本报告由QQ医生提供 http://doctor.qq.com 诊断时间: 2009-06-10 13:39:26 操作系统: Windows XP Service Pack 3 QQ医生版本: QQDoctor.exe 2, 1, 12, 203 DrUpdate.exe 2, 1, 9, 203 TSELoder.DAT 2008, 1, 28, 13 TSEngine.DAT 2008, 4, 7, 25 TSEPB.DAT 2009, 3, 5, 35 TSFSEngine.DAT 2009, 3, 11, 7 TSFileFilter.DAT 2007, 12, 5, 01 TSKsp.sys 2009, 3, 31, 17 TSKSPLIB.dat 2009, 3, 16, 10 TSVulMon.DAT 2009, 5, 26, 21 TSVulChk.dat 2009, 5, 13, 22 QQ文件版本: QQ2008 正式版 (8.0.981.400) ====================进程项==================== C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp., 2.7 MB, 1.1.0.37) c99d1eb52de019556f72671cb23d8513 C:\WINDOWS\System32\alg.exe (Microsoft Corporation, 43.5 KB, 5.1.2600.5512 (xpsp.080413-0852)) f031c127d798e1549861317064066287 \??\C:\WINDOWS\system32\csrss.exe (Microsoft Corporation, 6.0 KB, 5.1.2600.5512 (xpsp.080413-2111)) fea5c15e63790770b1e8216a7d64d90d C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation, 15.0 KB, 5.1.2600.5512 (xpsp.080413-2105)) 9339a79fa7d415dc39cf021880af7992 C:\WINDOWS\Explorer.EXE (Microsoft Corporation, 955.5 KB, 6.00.2900.5512 (xpsp.080413-2105)) 9eb867933136ad37eaf7f2ecb97e3a4d C:\WINDOWS\Explorer.EXE [Microsoft Corporation] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation] C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation] C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation] C:\WINDOWS\system32\BROWSEUI.dll [Microsoft Corporation] C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation] C:\WINDOWS\system32\SHLWAPI.dll [Microsoft Corporation] C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation] C:\WINDOWS\system32\SHDOCVW.dll [Microsoft Corporation] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation] C:\WINDOWS\system32\CRYPTUI.dll [Microsoft Corporation] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation] C:\WINDOWS\system32\WININET.dll [Microsoft Corporation] C:\WINDOWS\system32\WINTRUST.dll [Microsoft Corporation] C:\WINDOWS\system32\IMAGEHLP.dll [Microsoft Corporation] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation] C:\WINDOWS\system32\SHELL32.dll [Microsoft Corporation] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation] C:\WINDOWS\system32\ShimEng.dll [Microsoft Corporation] C:\WINDOWS\AppPatch\AcGenral.DLL [Microsoft Corporation] C:\WINDOWS\system32\WINMM.dll [Microsoft Corporation] C:\WINDOWS\system32\MSACM32.dll [Microsoft Corporation] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll [Microsoft Corporation] C:\WINDOWS\system32\comctl32.dll [Microsoft Corporation] C:\WINDOWS\system32\urlmon.dll [Microsoft Corporation] C:\WINDOWS\system32\msctfime.ime [Microsoft Corporation] C:\WINDOWS\system32\appHelp.dll [Microsoft Corporation] C:\WINDOWS\system32\CLBCATQ.DLL [Microsoft Corporation] C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation] C:\WINDOWS\System32\cscui.dll [Microsoft Corporation] C:\WINDOWS\System32\CSCDLL.dll [Microsoft Corporation] C:\WINDOWS\system32\themeui.dll [Microsoft Corporation] C:\WINDOWS\system32\MSIMG32.dll [Microsoft Corporation] C:\WINDOWS\system32\xpsp2res.dll [Microsoft Corporation] C:\WINDOWS\system32\Actxprxy.dll [Microsoft Corporation] C:\WINDOWS\system32\msutb.dll [Microsoft Corporation] C:\WINDOWS\system32\MSCTF.dll [Microsoft Corporation] C:\WINDOWS\system32\LINKINFO.dll [Microsoft Corporation] C:\WINDOWS\system32\ntshrui.dll [Microsoft Corporation] C:\WINDOWS\system32\ATL.DLL [Microsoft Corporation] C:\WINDOWS\system32\WINSTA.dll [Microsoft Corporation] C:\WINDOWS\system32\msi.dll [Microsoft Corporation] C:\WINDOWS\system32\nvshell.dll [NVIDIA Corporation] C:\WINDOWS\system32\NTMARTA.DLL [Microsoft Corporation] C:\WINDOWS\system32\SAMLIB.dll [Microsoft Corporation] C:\WINDOWS\system32\PSAPI.DLL [Microsoft Corporation] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation] C:\WINDOWS\system32\quartz.dll [Microsoft Corporation] C:\WINDOWS\system32\NETSHELL.dll [Microsoft Corporation] C:\WINDOWS\system32\credui.dll [Microsoft Corporation] C:\WINDOWS\system32\dot3api.dll [Microsoft Corporation] C:\WINDOWS\system32\rtutils.dll [Microsoft Corporation] C:\WINDOWS\system32\dot3dlg.dll [Microsoft Corporation] C:\WINDOWS\system32\OneX.DLL [Microsoft Corporation] C:\WINDOWS\system32\WTSAPI32.dll [Microsoft Corporation] C:\WINDOWS\system32\eappcfg.dll [Microsoft Corporation] C:\WINDOWS\system32\MSVCP60.dll [Microsoft Corporation] C:\WINDOWS\system32\eappprxy.dll [Microsoft Corporation] C:\WINDOWS\system32\iphlpapi.dll [Microsoft Corporation] C:\WINDOWS\system32\RASDLG.dll [Microsoft Corporation] C:\WINDOWS\system32\MPRAPI.dll [Microsoft Corporation] C:\WINDOWS\system32\ACTIVEDS.dll [Microsoft Corporation] C:\WINDOWS\system32\adsldpc.dll [Microsoft Corporation] C:\WINDOWS\system32\SETUPAPI.dll [Microsoft Corporation] C:\WINDOWS\system32\RASAPI32.dll [Microsoft Corporation] C:\WINDOWS\system32\rasman.dll [Microsoft Corporation] C:\WINDOWS\system32\TAPI32.dll [Microsoft Corporation] C:\WINDOWS\system32\msv1_0.dll [Microsoft Corporation] C:\WINDOWS\system32\rsaenh.dll [Microsoft Corporation] C:\WINDOWS\system32\SXS.DLL [Microsoft Corporation] C:\WINDOWS\system32\MPR.dll [Microsoft Corporation] C:\WINDOWS\System32\drprov.dll [Microsoft Corporation] C:\WINDOWS\System32\ntlanman.dll [Microsoft Corporation] C:\WINDOWS\System32\NETUI0.dll [Microsoft Corporation] C:\WINDOWS\System32\NETUI1.dll [Microsoft Corporation] C:\WINDOWS\System32\NETRAP.dll [Microsoft Corporation] C:\WINDOWS\System32\davclnt.dll [Microsoft Corporation] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation] C:\WINDOWS\system32\wdmaud.drv [Microsoft Corporation] C:\WINDOWS\system32\msacm32.drv [Microsoft Corporation] C:\WINDOWS\system32\midimap.dll [Microsoft Corporation] C:\Program Files\WinRAR\rarext.dll [] C:\WINDOWS\system32\dsquery.dll [Microsoft Corporation] C:\WINDOWS\system32\dsuiext.dll [Microsoft Corporation] C:\WINDOWS\system32\NTDSAPI.dll [Microsoft Corporation] C:\WINDOWS\system32\DNSAPI.dll [Microsoft Corporation] C:\WINDOWS\system32\WINSPOOL.DRV [Microsoft Corporation] C:\foundersc\consummate\fzwmb.exe (上海核新软件技术有限公司(Hexin), 2.8 MB, 2007, 10, 30, 84) 465001ade443231115cd3a580aa0d7cc C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation, 91.0 KB, 6.00.2900.5512 (xpsp.080413-2105)) b2da1eaa638884c9bf1934662081380f C:\WINDOWS\system32\lsass.exe (Microsoft Corporation, 13.0 KB, 5.1.2600.5512 (xpsp.080413-2113)) bc16a35900d8abdbce0d87e9fcf21f65 C:\WINDOWS\system32\mspaint.exe (Microsoft Corporation, 324.5 KB, 5.1.2600.5512 (xpsp.080413-2105)) 3a2d58bbfec98a36d17545a44df32a7f C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation, 156.1 KB, 6.14.11.7519) 0c41c4acfe00d826db479c40c1d9edc8 C:\WINDOWS\system32\RUNDLL32.EXE (Microsoft Corporation, 32.0 KB, 5.1.2600.5512 (xpsp.080413-2105)) a5dd94434c702493d4577e966134b303 C:\WINDOWS\system32\services.exe (Microsoft Corporation, 108.0 KB, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)) 803423c13395019f2dd004ff5a3c0290 \SystemRoot\System32\smss.exe (Microsoft Corporation, 49.5 KB, 5.1.2600.5512 (xpsp.080413-2111)) 6129c73d0a6402008f7695ddc7b683e2 C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp., 76.0 KB, 1, 0, 0, 31) 801cafb80b0454d302f63e9d1a601819 C:\WINDOWS\system32\spoolsv.exe (Microsoft Corporation, 56.5 KB, 5.1.2600.5512 (xpsp.080413-0852)) 6475496dea6eae2046e15cf422c205fa C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, 14.0 KB, 5.1.2600.5512 (xpsp.080413-2111)) e31fb4f13f5949b868c117714bb44375 C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, 14.0 KB, 5.1.2600.5512 (xpsp.080413-2111)) e31fb4f13f5949b868c117714bb44375 C:\WINDOWS\System32\svchost.exe (Microsoft Corporation, 14.0 KB, 5.1.2600.5512 (xpsp.080413-2111)) e31fb4f13f5949b868c117714bb44375 C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, 14.0 KB, 5.1.2600.5512 (xpsp.080413-2111)) e31fb4f13f5949b868c117714bb44375 C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, 14.0 KB, 5.1.2600.5512 (xpsp.080413-2111)) e31fb4f13f5949b868c117714bb44375 C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, 14.0 KB, 5.1.2600.5512 (xpsp.080413-2111)) e31fb4f13f5949b868c117714bb44375 C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, 14.0 KB, 5.1.2600.5512 (xpsp.080413-2111)) e31fb4f13f5949b868c117714bb44375 C:\new_jyzq\TdxW.exe ((通达信)深圳市财富趋势科技有限责任公司, 3.6 MB, 1, 0, 0, 1) 44521da36a08578e1dbe0e026cc1e2da C:\WINDOWS\system32\wdfmgr.exe (Microsoft Corporation, 38.0 KB, 5.2.3790.1230 built by: dnsrv(bld4act)) ab0a7ca90d9e3d6a193905dc1715ded0 \??\C:\WINDOWS\system32\winlogon.exe (Microsoft Corporation, 481.5 KB, 5.1.2600.5512 (xpsp.080413-2113)) c10d631b1d60635545a05c5b3556c68d C:\foundersc\consummate\xiadan.exe (杭州核新软件技术有限公司, 3.2 MB, 2008, 6, 13, 0) a43c3be6b15ac219e3bc5bec66ca8080 C:\foundersc\consummate\zdsj.exe (上海核新软件技术有限公司, 280.0 KB, 2007, 3, 16, 0) c62756802d1a7c35f13ac1db30cbc77c C:\foundersc\consummate\zxt.exe (上海核新软件技术有限公司, 1.1 MB, 2006, 10, 9, 1) 1b4f4ecf453d2f64c61a376793220d7f ====================启动项==================== Alcmtr [Realtek Semiconductor Corp.] (ALCMTR.EXE) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" ea31039e691c6f8f5469649526eea5fb AlcWzrd [RealTek Semicoductor Corp.] (ALCWZRD.EXE) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" c99d1eb52de019556f72671cb23d8513 AlternateShell [Microsoft Corporation] (cmd.exe) "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot" 83ba7e22bf529858a345f483d7e94c16 BootExecute [Microsoft Corporation] (autochk *) "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" 0d96293ea4bf2838ddaadc9bc52d9ef9 ctfmon.exe [Microsoft Corporation] (C:\WINDOWS\system32\ctfmon.exe) "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" 9339a79fa7d415dc39cf021880af7992 IMJPMIG8.1 [Microsoft Corporation] ("C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" 7bbe4cf421aecc7f0226edd75f12079f NvCplDaemon [NVIDIA Corporation] (RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" 4d8e9c2fb7e234a7fdfa6ec54794217f NvMediaCenter [NVIDIA Corporation] (RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" 3bc7b677094a2ef0bddc3a9375e1f8a2 nwiz [NVIDIA Corporation] (nwiz.exe /install) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" 3860b249bf5af7b28d11f2731fcf6088 PHIME2002A [Microsoft Corporation] (C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" 024dc0f68df5fd6ae9dd82dfbaf479d6 PHIME2002ASync [Microsoft Corporation] (C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" 024dc0f68df5fd6ae9dd82dfbaf479d6 Shell [Microsoft Corporation] (Explorer.exe) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" 9eb867933136ad37eaf7f2ecb97e3a4d SoundMan [Realtek Semiconductor Corp.] (SOUNDMAN.EXE) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" 801cafb80b0454d302f63e9d1a601819 StormCodec_Helper [] ("C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" f29efbeb45e4b95ae94cc08f44b7ae47 UIHost [Microsoft Corporation] (logonui.exe) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" 585c5b365163cc8c4767987beea4866b Userinit [Microsoft Corporation] (C:\WINDOWS\system32\userinit.exe) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" 431fed77e71b1831cd485890159d467c ====================IE右键菜单==================== 使用光影编辑和美化 [C:\Program Files\nEO iMAGING\NeoOpenNeo.htm] 使用迅雷下载 [C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm] 使用迅雷下载全部链接 [C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm] 添加到QQ表情 [C:\Program Files\Tencent\QQ\AddEmotion.htm] ====================系统服务==================== Alerter [Microsoft Corporation] "C:\WINDOWS\system32\alrsvc.dll" 启用 8f48dd0ecf585a5745df22d962d2fd47 ALG [Microsoft Corporation] "C:\WINDOWS\System32\alg.exe" 启用 f031c127d798e1549861317064066287 AppMgmt [Microsoft Corporation] "C:\WINDOWS\System32\appmgmts.dll" 禁用 28b700b7fdc38f343197798e0403c584 AudioSrv [Microsoft Corporation] "C:\WINDOWS\System32\audiosrv.dll" 启用 0c03a81067bfe60ab076fb866eeb7d44 BITS [Microsoft Corporation] "C:\WINDOWS\system32\qmgr.dll" 禁用 77136d334eebb32f38fddd74e6d20380 Browser [Microsoft Corporation] "C:\WINDOWS\System32\browser.dll" 启用 b5030062dc5d227b063b65fef328e36f CiSvc [Microsoft Corporation] "C:\WINDOWS\system32\cisvc.exe" 禁用 7fb470ae06a28a8cb035593d820d9497 ClipSrv [Microsoft Corporation] "C:\WINDOWS\system32\clipsrv.exe" 禁用 1c8773b346a2e789f1729fc1c5ff4e6f COMSysApp [Microsoft Corporation] "C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}" 禁用 eddfaaa9db2c1f6aa9631b621352ca83 CryptSvc [Microsoft Corporation] "C:\WINDOWS\System32\cryptsvc.dll" 启用 30f1c6eddba5d5b1da054b07d31843db DcomLaunch [Microsoft Corporation] "C:\WINDOWS\system32\rpcss.dll" 启用 e9d71100b51af947485c1a1d5bb96420 Dhcp [Microsoft Corporation] "C:\WINDOWS\System32\dhcpcsvc.dll" 启用 1a93467e7bd9eaad9049488f3b45c0e8 dmadmin [Microsoft Corp., Veritas Software] "C:\WINDOWS\System32\dmadmin.exe /com" 禁用 65b12edacdcf3c7866615955cb3ab3ef dmserver [Microsoft Corp.] "C:\WINDOWS\System32\dmserver.dll" 启用 d22b022857d2c8618a92837648156752 Dnscache [Microsoft Corporation] "C:\WINDOWS\System32\dnsrslvr.dll" 启用 025abcb78f69dd458199745194fb53e2 Dot3svc [Microsoft Corporation] "C:\WINDOWS\System32\dot3svc.dll" 禁用 2977b1a2f8273f55ccd0158e1ed6578a EapHost [Microsoft Corporation] "C:\WINDOWS\System32\eapsvc.dll" 禁用 b347c2edeacc53a98beafe41835ae1a1 ERSvc [Microsoft Corporation] "C:\WINDOWS\System32\ersvc.dll" 启用 34bf0b68949d77e60cebcdbb35cfbe77 Eventlog [Microsoft Corporation] "C:\WINDOWS\system32\services.exe" 启用 803423c13395019f2dd004ff5a3c0290 EventSystem [Microsoft Corporation] "C:\WINDOWS\system32\es.dll" 启用 de60a74e82358cedbe8c94151f134dc3 FastUserSwitchingCompatibility [Microsoft Corporation] "C:\WINDOWS\System32\shsvcs.dll" 启用 5daa2d4ebd23f1458bdcf1804ac99c5a helpsvc [Microsoft Corporation] "C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll" 启用 01f1dc4933a4607962a4d2341ef4f0f1 HidServ [Microsoft Corporation] "C:\WINDOWS\System32\hidserv.dll" 禁用 2d414410e6c18364019c4822087a2f6f hkmsvc [Microsoft Corporation] "C:\WINDOWS\System32\kmsvc.dll" 禁用 5c3907a0fcf9e3940ee6c6414fc47ae7 HTTPFilter [Microsoft Corporation] "C:\WINDOWS\System32\w3ssl.dll" 禁用 f73a83fea9ea0ea702f6b36203c8fa9f ImapiService [Microsoft Corporation] "C:\WINDOWS\system32\imapi.exe" 禁用 4dba71b5715badfbe82a628261c199b7 LanmanServer [Microsoft Corporation] "C:\WINDOWS\System32\srvsvc.dll" 启用 d62596b55a2b7e4df4fb4e396c7f8d96 lanmanworkstation [Microsoft Corporation] "C:\WINDOWS\System32\wkssvc.dll" 启用 7f47851da6ab84a2a11bfe55f983c134 LmHosts [Microsoft Corporation] "C:\WINDOWS\System32\lmhsvc.dll" 启用 b503b858d30afd561208aed67588a47d Messenger [Microsoft Corporation] "C:\WINDOWS\System32\msgsvc.dll" 禁用 6a0e18bc3e2b2f795b5f1b0bec181e7a mnmsrvc [Microsoft Corporation] "C:\WINDOWS\system32\mnmsrvc.exe" 禁用 f2ab0bc6bd8ef7b86cbe1e52b8c15924 MSDTC [Microsoft Corporation] "C:\WINDOWS\system32\msdtc.exe" 禁用 d9ff5f8b58d1e71933fbcf4dc6b3b492 MSIServer [Microsoft Corporation] "C:\WINDOWS\system32\msiexec.exe /V" 禁用 6c985ebcd34f92d666b365b28272195f napagent [Microsoft Corporation] "C:\WINDOWS\System32\qagentrt.dll" 禁用 ca624a432dfafd9d2765e56d4dc686c7 NetDDE [Microsoft Corporation] "C:\WINDOWS\system32\netdde.exe" 禁用 c98a4266674bf276d19069a8cc15bd87 NetDDEdsdm [Microsoft Corporation] "C:\WINDOWS\system32\netdde.exe" 禁用 c98a4266674bf276d19069a8cc15bd87 Netlogon [Microsoft Corporation] "C:\WINDOWS\system32\lsass.exe" 禁用 bc16a35900d8abdbce0d87e9fcf21f65 Netman [Microsoft Corporation] "C:\WINDOWS\System32\netman.dll" 启用 64d3d7fc996f063ff39b705dff9077ff Nla [Microsoft Corporation] "C:\WINDOWS\System32\mswsock.dll" 启用 426452ffcc8eadf2db276fcde1ef7aa3 NtLmSsp [Microsoft Corporation] "C:\WINDOWS\system32\lsass.exe" 禁用 bc16a35900d8abdbce0d87e9fcf21f65 NtmsSvc [Microsoft Corporation] "C:\WINDOWS\system32\ntmssvc.dll" 禁用 3fbf2f782879406528e71617757ec2dc NVSvc [NVIDIA Corporation] "C:\WINDOWS\system32\nvsvc32.exe" 启用 0c41c4acfe00d826db479c40c1d9edc8 PlugPlay [Microsoft Corporation] "C:\WINDOWS\system32\services.exe" 启用 803423c13395019f2dd004ff5a3c0290 PolicyAgent [Microsoft Corporation] "C:\WINDOWS\system32\lsass.exe" 启用 bc16a35900d8abdbce0d87e9fcf21f65 ProtectedStorage [Microsoft Corporation] "C:\WINDOWS\system32\lsass.exe" 启用 bc16a35900d8abdbce0d87e9fcf21f65 RasAuto [Microsoft Corporation] "C:\WINDOWS\System32\rasauto.dll" 禁用 38fdabad6c1ca2d5fa3442f0f6237a5e RasMan [Microsoft Corporation] "C:\WINDOWS\System32\rasmans.dll" 启用 fef357207fb03c32af6ae18d01441478 RDSessMgr [Microsoft Corporation] "C:\WINDOWS\system32\sessmgr.exe" 禁用 69d610f74ac246f138b4f4f33b2cb7e8 RemoteAccess [Microsoft Corporation] "C:\WINDOWS\System32\mprdim.dll" 禁用 ea0ab6dae208224f06231055875276a4 RemoteRegistry [Microsoft Corporation] "C:\WINDOWS\system32\regsvc.dll" 启用 347cf4f119823d39f4652d7b9b929559 RpcLocator [Microsoft Corporation] "C:\WINDOWS\system32\locator.exe" 禁用 34924d2ae0d0e7a956ac535c0fc04604 RpcSs [Microsoft Corporation] "C:\WINDOWS\system32\rpcss.dll" 启用 e9d71100b51af947485c1a1d5bb96420 RSVP [Microsoft Corporation] "C:\WINDOWS\system32\rsvp.exe" 禁用 53a79336f917ca1ff120043dcb74def8 SamSs [Microsoft Corporation] "C:\WINDOWS\system32\lsass.exe" 启用 bc16a35900d8abdbce0d87e9fcf21f65 SCardSvr [Microsoft Corporation] "C:\WINDOWS\System32\SCardSvr.exe" 禁用 e4523f1a50923c745021ab7fe6b4faf4 Schedule [Microsoft Corporation] "C:\WINDOWS\system32\schedsvc.dll" 启用 f5aa11c7faf36d9db4bdcfd83f3dbdeb seclogon [Microsoft Corporation] "C:\WINDOWS\System32\seclogon.dll" 启用 bbcc2167e9f6d0854ef94e06f4c57519 SENS [Microsoft Corporation] "C:\WINDOWS\system32\sens.dll" 启用 44b523a2bd388435373276b0aa9eaa87 SharedAccess [Microsoft Corporation] "C:\WINDOWS\System32\ipnathlp.dll" 启用 acfc95eb9c57f70af8da13adeeecb8a5 ShellHWDetection [Microsoft Corporation] "C:\WINDOWS\System32\shsvcs.dll" 启用 5daa2d4ebd23f1458bdcf1804ac99c5a Spooler [Microsoft Corporation] "C:\WINDOWS\system32\spoolsv.exe" 启用 6475496dea6eae2046e15cf422c205fa srservice [Microsoft Corporation] "C:\WINDOWS\system32\srsvc.dll" 启用 f90582ac2b3433776b37d811d2d3baf6 SSDPSRV [Microsoft Corporation] "C:\WINDOWS\System32\ssdpsrv.dll" 启用 c4f05393cd7c1fb5b4a095cf9585483e stisvc [Microsoft Corporation] "C:\WINDOWS\system32\wiaservc.dll" 启用 e7906e5b988835f0d5c592e84a76a1bd SwPrv [Microsoft Corporation] "C:\WINDOWS\system32\dllhost.exe /Processid:{E9C65F94-9EDA-4104-B312-B6284F9C8DB4}" 禁用 eddfaaa9db2c1f6aa9631b621352ca83 SysmonLog [Microsoft Corporation] "C:\WINDOWS\system32\smlogsvc.exe" 禁用 4a1bbcfd7733132afdd9704062ea550d TapiSrv [Microsoft Corporation] "C:\WINDOWS\System32\tapisrv.dll" 启用 cb0b9e8766ffc557c0349e598312fdd4 TermService [Microsoft Corporation] "C:\WINDOWS\System32\termsrv.dll" 启用 5313f3226526210ec9f9379591c0a63f Themes [Microsoft Corporation] "C:\WINDOWS\System32\shsvcs.dll" 启用 5daa2d4ebd23f1458bdcf1804ac99c5a TlntSvr [Microsoft Corporation] "C:\WINDOWS\system32\tlntsvr.exe" 禁用 b643cb97aebacda0fee05fb83aa9cbb0 TrkWks [Microsoft Corporation] "C:\WINDOWS\system32\trkwks.dll" 启用 fafad8f8dc9658a14d0e56c1a2bb40ad UMWdf [Microsoft Corporation] "C:\WINDOWS\system32\wdfmgr.exe" 启用 ab0a7ca90d9e3d6a193905dc1715ded0 upnphost [Microsoft Corporation] "C:\WINDOWS\System32\upnphost.dll" 禁用 604830407848314cad8a7ae05d1a729c UPS [Microsoft Corporation] "C:\WINDOWS\System32\ups.exe" 禁用 a86c7b686ef680b9e87737b30225414d VSS [Microsoft Corporation] "C:\WINDOWS\System32\vssvc.exe" 禁用 cb53a6d464008b7541b1c23224958ee1 W32Time [Microsoft Corporation] "C:\WINDOWS\system32\w32time.dll" 启用 49cec02dfe06f3f55a02842f5521863c WebClient [Microsoft Corporation] "C:\WINDOWS\System32\webclnt.dll" 启用 a0e8e25401b2574c972a25e9d550f26c winmgmt [Microsoft Corporation] "C:\WINDOWS\system32\wbem\WMIsvc.dll" 启用 0e83443a90dc888f40a25fee74bf877f WmdmPmSN [Microsoft Corporation] "C:\WINDOWS\system32\MsPMSNSv.dll" 禁用 140ef97b64f560fd78643cae2cdad838 Wmi [Microsoft Corporation] "C:\WINDOWS\System32\advapi32.dll" 禁用 5fd93fc1ad0ea77ddf1eb6dcfee773ce WmiApSrv [Microsoft Corporation] "C:\WINDOWS\system32\wbem\wmiapsrv.exe" 禁用 4dd0ffb1823f007e601b21fafd4f20dc wscsvc [Microsoft Corporation] "C:\WINDOWS\system32\wscsvc.dll" 禁用 0d722efc74b6108c3ec5bb57a33a1cea wuauserv [Microsoft Corporation] "C:\WINDOWS\system32\wuauserv.dll" 启用 02496b57ed09a83ce915b2ec1848021f WZCSVC [Microsoft Corporation] "C:\WINDOWS\System32\wzcsvc.dll" 启用 7f55b7e5acab04944a01db5edfcb70d7 xmlprov [Microsoft Corporation] "C:\WINDOWS\System32\xmlprov.dll" 禁用 9cea8d414ab50632562a4cace60a5e49 ====================协议相关==================== about [Microsoft Corporation] {3050F406-98B5-11CF-BB82-00AA00BDCE0B} "C:\WINDOWS\system32\mshtml.dll" 启用 8dd297c339137de9125b13c3c5a1e84a cdl [Microsoft Corporation] {3dd53d40-7b8b-11D0-b013-00aa0059ce02} "C:\WINDOWS\system32\urlmon.dll" 启用 1a7e378916bffd3afcea825478d45d6d Class Install Handler [Microsoft Corporation] {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} "C:\WINDOWS\system32\urlmon.dll" 启用 1a7e378916bffd3afcea825478d45d6d deflate [Microsoft Corporation] {8f6b0360-b80d-11d0-a9b3-006097942311} "C:\WINDOWS\system32\urlmon.dll" 启用 1a7e378916bffd3afcea825478d45d6d dvd [Microsoft Corporation] {12D51199-0DB5-46FE-A120-47A3D7D937CC} "C:\WINDOWS\system32\msvidctl.dll" 启用 d8c6cc1548b4f96e3200c140004ba480 file [Microsoft Corporation] {79eac9e7-baf9-11ce-8c82-00aa004ba90b} "C:\WINDOWS\system32\urlmon.dll" 启用 1a7e378916bffd3afcea825478d45d6d ftp [Microsoft Corporation] {79eac9e3-baf9-11ce-8c82-00aa004ba90b} "C:\WINDOWS\system32\urlmon.dll" 启用 1a7e378916bffd3afcea825478d45d6d gopher [Microsoft Corporation] {79eac9e4-baf9-11ce-8c82-00aa004ba90b} "C:\WINDOWS\system32\urlmon.dll" 启用 1a7e378916bffd3afcea825478d45d6d gzip [Microsoft Corporation] {8f6b0360-b80d-11d0-a9b3-006097942311} "C:\WINDOWS\system32\urlmon.dll" 启用 1a7e378916bffd3afcea825478d45d6d http [Microsoft Corporation] {79eac9e2-baf9-11ce-8c82-00aa004ba90b} "C:\WINDOWS\system32\urlmon.dll" 启用 1a7e378916bffd3afcea825478d45d6d https [Microsoft Corporation] {79eac9e5-baf9-11ce-8c82-00aa004ba90b} "C:\WINDOWS\system32\urlmon.dll" 启用 1a7e378916bffd3afcea825478d45d6d its [Microsoft Corporation] {9D148291-B9C8-11D0-A4CC-0000F80149F6} "C:\WINDOWS\system32\itss.dll" 启用 e07bf2b26f6a25c265417d6bf8931e85 javascript [Microsoft Corporation] {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} "C:\WINDOWS\system32\mshtml.dll" 启用 8dd297c339137de9125b13c3c5a1e84a KuGoo [酷狗] {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} "C:\WINDOWS\system32\KuGoo3DownXControl.ocx" 启用 60a90f165775d4ff2e0fd89dcf3b168a KuGoo3 [酷狗] {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} "C:\WINDOWS\system32\KuGoo3DownXControl.ocx" 启用 60a90f165775d4ff2e0fd89dcf3b168a local [Microsoft Corporation] {79eac9e7-baf9-11ce-8c82-00aa004ba90b} "C:\WINDOWS\system32\urlmon.dll" 启用 1a7e378916bffd3afcea825478d45d6d lzdhtml [Microsoft Corporation] {8f6b0360-b80d-11d0-a9b3-006097942311} "C:\WINDOWS\system32\urlmon.dll" 启用 1a7e378916bffd3afcea825478d45d6d mailto [Microsoft Corporation] {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} "C:\WINDOWS\system32\mshtml.dll" 启用 8dd297c339137de9125b13c3c5a1e84a mhtml [Microsoft Corporation] {05300401-BCBC-11d0-85E3-00C04FD85AB4} "C:\WINDOWS\system32\inetcomm.dll" 启用 10e0073ea9c16481dbea152112f84ef8 mk [Microsoft Corporation] {79eac9e6-baf9-11ce-8c82-00aa004ba90b} "C:\WINDOWS\system32\urlmon.dll" 启用 1a7e378916bffd3afcea825478d45d6d ms-its [Microsoft Corporation] {9D148291-B9C8-11D0-A4CC-0000F80149F6} "C:\WINDOWS\system32\itss.dll" 启用 e07bf2b26f6a25c265417d6bf8931e85 res [Microsoft Corporation] {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} "C:\WINDOWS\system32\mshtml.dll" 启用 8dd297c339137de9125b13c3c5a1e84a sysimage [Microsoft Corporation] {76E67A63-06E9-11D2-A840-006008059382} "C:\WINDOWS\system32\mshtml.dll" 启用 8dd297c339137de9125b13c3c5a1e84a text/webviewhtml [Microsoft Corporation] {733AC4CB-F1A4-11d0-B951-00A0C90312E1} "C:\WINDOWS\system32\shell32.dll" 启用 b21ef9599bc2a599f69abe662bd882c3 tv [Microsoft Corporation] {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} "C:\WINDOWS\system32\msvidctl.dll" 启用 d8c6cc1548b4f96e3200c140004ba480 vbscript [Microsoft Corporation] {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} "C:\WINDOWS\system32\mshtml.dll" 启用 8dd297c339137de9125b13c3c5a1e84a wia [Microsoft Corporation] {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} "C:\WINDOWS\system32\wiascr.dll" 启用 8c61afd95b6d1a32b3f022883ea482ba ====================已知DLL==================== advapi32 [Microsoft Corporation] "C:\WINDOWS\system32\advapi32.dll" 启用 5fd93fc1ad0ea77ddf1eb6dcfee773ce comdlg32 [Microsoft Corporation] "C:\WINDOWS\system32\comdlg32.dll" 启用 c7479e84869fd0ad3cc675bc82d359a8 gdi32 [Microsoft Corporation] "C:\WINDOWS\system32\gdi32.dll" 启用 b5fbad2fb4abd3e3d0bc128c4102bddd imagehlp [Microsoft Corporation] "C:\WINDOWS\system32\imagehlp.dll" 启用 6c5d944c7c72af44554c29e8eede7dc4 kernel32 [Microsoft Corporation] "C:\WINDOWS\system32\kernel32.dll" 启用 40976499c7e53cb02f35e0d07205f317 lz32 [Microsoft Corporation] "C:\WINDOWS\system32\lz32.dll" 启用 c3200506fb212a0f4fb736a80e646c40 ole32 [Microsoft Corporation] "C:\WINDOWS\system32\ole32.dll" 启用 f78acf4eb632e1795024fbfc6dbf7eb3 oleaut32 [Microsoft Corporation] "C:\WINDOWS\system32\oleaut32.dll" 启用 87073fc631c14d82c0b162118b3923aa olecli32 [Microsoft Corporation] "C:\WINDOWS\system32\olecli32.dll" 启用 5c71c1672990fa168b55a3b81544cada olecnv32 [Microsoft Corporation] "C:\WINDOWS\system32\olecnv32.dll" 启用 edf6be4596eb2ebb3955d9899111c62b olesvr32 [Microsoft Corporation] "C:\WINDOWS\system32\olesvr32.dll" 启用 2c78271a8203df02fe98f42307043248 olethk32 [Microsoft Corporation] "C:\WINDOWS\system32\olethk32.dll" 启用 369c4ac059b301f57e8c27a188f24ebc rpcrt4 [Microsoft Corporation] "C:\WINDOWS\system32\rpcrt4.dll" 启用 0b0ab724184b74ad1dc6327da8327ef0 shell32 [Microsoft Corporation] "C:\WINDOWS\system32\shell32.dll" 启用 b21ef9599bc2a599f69abe662bd882c3 url [Microsoft Corporation] "C:\WINDOWS\system32\url.dll" 启用 7576cda80bc3dcbfdd60e3f059afe3be urlmon [Microsoft Corporation] "C:\WINDOWS\system32\urlmon.dll" 启用 1a7e378916bffd3afcea825478d45d6d user32 [Microsoft Corporation] "C:\WINDOWS\system32\user32.dll" 启用 f697644d5f59050fbe6af896c19cca93 version [Microsoft Corporation] "C:\WINDOWS\system32\version.dll" 启用 2c5fbee16e1c05f8ff604b158437abd2 wininet [Microsoft Corporation] "C:\WINDOWS\system32\wininet.dll" 启用 3502f6a9b9a41b84e3837b573433ff66 wldap32 [Microsoft Corporation] "C:\WINDOWS\system32\wldap32.dll" 启用 9e5a35de16f9499e6323e94526f6c041 ====================打印监控==================== BJ Language Monitor [Microsoft Corporation] "C:\WINDOWS\system32\cnbjmon.dll" 启用 afb5e9e6d24f0531890c311863ac5757 Local Port [Microsoft Corporation] "C:\WINDOWS\system32\localspl.dll" 启用 c38d42e1cefbdf686f565d56d377cfdc PJL Language Monitor [Microsoft Corporation] "C:\WINDOWS\system32\pjlmon.dll" 启用 e918aa38be1b21254ad4dd816a3e3cf2 Standard TCP/IP Port [Microsoft Corporation] "C:\WINDOWS\system32\tcpmon.dll" 启用 a3f574d30c1a9cb6c14936b55fb1cedb USB Monitor [Microsoft Corporation] "C:\WINDOWS\system32\usbmon.dll" 启用 4d650a43ac674b3703f18ace33042b70 ====================随系统加载的其它模块==================== crypt32chain [Microsoft Corporation] (crypt32.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain" 37b151c5364617bfef0f3e6cd4b4f8ef cryptnet [Microsoft Corporation] (cryptnet.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet" 3a3345f46a0c1efcf7cf3c7011f75270 cscdll [Microsoft Corporation] (cscdll.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll" 5367c2839ecc3eede4c26ea4c16c5900 dimsntfy [Microsoft Corporation] (%SystemRoot%\System32\dimsntfy.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy" b568e33952b4fa3806b0da12226a9712 ScCertProp [Microsoft Corporation] (wlnotify.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp" 1761a1916119b4e34be1521a9e6876a5 Schedule [Microsoft Corporation] (wlnotify.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule" 1761a1916119b4e34be1521a9e6876a5 sclgntfy [Microsoft Corporation] (sclgntfy.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy" 85b08d62a6dde9c39c1bf5a916ab46af SensLogn [Microsoft Corporation] (WlNotify.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn" 1761a1916119b4e34be1521a9e6876a5 termsrv [Microsoft Corporation] (wlnotify.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv" 1761a1916119b4e34be1521a9e6876a5 wlballoon [Microsoft Corporation] (wlnotify.dll) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon" 1761a1916119b4e34be1521a9e6876a5 ====================调试相关项==================== Debugger [Microsoft Corporation] (drwtsn32 -p %ld -e %ld -g) "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AeDebug" e1f9f51cb449d2c9cc76682f0998439e ====================驱动程序==================== ACPI [Microsoft Corporation] 启用 "system32\DRIVERS\ACPI.sys" 60053c170357eedace8d88e9d87e993e aec [Microsoft Corporation] 启用 "system32\drivers\aec.sys" 8bed39e3c35d6a489438b8141717a557 AFD [Microsoft Corporation] 启用 "\SystemRoot\System32\drivers\afd.sys" 7618d5218f2a614672ec61a80d854a37 agpCPQ [Microsoft Corporation] 启用 "system32\DRIVERS\agpCPQ.sys" 03a7e0922acfe1b07d5db2eeb0773063 alim1541 [Microsoft Corporation] 启用 "system32\DRIVERS\alim1541.sys" cb08aed0de2dd889a8a820cd8082d83c amdagp [Advanced Micro Devices, Inc.] 启用 "system32\DRIVERS\amdagp.sys" 95b4fb835e28aa1336ceeb07fd5b9398 amdagp8p [Advanced Micro Devices, Inc.] 启用 "system32\DRIVERS\amdagp8p.sys" d5bcc5dd747fdd6ad1a5b3fa2bdbb5fa AsyncMac [Microsoft Corporation] 启用 "system32\DRIVERS\asyncmac.sys" b153affac761e7f5fcfa822b9c4e97bc atapi [Microsoft Corporation] 启用 "system32\DRIVERS\atapi.sys" 9f3a2f5aa6875c72bf062c712cfa2674 Atmarpc [Microsoft Corporation] 启用 "system32\DRIVERS\atmarpc.sys" 9916c1225104ba14794209cfa8012159 audstub [Microsoft Corporation] 启用 "system32\DRIVERS\audstub.sys" d9f724aa26c010a217c97606b160ed68 BaseTDI [Beijing Rising Technology Co., Ltd.] 启用 "System32\DRIVERS\BaseTDI.SYS" 0064810c1b03f2c889130b669a4ce937 bb-run [Promise Technology, Inc.] 启用 "system32\DRIVERS\bb-run.sys" 7270d070173b20ac9487ea16bb08b45f Beep [Microsoft Corporation] 启用 "" da1f27d85e0d1525f6621372e7b685e9 caboagp [ATI Technologies Inc.] 启用 "system32\DRIVERS\atisgkaf.sys" 3b0fed71f3ffb5a8ca6b710723dcad90 Cdaudio [Microsoft Corporation] 启用 "" c1b486a7658353d33a10cc15211a873b Cdrom [Microsoft Corporation] 启用 "system32\DRIVERS\cdrom.sys" 1f4260cc5b42272d71f79e570a27a4fe Changer [] 启用 "" CmBatt [Microsoft Corporation] 启用 "system32\DRIVERS\CmBatt.sys" 0f6c187d38d98f8df904589a5f94d411 Compbatt [Microsoft Corporation] 启用 "system32\DRIVERS\compbatt.sys" 6e4c9f21f0fae8940661144f41b13203 Disk [Microsoft Corporation] 启用 "system32\DRIVERS\disk.sys" 044452051f3e02e7963599fc8f4f3e25 dmio [Microsoft Corp., Veritas Software] 启用 "System32\drivers\dmio.sys" 5e87fcad72a24ad869aafd3c6a4dca45 dmload [Microsoft Corp., Veritas Software.] 启用 "System32\drivers\dmload.sys" e9317282a63ca4d188c0df5e09c6ac5f DMusic [Microsoft Corporation] 启用 "system32\drivers\DMusic.sys" 8a208dfcf89792a484e76c40e5f50b45 dontgo [Promise Technology, Inc.] 启用 "system32\DRIVERS\DontGo.sys" ee1cf616037552f4e75fd6592d0677b6 drmkaud [Microsoft Corporation] 启用 "system32\drivers\drmkaud.sys" 8f5fcff8e8848afac920905fbd9d33c8 eaps2kbd [Compaq Computer Corp.] 启用 "system32\DRIVERS\eaps2kbd.sys" 53ce0799c9384cac99942ff032285f21 eawdmfd [Compaq Computer Corporation] 启用 "system32\DRIVERS\eawdmfd.sys" e54e3a335b3a03ad0252e50bb92a633c es1371 [Creative Technology Ltd.] 启用 "system32\drivers\es1371mp.sys" a55dd7d8ced5d2624a9ee2dda7be0319 Fdc [Microsoft Corporation] 启用 "system32\DRIVERS\fdc.sys" 92cdd60b6730b9f50f6a1a0c1f8cdc81 Fips [Microsoft Corporation] 启用 "" 80a4f4c75683bfbfa359f6c8c51230a4 Flpydisk [Microsoft Corporation] 启用 "system32\DRIVERS\flpydisk.sys" 9d27e7b80bfcdf1cdd9b555862d5e7f0 FsVga [Microsoft Corporation] 启用 "system32\DRIVERS\fsvga.sys" ab4983120e4e4527ae9ffe4177ecd6e7 Ftdisk [Microsoft Corporation] 启用 "system32\DRIVERS\ftdisk.sys" 38375a4d9582a08c14c928cc099b8836 gagp30kx [Microsoft Corporation] 启用 "system32\DRIVERS\gagp30kx.sys" 3a74c423cf6bcca6982715878f450a3b gameenum [Microsoft Corporation] 启用 "system32\DRIVERS\gameenum.sys" 065639773d8b03f33577f6cdaea21063 Gpc [Microsoft Corporation] 启用 "system32\DRIVERS\msgpc.sys" 0a02c63c8b144bd8c86b103dee7c86a2 HDAudBus [Windows (R) Server 2003 DDK provider] 启用 "system32\DRIVERS\HDAudBus.sys" 573c7d0a32852b48f3058cfd8026f511 HidUsb [Microsoft Corporation] 启用 "system32\DRIVERS\hidusb.sys" ccf82c5ec8a7326c3066de870c06daf1 hptpro [HighPoint Technologies, Inc.] 启用 "system32\DRIVERS\hptpro.sys" 2b5e16c0e3d0eaa699750e01aea82d90 HTTP [Microsoft Corporation] 启用 "System32\Drivers\HTTP.sys" f6aacf5bce2893e0c1754afeb672e5c9 i2omgmt [Microsoft Corporation] 启用 "" 9368670bd426ebea5e8b18a62416ec28 i8042prt [Microsoft Corporation] 启用 "system32\DRIVERS\i8042prt.sys" 1694f6666dbee4d5bec6a5919eeb4d86 Imapi [Microsoft Corporation] 启用 "system32\DRIVERS\imapi.sys" 083a052659f5310dd8b6a6cb05edcf8e IntcAzAudAddService [Realtek Semiconductor Corp.] 启用 "system32\drivers\RtkHDAud.sys" 4aaa8312732655f93a254d1fa695eb79 intelppm [Microsoft Corporation] 启用 "system32\DRIVERS\intelppm.sys" 45cd166524915689bf0c24ff8507995d Ip6Fw [Microsoft Corporation] 启用 "system32\DRIVERS\Ip6Fw.sys" 3bb22519a194418d5fec05d800a19ad0 IpFilterDriver [Microsoft Corporation] 启用 "system32\DRIVERS\ipfltdrv.sys" 731f22ba402ee4b62748adaf6363c182 IpInIp [Microsoft Corporation] 启用 "system32\DRIVERS\ipinip.sys" b87ab476dcf76e72010632b5550955f5 IpNat [Microsoft Corporation] 启用 "system32\DRIVERS\ipnat.sys" cc748ea12c6effde940ee98098bf96bb IPSec [Microsoft Corporation] 启用 "system32\DRIVERS\ipsec.sys" 23c74d75e36e7158768dd63d92789a91 IRENUM [Microsoft Corporation] 启用 "system32\DRIVERS\irenum.sys" c93c9ff7b04d772627a3646d89f7bf89 isapnp [Microsoft Corporation] 启用 "system32\DRIVERS\isapnp.sys" cb353452590cc3faeeef86de334d5f49 Kbdclass [Microsoft Corporation] 启用 "system32\DRIVERS\kbdclass.sys" 5b4d15cd20869778ebf282db0fc08a29 kbdhid [Microsoft Corporation] 启用 "system32\DRIVERS\kbdhid.sys" 7ac6d7729e83ab83165003609deeed3e kmixer [Microsoft Corporation] 启用 "system32\drivers\kmixer.sys" 692bcf44383d056aed41b045a323d378 KSecDD [Microsoft Corporation] 启用 "" 1705745d900dabf2d89f90ebaddc7517 lbrtfdc [] 启用 "" mnmdd [Microsoft Corporation] 启用 "" 4ae068242760a1fb6e1a44bf4e16afa6 Modem [Microsoft Corporation] 启用 "" ba656ef98ce4049638794e390d78ef36 Mouclass [Microsoft Corporation] 启用 "system32\DRIVERS\mouclass.sys" 35ac8fd90e70f2e54cb4bfb21b4e1bf1 mouhid [Microsoft Corporation] 启用 "system32\DRIVERS\mouhid.sys" 692910b446d0b751b2462f3624c7b1a7 MountMgr [Microsoft Corporation] 启用 "" a80b9a0bad1b73637dbcbba7df72d3fd MSKSSRV [Microsoft Corporation] 启用 "system32\drivers\MSKSSRV.sys" d1575e71568f4d9e14ca56b7b0453bf1 MSPCLOCK [Microsoft Corporation] 启用 "system32\drivers\MSPCLOCK.sys" 325bb26842fc7ccc1fcce2c457317f3e MSPQM [Microsoft Corporation] 启用 "system32\drivers\MSPQM.sys" bad59648ba099da4a17680b39730cb3d mssmbios [Microsoft Corporation] 启用 "system32\DRIVERS\mssmbios.sys" af5f4f3f14a8ea2c26de30f7a1e17136 NDIS [Microsoft Corporation] 启用 "" 1df7f42665c94b825322fae71721130d NdisTapi [Microsoft Corporation] 启用 "system32\DRIVERS\ndistapi.sys" 1ab3d00c991ab086e69db84b6c0ed78f Ndisuio [Microsoft Corporation] 启用 "system32\DRIVERS\ndisuio.sys" f927a4434c5028758a842943ef1a3849 NdisWan [Microsoft Corporation] 启用 "system32\DRIVERS\ndiswan.sys" edc1531a49c80614b2cfda43ca8659ab NDProxy [Microsoft Corporation] 启用 "" 6215023940cfd3702b46abc304e1d45a NetBT [Microsoft Corporation] 启用 "system32\DRIVERS\netbt.sys" 74b2b2f5bea5e9a3dc021d685551bd3d Null [Microsoft Corporation] 启用 "" 73c1e1f395918bc2c6dd67af7591a3ad nv [NVIDIA Corporation] 启用 "system32\DRIVERS\nv4_mini.sys" 9f4384aa43548ddd438f7b7825d11699 nv_agp [NVIDIA Corporation] 启用 "system32\DRIVERS\nv_agp.sys" 3194e2f6c9000c39dcf9d0580754f714 NwlnkFlt [Microsoft Corporation] 启用 "system32\DRIVERS\nwlnkflt.sys" b305f3fad35083837ef46a0bbce2fc57 NwlnkFwd [Microsoft Corporation] 启用 "system32\DRIVERS\nwlnkfwd.sys" c99b3415198d1aab7227f2c88fd664b9 Parport [Microsoft Corporation] 启用 "system32\DRIVERS\parport.sys" 42580fdf84b2d08c3366819f80714274 PartMgr [Microsoft Corporation] 启用 "" beb3ba25197665d82ec7065b724171c6 ParVdm [Microsoft Corporation] 启用 "" 4f3fc4954972da46284641091deee02e PCI [Microsoft Corporation] 启用 "system32\DRIVERS\pci.sys" 28eca79bcd3883dc6cb0ac2b20fdb2f0 PCIDump [] 启用 "" PCIIde [Microsoft Corporation] 启用 "system32\DRIVERS\pciide.sys" a4d41f0279f405d6f5c19465aad82834 PCnet [AMD Inc.] 启用 "system32\DRIVERS\pcntpci5.sys" 7bc8027d56fab153a987c56ae9835664 PDCOMP [] 启用 "" PDFRAME [] 启用 "" PDRELI [] 启用 "" PDRFRAME [] 启用 "" perc2hib [Microsoft Corporation] 启用 "system32\DRIVERS\perc2hib.sys" f50f7c27f131afe7beba13e14a3b9416 PptpMiniport [Microsoft Corporation] 启用 "system32\DRIVERS\raspptp.sys" efeec01b1d3cf84f16ddd24d9d9d8f99 PSched [Microsoft Corporation] 启用 "system32\DRIVERS\psched.sys" 09298ec810b07e5d582cb3a3f9255424 Ptilink [Parallel Technologies, Inc.] 启用 "system32\DRIVERS\ptilink.sys" 80d317bd1c3dbc5d4fe7b1678c60cadd RasAcd [Microsoft Corporation] 启用 "system32\DRIVERS\rasacd.sys" fe0d99d6f31e4fad8159f690d68ded9c Rasl2tp [Microsoft Corporation] 启用 "system32\DRIVERS\rasl2tp.sys" 11b4a627bc9614b885c4969bfa5ff8a6 RasPppoe [Microsoft Corporation] 启用 "system32\DRIVERS\raspppoe.sys" 5bc962f2654137c9909c3d4603587dee Raspti [Microsoft Corporation] 启用 "system32\DRIVERS\raspti.sys" fdbb1d60066fcfbb7452fd8f9829b242 RDPCDD [Microsoft Corporation] 启用 "System32\DRIVERS\RDPCDD.sys" 4912d5b403614ce99c28420f75353332 rdpdr [Microsoft Corporation] 启用 "system32\DRIVERS\rdpdr.sys" 15cabd0f7c00c47c70124907916af3f1 RDPWD [Microsoft Corporation] 启用 "" 6728e45b66f93c08f11de2e316fc70dd redbook [Microsoft Corporation] 启用 "system32\DRIVERS\redbook.sys" 14615ebaf029cd0a7af97d10fbd900cd rspp [Beijing Rising Information Technology Co., Ltd.] 启用 "\??\C:\WINDOWS\system32\Drivers\Rspp.sys" b66ba3d1c48f903380af54e6f46cb817 RTL8023xp [Realtek Semiconductor Corporation ] 启用 "system32\DRIVERS\Rtnicxp.sys" 3529828ec571fb2f64f6b142f9109993 rtl8139 [Realtek Semiconductor Corporation] 启用 "system32\DRIVERS\RTL8139.SYS" d507c1400284176573224903819ffda3 Secdrv [Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.] 启用 "system32\DRIVERS\secdrv.sys" 90a3935d05b494a5a39d37e71f09a677 serenum [Microsoft Corporation] 启用 "system32\DRIVERS\serenum.sys" 0f29512ccd6bead730039fb4bd2c85ce Serial [Microsoft Corporation] 启用 "system32\DRIVERS\serial.sys" 81fa8e4f77964b6a606670b87c331c2e Sfloppy [Microsoft Corporation] 启用 "" 8e6b8c671615d126fdc553d1e2de5562 sisagp [Silicon Integrated Systems Corporation] 启用 "system32\DRIVERS\sisagp.sys" 6b33d0ebd30db32e27d1d78fe946a754 splitter [Microsoft Corporation] 启用 "system32\drivers\splitter.sys" ab8b92451ecb048a4d1de7c3ffcb4a9f swenum [Microsoft Corporation] 启用 "system32\DRIVERS\swenum.sys" 3941d127aef12e93addf6fe6ee027e0f swmidi [Microsoft Corporation] 启用 "system32\drivers\swmidi.sys" 8ce882bcc6cf8a62f2b2323d95cb3d01 sysaudio [Microsoft Corporation] 启用 "system32\drivers\sysaudio.sys" 8b83f3ed0f1688b4958f77cd6d2bf290 Tcpip [Microsoft Corporation] 启用 "system32\DRIVERS\tcpip.sys" 4afb3b0919649f95c1964aa1fad27d73 TDPIPE [Microsoft Corporation] 启用 "" 6471a66807f5e104e4885f5b67349397 TDTCP [Microsoft Corporation] 启用 "" c56b6d0402371cf3700eb322ef3aaf61 TermDD [Microsoft Corporation] 启用 "system32\DRIVERS\termdd.sys" 88155247177638048422893737429d9e tmagp [Transmeta Corporation] 启用 "system32\DRIVERS\tmagp.sys" 2275ef7ca18a77268b527b926ab6d643 uagp35 [Microsoft Corporation] 启用 "system32\DRIVERS\uagp35.sys" d85938f272d1bcf3db3a31fc0a048928 ULiAGP [ULi Electronics Inc.] 启用 "system32\DRIVERS\ULiAGP.sys" 25ec7fd654641c4430646fde1f9971ab uliagpkx [ULi Electronics Inc.] 启用 "system32\DRIVERS\agpkx.sys" 67ab641cc203081780e8483faa959549 Update [Microsoft Corporation] 启用 "system32\DRIVERS\update.sys" 402ddc88356b1bac0ee3dd1580c76a31 usbccgp [Microsoft Corporation] 启用 "system32\DRIVERS\usbccgp.sys" 173f317ce0db8e21322e71b7e60a27e8 usbehci [Microsoft Corporation] 启用 "system32\DRIVERS\usbehci.sys" 65dcf09d0e37d4c6b11b5b0b76d470a7 usbhub [Microsoft Corporation] 启用 "system32\DRIVERS\usbhub.sys" 1ab3cdde553b6e064d2e754efe20285c usbohci [Microsoft Corporation] 启用 "system32\DRIVERS\usbohci.sys" 0daecce65366ea32b162f85f07c6753b USBSTOR [Microsoft Corporation] 启用 "system32\DRIVERS\USBSTOR.SYS" a32426d9b14a089eaa1d922e0c5801a9 usbuhci [Microsoft Corporation] 启用 "system32\DRIVERS\usbuhci.sys" 26496f9dee2d787fc3e61ad54821ffe6 VgaSave [Microsoft Corporation] 启用 "\SystemRoot\System32\drivers\vga.sys" 0d3a8fafceacd8b7625cd549757a7df1 viaagp [Microsoft Corporation] 启用 "system32\DRIVERS\viaagp.sys" 754292ce5848b3738281b4f3607eaef4 viaagp1 [VIA Technologies, Inc.] 启用 "system32\DRIVERS\viaagp1.sys" 4b039bbd037b01f5db5a144c837f283a VolSnap [Microsoft Corporation] 启用 "" 0cc9c065291b175cf6771d7edcd1b980 Wanarp [Microsoft Corporation] 启用 "system32\DRIVERS\wanarp.sys" e20b95baedb550f32dd489265c1da1f6 WDICA [] 启用 "" wdmaud [Microsoft Corporation] 启用 "system32\drivers\wdmaud.sys" 6768acf64b18196494413695f0c3a00f xfilt [VIA Technologies,Inc] 启用 "system32\DRIVERS\xfilt.sys" bec604cdc548a528ebd3d7aa1dd46a89 ====================桌面快捷方式==================== 金元证券合一版.lnk "C:\new_jyzq\TdxW.exe " ((通达信)深圳市财富趋势科技有限责任公司, 3.6 MB, 1, 0, 0, 1) 44521da36a08578e1dbe0e026cc1e2da 360安全卫士.lnk "C:\Program Files\360safe\360Safe.exe " (奇虎网, 2.5 MB, 5, 1, 1, 1003) 0b70b0ee8a1cc0a266fc9b0f58488932 瑞星卡卡上网安全助手.lnk "C:\Program Files\Rising\AntiSpyware\Ras.exe " (Beijing Rising Information Technology Co., Ltd., 38.1 KB, 6.0.0.7) 324645bf53d6c2a677cc135eacd91c91 光影魔术手.lnk "C:\Program Files\nEO iMAGING\nEOiMAGING.exe " (nEO Software, 7.8 MB, 3.1.1.58) 3d77f22e895146fad97d93af3acfcc41 快捷方式 到 sdha.lnk "E:\l\game\三打哈\sdha.exe " (huasoft, 881.0 KB, 2.0.0.11026) abbeeadca375f460854e19fe34febfb1 QQ医生.lnk "C:\Program Files\Tencent\QQDoctor\QQDoctor.exe " (Tencent, 693.8 KB, 2, 1, 12, 203) d6cccac907fc62c452b52c41f00539c3 暴风影音.lnk "C:\Program Files\Ringz Studio\Storm Codec\mplayerc.exe " (Gabest, 5.0 MB, 6, 4, 9, 0) 61084baf7c5cea8585b5f884c8b815e6 迅雷5.lnk "C:\Program Files\Thunder Network\Thunder\Thunder.exe " (Thunder Networking Technologies,LTD, 44.0 KB, 5, 6, 8, 19) fd5978c250df4513896e1115c7050251 宽带连接.lnk " " (, , ) QQ游戏.lnk "C:\Program Files\Tencent\QQGame\QQGame.exe " (深圳市腾讯计算机系统有限公司, 160.9 KB, 2, 2, 102, 6) 8c00489334e8e1b3601d83503883a065 Microsoft Office Excel 2003.lnk "C:\WINDOWS\Installer\{90110804-6000-11D3-8CFE-0150048383C9}\xlicons.exe " (, 400.0 KB, ) f97beaac32c05e29332541bad2d3edde Microsoft Office Word 2003.lnk "C:\WINDOWS\Installer\{90110804-6000-11D3-8CFE-0150048383C9}\wordicon.exe " (, 280.0 KB, ) 5f02de2e68d47ca326df279d635aab83 腾讯QQ.lnk "C:\Program Files\Tencent\QQ\QQ.exe " (TENCENT, 2.0 MB, 8,0,978,1833) a8e6a55ed6c0d68a061c3d10b0808f74 酷狗音乐2008.lnk "C:\Program Files\KuGou\KuGou2008\KuGoo.exe " (酷狗音乐, 4.4 MB, 5.3.33.361) a3584719d659a7a08878b7676285f4dc 瑞星个人防火墙.lnk "C:\Program Files\Rising\RFW\RsMain.exe " (Beijing Rising Information Technology Co., Ltd., 70.6 KB, 21, 0, 0, 5) b73cd1c3e48d64b4acb171ea11b87b40 修复瑞星软件.lnk "C:\Documents and Settings\All Users\Application Data\Rising\Rav\Data\Repair.url " (, 155 Bytes, ) 6046caca3f94704bcbc38771720fe5bf 瑞星杀毒软件.lnk "C:\Program Files\Rising\Rav\RsMain.exe " (Beijing Rising Information Technology Co., Ltd., 70.6 KB, 21, 0, 0, 5) b73cd1c3e48d64b4acb171ea11b87b40 账号保险柜.lnk "C:\Program Files\Rising\Rav\rssafety.exe " (Beijing Rising Information Technology Co., Ltd., 1.2 MB, 3.0.0.61) 88ed7fe42aa4564ca16af7160661aa01