谁来帮我看看诊断日志里有什么病毒 bbs.ikaka.com

kaka1498 - 2011-4-11 10:26:00

[CODE]

2011-04-11,10:23:01

System Repair Engineer 2.8.4.1331
Smallfrogs (http://www.KZTechs.com)

Windows 7 Ultimate Edition (Build 7600) - 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描
计划任务
Windows 安全更新检查
API HOOK
隐藏进程

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<Userinit><C:\Windows\system32\userinit.exe,> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
<WinlogonNotify: igfxcui><igfxdev.dll> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
<Microsoft Windows Media Player><%SystemRoot%\system32\unregmp2.exe /ShowWMP> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><C:\Windows\System32\ie4uinit.exe -UserIconConfig> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
<Browser Customizations><"C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Windows><"%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
<Windows Desktop Update><regsvr32.exe /s /n /i:U shell32.dll> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
<Web Platform Customizations><C:\Windows\System32\ie4uinit.exe -BaseSettings> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install> [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<PPAP><; > [N/A]

==================================
启动文件夹
N/A

==================================
服务
[360系统急救箱 / 360firstaid][Stopped/Auto Start]
<C:\Users\Administrator\Desktop\新建文件夹 (3)\SuperKiller.exe /startservice><(File is missing)>
[Rsd Service / RsMgrSvc][Running/Auto Start]
<"C:\Program Files\Rising\RSD\RsMgrSvc.exe"><Beijing Rising Information Technology Co., Ltd.>

==================================
驱动程序
[adp94xx / adp94xx][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\adp94xx.sys><Adaptec, Inc.>
[adpahci / adpahci][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\adpahci.sys><Adaptec, Inc.>
[adpu320 / adpu320][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\adpu320.sys><Adaptec, Inc.>
[aic78xx / aic78xx][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\djsvs.sys><Adaptec, Inc.>
[aliide / aliide][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[amdsata / amdsata][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\amdsata.sys><Advanced Micro Devices>
[amdsbs / amdsbs][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\amdsbs.sys><AMD Technologies Inc.>
[amdxata / amdxata][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\amdxata.sys><Advanced Micro Devices>
[apf001 / apf001][Stopped/Manual Start]
<\??\C:\Windows\system32\apf001.sys><N/A>
[arc / arc][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\arc.sys><Adaptec, Inc.>
[arcsas / arcsas][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\arcsas.sys><Adaptec, Inc.>
[Broadcom NetXtreme II VBD / b06bdrv][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\bxvbdx.sys><Broadcom Corporation>
[Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 / b57nd60x][Stopped/Manual Start]
<system32\DRIVERS\b57nd60x.sys><Broadcom Corporation>
[BAPIDRV / BAPIDRV][Running/System Start]
<\??\C:\Windows\system32\drivers\BAPIDRV.SYS><360.cn>
[Brother USB Mass-Storage Lower Filter Driver / BrFiltLo][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\BrFiltLo.sys><Brother Industries, Ltd.>
[Brother USB Mass-Storage Upper Filter Driver / BrFiltUp][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\BrFiltUp.sys><Brother Industries, Ltd.>
[Brother MFC Serial Port Interface Driver (WDM) / Brserid][Stopped/Manual Start]
<\SystemRoot\System32\Drivers\Brserid.sys><Brother Industries Ltd.>
[Brother WDM Serial driver / BrSerWdm][Stopped/Manual Start]
<\SystemRoot\System32\Drivers\BrSerWdm.sys><Brother Industries Ltd.>
[Brother MFC USB Fax Only Modem / BrUsbMdm][Stopped/Manual Start]
<\SystemRoot\System32\Drivers\BrUsbMdm.sys><Brother Industries Ltd.>
[Brother MFC USB Serial WDM Driver / BrUsbSer][Stopped/Manual Start]
<\SystemRoot\System32\Drivers\BrUsbSer.sys><Brother Industries Ltd.>
[cmdide / cmdide][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[Broadcom NetXtreme II 10 GigE VBD / ebdrv][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\evbdx.sys><Broadcom Corporation>
[elxstor / elxstor][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\elxstor.sys><Emulex>
[Hauppauge Consumer Infrared Receiver / hcw85cir][Stopped/Manual Start]
<\SystemRoot\system32\drivers\hcw85cir.sys><Hauppauge Computer Works, Inc.>
[HpSAMD / HpSAMD][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\HpSAMD.sys><Hewlett-Packard Company>
[iaStorV / iaStorV][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\iaStorV.sys><Intel Corporation>
[igfx / igfx][Running/Manual Start]
<system32\DRIVERS\igdkmd32.sys><Intel Corporation>
[iirsp / iirsp][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\iirsp.sys><Intel Corp./ICP vortex GmbH>
[英特尔(R) 显示器音频 / IntcDAud][Running/Manual Start]
<system32\DRIVERS\IntcDAud.sys><Intel(R) Corporation>
[krpr / krpr][Stopped/Manual Start]
<\??\C:\Windows\system32\Drivers\krpr.sys><Kingsoft Corporation>
[NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20) / L1E][Stopped/Manual Start]
<system32\DRIVERS\L1E62x86.sys><Atheros Communications, Inc.>
[LSI_FC / LSI_FC][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\lsi_fc.sys><LSI Corporation>
[LSI_SAS / LSI_SAS][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\lsi_sas.sys><LSI Corporation>
[LSI_SAS2 / LSI_SAS2][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\lsi_sas2.sys><LSI Corporation>
[LSI_SCSI / LSI_SCSI][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\lsi_scsi.sys><LSI Corporation>
[megasas / megasas][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\megasas.sys><LSI Corporation>
[MegaSR / MegaSR][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\MegaSR.sys><LSI Corporation, Inc.>
[ATK0110 ACPI UTILITY / MTsensor][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\ASACPI.sys><>
[nfrd960 / nfrd960][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\nfrd960.sys><IBM Corporation>
[Nokia USB Phone Parent / nmwcd][Stopped/Manual Start]
<system32\drivers\nmwcd.sys><Nokia>
[Nokia USB Generic / nmwcdc][Stopped/Manual Start]
<system32\drivers\nmwcdc.sys><Nokia>
[nvraid / nvraid][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\nvraid.sys><NVIDIA Corporation>
[nvstor / nvstor][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\nvstor.sys><NVIDIA Corporation>
[ql2300 / ql2300][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\ql2300.sys><QLogic Corporation>
[ql40xx / ql40xx][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\ql40xx.sys><QLogic Corporation>
[Realtek 8167 NT Driver / RTL8167][Running/Manual Start]
<system32\DRIVERS\Rt86win7.sys><Realtek>
[SiSRaid2 / SiSRaid2][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\SiSRaid2.sys><Silicon Integrated Systems Corp.>
[SiSRaid4 / SiSRaid4][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\sisraid4.sys><Silicon Integrated Systems>
[stexstor / stexstor][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\stexstor.sys><Promise Technology>
[TesSafe / TesSafe][Stopped/Manual Start]
<\??\C:\Windows\system32\TesSafe.sys><TENCENT>
[VIA High Definition Audio Driver Service / VIAHdAudAddService][Running/Manual Start]
<system32\drivers\viahduaa.sys><VIA Technologies, Inc.>
[viaide / viaide][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\viaide.sys><VIA Technologies, Inc.>
[vsmraid / vsmraid][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\vsmraid.sys><VIA Technologies Inc.,Ltd>

==================================
浏览器加载项
[卡卡上网安全助手]
{98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} <C:\Windows\system32\UrlFilter.dll, (Signed) Beijing Rising Information Technology Co., Ltd.>
[]
{00000000-12C9-4305-82F9-43058F20E8D2} <, >
[]
{00000AA9-A363-466E-BEF5-9BB68697AA7F} <, >
[]
{00000AAA-A363-466E-BEF5-9BB68697AA7F} <, >
[]
{01443AEC-0FD1-40FD-9C87-E93D1494C233} <, >
[]
{03507A1A-E0C5-4404-AA26-205385C0892D} <, >
[]
{05F5F404-7C24-4B39-B5CC-340CEDEB9C0D} <, >
[]
{15BD4A12-BEDA-4A4D-8FB1-04553F1FD1CB} <, >
[KuGoo3Down Control]
{162AF25B-5A2A-448E-A842-194653EF3E05} <C:\Windows\System32\KuGoo3DownXControl.ocx, N/A>
[]
{1A3440C6-F123-4CAB-84EE-C814E1AE0D8F} <, >
[InstallHelper Class]
{1DABF8D5-8430-4985-9B7F-A30E53D709B3} <E:\Plugin\Com.Tencent.QQMusic\bin\QQMusic\MMInstaller.dll, (Signed) Tencent>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\Windows\System32\wmpdxm.dll, (Signed) Microsoft Corporation>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <C:\Windows\System32\mshtml.dll, (Signed) Microsoft Corporation>
[XML DOM Document]
{2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[]
{2D90D33C-DE76-42D0-9040-E4466DDC24AC} <, >
[]
{485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <, >
[]
{548BF84E-9665-47F9-B635-7380F8943E90} <, >
[]
{5FFF24BC-DC02-4808-B4E0-A8E2C93FE407} <, >
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <%SystemRoot%\system32\wmp.dll, (Signed) N/A>
[]
{6EE9CD3E-A386-4DAE-9737-A759DBF927AE} <, >
[MediaComm Class]
{7670648D-461B-42AF-BDFE-46D26AF5EFF2} <C:\Users\Public\Thunder Network\Thunder_4C3CC198-1FC0-4F26-A9BF-5921429769DC_\Components\InMedia\MediaAddin.dll, (Signed) 深圳市迅雷网络技术有限公司>

kaka1498 - 2011-4-11 10:27:00

[]
{802F530B-A8F6-4631-AE49-6BACAAC6373E} <, >
[]
{87515F61-A66C-4319-A0E0-D416CB8059E3} <, >
[Microsoft Web Browser]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\Windows\System32\ieframe.dll, (Signed) Microsoft Corporation>
[]
{889D2FEB-5411-4565-8998-1DD2C5261283} <, >
[XML DOM Document 6.0]
{88D96A05-F192-11D4-A65F-0040963251E5} <%SystemRoot%\System32\msxml6.dll, (Signed) N/A>
[]
{8AC3BC28-E145-4385-A694-8AAC128ACB16} <, >
[]
{95B3F550-91C4-4627-BCC4-521288C52977} <, >
[OFrameObject Class]
{9701758C-4373-482E-B13C-776C048EC890} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.7107.333.(217).dll, (Signed) ShenZhen Thunder Networking Technologies Ltd.>
[卡卡上网安全助手]
{98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} <C:\Windows\system32\UrlFilter.dll, (Signed) Beijing Rising Information Technology Co., Ltd.>
[VersionDetector Class]
{9EFF1953-9694-47B1-AEF6-B2A3FE8BFE9B} <C:\Program Files\Common Files\Thunder Network\KanKan\vd.1.1.0.32.(837).dll, (Signed) ShenZhen Thunder Networking Technologies,Ltd.>
[HallToolkit Class]
{A24E6133-404F-4431-A296-2DE576FC5AEE} <C:\Program Files\Common Files\Thunder Network\XLGame\HallTool.1.0.0.5.(775).dll, (Signed) 深圳市迅雷网络技术有限公司>
[APlayer Control]
{A9322148-C691-4B9D-91FC-B9C461DBE9DD} <C:\Program Files\Common Files\Thunder Network\APlayer\APlayer_001.dll, (Signed) ShenZhen Thunder Networking Technologies, LTD>
[DapCtrl Class]
{ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.7107.333.(217).dll, (Signed) ShenZhen Thunder Networking Technologies Ltd.>
[Agent Class]
{C8F43570-E187-4ED4-B91A-2ABC8308E04C} <, >
[AUDIO__MP3 Moniker Class]
{CD3AFA76-B84F-48F0-9393-7EDC34128127} <%SystemRoot%\system32\wmp.dll, (Signed) N/A>
[Microsoft Url Search Hook]
{CFBFAE00-17A6-11D0-99CB-00C04FD64497} <C:\Windows\System32\ieframe.dll, (Signed) Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\Windows\system32\Macromed\Flash\Flash10o.ocx, (Signed) Adobe Systems, Inc.>
[xoliimpl Class]
{DD5BF6D1-6663-47E0-9DFA-5C343CAF178E} <C:\Windows\xinstaller.dll, (Signed) 深圳市迅雷技术有限公司>
[PlayerCtrl Class]
{E05BC2A3-9A46-4A32-80C9-023A473F5B23} <E:\Plugin\Com.Tencent.QQMusic\bin\QQMusic\QzoneMusic.dll, (Signed) Tencent>
[Xunlei Digital Video DRM Control]
{E577393C-3468-4911-9DA0-484C3F4C47D7} <C:\Program Files\Common Files\Thunder Network\APlayer\Codecs\xlvsource.ax, >
[]
{E5F36297-709F-AA0E-9895-5CEAF2A4C7ED} <, >
[SSOForPTLogin2 Class]
{EAAED308-7322-4B9B-965E-171933ADD473} <C:\Program Files\Common Files\Tencent\TXSSO\1.2.1.15\Bin\SSOAxCtrlForPTLogin.dll, (Signed) >
[TimwpDll.TimwpCheck]
{ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4} <E:\Bin\Timwp.dll, (Signed) Tencent>
[XML HTTP Request]
{ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[]
{F3E70CEA-956E-49CC-B444-73AFE593AD7F} <, >
[XML HTTP]
{F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>

==================================
正在运行的进程
[PID: 268 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 372 / SYSTEM][C:\Windows\system32\csrss.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 424 / SYSTEM][C:\Windows\system32\csrss.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 432 / SYSTEM][C:\Windows\system32\wininit.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 468 / SYSTEM][C:\Windows\system32\winlogon.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 528 / SYSTEM][C:\Windows\system32\services.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 536 / SYSTEM][C:\Windows\system32\lsass.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 544 / SYSTEM][C:\Windows\system32\lsm.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 644 / SYSTEM][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 728 / NETWORK SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 816 / SYSTEM][C:\Program Files\Rising\RSD\RsMgrSvc.exe] [Beijing Rising Information Technology Co., Ltd., 1.0.0.26]
[C:\Program Files\Rising\RSD\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.4]
[C:\Program Files\Rising\RSD\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1]
[PID: 860 / LOCAL SERVICE][C:\Windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[C:\Windows\system32\nQAPO.dll] [QSound Labs, Inc., 6.0.6000.16 built by: WinDDK]
[C:\Windows\system32\VIASysFx.dll] [VIA Technologies, Inc., 6.0.01.7700]
[PID: 896 / SYSTEM][C:\Windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 920 / SYSTEM][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 1000 / LOCAL SERVICE][C:\Windows\system32\AUDIODG.EXE] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[C:\Windows\system32\nQAPO.dll] [QSound Labs, Inc., 6.0.6000.16 built by: WinDDK]
[C:\Windows\system32\VIASysFx.dll] [VIA Technologies, Inc., 6.0.01.7700]
[PID: 1104 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 1140 / NETWORK SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 1276 / SYSTEM][C:\Windows\System32\spoolsv.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 1304 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 1504 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 1568 / Administrator][C:\Windows\system32\taskhost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 1660 / Administrator][C:\Windows\system32\Dwm.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 1752 / Administrator][C:\Windows\Explorer.EXE] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[C:\Windows\system32\FXSAPI.dll] [Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[C:\Windows\system32\igfxpph.dll] [Intel Corporation, 7.15.10.2104]
[C:\Windows\system32\hccutils.DLL] [Intel Corporation, 7.15.10.2104]
[C:\Windows\system32\igfxrCHS.lrc] [Intel Corporation, 7.15.10.2104]
[C:\Windows\system32\igfxsrvc.dll] [Intel Corporation, 7.15.10.2104]
[PID: 1444 / NETWORK SERVICE][C:\Windows\system32\wbem\wmiprvse.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 2064 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 2100 / SYSTEM][C:\Windows\system32\wbem\wmiprvse.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 3976 / Administrator][E:\Bin\QQ.exe] [Tencent, 1.60.2020.220]
[E:\Bin\Common.dll] [Tencent, 1, 60, 2010, 0]
[E:\Bin\zlib.dll] [, 1, 2, 5, 0]
[E:\Bin\libexpat.dll] [, 2, 0, 1, 0]
[C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.DLL] [Microsoft Corporation, 8.00.50727.4053]
[E:\Bin\KernelUtil.dll] [Tencent, 1, 60, 2010, 0]
[E:\Bin\xImage.dll] [Tencent, 5, 9, 9, 0]
[E:\Bin\libpng.dll] [, 1, 2, 2, 3]
[E:\Bin\libjpeg6.dll] [, 6, 2, 0, 0]
[E:\Bin\GF.dll] [Tencent, 1, 60, 2010, 0]
[E:\Bin\xGraphic32.dll] [Tencent, 1, 60, 2010, 0]
[E:\Bin\jgImage.dll] [Tencent, 1, 60, 2010, 0]
[E:\Bin\jgIOStub.dll] [Tencent, 1, 60, 2010, 0]
[E:\Bin\AFUtil.dll] [Tencent, 1, 60, 2020, 0]
[E:\Bin\IPC.dll] [Tencent, 1, 60, 2010, 0]
[E:\Bin\FlashService.dll] [Tencent, 1, 60, 2020, 0]
[E:\Bin\LoginPanel.dll] [Tencent, 1, 60, 2021, 0]
[E:\Bin\IM.dll] [Tencent, 1, 60, 2010, 0]
[E:\Bin\AppMisc.dll] [Tencent, 1, 60, 2020, 0]
[E:\Bin\AppUtil.dll] [Tencent, 1, 60, 2020, 0]
[E:\Bin\TaskTray.dll] [Tencent, 1, 60, 2020, 0]
[E:\Bin\TXPFProxy.dll] [Tencent, 1, 60, 2010, 0]
[E:\Bin\MainFrame.dll] [Tencent, 1, 60, 2020, 0]
[E:\Bin\AppFramework.dll] [Tencent, 1, 60, 2020, 0]
[E:\Bin\SkinMgr.dll] [Tencent, 1, 60, 2020, 0]
[E:\Bin\AFCtrl.dll] [Tencent, 1, 60, 2020, 0]
[E:\Bin\ProcessSession.DLL] [Tencent, 1, 60, 2010, 0]
[E:\Bin\SystemMsg.dll] [Tencent, 1, 60, 2020, 0]
[E:\Bin\ConfigCenter.dll] [Tencent, 1, 60, 2020, 0]
[E:\Bin\ChatFrameApp.dll] [Tencent, 1, 60, 2020, 0]
[E:\Bin\GroupApp.dll] [Tencent, 1, 60, 2020, 0]
[E:\Bin\Contacts.dll] [Tencent, 1, 60, 2020, 0]
[E:\Bin\InformationBox.dll] [Tencent, 1, 60, 2020, 0]
[E:\Plugin\Com.Tencent.SNSApp\Bin\SNSApp.dll] [Tencent, 1, 60, 2020, 0]
[E:\Plugin\Com.Tencent.PayCenter\Bin\PayCenter.dll] [Tencent, 1, 60, 2020, 0]
[E:\Plugin\Com.Tencent.QQVipMisc\Bin\QQVipMisc.dll] [Tencent, 1, 60, 2020, 0]
[E:\Plugin\Com.Tencent.VAS\Bin\VAS.dll] [Tencent, 1, 60, 2020, 0]
[E:\Plugin\Com.Tencent.WenWen\Bin\WenWen.dll] [Tencent, 1, 60, 2020, 0]
[E:\Plugin\Com.Tencent.NetBar\Bin\NetBar.dll] [Tencent, 1, 60, 2020, 0]
[E:\Plugin\Com.Tencent.PaiPai\Bin\PaiPai.dll] [Tencent, 1, 60, 2020, 0]
[E:\Plugin\Com.Tencent.Wireless\Bin\Wireless.dll] [Tencent, 1, 60, 2020, 0]
[E:\Plugin\Com.Tencent.CRM\Bin\CRM.dll] [Tencent, 1, 60, 2020, 0]
[E:\Plugin\Com.Tencent.PaiPaiGift\Bin\PaiPaiGift.dll] [Tencent, 1, 60, 2020, 0]
[E:\Plugin\Com.Tencent.QQShow\Bin\QQShow.dll] [Tencent, 1, 60, 2020, 0]
[E:\Plugin\Com.Tencent.Qzone\Bin\Qzone.dll] [Tencent, 1, 60, 2020, 0]
[E:\Plugin\Com.Tencent.AudioVideo\Bin\AudioVideo.dll] [Tencent, 1, 60, 2020, 0]
[E:\Plugin\Com.Tencent.Soso\Bin\Soso.dll] [Tencent, 1, 60, 2020, 0]
[E:\Plugin\Com.Tencent.Weather\Bin\Weather.dll] [Tencent, 1, 60, 2020, 0]
[E:\Plugin\Com.Tencent.Memo\Bin\Memo.dll] [Tencent, 1, 60, 2020, 0]
[E:\Plugin\Com.Tencent.QQPet\Bin\QQPet.dll] [Tencent, 1, 60, 2020, 0]
[E:\Plugin\Com.Tencent.QQVip\Bin\QQVip.dll] [Tencent, 1, 60, 2020, 0]
[E:\Plugin\Com.Tencent.Mail\Bin\Mail.dll] [Tencent, 1, 60, 2020, 0]
[E:\Plugin\Com.Tencent.FileTransfer\Bin\FileTransfer.dll] [Tencent, 1, 60, 2020, 0]
[E:\Plugin\Com.Tencent.QQRing\Bin\QQRing.dll] [Tencent, 1, 60, 2020, 0]
[E:\Plugin\Com.Tencent.WBlog\Bin\WBlog.dll] [Tencent, 1, 60, 2020, 0]
[C:\Program Files\Common Files\Tencent\TXSSO\1.2.1.15\Bin\SSOPlatform.dll] [Tencent, 1.2.1.15]
[C:\Program Files\Common Files\Tencent\TXSSO\1.2.1.15\Bin\SSOCommon.DLL] [Tencent, 1.2.1.10]
[E:\Bin\PluginCommon.dll] [Tencent, 1, 60, 2021, 0]
[E:\Bin\QInterLive.dll] [Tencent, 1, 60, 2020, 0]
[E:\Plugin\Com.Tencent.GameLife\Bin\GameLife.dll] [Tencent, 1, 60, 2020, 0]
[E:\Plugin\com.tencent.netdisk\Bin\NetDisk.dll] [Tencent, 1, 60, 2020, 0]
[E:\Plugin\com.tencent.netdisk\Bin\DiskIPC.dll] [Tencent, 1, 60, 2020, 0]
[E:\Plugin\com.tencent.netdisk\Bin\DiskCommon.dll] [Tencent, 1, 60, 2020, 0]
[E:\Plugin\com.tencent.netdisk\Bin\FileBase.dll] [Tencent, 1, 60, 2020, 0]
[E:\Bin\ContactInfoFrame.dll] [Tencent, 1, 60, 2020, 0]
[E:\Bin\MsgMgr.dll] [Tencent, 1, 60, 2020, 0]
[E:\Plugin\com.tencent.qqmusic\Bin\QQMusic.dll] [Tencent, 1, 60, 2020, 0]
[E:\Plugin\com.tencent.qqgame\Bin\QQGame.dll] [Tencent, 1, 60, 2021, 0]
[E:\Plugin\com.tencent.today\Bin\Today.dll] [Tencent, 1, 60, 2020, 0]
[C:\Windows\system32\Macromed\Flash\Flash10o.ocx] [Adobe Systems, Inc., 10,2,153,1]
[E:\Plugin\com.tencent.advertisement\Bin\Advertisement.dll] [Tencent, 1, 60, 2020, 0]
[E:\Bin\vqqsdl.dll] [Tencent, 5, 0, 3, 24]
[E:\Bin\CustomFace.dll] [Tencent, 1, 60, 2020, 0]
[C:\Windows\system32\SOGOUPY.IME] [Sogou.com Inc., 5.2.0.5374]
[C:\Program Files\SogouInput\5.2.0.5374\Resource.dll] [Sogou.com Inc., 5.2.0.5374]
[E:\Bin\OPIEModule.dll] [Tencent, 1, 60, 2020, 0]
[C:\Windows\system32\igdumdx32.dll] [Intel Corporation, 8.15.10.2104]
[C:\Windows\system32\igdumd32.dll] [Intel Corporation, 8.15.10.2104]
[E:\Bin\LongCnn.dll] [Tencent, 1, 60, 2010, 0]
[E:\Plugin\com.tencent.mmog\Bin\MMOG.dll] [Tencent, 1, 60, 2020, 0]
[E:\Bin\AddrSearch.dll] [Tencent, 2, 3, 12, 11]
[C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053]
[C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_03ca5532205cb096\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053]
[E:\Plugin\com.tencent.winks\Bin\Winks.dll] [Tencent, 1, 60, 2020, 0]
[PID: 4060 / Administrator][E:\Bin\TXPlatform.exe] [Tencent, 1, 60, 2010, 0]
[E:\Bin\TXPFProxy.dll] [Tencent, 1, 60, 2010, 0]
[PID: 2588 / Administrator][C:\Program Files\SogouInput\5.2.0.5374\ImeUtil.exe] [Sogou.com Inc., 5.2.0.5374]
[C:\Program Files\SogouInput\5.2.0.5374\ZipLib.dll] [Sogou.com Inc., 1.0.0.0000]
[PID: 2968 / Administrator][E:\QQ音乐\QQMusic.exe] [Tencent, 7.72.1669.1012]
[E:\QQ音乐\QQMusicCommon.dll] [Tencent, 7.72.1669.1012]
[C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053]
[E:\QQ音乐\ExceptCatch.dll] [Tencent, 7.72.1669.1012]
[E:\QQ音乐\QQMusicWidget_MFC.dll] [Tencent, 7.72.1669.1012]
[C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_03ca5532205cb096\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053]
[E:\QQ音乐\QQMusicResource.dll] [Tencent, 7.72.1669.1012]
[E:\QQ音乐\QQMusicApi.dll] [Tencent, 7.72.1669.1012]
[C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.DLL] [Microsoft Corporation, 8.00.50727.4053]
[E:\QQ音乐\QQMusic_Protocol.dll] [Tencent, 7.72.1669.1012]
[E:\QQ音乐\QQMusic_SkinMgr.dll] [Tencent, 7.72.1669.1012]
[E:\QQ音乐\QQMusicSkin2.dll] [Tencent, 7.72.1669.1012]
[E:\QQ音乐\QQMusic_List.dll] [Tencent, 7.72.1669.1012]
[E:\QQ音乐\QQMusic_Player.dll] [Tencent, 7.72.1669.1012]
[E:\QQ音乐\QMDataBaseMgr.dll] [Tencent, 7.72.1669.1012]
[E:\QQ音乐\VBScript.dll] [Microsoft Corporation, 5.6.0.7426]
[E:\QQ音乐\QQMusic_Lyric.dll] [Tencent, 7.72.1669.1012]
[E:\QQ音乐\QQMusic_QMPMgr.dll] [Tencent, 7.72.1669.1012]
[E:\QQ音乐\QQMusic_Portal.dll] [Tencent, 7.72.1669.1012]
[E:\QQ音乐\QQMusic_Shell.dll] [Tencent, 7.72.1669.1012]
[E:\QQ音乐\QQMusic_Login.dll] [Tencent, 7.72.1669.1012]
[E:\QQ音乐\QQMusic_Tips.dll] [Tencent, 7.72.1669.1012]
[E:\QQ音乐\QQMusic_Upgrade.dll] [Tencent, 7.72.1669.1012]
[E:\QQ音乐\QQMusic_Network.dll] [Tencent, 7.72.1669.1012]
[E:\Bin\TXPFProxy.dll] [Tencent, 1, 60, 2010, 0]
[C:\Windows\system32\Macromed\Flash\Flash10o.ocx] [Adobe Systems, Inc., 10,2,153,1]
[C:\Windows\system32\igdumdx32.dll] [Intel Corporation, 8.15.10.2104]
[C:\Windows\system32\igdumd32.dll] [Intel Corporation, 8.15.10.2104]
[E:\QQ音乐\QQMusicPlayer.dll] [Tencent, 8, 0, 4, 630]
[E:\QQ音乐\QQMediaPlayer.dll] [Tencent, 8, 0, 2, 1223]
[E:\QQ音乐\msdmo.dll] [, ]
[E:\QQ音乐\p2papp.dll] [Tencent, 5.5.2605.195]
[C:\Users\Administrator\AppData\Roaming\Tencent\QQMusic\Kernel\217\p2papi.dll] [Tencent, 6.3.5019.217]
[C:\Users\Administrator\AppData\Roaming\Tencent\QQMusic\Kernel\217\p2pdata.dll] [Tencent, 6.3.5019.217]

kaka1498 - 2011-4-11 10:27:00

[C:\Users\Administrator\AppData\Roaming\Tencent\QQMusic\Kernel\217\p2phttp.dll] [Tencent, 6.3.5019.217]
[C:\Users\Administrator\AppData\Roaming\Tencent\QQMusic\Kernel\217\p2pcore.dll] [Tencent, 6.3.5019.217]
[E:\QQ音乐\QQMusicAddin\qmp_asf.dll] [N/A, ]
[E:\QQ音乐\tnproxy.dll] [Tencent Technology(Shenzhen) Company Limited, 2, 1, 101, 90]
[E:\QQ音乐\QQMusic_MobileDevice.dll] [Tencent, 7.72.1669.1012]
[PID: 3172 / Administrator][C:\Program Files\Rising\AntiSpyware\ras.exe] [Beijing Rising Information Technology Co., Ltd., 6.0.0.11]
[C:\Program Files\Rising\AntiSpyware\rspalmgr.dll] [Beijing Rising Information Technology Co., Ltd., 6.0.0.18]
[C:\Program Files\Rising\AntiSpyware\ProcCom.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
[C:\Program Files\Rising\AntiSpyware\RsCommX2.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
[C:\Program Files\Rising\AntiSpyware\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
[C:\Program Files\Rising\AntiSpyware\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
[C:\Program Files\Rising\AntiSpyware\dbmgr.dll] [Beijing Rising Information Technology Co., Ltd., 6.0.0.4]
[C:\Program Files\Rising\AntiSpyware\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Rising\AntiSpyware\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Rising\AntiSpyware\RSXML1.DLL] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2]
[C:\Program Files\Rising\AntiSpyware\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Rising\AntiSpyware\RSXML.DLL] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2]
[C:\Program Files\Rising\AntiSpyware\RsGuiLib.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 57]
[C:\Program Files\Rising\AntiSpyware\PngDll.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5]
[C:\Program Files\Rising\AntiSpyware\pweb.dll] [Beijing Rising Information Technology Co., Ltd., 6.0.0.29]
[C:\Program Files\Rising\AntiSpyware\pdefend.dll] [Beijing Rising Information Technology Co., Ltd., 6.1.1.37]
[C:\Program Files\Rising\AntiSpyware\pscan.dll] [Beijing Rising Information Technology Co., Ltd., 6.0.1.35]
[C:\Program Files\Rising\AntiSpyware\NComm.dll] [Beijing Rising Information Technology Co., Ltd., 6.0.0.11]
[C:\Program Files\Rising\AntiSpyware\pset.dll] [Beijing Rising Information Technology Co., Ltd., 6.0.0.16]
[C:\Program Files\Rising\AntiSpyware\ptools.dll] [Beijing Rising Information Technology Co., Ltd., 6.0.0.28]
[C:\Program Files\Rising\AntiSpyware\psysinfo.dll] [Beijing Rising Information Technology Co., Ltd., 6.0.0.86]
[C:\Program Files\Rising\AntiSpyware\kengine.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 16]
[C:\Program Files\Rising\AntiSpyware\posttrt.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 24]
[C:\Program Files\Rising\AntiSpyware\kscanex.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 2]
[C:\Program Files\Rising\AntiSpyware\engine.dll] [Beijing Rising Information Technology Co., Ltd., 19, 0, 0, 26]
[C:\Program Files\Rising\AntiSpyware\rsdialog.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 7]
[C:\Program Files\Rising\AntiSpyware\SecScan.dll] [Beijing Rising Information Technology Co., Ltd., 3, 0, 0, 29]
[C:\Program Files\Rising\AntiSpyware\NtLib.dll] [Beijing Rising Information Technology Co., Ltd., 3, 0, 0, 38]
[C:\Program Files\Rising\AntiSpyware\SecEx.dll] [Beijing Rising Information Technology Co., Ltd., 3, 0, 0, 17]
[C:\Windows\system32\Macromed\Flash\Flash10o.ocx] [Adobe Systems, Inc., 10,2,153,1]
[PID: 3340 / Administrator][C:\Program Files\Rising\AntiSpyware\knownsvr.exe] [Beijing Rising Information Technology Co., Ltd., 6.0.0.14]
[C:\Program Files\Rising\AntiSpyware\NComm.dll] [Beijing Rising Information Technology Co., Ltd., 6.0.0.11]
[C:\Program Files\Rising\AntiSpyware\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
[C:\Program Files\Rising\AntiSpyware\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
[PID: 2684 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 8.00.7600.16385 (win7_rtm.090713-1255)]
[PID: 3728 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 8.00.7600.16385 (win7_rtm.090713-1255)]
[C:\Windows\system32\UrlFilter.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 28]
[C:\Program Files\Rising\AntiSpyware\UrlRule.dll] [Beijing Rising Information Technology Co., Ltd., 1.0.0.21]
[C:\Windows\system32\Macromed\Flash\Flash10o.ocx] [Adobe Systems, Inc., 10,2,153,1]
[C:\Windows\system32\igdumdx32.dll] [Intel Corporation, 8.15.10.2104]
[C:\Windows\system32\igdumd32.dll] [Intel Corporation, 8.15.10.2104]
[PID: 3308 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 8.00.7600.16385 (win7_rtm.090713-1255)]
[C:\Windows\system32\UrlFilter.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 28]
[C:\Program Files\Rising\AntiSpyware\UrlRule.dll] [Beijing Rising Information Technology Co., Ltd., 1.0.0.21]
[C:\Windows\system32\Macromed\Flash\Flash10o.ocx] [Adobe Systems, Inc., 10,2,153,1]
[PID: 1016 / Administrator][C:\Program Files\WinRAR\WinRAR.exe] [, ]
[PID: 1884 / Administrator][C:\Users\ADMINI~1\AppData\Local\Temp\Rar$EX01.039\SREngLdr.EXE] [Smallfrogs Studio, 2.8.4.1331]
[PID: 2580 / Administrator][C:\Users\ADMINI~1\AppData\Local\Temp\Rar$EX01.039\SRE8ddb0902.EXE] [Smallfrogs Studio, 2.8.4.1331]

==================================
文件关联
.TXT Error. [C:\Windows\notepad.exe %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["%SystemRoot%\hh.exe" %1]
.HLP OK. [%SystemRoot%\winhlp32.exe %1]
.INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS OK. ["%SystemRoot%\System32\WScript.exe" "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
N/A

==================================
进程特权扫描
特殊特权被允许： SeDebugPrivilege [PID = 1016, C:\PROGRAM FILES\WINRAR\WINRAR.EXE]

==================================
计划任务
[已禁用] \\SidebarExecute
C:\Program Files\Windows Sidebar\sidebar.exe
[已启用] \\内存整理大师
D:\Windows7Master\MemoryMaster.exe auto
[已禁用] \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)
N/A
[已启用] \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)
N/A
[已禁用] \Microsoft\Windows\AppID\PolicyConverter
%windir%\system32\appidpolicyconverter.exe
[已禁用] \Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck
%windir%\system32\appidcertstorecheck.exe
[已启用] \Microsoft\Windows\Application Experience\AitAgent
aitagent
[已启用] \Microsoft\Windows\Application Experience\ProgramDataUpdater
%windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate
[已启用] \Microsoft\Windows\Autochk\Proxy
%windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
[已启用] \Microsoft\Windows\Bluetooth\UninstallDeviceTask
BthUdTask.exe $(Arg0)
[已启用] \Microsoft\Windows\CertificateServicesClient\SystemTask
N/A
[已启用] \Microsoft\Windows\CertificateServicesClient\UserTask
N/A
[已禁用] \Microsoft\Windows\CertificateServicesClient\UserTask-Roam
N/A
[已启用] \Microsoft\Windows\Customer Experience Improvement Program\Consolidator
%SystemRoot%\System32\wsqmcons.exe
[已启用] \Microsoft\Windows\Defrag\ScheduledDefrag
%windir%\system32\defrag.exe -c
[已禁用] \Microsoft\Windows\Location\Notifications
%windir%\System32\LocationNotifications.exe
[已启用] \Microsoft\Windows\Maintenance\WinSAT
N/A
[已禁用] \Microsoft\Windows\Media Center\ActivateWindowsSearch
%SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
[已禁用] \Microsoft\Windows\Media Center\ConfigureInternetTimeService
%SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
[已禁用] \Microsoft\Windows\Media Center\DispatchRecoveryTasks
%SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
[已禁用] \Microsoft\Windows\Media Center\ehDRMInit
%SystemRoot%\ehome\ehPrivJob.exe /DRMInit
[已禁用] \Microsoft\Windows\Media Center\InstallPlayReady
%SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
[已启用] \Microsoft\Windows\Media Center\mcupdate
%SystemRoot%\ehome\mcupdate $(Arg0)
[已启用] \Microsoft\Windows\Media Center\mcupdate_scheduled
%SystemRoot%\ehome\mcupdate -crl -hms -pscn 15
[已禁用] \Microsoft\Windows\Media Center\MediaCenterRecoveryTask
%SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
[已禁用] \Microsoft\Windows\Media Center\MediaCenterRecoveryTask
%SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
[已禁用] \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask
%SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
[已禁用] \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask
%SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
[已禁用] \Microsoft\Windows\Media Center\OCURActivate
%SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
[已禁用] \Microsoft\Windows\Media Center\OCURDiscovery
%SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
[已禁用] \Microsoft\Windows\Media Center\PBDADiscovery
%SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
[已禁用] \Microsoft\Windows\Media Center\PBDADiscoveryW1
%SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
[已禁用] \Microsoft\Windows\Media Center\PBDADiscoveryW2
%SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
[已禁用] \Microsoft\Windows\Media Center\PeriodicScanRetry
%windir%\ehome\MCUpdate.exe -pscn 0
[已禁用] \Microsoft\Windows\Media Center\PvrRecoveryTask
%SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
[已禁用] \Microsoft\Windows\Media Center\PvrRecoveryTask
%SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
[已禁用] \Microsoft\Windows\Media Center\PvrScheduleTask
%SystemRoot%\ehome\mcupdate.exe -PvrSchedule
[已禁用] \Microsoft\Windows\Media Center\PvrScheduleTask
%SystemRoot%\ehome\mcupdate.exe -PvrSchedule
[已禁用] \Microsoft\Windows\Media Center\RecordingRestart
%SystemRoot%\ehome\ehrec /RestartRecording
[已禁用] \Microsoft\Windows\Media Center\RegisterSearch
%SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
[已禁用] \Microsoft\Windows\Media Center\ReindexSearchRoot
%SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
[已禁用] \Microsoft\Windows\Media Center\SqlLiteRecoveryTask
%SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
[已禁用] \Microsoft\Windows\Media Center\SqlLiteRecoveryTask
%SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
[已启用] \Microsoft\Windows\Media Center\StartRecording
%SystemRoot%\ehome\ehrec /StartRecording
[已禁用] \Microsoft\Windows\Media Center\UpdateRecordPath
%SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
[已启用] \Microsoft\Windows\MobilePC\HotStart
N/A
[已启用] \Microsoft\Windows\MUI\LPRemove
%windir%\system32\lpremove.exe
[已启用] \Microsoft\Windows\Multimedia\SystemSoundsService
N/A
[已启用] \Microsoft\Windows\NetTrace\GatherNetworkInfo
%windir%\system32\gatherNetworkInfo.vbs
[已禁用] \Microsoft\Windows\Offline Files\Background Synchronization
N/A
[已禁用] \Microsoft\Windows\Offline Files\Logon Synchronization
N/A
[已启用] \Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
%SystemRoot%\System32\powercfg.exe -energy -auto
[已启用] \Microsoft\Windows\Ras\MobilityManager
N/A
[已禁用] \Microsoft\Windows\SideShow\AutoWake
N/A
[已启用] \Microsoft\Windows\SideShow\GadgetManager
N/A
[已禁用] \Microsoft\Windows\SideShow\SessionAgent
N/A
[已禁用] \Microsoft\Windows\SideShow\SystemDataProviders
N/A
[已禁用] \Microsoft\Windows\SystemRestore\SR
%windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
[已启用] \Microsoft\Windows\Tcpip\IpAddressConflict1
%windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
[已启用] \Microsoft\Windows\Tcpip\IpAddressConflict2
%windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
[已启用] \Microsoft\Windows\Time Synchronization\SynchronizeTime
%windir%\system32\sc.exe start w32time task_started
[已启用] \Microsoft\Windows\UPnP\UPnPHostConfig
sc.exe config upnphost start= auto
[已禁用] \Microsoft\Windows\User Profile Service\HiveUploadTask
N/A
[已启用] \Microsoft\Windows\Windows Error Reporting\QueueReporting
%windir%\system32\wermgr.exe -queuereporting
[已启用] \Microsoft\Windows\Windows Media Sharing\UpdateLibrary
"%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
[已启用] \Microsoft\Windows\WindowsBackup\ConfigNotification
%systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
[已禁用] \Microsoft\Windows\WindowsColorSystem\Calibration Loader
N/A

瑞星卡卡安全论坛