电脑出问题了，请大家帮帮我。

显示全部楼层 · 发表于 2012-12-19 17:23:42

今天下午开电脑，一开就死机，卡巴斯基也不自启动了。之后去安全模式就没问题。后来删除了360卫士没管用，不过不直接死机了，后来删除了卡巴斯基2012，安装了个卡巴斯基2013就不死机了，不过现在关机特慢，开机的时候也慢，停留在“欢迎”那两个字里，我系统是WIN7。刚才用卡巴2013杀毒有个病毒给删除了。是不是系统缺少文件了？我把杀毒截图贴上，还有SREng扫描日志。

2012-12-19,17:18:33
System Repair Engineer 2.8.4.1331
Smallfrogs (http://www.KZTechs.com)
Windows 7 Ultimate Edition Service Pack 1 (Build 7601) - 管理权限用户 - 完整功能
以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描
计划任务
Windows 安全更新检查
API HOOK
隐藏进程
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<Sidebar><C:\Program Files\Windows Sidebar\sidebar.exe /autoRun> [(Verified)Microsoft Windows]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<HDAudDeck><C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r> [(Verified)VIA Technologies Inc.]
<MWREGICBC.exe><"C:\Program Files\ICBCEbankTools\MingWah\MWREGICBC.exe"> [(Verified)Shenzhen Mingwah Aohan Digital Security Technology Co.,Ltd.]
<ICBCEBankAssist><"C:\Program Files\ICBCEbankTools\ICBCSetupIntegration\RunEBank.exe"> [(Verified)Industrial and Commercial Bank of China Limited]
<ZyngaGamesAgent><"C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"> [(Verified)Splashtop Inc.]
<AVP><"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe"> [(Verified)Kaspersky Lab]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><explorer.exe> [(Verified)Microsoft Windows]
<Userinit><C:\Windows\system32\userinit.exe,> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<WebCheck><> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
<Microsoft Windows Media Player><%SystemRoot%\system32\unregmp2.exe /ShowWMP> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><C:\Windows\System32\ie4uinit.exe -UserIconConfig> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
<Browser Customizations><"C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Windows><"%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
<Windows Desktop Update><regsvr32.exe /s /n /i:U shell32.dll> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
<Web Platform Customizations><C:\Windows\System32\ie4uinit.exe -BaseSettings> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install> [(Verified)Microsoft Corporation]
==================================
启动文件夹
N/A
==================================
服务
[Adobe Acrobat Update Service / AdobeARMservice][Stopped/Manual Start]
<"C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe"><Adobe Systems Incorporated>
[Adobe Flash Player Update Service / AdobeFlashPlayerUpdateSvc][Stopped/Manual Start]
<C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe><Adobe Systems Incorporated>
[Alipay security service / AlipaySecSvc][Running/Auto Start]
<C:\Program Files\alipay\alieditplus\AlipaySecSvc.exe><Alipay Inc.>
[AppleChargerSrv / AppleChargerSrv][Stopped/Manual Start]
<system32\AppleChargerSrv.exe><(File is missing)>
[卡巴斯基反病毒服务 / AVP][Running/Auto Start]
<"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe" -r><Kaspersky Lab ZAO>
[Baidu Updater / BaiduUpdater][Stopped/Manual Start]
<C:\Program Files\Baidu\BaiduUpdate\bdupdate.exe><Baidu.com, Inc.>
[CAJ Service Host / CAJ Service Host][Running/Auto Start]
<"C:\Program Files\TTKN\CAJVD\CAJSHost.exe"><Tongfang Knowledge Network Technology(Beijing) Co., Ltd.>
[FLEXnet Licensing Service / FLEXnet Licensing Service][Stopped/Manual Start]
<"C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"><Macrovision Europe Ltd.>
[Google 更新服务 (gupdate) / gupdate][Stopped/Manual Start]
<"C:\Program Files\Google\Update\GoogleUpdate.exe" /svc><Google Inc.>
[Google 更新服务 (gupdatem) / gupdatem][Stopped/Manual Start]
<"C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc><Google Inc.>
[Google Software Updater / gusvc][Stopped/Manual Start]
<"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[ICBC Daemon Service / ICBC Daemon Service][Running/Auto Start]
<C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\ICBC_WIN32\IcbcDaemon.exe><N/A>
[Intel(R) Management and Security Application Local Management Service / LMS][Running/Auto Start]
<C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe><Intel Corporation>
[MotoHelper Service / MotoHelper][Stopped/Manual Start]
<C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe><>
[NVIDIA Driver Helper Service / NVSvc][Running/Auto Start]
<C:\Windows\system32\nvvsvc.exe><NVIDIA Corporation>
[Splashtop Connect Service / SCBackService][Running/Auto Start]
<C:\Program Files\Splashtop\Splashtop Connect\BackService.exe><Splashtop Inc.>
[Splashtop Software Updater Service / SSUService][Stopped/Manual Start]
<C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe><Splashtop Inc.>
[NVIDIA Stereoscopic 3D Driver Service / Stereo Service][Running/Auto Start]
<C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe><NVIDIA Corporation>
[Intel(R) Management and Security Application User Notification Service / UNS][Running/Auto Start]
<"C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"><Intel Corporation>
[VIA Karaoke digital mixer Service / VIAKaraokeService][Running/Auto Start]
<C:\Windows\system32\viakaraokesrv.exe><VIA Technologies, Inc.>
[Splashtop Connect Firefox Software Updater Service / WCUService_STC_FF][Running/Auto Start]
<C:\Program Files\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe><Splashtop Inc.>
==================================
驱动程序
[adp94xx / adp94xx][Stopped/Manual Start]
<\SystemRoot\system32\drivers\adp94xx.sys><Adaptec, Inc.>
[adpahci / adpahci][Stopped/Manual Start]
<\SystemRoot\system32\drivers\adpahci.sys><Adaptec, Inc.>
[adpu320 / adpu320][Stopped/Manual Start]
<\SystemRoot\system32\drivers\adpu320.sys><Adaptec, Inc.>
[aic78xx / aic78xx][Stopped/Manual Start]
<\SystemRoot\system32\drivers\djsvs.sys><Adaptec, Inc.>
[aliide / aliide][Stopped/Manual Start]
<\SystemRoot\system32\drivers\aliide.sys><Acer Laboratories Inc.>
[amdsata / amdsata][Stopped/Manual Start]
<\SystemRoot\system32\drivers\amdsata.sys><Advanced Micro Devices>
[amdsbs / amdsbs][Stopped/Manual Start]
<\SystemRoot\system32\drivers\amdsbs.sys><AMD Technologies Inc.>
[amdxata / amdxata][Running/Boot Start]
<\SystemRoot\system32\drivers\amdxata.sys><Advanced Micro Devices>
[AppleCharger / AppleCharger][Running/System Start]
<system32\DRIVERS\AppleCharger.sys><N/A>
[arc / arc][Stopped/Manual Start]
<\SystemRoot\system32\drivers\arc.sys><Adaptec, Inc.>
[arcsas / arcsas][Stopped/Manual Start]
<\SystemRoot\system32\drivers\arcsas.sys><Adaptec, Inc.>
[Broadcom NetXtreme II VBD / b06bdrv][Stopped/Manual Start]
<\SystemRoot\system32\drivers\bxvbdx.sys><Broadcom Corporation>
[Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 / b57nd60x][Stopped/Manual Start]
<system32\DRIVERS\b57nd60x.sys><Broadcom Corporation>
[Brother USB Mass-Storage Lower Filter Driver / BrFiltLo][Stopped/Manual Start]
<\SystemRoot\system32\drivers\BrFiltLo.sys><Brother Industries, Ltd.>
[Brother USB Mass-Storage Upper Filter Driver / BrFiltUp][Stopped/Manual Start]
<\SystemRoot\system32\drivers\BrFiltUp.sys><Brother Industries, Ltd.>
[Brother MFC Serial Port Interface Driver (WDM) / Brserid][Stopped/Manual Start]
<\SystemRoot\System32\Drivers\Brserid.sys><Brother Industries Ltd.>
[Brother WDM Serial driver / BrSerWdm][Stopped/Manual Start]
<\SystemRoot\System32\Drivers\BrSerWdm.sys><Brother Industries Ltd.>
[Brother MFC USB Fax Only Modem / BrUsbMdm][Stopped/Manual Start]
<\SystemRoot\System32\Drivers\BrUsbMdm.sys><Brother Industries Ltd.>
[Brother MFC USB Serial WDM Driver / BrUsbSer][Stopped/Manual Start]
<\SystemRoot\System32\Drivers\BrUsbSer.sys><Brother Industries Ltd.>
[cmdide / cmdide][Stopped/Manual Start]
<\SystemRoot\system32\drivers\cmdide.sys><CMD Technology, Inc.>
[Broadcom NetXtreme II 10 GigE VBD / ebdrv][Stopped/Manual Start]
<\SystemRoot\system32\drivers\evbdx.sys><Broadcom Corporation>
[EfiSystemMon / EfiMon][Running/System Start]
<System32\Drivers\Efimon.sys><360安全中心>
[elxstor / elxstor][Stopped/Manual Start]
<\SystemRoot\system32\drivers\elxstor.sys><Emulex>
[gdrv / gdrv][Stopped/Manual Start]
<\??\C:\Windows\gdrv.sys><N/A>
[Hauppauge Consumer Infrared Receiver / hcw85cir][Stopped/Manual Start]
<\SystemRoot\system32\drivers\hcw85cir.sys><Hauppauge Computer Works, Inc.>
[HpSAMD / HpSAMD][Stopped/Manual Start]
<\SystemRoot\system32\drivers\HpSAMD.sys><Hewlett-Packard Company>
[HTC Device Driver / HTCAND32][Stopped/Manual Start]
<System32\Drivers\ANDROIDUSB.sys><HTC, Corporation>
[Intel RAID Controller Windows 7 / iaStorV][Stopped/Manual Start]
<\SystemRoot\system32\drivers\iaStorV.sys><Intel Corporation>
[iirsp / iirsp][Stopped/Manual Start]
<\SystemRoot\system32\drivers\iirsp.sys><Intel Corp./ICP vortex GmbH>
[kl1 / kl1][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\kl1.sys><Kaspersky Lab ZAO>
[Kaspersky Lab Driver / KLIF][Running/System Start]
<system32\DRIVERS\klif.sys><Kaspersky Lab>
[Kaspersky Anti-Virus NDIS 6 Filter / KLIM6][Running/System Start]
<system32\DRIVERS\klim6.sys><Kaspersky Lab ZAO>
[Kaspersky Lab KLKBDFLT / klkbdflt][Running/Manual Start]
<system32\DRIVERS\klkbdflt.sys><Kaspersky Lab>
[Kaspersky Lab KLMOUFLT / klmouflt][Running/Manual Start]
<system32\DRIVERS\klmouflt.sys><Kaspersky Lab>
[kltdi / kltdi][Running/System Start]
<system32\DRIVERS\kltdi.sys><Kaspersky Lab>
[kneps / kneps][Running/System Start]
<system32\DRIVERS\kneps.sys><Kaspersky Lab>
[NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller / L1C][Running/Manual Start]
<system32\DRIVERS\L1C62x86.sys><Atheros Communications, Inc.>
[LSI_FC / LSI_FC][Stopped/Manual Start]
<\SystemRoot\system32\drivers\lsi_fc.sys><LSI Corporation>
[LSI_SAS / LSI_SAS][Stopped/Manual Start]
<\SystemRoot\system32\drivers\lsi_sas.sys><LSI Corporation>
[LSI_SAS2 / LSI_SAS2][Stopped/Manual Start]
<\SystemRoot\system32\drivers\lsi_sas2.sys><LSI Corporation>
[LSI_SCSI / LSI_SCSI][Stopped/Manual Start]
<\SystemRoot\system32\drivers\lsi_scsi.sys><LSI Corporation>
[megasas / megasas][Stopped/Manual Start]
<\SystemRoot\system32\drivers\megasas.sys><LSI Corporation>
[MegaSR / MegaSR][Stopped/Manual Start]
<\SystemRoot\system32\drivers\MegaSR.sys><LSI Corporation, Inc.>
[Intel(R) Management Engine Interface / MEI][Running/Manual Start]
<system32\DRIVERS\HECI.sys><Intel Corporation>
[Mot ADB Interface Driver / motandroidusb][Stopped/Manual Start]
<System32\Drivers\motoandroid.sys><Motorola>
[nfrd960 / nfrd960][Stopped/Manual Start]
<\SystemRoot\system32\drivers\nfrd960.sys><IBM Corporation>
[Service for NVIDIA High Definition Audio Driver / NVHDA][Running/Manual Start]
<system32\drivers\nvhda32v.sys><NVIDIA Corporation>
[nvlddmkm / nvlddmkm][Running/Manual Start]
<system32\DRIVERS\nvlddmkm.sys><NVIDIA Corporation>
[nvraid / nvraid][Stopped/Manual Start]
<\SystemRoot\system32\drivers\nvraid.sys><NVIDIA Corporation>
[nvstor / nvstor][Stopped/Manual Start]
<\SystemRoot\system32\drivers\nvstor.sys><NVIDIA Corporation>
[ql2300 / ql2300][Stopped/Manual Start]
<\SystemRoot\system32\drivers\ql2300.sys><QLogic Corporation>
[ql40xx / ql40xx][Stopped/Manual Start]
<\SystemRoot\system32\drivers\ql40xx.sys><QLogic Corporation>
[QQProtect / QQProtect][Running/System Start]
<\??\C:\Windows\system32\drivers\QQProtect.sys><Tencent>
[SiSRaid2 / SiSRaid2][Stopped/Manual Start]
<\SystemRoot\system32\drivers\SiSRaid2.sys><Silicon Integrated Systems Corp.>
[SiSRaid4 / SiSRaid4][Stopped/Manual Start]
<\SystemRoot\system32\drivers\sisraid4.sys><Silicon Integrated Systems>
[stexstor / stexstor][Stopped/Manual Start]
<\SystemRoot\system32\drivers\stexstor.sys><Promise Technology>
[TesSafe / TesSafe][Stopped/Manual Start]
<\??\C:\Windows\system32\TesSafe.sys><TENCENT>
[Apple Mobile USB Driver / USBAAPL][Stopped/Manual Start]
<System32\Drivers\usbaapl.sys><Apple, Inc.>
[VGPU / VGPU][Stopped/Manual Start]
<System32\drivers\rdvgkmd.sys><N/A>
[VIA High Definition Audio Driver Service / VIAHdAudAddService][Running/Manual Start]
<system32\drivers\viahduaa.sys><VIA Technologies, Inc.>
[viaide / viaide][Stopped/Manual Start]
<\SystemRoot\system32\drivers\viaide.sys><VIA Technologies, Inc.>
[vsmraid / vsmraid][Stopped/Manual Start]
<\SystemRoot\system32\drivers\vsmraid.sys><VIA Technologies Inc.,Ltd>
[Look 312P / ZSMC301b][Stopped/Manual Start]
<System32\Drivers\usbVM31b.sys><VM>
==================================
浏览器加载项
[VideoUrlSniffer Class]
{00000ADA-7E0D-47C1-986C-F017D09C4304} <C:\Users\Public\Thunder Network\XMP4\Core\Program\VideoUrlSniffer.2.0.3.100.(545).dll, (Signed) 深圳市迅雷网络技术有限公司>
[Splashtop Connect VisualBookmark]
{0E5680D1-BF44-4929-94AF-FD30D784AD1D} <C:\Program Files\Splashtop\Splashtop Connect IE\STC.dll, (Signed) Splashtop Inc.>
[迅雷FLV视频嗅探及下载支持]
{0EA37B17-6B8B-4085-8257-F3A4AA69C27A} <C:\Program Files\Thunder Network\Thunder\BHO\XlBrowserAddin1.0.8.71.dll, (Signed) 深圳市迅雷网络技术有限公司>
[Adobe PDF Link Helper]
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll, (Signed) Adobe Systems Incorporated>
[Content Blocker Plugin]
{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll, (Signed) Kaspersky Lab ZAO>
[Virtual Keyboard Plugin]
{73455575-E40C-433C-9784-C78DC7761455} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll, (Signed) Kaspersky Lab ZAO>
[迅雷下载支持]
{889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\BHO\XunleiBHO7.2.10.3694.dll, (Signed) 深圳市迅雷网络技术有限公司>
[Safe Money Plugin]
{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll, (Signed) Kaspersky Lab ZAO>
[QvodExtend]
{A8502600-B272-4F68-A67B-A0305D46D297} <C:\Program Files\QvodPlayer\QvodExtend.dll, (Signed) Shenzhen QVOD Technology Co.,Ltd>
[ICBC Anti-Phishing class]
{BB4491A2-D11A-4c6b-91C0-B53246A3122B} <C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\ICBC_WIN32\Icbc_AntiPhishing.dll, (Signed) 中国工商银行>
[URL Advisor Plugin]
{E33CF602-D945-461A-83F0-819F76A199F8} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll, (Signed) Kaspersky Lab ZAO>
[VirtualKeyboardToolbarButtonHandler Class]
{0C4CC089-D306-440D-9772-464E226F6539} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll, (Signed) Kaspersky Lab ZAO>
[]
{14c1d00e-0b92-4379-880b-444fa2d740dd} <, >
[迅雷看看播放器]
{24c1d00e-0b92-4379-880b-444fa2d740dd} <, >
[迅雷看看]
{5D578929-E74E-46A2-A810-4F33D011DC52} <C:\Program Files\Common Files\Thunder Network\Kankan\XLStartKankan.exe, (Signed) N/A>
[信息检索(&R)]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, (Signed) Microsoft Corporation>
[FilterButtonHandler Class]
{CCF151D8-D089-449F-A5A4-D9909053F20F} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll, (Signed) Kaspersky Lab ZAO>
[Splashtop Connect SidebarIEButton]
{9E508DD9-844C-4985-AC11-AFE5DD71E0BF} <C:\Program Files\Splashtop\Splashtop Connect IE\STC.dll, (Signed) Splashtop Inc.>
[iTrusPTA Class]
{1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\Windows\system32\aliedit\3.2.0.0\pta.dll, (Signed) iTruschina Co., Ltd.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\Windows\system32\Macromed\Flash\Flash32_11_5_502_135.ocx, (Signed) Adobe Systems, Inc.>
[PPLive Lite Class]
{EF0D1A14-1033-41A2-A589-240C01EDC078} <C:\Program Files\Internet Explorer\PPLite\plugin\pplugin2.dll, (Signed) >
[VideoUrlSniffer Class]
{00000ADA-7E0D-47C1-986C-F017D09C4304} <C:\Users\Public\Thunder Network\XMP4\Core\Program\VideoUrlSniffer.2.0.3.100.(545).dll, (Signed) 深圳市迅雷网络技术有限公司>
[AliCertDOCtrl Class]
{08D512D2-7D97-4E22-B7DB-82791106C086} <C:\Users\wj\AppData\Roaming\alipay\cf\alicdo.dll, (Signed) Alipay>
[迅雷FLV视频嗅探及下载支持代{过}{滤}理]
{0C27ADC4-E826-4620-A3A7-990D7E05545F} <C:\Program Files\Thunder Network\Thunder\BHO\XlBrowserAddin1.0.8.71.dll, (Signed) 深圳市迅雷网络技术有限公司>
[AliSetupOneClick Class]
{0C2BA4AD-7E82-4593-845F-E4160E567752} <C:\Users\wj\AppData\Local\Alibaba Cloud Computing\AliSetup\0.2.1.19\npAliSetupOneClick.dll, (Signed) alibaba>
[]
{0C4CC089-D306-440D-9772-464E226F6539} <, >
[Splashtop Connect VisualBookmark]
{0E5680D1-BF44-4929-94AF-FD30D784AD1D} <C:\Program Files\Splashtop\Splashtop Connect IE\STC.dll, (Signed) Splashtop Inc.>
[迅雷FLV视频嗅探及下载支持]
{0EA37B17-6B8B-4085-8257-F3A4AA69C27A} <C:\Program Files\Thunder Network\Thunder\BHO\XlBrowserAddin1.0.8.71.dll, (Signed) 深圳市迅雷网络技术有限公司>
[certInStall Class]
{0EB487C8-E9AC-43A6-8C4C-083999B0622F} <C:\Windows\system32\CERTIN~1.DLL, (Signed) >
[]
{0F3DC9E0-C459-4A40-BCF8-747BD9322E10} <, >
[]
{14C1D00E-0B92-4379-880B-444FA2D740DD} <, >
[Fade]
{16B280C5-EE70-11D1-9066-00C04FD9189D} <C:\Windows\System32\Dxtmsft.dll, (Signed) Microsoft Corporation>
[Adobe PDF Link Helper]
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll, (Signed) Adobe Systems Incorporated>
[]
{1BC4E1F9-758D-4BDA-A7DE-A9E1DA7D1E41} <, >
[InstallHelper Class]
{1DABF8D5-8430-4985-9B7F-A30E53D709B3} <C:\Windows\system32\MMInstaller.dll, (Signed) Tencent>
[iTrusPTA Class]
{1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\Windows\system32\aliedit\3.2.0.0\pta.dll, (Signed) iTruschina Co., Ltd.>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\Windows\System32\wmpdxm.dll, (Signed) Microsoft Corporation>
[]
{2318C2B1-4965-11D4-9B18-009027A5CD4F} <, >
[QQCPHelper.CPAdder]
{23752AA7-CAD7-40C2-99EE-7A9CD3C20C6D} <d:\Tencent\QQ\Bin\CPHelper.dll, (Signed) Tencent>
[]
{24C1D00E-0B92-4379-880B-444FA2D740DD} <, >
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <C:\Windows\System32\mshtml.dll, (Signed) Microsoft Corporation>
[SSOLoginCtrl Class]
{26C3F8B0-0217-46A1-AB2D-A1B494E71402} <C:\Program Files\AliWangWang\7.20.37C\AliIMSSOLogin.dll, (Signed) 阿里巴巴（中国）有限公司>
[XML DOM Document]
{2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[]
{2B6A6FF5-EF83-4010-9BB6-F170F5910A43} <, >
[HtmlDlgSafeHelper Class]
{3050F819-98B5-11CF-BB82-00AA00BDCE0B} <C:\Windows\System32\mshtmled.dll, (Signed) Microsoft Corporation>
[]
{30A3ACF9-DA6E-4CA0-A081-E06282DF1C64} <, >
[Axcleanctrl Class]
{36C9539B-49D2-01C7-9C6D-10DACDFEA59C} <C:\Windows\system32\icbcclean.dll, (Signed) >
[]
{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <, >
[icbc_mwusbkeyCtl Class]
{3B3FE354-548D-4DA2-BEC2-52960C31F8E7} <C:\Windows\DOWNLO~1\ICBC_M~1.DLL, (Signed) >
[Splashtop Connect SideBar]
{42262EC6-50E2-43B1-B0EF-A07DEEF7E241} <C:\Program Files\Splashtop\Splashtop Connect IE\STC.dll, (Signed) Splashtop Inc.>
[]
{4248FE82-7FCB-46AC-B270-339F08212110} <, >
[XML Document]
{48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[Agent Class]
{485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <C:\Program Files\Thunder Network\Thunder\BHO\ThunderAgent7.2.10.3694.dll, (Signed) 深圳市迅雷网络技术有限公司>
[EditCtrl Class]
{488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\Windows\system32\aliedit\3.2.0.0\aliedit.dll, (Signed) >
[]
{4F720B9D-09C3-3806-640A-7FE3E0A1EB27} <, >
[]
{4F9FD89A-24F0-4FB7-9635-D54B3593B85B} <, >
[HHCtrl Object]
{52A2AAAE-085D-4187-97EA-8C30DB990436} <%SystemRoot%\System32\hhctrl.ocx, (Signed) N/A>
[Content Blocker Plugin]
{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll, (Signed) Kaspersky Lab ZAO>
[]
{58C094A4-645C-4CB3-B4AB-FEAEF6C84D7A} <, >
[]
{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} <, >
[WangWangX Class]
{5D09DD40-CDC4-4C56-B615-0D1E3B357C2B} <C:\Program Files\AliWangWang\7.20.37C\AliIMX.dll, (Signed) Alibaba software (Shanghai) Corporation.>
[]
{5D578929-E74E-46A2-A810-4F33D011DC52} <, >
[迅雷发行IE支持]
{5FFF24BC-DC02-4808-B4E0-A8E2C93FE407} <C:\Program Files\Thunder Network\Thunder\BHO\xlfxctrl1.0.1.64.dll, (Signed) 深圳市迅雷网络技术有限公司>
[]
{62D022C8-6EB3-4E06-8101-99D3379620C6} <, >
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <%SystemRoot%\system32\wmp.dll, (Signed) N/A>
[Access UserInfo by Script]
{6EE9CD3E-A386-4DAE-9737-A759DBF927AE} <c:\program files\thunder network\xmp\Program\UserAgent1.0.2.17.dll, (Signed) Thunder Networking Technologies,LTD>
[Virtual Keyboard Plugin]
{73455575-E40C-433C-9784-C78DC7761455} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll, (Signed) Kaspersky Lab ZAO>
[AxInputControl Class]
{73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\Windows\system32\InputControl.dll, (Signed) >
[VirtualKeyboardJavascriptApi Class]
{740E50B9-8CDB-4A47-A519-E6F99D97CD4C} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll, (Signed) Kaspersky Lab ZAO>
[CAJAX Control]
{78E87ACB-656E-4257-961D-3FADBE77A626} <C:\PROGRA~1\COMMON~1\TTKN\Bin\CAJAX.ocx, (Signed) Tongfang Knowledge Network Technology(Beijing) Co., Ltd.>
[CertEnroll Class]
{7978461C-CC22-48F2-BC69-02220D3E101D} <C:\Windows\system32\aliedit\3.2.0.0\itrusenroll.dll, (Signed) iTruschina Co., Ltd.>
[QvodShare Class]
{7C6D5EE5-C859-4B49-8F7B-DE0927D1C3E9} <C:\Program Files\QvodPlayer\npShareModule.dll, (Signed) Shenzhen QVOD Technology Co.,Ltd>
[XunleiBHO Class]
{802F530B-A8F6-4631-AE49-6BACAAC6373E} <C:\Program Files\Thunder Network\Thunder\BHO\XunleiBHO7.2.10.3694.dll, (Signed) 深圳市迅雷网络技术有限公司>
[yy_checker]
{82404416-4C60-47F8-BA06-90BA7261C3AE} <C:\Program Files\Common Files\duowan\yy4.0\YYSSO\1.0.0.3\npChecker.dll, (Signed) 广州多玩信息技术有限公司>
[AxAssistComm Class]
{84894428-B1F9-4C88-8A45-D6B8524E53B3} <C:\Program Files\ICBCEbankTools\ICBCSetupIntegration\IcbcAssistComm.dll, (Signed) Industrial and Commercial Bank of China>
[]
{87515F61-A66C-4319-A0E0-D416CB8059E3} <, >
[Microsoft Web Browser]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\Windows\System32\ieframe.dll, (Signed) Microsoft Corporation>
[迅雷下载支持]
{889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\BHO\XunleiBHO7.2.10.3694.dll, (Signed) 深圳市迅雷网络技术有限公司>
[XML HTTP 4.0]
{88D969C5-F192-11D4-A65F-0040963251E5} <C:\Windows\system32\msxml4.dll, (Signed) Microsoft Corporation>
[XML DOM Document 5.0]
{88D969E5-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll, (Signed) Microsoft Corporation>
[XML HTTP 5.0]
{88D969EA-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll, (Signed) Microsoft Corporation>
[XML DOM Document 6.0]
{88D96A05-F192-11D4-A65F-0040963251E5} <%SystemRoot%\System32\msxml6.dll, (Signed) N/A>
[XML HTTP 6.0]
{88D96A0A-F192-11D4-A65F-0040963251E5} <%SystemRoot%\System32\msxml6.dll, (Signed) N/A>
[AxSubmitControl Class]
{8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\Windows\system32\SubmitControl.dll, (Signed) >
[SecCtrl Class]
{8EB7C6CB-2DA6-4ABE-B2EA-EAC5A372E757} <C:\Windows\system32\aliedit\3.2.0.0\npAliSecCtrl.dll, (Signed) Alipay.com Inc. >
[]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <, >
[IEKeyControl Class]
{93E730CA-32AA-4C56-B5FB-65932E954CFE} <C:\Windows\system32\IE_FULL_SCREEN.dll, (Signed) Industrial and Commercial Bank of China>
[VASensor Class]
{96CD6DA7-17F2-4576-82B0-BE4526FB7D6B} <C:\Program Files\Common Files\Thunder Network\KanKan\kkva.1.0.0.14.(546).dll, (Signed) 深圳市迅雷网络技术有限公司>
[OFrameObject Class]
{9701758C-4373-482E-B13C-776C048EC890} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.7201.438.(546).dll, (Signed) ShenZhen Thunder Networking Technologies Ltd.>
[]
{9A4BD730-AFCA-4CB8-9370-E921C330F3EE} <, >
[]
{9A5B3139-7DF8-5AC6-FE1C-F4AA45347544} <, >
[]
{9E508DD9-844C-4985-AC11-AFE5DD71E0BF} <, >
[Safe Money Plugin]
{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll, (Signed) Kaspersky Lab ZAO>
[VersionDetector Class]
{9EFF1953-9694-47B1-AEF6-B2A3FE8BFE9C} <C:\Program Files\Common Files\Thunder Network\KanKan\kkvd.1.0.0.2.(101).dll, (Signed) ShenZhen Thunder Networking Technologies,Ltd.>
[QvodExtend]
{A8502600-B272-4F68-A67B-A0305D46D297} <C:\Program Files\QvodPlayer\QvodExtend.dll, (Signed) Shenzhen QVOD Technology Co.,Ltd>
[APlayer3 Control]
{A9332148-C691-4B9D-91FC-B9C461DBE9DD} <C:\Users\Public\Thunder Network\APlayer\APlayer_3.0.4.533.dll, (Signed) ShenZhen Thunder Networking Technologies, LTD>
[RMGetLicense Class]
{A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\Windows\System32\msnetobj.dll, (Signed) Microsoft Corporation>
[]
{AA58ED58-01DD-4D91-8333-CF10577473F7} <, >
[DapCtrl Class]
{ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.7201.438.(546).dll, (Signed) ShenZhen Thunder Networking Technologies Ltd.>
[LiveDapCtrl Class]
{ACACC6EB-1FBA-4E13-A729-53AEB2DF54F9} <C:\Program Files\Common Files\Thunder Network\KanKan\LiveDapCtrl.1.0.0.10.(546).dll, (Signed) ShenZhen Thunder Networking Technologies Ltd.>
[]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <, >
[InfoSecICBCNetSign Class]
{B1FBC1AD-5644-4084-882A-0F8BA85E7506} <C:\Windows\system32\ICBC_N~1.DLL, (Signed) Infosec Technologies Co., Ltd.>
[GtjaUsbKeyApi Class]
{B402DE16-5DB2-42B8-A4EB-277F3E3D91CE} <C:\gtja\ActiveX\GtjaUsbKey.dll, (Signed) >
[]
{B69F34DD-F0F9-42DC-9EDD-957187DA688D} <, >
[]
{B771147A-4CC8-450E-8AB1-7D47821751B1} <, >
[ICBC Anti-Phishing class]
{BB4491A2-D11A-4C6B-91C0-B53246A3122B} <C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\ICBC_WIN32\Icbc_AntiPhishing.dll, (Signed) 中国工商银行>
[FTNUpload Class]
{BDEACC50-F56D-4D60-860F-CF6ED1766D65} <C:\Program Files\Common Files\Tencent\TXFTN\TXFTNActiveX1.17.dll, (Signed) Tencent>
[]
{C16931A2-66BC-4D4C-9E22-348BA7C86DE1} <, >
[Adobe PDF Reader]
{CA8A9780-280D-11CF-A24D-444553540000} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll, (Signed) Adobe Systems, Inc.>
[FilterButtonHandler Class]
{CCF151D8-D089-449F-A5A4-D9909053F20F} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll, (Signed) Kaspersky Lab ZAO>
[AUDIO__MP3 Moniker Class]
{CD3AFA76-B84F-48F0-9393-7EDC34128127} <%SystemRoot%\system32\wmp.dll, (Signed) N/A>
[AUDIO__X_MS_WMA Moniker Class]
{CD3AFA84-B84F-48F0-9393-7EDC34128127} <%SystemRoot%\system32\wmp.dll, (Signed) N/A>
[VIDEO__MP4 Moniker Class]
{CD3AFA99-B84F-48F0-9393-7EDC34128127} <%SystemRoot%\system32\wmp.dll, (Signed) N/A>
[Microsoft Url Search Hook]
{CFBFAE00-17A6-11D0-99CB-00C04FD64497} <C:\Windows\System32\ieframe.dll, (Signed) Microsoft Corporation>
[]
{D18A0B52-D63C-4ED0-AFC6-C1E3DC1AF43A} <, >
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\Windows\system32\Macromed\Flash\Flash32_11_5_502_135.ocx, (Signed) Adobe Systems, Inc.>
[xoliimpl Class]
{DD5BF6D1-6663-47E0-9DFA-5C343CAF178E} <C:\Windows\xinstaller.dll, (Signed) 深圳市迅雷技术有限公司>
[Microsoft Silverlight]
{DFEAF541-F3E1-4C24-ACAC-99C30715084A} <C:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll, Microsoft Corporation>
[PlayerCtrl Class]
{E05BC2A3-9A46-4A32-80C9-023A473F5B23} <d:\Tencent\QQMusic\QzoneMusic.dll, (Signed) Tencent>
[URL Advisor Plugin]
{E33CF602-D945-461A-83F0-819F76A199F8} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll, (Signed) Kaspersky Lab ZAO>
[icbc_mwdvctrl Class]
{E6C2DD02-CD38-41A1-9B69-3D7E3B64AF9A} <C:\Windows\system32\ICBC_M~1.DLL, (Signed) MingWah>
[SSOForPTLogin2 Class]
{EAAED308-7322-4B9B-965E-171933ADD473} <C:\Program Files\Common Files\Tencent\TXSSO\1.2.1.87\Bin\npSSOAxCtrlForPTLogin.dll, (Signed) Tencent>
[XML HTTP Request]
{ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[PPLive Lite Class]
{EF0D1A14-1033-41A2-A589-240C01EDC078} <C:\Program Files\Internet Explorer\PPLite\plugin\pplugin2.dll, (Signed) >
[QvodCtrl Class]
{F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\npQvodInsert.dll, (Signed) Shenzhen QVOD Technology Co.,Ltd>
[]
{F3E70CEA-956E-49CC-B444-73AFE593AD7F} <, >
[]
{F486C5D5-5A91-43D2-B8B7-FD40A71FDB18} <, >
[XML DOM Document 3.0]
{F5078F32-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[XML HTTP 3.0]
{F5078F35-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[AxPlayer Class]
{F587310D-5306-494D-87E2-88334B46E781} <C:\Program Files\Baofeng\StormPlayer\webplayer\PlayerShell.dll, (Signed) 北京暴风科技股份有限公司>
[XML DOM Document]
{F6D90F11-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[XML HTTP]
{F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[ssoActivex Class]
{FAC87377-9586-4C72-A614-8C9B3CA1BF5B} <C:\gtja\ActiveX\ssoLib.dll, (Signed) >
[webmod Class]
{FEE3C8C5-9BEA-4079-AB36-63ECABFC7392} <C:\Windows\system32\aliedit\3.2.0.0\alidcp.dll, (Signed) Alipay.com Co.,Ltd>
[&使用&迅雷下载]
<C:\Program Files\Thunder Network\Thunder\BHO\geturl.htm, N/A>
[&使用&迅雷下载全部链接]
<C:\Program Files\Thunder Network\Thunder\BHO\GetAllUrl.htm, N/A>
[&使用&迅雷离线下载]
<C:\Program Files\Thunder Network\Thunder\BHO\OfflineDownload.htm, N/A>
[&使用115优蛋下载]
<, >
[&使用115优蛋下载全部链接]
<, >
[使用迅雷看看播放器播放]
<C:\Users\Public\Thunder Network\XMP4\Core\Program\XmpIEMenu.htm, N/A>
[添加到卡巴斯基反广告列表]
<C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm, N/A>
[添加当前页到迅雷看看播放器标签]
<C:\Users\Public\Thunder Network\XMP4\Core\Program\XmpIEMenuAddStoreTab.htm, N/A>
==================================
正在运行的进程
[PID: 372 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 496 / SYSTEM][C:\Windows\system32\csrss.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 572 / SYSTEM][C:\Windows\system32\wininit.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 584 / SYSTEM][C:\Windows\system32\csrss.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 660 / SYSTEM][C:\Windows\system32\services.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 668 / SYSTEM][C:\Windows\system32\lsass.exe] [(Verified) Microsoft Corporation, 6.1.7601.17725 (win7sp1_gdr.111116-1503)]
[PID: 676 / SYSTEM][C:\Windows\system32\lsm.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 716 / SYSTEM][C:\Windows\system32\winlogon.exe] [(Verified) Microsoft Corporation, 6.1.7601.17514 (win7sp1_rtm.101119-1850)]
[PID: 804 / SYSTEM][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 864 / SYSTEM][C:\Windows\system32\nvvsvc.exe] [NVIDIA Corporation, 8.17.12.6633]
[C:\Program Files\NVIDIA Corporation\Display\NVXDBat.dll] [NVIDIA Corporation, 7.17.12.6633]
[PID: 904 / NETWORK SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 996 / LOCAL SERVICE][C:\Windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[C:\Windows\system32\VIASysFx.dll] [VIA Technologies, Inc., 6.0.01.9100]
[PID: 1044 / SYSTEM][C:\Windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 1076 / SYSTEM][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 1216 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 1332 / NETWORK SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 1460 / SYSTEM][C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe] [NVIDIA Corporation, 7.17.12.6633]
[C:\Program Files\NVIDIA Corporation\Display\NVXDApiX.dll] [NVIDIA Corporation, 7.17.12.6633]
[C:\Program Files\NVIDIA Corporation\Display\NvUI.dll] [NVIDIA Corporation, 7.17.12.6633]
[C:\Windows\system32\nvapi.dll] [NVIDIA Corporation, 8.17.12.6633]
[C:\Program Files\NVIDIA Corporation\Display\NVXDBat.dll] [NVIDIA Corporation, 7.17.12.6633]
[PID: 1472 / SYSTEM][C:\Windows\system32\nvvsvc.exe] [NVIDIA Corporation, 8.17.12.6633]
[C:\Windows\system32\NVSVC.DLL] [NVIDIA Corporation, 8.17.12.6633]
[C:\Windows\system32\nvapi.dll] [NVIDIA Corporation, 8.17.12.6633]
[C:\Windows\system32\NVSVCR.DLL] [NVIDIA Corporation, 8.17.12.6633]
[C:\Program Files\NVIDIA Corporation\Display\NVXDBat.dll] [NVIDIA Corporation, 7.17.12.6633]
[C:\Program Files\NVIDIA Corporation\Display\NVXDPlcy.dll] [NVIDIA Corporation, 7.17.12.6633]
[PID: 1544 / SYSTEM][C:\Windows\System32\spoolsv.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 1592 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 1616 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 1760 / SYSTEM][C:\Program Files\alipay\alieditplus\AlipaySecSvc.exe] [Alipay Inc. , 1, 0, 14, 0]
[PID: 2032 / SYSTEM][C:\Program Files\TTKN\CAJVD\CAJSHost.exe] [Tongfang Knowledge Network Technology(Beijing) Co., Ltd., 1, 0,56, 0]
[PID: 440 / SYSTEM][C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\ICBC_WIN32\IcbcDaemon.exe] [N/A, ]
[PID: 516 / SYSTEM][C:\Program Files\Splashtop\Splashtop Connect\BackService.exe] [Splashtop Inc., 1.0.4.0]
[PID: 432 / SYSTEM][C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe] [NVIDIA Corporation, 7.17.12.6633]
[PID: 760 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 920 / SYSTEM][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 1324 / SYSTEM][C:\Windows\system32\viakaraokesrv.exe] [VIA Technologies, Inc., ]
[PID: 1504 / SYSTEM][C:\Program Files\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe] [Splashtop Inc., 1.1.7.1 ]
[PID: 2156 / wj][C:\Windows\system32\taskhost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 2256 / wj][C:\Windows\system32\Dwm.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[C:\Windows\system32\nvwgf2um.dll] [NVIDIA Corporation, 8.17.12.6633]
[PID: 2528 / NETWORK SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 2640 / wj][C:\Windows\Explorer.EXE] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[C:\Program Files\Common Files\Thunder Network\KanKan\xappex.1.1.1.62.(547).dll] [深圳市迅雷网络技术有限公司, 1, 1, 1, 62]
[C:\Users\Public\Thunder Network\KanKan\Pusher\xappdrv.1.0.0.62.dll] [深圳市迅雷网络技术有限公司, 1, 0, 0, 62]
[C:\Windows\system32\FXSAPI.dll] [Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[C:\Windows\system32\nvshext.dll] [NVIDIA Corporation, 266.33]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\prremote.dll] [Kaspersky Lab ZAO, 13.0.1.4190]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\prloader.dll] [Kaspersky Lab ZAO, 13.0.1.4190]
[C:\Program Files\WinRAR\rarext.dll] [, ]
[C:\Program Files\QvodPlayer\QvodBand.dll] [Shenzhen QVOD Technology Co.,Ltd, 3, 0, 0, 0]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\shellex.dll] [Kaspersky Lab ZAO, 13.0.1.4190]
[C:\PROGRA~1\Wopti\WOPTIE~1.DLL] [Wopti, 1.6.10.816]
[PID: 2652 / wj][C:\Program Files\alipay\SafeTransaction\AlipaySafeTran.exe] [Alipay Inc. , 1, 1, 0, 0]
[C:\Program Files\alipay\SafeTransaction\AliPayST.dll] [阿里巴巴云计算有限公司, 1, 1, 0, 2]
[C:\Windows\system32\aliedit\3.2.0.0\alidcp.dll] [Alipay.com Co.,Ltd, 2.0.0.4]
[PID: 3068 / wj][C:\Program Files\alipay\SafeTransaction\Alipaybsm.exe] [Alipay Inc. , 1, 0, 0, 9]
[C:\Windows\system32\aliedit\3.2.0.0\alidcp.dll] [Alipay.com Co.,Ltd, 2.0.0.4]
[PID: 3244 / wj][C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe] [VIA, 9.2.00.31]
[C:\Program Files\VIA\VIAudioi\VDeck\QsApoApi.dll] [N/A, ]
[C:\Program Files\VIA\VIAudioi\VDeck\Dts2ApoApi.dll] [N/A, ]
[C:\Program Files\VIA\VIAudioi\VDeck\Skin.dll] [, 1, 0, 0, 1]
[C:\Program Files\VIA\VIAudioi\VDeck\Skin1.dll] [TODO: <Company name>, 1.0.0.1]
[PID: 3312 / wj][C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe] [Splashtop Inc., 1.0.4.0]
[C:\Program Files\Splashtop\Splashtop Connect\plugins\zyngagames\ZyngaGames.dll] [Splashtop Inc., 1.0.4.0]
[PID: 3432 / wj][C:\Windows\system32\wbem\unsecapp.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 3548 / SYSTEM][C:\Windows\system32\wbem\wmiprvse.exe] [(Verified) Microsoft Corporation, 6.1.7601.17514 (win7sp1_rtm.101119-1850)]
[PID: 3596 / SYSTEM][C:\Windows\system32\SearchIndexer.exe] [(Verified) Microsoft Corporation, 7.00.7600.16385 (win7_rtm.090713-1255)]
[PID: 3240 / wj][C:\Program Files\Windows Sidebar\sidebar.exe] [Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\scrchpg.dll] [Kaspersky Lab ZAO, 13.0.1.4190]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\klscav.dll] [Kaspersky Lab ZAO, 13.0.1.4190]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\remote_eka_prague_loader.dll] [Kaspersky Lab ZAO, 13.0.1.4190]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\prremote.dll] [Kaspersky Lab ZAO, 13.0.1.4190]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\prloader.dll] [Kaspersky Lab ZAO, 13.0.1.4190]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\service.dll] [Kaspersky Lab ZAO, 13.0.1.4190]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\eka_meta.dll] [Kaspersky Lab ZAO, 13.0.1.4190]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\pxstub.ppl] [Kaspersky Lab ZAO, 13.0.1.4242]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\params.ppl] [Kaspersky Lab ZAO, 13.0.1.4220]
[C:\Windows\system32\nvd3dum.dll] [NVIDIA Corporation, 8.17.12.6633]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\gadget.dll] [Kaspersky Lab ZAO, 13.0.1.4190]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\nfio.ppl] [Kaspersky Lab ZAO, 13.0.1.4190]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\winreg.ppl] [Kaspersky Lab ZAO, 13.0.1.4190]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\thpimpl.ppl] [Kaspersky Lab ZAO, 13.0.1.4190]
[PID: 3228 / SYSTEM][C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe] [Intel Corporation, 7.0.0.1135]
[PID: 3472 / SYSTEM][C:\Windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 1268 / SYSTEM][C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe] [Intel Corporation, 7.0.0.1135]
[C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll] [Intel Corporation, 3.0.0.1]
[C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll] [Apache Software Foundation, 2, 7, 0]
[PID: 2468 / wj][C:\Windows\system32\taskmgr.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 1136 / NETWORK SERVICE][C:\Program Files\Windows Media Player\wmpnetwk.exe] [Microsoft Corporation, 12.0.7600.16385 (win7_rtm.090713-1255)]
[PID: 4936 / wj][C:\Windows\system32\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe] [Adobe Systems Incorporated, 11,5,502,135]
[C:\Windows\system32\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.dll] [Adobe Systems, Inc., 11,5,502,135]
[PID: 5276 / wj][C:\Program Files\SogouInput\6.2.0.8278\SogouCloud.exe] [Sogou.com Inc., 6.2.0.8278]
[PID: 3344 / SYSTEM][C:\Windows\system32\wbem\WmiApSrv.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 1836 / wj][C:\Windows\explorer.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[C:\Program Files\Common Files\Thunder Network\KanKan\xappex.1.1.1.62.(547).dll] [深圳市迅雷网络技术有限公司, 1, 1, 1, 62]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\prremote.dll] [Kaspersky Lab ZAO, 13.0.1.4190]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\prloader.dll] [Kaspersky Lab ZAO, 13.0.1.4190]
[PID: 4668 / wj][D:\sreng2\SREngLdr.EXE] [Smallfrogs Studio, 2.8.4.1331]
[PID: 5072 / wj][D:\sreng2\SRE7a3b9561.EXE] [Smallfrogs Studio, 2.8.4.1331]
[C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll] [ Microsoft Corporation, 4.0.50401.0]
==================================
文件关联
.TXT Error. [C:\Windows\notepad.exe %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["%SystemRoot%\hh.exe" %1]
.HLP OK. [%SystemRoot%\winhlp32.exe %1]
.INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS OK. ["%SystemRoot%\System32\WScript.exe" "%1" %*]
.JS Error. [C:\Windows\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
N/A
==================================
进程特权扫描
N/A
==================================
计划任务
[已禁用] \\Adobe Flash Player Updater
C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[已禁用] \\GoogleUpdateTaskMachineCore
C:\Program Files\Google\Update\GoogleUpdate.exe /c
[已禁用] \\GoogleUpdateTaskMachineUA
C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
[已启用] \\MotoHelper Initial Update
"C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe" -d -silent
[已启用] \\MotoHelper Routing
"C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe" -r
[已启用] \\MotoHelper Update
"C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe" -d -silent
[已禁用] \\TaskAt2663935
d:\Tencent\QQMusic\QQMusicCvtData.exe /list vista /progresstitle 395838 /install "d:\Tencent\QQMusic" /whirlinstall 1
[已启用] \\{E8B097EE-289C-4EAF-8761-077662429304}
C:\Windows\system32\pcalua.exe -a C:\zhb\股票数据转换宝.exe -d C:\zhb
[已禁用] \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)
N/A
[已启用] \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)
N/A
[已禁用] \Microsoft\Windows\AppID\PolicyConverter
%windir%\system32\appidpolicyconverter.exe
[已禁用] \Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck
%windir%\system32\appidcertstorecheck.exe
[已启用] \Microsoft\Windows\Application Experience\AitAgent
aitagent
[已启用] \Microsoft\Windows\Application Experience\ProgramDataUpdater
%windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate
[已启用] \Microsoft\Windows\Autochk\Proxy
%windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
[已启用] \Microsoft\Windows\Bluetooth\UninstallDeviceTask
BthUdTask.exe $(Arg0)
[已启用] \Microsoft\Windows\CertificateServicesClient\SystemTask
N/A
[已启用] \Microsoft\Windows\CertificateServicesClient\UserTask
N/A
[已禁用] \Microsoft\Windows\CertificateServicesClient\UserTask-Roam
N/A
[已启用] \Microsoft\Windows\Customer Experience Improvement Program\Consolidator
%SystemRoot%\System32\wsqmcons.exe
[已启用] \Microsoft\Windows\Defrag\ScheduledDefrag
%windir%\system32\defrag.exe -c
[已启用] \Microsoft\Windows\Location\Notifications
%windir%\System32\LocationNotifications.exe
[已启用] \Microsoft\Windows\Maintenance\WinSAT
N/A
[已禁用] \Microsoft\Windows\Media Center\ActivateWindowsSearch
%SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
[已禁用] \Microsoft\Windows\Media Center\ConfigureInternetTimeService
%SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
[已禁用] \Microsoft\Windows\Media Center\DispatchRecoveryTasks
%SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
[已禁用] \Microsoft\Windows\Media Center\ehDRMInit
%SystemRoot%\ehome\ehPrivJob.exe /DRMInit
[已禁用] \Microsoft\Windows\Media Center\InstallPlayReady
%SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
[已禁用] \Microsoft\Windows\Media Center\mcupdate
%SystemRoot%\ehome\mcupdate $(Arg0)
[已禁用] \Microsoft\Windows\Media Center\MediaCenterRecoveryTask
%SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
[已禁用] \Microsoft\Windows\Media Center\MediaCenterRecoveryTask
%SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
[已禁用] \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask
%SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
[已禁用] \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask
%SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
[已禁用] \Microsoft\Windows\Media Center\OCURActivate
%SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
[已禁用] \Microsoft\Windows\Media Center\OCURDiscovery
%SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
[已禁用] \Microsoft\Windows\Media Center\PBDADiscovery
%SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
[已禁用] \Microsoft\Windows\Media Center\PBDADiscoveryW1
%SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
[已禁用] \Microsoft\Windows\Media Center\PBDADiscoveryW2
%SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
[已禁用] \Microsoft\Windows\Media Center\PeriodicScanRetry
%windir%\ehome\MCUpdate.exe -pscn 0
[已禁用] \Microsoft\Windows\Media Center\PvrRecoveryTask
%SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
[已禁用] \Microsoft\Windows\Media Center\PvrRecoveryTask
%SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
[已禁用] \Microsoft\Windows\Media Center\PvrScheduleTask
%SystemRoot%\ehome\mcupdate.exe -PvrSchedule
[已禁用] \Microsoft\Windows\Media Center\PvrScheduleTask
%SystemRoot%\ehome\mcupdate.exe -PvrSchedule
[已禁用] \Microsoft\Windows\Media Center\RecordingRestart
%SystemRoot%\ehome\ehrec /RestartRecording
[已禁用] \Microsoft\Windows\Media Center\RegisterSearch
%SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
[已禁用] \Microsoft\Windows\Media Center\ReindexSearchRoot
%SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
[已禁用] \Microsoft\Windows\Media Center\SqlLiteRecoveryTask
%SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
[已禁用] \Microsoft\Windows\Media Center\SqlLiteRecoveryTask
%SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
[已启用] \Microsoft\Windows\Media Center\StartRecording
%SystemRoot%\ehome\ehrec /StartRecording
[已禁用] \Microsoft\Windows\Media Center\UpdateRecordPath
%SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
[已启用] \Microsoft\Windows\MobilePC\HotStart
N/A
[已启用] \Microsoft\Windows\MUI\LPRemove
%windir%\system32\lpremove.exe
[已启用] \Microsoft\Windows\Multimedia\SystemSoundsService
N/A
[已启用] \Microsoft\Windows\NetTrace\GatherNetworkInfo
%windir%\system32\gatherNetworkInfo.vbs
[已禁用] \Microsoft\Windows\Offline Files\Background Synchronization
N/A
[已禁用] \Microsoft\Windows\Offline Files\Logon Synchronization
N/A
[已启用] \Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
%SystemRoot%\System32\powercfg.exe -energy -auto
[已启用] \Microsoft\Windows\Ras\MobilityManager
N/A
[已禁用] \Microsoft\Windows\SideShow\AutoWake
N/A
[已启用] \Microsoft\Windows\SideShow\GadgetManager
N/A
[已禁用] \Microsoft\Windows\SideShow\SessionAgent
N/A
[已禁用] \Microsoft\Windows\SideShow\SystemDataProviders
N/A
[已禁用] \Microsoft\Windows\SystemRestore\SR
%windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
[已启用] \Microsoft\Windows\Tcpip\IpAddressConflict1
%windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
[已启用] \Microsoft\Windows\Tcpip\IpAddressConflict2
%windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
[已启用] \Microsoft\Windows\Time Synchronization\SynchronizeTime
%windir%\system32\sc.exe start w32time task_started
[已启用] \Microsoft\Windows\UPnP\UPnPHostConfig
sc.exe config upnphost start= auto
[已禁用] \Microsoft\Windows\User Profile Service\HiveUploadTask
N/A
[已启用] \Microsoft\Windows\Windows Error Reporting\QueueReporting
%windir%\system32\wermgr.exe -queuereporting
[已禁用] \Microsoft\Windows\Windows Media Sharing\UpdateLibrary
"%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
[已启用] \Microsoft\Windows\WindowsBackup\ConfigNotification
%systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
[已禁用] \Microsoft\Windows\WindowsColorSystem\Calibration Loader
N/A
==================================
Windows 安全更新检查
KB2483139, 拉脱维亚语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139, 斯洛文尼亚语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139, 爱沙尼亚语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139, 挪威语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139, 西班牙语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139, 德语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139, 意大利语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139, 土耳其语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139, 朝鲜语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139, 斯洛伐克语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139, 希腊语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139, 捷克语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139, 希伯来语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139, 日语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139, 丹麦语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139, 葡萄牙语（巴西）语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139, 葡萄牙语（葡萄牙）语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139, 繁体中文语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139, 立陶宛语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139, 泰国语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139, 克罗地亚语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139, 俄语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139, 瑞典语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139, 塞尔维亚语（拉丁语）语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139, 法语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139, 保加利亚语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139, 乌克兰语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139, 阿拉伯语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139, 波兰语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139, 芬兰语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139, 罗马尼亚语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139, 荷兰语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139, 匈牙利语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB982861, 用于 Windows 7 的 Windows Internet Explorer 9
KB2709981, Windows 7 更新程序 (KB2709981)
KB2574819, Windows 7 更新程序 (KB2574819)
KB2592687, Windows 7 更新程序 (KB2592687)
KB915597, Definition Update for Windows Defender - KB915597 (Definition 1.141.2103.0)
==================================
API HOOK
N/A
==================================
隐藏进程
N/A
==================================

复制代码

显示全部楼层 · 发表于 2012-12-19 17:24:51

2012-12-19,17:18:33

System Repair Engineer 2.8.4.1331
Smallfrogs (http://www.KZTechs.com)

Windows 7 Ultimate Edition Service Pack 1 (Build 7601) - 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描
计划任务
Windows 安全更新检查
API HOOK
隐藏进程

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<Sidebar><C:\Program Files\Windows Sidebar\sidebar.exe /autoRun>  [(Verified)Microsoft Windows]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<HDAudDeck><C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r>  [(Verified)VIA Technologies Inc.]
<MWREGICBC.exe><"C:\Program Files\ICBCEbankTools\MingWah\MWREGICBC.exe">  [(Verified)Shenzhen Mingwah Aohan Digital Security Technology Co.,Ltd.]
<ICBCEBankAssist><"C:\Program Files\ICBCEbankTools\ICBCSetupIntegration\RunEBank.exe">  [(Verified)Industrial and Commercial Bank of China Limited]
<ZyngaGamesAgent><"C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe">  [(Verified)Splashtop Inc.]
<AVP><"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe">  [(Verified)Kaspersky Lab]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><explorer.exe>  [(Verified)Microsoft Windows]
<Userinit><C:\Windows\system32\userinit.exe,>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<WebCheck><>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
<Microsoft Windows Media Player><%SystemRoot%\system32\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><C:\Windows\System32\ie4uinit.exe -UserIconConfig>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
<Browser Customizations><"C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Windows><"%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
<Windows Desktop Update><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
<Web Platform Customizations><C:\Windows\System32\ie4uinit.exe -BaseSettings>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install>  [(Verified)Microsoft Corporation]

==================================
启动文件夹
N/A

==================================
服务
[Adobe Acrobat Update Service / AdobeARMservice][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe"><Adobe Systems Incorporated>
[Adobe Flash Player Update Service / AdobeFlashPlayerUpdateSvc][Stopped/Manual Start]
  <C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe><Adobe Systems Incorporated>
[Alipay security service / AlipaySecSvc][Running/Auto Start]
  <C:\Program Files\alipay\alieditplus\AlipaySecSvc.exe><Alipay Inc.>
[AppleChargerSrv / AppleChargerSrv][Stopped/Manual Start]
  <system32\AppleChargerSrv.exe><(File is missing)>
[卡巴斯基反病毒服务 / AVP][Running/Auto Start]
  <"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe" -r><Kaspersky Lab ZAO>
[Baidu Updater / BaiduUpdater][Stopped/Manual Start]
  <C:\Program Files\Baidu\BaiduUpdate\bdupdate.exe><Baidu.com, Inc.>
[CAJ Service Host / CAJ Service Host][Running/Auto Start]
  <"C:\Program Files\TTKN\CAJVD\CAJSHost.exe"><Tongfang Knowledge Network Technology(Beijing) Co., Ltd.>
[FLEXnet Licensing Service / FLEXnet Licensing Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"><Macrovision Europe Ltd.>
[Google 更新服务 (gupdate) / gupdate][Stopped/Manual Start]
  <"C:\Program Files\Google\Update\GoogleUpdate.exe" /svc><Google Inc.>
[Google 更新服务 (gupdatem) / gupdatem][Stopped/Manual Start]
  <"C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc><Google Inc.>
[Google Software Updater / gusvc][Stopped/Manual Start]
  <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[ICBC Daemon Service / ICBC Daemon Service][Running/Auto Start]
  <C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\ICBC_WIN32\IcbcDaemon.exe><N/A>
[Intel(R) Management and Security Application Local Management Service / LMS][Running/Auto Start]
  <C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe><Intel Corporation>
[MotoHelper Service / MotoHelper][Stopped/Manual Start]
  <C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe><>
[NVIDIA Driver Helper Service / NVSvc][Running/Auto Start]
  <C:\Windows\system32\nvvsvc.exe><NVIDIA Corporation>
[Splashtop Connect Service / SCBackService][Running/Auto Start]
  <C:\Program Files\Splashtop\Splashtop Connect\BackService.exe><Splashtop Inc.>
[Splashtop Software Updater Service / SSUService][Stopped/Manual Start]
  <C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe><Splashtop Inc.>
[NVIDIA Stereoscopic 3D Driver Service / Stereo Service][Running/Auto Start]
  <C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe><NVIDIA Corporation>
[Intel(R) Management and Security Application User Notification Service / UNS][Running/Auto Start]
  <"C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"><Intel Corporation>
[VIA Karaoke digital mixer Service / VIAKaraokeService][Running/Auto Start]
  <C:\Windows\system32\viakaraokesrv.exe><VIA Technologies, Inc.>
[Splashtop Connect Firefox Software Updater Service / WCUService_STC_FF][Running/Auto Start]
  <C:\Program Files\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe><Splashtop Inc.>

==================================
驱动程序
[adp94xx / adp94xx][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\adp94xx.sys><Adaptec, Inc.>
[adpahci / adpahci][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\adpahci.sys><Adaptec, Inc.>
[adpu320 / adpu320][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\adpu320.sys><Adaptec, Inc.>
[aic78xx / aic78xx][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\djsvs.sys><Adaptec, Inc.>
[aliide / aliide][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\aliide.sys><Acer Laboratories Inc.>
[amdsata / amdsata][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\amdsata.sys><Advanced Micro Devices>
[amdsbs / amdsbs][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\amdsbs.sys><AMD Technologies Inc.>
[amdxata / amdxata][Running/Boot Start]
  <\SystemRoot\system32\drivers\amdxata.sys><Advanced Micro Devices>
[AppleCharger / AppleCharger][Running/System Start]
  <system32\DRIVERS\AppleCharger.sys><N/A>
[arc / arc][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\arc.sys><Adaptec, Inc.>
[arcsas / arcsas][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\arcsas.sys><Adaptec, Inc.>
[Broadcom NetXtreme II VBD / b06bdrv][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\bxvbdx.sys><Broadcom Corporation>
[Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 / b57nd60x][Stopped/Manual Start]
  <system32\DRIVERS\b57nd60x.sys><Broadcom Corporation>
[Brother USB Mass-Storage Lower Filter Driver / BrFiltLo][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\BrFiltLo.sys><Brother Industries, Ltd.>
[Brother USB Mass-Storage Upper Filter Driver / BrFiltUp][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\BrFiltUp.sys><Brother Industries, Ltd.>
[Brother MFC Serial Port Interface Driver (WDM) / Brserid][Stopped/Manual Start]
  <\SystemRoot\System32\Drivers\Brserid.sys><Brother Industries Ltd.>
[Brother WDM Serial driver / BrSerWdm][Stopped/Manual Start]
  <\SystemRoot\System32\Drivers\BrSerWdm.sys><Brother Industries Ltd.>
[Brother MFC USB Fax Only Modem / BrUsbMdm][Stopped/Manual Start]
  <\SystemRoot\System32\Drivers\BrUsbMdm.sys><Brother Industries Ltd.>
[Brother MFC USB Serial WDM Driver / BrUsbSer][Stopped/Manual Start]
  <\SystemRoot\System32\Drivers\BrUsbSer.sys><Brother Industries Ltd.>
[cmdide / cmdide][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\cmdide.sys><CMD Technology, Inc.>
[Broadcom NetXtreme II 10 GigE VBD / ebdrv][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\evbdx.sys><Broadcom Corporation>
[EfiSystemMon / EfiMon][Running/System Start]
  <System32\Drivers\Efimon.sys><360安全中心>
[elxstor / elxstor][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\elxstor.sys><Emulex>
[gdrv / gdrv][Stopped/Manual Start]
  <\??\C:\Windows\gdrv.sys><N/A>
[Hauppauge Consumer Infrared Receiver / hcw85cir][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\hcw85cir.sys><Hauppauge Computer Works, Inc.>
[HpSAMD / HpSAMD][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\HpSAMD.sys><Hewlett-Packard Company>
[HTC Device Driver / HTCAND32][Stopped/Manual Start]
  <System32\Drivers\ANDROIDUSB.sys><HTC, Corporation>
[Intel RAID Controller Windows 7 / iaStorV][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\iaStorV.sys><Intel Corporation>
[iirsp / iirsp][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\iirsp.sys><Intel Corp./ICP vortex GmbH>
[kl1 / kl1][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\kl1.sys><Kaspersky Lab ZAO>
[Kaspersky Lab Driver / KLIF][Running/System Start]
  <system32\DRIVERS\klif.sys><Kaspersky Lab>
[Kaspersky Anti-Virus NDIS 6 Filter / KLIM6][Running/System Start]
  <system32\DRIVERS\klim6.sys><Kaspersky Lab ZAO>
[Kaspersky Lab KLKBDFLT / klkbdflt][Running/Manual Start]
  <system32\DRIVERS\klkbdflt.sys><Kaspersky Lab>
[Kaspersky Lab KLMOUFLT / klmouflt][Running/Manual Start]
  <system32\DRIVERS\klmouflt.sys><Kaspersky Lab>
[kltdi / kltdi][Running/System Start]
  <system32\DRIVERS\kltdi.sys><Kaspersky Lab>
[kneps / kneps][Running/System Start]
  <system32\DRIVERS\kneps.sys><Kaspersky Lab>
[NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller / L1C][Running/Manual Start]
  <system32\DRIVERS\L1C62x86.sys><Atheros Communications, Inc.>
[LSI_FC / LSI_FC][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\lsi_fc.sys><LSI Corporation>
[LSI_SAS / LSI_SAS][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\lsi_sas.sys><LSI Corporation>
[LSI_SAS2 / LSI_SAS2][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\lsi_sas2.sys><LSI Corporation>
[LSI_SCSI / LSI_SCSI][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\lsi_scsi.sys><LSI Corporation>
[megasas / megasas][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\megasas.sys><LSI Corporation>
[MegaSR / MegaSR][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\MegaSR.sys><LSI Corporation, Inc.>
[Intel(R) Management Engine Interface / MEI][Running/Manual Start]
  <system32\DRIVERS\HECI.sys><Intel Corporation>
[Mot ADB Interface Driver / motandroidusb][Stopped/Manual Start]
  <System32\Drivers\motoandroid.sys><Motorola>
[nfrd960 / nfrd960][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\nfrd960.sys><IBM Corporation>
[Service for NVIDIA High Definition Audio Driver / NVHDA][Running/Manual Start]
  <system32\drivers\nvhda32v.sys><NVIDIA Corporation>
[nvlddmkm / nvlddmkm][Running/Manual Start]
  <system32\DRIVERS\nvlddmkm.sys><NVIDIA Corporation>
[nvraid / nvraid][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\nvraid.sys><NVIDIA Corporation>
[nvstor / nvstor][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\nvstor.sys><NVIDIA Corporation>
[ql2300 / ql2300][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\ql2300.sys><QLogic Corporation>
[ql40xx / ql40xx][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\ql40xx.sys><QLogic Corporation>
[QQProtect / QQProtect][Running/System Start]
  <\??\C:\Windows\system32\drivers\QQProtect.sys><Tencent>
[SiSRaid2 / SiSRaid2][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\SiSRaid2.sys><Silicon Integrated Systems Corp.>
[SiSRaid4 / SiSRaid4][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\sisraid4.sys><Silicon Integrated Systems>
[stexstor / stexstor][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\stexstor.sys><Promise Technology>
[TesSafe / TesSafe][Stopped/Manual Start]
  <\??\C:\Windows\system32\TesSafe.sys><TENCENT>
[Apple Mobile USB Driver / USBAAPL][Stopped/Manual Start]
  <System32\Drivers\usbaapl.sys><Apple, Inc.>
[VGPU / VGPU][Stopped/Manual Start]
  <System32\drivers\rdvgkmd.sys><N/A>
[VIA High Definition Audio Driver Service / VIAHdAudAddService][Running/Manual Start]
  <system32\drivers\viahduaa.sys><VIA Technologies, Inc.>
[viaide / viaide][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\viaide.sys><VIA Technologies, Inc.>
[vsmraid / vsmraid][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\vsmraid.sys><VIA Technologies Inc.,Ltd>
[Look 312P / ZSMC301b][Stopped/Manual Start]
  <System32\Drivers\usbVM31b.sys><VM>

==================================
浏览器加载项
[VideoUrlSniffer Class]
  {00000ADA-7E0D-47C1-986C-F017D09C4304} <C:\Users\Public\Thunder Network\XMP4\Core\Program\VideoUrlSniffer.2.0.3.100.(545).dll, (Signed) 深圳市迅雷网络技术有限公司>
[Splashtop Connect VisualBookmark]
  {0E5680D1-BF44-4929-94AF-FD30D784AD1D} <C:\Program Files\Splashtop\Splashtop Connect IE\STC.dll, (Signed) Splashtop Inc.>
[迅雷FLV视频嗅探及下载支持]
  {0EA37B17-6B8B-4085-8257-F3A4AA69C27A} <C:\Program Files\Thunder Network\Thunder\BHO\XlBrowserAddin1.0.8.71.dll, (Signed) 深圳市迅雷网络技术有限公司>
[Adobe PDF Link Helper]
  {18DF081C-E8AD-4283-A596-FA578C2EBDC3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll, (Signed) Adobe Systems Incorporated>
[Content Blocker Plugin]
  {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll, (Signed) Kaspersky Lab ZAO>
[Virtual Keyboard Plugin]
  {73455575-E40C-433C-9784-C78DC7761455} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll, (Signed) Kaspersky Lab ZAO>
[迅雷下载支持]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\BHO\XunleiBHO7.2.10.3694.dll, (Signed) 深圳市迅雷网络技术有限公司>
[Safe Money Plugin]
  {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll, (Signed) Kaspersky Lab ZAO>
[QvodExtend]
  {A8502600-B272-4F68-A67B-A0305D46D297} <C:\Program Files\QvodPlayer\QvodExtend.dll, (Signed) Shenzhen QVOD Technology Co.,Ltd>
[ICBC Anti-Phishing class]
  {BB4491A2-D11A-4c6b-91C0-B53246A3122B} <C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\ICBC_WIN32\Icbc_AntiPhishing.dll, (Signed) 中国工商银行>
[URL Advisor Plugin]
  {E33CF602-D945-461A-83F0-819F76A199F8} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll, (Signed) Kaspersky Lab ZAO>
[VirtualKeyboardToolbarButtonHandler Class]
  {0C4CC089-D306-440D-9772-464E226F6539} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll, (Signed) Kaspersky Lab ZAO>
[]
  {14c1d00e-0b92-4379-880b-444fa2d740dd} <, >
[迅雷看看播放器]
  {24c1d00e-0b92-4379-880b-444fa2d740dd} <, >
[迅雷看看]
  {5D578929-E74E-46A2-A810-4F33D011DC52} <C:\Program Files\Common Files\Thunder Network\Kankan\XLStartKankan.exe, (Signed) N/A>
[信息检索(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, (Signed) Microsoft Corporation>
[FilterButtonHandler Class]
  {CCF151D8-D089-449F-A5A4-D9909053F20F} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll, (Signed) Kaspersky Lab ZAO>
[Splashtop Connect SidebarIEButton]
  {9E508DD9-844C-4985-AC11-AFE5DD71E0BF} <C:\Program Files\Splashtop\Splashtop Connect IE\STC.dll, (Signed) Splashtop Inc.>
[iTrusPTA Class]
  {1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\Windows\system32\aliedit\3.2.0.0\pta.dll, (Signed) iTruschina Co., Ltd.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\Windows\system32\Macromed\Flash\Flash32_11_5_502_135.ocx, (Signed) Adobe Systems, Inc.>
[PPLive Lite Class]
  {EF0D1A14-1033-41A2-A589-240C01EDC078} <C:\Program Files\Internet Explorer\PPLite\plugin\pplugin2.dll, (Signed) >
[VideoUrlSniffer Class]
  {00000ADA-7E0D-47C1-986C-F017D09C4304} <C:\Users\Public\Thunder Network\XMP4\Core\Program\VideoUrlSniffer.2.0.3.100.(545).dll, (Signed) 深圳市迅雷网络技术有限公司>
[AliCertDOCtrl Class]
  {08D512D2-7D97-4E22-B7DB-82791106C086} <C:\Users\wj\AppData\Roaming\alipay\cf\alicdo.dll, (Signed) Alipay>
[迅雷FLV视频嗅探及下载支持代{过}{滤}理]
  {0C27ADC4-E826-4620-A3A7-990D7E05545F} <C:\Program Files\Thunder Network\Thunder\BHO\XlBrowserAddin1.0.8.71.dll, (Signed) 深圳市迅雷网络技术有限公司>
[AliSetupOneClick Class]
  {0C2BA4AD-7E82-4593-845F-E4160E567752} <C:\Users\wj\AppData\Local\Alibaba Cloud Computing\AliSetup\0.2.1.19\npAliSetupOneClick.dll, (Signed) alibaba>
[]
  {0C4CC089-D306-440D-9772-464E226F6539} <, >
[Splashtop Connect VisualBookmark]
  {0E5680D1-BF44-4929-94AF-FD30D784AD1D} <C:\Program Files\Splashtop\Splashtop Connect IE\STC.dll, (Signed) Splashtop Inc.>
[迅雷FLV视频嗅探及下载支持]
  {0EA37B17-6B8B-4085-8257-F3A4AA69C27A} <C:\Program Files\Thunder Network\Thunder\BHO\XlBrowserAddin1.0.8.71.dll, (Signed) 深圳市迅雷网络技术有限公司>
[certInStall Class]
  {0EB487C8-E9AC-43A6-8C4C-083999B0622F} <C:\Windows\system32\CERTIN~1.DLL, (Signed) >
[]
  {0F3DC9E0-C459-4A40-BCF8-747BD9322E10} <, >
[]
  {14C1D00E-0B92-4379-880B-444FA2D740DD} <, >
[Fade]
  {16B280C5-EE70-11D1-9066-00C04FD9189D} <C:\Windows\System32\Dxtmsft.dll, (Signed) Microsoft Corporation>
[Adobe PDF Link Helper]
  {18DF081C-E8AD-4283-A596-FA578C2EBDC3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll, (Signed) Adobe Systems Incorporated>
[]
  {1BC4E1F9-758D-4BDA-A7DE-A9E1DA7D1E41} <, >
[InstallHelper Class]
  {1DABF8D5-8430-4985-9B7F-A30E53D709B3} <C:\Windows\system32\MMInstaller.dll, (Signed) Tencent>
[iTrusPTA Class]
  {1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\Windows\system32\aliedit\3.2.0.0\pta.dll, (Signed) iTruschina Co., Ltd.>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\Windows\System32\wmpdxm.dll, (Signed) Microsoft Corporation>
[]
  {2318C2B1-4965-11D4-9B18-009027A5CD4F} <, >
[QQCPHelper.CPAdder]
  {23752AA7-CAD7-40C2-99EE-7A9CD3C20C6D} <d:\Tencent\QQ\Bin\CPHelper.dll, (Signed) Tencent>
[]
  {24C1D00E-0B92-4379-880B-444FA2D740DD} <, >
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <C:\Windows\System32\mshtml.dll, (Signed) Microsoft Corporation>
[SSOLoginCtrl Class]
  {26C3F8B0-0217-46A1-AB2D-A1B494E71402} <C:\Program Files\AliWangWang\7.20.37C\AliIMSSOLogin.dll, (Signed) 阿里巴巴（中国）有限公司>
[XML DOM Document]
  {2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[]
  {2B6A6FF5-EF83-4010-9BB6-F170F5910A43} <, >
[HtmlDlgSafeHelper Class]
  {3050F819-98B5-11CF-BB82-00AA00BDCE0B} <C:\Windows\System32\mshtmled.dll, (Signed) Microsoft Corporation>
[]
  {30A3ACF9-DA6E-4CA0-A081-E06282DF1C64} <, >
[Axcleanctrl Class]
  {36C9539B-49D2-01C7-9C6D-10DACDFEA59C} <C:\Windows\system32\icbcclean.dll, (Signed) >
[]
  {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <, >
[icbc_mwusbkeyCtl Class]
  {3B3FE354-548D-4DA2-BEC2-52960C31F8E7} <C:\Windows\DOWNLO~1\ICBC_M~1.DLL, (Signed) >
[Splashtop Connect SideBar]
  {42262EC6-50E2-43B1-B0EF-A07DEEF7E241} <C:\Program Files\Splashtop\Splashtop Connect IE\STC.dll, (Signed) Splashtop Inc.>
[]
  {4248FE82-7FCB-46AC-B270-339F08212110} <, >
[XML Document]
  {48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <C:\Program Files\Thunder Network\Thunder\BHO\ThunderAgent7.2.10.3694.dll, (Signed) 深圳市迅雷网络技术有限公司>
[EditCtrl Class]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\Windows\system32\aliedit\3.2.0.0\aliedit.dll, (Signed) >
[]
  {4F720B9D-09C3-3806-640A-7FE3E0A1EB27} <, >
[]
  {4F9FD89A-24F0-4FB7-9635-D54B3593B85B} <, >
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <%SystemRoot%\System32\hhctrl.ocx, (Signed) N/A>
[Content Blocker Plugin]
  {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll, (Signed) Kaspersky Lab ZAO>
[]
  {58C094A4-645C-4CB3-B4AB-FEAEF6C84D7A} <, >
[]
  {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} <, >
[WangWangX Class]
  {5D09DD40-CDC4-4C56-B615-0D1E3B357C2B} <C:\Program Files\AliWangWang\7.20.37C\AliIMX.dll, (Signed) Alibaba software (Shanghai) Corporation.>
[]
  {5D578929-E74E-46A2-A810-4F33D011DC52} <, >
[迅雷发行IE支持]
  {5FFF24BC-DC02-4808-B4E0-A8E2C93FE407} <C:\Program Files\Thunder Network\Thunder\BHO\xlfxctrl1.0.1.64.dll, (Signed) 深圳市迅雷网络技术有限公司>
[]
  {62D022C8-6EB3-4E06-8101-99D3379620C6} <, >
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <%SystemRoot%\system32\wmp.dll, (Signed) N/A>
[Access UserInfo by Script]
  {6EE9CD3E-A386-4DAE-9737-A759DBF927AE} <c:\program files\thunder network\xmp\Program\UserAgent1.0.2.17.dll, (Signed) Thunder Networking Technologies,LTD>
[Virtual Keyboard Plugin]
  {73455575-E40C-433C-9784-C78DC7761455} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll, (Signed) Kaspersky Lab ZAO>
[AxInputControl Class]
  {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\Windows\system32\InputControl.dll, (Signed) >
[VirtualKeyboardJavascriptApi Class]
  {740E50B9-8CDB-4A47-A519-E6F99D97CD4C} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll, (Signed) Kaspersky Lab ZAO>
[CAJAX Control]
  {78E87ACB-656E-4257-961D-3FADBE77A626} <C:\PROGRA~1\COMMON~1\TTKN\Bin\CAJAX.ocx, (Signed) Tongfang Knowledge Network Technology(Beijing) Co., Ltd.>
[CertEnroll Class]
  {7978461C-CC22-48F2-BC69-02220D3E101D} <C:\Windows\system32\aliedit\3.2.0.0\itrusenroll.dll, (Signed) iTruschina Co., Ltd.>
[QvodShare Class]
  {7C6D5EE5-C859-4B49-8F7B-DE0927D1C3E9} <C:\Program Files\QvodPlayer\npShareModule.dll, (Signed) Shenzhen QVOD Technology Co.,Ltd>
[XunleiBHO Class]
  {802F530B-A8F6-4631-AE49-6BACAAC6373E} <C:\Program Files\Thunder Network\Thunder\BHO\XunleiBHO7.2.10.3694.dll, (Signed) 深圳市迅雷网络技术有限公司>
[yy_checker]
  {82404416-4C60-47F8-BA06-90BA7261C3AE} <C:\Program Files\Common Files\duowan\yy4.0\YYSSO\1.0.0.3\npChecker.dll, (Signed) 广州多玩信息技术有限公司>
[AxAssistComm Class]
  {84894428-B1F9-4C88-8A45-D6B8524E53B3} <C:\Program Files\ICBCEbankTools\ICBCSetupIntegration\IcbcAssistComm.dll, (Signed) Industrial and Commercial Bank of China>
[]
  {87515F61-A66C-4319-A0E0-D416CB8059E3} <, >
[Microsoft Web Browser]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\Windows\System32\ieframe.dll, (Signed) Microsoft Corporation>
[迅雷下载支持]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\BHO\XunleiBHO7.2.10.3694.dll, (Signed) 深圳市迅雷网络技术有限公司>
[XML HTTP 4.0]
  {88D969C5-F192-11D4-A65F-0040963251E5} <C:\Windows\system32\msxml4.dll, (Signed) Microsoft Corporation>
[XML DOM Document 5.0]
  {88D969E5-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll, (Signed) Microsoft Corporation>
[XML HTTP 5.0]
  {88D969EA-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll, (Signed) Microsoft Corporation>
[XML DOM Document 6.0]
  {88D96A05-F192-11D4-A65F-0040963251E5} <%SystemRoot%\System32\msxml6.dll, (Signed) N/A>
[XML HTTP 6.0]
  {88D96A0A-F192-11D4-A65F-0040963251E5} <%SystemRoot%\System32\msxml6.dll, (Signed) N/A>
[AxSubmitControl Class]
  {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\Windows\system32\SubmitControl.dll, (Signed) >
[SecCtrl Class]
  {8EB7C6CB-2DA6-4ABE-B2EA-EAC5A372E757} <C:\Windows\system32\aliedit\3.2.0.0\npAliSecCtrl.dll, (Signed) Alipay.com Inc. >
[]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <, >
[IEKeyControl Class]
  {93E730CA-32AA-4C56-B5FB-65932E954CFE} <C:\Windows\system32\IE_FULL_SCREEN.dll, (Signed) Industrial and Commercial Bank of China>
[VASensor Class]
  {96CD6DA7-17F2-4576-82B0-BE4526FB7D6B} <C:\Program Files\Common Files\Thunder Network\KanKan\kkva.1.0.0.14.(546).dll, (Signed) 深圳市迅雷网络技术有限公司>
[OFrameObject Class]
  {9701758C-4373-482E-B13C-776C048EC890} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.7201.438.(546).dll, (Signed) ShenZhen Thunder Networking Technologies Ltd.>
[]
  {9A4BD730-AFCA-4CB8-9370-E921C330F3EE} <, >
[]
  {9A5B3139-7DF8-5AC6-FE1C-F4AA45347544} <, >
[]
  {9E508DD9-844C-4985-AC11-AFE5DD71E0BF} <, >
[Safe Money Plugin]
  {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll, (Signed) Kaspersky Lab ZAO>
[VersionDetector Class]
  {9EFF1953-9694-47B1-AEF6-B2A3FE8BFE9C} <C:\Program Files\Common Files\Thunder Network\KanKan\kkvd.1.0.0.2.(101).dll, (Signed) ShenZhen Thunder Networking Technologies,Ltd.>
[QvodExtend]
  {A8502600-B272-4F68-A67B-A0305D46D297} <C:\Program Files\QvodPlayer\QvodExtend.dll, (Signed) Shenzhen QVOD Technology Co.,Ltd>
[APlayer3 Control]
  {A9332148-C691-4B9D-91FC-B9C461DBE9DD} <C:\Users\Public\Thunder Network\APlayer\APlayer_3.0.4.533.dll, (Signed) ShenZhen Thunder Networking Technologies, LTD>
[RMGetLicense Class]
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\Windows\System32\msnetobj.dll, (Signed) Microsoft Corporation>
[]
  {AA58ED58-01DD-4D91-8333-CF10577473F7} <, >
[DapCtrl Class]
  {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.7201.438.(546).dll, (Signed) ShenZhen Thunder Networking Technologies Ltd.>
[LiveDapCtrl Class]
  {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F9} <C:\Program Files\Common Files\Thunder Network\KanKan\LiveDapCtrl.1.0.0.10.(546).dll, (Signed) ShenZhen Thunder Networking Technologies Ltd.>
[]
  {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <, >
[InfoSecICBCNetSign Class]
  {B1FBC1AD-5644-4084-882A-0F8BA85E7506} <C:\Windows\system32\ICBC_N~1.DLL, (Signed) Infosec Technologies Co., Ltd.>
[GtjaUsbKeyApi Class]
  {B402DE16-5DB2-42B8-A4EB-277F3E3D91CE} <C:\gtja\ActiveX\GtjaUsbKey.dll, (Signed) >
[]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <, >
[]
  {B771147A-4CC8-450E-8AB1-7D47821751B1} <, >
[ICBC Anti-Phishing class]
  {BB4491A2-D11A-4C6B-91C0-B53246A3122B} <C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\ICBC_WIN32\Icbc_AntiPhishing.dll, (Signed) 中国工商银行>
[FTNUpload Class]
  {BDEACC50-F56D-4D60-860F-CF6ED1766D65} <C:\Program Files\Common Files\Tencent\TXFTN\TXFTNActiveX1.17.dll, (Signed) Tencent>
[]
  {C16931A2-66BC-4D4C-9E22-348BA7C86DE1} <, >
[Adobe PDF Reader]
  {CA8A9780-280D-11CF-A24D-444553540000} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll, (Signed) Adobe Systems, Inc.>
[FilterButtonHandler Class]
  {CCF151D8-D089-449F-A5A4-D9909053F20F} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll, (Signed) Kaspersky Lab ZAO>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <%SystemRoot%\system32\wmp.dll, (Signed) N/A>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <%SystemRoot%\system32\wmp.dll, (Signed) N/A>
[VIDEO__MP4 Moniker Class]
  {CD3AFA99-B84F-48F0-9393-7EDC34128127} <%SystemRoot%\system32\wmp.dll, (Signed) N/A>
[Microsoft Url Search Hook]
  {CFBFAE00-17A6-11D0-99CB-00C04FD64497} <C:\Windows\System32\ieframe.dll, (Signed) Microsoft Corporation>
[]
  {D18A0B52-D63C-4ED0-AFC6-C1E3DC1AF43A} <, >
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\Windows\system32\Macromed\Flash\Flash32_11_5_502_135.ocx, (Signed) Adobe Systems, Inc.>
[xoliimpl Class]
  {DD5BF6D1-6663-47E0-9DFA-5C343CAF178E} <C:\Windows\xinstaller.dll, (Signed) 深圳市迅雷技术有限公司>
[Microsoft Silverlight]
  {DFEAF541-F3E1-4C24-ACAC-99C30715084A} <C:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll,  Microsoft Corporation>
[PlayerCtrl Class]
  {E05BC2A3-9A46-4A32-80C9-023A473F5B23} <d:\Tencent\QQMusic\QzoneMusic.dll, (Signed) Tencent>
[URL Advisor Plugin]
  {E33CF602-D945-461A-83F0-819F76A199F8} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll, (Signed) Kaspersky Lab ZAO>
[icbc_mwdvctrl Class]
  {E6C2DD02-CD38-41A1-9B69-3D7E3B64AF9A} <C:\Windows\system32\ICBC_M~1.DLL, (Signed) MingWah>
[SSOForPTLogin2 Class]
  {EAAED308-7322-4B9B-965E-171933ADD473} <C:\Program Files\Common Files\Tencent\TXSSO\1.2.1.87\Bin\npSSOAxCtrlForPTLogin.dll, (Signed) Tencent>
[XML HTTP Request]
  {ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[PPLive Lite Class]
  {EF0D1A14-1033-41A2-A589-240C01EDC078} <C:\Program Files\Internet Explorer\PPLite\plugin\pplugin2.dll, (Signed) >
[QvodCtrl Class]
  {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\npQvodInsert.dll, (Signed) Shenzhen QVOD Technology Co.,Ltd>
[]
  {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <, >
[]
  {F486C5D5-5A91-43D2-B8B7-FD40A71FDB18} <, >
[XML DOM Document 3.0]
  {F5078F32-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[XML HTTP 3.0]
  {F5078F35-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[AxPlayer Class]
  {F587310D-5306-494D-87E2-88334B46E781} <C:\Program Files\Baofeng\StormPlayer\webplayer\PlayerShell.dll, (Signed) 北京暴风科技股份有限公司>
[XML DOM Document]
  {F6D90F11-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[XML HTTP]
  {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[ssoActivex Class]
  {FAC87377-9586-4C72-A614-8C9B3CA1BF5B} <C:\gtja\ActiveX\ssoLib.dll, (Signed) >
[webmod Class]
  {FEE3C8C5-9BEA-4079-AB36-63ECABFC7392} <C:\Windows\system32\aliedit\3.2.0.0\alidcp.dll, (Signed) Alipay.com Co.,Ltd>
[&使用&迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\BHO\geturl.htm, N/A>
[&使用&迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\BHO\GetAllUrl.htm, N/A>
[&使用&迅雷离线下载]
  <C:\Program Files\Thunder Network\Thunder\BHO\OfflineDownload.htm, N/A>
[&使用115优蛋下载]
  <, >
[&使用115优蛋下载全部链接]
  <, >
[使用迅雷看看播放器播放]
  <C:\Users\Public\Thunder Network\XMP4\Core\Program\XmpIEMenu.htm, N/A>
[添加到卡巴斯基反广告列表]
  <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm, N/A>
[添加当前页到迅雷看看播放器标签]
  <C:\Users\Public\Thunder Network\XMP4\Core\Program\XmpIEMenuAddStoreTab.htm, N/A>

==================================
正在运行的进程
[PID: 372 / SYSTEM][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 496 / SYSTEM][C:\Windows\system32\csrss.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 572 / SYSTEM][C:\Windows\system32\wininit.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 584 / SYSTEM][C:\Windows\system32\csrss.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 660 / SYSTEM][C:\Windows\system32\services.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 668 / SYSTEM][C:\Windows\system32\lsass.exe]  [(Verified) Microsoft Corporation, 6.1.7601.17725 (win7sp1_gdr.111116-1503)]
[PID: 676 / SYSTEM][C:\Windows\system32\lsm.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 716 / SYSTEM][C:\Windows\system32\winlogon.exe]  [(Verified) Microsoft Corporation, 6.1.7601.17514 (win7sp1_rtm.101119-1850)]
[PID: 804 / SYSTEM][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 864 / SYSTEM][C:\Windows\system32\nvvsvc.exe]  [NVIDIA Corporation, 8.17.12.6633]
[C:\Program Files\NVIDIA Corporation\Display\NVXDBat.dll]  [NVIDIA Corporation, 7.17.12.6633]
[PID: 904 / NETWORK SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 996 / LOCAL SERVICE][C:\Windows\System32\svchost.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[C:\Windows\system32\VIASysFx.dll]  [VIA Technologies, Inc., 6.0.01.9100]
[PID: 1044 / SYSTEM][C:\Windows\System32\svchost.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 1076 / SYSTEM][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 1216 / LOCAL SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 1332 / NETWORK SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 1460 / SYSTEM][C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe]  [NVIDIA Corporation, 7.17.12.6633]
[C:\Program Files\NVIDIA Corporation\Display\NVXDApiX.dll]  [NVIDIA Corporation, 7.17.12.6633]
[C:\Program Files\NVIDIA Corporation\Display\NvUI.dll]  [NVIDIA Corporation, 7.17.12.6633]
[C:\Windows\system32\nvapi.dll]  [NVIDIA Corporation, 8.17.12.6633]
[C:\Program Files\NVIDIA Corporation\Display\NVXDBat.dll]  [NVIDIA Corporation, 7.17.12.6633]
[PID: 1472 / SYSTEM][C:\Windows\system32\nvvsvc.exe]  [NVIDIA Corporation, 8.17.12.6633]
[C:\Windows\system32\NVSVC.DLL]  [NVIDIA Corporation, 8.17.12.6633]
[C:\Windows\system32\nvapi.dll]  [NVIDIA Corporation, 8.17.12.6633]
[C:\Windows\system32\NVSVCR.DLL]  [NVIDIA Corporation, 8.17.12.6633]
[C:\Program Files\NVIDIA Corporation\Display\NVXDBat.dll]  [NVIDIA Corporation, 7.17.12.6633]
[C:\Program Files\NVIDIA Corporation\Display\NVXDPlcy.dll]  [NVIDIA Corporation, 7.17.12.6633]
[PID: 1544 / SYSTEM][C:\Windows\System32\spoolsv.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 1592 / LOCAL SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 1616 / LOCAL SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 1760 / SYSTEM][C:\Program Files\alipay\alieditplus\AlipaySecSvc.exe]  [Alipay Inc. , 1, 0, 14, 0]
[PID: 2032 / SYSTEM][C:\Program Files\TTKN\CAJVD\CAJSHost.exe]  [Tongfang Knowledge Network Technology(Beijing) Co., Ltd., 1, 0,56, 0]
[PID: 440 / SYSTEM][C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\ICBC_WIN32\IcbcDaemon.exe]  [N/A, ]
[PID: 516 / SYSTEM][C:\Program Files\Splashtop\Splashtop Connect\BackService.exe]  [Splashtop Inc., 1.0.4.0]
[PID: 432 / SYSTEM][C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe]  [NVIDIA Corporation, 7.17.12.6633]
[PID: 760 / LOCAL SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 920 / SYSTEM][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 1324 / SYSTEM][C:\Windows\system32\viakaraokesrv.exe]  [VIA Technologies, Inc., ]
[PID: 1504 / SYSTEM][C:\Program Files\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe]  [Splashtop Inc., 1.1.7.1                      ]
[PID: 2156 / wj][C:\Windows\system32\taskhost.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 2256 / wj][C:\Windows\system32\Dwm.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[C:\Windows\system32\nvwgf2um.dll]  [NVIDIA Corporation, 8.17.12.6633]
[PID: 2528 / NETWORK SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 2640 / wj][C:\Windows\Explorer.EXE]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[C:\Program Files\Common Files\Thunder Network\KanKan\xappex.1.1.1.62.(547).dll]  [深圳市迅雷网络技术有限公司, 1, 1, 1, 62]
[C:\Users\Public\Thunder Network\KanKan\Pusher\xappdrv.1.0.0.62.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 0, 62]
[C:\Windows\system32\FXSAPI.dll]  [Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[C:\Windows\system32\nvshext.dll]  [NVIDIA Corporation, 266.33]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\prremote.dll]  [Kaspersky Lab ZAO, 13.0.1.4190]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\prloader.dll]  [Kaspersky Lab ZAO, 13.0.1.4190]
[C:\Program Files\WinRAR\rarext.dll]  [, ]
[C:\Program Files\QvodPlayer\QvodBand.dll]  [Shenzhen QVOD Technology Co.,Ltd, 3, 0, 0, 0]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\shellex.dll]  [Kaspersky Lab ZAO, 13.0.1.4190]
[C:\PROGRA~1\Wopti\WOPTIE~1.DLL]  [Wopti, 1.6.10.816]
[PID: 2652 / wj][C:\Program Files\alipay\SafeTransaction\AlipaySafeTran.exe]  [Alipay Inc. , 1, 1, 0, 0]
[C:\Program Files\alipay\SafeTransaction\AliPayST.dll]  [阿里巴巴云计算有限公司, 1, 1, 0, 2]
[C:\Windows\system32\aliedit\3.2.0.0\alidcp.dll]  [Alipay.com Co.,Ltd, 2.0.0.4]
[PID: 3068 / wj][C:\Program Files\alipay\SafeTransaction\Alipaybsm.exe]  [Alipay Inc. , 1, 0, 0, 9]
[C:\Windows\system32\aliedit\3.2.0.0\alidcp.dll]  [Alipay.com Co.,Ltd, 2.0.0.4]
[PID: 3244 / wj][C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe]  [VIA, 9.2.00.31]
[C:\Program Files\VIA\VIAudioi\VDeck\QsApoApi.dll]  [N/A, ]
[C:\Program Files\VIA\VIAudioi\VDeck\Dts2ApoApi.dll]  [N/A, ]
[C:\Program Files\VIA\VIAudioi\VDeck\Skin.dll]  [, 1, 0, 0, 1]
[C:\Program Files\VIA\VIAudioi\VDeck\Skin1.dll]  [TODO: <Company name>, 1.0.0.1]
[PID: 3312 / wj][C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe]  [Splashtop Inc., 1.0.4.0]
[C:\Program Files\Splashtop\Splashtop Connect\plugins\zyngagames\ZyngaGames.dll]  [Splashtop Inc., 1.0.4.0]
[PID: 3432 / wj][C:\Windows\system32\wbem\unsecapp.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 3548 / SYSTEM][C:\Windows\system32\wbem\wmiprvse.exe]  [(Verified) Microsoft Corporation, 6.1.7601.17514 (win7sp1_rtm.101119-1850)]
[PID: 3596 / SYSTEM][C:\Windows\system32\SearchIndexer.exe]  [(Verified) Microsoft Corporation, 7.00.7600.16385 (win7_rtm.090713-1255)]
[PID: 3240 / wj][C:\Program Files\Windows Sidebar\sidebar.exe]  [Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\scrchpg.dll]  [Kaspersky Lab ZAO, 13.0.1.4190]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\klscav.dll]  [Kaspersky Lab ZAO, 13.0.1.4190]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\remote_eka_prague_loader.dll]  [Kaspersky Lab ZAO, 13.0.1.4190]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\prremote.dll]  [Kaspersky Lab ZAO, 13.0.1.4190]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\prloader.dll]  [Kaspersky Lab ZAO, 13.0.1.4190]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\service.dll]  [Kaspersky Lab ZAO, 13.0.1.4190]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\eka_meta.dll]  [Kaspersky Lab ZAO, 13.0.1.4190]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\pxstub.ppl]  [Kaspersky Lab ZAO, 13.0.1.4242]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\params.ppl]  [Kaspersky Lab ZAO, 13.0.1.4220]
[C:\Windows\system32\nvd3dum.dll]  [NVIDIA Corporation, 8.17.12.6633]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\gadget.dll]  [Kaspersky Lab ZAO, 13.0.1.4190]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\nfio.ppl]  [Kaspersky Lab ZAO, 13.0.1.4190]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\winreg.ppl]  [Kaspersky Lab ZAO, 13.0.1.4190]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\thpimpl.ppl]  [Kaspersky Lab ZAO, 13.0.1.4190]
[PID: 3228 / SYSTEM][C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe]  [Intel Corporation, 7.0.0.1135]
[PID: 3472 / SYSTEM][C:\Windows\System32\svchost.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 1268 / SYSTEM][C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe]  [Intel Corporation, 7.0.0.1135]
[C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll]  [Intel Corporation, 3.0.0.1]
[C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll]  [Apache Software Foundation, 2, 7, 0]
[PID: 2468 / wj][C:\Windows\system32\taskmgr.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 1136 / NETWORK SERVICE][C:\Program Files\Windows Media Player\wmpnetwk.exe]  [Microsoft Corporation, 12.0.7600.16385 (win7_rtm.090713-1255)]
[PID: 4936 / wj][C:\Windows\system32\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe]  [Adobe Systems Incorporated, 11,5,502,135]
[C:\Windows\system32\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.dll]  [Adobe Systems, Inc., 11,5,502,135]
[PID: 5276 / wj][C:\Program Files\SogouInput\6.2.0.8278\SogouCloud.exe]  [Sogou.com Inc., 6.2.0.8278]
[PID: 3344 / SYSTEM][C:\Windows\system32\wbem\WmiApSrv.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 1836 / wj][C:\Windows\explorer.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[C:\Program Files\Common Files\Thunder Network\KanKan\xappex.1.1.1.62.(547).dll]  [深圳市迅雷网络技术有限公司, 1, 1, 1, 62]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\prremote.dll]  [Kaspersky Lab ZAO, 13.0.1.4190]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\prloader.dll]  [Kaspersky Lab ZAO, 13.0.1.4190]
[PID: 4668 / wj][D:\sreng2\SREngLdr.EXE]  [Smallfrogs Studio, 2.8.4.1331]
[PID: 5072 / wj][D:\sreng2\SRE7a3b9561.EXE]  [Smallfrogs Studio, 2.8.4.1331]
[C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll]  [ Microsoft Corporation, 4.0.50401.0]

==================================
文件关联
.TXT  Error. [C:\Windows\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["%SystemRoot%\hh.exe" %1]
.HLP  OK. [%SystemRoot%\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. ["%SystemRoot%\System32\WScript.exe" "%1" %*]
.JS Error. [C:\Windows\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
N/A

==================================
进程特权扫描
N/A

==================================
计划任务
[已禁用] \\Adobe Flash Player Updater
      C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[已禁用] \\GoogleUpdateTaskMachineCore
      C:\Program Files\Google\Update\GoogleUpdate.exe /c
[已禁用] \\GoogleUpdateTaskMachineUA
      C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
[已启用] \\MotoHelper Initial Update
      "C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe" -d -silent
[已启用] \\MotoHelper Routing
      "C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe" -r
[已启用] \\MotoHelper Update
      "C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe" -d -silent
[已禁用] \\TaskAt2663935
      d:\Tencent\QQMusic\QQMusicCvtData.exe /list vista  /progresstitle 395838 /install "d:\Tencent\QQMusic" /whirlinstall 1
[已启用] \\{E8B097EE-289C-4EAF-8761-077662429304}
      C:\Windows\system32\pcalua.exe -a C:\zhb\股票数据转换宝.exe -d C:\zhb
[已禁用] \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)
      N/A
[已启用] \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)
      N/A
[已禁用] \Microsoft\Windows\AppID\PolicyConverter
      %windir%\system32\appidpolicyconverter.exe
[已禁用] \Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck
      %windir%\system32\appidcertstorecheck.exe
[已启用] \Microsoft\Windows\Application Experience\AitAgent
      aitagent
[已启用] \Microsoft\Windows\Application Experience\ProgramDataUpdater
      %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate
[已启用] \Microsoft\Windows\Autochk\Proxy
      %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
[已启用] \Microsoft\Windows\Bluetooth\UninstallDeviceTask
      BthUdTask.exe $(Arg0)
[已启用] \Microsoft\Windows\CertificateServicesClient\SystemTask
      N/A
[已启用] \Microsoft\Windows\CertificateServicesClient\UserTask
      N/A
[已禁用] \Microsoft\Windows\CertificateServicesClient\UserTask-Roam
      N/A
[已启用] \Microsoft\Windows\Customer Experience Improvement Program\Consolidator
      %SystemRoot%\System32\wsqmcons.exe
[已启用] \Microsoft\Windows\Defrag\ScheduledDefrag
      %windir%\system32\defrag.exe -c
[已启用] \Microsoft\Windows\Location\Notifications
      %windir%\System32\LocationNotifications.exe
[已启用] \Microsoft\Windows\Maintenance\WinSAT
      N/A
[已禁用] \Microsoft\Windows\Media Center\ActivateWindowsSearch
      %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
[已禁用] \Microsoft\Windows\Media Center\ConfigureInternetTimeService
      %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
[已禁用] \Microsoft\Windows\Media Center\DispatchRecoveryTasks
      %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
[已禁用] \Microsoft\Windows\Media Center\ehDRMInit
      %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
[已禁用] \Microsoft\Windows\Media Center\InstallPlayReady
      %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
[已禁用] \Microsoft\Windows\Media Center\mcupdate
      %SystemRoot%\ehome\mcupdate $(Arg0)
[已禁用] \Microsoft\Windows\Media Center\MediaCenterRecoveryTask
      %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
[已禁用] \Microsoft\Windows\Media Center\MediaCenterRecoveryTask
      %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
[已禁用] \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask
      %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
[已禁用] \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask
      %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
[已禁用] \Microsoft\Windows\Media Center\OCURActivate
      %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
[已禁用] \Microsoft\Windows\Media Center\OCURDiscovery
      %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
[已禁用] \Microsoft\Windows\Media Center\PBDADiscovery
      %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
[已禁用] \Microsoft\Windows\Media Center\PBDADiscoveryW1
      %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
[已禁用] \Microsoft\Windows\Media Center\PBDADiscoveryW2
      %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
[已禁用] \Microsoft\Windows\Media Center\PeriodicScanRetry
      %windir%\ehome\MCUpdate.exe -pscn 0
[已禁用] \Microsoft\Windows\Media Center\PvrRecoveryTask
      %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
[已禁用] \Microsoft\Windows\Media Center\PvrRecoveryTask
      %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
[已禁用] \Microsoft\Windows\Media Center\PvrScheduleTask
      %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
[已禁用] \Microsoft\Windows\Media Center\PvrScheduleTask
      %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
[已禁用] \Microsoft\Windows\Media Center\RecordingRestart
      %SystemRoot%\ehome\ehrec /RestartRecording
[已禁用] \Microsoft\Windows\Media Center\RegisterSearch
      %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
[已禁用] \Microsoft\Windows\Media Center\ReindexSearchRoot
      %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
[已禁用] \Microsoft\Windows\Media Center\SqlLiteRecoveryTask
      %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
[已禁用] \Microsoft\Windows\Media Center\SqlLiteRecoveryTask
      %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
[已启用] \Microsoft\Windows\Media Center\StartRecording
      %SystemRoot%\ehome\ehrec /StartRecording
[已禁用] \Microsoft\Windows\Media Center\UpdateRecordPath
      %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
[已启用] \Microsoft\Windows\MobilePC\HotStart
      N/A
[已启用] \Microsoft\Windows\MUI\LPRemove
      %windir%\system32\lpremove.exe
[已启用] \Microsoft\Windows\Multimedia\SystemSoundsService
      N/A
[已启用] \Microsoft\Windows\NetTrace\GatherNetworkInfo
      %windir%\system32\gatherNetworkInfo.vbs
[已禁用] \Microsoft\Windows\Offline Files\Background Synchronization
      N/A
[已禁用] \Microsoft\Windows\Offline Files\Logon Synchronization
      N/A
[已启用] \Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
      %SystemRoot%\System32\powercfg.exe -energy -auto
[已启用] \Microsoft\Windows\Ras\MobilityManager
      N/A
[已禁用] \Microsoft\Windows\SideShow\AutoWake
      N/A
[已启用] \Microsoft\Windows\SideShow\GadgetManager
      N/A
[已禁用] \Microsoft\Windows\SideShow\SessionAgent
      N/A
[已禁用] \Microsoft\Windows\SideShow\SystemDataProviders
      N/A
[已禁用] \Microsoft\Windows\SystemRestore\SR
      %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
[已启用] \Microsoft\Windows\Tcpip\IpAddressConflict1
      %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
[已启用] \Microsoft\Windows\Tcpip\IpAddressConflict2
      %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
[已启用] \Microsoft\Windows\Time Synchronization\SynchronizeTime
      %windir%\system32\sc.exe start w32time task_started
[已启用] \Microsoft\Windows\UPnP\UPnPHostConfig
      sc.exe config upnphost start= auto
[已禁用] \Microsoft\Windows\User Profile Service\HiveUploadTask
      N/A
[已启用] \Microsoft\Windows\Windows Error Reporting\QueueReporting
      %windir%\system32\wermgr.exe -queuereporting
[已禁用] \Microsoft\Windows\Windows Media Sharing\UpdateLibrary
      "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
[已启用] \Microsoft\Windows\WindowsBackup\ConfigNotification
      %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
[已禁用] \Microsoft\Windows\WindowsColorSystem\Calibration Loader
      N/A

==================================
Windows 安全更新检查
KB2483139,  拉脱维亚语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139,  斯洛文尼亚语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139,  爱沙尼亚语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139,  挪威语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139,  西班牙语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139,  德语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139,  意大利语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139,  土耳其语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139,  朝鲜语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139,  斯洛伐克语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139,  希腊语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139,  捷克语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139,  希伯来语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139,  日语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139,  丹麦语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139,  葡萄牙语（巴西）语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139,  葡萄牙语（葡萄牙）语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139,  繁体中文语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139,  立陶宛语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139,  泰国语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139,  克罗地亚语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139,  俄语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139,  瑞典语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139,  塞尔维亚语（拉丁语）语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139,  法语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139,  保加利亚语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139,  乌克兰语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139,  阿拉伯语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139,  波兰语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139,  芬兰语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139,  罗马尼亚语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139,  荷兰语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB2483139,  匈牙利语语言包 - Windows 7 Service Pack 1 (KB2483139)
KB982861,  用于 Windows 7 的 Windows Internet Explorer 9
KB2709981,  Windows 7 更新程序 (KB2709981)
KB2574819,  Windows 7 更新程序 (KB2574819)
KB2592687,  Windows 7 更新程序 (KB2592687)
KB915597,  Definition Update for Windows Defender - KB915597 (Definition 1.141.2103.0)

显示全部楼层 · 发表于 2012-12-19 17:25:33

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================

显示全部楼层 · 发表于 2012-12-19 17:28:24

卡巴斯基隔离的是酷狗的文件，不是系统文件

显示全部楼层 · 发表于 2012-12-19 17:32:29

阴天的太阳发表于 2012-12-19 17:28
卡巴斯基隔离的是酷狗的文件，不是系统文件

噢，现在到不死机了，就是开关机的时候特别慢，老是在“关机”和“开机”出现这个两个字的时候停留的时间比较长，原来就一会。还有现在卡巴斯基启动也没原来快了，特慢

显示全部楼层 · 发表于 2012-12-19 18:37:41

....还原或者重装最简单了

显示全部楼层 · 发表于 2012-12-19 18:45:20

这是什么病毒…莫非是火焰？

显示全部楼层 · 发表于 2012-12-19 20:21:54

请问各位我的SREng扫描日志有问题吗？

显示全部楼层 · 发表于 2012-12-19 20:27:12

遇到这类问题，恢复ghost备份是最佳解决办法

显示全部楼层 · 发表于 2012-12-19 20:29:06

早春新柳发表于 2012-12-19 20:27
遇到这类问题，恢复ghost备份是最佳解决办法

我没弄过备份

[已解决] 电脑出问题了，请大家帮帮我。