瑞星卡卡安全论坛
lvdeyan - 2012-3-1 13:25:00
各位好:
电脑突然出现进程中regsvr32.exe好多,占用cpu100%,开机启动要半天才启动完全。请高人指点下,
下面文件是sreng扫描的。请高人帮忙分析下,非常感谢
[CODE]
2012-03-01,12:59:44
System Repair Engineer 2.7.1.1261
Smallfrogs (
http://www.KZTechs.com)
Windows XP Professional Service Pack 3 (Build 2600) -
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描
计划任务
API HOOK
隐藏进程
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<360sd><"C:\Program Files\360\360sd\360sdrun.exe"> [(Verified)Youku.com Inc.]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Component Publisher]
<PPS Accelerator><C:\Program Files\PPStream\PPSAP.exe> [(Verified)SHANGHAI ZHONGYUAN NETWORKS LIMITED]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<amd_dc_opt><C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe> [AMD]
<360Safetray><"C:\Program Files\360\360Safe\safemon\360Tray.exe" /start> [(Verified)360.cn]
<QLBController><C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe /start> [(Verified)Hewlett-Packard Company]
<systray.exe><c:\windows\system32\Systray.exe> [(Verified)Microsoft Windows Component Publisher]
<S7UB Start><"E:\Program Files\Common Files\Siemens\S7ubtoox\s7ubtstx.exe" -StartDB> [SIEMENS AG]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<PostBootReminder><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher]
<CDBurn><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher]
<WebCheck><%SystemRoot%\system32\webcheck.dll> [(Verified)Microsoft Windows Component Publisher]
<SysTray><C:\WINDOWS\system32\stobject.dll> [(Verified)Microsoft Windows Component Publisher]
<UPnPMonitor><C:\WINDOWS\system32\upnpui.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
<WinlogonNotify: crypt32chain><crypt32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
<WinlogonNotify: cryptnet><cryptnet.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
<WinlogonNotify: cscdll><cscdll.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
<WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
<WinlogonNotify: ScCertProp><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
<WinlogonNotify: Schedule><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
<WinlogonNotify: sclgntfy><sclgntfy.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
<WinlogonNotify: SensLogn><WlNotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
<WinlogonNotify: termsrv><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
<WinlogonNotify: wlballoon><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
<{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
<{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
<Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
<浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
<Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
<Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install> [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Control Panel\Desktop]
<SCRNSAVE.EXE><C:\WINDOWS\IFIXSC~1.SCR> [(Verified)"GE Fanuc Automation Americas, Inc."]
用户系统信息:Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; SV1; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; 360SE)
lvdeyan - 2012-3-1 13:26:00
启动文件夹
N/A
==================================
服务
[360 杀毒实时防护服务 / 360rp][Running/Auto Start]
<"C:\Program Files\360\360sd\360rps.exe"><360.cn>
[ArchestrA Logger / aaLogger][Running/Auto Start]
<"C:\Program Files\Common Files\ArchestrA\aaLogger.exe"><Invensys Systems, Inc.>
[AEClientHostService / AEClientHostService][Running/Auto Start]
<"C:\Program Files\GE Fanuc\Alarm Viewer\Host\AEClientHostService.exe"><GE Fanuc Automation Americas>
[Agere Modem Call Progress Audio / AgereModemAudio][Running/Auto Start]
<C:\Program Files\LSI SoftModem\agrsmsvc.exe><LSI Corporation>
[Automation License Manager Service / almservice][Running/Auto Start]
<"E:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe"><SIEMENS AG>
[Autodesk Licensing Service / Autodesk Licensing Service][Running/Auto Start]
<"C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"><Autodesk>
[Proficy Licensing / CCFLIC0][Running/Auto Start]
<C:\Program Files\GE Fanuc\Proficy Common\M4 Common Licensing\CCFLIC0.exe><GE Fanuc Automation>
[Cmb WebProtect Support / CMBWPS][Running/Auto Start]
<C:\Program Files\CMBCHINA\WebProtect\WPService.exe /start><China Merchants Bank>
[DbCommServer / DbCommServer][Running/Auto Start]
<E:\forcecon\6.1install\DbCommServer.exe><Beijing Sunway ForceControl Technology Co.,Ltd>
[DbCommServerEf / DbCommServerEf][Running/Auto Start]
<E:\forcecon\install\DbCommServer.exe><Beijing Sunway ForceControl Technology Co.,Ltd>
[Proficy HMI/SCADA iFIX 服务器 / FIX][Stopped/Manual Start]
<E:\ifix\software\install\fixsrv.exe><GE Fanuc Automation Americas, Inc.>
[Windows Presentation Foundation Font Cache 3.0.0.0 / FontCache3.0.0.0][Stopped/Manual Start]
<C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe><Microsoft Corporation>
[FS Service Control / FS Service Control][Running/Auto Start]
<"C:\Program Files\Common Files\ArchestrA\NTServApp.exe"><Wonderware Corporation>
[HASP License Manager / hasplms][Running/Auto Start]
<C:\WINDOWS\system32\hasplms.exe -run><Aladdin Knowledge Systems Ltd.>
[HistorySvr / HistorySvr][Running/Auto Start]
<C:\Program Files\kingview\HistorySvr.exe><>
[HP Hotkey Monitor / hpHotkeyMonitor][Running/Auto Start]
<"C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe"><Hewlett-Packard Company>
[hpqwmiex / hpqwmiex][Running/Manual Start]
<"C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe"><Hewlett-Packard Company>
[ICBC Daemon Service / ICBC Daemon Service][Running/Auto Start]
<C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\ICBC_WIN32\IcbcDaemon.exe><N/A>
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
<"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"><Macrovision Corporation>
[Windows CardSpace / idsvc][Stopped/Manual Start]
<"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"><Microsoft Corporation>
[M1 Licensing Helper / iLicenseSvc][Running/Auto Start]
<C:\WINDOWS\Intellution\iLicenseSvc.exe><GE Fanuc Automation Americas, Inc.>
[Intellution MBE Driver Helper / Intellution MBE Driver Helper][Stopped/Manual Start]
<E:\IFIX\SOFTWARE\INSTALL\MBEHelperService.exe><Intellution, Inc.>
[KSafe service / KSafeSvc][Stopped/Manual Start]
<"D:\金山卫士\install\KSafe\KSafeSvc.exe" -svc><Kingsoft Corporation>
[Kingsoft Core Service / kxescore][Running/Auto Start]
<"C:\Program Files\Kingsoft\Kingsoft Antivirus\kxescore.exe" /service kxescore><Kingsoft Corporation>
[Net.Tcp Port Sharing Service / NetTcpPortSharing][Stopped/Disabled]
<"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"><Microsoft Corporation>
[OnKey Service _ICBC / OnKey Service _ICBC][Running/Auto Start]
<C:\WINDOWS\system32\D4Ser_ICBC.exe><Tendyron Corporation>
[Pml Driver HPZ12 / Pml Driver HPZ12][Running/Auto Start]
<C:\WINDOWS\system32\HPZipm12.exe><HP>
[S7 Global Services / s7asysvx][Running/Auto Start]
<"E:\simens\sp3 install\S7BIN\s7asysvx.exe"><SIEMENS AG>
[SIMATIC IEPG Help Service / s7oiehsx][Running/Auto Start]
<E:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe><SIEMENS AG>
[S7TraceServiceX / S7TraceServiceX][Running/Auto Start]
<C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe><SIEMENS AG>
[Wonderware SuiteLink / slssvc][Running/Auto Start]
<"C:\Program Files\Common Files\ArchestrA\slssvc.exe"><Invensys Systems, Inc.>
[Audio Service / STacSV][Running/Auto Start]
<c:\program files\idt\wdm\STacSV.exe><IDT, Inc.>
[Tencent Software Update Service / TSUSVC][Stopped/Manual Start]
<"D:\QQ\QQSoftMgr\1.0.375.203\TencentUpdateSvc.exe" -run><Tencent>
[UDisk Monitor / UDisk Monitor][Running/Auto Start]
<C:\Documents and Settings\Administrator\Application Data\CT_ZTEMT_USB\MonServiceUDisk.exe><N/A>
[VMware Agent Service / ufad-ws60][Running/Auto Start]
<"C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe" -d "C:\Program Files\VMware\VMware Workstation\\" -s ufad-p2v.xml><VMware, Inc.>
[Ulead Burning Helper / UleadBurningHelper][Stopped/Manual Start]
<C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe><Ulead Systems, Inc.>
[VMware Authorization Service / VMAuthdService][Running/Auto Start]
<"C:\Program Files\VMware\VMware Workstation\vmware-authd.exe"><VMware, Inc.>
[VMware DHCP Service / VMnetDHCP][Stopped/Auto Start]
<C:\WINDOWS\system32\vmnetdhcp.exe><VMware, Inc.>
[VMware Virtual Mount Manager Extended / vmount2][Running/Auto Start]
<"C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe"><VMware, Inc.>
[VMware NAT Service / VMware NAT Service][Stopped/Auto Start]
<C:\WINDOWS\system32\vmnat.exe><VMware, Inc.>
[Wonderware NetDDE Helper / WWNetDDE][Stopped/Auto Start]
<"C:\Program Files\Common Files\ArchestrA\wwnetdde.exe"><Invensys Systems, Inc.>
[主动防御 / ZhuDongFangYu][Running/Auto Start]
<"C:\Program Files\360\360Safe\deepscan\ZhuDongFangYu.exe"><360.cn>
lvdeyan - 2012-3-1 13:27:00
驱动程序
[360AvFlt mini-filter driver / 360AvFlt][Running/System Start]
<system32\DRIVERS\360AvFlt.sys><360.cn>
[360Box mini-filter driver / 360Box][Running/System Start]
<system32\DRIVERS\360Box.sys><360安全中心>
[360netmon / 360netmon][Running/System Start]
<\??\C:\WINDOWS\system32\drivers\360netmon.sys><360.cn>
[360SelfProtection / 360SelfProtection][Running/System Start]
<system32\drivers\360SelfProtection.sys><360安全中心>
[AE Audio Service / AESTAud][Running/Manual Start]
<system32\drivers\AESTAud.sys><Andrea Electronics Corporation>
[Agere Systems Soft Modem / AgereSoftModem][Running/Manual Start]
<system32\DRIVERS\AGRSM.sys><LSI Corporation>
[aksfridge / aksfridge][Running/Auto Start]
<\??\C:\WINDOWS\system32\drivers\aksfridge.sys><Aladdin Knowledge Systems Ltd.>
[Aladdin HASP Key / akshasp][Stopped/Manual Start]
<system32\DRIVERS\akshasp.sys><Aladdin Knowledge Systems Ltd.>
[Aladdin USB Key / aksusb][Stopped/Manual Start]
<system32\DRIVERS\aksusb.sys><Aladdin Knowledge Systems Ltd.>
[amdide / amdide][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\amdide.sys><Advanced Micro Devices>
[AmdK8 Compatible Device / AmdK8][Stopped/Manual Start]
<System32\drivers\amdk8.sys><Advanced Micro Devices>
[AMD Low Level Device Driver / AmdLLD][Running/Manual Start]
<system32\DRIVERS\AmdLLD.sys><AMD, Inc.>
[AMD HwPState Processor Driver / AmdPPM][Running/System Start]
<system32\DRIVERS\AmdPPM.sys><Advanced Micro Devices>
[ati2mtag / ati2mtag][Running/Manual Start]
<system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[ATI Function Driver for High Definition Audio Service / AtiHdmiService][Running/Manual Start]
<system32\drivers\AtiHdmi.sys><ATI Technologies, Inc.>
[BAPIDRV / BAPIDRV][Running/System Start]
<\??\C:\WINDOWS\system32\drivers\BAPIDRV.SYS><360.cn>
[Broadcom 802.11 网络适配器驱动程序 / BCM43XX][Running/Manual Start]
<system32\DRIVERS\bcmwl5.sys><Broadcom Corporation>
[Dpmtrcdd / Dpmtrcdd][Running/Auto Start]
<System32\DRIVERS\dpmtrcdd.sys><SIEMENS AG>
[DriverX / DriverX][Running/Auto Start]
<\SystemRoot\System32\Drivers\driverx.sys><Tetradyne Software, Inc.>
[DAEMON Tools Virtual Bus Driver / dtsoftbus01][Running/System Start]
<system32\DRIVERS\dtsoftbus01.sys><DT Soft Ltd>
[EfiSystemMon / EfiMon][Running/System Start]
<System32\Drivers\Efimon.sys><360安全中心>
[Hardlock / Hardlock][Running/Auto Start]
<\??\C:\WINDOWS\system32\drivers\hardlock.sys><Aladdin Knowledge Systems Ltd.>
[VMware hcmon / hcmon][Stopped/Auto Start]
<\??\C:\WINDOWS\system32\Drivers\hcmon.sys><VMware, Inc.>
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start]
<system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[HookPort / HookPort][Running/Boot Start]
<\SystemRoot\System32\Drivers\Hookport.sys><360安全中心>
[HpqKbFilter Driver / HpqKbFiltr][Running/Manual Start]
<system32\DRIVERS\HpqKbFiltr.sys><Hewlett-Packard Development Company, L.P.>
[hptpro / hptpro][Stopped/Boot Start]
<\SystemRoot\system32\DRIVERS\hptpro.sys><HighPoint Technologies, Inc.>
[IEEE-1284.4 Driver HPZid412 / HPZid412][Stopped/Manual Start]
<system32\DRIVERS\HPZid412.sys><HP>
[Print Class Driver for IEEE-1284.4 HPZipr12 / HPZipr12][Stopped/Manual Start]
<system32\DRIVERS\HPZipr12.sys><HP>
[USB to IEEE-1284.4 Translation Driver HPZius12 / HPZius12][Stopped/Manual Start]
<system32\DRIVERS\HPZius12.sys><HP>
[GE Fanuc Keyboard Class Upper Filter Driver / ikbf5][Running/Manual Start]
<system32\DRIVERS\ikbf5.sys><GE Fanuc International, Inc.>
[KAVBootC / KAVBootC][Running/Boot Start]
<\SystemRoot\system32\drivers\KAVBootC.sys><Kingsoft Corporation>
[KDHacker / KDHacker][Running/System Start]
<\??\C:\Program Files\Kingsoft\Kingsoft Antivirus\security\kxescan\kdhacker.sys><Kingsoft Corporation>
[kisknl / kisknl][Running/Auto Start]
<\??\C:\WINDOWS\system32\drivers\kisknl.sys><Kingsoft Corporation>
[kmodurl / kmodurl][Running/System Start]
<\??\D:\金山卫士\install\KSafe\kmodurl.sys><Kingsoft Corporation>
[ksapi / ksapi][Running/Manual Start]
<\??\C:\WINDOWS\system32\drivers\ksapi.sys><Kingsoft Corporation>
[KVCom / KVCom][Running/Auto Start]
<\??\C:\WINDOWS\system32\drivers\KVCom.sys><asiacontrol>
[NComDriver Driver / NComDriver][Running/Auto Start]
<\SystemRoot\system32\drivers\NComDriver.sys><N/A>
[PECKbdProtector / PECKbdProtector][Running/Auto Start]
<\??\C:\WINDOWS\system32\drivers\PECKP.SYS><CSII>
[Mouse Suite Driver / pelmouse][Running/System Start]
<system32\DRIVERS\pelmouse.sys><TPMX Electronics Ltd.>
[PS/2 Mouse Filter Driver / pelps2m][Running/Manual Start]
<system32\DRIVERS\pelps2m.sys><Primax Electronics Ltd.>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Quantum DeepScanner Servers / quxxxserv][Running/System Start]
<\??\C:\WINDOWS\system32\drivers\quxxxrv.sys><360.cn>
[qutmipc / qutmipc][Running/System Start]
<\??\C:\WINDOWS\system32\drivers\qutmipc.sys><360.cn>
[ChinaNet WLAN Adapter / rasuw][Stopped/Manual Start]
<system32\DRIVERS\rasuw.sys><UTStarcom Inc.>
[Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver / RTLE8023xp][Running/Manual Start]
<system32\DRIVERS\Rtenicxp.sys><Realtek Semiconductor Corporation>
[SIMATIC MPI/PROFIBUS DPX2 Driver / s7odpx2x][Running/Auto Start]
<\SystemRoot\System32\Drivers\S7odpx2x.sys><SIEMENS AG>
[SIMATIC MPI/EFS Driver / s7oefs_x][Stopped/Manual Start]
<\SystemRoot\System32\drivers\s7oefs_x.sys><SIEMENS AG>
[PROFINET IO RT-Protocol (LLDP) / S7opcsrtx][Others/Auto Start]
<system32\DRIVERS\s7opcsrtx.sys><SIEMENS AG>
[S7oppilx / S7oppilx][Stopped/Manual Start]
<\SystemRoot\System32\Drivers\S7oppilx.sys><N/A>
[s7oppitx / s7oppitx][Stopped/Manual Start]
<\SystemRoot\System32\Drivers\S7oppitx.sys><SIEMENS AG>
[s7osmcax / s7osmcax][Running/Auto Start]
<\SystemRoot\System32\Drivers\s7osmcax.sys><SIEMENS AG>
[s7otranx / s7otranx][Running/Auto Start]
<\SystemRoot\System32\Drivers\s7otranx.sys><SIEMENS AG>
[SIMATIC PC Adapter USB Driver / s7oupc2x][Stopped/Manual Start]
<system32\DRIVERS\s7oupc2x.sys><SIEMENS AG>
[PROFINET IO RT-Protocol / s7snsrtx][Running/Auto Start]
<system32\DRIVERS\s7snsrtx.sys><SIEMENS AG>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[SENSE3 / SENSE3][Stopped/Auto Start]
<system32\drivers\sense3.sys><Beijing Senselock>
[Sentinel / Sentinel][Running/Auto Start]
<\SystemRoot\System32\Drivers\SENTINEL.SYS><SafeNet, Inc.>
[Prolific Serial port driver / Ser2pl][Stopped/Manual Start]
<system32\DRIVERS\ser2pl.sys><Prolific Technology Inc.>
[CP210x USB Composite Device driver (WDM) / slabbus][Stopped/Manual Start]
<system32\DRIVERS\slabbus.sys><MCCI>
[CP210x USB to UART Bridge Controller Drivers / slabser][Stopped/Manual Start]
<system32\DRIVERS\slabser.sys><MCCI>
[USB2.0 PC Camera (SNP2UVC) / SNP2UVC][Running/Manual Start]
<system32\DRIVERS\snp2uvc.sys><>
[SIMATIC Industrial Ethernet (ISO) / SNTIE][Running/Auto Start]
<system32\DRIVERS\sntie.sys><SIEMENS AG>
[IDT High Definition Audio CODEC / STHDA][Running/Manual Start]
<system32\drivers\sthda.sys><IDT, Inc.>
[Superk5 / Superk5][Running/Auto Start]
<\SystemRoot\System32\drivers\superk5.sys><Microsoft Corporation>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
<system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[UNIIO / UNIIO][Running/Auto Start]
<\??\E:\forcecon\6.1install\UNIIO.SYS><N/A>
[%USBLOCKServDesc% / USBLOCK][Stopped/Manual Start]
<System32\Drivers\usblock.sys><Beijing Senselock Corp.>
[e2eSoft VCam / VCam_WDM][Running/Manual Start]
<system32\DRIVERS\VCam_WDM.sys><e2eSoft>
[VMware kbd / vmkbd][Running/Manual Start]
<\??\C:\WINDOWS\system32\drivers\VMkbd.sys><VMware, Inc.>
[VMware Virtual Ethernet Adapter Driver / VMnetAdapter][Running/Manual Start]
<system32\DRIVERS\vmnetadapter.sys><VMware, Inc.>
[VMware Bridge Protocol / VMnetBridge][Running/Auto Start]
<system32\DRIVERS\vmnetbridge.sys><VMware, Inc.>
[VMware Network Application Interface / VMnetuserif][Stopped/Auto Start]
<\??\C:\WINDOWS\system32\drivers\vmnetuserif.sys><VMware, Inc.>
[VMware USB Client Driver / vmusb][Stopped/Manual Start]
<System32\Drivers\vmusb.sys><VMware, Inc.>
[VMware vmx86 / vmx86][Running/Auto Start]
<\??\C:\WINDOWS\system32\Drivers\vmx86.sys><VMware, Inc.>
[Vstor2 Virtual Storage Driver / vstor2][Stopped/Auto Start]
<\??\C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys><VMware, Inc.>
[Vstor2 WS60 Virtual Storage Driver / vstor2-ws60][Stopped/Auto Start]
<\??\C:\Program Files\VMware\VMware Workstation\vstor2-ws60.sys><VMware, Inc.>
[ZTEMT Legacy Serial Communication / ztemtusbser][Stopped/Manual Start]
<system32\DRIVERS\CT_ZTEMT_U_USBSER.sys><ZTEMT Incorporated>
lvdeyan - 2012-3-1 13:28:00
浏览器加载项
[WebProtect]
{53763D1D-9CA8-4C7C-9756-A8E6B8FC063B} <C:\Program Files\CMBCHINA\WebProtect\WebProtect.dll, (Signed) China Merchants Bank>
[Netease MailAssist Helper]
{6bc7458e-b80e-4b79-8aa8-04d56fb51067} <C:\Program Files\Netease\Netease MailAssist\Internet Explorer\MailAssist.dll, (Signed) NetEase.com,Inc>
[迅雷下载支持]
{889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\BHO\XunleiBHO7.1.4.2104.dll, (Signed) 深圳市迅雷网络技术有限公司>
[SafeMon Class]
{B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360\360Safe\safemon\safemon.dll, (Signed) 360.cn>
[ICBC Anti-Phishing class]
{BB4491A2-D11A-4c6b-91C0-B53246A3122B} <C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\ICBC_WIN32\Icbc_AntiPhishing.dll, (Signed) 中国工商银行>
[Hewlett-Packard Online Support Services]
{1851174C-97BD-4217-A0CC-E908F60D5B7A} <, >
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, (Signed) Microsoft Corporation>
[CertEnroll Class]
{7978461C-CC22-48F2-BC69-02220D3E101D} <C:\WINDOWS\system32\itruscert\itrusenroll.dll, (Signed) iTruschina Co., Ltd.>
[koaliisvsctrl Class]
{9BA878B8-5AF3-43E6-8DB1-E7849E4C6A4B} <C:\WINDOWS\system32\koalii_svs_acx.dll, (Signed) >
[PowerPasswordXNBCB Control]
{A125EE80-C88D-4FFA-BE60-548AFE8E81EC} <, >
[CCTVUpdateInstall]
{Axxx14988-E5BB-4C2C-873B-EA53D2F3D23A} <C:\Documents and Settings\Administrator\Application Data\CCTV\tv\CCTVUpdateInstall.dll, (Signed) CCTV International Networks Co.,Ltd>
[]
{E1849EE3-AC12-42E8-BC2C-D15D0F7CCD4A} <, >
[]
{01443AEC-0FD1-40FD-9C87-E93D1494C233} <, >
[TDRDV Class]
{060CA154-DF25-4F03-98AA-FBCDE9D27382} <C:\WINDOWS\system32\ICBC_TDRDV.dll, (Signed) <Tendyron Corporation>>
[AliCertDOCtrl Class]
{08D512D2-7D97-4E22-B7DB-82791106C086} <C:\Documents and Settings\Administrator\Application Data\alipay\cf\alicdo.dll, (Signed) Alipay>
[]
{0A0DDBD3-6641-40B9-873F-BBDD26D6C14E} <, >
[InfosecCertInstall Class]
{0EB487C8-E9AC-43A6-8xxxC-083999B0622F} <C:\WINDOWS\system32\certInStall.dll, (Signed) >
[]
{1362C356-E03F-F9B3-FDD9-7D3B22A5FDF8} <, >
[WWPicUploadCtrl Class]
{1D63232D-4F15-4A42-890D-EE617AA1537D} <D:\taobao\saler\install\modules\1685\WWPictureUpload.dll, (Signed) Alibaba software (Shanghai) Corporation>
[InstallHelper Class]
{1DABF8D5-8430-4985-9B7F-A30E53D709B3} <D:\QQ\install1\Plugin\Com.Tencent.QQMusic\bin\QQMusic\MMInstaller.dll, (Signed) Tencent>
[iTrusPTA Class]
{1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\itruscert\pta.dll, (Signed) iTruschina Co., Ltd.>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation>
[]
{2D90D33C-DE76-42D0-9040-E4466DDC24AC} <, >
[Axcleanctrl Class]
{36C9539B-49D2-01C7-9C6D-10DACDFEA59C} <C:\WINDOWS\system32\icbcclean.dll, (Signed) >
[Agent Class]
{485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <C:\Program Files\Thunder Network\Thunder\BHO\ThunderAgent7.1.4.2104.dll, (Signed) 深圳市迅雷网络技术有限公司>
[EditCtrl Class]
{488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\2.4.0.4\aliedit.dll, (Signed) >
[WebProtect]
{53763D1D-9CA8-4C7C-9756-A8E6B8FC063B} <C:\Program Files\CMBCHINA\WebProtect\WebProtect.dll, (Signed) China Merchants Bank>
[WangWangX Class]
{5D09DD40-CDxxx-4C56-B615-0D1E3B357C2B} <D:\taobao\saler\install\AliIMX.dll, (Signed) >
[Netease MailAssist Helper]
{6BC7458E-B80E-4B79-8AA8-04D56FB51067} <C:\Program Files\Netease\Netease MailAssist\Internet Explorer\MailAssist.dll, (Signed) NetEase.com,Inc>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[]
{70425897-213B-4a9a-943B-2EEFB2124E35} <, >
[AxInputControl Class]
{73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\system32\InputControl.dll, (Signed) >
[Token Class]
{746E471A-B6E4-44E3-8F3C-2A09B3A030B4} <C:\WINDOWS\system32\icbc_tdrusbkey.dll, (Signed) Tendyron Corporation>
[CertEnroll Class]
{7978461C-CC22-48F2-BC69-02220D3E101D} <C:\WINDOWS\system32\itruscert\itrusenroll.dll, (Signed) iTruschina Co., Ltd.>
[]
{814953B0-3DE7-4171-A0DD-A7A38322B6C7} <, >
[360SafeLive]
{87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360\360Safe\Safelive.dll, (Signed) 360.cn>
[迅雷下载支持]
{889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\BHO\XunleiBHO7.1.4.2104.dll, (Signed) 深圳市迅雷网络技术有限公司>
[AxSubmitControl Class]
{8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\system32\SubmitControl.dll, (Signed) >
[OFrameObject Class]
{9701758C-4373-482E-B13C-776C048EC890} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.7201.406.(986).dll, (Signed) ShenZhen Thunder Networking Technologies Ltd.>
[VersionDetector Class]
{9EFF1953-9694-47B1-AEF6-B2A3FE8BFE9B} <C:\Program Files\Common Files\Thunder Network\KanKan\vd.1.1.0.32.(972).dll, (Signed) ShenZhen Thunder Networking Technologies,Ltd.>
[APlayer Control]
{A9322148-C691-4B9D-91FC-B9xxx61DBE9DD} <C:\Program Files\Common Files\Thunder Network\APlayer\APlayer_001.dll, (Signed) ShenZhen Thunder Networking Technologies, LTD>
[CCTVUpdateInstall]
{Axxx14988-E5BB-4C2C-873B-EA53D2F3D23A} <C:\Documents and Settings\Administrator\Application Data\CCTV\tv\CCTVUpdateInstall.dll, (Signed) CCTV International Networks Co.,Ltd>
[DapCtrl Class]
{ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.7201.406.(986).dll, (Signed) ShenZhen Thunder Networking Technologies Ltd.>
[LiveDapCtrl Class]
{ACACC6EB-1FBA-4E13-A729-53AEB2DF54F9} <C:\Program Files\Common Files\Thunder Network\KanKan\LiveDapCtrl.1.0.0.9.(154).dll, (Signed) ShenZhen Thunder Networking Technologies Ltd.>
[InfoSecICBCNetSign Class]
{B1FBC1AD-5644-4084-882A-0F8BA85E7506} <C:\WINDOWS\system32\ICBC_N~1.DLL, (Signed) Infosec Technologies Co., Ltd.>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A>
[SafeMon Class]
{B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360\360Safe\safemon\safemon.dll, (Signed) 360.cn>
[ICBC Anti-Phishing class]
{BB4491A2-D11A-4C6B-91C0-B53246A3122B} <C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\ICBC_WIN32\Icbc_AntiPhishing.dll, (Signed) 中国工商银行>
[KooPlayer Control]
{C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\DOCUME~1\ADMINI~1\APPLIC~1\CCTV\tv\CCTVPL~1.OCX, (Signed) CCTV.COM>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash11f.ocx, (Signed) Adobe Systems, Inc.>
[xoliimpl Class]
{DD5BF6D1-6663-47E0-9DFA-5C343CAF178E} <C:\WINDOWS\xinstaller.dll, (Signed) 深圳市迅雷技术有限公司>
[]
{E2E2DD38-D088-4134-82B7-F2BA38496583} <, >
[PPLive Lite Class]
{EF0D1A14-1033-41A2-A589-240C01EDC078} <C:\Program Files\Internet Explorer\PPLite\plugin\pplugin2.dll, (Signed) >
[XPPlayer Class]
{F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Program Files\Common Files\Thunder Network\KanKan\PPlayer.2.1.59150.261.(958).dll, (Signed) 深圳市迅雷网络技术有限公司>
[webmod Class]
{FEE3C8C5-9BEA-4079-AB36-63ECABFC7392} <C:\WINDOWS\system32\aliedit\2.4.0.4\alidcp.dll, (Signed) Alipay.com Co.,Ltd>
[&使用&迅雷下载]
<C:\Program Files\Thunder Network\Thunder\BHO\geturl.htm, N/A>
[&使用&迅雷下载全部链接]
<C:\Program Files\Thunder Network\Thunder\BHO\GetAllUrl.htm, N/A>
[&使用&迅雷离线下载]
<C:\Program Files\Thunder Network\Thunder\BHO\OfflineDownload.htm, N/A>
[使用迅雷看看播放器播放]
<C:\Documents and Settings\All Users\Application Data\Thunder Network\XMP4\core\program\XmpIEMenu.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
<res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000, N/A>
lvdeyan - 2012-3-1 13:30:00
正在运行的进程
[PID: 960 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1020 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1052 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[C:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\Ati2evxx.dll] [ATI Technologies Inc., 6.14.10.4178]
[PID: 1096 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
[PID: 1108 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1276 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1320 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\ikutm.dll] [youku.com, 1, 0, 0, 7]
[PID: 1664 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\ikutm.dll] [youku.com, 1, 0, 0, 7]
[C:\WINDOWS\System32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 2028 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\ikutm.dll] [youku.com, 1, 0, 0, 7]
[PID: 356 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\ikutm.dll] [youku.com, 1, 0, 0, 7]
[PID: 380 / SYSTEM][C:\Program Files\360\360Safe\deepscan\ZhuDongFangYu.exe] [360.cn, 3, 2, 2, 2001]
[C:\Program Files\360\360Safe\deepscan\cloudcom2.dll] [360.cn, 3, 2, 7, 6070]
[C:\Program Files\360\360Safe\360leakfixplugin.dll] [360.cn, 1, 0, 0, 1003]
[C:\Program Files\360\360Safe\SoftMgr\360SoftMgrS.dll] [360.cn, 2, 1, 6, 1186]
[C:\Program Files\360\360Safe\deepscan\heavygate.dll] [360.cn, 3, 7, 9, 2]
[C:\Program Files\360\360Safe\deepscan\qutmload.dll] [360.cn, 6, 9, 0, 1033]
[C:\WINDOWS\system32\ikutm.dll] [youku.com, 1, 0, 0, 7]
[PID: 1896 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.6024 (xpsp_sp3_gdr.100817-1626)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\hpzll43a.dll] [Hewlett-Packard Company, 60.053.243.00]
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpzpp43a.dll] [Hewlett-Packard Corporation, 60.053.243.00]
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\filterpipelineprintproc.dll] [Microsoft Corporation, 6.0.6000.16438 (winmain(wmbla).070123-1305)]
[PID: 1944 / SYSTEM][c:\program files\idt\wdm\STacSV.exe] [IDT, Inc., 1.0.6275.0]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\stacapi.dll] [IDT, Inc., 1.0.6275.0]
[PID: 612 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\360\360Safe\safemon\360UDiskGuard.dll] [360.cn, 2, 0, 0, 1007]
[C:\Program Files\Common Files\Thunder Network\KanKan\xappex.1.1.1.38.(752).dll] [深圳市迅雷网络技术有限公司, 1.1.1.38]
[C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\Pusher\xappdrv.1.0.0.11.dll] [, 1, 0, 0, 11]
[C:\WINDOWS\system32\AcSignIcon.dll] [Autodesk, Inc., 17.1.51.0]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053]
[C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll] [Autodesk, Inc., 17.1.51.0]
[C:\Program Files\360\360Safe\safemon\safemon.dll] [360.cn, 7, 0, 1, 1060]
[C:\Program Files\360\360Safe\safemon\iNetSafe.dll] [360.cn, 1, 0, 2, 1070]
[C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll] [Autodesk, 17.1.51.0]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.DLL] [Microsoft Corporation, 8.00.50727.4053]
[C:\WINDOWS\system32\browselc.dll] [Microsoft Corporation, 6.00.2600.0000]
[C:\Program Files\WinRAR\rarext.dll] [, ]
[C:\Program Files\360\360sd\MenuEx.dll] [360.cn, 2, 1, 0, 2071]
[C:\Program Files\360\360Safe\Utils\shell360ext.dll] [360.cn, 7, 5, 0, 1060]
[C:\Program Files\360\360Safe\360Common.dll] [360.cn, 7, 3, 0, 1030]
[D:\taobao\saler\install\AliIMExt.dll] [Alibaba software (Shanghai) Corporation., 1.0.0.1]
[C:\Program Files\Netease\Netease MailAssist\Internet Explorer\uploadext.dll] [NetEase.com,Inc, 2.1.0.4]
[C:\Program Files\Kingsoft\Kingsoft Antivirus\kavmenu.dll] [Kingsoft Corporation, 2011,09,27,15]
[C:\Program Files\Common Files\Autodesk Shared\dwf Common\DWFShellExtension.dll] [Autodesk, Inc., 1.1.0.341]
[C:\Program Files\Common Files\Autodesk Shared\dwf Common\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Common Files\Autodesk Shared\dwf Common\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Common Files\Autodesk Shared\dwf Common\DWFShellExtensionRes.dll] [Autodesk, Inc., 1.1.0.341]
[C:\Program Files\HaoZip\HaoZipExt.dll] [好压软件工作室, 2.3.1.6832]
[C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\709b207f778a3f7053329a6f3e17859c\mscorlib.ni.dll] [Microsoft Corporation, 2.0.50727.1891 (QFEN-1.050727-1800)]
[C:\Program Files\Siemens\S7-200 Explorer\Bin\S7200ExplorerNamespace.dll] [Siemens, 1.0.4.16]
[C:\Program Files\Siemens\S7-200 Explorer\Bin\WindowsShell.dll] [ , 1.0.0.0]
[C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll] [Microsoft Corporation, 2.0.50727.1891 (QFEN-1.050727-1800)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\7978492e9b3628cb2a7a93cbd9997189\System.ni.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)]
[PID: 1492 / Administrator][C:\Program Files\360\360Safe\safemon\360Tray.exe] [360.cn, 7, 7, 0, 1051]
[C:\Program Files\360\360Safe\safemon\360compro.dll] [360.cn, 7, 2, 1, 1003]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\360\360Safe\ipc\ipcservice.dll] [360.CN, 7, 1, 0, 1029]
[C:\Program Files\360\360Safe\ipc\fileMgr.dll] [360.cn, 7, 0, 0, 1021]
[C:\Program Files\360\360Safe\ipc\yhregd.dll] [360.cn, 7, 1, 0, 1007]
[C:\Program Files\360\360Safe\ipc\appd.dll] [360.cn, 7, 3, 1, 1015]
[C:\Program Files\360\360Safe\safemon\360traylive.dll] [360.cn, 8, 0, 0, 1031]
[C:\Program Files\360\360Safe\safemon\360procmon.dll] [360.CN, 6, 9, 3, 1021]
[C:\Program Files\360\360Safe\safemon\SelfProtectAPI2.dll] [360.CN, 6, 9, 0, 1011]
[C:\Program Files\360\360Safe\safemon\360MobileBase.tpi] [360.cn, 1, 5, 0, 1502]
[C:\Program Files\360\360Safe\safemon\360SafeCamera.tpi] [360.cn, 1, 0, 0, 1010]
[C:\Program Files\360\360Safe\safemon\360safemonpro.tpi] [360.cn, 2, 0, 0, 1010]
[C:\Program Files\360\360Safe\safemon\360TaskBar.tpi] [360.cn, 1, 0, 1, 1045]
[C:\Program Files\360\360Safe\safemon\DsTpi.tpi] [360.cn, 1, 0, 0, 2004]
[C:\Program Files\360\360Safe\safemon\MicroExamin.tpi] [360.cn, 8, 0, 0, 1011]
[C:\Program Files\360\360Safe\safemon\Netm.tpi] [360.cn, 4, 3, 10, 1225]
[C:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\Program Files\360\360Safe\safemon\netmon.tpi] [360.cn, 5, 1, 0, 1023]
[C:\Program Files\360\360Safe\safemon\obtracer.tpi] [360.cn, 6, 8, 0, 1107]
[C:\Program Files\360\360Safe\safemon\AutoCleanTrash.tpi] [360.cn, 1, 0, 0, 1003]
[C:\Program Files\360\360Safe\safemon\360TrayLogin.tpi] [360.cn, 2, 0, 0, 1051]
[C:\Program Files\360\360Safe\safemon\BootLeakFixer.tpi] [360.cn, 1, 0, 0, 1001]
[C:\WINDOWS\system32\ikutm.dll] [youku.com, 1, 0, 0, 7]
[C:\Program Files\360\360Safe\deepscan\qutmload.dll] [360.cn, 6, 9, 0, 1033]
[C:\Program Files\360\360Safe\ipc\qutmipc.dll] [360.cn, 7, 3, 0, 1027]
[C:\Program Files\360\360Safe\deepscan\BAPI.dll] [360.cn, 2.0.0.1031]
[C:\Program Files\360\360Safe\ipc\sbmon.dll] [360安全中心, 2, 0, 0, 1013]
[C:\Program Files\360\360Safe\ipc\360box.dll] [360安全中心, 2, 0, 0, 1001]
[C:\Program Files\360\360Safe\netmon\Netgm.dll] [360.cn, 2, 0, 1, 1030]
[C:\Program Files\360\360Safe\MiniUI.dll] [360.cn, 7, 5, 2, 2151]
[C:\Program Files\360\360Safe\safemon\360UDiskGuard.dll] [360.cn, 2, 0, 0, 1007]
[C:\Program Files\360\360Safe\SafeLive.dll] [360.cn, 2, 0, 1, 1019]
[C:\Program Files\360\360Safe\pdown.dll] [360.cn, 1, 3, 0, 1082]
[C:\Program Files\360\360Safe\360Common.dll] [360.cn, 7, 3, 0, 1030]
[C:\Program Files\360\360Safe\safemon\safemon.dll] [360.cn, 7, 0, 1, 1060]
[C:\Program Files\360\360Safe\safemon\urlproc.dll] [360.cn, 2, 1, 0, 1001]
[C:\Program Files\360\360Safe\deepscan\heavygate.dll] [360.cn, 3, 7, 9, 2]
[C:\Program Files\360\360Safe\netmon\3GIdentify.dll] [360.cn, 1, 0, 0, 1001]
[C:\Program Files\360\360Safe\360Verify.dll] [360安全中心, 1, 0, 0, 1004]
[C:\Program Files\360\360Safe\netmon\mobileflux.dll] [360.cn, 1, 0, 0, 1001]
[C:\Program Files\360\360Safe\netmon\360netctrl.dll] [360.cn, 3, 2, 11, 1120]
[C:\Program Files\360\360Safe\deepscan\Identify\Identify.dll] [360.cn, 1, 2, 0, 1001]
[C:\Program Files\360\360Safe\netmon\sysmon.dll] [360.cn, 1, 0, 1, 1121]
[C:\Program Files\360\360Safe\netmon\NetmonEP.dll] [360.cn, 2, 0, 0, 1001]
[C:\Program Files\360\360Safe\ipc\PatchCheck.dll] [360.cn, 1, 1, 0, 1016]
[C:\Program Files\360\360Safe\efiproc.dll] [奇虎360安全卫士, 1, 0, 0, 1005]
[C:\Program Files\360\360Safe\deepscan\Cloudcom2.dll] [360.cn, 3, 2, 7, 6070]
[C:\Program Files\360\360Safe\deepscan\ave\AVEI.dll] [360.cn, 1, 0, 0, 1008]
[C:\Program Files\360\360Safe\deepscan\ave\AVEngine.dll] [360.cn, 1, 0, 0, 1009]
[C:\Program Files\360\360Safe\deepscan\qvm\360QVM.dll] [360.cn, 2, 1, 0, 1001]
[C:\Program Files\360\360Safe\deepscan\dsplus.dll] [360.cn, 1, 0, 0, 1020]
[C:\Program Files\360\360Safe\deepscan\deepscan.dll] [360.cn, 3, 2, 8, 1050]
[C:\Program Files\360\360Safe\deepscan\360UC.dll] [360.cn, 1, 0, 0, 1010]
[C:\Program Files\360\360Safe\360ver.dll] [360.cn, 8, 5, 0, 2001]
[C:\Program Files\360\360Safe\safemon\Adfilter.dll] [360.cn, 1, 0, 0, 1139]
[C:\Program Files\360\360Safe\LiveUpd360.dll] [360.cn, 1, 3, 0, 1082]
[C:\Program Files\360\360Safe\360net.dll] [360.cn, 1, 2, 0, 1034]
[C:\Program Files\360\360Safe\360P2SP.dll] [360.cn, 1, 3, 0, 1036]
[C:\Program Files\360\360Safe\combineext.dll] [360.cn, 1, 0, 0, 1001]
[C:\Program Files\360\360Safe\safemon\360hipsPopWnd.dll] [360.cn, 7, 0, 0, 1037]
[C:\WINDOWS\system32\AcSignIcon.dll] [Autodesk, Inc., 17.1.51.0]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053]
lvdeyan - 2012-3-1 13:31:00
[PID: 1500 / Administrator][C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe] [Hewlett-Packard Company, 3.5.15.1]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\709b207f778a3f7053329a6f3e17859c\mscorlib.ni.dll] [Microsoft Corporation, 2.0.50727.1891 (QFEN-1.050727-1800)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\assembly\GAC_MSIL\CaslShared\3.5.1.1__9c6f83d5b7f3d097\CaslShared.dll] [Hewlett-Packard Development Company L.P., 3.5.17.1]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\7978492e9b3628cb2a7a93cbd9997189\System.ni.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\ecc0c0880528133aac633431f9128091\System.Xml.ni.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\03356e236eab21c5bf176e3d4c1c1bcc\System.Drawing.ni.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f66eb174e35422dc69a63390fd4f7de5\System.Windows.Forms.ni.dll] [Microsoft Corporation, 2.0.50727.1891 (QFEN-1.050727-1800)]
[C:\WINDOWS\assembly\GAC_MSIL\hpcasl\3.5.1.1__9c6f83d5b7f3d097\hpcasl.dll] [Hewlett-Packard Development Company L.P., 3.5.17.1]
[C:\Program Files\Hewlett-Packard\HP HotKey Support\HandlersStrings.dll] [Hewlett-Packard Company, 3.5.15.1]
[C:\Program Files\Hewlett-Packard\HP HotKey Support\CaslHotkey.dll] [Hewlett-Packard Company, 3.5.15.1]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\c7f395ab62f0bf242d1200d9218eaf3e\System.Core.ni.dll] [Microsoft Corporation, 3.5.21022.8 built by: RTM]
[C:\Program Files\Hewlett-Packard\Shared\CaslWmi.dll] [Hewlett-Packard Development Company L.P., 3.5.17.1]
[C:\Program Files\Hewlett-Packard\Shared\CaslSmBios.dll] [Hewlett-Packard Development Company L.P., 3.5.17.1]
[C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_zh-CHS_b77a5c561934e089\mscorlib.resources.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)]
[C:\Program Files\Hewlett-Packard\Shared\Interop.HPQWMIEXLib.dll] [ , 1.0.0.0]
[C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)]
[C:\Program Files\360\360Safe\safemon\safemon.dll] [360.cn, 7, 0, 1, 1060]
[PID: 1452 / Administrator][E:\Program Files\Common Files\Siemens\S7ubtoox\s7ubtstx.exe] [SIEMENS AG, S7_S7BAS_K05.04.05.00_12.01.00.01,S7_S7BAS_FLOAT_K5.4.5.0-RELEASE-0504, 0500, 1201, 0001]
[E:\simens\sp3 install\S7bin\s7aregsx.dll] [SIEMENS AG, S7_S7BAS_GLOB_K05.04.05.00_12.01.00.01,S7_S7BAS_GLOB_FLOAT_K5.4.5.0-RELEASE-0504, 0500, 1201, 0001]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1592 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1652 / Administrator][C:\Program Files\360\360sd\360sd.exe] [360.cn, 3, 0, 0, 2093]
[C:\Program Files\360\360sd\360SignCheck.dll] [360.cn, 3, 0, 0, 2085]
[C:\Program Files\360\360sd\360sd.dll] [360.cn, 3, 0, 0, 2103]
[C:\Program Files\360\360sd\QTQuart.dll] [360.cn, 2, 1, 0, 2071]
[C:\Program Files\360\360sd\CrashReport.dll] [360.cn, 3, 0, 0, 2121]
[C:\Program Files\360\360sd\deepscan\cloudsec2.dll] [360.cn, 3, 2, 8, 1051]
[C:\Program Files\360\360sd\deepscan\cloudcom2.dll] [360.cn, 3, 2, 7, 6070]
[C:\WINDOWS\system32\ikutm.dll] [youku.com, 1, 0, 0, 7]
[C:\Program Files\360\360Safe\safemon\360UDiskGuard.dll] [360.cn, 2, 0, 0, 1007]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\AcSignIcon.dll] [Autodesk, Inc., 17.1.51.0]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053]
[PID: 268 / Administrator][E:\Program Files\Common Files\Siemens\Sqlany\dbsrv9.exe] [iAnywhere Solutions, Inc., 9.0.2.3476]
[E:\Program Files\Common Files\Siemens\Sqlany\dbserv9.dll] [iAnywhere Solutions, Inc., 9.0.2.3476]
[E:\Program Files\Common Files\Siemens\Sqlany\dbctrs9.dll] [iAnywhere Solutions, Inc., 9.0.2.3476]
[E:\Program Files\Common Files\Siemens\Sqlany\dblgzh9.dll] [iAnywhere Solutions, Inc., 9.0.2.3476]
[E:\Program Files\Common Files\Siemens\Sqlany\dblgen9.dll] [iAnywhere Solutions, Inc., 9.0.2.3476]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\ikutm.dll] [youku.com, 1, 0, 0, 7]
[PID: 2908 / SYSTEM][C:\Program Files\Common Files\ArchestrA\aaLogger.exe] [Invensys Systems, Inc., 0129.0050.0000.0000]
[C:\WINDOWS\system32\ikutm.dll] [youku.com, 1, 0, 0, 7]
[PID: 3332 / SYSTEM][C:\Program Files\360\360sd\360rps.exe] [360.cn, 3, 0, 0, 2093]
[C:\Program Files\360\360sd\360SignCheck.dll] [360.cn, 3, 0, 0, 2085]
[C:\Program Files\360\360sd\CrashReport.dll] [360.cn, 3, 0, 0, 2121]
[PID: 3352 / SYSTEM][C:\Program Files\GE Fanuc\Alarm Viewer\Host\AEClientHostService.exe] [GE Fanuc Automation Americas, 00001.00000.00896.00000]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll] [Microsoft Corporation, 1.1.4322.573]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll] [Microsoft Corporation, 1.1.4322.573]
[c:\windows\microsoft.net\framework\v1.1.4322\mscorlib.dll] [Microsoft Corporation, 1.1.4322.573]
[c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_b8fd8cbd\mscorlib.dll] [N/A, ]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll] [Microsoft Corporation, 1.1.4322.573]
[c:\windows\assembly\gac\system.serviceprocess\1.0.5000.0__b03f5f7f11d50a3a\system.serviceprocess.dll] [Microsoft Corporation, 1.1.4322.573]
[c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll] [Microsoft Corporation, 1.1.4322.573]
[c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_c141113e\system.dll] [N/A, ]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSCORJIT.DLL] [Microsoft Corporation, 1.1.4322.573]
[c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll] [Microsoft Corporation, 1.1.4322.573]
[c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_7045f336\system.windows.forms.dll] [N/A, ]
[c:\program files\ge fanuc\alarm viewer\host\remotableaeclient.dll] [GE Fanuc Automation Americas, 00001.00000.00896.00000]
[c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll] [Microsoft Corporation, 1.1.4322.573]
[C:\WINDOWS\system32\ikutm.dll] [youku.com, 1, 0, 0, 7]
[PID: 3380 / Administrator][C:\Program Files\360\360sd\360rp.exe] [360.cn, 3, 0, 0, 2093]
[C:\Program Files\360\360sd\360SignCheck.dll] [360.cn, 3, 0, 0, 2085]
[C:\Program Files\360\360sd\360rp.dll] [360.cn, 3, 0, 0, 2094]
[C:\Program Files\360\360sd\Router.dll] [360.cn, 2, 1, 0, 2075]
[C:\Program Files\360\360sd\QTQuart.dll] [360.cn, 2, 1, 0, 2071]
[C:\Program Files\360\360sd\CrashReport.dll] [360.cn, 3, 0, 0, 2121]
[C:\Program Files\360\360Safe\deepscan\cloudcom2.dll] [360.cn, 3, 2, 7, 6070]
[C:\Program Files\360\360Safe\deepscan\Bapi.dll] [360.cn, 2.0.0.1031]
[C:\Program Files\360\360Safe\deepscan\heavygate.dll] [360.cn, 3, 7, 9, 2]
[C:\Program Files\360\360sd\deepscan\cloudcom2.dll] [360.cn, 3, 2, 7, 6070]
[C:\Program Files\360\360sd\deepscan\BAPI.dll] [360.cn, 2.0.0.1031]
[C:\Program Files\360\360sd\dep360.dll] [360.cn, 2, 0, 0, 1332]
[C:\Program Files\360\360sd\360AvFlt.dll] [360.cn, 1.1.0.1005]
[C:\Program Files\360\360sd\AVEI.dll] [360.cn, 1, 0, 0, 1004]
[C:\Program Files\360\360sd\AVEngine.dll] [360.cn, 1, 0, 0, 1007]
[C:\Program Files\360\360sd\savapi\avpack.dll] [Avira GmbH, 8.02.04.03]
[C:\Program Files\360\360sd\pluginmgr.dll] [360.cn, 3, 0, 0, 2085]
[C:\Program Files\360\360sd\immplugin\Dllhijack.dll] [360.cn, 3, 0, 0, 2085]
[C:\Program Files\360\360sd\immplugin\PopTrojan.dll] [360.cn, 3, 0, 0, 2085]
[C:\Program Files\360\360sd\immplugin\LockAcad.dll] [360.cn, 3, 0, 0, 2121]
[C:\Program Files\360\360sd\deepscan\heavygate.dll] [360.cn, 3, 7, 9, 2]
[C:\Program Files\360\360sd\QuickBack.dll] [360.cn, 3, 0, 0, 2093]
[C:\Program Files\360\360sd\deepscan\CQhCltHttpW.dll] [360.cn, 1, 0, 5, 5084]
[C:\WINDOWS\system32\ikutm.dll] [youku.com, 1, 0, 0, 7]
[C:\Program Files\360\360Safe\safemon\360webpro.dll] [360.CN, 2, 1, 1, 1001]
[C:\Program Files\360\360Safe\safemon\SomProxy.dll] [360.cn, 1, 0, 0, 1132]
[C:\Program Files\360\360sd\360QVM.dll] [360.cn, 2, 0, 0, 1007]
[C:\Program Files\360\360sd\AntiAdwa.dll] [360.cn, 6, 3, 0, 1026]
[C:\Program Files\360\360sd\deepscan\DsSysRepair.dll] [360.cn, 1, 0, 0, 1039]
[C:\WINDOWS\system32\AcSignIcon.dll] [Autodesk, Inc., 17.1.51.0]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053]
[C:\Program Files\360\360sd\deepscan\cloudsec2.dll] [360.cn, 3, 2, 8, 1051]
[C:\Program Files\360\360sd\deepscan\deepscan.dll] [360.cn, 3, 2, 8, 1050]
[C:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\Program Files\360\360sd\deepscan\SoftCheck.dll] [360.cn, 5, 6, 1, 1001]
[C:\Program Files\360\360sd\deepscan\qutmload.dll] [360.cn, 6, 9, 0, 1033]
[C:\Program Files\360\360sd\MBRScan.dll] [360.cn, 1, 0, 0, 1021]
[PID: 168 / SYSTEM][C:\Program Files\LSI SoftModem\agrsmsvc.exe] [LSI Corporation, 1.0.0.10]
[PID: 3264 / SYSTEM][E:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe] [SIEMENS AG, K04.00.02.00_01.14.00.06 release]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[E:\Program Files\Common Files\Siemens\SWS\PlugIns\epl\Almpgiuclx.dll] [SIEMENS AG, K04.00.02.00_01.14.00.06 release]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.DLL] [Microsoft Corporation, 8.00.50727.4053]
[E:\Program Files\Common Files\Siemens\SWS\PlugIns\SCP\almpgiscp2x.dll] [SIEMENS AG, K04.00.02.00_01.14.00.06 release]
[E:\Program Files\Common Files\Siemens\SWS\PlugIns\SCP\Scpw32.dll] [SCPW32, V1.0.1.18]
[E:\Program Files\Common Files\Siemens\SWS\PlugIns\SCP\ScpBw32.dll] [SCPBW32, V1.0.1.25]
[E:\Program Files\Common Files\Siemens\SWS\PlugIns\SCP\Rslibw32.dll] [RSLIBW32, V1.0.3.20]
[E:\Program Files\Common Files\Siemens\SWS\PlugIns\SCP\almpgiscp3x.dll] [SIEMENS AG, K04.00.02.00_01.14.00.06 release]
[E:\Program Files\Common Files\Siemens\SWS\PlugIns\SCP\Scpwin32.dll] [, 1, 0, 3, 7]
[E:\Program Files\Common Files\Siemens\SWS\almsrv\almpersistencemanagerx.dll] [SIEMENS AG, K04.00.02.00_01.14.00.06 release]
[C:\WINDOWS\system32\msjetoledb40.dll] [, ]
[PID: 1744 / SYSTEM][C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe] [Autodesk, 2.80.011]
[PID: 3448 / SYSTEM][C:\Program Files\GE Fanuc\Proficy Common\M4 Common Licensing\CCFLIC0.exe] [GE Fanuc Automation, 00012.00001.00859.00000]
[C:\Program Files\GE Fanuc\Proficy Common\M4 Common Licensing\CCFLIC1.dll] [GE Fanuc Automation, 00012.00001.00859.00000]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[PID: 2364 / SYSTEM][C:\Program Files\CMBCHINA\WebProtect\WPService.exe] [China Merchants Bank, 1, 0, 0, 1]
[C:\Program Files\CMBCHINA\WebProtect\WebProtectPlus.dll] [China Merchants Bank, 1, 0, 0, 1]
[C:\WINDOWS\system32\ikutm.dll] [youku.com, 1, 0, 0, 7]
[PID: 2688 / SYSTEM][E:\forcecon\6.1install\DbCommServer.exe] [Beijing Sunway ForceControl Technology Co.,Ltd, 6, 0, 9, 1]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 2680 / SYSTEM][E:\forcecon\install\DbCommServer.exe] [Beijing Sunway ForceControl Technology Co.,Ltd, 7, 0, 1, 1]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 3344 / SYSTEM][C:\Program Files\Common Files\ArchestrA\NTServApp.exe] [Wonderware Corporation, 7, 1, 0, 0]
[PID: 3480 / SYSTEM][C:\WINDOWS\system32\hasplms.exe] [Aladdin Knowledge Systems Ltd., 12.10.1.2148]
[C:\WINDOWS\system32\ikutm.dll] [youku.com, 1, 0, 0, 7]
[PID: 3748 / SYSTEM][C:\Program Files\kingview\HistorySvr.exe] [, 65, 20, 2002, 10000]
[C:\Program Files\kingview\King.dll] [, 65, 20, 2002, 11700]
[C:\Program Files\kingview\nettransdll.dll] [, 65, 20, 2002, 10100]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\ikutm.dll] [youku.com, 1, 0, 0, 7]
[PID: 3856 / SYSTEM][C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe] [Hewlett-Packard Company, 3, 5, 15, 1]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 3296 / SYSTEM][C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\ICBC_WIN32\IcbcDaemon.exe] [N/A, ]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 260 / SYSTEM][C:\WINDOWS\Intellution\iLicenseSvc.exe] [GE Fanuc Automation Americas, Inc., 4.0.6192.0]
[PID: 264 / NETWORK SERVICE][C:\Program Files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe] [Microsoft Corporation, 9.00.1399.00]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\709b207f778a3f7053329a6f3e17859c\mscorlib.ni.dll] [Microsoft Corporation, 2.0.50727.1891 (QFEN-1.050727-1800)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\7978492e9b3628cb2a7a93cbd9997189\System.ni.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\MsDtsSrvr\b17b679d407cddb310d241e0a8bee633\MsDtsSrvr.ni.exe] [Microsoft Corporation, 9.00.1399.00]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7b68776710058127a6272f4c0f2e2dd9\System.ServiceProcess.ni.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\ff8xxxedda0490a227bcc0f96e60f5569\Microsoft.SqlServer.MgdSqlDumper.ni.dll] [Microsoft Corporation, 2005.090.1399.00]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcm80.dll] [Microsoft Corporation, 8.00.50727.4053]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\c5d69d419ed6b2022b6529f2e7f16dff\System.Configuration.ni.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\ecc0c0880528133aac633431f9128091\System.Xml.ni.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)]
[C:\WINDOWS\assembly\GAC_MSIL\System.resources\2.0.0.0_zh-CHS_b77a5c561934e089\System.resources.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\4cea697742cff62085702d9593cefb46\Microsoft.SqlServer.DtsServer.Interop.ni.dll] [ , 9.0.242.0]
[C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_zh-CHS_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)]
lvdeyan - 2012-3-1 13:32:00
[PID: 1508 / SYSTEM][C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe] [Microsoft Corporation, 2005.090.1399.00]
[C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\Resources\1033\sqlevn70.RLL] [Microsoft Corporation, 2005.090.1399.00]
[C:\WINDOWS\system32\ikutm.dll] [youku.com, 1, 0, 0, 7]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.DLL] [Microsoft Corporation, 8.00.50727.4053]
[PID: 3460 / SYSTEM][C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\bin\msmdsrv.exe] [Microsoft Corporation, 2005.090.1399.00]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcm80.dll] [Microsoft Corporation, 8.00.50727.4053]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\709b207f778a3f7053329a6f3e17859c\mscorlib.ni.dll] [Microsoft Corporation, 2.0.50727.1891 (QFEN-1.050727-1800)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\7978492e9b3628cb2a7a93cbd9997189\System.ni.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\msmgdsrv\e7725f1ea4118714bab3b8d33046eae8\msmgdsrv.ni.dll] [Microsoft Corporation, 2005.090.1399.00]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\ikutm.dll] [youku.com, 1, 0, 0, 7]
[PID: 2556 / SYSTEM][C:\WINDOWS\system32\D4Ser_ICBC.exe] [Tendyron Corporation, 1, 0, 0, 1]
[PID: 2608 / SYSTEM][C:\WINDOWS\system32\D4MON_ICBC.exe] [Tendyron Corporation, 1, 0, 0, 0]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 2636 / SYSTEM][C:\WINDOWS\system32\HPZipm12.exe] [HP, 10, 1, 1, 2]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 2700 / SYSTEM][E:\simens\sp3 install\S7BIN\s7asysvx.exe] [SIEMENS AG, S7_S7BAS_K05.04.05.00_12.01.00.01,S7_S7BAS_FLOAT_K5.4.5.0-RELEASE-0504, 0500, 1201, 0001]
[PID: 2820 / SYSTEM][E:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe] [SIEMENS AG, K08.01.02.00_01.04.00.02 release]
[C:\WINDOWS\system32\s7onlinx.dll] [SIEMENS AG, K08.01.02.00_01.04.00.02 release]
[C:\WINDOWS\system32\s7oniepgx.dll] [SIEMENS AG, K08.01.02.00_01.04.00.02 release]
[C:\WINDOWS\system32\s7ontcp.dll] [SIEMENS AG, V 07.01.1154.3551 - REL]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\ikutm.dll] [youku.com, 1, 0, 0, 7]
[PID: 2948 / SYSTEM][C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe] [SIEMENS AG, K08.01.02.00_01.04.00.02 release]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 2340 / SYSTEM][C:\Program Files\Common Files\ArchestrA\slssvc.exe] [Invensys Systems, Inc., 0034.0003.0000.0000]
[C:\WINDOWS\system32\ikutm.dll] [youku.com, 1, 0, 0, 7]
[PID: 3652 / SYSTEM][C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe] [Microsoft Corporation, 2005.090.1399.00]
[C:\WINDOWS\system32\ikutm.dll] [youku.com, 1, 0, 0, 7]
[PID: 1768 / SYSTEM][C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe] [Microsoft Corporation, 2005.090.1399.00]
[PID: 332 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1504 / SYSTEM][C:\Documents and Settings\Administrator\Application Data\CT_ZTEMT_USB\MonServiceUDisk.exe] [N/A, ]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 2180 / SYSTEM][C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe] [VMware, Inc., 3.0.0 build-53669]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\VMware\VMware Workstation\vmacore.dll] [VMware, Inc., 1.0]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\VMware\VMware Workstation\LIBEAYNF32.dll] [Eric Young, The OpenSSL Project, VMware Inc., OpenSSL 0.9.7l (VMware build 100)]
[C:\Program Files\VMware\VMware Workstation\SSLEAYNF32.dll] [Eric Young, The OpenSSL Project, VMware Inc., OpenSSL 0.9.7l (VMware build 100)]
[C:\Program Files\VMware\VMware Workstation\vmomi.dll] [VMware, Inc., 1.0]
[C:\Program Files\VMware\VMware Workstation\ufa-common.dll] [VMware, Inc., 3.0.0 build-53669]
[C:\Program Files\VMware\VMware Workstation\types.dll] [VMware, Inc., 3.0.0 build-53669]
[C:\Program Files\VMware\VMware Workstation\ufa-types.dll] [VMware, Inc., 3.0.0 build-53669]
[C:\Program Files\VMware\VMware Workstation\ufa-agent.dll] [VMware, Inc., 3.0.0 build-53669]
[C:\Program Files\VMware\VMware Workstation\ufa-vmsvc.dll] [VMware, Inc., 3.0.0 build-53669]
[C:\Program Files\VMware\VMware Workstation\ufa-client.dll] [VMware, Inc., 3.0.0 build-53669]
[C:\Program Files\VMware\VMware Workstation\ufa-slave.dll] [VMware, Inc., 3.0.0 build-53669]
[C:\Program Files\VMware\VMware Workstation\ufa-sysMigration.dll] [VMware, Inc., 3.0.0 build-53669]
[C:\Program Files\VMware\VMware Workstation\ufa-sysReconfig.dll] [VMware, Inc., 3.0.0 build-53669]
[C:\Program Files\VMware\VMware Workstation\mspack.dll] [N/A, ]
[C:\Program Files\VMware\VMware Workstation\ufa-vmImporter.dll] [VMware, Inc., 3.0.0 build-53669]
[C:\Program Files\VMware\VMware Workstation\deployPkg.dll] [VMware, Inc., 4.0.0 build-43861]
[C:\Program Files\VMware\VMware Workstation\vssSnapXP.dll] [VMware, Inc., 3.0.0 build-53669]
[PID: 4600 / SYSTEM][C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe] [VMware, Inc., 1.5.2 build-42958]
[C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmxScsiLib.dll] [VMware, Inc., 1.5.2 build-42958]
[C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\SSLEAY32.dll] [N/A, ]
[C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\LIBEAY32.dll] [N/A, ]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 5800 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[c:\program files\common files\thunder network\serviceplatform\xlsp.dll] [深圳市迅雷网络技术有限公司, 1.0.1.278]
[c:\program files\common files\thunder network\serviceplatform\MSVCP71.dll] [Microsoft Corporation, 7.10.6030.0]
[c:\program files\common files\thunder network\serviceplatform\MSVCR71.dll] [Microsoft Corporation, 7.10.6030.0]
[c:\program files\common files\thunder network\serviceplatform\XLBugHandler.dll] [, 2, 2, 0, 7]
[c:\program files\common files\thunder network\serviceplatform\XLDocSer.dll] [深圳市迅雷网络技术有限公司, 1.0.1.278]
[C:\WINDOWS\system32\ikutm.dll] [youku.com, 1, 0, 0, 7]
[C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\Pusher\xappdrv.1.0.0.11.dll] [, 1, 0, 0, 11]
[PID: 5852 / SYSTEM][C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe] [Microsoft Corporation, 12.0.5626.1]
[PID: 5944 / SYSTEM][C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE] [Microsoft Corporation, 2005.090.1399.00]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcm80.dll] [Microsoft Corporation, 8.00.50727.4053]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\709b207f778a3f7053329a6f3e17859c\mscorlib.ni.dll] [Microsoft Corporation, 2.0.50727.1891 (QFEN-1.050727-1800)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 6000 / SYSTEM][C:\Program Files\VMware\VMware Workstation\vmware-authd.exe] [VMware, Inc., 6.0.2 build-59824]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\VMware\VMware Workstation\vmwarebase.DLL] [VMware, Inc., 6.0.2 build-59824]
[C:\Program Files\VMware\VMware Workstation\vmcryptolib.DLL] [VMware, Inc., 6.0.0 build-43577]
[C:\Program Files\VMware\VMware Workstation\libxml2.dll] [N/A, ]
[C:\Program Files\VMware\VMware Workstation\iconv.dll] [Free Software Foundation, 1.9]
[C:\Program Files\VMware\VMware Workstation\zlib1.dll] [, 1.2.3]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\ikutm.dll] [youku.com, 1, 0, 0, 7]
[PID: 4300 / SYSTEM][C:\WINDOWS\system32\wbem\unsecapp.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1404 / SYSTEM][C:\WINDOWS\system32\wbem\wmiprvse.exe] [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 2456 / SYSTEM][C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe] [Hewlett-Packard Company, 3, 5, 11, 1]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 4240 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\ikutm.dll] [youku.com, 1, 0, 0, 7]
[PID: 3668 / Administrator][E:\Program Files\Common Files\Siemens\SWS\almsrv\almsrvbubblex.exe] [SIEMENS AG, K04.00.02.00_01.14.00.06 release]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\360\360Safe\safemon\safemon.dll] [360.cn, 7, 0, 1, 1060]
[PID: 4172 / Administrator][C:\Program Files\360\360se3\360se.exe] [360.cn, 4, 0, 5, 2]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8rlmon.dll] [Microsoft Corporation, 8.00.6001.19072 (longhorn_ie8_gdr.110420-1700)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8ertutil.dll] [Microsoft Corporation, 8.00.6001.19072 (longhorn_ie8_gdr.110420-1700)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8ininet.dll] [Microsoft Corporation, 8.00.6001.19072 (longhorn_ie8_gdr.110420-1700)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8eframe.dll] [Microsoft Corporation, 8.00.6001.19072 (longhorn_ie8_gdr.110420-1700)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8shtml.dll] [Microsoft Corporation, 8.00.6001.19088 (longhorn_ie8_gdr.110527-1700)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8bscript.dll] [Microsoft Corporation, 5.8.6001.23141]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8hdocvw.dll] [Microsoft Corporation, 6.00.2900.5969 (xpsp_sp3_gdr.100416-1716)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8mgutil.dll] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8ngfilt.dll] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8script.dll] [Microsoft Corporation, 5.8.6001.23141]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8shtmled.dll] [Microsoft Corporation, 8.00.6001.19072 (longhorn_ie8_gdr.110420-1700)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8shtmler.dll] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8xtmsft.dll] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8xtrans.dll] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8eui.dll] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8srating.dll] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\Program Files\360\360se3\SafeCentral\SafeCentral.dll] [360.cn, 2, 0, 3, 1023]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\360\360Safe\safemon\safemon.dll] [360.cn, 7, 0, 1, 1060]
[C:\Program Files\360\360se3\SafeCentral\urlproc.dll] [360.cn, 2, 2, 0, 1001]
[C:\Program Files\360\360Safe\safemon\iNetSafe.dll] [360.cn, 1, 0, 2, 1070]
[C:\PROGRA~1\360\360se3\pluginbar.dll] [ 360.cn, 1, 0, 2, 1010]
[C:\Program Files\360\360se3\sqlite3.dll] [360.cn, 3, 7, 2, 1000]
[C:\Program Files\360\360Safe\safemon\urlproc.dll] [360.cn, 2, 1, 0, 1001]
[C:\WINDOWS\system32\ikutm.dll] [youku.com, 1, 0, 0, 7]
[C:\Program Files\360\360Safe\deepscan\heavygate.dll] [360.cn, 3, 7, 9, 2]
[C:\Program Files\360\360se3\adfilter.dll] [360.cn, 1, 1, 0, 1043]
[C:\Program Files\360\360Safe\Safemon\adfilter.dll] [360.cn, 1, 0, 0, 1139]
[C:\Program Files\360\360se3\doctor.dll] [360.cn, 1, 0, 1, 1045]
[C:\Documents and Settings\Administrator\Application Data\360se\extensions\ExtDoctor\doctor.dll] [360.cn, 1, 0, 1, 1039]
[C:\Program Files\360\360Safe\safemon\sepro.dll] [360.cn, 1, 2, 0, 1040]
[C:\Program Files\360\360se3\SafeCentral\wdui2.dll] [360.cn, 1, 0, 0, 1090]
[C:\PROGRA~1\360\360se3\favorites\favorites.dll] [360.cn, 2, 1, 3, 1119]
[C:\PROGRA~1\360\360se3\LoginEnrol\LoginEnrol.dll] [360.cn, 2, 1, 3, 1119]
[C:\Documents and Settings\Administrator\Application Data\360se\Apps\ExtWebmail\ExtWebMail.dll] [ 360.cn, 3, 0, 3, 1036]
[C:\Documents and Settings\Administrator\Application Data\360se\Apps\NotifyDown.dll] [ 360.cn, 1, 0, 0, 1018]
[C:\Program Files\360\360se3\SafeCentral\SiteVerifier.dll] [KOAL, 1, 0, 1, 2]
[C:\PROGRA~1\360\360se3\download.dll] [360.cn, 2, 0, 0, 1006]
[C:\Program Files\360\360Safe\safemon\360UDiskGuard.dll] [360.cn, 2, 0, 0, 1007]
[C:\WINDOWS\system32\AcSignIcon.dll] [Autodesk, Inc., 17.1.51.0]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053]
[C:\Program Files\360\360se3\360dl.dll] [360.cn, 1, 0, 0, 7]
[PID: 4136 / Administrator][C:\Program Files\360\360se3\360se.exe] [360.cn, 4, 0, 5, 2]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8rlmon.dll] [Microsoft Corporation, 8.00.6001.19072 (longhorn_ie8_gdr.110420-1700)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8ertutil.dll] [Microsoft Corporation, 8.00.6001.19072 (longhorn_ie8_gdr.110420-1700)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8ininet.dll] [Microsoft Corporation, 8.00.6001.19072 (longhorn_ie8_gdr.110420-1700)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8eframe.dll] [Microsoft Corporation, 8.00.6001.19072 (longhorn_ie8_gdr.110420-1700)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8shtml.dll] [Microsoft Corporation, 8.00.6001.19088 (longhorn_ie8_gdr.110527-1700)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8bscript.dll] [Microsoft Corporation, 5.8.6001.23141]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8hdocvw.dll] [Microsoft Corporation, 6.00.2900.5969 (xpsp_sp3_gdr.100416-1716)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8mgutil.dll] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8ngfilt.dll] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8script.dll] [Microsoft Corporation, 5.8.6001.23141]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8shtmled.dll] [Microsoft Corporation, 8.00.6001.19072 (longhorn_ie8_gdr.110420-1700)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8shtmler.dll] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8xtmsft.dll] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8xtrans.dll] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8eui.dll] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8srating.dll] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\Program Files\360\360se3\SafeCentral\SafeCentral.dll] [360.cn, 2, 0, 3, 1023]
[C:\Program Files\360\360se3\Favorites\Favorites.dll] [360.cn, 2, 1, 3, 1119]
[C:\Program Files\360\360se3\LoginEnrol\LoginEnrol.dll] [360.cn, 2, 1, 3, 1119]
[C:\Program Files\360\360se3\SafeCentral\urlproc.dll] [360.cn, 2, 2, 0, 1001]
[C:\Program Files\360\360se3\sqlite3.dll] [360.cn, 3, 7, 2, 1000]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\360\360Safe\safemon\safemon.dll] [360.cn, 7, 0, 1, 1060]
[C:\Program Files\360\360Safe\safemon\iNetSafe.dll] [360.cn, 1, 0, 2, 1070]
[C:\Program Files\360\360Safe\safemon\urlproc.dll] [360.cn, 2, 1, 0, 1001]
[C:\WINDOWS\system32\ikutm.dll] [youku.com, 1, 0, 0, 7]
[C:\Program Files\360\360Safe\deepscan\heavygate.dll] [360.cn, 3, 7, 9, 2]
[C:\Program Files\360\360se3\adfilter.dll] [360.cn, 1, 1, 0, 1043]
[C:\Program Files\360\360Safe\Safemon\adfilter.dll] [360.cn, 1, 0, 0, 1139]
[C:\Program Files\360\360se3\doctor.dll] [360.cn, 1, 0, 1, 1045]
[C:\Program Files\360\360Safe\safemon\sepro.dll] [360.cn, 1, 2, 0, 1040]
[C:\Program Files\360\360se3\SafeCentral\wdui2.dll] [360.cn, 1, 0, 0, 1090]
[C:\WINDOWS\system32\Macromed\Flash\Flash11f.ocx] [Adobe Systems, Inc., 11,1,102,62]
[C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 6.1.0.6700]
[C:\Program Files\SogouInput\6.1.0.6700\Resource.dll] [Sogou.com Inc., 6.1.0.6700]
lvdeyan - 2012-3-1 13:33:00
[PID: 6132 / Administrator][C:\Program Files\360\360se3\SafeCentral\urlproc.exe] [360.cn, 2, 0, 1, 1009]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\360\360Safe\safemon\safemon.dll] [360.cn, 7, 0, 1, 1060]
[C:\Program Files\360\360se3\SafeCentral\urlproc.dll] [360.cn, 2, 2, 0, 1001]
[C:\Program Files\360\360se3\sqlite3.dll] [360.cn, 3, 7, 2, 1000]
[C:\WINDOWS\system32\ikutm.dll] [youku.com, 1, 0, 0, 7]
[C:\Program Files\360\360se3\SafeCentral\wdui2.dll] [360.cn, 1, 0, 0, 1090]
[PID: 2100 / Administrator][C:\Program Files\360\360se3\360se.exe] [360.cn, 4, 0, 5, 2]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8rlmon.dll] [Microsoft Corporation, 8.00.6001.19072 (longhorn_ie8_gdr.110420-1700)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8ertutil.dll] [Microsoft Corporation, 8.00.6001.19072 (longhorn_ie8_gdr.110420-1700)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8ininet.dll] [Microsoft Corporation, 8.00.6001.19072 (longhorn_ie8_gdr.110420-1700)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8eframe.dll] [Microsoft Corporation, 8.00.6001.19072 (longhorn_ie8_gdr.110420-1700)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8shtml.dll] [Microsoft Corporation, 8.00.6001.19088 (longhorn_ie8_gdr.110527-1700)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8bscript.dll] [Microsoft Corporation, 5.8.6001.23141]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8hdocvw.dll] [Microsoft Corporation, 6.00.2900.5969 (xpsp_sp3_gdr.100416-1716)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8mgutil.dll] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8ngfilt.dll] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8script.dll] [Microsoft Corporation, 5.8.6001.23141]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8shtmled.dll] [Microsoft Corporation, 8.00.6001.19072 (longhorn_ie8_gdr.110420-1700)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8shtmler.dll] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8xtmsft.dll] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8xtrans.dll] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8eui.dll] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8srating.dll] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\Program Files\360\360se3\SafeCentral\SafeCentral.dll] [360.cn, 2, 0, 3, 1023]
[C:\Program Files\360\360se3\Favorites\Favorites.dll] [360.cn, 2, 1, 3, 1119]
[C:\Program Files\360\360se3\LoginEnrol\LoginEnrol.dll] [360.cn, 2, 1, 3, 1119]
[C:\Program Files\360\360se3\SafeCentral\urlproc.dll] [360.cn, 2, 2, 0, 1001]
[C:\Program Files\360\360se3\sqlite3.dll] [360.cn, 3, 7, 2, 1000]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\360\360Safe\safemon\safemon.dll] [360.cn, 7, 0, 1, 1060]
[C:\Program Files\360\360Safe\safemon\iNetSafe.dll] [360.cn, 1, 0, 2, 1070]
[C:\Program Files\360\360Safe\safemon\urlproc.dll] [360.cn, 2, 1, 0, 1001]
[C:\Program Files\360\360Safe\deepscan\heavygate.dll] [360.cn, 3, 7, 9, 2]
[C:\WINDOWS\system32\ikutm.dll] [youku.com, 1, 0, 0, 7]
[C:\Program Files\360\360se3\adfilter.dll] [360.cn, 1, 1, 0, 1043]
[C:\Program Files\360\360Safe\Safemon\adfilter.dll] [360.cn, 1, 0, 0, 1139]
[C:\Program Files\360\360se3\doctor.dll] [360.cn, 1, 0, 1, 1045]
[C:\Program Files\360\360Safe\safemon\sepro.dll] [360.cn, 1, 2, 0, 1040]
[C:\Program Files\360\360se3\SafeCentral\wdui2.dll] [360.cn, 1, 0, 0, 1090]
[C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 6.1.0.6700]
[C:\Program Files\SogouInput\6.1.0.6700\Resource.dll] [Sogou.com Inc., 6.1.0.6700]
[PID: 3464 / Administrator][C:\Program Files\Common Files\PPLiveNetwork\PPAP.EXE] [PPLive Corporation, 3, 0, 0, 5551]
[C:\Program Files\Common Files\PPLiveNetwork\MngModule.dll] [, 1, 7, 0, 24]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\360\360Safe\safemon\safemon.dll] [360.cn, 7, 0, 1, 1060]
[C:\Program Files\Common Files\PPLiveNetwork\kernel\live\live.dll] [Synacast, 1, 3, 1, 5]
[C:\Program Files\Common Files\PPLiveNetwork\kernel\FWUpnp.dll] [N/A, ]
[C:\WINDOWS\system32\ikutm.dll] [youku.com, 1, 0, 0, 7]
[PID: 4912 / Administrator][C:\WINDOWS\system32\taskmgr.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\360\360Safe\safemon\safemon.dll] [360.cn, 7, 0, 1, 1060]
[PID: 2304 / Administrator][C:\Program Files\YouKu\common\ikucmc.exe] [Youku.com, 1.0.3.0]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\YouKu\common\ikucrash.dll] [Youku.com, 2.1.5.12150]
[C:\Program Files\360\360Safe\safemon\safemon.dll] [360.cn, 7, 0, 1, 1060]
[C:\WINDOWS\system32\ikutm.dll] [youku.com, 1, 0, 0, 7]
[PID: 7428 / Administrator][C:\Program Files\YouKu\common\ikuacc.exe] [Youku.com, 1.0.6.12150]
[C:\Program Files\YouKu\common\ikucrash.dll] [Youku.com, 2.1.5.12150]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\360\360Safe\safemon\safemon.dll] [360.cn, 7, 0, 1, 1060]
[C:\WINDOWS\system32\ikutm.dll] [youku.com, 1, 0, 0, 7]
[PID: 7348 / Administrator][C:\Program Files\360\360se3\360se.exe] [360.cn, 4, 0, 5, 2]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8rlmon.dll] [Microsoft Corporation, 8.00.6001.19072 (longhorn_ie8_gdr.110420-1700)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8ertutil.dll] [Microsoft Corporation, 8.00.6001.19072 (longhorn_ie8_gdr.110420-1700)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8ininet.dll] [Microsoft Corporation, 8.00.6001.19072 (longhorn_ie8_gdr.110420-1700)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8eframe.dll] [Microsoft Corporation, 8.00.6001.19072 (longhorn_ie8_gdr.110420-1700)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8shtml.dll] [Microsoft Corporation, 8.00.6001.19088 (longhorn_ie8_gdr.110527-1700)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8bscript.dll] [Microsoft Corporation, 5.8.6001.23141]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8hdocvw.dll] [Microsoft Corporation, 6.00.2900.5969 (xpsp_sp3_gdr.100416-1716)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8mgutil.dll] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8ngfilt.dll] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8script.dll] [Microsoft Corporation, 5.8.6001.23141]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8shtmled.dll] [Microsoft Corporation, 8.00.6001.19072 (longhorn_ie8_gdr.110420-1700)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8shtmler.dll] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8xtmsft.dll] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8xtrans.dll] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8eui.dll] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8srating.dll] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\Program Files\360\360se3\SafeCentral\SafeCentral.dll] [360.cn, 2, 0, 3, 1023]
[C:\Program Files\360\360se3\Favorites\Favorites.dll] [360.cn, 2, 1, 3, 1119]
[C:\Program Files\360\360se3\LoginEnrol\LoginEnrol.dll] [360.cn, 2, 1, 3, 1119]
[C:\Program Files\360\360se3\SafeCentral\urlproc.dll] [360.cn, 2, 2, 0, 1001]
[C:\Program Files\360\360se3\sqlite3.dll] [360.cn, 3, 7, 2, 1000]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\360\360Safe\safemon\safemon.dll] [360.cn, 7, 0, 1, 1060]
[C:\Program Files\360\360Safe\safemon\iNetSafe.dll] [360.cn, 1, 0, 2, 1070]
[C:\Program Files\360\360Safe\safemon\urlproc.dll] [360.cn, 2, 1, 0, 1001]
[C:\Program Files\360\360Safe\deepscan\heavygate.dll] [360.cn, 3, 7, 9, 2]
[C:\Program Files\360\360se3\adfilter.dll] [360.cn, 1, 1, 0, 1043]
[C:\Program Files\360\360Safe\Safemon\adfilter.dll] [360.cn, 1, 0, 0, 1139]
[C:\WINDOWS\system32\ikutm.dll] [youku.com, 1, 0, 0, 7]
[C:\Program Files\360\360se3\doctor.dll] [360.cn, 1, 0, 1, 1045]
[C:\Program Files\360\360Safe\safemon\sepro.dll] [360.cn, 1, 2, 0, 1040]
[C:\Program Files\360\360se3\SafeCentral\wdui2.dll] [360.cn, 1, 0, 0, 1090]
[C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 6.1.0.6700]
[C:\Program Files\SogouInput\6.1.0.6700\Resource.dll] [Sogou.com Inc., 6.1.0.6700]
[C:\WINDOWS\system32\Macromed\Flash\Flash11f.ocx] [Adobe Systems, Inc., 11,1,102,62]
[PID: 4708 / Administrator][C:\Program Files\360\360se3\360se.exe] [360.cn, 4, 0, 5, 2]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8rlmon.dll] [Microsoft Corporation, 8.00.6001.19072 (longhorn_ie8_gdr.110420-1700)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8ertutil.dll] [Microsoft Corporation, 8.00.6001.19072 (longhorn_ie8_gdr.110420-1700)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8ininet.dll] [Microsoft Corporation, 8.00.6001.19072 (longhorn_ie8_gdr.110420-1700)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8eframe.dll] [Microsoft Corporation, 8.00.6001.19072 (longhorn_ie8_gdr.110420-1700)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8shtml.dll] [Microsoft Corporation, 8.00.6001.19088 (longhorn_ie8_gdr.110527-1700)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8bscript.dll] [Microsoft Corporation, 5.8.6001.23141]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8hdocvw.dll] [Microsoft Corporation, 6.00.2900.5969 (xpsp_sp3_gdr.100416-1716)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8mgutil.dll] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8ngfilt.dll] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8script.dll] [Microsoft Corporation, 5.8.6001.23141]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8shtmled.dll] [Microsoft Corporation, 8.00.6001.19072 (longhorn_ie8_gdr.110420-1700)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8shtmler.dll] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8xtmsft.dll] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8xtrans.dll] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8eui.dll] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\Documents and Settings\Administrator\Application Data\360SE\ie8core\8srating.dll] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\Program Files\360\360se3\SafeCentral\SafeCentral.dll] [360.cn, 2, 0, 3, 1023]
[C:\Program Files\360\360se3\Favorites\Favorites.dll] [360.cn, 2, 1, 3, 1119]
[C:\Program Files\360\360se3\LoginEnrol\LoginEnrol.dll] [360.cn, 2, 1, 3, 1119]
[C:\Program Files\360\360se3\SafeCentral\urlproc.dll] [360.cn, 2, 2, 0, 1001]
[C:\Program Files\360\360se3\sqlite3.dll] [360.cn, 3, 7, 2, 1000]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\360\360Safe\safemon\safemon.dll] [360.cn, 7, 0, 1, 1060]
[C:\Program Files\360\360Safe\safemon\iNetSafe.dll] [360.cn, 1, 0, 2, 1070]
[C:\Program Files\360\360Safe\safemon\urlproc.dll] [360.cn, 2, 1, 0, 1001]
[C:\Program Files\360\360Safe\deepscan\heavygate.dll] [360.cn, 3, 7, 9, 2]
[C:\Program Files\360\360se3\adfilter.dll] [360.cn, 1, 1, 0, 1043]
[C:\WINDOWS\system32\ikutm.dll] [youku.com, 1, 0, 0, 7]
[C:\Program Files\360\360Safe\Safemon\adfilter.dll] [360.cn, 1, 0, 0, 1139]
[C:\Program Files\360\360se3\doctor.dll] [360.cn, 1, 0, 1, 1045]
[C:\Program Files\360\360Safe\safemon\sepro.dll] [360.cn, 1, 2, 0, 1040]
[C:\Program Files\360\360se3\SafeCentral\wdui2.dll] [360.cn, 1, 0, 0, 1090]
[C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 6.1.0.6700]
[C:\Program Files\SogouInput\6.1.0.6700\Resource.dll] [Sogou.com Inc., 6.1.0.6700]
[C:\WINDOWS\system32\Macromed\Flash\Flash11f.ocx] [Adobe Systems, Inc., 11,1,102,62]
[PID: 7288 / Administrator][D:\windows\sreng2\SREngLdr.EXE] [Smallfrogs Studio, 2.7.1.1261]
[PID: 7504 / Administrator][D:\windows\sreng2\SRE3cb1113b.EXE] [Smallfrogs Studio, 2.7.1.1261]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\360\360Safe\safemon\safemon.dll] [360.cn, 7, 0, 1, 1060]
[C:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[D:\windows\sreng2\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
[C:\WINDOWS\system32\ikutm.dll] [youku.com, 1, 0, 0, 7]
[PID: 5668 / Administrator][C:\WINDOWS\system32\regsvr32.exe] [Microsoft Corporation, 4.00]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 7008 / Administrator][C:\WINDOWS\system32\regsvr32.exe] [Microsoft Corporation, 4.00]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 6420 / Administrator][C:\WINDOWS\system32\regsvr32.exe] [Microsoft Corporation, 4.00]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 2280 / Administrator][C:\WINDOWS\system32\regsvr32.exe] [Microsoft Corporation, 4.00]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 8132 / Administrator][C:\WINDOWS\system32\regsvr32.exe] [Microsoft Corporation, 4.00]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 7264 / Administrator][C:\WINDOWS\system32\regsvr32.exe] [Microsoft Corporation, 4.00]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
lvdeyan - 2012-3-1 13:33:00
文件关联
.TXT Error. [C:\WINDOWS\notepad.exe %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR Error. [AutoCADScriptFile]
.CHM Error. ["hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
iKu Smart Network LSP over MSAFD Tcpip [TCP/IP]
C:\WINDOWS\system32\ikutm.dll(youku.com, iKu Smart Network Module)
iKu Smart Network LSP over MSAFD Tcpip [UDP/IP]
C:\WINDOWS\system32\ikutm.dll(youku.com, iKu Smart Network Module)
iKu Smart Network LSP
C:\WINDOWS\system32\ikutm.dll(youku.com, iKu Smart Network Module)
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1 localhost
==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 1052, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1452, E:\PROGRAM FILES\COMMON FILES\SIEMENS\S7UBTOOX\S7UBTSTX.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3264, E:\PROGRAM FILES\COMMON FILES\SIEMENS\SWS\ALMSRV\ALMSRVX.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1504, C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\CT_ZTEMT_USB\MONSERVICEUDISK.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3668, E:\PROGRAM FILES\COMMON FILES\SIEMENS\SWS\ALMSRV\ALMSRVBUBBLEX.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 4912, C:\WINDOWS\SYSTEM32\TASKMGR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 7288, D:\WINDOWS\SRENG2\SRENGLDR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 6240, C:\WINDOWS\SYSTEM32\REGSVR32.EXE]
==================================
计划任务
[已启用] KsafeDelay.job
D:\金山卫士\install\KSafe\ksafetray.exe -delayruncheck
==================================
API HOOK
N/A
==================================
隐藏进程
N/A
==================================
[/CODE]
networkedition - 2012-3-6 9:31:00
日志已附件形式发来:kaka6:
参考此帖:关于如何截图和以附件形式发图到论坛:
http://bbs.ikaka.com/showtopic-8616820.aspx 发图和发附件是一样的。
1
© 2000 - 2024 Rising Corp. Ltd.