江民系统诊断报告 V1.0.8.318 诊断时间: 2008-10-18 20:06:45 处理器(CPU): AMD Athlon(tm) 64 X2 Dual-Core Processor TK-53 物理内存: 0.99 GB 操作系统: Microsoft Windows XP Professional Service Pack 2 (Build 2600) IE版本: Internet Explorer V6.0.2900.2180 ================================================== 进程和模块列表 ================================================== <632> smss.exe [\SystemRoot\System32\smss.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] <692> csrss.exe [C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\KERNEL32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation / 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] <720> winlogon.exe [winlogon.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation / 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation / 6.00.2900.2869 (xpsp_sp2_gdr.060316-1512)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation / 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\Ati2evxx.dll] [ATI Technologies Inc. / 6.14.10.4176] <764> SERVICES.EXE [C:\WINDOWS\system32\services.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation / 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation / 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation / 6.00.2900.2869 (xpsp_sp2_gdr.060316-1512)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] <780> LSASS.EXE [C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation / 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation / 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation / 6.00.2900.2869 (xpsp_sp2_gdr.060316-1512)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] <928> Ati2evxx.exe [C:\WINDOWS\system32\Ati2evxx.exe] [ATI Technologies Inc. / 6.14.10.4178] [C:\WINDOWS\system32\Ati2evxx.exe] [ATI Technologies Inc. / 6.14.10.4178] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation / 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation / 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\Ati2edxx.dll] [ATI Technologies, Inc. / 6, 14, 10, 2512] [C:\WINDOWS\system32\atipdlxx.dll] [ATI Technologies, Inc. / 6, 14, 10, 2524] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] <956> SVCHOST.EXE [C:\WINDOWS\system32\svchost -k DcomLaunch] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation / 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation / 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation / 6.00.2900.2869 (xpsp_sp2_gdr.060316-1512)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] <1048> SVCHOST.EXE [C:\WINDOWS\system32\svchost -k rpcss] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation / 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation / 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation / 6.00.2900.2869 (xpsp_sp2_gdr.060316-1512)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] <1136> CCenter.exe ["d:\Rising\Rav\CCenter.exe"] [Beijing Rising Information Technology Co., Ltd. / 20.0.0.33] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation / 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] <1152> SVCHOST.EXE [C:\WINDOWS\System32\svchost.exe -k netsvcs] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation / 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation / 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation / 6.00.2900.2869 (xpsp_sp2_gdr.060316-1512)] [C:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\LPK.DLL] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] <1240> SVCHOST.EXE [C:\WINDOWS\system32\svchost.exe -k NetworkService] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation / 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation / 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation / 6.00.2900.2869 (xpsp_sp2_gdr.060316-1512)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] <1308> SVCHOST.EXE [C:\WINDOWS\system32\svchost.exe -k LocalService] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation / 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation / 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation / 6.00.2900.2869 (xpsp_sp2_gdr.060316-1512)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] <1380> Ati2evxx.exe [Ati2evxx.exe -Client] [ATI Technologies Inc. / 6.14.10.4178] [C:\WINDOWS\system32\Ati2evxx.exe] [ATI Technologies Inc. / 6.14.10.4178] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation / 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation / 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\Ati2edxx.dll] [ATI Technologies, Inc. / 6, 14, 10, 2512] [C:\WINDOWS\system32\atipdlxx.dll] [ATI Technologies, Inc. / 6, 14, 10, 2524] [C:\WINDOWS\system32\ati2evxx.dll] [ATI Technologies Inc. / 6.14.10.4176] <1420> RavMonD.exe [D:\RISING\RAV\ravmond.exe -step] [Beijing Rising Information Technology Co., Ltd. / 20.0.0.80] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation / 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation / 7.10.3052.4] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation / 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation / 6.00.2900.2869 (xpsp_sp2_gdr.060316-1512)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation / 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation / 7.10.3077.0] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] <1744> RavStub.exe [D:\RISING\RAV\RavStub.exe /RAVMOND=0] [Beijing Rising Information Technology Co., Ltd. / 20.0.0.10] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation / 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] <2024> sqlservr.exe ["C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS] [Microsoft Corporation / 2005.090.1399.00] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\MSVCR80.dll] [Microsoft Corporation / 8.00.50727.42] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\MSVCP80.dll] [Microsoft Corporation / 8.00.50727.42] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation / 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation / 6.00.2900.2869 (xpsp_sp2_gdr.060316-1512)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\Resources\1033\sqlevn70.RLL] [Microsoft Corporation / 2005.090.1399.00] [C:\WINDOWS\system32\MSCOREE.DLL] [Microsoft Corporation / 2.0.50727.42 (RTM.050727-4200)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation / 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] <160> sqlbrowser.exe ["C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe"] [Microsoft Corporation / 2005.090.1399.00] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\MSVCR80.dll] [Microsoft Corporation / 8.00.50727.42] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation / 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] <176> SVCHOST.EXE [C:\WINDOWS\system32\svchost.exe -k imgsvc] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation / 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation / 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation / 6.00.2900.2869 (xpsp_sp2_gdr.060316-1512)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] <688> IEXPLORE.EXE ["C:\Program Files\Internet Explorer\IEXPLORE.EXE" ] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation / 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation / 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation / 6.00.2900.2869 (xpsp_sp2_gdr.060316-1512)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [D:\Thunder\Components\ResWorker\DsBho_00.dll] [Thunder Networking Technologies,LTD / 1, 0, 0, 20] [D:\Thunder\Components\ResWorker\DataProcessor_00.dll] [Thunder Networking Technologies,LTD / 1, 0, 0, 16] <1036> explorer.exe ["C:\WINDOWS\explorer.exe" ] [Microsoft Corporation / 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)] [C:\WINDOWS\explorer.exe] [Microsoft Corporation / 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation / 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation / 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation / 6.00.2900.2869 (xpsp_sp2_gdr.060316-1512)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [D:\Thunder\Components\ResWorker\DsBho_00.dll] [Thunder Networking Technologies,LTD / 1, 0, 0, 20] [D:\Thunder\Components\ResWorker\DataProcessor_00.dll] [Thunder Networking Technologies,LTD / 1, 0, 0, 16] <1644> RavTask.exe ["D:\Rising\Rav\RavTask.exe" -system] [Beijing Rising Information Technology Co., Ltd. / 20.0.0.24] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation / 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation / 6.00.2900.2869 (xpsp_sp2_gdr.060316-1512)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation / 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] <1844> safeboxTray.exe ["C:\Program Files\360Safebox\safeboxTray.exe" /r] [360安全中心 / 2, 1, 1, 1003] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation / 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation / 6.00.2900.2869 (xpsp_sp2_gdr.060316-1512)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation / 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] <240> 360Tray.exe ["D:\360safe\safemon\360Tray.exe" /start] [奇虎网 / 5, 0, 0, 1002] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation / 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation / 6.00.2900.2869 (xpsp_sp2_gdr.060316-1512)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation / 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] <128> ppsap.exe ["D:\PPStream\ppsap.exe" ] [PPStream Inc / 1, 0, 11, 139] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation / 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation / 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation / 6.00.2900.2869 (xpsp_sp2_gdr.060316-1512)] <1492> RavMon.exe ["D:\Rising\Rav\Ravmon.exe" -SYSTEM] [Beijing Rising Information Technology Co., Ltd. / 20.0.01.27] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation / 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation / 7.10.3052.4] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation / 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation / 6.00.2900.2869 (xpsp_sp2_gdr.060316-1512)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation / 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation / 7.10.3077.0] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] <2176> 江-民-系-统-诊-断.exe ["C:\Documents and Settings\wf\桌面\江-民-系-统-诊-断\江-民-系-统-诊-断.exe" ] [ / ] [C:\Documents and Settings\wf\桌面\江-民-系-统-诊-断\江-民-系-统-诊-断.exe] [ / ] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ADVAPI32.DLL] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation / 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation / 6.00.2900.2869 (xpsp_sp2_gdr.060316-1512)] [C:\WINDOWS\system32\OLE32.DLL] [Microsoft Corporation / 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] <2192> 1234.exe ["C:\DOCUME~1\wf\LOCALS~1\Temp\RarSFX0\1234.exe" ] [Ji-angm-in Co., Ltd. / 1, 0, 8, 324] [C:\DOCUME~1\wf\LOCALS~1\Temp\RarSFX0\1234.exe] [Ji-angm-in Co., Ltd. / 1, 0, 8, 324] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation / 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation / 6.00.2900.2869 (xpsp_sp2_gdr.060316-1512)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation / 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\DOCUME~1\wf\LOCALS~1\Temp\SysCheck.dll] [Jiangmin Co., Ltd. / 1, 0, 8, 324] [C:\DOCUME~1\wf\LOCALS~1\Temp\KvDetect.dll] [Jiangmin Co.Ltd / 1, 0, 8, 114] ================================================== 启动项列表 ================================================== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\run] [RavTask] ["d:\Rising\Rav\RavTask.exe" -system] [Beijing Rising Information Technology Co., Ltd. / 20.0.0.24] [360Safebox] ["C:\Program Files\360Safebox\safeboxTray.exe" /r] [360安全中心 / 2, 1, 1, 1003] [360Safetray] [D:\360safe\safemon\360Tray.exe /start] [奇虎网 / 5, 0, 0, 1002] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\run] [PPS Accelerator] [d:\PPStream\ppsap.exe] [PPStream Inc / 1, 0, 11, 139] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] [Shell] [Explorer.exe] [Microsoft Corporation / 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)] [UIHost] [logonui.exe] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [Userinit] [C:\WINDOWS\system32\userinit.exe,] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] [Your Image File Name Here without a path] [ntsd -d] [Microsoft Corporation / 5.1.2600.0 (XPClient.010817-1148)] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] [AtiExtEvent] [Ati2evxx.dll] [ATI Technologies Inc. / 6.14.10.4176] [crypt32chain] [crypt32.dll] [Microsoft Corporation / 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)] [cryptnet] [cryptnet.dll] [Microsoft Corporation / 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)] [cscdll] [cscdll.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [ScCertProp] [wlnotify.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [Schedule] [wlnotify.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [sclgntfy] [sclgntfy.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [SensLogn] [WlNotify.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [termsrv] [wlnotify.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [wlballoon] [wlnotify.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\BootExecute] [BootExecute] [autocheck autochk *] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [BootExecute] [ bsmain] [Beijing Rising Information Technology Co., Ltd. / 20, 0, 0, 4] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs] [advapi32] [advapi32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [comdlg32] [comdlg32.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [gdi32] [gdi32.dll] [Microsoft Corporation / 5.1.2600.2818 (xpsp_sp2_gdr.051228-1427)] [imagehlp] [imagehlp.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [kernel32] [kernel32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [lz32] [lz32.dll] [Microsoft Corporation / 5.1.2600.0 (xpclient.010817-1148)] [ole32] [ole32.dll] [Microsoft Corporation / 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [oleaut32] [oleaut32.dll] [Microsoft Corporation / 5.1.2600.2180] [olecli32] [olecli32.dll] [Microsoft Corporation / 1.07 (xpsp_sp2_gdr.050725-1528)] [olecnv32] [olecnv32.dll] [Microsoft Corporation / 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [olesvr32] [olesvr32.dll] [Microsoft Corporation / 1.09 (XPClient.010817-1148)] [olethk32] [olethk32.dll] [Microsoft Corporation / 5.1.2600.0 (XPClient.010817-1148)] [rpcrt4] [rpcrt4.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [shell32] [shell32.dll] [Microsoft Corporation / 6.00.2900.2869 (xpsp_sp2_gdr.060316-1512)] [url] [url.dll] [Microsoft Corporation / 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [urlmon] [urlmon.dll] [Microsoft Corporation / 6.00.2900.2870 (xpsp.060317-1527)] [user32] [user32.dll] [Microsoft Corporation / 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] [version] [version.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [wininet] [wininet.dll] [Microsoft Corporation / 6.00.2900.2861 (xpsp.060303-1528)] [wldap32] [wldap32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] ================================================== 服务项列表 ================================================== Ati HotKey Poller WIN32 OWN PROCESS AUTO START RUNNING [C:\WINDOWS\system32\Ati2evxx.exe] [ATI Technologies Inc. / 6.14.10.4178] CiSvc WIN32 SHARE PROCESS DEMAND START STOPPED [C:\WINDOWS\system32\cisvc.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] ClipSrv WIN32 OWN PROCESS DISABLED STOPPED [C:\WINDOWS\system32\clipsrv.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] COMSysApp WIN32 OWN PROCESS DEMAND START STOPPED [C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] dmadmin WIN32 SHARE PROCESS DEMAND START STOPPED [C:\WINDOWS\System32\dmadmin.exe /com] [Microsoft Corp., Veritas Software / 2600.2180.503.0] HidServ WIN32 SHARE PROCESS DISABLED STOPPED [C:\WINDOWS\System32\svchost.exe -k netsvcs -- C:\WINDOWS\System32\hidserv.dll] [ / ] ImapiService WIN32 OWN PROCESS DEMAND START STOPPED [C:\WINDOWS\system32\imapi.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] kaccore WIN32 OWN PROCESS DEMAND START STOPPED ["C:\Program Files\Kingsoft\KAC\Service\kaccore.exe"] [ / ] mnmsrvc WIN32 OWN PROCESS DEMAND START STOPPED [C:\WINDOWS\system32\mnmsrvc.exe] [Microsoft Corporation / 5.1.2600.2180] MSDTC WIN32 OWN PROCESS DEMAND START STOPPED [C:\WINDOWS\system32\msdtc.exe] [Microsoft Corporation / 2001.12.4414.258] MSIServer WIN32 SHARE PROCESS DEMAND START STOPPED [C:\WINDOWS\system32\msiexec.exe /V] [Microsoft Corporation / 3.1.4000.1823] NetDDE WIN32 SHARE PROCESS DISABLED STOPPED [C:\WINDOWS\system32\netdde.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] NetDDEdsdm WIN32 SHARE PROCESS DISABLED STOPPED [C:\WINDOWS\system32\netdde.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] RDSessMgr WIN32 OWN PROCESS DEMAND START STOPPED [C:\WINDOWS\system32\sessmgr.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] RpcLocator WIN32 OWN PROCESS DEMAND START STOPPED [C:\WINDOWS\system32\locator.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] RSVP WIN32 OWN PROCESS DEMAND START STOPPED [C:\WINDOWS\system32\rsvp.exe] [Microsoft Corporation / 5.1.2600.0 (xpclient.010817-1148)] SCardSvr WIN32 SHARE PROCESS DEMAND START STOPPED [C:\WINDOWS\System32\SCardSvr.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] Spooler WIN32 OWN PROCESS DISABLED STOPPED [C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation / 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)] SQLSERVERAGENT WIN32 OWN PROCESS DEMAND START STOPPED [C:\PROGRA~1\MICROS~4\MSSQL\binn\sqlagent.exe] [Microsoft Corporation / 2000.080.0760.00] SwPrv WIN32 OWN PROCESS DEMAND START STOPPED [C:\WINDOWS\system32\dllhost.exe /Processid:{8478ECBD-4502-4AFB-B5F8-965821771D66}] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] SysmonLog WIN32 OWN PROCESS DEMAND START STOPPED [C:\WINDOWS\system32\smlogsvc.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] TlntSvr WIN32 OWN PROCESS DISABLED STOPPED [C:\WINDOWS\system32\tlntsvr.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] UMWdf WIN32 OWN PROCESS AUTO START STOPPED [C:\WINDOWS\system32\wdfmgr.exe] [ / ] UPS WIN32 OWN PROCESS DISABLED STOPPED [C:\WINDOWS\System32\ups.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] VSS WIN32 OWN PROCESS DEMAND START STOPPED [C:\WINDOWS\System32\vssvc.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] Wmi WIN32 SHARE PROCESS DEMAND START STOPPED [C:\WINDOWS\System32\svchost.exe -k netsvcs -- C:\WINDOWS\System32\advapi32.dll] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] WmiApSrv WIN32 OWN PROCESS DEMAND START STOPPED [C:\WINDOWS\system32\wbem\wmiapsrv.exe] [Microsoft Corporation / 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] ================================================== 驱动列表 ================================================== 2310_00 KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\2310_00.sys] [HighPoint Technologies, Inc. / v1.1] 3WAREDRV KERNEL DRIVER BOOT START SCSI miniport [C:\WINDOWS\System32\BIRD\3WAREDRV.SYS] [ / ] 3WAREGSM KERNEL DRIVER BOOT START SCSI miniport [C:\WINDOWS\System32\BIRD\3waregsm.sys] [ / ] 3WDRV100 KERNEL DRIVER BOOT START SCSI miniport [C:\WINDOWS\System32\BIRD\3WDRV100.SYS] [ / ] A320RAID KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\a320raid.sys] [Adaptec, Inc. / 3.00.00.63] AAC KERNEL DRIVER BOOT START SCSI miniport [C:\WINDOWS\System32\BIRD\aac.sys] [Adaptec, Inc. / 5.1.0.8360] AACSAS KERNEL DRIVER BOOT START SCSI miniport [C:\WINDOWS\System32\BIRD\aacsas.sys] [Adaptec, Inc. / 5.1.0.8360] AAR81XX KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\aar81xx.sys] [Adaptec, Inc. / 1.1.5735.0 built by: WinDDK] AARSI3X KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\aarsi3x.sys] [Adaptec, Inc. / v7.00.045A] ADP94XX KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\adp94xx.sys] [Adaptec, Inc. / 1.1.5472.0 built by: WinDDK] ADPU320 KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\adpu320.sys] [Adaptec, Inc. / 3.0.000.000 built by: WinDDK] AEC6210 KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\aec6210.sys] [ACARD Technology Corp. / 5.0.4.3] AEC6260 KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\aec6260.sys] [ACARD Technology Corp. / 1.1.4.12] AEC6280 KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\aec6280.sys] [ACARD Technology Corp. / 1, 1, 0, 4] AEC67160 KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\aec67160.sys] [ACARD Technology Corp. / 2.01] AEC67162 KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\aec67162.sys] [ACARD Technology Corp. / 2.04] AEC671X KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\AEC671X.sys] [ACARD Technology Corp. / 5.22] AEC6880 KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\AEC6880.sys] [ACARD Technology Corp. / 2.21] AEC6897 KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\aec6897.sys] [ACARD Technology Corp. / 1, 0, 3, 2] AEC68X5 KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\aec68x5.sys] [ACARD Technology Corp. / 1.055] ARCM_X86 KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\arcm_x86.sys] [ARECA Technology Corporation / 1, 2, 0, 0] ati2mtag KERNEL DRIVER DEMAND START Video [C:\WINDOWS\system32\DRIVERS\ati2mtag.sys] [ATI Technologies Inc. / 6.14.10.6727] BCHTSW32 KERNEL DRIVER BOOT START SCSI Storport [C:\WINDOWS\System32\BIRD\bchtsw32.sys] [Broadcom Corporation / 1.1.0.3] buslogic KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\bird\buslogic.sys] [Microsoft Corporation / 5.00.2134.1] CDA1000 KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\cda1000.sys] [Adaptec, Inc. / v4.30.15] CPQARRY2 KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\cpqarry2.sys] [Compaq Computer Corporation / 5.14.0.0] CPQCISSM KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\cpqcissm.sys] [Hewlett-Packard Company / 5.70.0.32 Build 1 (x86)] CSB6IDE KERNEL DRIVER BOOT START System Bus Extender [C:\WINDOWS\System32\BIRD\csb6ide.sys] [ServerWorks Corporation / 1.00] DMX3191 KERNEL DRIVER BOOT START SCSI MDMXport [C:\WINDOWS\System32\BIRD\DMX3191.sys] [Microsoft Corporation / 5.00.1877.1] DMX3194 KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\dmx3194.sys] [Microsoft Corporation / 2.16] DPTSCSI KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\dptscsi.sys] [Distributed Processing Technology Corp. / 1.KJ] FASTSX KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\fastsx.sys] [Promise Technology, Inc. / 2.00.00.25] FASTTRAK KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\fasttrak.sys] [Promise Technology, Inc. / 2.00.0.34] FASTTX2K KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\fasttx2k.sys] [Promise Technology, Inc. / 1.00.0.37] fd16_700 KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\fd16_700.sys] [Microsoft Corporation / 5.00.2134.1] fireport KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\fireport.sys] [Microsoft Corporation / 5.00.2165.1] flashpnt KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\flashpnt.sys] [Mylex,Corp. / 6.02 ] FT8300 KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\ft8300.sys] [Promise Technology, Inc. / 2.7.0000.26 built by: WinDDK] GD31244 KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\gd31244.sys] [Intel Corporation / 1.1.5.0] HPCISSS2 KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\hpcisss2.sys] [Hewlett-Packard Company / 5.2.0.32 Build 3 (x86) built by: WINBUILD1] HPT371 KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\HPT371.sys] [HighPoint Technologies, Inc. / v1.22r] HPT374 KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\hpt374.sys] [HighPoint Technologies, Inc. / v3.04] HPT3XX KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\hpt3xx.sys] [HighPoint Technologies, Inc. / v2.351] IASTOR KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\iaStor.sys] [Intel Corporation / 5.5.0.1035] IFT2000 KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\ift2000.sys] [Infortrend Technology, Inc. / 1.16] INIA100 KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\INIA100.sys] [Initio corp. / 5.29.00.00] IPSRAIDN KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\ipsraidn.sys] [IBM Corporation / 7.10.18] ITERAID KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\iteraid.sys] [Integrated Technology Express, Inc. / v1.7.1.91 built by: WinDDK] JRAID KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\JRAID.SYS] [JMicron Technology Corp. / 5.1.2600.1040 built by: WinDDK] M5228 KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\m5228.sys] [ALi Corporation. / 5.028] M5281 KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\m5281.sys] [ALi Corporation / 5.029] M5287 KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\m5287.sys] [ULi Electronics Inc. / 6.209] M5288 KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\m5288.sys] [ULi Electronics Inc. / 6.218] M5289 KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\m5289.sys] [ULi Electronics Inc. / 5.030] MEGAIDE KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\MegaIDE.sys] [LSI Logic Corporation. / 4.1.0709.2003] mraid35x KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\mraid35x.sys] [LSI Logic Corporation / 6.45.32 built by: WinDDK] MSKSSRV KERNEL DRIVER DEMAND START Extended Base [C:\WINDOWS\system32\drivers\MSKSSRV.sys] [Microsoft Corporation / 5.3.2600.2180 (xpsp_sp2_rtm.040803-2158)] NFRD960 KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\nfrd960.sys] [IBM Corporation / 7.10.18] NVATABUS KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\NVATABUS.SYS] [NVIDIA Corporation / 5.10.2600.0622 built by: WinDDK] NVRAID KERNEL DRIVER BOOT START System Bus Extender [C:\WINDOWS\System32\BIRD\NVRAID.SYS] [NVIDIA Corporation / 5.10.2600.0622 built by: WinDDK] perc2 KERNEL DRIVER BOOT START SCSI miniport [C:\WINDOWS\System32\BIRD\perc2.sys] [Adaptec, Inc. / 2.8.0.6076] PNP649R KERNEL DRIVER BOOT START Scsi miniport [C:\WINDOWS\System32\BIRD\pnp649r.sys] [CMD Technology, Inc. / 1, 0, 0, 0] PNP680 KERNEL DRIVER BOOT START Scsi miniport [C:\WINDOWS\System32\BIRD\pnp680.sys] [Silicon Image, Inc. / 1, 0, 0, 12] PNP680R KERNEL DRIVER BOOT START Scsi miniport [C:\WINDOWS\System32\BIRD\pnp680r.sys] [Silicon Image, Inc / 1, 0, 1, 7] RAIDSRC KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\raidsrc.sys] [Intel/ICP / 5.3.20] RR232X KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\rr232x.sys] [HighPoint Technologies, Inc. / v1.02] S150SX8 KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\S150sx8.sys] [Promise Technology, Inc. / 1.00.0.51] SI3112 KERNEL DRIVER BOOT START Scsi miniport [C:\WINDOWS\System32\BIRD\SI3112.sys] [Silicon Image, Inc. / 1, 3, 63, 0] SI3112R KERNEL DRIVER BOOT START Scsi miniport [C:\WINDOWS\System32\BIRD\SI3112r.sys] [Silicon Image, Inc / 1, 0, 56, 0] SI3114 KERNEL DRIVER BOOT START Scsi miniport [C:\WINDOWS\System32\BIRD\SI3114.sys] [Silicon Image, Inc. / 1, 2, 0, 5] SI3114R KERNEL DRIVER BOOT START Scsi miniport [C:\WINDOWS\SYSTEM32\BIRD\SI3114R.sys] [Silicon Image, Inc / 1, 0, 15, 0] SI3114R5 KERNEL DRIVER BOOT START Scsi miniport [C:\WINDOWS\System32\BIRD\Si3114r5.sys] [Silicon Image, Inc / 1, 4, 3, 0] SI3124 KERNEL DRIVER BOOT START Scsi miniport [C:\WINDOWS\SYSTEM32\BIRD\SI3124.sys] [Silicon Image, Inc. / 1, 3, 17, 0] SI3124R KERNEL DRIVER BOOT START Scsi miniport [C:\WINDOWS\SYSTEM32\BIRD\SI3124R.sys] [Silicon Image, Inc / 1, 0, 0, 2] SI3124R5 KERNEL DRIVER BOOT START Scsi miniport [C:\WINDOWS\SYSTEM32\BIRD\Si3124r5.sys] [Silicon Image, Inc / 1, 4, 3, 0] SI3132 KERNEL DRIVER BOOT START Scsi miniport [C:\WINDOWS\System32\BIRD\SI3132.sys] [Silicon Image, Inc. / 1, 0, 15, 0] SI3132R5 KERNEL DRIVER BOOT START Scsi miniport [C:\WINDOWS\System32\BIRD\Si3132r5.sys] [Silicon Image, Inc / 1, 4, 3, 0] SISRAID KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\SiSRaid.sys] [Silicon Integrated Systems / 5.1.1039.1090] SISRAID2 KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\SiSRaid2.sys] [Silicon Integrated Systems Corp / 2.03.00] SPTRAK KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\sptrak.sys] [Promise Technology, Inc. / 1.10 Build 41] ST8350 KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\st8350.sys] [Promise Technology, Inc. / 2.9.0000.6 built by: WinDDK] SYMMPI KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\symmpi.sys] [LSI Logic / 1.21.10.00 built by: WinDDK] Tcpip KERNEL DRIVER SYSTEM START PNP_TDI [C:\WINDOWS\system32\DRIVERS\tcpip.sys] [Microsoft Corporation / 5.1.2600.2827 (xpsp_sp2_gdr.060112-1653)] TRM3X5 KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\trm3x5.sys] [Tekram Technology Co., Ltd. / 3.03] ULSATA KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\ulsata.sys] [Promise Technology, Inc. / 1.00.0.27] ULSATA2 KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\ulsata2.sys] [Promise Technology, Inc. / 1.00.0.33] ULTIMA KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\Ultima.sys] [Aralion INC. / build(291)] ULTIMARX KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\UltimaRX.sys] [Aralion INC. / build(306)] ultra KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\ultra.sys] [Promise Technology, Inc. / 2.00.0.43] VIAMRAID KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\viamraid.sys] [VIA Technologies inc,.ltd / 5.1.2600.520] W2KADV KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\w2kadv.sys] [ConnectCom Solutions, Inc. / 3.3Q] WD7296A KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\BIRD\wd7296a.sys] [Western Digital Corporation / 3.3] ******************************** File not found ******************************** Abiosdsk KERNEL DRIVER DISABLED Primary disk [C:\WINDOWS\system32\drivers\Abiosdsk.sys] [ / ] abp480n5 KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\drivers\abp480n5.sys] [ / ] Aha154x KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\drivers\Aha154x.sys] [ / ] AliIde KERNEL DRIVER DISABLED System Bus Extender [C:\WINDOWS\system32\drivers\AliIde.sys] [ / ] asc3350p KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\drivers\asc3350p.sys] [ / ] asc3550 KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\drivers\asc3550.sys] [ / ] Atdisk KERNEL DRIVER DISABLED Primary disk [C:\WINDOWS\system32\drivers\Atdisk.sys] [ / ] ati1bixx KERNEL DRIVER BOOT START SCSI Class [C:\WINDOWS\System32\Drivers\ati1bixx.sys] [ / ] cd20xrnt KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\drivers\cd20xrnt.sys] [ / ] Changer KERNEL DRIVER SYSTEM START Filter [C:\WINDOWS\system32\drivers\Changer.sys] [ / ] FTSATA2 KERNEL DRIVER BOOT START SCSI Miniport [C:\WINDOWS\System32\DRIVERS\ftsata2.sys] [ / ] hpn KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\drivers\hpn.sys] [ / ] i2omgmt KERNEL DRIVER SYSTEM START SCSI Class [C:\WINDOWS\system32\drivers\i2omgmt.sys] [ / ] IntelIde KERNEL DRIVER DISABLED System Bus Extender [C:\WINDOWS\system32\drivers\IntelIde.sys] [ / ] KAVBootC KERNEL DRIVER BOOT START Boot Bus Extender [C:\WINDOWS\system32\Drivers\KAVBootC.sys] [ / ] KAVSafe KERNEL DRIVER AUTO START PNP_TDI [C:\WINDOWS\system32\Drivers\KAVSafe.sys] [ / ] KSysCall KERNEL DRIVER SYSTEM START None [C:\DOCUME~1\wf\LOCALS~1\Temp\KSysCall.sys] [ / ] lbrtfdc KERNEL DRIVER SYSTEM START System Bus Extender [C:\WINDOWS\system32\drivers\lbrtfdc.sys] [ / ] npkcrypt KERNEL DRIVER AUTO START Keyboard [C:\Program Files\Tencent\QQ\npkcrypt.sys] [ / ] PCIDump KERNEL DRIVER SYSTEM START PCI Configuration [C:\WINDOWS\system32\drivers\PCIDump.sys] [ / ] PDCOMP KERNEL DRIVER DEMAND START None [C:\WINDOWS\system32\drivers\PDCOMP.sys] [ / ] PDFRAME KERNEL DRIVER DEMAND START None [C:\WINDOWS\system32\drivers\PDFRAME.sys] [ / ] PDRELI KERNEL DRIVER DEMAND START None [C:\WINDOWS\system32\drivers\PDRELI.sys] [ / ] PDRFRAME KERNEL DRIVER DEMAND START None [C:\WINDOWS\system32\drivers\PDRFRAME.sys] [ / ] perc2hib KERNEL DRIVER DISABLED Filter [C:\WINDOWS\system32\drivers\perc2hib.sys] [ / ] Simbad KERNEL DRIVER DISABLED Filter [C:\WINDOWS\system32\drivers\Simbad.sys] [ / ] Sparrow KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\drivers\Sparrow.sys] [ / ] tcpsr KERNEL DRIVER DEMAND START None [C:\WINDOWS\System32\drivers\tcpsr.sys] [ / ] TosIde KERNEL DRIVER DISABLED System Bus Extender [C:\WINDOWS\system32\drivers\TosIde.sys] [ / ] ViaIde KERNEL DRIVER DISABLED System Bus Extender [C:\WINDOWS\system32\drivers\ViaIde.sys] [ / ] WDICA KERNEL DRIVER DEMAND START None [C:\WINDOWS\system32\drivers\WDICA.sys] [ / ] ================================================== 浏览器加载项列表 ================================================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions] [JUJU猫] [http://www.jujumao.com] [ / ] {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} [Messenger] [C:\Program Files\Messenger\msmsgs.exe] [Microsoft Corporation / 4.7.3001] {FB5F1910-F110-11d2-BB9E-00C04F795683} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] [ThunderAtOnce Class] [D:\Thunder\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD / 1.0.5.29] {01443AEC-0FD1-40fd-9C87-E93D1494C233} [Thunder Browser Helper] [D:\Thunder\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD / 5, 0, 8, 96] {889D2FEB-5411-4565-8998-1DD2C5261283} [SafeMon Class] [D:\360safe\safemon\safemon.dll] [360.CN / 4, 2, 0, 1005] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt] [使用UUSee下载] [d:\uusee\geturltodown.htm] [ / ] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [使用UUSee加速播放] [d:\uusee\geturltoplay.htm] [ / ] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [使用迅雷下载] [D:\Thunder\Program\geturl.htm] [ / ] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [使用迅雷下载全部链接] [D:\Thunder\Program\getallurl.htm] [ / ] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [导出到 Microsoft Office Excel(&X)] [res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000] [ / ] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [添加到QQ表情] [D:\Tencent\QQ\AddEmotion.htm] [ / ] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] [Microsoft Url 搜索挂接] [C:\WINDOWS\system32\shdocvw.dll] [Microsoft Corporation / 6.00.2900.2877 (xpsp.060329-1554)] {CFBFAE00-17A6-11D0-99CB-00C04FD64497} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars] [每日提示(&T)] [C:\WINDOWS\system32\shdocvw.dll] [Microsoft Corporation / 6.00.2900.2877 (xpsp.060329-1554)] {4D5C8C25-D075-11d0-B416-00C04FB90376} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] [URL 执行挂钩] [C:\WINDOWS\system32\shell32.dll] [Microsoft Corporation / 6.00.2900.2869 (xpsp_sp2_gdr.060316-1512)] {AEB6717E-7E19-11d0-97EE-00C04FD91972} [ShlExecHack Class] [C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Information Technology Co., Ltd. / 20.0.0.18] {32CD708B-60A7-4C00-9377-D73EAA495F0F} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] [Browseui 预加载程序] [C:\WINDOWS\system32\browseui.dll] [Microsoft Corporation / 6.00.2900.2861 (xpsp.060303-1528)] {438755C2-A8BA-11D1-B96B-00A0C90312E1} [组件类别缓存程序] [C:\WINDOWS\system32\browseui.dll] [Microsoft Corporation / 6.00.2900.2861 (xpsp.060303-1528)] {8C7461EF-2B13-11d2-BE35-3078302C2030} ================================================== 文件关联信息 ================================================== .txt txtfile C:\WINDOWS\notepad.exe %1 .exe exefile "%1" %* .com comfile "%1" %* .pif piffile "%1" %* .reg regfile regedit.exe "%1" .bat batfile "%1" %* .scr scrfile "%1" /S .chm chm.file "hh.exe" %1 .hlp hlpfile %SystemRoot%\System32\winhlp32.exe %1 .ini inifile C:\WINDOWS\System32\NOTEPAD.EXE %1 .inf inffile %SystemRoot%\System32\NOTEPAD.EXE %1 .vbs VBSFile %SystemRoot%\System32\WScript.exe "%1" %* .js JSFile %SystemRoot%\System32\WScript.exe "%1" %* .lnk lnkfile {00021401-0000-0000-C000-000000000046} ================================================== Winsock服务提供者信息 ================================================== 000000000001 C:\WINDOWS\system32\mswsock.dll 000000000002 C:\WINDOWS\system32\mswsock.dll 000000000003 C:\WINDOWS\system32\mswsock.dll 000000000004 C:\WINDOWS\system32\rsvpsp.dll 000000000005 C:\WINDOWS\system32\rsvpsp.dll 000000000006 C:\WINDOWS\system32\mswsock.dll 000000000007 C:\WINDOWS\system32\mswsock.dll 000000000008 C:\WINDOWS\system32\mswsock.dll 000000000009 C:\WINDOWS\system32\mswsock.dll 000000000010 C:\WINDOWS\system32\mswsock.dll 000000000011 C:\WINDOWS\system32\mswsock.dll 000000000012 C:\WINDOWS\system32\mswsock.dll 000000000013 C:\WINDOWS\system32\mswsock.dll ================================================== 自动播放文件 ================================================== ================================================== Hosts文件 ================================================== 127.0.0.1 ZieF.pl 127.0.0.1 localhost ================================================== 隐藏文件列表 ================================================== ================================================== 隐藏注册表列表 ==================================================