本报告由QQ医生提供 http://im.qq.com/doctor/ 诊断时间: 2009-05-04 10:41:32 操作系统: Windows XP Service Pack 2 QQ医生版本: QQDoctor.exe 2, 1, 9, 202 DrUpdate.exe 2009, 4, 10, 15 TSELoder.DAT 2008, 1, 28, 13 TSEngine.DAT 2008, 4, 7, 25 TSEPB.DAT 2009, 3, 5, 35 TSFSEngine.DAT 2009, 3, 11, 7 TSFileFilter.DAT 2007, 12, 5, 01 TSKsp.sys 2009, 3, 31, 17 TSKSPLIB.dat 2009, 3, 16, 10 TSVulMon.DAT 2009, 4, 2, 10 TSVulChk.dat 2009, 3, 23, 11 ====================进程项==================== C:\WINDOWS\System32\alg.exe (Microsoft Corporation, 43.5 KB, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)) a9de20df2c89b6b2ffda0e6cd52a8599 C:\WINDOWS\system32\conime.exe (Microsoft Corporation, 27.0 KB, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)) 30162ff3b6fe72a9799dfb496111fe02 \??\C:\WINDOWS\system32\csrss.exe (Microsoft Corporation, 6.0 KB, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)) 3502114e4cb83e491a80fc361c1dc7b7 C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation, 15.0 KB, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)) 4cc6277445d2d388a4cd827086a5f5f0 C:\WINDOWS\Explorer.EXE (Microsoft Corporation, 954.0 KB, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)) 82b8373ed12a602820108f6154bf0c4c C:\WINDOWS\Explorer.EXE [Microsoft Corporation] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation] C:\WINDOWS\system32\SHLWAPI.dll [Microsoft Corporation] C:\WINDOWS\system32\SHELL32.dll [Microsoft Corporation] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation] C:\WINDOWS\system32\BROWSEUI.dll [Microsoft Corporation] C:\WINDOWS\system32\SHDOCVW.dll [Microsoft Corporation] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation] C:\WINDOWS\system32\CRYPTUI.dll [Microsoft Corporation] C:\WINDOWS\system32\WINTRUST.dll [Microsoft Corporation] C:\WINDOWS\system32\IMAGEHLP.dll [Microsoft Corporation] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation] C:\WINDOWS\system32\WININET.dll [Microsoft Corporation] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation] C:\WINDOWS\system32\ShimEng.dll [Microsoft Corporation] C:\WINDOWS\AppPatch\AcGenral.DLL [Microsoft Corporation] C:\WINDOWS\system32\WINMM.dll [Microsoft Corporation] C:\WINDOWS\system32\MSACM32.dll [Microsoft Corporation] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [Microsoft Corporation] C:\WINDOWS\system32\comctl32.dll [Microsoft Corporation] C:\WINDOWS\system32\msctfime.ime [Microsoft Corporation] C:\WINDOWS\system32\appHelp.dll [Microsoft Corporation] C:\WINDOWS\system32\CLBCATQ.DLL [Microsoft Corporation] C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation] C:\WINDOWS\System32\cscui.dll [Microsoft Corporation] C:\WINDOWS\System32\CSCDLL.dll [Microsoft Corporation] C:\WINDOWS\system32\themeui.dll [Microsoft Corporation] C:\WINDOWS\system32\MSIMG32.dll [Microsoft Corporation] C:\WINDOWS\system32\xpsp2res.dll [Microsoft Corporation] C:\WINDOWS\system32\msutb.dll [Microsoft Corporation] C:\WINDOWS\system32\MSCTF.dll [Microsoft Corporation] C:\WINDOWS\system32\urlmon.dll [Microsoft Corporation] C:\WINDOWS\system32\ntshrui.dll [Microsoft Corporation] C:\WINDOWS\system32\ATL.DLL [Microsoft Corporation] C:\WINDOWS\system32\msi.dll [Microsoft Corporation] C:\WINDOWS\system32\LINKINFO.dll [Microsoft Corporation] C:\WINDOWS\system32\WINSTA.dll [Microsoft Corporation] C:\WINDOWS\system32\webcheck.dll [Microsoft Corporation] C:\WINDOWS\system32\WSOCK32.dll [Microsoft Corporation] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation] C:\WINDOWS\system32\SETUPAPI.dll [Microsoft Corporation] C:\WINDOWS\system32\stobject.dll [Microsoft Corporation] C:\WINDOWS\system32\BatMeter.dll [Microsoft Corporation] C:\WINDOWS\system32\POWRPROF.dll [Microsoft Corporation] C:\WINDOWS\system32\WTSAPI32.dll [Microsoft Corporation] C:\WINDOWS\system32\WPDShServiceObj.dll [Microsoft Corporation] C:\WINDOWS\system32\WINHTTP.dll [Microsoft Corporation] C:\WINDOWS\system32\rsaenh.dll [Microsoft Corporation] C:\WINDOWS\system32\mydocs.dll [Microsoft Corporation] C:\WINDOWS\system32\PortableDeviceTypes.dll [Microsoft Corporation] C:\WINDOWS\system32\PortableDeviceApi.dll [Microsoft Corporation] C:\WINDOWS\system32\NETSHELL.dll [Microsoft Corporation] C:\WINDOWS\system32\rtutils.dll [Microsoft Corporation] C:\WINDOWS\system32\credui.dll [Microsoft Corporation] C:\WINDOWS\system32\iphlpapi.dll [Microsoft Corporation] C:\WINDOWS\system32\wdmaud.drv [Microsoft Corporation] C:\WINDOWS\system32\msacm32.drv [Microsoft Corporation] C:\WINDOWS\system32\midimap.dll [Microsoft Corporation] C:\WINDOWS\system32\PSAPI.DLL [Microsoft Corporation] C:\WINDOWS\system32\MPR.dll [Microsoft Corporation] C:\WINDOWS\System32\drprov.dll [Microsoft Corporation] C:\WINDOWS\System32\ntlanman.dll [Microsoft Corporation] C:\WINDOWS\System32\NETUI0.dll [Microsoft Corporation] C:\WINDOWS\System32\NETUI1.dll [Microsoft Corporation] C:\WINDOWS\System32\NETRAP.dll [Microsoft Corporation] C:\WINDOWS\System32\SAMLIB.dll [Microsoft Corporation] C:\WINDOWS\System32\davclnt.dll [Microsoft Corporation] C:\WINDOWS\system32\browselc.dll [Microsoft Corporation] C:\WINDOWS\system32\DUSER.dll [Microsoft Corporation] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation] C:\Program Files\WinRAR\rarext.dll [] C:\WINDOWS\system32\xpsp1res.dll [Microsoft Corporation] C:\WINDOWS\system32\SXS.DLL [Microsoft Corporation] C:\WINDOWS\system32\zipfldr.dll [Microsoft Corporation] C:\WINDOWS\system32\actxprxy.dll [Microsoft Corporation] C:\WINDOWS\system32\NTMARTA.DLL [Microsoft Corporation] C:\WINDOWS\system32\MLANG.dll [Microsoft Corporation] C:\WINDOWS\system32\RASAPI32.dll [Microsoft Corporation] C:\WINDOWS\system32\rasman.dll [Microsoft Corporation] C:\WINDOWS\system32\TAPI32.dll [Microsoft Corporation] C:\WINDOWS\system32\msv1_0.dll [Microsoft Corporation] C:\WINDOWS\system32\MSGINA.dll [Microsoft Corporation] C:\WINDOWS\system32\ODBC32.dll [Microsoft Corporation] C:\WINDOWS\system32\comdlg32.dll [Microsoft Corporation] C:\WINDOWS\system32\odbcint.dll [Microsoft Corporation] C:\WINDOWS\system32\CFGMGR32.dll [Microsoft Corporation] C:\WINDOWS\system32\usbui.dll [Microsoft Corporation] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll [Microsoft Corporation] C:\WINDOWS\system32\printui.dll [Microsoft Corporation] C:\WINDOWS\system32\WINSPOOL.DRV [Microsoft Corporation] C:\WINDOWS\system32\ACTIVEDS.dll [Microsoft Corporation] C:\WINDOWS\system32\adsldpc.dll [Microsoft Corporation] C:\WINDOWS\system32\sti.dll [Microsoft Corporation] C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation, 91.0 KB, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)) ecd35d17f66899882b9558f5b94c5798 C:\WINDOWS\system32\lsass.exe (Microsoft Corporation, 13.0 KB, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)) 891600e79c38249028f1bacc1c6cc5d2 C:\WINDOWS\system32\services.exe (Microsoft Corporation, 108.0 KB, 5.1.2600.3520 (xpsp_sp2_qfe.090206-1239)) f60e20250bb18917d416769af3877a21 \SystemRoot\System32\smss.exe (Microsoft Corporation, 49.5 KB, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)) 32d5d8666e082f567923db579b5390fc C:\WINDOWS\system32\spoolsv.exe (Microsoft Corporation, 56.5 KB, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)) da81ec57acd4cdc3d4c51cf3d409af9f C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe (Microsoft Corporation, 80.0 KB, 2000.080.2039.00) f45bfc03a06c9dcfa6731e551029b474 C:\PROGRA~1\MICROS~3\MSSQL\binn\sqlservr.exe (Microsoft Corporation, 8.7 MB, 2000.080.2039.00) d8c703336b58dedb70d97d0e692112ff C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, 14.0 KB, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)) a22d7b3594c381efb3395a072725fe95 C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, 14.0 KB, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)) a22d7b3594c381efb3395a072725fe95 C:\WINDOWS\System32\svchost.exe (Microsoft Corporation, 14.0 KB, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)) a22d7b3594c381efb3395a072725fe95 C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, 14.0 KB, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)) a22d7b3594c381efb3395a072725fe95 C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, 14.0 KB, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)) a22d7b3594c381efb3395a072725fe95 C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, 14.0 KB, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)) a22d7b3594c381efb3395a072725fe95 C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, 14.0 KB, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)) a22d7b3594c381efb3395a072725fe95 \??\C:\WINDOWS\system32\winlogon.exe (Microsoft Corporation, 476.0 KB, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)) a5153e6b7b02545f789af2fcd27fb325 C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation, 13.5 KB, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)) 0b5f1e8552c894b90d3c1bada35ccf15 ====================启动项==================== AlternateShell [Microsoft Corporation] (cmd.exe) "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot" 722a247acb86960a708528120759266d AlternateShell [Microsoft Corporation] (cmd.exe) "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot" 722a247acb86960a708528120759266d BootExecute [Microsoft Corporation] (autochk *) "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" 288e9c01f3325ff420fa685c6ec6a831 ctfmon.exe [Microsoft Corporation] (C:\WINDOWS\system32\ctfmon.exe) "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" 4cc6277445d2d388a4cd827086a5f5f0 IMJPMIG8.1 [Microsoft Corporation] ("C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" 7bbe4cf421aecc7f0226edd75f12079f PHIME2002A [Microsoft Corporation] (C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" 024dc0f68df5fd6ae9dd82dfbaf479d6 PHIME2002ASync [Microsoft Corporation] (C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" 024dc0f68df5fd6ae9dd82dfbaf479d6 Shell [Microsoft Corporation] (Explorer.exe) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" 82b8373ed12a602820108f6154bf0c4c UIHost [Microsoft Corporation] (logonui.exe) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" c35f08e88fcdcc44926ec97000078bcc Userinit [Microsoft Corporation] (C:\WINDOWS\system32\userinit.exe) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" 7bd70ec53cb7398246c84d25bff33aa8 服务管理器.lnk [Microsoft Corporation] ("C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe" /n) "C:\Documents and Settings\All Users.WINDOWS\「开始」菜单\程序\启动\服务管理器.lnk" f45bfc03a06c9dcfa6731e551029b474 ====================第三方IE插件==================== npqtplugin.dll "C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll" (Apple Inc., 140.0 KB, 7.6 (1292)) 0635da2b5c9fbe9b9bb10093113b17b5 npqtplugin2.dll "C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll" (Apple Inc., 140.0 KB, 7.6 (1292)) 5e91354df6e4a32950412d790d1420f0 npqtplugin3.dll "C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll" (Apple Inc., 140.0 KB, 7.6 (1292)) 3dccb3ae8c2d54638d02222c23882fa7 npqtplugin4.dll "C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll" (Apple Inc., 140.0 KB, 7.6 (1292)) 40d496c0b020bf75c65e2706131e424c npqtplugin5.dll "C:\Program Files\Internet Explorer\PLUGINS\npqtplugin5.dll" (Apple Inc., 140.0 KB, 7.6 (1292)) d2928606d77307ca1381f8bb84ccda71 npqtplugin6.dll "C:\Program Files\Internet Explorer\PLUGINS\npqtplugin6.dll" (Apple Inc., 140.0 KB, 7.6 (1292)) a7cb2e34db653dc019c54f5f07ac68f6 ====================IE右键菜单==================== 使用迅雷下载全部链接 [C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm] ====================ActiveX对象==================== iTrusPTA Class [] {1E0DFFCF-27FF-4574-849B-55007349FEDA} "C:\WINDOWS\Downloaded Program Files\pta.dll" 启用 0cac355f19e10169e131fe8f7e3ec3e3 USBKey Class [Dean Zhang] {5F9C5FB9-91A4-4186-9242-D99F8B26CF35} "C:\WINDOWS\system32\DeanUSBKey.dll" 启用 295247c66a0943bec6d19438417ba1e5 ====================系统服务==================== Alerter [Microsoft Corporation] "C:\WINDOWS\system32\alrsvc.dll" 禁用 d3b55cadbe9bdc57e0c8601842e43066 ALG [Microsoft Corporation] "C:\WINDOWS\System32\alg.exe" 启用 a9de20df2c89b6b2ffda0e6cd52a8599 AppMgmt [Microsoft Corporation] "C:\WINDOWS\System32\appmgmts.dll" 禁用 997e5e4ae270d9e9392f3e81afe34564 AudioSrv [Microsoft Corporation] "C:\WINDOWS\System32\audiosrv.dll" 启用 bb9c41f8af9593a0ba0faabf28051bc4 BITS [Microsoft Corporation] "C:\WINDOWS\system32\qmgr.dll" 启用 cdc7027806a38968592c54ea2555c147 Browser [Microsoft Corporation] "C:\WINDOWS\System32\browser.dll" 启用 7f0b098e0ea857f40c155785cc9a7239 CiSvc [Microsoft Corporation] "C:\WINDOWS\system32\cisvc.exe" 禁用 ea4078ba0794994ad10d0371ce2070f9 ClipSrv [Microsoft Corporation] "C:\WINDOWS\system32\clipsrv.exe" 禁用 95d48a471e45a78e145ce3e8a2e6f61b COMSysApp [Microsoft Corporation] "C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}" 禁用 0a8fa72d426143f4f694068e9e93f5f1 CryptSvc [Microsoft Corporation] "C:\WINDOWS\System32\cryptsvc.dll" 启用 c78fbd718a49039ecd024605d855ba5a DcomLaunch [Microsoft Corporation] "C:\WINDOWS\system32\rpcss.dll" 启用 c48d4b25b6d57a52eb6c1cbc245037cd Dhcp [Microsoft Corporation] "C:\WINDOWS\System32\dhcpcsvc.dll" 启用 306683ed71b00d297cd73bade50a8bd5 dmadmin [Microsoft Corp., Veritas Software] "C:\WINDOWS\System32\dmadmin.exe /com" 禁用 8ad6ae71db443084ab8332d89b00a449 dmserver [Microsoft Corp.] "C:\WINDOWS\System32\dmserver.dll" 启用 9c690c012ff38710ea3fee2984f43006 Dnscache [Microsoft Corporation] "C:\WINDOWS\System32\dnsrslvr.dll" 启用 72d05a51461f31e59ad6edff27c46aa9 ERSvc [Microsoft Corporation] "C:\WINDOWS\System32\ersvc.dll" 启用 8b8064d31bacb4f8371a1da3f0daf97e Eventlog [Microsoft Corporation] "C:\WINDOWS\system32\services.exe" 启用 f60e20250bb18917d416769af3877a21 EventSystem [Microsoft Corporation] "C:\WINDOWS\system32\es.dll" 启用 73b841941ab7a9dbf9dd7d63448cd3b9 FastUserSwitchingCompatibility [Microsoft Corporation] "C:\WINDOWS\System32\shsvcs.dll" 启用 2d38387c07972dff66c8cf4c0d925d01 FLEXnet Licensing Service [Macrovision Europe Ltd.] "C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe" 禁用 227846995afeefa70d328bf5334a86a5 helpsvc [Microsoft Corporation] "C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll" 启用 a37732a722edeb76522e8c826abd87e5 HidServ [] "C:\WINDOWS\System32\hidserv.dll" 禁用 HTTPFilter [Microsoft Corporation] "C:\WINDOWS\System32\w3ssl.dll" 禁用 c377bb41180c4def6481c691aa962917 ImapiService [Microsoft Corporation] "C:\WINDOWS\system32\imapi.exe" 禁用 100781d36ae5ffbf0a96fc8ce57c31a7 lanmanserver [Microsoft Corporation] "C:\WINDOWS\System32\srvsvc.dll" 启用 98de81f0d34cad9569400b1510921d2f lanmanworkstation [Microsoft Corporation] "C:\WINDOWS\System32\wkssvc.dll" 启用 25bcb956778cd95836539054ee99c870 LmHosts [Microsoft Corporation] "C:\WINDOWS\System32\lmhsvc.dll" 启用 7b8a110aae74605fa301b1b249c4f561 Messenger [Microsoft Corporation] "C:\WINDOWS\System32\msgsvc.dll" 禁用 682805e6394d20e2f2a3402a329f1ace mnmsrvc [Microsoft Corporation] "C:\WINDOWS\system32\mnmsrvc.exe" 禁用 d9972601d1bdc3f15275a6d0202b1e61 MSDTC [Microsoft Corporation] "C:\WINDOWS\system32\msdtc.exe" 禁用 8461b089f14a35411b32b2fb4602bc11 MSIServer [Microsoft Corporation] "C:\WINDOWS\system32\msiexec.exe /V" 禁用 f5f0146580e7023adb963879840777f8 MSSQLSERVER [Microsoft Corporation] "C:\PROGRA~1\MICROS~3\MSSQL\binn\sqlservr.exe" 启用 d8c703336b58dedb70d97d0e692112ff MSSQLServerADHelper [Microsoft Corporation] "C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe" 禁用 1d1b22613eab9287af902398867bc93c NetDDE [Microsoft Corporation] "C:\WINDOWS\system32\netdde.exe" 禁用 c8b34df15e22bc172e784d36d8210602 NetDDEdsdm [Microsoft Corporation] "C:\WINDOWS\system32\netdde.exe" 禁用 c8b34df15e22bc172e784d36d8210602 Netlogon [Microsoft Corporation] "C:\WINDOWS\system32\lsass.exe" 禁用 891600e79c38249028f1bacc1c6cc5d2 Netman [Microsoft Corporation] "C:\WINDOWS\System32\netman.dll" 启用 d4ed3f567e04d99e3206a000211d1916 Nla [Microsoft Corporation] "C:\WINDOWS\System32\mswsock.dll" 启用 23794840ef8d25fda393debc22bc004f NtLmSsp [Microsoft Corporation] "C:\WINDOWS\system32\lsass.exe" 禁用 891600e79c38249028f1bacc1c6cc5d2 NtmsSvc [Microsoft Corporation] "C:\WINDOWS\system32\ntmssvc.dll" 禁用 d1c443e3fd1491d459bad3c29caa1cde PlugPlay [Microsoft Corporation] "C:\WINDOWS\system32\services.exe" 启用 f60e20250bb18917d416769af3877a21 PolicyAgent [Microsoft Corporation] "C:\WINDOWS\system32\lsass.exe" 启用 891600e79c38249028f1bacc1c6cc5d2 ProtectedStorage [Microsoft Corporation] "C:\WINDOWS\system32\lsass.exe" 启用 891600e79c38249028f1bacc1c6cc5d2 RasAuto [Microsoft Corporation] "C:\WINDOWS\System32\rasauto.dll" 禁用 73f57631d090770afda31dae9b84aa5c RasMan [Microsoft Corporation] "C:\WINDOWS\System32\rasmans.dll" 启用 a4e7d142f6a794563565836053a8491c RDSessMgr [Microsoft Corporation] "C:\WINDOWS\system32\sessmgr.exe" 禁用 f28de50c35113ac6f813121105c17552 RemoteAccess [Microsoft Corporation] "C:\WINDOWS\System32\mprdim.dll" 禁用 761dceac6eccef5aa38974d0cd53dee8 RemoteRegistry [Microsoft Corporation] "C:\WINDOWS\system32\regsvc.dll" 启用 210be938c78e1c39fc397ef117c2b94f RpcLocator [Microsoft Corporation] "C:\WINDOWS\system32\locator.exe" 禁用 cf55d680db483883fd0765449e2e1a53 RpcSs [Microsoft Corporation] "C:\WINDOWS\system32\rpcss.dll" 启用 c48d4b25b6d57a52eb6c1cbc245037cd RSVP [Microsoft Corporation] "C:\WINDOWS\system32\rsvp.exe" 禁用 53a79336f917ca1ff120043dcb74def8 SamSs [Microsoft Corporation] "C:\WINDOWS\system32\lsass.exe" 启用 891600e79c38249028f1bacc1c6cc5d2 SCardSvr [Microsoft Corporation] "C:\WINDOWS\System32\SCardSvr.exe" 禁用 ea08e7fecd0d3b87299219a695ba6044 Schedule [Microsoft Corporation] "C:\WINDOWS\system32\schedsvc.dll" 启用 64d0e7a615a59670c61e7f3de9cc9b39 seclogon [Microsoft Corporation] "C:\WINDOWS\System32\seclogon.dll" 启用 2027dd427d91a3b7488912ff75cffb2d SENS [Microsoft Corporation] "C:\WINDOWS\system32\sens.dll" 启用 da59bb205b7032312ea7725d3d4cbdd7 SharedAccess [Microsoft Corporation] "C:\WINDOWS\System32\ipnathlp.dll" 启用 1cc32420529b85d64a551b61ae9a17ab ShellHWDetection [Microsoft Corporation] "C:\WINDOWS\System32\shsvcs.dll" 启用 2d38387c07972dff66c8cf4c0d925d01 Spooler [Microsoft Corporation] "C:\WINDOWS\system32\spoolsv.exe" 启用 da81ec57acd4cdc3d4c51cf3d409af9f SQLSERVERAGENT [Microsoft Corporation] "C:\Program Files\Microsoft SQL Server\MSSQL\binn\sqlagent.exe -i MSSQLSERVER" 禁用 352e375ab298c23b0f9bc307652c7f50 srservice [Microsoft Corporation] "C:\WINDOWS\system32\srsvc.dll" 禁用 dda0bc29483f867468a1f500c07e09f0 SSDPSRV [Microsoft Corporation] "C:\WINDOWS\System32\ssdpsrv.dll" 禁用 516bb4c1fdeec32792faa09008416a9b stisvc [Microsoft Corporation] "C:\WINDOWS\system32\wiaservc.dll" 启用 dc750a7adc5ecb85a12729285fb72653 SwPrv [Microsoft Corporation] "C:\WINDOWS\system32\dllhost.exe /Processid:{648B7649-23F2-4C55-B1DD-AF3209678EDF}" 禁用 0a8fa72d426143f4f694068e9e93f5f1 SysmonLog [Microsoft Corporation] "C:\WINDOWS\system32\smlogsvc.exe" 禁用 b7022b3616ca3f632c18426837ddf6de TapiSrv [Microsoft Corporation] "C:\WINDOWS\System32\tapisrv.dll" 启用 5844738f1362b399e99bfe04f688b3be TermService [Microsoft Corporation] "C:\WINDOWS\System32\termsrv.dll" 启用 ab5b2ac7ffb870673d6806e974bf2f52 Themes [Microsoft Corporation] "C:\WINDOWS\System32\shsvcs.dll" 启用 2d38387c07972dff66c8cf4c0d925d01 TlntSvr [Microsoft Corporation] "C:\WINDOWS\system32\tlntsvr.exe" 禁用 e2eb3902bf37693609390b334ce13c33 TrkWks [Microsoft Corporation] "C:\WINDOWS\system32\trkwks.dll" 启用 91bef237caaa97abf07ff235a7f2da7f upnphost [Microsoft Corporation] "C:\WINDOWS\System32\upnphost.dll" 禁用 878d59d1e7415f799b06ab22fcbbaf06 UPS [Microsoft Corporation] "C:\WINDOWS\System32\ups.exe" 禁用 9cf73b37823794e0b30dd71137dcff1a VSS [Microsoft Corporation] "C:\WINDOWS\System32\vssvc.exe" 禁用 1ef0ef50df1679052b6fa1859dbb9662 W32Time [Microsoft Corporation] "C:\WINDOWS\system32\w32time.dll" 启用 9d036bd39c513f945ed5d5ef8437c53d WebClient [Microsoft Corporation] "C:\WINDOWS\System32\webclnt.dll" 启用 e806963a35cac59a355191957d0156fd winmgmt [Microsoft Corporation] "C:\WINDOWS\system32\wbem\WMIsvc.dll" 启用 ec735ce05be04b9e685479f59c7c4159 WmdmPmSN [Microsoft Corporation] "C:\WINDOWS\system32\MsPMSNSv.dll" 禁用 c51b4a5c05a5475708e3c81c7765b71d Wmi [Microsoft Corporation] "C:\WINDOWS\System32\advapi32.dll" 禁用 95060ab8498f98b7992076184d079c91 WmiApSrv [Microsoft Corporation] "C:\WINDOWS\system32\wbem\wmiapsrv.exe" 禁用 5c23ddc43ba370a788eeb8c9aeb8b2db wscsvc [Microsoft Corporation] "C:\WINDOWS\system32\wscsvc.dll" 启用 89a37acd0ef00571a28c4e63d54b402f wuauserv [Microsoft Corporation] "C:\WINDOWS\system32\wuauserv.dll" 启用 c52bece821cf75fdd93753e47a8741fb WudfSvc [Microsoft Corporation] "C:\WINDOWS\System32\WUDFSvc.dll" 禁用 05231c04253c5bc30b26cbaae680ed89 WZCSVC [Microsoft Corporation] "C:\WINDOWS\System32\wzcsvc.dll" 启用 5b5cfccae9c690432707014627ff3b36 xmlprov [Microsoft Corporation] "C:\WINDOWS\System32\xmlprov.dll" 禁用 e581208b0b84caaeebe56a51b1bf9d6d ====================协议相关==================== application/octet-stream [Microsoft Corporation] {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "C:\WINDOWS\system32\mscoree.dll" 启用 d380581b3991783318f8a1b0cf428aaa application/x-complus [Microsoft Corporation] {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "C:\WINDOWS\system32\mscoree.dll" 启用 d380581b3991783318f8a1b0cf428aaa application/x-msdownload [Microsoft Corporation] {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "C:\WINDOWS\system32\mscoree.dll" 启用 d380581b3991783318f8a1b0cf428aaa cdl [Microsoft Corporation] {3dd53d40-7b8b-11D0-b013-00aa0059ce02} "C:\WINDOWS\system32\urlmon.dll" 启用 1be6ef981293875af0564aeba7ab2be4 Class Install Handler [Microsoft Corporation] {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} "C:\WINDOWS\system32\urlmon.dll" 启用 1be6ef981293875af0564aeba7ab2be4 deflate [Microsoft Corporation] {8f6b0360-b80d-11d0-a9b3-006097942311} "C:\WINDOWS\system32\urlmon.dll" 启用 1be6ef981293875af0564aeba7ab2be4 dvd [Microsoft Corporation] {12D51199-0DB5-46FE-A120-47A3D7D937CC} "C:\WINDOWS\system32\msvidctl.dll" 启用 0360dda8a8c7cd49667c8291993754d7 file [Microsoft Corporation] {79eac9e7-baf9-11ce-8c82-00aa004ba90b} "C:\WINDOWS\system32\urlmon.dll" 启用 1be6ef981293875af0564aeba7ab2be4 ftp [Microsoft Corporation] {79eac9e3-baf9-11ce-8c82-00aa004ba90b} "C:\WINDOWS\system32\urlmon.dll" 启用 1be6ef981293875af0564aeba7ab2be4 gopher [Microsoft Corporation] {79eac9e4-baf9-11ce-8c82-00aa004ba90b} "C:\WINDOWS\system32\urlmon.dll" 启用 1be6ef981293875af0564aeba7ab2be4 gzip [Microsoft Corporation] {8f6b0360-b80d-11d0-a9b3-006097942311} "C:\WINDOWS\system32\urlmon.dll" 启用 1be6ef981293875af0564aeba7ab2be4 http [Microsoft Corporation] {79eac9e2-baf9-11ce-8c82-00aa004ba90b} "C:\WINDOWS\system32\urlmon.dll" 启用 1be6ef981293875af0564aeba7ab2be4 https [Microsoft Corporation] {79eac9e5-baf9-11ce-8c82-00aa004ba90b} "C:\WINDOWS\system32\urlmon.dll" 启用 1be6ef981293875af0564aeba7ab2be4 its [Microsoft Corporation] {9D148291-B9C8-11D0-A4CC-0000F80149F6} "C:\WINDOWS\system32\itss.dll" 启用 2a4f93fede8db5b6a8cc828d38ff34e4 javascript [Microsoft Corporation] {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} "C:\WINDOWS\system32\mshtml.dll" 启用 3daf5d72df37bce88fad42beef607bff KuGoo [] {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} "" 启用 KuGoo3 [] {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} "" 启用 local [Microsoft Corporation] {79eac9e7-baf9-11ce-8c82-00aa004ba90b} "C:\WINDOWS\system32\urlmon.dll" 启用 1be6ef981293875af0564aeba7ab2be4 lzdhtml [Microsoft Corporation] {8f6b0360-b80d-11d0-a9b3-006097942311} "C:\WINDOWS\system32\urlmon.dll" 启用 1be6ef981293875af0564aeba7ab2be4 mailto [Microsoft Corporation] {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} "C:\WINDOWS\system32\mshtml.dll" 启用 3daf5d72df37bce88fad42beef607bff mhtml [Microsoft Corporation] {05300401-BCBC-11d0-85E3-00C04FD85AB4} "C:\WINDOWS\system32\inetcomm.dll" 启用 4f9fb695a2315d329484420e3646097a mk [Microsoft Corporation] {79eac9e6-baf9-11ce-8c82-00aa004ba90b} "C:\WINDOWS\system32\urlmon.dll" 启用 1be6ef981293875af0564aeba7ab2be4 ms-its [Microsoft Corporation] {9D148291-B9C8-11D0-A4CC-0000F80149F6} "C:\WINDOWS\system32\itss.dll" 启用 2a4f93fede8db5b6a8cc828d38ff34e4 res [Microsoft Corporation] {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} "C:\WINDOWS\system32\mshtml.dll" 启用 3daf5d72df37bce88fad42beef607bff sysimage [Microsoft Corporation] {76E67A63-06E9-11D2-A840-006008059382} "C:\WINDOWS\system32\mshtml.dll" 启用 3daf5d72df37bce88fad42beef607bff text/webviewhtml [Microsoft Corporation] {733AC4CB-F1A4-11d0-B951-00A0C90312E1} "C:\WINDOWS\system32\shell32.dll" 启用 2b036c570ee17278302192068467e521 tv [Microsoft Corporation] {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} "C:\WINDOWS\system32\msvidctl.dll" 启用 0360dda8a8c7cd49667c8291993754d7 vbscript [Microsoft Corporation] {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} "C:\WINDOWS\system32\mshtml.dll" 启用 3daf5d72df37bce88fad42beef607bff wia [Microsoft Corporation] {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} "C:\WINDOWS\system32\wiascr.dll" 启用 1433875db8b5b95167fcd52a400541d0 ====================已知DLL==================== advapi32 [Microsoft Corporation] "C:\WINDOWS\system32\advapi32.dll" 启用 95060ab8498f98b7992076184d079c91 comdlg32 [Microsoft Corporation] "C:\WINDOWS\system32\comdlg32.dll" 启用 4e56e03ec9a3554931011f267748fe0c gdi32 [Microsoft Corporation] "C:\WINDOWS\system32\gdi32.dll" 启用 19e5a44900c4ff9bcbe61aca7939388f imagehlp [Microsoft Corporation] "C:\WINDOWS\system32\imagehlp.dll" 启用 d046cca42ff8f83767901da002df65a0 kernel32 [Microsoft Corporation] "C:\WINDOWS\system32\kernel32.dll" 启用 193057c728921cab20e28be84947611d lz32 [Microsoft Corporation] "C:\WINDOWS\system32\lz32.dll" 启用 c3200506fb212a0f4fb736a80e646c40 ole32 [Microsoft Corporation] "C:\WINDOWS\system32\ole32.dll" 启用 d450649b295986529d4d0d59dbef6807 oleaut32 [Microsoft Corporation] "C:\WINDOWS\system32\oleaut32.dll" 启用 aaf9270361b3a48bab55b81fd72d7e20 olecli32 [Microsoft Corporation] "C:\WINDOWS\system32\olecli32.dll" 启用 a80ed69f17c32229c6d2ce5beda346f9 olecnv32 [Microsoft Corporation] "C:\WINDOWS\system32\olecnv32.dll" 启用 3914ade482e1ef43f572e1271816c34b olesvr32 [Microsoft Corporation] "C:\WINDOWS\system32\olesvr32.dll" 启用 2c78271a8203df02fe98f42307043248 olethk32 [Microsoft Corporation] "C:\WINDOWS\system32\olethk32.dll" 启用 369c4ac059b301f57e8c27a188f24ebc rpcrt4 [Microsoft Corporation] "C:\WINDOWS\system32\rpcrt4.dll" 启用 0a043f93ee8b3b615c19cd5d08c135b7 shell32 [Microsoft Corporation] "C:\WINDOWS\system32\shell32.dll" 启用 2b036c570ee17278302192068467e521 url [Microsoft Corporation] "C:\WINDOWS\system32\url.dll" 启用 ea7dc858b9950b122cdd897ca8a9280f urlmon [Microsoft Corporation] "C:\WINDOWS\system32\urlmon.dll" 启用 1be6ef981293875af0564aeba7ab2be4 user32 [Microsoft Corporation] "C:\WINDOWS\system32\user32.dll" 启用 fed05be1387e1c7b8120bf2df820762d version [Microsoft Corporation] "C:\WINDOWS\system32\version.dll" 启用 ea0d25d5273ed0d31ae2f23f7ea086c7 wininet [Microsoft Corporation] "C:\WINDOWS\system32\wininet.dll" 启用 e8375ed9a3008d21abbf467c26efee52 wldap32 [Microsoft Corporation] "C:\WINDOWS\system32\wldap32.dll" 启用 b20e11e61b265bbcdc59ca9b39ff36eb ====================打印监控==================== BJ Language Monitor [Microsoft Corporation] "C:\WINDOWS\system32\cnbjmon.dll" 启用 f766aa29b2173121a72a78d82de9fd50 Local Port [Microsoft Corporation] "C:\WINDOWS\system32\localspl.dll" 启用 20d8313f835ffb3400156375afa81782 PJL Language Monitor [Microsoft Corporation] "C:\WINDOWS\system32\pjlmon.dll" 启用 5e7a54a936fef300ec16797e6c134832 SmarThru PC Fax Port [] "C:\WINDOWS\system32\samfaxport.dll" 启用 f5c5f0af4c363f80f59f3ecd77c554e5 Standard TCP/IP Port [Microsoft Corporation] "C:\WINDOWS\system32\tcpmon.dll" 启用 81c5130093ea80d371cbaedacc225c73 SUGW2 Langmon [Samsung Electronics.] "C:\WINDOWS\system32\SUGW2LMK.DLL" 启用 2d0f4b5c0b3a74e531ab78008aaecea3 USB Monitor [Microsoft Corporation] "C:\WINDOWS\system32\usbmon.dll" 启用 ac302623d451981b14b885b84ab1f9b5 ====================随系统加载的其它模块==================== AppInit_DLLs [] () "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows" CDBurn [Microsoft Corporation] (%SystemRoot%\system32\SHELL32.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad" 2b036c570ee17278302192068467e521 crypt32chain [Microsoft Corporation] (crypt32.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain" ee83196b070266c67e9c6bba82987b4f cryptnet [Microsoft Corporation] (cryptnet.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet" 742dac6208524b5b633675bdb1a09c0c cscdll [Microsoft Corporation] (cscdll.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll" 57b10583d5b880a93a82f525b817f867 PostBootReminder [Microsoft Corporation] (%SystemRoot%\system32\SHELL32.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad" 2b036c570ee17278302192068467e521 ScCertProp [Microsoft Corporation] (wlnotify.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp" d4732d5f6fb51d07c8c115b658fa84de Schedule [Microsoft Corporation] (wlnotify.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule" d4732d5f6fb51d07c8c115b658fa84de sclgntfy [Microsoft Corporation] (sclgntfy.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy" 58001a3833a25dbd7460a69cb69c8fe2 SensLogn [Microsoft Corporation] (WlNotify.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn" d4732d5f6fb51d07c8c115b658fa84de SysTray [Microsoft Corporation] (C:\WINDOWS\system32\stobject.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad" 08488e3e73787c1e7b59f0d5c1b8c554 termsrv [Microsoft Corporation] (wlnotify.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv" d4732d5f6fb51d07c8c115b658fa84de URL 执行挂钩 [Microsoft Corporation] (shell32.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" 2b036c570ee17278302192068467e521 WebCheck [Microsoft Corporation] (%SystemRoot%\system32\webcheck.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad" fefe188339f412ffaaf800b5ba7dbc84 wlballoon [Microsoft Corporation] (wlnotify.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon" d4732d5f6fb51d07c8c115b658fa84de WPDShServiceObj [Microsoft Corporation] (C:\WINDOWS\system32\WPDShServiceObj.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad" 045e228f71c31901084b64be59093499 ====================调试相关项==================== Debugger [Microsoft Corporation] (drwtsn32 -p %ld -e %ld -g) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AeDebug" e1f9f51cb449d2c9cc76682f0998439e ====================驱动程序==================== ac97intc [Intel Corporation] 启用 "system32\drivers\ac97intc.sys" 0f2d66d5f08ebe2f77bb904288dcf6f0 ACPI [Microsoft Corporation] 启用 "system32\DRIVERS\ACPI.sys" 5ecd0c75cf5ebd2c2847ec93b2021322 aec [Microsoft Corporation] 启用 "system32\drivers\aec.sys" 1ee7b434ba961ef845de136224c30fec AFD [Microsoft Corporation] 启用 "\SystemRoot\System32\drivers\afd.sys" 885b2f107a071eebfc87d4cb16e2a6c3 agp440 [Microsoft Corporation] 启用 "system32\DRIVERS\agp440.sys" 2c428fa0c3e3a01ed93c9b2a27d8d4bb AsyncMac [Microsoft Corporation] 启用 "system32\DRIVERS\asyncmac.sys" 02000abf34af4c218c35d257024807d6 atapi [Microsoft Corporation] 启用 "system32\DRIVERS\atapi.sys" cdfe4411a69c224bd1d11b2da92dac51 ati2mtag [ATI Technologies Inc.] 启用 "system32\DRIVERS\ati2mtag.sys" 23061dc2498d7bc80dcf174c84b7520e Atmarpc [Microsoft Corporation] 启用 "system32\DRIVERS\atmarpc.sys" ec88da854ab7d7752ec8be11a741bb7f audstub [Microsoft Corporation] 启用 "system32\DRIVERS\audstub.sys" d9f724aa26c010a217c97606b160ed68 Beep [Microsoft Corporation] 启用 "" da1f27d85e0d1525f6621372e7b685e9 Cdaudio [Microsoft Corporation] 启用 "" c1b486a7658353d33a10cc15211a873b Cdrom [Microsoft Corporation] 启用 "system32\DRIVERS\cdrom.sys" af9c19b3100fe010496b1a27181fbf72 Changer [] 启用 "" DgiVecp [DeviceGuys, Inc.] 启用 "System32\Drivers\DgiVecp.sys" d514b430e2989f846137828c90370c16 Disk [Microsoft Corporation] 启用 "system32\DRIVERS\disk.sys" 00ca44e4534865f8a3b64f7c0984bff0 dmio [Microsoft Corp., Veritas Software] 启用 "System32\drivers\dmio.sys" 124b0140d377cc4e44cf513dbb019c2f dmload [Microsoft Corp., Veritas Software.] 启用 "System32\drivers\dmload.sys" e9317282a63ca4d188c0df5e09c6ac5f DMusic [Microsoft Corporation] 启用 "system32\drivers\DMusic.sys" a6f881284ac1150e37d9ae47ff601267 drmkaud [Microsoft Corporation] 启用 "system32\drivers\drmkaud.sys" 1ed4dbbae9f5d558dbba4cc450e3eb2e Fdc [Microsoft Corporation] 启用 "system32\DRIVERS\fdc.sys" ced2e8396a8838e59d8fd529c680e02c Fips [Microsoft Corporation] 启用 "" fffc25ccbe40efb0609bd249721aae83 Flpydisk [Microsoft Corporation] 启用 "" 0dd1de43115b93f4d85e889d7a86f548 FsVga [Microsoft Corporation] 启用 "system32\DRIVERS\fsvga.sys" ab4983120e4e4527ae9ffe4177ecd6e7 Ftdisk [Microsoft Corporation] 启用 "system32\DRIVERS\ftdisk.sys" 38375a4d9582a08c14c928cc099b8836 gameenum [Microsoft Corporation] 启用 "system32\DRIVERS\gameenum.sys" 5f92fd09e5610a5995da7d775eadcd12 Gpc [Microsoft Corporation] 启用 "system32\DRIVERS\msgpc.sys" c0f1d4a21de5a415df8170616703debf HidUsb [Microsoft Corporation] 启用 "system32\DRIVERS\hidusb.sys" 1de6783b918f540149aa69943bdfeba8 HTTP [Microsoft Corporation] 启用 "System32\Drivers\HTTP.sys" cb77bb47e67e84deb17ba29632501730 i2omgmt [] 启用 "" i8042prt [Microsoft Corporation] 启用 "system32\DRIVERS\i8042prt.sys" 2a802d189fce734903c46cd5d8f5e3ec Imapi [Microsoft Corporation] 启用 "system32\DRIVERS\imapi.sys" f8aa320c6a0409c0380e5d8a99d76ec6 IntelIde [Microsoft Corporation] 启用 "system32\DRIVERS\intelide.sys" 064d4c00e64fd690965cc4d612ce03d6 Ip6Fw [Microsoft Corporation] 启用 "system32\DRIVERS\Ip6Fw.sys" 4448006b6bc60e6c027932cfc38d6855 IpFilterDriver [Microsoft Corporation] 启用 "system32\DRIVERS\ipfltdrv.sys" 731f22ba402ee4b62748adaf6363c182 IpInIp [Microsoft Corporation] 启用 "system32\DRIVERS\ipinip.sys" e1ec7f5da720b640cd8fb8424f1b14bb IpNat [Microsoft Corporation] 启用 "system32\DRIVERS\ipnat.sys" e2168cbc7098ffe963c6f23f472a3593 IPSec [Microsoft Corporation] 启用 "system32\DRIVERS\ipsec.sys" 64537aa5c003a6afeee1df819062d0d1 IRENUM [Microsoft Corporation] 启用 "system32\DRIVERS\irenum.sys" 50708daa1b1cbb7d6ac1cf8f56a24410 isapnp [Microsoft Corporation] 启用 "system32\DRIVERS\isapnp.sys" d81587ada44fed322419fc833e734441 Kbdclass [Microsoft Corporation] 启用 "system32\DRIVERS\kbdclass.sys" f7699fb067024b82e9ca8ffb86936923 kmixer [Microsoft Corporation] 启用 "system32\drivers\kmixer.sys" ba5deda4d934e6288c2f66caf58d2562 KSecDD [Microsoft Corporation] 启用 "" eb7ffe87fd367ea8fca0506f74a87fbb lbrtfdc [] 启用 "" MACPIET [Microsoft Corporation] 启用 "System32\drivers\sqshzjlh.sys" 19a811ef5f1ed5c926a028ce107ff1af mnmdd [Microsoft Corporation] 启用 "" 4ae068242760a1fb6e1a44bf4e16afa6 Modem [Microsoft Corporation] 启用 "" f351113fd77b61b81bf7accada735789 Mouclass [Microsoft Corporation] 启用 "system32\DRIVERS\mouclass.sys" f171bdcedaee9797a5bf47613f5456ac MountMgr [Microsoft Corporation] 启用 "" 65653f3b4477f3c63e68a9659f85ee2e MSKSSRV [Microsoft Corporation] 启用 "system32\drivers\MSKSSRV.sys" ae431a8dd3c1d0d0610cdbac16057ad0 MSPCLOCK [Microsoft Corporation] 启用 "system32\drivers\MSPCLOCK.sys" 13e75fef9dfeb08eeded9d0246e1f448 MSPQM [Microsoft Corporation] 启用 "system32\drivers\MSPQM.sys" 1988a33ff19242576c3d0ef9ce785da7 mssmbios [Microsoft Corporation] 启用 "system32\DRIVERS\mssmbios.sys" 469541f8bfd2b32659d5d463a6714bce NDIS [Microsoft Corporation] 启用 "" 558635d3af1c7546d26067d5d9b6959e NdisTapi [Microsoft Corporation] 启用 "system32\DRIVERS\ndistapi.sys" 08d43bbdacdf23f34d79e44ed35c1b4c Ndisuio [Microsoft Corporation] 启用 "system32\DRIVERS\ndisuio.sys" 34d6cd56409da9a7ed573e1c90a308bf NdisWan [Microsoft Corporation] 启用 "system32\DRIVERS\ndiswan.sys" 0b90e255a9490166ab368cd55a529893 NDProxy [Microsoft Corporation] 启用 "" 59fc3fb44d2669bc144fd87826bb571f NetBT [Microsoft Corporation] 启用 "system32\DRIVERS\netbt.sys" 0c80e410cd2f47134407ee7dd19cc86b Null [Microsoft Corporation] 启用 "" 73c1e1f395918bc2c6dd67af7591a3ad NwlnkFlt [Microsoft Corporation] 启用 "system32\DRIVERS\nwlnkflt.sys" b305f3fad35083837ef46a0bbce2fc57 NwlnkFwd [Microsoft Corporation] 启用 "system32\DRIVERS\nwlnkfwd.sys" c99b3415198d1aab7227f2c88fd664b9 NwlnkIpx [Microsoft Corporation] 启用 "system32\DRIVERS\nwlnkipx.sys" 79ea3fcda7067977625b3363a2657c80 NwlnkNb [Microsoft Corporation] 启用 "system32\DRIVERS\nwlnknb.sys" 56d34a67c05e94e16377c60609741ff8 NwlnkSpx [Microsoft Corporation] 启用 "system32\DRIVERS\nwlnkspx.sys" c0bb7d1615e1acbdc99757f6ceaf8cf0 Parport [Microsoft Corporation] 启用 "system32\DRIVERS\parport.sys" f54a2e5de40b71317a5c2054439615a6 PartMgr [Microsoft Corporation] 启用 "" 3334430c29dc338092f79c38ef7b4cd0 ParVdm [Microsoft Corporation] 启用 "" 4f3fc4954972da46284641091deee02e PCI [Microsoft Corporation] 启用 "system32\DRIVERS\pci.sys" 2fe168cfccae0d8961f25ee611d301d4 PDCOMP [] 启用 "" PDFRAME [] 启用 "" PDRELI [] 启用 "" PDRFRAME [] 启用 "" PptpMiniport [Microsoft Corporation] 启用 "system32\DRIVERS\raspptp.sys" 1c5cc65aac0783c344f16353e60b72ac Processor [Microsoft Corporation] 启用 "system32\DRIVERS\processr.sys" eaeacff54f6551d8f097165d1543b076 PSched [Microsoft Corporation] 启用 "system32\DRIVERS\psched.sys" 48671f327553dcf1d27f6197f622a668 Ptilink [Parallel Technologies, Inc.] 启用 "system32\DRIVERS\ptilink.sys" 80d317bd1c3dbc5d4fe7b1678c60cadd QV2KUX [Microsoft Corporation] 启用 "system32\DRIVERS\qv2kux.sys" 0087f01d35a65b32393cc8bba46ee4a6 RasAcd [Microsoft Corporation] 启用 "system32\DRIVERS\rasacd.sys" fe0d99d6f31e4fad8159f690d68ded9c Rasl2tp [Microsoft Corporation] 启用 "system32\DRIVERS\rasl2tp.sys" 98faeb4a4dcf812ba1c6fca4aa3e115c RasPppoe [Microsoft Corporation] 启用 "system32\DRIVERS\raspppoe.sys" 7306eeed8895454cbed4669be9f79faa Raspti [Microsoft Corporation] 启用 "system32\DRIVERS\raspti.sys" fdbb1d60066fcfbb7452fd8f9829b242 RDPCDD [Microsoft Corporation] 启用 "System32\DRIVERS\RDPCDD.sys" 4912d5b403614ce99c28420f75353332 rdpdr [Microsoft Corporation] 启用 "system32\DRIVERS\rdpdr.sys" a2cae2c60bc37e0751ef9dda7ceaf4ad RDPWD [Microsoft Corporation] 启用 "" b54cd38a9ebfbf2b3561426e3fe26f62 redbook [Microsoft Corporation] 启用 "system32\DRIVERS\redbook.sys" f720de7bfe7ae26846e7ebe9caf3f49a rtl8139 [Realtek Semiconductor Corporation] 启用 "system32\DRIVERS\RTL8139.SYS" d507c1400284176573224903819ffda3 sea7bus [MCCI Corporation] 启用 "system32\DRIVERS\sea7bus.sys" dcd96bdeed677253c96e588a17b7d9f8 Secdrv [Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.] 启用 "system32\DRIVERS\secdrv.sys" 90a3935d05b494a5a39d37e71f09a677 serenum [Microsoft Corporation] 启用 "system32\DRIVERS\serenum.sys" a2d868aeeff612e70e213c451a70cafb Serial [Microsoft Corporation] 启用 "system32\DRIVERS\serial.sys" de0aa3fcae95d2339628f0caf013dfe1 Sfloppy [Microsoft Corporation] 启用 "" 0d13b6df6e9e101013a7afb0ce629fe0 splitter [Microsoft Corporation] 启用 "system32\drivers\splitter.sys" 0ce218578fff5f4f7e4201539c45c78f swenum [Microsoft Corporation] 启用 "system32\DRIVERS\swenum.sys" 03c1bae4766e2450219d20b993d6e046 swmidi [Microsoft Corporation] 启用 "system32\drivers\swmidi.sys" 94abc808fc4b6d7d2bbf42b85e25bb4d sysaudio [Microsoft Corporation] 启用 "system32\drivers\sysaudio.sys" 650ad082d46bac0e64c9c0e0928492fd Tcpip [Microsoft Corporation] 启用 "system32\DRIVERS\tcpip.sys" 01d5eaaff224415a7ff513e4c882be30 TDPIPE [Microsoft Corporation] 启用 "" 38d437cf2d98965f239b0abcd66dcb0f TDTCP [Microsoft Corporation] 启用 "" ed0580af02502d00ad8c4c066b156be9 TermDD [Microsoft Corporation] 启用 "system32\DRIVERS\termdd.sys" a540a99c281d933f3d69d55e48727f47 Update [Microsoft Corporation] 启用 "system32\DRIVERS\update.sys" aff2e5045961bbc0a602bb6f95eb1345 usbccgp [Microsoft Corporation] 启用 "system32\DRIVERS\usbccgp.sys" bffd9f120cc63bcbaa3d840f3eef9f79 usbhub [Microsoft Corporation] 启用 "system32\DRIVERS\usbhub.sys" c72f40947f92cea56a8fb532edf025f1 usbprint [Microsoft Corporation] 启用 "system32\DRIVERS\usbprint.sys" a42369b7cd8886cd7c70f33da6fcbcf5 usbscan [Microsoft Corporation] 启用 "system32\DRIVERS\usbscan.sys" a6bc71402f4f7dd5b77fd7f4a8ddba85 USBSTOR [Microsoft Corporation] 启用 "system32\DRIVERS\USBSTOR.SYS" 6cd7b22193718f1d17a47a1cd6d37e75 usbuhci [Microsoft Corporation] 启用 "system32\DRIVERS\usbuhci.sys" f8fd1400092e23c8f2f31406ef06167b VgaSave [Microsoft Corporation] 启用 "\SystemRoot\System32\drivers\vga.sys" 8a60edd72b4ea5aea8202daf0e427925 VolSnap [Microsoft Corporation] 启用 "" 4594bda728648447ec10c49190bd37a7 Wanarp [Microsoft Corporation] 启用 "system32\DRIVERS\wanarp.sys" 984ef0b9788abf89974cfed4bfbaacbc WDICA [] 启用 "" wdmaud [Microsoft Corporation] 启用 "system32\drivers\wdmaud.sys" efd235ca22b57c81118c1aeb4798f1c1 WudfPf [Microsoft Corporation] 启用 "system32\DRIVERS\WudfPf.sys" f15feafffbb3644ccc80c5da584e6311 WudfRd [Microsoft Corporation] 启用 "system32\DRIVERS\wudfrd.sys" 28b524262bce6de1f7ef9f510ba3985b ====================桌面快捷方式==================== Internet Explorer.lnk "C:\Program Files\Internet Explorer\IEXPLORE.EXE " (Microsoft Corporation, 91.0 KB, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)) ecd35d17f66899882b9558f5b94c5798 QQ医生.lnk "D:\Program Files\Tencent\QQDoctor\QQDoctor.exe " (Tencent, 681.8 KB, 2, 1, 9, 202) 354042a693676bd510f90bd2a780b96c SmarThru 4.lnk "C:\Program Files\SmarThru 4\ControlPanel.exe " (, 416.0 KB, ) c4a49b52b1d317dbc3bc47ed82169042 ACDSee Pro 2.lnk "C:\Program Files\ACD Systems\ACDSee Pro\2.0\ACDSeePro2.exe " (ACD Systems, 4.0 MB, 2, 0, 888, 0) 19b2275de7e68eeca3a126630ad58254 房友演示.lnk "D:\Agency\房友中介软件演示.exe " (Macromedia, Inc., 4.0 MB, 1.0.0.6) 0919ccca33b96df4ae471ea81db04e0a 房友中介.lnk "D:\Agency\Agency.exe " (房友软件, 1.6 MB, 10.05) cbe515a919ece75a2daff94024e9b5ac