple Mobile Device / Apple Mobile Device][Running/Auto Start]
&"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDevi
ceService.exe"&&Apple Inc.&
[Bonjour 服务 / Bonjour Service][Running/Auto Start]
&"C:\Program Files\Bonjour\mDNSResponder.exe"&&Apple Inc.&
[ESET HTTP Server / EhttpSrv][Stopped/Disabled]
&"C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe"&&ESET&
[ESET Service / ekrn][Running/Auto Start]
&"C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe"&&ESET&
[eLive Security Service / eLiveSafe][Stopped/Disabled]
&"d:\Program Files\ChinaTelecom\eLive\PlugIns\Safe\elivesafe.exe"&&贝壳网际
(北京)安全技术有限公司&
[FileZilla Server FTP server / FileZilla Server][Running/Auto Start]
&"d:\Program Files\FileZilla Server\FileZilla Server.exe"&&FileZilla Projec
[FLEXnet Licensing Service / FLEXnet Licensing Service][Stopped/Manual Start]
&"C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLic
ensingService.exe"&&Acresso Software Inc.&
[Ansys JobManager Service V11 / JobManagerService110][Stopped/Disabled]
&"C:\Program Files\Ansys Inc\v110\RSM\bin\JobManagerService.exe"&&Ansys, In
[lmazesvr / lmazesvr][Running/Auto Start]
&d:\Program Files\AmazingStore\lmazesvr.exe /service&&北京大学 网络与分布式
系统实验室 P2P组&
[lmazeupdated / lmazeupdated][Running/Auto Start]
&d:\Program Files\AmazingStore\lmazeupdated.exe /service&&北京大学 网络与分
布式系统实验室 P2P组&
[mental ray 3.8 Satellite for Autodesk 3ds Max 2011 32-bit 32-bit / mi-raysat
_3dsmax2011_32][Running/Auto Start]
&"D:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsm
ax2011_32server.exe"&&N/A&
[Net Driver HPZ12 / Net Driver HPZ12][Stopped/Disabled]
&C:\Windows\System32\svchost.exe -k HPZ12--&C:\Windows\system32\HPZinw12.dl
l&&Hewlett-Packard&
[Pml Driver HPZ12 / Pml Driver HPZ12][Stopped/Disabled]
&C:\Windows\System32\svchost.exe -k HPZ12--&C:\Windows\system32\HPZipm12.dl
l&&Hewlett-Packard&
[Ansys ScriptHost Service V11 / ScriptHostService110][Stopped/Disabled]
&"C:\Program Files\Ansys Inc\v110\RSM\bin\ScriptHostService.exe"&&Ansys, In
[ServiceLayer / ServiceLayer][Running/Manual Start]
&"C:\Program Files\PC Connectivity Solution\ServiceLayer.exe"&&Nokia.&
[Tencent Software Update Service / TSUSVC][Stopped/Disabled]
&"C:\Program Files\Tencent\QQSoftMgr\1.0.338.203\TencentUpdateSvc.exe" -run
&&Tencent&
==================================
[adp94xx / adp94xx][Stopped/Manual Start]
&\SystemRoot\system32\DRIVERS\adp94xx.sys&&Adaptec, Inc.&
[adpahci / adpahci][Stopped/Manual Start]
&\SystemRoot\system32\DRIVERS\adpahci.sys&&Adaptec, Inc.&
[adpu320 / adpu320][Stopped/Manual Start]
&\SystemRoot\system32\DRIVERS\adpu320.sys&&Adaptec, Inc.&
[aic78xx / aic78xx][Stopped/Manual Start]
&\SystemRoot\system32\DRIVERS\djsvs.sys&&Adaptec, Inc.&
[aliide / aliide][Stopped/Manual Start]
&\SystemRoot\system32\DRIVERS\aliide.sys&&Acer Laboratories Inc.&
[amdsata / amdsata][Stopped/Manual Start]
&\SystemRoot\system32\DRIVERS\amdsata.sys&&Advanced Micro Devices&
[amdsbs / amdsbs][Stopped/Manual Start]
&\SystemRoot\system32\DRIVERS\amdsbs.sys&&AMD Technologies Inc.&
[amdxata / amdxata][Running/Boot Start]
&\SystemRoot\system32\DRIVERS\amdxata.sys&&Advanced Micro Devices&
[arc / arc][Stopped/Manual Start]
&\SystemRoot\system32\DRIVERS\arc.sys&&Adaptec, Inc.&
[arcsas / arcsas][Stopped/Manual Start]
&\SystemRoot\system32\DRIVERS\arcsas.sys&&Adaptec, Inc.&
[atikmdag / atikmdag][Running/Manual Start]
&system32\DRIVERS\atikmdag.sys&&ATI Technologies Inc.&
[Broadcom NetXtreme II VBD / b06bdrv][Stopped/Manual Start]
&\SystemRoot\system32\DRIVERS\bxvbdx.sys&&Broadcom Corporation&
[Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 / b57nd60x][Stopped/Manual St
&system32\DRIVERS\b57nd60x.sys&&Broadcom Corporation&
[Brother USB Mass-Storage Lower Filter Driver / BrFiltLo][Stopped/Manual Star
&\SystemRoot\system32\DRIVERS\BrFiltLo.sys&&Brother Industries, Ltd.&
[Brother USB Mass-Storage Upper Filter Driver / BrFiltUp][Stopped/Manual Star
&\SystemRoot\system32\DRIVERS\BrFiltUp.sys&&Brother Industries, Ltd.&
[Brother MFC Serial Port Interface Driver (WDM) / Brserid][Stopped/Manual Sta
&\SystemRoot\System32\Drivers\Brserid.sys&&Brother Industries Ltd.&
[Brother WDM Serial driver / BrSerWdm][Stopped/Manual Start]
&\SystemRoot\System32\Drivers\BrSerWdm.sys&&Brother Industries Ltd.&
[Brother MFC USB Fax Only Modem / BrUsbMdm][Stopped/Manual Start]
&\SystemRoot\System32\Drivers\BrUsbMdm.sys&&Brother Industries Ltd.&
[Brother MFC USB Serial WDM Driver / BrUsbSer][Stopped/Manual Start]
&\SystemRoot\System32\Drivers\BrUsbSer.sys&&Brother Industries Ltd.&
[cmdide / cmdide][Stopped/Manual Start]
&\SystemRoot\system32\DRIVERS\cmdide.sys&&CMD Technology, Inc.&
[Intel(R) PRO/1000 PCI Express Network Connection Driver K / e1kexpress][Runn
ing/Manual Start]
&system32\DRIVERS\e1k6032.sys&&Intel Corporation&
[eamon / eamon][Running/Auto Start]
&system32\DRIVERS\eamon.sys&&ESET&
[Broadcom NetXtreme II 10 GigE VBD / ebdrv][Stopped/Manual Start]
&\SystemRoot\system32\DRIVERS\evbdx.sys&&Broadcom Corporation&
[ehdrv / ehdrv][Running/System Start]
&system32\DRIVERS\ehdrv.sys&&ESET&
[elxstor / elxstor][Stopped/Manual Start]
&\SystemRoot\system32\DRIVERS\elxstor.sys&&Emulex&
[epfwwfpr / epfwwfpr][Running/Auto Start]
&system32\DRIVERS\epfwwfpr.sys&&ESET&
[FTCkillfile / FTCkillfile][Stopped/Manual Start]
&System32\Drivers\FTCkillfile.sys&&风云谷科技&
[Hauppauge Consumer Infrared Receiver / hcw85cir][Stopped/Manual Start]
&\SystemRoot\system32\drivers\hcw85cir.sys&&Hauppauge Computer Works, Inc.&
[HpSAMD / HpSAMD][Stopped/Manual Start]
&\SystemRoot\system32\DRIVERS\HpSAMD.sys&&Hewlett-Packard Company&
[iaStorV / iaStorV][Stopped/Manual Start]
&\SystemRoot\system32\DRIVERS\iaStorV.sys&&Intel Corporation&
[iirsp / iirsp][Stopped/Manual Start]
&\SystemRoot\system32\DRIVERS\iirsp.sys&&Intel Corp./ICP vortex GmbH&
[LSI_FC / LSI_FC][Stopped/Manual Start]
&\SystemRoot\system32\DRIVERS\lsi_fc.sys&&LSI Corporation&
[LSI_SAS / LSI_SAS][Stopped/Manual Start]
&\SystemRoot\system32\DRIVERS\lsi_sas.sys&&LSI Corporation&
[LSI_SAS2 / LSI_SAS2][Stopped/Manual Start]
&\SystemRoot\system32\DRIVERS\lsi_sas2.sys&&LSI Corporation&
[LSI_SCSI / LSI_SCSI][Stopped/Manual Start]
&\SystemRoot\system32\DRIVERS\lsi_scsi.sys&&LSI Corporation&
[megasas / megasas][Stopped/Manual Start]
&\SystemRoot\system32\DRIVERS\megasas.sys&&LSI Corporation&
[MegaSR / MegaSR][Stopped/Manual Start]
&\SystemRoot\system32\DRIVERS\MegaSR.sys&&LSI Corporation, Inc.&
[nfrd960 / nfrd960][Stopped/Manual Start]
&\SystemRoot\system32\DRIVERS\nfrd960.sys&&IBM Corporation&
[Nokia USB Phone Parent / nmwcd][Stopped/Manual Start]
&system32\drivers\ccdcmb.sys&&Nokia&
[Nokia USB Generic / nmwcdc][Stopped/Manual Start]
&system32\drivers\ccdcmbo.sys&&Nokia&
[nvraid / nvraid][Stopped/Manual Start]
&\SystemRoot\system32\DRIVERS\nvraid.sys&&NVIDIA Corporation&
[nvstor / nvstor][Stopped/Manual Start]
&\SystemRoot\system32\DRIVERS\nvstor.sys&&NVIDIA Corporation&
[PCCS Mode Change Filter Driver / pccsmcfd][Stopped/Manual Start]
&system32\DRIVERS\pccsmcfd.sys&&Nokia&
[ql2300 / ql2300][Stopped/Manual Start]
&\SystemRoot\system32\DRIVERS\ql2300.sys&&QLogic Corporation&
[ql40xx / ql40xx][Stopped/Manual Start]
&\SystemRoot\system32\DRIVERS\ql40xx.sys&&QLogic Corporation&
[Sentinel / Sentinel][Running/Auto Start]
&\SystemRoot\System32\Drivers\SENTINEL.SYS&&Rainbow Technologies, Inc.&
[SiSRaid2 / SiSRaid2][Stopped/Manual Start]
&\SystemRoot\system32\DRIVERS\SiSRaid2.sys&&Silicon Integrated Systems Corp
[SiSRaid4 / SiSRaid4][Stopped/Manual Start]
&\SystemRoot\system32\DRIVERS\sisraid4.sys&&Silicon Integrated Systems&
[sptd / sptd][Stopped/Boot Start]
&\SystemRoot\System32\Drivers\sptd.sys&&Duplex Secure Ltd.&
[SAMSUNG HSP Plus Modem Filter Driver / sshpmdfl][Stopped/Manual Start]
&system32\DRIVERS\SHPACMFilter.sys&&MobileTop&
[SAMSUNG HSP Plus Modem Driver / sshpmdm][Stopped/Manual Start]
&system32\DRIVERS\SHPACM.sys&&MobileTop&
[SAMSUNG HSP Plus USB Driver / sshpusb][Stopped/Manual Start]
&system32\DRIVERS\SHPUSB.sys&&MobileTop&
[stexstor / stexstor][Stopped/Manual Start]
&\SystemRoot\system32\DRIVERS\stexstor.sys&&Promise Technology&
[upperdev / upperdev][Stopped/Manual Start]
&system32\DRIVERS\usbser_lowerflt.sys&&Nokia&
[UsbserFilt / UsbserFilt][Stopped/Manual Start]
&system32\DRIVERS\usbser_lowerfltj.sys&&Nokia&
[viaide / viaide][Stopped/Manual Start]
&\SystemRoot\system32\DRIVERS\viaide.sys&&VIA Technologies, Inc.&
[vsmraid / vsmraid][Stopped/Manual Start]
&\SystemRoot\system32\DRIVERS\vsmraid.sys&&VIA Technologies Inc.,Ltd&
==================================
浏览器加载项
[Adobe PDF Link Helper]
{18DF081C-E8AD--FA578C2EBDC3} &C:\Program Files\Common Files\Adobe
\Acrobat\ActiveX\AcroIEHelperShim.dll, (Signed) Adobe Systems Incorporated&
[QQ工具栏]
{29CF293A-1E7D--E} &C:\Program Files\Tencent\QQToolbar\
IEBar.dll, (Signed) TENCENT&
[Groove GFS Browser Helper]
{C5-4D22-B7F9-0BBC1D38A37E} &D:\PROGRA~1\MICROS~1\Office14\GROOV
EEX.DLL, (Signed) Microsoft Corporation&
[Windows Live 登录帮助程序]
{C02-4ABF-8ECC-C6} &C:\Program Files\Common Files\Micro
soft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation
[Adobe PDF Conversion Toolbar Helper]
{AE7CD045-E861-484f-EE161910} &C:\Program Files\Common Files\Adobe
\Acrobat\ActiveX\AcroIEFavClient.dll, (Signed) Adobe Systems Incorporated&
[Office Document Cache Handler]
{B4F3A835-0E21-4959-BA22-42B3008E02FF} &D:\PROGRA~1\MICROS~1\Office14\URLRE
DIR.DLL, (Signed) Microsoft Corporation&
[SmartSelect Class]
{F4971EE7-DAA0-5D8EE6A077} &C:\Program Files\Common Files\Adobe
\Acrobat\ActiveX\AcroIEFavClient.dll, (Signed) Adobe Systems Incorporated&
[Send to OneNote from Internet Explorer button]
{50-4f3c-EE0C6C49} &D:\Program Files\Microsoft Office\O
ffice14\ONBttnIE.dll, (Signed) Microsoft Corporation&
[Linked Notes button]
{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} &D:\Program Files\Microsoft Office\O
ffice14\ONBttnIELinkedNotes.dll, (Signed) Microsoft Corporation&
[信息检索(&R)]
{CC-41C8-B9BE-3C9C571A8263} &C:\PROGRA~1\MIF5BA~1\Office12\REFIE
BAR.DLL, (Signed) Microsoft Corporation&
[QQ工具栏]
{29CF293A-1E7D--E} &C:\Program Files\Tencent\QQToolbar\
IEBar.dll, (Signed) TENCENT&
[DAEMON Tools Toolbar]
{32099AAC-C132-A-4E364A424E17} &C:\Program Files\DAEMON Tools Toolb
ar\DTToolbar.dll, (Signed) &
{-CD10-B-FD2B} &, &
{0C7C23EF-A848-485B-873C-0ED} &, &
[Adobe PDF Link Helper]
{18DF081C-E8AD--FA578C2EBDC3} &C:\Program Files\Common Files\Adobe
\Acrobat\ActiveX\AcroIEHelperShim.dll, (Signed) Adobe Systems Incorporated&
[WWPicUploadCtrl Class]
{1D6-4A42-890D-EE617AA1537D} &d:\Program Files\AliWangWang\module
s\1685\WWPictureUpload.dll, (Signed) Alibaba software (Shanghai) Corporation&
[iTrusPTA Class]
{1E0DFFCF-27FF-007349FEDA} &C:\Windows\system32\aliedit\pta.dll
, (Signed) &
[HTML Document]
{F9-11CF-8FD0-00AA00686F13} &C:\Windows\System32\mshtml.dll, (Si
gned) Microsoft Corporation&
{50-4F3C-EE0C6C49} &, &
[XML DOM Document]
{B36-11D2-B20E-00C04F983E60} &%SystemRoot%\System32\msxml3.dll, (
Signed) N/A&
[QQ工具栏]
{29CF293A-1E7D--E} &C:\Program Files\Tencent\QQToolbar\
IEBar.dll, (Signed) TENCENT&
[DAEMON Tools Toolbar]
{32099AAC-C132-A-4E364A424E17} &C:\Program Files\DAEMON Tools Toolb
ar\DTToolbar.dll, (Signed) &
[Google Update Plugin]
{A8-498F-B542-CB906C561A43} &C:\Users\ccc\AppData\Local\Google\U
pdate\1.2.183.39\npGoogleOneClick8.dll, (Signed) Google Inc.&
[Adobe PDF]
{C5--0819E2EAAC93} &C:\Program Files\Common Files\Adobe
\Acrobat\ActiveX\AcroIEFavClient.dll, (Signed) Adobe Systems Incorporated&
[EditCtrl Class]
{488AB3-8F27-FA1AECAA8844} &C:\Windows\system32\aliedit\aliedit
.dll, (Signed) &
[WangWangX Class]
{5D09DD40-CDC4-4C56-B615-0D1E3B357C2B} &D:\Program Files\AliWangWang\AliIMX
.dll, (Signed) Alibaba software (Shanghai) Corporation.&
{669751ED-D558-49AE-B01A-3B374CC7910E} &, &
[Groove GFS Browser Helper]
{C5-4D22-B7F9-0BBC1D38A37E} &D:\PROGRA~1\MICROS~1\Office14\GROOV
EEX.DLL, (Signed) Microsoft Corporation&
{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} &, &
[Microsoft Web Browser]
{A-11D0-A96B-00C04FD705A2} &C:\Windows\System32\ieframe.dll, (S
igned) Microsoft Corporation&
[Windows Live 登录帮助程序]
{C02-4ABF-8ECC-C6} &C:\Program Files\Common Files\Micro
soft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation
{CC-41C8-B9BE-3C9C571A8263} &, &
[Adobe PDF Conversion Toolbar Helper]
{AE7CD045-E861-484F-EE161910} &C:\Program Files\Common Files\Adobe
\Acrobat\ActiveX\AcroIEFavClient.dll, (Signed) Adobe Systems Incorporated&
[Office Document Cache Handler]
{B4F3A835-0E21-4959-BA22-42B3008E02FF} &D:\PROGRA~1\MICROS~1\Office14\URLRE
DIR.DLL, (Signed) Microsoft Corporation&
[Microsoft Url Search Hook]
{CFBFAE00-17A6-11D0-99CB-00C04FD64497} &C:\Windows\System32\ieframe.dll, (S
igned) Microsoft Corporation&
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-} &C:\Windows\system32\Macromed\Flash\
Flash10e.ocx, Adobe Systems, Inc.&
{DB8BC-4C76-88CE-6B1F6FF6FFE9} &, &
[XML HTTP Request]
{ED8C108E--91A4-00C04F7969E8} &%SystemRoot%\System32\msxml3.dll, (
Signed) N/A&
[SmartSelect Class]
{F4971EE7-DAA0-5D8EE6A077} &C:\Program Files\Common Files\Adobe
\Acrobat\ActiveX\AcroIEFavClient.dll, (Signed) Adobe Systems Incorporated&
[XML HTTP]
{F6D90F16-9C73-11D3-B32E-00C04F990BB4} &%SystemRoot%\System32\msxml3.dll, (
Signed) N/A&
[webmod Class]
{FEE3C8C5-9BEA-4079-AB36-63ECABFC7392} &C:\Windows\system32\aliedit\alidcp.
dll, (Signed)
[分享到淘江湖]
&d:\Program Files\AliWangWang\ShareToTJH.htm, N/A&
[发送至 OneNote(&N)]
&res://D:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105, N/A&
[导出到 Microsoft Excel(&X)]
&res://D:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000, N/A&
[将转换链接目标为 Adobe PDF]
&res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.
dll/AcroIECaptureSelLinks.html, N/A&
[将链接目标转换为 Adobe PDF]
&res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.
dll/AcroIECaptureSelLinks.html, N/A&
[将链接目标转换到现有的 PDF]
&res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.
dll/AcroIEAppendSelLinks.html, N/A&
[将链接目标追加到现有的 PDF]
&res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.
dll/AcroIEAppendSelLinks.html, N/A&
[添加为阿里旺旺表情]
&d:\Program Files\AliWangWang\AddNewEmotion.htm, N/A&
[转换为 Adobe PDF]
&res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.
dll/AcroIECapture.html, N/A&
[追加到现有的 PDF]
&res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.
dll/AcroIEAppend.html, N/A&
==================================
正在运行的进程
[PID: 276 / SYSTEM][\SystemRoot\System32\smss.exe]
[(Verified) Microsoft Cor
poration, 6.1. (win7_rtm.5)]
[PID: 380 / SYSTEM][C:\Windows\system32\csrss.exe]
[(Verified) Microsoft Cor
poration, 6.1. (win7_rtm.5)]
[PID: 452 / SYSTEM][C:\Windows\system32\wininit.exe]
[(Verified) Microsoft C
orporation, 6.1. (win7_rtm.5)]
[PID: 464 / SYSTEM][C:\Windows\system32\csrss.exe]
[(Verified) Microsoft Cor
poration, 6.1. (win7_rtm.5)]
[PID: 500 / SYSTEM][C:\Windows\system32\services.exe]
[(Verified) Microsoft
Corporation, 6.1. (win7_rtm.5)]
[PID: 516 / SYSTEM][C:\Windows\system32\lsass.exe]
[(Verified) Microsoft Cor
poration, 6.1. (win7_rtm.5)]
[PID: 524 / SYSTEM][C:\Windows\system32\lsm.exe]
[(Verified) Microsoft Corpo
ration, 6.1. (win7_rtm.5)]
[PID: 608 / SYSTEM][C:\Windows\system32\winlogon.exe]
[(Verified) Microsoft
Corporation, 6.1. (win7_rtm.5)]
[PID: 672 / SYSTEM][C:\Windows\system32\svchost.exe]
[(Verified) Microsoft C
orporation, 6.1. (win7_rtm.5)]
[PID: 752 / NETWORK SERVICE][C:\Windows\system32\svchost.exe]
[(Verified) Mi
crosoft Corporation, 6.1. (win7_rtm.5)]
[PID: 796 / SYSTEM][C:\Windows\system32\atiesrxx.exe]
[AMD, 6.14.11.1033]
[PID: 876 / LOCAL SERVICE][C:\Windows\System32\svchost.exe]
[(Verified) Micr
osoft Corporation, 6.1. (win7_rtm.5)]
[PID: 932 / SYSTEM][C:\Windows\System32\svchost.exe]
[(Verified) Microsoft C
orporation, 6.1. (win7_rtm.5)]
[PID: 976 / SYSTEM][C:\Windows\system32\svchost.exe]
[(Verified) Microsoft C
orporation, 6.1. (win7_rtm.5)]
[C:\Program Files\Bonjour\mdnsNSP.dll]
[Apple Inc., 2.0.3.0]
[PID: 1116 / LOCAL SERVICE][C:\Windows\system32\svchost.exe]
[(Verified) Mic
rosoft Corporation, 6.1. (win7_rtm.5)]
[C:\Program Files\Bonjour\mdnsNSP.dll]
[Apple Inc., 2.0.3.0]
[PID: 1212 / NETWORK SERVICE][C:\Windows\system32\svchost.exe]
[(Verified) M
icrosoft Corporation, 6.1. (win7_rtm.5)]
[C:\Program Files\Bonjour\mdnsNSP.dll]
[Apple Inc., 2.0.3.0]
[PID: 1280 / SYSTEM][C:\Windows\system32\atieclxx.exe]
[AMD, 6.14.11.1033]
[C:\Windows\system32\atiadlxx.dll]
[Advanced Micro Devices, Inc., 6.14.1
[PID: 1376 / SYSTEM][C:\Windows\System32\spoolsv.exe]
[(Verified) Microsoft
Corporation, 6.1. (win7_rtm.5)]
[C:\Program Files\Bonjour\mdnsNSP.dll]
[Apple Inc., 2.0.3.0]
[C:\Windows\System32\AdobePDF.dll]
[Adobe Systems Inc, 9.0.]
[C:\Windows\System32\HPBMMON.DLL]
[Hewlett-Packard, 10.00.16]
[C:\Windows\System32\HPMPW081.DLL]
[Hewlett-Packard, 61.094.03.37]
[C:\Windows\System32\HPMPM081.DLL]
[Hewlett-Packard, 61.094.03.37]
[C:\Windows\System32\hppmopjl.dll]
[Hewlett-Packard Company, 0, 3, 261,
[C:\Windows\system32\spool\PRTPROCS\W32X86\hpcpp094.dll]
[Hewlett-Packar
d Corporation, 61.094.03.37]
[C:\Windows\system32\spool\DRIVERS\W32X86\3\hpmdp094.dll]
[Hewlett-Packa
rd, 61.094.03.37]
[C:\Windows\system32\spool\DRIVERS\W32X86\3\UNIDRVUI.DLL]
[Microsoft Cor
poration, 6.1. (win7_rtm.5)]
[PID: 1412 / LOCAL SERVICE][C:\Windows\system32\svchost.exe]
[(Verified) Mic
rosoft Corporation, 6.1. (win7_rtm.5)]
[PID: 1496 / SYSTEM][C:\Program Files\Common Files\Apple\Mobile Device Suppor
t\AppleMobileDeviceService.exe]
[Apple Inc., 17.59.0.23]
[PID: 1516 / SYSTEM][C:\Program Files\Bonjour\mDNSResponder.exe]
[Apple Inc.
, 2.0.3.0]
[PID: 1564 / SYSTEM][C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe]
SET, 4.0.467.0 ]
[C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnScan.dll]
[ESET, 4.0.467
[C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnAmon.dll]
[ESET, 4.0.467
[C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnEmon.dll]
[ESET, 4.0.467
[C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnDmon.dll]
[ESET, 4.0.467
[C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnEpfw.dll]
[ESET, 4.0.467
[C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnUpdate.dll]
[ESET, 4.0.4
[C:\Program Files\ESET\ESET NOD32 Antivirus\updater.dll]
[ESET, 4.0.467.
[C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnMailPlugins.dll]
4.0.467.0 ]
[C:\Program Files\Bonjour\mdnsNSP.dll]
[Apple Inc., 2.0.3.0]
[PID: 1600 / LOCAL SERVICE][C:\Windows\system32\svchost.exe]
[(Verified) Mic
rosoft Corporation, 6.1. (win7_rtm.5)]
[PID: 1652 / SYSTEM][d:\Program Files\FileZilla Server\FileZilla Server.exe]
[FileZilla Project, 0, 9, 33, 0]
[PID: 1704 / SYSTEM][d:\Program Files\AmazingStore\lmazesvr.exe]
[北京大学 网
络与分布式系统实验室 P2P组, 1, 3, 0, 0]
[C:\Program Files\Bonjour\mdnsNSP.dll]
[Apple Inc., 2.0.3.0]
[PID: 1740 / SYSTEM][d:\Program Files\AmazingStore\lmazeupdated.exe]
学 网络与分布式系统实验室 P2P组, 1, 0, 4, 0]
[PID: 1780 / SYSTEM][D:\Program Files\Autodesk\3ds Max 2011\mentalimages\sate
llite\raysat_3dsmax2011_32server.exe]
[C:\Program Files\Bonjour\mdnsNSP.dll]
[Apple Inc., 2.0.3.0]
[PID: 2160 / NETWORK SERVICE][C:\Windows\system32\DllHost.exe]
[(Verified) M
icrosoft Corporation, 6.1. (win7_rtm.5)]
[PID: 2680 / SYSTEM][C:\Windows\System32\svchost.exe]
[(Verified) Microsoft
Corporation, 6.1. (win7_rtm.5)]
[PID: 2772 / SYSTEM][C:\Windows\system32\SearchIndexer.exe]
[(Verified) Micr
osoft Corporation, 7.00. (win7_rtm.5)]
[PID: 3780 / ccc][C:\Windows\system32\taskeng.exe]
[(Verified) Microsoft Cor
poration, 6.1. (win7_rtm.5)]
[PID: 3832 / ccc][C:\Windows\system32\Dwm.exe]
[(Verified) Microsoft Corpora
tion, 6.1. (win7_rtm.5)]
[C:\Windows\system32\atidxx32.dll]
[ATI Technologies Inc. , 8.15.10.0212
[PID: 3868 / ccc][C:\Windows\Explorer.EXE]
[(Verified) Microsoft Corporation
, 6.1. (win7_rtm.5)]
[C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf]
[d:\Program Files\FileZilla FTP Client\fzshellext.dll]
[, 3, 3, 4, 1]
[D:\Program Files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll]
[Nokia, 7, 1,
[D:\Program Files\Nokia\Nokia PC Suite 7\NGSCM.DLL]
[Nokia, 7, 1, 154, 0
[D:\Program Files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_chi-sc.nlr]
Nokia, 7, 1, 69, 0]
[D:\Program Files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr]
[Nokia, 7, 1, 21, 0]
[C:\Windows\system32\FXSAPI.dll]
[Microsoft Corporation, 6.1.
(win7_rtm.5)]
[D:\Program Files\Adobe\Acrobat 9.0\Acrobat Elements\ContextMenu.chs]
dobe Systems Inc., 9.0.5.\0]
[D:\Program Files\WinRAR\rarext.dll]
[D:\Program Files\Adobe\Acrobat 9.0\Acrobat Elements\ContextMenu.dll]
dobe Systems Inc., 9.0.5.\0]
[C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.
_none_cbf2\MFC80U.DLL]
[Microsoft Corporation, 8.00.]
[C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4
053_none_03ca6\MFC80CHS.DLL]
[Microsoft Corporation, 8.00.50727.4
[C:\ftc2010\FTCCommenu.dll]
[Fygsoft and Microsoft, 3.0.0.71]
[C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll]
[ESET, 4.0.467
[C:\Windows\system32\SOGOUPY.IME]
[ Inc., 5.0.1.4185]
[d:\Program Files\AliWangWang\AliIMExt.dll]
[Alibaba software (Shanghai)
Corporation., 1.0.0.1]
[PID: 3956 / ccc][C:\Windows\system32\taskhost.exe]
[(Verified) Microsoft Co
rporation, 6.1. (win7_rtm.5)]
[PID: 1908 / ccc][C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe]
, 4.0.467.0 ]
[C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.
_none_cbf2\MFC80U.DLL]
[Microsoft Corporation, 8.00.]
[C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4
053_none_03ca6\MFC80CHS.DLL]
[Microsoft Corporation, 8.00.50727.4
[C:\Program Files\ESET\ESET NOD32 Antivirus\eguiScan.dll]
[ESET, 4.0.467
[C:\Program Files\ESET\ESET NOD32 Antivirus\eguiAmon.dll]
[ESET, 4.0.467
[C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEmon.dll]
[ESET, 4.0.467
[C:\Program Files\ESET\ESET NOD32 Antivirus\eguiDmon.dll]
[ESET, 4.0.467
[C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEpfw.dll]
[ESET, 4.0.467
[C:\Program Files\ESET\ESET NOD32 Antivirus\eguiUpdate.dll]
[ESET, 4.0.4
[C:\Program Files\ESET\ESET NOD32 Antivirus\eguiMailPlugins.dll]
4.0.467.0 ]
[PID: 1888 / ccc][C:\Program Files\Google\Google Pinyin 2\GooglePinyinDaemon.
[Google Inc., 2.3.13.82]
[C:\Program Files\Bonjour\mdnsNSP.dll]
[Apple Inc., 2.0.3.0]
[d:\Program Files\FileZilla FTP Client\fzshellext.dll]
[, 3, 3, 4, 1]
[D:\Program Files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll]
[Nokia, 7, 1,
[D:\Program Files\Nokia\Nokia PC Suite 7\NGSCM.DLL]
[Nokia, 7, 1, 154, 0
[D:\Program Files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_chi-sc.nlr]
Nokia, 7, 1, 69, 0]
[D:\Program Files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr]
[Nokia, 7, 1, 21, 0]
[PID: 2312 / ccc][D:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe]
Adobe Systems Inc., 9.0.0.]
[D:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.chs]
[Adobe Systems
Inc., 9.0.0.0]
[PID: 2264 / ccc][D:\Program Files\天网Maze\MazeSvr.exe]
[D:\Program Files\天网Maze\MazeUtil.dll]
[D:\Program Files\天网Maze\MazeNetUtil.dll]
[D:\Program Files\天网Maze\ACE.dll]
[C:\Program Files\Bonjour\mdnsNSP.dll]
[Apple Inc., 2.0.3.0]
[PID: 2392 / ccc][C:\Program Files\Windows Sidebar\sidebar.exe]
[Microsoft C
orporation, 6.1. (win7_rtm.5)]
[C:\Windows\system32\atiumdag.dll]
[ATI Technologies Inc. , 8.14.10.0678
[C:\Windows\system32\atiumdva.dll]
[ATI Technologies Inc. , 8.14.10.0228
[PID: 1588 / ccc][C:\Users\ccc\AppData\Roaming\Google\Google Talk\googletalk.
[Google, 1,0,0,104]
[C:\Program Files\Bonjour\mdnsNSP.dll]
[Apple Inc., 2.0.3.0]
[PID: 1640 / ccc][C:\Users\ccc\AppData\Local\TOMSkypeData\TOMSkypeData.exe]
[Mind Works Limited, 2.0.]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\f58ab951b57c8526
430486dcf7ee38fd\mscorlib.ni.dll]
[Microsoft Corporation, 2.0. (wi
n7RTMGDR.0)]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\System\500ddd904b
52a81b54223b7f\System.ni.dll]
[Microsoft Corporation, 2.0. (NetFXs
[C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\fdeec42fa0
2f3d789c42be2e33b130eb\System.Drawing.ni.dll]
[Microsoft Corporation, 2.0.50
727.4927 (NetFXspW7.0)]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f92c
882fd4edaa04c28d\System.Windows.Forms.ni.dll]
[Microsoft Corpora
tion, 2.0. (NetFXspW7.0)]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\4be2
653d1ce6b66d22764e1\System.Configuration.ni.dll]
[Microsoft Corpora
tion, 2.0. (NetFXspW7.0)]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\3060dfcdecbeb8
ee6c3d\System.Xml.ni.dll]
[Microsoft Corporation, 2.0.
(NetFXspW7.0)]
[C:\Program Files\Bonjour\mdnsNSP.dll]
[Apple Inc., 2.0.3.0]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\758e0ce
53c80a7ad7cf76a\System.Management.ni.dll]
[Microsoft Corporation,
2.0. (NetFXspW7.0)]
[PID: 1716 / ccc][D:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe]
a, 7, 1, 40, 0]
[D:\Program Files\Nokia\Nokia PC Suite 7\QtCore4.dll]
[D:\Program Files\Nokia\Nokia PC Suite 7\QtGui4.dll]
[D:\Program Files\Nokia\Nokia PC Suite 7\QtXml4.dll]
[D:\Program Files\Nokia\Nokia PC Suite 7\CDC.dll]
[Nokia, 7, 1, 5, 0]
[D:\Program Files\Nokia\Nokia PC Suite 7\PCSL.dll]
[Nokia, 7, 0, 12, 0]
[C:\Program Files\PC Connectivity Solution\ConnAPI.dll]
[Nokia., 7, 0, 1
[C:\Program Files\PC Connectivity Solution\DAAPI.dll]
[Nokia, 7, 0, 155,
[C:\Program Files\PC Connectivity Solution\PCCS_ABAPI.dll]
[Nokia, 7, 0,
[D:\Program Files\Nokia\Nokia PC Suite 7\styles\NGLStyle.dll]
[Nokia, 7,
[D:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll]
[D:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll]
[D:\Program Files\Nokia\Nokia PC Suite 7\QtSvg4.dll]
[C:\Program Files\PC Connectivity Solution\ConfServer.dll]
[Nokia, 7, 0,
[C:\Program Files\Bonjour\mdnsNSP.dll]
[Apple Inc., 2.0.3.0]
[D:\Program Files\Nokia\Nokia PC Suite 7\libeay32.DLL]
[The OpenSSL Proj
ect, http://www.openssl.org/, 0.9.8g]
[PID: 2612 / NETWORK SERVICE][C:\Windows\system32\wbem\wmiprvse.exe]
ied) Microsoft Corporation, 6.1. (win7_rtm.5)]
[PID: 2828 / ccc][C:\Program Files\Google\Google Pinyin 2\GooglePinyinService
[PID: 2876 / SYSTEM][C:\Program Files\PC Connectivity Solution\ServiceLayer.e
[Nokia., 7, 0, 124, 0]
[C:\Program Files\PC Connectivity Solution\PCCS_DBEngine.dll]
[Nokia, 7,
[PID: 3128 / SYSTEM][C:\Program Files\PC Connectivity Solution\Transports\Ncl
USBSrv.exe]
[Nokia, 7, 0, 15, 0]
[PID: 2664 / SYSTEM][C:\Program Files\PC Connectivity Solution\Transports\Ncl
RSSrv.exe]
[Nokia, 7, 0, 7, 0]
[PID: 2552 / NETWORK SERVICE][C:\Program Files\Windows Media Player\wmpnetwk.
[Microsoft Corporation, 12.0. (win7_rtm.5)]
[PID: 2804 / NETWORK SERVICE][C:\Windows\system32\svchost.exe]
[(Verified) M
icrosoft Corporation, 6.1. (win7_rtm.5)]
[PID: 3676 / LOCAL SERVICE][C:\Windows\system32\WUDFHost.exe]
[(Verified) Mi
crosoft Corporation, 6.1. (win7_rtm.5)]
[PID: 2096 / ccc][E:\安装包\杀毒\ccc\HiJackThis202\HijackThis.exe]
cro Inc., 2.00.0002]
[PID: 3280 / ccc][E:\安装包\杀毒\ccc\sreng2\SREngLdr.EXE]
[Smallfrogs Studio
, 2.8.2.1321]
[PID: 2396 / ccc][E:\安装包\杀毒\ccc\sreng2\SREfb799d90.EXE]
[Smallfrogs Stu
dio, 2.8.2.1321]
[E:\安装包\杀毒\ccc\sreng2\Upload\3rdUpd.DLL]
[Smallfrogs Studio, 2, 1,
[C:\Program Files\Bonjour\mdnsNSP.dll]
[Apple Inc., 2.0.3.0]
==================================
OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
OK. ["%1" %*]
OK. ["%1" %*]
OK. ["%1" %*]
OK. [regedit.exe "%1"]
OK. ["%1" %*]
OK. ["%1" /S]
OK. ["%SystemRoot%\hh.exe" %1]
OK. [%SystemRoot%\winhlp32.exe %1]
OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
OK. ["%SystemRoot%\System32\WScript.exe" "%1" %*]
Error. [C:\Windows\System32\WScript.exe "%1" %*]
OK. [{0-}]
==================================
Winsock 提供者
==================================
Autorun.inf
==================================
HOSTS 文件
==================================
进程特权扫描
==================================
[已启用] \\GoogleUpdateTaskUserS-1-5-21-0Co
C:\Users\ccc\AppData\Local\Google\Update\GoogleUpdate.exe /c
[已启用] \\GoogleUpdateTaskUserS-1-5-21-0UA
C:\Users\ccc\AppData\Local\Google\Update\GoogleUpdate.exe /ua /instal
lsource scheduler
[已启用] \\SogouImeMgr
d:\PROGRA~1\SOGOUI~1\501~1.418\SGTool.exe --appid=pinyinrepair /S
[已启用] \\{551D1A64-0F68-4FF9-BD49-5B64B06EB7E6}
C:\Windows\system32\pcalua.exe -a E:\安装包\5230\SetupOviPlayer.exe -
d "C:\Program Files\Mozilla Firefox"
[已启用] \\{567E08BA-A65A-4D03-AC3D-10E1DB5A2C81}
C:\Windows\system32\pcalua.exe -a E:\安装包\CTerm-3.3.52.exe -d E:\安
[已启用] \\{7CCB93E9-170A-4BA8-A2FF-F}
C:\Windows\system32\pcalua.exe -a H:\autorun.exe -d H:\
[已启用] \\{9F578F20-FB87-BFF236DBBA3}
C:\Windows\system32\pcalua.exe -a "D:\Program Files\Tanner EDA\Utilit
ies\tlicinst.exe" -d "E:\安装包\已装\Tanner L-EDIT 11.1\crack" -c "E:\安装包\
已装\Tanner L-EDIT 11.1\crack\license.tlu"
[已启用] \\{A24ED619-9D6A--B76F9DD7D4AD}
E:\安装包\elive1.151_451_39.exe -a "D:\Program Files\Tann
er EDA\Utilities\tlicinst.exe" -d "E:\安装包\已装\Tanner L-EDIT 11.1\crack" -
c "E:\安装包\已装\Tanner L-EDIT 11.1\crack\license.tlu"
[已启用] \\内存整理大师
D:\program files\windows7master\MemoryMaster.exe auto
[已启用] \Apple\AppleSoftwareUpdate
C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
[已禁用] \Microsoft\Windows\Active Directory Rights Management Services Clien
t\AD RMS Rights Policy Template Management (Automated)
[已启用] \Microsoft\Windows\Active Directory Rights Management Services Clien
t\AD RMS Rights Policy Template Management (Manual)
[已禁用] \Microsoft\Windows\AppID\PolicyConverter
%windir%\system32\appidpolicyconverter.exe
[已禁用] \Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck
%windir%\system32\appidcertstorecheck.exe
[已启用] \Microsoft\Windows\Application Experience\AitAgent
[已启用] \Microsoft\Windows\Application Experience\ProgramDataUpdater
%windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate
[已启用] \Microsoft\Windows\Autochk\Proxy
%windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperation
[已启用] \Microsoft\Windows\Bluetooth\UninstallDeviceTask
BthUdTask.exe $(Arg0)
[已启用] \Microsoft\Windows\CertificateServicesClient\SystemTask
[已启用] \Microsoft\Windows\CertificateServicesClient\UserTask
[已禁用] \Microsoft\Windows\CertificateServicesClient\UserTask-Roam
[已启用] \Microsoft\Windows\Customer Experience Improvement Program\Consolida
%SystemRoot%\System32\wsqmcons.exe
[已启用] \Microsoft\Windows\Defrag\ScheduledDefrag
%windir%\system32\defrag.exe -c
[已启用] \Microsoft\Windows\Location\Notifications
%windir%\System32\LocationNotifications.exe
[已启用] \Microsoft\Windows\Maintenance\WinSAT
[已启用] \Microsoft\Windows\Media Center\ActivateWindowsSearch
%SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
[已启用] \Microsoft\Windows\Media Center\ConfigureInternetTimeService
%SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
[已启用] \Microsoft\Windows\Media Center\DispatchRecoveryTasks
%SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
[已启用] \Microsoft\Windows\Media Center\ehDRMInit
%SystemRoot%\ehome\ehPrivJob.exe /DRMInit
[已启用] \Microsoft\Windows\Media Center\InstallPlayReady
%SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
[已启用] \Microsoft\Windows\Media Center\mcupdate
%SystemRoot%\ehome\mcupdate $(Arg0)
[已启用] \Microsoft\Windows\Media Center\MediaCenterRecoveryTask
%SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
[已启用] \Microsoft\Windows\Media Center\MediaCenterRecoveryTask
%SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
[已启用] \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask
%SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
[已启用] \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask
%SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
[已启用] \Microsoft\Windows\Media Center\OCURActivate
%SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
[已启用] \Microsoft\Windows\Media Center\OCURDiscovery
%SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
[已启用] \Microsoft\Windows\Media Center\PBDADiscovery
%SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
[已启用] \Microsoft\Windows\Media Center\PBDADiscoveryW1
%SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
[已启用] \Microsoft\Windows\Media Center\PBDADiscoveryW2
%SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
[已禁用] \Microsoft\Windows\Media Center\PeriodicScanRetry
%windir%\ehome\MCUpdate.exe -pscn 0
[已启用] \Microsoft\Windows\Media Center\PvrRecoveryTask
%SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
[已启用] \Microsoft\Windows\Media Center\PvrRecoveryTask
%SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
[已启用] \Microsoft\Windows\Media Center\PvrScheduleTask
%SystemRoot%\ehome\mcupdate.exe -PvrSchedule
[已启用] \Microsoft\Windows\Media Center\PvrScheduleTask
%SystemRoot%\ehome\mcupdate.exe -PvrSchedule
[已禁用] \Microsoft\Windows\Media Center\RecordingRestart
%SystemRoot%\ehome\ehrec /RestartRecording
[已启用] \Microsoft\Windows\Media Center\RegisterSearch
%SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
[已启用] \Microsoft\Windows\Media Center\ReindexSearchRoot
%SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
[已启用] \Microsoft\Windows\Media Center\SqlLiteRecoveryTask
%SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
[已启用] \Microsoft\Windows\Media Center\SqlLiteRecoveryTask
%SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
[已启用] \Microsoft\Windows\Media Center\UpdateRecordPath
%SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
[已启用] \Microsoft\Windows\MobilePC\HotStart
[已启用] \Microsoft\Windows\MUI\LPRemove
%windir%\system32\lpremove.exe
[已启用] \Microsoft\Windows\Multimedia\SystemSoundsService
[已启用] \Microsoft\Windows\NetTrace\GatherNetworkInfo
%windir%\system32\gatherNetworkInfo.vbs
[已禁用] \Microsoft\Windows\Offline Files\Background Synchronization
[已禁用] \Microsoft\Windows\Offline Files\Logon Synchronization
[已启用] \Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
%SystemRoot%\System32\powercfg.exe -energy -auto
[已启用] \Microsoft\Windows\Ras\MobilityManager
[已禁用] \Microsoft\Windows\SideShow\AutoWake
[已启用] \Microsoft\Windows\SideShow\GadgetManager
[已禁用] \Microsoft\Windows\SideShow\SessionAgent
[已禁用] \Microsoft\Windows\SideShow\SystemDataProviders
[已启用] \Microsoft\Windows\SystemRestore\SR
%windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreat
[已启用] \Microsoft\Windows\Tcpip\IpAddressConflict1
%windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendi
[已启用] \Microsoft\Windows\Tcpip\IpAddressConflict2
%windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendi
[已启用] \Microsoft\Windows\Time Synchronization\SynchronizeTime
%windir%\system32\sc.exe start w32time task_started
[已启用] \Microsoft\Windows\UPnP\UPnPHostConfig
sc.exe config upnphost start= auto
[已禁用] \Microsoft\Windows\User Profile Service\HiveUploadTask
[已启用] \Microsoft\Windows\Windows Error Reporting\QueueReporting
%windir%\system32\wermgr.exe -queuereporting
[已启用] \Microsoft\Windows\Windows Media Sharing\UpdateLibrary
"%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
[已启用] \Microsoft\Windows\WindowsBackup\AutomaticBackup
%systemroot%\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBa
[已禁用] \Microsoft\Windows\WindowsBackup\ConfigNotification
%systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
[已启用] \Microsoft\Windows\WindowsBackup\Windows Backup Monitor
%systemroot%\system32\sdclt.exe /CHECKSKIPPED
[已禁用] \Microsoft\Windows\WindowsColorSystem\Calibration Loader
==================================
Windows 安全更新检查
==================================
==================================
==================================
【 在 elfandi (Virus版诚征bm) 的大作中提到: 】
: 用sreng做log吧
: 这个信息太少
※ 来源:?北大未名站 bdwm.net?[FROM: 162.105.245.120]
文章数: 127积分: 2.9等级: 一般站友原创分: 0
发信人: elfandi (Virus版诚征bm), 信区: Virus_Security
题: Re: qq自动发送的exe文件,附log
发信站: 北大未名站 (日15:03:24 星期二), 转信
==没看出来有什么问题
去掉些计划任务试试
【 在 wayabroad (wayabroad) 的大作中提到: 】
: ,11:36:51
: System Repair Engineer 2.8.2.1321
: Smallfrogs ()
: Windows 7
(Build 7600) - 管理权限用户 - 完整功能
: 以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
: ...........................
※ 来源:?北大未名站 bdwm.net?[FROM: 162.105.173.146]
文章数: 9545积分: 5.2等级: 山泉原创分: 0
发信人: wayabroad (wayabroad), 信区: Virus_Security
题: Re: qq自动发送的exe文件,附log
发信站: 北大未名站 (日16:34:52 星期二), 站内信件
恩,怎么查都查不出东西来。
但是就是不能上网。
windows诊断的结果是,默认网关不可用。
【 在 elfandi (Virus版诚征bm) 的大作中提到: 】
: ==没看出来有什么问题
: 去掉些计划任务试试
※ 来源:?北大未名站 bdwm.net?[FROM: 162.105.77.99]
文章数: 127积分: 2.9等级: 一般站友原创分: 0
发信人: Kala (卡拉), 信区: Virus_Security
题: Re: qq自动发送的exe文件,附log
发信站: 北大未名站 (日16:42:59 星期二), 转信
这个应该是网络设置上的问题……
是否用了路由器?
【 在 wayabroad (wayabroad) 的大作中提到: 】
: 恩,怎么查都查不出东西来。
: 但是就是不能上网。
: windows诊断的结果是,默认网关不可用。
※ 来源:?北大未名站 bdwm.net?[FROM: 162.105.83.215]
文章数: 1984积分: 4.2等级: 高级站友原创分: 0
发信人: wayabroad (wayabroad), 信区: Virus_Security
题: Re: qq自动发送的exe文件,附log
发信站: 北大未名站 (日17:08:54 星期二), 站内信件
是啊,在实验室用的路由器,网线插在我笔记本上可以,插在台式机上就不能,实验室里
其他人都可以。
而且我是上着上着突然就不行了。
【 在 Kala (卡拉) 的大作中提到: 】
: 这个应该是网络设置上的问题……
: 是否用了路由器?
※ 来源:?北大未名站 bdwm.net?[FROM: 162.105.77.99]
文章数: 127积分: 2.9等级: 一般站友原创分: 0
