本报告由QQ医生提供 http://im.qq.com/doctor/ 诊断时间: 2009-01-30 04:23:32 操作系统: Windows XP Service Pack 2 QQ医生版本: QQDoctor.exe 2, 0, 8, 401 DrUpdate.exe 2009, 1, 19, 17 TSELoder.DAT 2008, 1, 28, 13 TSEngine.DAT 2008, 4, 7, 25 TSEPB.DAT 2008, 12, 17, 33 TSFSEngine.DAT 2008, 12, 1, 4 TSFileFilter.DAT 2007, 12, 5, 01 TSKsp.sys 2009, 1, 13, 14 TSKSPLIB.dat 2009, 1, 13, 14 TSVulMon.DAT 2008, 12, 25, 10 TSVulChk.dat 2009, 1, 19, 17 ====================进程项==================== C:\WINDOWS\msagent\AgentSvr.exe (Microsoft Corporation, 250.5 KB, 2.00.0.3422) 942ea6ce2ad1d475f482276cab0bf6a3 C:\WINDOWS\System32\alg.exe (Microsoft Corporation, 43.5 KB, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)) a9de20df2c89b6b2ffda0e6cd52a8599 C:\WINDOWS\system32\conime.exe (Microsoft Corporation, 27.0 KB, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)) 30162ff3b6fe72a9799dfb496111fe02 \??\C:\WINDOWS\system32\csrss.exe (Microsoft Corporation, 6.0 KB, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)) 3502114e4cb83e491a80fc361c1dc7b7 C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation, 15.0 KB, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)) 4cc6277445d2d388a4cd827086a5f5f0 C:\Program Files\Analog Devices\Eagle I and Eagle II USB ADSL\dslmon.exe (, 908.1 KB, 1, 0, 0, 1) b4e1bccc60cc8aa880b3d54c320dfba2 C:\WINDOWS\Explorer.EXE (Microsoft Corporation, 954.0 KB, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)) 82b8373ed12a602820108f6154bf0c4c C:\WINDOWS\Explorer.EXE [Microsoft Corporation] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation] C:\WINDOWS\system32\SHLWAPI.dll [Microsoft Corporation] C:\WINDOWS\system32\SHELL32.dll [Microsoft Corporation] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation] C:\WINDOWS\system32\BROWSEUI.dll [Microsoft Corporation] C:\WINDOWS\system32\SHDOCVW.dll [Microsoft Corporation] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation] C:\WINDOWS\system32\CRYPTUI.dll [Microsoft Corporation] C:\WINDOWS\system32\WINTRUST.dll [Microsoft Corporation] C:\WINDOWS\system32\IMAGEHLP.dll [Microsoft Corporation] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation] C:\WINDOWS\system32\WININET.dll [Microsoft Corporation] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation] C:\WINDOWS\system32\ShimEng.dll [Microsoft Corporation] C:\WINDOWS\AppPatch\AcGenral.DLL [Microsoft Corporation] C:\WINDOWS\system32\WINMM.dll [Microsoft Corporation] C:\WINDOWS\system32\MSACM32.dll [Microsoft Corporation] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll [Microsoft Corporation] C:\WINDOWS\system32\comctl32.dll [Microsoft Corporation] C:\WINDOWS\system32\urlmon.dll [Microsoft Corporation] C:\WINDOWS\system32\msctfime.ime [Microsoft Corporation] C:\WINDOWS\system32\appHelp.dll [Microsoft Corporation] C:\WINDOWS\system32\CLBCATQ.DLL [Microsoft Corporation] C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation] C:\WINDOWS\System32\cscui.dll [Microsoft Corporation] C:\WINDOWS\System32\CSCDLL.dll [Microsoft Corporation] C:\WINDOWS\System32\themeui.dll [Microsoft Corporation] C:\WINDOWS\System32\MSIMG32.dll [Microsoft Corporation] C:\WINDOWS\system32\xpsp2res.dll [Microsoft Corporation] C:\WINDOWS\System32\msutb.dll [Microsoft Corporation] C:\WINDOWS\System32\MSCTF.dll [Microsoft Corporation] C:\WINDOWS\system32\LINKINFO.dll [Microsoft Corporation] C:\WINDOWS\system32\ntshrui.dll [Microsoft Corporation] C:\WINDOWS\system32\ATL.DLL [Microsoft Corporation] C:\WINDOWS\system32\NETSHELL.dll [Microsoft Corporation] C:\WINDOWS\system32\rtutils.dll [Microsoft Corporation] C:\WINDOWS\system32\credui.dll [Microsoft Corporation] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation] C:\WINDOWS\system32\iphlpapi.dll [Microsoft Corporation] C:\WINDOWS\system32\SETUPAPI.dll [Microsoft Corporation] C:\WINDOWS\system32\WINSTA.dll [Microsoft Corporation] C:\WINDOWS\System32\webcheck.dll [Microsoft Corporation] C:\WINDOWS\System32\WSOCK32.dll [Microsoft Corporation] C:\WINDOWS\System32\stobject.dll [Microsoft Corporation] C:\WINDOWS\System32\BatMeter.dll [Microsoft Corporation] C:\WINDOWS\System32\POWRPROF.dll [Microsoft Corporation] C:\WINDOWS\System32\WTSAPI32.dll [Microsoft Corporation] C:\WINDOWS\system32\rsaenh.dll [Microsoft Corporation] C:\WINDOWS\system32\wdmaud.drv [Microsoft Corporation] C:\WINDOWS\system32\mslbui.dll [Microsoft Corporation] C:\WINDOWS\system32\msacm32.drv [Microsoft Corporation] C:\WINDOWS\system32\midimap.dll [Microsoft Corporation] C:\WINDOWS\system32\MPR.dll [Microsoft Corporation] C:\WINDOWS\System32\drprov.dll [Microsoft Corporation] C:\WINDOWS\System32\ntlanman.dll [Microsoft Corporation] C:\WINDOWS\System32\NETUI0.dll [Microsoft Corporation] C:\WINDOWS\System32\NETUI1.dll [Microsoft Corporation] C:\WINDOWS\System32\NETRAP.dll [Microsoft Corporation] C:\WINDOWS\System32\SAMLIB.dll [Microsoft Corporation] C:\WINDOWS\System32\davclnt.dll [Microsoft Corporation] C:\WINDOWS\system32\PSAPI.DLL [Microsoft Corporation] C:\WINDOWS\system32\RASDLG.dll [Microsoft Corporation] C:\WINDOWS\system32\MPRAPI.dll [Microsoft Corporation] C:\WINDOWS\system32\ACTIVEDS.dll [Microsoft Corporation] C:\WINDOWS\system32\adsldpc.dll [Microsoft Corporation] C:\WINDOWS\system32\RASAPI32.dll [Microsoft Corporation] C:\WINDOWS\system32\rasman.dll [Microsoft Corporation] C:\WINDOWS\system32\TAPI32.dll [Microsoft Corporation] C:\WINDOWS\system32\msv1_0.dll [Microsoft Corporation] C:\WINDOWS\system32\SXS.DLL [Microsoft Corporation] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation] C:\DOCUME~1\USER_F~1\LOCALS~1\Temp\WowInitcode.dat [] C:\WINDOWS\system32\WZCSAPI.DLL [Microsoft Corporation] C:\WINDOWS\system32\wzcdlg.dll [Microsoft Corporation] C:\WINDOWS\system32\WINHTTP.dll [Microsoft Corporation] C:\WINDOWS\system32\browselc.dll [Microsoft Corporation] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation] C:\WINDOWS\system32\OLEACC.dll [Microsoft Corporation] C:\WINDOWS\system32\MSVCP60.dll [Microsoft Corporation] D:\Thunder\Components\ResWorker\DsBho_00.dll [Thunder Networking Technologies,LTD] D:\Thunder\Components\ResWorker\DataProcessor_00.dll [Thunder Networking Technologies,LTD] C:\WINDOWS\system32\MSGINA.dll [Microsoft Corporation] C:\WINDOWS\system32\ODBC32.dll [Microsoft Corporation] C:\WINDOWS\system32\comdlg32.dll [Microsoft Corporation] C:\WINDOWS\system32\odbcint.dll [Microsoft Corporation] C:\WINDOWS\system32\DUSER.dll [Microsoft Corporation] C:\WINDOWS\system32\MLANG.dll [Microsoft Corporation] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll [Microsoft Corporation] C:\WINDOWS\system32\sensapi.dll [Microsoft Corporation] C:\WINDOWS\System32\msxml3.dll [Microsoft Corporation] C:\WINDOWS\system32\jscript.dll [Microsoft Corporation] C:\WINDOWS\system32\vbscript.dll [Microsoft Corporation] C:\WINDOWS\system32\MFC42.DLL [Microsoft Corporation] C:\WINDOWS\system32\MFC42LOC.DLL [Microsoft Corporation] C:\WINDOWS\system32\PRINTUI.dll [Microsoft Corporation] C:\WINDOWS\system32\WINSPOOL.DRV [Microsoft Corporation] C:\WINDOWS\system32\CFGMGR32.dll [Microsoft Corporation] D:\Unlocker\UnlockerCOM.dll [] D:\WinRAR\rarext.dll [] C:\WINDOWS\System32\mydocs.dll [Microsoft Corporation] C:\WINDOWS\system32\msadp32.acm [Microsoft Corporation] C:\WINDOWS\System32\cdfview.dll [Microsoft Corporation] C:\WINDOWS\system32\lsass.exe (Microsoft Corporation, 13.0 KB, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)) 891600e79c38249028f1bacc1c6cc5d2 C:\WINDOWS\system32\services.exe (Microsoft Corporation, 105.5 KB, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)) 9cabf264ce1177cafbbba4b910a44c79 \SystemRoot\System32\smss.exe (Microsoft Corporation, 49.5 KB, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)) 32d5d8666e082f567923db579b5390fc C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, 14.0 KB, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)) a22d7b3594c381efb3395a072725fe95 C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, 14.0 KB, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)) a22d7b3594c381efb3395a072725fe95 C:\WINDOWS\System32\svchost.exe (Microsoft Corporation, 14.0 KB, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)) a22d7b3594c381efb3395a072725fe95 C:\WINDOWS\System32\svchost.exe (Microsoft Corporation, 14.0 KB, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)) a22d7b3594c381efb3395a072725fe95 C:\WINDOWS\System32\svchost.exe (Microsoft Corporation, 14.0 KB, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)) a22d7b3594c381efb3395a072725fe95 C:\WINDOWS\System32\svchost.exe (Microsoft Corporation, 14.0 KB, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)) a22d7b3594c381efb3395a072725fe95 \??\C:\WINDOWS\system32\winlogon.exe (Microsoft Corporation, 476.0 KB, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)) a5153e6b7b02545f789af2fcd27fb325 ====================启动项==================== AlternateShell [Microsoft Corporation] (cmd.exe) "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot" 722a247acb86960a708528120759266d BootExecute [Microsoft Corporation] (autochk *) "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" 288e9c01f3325ff420fa685c6ec6a831 ctfmon.exe [Microsoft Corporation] (C:\WINDOWS\system32\ctfmon.exe) "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" 4cc6277445d2d388a4cd827086a5f5f0 DSLMON.lnk [] (C:\Program Files\Analog Devices\Eagle I and Eagle II USB ADSL\dslmon.exe) "C:\Documents and Settings\All Users\「开始」菜单\程序\启动\DSLMON.lnk" b4e1bccc60cc8aa880b3d54c320dfba2 Shell [Microsoft Corporation] (Explorer.exe) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" 82b8373ed12a602820108f6154bf0c4c UIHost [Microsoft Corporation] (logonui.exe) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" c35f08e88fcdcc44926ec97000078bcc Userinit [Microsoft Corporation] (C:\WINDOWS\system32\userinit.exe) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" 7bd70ec53cb7398246c84d25bff33aa8 ====================IE右键菜单==================== 使用迅雷下载 [D:\Thunder\Program\GetUrl.htm] 使用迅雷下载全部链接 [D:\Thunder\Program\GetAllUrl.htm] ====================系统服务==================== Alerter [Microsoft Corporation] "C:\WINDOWS\system32\alrsvc.dll" 禁用 d3b55cadbe9bdc57e0c8601842e43066 ALG [Microsoft Corporation] "C:\WINDOWS\System32\alg.exe" 启用 a9de20df2c89b6b2ffda0e6cd52a8599 AppMgmt [] "C:\WINDOWS\System32\appmgmts.dll" 禁用 AudioSrv [Microsoft Corporation] "C:\WINDOWS\System32\audiosrv.dll" 启用 bb9c41f8af9593a0ba0faabf28051bc4 BITS [Microsoft Corporation] "C:\WINDOWS\System32\qmgr.dll" 禁用 cdc7027806a38968592c54ea2555c147 Browser [Microsoft Corporation] "C:\WINDOWS\System32\browser.dll" 禁用 7f0b098e0ea857f40c155785cc9a7239 cisvc [Microsoft Corporation] "C:\WINDOWS\System32\cisvc.exe" 禁用 ea4078ba0794994ad10d0371ce2070f9 ClipSrv [Microsoft Corporation] "C:\WINDOWS\system32\clipsrv.exe" 禁用 95d48a471e45a78e145ce3e8a2e6f61b COMSysApp [Microsoft Corporation] "C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}" 禁用 0a8fa72d426143f4f694068e9e93f5f1 CryptSvc [Microsoft Corporation] "C:\WINDOWS\System32\cryptsvc.dll" 启用 c78fbd718a49039ecd024605d855ba5a DcomLaunch [Microsoft Corporation] "C:\WINDOWS\system32\rpcss.dll" 启用 bd89a4549425a2fa3fc2653b266d8d80 Dhcp [Microsoft Corporation] "C:\WINDOWS\System32\dhcpcsvc.dll" 启用 56c75a94c42b0087ae54602d4838674e dmadmin [Microsoft Corp., Veritas Software] "C:\WINDOWS\System32\dmadmin.exe /com" 禁用 8ad6ae71db443084ab8332d89b00a449 dmserver [Microsoft Corp.] "C:\WINDOWS\System32\dmserver.dll" 禁用 9c690c012ff38710ea3fee2984f43006 Dnscache [Microsoft Corporation] "C:\WINDOWS\System32\dnsrslvr.dll" 启用 818c8710198431aad4ea1d539e989189 ERSvc [Microsoft Corporation] "C:\WINDOWS\System32\ersvc.dll" 启用 8b8064d31bacb4f8371a1da3f0daf97e Eventlog [Microsoft Corporation] "C:\WINDOWS\system32\services.exe" 启用 9cabf264ce1177cafbbba4b910a44c79 EventSystem [Microsoft Corporation] "C:\WINDOWS\System32\es.dll" 启用 233226d5a9d50703d7d7fa904808e575 FastUserSwitchingCompatibility [Microsoft Corporation] "C:\WINDOWS\System32\shsvcs.dll" 禁用 0028d552627f011f86dcccc2eba8e998 helpsvc [Microsoft Corporation] "C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll" 启用 a37732a722edeb76522e8c826abd87e5 HidServ [] "C:\WINDOWS\System32\hidserv.dll" 禁用 HTTPFilter [Microsoft Corporation] "C:\WINDOWS\System32\w3ssl.dll" 禁用 c377bb41180c4def6481c691aa962917 ImapiService [Microsoft Corporation] "C:\WINDOWS\System32\imapi.exe" 禁用 100781d36ae5ffbf0a96fc8ce57c31a7 lanmanserver [Microsoft Corporation] "C:\WINDOWS\System32\srvsvc.dll" 启用 96a85977376fa8738e51bd2b5359d132 lanmanworkstation [Microsoft Corporation] "C:\WINDOWS\System32\wkssvc.dll" 启用 277fa95f2a75d900f4cef15135dd4ff9 LmHosts [Microsoft Corporation] "C:\WINDOWS\System32\lmhsvc.dll" 禁用 7b8a110aae74605fa301b1b249c4f561 Messenger [Microsoft Corporation] "C:\WINDOWS\System32\msgsvc.dll" 禁用 682805e6394d20e2f2a3402a329f1ace mnmsrvc [Microsoft Corporation] "C:\WINDOWS\System32\mnmsrvc.exe" 禁用 d9972601d1bdc3f15275a6d0202b1e61 MSDTC [Microsoft Corporation] "C:\WINDOWS\System32\msdtc.exe" 禁用 8461b089f14a35411b32b2fb4602bc11 MSIServer [Microsoft Corporation] "C:\WINDOWS\System32\msiexec.exe /V" 禁用 fc4844b090ea31e1731453aca8491d7d NetDDE [Microsoft Corporation] "C:\WINDOWS\system32\netdde.exe" 禁用 c8b34df15e22bc172e784d36d8210602 NetDDEdsdm [Microsoft Corporation] "C:\WINDOWS\system32\netdde.exe" 禁用 c8b34df15e22bc172e784d36d8210602 Netlogon [Microsoft Corporation] "C:\WINDOWS\System32\lsass.exe" 禁用 891600e79c38249028f1bacc1c6cc5d2 Netman [Microsoft Corporation] "C:\WINDOWS\System32\netman.dll" 启用 172770ad779bf8449611c054ee18be46 Nla [Microsoft Corporation] "C:\WINDOWS\System32\mswsock.dll" 启用 56b6b50f154c486b990dada6ceab9907 NtLmSsp [Microsoft Corporation] "C:\WINDOWS\System32\lsass.exe" 禁用 891600e79c38249028f1bacc1c6cc5d2 NtmsSvc [Microsoft Corporation] "C:\WINDOWS\system32\ntmssvc.dll" 禁用 d1c443e3fd1491d459bad3c29caa1cde PlugPlay [Microsoft Corporation] "C:\WINDOWS\system32\services.exe" 启用 9cabf264ce1177cafbbba4b910a44c79 PolicyAgent [Microsoft Corporation] "C:\WINDOWS\System32\lsass.exe" 启用 891600e79c38249028f1bacc1c6cc5d2 ProtectedStorage [Microsoft Corporation] "C:\WINDOWS\system32\lsass.exe" 启用 891600e79c38249028f1bacc1c6cc5d2 RasAuto [Microsoft Corporation] "C:\WINDOWS\System32\rasauto.dll" 禁用 73f57631d090770afda31dae9b84aa5c RasMan [Microsoft Corporation] "C:\WINDOWS\System32\rasmans.dll" 启用 8e199abc4420b1cfdd261949834374d8 RDSessMgr [Microsoft Corporation] "C:\WINDOWS\system32\sessmgr.exe" 禁用 f28de50c35113ac6f813121105c17552 RemoteAccess [Microsoft Corporation] "C:\WINDOWS\System32\mprdim.dll" 禁用 761dceac6eccef5aa38974d0cd53dee8 RpcLocator [Microsoft Corporation] "C:\WINDOWS\System32\locator.exe" 禁用 cf55d680db483883fd0765449e2e1a53 RpcSs [Microsoft Corporation] "C:\WINDOWS\system32\rpcss.dll" 启用 bd89a4549425a2fa3fc2653b266d8d80 RSVP [Microsoft Corporation] "C:\WINDOWS\System32\rsvp.exe" 禁用 53a79336f917ca1ff120043dcb74def8 SamSs [Microsoft Corporation] "C:\WINDOWS\system32\lsass.exe" 启用 891600e79c38249028f1bacc1c6cc5d2 SCardSvr [Microsoft Corporation] "C:\WINDOWS\System32\SCardSvr.exe" 禁用 ea08e7fecd0d3b87299219a695ba6044 Schedule [Microsoft Corporation] "C:\WINDOWS\system32\schedsvc.dll" 启用 64d0e7a615a59670c61e7f3de9cc9b39 seclogon [Microsoft Corporation] "C:\WINDOWS\System32\seclogon.dll" 启用 2027dd427d91a3b7488912ff75cffb2d SENS [Microsoft Corporation] "C:\WINDOWS\system32\sens.dll" 启用 da59bb205b7032312ea7725d3d4cbdd7 SharedAccess [Microsoft Corporation] "C:\WINDOWS\System32\ipnathlp.dll" 启用 1311c5120aaa9a50696884ae12fdb945 ShellHWDetection [Microsoft Corporation] "C:\WINDOWS\System32\shsvcs.dll" 启用 0028d552627f011f86dcccc2eba8e998 Spooler [Microsoft Corporation] "C:\WINDOWS\system32\spoolsv.exe" 禁用 c2f639fe444ee40868638ac6f279b0a2 srservice [Microsoft Corporation] "C:\WINDOWS\System32\srsvc.dll" 启用 dda0bc29483f867468a1f500c07e09f0 SSDPSRV [Microsoft Corporation] "C:\WINDOWS\System32\ssdpsrv.dll" 禁用 516bb4c1fdeec32792faa09008416a9b stisvc [Microsoft Corporation] "C:\WINDOWS\system32\wiaservc.dll" 启用 f3437c768c97f4a0d7fca28db054c5ca SwPrv [Microsoft Corporation] "C:\WINDOWS\System32\dllhost.exe /Processid:{30357879-197B-4D59-98DB-95E9E29104A3}" 禁用 0a8fa72d426143f4f694068e9e93f5f1 SysmonLog [Microsoft Corporation] "C:\WINDOWS\system32\smlogsvc.exe" 禁用 b7022b3616ca3f632c18426837ddf6de TapiSrv [Microsoft Corporation] "C:\WINDOWS\System32\tapisrv.dll" 启用 040f9b623c7cb3c462ee8d87f52cde2f TermService [Microsoft Corporation] "C:\WINDOWS\System32\termsrv.dll" 启用 ab5b2ac7ffb870673d6806e974bf2f52 Themes [Microsoft Corporation] "C:\WINDOWS\System32\shsvcs.dll" 启用 0028d552627f011f86dcccc2eba8e998 TrkWks [Microsoft Corporation] "C:\WINDOWS\system32\trkwks.dll" 启用 91bef237caaa97abf07ff235a7f2da7f upnphost [Microsoft Corporation] "C:\WINDOWS\System32\upnphost.dll" 禁用 578472f419e9cf90a3bcd5f3f8b7d974 UPS [Microsoft Corporation] "C:\WINDOWS\System32\ups.exe" 禁用 9cf73b37823794e0b30dd71137dcff1a VSS [Microsoft Corporation] "C:\WINDOWS\System32\vssvc.exe" 禁用 1ef0ef50df1679052b6fa1859dbb9662 W32Time [Microsoft Corporation] "C:\WINDOWS\System32\w32time.dll" 启用 f8559534a2e23a44f0a03d53e3022519 WebClient [Microsoft Corporation] "C:\WINDOWS\System32\webclnt.dll" 启用 55b64b746089ae67515d8f861ea774de winmgmt [Microsoft Corporation] "C:\WINDOWS\system32\wbem\WMIsvc.dll" 启用 ec735ce05be04b9e685479f59c7c4159 WmdmPmSN [Microsoft Corporation] "C:\WINDOWS\System32\mspmsnsv.dll" 禁用 17c0792db9156f79d176fae9ea539eb5 WmiApSrv [Microsoft Corporation] "C:\WINDOWS\System32\wbem\wmiapsrv.exe" 禁用 5c23ddc43ba370a788eeb8c9aeb8b2db wscsvc [Microsoft Corporation] "C:\WINDOWS\system32\wscsvc.dll" 启用 89a37acd0ef00571a28c4e63d54b402f wuauserv [Microsoft Corporation] "C:\WINDOWS\System32\wuauserv.dll" 禁用 c52bece821cf75fdd93753e47a8741fb WZCSVC [Microsoft Corporation] "C:\WINDOWS\System32\wzcsvc.dll" 启用 5b5cfccae9c690432707014627ff3b36 xmlprov [Microsoft Corporation] "C:\WINDOWS\System32\xmlprov.dll" 禁用 e581208b0b84caaeebe56a51b1bf9d6d ====================映像劫持==================== Your Image File Name Here without a path [Microsoft Corporation] "C:\WINDOWS\system32\ntsd.EXE" fdd5617984b24d21991f80bc94714218 ====================协议相关==================== about [Microsoft Corporation] {3050F406-98B5-11CF-BB82-00AA00BDCE0B} "C:\WINDOWS\System32\mshtml.dll" 启用 a785d8fb8cc7074f6fe46010ae5d4544 cdl [Microsoft Corporation] {3dd53d40-7b8b-11D0-b013-00aa0059ce02} "C:\WINDOWS\system32\urlmon.dll" 启用 f54dee285993285f8ae304404d706c06 Class Install Handler [Microsoft Corporation] {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} "C:\WINDOWS\system32\urlmon.dll" 启用 f54dee285993285f8ae304404d706c06 deflate [Microsoft Corporation] {8f6b0360-b80d-11d0-a9b3-006097942311} "C:\WINDOWS\system32\urlmon.dll" 启用 f54dee285993285f8ae304404d706c06 dvd [Microsoft Corporation] {12D51199-0DB5-46FE-A120-47A3D7D937CC} "C:\WINDOWS\system32\msvidctl.dll" 启用 0360dda8a8c7cd49667c8291993754d7 file [Microsoft Corporation] {79eac9e7-baf9-11ce-8c82-00aa004ba90b} "C:\WINDOWS\system32\urlmon.dll" 启用 f54dee285993285f8ae304404d706c06 ftp [Microsoft Corporation] {79eac9e3-baf9-11ce-8c82-00aa004ba90b} "C:\WINDOWS\system32\urlmon.dll" 启用 f54dee285993285f8ae304404d706c06 gopher [Microsoft Corporation] {79eac9e4-baf9-11ce-8c82-00aa004ba90b} "C:\WINDOWS\system32\urlmon.dll" 启用 f54dee285993285f8ae304404d706c06 gzip [Microsoft Corporation] {8f6b0360-b80d-11d0-a9b3-006097942311} "C:\WINDOWS\system32\urlmon.dll" 启用 f54dee285993285f8ae304404d706c06 http [Microsoft Corporation] {79eac9e2-baf9-11ce-8c82-00aa004ba90b} "C:\WINDOWS\system32\urlmon.dll" 启用 f54dee285993285f8ae304404d706c06 https [Microsoft Corporation] {79eac9e5-baf9-11ce-8c82-00aa004ba90b} "C:\WINDOWS\system32\urlmon.dll" 启用 f54dee285993285f8ae304404d706c06 its [Microsoft Corporation] {9D148291-B9C8-11D0-A4CC-0000F80149F6} "C:\WINDOWS\System32\itss.dll" 启用 19d8feef68664ac61eabf4722c91821f javascript [Microsoft Corporation] {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} "C:\WINDOWS\System32\mshtml.dll" 启用 a785d8fb8cc7074f6fe46010ae5d4544 lid [Microsoft Corporation] {5C135180-9973-46D9-ABF4-148267CBB8BF} "C:\WINDOWS\System32\msvidctl.dll" 启用 0360dda8a8c7cd49667c8291993754d7 local [Microsoft Corporation] {79eac9e7-baf9-11ce-8c82-00aa004ba90b} "C:\WINDOWS\system32\urlmon.dll" 启用 f54dee285993285f8ae304404d706c06 lzdhtml [Microsoft Corporation] {8f6b0360-b80d-11d0-a9b3-006097942311} "C:\WINDOWS\system32\urlmon.dll" 启用 f54dee285993285f8ae304404d706c06 mailto [Microsoft Corporation] {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} "C:\WINDOWS\System32\mshtml.dll" 启用 a785d8fb8cc7074f6fe46010ae5d4544 mhtml [Microsoft Corporation] {05300401-BCBC-11d0-85E3-00C04FD85AB4} "C:\WINDOWS\System32\inetcomm.dll" 启用 5fe6fc256183a303f82ed7c4bfc00c6e mk [Microsoft Corporation] {79eac9e6-baf9-11ce-8c82-00aa004ba90b} "C:\WINDOWS\system32\urlmon.dll" 启用 f54dee285993285f8ae304404d706c06 ms-its [Microsoft Corporation] {9D148291-B9C8-11D0-A4CC-0000F80149F6} "C:\WINDOWS\System32\itss.dll" 启用 19d8feef68664ac61eabf4722c91821f res [Microsoft Corporation] {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} "C:\WINDOWS\System32\mshtml.dll" 启用 a785d8fb8cc7074f6fe46010ae5d4544 sysimage [Microsoft Corporation] {76E67A63-06E9-11D2-A840-006008059382} "C:\WINDOWS\System32\mshtml.dll" 启用 a785d8fb8cc7074f6fe46010ae5d4544 text/webviewhtml [Microsoft Corporation] {733AC4CB-F1A4-11d0-B951-00A0C90312E1} "C:\WINDOWS\system32\SHELL32.dll" 启用 effb402c3743cd4bc695d42e70189e95 tv [Microsoft Corporation] {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} "C:\WINDOWS\system32\msvidctl.dll" 启用 0360dda8a8c7cd49667c8291993754d7 vbscript [Microsoft Corporation] {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} "C:\WINDOWS\System32\mshtml.dll" 启用 a785d8fb8cc7074f6fe46010ae5d4544 wia [Microsoft Corporation] {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} "C:\WINDOWS\System32\wiascr.dll" 启用 1433875db8b5b95167fcd52a400541d0 ====================已知DLL==================== advapi32 [Microsoft Corporation] "C:\WINDOWS\system32\advapi32.dll" 启用 7a6ba833851cf17f32fab3bfba62da75 comdlg32 [Microsoft Corporation] "C:\WINDOWS\system32\comdlg32.dll" 启用 4e56e03ec9a3554931011f267748fe0c gdi32 [Microsoft Corporation] "C:\WINDOWS\system32\gdi32.dll" 启用 157c73afbde056629bbbdc4c5b8ec6a6 imagehlp [Microsoft Corporation] "C:\WINDOWS\system32\imagehlp.dll" 启用 d046cca42ff8f83767901da002df65a0 kernel32 [Microsoft Corporation] "C:\WINDOWS\system32\kernel32.dll" 启用 9a0e5ccd94eaa89d4b6ed6ffc8f83759 lz32 [Microsoft Corporation] "C:\WINDOWS\system32\lz32.dll" 启用 c3200506fb212a0f4fb736a80e646c40 ole32 [Microsoft Corporation] "C:\WINDOWS\system32\ole32.dll" 启用 221bc2b4a2c253efdefa8a2ce0db9a69 oleaut32 [Microsoft Corporation] "C:\WINDOWS\system32\oleaut32.dll" 启用 c4490bce91e1248c98ba5ac4f19b4b77 olecli32 [Microsoft Corporation] "C:\WINDOWS\system32\olecli32.dll" 启用 70ab17fa7a18bbbc2e44c341697b7cfe olecnv32 [Microsoft Corporation] "C:\WINDOWS\system32\olecnv32.dll" 启用 b7d2b1691eac70dfd781362ab0a3cd98 olesvr32 [Microsoft Corporation] "C:\WINDOWS\system32\olesvr32.dll" 启用 2c78271a8203df02fe98f42307043248 olethk32 [Microsoft Corporation] "C:\WINDOWS\system32\olethk32.dll" 启用 369c4ac059b301f57e8c27a188f24ebc rpcrt4 [Microsoft Corporation] "C:\WINDOWS\system32\rpcrt4.dll" 启用 5c6246e9acddfddac1fa1d746f88a0a9 shell32 [Microsoft Corporation] "C:\WINDOWS\system32\shell32.dll" 启用 effb402c3743cd4bc695d42e70189e95 url [Microsoft Corporation] "C:\WINDOWS\system32\url.dll" 启用 ea7dc858b9950b122cdd897ca8a9280f urlmon [Microsoft Corporation] "C:\WINDOWS\system32\urlmon.dll" 启用 f54dee285993285f8ae304404d706c06 user32 [Microsoft Corporation] "C:\WINDOWS\system32\user32.dll" 启用 a59bcb90cc957f9b2216300b59fd707f version [Microsoft Corporation] "C:\WINDOWS\system32\version.dll" 启用 ea0d25d5273ed0d31ae2f23f7ea086c7 wininet [Microsoft Corporation] "C:\WINDOWS\system32\wininet.dll" 启用 31b21cd64f6cee25f4349dd9b6f536e7 wldap32 [Microsoft Corporation] "C:\WINDOWS\system32\wldap32.dll" 启用 b20e11e61b265bbcdc59ca9b39ff36eb ====================打印监控==================== BJ Language Monitor [Microsoft Corporation] "C:\WINDOWS\system32\cnbjmon.dll" 启用 f766aa29b2173121a72a78d82de9fd50 Local Port [Microsoft Corporation] "C:\WINDOWS\system32\localspl.dll" 启用 15181a41b2ef591404d3c32225bd753e PJL Language Monitor [Microsoft Corporation] "C:\WINDOWS\system32\pjlmon.dll" 启用 5e7a54a936fef300ec16797e6c134832 Standard TCP/IP Port [Microsoft Corporation] "C:\WINDOWS\system32\tcpmon.dll" 启用 81c5130093ea80d371cbaedacc225c73 USB Monitor [Microsoft Corporation] "C:\WINDOWS\system32\usbmon.dll" 启用 ac302623d451981b14b885b84ab1f9b5 ====================随系统加载的其它模块==================== AppInit_DLLs [] (<>) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows" CDBurn [Microsoft Corporation] (%SystemRoot%\system32\SHELL32.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad" effb402c3743cd4bc695d42e70189e95 crypt32chain [Microsoft Corporation] (crypt32.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain" 874e00d6547c913458525f26695938e1 cryptnet [Microsoft Corporation] (cryptnet.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet" 742dac6208524b5b633675bdb1a09c0c cscdll [Microsoft Corporation] (cscdll.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll" 57b10583d5b880a93a82f525b817f867 PostBootReminder [Microsoft Corporation] (%SystemRoot%\system32\SHELL32.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad" effb402c3743cd4bc695d42e70189e95 ScCertProp [Microsoft Corporation] (wlnotify.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp" d4732d5f6fb51d07c8c115b658fa84de Schedule [Microsoft Corporation] (wlnotify.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule" d4732d5f6fb51d07c8c115b658fa84de sclgntfy [Microsoft Corporation] (sclgntfy.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy" 58001a3833a25dbd7460a69cb69c8fe2 SensLogn [Microsoft Corporation] (WlNotify.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn" d4732d5f6fb51d07c8c115b658fa84de SysTray [Microsoft Corporation] (C:\WINDOWS\System32\stobject.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad" 08488e3e73787c1e7b59f0d5c1b8c554 termsrv [Microsoft Corporation] (wlnotify.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv" d4732d5f6fb51d07c8c115b658fa84de URL 执行挂钩 [Microsoft Corporation] (shell32.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" effb402c3743cd4bc695d42e70189e95 WebCheck [Microsoft Corporation] (%SystemRoot%\System32\webcheck.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad" fefe188339f412ffaaf800b5ba7dbc84 wlballoon [Microsoft Corporation] (wlnotify.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon" d4732d5f6fb51d07c8c115b658fa84de ====================调试相关项==================== Debugger [Microsoft Corporation] (drwtsn32 -p %ld -e %ld -g) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AeDebug" e1f9f51cb449d2c9cc76682f0998439e ====================驱动程序==================== ac97intc [Intel Corporation] 启用 "system32\drivers\ac97intc.sys" 0f2d66d5f08ebe2f77bb904288dcf6f0 ACPI [Microsoft Corporation] 启用 "System32\DRIVERS\ACPI.sys" 5ecd0c75cf5ebd2c2847ec93b2021322 adiusbaw [Analog Devices Inc.] 启用 "system32\DRIVERS\adiusbaw.sys" ef9f08b4872560db0bf3cb7cf2454b95 aec [Microsoft Corporation] 启用 "system32\drivers\aec.sys" 841f385c6cfaf66b58fbd898722bb4f0 AFD [Microsoft Corporation] 启用 "\SystemRoot\System32\drivers\afd.sys" 5ac495f4cb807b2b98ad2ad591e6d92e AsyncMac [Microsoft Corporation] 启用 "System32\DRIVERS\asyncmac.sys" 02000abf34af4c218c35d257024807d6 atapi [Microsoft Corporation] 启用 "System32\DRIVERS\atapi.sys" cdfe4411a69c224bd1d11b2da92dac51 Atmarpc [Microsoft Corporation] 启用 "System32\DRIVERS\atmarpc.sys" ec88da854ab7d7752ec8be11a741bb7f audstub [Microsoft Corporation] 启用 "System32\DRIVERS\audstub.sys" d9f724aa26c010a217c97606b160ed68 basic2 [Conexant Systems] 启用 "System32\DRIVERS\basic2.sys" 2178e95ee45ae9317f9688c39236f5d4 Beep [Microsoft Corporation] 启用 "" da1f27d85e0d1525f6621372e7b685e9 Cdaudio [Microsoft Corporation] 启用 "" c1b486a7658353d33a10cc15211a873b Cdrom [Microsoft Corporation] 启用 "System32\DRIVERS\cdrom.sys" af9c19b3100fe010496b1a27181fbf72 Changer [] 启用 "" cs429x [Cirrus Logic, Inc.] 启用 "system32\drivers\cwawdm.sys" a0044c07c6f65d97db2d6ef8b9a7bbc0 Disk [Microsoft Corporation] 启用 "System32\DRIVERS\disk.sys" 00ca44e4534865f8a3b64f7c0984bff0 DMusic [Microsoft Corporation] 启用 "system32\drivers\DMusic.sys" a6f881284ac1150e37d9ae47ff601267 drmkaud [Microsoft Corporation] 启用 "system32\drivers\drmkaud.sys" 1ed4dbbae9f5d558dbba4cc450e3eb2e Fallback [Conexant Systems] 启用 "System32\DRIVERS\fallback.sys" 30bf5c5c9bdcfd8844f19aa3fd7cd301 Fdc [Microsoft Corporation] 启用 "System32\DRIVERS\fdc.sys" ced2e8396a8838e59d8fd529c680e02c Fips [Microsoft Corporation] 启用 "" fffc25ccbe40efb0609bd249721aae83 Flpydisk [Microsoft Corporation] 启用 "System32\DRIVERS\flpydisk.sys" 0dd1de43115b93f4d85e889d7a86f548 Fsks [Conexant Systems] 启用 "System32\DRIVERS\fsksnt.sys" 3aa7e8789cd38f8e143aad05d87e18ee FsVga [Microsoft Corporation] 启用 "System32\DRIVERS\fsvga.sys" ab4983120e4e4527ae9ffe4177ecd6e7 Ftdisk [Microsoft Corporation] 启用 "System32\DRIVERS\ftdisk.sys" 38375a4d9582a08c14c928cc099b8836 gameenum [Microsoft Corporation] 启用 "System32\DRIVERS\gameenum.sys" 5f92fd09e5610a5995da7d775eadcd12 Gpc [Microsoft Corporation] 启用 "System32\DRIVERS\msgpc.sys" c0f1d4a21de5a415df8170616703debf hidusb [Microsoft Corporation] 启用 "System32\DRIVERS\hidusb.sys" 1de6783b918f540149aa69943bdfeba8 HSF_DP [Conexant Systems] 启用 "System32\DRIVERS\HSF_DP.sys" 0ade6a9622ff72599ef2980036112f17 HSFHWBS2 [Conexant Systems] 启用 "System32\DRIVERS\HSFHWBS2.sys" 127f6638eb09050f5a490bbd6507b37a HTTP [Microsoft Corporation] 启用 "System32\Drivers\HTTP.sys" c19b522a9ae0bbc3293397f3055e80a1 i2omgmt [] 启用 "" i8042prt [Microsoft Corporation] 启用 "System32\DRIVERS\i8042prt.sys" 2a802d189fce734903c46cd5d8f5e3ec i81x [Intel(R) Corporation] 启用 "System32\DRIVERS\i81xnt5.sys" 007dbb8f9c35df8f8a20b8e7c1204b8b iAimFP0 [Intel(R) Corporation] 启用 "System32\DRIVERS\wADV01nt.sys" 19f03895ce0b9e7fb514e67bb17edcb5 iAimFP1 [Intel(R) Corporation] 启用 "System32\DRIVERS\wADV02NT.sys" 479278c265b596c4fc1a2e0f51e70736 iAimFP2 [Intel(R) Corporation] 启用 "System32\DRIVERS\wADV05NT.sys" 66317ecbed58d15541cad4ed60888430 iAimFP3 [Intel(R) Corporation] 启用 "System32\DRIVERS\wSiINTxx.sys" 5807920dcd9fe760ffd733a1297d164a iAimFP4 [Intel(R) Corporation] 启用 "System32\DRIVERS\wVchNTxx.sys" afb6725ddf3f417495ab99198979ffb1 iAimTV0 [Intel(R) Corporation] 启用 "System32\DRIVERS\wATV01nt.sys" 3de116fe9fc7f15b0a5e0e611b344236 iAimTV1 [Intel(R) Corporation] 启用 "System32\DRIVERS\wATV02NT.sys" 275b8ec3a1aa555e3f1586eaf1302ac5 iAimTV2 [] 启用 "System32\DRIVERS\wATV03nt.sys" iAimTV3 [Intel(R) Corporation] 启用 "System32\DRIVERS\wATV04nt.sys" 31d5981e35d0f158cd1031e0ee74c6fe iAimTV4 [Intel(R) Corporation] 启用 "System32\DRIVERS\wCh7xxNT.sys" 78b4456a11582a927e9b1eca87d1e4f6 Imapi [Microsoft Corporation] 启用 "" f8aa320c6a0409c0380e5d8a99d76ec6 IntelIde [Microsoft Corporation] 启用 "System32\DRIVERS\intelide.sys" 064d4c00e64fd690965cc4d612ce03d6 ip6fw [Microsoft Corporation] 启用 "system32\drivers\ip6fw.sys" 4448006b6bc60e6c027932cfc38d6855 IpFilterDriver [Microsoft Corporation] 启用 "System32\DRIVERS\ipfltdrv.sys" 731f22ba402ee4b62748adaf6363c182 IpInIp [Microsoft Corporation] 启用 "System32\DRIVERS\ipinip.sys" e1ec7f5da720b640cd8fb8424f1b14bb IpNat [Microsoft Corporation] 启用 "System32\DRIVERS\ipnat.sys" b5a8e215ac29d24d60b4d1250ef05ace IPSec [Microsoft Corporation] 启用 "System32\DRIVERS\ipsec.sys" 64537aa5c003a6afeee1df819062d0d1 IRENUM [Microsoft Corporation] 启用 "System32\DRIVERS\irenum.sys" 50708daa1b1cbb7d6ac1cf8f56a24410 isapnp [Microsoft Corporation] 启用 "System32\DRIVERS\isapnp.sys" d81587ada44fed322419fc833e734441 K56 [Conexant Systems] 启用 "System32\DRIVERS\k56nt.sys" 99011791100c70950c51623326d64aa3 Kbdclass [Microsoft Corporation] 启用 "System32\DRIVERS\kbdclass.sys" f7699fb067024b82e9ca8ffb86936923 kbfiltr [Windows (R) 2000 DDK provider] 启用 "System32\DRIVERS\kbfiltr.sys" 045e8aad087bcbbab3f8b539f8a63b89 kmixer [Microsoft Corporation] 启用 "system32\drivers\kmixer.sys" d93cad07c5683db066b0b2d2d3790ead KSecDD [Microsoft Corporation] 启用 "" eb7ffe87fd367ea8fca0506f74a87fbb lbrtfdc [] 启用 "" mdmxsdk [Conexant] 启用 "System32\DRIVERS\mdmxsdk.sys" a1e9d936eac07ee9386e87bac1377fad mnmdd [Microsoft Corporation] 启用 "" 4ae068242760a1fb6e1a44bf4e16afa6 Modem [Microsoft Corporation] 启用 "" f351113fd77b61b81bf7accada735789 Mouclass [Microsoft Corporation] 启用 "System32\DRIVERS\mouclass.sys" f171bdcedaee9797a5bf47613f5456ac mouhid [Microsoft Corporation] 启用 "System32\DRIVERS\mouhid.sys" 692910b446d0b751b2462f3624c7b1a7 MountMgr [Microsoft Corporation] 启用 "" 65653f3b4477f3c63e68a9659f85ee2e ms_mpu401 [Microsoft Corporation] 启用 "system32\drivers\msmpu401.sys" ca3e22598f411199adc2dfee76cd0ae0 MSKSSRV [Microsoft Corporation] 启用 "system32\drivers\MSKSSRV.sys" ae431a8dd3c1d0d0610cdbac16057ad0 MSPCLOCK [Microsoft Corporation] 启用 "system32\drivers\MSPCLOCK.sys" 13e75fef9dfeb08eeded9d0246e1f448 MSPQM [Microsoft Corporation] 启用 "system32\drivers\MSPQM.sys" 1988a33ff19242576c3d0ef9ce785da7 mssmbios [Microsoft Corporation] 启用 "System32\DRIVERS\mssmbios.sys" 469541f8bfd2b32659d5d463a6714bce NDIS [Microsoft Corporation] 启用 "" 558635d3af1c7546d26067d5d9b6959e NdisTapi [Microsoft Corporation] 启用 "System32\DRIVERS\ndistapi.sys" 08d43bbdacdf23f34d79e44ed35c1b4c Ndisuio [Microsoft Corporation] 启用 "System32\DRIVERS\ndisuio.sys" 34d6cd56409da9a7ed573e1c90a308bf NdisWan [Microsoft Corporation] 启用 "System32\DRIVERS\ndiswan.sys" 0b90e255a9490166ab368cd55a529893 NDProxy [Microsoft Corporation] 启用 "" 59fc3fb44d2669bc144fd87826bb571f NetBT [Microsoft Corporation] 启用 "System32\DRIVERS\netbt.sys" 0c80e410cd2f47134407ee7dd19cc86b Null [Microsoft Corporation] 启用 "" 73c1e1f395918bc2c6dd67af7591a3ad NwlnkFlt [Microsoft Corporation] 启用 "System32\DRIVERS\nwlnkflt.sys" b305f3fad35083837ef46a0bbce2fc57 NwlnkFwd [Microsoft Corporation] 启用 "System32\DRIVERS\nwlnkfwd.sys" c99b3415198d1aab7227f2c88fd664b9 P3 [Microsoft Corporation] 启用 "System32\DRIVERS\p3.sys" c00b07d6deb49d43ef6100c1d19bfb0c Parport [Microsoft Corporation] 启用 "System32\DRIVERS\parport.sys" f54a2e5de40b71317a5c2054439615a6 PartMgr [Microsoft Corporation] 启用 "" 3334430c29dc338092f79c38ef7b4cd0 ParVdm [Microsoft Corporation] 启用 "" 4f3fc4954972da46284641091deee02e PCI [Microsoft Corporation] 启用 "System32\DRIVERS\pci.sys" 2fe168cfccae0d8961f25ee611d301d4 PCIDump [] 启用 "" PDCOMP [] 启用 "" PDFRAME [] 启用 "" PDRELI [] 启用 "" PDRFRAME [] 启用 "" PptpMiniport [Microsoft Corporation] 启用 "System32\DRIVERS\raspptp.sys" 1c5cc65aac0783c344f16353e60b72ac Processor [Microsoft Corporation] 启用 "System32\DRIVERS\processr.sys" eaeacff54f6551d8f097165d1543b076 PSched [Microsoft Corporation] 启用 "System32\DRIVERS\psched.sys" 48671f327553dcf1d27f6197f622a668 Ptilink [Parallel Technologies, Inc.] 启用 "System32\DRIVERS\ptilink.sys" 80d317bd1c3dbc5d4fe7b1678c60cadd RasAcd [Microsoft Corporation] 启用 "System32\DRIVERS\rasacd.sys" fe0d99d6f31e4fad8159f690d68ded9c Rasl2tp [Microsoft Corporation] 启用 "System32\DRIVERS\rasl2tp.sys" 98faeb4a4dcf812ba1c6fca4aa3e115c RasPppoe [Microsoft Corporation] 启用 "System32\DRIVERS\raspppoe.sys" 7306eeed8895454cbed4669be9f79faa Raspti [Microsoft Corporation] 启用 "System32\DRIVERS\raspti.sys" fdbb1d60066fcfbb7452fd8f9829b242 RDPCDD [Microsoft Corporation] 启用 "System32\DRIVERS\RDPCDD.sys" 4912d5b403614ce99c28420f75353332 RDPWD [Microsoft Corporation] 启用 "" d4f5643d7714ef499ae9527fdcd50894 redbook [Microsoft Corporation] 启用 "System32\DRIVERS\redbook.sys" f720de7bfe7ae26846e7ebe9caf3f49a Rksample [Conexant Systems] 启用 "System32\DRIVERS\rksample.sys" f2e85e078f8205e8e7cb51c2f65da63a Secdrv [] 启用 "System32\DRIVERS\secdrv.sys" d26e26ea516450af9d072635c60387f4 serenum [Microsoft Corporation] 启用 "System32\DRIVERS\serenum.sys" a2d868aeeff612e70e213c451a70cafb Serial [Microsoft Corporation] 启用 "System32\DRIVERS\serial.sys" de0aa3fcae95d2339628f0caf013dfe1 Sfloppy [Microsoft Corporation] 启用 "" 0d13b6df6e9e101013a7afb0ce629fe0 SoftFax [Conexant Systems] 启用 "System32\DRIVERS\faxnt.sys" 1a3f37f3e6ef7c04535b96b671d3171a splitter [Microsoft Corporation] 启用 "system32\drivers\splitter.sys" 8e186b8f23295d1e42c573b82b80d548 swenum [Microsoft Corporation] 启用 "System32\DRIVERS\swenum.sys" 03c1bae4766e2450219d20b993d6e046 swmidi [Microsoft Corporation] 启用 "system32\drivers\swmidi.sys" 94abc808fc4b6d7d2bbf42b85e25bb4d sysaudio [Microsoft Corporation] 启用 "system32\drivers\sysaudio.sys" 650ad082d46bac0e64c9c0e0928492fd Tcpip [Microsoft Corporation] 启用 "System32\DRIVERS\tcpip.sys" c1783498edb152656303b5d5bcabd86c TDPIPE [Microsoft Corporation] 启用 "" 38d437cf2d98965f239b0abcd66dcb0f TDTCP [Microsoft Corporation] 启用 "" ed0580af02502d00ad8c4c066b156be9 TermDD [Microsoft Corporation] 启用 "System32\DRIVERS\termdd.sys" a540a99c281d933f3d69d55e48727f47 Tones [Conexant Systems] 启用 "System32\DRIVERS\tonesnt.sys" 7cf79aa9282ce2c0a777540b7d1333b9 Update [Microsoft Corporation] 启用 "System32\DRIVERS\update.sys" aff2e5045961bbc0a602bb6f95eb1345 usbhub [Microsoft Corporation] 启用 "System32\DRIVERS\usbhub.sys" c72f40947f92cea56a8fb532edf025f1 usbuhci [Microsoft Corporation] 启用 "System32\DRIVERS\usbuhci.sys" f8fd1400092e23c8f2f31406ef06167b V124 [Conexant Systems] 启用 "System32\DRIVERS\v124nt.sys" 8551bf83430f45ab7ef1da8b0c7d6956 VgaSave [Microsoft Corporation] 启用 "\SystemRoot\System32\drivers\vga.sys" 8a60edd72b4ea5aea8202daf0e427925 VolSnap [Microsoft Corporation] 启用 "" 4594bda728648447ec10c49190bd37a7 Wanarp [Microsoft Corporation] 启用 "System32\DRIVERS\wanarp.sys" 984ef0b9788abf89974cfed4bfbaacbc WDICA [] 启用 "" wdmaud [Microsoft Corporation] 启用 "system32\drivers\wdmaud.sys" 2797f33ebf50466020c430ee4f037933 winachsf [Conexant Systems] 启用 "System32\DRIVERS\HSF_CNXT.sys" 533adeb3b84c2e24d9a85d55f3d69955 ====================桌面快捷方式==================== 暴风影音.lnk "D:\setup\Storm.exe " (北京暴风网际科技有限公司, 2.0 MB, 3, 9, 1, 15) ac73f2f22fd9ce2607b0edd9bf7a8041 腾讯QQ.lnk "D:\QQ all\QQ\Bin\QQ.exe " (Tencent, 133.3 KB, 1, 23, 375, 0) 0a6a8e210540dcd1ce3ed1ea8bff8c35 Shortcut to USB_ADSL.lnk " " (, , ) 瑞星卡卡上网安全助手.lnk "D:\Rising\kaka\ras.exe " (Beijing Rising Information Technology Co., Ltd., 38.1 KB, 6.0.0.7) 324645bf53d6c2a677cc135eacd91c91 Internet Explorer.lnk "C:\Program Files\Internet Explorer\iexplore.exe " (Microsoft Corporation, 91.0 KB, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)) ecd35d17f66899882b9558f5b94c5798 迅雷5.lnk "D:\Thunder\Thunder.exe " (Thunder Networking Technologies,LTD, 49.5 KB, 5, 6, 8, 19) a19369707e6b143fcae49ab9ed5ec8b9 迅雷看看-免费高清影视.lnk " " (, , ) QQ游戏.lnk "D:\QQ all\QQGAME\QQGame.exe " (深圳市腾讯计算机系统有限公司, 160.9 KB, 2, 3, 102, 10) 3acb0efc5590aa432fbccceddd6db56e 修复瑞星软件.lnk "C:\Documents and Settings\All Users\Application Data\Rising\Rav\Data\Repair.url " (, 155 Bytes, ) 6046caca3f94704bcbc38771720fe5bf 瑞星杀毒软件.lnk "D:\Rising\Rising\Rav\RsMain.exe " (Beijing Rising Information Technology Co., Ltd., 70.6 KB, 21, 0, 0, 5) b73cd1c3e48d64b4acb171ea11b87b40 账号保险柜.lnk "D:\Rising\Rising\Rav\rssafety.exe " (Beijing Rising Information Technology Co., Ltd., 1.2 MB, 3.0.0.60) 96e598d763a8499813bfec81a48d6ed3