[CODE] SystemDetector系统日志 系统版本: windows NT 5.1 Build: 2600 Service Pack 3 日期: 2011/1/6 15:16 SystemDetector版本: 1.2 build100308 ================================== 系统进程检测 [PID: 1336][C:\WINDOWS\system32\smss.exe] [(Verified) Microsoft Corporation , 5.1.2600.5512 (xpsp.080413-2111)] [PID: 1440][C:\WINDOWS\system32\csrss.exe] [(Verified) Microsoft Corporation , 5.1.2600.5512 (xpsp.080413-2111)] [PID: 1468][C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation , 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation , 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation , 6.00.2900.5512 (xpsp.080413-2105)] [PID: 1512][C:\WINDOWS\system32\services.exe] [(Verified) Microsoft Corporation , 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)] [PID: 1524][C:\WINDOWS\system32\lsass.exe] [(Verified) Microsoft Corporation , 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation , 6.00.2900.5512 (xpsp.080413-2105)] [PID: 1692][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation , 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation , 6.00.2900.5512 (xpsp.080413-2105)] [PID: 1792][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation , 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation , 6.00.2900.5512 (xpsp.080413-2105)] [PID: 1944][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation , 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation , 6.00.2900.5512 (xpsp.080413-2105)] [PID: 236][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation , 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation , 6.00.2900.5512 (xpsp.080413-2105)] [PID: 332][D:\Program Files\360\360safe\deepscan\ZhuDongFangYu.exe] [(Verified) 360.cn , 3, 2, 2, 1003] [D:\Program Files\360\360safe\deepscan\heavygate.dll] [360.cn , 3, 6, 21, 0] [PID: 848][C:\WINDOWS\system32\spoolsv.exe] [(Verified) Microsoft Corporation , 5.1.2600.6024 (xpsp_sp3_gdr.100817-1626)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation , 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation , 5.1.2600.5512 (xpsp.080413-2111)] [PID: 1136][C:\WINDOWS\explorer.exe] [(Verified) Microsoft Corporation , 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation , 6.00.2900.5512 (xpsp.080413-2105)] [C:\Program Files\WinRAR\RarExt.dll] [ , ] [C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation , 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\browselc.dll] [Microsoft Corporation , 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\atl71.dll] [Microsoft Corporation , 7.10.6101.0] [C:\WINDOWS\system32\msvcp71.dll] [Microsoft Corporation , 7.10.3077.0] [C:\WINDOWS\system32\msvcr71.dll] [Microsoft Corporation , 7.10.3052.4] [PID: 1160][C:\WINDOWS\system32\rundll32.exe] [(Verified) Microsoft Corporation , 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation , 6.00.2900.5512 (xpsp.080413-2105)] [PID: 1348][D:\Program Files\360\360safe\safemon\360tray.exe] [(Verified) 360.cn , 7, 3, 1, 1026] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation , 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation , 5.1.2600.5512 (xpsp.080413-2111)] [D:\Program Files\360\360safe\deepscan\heavygate.dll] [360.cn , 3, 6, 21, 0] [PID: 1356][C:\WINDOWS\system32\ctfmon.exe] [(Verified) Microsoft Corporation , 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation , 6.00.2900.5512 (xpsp.080413-2105)] [PID: 1400][C:\Program Files\360\360sd\360sd.exe] [(Verified) 360.cn , 1, 2, 0, 1328] [C:\Program Files\360\360sd\psapi.dll] [Microsoft Corporation , 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation , 6.00.2900.5512 (xpsp.080413-2105)] [PID: 192][C:\WINDOWS\system32\HZ_CommSrv.exe] [(Verified) 华大智宝电子系统有限公司 , 1, 2, 0, 1] [PID: 252][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation , 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation , 6.00.2900.5512 (xpsp.080413-2105)] [PID: 2408][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation , 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation , 6.00.2900.5512 (xpsp.080413-2105)] [PID: 3696][C:\Program Files\ChinaTelecom\eLive\eLive.exe] [(Verified) 中国电信 , 0.9.9.119] [C:\Program Files\ChinaTelecom\eLive\NewehomeServices.dll] [ , ] [C:\Program Files\ChinaTelecom\eLive\MsgRouteway.dll] [ , ] [C:\Program Files\ChinaTelecom\eLive\VNetMailServices.dll] [ , ] [C:\Program Files\ChinaTelecom\eLive\ehomeRelation.dll] [ , ] [C:\Program Files\ChinaTelecom\eLive\ehomeLoginDLL.dll] [ , ] [C:\Program Files\ChinaTelecom\eLive\ehomeem.dll] [TODO: <公司名> , 1.0.0.9] [C:\Program Files\ChinaTelecom\eLive\EHomeMP.dll] [TODO: <公司名> , 1.0.0.1] [C:\Program Files\ChinaTelecom\eLive\EMWebServices.dll] [ , ] [C:\Program Files\ChinaTelecom\eLive\EHomeCollection.dll] [ , ] [C:\Program Files\ChinaTelecom\eLive\Ckrp.dll] [TODO: <公司名> , 1.0.0.1] [C:\Program Files\ChinaTelecom\eLive\md.dll] [ , ] [C:\Program Files\ChinaTelecom\eLive\SMSMgr.dll] [TODO: <公司名> , 1.0.0.1] [C:\Program Files\ChinaTelecom\eLive\EChatDlg.dll] [TODO: <公司名> , 1.0.0.1] [C:\Program Files\ChinaTelecom\eLive\ExtensionMgr.dll] [China Telecom Co.Ltd , 1.1.0.139] [C:\Program Files\ChinaTelecom\eLive\Download.dll] [TODO: <公司名> , 1.0.0.3] [C:\Program Files\ChinaTelecom\eLive\Channel.dll] [TODO: <公司名> , 1.0.0.1] [C:\Program Files\ChinaTelecom\eLive\ehomeNotify.dll] [TODO: <公司名> , 1.0.0.1] [C:\Program Files\ChinaTelecom\eLive\EHomeHistMsg.dll] [TODO: <公司名> , 1.0.0.4] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation , 6.00.2900.5512 (xpsp.080413-2105)] [C:\Program Files\ChinaTelecom\eLive\EHomeUpload.dll] [TODO: <公司名> , 1.0.0.1] [C:\Program Files\ChinaTelecom\eLive\PlugIns\E8\NetRun.dll] [ , ] [C:\Program Files\ChinaTelecom\eLive\Commu.dll] [TODO: <公司名> , 1.0.0.1] [C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation , 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\ChinaTelecom\eLive\PlugIns\C+W\DialManager.dll] [TODO: <公司名> , 09.09.04] [C:\Program Files\ChinaTelecom\eLive\PlugIns\C+W\IPMake.dll] [TODO: <公司名> , 1.0.0.1] [C:\Program Files\ChinaTelecom\eLive\PlugIns\C+W\CWOperator.dll] [TODO: <公司名> , 09.09.11] [C:\Program Files\ChinaTelecom\eLive\PlugIns\C+W\DialManage.dll] [ , 1, 0, 0, 1] [C:\Program Files\ChinaTelecom\eLive\PlugIns\C+W\Singleton.dll] [ , ] [C:\Program Files\ChinaTelecom\eLive\PlugIns\C+W\Communicate.dll] [GDCN , 2008, 1, 16, 15] [C:\Program Files\ChinaTelecom\eLive\PlugIns\C+W\ModBase.dll] [ , 1, 2, 0, 1] [C:\Program Files\ChinaTelecom\eLive\PlugIns\C+W\Configure.dll] [TODO: <公司名> , 1.0.0.1] [C:\Program Files\ChinaTelecom\eLive\PlugIns\C+W\CWDriverMgrPlugin.dll] [ , 9.7.30.0] [C:\Program Files\ChinaTelecom\eLive\PlugIns\C+W\CWDriverSetup.dll] [ , 1, 0, 0, 1] [C:\Program Files\ChinaTelecom\eLive\PlugIns\C+W\DialModule.dll] [GDCN , 9, 8, 6, 9] [C:\Program Files\ChinaTelecom\eLive\PlugIns\ehome\DialHistory.dll] [TODO: <公司名> , 1.1.0.2] [C:\PROGRA~1\CHINAT~1\eLive\PlugIns\C_W~1\CDMAOP~1.OCX] [Alex , 1, 0, 0, 1] [C:\PROGRA~1\CHINAT~1\eLive\PlugIns\C_W~1\Language.dll] [ , 1, 0, 0, 1] [C:\Program Files\ChinaTelecom\eLive\PlugIns\C+W\CTATMgrModule.dll] [ , 1, 0, 0, 1] [C:\Program Files\ChinaTelecom\eLive\PlugIns\C+W\DialUI.dll] [ , 1, 0, 0, 1] [C:\Program Files\ChinaTelecom\eLive\PlugIns\C+W\PinModule.dll] [ , 1, 0, 0, 1] [C:\Program Files\ChinaTelecom\eLive\PlugIns\C+W\ClientCoexist.dll] [ , 1, 0, 0, 1] [C:\Program Files\ChinaTelecom\eLive\PlugIns\C+W\VerifyBasic.dll] [ , 1, 0, 0, 1] [C:\PROGRA~1\CHINAT~1\eLive\PlugIns\C_W~1\CdmaDll.dll] [ , 1, 0, 0, 1] [C:\Program Files\Common Files\B0B19AEC-413E-4654-86EE-3FD4E7655A93\WiFiMan.dll] [Nicomsoft Ltd. , 5.1.0.0] [C:\Program Files\Common Files\B0B19AEC-413E-4654-86EE-3FD4E7655A93\WifiClient.dll] [TODO: <公司名> , 2.0.0.1] [C:\Program Files\Common Files\B0B19AEC-413E-4654-86EE-3FD4E7655A93\BroadCom.dll] [TODO: <公司名> , 1.0.0.1] [C:\Program Files\Common Files\B0B19AEC-413E-4654-86EE-3FD4E7655A93\preflib.dll] [ , ] [C:\PROGRA~1\CHINAT~1\eLive\PlugIns\C_W~1\DriverSetup.dll] [ , 1, 0, 0, 1] [C:\PROGRA~1\CHINAT~1\eLive\PlugIns\C_W~1\CDMAMG~1.OCX] [微软中国 , 1, 0, 0, 1] [C:\Program Files\ChinaTelecom\eLive\PlugIns\C+W\MiniWindow.dll] [ , 1, 0, 0, 5] [C:\Program Files\ChinaTelecom\eLive\PlugIns\ehome\ehome.dll] [ , 2, 2, 0, 5] [C:\Program Files\ChinaTelecom\eLive\PlugIns\ehome\eHomePhone.dll] [ , 2, 2, 3, 1] [C:\Program Files\ChinaTelecom\eLive\PlugIns\ehome\sip2005.dll] [TODO: , 2.2.2.3] [C:\Program Files\ChinaTelecom\eLive\PlugIns\ehome\sipAgent.dll] [MS Tech , 1.0.1.0] [C:\Program Files\ChinaTelecom\eLive\PlugIns\ehome\AVlib.dll] [ms tech , 1.0.0.2] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80.dll] [Microsoft Corporation , 8.00.50727.4053] [C:\Program Files\ChinaTelecom\eLive\PlugIns\ehome\XMLparser.dll] [ , ] [C:\Program Files\ChinaTelecom\eLive\PlugIns\ehome\xerces-c_2_7_vc80.dll] [Apache Software Foundation , 2, 7, 0] [C:\Program Files\ChinaTelecom\eLive\PlugIns\ehome\CommonTools.dll] [ , 1, 0, 0, 6] [C:\Program Files\ChinaTelecom\eLive\PlugIns\ehome\AddrTable.dll] [ , 2, 1, 0, 3] [C:\Program Files\ChinaTelecom\eLive\PlugIns\ehome\zlib.dll] [ , 1.1.3] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHS.dll] [Microsoft Corporation , 8.00.50727.4053] [C:\Program Files\ChinaTelecom\eLive\PlugIns\ehome\ActivationReporter.dll] [ , 1, 0, 1, 1] [PID: 3976][C:\Program Files\Windows Live\Messenger\msnmsgr.exe] [(Verified) Microsoft Corporation , 14.0.8089.0726] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation , 6.00.2900.5512 (xpsp.080413-2105)] [C:\Program Files\Windows Live\Messenger\CRYPTNET.dll] [ , ] [PID: 384][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [(Verified) Microsoft Corporation , 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation , 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\browselc.dll] [Microsoft Corporation , 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [D:\Program Files\360\360safe\deepscan\heavygate.dll] [360.cn , 3, 6, 21, 0] [C:\WINDOWS\system32\atl71.dll] [Microsoft Corporation , 7.10.6101.0] [C:\WINDOWS\system32\msvcp71.dll] [Microsoft Corporation , 7.10.3077.0] [C:\WINDOWS\system32\msvcr71.dll] [Microsoft Corporation , 7.10.3052.4] [C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation , 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 3828][C:\Program Files\360\360sd\360rp.exe] [(Verified) 360.cn , 1, 2, 0, 1324] [C:\Program Files\360\360sd\psapi.dll] [Microsoft Corporation , 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)] [C:\Program Files\360\360sd\bdfltlib.dll] [ , ] [C:\Program Files\360\360sd\scan.dll] [S.C. BitDefender S.R.L , 12, 0, 53, 0] [C:\Program Files\360\360sd\heavygate.dll] [360.cn , 3, 6, 21, 0] [PID: 2900][D:\杀毒\SystemDetector\SystemDetector.exe] [WALKER05 , 1.2] [D:\杀毒\SystemDetector\BugTrapU.dll] [IntelleSoft , 1.3.3291.42976] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation , 6.00.2900.5512 (xpsp.080413-2105)] ================================== 启动项检测[注册表] [ctfmon.exe][SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [C:\WINDOWS\system32\ctfmon.exe] [(Verified) Microsoft Corporation] [360sd][SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [C:\Program Files\360\360sd\360sdrun.exe] [(Verified) 360.cn] [Thunder][SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [d:\Program Files\Thunder Network\Thunder\Program\Thunder.exe] [(Verified) 深圳市迅雷网络技术有限公司] [360Safetray][SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [D:\Program Files\360\360safe\safemon\360Tray.exe] [(Verified) 360.cn] 启动项检测[启动目录] N/A 启动项检测[Shell延迟加载] [PostBootReminder] {7849596a-48ea-486e-8937-a2a3009f31a9} [C:\WINDOWS\system32\SHELL32.dll] [(Verified) Microsoft Corporation] [CDBurn] {fbeb8a05-beee-4442-804e-409d6c4515e9} [C:\WINDOWS\system32\SHELL32.dll] [(Verified) Microsoft Corporation] [WebCheck] {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [C:\WINDOWS\system32\webcheck.dll] [(Verified) Microsoft Corporation] [SysTray] {35CEC8A3-2BE6-11D2-8773-92E220524153} [C:\WINDOWS\system32\stobject.dll] [(Verified) Microsoft Corporation] 启动项检测[Shell挂钩] {AEB6717E-7E19-11d0-97EE-00C04FD91972} [shell32.dll] [Microsoft Corporation] 启动项检测[登陆通知] [crypt32chain] [C:\WINDOWS\system32\crypt32.dll] [(Verified) Microsoft Corporation] [cscdll] [C:\WINDOWS\system32\cscdll.dll] [(Verified) Microsoft Corporation] [ScCertProp] [C:\WINDOWS\system32\wlnotify.dll] [(Verified) Microsoft Corporation] [Schedule] [C:\WINDOWS\system32\wlnotify.dll] [(Verified) Microsoft Corporation] [sclgntfy] [C:\WINDOWS\system32\sclgntfy.dll] [(Verified) Microsoft Corporation] [SensLogn] [C:\WINDOWS\system32\WlNotify.dll] [(Verified) Microsoft Corporation] [termsrv] [C:\WINDOWS\system32\wlnotify.dll] [(Verified) Microsoft Corporation] [wlballoon] [C:\WINDOWS\system32\wlnotify.dll] [(Verified) Microsoft Corporation] 启动项检测[其他项] [Shell][Explorer.exe][ OK ] [UIHost][logonui.exe][ OK ] [Userinit][C:\WINDOWS\system32\userinit.exe,][ OK ] [VmApplet][rundll32 shell32,Control_RunDLL "sysdm.cpl"][ OK ] [cmdline][%SystemRoot%\system32\ntvdm.exe -o][ OK ] [wowcmdline][%SystemRoot%\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386][ OK ] [AppInit_DLLs][][ OK ] [AlternateShell][cmd.exe][ OK ] [BootExecute][autocheck autochk *][ OK ] ================================== 系统服务检测 [360 杀毒实时防护服务 / 360rp][Running/Auto Start] <"C:\Program Files\360\360sd\360rp.exe"> <(Verified) 360.cn> [Application Layer Gateway Service / ALG][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Application Management / AppMgmt][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Windows Audio / AudioSrv][Running/Auto Start] <(Verified) Microsoft Corporation> [Background Intelligent Transfer Service / BITS][Stopped/Disabled Start] <(Verified) Microsoft Corporation> [Computer Browser / Browser][Stopped/Disabled Start] <(Verified) Microsoft Corporation> [c20ukdrwsvc / c20ukdrwsvc][Stopped/Demand Start] <"C:\Program Files\95599 Certificate Tools\Watertek\c20ukdrwsvr.exe"> <(Verified) > [ClipBook / ClipSrv][Stopped/Disabled Start] <(Verified) Microsoft Corporation> [COM+ System Application / COMSysApp][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Cryptographic Services / CryptSvc][Running/Auto Start] <(Verified) Microsoft Corporation> [DCOM Server Process Launcher / DcomLaunch][Running/Auto Start] <(Verified) Microsoft Corporation> [DHCP Client / Dhcp][Running/Auto Start] <(Verified) Microsoft Corporation> [Logical Disk Manager Administrative Service / dmadmin][Stopped/Demand Start] <(Verified) Microsoft Corp., Veritas Software> [Logical Disk Manager / dmserver][Running/Auto Start] <(Verified) Microsoft Corporation> [DNS Client / Dnscache][Running/Auto Start] <(Verified) Microsoft Corporation> [Wired AutoConfig / Dot3svc][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Extensible Authentication Protocol Service / EapHost][Stopped/Demand Start] <(Verified) Microsoft Corporation> [eLive Security Service / eLiveSafe][Stopped/Demand Start] <"C:\Program Files\ChinaTelecom\eLive\PlugIns\Safe\elivesafe.exe"> <(Verified) 贝壳网际(北京)安全技术有限公司> [Event Log / Eventlog][Running/Auto Start] <(Verified) Microsoft Corporation> [COM+ Event System / EventSystem][Running/Demand Start] <(Verified) Microsoft Corporation> [Fast User Switching Compatibility / FastUserSwitchingCompatibility][Running/Demand Start] <(Verified) Microsoft Corporation> [HID Input Service / HidServ][Running/Auto Start] <(Verified) Microsoft Corporation> [Health Key and Certificate Management Service / hkmsvc][Stopped/Demand Start] <(Verified) Microsoft Corporation> [HTTP SSL / HTTPFilter][Stopped/Demand Start] <(Verified) Microsoft Corporation> [HDZB Comm Service For V2.0 / HZ_CommSrv][Running/Auto Start] <(Verified) 华大智宝电子系统有限公司> [InstallDriver Table Manager / IDriverT][Stopped/Demand Start] <"C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe"> [IMAPI CD-Burning COM Service / ImapiService][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Server / LanmanServer][Running/Auto Start] <(Verified) Microsoft Corporation> [Workstation / lanmanworkstation][Running/Auto Start] <(Verified) Microsoft Corporation> [TCP/IP NetBIOS Helper / LmHosts][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Messenger / Messenger][Stopped/Disabled Start] <(Verified) Microsoft Corporation> [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Distributed Transaction Coordinator / MSDTC][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Windows Installer / MSIServer][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Network Access Protection Agent / napagent][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Network DDE / NetDDE][Stopped/Disabled Start] <(Verified) Microsoft Corporation> [Network DDE DSDM / NetDDEdsdm][Stopped/Disabled Start] <(Verified) Microsoft Corporation> [Net Logon / Netlogon][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Network Connections / Netman][Running/Demand Start] <(Verified) Microsoft Corporation> [Network Location Awareness (NLA) / Nla][Running/Demand Start] <(Verified) Microsoft Corporation> [NT LM Security Support Provider / NtLmSsp][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Office Source Engine / ose][Stopped/Demand Start] <"C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"> <(Verified) Microsoft Corporation> [Plug and Play / PlugPlay][Running/Auto Start] <(Verified) Microsoft Corporation> [PnkBstrA / PnkBstrA][Stopped/Demand Start] <(Verified) > [IPSEC Services / PolicyAgent][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Protected Storage / ProtectedStorage][Running/Auto Start] <(Verified) Microsoft Corporation> [Remote Access Auto Connection Manager / RasAuto][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Remote Access Connection Manager / RasMan][Running/Demand Start] <(Verified) Microsoft Corporation> [Remote Desktop Help Session Manager / RDSessMgr][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Routing and Remote Access / RemoteAccess][Stopped/Disabled Start] <(Verified) Microsoft Corporation> [Remote Registry / RemoteRegistry][Stopped/Disabled Start] <(Verified) Microsoft Corporation> [Remote Procedure Call (RPC) Locator / RpcLocator][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Remote Procedure Call (RPC) / RpcSs][Running/Auto Start] <(Verified) Microsoft Corporation> [QoS RSVP / RSVP][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Security Accounts Manager / SamSs][Running/Auto Start] <(Verified) Microsoft Corporation> [360 杀毒全盘扫描辅助服务 / scan][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Smart Card / SCardSvr][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Task Scheduler / Schedule][Running/Auto Start] <(Verified) Microsoft Corporation> [Secondary Logon / seclogon][Stopped/Demand Start] <(Verified) Microsoft Corporation> [System Event Notification / SENS][Running/Auto Start] <(Verified) Microsoft Corporation> [Windows Firewall/Internet Connection Sharing (ICS) / SharedAccess][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Shell Hardware Detection / ShellHWDetection][Running/Auto Start] <(Verified) Microsoft Corporation> [Print Spooler / Spooler][Running/Auto Start] <(Verified) Microsoft Corporation> [System Restore Service / srservice][Stopped/Disabled Start] <(Verified) Microsoft Corporation> [SSDP Discovery Service / SSDPSRV][Running/Demand Start] <(Verified) Microsoft Corporation> [Windows Image Acquisition (WIA) / stisvc][Running/Auto Start] <(Verified) Microsoft Corporation> [MS Software Shadow Copy Provider / SwPrv][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Performance Logs and Alerts / SysmonLog][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Telephony / TapiSrv][Running/Demand Start] <(Verified) Microsoft Corporation> [Terminal Services / TermService][Running/Demand Start] <(Verified) Microsoft Corporation> [Themes / Themes][Running/Auto Start] <(Verified) Microsoft Corporation> [Telnet / TlntSvr][Stopped/Disabled Start] <(Verified) Microsoft Corporation> [Distributed Link Tracking Client / TrkWks][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Windows User Mode Driver Framework / UMWdf][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Universal Plug and Play Device Host / upnphost][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Volume Shadow Copy / VSS][Stopped/Demand Start] <(Verified) Microsoft Corporation> [VJVodClientServices / vvdsvc][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Windows Time / W32Time][Running/Auto Start] <(Verified) Microsoft Corporation> [WebClient / WebClient][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Windows Management Instrumentation / winmgmt][Running/Auto Start] <(Verified) Microsoft Corporation> [Portable Media Serial Number Service / WmdmPmSN][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Windows Management Instrumentation Driver Extensions / Wmi][Stopped/Demand Start] <(Verified) Microsoft Corporation> [WMI Performance Adapter / WmiApSrv][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Security Center / wscsvc][Stopped/Disabled Start] <(Verified) Microsoft Corporation> [自动更新 / wuauserv][Stopped/Disabled Start] <(Verified) Microsoft Corporation> [Windows Driver Foundation - User-mode Driver Framework / WudfSvc][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Wireless Zero Configuration / WZCSVC][Running/Auto Start] <(Verified) Microsoft Corporation> [XLDoctor Services / XLDoctor Services][Stopped/Demand Start] <(Verified) 深圳市迅雷网络技术有限公司> [Network Provisioning Service / xmlprov][Stopped/Demand Start] <(Verified) Microsoft Corporation> [主动防御 / ZhuDongFangYu][Running/Auto Start] <"D:\Program Files\360\360safe\deepscan\zhudongfangyu.exe"> <(Verified) 360.cn> ================================== 驱动服务检测 [360netmon / 360netmon][Running/System Start] <\??\C:\WINDOWS\system32\drivers\360netmon.sys> <(Verified) 360.cn> [360SelfProtection / 360SelfProtection][Running/System Start] <(Verified) 360安全中心> [Abiosdsk / Abiosdsk][Stopped/Disabled Start] <> <> [Microsoft ACPI Driver / ACPI][Running/Boot Start] <\SystemRoot\system32\DRIVERS\ACPI.sys> <(Verified) Microsoft Corporation> [Microsoft Embedded Controller Driver / ACPIEC][Running/Boot Start] <\SystemRoot\system32\DRIVERS\ACPIEC.sys> <(Verified) Microsoft Corporation> [Lenovo Virtual Power Controller Driver / ACPIVPC][Running/Demand Start] [Microsoft Kernel Acoustic Echo Canceller / aec][Stopped/Demand Start] <(Verified) Microsoft Corporation> [AFD / AFD][Running/System Start] <\SystemRoot\System32\drivers\afd.sys> <(Verified) Microsoft Corporation> [Compaq AGP Bus Filter / agpCPQ][Running/Boot Start] <\SystemRoot\system32\DRIVERS\agpCPQ.sys> <(Verified) Microsoft Corporation> [ALI AGP Bus Filter / alim1541][Running/Boot Start] <\SystemRoot\system32\DRIVERS\alim1541.sys> <(Verified) Microsoft Corporation> [AMD AGP Bus Filter Driver / amdagp][Running/Boot Start] <\SystemRoot\system32\DRIVERS\amdagp.sys> <(Verified) Advanced Micro Devices, Inc.> [1394 ARP 客户端协议 / Arp1394][Stopped/Demand Start] <(Verified) Microsoft Corporation> [RAS Asynchronous Media Driver / AsyncMac][Stopped/Demand Start] <(Verified) Microsoft Corporation> [标准 IDE/ESDI 硬盘控制器 / atapi][Running/Boot Start] <\SystemRoot\system32\DRIVERS\atapi.sys> <(Verified) Microsoft Corporation> [Atdisk / Atdisk][Stopped/Disabled Start] <> <> [音频存根驱动程序 / audstub][Running/Demand Start] <(Verified) Microsoft Corporation> [Broadcom NetXtreme Gigabit Ethernet / b57w2k][Running/Demand Start] [BAPIDRV / BAPIDRV][Running/System Start] <\??\C:\WINDOWS\system32\drivers\BAPIDRV.SYS> <(Verified) 360.cn> [Broadcom 802.11 网络适配器驱动程序 / BCM43XX][Running/Demand Start] [bdfsfltr / bdfsfltr][Running/System Start] <(Verified) BitDefender S.R.L. Bucharest, ROMANIA> [Beep / Beep][Running/System Start] <(Verified) Microsoft Corporation> [cbidf2k / cbidf2k][Stopped/Disabled Start] <> <> [Closed Caption Decoder / CCDECODE][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Cdaudio / Cdaudio][Stopped/System Start] <(Verified) Microsoft Corporation> [Cdfs / Cdfs][Running/Disabled Start] <(Verified) Microsoft Corporation> [CD-ROM Driver / Cdrom][Running/System Start] <(Verified) Microsoft Corporation> [Changer / Changer][Stopped/System Start] <> <> [Microsoft ACPI Control Method Battery Driver / CmBatt][Running/Demand Start] <(Verified) Microsoft Corporation> [Conexant UAA Function Driver for High Definition Audio Service / CnxtHdAudService][Running/Demand Start] [Microsoft Composite Battery Driver / Compbatt][Running/Boot Start] <\SystemRoot\system32\DRIVERS\compbatt.sys> <(Verified) Microsoft Corporation> [磁盘驱动器 / Disk][Running/Boot Start] <\SystemRoot\system32\DRIVERS\disk.sys> <(Verified) Microsoft Corporation> [Dritek Keyboard Filter Driver / DKbFltr][Running/Demand Start] [dmboot / dmboot][Stopped/Disabled Start] <(Verified) Microsoft Corp., Veritas Software> [Logical Disk Manager Driver / dmio][Running/Boot Start] <\SystemRoot\System32\drivers\dmio.sys> <(Verified) Microsoft Corp., Veritas Software> [dmload / dmload][Running/Boot Start] <\SystemRoot\System32\drivers\dmload.sys> <(Verified) Microsoft Corp., Veritas Software.> [Microsoft Kernel DLS Syntheiszer / DMusic][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Microsoft Kernel DRM Audio Descrambler / drmkaud][Stopped/Demand Start] <(Verified) Microsoft Corporation> [EfiSystemMon / EfiMon][Running/System Start] <(Verified) 奇虎网> [exFat / exFat][Stopped/Disabled Start] <(Verified) Microsoft Corporation> [Fastfat / Fastfat][Stopped/Disabled Start] <(Verified) Microsoft Corporation> [Fdc / Fdc][Stopped/System Start] <(Verified) Microsoft Corporation> [Fips / Fips][Running/System Start] <(Verified) Microsoft Corporation> [Flpydisk / Flpydisk][Stopped/System Start] <(Verified) Microsoft Corporation> [FltMgr / FltMgr][Running/Boot Start] <\SystemRoot\system32\DRIVERS\fltMgr.sys> <(Verified) Microsoft Corporation> [FsVga / FsVga][Running/System Start] <(Verified) Microsoft Corporation> [Volume Manager Driver / Ftdisk][Running/Boot Start] <\SystemRoot\system32\DRIVERS\ftdisk.sys> <(Verified) Microsoft Corporation> [Generic Packet Classifier / Gpc][Running/Demand Start] <(Verified) Microsoft Corporation> [Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Demand Start] <(Verified) Windows (R) Server 2003 DDK provider> [Microsoft HID Class Driver / hidusb][Running/Demand Start] <(Verified) Microsoft Corporation> [HookPort / HookPort][Running/Boot Start] <\SystemRoot\System32\Drivers\Hookport.sys> <(Verified) 360安全中心> [hptpro / hptpro][Stopped/Boot Start] <\SystemRoot\system32\DRIVERS\hptpro.sys> [HTTP / HTTP][Running/Demand Start] <(Verified) Microsoft Corporation> [i2omgmt / i2omgmt][Running/System Start] <(Verified) Microsoft Corporation> [i8042 键盘及 PS/2 鼠标端口驱动程序 / i8042prt][Running/System Start] <(Verified) Microsoft Corporation> [Intel AHCI Controller / iaStor][Running/Boot Start] <\SystemRoot\system32\DRIVERS\iaStor.sys> <(Verified) Intel Corporation> [CD 烧制筛选驱动器 / Imapi][Running/System Start] <(Verified) Microsoft Corporation> [Intel Processor Driver / intelppm][Running/System Start] <(Verified) Microsoft Corporation> [IPv6 Windows Firewall Driver / Ip6Fw][Stopped/Demand Start] <(Verified) Microsoft Corporation> [IP Traffic Filter Driver / IpFilterDriver][Stopped/Demand Start] <(Verified) Microsoft Corporation> [IP in IP Tunnel Driver / IpInIp][Stopped/Demand Start] <(Verified) Microsoft Corporation> [IP Network Address Translator / IpNat][Stopped/Demand Start] <(Verified) Microsoft Corporation> [IPSEC driver / IPSec][Running/System Start] <(Verified) Microsoft Corporation> [IR Enumerator Service / IRENUM][Stopped/Demand Start] <(Verified) Microsoft Corporation> [PnP ISA/EISA Bus Driver / isapnp][Running/Boot Start] <\SystemRoot\system32\DRIVERS\isapnp.sys> <(Verified) Microsoft Corporation> [Chinachip USB Loader NT service / jz4740_usb][Stopped/Demand Start] [Keyboard Class Driver / Kbdclass][Running/System Start] <(Verified) Microsoft Corporation> [Keyboard HID Driver / kbdhid][Stopped/System Start] <(Verified) Microsoft Corporation> [Microsoft Kernel Wave Audio Mixer / kmixer][Stopped/Demand Start] <(Verified) Microsoft Corporation> [KSecDD / KSecDD][Running/Boot Start] <(Verified) Microsoft Corporation> [lbrtfdc / lbrtfdc][Stopped/System Start] <> <> [mnmdd / mnmdd][Running/System Start] <(Verified) Microsoft Corporation> [Modem / Modem][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Mouse Class Driver / Mouclass][Running/System Start] <(Verified) Microsoft Corporation> [Mouse HID Driver / mouhid][Running/Demand Start] <(Verified) Microsoft Corporation> [MountMgr / MountMgr][Running/Boot Start] <(Verified) Microsoft Corporation> [WebDav Client Redirector / MRxDAV][Stopped/Demand Start] <(Verified) Microsoft Corporation> [MRxSmb / MRxSmb][Running/System Start] <(Verified) Microsoft Corporation> [Msfs / Msfs][Running/System Start] <(Verified) Microsoft Corporation> [Microsoft Streaming Service Proxy / MSKSSRV][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Microsoft Streaming Clock Proxy / MSPCLOCK][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Microsoft Streaming Quality Manager Proxy / MSPQM][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Microsoft System Management BIOS Driver / mssmbios][Running/Demand Start] <(Verified) Microsoft Corporation> [Microsoft Streaming Tee/Sink-to-Sink Converter / MSTEE][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Mup / Mup][Running/Boot Start] <(Verified) Microsoft Corporation> [NABTS/FEC VBI Codec / NABTSFEC][Stopped/Demand Start] <(Verified) Microsoft Corporation> [NDIS System Driver / NDIS][Running/Boot Start] <(Verified) Microsoft Corporation> [Microsoft TV/Video Connection / NdisIP][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Remote Access NDIS TAPI Driver / NdisTapi][Running/Demand Start] <(Verified) Microsoft Corporation> [NDIS 用户模式 I/O 协议 / Ndisuio][Running/Demand Start] <(Verified) Microsoft Corporation> [Remote Access NDIS WAN Driver / NdisWan][Running/Demand Start] <(Verified) Microsoft Corporation> [NDIS Proxy / NDProxy][Running/Demand Start] <(Verified) Microsoft Corporation> [NetBIOS Interface / NetBIOS][Running/System Start] <(Verified) Microsoft Corporation> [NetBios over Tcpip / NetBT][Running/System Start] <(Verified) Microsoft Corporation> [Driver for netfilter Device / netfilter][Running/Demand Start] [1394 网络驱动程序 / NIC1394][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Netgroup Packet Filter / NPF][Stopped/Demand Start] [Npfs / Npfs][Running/System Start] <(Verified) Microsoft Corporation> [Ntfs / Ntfs][Running/Disabled Start] <(Verified) Microsoft Corporation> [Null / Null][Running/System Start] <(Verified) Microsoft Corporation> [nv / nv][Running/Demand Start] [Service for NVIDIA High Definition Audio Driver / NVHDA][Running/Demand Start] <(Verified) NVIDIA Corporation> [IPX Traffic Filter Driver / NwlnkFlt][Stopped/Demand Start] <(Verified) Microsoft Corporation> [IPX Traffic Forwarder Driver / NwlnkFwd][Stopped/Demand Start] <(Verified) Microsoft Corporation> [OHCI Compliant IEEE 1394 Host Controller / ohci1394][Running/Boot Start] <\SystemRoot\system32\DRIVERS\ohci1394.sys> <(Verified) Microsoft Corporation> [Parport / Parport][Stopped/Demand Start] <(Verified) Microsoft Corporation> [PartMgr / PartMgr][Running/Boot Start] <(Verified) Microsoft Corporation> [ParVdm / ParVdm][Stopped/Auto Start] <(Verified) Microsoft Corporation> [PCI Bus Driver / PCI][Running/Boot Start] <\SystemRoot\system32\DRIVERS\pci.sys> <(Verified) Microsoft Corporation> [PCIDump / PCIDump][Stopped/System Start] <> <> [Pcmcia / Pcmcia][Stopped/Disabled Start] <(Verified) Microsoft Corporation> [PDCOMP / PDCOMP][Stopped/Demand Start] <> <> [PDFRAME / PDFRAME][Stopped/Demand Start] <> <> [PDRELI / PDRELI][Stopped/Demand Start] <> <> [PDRFRAME / PDRFRAME][Stopped/Demand Start] <> <> [WAN Miniport (PPTP) / PptpMiniport][Running/Demand Start] <(Verified) Microsoft Corporation> [QoS Packet Scheduler / PSched][Running/Demand Start] <(Verified) Microsoft Corporation> [Direct Parallel Link Driver / Ptilink][Running/Demand Start] <(Verified) Parallel Technologies, Inc.> [Quantum DeepScanner Servers / qutmdserv][Running/System Start] <\??\C:\WINDOWS\system32\drivers\qutmdrv.sys> <(Verified) 360.cn> [qutmipc / qutmipc][Running/System Start] <\??\C:\WINDOWS\system32\drivers\qutmipc.sys> <(Verified) 360安全中心> [Remote Access Auto Connection Driver / RasAcd][Running/System Start] <(Verified) Microsoft Corporation> [WAN Miniport (L2TP) / Rasl2tp][Running/Demand Start] <(Verified) Microsoft Corporation> [远程访问 PPPOE 驱动程序 / RasPppoe][Running/Demand Start] <(Verified) Microsoft Corporation> [Direct Parallel / Raspti][Running/Demand Start] <(Verified) Microsoft Corporation> [Rdbss / Rdbss][Running/System Start] <(Verified) Microsoft Corporation> [RDPCDD / RDPCDD][Running/System Start] <(Verified) Microsoft Corporation> [Terminal Server Device Redirector Driver / rdpdr][Running/Demand Start] <(Verified) Microsoft Corporation> [RDPWD / RDPWD][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Digital CD Audio Playback Filter Driver / redbook][Running/System Start] <(Verified) Microsoft Corporation> [Driver for rockusb Device / rockusb][Stopped/Demand Start] [Driver for rockusb27 Device / rockusb27][Stopped/Demand Start] <(Verified) Fuzhou Rockchip Electronics Co,Ltd.> [SafeBoxKrnl / SafeBoxKrnl][Running/System Start] <\??\C:\WINDOWS\system32\Drivers\safeboxkrnl.sys> <(Verified) 360安全中心> [sdbus / sdbus][Stopped/Demand Start] <(Verified) Microsoft Corporation> [SDDrv / SDDrv][Running/Demand Start] <\??\D:\杀毒\SystemDetector\SDDrv.sys> <> [Secdrv / Secdrv][Stopped/Demand Start] <(Verified) Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.> [Prolific2 Serial port driver / Ser2pl][Stopped/Demand Start] [Serenum Filter Driver / Serenum][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Serial / Serial][Stopped/Auto Start] <(Verified) Microsoft Corporation> [Sfloppy / Sfloppy][Stopped/System Start] <(Verified) Microsoft Corporation> [shadowsafe / shadowsafe][Stopped/Demand Start] <\??\C:\Program Files\dnf\shadowsafe.sys> <> [SATALink driver accelerator / SiFilter][Running/Boot Start] <\SystemRoot\system32\DRIVERS\SiWinAcc.sys> <(Verified) Silicon Image, Inc.> [Simbad / Simbad][Stopped/Disabled Start] <> <> [SATALink External Device Filter / SiRemFil][Running/Boot Start] <\SystemRoot\system32\DRIVERS\SiRemFil.sys> <(Verified) Silicon Image, Inc.> [SIS AGP Bus Filter / sisagp][Running/Boot Start] <\SystemRoot\system32\DRIVERS\sisagp.sys> <(Verified) Silicon Integrated Systems Corporation> [BDA Slip De-Framer / SLIP][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Microsoft Kernel Audio Splitter / splitter][Stopped/Demand Start] <(Verified) Microsoft Corporation> [System Restore Filter Driver / Sr][Running/Boot Start] <\SystemRoot\system32\DRIVERS\sr.sys> <(Verified) Microsoft Corporation> [Srv / Srv][Running/Demand Start] <(Verified) Microsoft Corporation> [BDA IPSink / streamip][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Software Bus Driver / swenum][Running/Demand Start] <(Verified) Microsoft Corporation> [Microsoft Kernel GS Wavetable Synthesizer / swmidi][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Microsoft Kernel System Audio Device / sysaudio][Running/Demand Start] <(Verified) Microsoft Corporation> [TCP/IP Protocol Driver / Tcpip][Running/System Start] [TDPIPE / TDPIPE][Stopped/Demand Start] <(Verified) Microsoft Corporation> [TDTCP / TDTCP][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Terminal Device Driver / TermDD][Running/System Start] <(Verified) Microsoft Corporation> [TesDrvPt / TesDrvPt][Stopped/Demand Start] <\??\C:\WINDOWS\system32\TesDrvPt.sy> <> [TesSafe / TesSafe][Stopped/Demand Start] <\??\C:\WINDOWS\system32\TesSafe.sys> <(Verified) TENCENT> [Udfs / Udfs][Stopped/Disabled Start] <(Verified) Microsoft Corporation> [Microcode Update Driver / Update][Running/Demand Start] <(Verified) Microsoft Corporation> [Microsoft USB Generic Parent Driver / usbccgp][Running/Demand Start] <(Verified) Microsoft Corporation> [Microsoft USB 2.0 Enhanced Host Controller Miniport Driver / usbehci][Running/Demand Start] <(Verified) Microsoft Corporation> [USB2 Enabled Hub / usbhub][Running/Demand Start] <(Verified) Microsoft Corporation> [Microsoft USB Open Host Controller Miniport Driver / usbohci][Stopped/Demand Start] <(Verified) Microsoft Corporation> [USB 大容量存储设备 / USBSTOR][Stopped/Demand Start] <(Verified) Microsoft Corporation> [usbUDisc / usbUDisc][Stopped/Demand Start] [Microsoft USB Universal Host Controller Miniport Driver / usbuhci][Running/Demand Start] <(Verified) Microsoft Corporation> [USB 视频设备(WDM) / usbvideo][Running/Demand Start] <(Verified) Microsoft Corporation> [VgaSave / VgaSave][Running/System Start] <\SystemRoot\System32\drivers\vga.sys> <(Verified) Microsoft Corporation> [VIA AGP Bus Filter / viaagp][Running/Boot Start] <\SystemRoot\system32\DRIVERS\viaagp.sys> <(Verified) Microsoft Corporation> [VolSnap / VolSnap][Running/Boot Start] <(Verified) Microsoft Corporation> [Remote Access IP ARP Driver / Wanarp][Running/Demand Start] <(Verified) Microsoft Corporation> [Kernel Mode Driver Frameworks service / Wdf01000][Stopped/Demand Start] <(Verified) Microsoft Corporation> [WDICA / WDICA][Stopped/Demand Start] <> <> [Microsoft WINMM WDM Audio Compatibility Driver / wdmaud][Running/Demand Start] <(Verified) Microsoft Corporation> [Microsoft Windows Management Interface for ACPI / WmiAcpi][Stopped/System Start] <(Verified) Microsoft Corporation> [WpdUsb / WpdUsb][Stopped/Demand Start] <(Verified) Microsoft Corporation> [World Standard Teletext Codec / WSTCODEC][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Windows Driver Foundation - User-mode Driver Framework Platform Driver / WudfPf][Stopped/Demand Start] <(Verified) Microsoft Corporation> [Windows Driver Foundation - User-mode Driver Framework Reflector / WudfRd][Stopped/Demand Start] <(Verified) Microsoft Corporation> ================================== 内核驱动检测 [0][C:\WINDOWS\system32\ntkrnlpa.exe] [(Verified) Microsoft Corporation] [1][C:\WINDOWS\system32\hal.dll] [(Verified) Microsoft Corporation] [2][C:\WINDOWS\system32\KDCOM.DLL] [(Verified) Microsoft Corporation] [3][C:\WINDOWS\system32\BOOTVID.dll] [(Verified) Microsoft Corporation] [4][C:\WINDOWS\system32\drivers\ACPI.sys] [(Verified) Microsoft Corporation] [5][C:\WINDOWS\system32\DRIVERS\WMILIB.SYS] [(Verified) Microsoft Corporation] [6][C:\WINDOWS\system32\drivers\pci.sys] [(Verified) Microsoft Corporation] [7][C:\WINDOWS\system32\drivers\isapnp.sys] [(Verified) Microsoft Corporation] [8][C:\WINDOWS\system32\drivers\ohci1394.sys] [(Verified) Microsoft Corporation] [9][C:\WINDOWS\system32\DRIVERS\1394BUS.SYS] [(Verified) Microsoft Corporation] [10][C:\WINDOWS\system32\drivers\Hookport.sys] [(Verified) 360安全中心] [11][C:\WINDOWS\system32\drivers\compbatt.sys] [(Verified) Microsoft Corporation] [12][C:\WINDOWS\system32\DRIVERS\BATTC.SYS] [(Verified) Microsoft Corporation] [13][C:\WINDOWS\system32\drivers\MountMgr.sys] [(Verified) Microsoft Corporation] [14][C:\WINDOWS\system32\drivers\ftdisk.sys] [(Verified) Microsoft Corporation] [15][C:\WINDOWS\system32\drivers\dmload.sys] [(Verified) Microsoft Corp., Veritas Software.] [16][C:\WINDOWS\system32\drivers\dmio.sys] [(Verified) Microsoft Corp., Veritas Software] [17][C:\WINDOWS\system32\drivers\PartMgr.sys] [(Verified) Microsoft Corporation] [18][C:\WINDOWS\system32\drivers\ACPIEC.sys] [(Verified) Microsoft Corporation] [19][C:\WINDOWS\system32\DRIVERS\OPRGHDLR.SYS] [(Verified) Microsoft Corporation] [20][C:\WINDOWS\system32\drivers\VolSnap.sys] [(Verified) Microsoft Corporation] [21][C:\WINDOWS\system32\drivers\atapi.sys] [(Verified) Microsoft Corporation] [22][C:\WINDOWS\system32\drivers\iaStor.sys] [(Verified) Intel Corporation] [23][C:\WINDOWS\system32\drivers\disk.sys] [(Verified) Microsoft Corporation] [24][C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS] [(Verified) Microsoft Corporation] [25][C:\WINDOWS\system32\drivers\fltMgr.sys] [(Verified) Microsoft Corporation] [26][C:\WINDOWS\system32\drivers\sr.sys] [(Verified) Microsoft Corporation] [27][C:\WINDOWS\system32\drivers\SiWinAcc.sys] [(Verified) Silicon Image, Inc.] [28][C:\WINDOWS\system32\drivers\KSecDD.sys] [(Verified) Microsoft Corporation] [29][C:\WINDOWS\system32\drivers\Ntfs.sys] [(Verified) Microsoft Corporation] [30][C:\WINDOWS\system32\drivers\NDIS.sys] [(Verified) Microsoft Corporation] [31][C:\WINDOWS\system32\drivers\viaagp.sys] [(Verified) Microsoft Corporation] [32][C:\WINDOWS\system32\drivers\sisagp.sys] [(Verified) Silicon Integrated Systems Corporation] [33][C:\WINDOWS\system32\drivers\SiRemFil.sys] [(Verified) Silicon Image, Inc.] [34][C:\WINDOWS\system32\drivers\Mup.sys] [(Verified) Microsoft Corporation] [35][C:\WINDOWS\system32\drivers\amdagp.sys] [(Verified) Advanced Micro Devices, Inc.] [36][C:\WINDOWS\system32\drivers\alim1541.sys] [(Verified) Microsoft Corporation] [37][C:\WINDOWS\system32\drivers\agpCPQ.sys] [(Verified) Microsoft Corporation] [38][C:\WINDOWS\system32\DRIVERS\nv4_mini.sys] [NVIDIA Corporation] [39][C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS] [(Verified) Microsoft Corporation] [40][C:\WINDOWS\system32\DRIVERS\HDAudBus.sys] [(Verified) Windows (R) Server 2003 DDK provider] [41][C:\WINDOWS\system32\DRIVERS\usbuhci.sys] [(Verified) Microsoft Corporation] [42][C:\WINDOWS\system32\DRIVERS\USBPORT.SYS] [(Verified) Microsoft Corporation] [43][C:\WINDOWS\system32\DRIVERS\usbehci.sys] [(Verified) Microsoft Corporation] [44][C:\WINDOWS\system32\DRIVERS\bcmwl5.sys] [Broadcom Corp.] [45][C:\WINDOWS\system32\DRIVERS\b57xp32.sys] [Broadcom Corporation] [46][C:\WINDOWS\system32\DRIVERS\AcpiVpc.sys] [Lenovo Corporation] [47][C:\WINDOWS\system32\DRIVERS\CmBatt.sys] [(Verified) Microsoft Corporation] [48][C:\WINDOWS\system32\DRIVERS\i8042prt.sys] [(Verified) Microsoft Corporation] [49][C:\WINDOWS\system32\DRIVERS\DKbFltr.sys] [Dritek System Inc.] [50][C:\WINDOWS\system32\DRIVERS\kbdclass.sys] [(Verified) Microsoft Corporation] [51][C:\WINDOWS\system32\DRIVERS\mouclass.sys] [(Verified) Microsoft Corporation] [52][C:\WINDOWS\system32\DRIVERS\imapi.sys] [(Verified) Microsoft Corporation] [53][C:\WINDOWS\system32\DRIVERS\cdrom.sys] [(Verified) Microsoft Corporation] [54][C:\WINDOWS\system32\DRIVERS\redbook.sys] [(Verified) Microsoft Corporation] [55][C:\WINDOWS\system32\DRIVERS\ks.sys] [(Verified) Microsoft Corporation] [56][C:\WINDOWS\system32\DRIVERS\intelppm.sys] [(Verified) Microsoft Corporation] [57][C:\WINDOWS\system32\DRIVERS\fsvga.sys] [(Verified) Microsoft Corporation] [58][C:\WINDOWS\system32\DRIVERS\audstub.sys] [(Verified) Microsoft Corporation] [59][C:\WINDOWS\system32\DRIVERS\rasl2tp.sys] [(Verified) Microsoft Corporation] [60][C:\WINDOWS\system32\DRIVERS\ndistapi.sys] [(Verified) Microsoft Corporation] [61][C:\WINDOWS\system32\DRIVERS\ndiswan.sys] [(Verified) Microsoft Corporation] [62][C:\WINDOWS\system32\DRIVERS\netfilter.sys] [Windows (R) Win 7 DDK provider] [63][C:\WINDOWS\system32\DRIVERS\raspppoe.sys] [(Verified) Microsoft Corporation] [64][C:\WINDOWS\system32\DRIVERS\raspptp.sys] [(Verified) Microsoft Corporation] [65][C:\WINDOWS\system32\DRIVERS\TDI.SYS] [(Verified) Microsoft Corporation] [66][C:\WINDOWS\system32\DRIVERS\psched.sys] [(Verified) Microsoft Corporation] [67][C:\WINDOWS\system32\DRIVERS\msgpc.sys] [(Verified) Microsoft Corporation] [68][C:\WINDOWS\system32\DRIVERS\ptilink.sys] [(Verified) Parallel Technologies, Inc.] [69][C:\WINDOWS\system32\DRIVERS\raspti.sys] [(Verified) Microsoft Corporation] [70][C:\WINDOWS\system32\DRIVERS\rdpdr.sys] [(Verified) Microsoft Corporation] [71][C:\WINDOWS\system32\DRIVERS\termdd.sys] [(Verified) Microsoft Corporation] [72][C:\WINDOWS\system32\DRIVERS\swenum.sys] [(Verified) Microsoft Corporation] [73][C:\WINDOWS\system32\DRIVERS\update.sys] [(Verified) Microsoft Corporation] [74][C:\WINDOWS\system32\DRIVERS\mssmbios.sys] [(Verified) Microsoft Corporation] [75][C:\WINDOWS\System32\Drivers\NDProxy.SYS] [(Verified) Microsoft Corporation] [76][C:\WINDOWS\system32\drivers\nvhda32.sys] [(Verified) NVIDIA Corporation] [77][C:\WINDOWS\system32\drivers\portcls.sys] [(Verified) Microsoft Corporation] [78][C:\WINDOWS\system32\drivers\drmk.sys] [(Verified) Microsoft Corporation] [79][C:\WINDOWS\system32\DRIVERS\usbhub.sys] [(Verified) Microsoft Corporation] [80][C:\WINDOWS\system32\DRIVERS\USBD.SYS] [(Verified) Microsoft Corporation] [81][C:\WINDOWS\system32\drivers\CHDAU2.sys] [Conexant Systems Inc.] [82][C:\WINDOWS\System32\Drivers\i2omgmt.SYS] [(Verified) Microsoft Corporation] [83][C:\WINDOWS\system32\DRIVERS\bdfsfltr.sys] [(Verified) BitDefender S.R.L. Bucharest, ROMANIA] [84][C:\WINDOWS\System32\Drivers\Fs_Rec.SYS] [(Verified) Microsoft Corporation] [85][C:\WINDOWS\System32\Drivers\Null.SYS] [(Verified) Microsoft Corporation] [86][C:\WINDOWS\System32\Drivers\Beep.SYS] [(Verified) Microsoft Corporation] [87][C:\WINDOWS\system32\drivers\360SelfProtection.sys] [(Verified) 360安全中心] [88][C:\WINDOWS\system32\DRIVERS\hidusb.sys] [(Verified) Microsoft Corporation] [89][C:\WINDOWS\system32\DRIVERS\HIDCLASS.SYS] [(Verified) Microsoft Corporation] [90][C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS] [(Verified) Microsoft Corporation] [91][C:\WINDOWS\system32\DRIVERS\usbccgp.sys] [(Verified) Microsoft Corporation] [92][C:\WINDOWS\system32\DRIVERS\mouhid.sys] [(Verified) Microsoft Corporation] [93][C:\WINDOWS\System32\Drivers\usbvideo.sys] [(Verified) Microsoft Corporation] [94][C:\WINDOWS\System32\drivers\vga.sys] [(Verified) Microsoft Corporation] [95][C:\WINDOWS\System32\Drivers\mnmdd.SYS] [(Verified) Microsoft Corporation] [96][C:\WINDOWS\System32\DRIVERS\RDPCDD.sys] [(Verified) Microsoft Corporation] [97][C:\WINDOWS\System32\Drivers\Msfs.SYS] [(Verified) Microsoft Corporation] [98][C:\WINDOWS\System32\Drivers\Npfs.SYS] [(Verified) Microsoft Corporation] [99][C:\WINDOWS\system32\DRIVERS\rasacd.sys] [(Verified) Microsoft Corporation] [100][C:\WINDOWS\system32\DRIVERS\ipsec.sys] [(Verified) Microsoft Corporation] [101][C:\WINDOWS\system32\drivers\360netmon.sys] [(Verified) 360.cn] [102][C:\WINDOWS\system32\DRIVERS\tcpip.sys] [Microsoft Corporation] [103][C:\WINDOWS\system32\DRIVERS\netbt.sys] [(Verified) Microsoft Corporation] [104][C:\WINDOWS\system32\DRIVERS\wanarp.sys] [(Verified) Microsoft Corporation] [105][C:\WINDOWS\System32\drivers\afd.sys] [(Verified) Microsoft Corporation] [106][C:\WINDOWS\system32\DRIVERS\netbios.sys] [(Verified) Microsoft Corporation] [107][C:\WINDOWS\system32\Drivers\safeboxkrnl.sys] [(Verified) 360安全中心] [108][C:\WINDOWS\system32\DRIVERS\rdbss.sys] [(Verified) Microsoft Corporation] [109][C:\WINDOWS\system32\drivers\qutmipc.sys] [(Verified) 360安全中心] [110][C:\WINDOWS\system32\drivers\qutmdrv.sys] [(Verified) 360.cn] [111][C:\WINDOWS\system32\DRIVERS\mrxsmb.sys] [(Verified) Microsoft Corporation] [112][C:\WINDOWS\System32\Drivers\Fips.SYS] [(Verified) Microsoft Corporation] [113][C:\WINDOWS\System32\Drivers\Efimon.sys] [(Verified) 奇虎网] [114][C:\WINDOWS\system32\drivers\BAPIDRV.SYS] [(Verified) 360.cn] [115][C:\WINDOWS\System32\Drivers\Cdfs.SYS] [(Verified) Microsoft Corporation] [116][C:\WINDOWS\System32\win32k.sys] [(Verified) Microsoft Corporation] [117][C:\WINDOWS\System32\drivers\Dxapi.sys] [(Verified) Microsoft Corporation] [118][C:\WINDOWS\System32\watchdog.sys] [(Verified) Microsoft Corporation] [119][C:\WINDOWS\System32\drivers\dxg.sys] [(Verified) Microsoft Corporation] [120][C:\WINDOWS\System32\drivers\dxgthk.sys] [(Verified) Microsoft Corporation] [121][C:\WINDOWS\System32\nv4_disp.dll] [NVIDIA Corporation] [122][C:\WINDOWS\system32\DRIVERS\ndisuio.sys] [(Verified) Microsoft Corporation] [123][C:\WINDOWS\system32\drivers\wdmaud.sys] [(Verified) Microsoft Corporation] [124][C:\WINDOWS\system32\drivers\sysaudio.sys] [(Verified) Microsoft Corporation] [125][C:\WINDOWS\system32\DRIVERS\srv.sys] [(Verified) Microsoft Corporation] [126][C:\WINDOWS\System32\Drivers\HTTP.sys] [(Verified) Microsoft Corporation] [127][D:\杀毒\SystemDetector\SDDrv.sys] [] [128][C:\WINDOWS\system32\ntdll.dll] [(Verified) Microsoft Corporation] [129][C:\WINDOWS\system32\ntkrnlpa.exe] [(Verified) Microsoft Corporation] ================================== 当前连接检测 TCP连接 [PID: 384][124.230.98.31:1592 219.238.235.114:80] [C:\Program Files\Internet Explorer\IEXPLORE.EXE] [(Verified) Microsoft Corporation] [PID: 384][124.230.98.31:1610 219.238.235.114:80] [C:\Program Files\Internet Explorer\IEXPLORE.EXE] [(Verified) Microsoft Corporation] [PID: 384][124.230.98.31:1624 219.238.235.114:80] [C:\Program Files\Internet Explorer\IEXPLORE.EXE] [(Verified) Microsoft Corporation] [PID: 384][124.230.98.31:1625 219.238.235.114:80] [C:\Program Files\Internet Explorer\IEXPLORE.EXE] [(Verified) Microsoft Corporation] [PID: 384][124.230.98.31:1630 219.238.235.114:80] [C:\Program Files\Internet Explorer\IEXPLORE.EXE] [(Verified) Microsoft Corporation] [PID: 384][124.230.98.31:1674 219.238.235.114:80] [C:\Program Files\Internet Explorer\IEXPLORE.EXE] [(Verified) Microsoft Corporation] [PID: 384][124.230.98.31:1675 219.238.235.114:80] [C:\Program Files\Internet Explorer\IEXPLORE.EXE] [(Verified) Microsoft Corporation] [PID: 4][192.168.1.179:139 0.0.0.0:10358] [system] [] UDP连接 [PID: 1348][0.0.0.0:1054] [D:\Program Files\360\360safe\safemon\360tray.exe] [(Verified) 360.cn] [PID: 384][0.0.0.0:1120] [C:\Program Files\Internet Explorer\IEXPLORE.EXE] [(Verified) Microsoft Corporation] [PID: 1348][0.0.0.0:3600] [D:\Program Files\360\360safe\safemon\360tray.exe] [(Verified) 360.cn] [PID: 1944][124.230.98.31:123] [C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation] [PID: 2408][124.230.98.31:1900] [C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation] [PID: 1944][127.0.0.1:123] [C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation] [PID: 1348][127.0.0.1:1043] [D:\Program Files\360\360safe\safemon\360tray.exe] [(Verified) 360.cn] [PID: 3696][127.0.0.1:1063] [C:\Program Files\ChinaTelecom\eLive\eLive.exe] [(Verified) 中国电信] [PID: 384][127.0.0.1:1130] [C:\Program Files\Internet Explorer\IEXPLORE.EXE] [(Verified) Microsoft Corporation] [PID: 3828][127.0.0.1:1647] [C:\Program Files\360\360sd\360rp.exe] [(Verified) 360.cn] [PID: 2900][127.0.0.1:1704] [D:\杀毒\SystemDetector\SystemDetector.exe] [WALKER05] [PID: 2408][127.0.0.1:1900] [C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation] [PID: 1944][192.168.1.179:123] [C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation] [PID: 4][192.168.1.179:137] [system] [] [PID: 4][192.168.1.179:138] [system] [] [PID: 2408][192.168.1.179:1900] [C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation] ================================== 常见问题检测 [注册表编辑器被禁用] [ OK ] [IE浏览器标题被修改] [ OK ] [IE浏览器首页被锁定] [ OK ] [任务栏属性被禁用] [ OK ] [任务栏右键菜单被禁用] [ OK ] [开始菜单运行被禁用] [ OK ] [开始菜单关闭按钮消失] [ OK ] [开始菜单注销按钮消失] [ OK ] [任务管理器被禁用] [ OK ] [MS-DOS方式被禁用] [ OK ] [文件夹选项被禁用] [ OK ] [文件夹选项显示隐藏文件被禁用] [ OK ] [逻辑分区被隐藏] [ OK ] [桌面被锁定] [ OK ] ================================== 文件关联检测 [.EXE类型文件关联] [ OK ] [.COM类型文件关联] [ OK ] [.BAT类型文件关联] [ OK ] [.CMD类型文件关联] [ OK ] [.LNK类型文件关联] [ OK ] [.REG类型文件关联] [ OK ] [.CHM类型文件关联] [ ERROR ] [.HLP类型文件关联] [ OK ] [.CPL类型文件关联] [ OK ] [.TXT类型文件关联] [ ERROR ] [.PIF类型文件关联] [ OK ] [.SCR类型文件关联] [ OK ] [.INI类型文件关联] [ ERROR ] [.INF类型文件关联] [ OK ] [.VBS类型文件关联] [ OK ] [.JS 类型文件关联] [ OK ] ================================== IFEO映像劫持检测 N/A ================================== IME输入法劫持检测 [Korean Input System (IME 2000)] [Microsoft Corporation] [中文 (简体) - 全拼] [Microsoft Corporation] [中文 (简体) - 智能 ABC] [(Verified) Microsoft Corporation] [中文 (简体) - 内码] [(Verified) Microsoft Corporation] [极品五笔型输入法] [日月科技] ================================== Sock提供者检测 [MSAFD Tcpip [TCP/IP]] {E70F1AA0-AB8B-11CF-8CA3-00805F48A192} [C:\WINDOWS\system32\mswsock.dll] [(Verified) Microsoft Corporation] [MSAFD Tcpip [UDP/IP]] {E70F1AA0-AB8B-11CF-8CA3-00805F48A192} [C:\WINDOWS\system32\mswsock.dll] [(Verified) Microsoft Corporation] [MSAFD Tcpip [RAW/IP]] {E70F1AA0-AB8B-11CF-8CA3-00805F48A192} [C:\WINDOWS\system32\mswsock.dll] [(Verified) Microsoft Corporation] [RSVP UDP Service Provider] {9D60A9E0-337A-11D0-BD88-0000C082E69A} [C:\WINDOWS\system32\rsvpsp.dll] [(Verified) Microsoft Corporation] [RSVP TCP Service Provider] {9D60A9E0-337A-11D0-BD88-0000C082E69A} [C:\WINDOWS\system32\rsvpsp.dll] [(Verified) Microsoft Corporation] [MSAFD NetBIOS [\Device\NetBT_Tcpip_{CCF958EC-A619-48B3-8F53-1BE5C74C30B1}] SEQPACKET 5] {8D5F1830-C273-11CF-95C8-00805F48A192} [C:\WINDOWS\system32\mswsock.dll] [(Verified) Microsoft Corporation] [MSAFD NetBIOS [\Device\NetBT_Tcpip_{CCF958EC-A619-48B3-8F53-1BE5C74C30B1}] DATAGRAM 5] {8D5F1830-C273-11CF-95C8-00805F48A192} [C:\WINDOWS\system32\mswsock.dll] [(Verified) Microsoft Corporation] [MSAFD NetBIOS [\Device\NetBT_Tcpip_{5D30A9E4-D60D-4765-8076-C207E82D6BF1}] SEQPACKET 0] {8D5F1830-C273-11CF-95C8-00805F48A192} [C:\WINDOWS\system32\mswsock.dll] [(Verified) Microsoft Corporation] [MSAFD NetBIOS [\Device\NetBT_Tcpip_{5D30A9E4-D60D-4765-8076-C207E82D6BF1}] DATAGRAM 0] {8D5F1830-C273-11CF-95C8-00805F48A192} [C:\WINDOWS\system32\mswsock.dll] [(Verified) Microsoft Corporation] [MSAFD NetBIOS [\Device\NetBT_Tcpip_{720E2C51-732F-490F-9B7F-7B3BC55834D4}] SEQPACKET 4] {8D5F1830-C273-11CF-95C8-00805F48A192} [C:\WINDOWS\system32\mswsock.dll] [(Verified) Microsoft Corporation] [MSAFD NetBIOS [\Device\NetBT_Tcpip_{720E2C51-732F-490F-9B7F-7B3BC55834D4}] DATAGRAM 4] {8D5F1830-C273-11CF-95C8-00805F48A192} [C:\WINDOWS\system32\mswsock.dll] [(Verified) Microsoft Corporation] [MSAFD NetBIOS [\Device\NetBT_Tcpip_{86363220-0AC0-48A9-8ECE-AF3F9E0B96B4}] SEQPACKET 1] {8D5F1830-C273-11CF-95C8-00805F48A192} [C:\WINDOWS\system32\mswsock.dll] [(Verified) Microsoft Corporation] [MSAFD NetBIOS [\Device\NetBT_Tcpip_{86363220-0AC0-48A9-8ECE-AF3F9E0B96B4}] DATAGRAM 1] {8D5F1830-C273-11CF-95C8-00805F48A192} [C:\WINDOWS\system32\mswsock.dll] [(Verified) Microsoft Corporation] [MSAFD NetBIOS [\Device\NetBT_Tcpip_{8A9808F9-2812-4844-9BD9-06BF69F583C8}] SEQPACKET 2] {8D5F1830-C273-11CF-95C8-00805F48A192} [C:\WINDOWS\system32\mswsock.dll] [(Verified) Microsoft Corporation] [MSAFD NetBIOS [\Device\NetBT_Tcpip_{8A9808F9-2812-4844-9BD9-06BF69F583C8}] DATAGRAM 2] {8D5F1830-C273-11CF-95C8-00805F48A192} [C:\WINDOWS\system32\mswsock.dll] [(Verified) Microsoft Corporation] [MSAFD NetBIOS [\Device\NetBT_Tcpip_{5CFC26C9-F5AF-4D18-BFD2-1E461431FAAD}] SEQPACKET 3] {8D5F1830-C273-11CF-95C8-00805F48A192} [C:\WINDOWS\system32\mswsock.dll] [(Verified) Microsoft Corporation] [MSAFD NetBIOS [\Device\NetBT_Tcpip_{5CFC26C9-F5AF-4D18-BFD2-1E461431FAAD}] DATAGRAM 3] {8D5F1830-C273-11CF-95C8-00805F48A192} [C:\WINDOWS\system32\mswsock.dll] [(Verified) Microsoft Corporation] [MSAFD NetBIOS [\Device\NetBT_Tcpip_{A3B8C989-6F50-4876-A1C8-1C9897C908E4}] SEQPACKET 6] {8D5F1830-C273-11CF-95C8-00805F48A192} [C:\WINDOWS\system32\mswsock.dll] [(Verified) Microsoft Corporation] [MSAFD NetBIOS [\Device\NetBT_Tcpip_{A3B8C989-6F50-4876-A1C8-1C9897C908E4}] DATAGRAM 6] {8D5F1830-C273-11CF-95C8-00805F48A192} [C:\WINDOWS\system32\mswsock.dll] [(Verified) Microsoft Corporation] [MSAFD NetBIOS [\Device\NetBT_Tcpip_{5F302A46-92BF-4F20-95EA-2360EB0D83BB}] SEQPACKET 7] {8D5F1830-C273-11CF-95C8-00805F48A192} [C:\WINDOWS\system32\mswsock.dll] [(Verified) Microsoft Corporation] [MSAFD NetBIOS [\Device\NetBT_Tcpip_{5F302A46-92BF-4F20-95EA-2360EB0D83BB}] DATAGRAM 7] {8D5F1830-C273-11CF-95C8-00805F48A192} [C:\WINDOWS\system32\mswsock.dll] [(Verified) Microsoft Corporation] ================================== IE插件[BHO] [ThunderAtOnce Class] {01443AEC-0FD1-40fd-9C87-E93D1494C233} [d:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll] [(Verified) 深圳市迅雷网络技术有限公司] [PIPI Link Helper] {1A3440C6-F123-4CAB-84EE-C814E1AE0D8F} [C:\Program Files\HaoETV\core\pipi\JfCheck.dll] [PIPI Tech.] [迅雷下载支持] {889D2FEB-5411-4565-8998-1DD2C5261283} [d:\Program Files\Thunder Network\Thunder\BHO\XunleiBHO7.1.4.2090.dll] [(Verified) 深圳市迅雷网络技术有限公司] [SafeMon Class] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [D:\Program Files\360\360safe\safemon\safemon.dll] [(Verified) 360.cn] IE插件[ToolBar扩展] [启动迅雷5] {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} [d:\Program Files\Thunder Network\Thunder\program\Thunder.exe] [(Verified) 深圳市迅雷网络技术有限公司] IE插件[ActiveX] [] {00000000-0593-4356-9CF7-1D8C2B3343C0} [] [] [] {00450039-0041-0043-3900-450032002D00} [] [] [ThunderAtOnce Class] {01443AEC-0FD1-40FD-9C87-E93D1494C233} [d:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll] [(Verified) 深圳市迅雷网络技术有限公司] [PhotoDrawEx Class] {05F5F404-7C24-4B39-B5CC-340CEDEB9C0D} [d:\Program Files\Tencent\QQ\Plugin\Com.Tencent.Qzone\bin\QQPhotoDrawEx\QQPhotoDrawEx.dll] [] [Web Browser Applet Control] {08B0E5C0-4FCB-11CF-AAA5-00401C608501} [C:\WINDOWS\system32\msjava.dll] [Microsoft Corporation] [] {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} [] [] [Player Class] {11F2A418-94B2-4e16-9B0C-B00C0435F903} [C:\Program Files\HaoETV\core\qqlive\LiveMedia.dll] [(Verified) Tencent] [KuGoo3Down Control] {162AF25B-5A2A-448E-A842-194653EF3E05} [C:\WINDOWS\system32\KuGoo3DownXControl.ocx] [(Verified) ] [PIPI Link Helper] {1A3440C6-F123-4CAB-84EE-C814E1AE0D8F} [C:\Program Files\HaoETV\core\pipi\JfCheck.dll] [PIPI Tech.] [WWPicUploadCtrl Class] {1D63232D-4F15-4A42-890D-EE617AA1537D} [D:\Program Files\AliWangWang\modules\1685\WWPictureUpload.dll] [Alibaba software (Shanghai) Corporation] [InstallHelper Class] {1DABF8D5-8430-4985-9B7F-A30E53D709B3} [C:\Program Files\HaoETV\core\qqlive\MMInstaller.dll] [(Verified) Tencent] [iTrusPTA Class] {1E0DFFCF-27FF-4574-849B-55007349FEDA} [C:\WINDOWS\system32\aliedit\pta.dll] [(Verified) ] [InfoScan Control] {1F14548F-6975-40F1-AE24-6E2D1D449B2F} [C:\PROGRA~1\CCBCOM~1\Detector\InfoScan.dll] [CCB] [Toolbar Extension for Executable] {1FBA04EE-3024-11D2-8F1F-0000F87ABD16} [C:\WINDOWS\system32\shdocvw.dll] [(Verified) Microsoft Corporation] [Windows Media Player] {22D6F312-B0F6-11D0-94AB-0080C74C7E95} [C:\WINDOWS\system32\wmpdxm.dll] [(Verified) Microsoft Corporation] [HTML Document] {25336920-03F9-11CF-8FD0-00AA00686F13} [C:\WINDOWS\system32\mshtml.dll] [(Verified) Microsoft Corporation] [] {2559A1F6-21D7-11D4-BDAF-00C04F60B9F0} [C:\WINDOWS\system32\shdocvw.dll] [(Verified) Microsoft Corporation] [DHTML Edit Control Safe for Scripting for IE5] {2D360201-FFF5-11D1-8D03-00A0C959BC0A} [C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx] [(Verified) Microsoft Corporation] [IETag Factory] {38481807-CA0E-42D2-BF39-B33AF135CC4D} [C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL] [(Verified) Microsoft Corporation] [SNCtrl Class] {391E41FF-1CE1-493F-9B34-8BC53FB76A86} [C:\WINDOWS\system32\HDCCBCtrl.dll] [(Verified) ] [GDGetTokenInfo Class] {3AA9CF07-DF20-48FF-98BE-DED276E40146} [C:\WINDOWS\system32\GDREAD~1.DLL] [] [Microsoft Office Control] {4453D895-F2A1-4A38-A285-1EF9BD3F6D5D} [C:\PROGRA~1\MICROS~1\OFFICE11\AUTHZAX.DLL] [(Verified) Microsoft Corporation] [XML Document] {48123BC4-99D9-11D1-A6B3-00C04FD91555} [C:\WINDOWS\system32\msxml3.dll] [(Verified) Microsoft Corporation] [Agent Class] {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} [d:\Program Files\Thunder Network\Thunder\BHO\ThunderAgent7.1.4.2090.dll] [(Verified) 深圳市迅雷网络技术有限公司] [EditCtrl Class] {488A4255-3236-44B3-8F27-FA1AECAA8844} [C:\WINDOWS\system32\aliedit\aliedit.dll] [(Verified) ] [] {4E83D567-4697-4F7B-B1F0-A513B01DB89A} [] [] [HHCtrl Object] {52A2AAAE-085D-4187-97EA-8C30DB990436} [C:\WINDOWS\system32\hhctrl.ocx] [(Verified) Microsoft Corporation] [WangWangX Class] {5D09DD40-CDC4-4C56-B615-0D1E3B357C2B} [D:\Program Files\AliWangWang\AliIMX.dll] [(Verified) Alibaba software (Shanghai) Corporation.] [PowerPlayer Control] {5EC7C511-CD0F-42E6-830C-1BD9882F3458} [C:\PROGRA~1\PPStream\POWERP~1.DLL] [(Verified) PPStream Inc.] [] {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} [] [] [InfoSecNetSign Class] {62B938C4-4190-4F37-8CF0-A92B0A91CC77} [C:\WINDOWS\system32\NetSign.dll] [(Verified) Infosec Technologies Co., Ltd.] [Windows Media Player] {6BF52A52-394A-11D3-B153-00C04F79FAA6} [C:\WINDOWS\system32\wmp.dll] [(Verified) Microsoft Corporation] [MUWebControl Class] {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [C:\WINDOWS\system32\muweb.dll] [(Verified) Microsoft Corporation] [AxInputControl Class] {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} [C:\WINDOWS\Downloaded Program Files\InputControl.dll] [] [DLoader Class] {78ABDC59-D8E7-44D3-9A76-9A0918C52B4A} [C:\WINDOWS\Downloaded Program Files\downloader.dll] [] [] {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} [] [] [GDGetVer Class] {7CCE07A5-A590-4554-B5C3-082840D7012E} [C:\WINDOWS\DOWNLO~1\ICBC_G~1.DLL] [] [360SafeLive] {87515F61-A66C-4319-A0E0-D416CB8059E3} [D:\Program Files\360\360safe\Safelive.dll] [(Verified) 360.cn] [] {8779A1F6-21D7-16D6-BDAF-00C04F70B7F0} [] [] [Microsoft Web 浏览器] {8856F961-340A-11D0-A96B-00C04FD705A2} [C:\WINDOWS\system32\shdocvw.dll] [(Verified) Microsoft Corporation] [迅雷下载支持] {889D2FEB-5411-4565-8998-1DD2C5261283} [d:\Program Files\Thunder Network\Thunder\BHO\XunleiBHO7.1.4.2090.dll] [(Verified) 深圳市迅雷网络技术有限公司] [AxSubmitControl Class] {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} [C:\WINDOWS\Downloaded Program Files\SubmitControl.dll] [] [] {9030D464-4C02-4ABF-8ECC-5164760863C6} [] [] [OFrameObject Class] {9701758C-4373-482E-B13C-776C048EC890} [C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.7104.319.(888).dll] [(Verified) ShenZhen Thunder Networking Technologies Ltd.] [VersionDetector Class] {9EFF1953-9694-47B1-AEF6-B2A3FE8BFE9B} [C:\Program Files\Common Files\Thunder Network\KanKan\vd.1.1.0.32.(889).dll] [(Verified) ShenZhen Thunder Networking Technologies,Ltd.] [APlayer Control] {A9322148-C691-4B9D-91FC-B9C461DBE9DD} [C:\Program Files\Common Files\Thunder Network\APlayer\APlayer_001.dll] [(Verified) ShenZhen Thunder Networking Technologies, LTD] [DapCtrl Class] {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} [C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.7104.319.(888).dll] [(Verified) ShenZhen Thunder Networking Technologies Ltd.] [Microsoft Scriptlet Component] {AE24FDAE-03C6-11D1-8B76-0080C744F389} [C:\WINDOWS\system32\mshtml.dll] [(Verified) Microsoft Corporation] [InfoSecICBCNetSign Class] {B1FBC1AD-5644-4084-882A-0F8BA85E7506} [C:\WINDOWS\DOWNLO~1\ICBC_N~1.DLL] [] [SearchAssistantOC] {B45FF030-4447-11D2-85DE-00C04FA35C89} [C:\WINDOWS\system32\shdocvw.dll] [(Verified) Microsoft Corporation] [SafeMon Class] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [D:\Program Files\360\360safe\safemon\safemon.dll] [(Verified) 360.cn] [InfosecCCBNetSign Class] {BC96F5A4-C930-4226-ADAB-59349AE585E9} [C:\Program Files\CCBComponents\Detector\CCBNetSignCom.dll] [(Verified) Infosec Technologies Co., Ltd.] [AUDIO__MID Moniker Class] {CD3AFA74-B84F-48F0-9393-7EDC34128127} [C:\WINDOWS\system32\wmp.dll] [(Verified) Microsoft Corporation] [AUDIO__MP3 Moniker Class] {CD3AFA76-B84F-48F0-9393-7EDC34128127} [C:\WINDOWS\system32\wmp.dll] [(Verified) Microsoft Corporation] [AUDIO__X_MS_WMA Moniker Class] {CD3AFA84-B84F-48F0-9393-7EDC34128127} [C:\WINDOWS\system32\wmp.dll] [(Verified) Microsoft Corporation] [VIDEO__X_MS_WMV Moniker Class] {CD3AFA94-B84F-48F0-9393-7EDC34128127} [C:\WINDOWS\system32\wmp.dll] [(Verified) Microsoft Corporation] [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [C:\WINDOWS\system32\Macromed\Flash\Flash10l.ocx] [(Verified) Adobe Systems, Inc.] [QQLive Class] {D9EBCF5D-3F8F-4b6a-89BA-70577BE73C62} [C:\Program Files\HaoETV\core\qqlive\LiveAPI.dll] [(Verified) Tencent] [PlayerCtrl Class] {E05BC2A3-9A46-4a32-80C9-023A473F5B23} [d:\Program Files\Tencent\QQMusic\QzoneMusic.dll] [] [] {EF0D1A14-1033-41A2-A589-240C01EDC078} [] [] [XPPlayer Class] {F3E70CEA-956E-49CC-B444-73AFE593AD7F} [C:\Program Files\Common Files\Thunder Network\KanKan\PPlayer.2.1.5914.257.(133).dll] [(Verified) ShenZhen Thunder Networking Technologies Ltd.] [SEInterface Class] {FDAEAB93-6DC0-4A63-81C6-95C88ED36F6A} [C:\Program Files\SogouExplorer\seapi.dll] [(Verified) Sohu.com Inc.] ================================== 用户态API HOOK检测[IAT HOOK] [PID:1136 / explorer.exe] [GetProcAddress: 0x7C80AE40->0x5CC37774] [C:\WINDOWS\system32\shimeng.dll] [(Verified) Microsoft Corporation] ================================== 用户态API HOOK检测[CODE HOOK] [PID:1136 / explorer.exe] [CreateProcessInternalA: 0x7C81D54E->0x083ABAE67] [D:\Program Files\360\360safe\safemon\safemon.dll] [(Verified) 360.cn] [PID:1136 / explorer.exe] [CreateProcessInternalW: 0x7C8197B0->0x083ABAEFC] [D:\Program Files\360\360safe\safemon\safemon.dll] [(Verified) 360.cn] [PID:3976 / msnmsgr.exe] [CreateWindowExW: 0x77D2D0A3->0x0810002220] [C:\Program Files\Windows Live\Messenger\CRYPTNET.dll] [] [PID:3976 / msnmsgr.exe] [GetSystemMenu: 0x77D2B222->0x08100021E0] [C:\Program Files\Windows Live\Messenger\CRYPTNET.dll] [] [PID:3976 / msnmsgr.exe] [SetWindowPlacement: 0x77D1DE46->0x081000C3B0] [C:\Program Files\Windows Live\Messenger\CRYPTNET.dll] [] [PID:3976 / msnmsgr.exe] [SetWindowPos: 0x77D299F3->0x0810002080] [C:\Program Files\Windows Live\Messenger\CRYPTNET.dll] [] [PID:3976 / msnmsgr.exe] [ShowWindow: 0x77D2AF56->0x0810007EE0] [C:\Program Files\Windows Live\Messenger\CRYPTNET.dll] [] [PID:3976 / msnmsgr.exe] [TrackPopupMenuEx: 0x77D6CF62->0x0810008630] [C:\Program Files\Windows Live\Messenger\CRYPTNET.dll] [] [PID:3976 / msnmsgr.exe] [WSARecv: 0x71A24CB5->0x081000B6A0] [C:\Program Files\Windows Live\Messenger\CRYPTNET.dll] [] [PID:3976 / msnmsgr.exe] [connect: 0x71A24A07->0x081000CA20] [C:\Program Files\Windows Live\Messenger\CRYPTNET.dll] [] [PID:3976 / msnmsgr.exe] [send: 0x71A24C27->0x081000C5C0] [C:\Program Files\Windows Live\Messenger\CRYPTNET.dll] [] [PID:3976 / msnmsgr.exe] [Shell_NotifyIconW: 0x7D5FA587->0x0810002380] [C:\Program Files\Windows Live\Messenger\CRYPTNET.dll] [] [PID:3976 / msnmsgr.exe] [InternetReadFile: 0x76698302->0x081000B4D0] [C:\Program Files\Windows Live\Messenger\CRYPTNET.dll] [] [PID:384 / IEXPLORE.EXE] [CopyFileA: 0x7C8286EE->0x08AE5E28] [D:\Program Files\360\360safe\safemon\safemon.dll] [(Verified) 360.cn] [PID:384 / IEXPLORE.EXE] [CopyFileExA: 0x7C85F39C->0x08AE61E5] [D:\Program Files\360\360safe\safemon\safemon.dll] [(Verified) 360.cn] [PID:384 / IEXPLORE.EXE] [CopyFileExW: 0x7C827B32->0x08AE6286] [D:\Program Files\360\360safe\safemon\safemon.dll] [(Verified) 360.cn] [PID:384 / IEXPLORE.EXE] [CopyFileW: 0x7C82F87B->0x08AE5EC0] [D:\Program Files\360\360safe\safemon\safemon.dll] [(Verified) 360.cn] [PID:384 / IEXPLORE.EXE] [CreateProcessA: 0x7C80236B->0x08ADAB5B] [D:\Program Files\360\360safe\safemon\safemon.dll] [(Verified) 360.cn] [PID:384 / IEXPLORE.EXE] [CreateProcessInternalA: 0x7C81D54E->0x08ADAE67] [D:\Program Files\360\360safe\safemon\safemon.dll] [(Verified) 360.cn] [PID:384 / IEXPLORE.EXE] [CreateProcessInternalW: 0x7C8197B0->0x08ADAEFC] [D:\Program Files\360\360safe\safemon\safemon.dll] [(Verified) 360.cn] [PID:384 / IEXPLORE.EXE] [CreateProcessW: 0x7C802336->0x08ADAC05] [D:\Program Files\360\360safe\safemon\safemon.dll] [(Verified) 360.cn] [PID:384 / IEXPLORE.EXE] [MoveFileA: 0x7C835EBF->0x08AE5FDA] [D:\Program Files\360\360safe\safemon\safemon.dll] [(Verified) 360.cn] [PID:384 / IEXPLORE.EXE] [MoveFileW: 0x7C821261->0x08AE606F] [D:\Program Files\360\360safe\safemon\safemon.dll] [(Verified) 360.cn] [PID:384 / IEXPLORE.EXE] [WinExec: 0x7C86250D->0x08ADA259] [D:\Program Files\360\360safe\safemon\safemon.dll] [(Verified) 360.cn] [PID:384 / IEXPLORE.EXE] [HttpOpenRequestA: 0x76692B11->0x08AF8AF7] [D:\Program Files\360\360safe\safemon\safemon.dll] [(Verified) 360.cn] [PID:384 / IEXPLORE.EXE] [HttpOpenRequestW: 0x7669F45A->0x08AF8A4E] [D:\Program Files\360\360safe\safemon\safemon.dll] [(Verified) 360.cn] [PID:384 / IEXPLORE.EXE] [InternetConnectA: 0x7669346A->0x08AF8CD2] [D:\Program Files\360\360safe\safemon\safemon.dll] [(Verified) 360.cn] [PID:384 / IEXPLORE.EXE] [InternetConnectW: 0x7669EE50->0x08AF8C55] [D:\Program Files\360\360safe\safemon\safemon.dll] [(Verified) 360.cn] [PID:384 / IEXPLORE.EXE] [InternetOpenUrlA: 0x76695A72->0x08AF8E06] [D:\Program Files\360\360safe\safemon\safemon.dll] [(Verified) 360.cn] [PID:384 / IEXPLORE.EXE] [InternetOpenUrlW: 0x766A5BC2->0x08AF8D89] [D:\Program Files\360\360safe\safemon\safemon.dll] [(Verified) 360.cn] [PID:384 / IEXPLORE.EXE] [ShellExecuteA: 0x7D6111A8->0x08ADA41D] [D:\Program Files\360\360safe\safemon\safemon.dll] [(Verified) 360.cn] [PID:384 / IEXPLORE.EXE] [ShellExecuteEx: 0x7D610E7D->0x08ADA8BC] [D:\Program Files\360\360safe\safemon\safemon.dll] [(Verified) 360.cn] [PID:384 / IEXPLORE.EXE] [ShellExecuteExA: 0x7D610E7D->0x08ADA8BC] [D:\Program Files\360\360safe\safemon\safemon.dll] [(Verified) 360.cn] [PID:384 / IEXPLORE.EXE] [ShellExecuteExW: 0x7D5D991B->0x0810015927] [D:\Program Files\360\360safe\safemon\Adfilter.dll] [(Verified) 360.cn] [PID:384 / IEXPLORE.EXE] [ShellExecuteW: 0x7D685E68->0x08100159BA] [D:\Program Files\360\360safe\safemon\Adfilter.dll] [(Verified) 360.cn] [PID:384 / IEXPLORE.EXE] [WSASend: 0x71A268FA->0x08ADF24B] [D:\Program Files\360\360safe\safemon\safemon.dll] [(Verified) 360.cn] [PID:384 / IEXPLORE.EXE] [send: 0x71A24C27->0x08ADF156] [D:\Program Files\360\360safe\safemon\safemon.dll] [(Verified) 360.cn] ================================== 内核态NATIVE API HOOK检测 N/A ================================== SSDT TABLE HOOK检测 N/A ================================== SSDT CODE HOOK检测 N/A ================================== Shadow SSDT TABLE HOOK检测 N/A ================================== Shadow SSDT CODE HOOK检测 N/A ================================== AutoRun.inf检测 N/A ================================== host文件检测 127.0.0.1 localhost 0.0.0.0 211.94.190.80 0.0.0.0 211.94.190.80 0.0.0.0 adsresult.joywell.com.cn 0.0.0.0 server1.adpolestar.net [/CODE]