| 系统进程检测 |
| 进程ID |
路径 |
版本 |
发行商 |
| 580 |
C:\WINDOWS\system32\smss.exe |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 636 |
C:\WINDOWS\system32\csrss.exe |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 660 |
C:\WINDOWS\system32\winlogon.exe |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 704 |
C:\WINDOWS\system32\services.exe |
5.1.2600.3520 (xpsp_sp2_qfe.090206-1239) |
Microsoft Corporation |
| 716 |
C:\WINDOWS\system32\lsass.exe |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 876 |
C:\WINDOWS\system32\svchost.exe |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 952 |
C:\WINDOWS\system32\svchost.exe |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 1040 |
C:\Program Files\Rising\Rav\RavMonD.exe |
22, 0, 0, 2 |
Beijing Rising Information Technology Co., Ltd. |
| 1056 |
C:\WINDOWS\system32\svchost.exe |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 1108 |
C:\WINDOWS\system32\svchost.exe |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 1148 |
C:\WINDOWS\system32\svchost.exe |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 1236 |
C:\WINDOWS\system32\spoolsv.exe |
5.1.2600.2696 (xpsp_sp2_gdr.050610-1519) |
Microsoft Corporation |
| |
C:\WINDOWS\system32\hptcpmon.dll |
2.50.01.007 |
Hewlett Packard |
| |
C:\WINDOWS\system32\hpzjsn01.dll |
1, 0, 0, 3 |
Hewlett Packard Company |
| |
C:\WINDOWS\system32\hpzjfw01.dll |
4.02.009.0 |
Hewlett-Packard |
| |
C:\WINDOWS\system32\hptcpmui.dll |
2.50.01.004 |
Microsoft Corporation |
| |
C:\WINDOWS\system32\msvcr71.dll |
7.10.3052.4 |
Microsoft Corporation |
| |
C:\WINDOWS\system32\hptcpmib.dll |
2.50.01.005 |
Hewlett Packard |
| |
C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll |
11.3.1897.0 |
Microsoft Corporation |
| |
C:\WINDOWS\system32\HPZidr12.dll |
10, 1, 0, 3 |
HP |
| 1436 |
C:\WINDOWS\explorer.exe |
6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| |
C:\WINDOWS\system32\msvcp71.dll |
7.10.3077.0 |
Microsoft Corporation |
| |
C:\WINDOWS\system32\msvcr71.dll |
7.10.3052.4 |
Microsoft Corporation |
| |
C:\WINDOWS\system32\dfshim.dll |
2.0.50727.42 (RTM.050727-4200) |
Microsoft Corporation |
| |
C:\WINDOWS\system32\mscoree.dll |
2.0.50727.253 (QFE.050727-2500) |
Microsoft Corporation |
| |
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\shfusion.dll |
2.0.50727.42 (RTM.050727-4200) |
Microsoft Corporation |
| |
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll |
2.0.50727.42 (RTM.050727-4200) |
Microsoft Corporation |
| |
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll |
2.0.50727.42 (RTM.050727-4200) |
Microsoft Corporation |
| |
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll |
2.0.50727.42 (RTM.050727-4200) |
Microsoft Corporation |
| |
C:\Program Files\WinRAR\RarExt.dll |
|
|
| |
C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll |
8.00.00.9374 |
Symantec Corporation |
| |
C:\WINDOWS\system32\nvshell.dll |
|
|
| 1592 |
C:\WINDOWS\system32\svchost.exe |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 1608 |
C:\WINDOWS\system32\wdfmgr.exe |
5.2.3790.1230 built by: dnsrv(bld4act) |
Microsoft Corporation |
| 452 |
C:\WINDOWS\system32\alg.exe |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 1656 |
C:\Program Files\Rising\Rav\RsTray.exe |
22.0.0.11 |
Beijing Rising Information Technology Co., Ltd. |
| 1408 |
C:\WINDOWS\system32\ctfmon.exe |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 2796 |
C:\WINDOWS\system32\msiexec.exe |
3.1.4000.1823 |
Microsoft Corporation |
| 2116 |
H:\tools\tool\SystemDetector\SystemDetector\SystemDetector.exe |
1.2 |
WALKER05 |
| |
H:\tools\tool\SystemDetector\SystemDetector\BugTrapU.dll |
1.3.3291.42976 |
IntelleSoft |
| 服务检测[系统服务] |
| 服务名 |
状态/启动模式 |
文件路径 |
版本 |
发行商 |
| Alerter |
Stopped/Disabled |
C:\WINDOWS\system32\svchost.exe -k LocalService |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| ALG |
Running/Demand |
C:\WINDOWS\System32\alg.exe |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| AppMgmt |
Stopped/Demand |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| aspnet_state |
Stopped/Demand |
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe |
2.0.50727.42 (RTM.050727-4200) |
Microsoft Corporation |
| AudioSrv |
Running/Auto |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| BITS |
Stopped/Demand |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| Browser |
Running/Auto |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| CiSvc |
Stopped/Demand |
C:\WINDOWS\system32\cisvc.exe |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| ClipSrv |
Stopped/Disabled |
C:\WINDOWS\system32\clipsrv.exe |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| clr_optimization_v2.0.50727_32 |
Stopped/Demand |
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe |
2.0.50727.42 (RTM.050727-4200) |
Microsoft Corporation |
| COMSysApp |
Stopped/Demand |
C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| CryptSvc |
Running/Auto |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| DcomLaunch |
Running/Auto |
C:\WINDOWS\system32\svchost -k DcomLaunch |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| Dhcp |
Stopped/Disabled |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| dmadmin |
Stopped/Demand |
C:\WINDOWS\System32\dmadmin.exe /com |
2600.2180.503.0 |
Microsoft Corp., Veritas Software |
| dmserver |
Running/Auto |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| Dnscache |
Running/Auto |
C:\WINDOWS\system32\svchost.exe -k NetworkService |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| ERSvc |
Running/Auto |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| Eventlog |
Running/Auto |
C:\WINDOWS\system32\services.exe |
5.1.2600.3520 (xpsp_sp2_qfe.090206-1239) |
Microsoft Corporation |
| EventSystem |
Running/Demand |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| FastUserSwitchingCompatibility |
Running/Demand |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| fsssvc |
Stopped/Demand |
"C:\Program Files\Windows Live\Family Safety\fsssvc.exe" |
14.0.8093.0805 |
Microsoft Corporation |
| helpsvc |
Stopped/Disabled |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| HTTPFilter |
Stopped/Demand |
C:\WINDOWS\System32\svchost.exe -k HTTPFilter |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| ImapiService |
Stopped/Demand |
C:\WINDOWS\system32\imapi.exe |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| lanmanserver |
Running/Auto |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| lanmanworkstation |
Running/Auto |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| LmHosts |
Running/Auto |
C:\WINDOWS\system32\svchost.exe -k LocalService |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| Messenger |
Stopped/Disabled |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| mnmsrvc |
Stopped/Demand |
C:\WINDOWS\system32\mnmsrvc.exe |
5.1.2600.2180 |
Microsoft Corporation |
| MSDTC |
Stopped/Demand |
C:\WINDOWS\system32\msdtc.exe |
2001.12.4414.258 |
Microsoft Corporation |
| MSIServer |
Running/Demand |
C:\WINDOWS\system32\msiexec.exe /V |
3.1.4000.1823 |
Microsoft Corporation |
| NetDDE |
Stopped/Disabled |
C:\WINDOWS\system32\netdde.exe |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| NetDDEdsdm |
Stopped/Disabled |
C:\WINDOWS\system32\netdde.exe |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| Netlogon |
Stopped/Demand |
C:\WINDOWS\system32\lsass.exe |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| Netman |
Running/Demand |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| Nla |
Running/Demand |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| NtLmSsp |
Stopped/Demand |
C:\WINDOWS\system32\lsass.exe |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| NtmsSvc |
Stopped/Demand |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| NVSvc |
Stopped/Disabled |
C:\WINDOWS\system32\nvsvc32.exe |
6.14.10.9148 |
NVIDIA Corporation |
| odserv |
Stopped/Demand |
"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE" |
12.0.4518.1014 |
Microsoft Corporation |
| ose |
Stopped/Demand |
"C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" |
12.0.4518.1014 |
Microsoft Corporation |
| PlugPlay |
Running/Auto |
C:\WINDOWS\system32\services.exe |
5.1.2600.3520 (xpsp_sp2_qfe.090206-1239) |
Microsoft Corporation |
| Pml Driver HPZ12 |
Stopped/Demand |
C:\WINDOWS\system32\HPZipm12.exe |
10, 1, 0, 3 |
HP |
| PolicyAgent |
Running/Auto |
C:\WINDOWS\system32\lsass.exe |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| ProtectedStorage |
Running/Auto |
C:\WINDOWS\system32\lsass.exe |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| RasAuto |
Stopped/Demand |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| RasMan |
Running/Demand |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| RDSessMgr |
Stopped/Demand |
C:\WINDOWS\system32\sessmgr.exe |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| RemoteAccess |
Stopped/Disabled |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| RemoteRegistry |
Stopped/Disabled |
C:\WINDOWS\system32\svchost.exe -k LocalService |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| RpcLocator |
Stopped/Demand |
C:\WINDOWS\system32\locator.exe |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| RpcSs |
Running/Auto |
C:\WINDOWS\system32\svchost -k rpcss |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| RsRavMon |
Running/Auto |
"C:\Program Files\Rising\Rav\RavMonD.exe" |
22, 0, 0, 2 |
Beijing Rising Information Technology Co., Ltd. |
| RSVP |
Stopped/Demand |
C:\WINDOWS\system32\rsvp.exe |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
| SamSs |
Running/Auto |
C:\WINDOWS\system32\lsass.exe |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| SCardSvr |
Stopped/Demand |
C:\WINDOWS\System32\SCardSvr.exe |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| Schedule |
Running/Auto |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| sdAuxService |
Stopped/Demand |
C:\Program Files\Spyware Doctor\pctsAuxs.exe |
6, 1, 0, 12 |
PC Tools |
| sdCoreService |
Stopped/Disabled |
C:\Program Files\Spyware Doctor\pctsSvc.exe |
6.1.0.58 |
PC Tools |
| SeaPort |
Stopped/Disabled |
"C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe" |
1.2.123.0 |
Microsoft Corp. |
| seclogon |
Running/Auto |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| SENS |
Running/Auto |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| SharedAccess |
Running/Auto |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| ShellHWDetection |
Running/Auto |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| Spooler |
Running/Auto |
C:\WINDOWS\system32\spoolsv.exe |
5.1.2600.2696 (xpsp_sp2_gdr.050610-1519) |
Microsoft Corporation |
| srservice |
Stopped/Disabled |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| SSDPSRV |
Running/Demand |
C:\WINDOWS\system32\svchost.exe -k LocalService |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| stisvc |
Running/Auto |
C:\WINDOWS\system32\svchost.exe -k imgsvc |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| SwPrv |
Stopped/Demand |
C:\WINDOWS\system32\dllhost.exe /Processid:{86EAED12-D939-464B-BA56-118CD3F2F42F} |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| SysmonLog |
Stopped/Demand |
C:\WINDOWS\system32\smlogsvc.exe |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| TapiSrv |
Running/Demand |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| TermService |
Running/Demand |
C:\WINDOWS\System32\svchost -k DComLaunch |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| Themes |
Running/Auto |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| TlntSvr |
Stopped/Disabled |
C:\WINDOWS\system32\tlntsvr.exe |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| TrkWks |
Running/Auto |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| UMWdf |
Running/Auto |
C:\WINDOWS\system32\wdfmgr.exe |
5.2.3790.1230 built by: dnsrv(bld4act) |
Microsoft Corporation |
| uploadmgr |
Stopped/Demand |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| upnphost |
Stopped/Demand |
C:\WINDOWS\system32\svchost.exe -k LocalService |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| UPS |
Stopped/Demand |
C:\WINDOWS\System32\ups.exe |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| VSS |
Stopped/Demand |
C:\WINDOWS\System32\vssvc.exe |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| W32Time |
Running/Auto |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| WebClient |
Stopped/Disabled |
C:\WINDOWS\system32\svchost.exe -k LocalService |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| winmgmt |
Running/Auto |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| WmdmPmSN |
Stopped/Demand |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| Wmi |
Stopped/Demand |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| WmiApSrv |
Stopped/Demand |
C:\WINDOWS\system32\wbem\wmiapsrv.exe |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| wscsvc |
Stopped/Disabled |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| wuauserv |
Stopped/Disabled |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| WZCSVC |
Stopped/Disabled |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| xmlprov |
Stopped/Demand |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 服务检测[驱动服务] |
| 服务名 |
状态/启动模式 |
文件路径 |
版本 |
发行商 |
| Abiosdsk |
Stopped/Disabled |
|
|
|
| abp480n5 |
Stopped/Disabled |
|
|
|
| ACPI |
Running/Boot |
\SystemRoot\system32\DRIVERS\ACPI.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| ACPIEC |
Stopped/Disabled |
C:\WINDOWS\system32\drivers\ACPIEC.sys |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
| adpu160m |
Stopped/Disabled |
|
|
|
| aec |
Stopped/Demand |
system32\drivers\aec.sys |
5.1.2601.2180 |
Microsoft Corporation |
| AFD |
Running/System |
\SystemRoot\System32\drivers\afd.sys |
5.1.2600.3463 (xpsp_sp2_gdr.081016-1716) |
Microsoft Corporation |
| Aha154x |
Stopped/Disabled |
|
|
|
| aic78u2 |
Stopped/Disabled |
|
|
|
| aic78xx |
Stopped/Disabled |
|
|
|
| Alidevice |
Running/Demand |
C:\WINDOWS\system32\drivers\Alidevice.sys |
1.00 built by: WinDDK |
alipay.com |
| AliIde |
Stopped/Disabled |
|
|
|
| AmdK8 |
Running/System |
system32\DRIVERS\AmdK8.sys |
1.3.2 (dnsrv(wmbla).060701-2226) |
Advanced Micro Devices |
| amsint |
Stopped/Disabled |
|
|
|
| asc |
Stopped/Disabled |
|
|
|
| asc3350p |
Stopped/Disabled |
|
|
|
| asc3550 |
Stopped/Disabled |
|
|
|
| AsyncMac |
Stopped/Demand |
system32\DRIVERS\asyncmac.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| atapi |
Running/Boot |
\SystemRoot\system32\DRIVERS\atapi.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| Atdisk |
Stopped/Disabled |
|
|
|
| Atmarpc |
Stopped/Demand |
system32\DRIVERS\atmarpc.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| audstub |
Running/Demand |
system32\DRIVERS\audstub.sys |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
| bcm4sbxp |
Running/Demand |
system32\DRIVERS\bcm4sbxp.sys |
4.47.0.0 built by: WinDDK |
Broadcom Corporation |
| Beep |
Running/System |
C:\WINDOWS\system32\drivers\Beep.sys |
|
|
| cbidf2k |
Stopped/Disabled |
C:\WINDOWS\system32\drivers\cbidf2k.sys |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
| cd20xrnt |
Stopped/Disabled |
|
|
|
| Cdaudio |
Stopped/System |
C:\WINDOWS\system32\drivers\Cdaudio.sys |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
| Cdfs |
Running/Disabled |
C:\WINDOWS\system32\drivers\Cdfs.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| Cdrom |
Running/System |
system32\DRIVERS\cdrom.sys |
5.1.2600.3364 (xpsp_sp2_qfe.080502-1233) |
Microsoft Corporation |
| CmdIde |
Stopped/Disabled |
|
|
|
| Cpqarray |
Stopped/Disabled |
|
|
|
| dac960nt |
Stopped/Disabled |
|
|
|
| Disk |
Running/Boot |
\SystemRoot\system32\DRIVERS\disk.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| dmboot |
Stopped/Disabled |
System32\drivers\dmboot.sys |
2600.2180.503.0 |
Microsoft Corp., Veritas Software |
| dmio |
Running/Boot |
\SystemRoot\system32\DRIVERS\dmio.sys |
2600.2180.503.0 |
Microsoft Corp., Veritas Software |
| dmload |
Running/Boot |
C:\WINDOWS\system32\drivers\dmload.sys |
2600.0.503.0 |
Microsoft Corp., Veritas Software. |
| DMusic |
Stopped/Demand |
system32\drivers\DMusic.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| dot4 |
Running/Demand |
system32\DRIVERS\Dot4.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| Dot4Print |
Running/Demand |
system32\DRIVERS\Dot4Prt.sys |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
| dot4usb |
Running/Demand |
system32\DRIVERS\dot4usb.sys |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
| dpti2o |
Stopped/Disabled |
|
|
|
| drmkaud |
Stopped/Demand |
system32\drivers\drmkaud.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| exFat |
Stopped/Disabled |
C:\WINDOWS\system32\drivers\exFat.sys |
5.1.2600.3453 (xpsp_sp2_gdr.080929-1303) |
Microsoft Corporation |
| Fastfat |
Running/Disabled |
C:\WINDOWS\system32\drivers\Fastfat.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| Fdc |
Stopped/System |
C:\WINDOWS\system32\drivers\Fdc.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| Fips |
Running/System |
C:\WINDOWS\system32\drivers\Fips.sys |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
| Flpydisk |
Stopped/System |
C:\WINDOWS\system32\drivers\Flpydisk.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| FltMgr |
Running/Boot |
\SystemRoot\system32\DRIVERS\fltMgr.sys |
5.1.2600.2978 (xpsp_sp2_gdr.060821-0039) |
Microsoft Corporation |
| fssfltr |
Running/Auto |
system32\DRIVERS\fssfltr_tdi.sys |
14.0.8093.0805 |
Microsoft Corporation |
| Ftdisk |
Running/Boot |
\SystemRoot\system32\DRIVERS\ftdisk.sys |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
| Gpc |
Running/Demand |
system32\DRIVERS\msgpc.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| gwiopm |
Stopped/Demand |
\??\H:\Womcc\gwiopm.sys |
|
|
| HDAudBus |
Running/Demand |
system32\DRIVERS\HDAudBus.sys |
5.10.00.5011 built by: WinDDK |
Windows (R) Server 2003 DDK provider |
| hidusb |
Running/Demand |
system32\DRIVERS\hidusb.sys |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
| hookcont |
Running/System |
system32\drivers\HookCont.sys |
24.0.0.7 |
Beijing Rising Information Technology Co., Ltd. |
| hooksys |
Running/System |
system32\drivers\HookSys.sys |
24, 0, 0, 34 |
Beijing Rising Information Technology Co., Ltd. |
| hpn |
Stopped/Disabled |
|
|
|
| HTTP |
Running/Demand |
System32\Drivers\HTTP.sys |
5.1.2600.2869 (xpsp_sp2_gdr.060316-1512) |
Microsoft Corporation |
| i2omp |
Stopped/Disabled |
|
|
|
| i8042prt |
Stopped/System |
C:\WINDOWS\system32\drivers\i8042prt.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| Imapi |
Stopped/System |
system32\DRIVERS\imapi.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| ini910u |
Stopped/Disabled |
|
|
|
| IntelIde |
Stopped/Disabled |
|
|
|
| Ip6Fw |
Stopped/Demand |
system32\drivers\ip6fw.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| IpFilterDriver |
Running/System |
\??\C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
| IpInIp |
Stopped/Demand |
system32\DRIVERS\ipinip.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| IpNat |
Running/Demand |
system32\DRIVERS\ipnat.sys |
5.1.2600.2524 (xpsp_sp2_gdr.040919-1056) |
Microsoft Corporation |
| IPSec |
Running/System |
system32\DRIVERS\ipsec.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| IRENUM |
Stopped/Demand |
system32\DRIVERS\irenum.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| isapnp |
Running/Boot |
\SystemRoot\system32\DRIVERS\isapnp.sys |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
| Kbdclass |
Running/System |
system32\DRIVERS\kbdclass.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| kbdhid |
Running/System |
system32\DRIVERS\kbdhid.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| kmixer |
Running/Demand |
system32\drivers\kmixer.sys |
5.1.2600.2929 (xpsp_sp2_gdr.060613-2359) |
Microsoft Corporation |
| KSecDD |
Running/Boot |
C:\WINDOWS\system32\drivers\KSecDD.sys |
5.1.2600.3592 (xpsp_sp2_qfe.090622-1503) |
Microsoft Corporation |
| mnmdd |
Running/System |
C:\WINDOWS\system32\drivers\mnmdd.sys |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
| Modem |
Stopped/Demand |
C:\WINDOWS\system32\drivers\Modem.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| Mouclass |
Running/System |
system32\DRIVERS\mouclass.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| mouhid |
Running/Demand |
system32\DRIVERS\mouhid.sys |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
| MountMgr |
Running/Boot |
C:\WINDOWS\system32\drivers\MountMgr.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| mraid35x |
Stopped/Disabled |
|
|
|
| MRxDAV |
Stopped/Demand |
system32\DRIVERS\mrxdav.sys |
5.1.2600.3276 (xpsp_sp2_gdr.071218-1250) |
Microsoft Corporation |
| MRxSmb |
Running/System |
system32\DRIVERS\mrxsmb.sys |
5.1.2600.3675 (xpsp_sp2_gdr.100224-1404) |
Microsoft Corporation |
| Msfs |
Running/System |
C:\WINDOWS\system32\drivers\Msfs.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| MSKSSRV |
Stopped/Demand |
system32\drivers\MSKSSRV.sys |
5.3.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| MSPCLOCK |
Stopped/Demand |
system32\drivers\MSPCLOCK.sys |
5.3.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| MSPQM |
Stopped/Demand |
system32\drivers\MSPQM.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| mssmbios |
Running/Demand |
system32\DRIVERS\mssmbios.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| Mup |
Running/Boot |
C:\WINDOWS\system32\drivers\Mup.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| NDIS |
Running/Boot |
C:\WINDOWS\system32\drivers\NDIS.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| NdisTapi |
Running/Demand |
system32\DRIVERS\ndistapi.sys |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
| Ndisuio |
Stopped/Demand |
system32\DRIVERS\ndisuio.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| NdisWan |
Running/Demand |
system32\DRIVERS\ndiswan.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| NDProxy |
Running/Demand |
C:\WINDOWS\system32\drivers\NDProxy.sys |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
| NetBIOS |
Running/System |
system32\DRIVERS\netbios.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| NetBT |
Running/System |
system32\DRIVERS\netbt.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| Npfs |
Running/System |
C:\WINDOWS\system32\drivers\Npfs.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| Ntfs |
Running/Disabled |
C:\WINDOWS\system32\drivers\Ntfs.sys |
5.1.2600.3081 (xpsp_sp2_gdr.070209-0028) |
Microsoft Corporation |
| Null |
Running/System |
C:\WINDOWS\system32\drivers\Null.sys |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
| nv |
Running/Demand |
system32\DRIVERS\nv4_mini.sys |
6.14.10.9148 |
NVIDIA Corporation |
| NwlnkFlt |
Stopped/Demand |
system32\DRIVERS\nwlnkflt.sys |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
| NwlnkFwd |
Stopped/Demand |
system32\DRIVERS\nwlnkfwd.sys |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
| Parport |
Stopped/Demand |
C:\WINDOWS\system32\drivers\Parport.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| PartMgr |
Running/Boot |
C:\WINDOWS\system32\drivers\PartMgr.sys |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
| ParVdm |
Stopped/Auto |
C:\WINDOWS\system32\drivers\ParVdm.sys |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
| PCI |
Running/Boot |
\SystemRoot\system32\DRIVERS\pci.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| PCIIde |
Running/Boot |
\SystemRoot\system32\DRIVERS\pciide.sys |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
| Pcmcia |
Stopped/Disabled |
C:\WINDOWS\system32\drivers\Pcmcia.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| PCTCore |
Running/Boot |
\SystemRoot\system32\drivers\PCTCore.sys |
1.0.0.80 built by: WinDDK |
PC Tools |
| perc2 |
Stopped/Disabled |
|
|
|
| perc2hib |
Stopped/Disabled |
|
|
|
| PptpMiniport |
Running/Demand |
system32\DRIVERS\raspptp.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| Processor |
Stopped/System |
system32\DRIVERS\processr.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| PSched |
Running/Demand |
system32\DRIVERS\psched.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| Ptilink |
Running/Demand |
system32\DRIVERS\ptilink.sys |
1.10 (XPClient.010817-1148) |
Parallel Technologies, Inc. |
| ql1080 |
Stopped/Disabled |
|
|
|
| Ql10wnt |
Stopped/Disabled |
|
|
|
| ql12160 |
Stopped/Disabled |
|
|
|
| ql1240 |
Stopped/Disabled |
|
|
|
| ql1280 |
Stopped/Disabled |
|
|
|
| qutmdserv |
Stopped/Demand |
\??\C:\WINDOWS\system32\drivers\qutmdrv.sys |
6.5.0.1005 |
360安全中心 |
| qutmipc |
Stopped/System |
\??\C:\WINDOWS\system32\drivers\qutmipc.sys |
6.2.0.1013 |
360安全中心 |
| RasAcd |
Running/System |
system32\DRIVERS\rasacd.sys |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
| Rasl2tp |
Running/Demand |
system32\DRIVERS\rasl2tp.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| RasPppoe |
Running/Demand |
system32\DRIVERS\raspppoe.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| Raspti |
Running/Demand |
system32\DRIVERS\raspti.sys |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
| Rdbss |
Running/System |
system32\DRIVERS\rdbss.sys |
5.1.2600.2902 (xpsp_sp2_gdr.060505-0036) |
Microsoft Corporation |
| RDPCDD |
Running/System |
System32\DRIVERS\RDPCDD.sys |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
| rdpdr |
Running/Demand |
system32\DRIVERS\rdpdr.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| RDPWD |
Stopped/Demand |
C:\WINDOWS\system32\drivers\RDPWD.sys |
5.1.2600.2695 (xpsp_sp2_gdr.050609-1528) |
Microsoft Corporation |
| redbook |
Running/System |
system32\DRIVERS\redbook.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| rsassist |
Running/Auto |
system32\drivers\rsassist.sys |
1, 0, 0, 7 |
Beijing Rising Information Technology Co., Ltd. |
| RsNTGDI |
Running/Boot |
\SystemRoot\system32\Drivers\RsNTGdi.sys |
22.0.0.0 |
Beijing Rising Information Technology Co., Ltd. |
| Serial |
Stopped/Auto |
C:\WINDOWS\system32\drivers\Serial.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| Sfloppy |
Stopped/System |
C:\WINDOWS\system32\drivers\Sfloppy.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| Simbad |
Stopped/Disabled |
|
|
|
| Sparrow |
Stopped/Disabled |
|
|
|
| splitter |
Stopped/Demand |
system32\drivers\splitter.sys |
5.1.2600.2929 (xpsp_sp2_gdr.060613-2359) |
Microsoft Corporation |
| sr |
Stopped/Disabled |
\SystemRoot\system32\DRIVERS\sr.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| Srv |
Running/Demand |
system32\DRIVERS\srv.sys |
5.1.2600.3491 (xpsp_sp2_gdr.081211-1237) |
Microsoft Corporation |
| STHDA |
Running/Demand |
system32\drivers\sthda.sys |
5.10.5143.0 nd491 cp1 |
SigmaTel, Inc. |
| StillCam |
Stopped/Demand |
system32\DRIVERS\serscan.sys |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
| swenum |
Running/Demand |
system32\DRIVERS\swenum.sys |
5.3.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| swmidi |
Stopped/Demand |
system32\drivers\swmidi.sys |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
| symc810 |
Stopped/Disabled |
|
|
|
| symc8xx |
Stopped/Disabled |
|
|
|
| SymEvent |
Stopped/Demand |
\??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS |
12.5.4.1 |
Symantec Corporation |
| sym_hi |
Stopped/Disabled |
|
|
|
| sym_u3 |
Stopped/Disabled |
|
|
|
| sysaudio |
Running/Demand |
system32\drivers\sysaudio.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| Tcpip |
Running/System |
system32\DRIVERS\tcpip.sys |
5.1.2600.3394 (xpsp_sp2_gdr.080620-1245) |
Microsoft Corporation |
| TDPIPE |
Stopped/Demand |
C:\WINDOWS\system32\drivers\TDPIPE.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| TDTCP |
Stopped/Demand |
C:\WINDOWS\system32\drivers\TDTCP.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| TermDD |
Running/System |
system32\DRIVERS\termdd.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| TosIde |
Stopped/Disabled |
|
|
|
| Udfs |
Stopped/Disabled |
C:\WINDOWS\system32\drivers\Udfs.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| ultra |
Stopped/Disabled |
|
|
|
| Update |
Running/Demand |
system32\DRIVERS\update.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| usbehci |
Running/Demand |
system32\DRIVERS\usbehci.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| usbhub |
Running/Demand |
system32\DRIVERS\usbhub.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| usbohci |
Running/Demand |
system32\DRIVERS\usbohci.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| usbscan |
Stopped/Demand |
system32\DRIVERS\usbscan.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| USBSTOR |
Running/Demand |
system32\DRIVERS\USBSTOR.SYS |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| VgaSave |
Running/System |
\SystemRoot\System32\drivers\vga.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| ViaIde |
Stopped/Disabled |
|
|
|
| VolSnap |
Running/Boot |
C:\WINDOWS\system32\drivers\VolSnap.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| Wanarp |
Running/Demand |
system32\DRIVERS\wanarp.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| wdmaud |
Running/Demand |
system32\drivers\wdmaud.sys |
5.1.2600.2929 (xpsp_sp2_gdr.060613-2359) |
Microsoft Corporation |
| 内核驱动检测 |
| 加载顺序 |
驱动名 |
文件路径 |
版本 |
发行商 |
| 0 |
ntkrnlpa.exe |
C:\WINDOWS\system32\ntkrnlpa.exe |
5.1.2600.3610 (xpsp_sp2_qfe.090804-1435) |
Microsoft Corporation |
| 1 |
hal.dll |
C:\WINDOWS\system32\hal.dll |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 2 |
KDCOM.DLL |
C:\WINDOWS\system32\KDCOM.DLL |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
| 3 |
BOOTVID.dll |
C:\WINDOWS\system32\BOOTVID.dll |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
| 4 |
ACPI.sys |
C:\WINDOWS\system32\drivers\ACPI.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 5 |
WMILIB.SYS |
C:\WINDOWS\system32\DRIVERS\WMILIB.SYS |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
| 6 |
pci.sys |
C:\WINDOWS\system32\drivers\pci.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 7 |
isapnp.sys |
C:\WINDOWS\system32\drivers\isapnp.sys |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
| 8 |
pciide.sys |
C:\WINDOWS\system32\drivers\pciide.sys |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
| 9 |
PCIIDEX.SYS |
C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 10 |
MountMgr.sys |
C:\WINDOWS\system32\drivers\MountMgr.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 11 |
ftdisk.sys |
C:\WINDOWS\system32\drivers\ftdisk.sys |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
| 12 |
dmload.sys |
C:\WINDOWS\system32\drivers\dmload.sys |
2600.0.503.0 |
Microsoft Corp., Veritas Software. |
| 13 |
dmio.sys |
C:\WINDOWS\system32\drivers\dmio.sys |
2600.2180.503.0 |
Microsoft Corp., Veritas Software |
| 14 |
PartMgr.sys |
C:\WINDOWS\system32\drivers\PartMgr.sys |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
| 15 |
VolSnap.sys |
C:\WINDOWS\system32\drivers\VolSnap.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 16 |
atapi.sys |
C:\WINDOWS\system32\drivers\atapi.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 17 |
disk.sys |
C:\WINDOWS\system32\drivers\disk.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 18 |
CLASSPNP.SYS |
C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 19 |
fltMgr.sys |
C:\WINDOWS\system32\drivers\fltMgr.sys |
5.1.2600.2978 (xpsp_sp2_gdr.060821-0039) |
Microsoft Corporation |
| 20 |
PCTCore.sys |
C:\WINDOWS\system32\drivers\PCTCore.sys |
1.0.0.80 built by: WinDDK |
PC Tools |
| 21 |
KSecDD.sys |
C:\WINDOWS\system32\drivers\KSecDD.sys |
5.1.2600.3592 (xpsp_sp2_qfe.090622-1503) |
Microsoft Corporation |
| 22 |
Ntfs.sys |
C:\WINDOWS\system32\drivers\Ntfs.sys |
5.1.2600.3081 (xpsp_sp2_gdr.070209-0028) |
Microsoft Corporation |
| 23 |
NDIS.sys |
C:\WINDOWS\system32\drivers\NDIS.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 24 |
RsNTGdi.sys |
C:\WINDOWS\system32\drivers\RsNTGdi.sys |
22.0.0.0 |
Beijing Rising Information Technology Co., Ltd. |
| 25 |
Mup.sys |
C:\WINDOWS\system32\drivers\Mup.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 26 |
AmdK8.sys |
C:\WINDOWS\system32\DRIVERS\AmdK8.sys |
1.3.2 (dnsrv(wmbla).060701-2226) |
Advanced Micro Devices |
| 27 |
nv4_mini.sys |
C:\WINDOWS\system32\DRIVERS\nv4_mini.sys |
6.14.10.9148 |
NVIDIA Corporation |
| 28 |
VIDEOPRT.SYS |
C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 29 |
usbohci.sys |
C:\WINDOWS\system32\DRIVERS\usbohci.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 30 |
USBPORT.SYS |
C:\WINDOWS\system32\DRIVERS\USBPORT.SYS |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 31 |
usbehci.sys |
C:\WINDOWS\system32\DRIVERS\usbehci.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 32 |
cdrom.sys |
C:\WINDOWS\system32\DRIVERS\cdrom.sys |
5.1.2600.3364 (xpsp_sp2_qfe.080502-1233) |
Microsoft Corporation |
| 33 |
redbook.sys |
C:\WINDOWS\system32\DRIVERS\redbook.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 34 |
ks.sys |
C:\WINDOWS\system32\DRIVERS\ks.sys |
5.3.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 35 |
bcm4sbxp.sys |
C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys |
4.47.0.0 built by: WinDDK |
Broadcom Corporation |
| 36 |
HDAudBus.sys |
C:\WINDOWS\system32\DRIVERS\HDAudBus.sys |
5.10.00.5011 built by: WinDDK |
Windows (R) Server 2003 DDK provider |
| 37 |
audstub.sys |
C:\WINDOWS\system32\DRIVERS\audstub.sys |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
| 38 |
rasl2tp.sys |
C:\WINDOWS\system32\DRIVERS\rasl2tp.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 39 |
ndistapi.sys |
C:\WINDOWS\system32\DRIVERS\ndistapi.sys |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
| 40 |
ndiswan.sys |
C:\WINDOWS\system32\DRIVERS\ndiswan.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 41 |
raspppoe.sys |
C:\WINDOWS\system32\DRIVERS\raspppoe.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 42 |
raspptp.sys |
C:\WINDOWS\system32\DRIVERS\raspptp.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 43 |
TDI.SYS |
C:\WINDOWS\system32\DRIVERS\TDI.SYS |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 44 |
psched.sys |
C:\WINDOWS\system32\DRIVERS\psched.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 45 |
msgpc.sys |
C:\WINDOWS\system32\DRIVERS\msgpc.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 46 |
ptilink.sys |
C:\WINDOWS\system32\DRIVERS\ptilink.sys |
1.10 (XPClient.010817-1148) |
Parallel Technologies, Inc. |
| 47 |
raspti.sys |
C:\WINDOWS\system32\DRIVERS\raspti.sys |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
| 48 |
rdpdr.sys |
C:\WINDOWS\system32\DRIVERS\rdpdr.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 49 |
termdd.sys |
C:\WINDOWS\system32\DRIVERS\termdd.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 50 |
kbdclass.sys |
C:\WINDOWS\system32\DRIVERS\kbdclass.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 51 |
mouclass.sys |
C:\WINDOWS\system32\DRIVERS\mouclass.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 52 |
swenum.sys |
C:\WINDOWS\system32\DRIVERS\swenum.sys |
5.3.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 53 |
update.sys |
C:\WINDOWS\system32\DRIVERS\update.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 54 |
mssmbios.sys |
C:\WINDOWS\system32\DRIVERS\mssmbios.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 55 |
sthda.sys |
C:\WINDOWS\system32\drivers\sthda.sys |
5.10.5143.0 nd491 cp1 |
SigmaTel, Inc. |
| 56 |
portcls.sys |
C:\WINDOWS\system32\drivers\portcls.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 57 |
drmk.sys |
C:\WINDOWS\system32\drivers\drmk.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 58 |
NDProxy.SYS |
C:\WINDOWS\System32\Drivers\NDProxy.SYS |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
| 59 |
usbhub.sys |
C:\WINDOWS\system32\DRIVERS\usbhub.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 60 |
USBD.SYS |
C:\WINDOWS\system32\DRIVERS\USBD.SYS |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
| 61 |
Fs_Rec.SYS |
C:\WINDOWS\System32\Drivers\Fs_Rec.SYS |
5.1.2600.3453 (xpsp_sp2_gdr.080929-1303) |
Microsoft Corporation |
| 62 |
Null.SYS |
C:\WINDOWS\System32\Drivers\Null.SYS |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
| 63 |
Beep.SYS |
C:\WINDOWS\System32\Drivers\Beep.SYS |
|
|
| 64 |
HIDPARSE.SYS |
C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 65 |
vga.sys |
C:\WINDOWS\System32\drivers\vga.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 66 |
mnmdd.SYS |
C:\WINDOWS\System32\Drivers\mnmdd.SYS |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
| 67 |
RDPCDD.sys |
C:\WINDOWS\System32\DRIVERS\RDPCDD.sys |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
| 68 |
Msfs.SYS |
C:\WINDOWS\System32\Drivers\Msfs.SYS |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 69 |
Npfs.SYS |
C:\WINDOWS\System32\Drivers\Npfs.SYS |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 70 |
rasacd.sys |
C:\WINDOWS\system32\DRIVERS\rasacd.sys |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
| 71 |
ipsec.sys |
C:\WINDOWS\system32\DRIVERS\ipsec.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 72 |
tcpip.sys |
C:\WINDOWS\system32\DRIVERS\tcpip.sys |
5.1.2600.3394 (xpsp_sp2_gdr.080620-1245) |
Microsoft Corporation |
| 73 |
netbt.sys |
C:\WINDOWS\system32\DRIVERS\netbt.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 74 |
afd.sys |
C:\WINDOWS\System32\drivers\afd.sys |
5.1.2600.3463 (xpsp_sp2_gdr.081016-1716) |
Microsoft Corporation |
| 75 |
netbios.sys |
C:\WINDOWS\system32\DRIVERS\netbios.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 76 |
ipnat.sys |
C:\WINDOWS\system32\DRIVERS\ipnat.sys |
5.1.2600.2524 (xpsp_sp2_gdr.040919-1056) |
Microsoft Corporation |
| 77 |
rdbss.sys |
C:\WINDOWS\system32\DRIVERS\rdbss.sys |
5.1.2600.2902 (xpsp_sp2_gdr.060505-0036) |
Microsoft Corporation |
| 78 |
hidusb.sys |
C:\WINDOWS\system32\DRIVERS\hidusb.sys |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
| 79 |
HIDCLASS.SYS |
C:\WINDOWS\system32\DRIVERS\HIDCLASS.SYS |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 80 |
wanarp.sys |
C:\WINDOWS\system32\DRIVERS\wanarp.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 81 |
mrxsmb.sys |
C:\WINDOWS\system32\DRIVERS\mrxsmb.sys |
5.1.2600.3675 (xpsp_sp2_gdr.100224-1404) |
Microsoft Corporation |
| 82 |
ipfltdrv.sys |
C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
| 83 |
HookSys.sys |
C:\WINDOWS\system32\drivers\HookSys.sys |
24, 0, 0, 34 |
Beijing Rising Information Technology Co., Ltd. |
| 84 |
HOOKHELP.sys |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
24, 0, 0, 9 |
Beijing Rising Information Technology Co., Ltd. |
| 85 |
dot4usb.sys |
C:\WINDOWS\system32\DRIVERS\dot4usb.sys |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
| 86 |
HookCont.sys |
C:\WINDOWS\system32\drivers\HookCont.sys |
24.0.0.7 |
Beijing Rising Information Technology Co., Ltd. |
| 87 |
Dot4.sys |
C:\WINDOWS\system32\DRIVERS\Dot4.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 88 |
Fips.SYS |
C:\WINDOWS\System32\Drivers\Fips.SYS |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
| 89 |
kbdhid.sys |
C:\WINDOWS\system32\DRIVERS\kbdhid.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 90 |
Alidevice.SYS |
C:\WINDOWS\System32\Drivers\Alidevice.SYS |
1.00 built by: WinDDK |
alipay.com |
| 91 |
mouhid.sys |
C:\WINDOWS\system32\DRIVERS\mouhid.sys |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
| 92 |
Dot4Prt.sys |
C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
| 93 |
Cdfs.SYS |
C:\WINDOWS\System32\Drivers\Cdfs.SYS |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 94 |
dump_atapi.sys |
C:\WINDOWS\System32\Drivers\dump_atapi.sys |
|
|
| 95 |
dump_WMILIB.SYS |
C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS |
|
|
| 96 |
win32k.sys |
C:\WINDOWS\System32\win32k.sys |
5.1.2600.3556 (xpsp_sp2_gdr.090417-1237) |
Microsoft Corporation |
| 97 |
Dxapi.sys |
C:\WINDOWS\System32\drivers\Dxapi.sys |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
| 98 |
watchdog.sys |
C:\WINDOWS\System32\watchdog.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 99 |
dxg.sys |
C:\WINDOWS\System32\drivers\dxg.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 100 |
dxgthk.sys |
C:\WINDOWS\System32\drivers\dxgthk.sys |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
| 101 |
nv4_disp.dll |
C:\WINDOWS\System32\nv4_disp.dll |
6.14.10.9148 |
NVIDIA Corporation |
| 102 |
fssfltr_tdi.sys |
C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys |
14.0.8093.0805 |
Microsoft Corporation |
| 103 |
wdmaud.sys |
C:\WINDOWS\system32\drivers\wdmaud.sys |
5.1.2600.2929 (xpsp_sp2_gdr.060613-2359) |
Microsoft Corporation |
| 104 |
sysaudio.sys |
C:\WINDOWS\system32\drivers\sysaudio.sys |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 105 |
rsassist.sys |
C:\WINDOWS\system32\drivers\rsassist.sys |
1, 0, 0, 7 |
Beijing Rising Information Technology Co., Ltd. |
| 106 |
srv.sys |
C:\WINDOWS\system32\DRIVERS\srv.sys |
5.1.2600.3491 (xpsp_sp2_gdr.081211-1237) |
Microsoft Corporation |
| 107 |
HTTP.sys |
C:\WINDOWS\System32\Drivers\HTTP.sys |
5.1.2600.2869 (xpsp_sp2_gdr.060316-1512) |
Microsoft Corporation |
| 108 |
kmixer.sys |
C:\WINDOWS\system32\drivers\kmixer.sys |
5.1.2600.2929 (xpsp_sp2_gdr.060613-2359) |
Microsoft Corporation |
| 109 |
USBSTOR.SYS |
C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 110 |
Fastfat.SYS |
C:\WINDOWS\System32\Drivers\Fastfat.SYS |
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| 111 |
SDDrv.sys |
H:\tools\tool\SystemDetector\SystemDetector\SDDrv.sys |
|
|
| 112 |
ntdll.dll |
C:\WINDOWS\system32\ntdll.dll |
5.1.2600.3520 (xpsp_sp2_qfe.090206-1239) |
Microsoft Corporation |
| Sock提供者检测 |
| 协议类型 |
CLSID |
路径 |
版本 |
发行商 |
| MSAFD Tcpip [TCP/IP] |
{E70F1AA0-AB8B-11CF-8CA3-00805F48A192} |
C:\WINDOWS\system32\mswsock.dll |
5.1.2600.3394 (xpsp_sp2_gdr.080620-1245) |
Microsoft Corporation |
| MSAFD Tcpip [UDP/IP] |
{E70F1AA0-AB8B-11CF-8CA3-00805F48A192} |
C:\WINDOWS\system32\mswsock.dll |
5.1.2600.3394 (xpsp_sp2_gdr.080620-1245) |
Microsoft Corporation |
| MSAFD Tcpip [RAW/IP] |
{E70F1AA0-AB8B-11CF-8CA3-00805F48A192} |
C:\WINDOWS\system32\mswsock.dll |
5.1.2600.3394 (xpsp_sp2_gdr.080620-1245) |
Microsoft Corporation |
| RSVP UDP Service Provider |
{9D60A9E0-337A-11D0-BD88-0000C082E69A} |
C:\WINDOWS\system32\rsvpsp.dll |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
| RSVP TCP Service Provider |
{9D60A9E0-337A-11D0-BD88-0000C082E69A} |
C:\WINDOWS\system32\rsvpsp.dll |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
| MSAFD nwlnkipx [IPX] |
{11058240-BE47-11CF-95C8-00805F48A192} |
C:\WINDOWS\system32\mswsock.dll |
5.1.2600.3394 (xpsp_sp2_gdr.080620-1245) |
Microsoft Corporation |
| MSAFD nwlnkspx [SPX] |
{11058241-BE47-11CF-95C8-00805F48A192} |
C:\WINDOWS\system32\mswsock.dll |
5.1.2600.3394 (xpsp_sp2_gdr.080620-1245) |
Microsoft Corporation |
| MSAFD nwlnkspx [SPX] [Pseudo Stream] |
{11058241-BE47-11CF-95C8-00805F48A192} |
C:\WINDOWS\system32\mswsock.dll |
5.1.2600.3394 (xpsp_sp2_gdr.080620-1245) |
Microsoft Corporation |
| MSAFD nwlnkspx [SPX II] |
{11058241-BE47-11CF-95C8-00805F48A192} |
C:\WINDOWS\system32\mswsock.dll |
5.1.2600.3394 (xpsp_sp2_gdr.080620-1245) |
Microsoft Corporation |
| MSAFD nwlnkspx [SPX II] [Pseudo Stream] |
{11058241-BE47-11CF-95C8-00805F48A192} |
C:\WINDOWS\system32\mswsock.dll |
5.1.2600.3394 (xpsp_sp2_gdr.080620-1245) |
Microsoft Corporation |
| MSAFD NetBIOS [\Device\NetBT_Tcpip_{DB5D6CCA-2DFA-42D5-93FE-03317F682918}] SEQPACKET 0 |
{8D5F1830-C273-11CF-95C8-00805F48A192} |
C:\WINDOWS\system32\mswsock.dll |
5.1.2600.3394 (xpsp_sp2_gdr.080620-1245) |
Microsoft Corporation |
| MSAFD NetBIOS [\Device\NetBT_Tcpip_{DB5D6CCA-2DFA-42D5-93FE-03317F682918}] DATAGRAM 0 |
{8D5F1830-C273-11CF-95C8-00805F48A192} |
C:\WINDOWS\system32\mswsock.dll |
5.1.2600.3394 (xpsp_sp2_gdr.080620-1245) |
Microsoft Corporation |
| MSAFD NetBIOS [\Device\NetBT_Tcpip_{674CEAE0-80CB-44B4-82D3-51EBC95E8BCA}] SEQPACKET 1 |
{8D5F1830-C273-11CF-95C8-00805F48A192} |
C:\WINDOWS\system32\mswsock.dll |
5.1.2600.3394 (xpsp_sp2_gdr.080620-1245) |
Microsoft Corporation |
| MSAFD NetBIOS [\Device\NetBT_Tcpip_{674CEAE0-80CB-44B4-82D3-51EBC95E8BCA}] DATAGRAM 1 |
{8D5F1830-C273-11CF-95C8-00805F48A192} |
C:\WINDOWS\system32\mswsock.dll |
5.1.2600.3394 (xpsp_sp2_gdr.080620-1245) |
Microsoft Corporation |
| MSAFD NetBIOS [\Device\NetBT_Tcpip_{0402BE2F-748E-4232-A083-469C6C62E0C6}] SEQPACKET 2 |
{8D5F1830-C273-11CF-95C8-00805F48A192} |
C:\WINDOWS\system32\mswsock.dll |
5.1.2600.3394 (xpsp_sp2_gdr.080620-1245) |
Microsoft Corporation |
| MSAFD NetBIOS [\Device\NetBT_Tcpip_{0402BE2F-748E-4232-A083-469C6C62E0C6}] DATAGRAM 2 |
{8D5F1830-C273-11CF-95C8-00805F48A192} |
C:\WINDOWS\system32\mswsock.dll |
5.1.2600.3394 (xpsp_sp2_gdr.080620-1245) |
Microsoft Corporation |
| IE插件[BHO] |
| 项目名 |
CLSID |
路径 |
版本 |
发行商 |
| Search Helper |
{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} |
C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll |
1.2.118.0 |
Microsoft Corp. |
| Windows Live Sign-in Helper |
{9030D464-4C02-4ABF-8ECC-5164760863C6} |
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll |
5.000.818.5 |
Microsoft Corporation |
| Windows Live Toolbar Helper |
{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} |
C:\Program Files\Windows Live\Toolbar\wltcore.dll |
14.0.8064.0206 |
Microsoft Corporation |
| IE插件[ToolBar扩展] |
| Blog This |
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} |
|
|
|
| &Research |
{92780B25-18CC-41C8-B9BE-3C9C571A8263} |
C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL |
12.0.4518.1014 |
Microsoft Corporation |
| |
{e2e2dd38-d088-4134-82b7-f2ba38496583} |
%windir%\Network Diagnostic\xpnetdiag.exe |
|
|
| Messenger |
{FB5F1910-F110-11d2-BB9E-00C04F795683} |
C:\Program Files\Messenger\msmsgs.exe |
4.7.3001 |
Microsoft Corporation |
| IE插件[ActiveX] |
| |
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} |
|
|
|
| Outlook Today's Data-binding control |
{0468C085-CA5B-11D0-AF08-00609797F0E0} |
C:\PROGRA~1\MICROS~2\Office12\OUTLCTL.DLL |
|
|
| Web Browser Applet Control |
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} |
C:\WINDOWS\system32\msjava.dll |
5.00.3810 |
Microsoft Corporation |
| |
{0CCA191D-13A6-4E29-B746-314DEE697D83} |
|
|
|
| InformationCardSigninHelper Class |
{19916E01-B44E-4E31-94A4-4696DF46157B} |
C:\WINDOWS\system32\icardie.dll |
7.00.6000.16791 (vista_gdr.081217-1620) |
Microsoft Corporation |
| |
{219C3416-8CB2-491A-A3C7-D9FCDDC9D600} |
|
|
|
| &Windows Live Toolbar |
{21FA44EF-376D-4D53-9B0F-8A89D3229068} |
C:\Program Files\Windows Live\Toolbar\wltcore.dll |
14.0.8064.0206 |
Microsoft Corporation |
| Windows Media Player |
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} |
C:\WINDOWS\system32\wmpdxm.dll |
10.00.00.4074 |
Microsoft Corporation |
| HTML Document |
{25336920-03F9-11CF-8FD0-00AA00686F13} |
C:\WINDOWS\system32\mshtml.dll |
7.00.6000.16809 (vista_gdr.090114-1504) |
Microsoft Corporation |
| XML DOM Document |
{2933BF90-7B36-11D2-B20E-00C04F983E60} |
C:\WINDOWS\system32\msxml3.dll |
8.100.1048.0 |
Microsoft Corporation |
| XSL Template |
{2933BF94-7B36-11D2-B20E-00C04F983E60} |
C:\WINDOWS\system32\msxml3.dll |
8.100.1048.0 |
Microsoft Corporation |
| DHTML Edit Control Safe for Scripting for IE5 |
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} |
C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx |
6.01.9247 |
Microsoft Corporation |
| HtmlDlgSafeHelper Class |
{3050F819-98B5-11CF-BB82-00AA00BDCE0B} |
C:\WINDOWS\system32\mshtmled.dll |
7.00.6000.16791 (vista_gdr.081217-1620) |
Microsoft Corporation |
| IETag Factory |
{38481807-CA0E-42D2-BF39-B33AF135CC4D} |
C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL |
12.0.4518.1014 |
Microsoft Corporation |
| EditCtrl Class |
{488A4255-3236-44B3-8F27-FA1AECAA8844} |
C:\WINDOWS\system32\aliedit\aliedit.dll |
2, 1, 2, 5 |
|
| |
{4eb89ff4-7f78-4a0f-8b8d-2bf02e94e4b2} |
|
|
|
| |
{4EDCB26C-D24C-4e72-AF07-B576699AC0DE} |
|
|
|
| Remote Access ActiveX Client |
{556EEC63-31E2-47C3-BF29-DFF799D2FE04} |
C:\WINDOWS\Downloaded Program Files\RACtrl.dll |
|
|
| Windows Media Player |
{6BF52A52-394A-11D3-B153-00C04F79FAA6} |
C:\WINDOWS\system32\wmp.dll |
10.00.00.4074 |
Microsoft Corporation |
| |
{6CE4B8A6-4DB5-4F63-8013-1197503692EF} |
|
|
|
| Search Helper |
{6EBF7485-159F-4BFF-A14F-B9E3AAC4465B} |
C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll |
1.2.118.0 |
Microsoft Corp. |
| |
{7390f3d8-0439-4c05-91e3-cf5cb290c3d0} |
|
|
|
| |
{7584c670-2274-4efb-b00b-d6aaba6d3850} |
|
|
|
| |
{7E853D72-626A-48EC-A868-BA8D5E23E045} |
|
|
|
| Microsoft Web Browser |
{8856F961-340A-11D0-A96B-00C04FD705A2} |
C:\WINDOWS\system32\ieframe.dll |
7.00.6000.16791 (vista_gdr.081217-1620) |
Microsoft Corporation |
| XML DOM Document 5.0 |
{88D969E5-F192-11D4-A65F-0040963251E5} |
C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll |
5.20.1087.0 |
Microsoft Corporation |
| XML DOM Document 6.0 |
{88D96A05-F192-11D4-A65F-0040963251E5} |
C:\WINDOWS\system32\msxml6.dll |
|
|
| XML HTTP 6.0 |
{88D96A0A-F192-11D4-A65F-0040963251E5} |
C:\WINDOWS\system32\msxml6.dll |
|
|
| Windows Live Sign-in Helper |
{9030D464-4C02-4ABF-8ECC-5164760863C6} |
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll |
5.000.818.5 |
Microsoft Corporation |
| |
{9059f30f-4eb1-4bd2-9fdc-36f43a218f4a} |
|
|
|
| |
{92780B25-18CC-41C8-B9BE-3C9C571A8263} |
|
|
|
| SearchAssistantOC |
{B45FF030-4447-11D2-85DE-00C04FA35C89} |
C:\WINDOWS\system32\shdocvw.dll |
6.00.2900.3395 (xpsp_sp2_gdr.080623-1307) |
Microsoft Corporation |
| |
{B69F34DD-F0F9-42DC-9EDD-957187DA688D} |
|
|
|
| RDS.DataSpace |
{BD96C556-65A3-11D0-983A-00C04FC29E36} |
C:\Program Files\Common Files\System\msadc\msadco.dll |
2.81.1117.0 (xpsp_sp2_rtm.040803-2158) |
Microsoft Corporation |
| Adobe PDF Reader |
{CA8A9780-280D-11CF-A24D-444553540000} |
C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroPDF.dll |
7.0.8.0 |
Adobe Systems, Inc. |
| AUDIO__MID Moniker Class |
{CD3AFA74-B84F-48F0-9393-7EDC34128127} |
C:\WINDOWS\system32\wmp.dll |
10.00.00.4074 |
Microsoft Corporation |
| AUDIO__MP3 Moniker Class |
{CD3AFA76-B84F-48F0-9393-7EDC34128127} |
C:\WINDOWS\system32\wmp.dll |
10.00.00.4074 |
Microsoft Corporation |
| AUDIO__X_MS_WMA Moniker Class |
{CD3AFA84-B84F-48F0-9393-7EDC34128127} |
C:\WINDOWS\system32\wmp.dll |
10.00.00.4074 |
Microsoft Corporation |
| VIDEO__X_MS_ASF Moniker Class |
{CD3AFA8F-B84F-48F0-9393-7EDC34128127} |
C:\WINDOWS\system32\wmp.dll |
10.00.00.4074 |
Microsoft Corporation |
| VIDEO__X_MS_WMV Moniker Class |
{CD3AFA94-B84F-48F0-9393-7EDC34128127} |
C:\WINDOWS\system32\wmp.dll |
10.00.00.4074 |
Microsoft Corporation |
| Windows Live Sign-in Control |
{D2517915-48CE-4286-970F-921E881B8C5C} |
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll |
5.000.818.5 |
Microsoft Corporation |
| Shockwave Flash Object |
{D27CDB6E-AE6D-11CF-96B8-444553540000} |
C:\WINDOWS\system32\Macromed\Flash\Flash10h.ocx |
10,1,53,64 |
Adobe Systems, Inc. |
| Microsoft Silverlight |
{DFEAF541-F3E1-4C24-ACAC-99C30715084A} |
c:\Program Files\Microsoft Silverlight\4.0.50524.0\npctrl.dll |
4.0.50524.0 |
Microsoft Corporation |
| |
{E008A543-CEFB-4559-912F-C27C2B89F13B} |
|
|
|
| Windows Live Toolbar Helper |
{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} |
C:\Program Files\Windows Live\Toolbar\wltcore.dll |
14.0.8064.0206 |
Microsoft Corporation |
| |
{E1771B7F-98BE-407F-BA67-AA16ADA5D0C5} |
C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGSC1~1.DLL |
14.0.8089.0726 |
Microsoft Corporation |
| |
{E2E2DD38-D088-4134-82B7-F2BA38496583} |
|
|
|
| XML HTTP Request |
{ED8C108E-4349-11D2-91A4-00C04F7969E8} |
C:\WINDOWS\system32\msxml3.dll |
8.100.1048.0 |
Microsoft Corporation |
| |
{F3D34410-6F9A-4FDD-987E-410C6F7AEA27} |
|
|
|
| XML DOM Document 3.0 |
{F5078F32-C551-11D3-89B9-0000F81FE221} |
C:\WINDOWS\system32\msxml3.dll |
8.100.1048.0 |
Microsoft Corporation |
| XML HTTP 3.0 |
{F5078F35-C551-11D3-89B9-0000F81FE221} |
C:\WINDOWS\system32\msxml3.dll |
8.100.1048.0 |
Microsoft Corporation |
| XML DOM Document |
{F6D90F11-9C73-11D3-B32E-00C04F990BB4} |
C:\WINDOWS\system32\msxml3.dll |
8.100.1048.0 |
Microsoft Corporation |
| Free Threaded XML DOM Document |
{F6D90F12-9C73-11D3-B32E-00C04F990BB4} |
C:\WINDOWS\system32\msxml3.dll |
8.100.1048.0 |
Microsoft Corporation |
| XML HTTP |
{F6D90F16-9C73-11D3-B32E-00C04F990BB4} |
C:\WINDOWS\system32\msxml3.dll |
8.100.1048.0 |
Microsoft Corporation |
| |
{FB5F1910-F110-11D2-BB9E-00C04F795683} |
|
|
|
| Performance Viewer Activex Control |
{FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} |
C:\WINDOWS\Downloaded Program Files\RACtrl.dll |
|
|
| SSDT TABLE HOOK检测 |
| API NAME |
原始地址 |
当前地址 |
HOOK路径 |
版本 |
发行商 |
| NtAssignProcessToJobObject |
0x805CC3C0 |
0xF781B831 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
24, 0, 0, 9 |
Beijing Rising Information Technology Co., Ltd. |
| NtCreateKey |
0x80619E78 |
0xF72BF514 |
C:\WINDOWS\system32\drivers\PCTCore.sys |
1.0.0.80 built by: WinDDK |
PC Tools |
| NtCreateMutant |
0x8060D23C |
0xF781B8B5 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
24, 0, 0, 9 |
Beijing Rising Information Technology Co., Ltd. |
| NtCreateProcess |
0x805C6F46 |
0xF72AE282 |
C:\WINDOWS\system32\drivers\PCTCore.sys |
1.0.0.80 built by: WinDDK |
PC Tools |
| NtCreateProcessEx |
0x805C6E90 |
0xF72AE474 |
C:\WINDOWS\system32\drivers\PCTCore.sys |
1.0.0.80 built by: WinDDK |
PC Tools |
| NtCreateSection |
0x805A03BA |
0xF781BD38 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
24, 0, 0, 9 |
Beijing Rising Information Technology Co., Ltd. |
| NtCreateSymbolicLinkObject |
0x805B90CC |
0xF781B9BD |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
24, 0, 0, 9 |
Beijing Rising Information Technology Co., Ltd. |
| NtCreateThread |
0x805C6D2E |
0xF781B663 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
24, 0, 0, 9 |
Beijing Rising Information Technology Co., Ltd. |
| NtDebugActiveProcess |
0x80638F02 |
0xF781B7AD |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
24, 0, 0, 9 |
Beijing Rising Information Technology Co., Ltd. |
| NtDeleteKey |
0x8061A308 |
0xF72BFD00 |
C:\WINDOWS\system32\drivers\PCTCore.sys |
1.0.0.80 built by: WinDDK |
PC Tools |
| NtDeleteValueKey |
0x8061A4D8 |
0xF72BFFB8 |
C:\WINDOWS\system32\drivers\PCTCore.sys |
1.0.0.80 built by: WinDDK |
PC Tools |
| NtDeviceIoControlFile |
0x8056E142 |
0xF781B852 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
24, 0, 0, 9 |
Beijing Rising Information Technology Co., Ltd. |
| NtDuplicateObject |
0x805B337C |
0xF781B95A |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
24, 0, 0, 9 |
Beijing Rising Information Technology Co., Ltd. |
| NtLoadDriver |
0x8057921A |
0xF781B621 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
24, 0, 0, 9 |
Beijing Rising Information Technology Co., Ltd. |
| NtLockVirtualMemory |
0x805ABBA6 |
0xF781B76B |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
24, 0, 0, 9 |
Beijing Rising Information Technology Co., Ltd. |
| NtOpenKey |
0x8061B20E |
0xF72BE3FA |
C:\WINDOWS\system32\drivers\PCTCore.sys |
1.0.0.80 built by: WinDDK |
PC Tools |
| NtOpenProcess |
0x805C0DD6 |
0xF781B8F7 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
24, 0, 0, 9 |
Beijing Rising Information Technology Co., Ltd. |
| NtOpenSection |
0x8059F3F0 |
0xF781B684 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
24, 0, 0, 9 |
Beijing Rising Information Technology Co., Ltd. |
| NtProtectVirtualMemory |
0x805AD66E |
0xF781B74A |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
24, 0, 0, 9 |
Beijing Rising Information Technology Co., Ltd. |
| NtQueryDirectoryFile |
0x8056ED74 |
0xF781B894 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
24, 0, 0, 9 |
Beijing Rising Information Technology Co., Ltd. |
| NtQuerySystemInformation |
0x806075D4 |
0xF781B939 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
24, 0, 0, 9 |
Beijing Rising Information Technology Co., Ltd. |
| NtQueryValueKey |
0x80617F32 |
0xF781B810 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
24, 0, 0, 9 |
Beijing Rising Information Technology Co., Ltd. |
| NtQueueApcThread |
0x805C6F8C |
0xF781B729 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
24, 0, 0, 9 |
Beijing Rising Information Technology Co., Ltd. |
| NtRenameKey |
0x8061989E |
0xF72C0422 |
C:\WINDOWS\system32\drivers\PCTCore.sys |
1.0.0.80 built by: WinDDK |
PC Tools |
| NtRequestWaitReplyPort |
0x80597D5E |
0xF781B7EF |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
24, 0, 0, 9 |
Beijing Rising Information Technology Co., Ltd. |
| NtRestoreKey |
0x80618280 |
0xF781BAA4 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
24, 0, 0, 9 |
Beijing Rising Information Technology Co., Ltd. |
| NtSetContextThread |
0x805C7450 |
0xF781B6E7 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
24, 0, 0, 9 |
Beijing Rising Information Technology Co., Ltd. |
| NtSetInformationProcess |
0x805C3894 |
0xF781B918 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
24, 0, 0, 9 |
Beijing Rising Information Technology Co., Ltd. |
| NtSetSecurityObject |
0x805B551C |
0xF781BA83 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
24, 0, 0, 9 |
Beijing Rising Information Technology Co., Ltd. |
| NtSetSystemInformation |
0x80605922 |
0xF781B78C |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
24, 0, 0, 9 |
Beijing Rising Information Technology Co., Ltd. |
| NtSetSystemTime |
0x8060A030 |
0xF781B873 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
24, 0, 0, 9 |
Beijing Rising Information Technology Co., Ltd. |
| NtSetValueKey |
0x80618538 |
0xF72BF7D8 |
C:\WINDOWS\system32\drivers\PCTCore.sys |
1.0.0.80 built by: WinDDK |
PC Tools |
| NtSuspendProcess |
0x805CA7E6 |
0xF781B708 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
24, 0, 0, 9 |
Beijing Rising Information Technology Co., Ltd. |
| NtSuspendThread |
0x805CA658 |
0xF781B6C6 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
24, 0, 0, 9 |
Beijing Rising Information Technology Co., Ltd. |
| NtSystemDebugControl |
0x8060DC58 |
0xF781B7CE |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
24, 0, 0, 9 |
Beijing Rising Information Technology Co., Ltd. |
| NtTerminateProcess |
0x805C8726 |
0xF72ADF32 |
C:\WINDOWS\system32\drivers\PCTCore.sys |
1.0.0.80 built by: WinDDK |
PC Tools |
| NtTerminateThread |
0x805C8920 |
0xF781B6A5 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
24, 0, 0, 9 |
Beijing Rising Information Technology Co., Ltd. |
| NtUnmapViewOfSection |
0x805A7EEC |
0xF781B8D6 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
24, 0, 0, 9 |
Beijing Rising Information Technology Co., Ltd. |
| NtWriteVirtualMemory |
0x805A9476 |
0xF781B642 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
24, 0, 0, 9 |
Beijing Rising Information Technology Co., Ltd. |