未知家族病毒分析 扫描结果: 无可疑文件 系统活动进程 C:\PROGRAM FILES\RISING\RAV\RAVALERT.EXE C:\PROGRAM FILES\RISING\RAV\PLUGIN\RPTMC.DLL C:\PROGRAM FILES\RISING\RAV\PLUGIN\ALTP936.DLL C:\PROGRAM FILES\RISING\RAV\PLUGIN\RPTUPCT.DLL C:\PROGRAM FILES\RISING\RAV\PROCCOMM.DLL C:\WINDOWS\SYSTEM32\MSVCR71.DLL C:\WINDOWS\SYSTEM32\MSVCP71.DLL C:\WINDOWS\SYSTEM32\SQLSRV32.DLL C:\WINDOWS\SYSTEM32\SQLUNIRL.DLL C:\WINDOWS\SYSTEM32\SQLSRV32.RLL C:\WINDOWS\SYSTEM32\DBNETLIB.DLL C:\WINDOWS\SYSTEM32\DBMSLPCN.DLL C:\PROGRAM FILES\RISING\RAV\RAVSERVICE.EXE C:\PROGRAM FILES\RISING\RAV\RAVSEVPROXY.DLL C:\PROGRAM FILES\RISING\RAV\MONSTATE.DLL C:\PROGRAM FILES\RISING\RAV\COMX3.DLL C:\PROGRAM FILES\RISING\RAV\SYSLAY.DLL C:\PROGRAM FILES\RISING\RAV\DLCENTER.DLL C:\PROGRAM FILES\RISING\RAV\PROCCOMM.DLL C:\WINDOWS\SYSTEM32\MSVCR71.DLL C:\WINDOWS\SYSTEM32\MSVCP71.DLL C:\PROGRAM FILES\RISING\RAV\SCANPRXY.DLL C:\PROGRAM FILES\RISING\RAV\RNREPORT.EXE C:\PROGRAM FILES\RISING\RAV\CHART.DLL C:\PROGRAM FILES\RISING\RAV\PROCCOMM.DLL C:\WINDOWS\SYSTEM32\MSVCR71.DLL C:\WINDOWS\SYSTEM32\MSVCP71.DLL C:\WINDOWS\SYSTEM32\SQLSRV32.DLL C:\WINDOWS\SYSTEM32\SQLUNIRL.DLL C:\WINDOWS\SYSTEM32\SQLSRV32.RLL C:\WINDOWS\SYSTEM32\DBNETLIB.DLL C:\WINDOWS\SYSTEM32\DBMSLPCN.DLL C:\PROGRAM FILES\RISING\RAV\RAVUPDATE.EXE C:\PROGRAM FILES\RISING\RAV\DLCENTER.DLL C:\PROGRAM FILES\RISING\RAV\PROCCOMM.DLL C:\WINDOWS\SYSTEM32\MSVCR71.DLL C:\WINDOWS\SYSTEM32\MSVCP71.DLL C:\PROGRAM FILES\RISING\RAV\SECSCAN.DLL C:\PROGRAM FILES\RISING\RAV\NTLIB.DLL C:\PROGRAM FILES\RISING\RAV\SECEX.DLL C:\WINDOWS\SYSTEM32\SVCHOST.EXE C:\WINDOWS\SYSTEM32\SMSS.EXE C:\WINDOWS\SYSTEM32\CSRSS.EXE C:\PROGRAM FILES\RISING\RAV\SCANFRM.EXE C:\WINDOWS\SYSTEM32\MSVCP71.DLL C:\WINDOWS\SYSTEM32\MSVCR71.DLL C:\PROGRAM FILES\RISING\RAV\COMBASE.DLL C:\PROGRAM FILES\RISING\RAV\MONCOMM.DLL C:\PROGRAM FILES\RISING\RAV\SCANSRVP.DLL C:\PROGRAM FILES\RISING\RAV\PROCCOMM.DLL C:\PROGRAM FILES\RISING\RAV\SCANSRV.DLL C:\PROGRAM FILES\RISING\RAV\COMX3.DLL C:\PROGRAM FILES\RISING\RAV\SYSLAY.DLL C:\PROGRAM FILES\RISING\RAV\SCANSIMT.DLL C:\PROGRAM FILES\RISING\RAV\SCANBT.DLL C:\PROGRAM FILES\RISING\RAV\SCANSTUB.DLL C:\PROGRAM FILES\RISING\RAV\RSLOG.DLL C:\PROGRAM FILES\RISING\RAV\LOGPROXY.DLL C:\PROGRAM FILES\RISING\RAV\RSXML3.DLL C:\PROGRAM FILES\RISING\RAV\SCANADD.DLL C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.DLL C:\PROGRAM FILES\RISING\RAV\CFGDLL.DLL C:\PROGRAM FILES\RISING\RAV\SCANNER.DLL C:\PROGRAM FILES\RISING\RAV\RECOMP.DLL C:\PROGRAM FILES\RISING\RAV\REFS.DLL C:\PROGRAM FILES\RISING\RAV\VIRUSLIB.DLL C:\PROGRAM FILES\RISING\RAV\RELIBLDR.DLL C:\WINDOWS\SYSTEM32\WINLOGON.EXE C:\WINDOWS\SYSTEM32\WINWDGV3.DLL C:\WINDOWS\SYSTEM32\THOOKSV3.DLL C:\WINDOWS\SYSTEM32\TSYSDRV.DLL C:\WINDOWS\SYSTEM32\SERVICES.EXE C:\WINDOWS\SYSTEM32\LSASS.EXE C:\WINDOWS\SYSTEM32\SVCHOST.EXE C:\WINDOWS\SYSTEM32\SVCHOST.EXE C:\PROGRAM FILES\KINGSOFT\KSM3.0\KSMGUI.EXE D:\PROGRAM FILES\360\360SAFE\SAFEMON\SAFEMON.DLL C:\WINDOWS\SYSTEM32\THOOKSV3.DLL C:\WINDOWS\SYSTEM32\TSYSDRV.DLL C:\PROGRAM FILES\KINGSOFT\KSM3.0\KCLDREP.DLL C:\PROGRAM FILES\KINGSOFT\KSM3.0\SQLITE.DLL C:\PROGRAM FILES\KINGSOFT\KSM3.0\KAVIFR.DLL C:\WINDOWS\SYSTEM32\WINHAFNT.DLL C:\WINDOWS\SYSTEM32\WINHADNT.DLL D:\AUTOFIREWALL-V5.18\SINOHOOK.DLL C:\PROGRAM FILES\KINGSOFT\KSM3.0\COMRES.DLL C:\WINDOWS\SYSTEM32\SVCHOST.EXE C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE C:\PROGRAM FILES\RISING\RAV\COMBASE.DLL C:\PROGRAM FILES\RISING\RAV\CNT09.DLL C:\PROGRAM FILES\RISING\RAV\CNT08.DLL C:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE C:\PROGRAM FILES\RISING\RAV\PROCCOMM.DLL C:\WINDOWS\SYSTEM32\MSVCR71.DLL C:\WINDOWS\SYSTEM32\MSVCP71.DLL C:\PROGRAM FILES\RISING\RAV\RSCONF.DLL C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.DLL C:\PROGRAM FILES\RISING\RAV\CFGDLL.DLL C:\PROGRAM FILES\RISING\RAV\RSTASK.DLL C:\PROGRAM FILES\RISING\RAV\RSSTUB.DLL C:\WINDOWS\SYSTEM32\SVCHOST.EXE C:\WINDOWS\SYSTEM32\SVCHOST.EXE C:\WINDOWS\SYSTEM32\SVCHOST.EXE C:\PROGRAM FILES\RISING\RAV\RAVSCRCH.DLL C:\WINDOWS\SYSTEM32\MSVCP71.DLL C:\WINDOWS\SYSTEM32\MSVCR71.DLL C:\PROGRAM FILES\RISING\RAV\RAVMOND.EXE C:\PROGRAM FILES\RISING\RAV\COMBASE.DLL C:\WINDOWS\SYSTEM32\MSVCP71.DLL C:\WINDOWS\SYSTEM32\MSVCR71.DLL C:\PROGRAM FILES\RISING\RAV\MONCOMM.DLL C:\PROGRAM FILES\RISING\RAV\MONBASE.DLL C:\PROGRAM FILES\RISING\RAV\RSLOG.DLL C:\PROGRAM FILES\RISING\RAV\MONDRV.DLL C:\PROGRAM FILES\RISING\RAV\DEFMON.DLL C:\PROGRAM FILES\RISING\RAV\MONCOM08.DLL C:\PROGRAM FILES\RISING\RAV\MONRULE.DLL C:\PROGRAM FILES\RISING\RAV\FILEMON.DLL C:\PROGRAM FILES\RISING\RAV\MAILMON.DLL C:\PROGRAM FILES\RISING\RAV\HOOKWEB.DLL C:\PROGRAM FILES\RISING\RAV\PROCCOMM.DLL C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.DLL C:\PROGRAM FILES\RISING\RAV\CFGDLL.DLL C:\PROGRAM FILES\RISING\RAV\COMX3.DLL C:\PROGRAM FILES\RISING\RAV\SYSLAY.DLL C:\PROGRAM FILES\RISING\RAV\LOGPROXY.DLL C:\PROGRAM FILES\RISING\RAV\RSXML3.DLL C:\PROGRAM FILES\RISING\RAV\HOOKSYS.DLL C:\PROGRAM FILES\RISING\RAV\PROCCOM.DLL C:\PROGRAM FILES\RISING\RAV\RSCOMMX2.DLL C:\PROGRAM FILES\RISING\RAV\HOOKCONT.DLL C:\PROGRAM FILES\RISING\RAV\RSNETSVR.DLL C:\PROGRAM FILES\RISING\RAV\BACORE.DLL C:\PROGRAM FILES\RISING\RAV\RECOMP.DLL C:\PROGRAM FILES\RISING\RAV\REFS.DLL C:\PROGRAM FILES\RISING\RAV\RSSTORE.DLL C:\PROGRAM FILES\RISING\RAV\SCANADD.DLL C:\PROGRAM FILES\RISING\RAV\SCANNER.DLL C:\PROGRAM FILES\RISING\RAV\VIRUSLIB.DLL C:\PROGRAM FILES\RISING\RAV\RELIBLDR.DLL C:\PROGRAM FILES\RISING\RAV\FFR.DLL C:\PROGRAM FILES\RISING\RAV\NVFILE.DLL C:\PROGRAM FILES\RISING\RAV\SCANEXEC.DLL C:\PROGRAM FILES\RISING\RAV\UNEXE.DLL C:\PROGRAM FILES\RISING\RAV\SCANEX.DLL C:\PROGRAM FILES\RISING\RAV\PEARC.DLL C:\PROGRAM FILES\RISING\RAV\SCANPE.DLL C:\PROGRAM FILES\RISING\RAV\SCANTJ.DLL C:\PROGRAM FILES\RISING\RAV\EXTSFX.DLL C:\PROGRAM FILES\RISING\RAV\UR000.DAT C:\PROGRAM FILES\RISING\RAV\URUTILS.DLL C:\PROGRAM FILES\RISING\RAV\METHODEX.DLL C:\PROGRAM FILES\RISING\RAV\REVM.DLL C:\PROGRAM FILES\RISING\RAV\HEUREX.DLL C:\PROGRAM FILES\RISING\RAV\PECOMPD.DLL C:\PROGRAM FILES\RISING\RAV\EXTMAIL.DLL C:\PROGRAM FILES\RISING\RAV\SCANSCT.DLL C:\PROGRAM FILES\RISING\RAV\UR001.DAT C:\PROGRAM FILES\RISING\RAV\UR025.DAT D:\PROGRAM FILES\360\360SAFE\DEEPSCAN\ZHUDONGFANGYU.EXE D:\PROGRAM FILES\360\360SAFE\SOFTMGR\360SOFTMGRS.DLL D:\PROGRAM FILES\360\360SAFE\DEEPSCAN\QUTMLOAD.DLL C:\PROGRAM FILES\RISING\RAV\RSNETSVR.EXE C:\PROGRAM FILES\RISING\RAV\NCOMM.DLL C:\PROGRAM FILES\RISING\RAV\SYSLAY.DLL C:\PROGRAM FILES\RISING\RAV\COMX3.DLL C:\PROGRAM FILES\RISING\RAV\PROCCOMM.DLL C:\WINDOWS\SYSTEM32\MSVCR71.DLL C:\WINDOWS\SYSTEM32\MSVCP71.DLL C:\WINDOWS\SYSTEM32\DFSSVC.EXE C:\WINDOWS\SYSTEM32\SPOOLSV.EXE C:\WINDOWS\SYSTEM32\MSDTC.EXE C:\WINDOWS\SYSTEM32\RUNDLL32.EXE C:\WINDOWS\SYSTEM32\WINOAV3.DLL C:\WINDOWS\SYSTEM32\THOOKSV3.DLL C:\WINDOWS\SYSTEM32\TSYSDRV.DLL C:\WINDOWS\SYSTEM32\TPACKETD.DLL C:\WINDOWS\SYSTEM32\TSAFENET.DLL C:\WINDOWS\SYSTEM32\IPPCAP.DLL C:\WINDOWS\SYSTEM32\IPPACKET.DLL C:\WINDOWS\SYSTEM32\WINNCAP3.DLL C:\WINDOWS\SYSTEM32\ALG.EXE C:\WINDOWS\SYSTEM32\INETSRV\INETINFO.EXE C:\PROGRA~1\MICROS~1\MSSQL\BINN\SQLSERVR.EXE C:\PROGRA~1\MICROS~1\MSSQL\BINN\OPENDS60.DLL C:\PROGRA~1\MICROS~1\MSSQL\BINN\UMS.DLL C:\PROGRA~1\MICROS~1\MSSQL\BINN\SQLSORT.DLL C:\PROGRA~1\MICROS~1\MSSQL\BINN\RESOURCES\2052\SQLEVN70.RLL C:\PROGRA~1\MICROS~1\MSSQL\BINN\SSNETLIB.DLL C:\PROGRA~1\MICROS~1\MSSQL\BINN\SSNMPN70.DLL C:\PROGRA~1\MICROS~1\MSSQL\BINN\SSMSLPCN.DLL C:\PROGRA~1\MICROS~1\MSSQL\BINN\SQLFTQRY.DLL C:\PROGRAM FILES\COMMON FILES\SYSTEM\OLE DB\SQLOLEDB.DLL C:\PROGRA~1\MICROS~1\MSSQL\BINN\XPSQLBOT.DLL C:\PROGRAM FILES\COMMON FILES\SYSTEM\MSSEARCH\BIN\MSSEARCH.EXE C:\PROGRAM FILES\COMMON FILES\SYSTEM\MSSEARCH\BIN\MSSWS.DLL C:\PROGRA~1\COMMON~1\SYSTEM\MSSEARCH\BIN\MSSRCH.DLL C:\PROGRAM FILES\COMMON FILES\SYSTEM\MSSEARCH\BIN\TQUERY.DLL C:\PROGRA~1\COMMON~1\SYSTEM\MSSEARCH\BIN\PROPDEFS.DLL C:\PROGRA~1\COMMON~1\SYSTEM\MSSEARCH\BIN\SRCHIDX.DLL C:\PROGRAM FILES\RISING\RAV\RAVAGENT.EXE C:\PROGRAM FILES\RISING\RAV\PROCCOMM.DLL C:\WINDOWS\SYSTEM32\MSVCR71.DLL C:\WINDOWS\SYSTEM32\MSVCP71.DLL C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.DLL C:\PROGRAM FILES\RISING\RAV\CFGDLL.DLL C:\PROGRAM FILES\RISING\RAV\STRATEGY.DLL C:\WINDOWS\SYSTEM32\SQLSRV32.DLL C:\WINDOWS\SYSTEM32\SQLUNIRL.DLL C:\WINDOWS\SYSTEM32\SQLSRV32.RLL C:\WINDOWS\SYSTEM32\DBNETLIB.DLL C:\WINDOWS\SYSTEM32\DBMSLPCN.DLL C:\WINDOWS\SYSTEM32\DBNMPNTW.DLL C:\WINDOWS\SYSTEM32\SVCHOST.EXE C:\PROGRAM FILES\IPMSG\IPMSG.EXE D:\PROGRAM FILES\360\360SAFE\SAFEMON\SAFEMON.DLL C:\WINDOWS\SYSTEM32\THOOKSV3.DLL C:\WINDOWS\SYSTEM32\TSYSDRV.DLL C:\WINDOWS\SYSTEM32\WINHAFNT.DLL C:\WINDOWS\SYSTEM32\WINHADNT.DLL D:\AUTOFIREWALL-V5.18\SINOHOOK.DLL C:\PROGRA~1\MICROS~1\MSSQL\BINN\SQLAGENT.EXE C:\WINDOWS\SYSTEM32\SQLUNIRL.DLL C:\PROGRA~1\MICROS~1\MSSQL\BINN\SQLRESLD.DLL C:\PROGRA~1\MICROS~1\MSSQL\BINN\SQLSVC.DLL C:\WINDOWS\SYSTEM32\ODBCBCP.DLL C:\PROGRA~1\MICROS~1\MSSQL\BINN\W95SCM.DLL C:\PROGRA~1\MICROS~1\MSSQL\BINN\SEMMAP.DLL C:\PROGRA~1\MICROS~1\MSSQL\BINN\RESOURCES\2052\SQLSVC.RLL C:\PROGRA~1\MICROS~1\MSSQL\BINN\RESOURCES\2052\SEMMAP.RLL C:\PROGRA~1\MICROS~1\MSSQL\BINN\RESOURCES\2052\SQLAGENT.RLL C:\PROGRA~1\MICROS~1\MSSQL\BINN\SQLAGENT.DLL C:\PROGRAM FILES\MICROSOFT SQL SERVER\MSSQL\BINN\SQLCMDSS.DLL C:\PROGRAM FILES\MICROSOFT SQL SERVER\MSSQL\BINN\RESOURCES\2052\SQLCMDSS.RLL C:\PROGRAM FILES\MICROSOFT SQL SERVER\MSSQL\BINN\SQLREPSS.DLL C:\PROGRAM FILES\MICROSOFT SQL SERVER\MSSQL\BINN\RESOURCES\2052\SQLREPSS.RLL C:\PROGRAM FILES\MICROSOFT SQL SERVER\MSSQL\BINN\SQLATXSS.DLL C:\PROGRAM FILES\MICROSOFT SQL SERVER\MSSQL\BINN\RESOURCES\2052\SQLATXSS.RLL C:\PROGRAM FILES\MICROSOFT SQL SERVER\80\TOOLS\BINN\AXSCPHST.DLL C:\PROGRAM FILES\MICROSOFT SQL SERVER\80\TOOLS\BINN\RESOURCES\2052\AXSCPHST.RLL C:\WINDOWS\SYSTEM32\SQLSRV32.DLL C:\WINDOWS\SYSTEM32\SQLSRV32.RLL C:\WINDOWS\SYSTEM32\DBNETLIB.DLL C:\WINDOWS\SYSTEM32\DBMSLPCN.DLL C:\WINDOWS\SYSTEM32\CSRSS.EXE C:\PROGRAM FILES\KINGSOFT\KSM3.0\KSMSVC.EXE C:\PROGRAM FILES\KINGSOFT\KSM3.0\KDUMP.DLL C:\PROGRAM FILES\KINGSOFT\KSM3.0\KXESTAT.DLL C:\PROGRAM FILES\KINGSOFT\KSM3.0\KXEBASE.DLL C:\PROGRAM FILES\KINGSOFT\KSM3.0\SCOM.DLL C:\PROGRAM FILES\KINGSOFT\KSM3.0\KXECORE\KXELOG.DLL C:\PROGRAM FILES\KINGSOFT\KSM3.0\KXECORE\KXECORE.DLL C:\PROGRAM FILES\KINGSOFT\KSM3.0\KXECORE\KXESTAT.DLL C:\PROGRAM FILES\KINGSOFT\KSM3.0\KSMCOREX.DLL C:\PROGRAM FILES\KINGSOFT\KSM3.0\COMRES.DLL C:\PROGRAM FILES\KINGSOFT\KSM3.0\KCLDREP.DLL C:\PROGRAM FILES\KINGSOFT\KSM3.0\SQLITE.DLL C:\PROGRAM FILES\KINGSOFT\KSM3.0\KAVIFR.DLL C:\PROGRAM FILES\KINGSOFT\KSM3.0\KSBWSSPX.DLL C:\PROGRAM FILES\KINGSOFT\KSM3.0\KSBWDET.DLL C:\PROGRAM FILES\KINGSOFT\KSM3.0\KSBWQUAR.DLL C:\PROGRAM FILES\KINGSOFT\KSM3.0\KHANDLER.DLL C:\PROGRAM FILES\KINGSOFT\KSM3.0\KSEDETECT.DLL C:\PROGRAM FILES\KINGSOFT\KSM3.0\KFIC.DLL C:\PROGRAM FILES\KINGSOFT\KSM3.0\WSS\KSECSK.DLL C:\PROGRAM FILES\KINGSOFT\KSM3.0\WSS\KSECORE.DLL C:\PROGRAM FILES\KINGSOFT\KSM3.0\WSS\KSPFENG.DLL C:\PROGRAM FILES\KINGSOFT\KSM3.0\WSS\KAE\KAECORE.DAT C:\PROGRAM FILES\KINGSOFT\KSM3.0\WSS\KSEJOB.DLL C:\WINDOWS\SYSTEM32\WBEM\WMIPRVSE.EXE C:\WINDOWS\SYSTEM32\WINLOGON.EXE C:\WINDOWS\SYSTEM32\MSACM32.DRV C:\WINDOWS\SYSTEM32\IMAADP32.ACM C:\WINDOWS\SYSTEM32\MSADP32.ACM C:\WINDOWS\SYSTEM32\MSG711.ACM C:\WINDOWS\SYSTEM32\MSGSM32.ACM C:\WINDOWS\SYSTEM32\TSSOFT32.ACM C:\WINDOWS\SYSTEM32\MSG723.ACM C:\WINDOWS\SYSTEM32\MSAUD32.ACM C:\WINDOWS\SYSTEM32\SL_ANET.ACM C:\WINDOWS\SYSTEM32\L3CODECA.ACM C:\WINDOWS\SYSTEM32\IAC25_32.AX C:\WINDOWS\SYSTEM32\VCT3216.ACM C:\WINDOWS\SYSTEM32\VCT3216.DLL C:\WINDOWS\SYSTEM32\MSMS001.VWP C:\WINDOWS\SYSTEM32\MVOICE.VWP C:\WINDOWS\SYSTEM32\CONIME.EXE D:\PROGRAM FILES\360\360SAFE\SAFEMON\SAFEMON.DLL C:\WINDOWS\SYSTEM32\THOOKSV3.DLL C:\WINDOWS\SYSTEM32\TSYSDRV.DLL C:\WINDOWS\SYSTEM32\WINHAFNT.DLL C:\WINDOWS\SYSTEM32\WINHADNT.DLL C:\WINDOWS\SYSTEM32\LOGON.SCR C:\WINDOWS\SYSTEM32\THOOKSV3.DLL C:\WINDOWS\SYSTEM32\TSYSDRV.DLL C:\WINDOWS\SYSTEM32\RUNDLL32.EXE C:\WINDOWS\SYSTEM32\WINOAUV3.DLL C:\WINDOWS\SYSTEM32\ORCS3DLL.DLL C:\WINDOWS\SYSTEM32\ORCSHK3.DLL C:\WINDOWS\SYSTEM32\THOOKSV3.DLL C:\WINDOWS\SYSTEM32\TSYSDRV.DLL C:\WINDOWS\SYSTEM32\OAGENTUD.DLL C:\WINDOWS\SYSTEM32\WINHADNT.DLL C:\WINDOWS\SYSTEM32\WINHAFNT.DLL C:\WINDOWS\SYSTEM32\WBEM\WMIPRVSE.EXE C:\WINDOWS\SYSTEM32\RDPCLIP.EXE C:\WINDOWS\SYSTEM32\WINHAFNT.DLL C:\WINDOWS\SYSTEM32\TSYSDRV.DLL C:\WINDOWS\SYSTEM32\WINHADNT.DLL C:\WINDOWS\SYSTEM32\THOOKSV3.DLL C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\SYSTEM32\WINHAFNT.DLL C:\WINDOWS\SYSTEM32\TSYSDRV.DLL C:\WINDOWS\SYSTEM32\WINHADNT.DLL C:\WINDOWS\SYSTEM32\WINENCYX.DLL C:\WINDOWS\SYSTEM32\THOOKSV3.DLL D:\PROGRAM FILES\360\360SAFE\SAFEMON\SAFEMON.DLL D:\AUTOFIREWALL-V5.18\SINOHOOK.DLL C:\PROGRAM FILES\WINRAR\RAREXT.DLL C:\WINDOWS\SYSTEM32\RAVEXT.DLL C:\WINDOWS\SYSTEM32\MSOWCNV3.DLL C:\PROGRAM FILES\THUNDER NETWORK\THUNDER\COMPONENTS\RESWORKER\DSBHO_00.DLL C:\PROGRAM FILES\THUNDER NETWORK\THUNDER\COMPONENTS\RESWORKER\DATAPROCESSOR_00.DLL C:\WINDOWS\SYSTEM32\RUNDLL32.EXE C:\WINDOWS\SYSTEM32\WINOAUV3.DLL C:\WINDOWS\SYSTEM32\ORCS3DLL.DLL C:\WINDOWS\SYSTEM32\ORCSHK3.DLL C:\WINDOWS\SYSTEM32\THOOKSV3.DLL C:\WINDOWS\SYSTEM32\TSYSDRV.DLL C:\WINDOWS\SYSTEM32\OAGENTUD.DLL C:\WINDOWS\SYSTEM32\WINHADNT.DLL C:\WINDOWS\SYSTEM32\WINHAFNT.DLL C:\PROGRAM FILES\BROADCOM\BACS\BACSTRAY.EXE C:\WINDOWS\SYSTEM32\THOOKSV3.DLL C:\WINDOWS\SYSTEM32\TSYSDRV.DLL C:\WINDOWS\SYSTEM32\WINHAFNT.DLL C:\WINDOWS\SYSTEM32\WINHADNT.DLL D:\AUTOFIREWALL-V5.18\AUTOFIREWALL.EXE C:\WINDOWS\SYSTEM32\THOOKSV3.DLL C:\WINDOWS\SYSTEM32\TSYSDRV.DLL C:\WINDOWS\SYSTEM32\WINHAFNT.DLL C:\WINDOWS\SYSTEM32\WINHADNT.DLL D:\AUTOFIREWALL-V5.18\SINOHOOK.DLL C:\PROGRAM FILES\RISING\RAV\RSTRAY.EXE C:\PROGRAM FILES\RISING\RAV\COMSERV.DLL C:\WINDOWS\SYSTEM32\MSVCP71.DLL C:\WINDOWS\SYSTEM32\MSVCR71.DLL C:\PROGRAM FILES\RISING\RAV\RSLANG.DLL C:\PROGRAM FILES\RISING\RAV\COMX3.DLL C:\PROGRAM FILES\RISING\RAV\SYSLAY.DLL C:\PROGRAM FILES\RISING\RAV\RSXML.DLL C:\PROGRAM FILES\RISING\RAV\PROCCOMM.DLL C:\PROGRAM FILES\RISING\RAV\MONSTATE.DLL C:\PROGRAM FILES\RISING\RAV\SCANEVNT.DLL C:\PROGRAM FILES\RISING\RAV\RSGUILIB.DLL C:\WINDOWS\SYSTEM32\MFC71.DLL C:\PROGRAM FILES\RISING\RAV\RSCONF.DLL C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.DLL C:\PROGRAM FILES\RISING\RAV\CFGDLL.DLL C:\PROGRAM FILES\RISING\RAV\RSPALVD.DLL C:\PROGRAM FILES\RISING\RAV\RSNETSVR.DLL C:\PROGRAM FILES\RISING\RAV\RAVBINTL.DLL C:\PROGRAM FILES\RISING\RAV\MRULEUI.DLL C:\PROGRAM FILES\RISING\RAV\MONTRAY.DLL C:\PROGRAM FILES\RISING\RAV\PNGDLL.DLL C:\PROGRAM FILES\RISING\RAV\RAVITRAY.DLL C:\PROGRAM FILES\RISING\RAV\SCANPRXY.DLL C:\PROGRAM FILES\RISING\RAV\RSMGINFO.DLL C:\PROGRAM FILES\RISING\RAV\RAVSCRCH.DLL C:\PROGRAM FILES\RISING\RAV\RAVTRAY.EXE C:\PROGRAM FILES\RISING\RAV\RAVUILIB.DLL C:\PROGRAM FILES\RISING\RAV\RAVTRAY936.DLL C:\PROGRAM FILES\RISING\RAV\PROCCOMM.DLL C:\WINDOWS\SYSTEM32\MSVCR71.DLL C:\WINDOWS\SYSTEM32\MSVCP71.DLL D:\PROGRAM FILES\360\360SAFE\SAFEMON\360TRAY.EXE C:\WINDOWS\SYSTEM32\THOOKSV3.DLL C:\WINDOWS\SYSTEM32\TSYSDRV.DLL D:\PROGRAM FILES\360\360SAFE\IPC\IPCSERVICE.DLL D:\PROGRAM FILES\360\360SAFE\IPC\YHREGD.DLL D:\PROGRAM FILES\360\360SAFE\IPC\APPD.DLL D:\PROGRAM FILES\360\360SAFE\SAFEMON\360COMPRO.DLL D:\PROGRAM FILES\360\360SAFE\SAFEMON\360WEBPRO.DLL D:\PROGRAM FILES\360\360SAFE\SAFEMON\360TRAYLIVE.DLL D:\PROGRAM FILES\360\360SAFE\SAFEMON\360SAFEMONPRO.TPI D:\PROGRAM FILES\360\360SAFE\SAFEMON\NETM.TPI D:\PROGRAM FILES\360\360SAFE\NETMON\360NETCTRL.DLL D:\PROGRAM FILES\360\360SAFE\SAFEMON\NETMON.TPI D:\PROGRAM FILES\360\360SAFE\IPC\QUTMIPC.DLL D:\PROGRAM FILES\360\360SAFE\DEEPSCAN\QUTMLOAD.DLL D:\PROGRAM FILES\360\360SAFE\SAFEMON\SAFEMON.DLL D:\PROGRAM FILES\360\360SAFE\SAFEMON\URLPROC.DLL D:\PROGRAM FILES\360\360SAFE\SAFELIVE.DLL D:\PROGRAM FILES\360\360SAFE\PDOWN.DLL C:\WINDOWS\SYSTEM32\WINHAFNT.DLL C:\WINDOWS\SYSTEM32\WINHADNT.DLL D:\PROGRAM FILES\360\360SAFE\LIVEUPD360.DLL D:\PROGRAM FILES\360\360SAFE\360NET.DLL D:\PROGRAM FILES\360\360SAFE\360P2SP.DLL D:\AUTOFIREWALL-V5.18\SINOHOOK.DLL C:\WINDOWS\SYSTEM32\CTFMON.EXE C:\WINDOWS\SYSTEM32\THOOKSV3.DLL C:\WINDOWS\SYSTEM32\TSYSDRV.DLL C:\WINDOWS\SYSTEM32\WINHAFNT.DLL C:\WINDOWS\SYSTEM32\WINHADNT.DLL D:\PROGRAM FILES\360\360SAFE\SAFEMON\SAFEMON.DLL C:\PROGRAM FILES\MICROSOFT SQL SERVER\80\TOOLS\BINN\SQLMANGR.EXE C:\PROGRAM FILES\MICROSOFT SQL SERVER\80\TOOLS\BINN\W95SCM.DLL C:\WINDOWS\SYSTEM32\SQLUNIRL.DLL C:\PROGRAM FILES\MICROSOFT SQL SERVER\80\TOOLS\BINN\SQLSVC.DLL C:\WINDOWS\SYSTEM32\ODBCBCP.DLL C:\PROGRAM FILES\MICROSOFT SQL SERVER\80\TOOLS\BINN\SQLRESLD.DLL C:\PROGRAM FILES\MICROSOFT SQL SERVER\80\TOOLS\BINN\RESOURCES\2052\SQLSVC.RLL C:\PROGRAM FILES\MICROSOFT SQL SERVER\80\TOOLS\BINN\RESOURCES\2052\SQLMANGR.RLL C:\WINDOWS\SYSTEM32\THOOKSV3.DLL C:\WINDOWS\SYSTEM32\TSYSDRV.DLL C:\WINDOWS\SYSTEM32\WINHAFNT.DLL C:\WINDOWS\SYSTEM32\WINHADNT.DLL C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\RSDETECT.EXE D:\PROGRAM FILES\360\360SAFE\SAFEMON\SAFEMON.DLL C:\WINDOWS\SYSTEM32\THOOKSV3.DLL C:\WINDOWS\SYSTEM32\TSYSDRV.DLL C:\WINDOWS\SYSTEM32\WINHAFNT.DLL C:\WINDOWS\SYSTEM32\WINHADNT.DLL D:\AUTOFIREWALL-V5.18\SINOHOOK.DLL 普通自启动项 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run IMJPMIG8.1 = "C:\WINDOWS\IME\IMJP8_1\IMJPMIG.EXE" /SPOIL /REMADVDEF /MIGRATION32 PHIME2002ASync = C:\WINDOWS\SYSTEM32\IME\TINTLGNT\TINTSETP.EXE /SYNC PHIME2002A = C:\WINDOWS\SYSTEM32\IME\TINTLGNT\TINTSETP.EXE /IMENAME bacstray = C:\PROGRAM FILES\BROADCOM\BACS\BACSTRAY.EXE AutoFireWall = D:\AUTOFIREWALL-V5.18\AUTOFIREWALL.EXE RsTray = "C:\PROGRAM FILES\RISING\RAV\RSTRAY.EXE" -SYSTEM RavTray = "C:\PROGRAM FILES\RISING\RAV\RAVTRAY.EXE" 360Safetray = "D:\PROGRAM FILES\360\360SAFE\SAFEMON\360TRAY.EXE" /START HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ctfmon.exe = C:\WINDOWS\SYSTEM32\CTFMON.EXE AppInit_DLLs HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows AppInit_DLLs = 系统文件关联 .exe ==> exefile = "%1" %* .com ==> comfile = "%1" %* .cmd ==> cmdfile = "%1" %* .bat ==> batfile = "%1" %* .txt ==> txtfile = C:\WINDOWS\notepad.exe %1 .scr ==> scrfile = "%1" /S .reg ==> regfile = regedit.exe "%1" .doc ==> WordPad.Document.1 = "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" 其它启动项 WIN.INI 无信息 SYSTEM.INI SHELL = Explorer.exe SCRNSAVE.EXE = C:\WINDOWS\System32\logon.scr Winlogon 启动项 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify crypt32chain = CRYPT32.DLL cryptnet = CRYPTNET.DLL cscdll = CSCDLL.DLL ScCertProp = WLNOTIFY.DLL Schedule = WLNOTIFY.DLL sclgntfy = SCLGNTFY.DLL SensLogn = WLNOTIFY.DLL termsrv = WLNOTIFY.DLL wlballoon = WLNOTIFY.DLL HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Userinit = C:\WINDOWS\SYSTEM32\USERINIT.EXE, shell = EXPLORER.EXE IE - BHO HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects {01443AEC-0FD1-40fd-9C87-E93D1494C233} = C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll {889D2FEB-5411-4565-8998-1DD2C5261283} = C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll {B69F34DD-F0F9-42DC-9EDD-957187DA688D} = D:\Program Files\360\360safe\safemon\safemon.dll Winsock SPI MSAFD Tcpip [TCP/IP] = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD Tcpip [UDP/IP] = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD Tcpip [RAW/IP] = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL RSVP UDP Service Provider = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL RSVP TCP Service Provider = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{78DC498E-AC65-4A46-B2C0-BC187D8A9262}] SEQPACKET 0 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{78DC498E-AC65-4A46-B2C0-BC187D8A9262}] DATAGRAM 0 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{CF609956-623D-4F67-8550-AD6C29139CFF}] SEQPACKET 1 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{CF609956-623D-4F67-8550-AD6C29139CFF}] DATAGRAM 1 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{822EB86F-0D80-4227-84E7-557F41E727C4}] SEQPACKET 2 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{822EB86F-0D80-4227-84E7-557F41E727C4}] DATAGRAM 2 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{16B2D5FB-2657-4145-962D-EF43546DADEF}] SEQPACKET 5 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{16B2D5FB-2657-4145-962D-EF43546DADEF}] DATAGRAM 5 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{911413FB-B4FD-4E77-8D00-561501C2F080}] SEQPACKET 6 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{911413FB-B4FD-4E77-8D00-561501C2F080}] DATAGRAM 6 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL 系统服务项 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services Alerter = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE ALG = C:\WINDOWS\SYSTEM32\ALG.EXE AppMgmt = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS AudioSrv = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS BITS = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS Browser = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS CiSvc = C:\WINDOWS\SYSTEM32\CISVC.EXE ClipSrv = C:\WINDOWS\SYSTEM32\CLIPSRV.EXE COMSysApp = C:\WINDOWS\SYSTEM32\DLLHOST.EXE /PROCESSID:{02D4B3F1-FD88-11D1-960D-00805FC79235} CryptSvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS dcgckc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS Dfs = C:\WINDOWS\SYSTEM32\DFSSVC.EXE Dhcp = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETWORKSERVICE dmadmin = C:\WINDOWS\SYSTEM32\DMADMIN.EXE /COM dmserver = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS Dnscache = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETWORKSERVICE ERSvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K WINERR Eventlog = C:\WINDOWS\SYSTEM32\SERVICES.EXE EventSystem = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS helpsvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS HidServ = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS HTTPFilter = C:\WINDOWS\SYSTEM32\LSASS.EXE IISADMIN = C:\WINDOWS\SYSTEM32\INETSRV\INETINFO.EXE ImapiService = C:\WINDOWS\SYSTEM32\IMAPI.EXE IsmServ = C:\WINDOWS\SYSTEM32\ISMSERV.EXE kdc = C:\WINDOWS\SYSTEM32\LSASS.EXE Kingsoft Rescue Service = C:\PROGRAM FILES\KINGSOFT\KSM3.0\KSMSVC.EXE lanmanserver = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS lanmanworkstation = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS LicenseService = C:\WINDOWS\SYSTEM32\LLSSRV.EXE LmHosts = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE Messenger = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS mnmsrvc = C:\WINDOWS\SYSTEM32\MNMSRVC.EXE MSDTC = C:\WINDOWS\SYSTEM32\MSDTC.EXE MSIServer = C:\WINDOWS\SYSTEM32\MSIEXEC.EXE /V MSSEARCH = "C:\PROGRAM FILES\COMMON FILES\SYSTEM\MSSEARCH\BIN\MSSEARCH.EXE" MSSQLSERVER = C:\PROGRA~1\MICROS~1\MSSQL\BINN\SQLSERVR.EXE MSSQLServerADHelper = C:\PROGRAM FILES\MICROSOFT SQL SERVER\80\TOOLS\BINN\SQLADHLP.EXE NetDDE = C:\WINDOWS\SYSTEM32\NETDDE.EXE NetDDEdsdm = C:\WINDOWS\SYSTEM32\NETDDE.EXE Netlogon = C:\WINDOWS\SYSTEM32\LSASS.EXE Netman = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS Nla = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS NtFrs = C:\WINDOWS\SYSTEM32\NTFRS.EXE NtLmSsp = C:\WINDOWS\SYSTEM32\LSASS.EXE NtmsSvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS PlugPlay = C:\WINDOWS\SYSTEM32\SERVICES.EXE PolicyAgent = C:\WINDOWS\SYSTEM32\LSASS.EXE ProtectedStorage = C:\WINDOWS\SYSTEM32\LSASS.EXE RasAuto = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS RasMan = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS RavAgent = "C:\PROGRAM FILES\RISING\RAV\RAVAGENT.EXE" RavAlert = "C:\PROGRAM FILES\RISING\RAV\RAVALERT.EXE" RavCCenter = C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE RavService = "C:\PROGRAM FILES\RISING\RAV\RAVSERVICE.EXE" RavTask = "C:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE" RAVTASK RavUpdate = "C:\PROGRAM FILES\RISING\RAV\RAVUPDATE.EXE" RDSessMgr = C:\WINDOWS\SYSTEM32\SESSMGR.EXE RemoteAccess = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS RemoteRegistry = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K REGSVC RNReport = "C:\PROGRAM FILES\RISING\RAV\RNREPORT.EXE" rpcapd = "%PROGRAMFILES%\WINPCAP\RPCAPD.EXE" -D -F "%PROGRAMFILES%\WINPCAP\RPCAPD.INI" RpcLocator = C:\WINDOWS\SYSTEM32\LOCATOR.EXE RpcSs = C:\WINDOWS\SYSTEM32\SVCHOST -K RPCSS RSoPProv = C:\WINDOWS\SYSTEM32\RSOPPROV.EXE RsRavMon = C:\PROGRAM FILES\RISING\RAV\RAVMOND.EXE RsScanSrv = C:\PROGRAM FILES\RISING\RAV\SCANFRM.EXE sacsvr = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS SamSs = C:\WINDOWS\SYSTEM32\LSASS.EXE SCardSvr = C:\WINDOWS\SYSTEM32\SCARDSVR.EXE Schedule = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS seclogon = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS SENS = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS SharedAccess = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS ShellHWDetection = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS Spooler = C:\WINDOWS\SYSTEM32\SPOOLSV.EXE SQLSERVERAGENT = C:\PROGRA~1\MICROS~1\MSSQL\BINN\SQLAGENT.EXE stisvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K IMGSVC swprv = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K SWPRV SysmonLog = C:\WINDOWS\SYSTEM32\SMLOGSVC.EXE TapiSrv = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K TAPISRV TermService = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K TERMSVCS Themes = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS TlntSvr = C:\WINDOWS\SYSTEM32\TLNTSVR.EXE TrkSvr = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS TrkWks = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS Tssdis = C:\WINDOWS\SYSTEM32\TSSDIS.EXE uploadmgr = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS UPS = C:\WINDOWS\SYSTEM32\UPS.EXE vds = C:\WINDOWS\SYSTEM32\VDS.EXE VSS = C:\WINDOWS\SYSTEM32\VSSVC.EXE W32Time = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS W3SVC = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K IISSVCS WebClient = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE Winhlpsvr = C:\PROGRAM FILES\COMMON FILES\SYSTEM\WINRDGV3.EXE WinHttpAutoProxySvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE winmgmt = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS WmdmPmSN = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS Wmi = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS WmiApSrv = C:\WINDOWS\SYSTEM32\WBEM\WMIAPSRV.EXE wuauserv = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS WZCSVC = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS ZhuDongFangYu = "D:\PROGRAM FILES\360\360SAFE\DEEPSCAN\ZHUDONGFANGYU.EXE" 文件驱动 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services DfsDriver = C:\WINDOWS\SYSTEM32\DRIVERS\DFS.SYS MRxDAV = C:\WINDOWS\SYSTEM32\DRIVERS\MRXDAV.SYS MRxSmb = C:\WINDOWS\SYSTEM32\DRIVERS\MRXSMB.SYS NetBIOS = C:\WINDOWS\SYSTEM32\DRIVERS\NETBIOS.SYS Rdbss = C:\WINDOWS\SYSTEM32\DRIVERS\RDBSS.SYS Srv = C:\WINDOWS\SYSTEM32\DRIVERS\SRV.SYS 系统驱动项 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services 360netmon = C:\WINDOWS\SYSTEM32\DRIVERS\360NETMON.SYS a347bus = C:\WINDOWS\SYSTEM32\DRIVERS\A347BUS.SYS a347scsi = C:\WINDOWS\SYSTEM32\DRIVERS\A347SCSI.SYS ACPI = C:\WINDOWS\SYSTEM32\DRIVERS\ACPI.SYS AFD = C:\WINDOWS\SYSTEM32\DRIVERS\AFD.SYS AsyncMac = C:\WINDOWS\SYSTEM32\DRIVERS\ASYNCMAC.SYS atapi = C:\WINDOWS\SYSTEM32\DRIVERS\ATAPI.SYS Atmarpc = C:\WINDOWS\SYSTEM32\DRIVERS\ATMARPC.SYS audstub = C:\WINDOWS\SYSTEM32\DRIVERS\AUDSTUB.SYS b57w2k = C:\WINDOWS\SYSTEM32\DRIVERS\B57XP32.SYS BFSDRV = C:\WINDOWS\SYSTEM32\DRIVERS\BFSDRV.SYS Blfp = C:\WINDOWS\SYSTEM32\DRIVERS\BASPXP32.SYS BREGDRV = C:\WINDOWS\SYSTEM32\DRIVERS\BREGDRV.SYS Cdrom = C:\WINDOWS\SYSTEM32\DRIVERS\CDROM.SYS ClusDisk = C:\WINDOWS\SYSTEM32\DRIVERS\CLUSDISK.SYS crcdisk = C:\WINDOWS\SYSTEM32\DRIVERS\CRCDISK.SYS Disk = C:\WINDOWS\SYSTEM32\DRIVERS\DISK.SYS dmboot = C:\WINDOWS\SYSTEM32\DRIVERS\DMBOOT.SYS dmio = C:\WINDOWS\SYSTEM32\DRIVERS\DMIO.SYS dmload = C:\WINDOWS\SYSTEM32\DRIVERS\DMLOAD.SYS EfiMon = C:\WINDOWS\SYSTEM32\DRIVERS\EFIMON.SYS FsVga = C:\WINDOWS\SYSTEM32\DRIVERS\FSVGA.SYS Ftdisk = C:\WINDOWS\SYSTEM32\DRIVERS\FTDISK.SYS Gpc = C:\WINDOWS\SYSTEM32\DRIVERS\MSGPC.SYS hidusb = C:\WINDOWS\SYSTEM32\DRIVERS\HIDUSB.SYS hookcont = C:\WINDOWS\SYSTEM32\DRIVERS\HOOKCONT.SYS HookPort = C:\WINDOWS\SYSTEM32\DRIVERS\HOOKPORT.SYS hooksys = C:\WINDOWS\SYSTEM32\DRIVERS\HOOKSYS.SYS HTTP = C:\WINDOWS\SYSTEM32\DRIVERS\HTTP.SYS imapi = C:\WINDOWS\SYSTEM32\DRIVERS\IMAPI.SYS IpFilterDriver = C:\WINDOWS\SYSTEM32\DRIVERS\IPFLTDRV.SYS IpInIp = C:\WINDOWS\SYSTEM32\DRIVERS\IPINIP.SYS IpNat = C:\WINDOWS\SYSTEM32\DRIVERS\IPNAT.SYS IPNPF = C:\WINDOWS\SYSTEM32\DRIVERS\IPNPF.SYS IPSec = C:\WINDOWS\SYSTEM32\DRIVERS\IPSEC.SYS isapnp = C:\WINDOWS\SYSTEM32\DRIVERS\ISAPNP.SYS Kbdclass = C:\WINDOWS\SYSTEM32\DRIVERS\KBDCLASS.SYS kbdhid = C:\WINDOWS\SYSTEM32\DRIVERS\KBDHID.SYS krpr = C:\PROGRAM FILES\KINGSOFT\KSM3.0\KRPR.SYS Mouclass = C:\WINDOWS\SYSTEM32\DRIVERS\MOUCLASS.SYS mouhid = C:\WINDOWS\SYSTEM32\DRIVERS\MOUHID.SYS NdisTapi = C:\WINDOWS\SYSTEM32\DRIVERS\NDISTAPI.SYS Ndisuio = C:\WINDOWS\SYSTEM32\DRIVERS\NDISUIO.SYS NdisWan = C:\WINDOWS\SYSTEM32\DRIVERS\NDISWAN.SYS NetBT = C:\WINDOWS\SYSTEM32\DRIVERS\NETBT.SYS NPF = C:\WINDOWS\SYSTEM32\DRIVERS\NPF.SYS PCI = C:\WINDOWS\SYSTEM32\DRIVERS\PCI.SYS PCIIde = C:\WINDOWS\SYSTEM32\DRIVERS\PCIIDE.SYS PptpMiniport = C:\WINDOWS\SYSTEM32\DRIVERS\RASPPTP.SYS Processor = C:\WINDOWS\SYSTEM32\DRIVERS\PROCESSR.SYS Ptilink = C:\WINDOWS\SYSTEM32\DRIVERS\PTILINK.SYS qutmdserv = C:\WINDOWS\SYSTEM32\DRIVERS\QUTMDRV.SYS qutmipc = C:\WINDOWS\SYSTEM32\DRIVERS\QUTMIPC.SYS RasAcd = C:\WINDOWS\SYSTEM32\DRIVERS\RASACD.SYS Rasl2tp = C:\WINDOWS\SYSTEM32\DRIVERS\RASL2TP.SYS RasPppoe = C:\WINDOWS\SYSTEM32\DRIVERS\RASPPPOE.SYS Raspti = C:\WINDOWS\SYSTEM32\DRIVERS\RASPTI.SYS RDPCDD = C:\WINDOWS\SYSTEM32\DRIVERS\RDPCDD.SYS rdpdr = C:\WINDOWS\SYSTEM32\DRIVERS\RDPDR.SYS redbook = C:\WINDOWS\SYSTEM32\DRIVERS\REDBOOK.SYS RsNTGDI = C:\WINDOWS\SYSTEM32\DRIVERS\RSNTGDI.SYS ScsiPort = C:\WINDOWS\SYSTEM32\DRIVERS\SCSIPORT.SYS Secdrv = C:\WINDOWS\SYSTEM32\DRIVERS\SECDRV.SYS serenum = C:\WINDOWS\SYSTEM32\DRIVERS\SERENUM.SYS Serial = C:\WINDOWS\SYSTEM32\DRIVERS\SERIAL.SYS swenum = C:\WINDOWS\SYSTEM32\DRIVERS\SWENUM.SYS Tcpip = C:\WINDOWS\SYSTEM32\DRIVERS\TCPIP.SYS TermDD = C:\WINDOWS\SYSTEM32\DRIVERS\TERMDD.SYS TFsfltdrv = C:\WINDOWS\SYSTEM32\DRIVERS\TFSFLTDRV.SYS TPacket = C:\WINDOWS\SYSTEM32\DRIVERS\TPACKET.SYS TSysDrv = C:\WINDOWS\SYSTEM32\DRIVERS\TSYSDRV.SYS Update = C:\WINDOWS\SYSTEM32\DRIVERS\UPDATE.SYS usbehci = C:\WINDOWS\SYSTEM32\DRIVERS\USBEHCI.SYS usbhub = C:\WINDOWS\SYSTEM32\DRIVERS\USBHUB.SYS usbstor = C:\WINDOWS\SYSTEM32\DRIVERS\USBSTOR.SYS usbuhci = C:\WINDOWS\SYSTEM32\DRIVERS\USBUHCI.SYS vga = C:\WINDOWS\SYSTEM32\DRIVERS\VGAPNP.SYS VgaSave = C:\WINDOWS\SYSTEM32\DRIVERS\VGA.SYS VMnetAdapter = C:\WINDOWS\SYSTEM32\DRIVERS\VMNETADAPTER.SYS VolSnap = C:\WINDOWS\SYSTEM32\DRIVERS\VOLSNAP.SYS Wanarp = C:\WINDOWS\SYSTEM32\DRIVERS\WANARP.SYS WLBS = C:\WINDOWS\SYSTEM32\DRIVERS\WLBS.SYS