IsMyFirst
IsMyFirst
采纳率0%
2017-05-16 08:44 浏览 3.9k

我安装了一个ghost,总是会有残留程序自动安装,

系统总是有cmd.exe,con....exe,今天又多出了baidu.exe

问题在于我格式化全盘无效

[CODE]

2017-05-16,16:01:30

SysLog Scanner 3.2 - build 20140815
Arswp (http://www.arswp.com)

Windows 10 Professional Edition, 64-bit (build 10240)

注册项

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[(Verified)Realtek Semiconductor, 1, 0, 0, 1075]
<"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3> [(Verified)Realtek Semiconductor, 1, 0, 0, 267]
<"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY> [(Verified)Realtek Semiconductor, 1, 0, 0, 267]
<"C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui> [(Verified)AVAST Software, 17.4.3482.0]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
[(Verified)Microsoft Corporation, 10.0.10240.16384 (th1.150709-1700)]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd]
[(Verified)Microsoft Corporation, 10.0.10240.16384 (th1.150709-1700)]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders]
[(Verified)Microsoft Corporation, 10.0.10240.16384 (th1.150709-1700)]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]
[(Verified)Intel Corporation, 8.15.10.2900]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components]
<{2C7339CF-2B09-4501-B3F3-F3508C9228ED}> []
<{89820200-ECBD-11cf-8B85-00AA005B4340}> []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt]
<使用旋风下载(&X)> [N/A]
<使用旋风下载全部链接(&Q)> [N/A]
<使用旋风极速下载(会员特权)(&J)> [N/A]
<保存到旋风空间(会员特权)(&K)> [N/A]

启动组

[Bluetooth]
<"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"> [(Verified)Broadcom Corporation., 12.0.1.940]

任务计划

[Avast Emergency Update]
<"C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe"> [(Verified)AVAST Software, 17.4.3482.0]
[SafeZone scheduled Autoupdate 1494914512]
<"C:\Program Files\AVAST Software\SZBrowser\launcher.exe" --scheduledautoupdate $(Arg0)> [(Verified)Avast Software, 3.55.2393.596]
[Wise Care 365.job]
<"D:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe" -StartTray> [(Verified)WiseCleaner.com, 4.2.3.148]
[Wise Turbo Checker.job]
<"D:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe"> [(Verified)WiseCleaner.COM, 2.2.4.34]
[Avast settings backup]
<"C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe" /backup /iavs> [(Verified)AVAST Software, 17.3.0.139 | (Verified)AVAST Software, 17.3.0.139]
[CreateObjectTask]
<{E4544ABA-62BF-4C54-AAB2-EC246342626C}> []
[GatherNetworkInfo]
<"%windir%\system32\gatherNetworkInfo.vbs"> [(Verified)N/A]
[StartComponentCleanup]
<{752073A1-23F2-4396-85F0-8FDB879ED0ED}> []
[HiveUploadTask]
<{BA677074-762C-444B-94C8-8C83F93F6605}> []
[UpdateLibrary]
<""%ProgramFiles%\Windows Media Player\wmpnscfg.exe""> []
[Automatic-Device-Join]
<"%SystemRoot%\System32\dsregcmd.exe"> [(Verified)Microsoft Corporation, 10.0.10240.16384 (th1.150709-1700)]

组件


Shell Extension
[Monitor]
<{7842554E-6BED-11D2-8CDB-B05550C10000}> [(Verified)Broadcom Corporation., 12.0.1.940]
[avast]
<{472083B0-C522-11CF-8763-00608CC02F24}> [(Verified)AVAST Software, 17.4.3482.0]
[avast]
<{472083B0-C522-11CF-8763-00608CC02F24}> [(Verified)AVAST Software, 17.4.3482.0]


Context Menu
[avast]
<{472083B0-C522-11CF-8763-00608CC02F24}> [(Verified)AVAST Software, 17.4.3482.0]
[avast]
<{472083B0-C522-11CF-8763-00608CC02F24}> [(Verified)AVAST Software, 17.4.3482.0]
[duba_64bit]
<{DDEA5705-1BB0-4C03-AC1E-8FF9716A0D51}> <> []
[igfxcui]
<{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4}> [(Verified)Intel Corporation, 8.15.10.2900]


Copy Hook
[Monitor Class]
<{7842554E-6BED-11D2-8CDB-B05550C10000}> [(Verified)Broadcom Corporation., 12.0.1.940]


BrowserHelperObject
[QQDownload IE Left Helper]
<{00000000-12C9-4305-82F9-43058F20E8D2}> [(Verified)Tencent Technology (Shenzhen) Company Limited, 4, 2, 745, 401]
[QQDownload IE Left Helper]
<{00000000-12C9-4305-82F9-43058F20E8D2}> [(Verified)Tencent Technology (Shenzhen) Company Limited, 4, 2, 745, 401]


ActiveX Extension
[QQDownload IE Left Helper]
<{00000000-12C9-4305-82F9-43058F20E8D2}> [(Verified)Tencent Technology (Shenzhen) Company Limited, 4, 2, 745, 401]
[QQDownload IE Left Helper]
<{00000000-12C9-4305-82F9-43058F20E8D2}> [(Verified)Tencent Technology (Shenzhen) Company Limited, 4, 2, 745, 401]
[Shockwave Flash Object]
<{D27CDB6E-AE6D-11CF-96B8-444553540000}> [(Verified)Adobe Systems, Inc., 18,0,0,203]
[Shockwave Flash Object]
<{D27CDB6E-AE6D-11CF-96B8-444553540000}> [(Verified)Adobe Systems, Inc., 18,0,0,203]

服务

[NVIDIA Display Container LS / NVDisplay.ContainerLocalSystem][Stopped/Auto Start]
<"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"> [(Verified)NVIDIA Corporation | N/A]

[aswbIDSAgent / aswbIDSAgent][Running/Manual Start]
<"C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe"> [(Verified)AVAST Software s.r.o., 17.4.3.1767]
[Avast Antivirus / avast! Antivirus][Running/Auto Start]
<"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"> [(Verified)AVAST Software, 17.4.3482.0]
[Avast Firewall Service / avast! Firewall][Running/Auto Start]
<"C:\Program Files\AVAST Software\Avast\afwServ.exe"> [(Verified)AVAST Software, 17.4.3482.0]
[@oem86.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service / BcmBtRSupport][Running/Auto Start]
<%SystemRoot%\system32\BtwRSupportService.exe> [(Verified)Broadcom Corporation., 12.0.0.8047]
[Bluetooth Service / btwdins][Running/Auto Start]
<"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"> [(Verified)Broadcom Corporation., 12.0.1.940]
[Wise Boot Assistant / WiseBootAssistant][Running/Auto Start]
[(Verified)WiseCleaner.com, 1.2.3.53]

  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 复制链接分享
  • 邀请回答

2条回答 默认 最新

  • IsMyFirst IsMyFirst 2017-05-16 08:49

    驱动

    [3ware / 3ware][Stopped/Boot Start]
    [(Verified)LSI, 5.01.00.051]
    [@oem13.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver / ACPIVPC][Running/Manual Start]
    <\SystemRoot\System32\drivers\AcpiVpc.sys> [(Verified)Lenovo Corporation, 1.5.0.14]
    [ADP80XX / ADP80XX][Stopped/Boot Start]
    [(Verified)PMC-Sierra, 1.3.0.10769 (NT.150223-1854)]
    [amdsata / amdsata][Stopped/Boot Start]
    [(Verified)Advanced Micro Devices, 1.1.3.277 (NT.150223-1854)]
    [amdsbs / amdsbs][Stopped/Boot Start]
    [(Verified)AMD Technologies Inc., 3.7.1540.43 (PART3.121207-1123)]
    [amdxata / amdxata][Stopped/Boot Start]
    [(Verified)Advanced Micro Devices, 1.1.3.277 (NT.150223-1854)]
    [@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver / arcsas][Stopped/Boot Start]
    [(Verified)PMC-Sierra, Inc., 7.5.0.32048 (NT.150223-1854)]
    [aswbidsdriver / aswbidsdriver][Running/System Start]
    <\SystemRoot\system32\drivers\aswbidsdrivera.sys> [(Verified)AVAST Software s.r.o., 17.4.3.1767]
    [aswbidsh / aswbidsh][Running/Boot Start]
    <\SystemRoot\system32\drivers\aswbidsha.sys> [(Verified)AVAST Software s.r.o., 17.4.3.1767]
    [aswblog / aswblog][Running/Boot Start]
    <\SystemRoot\system32\drivers\aswbloga.sys> [(Verified)AVAST Software s.r.o., 17.4.3.1767]
    [aswbuniv / aswbuniv][Running/Boot Start]
    <\SystemRoot\system32\drivers\aswbuniva.sys> [(Verified)AVAST Software s.r.o., 17.4.3.1767]
    [aswHwid / aswHwid][Stopped/Manual Start]
    <\SystemRoot\system32\drivers\aswHwid.sys> [(Verified)AVAST Software, 17.4.3482.0]
    [aswKbd / aswKbd][Running/System Start]
    <\SystemRoot\system32\drivers\aswKbd.sys> [(Verified)AVAST Software, 17.4.3482.0]
    [aswMonFlt / aswMonFlt][Running/Auto Start]
    <\SystemRoot\system32\drivers\aswMonFlt.sys> [(Verified)AVAST Software, 17.4.3482.0]
    [aswNetSec / aswNetSec][Running/System Start]
    <\SystemRoot\system32\drivers\aswNetSec.sys> [(Verified)AVAST Software, 17.4.3482.0]
    [aswRdr / aswRdr][Running/System Start]
    <\SystemRoot\system32\drivers\aswRdr2.sys> [(Verified)AVAST Software, 17.4.3482.0 built by: WinDDK]
    [aswRvrt / aswRvrt][Running/Boot Start]
    <\SystemRoot\system32\drivers\aswRvrt.sys> [(Verified)AVAST Software, 17.4.3482.0]
    [aswSnx / aswSnx][Running/System Start]
    <\SystemRoot\system32\drivers\aswSnx.sys> [(Verified)AVAST Software, 17.4.3482.0]
    [aswSP / aswSP][Running/System Start]
    <\SystemRoot\system32\drivers\aswSP.sys> [(Verified)AVAST Software, 17.4.3482.0]
    [aswStm / aswStm][Running/Auto Start]
    <\SystemRoot\system32\drivers\aswStm.sys> [(Verified)AVAST Software, 17.4.3482.96]
    [aswVmm / aswVmm][Running/Boot Start]
    <\SystemRoot\system32\drivers\aswVmm.sys> [(Verified)AVAST Software, 17.4.3482.0]
    [@netbvbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II VBD / b06bdrv][Stopped/Boot Start]
    [(Verified)Broadcom Corporation, 7.4.14.0]
    [@oem86.inf,%BCBTUMS.SvcDesc%;Bluetooth USB LD Filter / bcbtums][Running/Manual Start]
    <\SystemRoot\system32\drivers\bcbtums.sys> [(Verified)Broadcom Corporation., 12.0.0.8047]
    [@bcmfn2.inf,%bcmfn2.SVCDESC%;bcmfn2 Service / bcmfn2][Stopped/Manual Start]
    <\SystemRoot\System32\drivers\bcmfn2.sys> [(Verified)Windows (R) Win 7 DDK provider, 6.3.9391.6]
    [@oem86.inf,%btwampfl.ServiceName%;btwampfl / btwampfl][Running/Manual Start]
    <\SystemRoot\system32\DRIVERS\btwampfl.sys> [(Verified)Broadcom Corporation., 12.0.0.7403]
    [@oem82.inf,%btaudio.SvcDesc%;蓝牙音频设备 / btwaudio][Running/Manual Start]
    <\SystemRoot\system32\drivers\btwaudio.sys> [(Verified)Broadcom Corporation., 12.0.1.860]
    [@oem82.inf,%btwavdt.SvcDesc%;Bluetooth AVDT / btwavdt][Running/Manual Start]
    <\SystemRoot\System32\drivers\btwavdt.sys> [(Verified)Broadcom Corporation., 12.0.1.790]
    [@oem85.inf,%btwl2cap.SVCDESC%;Bluetooth L2CAP Service / btwl2cap][Running/Manual Start]
    <\SystemRoot\system32\DRIVERS\btwl2cap.sys> [(Verified)Broadcom Corporation., 12.0.1.870]
    [btwrchid / btwrchid][Stopped/Manual Start]
    <\SystemRoot\System32\drivers\btwrchid.sys> [(Verified)Broadcom Corporation., 12.0.1.790]
    [DgSafe / DgSafe][Stopped/Manual Start]
    <\??\C:\Windows\system32\drivers\DgSafe.sys> [(Verified)MyDrivers.com, 2016,12,21,1270]
    [@netevbda.inf,%vbd_srv_desc%;QLogic 10 Gigabit Ethernet Adapter VBD / ebdrv][Stopped/Boot Start]
    [(Verified)QLogic Corporation, 7.12.2.3]
    [FsWriteBack64 / FsWriteBack64][Stopped/Manual Start]
    <\??\C:\Windows\system32\drivers\FsWriteBack64.sys> [(Verified)360.cn, 1, 0, 0, 1028]
    [@oem3.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface / HECIx64][Running/Manual Start]
    <\SystemRoot\System32\drivers\HECIx64.sys> [(Verified)Intel Corporation, 6.0.0.1179 built by: WinDDK]
    [HpSAMD / HpSAMD][Stopped/Boot Start]
    [(Verified)Hewlett-Packard Company, 8.0.4.0 Build 1 Media Driver (x86-64) (PART_L3.130128-0938)]
    [@ialpssi_gpio.inf,%iaLPSSi_GPIO.SVCDESC%;Intel(R) Serial IO GPIO Controller Driver / iaLPSSi_GPIO][Stopped/Manual Start]
    <\SystemRoot\System32\drivers\iaLPSSi_GPIO.sys> [(Verified)Intel Corporation, 1.1.250.0]
    [@ialpssi_i2c.inf,%iaLPSSi_I2C.SVCDESC%;Intel(R) Serial IO I2C Controller Driver / iaLPSSi_I2C][Stopped/Manual Start]
    <\SystemRoot\System32\drivers\iaLPSSi_I2C.sys> [(Verified)Intel Corporation, 1.1.250.0]
    [iaStorA / iaStorA][Running/Boot Start]
    [(Verified)Intel Corporation, 12.8.0.1016]
    [@iastorav.inf,%iaStorAV.DeviceDesc%;Intel(R) SATA RAID Controller Windows / iaStorAV][Stopped/Boot Start]
    [(Verified)Intel Corporation, 13.2.0.1022]
    [@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7 / iaStorV][Stopped/Boot Start]
    [(Verified)Intel Corporation, 8.6.2.1019]
    [@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver) / ibbus][Stopped/Manual Start]
    <\SystemRoot\System32\drivers\ibbus.sys> [(Verified)Mellanox, 4.91.10726]
    [igfx / igfx][Running/Manual Start]
    <\SystemRoot\system32\DRIVERS\igdkmd64.sys> [(Verified)Intel Corporation, 8.15.10.2900]
    [Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
    <\SystemRoot\system32\drivers\RTKVHD64.sys> [(Verified)Realtek Semiconductor Corp., 6.0.1.8105 built by: WinDDK]
    [JMCR / JMCR][Running/Manual Start]
    <\SystemRoot\System32\drivers\jmcr.sys> [(Verified)JMicron Technology Corporation, 1.0.76.1 built by: WinDDK]
    [LSI_SAS / LSI_SAS][Stopped/Boot Start]
    [(Verified)LSI Corporation, 1.34.03.83 (NT.150223-1854)]
    [LSI_SAS2i / LSI_SAS2i][Stopped/Boot Start]
    [(Verified)LSI Corporation, 2.00.76.80 (NT.150223-1854)]
    [LSI_SAS3i / LSI_SAS3i][Stopped/Boot Start]
    [(Verified)Avago Technologies, 2.50.96.80 (NT.150223-1854)]
    [LSI_SSS / LSI_SSS][Stopped/Boot Start]
    [(Verified)LSI Corporation, 2.10.61.81 (PART_L3.130128-0938)]
    [megasas / megasas][Stopped/Boot Start]
    [(Verified)Avago Technologies, 6.706.06.00 (NT.150223-1854)]
    [megasr / megasr][Stopped/Boot Start]
    [(Verified)LSI Corporation, Inc., 15.02.2013.0129]
    [@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator / mlx4_bus][Stopped/Manual Start]
    <\SystemRoot\System32\drivers\mlx4_bus.sys> [(Verified)Mellanox, 4.91.10726]
    [mvumis / mvumis][Stopped/Boot Start]
    [(Verified)Marvell Semiconductor, Inc., 1.0.5.1016 (PART_L3.131021-1012)]
    [@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service / ndfltr][Stopped/Manual Start]
    <\SystemRoot\System32\drivers\ndfltr.sys> [(Verified)Mellanox, 4.91.10726]
    [nvlddmkm / nvlddmkm][Running/Manual Start]
    <\SystemRoot\system32\DRIVERS\nvlddmkm.sys> [(Verified)NVIDIA Corporation, 21.21.13.7654]
    [nvpciflt / nvpciflt][Stopped/Boot Start]
    [(Verified)NVIDIA Corporation, 21.21.13.7654]
    [nvraid / nvraid][Stopped/Boot Start]
    [(Verified)NVIDIA Corporation, 10.6.0.23 (PART_L3.131021-1012)]
    [nvstor / nvstor][Stopped/Boot Start]
    [(Verified)NVIDIA Corporation, 10.6.0.23 (PART_L3.131021-1012)]
    [percsas2i / percsas2i][Stopped/Boot Start]
    [(Verified)LSI Corporation, 6.803.21.00 (PART_L3.131021-1012)]
    [percsas3i / percsas3i][Stopped/Boot Start]
    [(Verified)Avago Technologies, 6.602.12.0 (PART_L3.131021-1012)]
    [@oem2.inf,%Rtlunic.Service.DispName%;Realtek USB FE/GbE NIC Family Windows 10 64-bit Driver / rtux64w10][Stopped/Manual Start]
    <\SystemRoot\System32\drivers\rtux64w10.sys> [(Verified)Realtek , 10.7.0218.2016]
    [RTWlanE / RTWlanE][Stopped/Manual Start]
    <\SystemRoot\system32\DRIVERS\rtwlane.sys> [(Verified)Realtek Semiconductor Corporation , 2013.12.1117.2014]
    [SiSRaid2 / SiSRaid2][Stopped/Boot Start]
    [(Verified)Silicon Integrated Systems Corp., 2.60.01 (NT.070926-1510)]
    [SiSRaid4 / SiSRaid4][Stopped/Boot Start]
    [(Verified)Silicon Integrated Systems, 3.60.03 (NT.070926-1510)]
    [stexstor / stexstor][Stopped/Boot Start]
    [(Verified)Promise Technology, Inc., 5.1.0000.10 (PART.121116-1330)]
    [USB Device Emulation Support Library / UdeCx][Stopped/Manual Start]
    [(Verified)N/A]
    [vsmraid / vsmraid][Stopped/Boot Start]
    [(Verified)VIA Technologies Inc.,Ltd, 7.0.9600,6352]
    [@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver / VSTXRAID][Stopped/Boot Start]
    [(Verified)VIA Corporation, 8.0.9200.8110]
    [@mlx4_bus.inf,%WinMad.ServiceDesc%;WinMad Service / WinMad][Stopped/Manual Start]
    <\SystemRoot\System32\drivers\winmad.sys> [(Verified)Mellanox, 4.91.10726]
    [@mlx4_bus.inf,%WinVerbs.ServiceDesc%;WinVerbs Service / WinVerbs][Stopped/Manual Start]
    <\SystemRoot\System32\drivers\winverbs.sys> [(Verified)Mellanox, 4.91.10726]

    活动进程

    [PID: 928 / SYSTEM] C:\Windows\system32\svchost.exe [(Verified)Microsoft Corporation, 10.0.10240.16384 (th1.150709-1700)]
    C:\Windows\SYSTEM32\licensemanagerapi.dll [(Verified)N/A]

    [PID: 1948 / SYSTEM] C:\Windows\System32\svchost.exe [(Verified)Microsoft Corporation, 10.0.10240.16384 (th1.150709-1700)]
    C:\Windows\System32\diagtrack_wininternal.dll [(Verified)N/A]

    [PID: 1968 / SYSTEM] C:\Windows\system32\BtwRSupportService.exe [(Verified)Broadcom Corporation., 12.0.0.8047]

    [PID: 2036 / SYSTEM] C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [(Verified)Broadcom Corporation., 12.0.1.940]
    C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll [(Verified)N/A]

    [PID: 2228 / SYSTEM] D:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [(Verified)WiseCleaner.com, 1.2.3.53]

    [PID: 5588 / LOCAL SERVICE] C:\Windows\system32\dashost.exe [(Verified)Microsoft Corporation, 10.0.10240.16384 (th1.150709-1700)]
    C:\Program Files\AVAST Software\Avast\x64\aswhooka.dll [(Verified)AVAST Software s.r.o., 17.4.3.1767]

    [PID: 2452 / SYSTEM] C:\Windows\system32\winlogon.exe [(Verified)Microsoft Corporation, 10.0.10240.16384 (th1.150709-1700)]
    C:\Program Files\AVAST Software\Avast\x64\aswhooka.dll [(Verified)AVAST Software s.r.o., 17.4.3.1767]

    [PID: 3952 / IsMe] C:\Windows\system32\sihost.exe [(Verified)Microsoft Corporation, 10.0.10240.16384 (th1.150709-1700)]
    C:\Program Files\AVAST Software\Avast\x64\aswhooka.dll [(Verified)AVAST Software s.r.o., 17.4.3.1767]
    C:\Windows\system32\CoreUIComponents.dll [(Verified)N/A]
    C:\Windows\SYSTEM32\licensemanagerapi.dll [(Verified)N/A]

    [PID: 3404 / IsMe] C:\Windows\system32\taskhostw.exe [(Verified)Microsoft Corporation, 10.0.10240.16384 (th1.150709-1700)]
    C:\Program Files\AVAST Software\Avast\x64\aswhooka.dll [(Verified)AVAST Software s.r.o., 17.4.3.1767]

    [PID: 3756 / IsMe] D:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe [(Verified)WiseCleaner.com, 4.2.3.148]

    [PID: 5056 / IsMe] C:\Windows\System32\InputMethod\CHS\ChsIME.exe [(Verified)Microsoft Corporation, 10.0.10240.16384 (th1.150709-1700)]
    C:\Program Files\AVAST Software\Avast\x64\aswhooka.dll [(Verified)AVAST Software s.r.o., 17.4.3.1767]
    C:\Windows\System32\mtf.dll [(Verified)N/A]
    C:\Windows\System32\mtfserver.dll [(Verified)N/A]

    [PID: 4684 / IsMe] C:\Windows\Explorer.EXE [(Verified)Microsoft Corporation, 10.0.10240.16384 (th1.150709-1700)]
    C:\Program Files\AVAST Software\Avast\x64\aswhooka.dll [(Verified)AVAST Software s.r.o., 17.4.3.1767]
    C:\Windows\System32\CoreUIComponents.dll [(Verified)N/A]
    C:\Windows\SYSTEM32\nvumdshimx.dll [(Verified)NVIDIA Corporation, 21.21.13.7654]
    C:\Windows\system32\nvinitx.dll [(Verified)NVIDIA Corporation, 21.21.13.7654]
    C:\Windows\system32\igd10umd64.dll [(Verified)Intel Corporation, 8.15.10.2900]
    C:\Program Files\AVAST Software\Avast\ashShA64.dll [(Verified)AVAST Software, 17.4.3482.0]
    C:\Windows\system32\igfxpph.dll [(Verified)Intel Corporation, 8.15.10.2900]
    C:\Windows\system32\hccutils.DLL [(Verified)Intel Corporation, 8.15.10.2900]
    C:\Windows\system32\igfxrCHS.lrc [(Verified)Intel Corporation, 8.15.10.2900]
    C:\Windows\system32\igfxsrvc.dll [(Verified)Intel Corporation, 8.15.10.2900]
    C:\Program Files\WIDCOMM\Bluetooth Software\btmmhook.dll [(Verified)Broadcom Corporation., 12.0.1.940]

    [PID: 4372 / IsMe] C:\Windows\System32\RuntimeBroker.exe [(Verified)Microsoft Corporation, 10.0.10240.16384 (th1.150709-1700)]
    C:\Program Files\AVAST Software\Avast\x64\aswhooka.dll [(Verified)AVAST Software s.r.o., 17.4.3.1767]

    [PID: 5088 / IsMe] C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [(Verified)Microsoft Corporation, 10.0.10240.16384 (th1.150709-1700)]
    C:\Windows\system32\CoreUIComponents.dll [(Verified)N/A]
    C:\Windows\SYSTEM32\nvumdshimx.dll [(Verified)NVIDIA Corporation, 21.21.13.7654]
    C:\Windows\system32\nvinitx.dll [(Verified)NVIDIA Corporation, 21.21.13.7654]
    C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll [(Verified)N/A]
    C:\Windows\system32\igd10umd64.dll [(Verified)Intel Corporation, 8.15.10.2900]

    [PID: 2652 / IsMe] C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [(Verified)Microsoft Corporation, 10.0.10240.16384 (th1.150709-1700)]
    C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll [(Verified)N/A]
    C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll [(Verified)N/A]
    C:\Windows\system32\CoreUIComponents.dll [(Verified)N/A]
    C:\Windows\SYSTEM32\nvumdshimx.dll [(Verified)NVIDIA Corporation, 21.21.13.7654]
    C:\Windows\system32\nvinitx.dll [(Verified)NVIDIA Corporation, 21.21.13.7654]
    C:\Windows\system32\igd10umd64.dll [(Verified)Intel Corporation, 8.15.10.2900]
    C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll [(Verified)N/A]

    [PID: 5896 / IsMe] C:\Windows\system32\ApplicationFrameHost.exe [(Verified)Microsoft Corporation, 10.0.10240.16384 (th1.150709-1700)]
    C:\Program Files\AVAST Software\Avast\x64\aswhooka.dll [(Verified)AVAST Software s.r.o., 17.4.3.1767]
    C:\Windows\system32\nvumdshimx.dll [(Verified)NVIDIA Corporation, 21.21.13.7654]
    C:\Windows\system32\nvinitx.dll [(Verified)NVIDIA Corporation, 21.21.13.7654]
    C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll [(Verified)NVIDIA Corporation, 21.21.13.7654]
    C:\Program Files\NVIDIA Corporation\CoProcManager\nvdxgiwrapx.dll [(Verified)NVIDIA Corporation, 21.21.13.7654]
    C:\Windows\system32\igd10umd64.dll [(Verified)Intel Corporation, 8.15.10.2900]
    C:\Program Files\WIDCOMM\Bluetooth Software\btmmhook.dll [(Verified)Broadcom Corporation., 12.0.1.940]

    [PID: 5456 / IsMe] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [(Verified)Realtek Semiconductor, 1, 0, 0, 1075]
    C:\Program Files\AVAST Software\Avast\x64\aswhooka.dll [(Verified)AVAST Software s.r.o., 17.4.3.1767]

    [PID: 3532 / IsMe] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [(Verified)Realtek Semiconductor, 1, 0, 0, 267]
    C:\Program Files\AVAST Software\Avast\x64\aswhooka.dll [(Verified)AVAST Software s.r.o., 17.4.3.1767]
    C:\Windows\system32\RtkCfg64.dll [(Verified)Realtek Semiconductor Corp., 1.0.0.7]
    C:\Windows\system32\RltkAPO64.dll [(Verified)Realtek Semiconductor Corp., 11.0.6000.560]

    [PID: 1144 / IsMe] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [(Verified)Realtek Semiconductor, 1, 0, 0, 267]
    C:\Program Files\AVAST Software\Avast\x64\aswhooka.dll [(Verified)AVAST Software s.r.o., 17.4.3.1767]
    C:\Windows\system32\RtkCfg64.dll [(Verified)Realtek Semiconductor Corp., 1.0.0.7]
    C:\Windows\system32\RltkAPO64.dll [(Verified)Realtek Semiconductor Corp., 11.0.6000.560]

    [PID: 1632 / IsMe] C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596_1\SZBrowser.exe [(Verified)Avast Software, 3.55.2393.596]

    [PID: 3512 / IsMe] C:\Program Files\AVAST Software\Avast\AvastUI.exe [(Verified)AVAST Software, 17.4.3482.0]

    [PID: 5216 / IsMe] C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596_1\SZBrowser_crashreporter.exe [(Verified)Avast Software, 3.55.2393.596]

    [PID: 4652 / IsMe] C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596_1\SZBrowser.exe [(Verified)Avast Software, 3.55.2393.596]

    [PID: 5964 / IsMe] C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596_1\SZBrowser.exe [(Verified)Avast Software, 3.55.2393.596]

    [PID: 1916 / IsMe] C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596_1\SZBrowser.exe [(Verified)Avast Software, 3.55.2393.596]

    [PID: 3216 / IsMe] C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596_1\SZBrowser.exe [(Verified)Avast Software, 3.55.2393.596]

    [PID: 2292 / IsMe] C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596_1\SZBrowser.exe [(Verified)Avast Software, 3.55.2393.596]

    [PID: 4448 / IsMe] C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596_1\SZBrowser.exe [(Verified)Avast Software, 3.55.2393.596]

    [PID: 5308 / IsMe] C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596_1\SZBrowser.exe [(Verified)Avast Software, 3.55.2393.596]

    [PID: 5784 / IsMe] C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596_1\SZBrowser.exe [(Verified)Avast Software, 3.55.2393.596]

    [PID: 312 / IsMe] C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [(Verified)Broadcom Corporation., 12.0.1.940]
    C:\Program Files\AVAST Software\Avast\x64\aswhooka.dll [(Verified)AVAST Software s.r.o., 17.4.3.1767]
    C:\Program Files\WIDCOMM\Bluetooth Software\btwapi.dll [(Verified)Broadcom Corporation., 12.0.1.940]
    C:\Program Files\WIDCOMM\Bluetooth Software\btosif.dll [(Verified)Broadcom Corporation., 12.0.1.940]
    C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll [(Verified)Broadcom Corporation., 12.0.1.940]
    C:\Program Files\WIDCOMM\Bluetooth Software\btosif_ol.dll [(Verified)Broadcom Corporation., 12.0.1.940]
    C:\Program Files\WIDCOMM\Bluetooth Software\btmmhook.dll [(Verified)Broadcom Corporation., 12.0.1.940]
    C:\Program Files\WIDCOMM\Bluetooth Software\btwhidcs.dll [(Verified)Broadcom Corporation., 12.0.1.940]

    [PID: 2012 / IsMe] C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe [(Verified)Broadcom Corporation., 12.0.1.940]
    C:\Program Files\AVAST Software\Avast\x64\aswhooka.dll [(Verified)AVAST Software s.r.o., 17.4.3.1767]
    C:\Program Files\WIDCOMM\Bluetooth Software\btosif.dll [(Verified)Broadcom Corporation., 12.0.1.940]
    C:\Program Files\WIDCOMM\Bluetooth Software\BtAudioHelper.dll [(Verified)Broadcom Corporation., 12.0.1.940]
    C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityLib.dll [(Verified)Broadcom Corporation., 12.0.1.940]

    [PID: 4836 / IsMe] C:\Windows\SysWOW64\cmd.exe [(Verified)Microsoft Corporation, 10.0.10240.16384 (th1.150709-1700)]

    [PID: 5508 / IsMe] C:\Windows\system32\conhost.exe [(Verified)Microsoft Corporation, 10.0.10240.16384 (th1.150709-1700)]
    C:\Program Files\AVAST Software\Avast\x64\aswhooka.dll [(Verified)AVAST Software s.r.o., 17.4.3.1767]

    [PID: 960 / IsMe] C:\Program Files\AVAST Software\Avast\AvastNM.exe [(Verified)N/A]

    [PID: 6048 / IsMe] C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596_1\SZBrowser.exe [(Verified)Avast Software, 3.55.2393.596]

    [PID: 2628 / IsMe] C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596_1\SZBrowser.exe [(Verified)Avast Software, 3.55.2393.596]

    [PID: 4732 / IsMe] C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596_1\SZBrowser.exe [(Verified)Avast Software, 3.55.2393.596]

    [PID: 4324 / IsMe] C:\Windows\SysWOW64\cmd.exe [(Verified)Microsoft Corporation, 10.0.10240.16384 (th1.150709-1700)]

    [PID: 4364 / IsMe] C:\Windows\system32\conhost.exe [(Verified)Microsoft Corporation, 10.0.10240.16384 (th1.150709-1700)]
    C:\Program Files\AVAST Software\Avast\x64\aswhooka.dll [(Verified)AVAST Software s.r.o., 17.4.3.1767]

    [PID: 4560 / IsMe] C:\Program Files\AVAST Software\Avast\AvastNM.exe [(Verified)N/A]

    [PID: 3060 / IsMe] C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596_1\SZBrowser.exe [(Verified)Avast Software, 3.55.2393.596]

    [PID: 204 / IsMe] C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596_1\SZBrowser.exe [(Verified)Avast Software, 3.55.2393.596]

    [PID: 3448 / IsMe] C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596_1\SZBrowser.exe [(Verified)Avast Software, 3.55.2393.596]

    [PID: 5036 / IsMe] C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596_1\SZBrowser.exe [(Verified)Avast Software, 3.55.2393.596]

    [PID: 1256 / IsMe] C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596_1\SZBrowser.exe [(Verified)Avast Software, 3.55.2393.596]

    [PID: 3176 / IsMe] C:\Users\IsMe\Downloads\arswp3\arswp64.exe [(Verified)Windows清理助手, 3.3.0.223]
    C:\Program Files\AVAST Software\Avast\x64\aswhooka.dll [(Verified)AVAST Software s.r.o., 17.4.3.1767]
    C:\Windows\System32\Macromed\Flash\Flash.ocx [(Verified)Adobe Systems, Inc., 18,0,0,203]

    [PID: 3932 / IsMe] C:\Windows\system32\svchost.exe [(Verified)Microsoft Corporation, 10.0.10240.16384 (th1.150709-1700)]
    C:\Program Files\AVAST Software\Avast\x64\aswhooka.dll [(Verified)AVAST Software s.r.o., 17.4.3.1767]

    [PID: 5320 / IsMe] C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596_1\SZBrowser.exe [(Verified)Avast Software, 3.55.2393.596]

    [PID: 4004 / IsMe] C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596_1\SZBrowser.exe [(Verified)Avast Software, 3.55.2393.596]

    [PID: 3740 / SYSTEM] C:\Windows\System32\svchost.exe [(Verified)Microsoft Corporation, 10.0.10240.16384 (th1.150709-1700)]
    C:\Program Files\AVAST Software\Avast\x64\aswhooka.dll [(Verified)AVAST Software s.r.o., 17.4.3.1767]
    c:\windows\system32\WerEtw.dll [(Verified)N/A]

    [PID: 3240 / DWM-2] C:\Windows\system32\dwm.exe [(Verified)Microsoft Corporation, 10.0.10240.16384 (th1.150709-1700)]
    C:\Program Files\AVAST Software\Avast\x64\aswhooka.dll [(Verified)AVAST Software s.r.o., 17.4.3.1767]
    C:\Windows\system32\nvumdshimx.dll [(Verified)NVIDIA Corporation, 21.21.13.7654]
    C:\Windows\system32\nvinitx.dll [(Verified)NVIDIA Corporation, 21.21.13.7654]
    C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll [(Verified)NVIDIA Corporation, 21.21.13.7654]
    C:\Program Files\NVIDIA Corporation\CoProcManager\nvdxgiwrapx.dll [(Verified)NVIDIA Corporation, 21.21.13.7654]
    C:\Windows\system32\igd10umd64.dll [(Verified)Intel Corporation, 8.15.10.2900]

    [PID: 5628 / IsMe] C:\Windows\system32\taskhostw.exe [(Verified)Microsoft Corporation, 10.0.10240.16384 (th1.150709-1700)]
    C:\Program Files\AVAST Software\Avast\x64\aswhooka.dll [(Verified)AVAST Software s.r.o., 17.4.3.1767]

    文件关联

    Autorun.Inf

    Winsock提供者

    可疑文件

    HOSTS

    [/CODE]

    点赞 评论 复制链接分享
  • shen_wei shen_wei 2017-05-16 09:34

    如果ghost安装不行。。那就推荐纯净版本安装!!

    点赞 评论 复制链接分享

相关推荐