本报告由QQ医生提供 http://im.qq.com/doctor/ 诊断时间: 2009-04-20 18:48:42 操作系统: Windows Server 2003, Service Pack 2 QQ医生版本: QQDoctor.exe 2, 1, 9, 202 DrUpdate.exe 2009, 4, 10, 15 TSELoder.DAT 2008, 1, 28, 13 TSEngine.DAT 2008, 4, 7, 25 TSEPB.DAT 2009, 3, 5, 35 TSFSEngine.DAT 2009, 3, 11, 7 TSFileFilter.DAT 2007, 12, 5, 01 TSKsp.sys 2009, 3, 31, 17 TSKSPLIB.dat 2009, 3, 16, 10 TSVulMon.DAT 2009, 4, 2, 10 TSVulChk.dat 2009, 3, 23, 11 QQ文件版本: QQ2008II Beta1 (8.0.1253.201) ====================进程项==================== C:\WINDOWS\System32\alg.exe (Microsoft Corporation, 44.0 KB, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)) 6677ff4b167f82e4497bf81293f40523 C:\WINDOWS\system32\conime.exe (Microsoft Corporation, 26.0 KB, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)) 7bd29a0961be3262002a359c762e0e41 \??\C:\WINDOWS\system32\csrss.exe (Microsoft Corporation, 4.0 KB, 5.2.3790.0 (srv03_rtm.030324-2048)) 367e44bfb401784ef460e81c6bef048f C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation, 15.0 KB, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)) b3ea697f671bf4e2630328aa61cacdb1 C:\WINDOWS\Explorer.EXE (Microsoft Corporation, 974.0 KB, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)) 21b4c261d45ddeb40b587a52aa5b0887 C:\WINDOWS\Explorer.EXE [Microsoft Corporation] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation] C:\WINDOWS\system32\SHLWAPI.dll [Microsoft Corporation] C:\WINDOWS\system32\SHELL32.dll [Microsoft Corporation] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation] C:\WINDOWS\system32\BROWSEUI.dll [Microsoft Corporation] C:\WINDOWS\system32\SHDOCVW.dll [Microsoft Corporation] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation] C:\WINDOWS\system32\CRYPTUI.dll [Microsoft Corporation] C:\WINDOWS\system32\WINTRUST.dll [Microsoft Corporation] C:\WINDOWS\system32\imagehlp.dll [Microsoft Corporation] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.3959_x-ww_D8713E55\comctl32.dll [Microsoft Corporation] C:\WINDOWS\system32\urlmon.dll [Microsoft Corporation] C:\WINDOWS\system32\apphelp.dll [Microsoft Corporation] C:\WINDOWS\system32\msctfime.ime [Microsoft Corporation] C:\WINDOWS\system32\CLBCatQ.DLL [Microsoft Corporation] C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation] C:\WINDOWS\System32\cscui.dll [Microsoft Corporation] C:\WINDOWS\System32\CSCDLL.dll [Microsoft Corporation] C:\WINDOWS\system32\themeui.dll [Microsoft Corporation] C:\WINDOWS\system32\MSIMG32.dll [Microsoft Corporation] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation] C:\WINDOWS\system32\xpsp2res.dll [Microsoft Corporation] C:\WINDOWS\system32\LINKINFO.dll [Microsoft Corporation] C:\WINDOWS\system32\ntshrui.dll [Microsoft Corporation] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_5.82.3790.3959_x-ww_78FCF8D0\COMCTL32.dll [Microsoft Corporation] C:\WINDOWS\system32\MSCTF.dll [Microsoft Corporation] C:\WINDOWS\system32\WINSTA.dll [Microsoft Corporation] C:\WINDOWS\system32\webcheck.dll [Microsoft Corporation] C:\WINDOWS\system32\WSOCK32.dll [Microsoft Corporation] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation] C:\WINDOWS\system32\PSAPI.DLL [Microsoft Corporation] C:\WINDOWS\system32\stobject.dll [Microsoft Corporation] C:\WINDOWS\system32\BatMeter.dll [Microsoft Corporation] C:\WINDOWS\system32\POWRPROF.dll [Microsoft Corporation] C:\WINDOWS\system32\SETUPAPI.dll [Microsoft Corporation] C:\WINDOWS\system32\WTSAPI32.dll [Microsoft Corporation] C:\WINDOWS\system32\WINMM.dll [Microsoft Corporation] C:\WINDOWS\system32\wdmaud.drv [Microsoft Corporation] C:\WINDOWS\system32\msacm32.drv [Microsoft Corporation] C:\WINDOWS\system32\MSACM32.dll [Microsoft Corporation] C:\WINDOWS\system32\midimap.dll [Microsoft Corporation] C:\WINDOWS\system32\NETSHELL.dll [Microsoft Corporation] C:\WINDOWS\system32\rtutils.dll [Microsoft Corporation] C:\WINDOWS\system32\credui.dll [Microsoft Corporation] C:\WINDOWS\system32\ATL.DLL [Microsoft Corporation] C:\WINDOWS\system32\iphlpapi.dll [Microsoft Corporation] C:\WINDOWS\system32\CLUSAPI.dll [Microsoft Corporation] C:\WINDOWS\system32\WININET.dll [Microsoft Corporation] C:\WINDOWS\system32\SXS.DLL [Microsoft Corporation] C:\Program Files\WinRAR\rarext.dll [] C:\WINDOWS\system32\msi.dll [Microsoft Corporation] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation] C:\WINDOWS\system32\zipfldr.dll [Microsoft Corporation] C:\WINDOWS\system32\mydocs.dll [Microsoft Corporation] C:\WINDOWS\system32\sendmail.dll [Microsoft Corporation] C:\WINDOWS\system32\MPR.dll [Microsoft Corporation] C:\WINDOWS\System32\drprov.dll [Microsoft Corporation] C:\WINDOWS\System32\ntlanman.dll [Microsoft Corporation] C:\WINDOWS\System32\NETUI0.dll [Microsoft Corporation] C:\WINDOWS\System32\NETUI1.dll [Microsoft Corporation] C:\WINDOWS\System32\SAMLIB.dll [Microsoft Corporation] C:\WINDOWS\System32\davclnt.dll [Microsoft Corporation] C:\WINDOWS\system32\audiodev.dll [Microsoft Corporation] C:\WINDOWS\system32\WMVCore.DLL [Microsoft Corporation] C:\WINDOWS\system32\WMASF.DLL [Microsoft Corporation] C:\WINDOWS\system32\wiashext.dll [Microsoft Corporation] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.3790.4278_x-ww_AD682293\gdiplus.dll [Microsoft Corporation] C:\WINDOWS\system32\sti.dll [Microsoft Corporation] C:\WINDOWS\system32\CFGMGR32.dll [Microsoft Corporation] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation] C:\WINDOWS\system32\nvcpl.dll [NVIDIA Corporation] C:\WINDOWS\system32\comdlg32.dll [Microsoft Corporation] C:\WINDOWS\system32\WINSPOOL.DRV [Microsoft Corporation] C:\WINDOWS\system32\OLEACC.dll [Microsoft Corporation] C:\WINDOWS\system32\msvcp60.dll [Microsoft Corporation] C:\WINDOWS\system32\nvapi.dll [NVIDIA Corporation] C:\WINDOWS\system32\browselc.dll [Microsoft Corporation] C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll [ShenZhen Thunder Networking Technologies,LTD] C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll [ShenZhen Thunder Networking Technologies,LTD] C:\WINDOWS\system32\MLANG.dll [Microsoft Corporation] c:\program files\internet explorer\iexplore.exe (Microsoft Corporation, 92.0 KB, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)) 1251c697ac041430f77473d8d2f5b18a C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation, 14.0 KB, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)) 3c6978bc0459deba184a214745642da7 E:\i8Server\Intransvr.exe (盛光科技, 946.8 KB, 8, 2, 1, 1216) 4a44c702c2deb0dfdf6ac9c83a413fd7 E:\Hintsoft\Pubsrv\LockClient.exe (, 36.0 KB, 1, 0, 0, 1) 6b77b7afbc9ecf7d9b90e0c6707ae177 C:\WINDOWS\system32\lsass.exe (Microsoft Corporation, 16.0 KB, 5.2.3790.0 (srv03_rtm.030324-2048)) 1d138d0ff5c3a2d83ad9eaec3850265a C:\WINDOWS\system32\msdtc.exe (Microsoft Corporation, 6.0 KB, 2001.12.4720.4340 (srv03_sp2_gdr.080723-1210)) 2eaa1763a77be385b9a71a843c7f159e C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation, 160.1 KB, 6.14.11.7824) 42321ac5448078131903b272e6c49024 E:\Hintsoft\Pubsrv\Pubsrv.exe (, 928.0 KB, 1, 0, 0, 1) 9f23378013cbdd8b4f9ddf722a571d98 E:\Hintsoft\Pubsrv\RecBmp.exe (, 32.0 KB, 1, 0, 0, 1) d9112701d24755062095bdcb4953b89f C:\WINDOWS\System32\SCardSvr.exe (Microsoft Corporation, 77.5 KB, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)) 08f924b084f6cb3c78114f3aeead1536 C:\WINDOWS\system32\services.exe (Microsoft Corporation, 110.5 KB, 5.2.3790.4455 (srv03_sp2_gdr.090203-1205)) 6615eef258e28f4be8569e36051fae01 \SystemRoot\System32\smss.exe (Microsoft Corporation, 52.5 KB, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)) e6555b70cc5c9d65e2fdf035ea479c32 C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, 14.5 KB, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)) dda2d46da1f0bd25d6eb0194cb3ab3e4 C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, 14.5 KB, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)) dda2d46da1f0bd25d6eb0194cb3ab3e4 C:\WINDOWS\System32\svchost.exe (Microsoft Corporation, 14.5 KB, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)) dda2d46da1f0bd25d6eb0194cb3ab3e4 C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, 14.5 KB, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)) dda2d46da1f0bd25d6eb0194cb3ab3e4 C:\WINDOWS\System32\svchost.exe (Microsoft Corporation, 14.5 KB, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)) dda2d46da1f0bd25d6eb0194cb3ab3e4 C:\WINDOWS\System32\svchost.exe (Microsoft Corporation, 14.5 KB, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)) dda2d46da1f0bd25d6eb0194cb3ab3e4 C:\WINDOWS\System32\svchost.exe (Microsoft Corporation, 14.5 KB, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)) dda2d46da1f0bd25d6eb0194cb3ab3e4 C:\WINDOWS\System32\svchost.exe (Microsoft Corporation, 14.5 KB, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)) dda2d46da1f0bd25d6eb0194cb3ab3e4 C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, 14.5 KB, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)) dda2d46da1f0bd25d6eb0194cb3ab3e4 c:\windows\system32\inetsrv\w3wp.exe (Microsoft Corporation, 7.0 KB, 6.0.3790.3959 (srv03_sp2_rtm.070216-1710)) 77835c9494e6df16dac97eea3ac0bf5a \??\C:\WINDOWS\system32\winlogon.exe (Microsoft Corporation, 499.5 KB, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)) 13f1b88db521ee1e247f540b43339703 C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation, 212.5 KB, 5.2.3790.4455 (srv03_sp2_gdr.090203-1205)) 332124357850eb5429e41fa85c82af0f C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation, 212.5 KB, 5.2.3790.4455 (srv03_sp2_gdr.090203-1205)) 332124357850eb5429e41fa85c82af0f E:\i8Server\wxsvr.dll (, 210.0 KB, 8.2.1.821) fb2f94aa6e3318d85a5a86dcdd96b929 ====================启动项==================== AlternateShell [Microsoft Corporation] (cmd.exe) "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot" cf1e5769d2b06e34920c172d38de840f AlternateShell [Microsoft Corporation] (cmd.exe) "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot" cf1e5769d2b06e34920c172d38de840f BootExecute [Microsoft Corporation] (autochk *) "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" 5a241e1e8c0a276d52fbfe9a34048131 ctfmon.exe [Microsoft Corporation] (C:\WINDOWS\system32\ctfmon.exe) "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" b3ea697f671bf4e2630328aa61cacdb1 i8一点通服务端.lnk [盛光科技] (E:\i8Server\Intransvr.exe) "C:\Documents and Settings\All Users\「开始」菜单\程序\启动\i8一点通服务端.lnk" 4a44c702c2deb0dfdf6ac9c83a413fd7 NvCplDaemon [NVIDIA Corporation] (RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" 315a6e9d2114d67c75f684a9f8638413 Pubwin4服务版.lnk [] (E:\Hintsoft\Pubsrv\Pubsrv.exe) "C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Pubwin4服务版.lnk" 9f23378013cbdd8b4f9ddf722a571d98 Shell [Microsoft Corporation] (Explorer.exe) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" 21b4c261d45ddeb40b587a52aa5b0887 UIHost [Microsoft Corporation] (%SystemRoot%\system32\logonui.exe) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" df62ca2662e9d03630c18baec25e69d8 Userinit [Microsoft Corporation] (C:\WINDOWS\system32\userinit.exe) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" 2ee4b34b6da4c8199da3cd18668f5504 ====================第三方IE插件==================== nprfxins.dll "C:\Program Files\Internet Explorer\PLUGINS\RichFX\Player\nprfxins.dll" (RichFX Inc., 556.1 KB, 3.31.0659) 6b4bdb54581a3e01c6c1fe3cae54a66b ====================IE右键菜单==================== &使用QQ旋风下载 [E:\下载工具\geturl.htm] &使用QQ旋风下载全部链接 [E:\下载工具\getAllurl.htm] &使用超级旋风下载 [D:\常用工具\超级旋风\geturl.htm] &使用超级旋风下载全部链接 [D:\常用工具\超级旋风\getAllurl.htm] 使用迅雷下载 [C:\Program Files\Thunder Network\Thunder\Program\geturl.htm] 使用迅雷下载全部链接 [C:\Program Files\Thunder Network\Thunder\Program\getallurl.htm] ====================ActiveX对象==================== AxSubmitControl Class [] {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} "C:\WINDOWS\Downloaded Program Files\SubmitControl.dll" 启用 cdc680036b3ff78ce5ff5211479da294 KUpdateObj2 Class [] {D82303B7-A754-4DCB-8AFC-8CF99435AACE} "" 启用 ====================系统服务==================== AeLookupSvc [Microsoft Corporation] "C:\WINDOWS\System32\aelupsvc.dll" 禁用 0c47c83c68c01926406a81b4ee671774 Alerter [Microsoft Corporation] "C:\WINDOWS\system32\alrsvc.dll" 禁用 9168f713aebbd67fb9a98a7439be55c9 ALG [Microsoft Corporation] "C:\WINDOWS\System32\alg.exe" 启用 6677ff4b167f82e4497bf81293f40523 AppMgmt [Microsoft Corporation] "C:\WINDOWS\System32\appmgmts.dll" 禁用 ceceab91d772e886b8663f75d4df0179 AudioSrv [Microsoft Corporation] "C:\WINDOWS\System32\audiosrv.dll" 启用 209b5eb814f66eae3b338bf775b1a099 BITS [Microsoft Corporation] "C:\WINDOWS\system32\qmgr.dll" 禁用 6e44a56c07b2e3e42845fdbb57d443bf Browser [Microsoft Corporation] "C:\WINDOWS\System32\browser.dll" 禁用 399412c037522171c1cffdd2f5dc7f24 CiSvc [Microsoft Corporation] "C:\WINDOWS\system32\cisvc.exe" 禁用 831164ac000c7f4ab6246bb23e222b96 ClipSrv [Microsoft Corporation] "C:\WINDOWS\system32\clipsrv.exe" 禁用 3ed655e33fadf3fac23b2e4879155385 COMSysApp [Microsoft Corporation] "C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}" 禁用 e2a3decf354dcec92cf3fb192405c0e0 CryptSvc [Microsoft Corporation] "C:\WINDOWS\System32\cryptsvc.dll" 启用 3c268ce473d87b62e3f12a9ac709b26f DcomLaunch [Microsoft Corporation] "C:\WINDOWS\system32\rpcss.dll" 启用 38c6cf4485c7e3bc08453cf308000f00 Dfs [Microsoft Corporation] "C:\WINDOWS\system32\Dfssvc.exe" 禁用 50c66484c71c3dc9e9e1ee3bdcdc9433 Dhcp [Microsoft Corporation] "C:\WINDOWS\System32\dhcpcsvc.dll" 禁用 ed29a3c27cdf3bebdec031a74c2b6756 dmadmin [Microsoft Corporation] "C:\WINDOWS\System32\dmadmin.exe /com" 禁用 186fc31a9b11501c29006f4397d48dbd dmserver [Microsoft Corporation] "C:\WINDOWS\System32\dmserver.dll" 禁用 127098605200f728518f4e6d695ae3fe Dnscache [Microsoft Corporation] "C:\WINDOWS\System32\dnsrslvr.dll" 禁用 5101b6985f320a11b11b71392518e71f ERSvc [Microsoft Corporation] "C:\WINDOWS\System32\ersvc.dll" 禁用 cf3ad9e0cc6e2f593b0fa84af117a1db Eventlog [Microsoft Corporation] "C:\WINDOWS\system32\services.exe" 启用 6615eef258e28f4be8569e36051fae01 EventSystem [Microsoft Corporation] "C:\WINDOWS\system32\es.dll" 启用 42465a1753d42066f949783c7070d1d3 HidServ [] "C:\WINDOWS\System32\hidserv.dll" 禁用 HTTPFilter [Microsoft Corporation] "C:\WINDOWS\system32\lsass.exe" 启用 1d138d0ff5c3a2d83ad9eaec3850265a IISADMIN [Microsoft Corporation] "C:\WINDOWS\system32\inetsrv\inetinfo.exe" 启用 3c6978bc0459deba184a214745642da7 ImapiService [Microsoft Corporation] "C:\WINDOWS\system32\imapi.exe" 禁用 fbd364dd0bd0e660700ee83abee30ae3 IsmServ [Microsoft Corporation] "C:\WINDOWS\System32\ismserv.exe" 禁用 037d59b71ecc52791b65f8a2b1ff009c kdc [Microsoft Corporation] "C:\WINDOWS\System32\lsass.exe" 禁用 1d138d0ff5c3a2d83ad9eaec3850265a lanmanserver [Microsoft Corporation] "C:\WINDOWS\System32\srvsvc.dll" 禁用 7215860ca6552704bcc430e47ea76487 lanmanworkstation [Microsoft Corporation] "C:\WINDOWS\System32\wkssvc.dll" 启用 c13f59aec23cec433d671d453f8c8ebc LicenseService [Microsoft Corporation] "C:\WINDOWS\System32\llssrv.exe" 禁用 01d6c27979905935ecfa9c357b8bd284 LmHosts [Microsoft Corporation] "C:\WINDOWS\System32\lmhsvc.dll" 禁用 94054dafd4c5b1c8629f8f20bc987d28 Messenger [Microsoft Corporation] "C:\WINDOWS\System32\msgsvc.dll" 禁用 80bdcdb368eea968df77a1d562bc873a mnmsrvc [Microsoft Corporation] "C:\WINDOWS\system32\mnmsrvc.exe" 禁用 3efe8382fc1d7dc8d7c6fabecf53b150 MSDTC [Microsoft Corporation] "C:\WINDOWS\system32\msdtc.exe" 启用 2eaa1763a77be385b9a71a843c7f159e MSIServer [Microsoft Corporation] "C:\WINDOWS\system32\msiexec.exe /V" 禁用 8e26bcf8835373cb9b44f9e14b89771b NetDDE [Microsoft Corporation] "C:\WINDOWS\system32\netdde.exe" 禁用 107977ef15f84fa756623cef42576cb3 NetDDEdsdm [Microsoft Corporation] "C:\WINDOWS\system32\netdde.exe" 禁用 107977ef15f84fa756623cef42576cb3 Netlogon [Microsoft Corporation] "C:\WINDOWS\system32\lsass.exe" 禁用 1d138d0ff5c3a2d83ad9eaec3850265a Netman [Microsoft Corporation] "C:\WINDOWS\System32\netman.dll" 启用 0a6eebd135d73fec0b0026911e55d670 Nla [Microsoft Corporation] "C:\WINDOWS\System32\mswsock.dll" 启用 4a4a54c8395f8440a6b2ba199da0b5a7 NntpSvc [Microsoft Corporation] "C:\WINDOWS\system32\inetsrv\inetinfo.exe" 启用 3c6978bc0459deba184a214745642da7 npggsvc [INCA Internet Co., Ltd.] "C:\WINDOWS\system32\GameMon.des -service" 禁用 102ea92e2e09ad63e31d6d290b0212bd NtFrs [Microsoft Corporation] "C:\WINDOWS\system32\ntfrs.exe" 禁用 66d20b8f4dfd33fd8a3533dc5b86e0f2 NtLmSsp [Microsoft Corporation] "C:\WINDOWS\system32\lsass.exe" 禁用 1d138d0ff5c3a2d83ad9eaec3850265a NtmsSvc [Microsoft Corporation] "C:\WINDOWS\system32\ntmssvc.dll" 禁用 9302ddef3f210ccd3e0af9ca2b7879c8 NVSvc [NVIDIA Corporation] "C:\WINDOWS\system32\nvsvc32.exe" 启用 42321ac5448078131903b272e6c49024 PlugPlay [Microsoft Corporation] "C:\WINDOWS\system32\services.exe" 启用 6615eef258e28f4be8569e36051fae01 PolicyAgent [Microsoft Corporation] "C:\WINDOWS\system32\lsass.exe" 禁用 1d138d0ff5c3a2d83ad9eaec3850265a ProtectedStorage [Microsoft Corporation] "C:\WINDOWS\system32\lsass.exe" 启用 1d138d0ff5c3a2d83ad9eaec3850265a RasAuto [Microsoft Corporation] "C:\WINDOWS\System32\rasauto.dll" 禁用 066585e78a62719a6a2719544ad3ac08 RasMan [Microsoft Corporation] "C:\WINDOWS\System32\rasmans.dll" 启用 f4b1c1d0383026d8ea553c89f4e35769 RDSessMgr [Microsoft Corporation] "C:\WINDOWS\system32\sessmgr.exe" 禁用 adaa3d7b98e147377cbf6265b513bc9b RemoteAccess [Microsoft Corporation] "C:\WINDOWS\System32\mprdim.dll" 禁用 28c17e4f26358baf455d6a360bd18449 RemoteRegistry [Microsoft Corporation] "C:\WINDOWS\system32\regsvc.dll" 启用 4feead38580417f3a350a5d0725c30f8 RpcLocator [Microsoft Corporation] "C:\WINDOWS\system32\locator.exe" 禁用 5447c486661a5e56a5463aec545f9d0a RpcSs [Microsoft Corporation] "C:\WINDOWS\system32\rpcss.dll" 启用 38c6cf4485c7e3bc08453cf308000f00 RSoPProv [Microsoft Corporation] "C:\WINDOWS\system32\RSoPProv.exe" 禁用 2f42404ee60a43915f2223faa6fe0015 sacsvr [Microsoft Corporation] "C:\WINDOWS\system32\sacsvr.dll" 禁用 562c66c6cf8f8a36dd2d062742346fb6 SamSs [Microsoft Corporation] "C:\WINDOWS\system32\lsass.exe" 启用 1d138d0ff5c3a2d83ad9eaec3850265a SCardSvr [Microsoft Corporation] "C:\WINDOWS\System32\SCardSvr.exe" 启用 08f924b084f6cb3c78114f3aeead1536 Schedule [Microsoft Corporation] "C:\WINDOWS\system32\schedsvc.dll" 启用 611c2313f6dc9bf3e0d5c96f6e192c22 seclogon [Microsoft Corporation] "C:\WINDOWS\System32\seclogon.dll" 禁用 10bc6a6c45bd15a03a080332d21f9265 SENS [Microsoft Corporation] "C:\WINDOWS\system32\sens.dll" 启用 38af469884ac6d461c46ddad2235225b SharedAccess [Microsoft Corporation] "C:\WINDOWS\system32\ipnathlp.dll" 启用 de177f4f0158f16ac7d1f932530c8284 ShellHWDetection [Microsoft Corporation] "C:\WINDOWS\System32\shsvcs.dll" 启用 274365a026b0fa0d885f31b6f407e226 SMTPSVC [Microsoft Corporation] "C:\WINDOWS\system32\inetsrv\inetinfo.exe" 启用 3c6978bc0459deba184a214745642da7 Spooler [Microsoft Corporation] "C:\WINDOWS\system32\spoolsv.exe" 禁用 6a29fee10478093759a0563ca28bc074 stisvc [Microsoft Corporation] "C:\WINDOWS\system32\wiaservc.dll" 启用 af193d346757f0928ffaf08eccfb21d1 swprv [Microsoft Corporation] "C:\WINDOWS\System32\swprv.dll" 禁用 40486b797cd6a21f30fc6c9a00c5931b SysmonLog [Microsoft Corporation] "C:\WINDOWS\system32\smlogsvc.exe" 禁用 f300f576ab1a192edf9b00999d7ea4ef TapiSrv [Microsoft Corporation] "C:\WINDOWS\System32\tapisrv.dll" 启用 31a11a5e293f81b343e5749d5a7bc8bb TermService [Microsoft Corporation] "C:\WINDOWS\System32\termsrv.dll" 启用 069ff910a28977243a907986dca2da8a Themes [Microsoft Corporation] "C:\WINDOWS\System32\shsvcs.dll" 启用 274365a026b0fa0d885f31b6f407e226 TlntSvr [Microsoft Corporation] "C:\WINDOWS\system32\tlntsvr.exe" 禁用 eaaeb954687ea08da5eab4606b6cd40f TrkSvr [Microsoft Corporation] "C:\WINDOWS\system32\trksvr.dll" 禁用 1749d2480da0f0fda1dc37692abde94c TrkWks [Microsoft Corporation] "C:\WINDOWS\system32\trkwks.dll" 禁用 f55e17f8fd0aa651fbf111dc98e7984a Tssdis [Microsoft Corporation] "C:\WINDOWS\System32\tssdis.exe" 禁用 f64e145bcc759505a9c8f04a1b7b1add UMWdf [Microsoft Corporation] "C:\WINDOWS\system32\wdfmgr.exe" 禁用 2891e1e568875d4b56a90750ebc23237 UPS [Microsoft Corporation] "C:\WINDOWS\System32\ups.exe" 禁用 a777e1cfa6cd0832ba62279c2c8b0233 vds [Microsoft Corporation] "C:\WINDOWS\System32\vds.exe" 禁用 722f67d83b4c0b27473357e45251e176 VSS [Microsoft Corporation] "C:\WINDOWS\System32\vssvc.exe" 禁用 a5c35146d08123d27a84db804bc919d6 W32Time [Microsoft Corporation] "C:\WINDOWS\system32\w32time.dll" 启用 5931775191f2b2f5167636eb23b5d171 W3SVC [Microsoft Corporation] "C:\WINDOWS\system32\inetsrv\iisw3adm.dll" 启用 ec0c676b478830c9ff0cb4bf626d5c9d WebClient [Microsoft Corporation] "C:\WINDOWS\System32\webclnt.dll" 禁用 85cecc84220baf92b23091a4c5e63bf6 WinHttpAutoProxySvc [] "winhttp.dll" 禁用 winmgmt [Microsoft Corporation] "C:\WINDOWS\system32\wbem\WMIsvc.dll" 启用 6533ed2b4b82c57da5f25eeef0049b20 WmdmPmSN [Microsoft Corporation] "C:\WINDOWS\system32\mspmsnsv.dll" 禁用 0d57e90462048cf01dc4f52b245de1bc Wmi [Microsoft Corporation] "C:\WINDOWS\System32\advapi32.dll" 禁用 6a74752d002bc8c8401df3243c89ddcf WmiApSrv [Microsoft Corporation] "C:\WINDOWS\system32\wbem\wmiapsrv.exe" 禁用 f7e7ed97b6862e2b882d7fd1538218ba wuauserv [Microsoft Corporation] "C:\WINDOWS\system32\wuauserv.dll" 禁用 db880424695f59bb1b3e54f75ff9ccde WZCSVC [Microsoft Corporation] "C:\WINDOWS\System32\wzcsvc.dll" 禁用 6901d3a78d3e84b2953b7a04a31eab3b xmlprov [Microsoft Corporation] "C:\WINDOWS\System32\xmlprov.dll" 禁用 ffbe6c6c3038203d45b19351c202c2f3 ====================协议相关==================== about [Microsoft Corporation] {3050F406-98B5-11CF-BB82-00AA00BDCE0B} "C:\WINDOWS\system32\mshtml.dll" 启用 4bea0dfc55386cd852918fbd2bc62215 application/octet-stream [Microsoft Corporation] {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "C:\WINDOWS\system32\mscoree.dll" 启用 b6805a214be74f3d672bef58aaf2ba41 application/x-complus [Microsoft Corporation] {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "C:\WINDOWS\system32\mscoree.dll" 启用 b6805a214be74f3d672bef58aaf2ba41 application/x-msdownload [Microsoft Corporation] {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "C:\WINDOWS\system32\mscoree.dll" 启用 b6805a214be74f3d672bef58aaf2ba41 cdl [Microsoft Corporation] {3dd53d40-7b8b-11D0-b013-00aa0059ce02} "C:\WINDOWS\system32\urlmon.dll" 启用 7efbed83a02f543c057506682266d222 Class Install Handler [Microsoft Corporation] {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} "C:\WINDOWS\system32\urlmon.dll" 启用 7efbed83a02f543c057506682266d222 deflate [Microsoft Corporation] {8f6b0360-b80d-11d0-a9b3-006097942311} "C:\WINDOWS\system32\urlmon.dll" 启用 7efbed83a02f543c057506682266d222 file [Microsoft Corporation] {79eac9e7-baf9-11ce-8c82-00aa004ba90b} "C:\WINDOWS\system32\urlmon.dll" 启用 7efbed83a02f543c057506682266d222 ftp [Microsoft Corporation] {79eac9e3-baf9-11ce-8c82-00aa004ba90b} "C:\WINDOWS\system32\urlmon.dll" 启用 7efbed83a02f543c057506682266d222 gopher [Microsoft Corporation] {79eac9e4-baf9-11ce-8c82-00aa004ba90b} "C:\WINDOWS\system32\urlmon.dll" 启用 7efbed83a02f543c057506682266d222 gzip [Microsoft Corporation] {8f6b0360-b80d-11d0-a9b3-006097942311} "C:\WINDOWS\system32\urlmon.dll" 启用 7efbed83a02f543c057506682266d222 http [Microsoft Corporation] {79eac9e2-baf9-11ce-8c82-00aa004ba90b} "C:\WINDOWS\system32\urlmon.dll" 启用 7efbed83a02f543c057506682266d222 https [Microsoft Corporation] {79eac9e5-baf9-11ce-8c82-00aa004ba90b} "C:\WINDOWS\system32\urlmon.dll" 启用 7efbed83a02f543c057506682266d222 its [Microsoft Corporation] {9D148291-B9C8-11D0-A4CC-0000F80149F6} "C:\WINDOWS\system32\itss.dll" 启用 fd065adb766f0755cfca08f9f0b2b8d9 javascript [Microsoft Corporation] {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} "C:\WINDOWS\system32\mshtml.dll" 启用 4bea0dfc55386cd852918fbd2bc62215 KuGoo [酷狗] {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} "C:\WINDOWS\system32\KuGoo3DownXControl.ocx" 启用 60a90f165775d4ff2e0fd89dcf3b168a KuGoo3 [酷狗] {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} "C:\WINDOWS\system32\KuGoo3DownXControl.ocx" 启用 60a90f165775d4ff2e0fd89dcf3b168a local [Microsoft Corporation] {79eac9e7-baf9-11ce-8c82-00aa004ba90b} "C:\WINDOWS\system32\urlmon.dll" 启用 7efbed83a02f543c057506682266d222 lzdhtml [Microsoft Corporation] {8f6b0360-b80d-11d0-a9b3-006097942311} "C:\WINDOWS\system32\urlmon.dll" 启用 7efbed83a02f543c057506682266d222 mailto [Microsoft Corporation] {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} "C:\WINDOWS\system32\mshtml.dll" 启用 4bea0dfc55386cd852918fbd2bc62215 mbox [Microsoft Corporation] {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} "C:\WINDOWS\system32\mshtml.dll" 启用 4bea0dfc55386cd852918fbd2bc62215 mboxflash [Microsoft Corporation] {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} "C:\WINDOWS\system32\mshtml.dll" 启用 4bea0dfc55386cd852918fbd2bc62215 mhtml [Microsoft Corporation] {05300401-BCBC-11d0-85E3-00C04FD85AB4} "C:\WINDOWS\system32\inetcomm.dll" 启用 018d2c68ebcd710d6d468a311da6ace3 mk [Microsoft Corporation] {79eac9e6-baf9-11ce-8c82-00aa004ba90b} "C:\WINDOWS\system32\urlmon.dll" 启用 7efbed83a02f543c057506682266d222 ms-its [Microsoft Corporation] {9D148291-B9C8-11D0-A4CC-0000F80149F6} "C:\WINDOWS\system32\itss.dll" 启用 fd065adb766f0755cfca08f9f0b2b8d9 res [Microsoft Corporation] {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} "C:\WINDOWS\system32\mshtml.dll" 启用 4bea0dfc55386cd852918fbd2bc62215 sysimage [Microsoft Corporation] {76E67A63-06E9-11D2-A840-006008059382} "C:\WINDOWS\system32\mshtml.dll" 启用 4bea0dfc55386cd852918fbd2bc62215 text/webviewhtml [Microsoft Corporation] {733AC4CB-F1A4-11d0-B951-00A0C90312E1} "C:\WINDOWS\system32\shell32.dll" 启用 6da3edf86ce8d866e555496af20152ea vbscript [Microsoft Corporation] {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} "C:\WINDOWS\system32\mshtml.dll" 启用 4bea0dfc55386cd852918fbd2bc62215 wia [Microsoft Corporation] {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} "C:\WINDOWS\system32\wiascr.dll" 启用 18df54b79d099f25e75b1582c3128f28 ====================已知DLL==================== advapi32 [Microsoft Corporation] "C:\WINDOWS\system32\advapi32.dll" 启用 6a74752d002bc8c8401df3243c89ddcf browseui [Microsoft Corporation] "C:\WINDOWS\system32\browseui.dll" 启用 6ce2a69d15e396b0d112301c4fa13a25 comdlg32 [Microsoft Corporation] "C:\WINDOWS\system32\comdlg32.dll" 启用 de40828fb8dbe4a68609dc9b7efb6d4c gdi32 [Microsoft Corporation] "C:\WINDOWS\system32\gdi32.dll" 启用 65a2932c8644d78ae6e4226bcc50ee18 imagehlp [Microsoft Corporation] "C:\WINDOWS\system32\imagehlp.dll" 启用 6730be7d6bb445fc692abbdf6d92c34f kernel32 [Microsoft Corporation] "C:\WINDOWS\system32\kernel32.dll" 启用 06866d547d9bf2b000b02177a51ece89 lpk [Microsoft Corporation] "C:\WINDOWS\system32\lpk.dll" 启用 16590dabd5fb0fdd127c6b53d2fb469e lz32 [Microsoft Corporation] "C:\WINDOWS\system32\lz32.dll" 启用 a4af2cc03af3b663cafeee26febb1f1c msacm32 [Microsoft Corporation] "C:\WINDOWS\system32\msacm32.dll" 启用 bf1f581afcc8c54b871d19cb7e4defe3 ole32 [Microsoft Corporation] "C:\WINDOWS\system32\ole32.dll" 启用 89188aefe8b03a5b10b6a6e994f3cc43 oleaut32 [Microsoft Corporation] "C:\WINDOWS\system32\oleaut32.dll" 启用 8152b983bee789e71cf93554a7b1a48d olecli32 [Microsoft Corporation] "C:\WINDOWS\system32\olecli32.dll" 启用 ce80fb576dd9d73600a08c1b66fd1fcd olecnv32 [Microsoft Corporation] "C:\WINDOWS\system32\olecnv32.dll" 启用 7cb28227e184f6940fb08c0e1c06629f olesvr32 [Microsoft Corporation] "C:\WINDOWS\system32\olesvr32.dll" 启用 88aa247ff4206357d6e7ea788fd085ef psapi [Microsoft Corporation] "C:\WINDOWS\system32\psapi.dll" 启用 98ab3f65fedfedc967e87817ae7f5a5d rpcrt4 [Microsoft Corporation] "C:\WINDOWS\system32\rpcrt4.dll" 启用 46b6fefd5c84a5c0d0400213f2782b2a shell32 [Microsoft Corporation] "C:\WINDOWS\system32\shell32.dll" 启用 6da3edf86ce8d866e555496af20152ea shimeng [Microsoft Corporation] "C:\WINDOWS\system32\shimeng.dll" 启用 f67cee668dff210536d0651c384f1cca url [Microsoft Corporation] "C:\WINDOWS\system32\url.dll" 启用 b63b01cbf5410876153458b055f24465 urlmon [Microsoft Corporation] "C:\WINDOWS\system32\urlmon.dll" 启用 7efbed83a02f543c057506682266d222 user32 [Microsoft Corporation] "C:\WINDOWS\system32\user32.dll" 启用 cd6df78692e4886ff9bf54e8e3ae9e78 usp10 [Microsoft Corporation] "C:\WINDOWS\system32\usp10.dll" 启用 d9bf93b9d884c278344ef3a85a1f31fd uxtheme [Microsoft Corporation] "C:\WINDOWS\system32\uxtheme.dll" 启用 c6a02140acfeec16a58b316b0b99f56c version [Microsoft Corporation] "C:\WINDOWS\system32\version.dll" 启用 8410c0337c567e2bb1aabb2327d8b025 wininet [Microsoft Corporation] "C:\WINDOWS\system32\wininet.dll" 启用 c1facaa2c989fdf70ce5622f7441b1c8 wldap32 [Microsoft Corporation] "C:\WINDOWS\system32\wldap32.dll" 启用 130bb500c8ac1673b8eb81b16c0037f6 ====================打印监控==================== BJ Language Monitor [Microsoft Corporation] "C:\WINDOWS\system32\cnbjmon.dll" 启用 ccea9d2003e531f96bc0329f372ca244 Local Port [Microsoft Corporation] "C:\WINDOWS\system32\localspl.dll" 启用 180ea204782234d25ca08c12b12530ae PJL Language Monitor [Microsoft Corporation] "C:\WINDOWS\system32\pjlmon.dll" 启用 03a801ab31474e49b6989ab48e3d8a6f Standard TCP/IP Port [Microsoft Corporation] "C:\WINDOWS\system32\tcpmon.dll" 启用 84bceef88119e41f30e554ff9bc807df USB Monitor [Microsoft Corporation] "C:\WINDOWS\system32\usbmon.dll" 启用 e12b422d3b818152be0e0f4c279ce5db ====================随系统加载的其它模块==================== {4E5CFE74-700B-4A8B-B0BF-A6B47D896C18} [] (C:\WINDOWS\system32\GrTZqH5SnRhAt.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" CDBurn [Microsoft Corporation] (%SystemRoot%\system32\SHELL32.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad" 6da3edf86ce8d866e555496af20152ea crypt32chain [Microsoft Corporation] (crypt32.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain" 9848bb85598c0bf1a9dbc73d23a73e4e cryptnet [Microsoft Corporation] (cryptnet.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet" 3acb641281ec5fae80b6be6f5bd24431 cscdll [Microsoft Corporation] (cscdll.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll" 2c84dd3b7abf9b962869b18f5d617c5c dimsntfy [Microsoft Corporation] (dimsntfy.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy" 1a8d2eaa4370b4c76c6144689503447c PostBootReminder [Microsoft Corporation] (%SystemRoot%\system32\SHELL32.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad" 6da3edf86ce8d866e555496af20152ea ScCertProp [Microsoft Corporation] (wlnotify.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp" d2a341b56ae59bf51d5a23c1d0a60296 Schedule [Microsoft Corporation] (wlnotify.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule" d2a341b56ae59bf51d5a23c1d0a60296 sclgntfy [Microsoft Corporation] (sclgntfy.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy" 300f43e4787dab03c313690b0f32c9d1 SensLogn [Microsoft Corporation] (WlNotify.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn" d2a341b56ae59bf51d5a23c1d0a60296 SysTray [Microsoft Corporation] (C:\WINDOWS\system32\stobject.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad" 50a9f06d781f614a189d2f0096e505be termsrv [Microsoft Corporation] (wlnotify.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv" d2a341b56ae59bf51d5a23c1d0a60296 URL 执行挂钩 [Microsoft Corporation] (shell32.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" 6da3edf86ce8d866e555496af20152ea WebCheck [Microsoft Corporation] (%SystemRoot%\system32\webcheck.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad" 94f8c10e4fed37f0f02bb3fe96d8a00b wlballoon [Microsoft Corporation] (wlnotify.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon" d2a341b56ae59bf51d5a23c1d0a60296 ====================调试相关项==================== Debugger [Microsoft Corporation] (drwtsn32 -p %ld -e %ld -g) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AeDebug" 549db2d981e326ec7b4ea285d15f9cec ====================驱动程序==================== ACPI [Microsoft Corporation] 启用 "system32\DRIVERS\ACPI.sys" 81abd3a2bccf3966eb295a0d17cda558 aec [Microsoft Corporation] 启用 "system32\drivers\aec.sys" 53847f4df76170ac87bb441c39edb5f1 AFD [Microsoft Corporation] 启用 "\SystemRoot\System32\drivers\afd.sys" 78859e016e13e68fa9258f563fda4219 AsyncMac [] 启用 "system32\DRIVERS\asyncmac.sys" atapi [Microsoft Corporation] 启用 "system32\DRIVERS\atapi.sys" ff953a8f08ca3f822127654375786bbe Atmarpc [Microsoft Corporation] 启用 "system32\DRIVERS\atmarpc.sys" d12dad5032285343ce3aa4906f661181 audstub [Microsoft Corporation] 启用 "system32\DRIVERS\audstub.sys" 5bfd980c2107d88101d1dc14055526fc Beep [Microsoft Corporation] 启用 "" 99572503e15a3d10239b7b9887cbaf89 CCDECODE [Microsoft Corporation] 启用 "system32\DRIVERS\CCDECODE.sys" 9db6306ead8a885d9f8285eb1cba9d49 Cdrom [Microsoft Corporation] 启用 "system32\DRIVERS\cdrom.sys" 825aa877a852ecc731fa0c39c8c37744 Changer [] 启用 "" crcdisk [Microsoft Corporation] 启用 "system32\DRIVERS\crcdisk.sys" 0ee27d9dbb208c13314f3c60f66aed26 Disk [Microsoft Corporation] 启用 "system32\DRIVERS\disk.sys" 98433302c02f1168efb7364f8111a179 dmio [Microsoft Corporation] 启用 "System32\drivers\dmio.sys" 5648a00bc5741a18324ec15a8d1a43c2 dmload [Microsoft Corporation] 启用 "System32\drivers\dmload.sys" 3d9bfa13b6f1cd2d91c50c52b32e91a2 DMusic [Microsoft Corporation] 启用 "system32\drivers\DMusic.sys" f22e49c8681116e2fd74d7021aa32f13 drmkaud [Microsoft Corporation] 启用 "system32\drivers\drmkaud.sys" 3f31fa82741d2b1c53e4144ef817444e EagleNT [] 启用 "\??\C:\WINDOWS\system32\drivers\EagleNT.sys" Fdc [Microsoft Corporation] 启用 "system32\DRIVERS\fdc.sys" 5090cd3f6ab1d71ad507953cff556ea9 Fips [Microsoft Corporation] 启用 "" 65a5490cd74afe2b2b02ae14217e27db Flpydisk [Microsoft Corporation] 启用 "" c621a51f415419a3145a5939abde39fa FsVga [Microsoft Corporation] 启用 "system32\DRIVERS\fsvga.sys" 24dd6114e129a58713676bdf6b6bf44c Ftdisk [Microsoft Corporation] 启用 "system32\DRIVERS\ftdisk.sys" 5319fe7430aeb1cb11648ae3bd7de2ad Gpc [Microsoft Corporation] 启用 "system32\DRIVERS\msgpc.sys" 30b1653a955f548352024a5fee203cc3 HDAudBus [Windows (R) Server 2003 DDK provider] 启用 "system32\DRIVERS\HDAudBus.sys" 573c7d0a32852b48f3058cfd8026f511 HidUsb [Microsoft Corporation] 启用 "system32\DRIVERS\hidusb.sys" 90a325e14f9b95f17712707b1a7181b5 HTTP [Microsoft Corporation] 启用 "System32\Drivers\HTTP.sys" 7288d248481bdabf00ce0882980e34c5 i2omgmt [] 启用 "" i8042prt [Microsoft Corporation] 启用 "system32\DRIVERS\i8042prt.sys" 511c5a357376a8b9b4fd881efde77017 imapi [Microsoft Corporation] 启用 "system32\DRIVERS\imapi.sys" 44c132b35921b54b4a9ac64369d86d83 IntcAzAudAddService [Realtek Semiconductor Corp.] 启用 "system32\drivers\RtkHDAud.sys" 71ae838a88b07268d732f596fc17ced5 intelppm [Microsoft Corporation] 启用 "system32\DRIVERS\intelppm.sys" b1c25441691e2abfe3bc48f09da58526 Ip6Fw [Microsoft Corporation] 启用 "system32\DRIVERS\Ip6Fw.sys" d7e7e7898a05c53dd862b49828747c1e IpFilterDriver [Microsoft Corporation] 启用 "system32\DRIVERS\ipfltdrv.sys" 5a41f207b7c39ee4918f7496a4f19b14 IpInIp [] 启用 "system32\DRIVERS\ipinip.sys" IpNat [Microsoft Corporation] 启用 "system32\DRIVERS\ipnat.sys" 890e7a14a63aec2ea9257a79a88be784 IPSec [Microsoft Corporation] 启用 "system32\DRIVERS\ipsec.sys" 1a9aeac49683b32df55b7fb1516f3028 isapnp [Microsoft Corporation] 启用 "system32\DRIVERS\isapnp.sys" 526011b13e1c0031be6f9241c1ff7b9e Kbdclass [Microsoft Corporation] 启用 "system32\DRIVERS\kbdclass.sys" 5f93277bd73de6d8a9b3e54bdafacf94 kmixer [Microsoft Corporation] 启用 "system32\drivers\kmixer.sys" 80e7673fda20c7baca5749bbb2797866 KSecDD [Microsoft Corporation] 启用 "" e69ae1a3c3b0fe1b2c493021b20b0863 MACPIET [] 启用 "System32\drivers\cnyotmqk.sys" mnmdd [Microsoft Corporation] 启用 "" c35bb38904d843c0465858195b30dab7 Modem [Microsoft Corporation] 启用 "" 66b0b4e22c8fba4becb7ff2d082ef7df Mouclass [Microsoft Corporation] 启用 "system32\DRIVERS\mouclass.sys" 3915694ffe124863e3bef9889ed1ab46 mouhid [Microsoft Corporation] 启用 "system32\DRIVERS\mouhid.sys" 9f61090daf8f25d08818832e92dabcb0 MountMgr [Microsoft Corporation] 启用 "" fc43a7a34309c750b9daeadf2f6ec9b9 MSKSSRV [Microsoft Corporation] 启用 "system32\drivers\MSKSSRV.sys" baa279ecaaff6564ba289d38be2e1e83 MSPCLOCK [Microsoft Corporation] 启用 "system32\drivers\MSPCLOCK.sys" 5d3de11af7f2adf006fb723b0f6b2afa MSPQM [Microsoft Corporation] 启用 "system32\drivers\MSPQM.sys" ee4171d3f3ceaa7386561aad262f8bd3 mssmbios [Microsoft Corporation] 启用 "system32\DRIVERS\mssmbios.sys" 92afab2f216ce8ffbad3bc510fcf4a33 MSTEE [Microsoft Corporation] 启用 "system32\drivers\MSTEE.sys" 9e2608d6c72af838d4a5555a859b26c3 NABTSFEC [Microsoft Corporation] 启用 "system32\DRIVERS\NABTSFEC.sys" eea65047a31944e4db6c81c5eb616b70 NDIS [Microsoft Corporation] 启用 "" 33739ab31d36184772af1ee132d5c2e2 NdisIP [Microsoft Corporation] 启用 "system32\DRIVERS\NdisIP.sys" 4663329da2727e517872d8ac1d19a2e0 NdisTapi [Microsoft Corporation] 启用 "system32\DRIVERS\ndistapi.sys" bbab8ce7a8d2b1302da0b03825d9cae4 Ndisuio [Microsoft Corporation] 启用 "system32\DRIVERS\ndisuio.sys" 8b8e682b03483092e17ab9dfe70fedff NdisWan [Microsoft Corporation] 启用 "system32\DRIVERS\ndiswan.sys" 1b397eef4614419be5679e0209f7848b NDProxy [Microsoft Corporation] 启用 "" d3ced37468b3303ef0c8b24b0585390f NetBT [Microsoft Corporation] 启用 "system32\DRIVERS\netbt.sys" 75ab3ca3f9343ca877fd3ff1900bf5bb Null [Microsoft Corporation] 启用 "" 5db0ede7aaf3a7bc9110d18c12524be0 nv [NVIDIA Corporation] 启用 "system32\DRIVERS\nv4_mini.sys" 83780f3a86d2804912f22f6e37cd2254 Parport [Microsoft Corporation] 启用 "system32\DRIVERS\parport.sys" 72ec76313b899e4fb581ee9703c163b6 PartMgr [Microsoft Corporation] 启用 "" 5a0d53ff35d85caf82df17c2cc1e96ec Parvdm [Microsoft Corporation] 启用 "system32\DRIVERS\parvdm.sys" 7436a70316317b415c5d0b8d5707e30c PCI [Microsoft Corporation] 启用 "system32\DRIVERS\pci.sys" 44e4c1d7d1d7e94db4d0c7c6f2826ac7 PCIIde [Microsoft Corporation] 启用 "system32\DRIVERS\pciide.sys" 8b24795f52c7c0685af038279788dbeb PDCOMP [] 启用 "" PDFRAME [] 启用 "" PDRELI [] 启用 "" PDRFRAME [] 启用 "" PptpMiniport [Microsoft Corporation] 启用 "system32\DRIVERS\raspptp.sys" 4454f2639bcca93be86a45137e427277 Ptilink [Parallel Technologies, Inc.] 启用 "system32\DRIVERS\ptilink.sys" 0320fd91fb5ed4298355977cecfc0eb4 QKeyService [ Tencent Technology (Shenzhen) Company Limited] 启用 "system32\KeyCrypt.sys" ecaa6d40a70bee079f3817601bec1692 RasAcd [Microsoft Corporation] 启用 "system32\DRIVERS\rasacd.sys" 48ee7b6802c0306f9a66f34db7e9ef75 Rasl2tp [Microsoft Corporation] 启用 "system32\DRIVERS\rasl2tp.sys" 3633175613e052ecb41776dee2777a89 RasPppoe [Microsoft Corporation] 启用 "system32\DRIVERS\raspppoe.sys" 59842f0a22216a71cade6f89fe84c973 Raspti [Microsoft Corporation] 启用 "system32\DRIVERS\raspti.sys" 5b11871de804d3ed28bbdcc65fe14ede RDPCDD [Microsoft Corporation] 启用 "System32\DRIVERS\RDPCDD.sys" ac5bb528ecd2bea4ff4bff9df9baf749 rdpdr [Microsoft Corporation] 启用 "system32\DRIVERS\rdpdr.sys" ff678596b761e1ccba79f49981ef51bc RDPWD [Microsoft Corporation] 启用 "" 477d7af3c3583eb85e23375225650b1c redbook [Microsoft Corporation] 启用 "system32\DRIVERS\redbook.sys" dc937fd5408b9ebe4375a783ab1c5b6a RGGA [Microsoft Corporation] 启用 "\??\C:\WINDOWS\system32\drivers\rgga.sys" 345f18886f4fcfb3681e9f793a0725a1 RTL8023xp [Realtek Semiconductor Corporation ] 启用 "system32\DRIVERS\Rtnicxp.sys" 432f94857dc866a6d3d06931eed85434 Secdrv [Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.] 启用 "system32\DRIVERS\secdrv.sys" 90a3935d05b494a5a39d37e71f09a677 Serial [Microsoft Corporation] 启用 "" 56a8453c75f5a26c9110873099c4e826 Sfloppy [Microsoft Corporation] 启用 "" 831826dc54fa225f0b654ef2f1e13af9 SLIP [Microsoft Corporation] 启用 "system32\DRIVERS\SLIP.sys" 0abbfad14c4de228bcc0260f7182d830 splitter [Microsoft Corporation] 启用 "system32\drivers\splitter.sys" b49a94bf901af449c25f41a3cfaaae6b streamip [Microsoft Corporation] 启用 "system32\DRIVERS\StreamIP.sys" 490f6fa24633bd351c1664040f12daee swenum [Microsoft Corporation] 启用 "system32\DRIVERS\swenum.sys" 93965919785102ba847545ab460ce2df swmidi [Microsoft Corporation] 启用 "system32\drivers\swmidi.sys" e28a71b057f89abe9e3133548d3fbc1d sysaudio [Microsoft Corporation] 启用 "system32\drivers\sysaudio.sys" e69064b5e7e85201db55fad909912fd0 Tcpip [Microsoft Corporation] 启用 "system32\DRIVERS\tcpip.sys" be768857423add8c2afd97a47bec5ef5 TDPIPE [Microsoft Corporation] 启用 "" 45d49fb800463de84d1cc2e231319ad5 TDTCP [Microsoft Corporation] 启用 "" d7c31008de209b8b11ced207580e9c91 TermDD [Microsoft Corporation] 启用 "system32\DRIVERS\termdd.sys" a01e46fff445a38d35db188c5458582c Update [Microsoft Corporation] 启用 "system32\DRIVERS\update.sys" 3df030f7fb98c453dc9e44273b50ff04 usbccgp [Microsoft Corporation] 启用 "system32\DRIVERS\usbccgp.sys" 185959a7fccfd38aa71a274ae6252b88 usbehci [Microsoft Corporation] 启用 "system32\DRIVERS\usbehci.sys" 9dd4aba9462938734bcbf51d8669c884 usbhub [Microsoft Corporation] 启用 "system32\DRIVERS\usbhub.sys" 17859937740bc0d422fe71a588d6ddf7 usbohci [Microsoft Corporation] 启用 "system32\DRIVERS\usbohci.sys" 910b3b46da0fb5520988f351d0719342 USBSTOR [Microsoft Corporation] 启用 "system32\DRIVERS\USBSTOR.SYS" d0740ff9f7e819486e88096826b4dc37 usbvideo [Microsoft Corporation] 启用 "System32\Drivers\usbvideo.sys" 38b2a6ad8207e3187b8159209a2fa587 vga [Microsoft Corporation] 启用 "system32\DRIVERS\vgapnp.sys" 2eb062b434792bb6bb614f107dd3a5cf VgaSave [Microsoft Corporation] 启用 "\SystemRoot\System32\drivers\vga.sys" 062fbc10147fd837d819f94aa394e661 vmmouse [VMware, Inc.] 启用 "system32\DRIVERS\vmmouse.sys" 84e67baa77a8c508a05b9febb1ed2eae VolSnap [Microsoft Corporation] 启用 "system32\DRIVERS\volsnap.sys" 5eb8cc8c93f712ba24150bf8bceb196c Wanarp [Microsoft Corporation] 启用 "system32\DRIVERS\wanarp.sys" ce030b1d05a01fa012d32f2d25676b1c WDICA [] 启用 "" wdmaud [Microsoft Corporation] 启用 "system32\drivers\wdmaud.sys" fd5a720d7997ab69122c96cdd014d43a WINIO [] 启用 "\??\F:\winio.sys" WLBS [Microsoft Corporation] 启用 "system32\DRIVERS\wlbs.sys" 4e91fbb8714d84fc7aefdee1b92c400c WSTCODEC [Microsoft Corporation] 启用 "system32\DRIVERS\WSTCODEC.SYS" eb61bb73bb5a318f3df5d73ad1ba2e03 ====================桌面快捷方式==================== 360安全卫士.lnk "E:\360safe\360Safe.exe " (奇虎网, 2.5 MB, 5, 1, 0, 1004) 8327c571bfe867b56dfd709a66f9c85b 360软件管理.lnk "E:\360safe\SoftMgr\SoftManager.exe " (奇虎网, 1.9 MB, 1, 5, 5, 1005) e4e771e1ce2e6eecec9b0a648bc57faa I8一点通.exe.lnk "E:\i8Server\Intransvr.exe " (盛光科技, 946.8 KB, 8, 2, 1, 1216) 4a44c702c2deb0dfdf6ac9c83a413fd7 QQ.exe.lnk "D:\聊天工具\QQ2008正式版\QQ.exe " (TENCENT, 1.9 MB, 8,0,1249,1853) 2520a943a7bff9d3e570d9c90b4da90e QQ医生.lnk "E:\新建文件夹 (4)\QQ医生 2.1Beta2\QQDoctor.exe " (Tencent, 681.8 KB, 2, 1, 9, 202) 354042a693676bd510f90bd2a780b96c QQ旋风.lnk "E:\下载工具\QQDownload.exe " (Tencent Technology (Shenzhen) Company Limited, 1.5 MB, 2, 0, 529, 529) 3182c4763842877ea277afeb8a7a4e29 VPTray.exe.lnk "E:\Symantec AntiVirus\VPTray.exe " (Symantec Corporation, 83.1 KB, 10.0.0.359) 33ced268a251047a62567c5634d9778e 三层更新.exe.lnk "E:\i8Server\3up\3up.exe " (sngo, 1.3 MB, 2009, 3, 24, 3) 15deec1d7bdcdccfda5e0883dc32cd61 同花顺2009.lnk "E:\股票\同花顺核新\hexin.exe " (杭州核新软件技术有限公司(Hexin), 3.2 MB, 2008, 12, 15, 0) 9e1d094bab45d75a91c0ef92309f3c01 找茬1.lnk "D:\休闲游戏\找别扭3\Findbug.EXE " (美忆电脑影像工作室 王文涛, 1.3 MB, 1.00) 29c7ffd31d355727d7aa6821725ec3f9 找茬2.lnk "D:\休闲游戏\大家来找茬2\5spots2.exe " (, 152.0 KB, ) 23805be0e6a8809d90d2100ae88a9b53 波波球.lnk "D:\休闲游戏\波波球\boun.exe " (GameHouse, Inc., 728.0 KB, 1.01) a9035d90794481d636e5a5e175bc276f 瑞星卡卡上网安全助手.lnk "C:\Program Files\Rising\AntiSpyware\ras.exe " (Beijing Rising Information Technology Co., Ltd., 38.1 KB, 6.0.0.7) 324645bf53d6c2a677cc135eacd91c91 迅雷5.lnk "C:\Program Files\Thunder Network\Thunder\Thunder.exe " (ShenZhen Thunder Networking Technologies,LTD, 49.5 KB, 5,8,13,699) 3d6957845739305b298261d5bfc3525d 酷我音乐盒.lnk "E:\酷我\KWMUSIC\KwMusic.exe " (酷我科技, 2.9 MB, 2.0.0.0) 7220fa0891df8f6d809f7249027fefa4 阿达连连看.lnk "D:\休闲游戏\阿达连连看\zzllk.exe " (, 1.8 MB, 1, 0, 0, 1) f534689d4d1dd235ca852de75a466f46 雄霸私服登录器.lnk "D:\网络游戏\传奇私服\雄霸传奇.exe " (, 2.3 MB, ) 0a3aba4c2462d510a461435e687369d9 风行网络电影.lnk "D:\影音工具\风行网络电影\Funshion.exe " (Funshion Online Technologies Ltd., 2.7 MB, 1.5.3.11Beta) c1662bc1d8f07bb6cb30e6da0c40b284