未知家族病毒分析 扫描结果: 无可疑文件 系统活动进程 C:\WINDOWS\SYSTEM32\HBMHLY.EXE C:\WINDOWS\SYSTEM32\SMSS.EXE C:\WINDOWS\SYSTEM32\CSRSS.EXE C:\WINDOWS\SYSTEM32\WINLOGON.EXE C:\WINDOWS\SYSTEM32\UNISPIM5.IME C:\WINDOWS\SYSTEM32\MSACM32.DRV C:\WINDOWS\SYSTEM32\SMMAIN0.DLL C:\WINDOWS\SYSTEM32\SMWHAPI.DLL C:\WINDOWS\SYSTEM32\IMON.DLL C:\WINDOWS\SYSTEM32\SERVICES.EXE C:\WINDOWS\SYSTEM32\LSASS.EXE C:\WINDOWS\SYSTEM32\CONIME.EXE C:\WINDOWS\SYSTEM32\NMJLT.DLL C:\WINDOWS\SYSTEM32\SMWHAPI.DLL C:\WINDOWS\SYSTEM32\UNISPIM5.IME C:\WINDOWS\SYSTEM32\SVCHOST.EXE C:\WINDOWS\SYSTEM32\SVCHOST.EXE C:\WINDOWS\SYSTEM32\SVCHOST.EXE C:\WINDOWS\SYSTEM32\SPOOLSV.EXE C:\WINDOWS\SYSTEM32\SPOOL\PRTPROCS\W32X86\VPRPROC.DLL C:\WINDOWS\SYSTEM32\SVCHOST.EXE C:\DOCUMENTS AND SETTINGS\TONG\桌面\839077200848105344\234.EXE C:\WINDOWS\SYSTEM32\NMJLT.DLL C:\WINDOWS\SYSTEM32\SMWHAPI.DLL C:\WINDOWS\SYSTEM32\UNISPIM5.IME C:\WINDOWS\SYSTEM32\SVCHOST.EXE D:\ANQUAN\VNETCOMP\VNETSECSVC.EXE C:\WINDOWS\SYSTEM32\SECPLGMOD.DLL C:\WINDOWS\SYSTEM32\ZGRPLAY.EXE C:\WINDOWS\SYSTEM32\IMON.DLL C:\WINDOWS\CONIME.EXE C:\WINDOWS\SYSTEM32\SMWHAPI.DLL C:\WINDOWS\SYSTEM32\UNISPIM5.IME C:\WINDOWS\SYSTEM32\S2DA2F323.DLL C:\WINDOWS\SYSTEM32\MNDSHSRV.DLL C:\WINDOWS\SYSTEM32\ALG.EXE C:\WINDOWS\SYSTEM32\IMON.DLL C:\WINDOWS\SYSTEM32\EXPLORER.EXE C:\WINDOWS\SYSTEM32\SMWHAPI.DLL C:\WINDOWS\SYSTEM32\UNISPIM5.IME C:\WINDOWS\SYSTEM32\S2DA2F323.DLL C:\WINDOWS\SYSTEM32\MNDSHSRV.DLL C:\WINDOWS\SYSTEM32\NMJLT.DLL C:\WINDOWS\SYSTEM32\IMON.DLL C:\WINDOWS\SYSTEM32\MSACM32.DRV C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL C:\WINDOWS\SYSTEM32\IGFXPPH.DLL C:\WINDOWS\SYSTEM32\HCCUTILS.DLL C:\WINDOWS\SYSTEM32\IGFXRES.DLL C:\WINDOWS\SYSTEM32\IGFXSRVC.DLL C:\WINDOWS\SYSTEM32\IGFXDEV.DLL C:\PROGRAM FILES\WINRAR\RAREXT.DLL C:\PROGRAM FILES\THUNDER NETWORK\WEBTHUNDER\WEBTHUNDERBHO_NOW.DLL E:\新建文件夹\44\360SAFE\SAFEMON\SAFEMON.DLL 普通自启动项 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run 360Safebox = "C:\PROGRAM FILES\360SAFEBOX\SAFEBOXTRAY.EXE" /R 360Safetray = E:\新建文件夹\44\360SAFE\SAFEMON\360TRAY.EXE /START HBmhly = "C:\WINDOWS\SYSTEM32\HBMHLY.EXE" -R 系统文件关联 .exe ==> exefile = "%1" %* .com ==> comfile = "%1" %* .cmd ==> cmdfile = "%1" %* .bat ==> batfile = "%1" %* .txt ==> txtfile = C:\WINDOWS\notepad.exe %1 .scr ==> scrfile = "%1" /S .reg ==> regfile = regedit.exe "%1" .doc ==> Word.Document.8 = "C:\Program Files\Microsoft Office\Office\WINWORD.EXE" /n 其它启动项 WIN.INI 无信息 SYSTEM.INI SHELL = Explorer.exe Winlogon 启动项 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify crypt32chain = CRYPT32.DLL cryptnet = CRYPTNET.DLL cscdll = CSCDLL.DLL igfxcui = IGFXSRVC.DLL ScCertProp = WLNOTIFY.DLL Schedule = WLNOTIFY.DLL sclgntfy = SCLGNTFY.DLL SensLogn = WLNOTIFY.DLL termsrv = WLNOTIFY.DLL wlballoon = WLNOTIFY.DLL HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Userinit = C:\WINDOWS\SYSTEM32\USERINIT.EXE, shell = EXPLORER.EXE IE - BHO HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects {00000AAA-A363-466E-BEF5-9BB68697AA7F} = C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll {18093456-9012-4568-9076-908765467181} = C:\WINDOWS\system32\tisqatyu.dll {3049C3E9-B461-4BC5-8870-4C09146192CA} = C:\Program Files\Real\RealOne Player\rpbrowserrecordplugin.dll {37A924AF-1A5F-CF21-AB1D-1D5CF82A8A73} = C:\WINDOWS\system32\zywlcime.dll {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} = C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll {3D698451-2015-6358-9871-2015987452D3} = C:\WINDOWS\system32\apzhctde.dll {4372FE4D-E2C2-45FE-A893-E2B1691A7DD0} = C:\Program Files\Internet Explorer\PLUGINS\Windows64.Sys {4A698102-5904-AFD0-20DF-CD1A65829CA4} = C:\WINDOWS\system32\zycbdime.dll {4D098345-6785-1098-5413-678067AE03D4} = C:\WINDOWS\system32\tysqakol.dll {50940F85-F015-14F1-A05F-F69858AC6D05} = C:\WINDOWS\system32\zptlcsys.dll {528DF602-9541-A985-210A-984A698C6F25} = C:\WINDOWS\system32\ptjhehlp.dll {55694105-5108-9405-3695-954187462155} = C:\WINDOWS\system32\mpwdeapi.dll {5A069845-2036-6084-9054-6087502480A5} = C:\WINDOWS\system32\ozfyebyt.dll {5B1AEF69-DDAE-FDAD-DCAB-698F026ABDB5} = C:\WINDOWS\system32\oohxdbyt.dll {65807E2D-940C-41a0-99E2-54ABBDD2F506} = C:\WINDOWS\flash9.dll {6C648541-1025-9650-9057-6541258720C6} = C:\WINDOWS\system32\mndhfdwd.dll {77FD640A-158F-48AC-FD14-1597F14A9777} = C:\WINDOWS\system32\mndsgsrv.dll {7A041F13-A111-12A3-B0CF-F99818AA68A7} = C:\WINDOWS\system32\zxmsdwin.dll {7C69034A-F45F-D34D-A33A-C33C4D324FC7} = C:\WINDOWS\system32\arjreler.dll {7FD45A54-9875-698F-E56E-65102358FDF7} = C:\WINDOWS\system32\apsggjba.dll {80AF1289-F140-A140-D012-C1458759FC08} = C:\WINDOWS\system32\ypcqghlp.dll {87FD640A-158F-48AC-FD14-1597F14A9778} = C:\WINDOWS\system32\mndshsrv.dll {A629FF4F-ACDB-5C90-A098-FACB3456A26A} = C:\WINDOWS\system32\s2da2f323.dll {AA59145F-315D-BC23-AC1F-145DF81A34AA} = C:\WINDOWS\system32\zyzxjime.dll {B490415F-65F8-B5C5-D8BA-9405FB12054B} = C:\WINDOWS\system32\yzztkmsn.dll {B69F34DD-F0F9-42DC-9EDD-957187DA688D} = E:\新建文件夹\44\360safe\safemon\safemon.dll Winsock SPI NOD32 protected [T-UdpFilter] = C:\WINDOWS\SYSTEM32\IMON.DLL NOD32 protected [MSAFD Tcpip [TCP/IP]] = C:\WINDOWS\SYSTEM32\IMON.DLL NOD32 protected [MSAFD Tcpip [UDP/IP]] = C:\WINDOWS\SYSTEM32\IMON.DLL NOD32 protected [MSAFD Tcpip [RAW/IP]] = C:\WINDOWS\SYSTEM32\IMON.DLL NOD32 protected [RSVP UDP Service Provider] = C:\WINDOWS\SYSTEM32\IMON.DLL NOD32 protected [RSVP TCP Service Provider] = C:\WINDOWS\SYSTEM32\IMON.DLL MSAFD Tcpip [TCP/IP] = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD Tcpip [UDP/IP] = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD Tcpip [RAW/IP] = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL RSVP UDP Service Provider = C:\WINDOWS\SYSTEM32\RSVPSP.DLL RSVP TCP Service Provider = C:\WINDOWS\SYSTEM32\RSVPSP.DLL MSAFD nwlnkipx [IPX] = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD nwlnkspx [SPX] = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD nwlnkspx [SPX] [Pseudo Stream] = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD nwlnkspx [SPX II] = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD nwlnkspx [SPX II] [Pseudo Stream] = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NwlnkNb] SEQPACKET 6 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NwlnkNb] DATAGRAM 6 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{AA4B08BA-6F1A-456A-B0B5-30C900BA3672}] SEQPACKET 5 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{AA4B08BA-6F1A-456A-B0B5-30C900BA3672}] DATAGRAM 5 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{BB97F450-D61A-43C0-9205-9D236EA81F98}] SEQPACKET 0 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{BB97F450-D61A-43C0-9205-9D236EA81F98}] DATAGRAM 0 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{3F742820-3CCA-4575-B3E6-395184D20A54}] SEQPACKET 1 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{3F742820-3CCA-4575-B3E6-395184D20A54}] DATAGRAM 1 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{EF8A9587-CEDE-46EC-ACC5-3EF969581B4C}] SEQPACKET 2 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{EF8A9587-CEDE-46EC-ACC5-3EF969581B4C}] DATAGRAM 2 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{CE98CD3F-2BC4-4F32-A934-9CD41DC45C21}] SEQPACKET 3 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{CE98CD3F-2BC4-4F32-A934-9CD41DC45C21}] DATAGRAM 3 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{F5BE3413-8818-491E-B09F-51C4F1737414}] SEQPACKET 4 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{F5BE3413-8818-491E-B09F-51C4F1737414}] DATAGRAM 4 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL NOD32 = C:\WINDOWS\SYSTEM32\IMON.DLL 系统服务项 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services Alerter = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE ALG = C:\WINDOWS\SYSTEM32\ALG.EXE AppMgmt = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS AudioSrv = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS BITS = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS Browser = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS CiSvc = C:\WINDOWS\SYSTEM32\CISVC.EXE ClipSrv = C:\WINDOWS\SYSTEM32\CLIPSRV.EXE COMSysApp = C:\WINDOWS\SYSTEM32\DLLHOST.EXE /PROCESSID:{02D4B3F1-FD88-11D1-960D-00805FC79235} CryptSvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS DcomLaunch = C:\WINDOWS\SYSTEM32\SVCHOST -K DCOMLAUNCH Dhcp = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS dmadmin = C:\WINDOWS\SYSTEM32\DMADMIN.EXE /COM dmserver = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS Dnscache = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETWORKSERVICE Eventlog = C:\WINDOWS\SYSTEM32\SERVICES.EXE EventSystem = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS FastUserSwitchingCompatibility = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS helpsvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS HidServ = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS HTTPFilter = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K HTTPFILTER ImapiService = C:\WINDOWS\SYSTEM32\IMAPI.EXE lanmanserver = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS lanmanworkstation = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS LmHosts = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE Messenger = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS mnmsrvc = C:\WINDOWS\SYSTEM32\MNMSRVC.EXE MSDTC = C:\WINDOWS\SYSTEM32\MSDTC.EXE MSIServer = C:\WINDOWS\SYSTEM32\MSIEXEC.EXE /V NetDDE = C:\WINDOWS\SYSTEM32\NETDDE.EXE NetDDEdsdm = C:\WINDOWS\SYSTEM32\NETDDE.EXE Netlogon = C:\WINDOWS\SYSTEM32\LSASS.EXE Netman = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS Nla = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS NtLmSsp = C:\WINDOWS\SYSTEM32\LSASS.EXE NtmsSvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS PlugPlay = C:\WINDOWS\SYSTEM32\SERVICES.EXE PolicyAgent = C:\WINDOWS\SYSTEM32\LSASS.EXE PPRich = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K PPSVCS ProtectedStorage = C:\WINDOWS\SYSTEM32\LSASS.EXE RasAuto = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS RasMan = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS RDSessMgr = C:\WINDOWS\SYSTEM32\SESSMGR.EXE RemoteAccess = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS RemoteRegistry = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE RpcLocator = C:\WINDOWS\SYSTEM32\LOCATOR.EXE RpcSs = C:\WINDOWS\SYSTEM32\SVCHOST -K RPCSS RsCCenter = "C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE" RsRavMon = "C:\PROGRAM FILES\RISING\RAV\RAVMOND.EXE" RSVP = C:\WINDOWS\SYSTEM32\RSVP.EXE SamSs = C:\WINDOWS\SYSTEM32\LSASS.EXE SCardSvr = C:\WINDOWS\SYSTEM32\SCARDSVR.EXE Schedule = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS seclogon = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS SENS = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS SentinelProtectionServer = "C:\PROGRAM FILES\COMMON FILES\SAFENET SENTINEL\SENTINEL PROTECTION SERVER\WINNT\SPNSRVNT.EXE" SharedAccess = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS ShellHWDetection = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS Spooler = C:\WINDOWS\SYSTEM32\SPOOLSV.EXE srservice = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS SSDPSRV = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE stisvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K IMGSVC SwPrv = C:\WINDOWS\SYSTEM32\DLLHOST.EXE /PROCESSID:{3F065CF0-B1B3-44B2-9A01-2383B4C2FA79} SysmonLog = C:\WINDOWS\SYSTEM32\SMLOGSVC.EXE TapiSrv = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS TermService = C:\WINDOWS\SYSTEM32\SVCHOST -K DCOMLAUNCH Themes = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS TlntSvr = C:\WINDOWS\SYSTEM32\TLNTSVR.EXE TrkWks = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS upnphost = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE UPS = C:\WINDOWS\SYSTEM32\UPS.EXE usprserv = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS VnetSecurityService = D:\ANQUAN\VNETCOMP\VNETSECSVC.EXE VSS = C:\WINDOWS\SYSTEM32\VSSVC.EXE W32Time = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS WebClient = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE winmgmt = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS WMConnectCDS = C:\PROGRAM FILES\WINDOWS MEDIA CONNECT 2\WMCCDS.EXE WmdmPmSN = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS Wmi = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS WmiApSrv = C:\WINDOWS\SYSTEM32\WBEM\WMIAPSRV.EXE WMPNetworkSvc = C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPNETWK.EXE wscsvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS wuauserv = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS WudfSvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K WUDFSERVICEGROUP WZCSVC = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS xmlprov = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS ZGRPlay = C:\WINDOWS\SYSTEM32\ZGRPLAY.EXE -DISPATCH ZGRPLAY 文件驱动 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services FltMgr = C:\WINDOWS\SYSTEM32\DRIVERS\FLTMGR.SYS MRxDAV = C:\WINDOWS\SYSTEM32\DRIVERS\MRXDAV.SYS MRxSmb = C:\WINDOWS\SYSTEM32\DRIVERS\MRXSMB.SYS NetBIOS = C:\WINDOWS\SYSTEM32\DRIVERS\NETBIOS.SYS Rdbss = C:\WINDOWS\SYSTEM32\DRIVERS\RDBSS.SYS sr = C:\WINDOWS\SYSTEM32\DRIVERS\SR.SYS Srv = C:\WINDOWS\SYSTEM32\DRIVERS\SRV.SYS 系统驱动项 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services 00be8a80 = C:\WINDOWS\SYSTEM32\DRIVERS\00BE8A80.SYS ACPI = C:\WINDOWS\SYSTEM32\DRIVERS\ACPI.SYS ACPIEC = C:\WINDOWS\SYSTEM32\DRIVERS\ACPIEC.SYS aec = C:\WINDOWS\SYSTEM32\DRIVERS\AEC.SYS AFD = C:\WINDOWS\SYSTEM32\DRIVERS\AFD.SYS AgereSoftModem = C:\WINDOWS\SYSTEM32\DRIVERS\AGRSM.SYS AsyncMac = C:\WINDOWS\SYSTEM32\DRIVERS\ASYNCMAC.SYS atapi = C:\WINDOWS\SYSTEM32\DRIVERS\ATAPI.SYS Atmarpc = C:\WINDOWS\SYSTEM32\DRIVERS\ATMARPC.SYS atmpstub = C:\WINDOWS\SYSTEM32\DRIVERS\ATMPSTUB.SYS audstub = C:\WINDOWS\SYSTEM32\DRIVERS\AUDSTUB.SYS BaseTDI = C:\WINDOWS\SYSTEM32\DRIVERS\BASETDI.SYS CCDECODE = C:\WINDOWS\SYSTEM32\DRIVERS\CCDECODE.SYS Cdrom = C:\WINDOWS\SYSTEM32\DRIVERS\CDROM.SYS CmBatt = C:\WINDOWS\SYSTEM32\DRIVERS\CMBATT.SYS Compbatt = C:\WINDOWS\SYSTEM32\DRIVERS\COMPBATT.SYS cs429x = C:\WINDOWS\SYSTEM32\DRIVERS\CWAWDM.SYS DeepFree Update = C:\WINDOWS\SYSTEM32\DRIVERS\PCIHDD2.SYS Disk = C:\WINDOWS\SYSTEM32\DRIVERS\DISK.SYS DJ = C:\DOCUME~1\TONG\LOCALS~1\TEMP\TMP30.TMP dmboot = C:\WINDOWS\SYSTEM32\DRIVERS\DMBOOT.SYS dmio = C:\WINDOWS\SYSTEM32\DRIVERS\DMIO.SYS dmload = C:\WINDOWS\SYSTEM32\DRIVERS\DMLOAD.SYS DMusic = C:\WINDOWS\SYSTEM32\DRIVERS\DMUSIC.SYS drmkaud = C:\WINDOWS\SYSTEM32\DRIVERS\DRMKAUD.SYS EagleNT = C:\WINDOWS\SYSTEM32\DRIVERS\EAGLENT.SYS ExpScaner = C:\PROGRAM FILES\RISING\RAV\EXPSCAN.SYS Fdc = C:\WINDOWS\SYSTEM32\DRIVERS\FDC.SYS Flpydisk = C:\WINDOWS\SYSTEM32\DRIVERS\FLPYDISK.SYS FsVga = C:\WINDOWS\SYSTEM32\DRIVERS\FSVGA.SYS Ftdisk = C:\WINDOWS\SYSTEM32\DRIVERS\FTDISK.SYS fwtj = C:\WINDOWS\SYSTEM32\DRIVERS\FWTJ.AHC FY = C:\DOCUME~1\TONG\LOCALS~1\TEMP\TMP175B.TMP Gpc = C:\WINDOWS\SYSTEM32\DRIVERS\MSGPC.SYS HBKernel = C:\WINDOWS\SYSTEM32\DRIVERS\HBKERNEL.SYS hidusb = C:\WINDOWS\SYSTEM32\DRIVERS\HIDUSB.SYS HookCont = C:\PROGRAM FILES\RISING\RAV\HOOKCONT.SYS HookReg = C:\PROGRAM FILES\RISING\RAV\HOOKREG.SYS HookSys = C:\PROGRAM FILES\RISING\RAV\HOOKSYS.SYS HTTP = C:\WINDOWS\SYSTEM32\DRIVERS\HTTP.SYS i8042prt = C:\WINDOWS\SYSTEM32\DRIVERS\I8042PRT.SYS ialm = C:\WINDOWS\SYSTEM32\DRIVERS\IALMNT5.SYS iCafe Manager = C:\DOCUME~1\TONG\LOCALS~1\TEMP\USBHCID.SYS ilqas = C:\WINDOWS\SYSTEM32\DRIVERS\ILQAS.SYS Imapi = C:\WINDOWS\SYSTEM32\DRIVERS\IMAPI.SYS IntelIde = C:\WINDOWS\SYSTEM32\DRIVERS\INTELIDE.SYS intelppm = C:\WINDOWS\SYSTEM32\DRIVERS\INTELPPM.SYS Ip6Fw = C:\WINDOWS\SYSTEM32\DRIVERS\IP6FW.SYS IpFilterDriver = C:\WINDOWS\SYSTEM32\DRIVERS\IPFLTDRV.SYS IpInIp = C:\WINDOWS\SYSTEM32\DRIVERS\IPINIP.SYS IpNat = C:\WINDOWS\SYSTEM32\DRIVERS\IPNAT.SYS IPSec = C:\WINDOWS\SYSTEM32\DRIVERS\IPSEC.SYS IRENUM = C:\WINDOWS\SYSTEM32\DRIVERS\IRENUM.SYS isapnp = C:\WINDOWS\SYSTEM32\DRIVERS\ISAPNP.SYS jtfo = C:\DOCUME~1\TONG\LOCALS~1\TEMP\TMP91.TMP JX2 = C:\DOCUME~1\TONG\LOCALS~1\TEMP\TMP3C.TMP Kbdclass = C:\WINDOWS\SYSTEM32\DRIVERS\KBDCLASS.SYS kbdhid = C:\WINDOWS\SYSTEM32\DRIVERS\KBDHID.SYS KernelCheck = C:\DOCUME~1\TONG\LOCALS~1\TEMP\XMHP\KPCHECK.SYS kmixer = C:\WINDOWS\SYSTEM32\DRIVERS\KMIXER.SYS MEMSCAN = C:\PROGRAM FILES\RISING\RAV\MEMSCAN.SYS Mouclass = C:\WINDOWS\SYSTEM32\DRIVERS\MOUCLASS.SYS mouhid = C:\WINDOWS\SYSTEM32\DRIVERS\MOUHID.SYS MSKSSRV = C:\WINDOWS\SYSTEM32\DRIVERS\MSKSSRV.SYS MSPCLOCK = C:\WINDOWS\SYSTEM32\DRIVERS\MSPCLOCK.SYS MSPQM = C:\WINDOWS\SYSTEM32\DRIVERS\MSPQM.SYS mssmbios = C:\WINDOWS\SYSTEM32\DRIVERS\MSSMBIOS.SYS MSTEE = C:\WINDOWS\SYSTEM32\DRIVERS\MSTEE.SYS NABTSFEC = C:\WINDOWS\SYSTEM32\DRIVERS\NABTSFEC.SYS NdisIP = C:\WINDOWS\SYSTEM32\DRIVERS\NDISIP.SYS NdisTapi = C:\WINDOWS\SYSTEM32\DRIVERS\NDISTAPI.SYS Ndisuio = C:\WINDOWS\SYSTEM32\DRIVERS\NDISUIO.SYS NdisWan = C:\WINDOWS\SYSTEM32\DRIVERS\NDISWAN.SYS NetBT = C:\WINDOWS\SYSTEM32\DRIVERS\NETBT.SYS npkcrypt = E:\MM\MAPLESTORY\NPKCRYPT.SYS npkcusb = E:\MM\MAPLESTORY\NPKCUSB.SYS NwlnkFlt = C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKFLT.SYS NwlnkFwd = C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKFWD.SYS NwlnkIpx = C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKIPX.SYS NwlnkNb = C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKNB.SYS NwlnkSpx = C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKSPX.SYS oreans32 = C:\WINDOWS\SYSTEM32\DRIVERS\OREANS32.SYS Parport = C:\WINDOWS\SYSTEM32\DRIVERS\PARPORT.SYS PCI = C:\WINDOWS\SYSTEM32\DRIVERS\PCI.SYS PCIIde = C:\WINDOWS\SYSTEM32\DRIVERS\PCIIDE.SYS Pcmcia = C:\WINDOWS\SYSTEM32\DRIVERS\PCMCIA.SYS PortTalk = C:\WINDOWS\SYSTEM32\DRIVERS\PORTTALK.SYS POWERKEY = C:\PROGRAM FILES\LAUNCH MANAGER\POWERKEY.SYS PptpMiniport = C:\WINDOWS\SYSTEM32\DRIVERS\RASPPTP.SYS Ptilink = C:\WINDOWS\SYSTEM32\DRIVERS\PTILINK.SYS QKeyService = C:\WINDOWS\SYSTEM32\KEYCRYPT.SYS RasAcd = C:\WINDOWS\SYSTEM32\DRIVERS\RASACD.SYS Rasl2tp = C:\WINDOWS\SYSTEM32\DRIVERS\RASL2TP.SYS RasPppoe = C:\WINDOWS\SYSTEM32\DRIVERS\RASPPPOE.SYS Raspti = C:\WINDOWS\SYSTEM32\DRIVERS\RASPTI.SYS RDPCDD = C:\WINDOWS\SYSTEM32\DRIVERS\RDPCDD.SYS rdpdr = C:\WINDOWS\SYSTEM32\DRIVERS\RDPDR.SYS redbook = C:\WINDOWS\SYSTEM32\DRIVERS\REDBOOK.SYS RsNTGDI = C:\WINDOWS\SYSTEM32\DRIVERS\RSNTGDI.SYS RSPPSYS = C:\PROGRAM FILES\RISING\RAV\RSPPSYS.SYS rtl8139 = C:\WINDOWS\SYSTEM32\DRIVERS\RTL8139.SYS RXJH = C:\DOCUME~1\TONG\LOCALS~1\TEMP\TMP1753.TMP SafeBoxKrnl = C:\PROGRAM FILES\360SAFEBOX\SAFEBOXKRNL.SYS Secdrv = C:\WINDOWS\SYSTEM32\DRIVERS\SECDRV.SYS Sentinel = C:\WINDOWS\SYSTEM32\DRIVERS\SENTINEL.SYS SLIP = C:\WINDOWS\SYSTEM32\DRIVERS\SLIP.SYS SONYPVU1 = C:\WINDOWS\SYSTEM32\DRIVERS\SONYPVU1.SYS splitter = C:\WINDOWS\SYSTEM32\DRIVERS\SPLITTER.SYS sptd = C:\WINDOWS\SYSTEM32\DRIVERS\SPTD.SYS streamip = C:\WINDOWS\SYSTEM32\DRIVERS\STREAMIP.SYS SVKP = C:\WINDOWS\SYSTEM32\SVKP.SYS swenum = C:\WINDOWS\SYSTEM32\DRIVERS\SWENUM.SYS swmidi = C:\WINDOWS\SYSTEM32\DRIVERS\SWMIDI.SYS SynTP = C:\WINDOWS\SYSTEM32\DRIVERS\SYNTP.SYS sysaudio = C:\WINDOWS\SYSTEM32\DRIVERS\SYSAUDIO.SYS Tcpip = C:\WINDOWS\SYSTEM32\DRIVERS\TCPIP.SYS TermDD = C:\WINDOWS\SYSTEM32\DRIVERS\TERMDD.SYS TesSafe = C:\WINDOWS\SYSTEM32\TESSAFE.SYS TVICHW32 = C:\WINDOWS\SYSTEM32\DRIVERS\TVICHW32.SYS Update = C:\WINDOWS\SYSTEM32\DRIVERS\UPDATE.SYS usbccgp = C:\WINDOWS\SYSTEM32\DRIVERS\USBCCGP.SYS usbehci = C:\WINDOWS\SYSTEM32\DRIVERS\USBEHCI.SYS usbhub = C:\WINDOWS\SYSTEM32\DRIVERS\USBHUB.SYS USBSTOR = C:\WINDOWS\SYSTEM32\DRIVERS\USBSTOR.SYS usbuhci = C:\WINDOWS\SYSTEM32\DRIVERS\USBUHCI.SYS VgaSave = C:\WINDOWS\SYSTEM32\DRIVERS\VGA.SYS Wanarp = C:\WINDOWS\SYSTEM32\DRIVERS\WANARP.SYS Wbutton = C:\WINDOWS\SYSTEM32\DRIVERS\WBUTTON.SYS WD = C:\DOCUME~1\TONG\LOCALS~1\TEMP\TMP1754.TMP wdmaud = C:\WINDOWS\SYSTEM32\DRIVERS\WDMAUD.SYS WS2IFSL = C:\WINDOWS\SYSTEM32\DRIVERS\WS2IFSL.SYS WSTCODEC = C:\WINDOWS\SYSTEM32\DRIVERS\WSTCODEC.SYS WudfPf = C:\WINDOWS\SYSTEM32\DRIVERS\WUDFPF.SYS WudfRd = C:\WINDOWS\SYSTEM32\DRIVERS\WUDFRD.SYS XTrapD12 = C:\WINDOWS\SYSTEM32\XTRAPD12.SYS ZSMC303 = C:\WINDOWS\SYSTEM32\DRIVERS\USBVM303.SYS ZYHX = C:\DOCUME~1\TONG\LOCALS~1\TEMP\TMP31.TMP ZYZJ = C:\DOCUME~1\TONG\LOCALS~1\TEMP\TMP1756.TMP {5C8B2B65-A385-11d5-A78B-00104B672758} = C:\WINDOWS\SYSTEM32\DRIVERS\A310.SYS {6080A529-897E-4629-A488-ABA0C29B635E} = C:\WINDOWS\SYSTEM32\DRIVERS\IALMSBW.SYS {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} = C:\WINDOWS\SYSTEM32\DRIVERS\IALMKCHW.SYS