江民系统诊断报告 V1.0.8.318 诊断时间: 2008-09-14 22:08:31 处理器(CPU): AMD Athlon(tm) 64 Processor 3000+ 物理内存: 511 MB 操作系统: Microsoft Windows XP Professional Service Pack 2 (Build 2600) IE版本: Internet Explorer V6.0.2900.2180 ================================================== 进程和模块列表 ================================================== <0> [System Process] [[System Process]] [ / ] [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\RarSFX0\1234.exe] [Ji-angm-in Co., Ltd. / 1, 0, 8, 324] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\SysCheck.dll] [Jiangmin Co., Ltd. / 1, 0, 8, 324] [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\KvDetect.dll] [Jiangmin Co.Ltd / 1, 0, 8, 114] [C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] <604> smss.exe [smss.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] <680> csrss.exe [csrss.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] <716> winlogon.exe [winlogon.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] <760> services.exe [services.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] <772> lsass.exe [lsass.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] <916> svchost.exe [svchost.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] <984> svchost.exe [svchost.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] <1100> svchost.exe [svchost.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] <1160> svchost.exe [svchost.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] <1264> svchost.exe [svchost.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] <1440> spoolsv.exe [spoolsv.exe] [Microsoft Corporation / 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)] <1644> Explorer.EXE [Explorer.EXE] [Microsoft Corporation / 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\browselc.dll] [Microsoft Corporation / 6.00.2600.0000] [C:\Program Files\WinRAR\rarext.dll] [ / ] [C:\WINDOWS\system32\xunleibho_v8.dll] [ / 4, 5, 1, 33] [C:\WINDOWS\system32\ipxwa.dll] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\SOGOUPY.IME] [Sohu.com Inc. / 3, 1, 0, 0] [C:\Program Files\SogouInput\Plugin\SgImeWord.dll] [ / 1, 0, 0, 31] [C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] <1776> 360tray.exe [360tray.exe] [ / ] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] <1796> VStart.exe [VStart.exe] [ / ] [D:\安装软件\系统工具--音速启动VStart50\VStart.exe] [ / ] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] <420> svchost.exe [svchost.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] <4084> Maxthon.exe [Maxthon.exe] [ / ] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SOGOUPY.IME] [Sohu.com Inc. / 3, 1, 0, 0] [C:\Program Files\SogouInput\Plugin\SgImeWord.dll] [ / 1, 0, 0, 31] [C:\Program Files\SogouInput\ZipLib.dll] [ / ] <172> QQ.exe [QQ.exe] [ / ] [D:\安装软件\FQQ1\QQ\MSIMG32.dll] [ / ] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [D:\安装软件\FQQ1\QQ\FinePlus.dll] [ / ] [D:\安装软件\FQQ1\QQ\fphelper.dll] [ / ] [D:\安装软件\FQQ1\QQ\LoginCtrlRes.dll] [TENCENT / 8,0,775,1803] [D:\安装软件\FQQ1\QQ\QQRes.dll] [TENCENT / 8,0,775,1803] <1860> TXPlatform.exe [TXPlatform.exe] [ / ] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] <452> ekrn.exe [ekrn.exe] [ / ] <3360> 江-民-系-统-诊-断.exe [江-民-系-统-诊-断.exe] [ / ] [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX02.297\江-民-系-统-诊-断.exe] [ / ] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] <1092> 1234.EXE [1234.EXE] [Ji-angm-in Co., Ltd. / 1, 0, 8, 324] [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\RarSFX0\1234.exe] [Ji-angm-in Co., Ltd. / 1, 0, 8, 324] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\SysCheck.dll] [Jiangmin Co., Ltd. / 1, 0, 8, 324] [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\KvDetect.dll] [Jiangmin Co.Ltd / 1, 0, 8, 114] [C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] ================================================== 启动项列表 ================================================== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\run] [360Safetray] [C:\Program Files\360safe\safemon\360tray.exe /start] [奇虎网 / 5, 0, 0, 1002] [VStart5.0] [] [ / ] [egui] ["C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice] [ESET / 3.0.672 ] [ESET_vc52Live] [C:\Program Files\ESET\ESET NOD32 Antivirus\ESET_vc52Live.exe] [ / ] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] [Shell] [Explorer.exe] [Microsoft Corporation / 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)] [UIHost] [logonui.exe] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [Userinit] [C:\WINDOWS\system32\userinit.exe,] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] [AtiExtEvent] [Ati2evxx.dll] [ATI Technologies Inc. / 6.14.10.4176] [crypt32chain] [crypt32.dll] [Microsoft Corporation / 5.131.2600.3272 (xpsp_sp2_qfe.071212-1253)] [cryptnet] [cryptnet.dll] [Microsoft Corporation / 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)] [cscdll] [cscdll.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [ScCertProp] [wlnotify.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [Schedule] [wlnotify.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [sclgntfy] [sclgntfy.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [SensLogn] [WlNotify.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [termsrv] [wlnotify.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [wlballoon] [wlnotify.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\BootExecute] [BootExecute] [autocheck autochk *] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs] [advapi32] [advapi32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [comdlg32] [comdlg32.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [gdi32] [gdi32.dll] [Microsoft Corporation / 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)] [imagehlp] [imagehlp.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [kernel32] [kernel32.dll] [Microsoft Corporation / 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)] [lz32] [lz32.dll] [Microsoft Corporation / 5.1.2600.0 (xpclient.010817-1148)] [ole32] [ole32.dll] [Microsoft Corporation / 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [oleaut32] [oleaut32.dll] [Microsoft Corporation / 5.1.2600.3266] [olecli32] [olecli32.dll] [Microsoft Corporation / 1.07 (xpsp_sp2_gdr.050725-1528)] [olecnv32] [olecnv32.dll] [Microsoft Corporation / 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [olesvr32] [olesvr32.dll] [Microsoft Corporation / 1.09 (XPClient.010817-1148)] [olethk32] [olethk32.dll] [Microsoft Corporation / 5.1.2600.0 (XPClient.010817-1148)] [rpcrt4] [rpcrt4.dll] [Microsoft Corporation / 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)] [shell32] [shell32.dll] [Microsoft Corporation / 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)] [url] [url.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [urlmon] [urlmon.dll] [Microsoft Corporation / 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)] [user32] [user32.dll] [Microsoft Corporation / 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] [version] [version.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [wininet] [wininet.dll] [Microsoft Corporation / 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)] [wldap32] [wldap32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] ================================================== 服务项列表 ================================================== 3wareSrv WIN32 SHARE PROCESS DISABLED STOPPED [C:\WINDOWS\System32\3wareSrv.exe] [ / ] ALG WIN32 OWN PROCESS DEMAND START STOPPED [C:\WINDOWS\System32\alg.exe] [ / ] Ati HotKey Poller WIN32 OWN PROCESS DISABLED STOPPED [C:\WINDOWS\system32\Ati2evxx.exe] [ATI Technologies Inc. / 6.14.10.4183] ccosm WIN32 OWN PROCESS AUTO START STOPPED [C:\Program Files\StormII\stormliv.exe /asservice] [ / ] CiSvc WIN32 SHARE PROCESS DISABLED STOPPED [C:\WINDOWS\system32\cisvc.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] ClipSrv WIN32 OWN PROCESS DISABLED STOPPED [C:\WINDOWS\system32\clipsrv.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] COMSysApp WIN32 OWN PROCESS DEMAND START STOPPED [C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] dmadmin WIN32 SHARE PROCESS DEMAND START STOPPED [C:\WINDOWS\System32\dmadmin.exe /com] [Microsoft Corp., Veritas Software / 2600.2180.503.0] ImapiService WIN32 OWN PROCESS DEMAND START STOPPED [C:\WINDOWS\system32\imapi.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] kaccore WIN32 OWN PROCESS DEMAND START STOPPED ["C:\Program Files\Kingsoft\KAC\Service\kaccore.exe"] [ / ] mnmsrvc WIN32 OWN PROCESS DEMAND START STOPPED [C:\WINDOWS\system32\mnmsrvc.exe] [Microsoft Corporation / 5.1.2600.2180] MSDTC WIN32 OWN PROCESS DEMAND START STOPPED [C:\WINDOWS\system32\msdtc.exe] [Microsoft Corporation / 2001.12.4414.258] MSIServer WIN32 SHARE PROCESS DEMAND START STOPPED [C:\WINDOWS\system32\msiexec.exe /V] [Microsoft Corporation / 3.1.4000.1823] NetDDE WIN32 SHARE PROCESS DISABLED STOPPED [C:\WINDOWS\system32\netdde.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] NetDDEdsdm WIN32 SHARE PROCESS DISABLED STOPPED [C:\WINDOWS\system32\netdde.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] RDSessMgr WIN32 OWN PROCESS DEMAND START STOPPED [C:\WINDOWS\system32\sessmgr.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] RpcLocator WIN32 OWN PROCESS DEMAND START STOPPED [C:\WINDOWS\system32\locator.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] RSVP WIN32 OWN PROCESS DEMAND START STOPPED [C:\WINDOWS\system32\rsvp.exe] [Microsoft Corporation / 5.1.2600.0 (xpclient.010817-1148)] SCardSvr WIN32 SHARE PROCESS DEMAND START STOPPED [C:\WINDOWS\System32\SCardSvr.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] SwPrv WIN32 OWN PROCESS DEMAND START STOPPED [C:\WINDOWS\system32\dllhost.exe /Processid:{736153B1-B3B4-4FAF-B875-C5AA11CCFBF6}] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] SysmonLog WIN32 OWN PROCESS DEMAND START STOPPED [C:\WINDOWS\system32\smlogsvc.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] TlntSvr WIN32 OWN PROCESS DISABLED STOPPED [C:\WINDOWS\system32\tlntsvr.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] UPS WIN32 OWN PROCESS DEMAND START STOPPED [C:\WINDOWS\System32\ups.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] VSS WIN32 OWN PROCESS DEMAND START STOPPED [C:\WINDOWS\System32\vssvc.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] WmiApSrv WIN32 OWN PROCESS DEMAND START STOPPED [C:\WINDOWS\system32\wbem\wmiapsrv.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] ================================================== 驱动列表 ================================================== aaatimeo KERNEL DRIVER DISABLED SCSI Miniport [C:\WINDOWS\system32\DRIVERS\aaatimeo.sys] [Microsoft Corporation / 5.00.1877.1] AFAMgt KERNEL DRIVER BOOT START SCSI miniport [C:\WINDOWS\system32\DRIVERS\afamgt.sys] [Adaptec, Inc. / 4.1.0.7427] ahcix86 KERNEL DRIVER DISABLED SCSI Miniport [C:\WINDOWS\system32\DRIVERS\ahcix86.sys] [ATI Technologies Inc. / 2.5.1540.39 built by: WinDDK] ALCXWDM KERNEL DRIVER DEMAND START None [C:\WINDOWS\system32\drivers\ALCXWDM.SYS] [Realtek Semiconductor Corp. / 5.10.00.6280 built by: WinDDK] amdbusdr KERNEL DRIVER DISABLED System Bus Extender [C:\WINDOWS\system32\DRIVERS\amdbusdr.sys] [AMD / 8.2.8] amdeide KERNEL DRIVER DISABLED SCSI Miniport [C:\WINDOWS\system32\DRIVERS\AmdEide.sys] [AMD / 8.2.8] ASH1205 KERNEL DRIVER DISABLED Scsi miniport [C:\WINDOWS\system32\DRIVERS\ASH1205.sys] [Silicon Image, Inc. / 1, 0, 0, 41] ata1200a KERNEL DRIVER DISABLED SCSI Miniport [C:\WINDOWS\system32\DRIVERS\ata1200a.sys] [Adaptec, Inc. / v1.3] atiide KERNEL DRIVER DISABLED System Bus Extender [C:\WINDOWS\system32\DRIVERS\atiide.sys] [ATI Technologies Inc. / 1.00.0000.3 built by: WinDDK] bb-run KERNEL DRIVER DISABLED Filter [C:\WINDOWS\system32\DRIVERS\bb-run.sys] [Promise Technology, Inc. / 1.0.1.2 built by: WinDDK] cercsr6 KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\DRIVERS\cercsr6.sys] [Adaptec, Inc. / 4.1.0.7010] Cpq32fs2 KERNEL DRIVER DISABLED SCSI Miniport [C:\WINDOWS\system32\DRIVERS\Cpq32fs2.sys] [Hewlett-Packard Company / 5.24.00.0] dontgo KERNEL DRIVER DISABLED PnP Filter [C:\WINDOWS\system32\DRIVERS\DontGo.sys] [Promise Technology, Inc. / 1.0.0.3 built by: WinDDK] fttxr52P KERNEL DRIVER DISABLED SCSI Miniport [C:\WINDOWS\system32\DRIVERS\fttxr52P.sys] [Promise Technology, Inc. / 2.6.0.311 built by: WinDDK] HpCISSm2 KERNEL DRIVER DISABLED SCSI Miniport [C:\WINDOWS\system32\DRIVERS\HpCISSm2.sys] [Hewlett-Packard Company / 5.8.0.32 Build 1 (x86)] hptmv6 KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\system32\DRIVERS\hptmv6.sys] [HighPoint Technologies, Inc. / v1.04] iaStor55 KERNEL DRIVER DISABLED SCSI Miniport [C:\WINDOWS\system32\DRIVERS\iaStor55.sys] [Intel Corporation / 5.5.0.1035] mv61xx KERNEL DRIVER DISABLED SCSI Miniport [C:\WINDOWS\system32\DRIVERS\mv61xx.sys] [Marvell Semiconductor, Inc. / 1.2.0.24 built by: WinDDK] mvSata KERNEL DRIVER DISABLED SCSI Miniport [C:\WINDOWS\system32\DRIVERS\mvsata.sys] [Marvell Semiconductors Inc. / 3, 4, 1, 2] nvatabus KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\system32\DRIVERS\nvatabus.sys] [NVIDIA Corporation / 5.10.2600.0666 built by: WinDDK] nvrd32 KERNEL DRIVER DISABLED System Bus Extender [C:\WINDOWS\system32\DRIVERS\nvrd32.sys] [NVIDIA Corporation / 10.1.0.20 built by: WinDDK] ql12160 KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\drivers\ql12160.sys] [QLogic Corporation / 7.21.1.1 (W2K)] ql2100 KERNEL DRIVER DISABLED SCSI Miniport [C:\WINDOWS\system32\DRIVERS\ql2100.sys] [QLogic Corporation / 7.05.05 (W2K)] ql2200 KERNEL DRIVER DISABLED SCSI Miniport [C:\WINDOWS\system32\DRIVERS\ql2200.sys] [QLogic Corporation / 8.1.5.12 (W2K IP)] rr172x KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\system32\DRIVERS\rr172x.sys] [HighPoint Technologies, Inc. / v1.0] rr174x KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\system32\DRIVERS\rr174x.sys] [HighPoint Technologies, Inc. / v1.02] rr2340 KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\system32\DRIVERS\rr2340.sys] [HighPoint Technologies, Inc. / v1.4] SiRemFil KERNEL DRIVER BOOT START PnP Filter [C:\WINDOWS\system32\DRIVERS\SiRemFil.sys] [Silicon Image, Inc. / 1, 1, 6, 0] sisraidx KERNEL DRIVER DISABLED SCSI Miniport [C:\WINDOWS\system32\DRIVERS\sisraidx.sys] [Silicon Integrated Systems Corp. / 2.11.01 built by: WinDDK] ultra KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\drivers\ultra.sys] [Promise Technology, Inc. / 2.00.0.43] ViBus KERNEL DRIVER DISABLED System Bus Extender [C:\WINDOWS\system32\DRIVERS\ViBus.sys] [VIA Technologies, Inc. / 6.0.6000.212] videX32 KERNEL DRIVER DISABLED System Bus Extender [C:\WINDOWS\system32\DRIVERS\videX32.sys] [VIA Technologies, Inc. / 6.0.3790.160] ViPrt KERNEL DRIVER DISABLED SCSI Miniport [C:\WINDOWS\system32\DRIVERS\ViPrt.sys] [VIA Technologies, Inc. / 6.0.6000.212] xfilt KERNEL DRIVER DISABLED Filter [C:\WINDOWS\system32\DRIVERS\xfilt.sys] [VIA Technologies,Inc / 6.0.5728.160] ******************************** File not found ******************************** Abiosdsk KERNEL DRIVER DISABLED Primary disk [C:\WINDOWS\system32\drivers\Abiosdsk.sys] [ / ] Agm30 KERNEL DRIVER BOOT START SCSI Class [C:\WINDOWS\System32\Drivers\Agm30.sys] [ / ] Atdisk KERNEL DRIVER DISABLED Primary disk [C:\WINDOWS\system32\drivers\Atdisk.sys] [ / ] Changer KERNEL DRIVER SYSTEM START Filter [C:\WINDOWS\system32\drivers\Changer.sys] [ / ] Kqw74 KERNEL DRIVER BOOT START SCSI Class [C:\WINDOWS\System32\Drivers\Kqw74.sys] [ / ] lbrtfdc KERNEL DRIVER SYSTEM START System Bus Extender [C:\WINDOWS\system32\drivers\lbrtfdc.sys] [ / ] PCIDump KERNEL DRIVER SYSTEM START PCI Configuration [C:\WINDOWS\system32\drivers\PCIDump.sys] [ / ] PDCOMP KERNEL DRIVER DEMAND START None [C:\WINDOWS\system32\drivers\PDCOMP.sys] [ / ] PDFRAME KERNEL DRIVER DEMAND START None [C:\WINDOWS\system32\drivers\PDFRAME.sys] [ / ] PDRELI KERNEL DRIVER DEMAND START None [C:\WINDOWS\system32\drivers\PDRELI.sys] [ / ] PDRFRAME KERNEL DRIVER DEMAND START None [C:\WINDOWS\system32\drivers\PDRFRAME.sys] [ / ] Simbad KERNEL DRIVER DISABLED Filter [C:\WINDOWS\system32\drivers\Simbad.sys] [ / ] tcpsr KERNEL DRIVER DEMAND START None [C:\WINDOWS\System32\drivers\tcpsr.sys] [ / ] WDICA KERNEL DRIVER DEMAND START None [C:\WINDOWS\system32\drivers\WDICA.sys] [ / ] ================================================== 浏览器加载项列表 ================================================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] [ThunderIEHelper Class] [C:\WINDOWS\system32\xunleibho_v8.dll] [ / 4, 5, 1, 33] {0005A87D-D626-4B3A-84F9-1D9571695F55} [SafeMon Class] [C:\Program Files\360safe\safemon\safemon.dll] [360.CN / 4, 2, 0, 1005] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [{FAB5DB90-F26D-435D-84B2-9FC4B02B630E}] [C:\WINDOWS\system32\ipxwa.dll] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-0852)] {FAB5DB90-F26D-435D-84B2-9FC4B02B630E} [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt] [&使用迅雷下载] [d:\Program Files\Thunder Network\Thunder\geturl.htm] [ / ] {FAB5DB90-F26D-435D-84B2-9FC4B02B630E} [&使用迅雷下载全部链接] [d:\Program Files\Thunder Network\Thunder\getallurl.htm] [ / ] {FAB5DB90-F26D-435D-84B2-9FC4B02B630E} [导出到 Microsoft Office Excel(&X)] [res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000] [ / ] {FAB5DB90-F26D-435D-84B2-9FC4B02B630E} [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] [Microsoft Url 搜索挂接] [C:\WINDOWS\system32\shdocvw.dll] [Microsoft Corporation / 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)] {CFBFAE00-17A6-11D0-99CB-00C04FD64497} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars] [每日提示(&T)] [C:\WINDOWS\system32\shdocvw.dll] [Microsoft Corporation / 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)] {4D5C8C25-D075-11d0-B416-00C04FB90376} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] [URL 执行挂钩] [C:\WINDOWS\system32\shell32.dll] [Microsoft Corporation / 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)] {AEB6717E-7E19-11d0-97EE-00C04FD91972} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] [Browseui 预加载程序] [C:\WINDOWS\system32\browseui.dll] [Microsoft Corporation / 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)] {438755C2-A8BA-11D1-B96B-00A0C90312E1} [组件类别缓存程序] [C:\WINDOWS\system32\browseui.dll] [Microsoft Corporation / 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)] {8C7461EF-2B13-11d2-BE35-3078302C2030} ================================================== 文件关联信息 ================================================== .txt txtfile C:\WINDOWS\notepad.exe %1 .exe exefile "%1" %* .com comfile "%1" %* .pif piffile "%1" %* .reg regfile regedit.exe "%1" .bat batfile "%1" %* .scr scrfile "%1" /S .chm chm.file "hh.exe" %1 .hlp hlpfile e %1 .ini inifile C:\WINDOWS\System32\NOTEPAD.EXE %1 .inf inffile %SystemRoot%\System32\NOTEPAD.EXE %1 .vbs VBSFile e "%1" %* .js JSFile e "%1" %* .lnk lnkfile {00021401-0000-0000-C000-000000000046} ================================================== Winsock服务提供者信息 ================================================== 000000000001 C:\WINDOWS\system32\mswsock.dll 000000000002 C:\WINDOWS\system32\mswsock.dll 000000000003 C:\WINDOWS\system32\mswsock.dll 000000000004 C:\WINDOWS\system32\rsvpsp.dll 000000000005 C:\WINDOWS\system32\rsvpsp.dll 000000000006 C:\WINDOWS\system32\mswsock.dll 000000000007 C:\WINDOWS\system32\mswsock.dll 000000000008 C:\WINDOWS\system32\mswsock.dll 000000000009 C:\WINDOWS\system32\mswsock.dll 000000000010 C:\WINDOWS\system32\mswsock.dll 000000000011 C:\WINDOWS\system32\mswsock.dll 000000000012 C:\WINDOWS\system32\mswsock.dll 000000000013 C:\WINDOWS\system32\mswsock.dll 000000000014 C:\WINDOWS\system32\mswsock.dll 000000000015 C:\WINDOWS\system32\mswsock.dll ================================================== 自动播放文件 ================================================== ================================================== Hosts文件 ================================================== 127.0.0.1 NtKrnlpa.info 127.0.0.1 localhost 127.0.0.1 dl2.teenpassage.com 127.0.0.1 ntkrnlpa.info ================================================== 隐藏文件列表 ================================================== ================================================== 隐藏注册表列表 ==================================================