系统进程检测 |
进程ID |
路径 |
版本 |
发行商 |
900 |
C:\WINDOWS\System32\SMSS.EXE |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
968 |
C:\WINDOWS\System32\CSRSS.EXE |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
992 |
C:\WINDOWS\System32\WINLOGON.EXE |
5.1.2600.5512 (xpsp.080413-2113) |
Microsoft Corporation |
|
C:\WINDOWS\System32\SFC_OS.DLL |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
|
C:\WINDOWS\System32\UXTHEME.DLL |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
|
C:\WINDOWS\System32\AETSPROV.DLL |
2.3.0.9 |
A.E.T. Europe B.V. |
|
C:\WINDOWS\System32\MSVCP71.DLL |
7.10.3077.0 |
Microsoft Corporation |
|
C:\WINDOWS\System32\MSVCR71.DLL |
7.10.3052.4 |
Microsoft Corporation |
|
C:\WINDOWS\System32\aetpkss1.dll |
2.3.0.15080 |
A.E.T. Europe B.V. |
1036 |
C:\WINDOWS\System32\SERVICES.EXE |
5.1.2600.5755 (xpsp_sp3_gdr.090206-1234) |
Microsoft Corporation |
1048 |
C:\WINDOWS\System32\LSASS.EXE |
5.1.2600.5512 (xpsp.080413-2113) |
Microsoft Corporation |
|
C:\WINDOWS\System32\UXTHEME.DLL |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
1220 |
C:\WINDOWS\System32\SVCHOST.EXE |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
|
C:\WINDOWS\System32\UXTHEME.DLL |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
1300 |
C:\WINDOWS\System32\SVCHOST.EXE |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
|
C:\WINDOWS\System32\UXTHEME.DLL |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
1424 |
C:\Program Files\Rising\RSD\RsMgrSvc.exe |
1.0.0.13 |
Beijing Rising Information Technology Co., Ltd. |
1436 |
C:\Program Files\Rising\Rav\RavMonD.exe |
23, 0, 0, 12 |
Beijing Rising Information Technology Co., Ltd. |
|
C:\WINDOWS\System32\SFC_OS.DLL |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
1452 |
C:\Program Files\Rising\RFW\RavMonD.exe |
23, 0, 0, 12 |
Beijing Rising Information Technology Co., Ltd. |
|
C:\WINDOWS\System32\MSVCP71.DLL |
7.10.3077.0 |
Microsoft Corporation |
|
C:\WINDOWS\System32\MSVCR71.DLL |
7.10.3052.4 |
Microsoft Corporation |
|
C:\Program Files\Rising\RFW\Urllib.dll |
23, 0, 0, 1 |
Beijing Rising Information Technology Co., Ltd. |
1536 |
C:\WINDOWS\System32\SVCHOST.EXE |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
|
C:\WINDOWS\System32\UXTHEME.DLL |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
|
C:\WINDOWS\System32\MSI.DLL |
4.5.6001.22159 |
Microsoft Corporation |
|
C:\WINDOWS\System32\SFC_OS.DLL |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
|
C:\WINDOWS\System32\AETSPROV.DLL |
2.3.0.9 |
A.E.T. Europe B.V. |
|
C:\WINDOWS\System32\MSVCP71.DLL |
7.10.3077.0 |
Microsoft Corporation |
|
C:\WINDOWS\System32\MSVCR71.DLL |
7.10.3052.4 |
Microsoft Corporation |
1704 |
C:\WINDOWS\System32\SVCHOST.EXE |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
|
C:\WINDOWS\System32\UXTHEME.DLL |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
1804 |
C:\WINDOWS\System32\SVCHOST.EXE |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
|
C:\WINDOWS\System32\UXTHEME.DLL |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
1820 |
C:\Program Files\360\360SAFE\DEEPSCAN\ZhuDongFangYu.exe |
3, 2, 2, 1003 |
360.cn |
|
C:\Program Files\360\360SAFE\DEEPSCAN\heavygate.dll |
3, 6, 21, 0 |
360.cn |
1972 |
C:\Program Files\Kingsoft\KSM\KSMSVC.EXE |
2010,10,27,1479 |
|
2036 |
C:\Program Files\KSafe\KSafeSvc.exe |
2.0.2.1210 |
Kingsoft Corporation. |
|
C:\WINDOWS\System32\MSI.DLL |
4.5.6001.22159 |
Microsoft Corporation |
716 |
C:\WINDOWS\System32\SPOOLSV.EXE |
5.1.2600.6024 (xpsp_sp3_gdr.100817-1626) |
Microsoft Corporation |
|
C:\WINDOWS\System32\UXTHEME.DLL |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
|
C:\WINDOWS\System32\SFC_OS.DLL |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
|
C:\WINDOWS\System32\MSI.DLL |
4.5.6001.22159 |
Microsoft Corporation |
|
C:\WINDOWS\System32\ssnetmon.dll |
7.1.6 |
Seagull Scientific, Inc. |
|
C:\WINDOWS\System32\spool\drivers\W32X86\3\ts#tsc-u.dll |
7.1.6.6 |
Seagull Scientific, Inc. |
|
C:\WINDOWS\System32\spool\drivers\W32X86\3\uniDRVui.DLL |
5.2.3790.120 (srv03_qfe.031205-1652) |
Microsoft Corporation |
|
C:\WINDOWS\System32\spool\drivers\W32X86\3\uniDRV.DLL |
5.2.3790.184 (srv03_qfe.040410-1236) |
Microsoft Corporation |
1584 |
C:\WINDOWS\EXPLORER.EXE |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
|
C:\WINDOWS\System32\UXTHEME.DLL |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
|
C:\WINDOWS\System32\MSI.DLL |
4.5.6001.22159 |
Microsoft Corporation |
|
C:\Program Files\WinRAR\RarExt.dll |
|
|
|
C:\WINDOWS\System32\browselc.dll |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
248 |
C:\Program Files\360\360SAFE\SAFEMON\360TRAY.EXE |
7, 3, 1, 1012 |
360.cn |
|
C:\WINDOWS\System32\UXTHEME.DLL |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
|
C:\WINDOWS\System32\SFC_OS.DLL |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
|
C:\WINDOWS\System32\AETSPROV.DLL |
2.3.0.9 |
A.E.T. Europe B.V. |
|
C:\WINDOWS\System32\MSVCP71.DLL |
7.10.3077.0 |
Microsoft Corporation |
|
C:\WINDOWS\System32\MSVCR71.DLL |
7.10.3052.4 |
Microsoft Corporation |
|
C:\Program Files\360\360SAFE\DEEPSCAN\heavygate.dll |
3, 6, 21, 0 |
360.cn |
268 |
C:\Program Files\Rising\Rav\RsTray.exe |
23.0.0.8 |
Beijing Rising Information Technology Co., Ltd. |
|
C:\WINDOWS\System32\UXTHEME.DLL |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
|
C:\WINDOWS\System32\MSVCP71.DLL |
7.10.3077.0 |
Microsoft Corporation |
|
C:\WINDOWS\System32\MSVCR71.DLL |
7.10.3052.4 |
Microsoft Corporation |
336 |
C:\Program Files\Rising\RFW\RsTray.exe |
23.0.0.8 |
Beijing Rising Information Technology Co., Ltd. |
|
C:\WINDOWS\System32\MSVCP71.DLL |
7.10.3077.0 |
Microsoft Corporation |
|
C:\WINDOWS\System32\MSVCR71.DLL |
7.10.3052.4 |
Microsoft Corporation |
|
C:\WINDOWS\System32\UXTHEME.DLL |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
420 |
C:\Program Files\KSafe\KSafeTray.exe |
2.0.2.1213 |
Kingsoft Corporation. |
|
C:\WINDOWS\System32\UXTHEME.DLL |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
|
C:\WINDOWS\System32\MSI.DLL |
4.5.6001.22159 |
Microsoft Corporation |
708 |
C:\WINDOWS\System32\CTFMON.EXE |
5.1.2600.5512 (xpsp.080413-2105) |
Microsoft Corporation |
|
C:\WINDOWS\System32\UXTHEME.DLL |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
4076 |
D:\MSSQL\Binn\sqlservr.exe |
2000.080.0760.00 |
Microsoft Corporation |
|
D:\MSSQL\Binn\opends60.dll |
2000.080.0194.00 |
Microsoft Corporation |
|
D:\MSSQL\Binn\ums.dll |
2000.080.0760.00 |
Microsoft Corporation |
|
D:\MSSQL\Binn\sqlsort.dll |
2000.080.0760.00 |
Microsoft Corporation |
|
D:\MSSQL\Binn\Resources\2052\sqlevn70.rll |
2000.080.0760.00 |
Microsoft Corporation |
|
D:\MSSQL\Binn\SSnetlib.dll |
2000.080.0766.00 |
Microsoft Corporation |
|
D:\MSSQL\Binn\ssnmpn70.dll |
2000.080.0534.00 |
Microsoft Corporation |
|
C:\WINDOWS\System32\AETSPROV.DLL |
2.3.0.9 |
A.E.T. Europe B.V. |
|
C:\WINDOWS\System32\MSVCP71.DLL |
7.10.3077.0 |
Microsoft Corporation |
|
C:\WINDOWS\System32\MSVCR71.DLL |
7.10.3052.4 |
Microsoft Corporation |
|
D:\MSSQL\Binn\SSmsLPCn.dll |
2000.080.0760.00 |
Microsoft Corporation |
|
D:\MSSQL\Binn\xprepl.dll |
2000.080.0760.00 |
Microsoft Corporation |
|
D:\MSSQL\Binn\xpstar.DLL |
2000.080.0760.00 |
Microsoft Corporation |
|
D:\MSSQL\Binn\sqlresld.dll |
2000.080.0382.00 |
Microsoft Corporation |
|
D:\MSSQL\Binn\sqlsvc.dll |
2000.080.0760.00 |
Microsoft Corporation |
|
D:\MSSQL\Binn\w95scm.DLL |
2000.080.0760.00 |
Microsoft Corporation |
|
D:\MSSQL\Binn\Resources\2052\sqlsvc.RLL |
2000.080.0194.00 |
Microsoft Corporation |
|
D:\MSSQL\Binn\Resources\2052\xpstar.RLL |
2000.080.0760.00 |
Microsoft Corporation |
|
D:\MSSQL\Binn\ODSOLE70.dll |
2000.080.0760.00 |
Microsoft Corporation |
636 |
C:\WINDOWS\System32\NVSVC32.EXE |
6.14.11.7519 |
NVIDIA Corporation |
|
C:\WINDOWS\System32\NVAPI.DLL |
6.14.11.7519 |
NVIDIA Corporation |
1608 |
C:\WINDOWS\System32\SVCHOST.EXE |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
|
C:\WINDOWS\System32\UXTHEME.DLL |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
3704 |
D:\海德商业管理系统普及版\sypos.exe |
|
|
|
D:\海德商业管理系统普及版\PBVM90.DLL |
9.0.3.8670 |
Sybase Inc. |
|
D:\海德商业管理系统普及版\LIBJCC.DLL |
|
|
|
D:\海德商业管理系统普及版\wsock32.dll |
5.00.2195.6603 |
Microsoft Corporation |
|
D:\海德商业管理系统普及版\SYUtils.dll |
|
|
|
D:\海德商业管理系统普及版\PBODB90.DLL |
9.0.3.8670 |
Sybase Inc. |
|
D:\海德商业管理系统普及版\DBODBC8.DLL |
8.0.1.2600 |
iAnywhere Solutions, Inc. |
|
D:\海德商业管理系统普及版\DBLGEN8.DLL |
8.0.1.2600 |
iAnywhere Solutions, Inc. |
|
C:\WINDOWS\System32\UXTHEME.DLL |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
|
D:\海德商业管理系统普及版\MSCOMM32.OCX |
6.00.8169 |
Microsoft Corporation |
|
D:\海德商业管理系统普及版\PBDWE90.DLL |
9.0.3.8670 |
Sybase Inc. |
|
C:\WINDOWS\System32\spool\drivers\W32X86\3\uniDRV.DLL |
5.2.3790.184 (srv03_qfe.040410-1236) |
Microsoft Corporation |
|
C:\WINDOWS\System32\spool\drivers\W32X86\3\uniDRVui.DLL |
5.2.3790.120 (srv03_qfe.031205-1652) |
Microsoft Corporation |
2960 |
D:\海德商业管理系统普及版\DBENG8.EXE |
8.0.1.2600 |
iAnywhere Solutions, Inc. |
|
D:\海德商业管理系统普及版\DBSERV8.DLL |
8.0.1.2600 |
iAnywhere Solutions, Inc. |
|
D:\海德商业管理系统普及版\wsock32.dll |
5.00.2195.6603 |
Microsoft Corporation |
|
D:\海德商业管理系统普及版\DBCTRS8.DLL |
8.0.1.2600 |
iAnywhere Solutions, Inc. |
|
D:\海德商业管理系统普及版\DBLGEN8.DLL |
8.0.1.2600 |
iAnywhere Solutions, Inc. |
2004 |
D:\Program Files\QQ2009\Bin\QQ.exe |
1, 25, 660, 0 |
Tencent |
|
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.DLL |
8.00.50727.4053 |
Microsoft Corporation |
|
D:\Program Files\QQ2009\Bin\KernelUtil.dll |
1, 25, 660, 0 |
Tencent |
|
D:\Program Files\QQ2009\Bin\HookQQ.dll |
|
|
|
D:\Program Files\QQ2009\Bin\LoadPatch.dll |
|
|
|
D:\Program Files\QQ2009\Bin\TheTools.dll |
|
|
|
D:\Program Files\QQ2009\Bin\HKDlls\KillQQAd.dll |
|
|
|
C:\WINDOWS\System32\MSI.DLL |
4.5.6001.22159 |
Microsoft Corporation |
|
D:\Program Files\QQ2009\Bin\CustomFace.dll |
1, 25, 660, 0 |
Tencent |
|
D:\Program Files\QQ2009\Plugin\Com.Tencent.PaiPai\bin\PaiPai.dll |
1, 25, 660, 0 |
Tencent |
|
D:\Program Files\QQ2009\Plugin\Com.Tencent.SoBar\bin\SoBar.dll |
1, 25, 660, 0 |
Tencent |
|
C:\WINDOWS\System32\UXTHEME.DLL |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
|
C:\WINDOWS\System32\MSVCP71.DLL |
7.10.3077.0 |
Microsoft Corporation |
|
C:\WINDOWS\System32\MSVCR71.DLL |
7.10.3052.4 |
Microsoft Corporation |
4068 |
D:\Program Files\QQ2009\Bin\HKDlls\KQAdTray.exe |
|
|
|
C:\WINDOWS\System32\UXTHEME.DLL |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
|
D:\Program Files\QQ2009\Bin\HKDlls\IPSearcher.dll |
|
|
2804 |
D:\Program Files\QQ2009\Bin\TXPlatform.exe |
1, 25, 660, 0 |
Tencent |
|
C:\WINDOWS\System32\MSI.DLL |
4.5.6001.22159 |
Microsoft Corporation |
3020 |
D:\Program Files\QQ2009\Bin\QQ.exe |
1, 25, 660, 0 |
Tencent |
|
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.DLL |
8.00.50727.4053 |
Microsoft Corporation |
|
D:\Program Files\QQ2009\Bin\KernelUtil.dll |
1, 25, 660, 0 |
Tencent |
|
D:\Program Files\QQ2009\Bin\HookQQ.dll |
|
|
|
D:\Program Files\QQ2009\Bin\LoadPatch.dll |
|
|
|
D:\Program Files\QQ2009\Bin\TheTools.dll |
|
|
|
D:\Program Files\QQ2009\Bin\HKDlls\KillQQAd.dll |
|
|
|
C:\WINDOWS\System32\MSI.DLL |
4.5.6001.22159 |
Microsoft Corporation |
|
D:\Program Files\QQ2009\Bin\CustomFace.dll |
1, 25, 660, 0 |
Tencent |
|
D:\Program Files\QQ2009\Plugin\Com.Tencent.PaiPai\bin\PaiPai.dll |
1, 25, 660, 0 |
Tencent |
|
D:\Program Files\QQ2009\Plugin\Com.Tencent.SoBar\bin\SoBar.dll |
1, 25, 660, 0 |
Tencent |
|
C:\WINDOWS\System32\UXTHEME.DLL |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
|
C:\WINDOWS\System32\MSVCP71.DLL |
7.10.3077.0 |
Microsoft Corporation |
|
C:\WINDOWS\System32\MSVCR71.DLL |
7.10.3052.4 |
Microsoft Corporation |
6048 |
C:\WINDOWS\System32\CONVERT.exe |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
|
C:\WINDOWS\System32\UXTHEME.DLL |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
2216 |
C:\Program Files\Internet Explorer\IEXPLORE.EXE |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
|
C:\WINDOWS\System32\browselc.dll |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
|
C:\Program Files\360\360SAFE\DEEPSCAN\heavygate.dll |
3, 6, 21, 0 |
360.cn |
|
C:\WINDOWS\System32\UXTHEME.DLL |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
|
C:\WINDOWS\System32\MSI.DLL |
4.5.6001.22159 |
Microsoft Corporation |
|
C:\WINDOWS\System32\MSVCP71.DLL |
7.10.3077.0 |
Microsoft Corporation |
|
C:\WINDOWS\System32\MSVCR71.DLL |
7.10.3052.4 |
Microsoft Corporation |
1212 |
C:\WINDOWS\System32\CONVERT.exe |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
|
C:\WINDOWS\System32\UXTHEME.DLL |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
4112 |
C:\Program Files\Internet Explorer\IEXPLORE.EXE |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
|
C:\WINDOWS\System32\browselc.dll |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
|
C:\Program Files\360\360SAFE\DEEPSCAN\heavygate.dll |
3, 6, 21, 0 |
360.cn |
|
C:\WINDOWS\System32\UXTHEME.DLL |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
|
C:\WINDOWS\System32\MSI.DLL |
4.5.6001.22159 |
Microsoft Corporation |
|
C:\WINDOWS\System32\MSVCP71.DLL |
7.10.3077.0 |
Microsoft Corporation |
|
C:\WINDOWS\System32\MSVCR71.DLL |
7.10.3052.4 |
Microsoft Corporation |
|
C:\WINDOWS\System32\AETSPROV.DLL |
2.3.0.9 |
A.E.T. Europe B.V. |
4480 |
C:\WINDOWS\System32\msiexec.exe |
4.5.6001.22159 (vistasp1_ldr.080415-1732) |
Microsoft Corporation |
|
C:\WINDOWS\System32\MSI.DLL |
4.5.6001.22159 |
Microsoft Corporation |
|
C:\WINDOWS\System32\UXTHEME.DLL |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
|
C:\WINDOWS\System32\SFC_OS.DLL |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
|
C:\WINDOWS\System32\AETSPROV.DLL |
2.3.0.9 |
A.E.T. Europe B.V. |
|
C:\WINDOWS\System32\MSVCP71.DLL |
7.10.3077.0 |
Microsoft Corporation |
|
C:\WINDOWS\System32\MSVCR71.DLL |
7.10.3052.4 |
Microsoft Corporation |
4768 |
C:\Documents and Settings\SHAN\桌面\SystemDetector\SystemDetector.exe |
1.2 |
WALKER05 |
|
C:\Documents and Settings\SHAN\桌面\SystemDetector\BugTrapU.dll |
1.3.3291.42976 |
IntelleSoft |
|
C:\WINDOWS\System32\UXTHEME.DLL |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
|
C:\WINDOWS\System32\AETSPROV.DLL |
2.3.0.9 |
A.E.T. Europe B.V. |
|
C:\WINDOWS\System32\MSVCP71.DLL |
7.10.3077.0 |
Microsoft Corporation |
|
C:\WINDOWS\System32\MSVCR71.DLL |
7.10.3052.4 |
Microsoft Corporation |
服务检测[系统服务] |
服务名 |
状态/启动模式 |
文件路径 |
版本 |
发行商 |
364svc |
Stopped/Auto |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
367svc |
Stopped/Auto |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
Alerter |
Stopped/Disabled |
C:\WINDOWS\system32\svchost.exe -k LocalService |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
ALG |
Stopped/Demand |
C:\WINDOWS\System32\alg.exe |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
alstk |
Stopped/Auto |
|
|
|
AppMgmt |
Stopped/Demand |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
aqddxkmw |
Stopped/Demand |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
atyskx |
Stopped/Auto |
|
|
|
AudioSrv |
Running/Auto |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
Auomicjarsier |
Stopped/Auto |
C:\Program Files\Auomicjarsier\srvany.exe |
|
|
bennlfwh |
Stopped/Auto |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
BITS |
Stopped/Demand |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
Browser |
Running/Auto |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
bzffntkn |
Stopped/Auto |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
CiSvc |
Stopped/Demand |
C:\WINDOWS\system32\cisvc.exe |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
ClipSrv |
Stopped/Disabled |
C:\WINDOWS\system32\clipsrv.exe |
5.1.2600.5512 (xpsp.080413-2105) |
Microsoft Corporation |
CryptSvc |
Running/Auto |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
DcomLaunch |
Running/Auto |
C:\WINDOWS\system32\svchost -k DcomLaunch |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
Dhcp |
Running/Auto |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
dmadmin |
Stopped/Demand |
C:\WINDOWS\System32\dmadmin.exe /com |
2600.5512.503.0 |
Microsoft Corp., Veritas Software |
dmserver |
Running/Auto |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
Dnscache |
Running/Auto |
C:\WINDOWS\system32\svchost.exe -k NetworkService |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
Dot3svc |
Stopped/Demand |
C:\WINDOWS\System32\svchost.exe -k dot3svc |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
dpljayxs |
Stopped/Auto |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
EapHost |
Stopped/Demand |
C:\WINDOWS\System32\svchost.exe -k eapsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
eciyjsve |
Stopped/Auto |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
ERSvc |
Stopped/Demand |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
Eventlog |
Running/Auto |
C:\WINDOWS\system32\services.exe |
5.1.2600.5755 (xpsp_sp3_gdr.090206-1234) |
Microsoft Corporation |
EventSystem |
Running/Demand |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
F28690593K |
Stopped/Auto |
C:\WINDOWS\System32\svchost.exe -k netsvc |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
FastUserSwitchingCompatibility |
Running/Demand |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
fbwpuyqf |
Stopped/Demand |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
helpsvc |
Stopped/Demand |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
HidServ |
Stopped/Disabled |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
hkmsvc |
Stopped/Demand |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
HTTPFilter |
Stopped/Demand |
C:\WINDOWS\System32\svchost.exe -k HTTPFilter |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
ias |
Stopped/Demand |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
ImapiService |
Stopped/Demand |
C:\WINDOWS\system32\imapi.exe |
5.1.2600.5512 (xpsp.080413-2105) |
Microsoft Corporation |
IPSEC Serices |
Stopped/Auto |
C:\WINDOWS\system32\IPSEC.exe |
|
|
jwsvutek |
Stopped/Auto |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
Kingsoft Rescue Service |
Running/Auto |
C:\Program Files\kingsoft\KSM\ksmsvc.exe |
2010,10,27,1479 |
|
KSafeSvc |
Running/Auto |
"C:\Program Files\KSafe\KSafeSvc.exe" -svc |
2.0.2.1210 |
Kingsoft Corporation. |
kzpuzugk |
Stopped/Demand |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
LanmanServer |
Running/Auto |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
lanmanworkstation |
Running/Auto |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
LmHosts |
Running/Auto |
C:\WINDOWS\system32\svchost.exe -k LocalService |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
lpskyaui |
Stopped/Demand |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
lsibczzs |
Stopped/Demand |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
ltmi |
Stopped/Auto |
|
|
|
Messenger |
Stopped/Disabled |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
mnmsrvc |
Stopped/Demand |
C:\WINDOWS\system32\mnmsrvc.exe |
5.1.2600.5512 |
Microsoft Corporation |
MSDIS |
Stopped/Auto |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
MSDTC |
Stopped/Demand |
C:\WINDOWS\system32\msdtc.exe |
2001.12.4414.700 |
Microsoft Corporation |
MSIServer |
Running/Demand |
C:\WINDOWS\system32\msiexec.exe /V |
4.5.6001.22159 (vistasp1_ldr.080415-1732) |
Microsoft Corporation |
MSSQL$AAAA |
Stopped/Demand |
C:\PROGRA~1\MI6841~1\MSSQL$~1\binn\sqlservr.exe -sAAAA |
2000.080.0194.00 |
Microsoft Corporation |
MSSQLSERVER |
Running/Auto |
D:\MSSQL\Binn\sqlservr.exe -sMSSQLSERVER |
2000.080.0760.00 |
Microsoft Corporation |
MSSQLServerADHelper |
Stopped/Demand |
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe |
2000.080.0760.00 |
Microsoft Corporation |
napagent |
Stopped/Demand |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
NetDDE |
Stopped/Disabled |
C:\WINDOWS\system32\netdde.exe |
5.1.2600.5512 (xpsp.080413-2105) |
Microsoft Corporation |
NetDDEdsdm |
Stopped/Disabled |
C:\WINDOWS\system32\netdde.exe |
5.1.2600.5512 (xpsp.080413-2105) |
Microsoft Corporation |
Netlogon |
Stopped/Demand |
C:\WINDOWS\system32\lsass.exe |
5.1.2600.5512 (xpsp.080413-2113) |
Microsoft Corporation |
Netman |
Running/Demand |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
ngubpivw |
Stopped/Demand |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
Nla |
Running/Demand |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
NtLmSsp |
Stopped/Demand |
C:\WINDOWS\system32\lsass.exe |
5.1.2600.5512 (xpsp.080413-2113) |
Microsoft Corporation |
NtmsSvc |
Stopped/Demand |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
NVSvc |
Running/Auto |
C:\WINDOWS\system32\nvsvc32.exe |
6.14.11.7519 |
NVIDIA Corporation |
ose |
Stopped/Demand |
"C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" |
11.0.5525 |
Microsoft Corporation |
oubkpsed |
Stopped/Demand |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
pjrxihke |
Stopped/Auto |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
PlugPlay |
Running/Auto |
C:\WINDOWS\system32\services.exe |
5.1.2600.5755 (xpsp_sp3_gdr.090206-1234) |
Microsoft Corporation |
PolicyAgent |
Stopped/Demand |
C:\WINDOWS\system32\lsass.exe |
5.1.2600.5512 (xpsp.080413-2113) |
Microsoft Corporation |
ProtectedStorage |
Running/Auto |
C:\WINDOWS\system32\lsass.exe |
5.1.2600.5512 (xpsp.080413-2113) |
Microsoft Corporation |
qxwreajq |
Stopped/Demand |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
RasAuto |
Stopped/Demand |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
RasMan |
Running/Demand |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
Rcoes EcSz Service |
Stopped/Auto |
|
|
|
RDSessMgr |
Stopped/Demand |
C:\WINDOWS\system32\sessmgr.exe |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
RemoteAccess |
Stopped/Disabled |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
RemoteRegistry |
Stopped/Disabled |
C:\WINDOWS\system32\svchost.exe -k LocalService |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
rjpixwbp |
Stopped/Demand |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
RpcLocator |
Stopped/Demand |
C:\WINDOWS\system32\locator.exe |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
RpcSs |
Running/Auto |
C:\WINDOWS\system32\svchost -k rpcss |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
RsMgrSvc |
Running/Auto |
"C:\Program Files\Rising\RSD\RsMgrSvc.exe" |
1.0.0.13 |
Beijing Rising Information Technology Co., Ltd. |
RsRavMon |
Running/Auto |
"C:\Program Files\Rising\Rav\RavMonD.exe" |
23, 0, 0, 12 |
Beijing Rising Information Technology Co., Ltd. |
RsRFWMon |
Running/Auto |
"C:\Program Files\Rising\RFW\RavMonD.exe" |
23, 0, 0, 12 |
Beijing Rising Information Technology Co., Ltd. |
RSVP |
Stopped/Demand |
C:\WINDOWS\system32\rsvp.exe |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
SamSs |
Running/Auto |
C:\WINDOWS\system32\lsass.exe |
5.1.2600.5512 (xpsp.080413-2113) |
Microsoft Corporation |
SCardSvr |
Stopped/Demand |
C:\WINDOWS\System32\SCardSvr.exe |
5.1.2600.5512 (xpsp.080413-2113) |
Microsoft Corporation |
Schedule |
Running/Auto |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
secfog |
Stopped/Auto |
|
|
|
seclogon |
Stopped/Demand |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
SENS |
Running/Auto |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
SharedAccess |
Stopped/Auto |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
ShellHWDetection |
Running/Auto |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
Spooler |
Running/Auto |
C:\WINDOWS\system32\spoolsv.exe |
5.1.2600.6024 (xpsp_sp3_gdr.100817-1626) |
Microsoft Corporation |
SQLAgent$AAAA |
Stopped/Demand |
C:\PROGRA~1\MI6841~1\MSSQL$~1\binn\sqlagent.exe -i AAAA |
2000.080.0194.00 |
Microsoft Corporation |
srservice |
Stopped/Auto |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
SSDPSRV |
Running/Demand |
C:\WINDOWS\system32\svchost.exe -k LocalService |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
stisvc |
Running/Auto |
C:\WINDOWS\system32\svchost.exe -k imgsvc |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
sxvkjfer |
Stopped/Auto |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
TapiSrv |
Running/Demand |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
TermService |
Running/Demand |
C:\WINDOWS\System32\svchost -k DComLaunch |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
Themes |
Running/Auto |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
TlntSvr |
Stopped/Disabled |
C:\WINDOWS\system32\tlntsvr.exe |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
TrkWks |
Stopped/Demand |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
UMWdf |
Stopped/Demand |
C:\WINDOWS\system32\wdfmgr.exe |
5.2.3790.1230 built by: dnsrv(bld4act) |
Microsoft Corporation |
upnphost |
Stopped/Demand |
C:\WINDOWS\system32\svchost.exe -k LocalService |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
UPS |
Stopped/Demand |
C:\WINDOWS\System32\ups.exe |
5.1.2600.5512 (xpsp.080413-2113) |
Microsoft Corporation |
uyumayhl |
Stopped/Demand |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
VSS |
Stopped/Demand |
C:\WINDOWS\System32\vssvc.exe |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
vubwocym |
Stopped/Auto |
C:\WINDOWS\System32\svchost.exe -k vubwocym |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
W32Time |
Running/Auto |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
WebClient |
Stopped/Demand |
C:\WINDOWS\system32\svchost.exe -k LocalService |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
winmgmt |
Running/Auto |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
Wiystelp32 |
Stopped/Auto |
|
|
|
WmdmPmSN |
Stopped/Demand |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
Wmi |
Stopped/Demand |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
WmiApSrv |
Stopped/Demand |
C:\WINDOWS\system32\wbem\wmiapsrv.exe |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
Wnvvievvu |
Stopped/Demand |
C:\Program Files\Wnvvievvu\srvany.exe |
|
|
wscsvc |
Running/Auto |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
wuauserv |
Running/Demand |
C:\WINDOWS\system32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
Wuuvcusuu |
Stopped/Demand |
C:\Program Files\Wuuvcusuu\srvany.exe |
|
|
WZCSVC |
Running/Auto |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
xmlprov |
Stopped/Demand |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
xucxzsrk |
Stopped/Demand |
C:\WINDOWS\System32\svchost.exe -k netsvcs |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
ZhuDongFangYu |
Running/Auto |
"C:\Program Files\360\360safe\deepscan\zhudongfangyu.exe" |
3, 2, 2, 1003 |
360.cn |
服务检测[驱动服务] |
服务名 |
状态/启动模式 |
文件路径 |
版本 |
发行商 |
360netmon |
Running/System |
\??\C:\WINDOWS\system32\drivers\360netmon.sys |
2.1.6.1019 |
360.cn |
360SelfProtection |
Running/System |
system32\drivers\360SelfProtection.sys |
1, 0, 0, 1050 |
360安全中心 |
Abiosdsk |
Stopped/Disabled |
|
|
|
ACPI |
Running/Boot |
\SystemRoot\system32\DRIVERS\ACPI.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
ACPIEC |
Running/Boot |
\SystemRoot\System32\DRIVERS\ACPIEC.sys |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
aec |
Stopped/Demand |
system32\drivers\aec.sys |
5.1.2601.3142 |
Microsoft Corporation |
AFD |
Running/System |
\SystemRoot\System32\drivers\afd.sys |
5.1.2600.5695 (xpsp_sp3_qfe.081016-1735) |
Microsoft Corporation |
agpCPQ |
Running/Boot |
\SystemRoot\system32\DRIVERS\agpCPQ.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
Alidevice |
Stopped/Demand |
C:\WINDOWS\system32\drivers\Alidevice.sys |
1.00 built by: WinDDK |
alipay.com |
alim1541 |
Running/Boot |
\SystemRoot\system32\DRIVERS\alim1541.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
amdagp |
Running/Boot |
\SystemRoot\system32\DRIVERS\amdagp.sys |
5.00 (xpsp.080413-2111) |
Advanced Micro Devices, Inc. |
AmdLLD |
Running/Demand |
system32\DRIVERS\AmdLLD.sys |
1.0.1.0 |
AMD, Inc. |
AmdPPM |
Running/System |
system32\DRIVERS\AmdPPM.sys |
1.0.0 built by: WinDDK |
Advanced Micro Devices |
AsyncMac |
Stopped/Demand |
system32\DRIVERS\asyncmac.sys |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
atapi |
Running/Boot |
\SystemRoot\system32\DRIVERS\atapi.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
Atdisk |
Stopped/Disabled |
|
|
|
Atmarpc |
Stopped/Demand |
system32\DRIVERS\atmarpc.sys |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
audstub |
Running/Demand |
system32\DRIVERS\audstub.sys |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
BAPIDRV |
Running/System |
\??\C:\WINDOWS\system32\drivers\BAPIDRV.SYS |
1.0.0.1018 |
360.cn |
Beep |
Running/System |
C:\WINDOWS\system32\drivers\Beep.sys |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
cbidf2k |
Stopped/Disabled |
|
|
|
Cdaudio |
Stopped/System |
C:\WINDOWS\system32\drivers\Cdaudio.sys |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
Cdfs |
Running/Disabled |
C:\WINDOWS\system32\drivers\Cdfs.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
Cdrom |
Running/System |
system32\DRIVERS\cdrom.sys |
5.1.2600.5593 (xpsp_sp3_qfe.080502-1245) |
Microsoft Corporation |
Changer |
Stopped/System |
|
|
|
Disk |
Running/Boot |
\SystemRoot\system32\DRIVERS\disk.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
dmboot |
Stopped/Disabled |
System32\drivers\dmboot.sys |
2600.5512.503.0 |
Microsoft Corp., Veritas Software |
dmio |
Running/Boot |
\SystemRoot\System32\drivers\dmio.sys |
2600.5512.503.0 |
Microsoft Corp., Veritas Software |
dmload |
Running/Boot |
\SystemRoot\System32\drivers\dmload.sys |
2600.0.503.0 |
Microsoft Corp., Veritas Software. |
DMusic |
Stopped/Demand |
system32\drivers\DMusic.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
drmkaud |
Stopped/Demand |
system32\drivers\drmkaud.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
EfiMon |
Running/System |
System32\Drivers\Efimon.sys |
1, 0, 0, 1007 |
奇虎网 |
exFat |
Stopped/Disabled |
C:\WINDOWS\system32\drivers\exFat.sys |
5.1.2600.5686 (xpsp_sp3_gdr.080929-1314) |
Microsoft Corporation |
Fastfat |
Running/Disabled |
C:\WINDOWS\system32\drivers\Fastfat.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
Fdc |
Stopped/System |
C:\WINDOWS\system32\drivers\Fdc.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
Fips |
Running/System |
C:\WINDOWS\system32\drivers\Fips.sys |
5.1.2600.5512 (xpsp.080413-2113) |
Microsoft Corporation |
Flpydisk |
Stopped/System |
C:\WINDOWS\system32\drivers\Flpydisk.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
FltMgr |
Running/Boot |
\SystemRoot\system32\DRIVERS\fltMgr.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
FsVga |
Running/System |
system32\DRIVERS\fsvga.sys |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
ft2kEnum |
Running/Demand |
system32\DRIVERS\ic2kenum.sys |
2.4.3.403 |
OEM Corporation |
Ftdisk |
Running/Boot |
\SystemRoot\system32\DRIVERS\ftdisk.sys |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
GDBaseSmc |
Running/Demand |
system32\DRIVERS\Chip_smc.sys |
2.4.3.1110 |
OEM |
Gpc |
Running/Demand |
system32\DRIVERS\msgpc.sys |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
HDAudBus |
Running/Demand |
system32\DRIVERS\HDAudBus.sys |
5.10.01.5013 built by: WinDDK |
Windows (R) Server 2003 DDK provider |
HidUsb |
Running/Demand |
system32\DRIVERS\hidusb.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
HookPort |
Running/Boot |
\SystemRoot\System32\Drivers\Hookport.sys |
1, 0, 0, 1017 |
360安全中心 |
hooksys |
Running/System |
\??\C:\WINDOWS\system32\drivers\Hooksys.sys |
25, 0, 0, 30 |
Beijing Rising Information Technology Co., Ltd. |
HookTdi |
Running/System |
\??\C:\WINDOWS\system32\drivers\HookTdi.sys |
25.0.0.14 |
Beijing Rising Information Technology Co., Ltd. |
hptpro |
Stopped/Boot |
\SystemRoot\system32\DRIVERS\hptpro.sys |
1.23.12.10 |
HighPoint Technologies, Inc. |
HTTP |
Running/Demand |
System32\Drivers\HTTP.sys |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
HyperVM |
Running/System |
\??\C:\WINDOWS\system32\drivers\hvm.sys |
23, 0, 0, 4 |
Beijing Rising Information Technology Co., Ltd. |
i2omgmt |
Running/System |
C:\WINDOWS\system32\drivers\i2omgmt.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
i8042prt |
Running/System |
system32\DRIVERS\i8042prt.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
Imapi |
Stopped/System |
system32\DRIVERS\imapi.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
IntcAzAudAddService |
Running/Demand |
system32\drivers\RtkHDAud.sys |
5.10.0.5506 built by: WinDDK |
Realtek Semiconductor Corp. |
intelppm |
Stopped/Demand |
system32\DRIVERS\intelppm.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
Ip6Fw |
Stopped/Demand |
system32\DRIVERS\Ip6Fw.sys |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
IpFilterDriver |
Stopped/Demand |
system32\DRIVERS\ipfltdrv.sys |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
IpInIp |
Stopped/Demand |
system32\DRIVERS\ipinip.sys |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
IpNat |
Stopped/Demand |
system32\DRIVERS\ipnat.sys |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
IPSec |
Running/System |
system32\DRIVERS\ipsec.sys |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
IRENUM |
Stopped/Demand |
system32\DRIVERS\irenum.sys |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
isapnp |
Running/Boot |
\SystemRoot\system32\DRIVERS\isapnp.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
Kbdclass |
Running/System |
system32\DRIVERS\kbdclass.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
kbdhid |
Stopped/Demand |
system32\DRIVERS\kbdhid.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
kmixer |
Running/Demand |
system32\drivers\kmixer.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
KSecDD |
Running/Boot |
C:\WINDOWS\system32\drivers\KSecDD.sys |
5.1.2600.5834 (xpsp_sp3_qfe.090624-1332) |
Microsoft Corporation |
lbrtfdc |
Stopped/System |
|
|
|
mf |
Running/Demand |
system32\DRIVERS\mf.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
mnmdd |
Running/System |
C:\WINDOWS\system32\drivers\mnmdd.sys |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
Modem |
Stopped/Demand |
C:\WINDOWS\system32\drivers\Modem.sys |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
Mouclass |
Running/System |
system32\DRIVERS\mouclass.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
mouhid |
Running/Demand |
system32\DRIVERS\mouhid.sys |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
MountMgr |
Running/Boot |
C:\WINDOWS\system32\drivers\MountMgr.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
MRxDAV |
Stopped/Demand |
system32\DRIVERS\mrxdav.sys |
5.1.2600.6007 (xpsp_sp3_gdr.100630-1644) |
Microsoft Corporation |
MRxSmb |
Running/System |
system32\DRIVERS\mrxsmb.sys |
5.1.2600.5944 (xpsp_sp3_qfe.100224-1424) |
Microsoft Corporation |
Msfs |
Running/System |
C:\WINDOWS\system32\drivers\Msfs.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
MSKSSRV |
Stopped/Demand |
system32\drivers\MSKSSRV.sys |
5.3.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
MSPCLOCK |
Stopped/Demand |
system32\drivers\MSPCLOCK.sys |
5.3.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
MSPQM |
Stopped/Demand |
system32\drivers\MSPQM.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
mssmbios |
Running/Demand |
system32\DRIVERS\mssmbios.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
Mup |
Running/Boot |
C:\WINDOWS\system32\drivers\Mup.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
NDIS |
Running/Boot |
C:\WINDOWS\system32\drivers\NDIS.sys |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
NdisTapi |
Running/Demand |
system32\DRIVERS\ndistapi.sys |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
Ndisuio |
Running/Demand |
system32\DRIVERS\ndisuio.sys |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
NdisWan |
Running/Demand |
system32\DRIVERS\ndiswan.sys |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
NDProxy |
Running/Demand |
C:\WINDOWS\system32\drivers\NDProxy.sys |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
NetBIOS |
Running/System |
system32\DRIVERS\netbios.sys |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
NetBT |
Running/System |
system32\DRIVERS\netbt.sys |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
Npfs |
Running/System |
C:\WINDOWS\system32\drivers\Npfs.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
Ntfs |
Running/Disabled |
C:\WINDOWS\system32\drivers\Ntfs.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
Null |
Running/System |
C:\WINDOWS\system32\drivers\Null.sys |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
nv |
Running/Demand |
system32\DRIVERS\nv4_mini.sys |
6.14.11.7519 |
NVIDIA Corporation |
nvsmu |
Running/Demand |
system32\DRIVERS\nvsmu.sys |
5.10.2600.0145 built by: WinDDK |
NVIDIA Corporation |
NwlnkFlt |
Stopped/Demand |
system32\DRIVERS\nwlnkflt.sys |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
NwlnkFwd |
Stopped/Demand |
system32\DRIVERS\nwlnkfwd.sys |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
Parport |
Running/Demand |
system32\DRIVERS\parport.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
PartMgr |
Running/Boot |
C:\WINDOWS\system32\drivers\PartMgr.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
ParVdm |
Stopped/Auto |
C:\WINDOWS\system32\drivers\ParVdm.sys |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
PCI |
Running/Boot |
\SystemRoot\system32\DRIVERS\pci.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
PCIDump |
Stopped/System |
|
|
|
PCIIde |
Running/Boot |
\SystemRoot\system32\DRIVERS\pciide.sys |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
Pcmcia |
Stopped/Disabled |
C:\WINDOWS\system32\drivers\Pcmcia.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
PDCOMP |
Stopped/Demand |
|
|
|
PDFRAME |
Stopped/Demand |
|
|
|
PDRELI |
Stopped/Demand |
|
|
|
PDRFRAME |
Stopped/Demand |
|
|
|
PptpMiniport |
Running/Demand |
system32\DRIVERS\raspptp.sys |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
Processor |
Stopped/System |
system32\DRIVERS\processr.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
PSched |
Running/Demand |
system32\DRIVERS\psched.sys |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
Ptilink |
Running/Demand |
system32\DRIVERS\ptilink.sys |
1.10 (XPClient.010817-1148) |
Parallel Technologies, Inc. |
qutmdserv |
Running/System |
\??\C:\WINDOWS\system32\drivers\qutmdrv.sys |
6.7.0.1004 |
360.cn |
qutmipc |
Running/System |
\??\C:\WINDOWS\system32\drivers\qutmipc.sys |
6.6.0.1006 |
360安全中心 |
RasAcd |
Running/System |
system32\DRIVERS\rasacd.sys |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
Rasl2tp |
Running/Demand |
system32\DRIVERS\rasl2tp.sys |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
RasPppoe |
Running/Demand |
system32\DRIVERS\raspppoe.sys |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
Raspti |
Running/Demand |
system32\DRIVERS\raspti.sys |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
Rdbss |
Running/System |
system32\DRIVERS\rdbss.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
RDPCDD |
Running/System |
System32\DRIVERS\RDPCDD.sys |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
rdpdr |
Running/Demand |
system32\DRIVERS\rdpdr.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
RDPWD |
Stopped/Demand |
C:\WINDOWS\system32\drivers\RDPWD.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
Reader_Device |
Running/Demand |
system32\DRIVERS\usbic2k.sys |
2.4.3.403 |
OEM |
redbook |
Running/System |
system32\DRIVERS\redbook.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
RFWARP |
Running/Auto |
system32\DRIVERS\rfwarp.sys |
25.0.0.1 |
Beijing Rising Information Technology Co., Ltd. |
RFWNDIS |
Running/Demand |
system32\DRIVERS\rfwndis.sys |
25.0.0.4 |
Beijing Rising Information Technology Co., Ltd. |
rfwtdi |
Running/Auto |
\??\C:\Program Files\Rising\RFW\rfwtdi.sys |
25.0.0.6 |
Beijing Rising Information Technology Co., Ltd. |
rsfwdrv |
Running/Auto |
\??\C:\Program Files\Rising\RFW\rsfwdrv.sys |
25.0.0.14 |
Beijing Rising Information Technology Co., Ltd. |
RTLE8023xp |
Running/Demand |
system32\DRIVERS\Rtenicxp.sys |
5.708.1030.2008 built by: WinDDK |
Realtek Semiconductor Corporation |
Secdrv |
Stopped/Demand |
system32\DRIVERS\secdrv.sys |
4.03.086 |
Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. |
Serenum |
Running/Demand |
system32\DRIVERS\serenum.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
Serial |
Running/System |
system32\DRIVERS\serial.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
Sfloppy |
Stopped/System |
C:\WINDOWS\system32\drivers\Sfloppy.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
SiFilter |
Stopped/Disabled |
\SystemRoot\system32\DRIVERS\SiWinAcc.sys |
1.0.0.11 |
Silicon Image, Inc. |
Simbad |
Stopped/Disabled |
|
|
|
SiRemFil |
Running/Boot |
\SystemRoot\system32\DRIVERS\SiRemFil.sys |
1, 1, 7, 0 |
Silicon Image, Inc. |
sisagp |
Running/Boot |
\SystemRoot\system32\DRIVERS\sisagp.sys |
5.12.01.2010 (xpsp.080413-2111) |
Silicon Integrated Systems Corporation |
SKNFW |
Running/System |
\??\C:\WINDOWS\system32\Drivers\SKNFW.sys |
|
|
skvkrpr |
Stopped/Demand |
\??\C:\WINDOWS\system32\Drivers\skvkrpr.sys |
2010, 10, 20, 1 |
Kingsoft Corporation |
SkyProcs |
Stopped/Demand |
\??\C:\Program Files\SkyNet\Firewall\SkyProcs.sys |
|
|
splitter |
Stopped/Demand |
system32\drivers\splitter.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
sr |
Stopped/Disabled |
\SystemRoot\system32\DRIVERS\sr.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
Srv |
Running/Demand |
system32\DRIVERS\srv.sys |
5.1.2600.6031 (xpsp_sp3_gdr.100826-1646) |
Microsoft Corporation |
swenum |
Running/Demand |
system32\DRIVERS\swenum.sys |
5.3.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
swmidi |
Stopped/Demand |
system32\drivers\swmidi.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
sysaudio |
Running/Demand |
system32\drivers\sysaudio.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
Tcpip |
Running/System |
system32\DRIVERS\tcpip.sys |
5.1.2600.5625 (xpsp_sp3_gdr.080620-1249) |
Microsoft Corporation |
TDPIPE |
Stopped/Demand |
C:\WINDOWS\system32\drivers\TDPIPE.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
TDTCP |
Stopped/Demand |
C:\WINDOWS\system32\drivers\TDTCP.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
TermDD |
Running/System |
system32\DRIVERS\termdd.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
Udfs |
Stopped/Disabled |
C:\WINDOWS\system32\drivers\Udfs.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
Update |
Running/Demand |
system32\DRIVERS\update.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
usbccgp |
Stopped/Demand |
system32\DRIVERS\usbccgp.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
usbehci |
Running/Demand |
system32\DRIVERS\usbehci.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
usbhub |
Running/Demand |
system32\DRIVERS\usbhub.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
usbohci |
Running/Demand |
system32\DRIVERS\usbohci.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
usbprint |
Stopped/Demand |
system32\DRIVERS\usbprint.sys |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
usbscan |
Stopped/Demand |
system32\DRIVERS\usbscan.sys |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
USBSTOR |
Stopped/Demand |
system32\DRIVERS\USBSTOR.SYS |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
VgaSave |
Running/System |
\SystemRoot\System32\drivers\vga.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
viaagp |
Running/Boot |
\SystemRoot\system32\DRIVERS\viaagp.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
VolSnap |
Running/Boot |
C:\WINDOWS\system32\drivers\VolSnap.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
Wanarp |
Running/Demand |
system32\DRIVERS\wanarp.sys |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
WDICA |
Stopped/Demand |
|
|
|
wdmaud |
Running/Demand |
system32\drivers\wdmaud.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
WmiAcpi |
Stopped/System |
system32\DRIVERS\wmiacpi.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
内核驱动检测 |
加载顺序 |
驱动名 |
文件路径 |
版本 |
发行商 |
0 |
ntkrnlpa.exe |
C:\WINDOWS\system32\ntkrnlpa.exe |
5.1.2600.5973 (xpsp_sp3_gdr.100427-1636) |
Microsoft Corporation |
1 |
hal.dll |
C:\WINDOWS\system32\hal.dll |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
2 |
KDCOM.DLL |
C:\WINDOWS\system32\KDCOM.DLL |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
3 |
BOOTVID.dll |
C:\WINDOWS\system32\BOOTVID.dll |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
4 |
ACPI.sys |
C:\WINDOWS\system32\drivers\ACPI.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
5 |
WMILIB.SYS |
C:\WINDOWS\system32\DRIVERS\WMILIB.SYS |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
6 |
pci.sys |
C:\WINDOWS\system32\drivers\pci.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
7 |
isapnp.sys |
C:\WINDOWS\system32\drivers\isapnp.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
8 |
ACPIEC.sys |
C:\WINDOWS\system32\drivers\ACPIEC.sys |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
9 |
OPRGHDLR.SYS |
C:\WINDOWS\System32\DRIVERS\OPRGHDLR.SYS |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
10 |
Hookport.sys |
C:\WINDOWS\system32\drivers\Hookport.sys |
1, 0, 0, 1017 |
360安全中心 |
11 |
pciide.sys |
C:\WINDOWS\system32\drivers\pciide.sys |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
12 |
PCIIDEX.SYS |
C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
13 |
MountMgr.sys |
C:\WINDOWS\system32\drivers\MountMgr.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
14 |
ftdisk.sys |
C:\WINDOWS\system32\drivers\ftdisk.sys |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
15 |
dmload.sys |
C:\WINDOWS\system32\drivers\dmload.sys |
2600.0.503.0 |
Microsoft Corp., Veritas Software. |
16 |
dmio.sys |
C:\WINDOWS\system32\drivers\dmio.sys |
2600.5512.503.0 |
Microsoft Corp., Veritas Software |
17 |
PartMgr.sys |
C:\WINDOWS\system32\drivers\PartMgr.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
18 |
VolSnap.sys |
C:\WINDOWS\system32\drivers\VolSnap.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
19 |
atapi.sys |
C:\WINDOWS\system32\drivers\atapi.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
20 |
disk.sys |
C:\WINDOWS\system32\drivers\disk.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
21 |
CLASSPNP.SYS |
C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
22 |
fltMgr.sys |
C:\WINDOWS\system32\drivers\fltMgr.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
23 |
Fastfat.sys |
C:\WINDOWS\system32\drivers\Fastfat.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
24 |
KSecDD.sys |
C:\WINDOWS\system32\drivers\KSecDD.sys |
5.1.2600.5834 (xpsp_sp3_qfe.090624-1332) |
Microsoft Corporation |
25 |
NDIS.sys |
C:\WINDOWS\system32\drivers\NDIS.sys |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
26 |
viaagp.sys |
C:\WINDOWS\system32\drivers\viaagp.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
27 |
sisagp.sys |
C:\WINDOWS\system32\drivers\sisagp.sys |
5.12.01.2010 (xpsp.080413-2111) |
Silicon Integrated Systems Corporation |
28 |
SiRemFil.sys |
C:\WINDOWS\system32\drivers\SiRemFil.sys |
1, 1, 7, 0 |
Silicon Image, Inc. |
29 |
Mup.sys |
C:\WINDOWS\system32\drivers\Mup.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
30 |
amdagp.sys |
C:\WINDOWS\system32\drivers\amdagp.sys |
5.00 (xpsp.080413-2111) |
Advanced Micro Devices, Inc. |
31 |
alim1541.sys |
C:\WINDOWS\system32\drivers\alim1541.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
32 |
agpCPQ.sys |
C:\WINDOWS\system32\drivers\agpCPQ.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
33 |
AmdPPM.sys |
C:\WINDOWS\system32\DRIVERS\AmdPPM.sys |
1.0.0 built by: WinDDK |
Advanced Micro Devices |
34 |
serial.sys |
C:\WINDOWS\system32\DRIVERS\serial.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
35 |
serenum.sys |
C:\WINDOWS\system32\DRIVERS\serenum.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
36 |
i8042prt.sys |
C:\WINDOWS\system32\DRIVERS\i8042prt.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
37 |
kbdclass.sys |
C:\WINDOWS\system32\DRIVERS\kbdclass.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
38 |
nvsmu.sys |
C:\WINDOWS\system32\DRIVERS\nvsmu.sys |
5.10.2600.0145 built by: WinDDK |
NVIDIA Corporation |
39 |
usbohci.sys |
C:\WINDOWS\system32\DRIVERS\usbohci.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
40 |
USBPORT.SYS |
C:\WINDOWS\system32\DRIVERS\USBPORT.SYS |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
41 |
usbehci.sys |
C:\WINDOWS\system32\DRIVERS\usbehci.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
42 |
mf.sys |
C:\WINDOWS\system32\DRIVERS\mf.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
43 |
HDAudBus.sys |
C:\WINDOWS\system32\DRIVERS\HDAudBus.sys |
5.10.01.5013 built by: WinDDK |
Windows (R) Server 2003 DDK provider |
44 |
cdrom.sys |
C:\WINDOWS\system32\DRIVERS\cdrom.sys |
5.1.2600.5593 (xpsp_sp3_qfe.080502-1245) |
Microsoft Corporation |
45 |
redbook.sys |
C:\WINDOWS\system32\DRIVERS\redbook.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
46 |
ks.sys |
C:\WINDOWS\system32\DRIVERS\ks.sys |
5.3.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
47 |
Rtenicxp.sys |
C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys |
5.708.1030.2008 built by: WinDDK |
Realtek Semiconductor Corporation |
48 |
nv4_mini.sys |
C:\WINDOWS\system32\DRIVERS\nv4_mini.sys |
6.14.11.7519 |
NVIDIA Corporation |
49 |
VIDEOPRT.SYS |
C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
50 |
fsvga.sys |
C:\WINDOWS\system32\DRIVERS\fsvga.sys |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
51 |
audstub.sys |
C:\WINDOWS\system32\DRIVERS\audstub.sys |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
52 |
rasl2tp.sys |
C:\WINDOWS\system32\DRIVERS\rasl2tp.sys |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
53 |
ndistapi.sys |
C:\WINDOWS\system32\DRIVERS\ndistapi.sys |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
54 |
ndiswan.sys |
C:\WINDOWS\system32\DRIVERS\ndiswan.sys |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
55 |
raspppoe.sys |
C:\WINDOWS\system32\DRIVERS\raspppoe.sys |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
56 |
raspptp.sys |
C:\WINDOWS\system32\DRIVERS\raspptp.sys |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
57 |
TDI.SYS |
C:\WINDOWS\system32\DRIVERS\TDI.SYS |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
58 |
psched.sys |
C:\WINDOWS\system32\DRIVERS\psched.sys |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
59 |
msgpc.sys |
C:\WINDOWS\system32\DRIVERS\msgpc.sys |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
60 |
ptilink.sys |
C:\WINDOWS\system32\DRIVERS\ptilink.sys |
1.10 (XPClient.010817-1148) |
Parallel Technologies, Inc. |
61 |
raspti.sys |
C:\WINDOWS\system32\DRIVERS\raspti.sys |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
62 |
rdpdr.sys |
C:\WINDOWS\system32\DRIVERS\rdpdr.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
63 |
termdd.sys |
C:\WINDOWS\system32\DRIVERS\termdd.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
64 |
mouclass.sys |
C:\WINDOWS\system32\DRIVERS\mouclass.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
65 |
rfwndis.sys |
C:\WINDOWS\system32\DRIVERS\rfwndis.sys |
25.0.0.4 |
Beijing Rising Information Technology Co., Ltd. |
66 |
Chip_smc.sys |
C:\WINDOWS\system32\DRIVERS\Chip_smc.sys |
2.4.3.1110 |
OEM |
67 |
SMCLIB.SYS |
C:\WINDOWS\system32\DRIVERS\SMCLIB.SYS |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
68 |
ic2kenum.sys |
C:\WINDOWS\system32\DRIVERS\ic2kenum.sys |
2.4.3.403 |
OEM Corporation |
69 |
swenum.sys |
C:\WINDOWS\system32\DRIVERS\swenum.sys |
5.3.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
70 |
update.sys |
C:\WINDOWS\system32\DRIVERS\update.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
71 |
mssmbios.sys |
C:\WINDOWS\system32\DRIVERS\mssmbios.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
72 |
AmdLLD.sys |
C:\WINDOWS\system32\DRIVERS\AmdLLD.sys |
1.0.1.0 |
AMD, Inc. |
73 |
NDProxy.SYS |
C:\WINDOWS\System32\Drivers\NDProxy.SYS |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
74 |
usbic2k.sys |
C:\WINDOWS\system32\DRIVERS\usbic2k.sys |
2.4.3.403 |
OEM |
75 |
usbhub.sys |
C:\WINDOWS\system32\DRIVERS\usbhub.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
76 |
USBD.SYS |
C:\WINDOWS\system32\DRIVERS\USBD.SYS |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
77 |
parport.sys |
C:\WINDOWS\system32\DRIVERS\parport.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
78 |
RtkHDAud.sys |
C:\WINDOWS\system32\drivers\RtkHDAud.sys |
5.10.0.5506 built by: WinDDK |
Realtek Semiconductor Corp. |
79 |
portcls.sys |
C:\WINDOWS\system32\drivers\portcls.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
80 |
drmk.sys |
C:\WINDOWS\system32\drivers\drmk.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
81 |
i2omgmt.SYS |
C:\WINDOWS\System32\Drivers\i2omgmt.SYS |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
82 |
Fs_Rec.SYS |
C:\WINDOWS\System32\Drivers\Fs_Rec.SYS |
5.1.2600.5686 (xpsp_sp3_gdr.080929-1314) |
Microsoft Corporation |
83 |
Null.SYS |
C:\WINDOWS\System32\Drivers\Null.SYS |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
84 |
Beep.SYS |
C:\WINDOWS\System32\Drivers\Beep.SYS |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
85 |
360SelfProtection.sys |
C:\WINDOWS\system32\drivers\360SelfProtection.sys |
1, 0, 0, 1050 |
360安全中心 |
86 |
vga.sys |
C:\WINDOWS\System32\drivers\vga.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
87 |
mnmdd.SYS |
C:\WINDOWS\System32\Drivers\mnmdd.SYS |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
88 |
RDPCDD.sys |
C:\WINDOWS\System32\DRIVERS\RDPCDD.sys |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
89 |
Msfs.SYS |
C:\WINDOWS\System32\Drivers\Msfs.SYS |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
90 |
Npfs.SYS |
C:\WINDOWS\System32\Drivers\Npfs.SYS |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
91 |
rasacd.sys |
C:\WINDOWS\system32\DRIVERS\rasacd.sys |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
92 |
ipsec.sys |
C:\WINDOWS\system32\DRIVERS\ipsec.sys |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
93 |
360netmon.sys |
C:\WINDOWS\system32\drivers\360netmon.sys |
2.1.6.1019 |
360.cn |
94 |
tcpip.sys |
C:\WINDOWS\system32\DRIVERS\tcpip.sys |
5.1.2600.5625 (xpsp_sp3_gdr.080620-1249) |
Microsoft Corporation |
95 |
SKNFW.sys |
C:\WINDOWS\system32\Drivers\SKNFW.sys |
|
|
96 |
netbt.sys |
C:\WINDOWS\system32\DRIVERS\netbt.sys |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
97 |
wanarp.sys |
C:\WINDOWS\system32\DRIVERS\wanarp.sys |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
98 |
afd.sys |
C:\WINDOWS\System32\drivers\afd.sys |
5.1.2600.5695 (xpsp_sp3_qfe.081016-1735) |
Microsoft Corporation |
99 |
netbios.sys |
C:\WINDOWS\system32\DRIVERS\netbios.sys |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
100 |
rdbss.sys |
C:\WINDOWS\system32\DRIVERS\rdbss.sys |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
101 |
qutmipc.sys |
C:\WINDOWS\system32\drivers\qutmipc.sys |
6.6.0.1006 |
360安全中心 |
102 |
qutmdrv.sys |
C:\WINDOWS\system32\drivers\qutmdrv.sys |
6.7.0.1004 |
360.cn |
103 |
mrxsmb.sys |
C:\WINDOWS\system32\DRIVERS\mrxsmb.sys |
5.1.2600.5944 (xpsp_sp3_qfe.100224-1424) |
Microsoft Corporation |
104 |
hvm.sys |
C:\WINDOWS\system32\drivers\hvm.sys |
23, 0, 0, 4 |
Beijing Rising Information Technology Co., Ltd. |
105 |
HookTdi.sys |
C:\WINDOWS\system32\drivers\HookTdi.sys |
25.0.0.14 |
Beijing Rising Information Technology Co., Ltd. |
106 |
HOOKHELP.sys |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |
107 |
Hooksys.sys |
C:\WINDOWS\system32\drivers\Hooksys.sys |
25, 0, 0, 30 |
Beijing Rising Information Technology Co., Ltd. |
108 |
Fips.SYS |
C:\WINDOWS\System32\Drivers\Fips.SYS |
5.1.2600.5512 (xpsp.080413-2113) |
Microsoft Corporation |
109 |
Efimon.sys |
C:\WINDOWS\System32\Drivers\Efimon.sys |
1, 0, 0, 1007 |
奇虎网 |
110 |
BAPIDRV.SYS |
C:\WINDOWS\system32\drivers\BAPIDRV.SYS |
1.0.0.1018 |
360.cn |
111 |
Ntfs.SYS |
C:\WINDOWS\System32\Drivers\Ntfs.SYS |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
112 |
hidusb.sys |
C:\WINDOWS\system32\DRIVERS\hidusb.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
113 |
HIDCLASS.SYS |
C:\WINDOWS\system32\DRIVERS\HIDCLASS.SYS |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
114 |
HIDPARSE.SYS |
C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
115 |
mouhid.sys |
C:\WINDOWS\system32\DRIVERS\mouhid.sys |
5.1.2600.0 (XPClient.010817-1148) |
Microsoft Corporation |
116 |
Cdfs.SYS |
C:\WINDOWS\System32\Drivers\Cdfs.SYS |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
117 |
win32k.sys |
C:\WINDOWS\System32\win32k.sys |
5.1.2600.6033 (xpsp_sp3_gdr.100831-1644) |
Microsoft Corporation |
118 |
Dxapi.sys |
C:\WINDOWS\System32\drivers\Dxapi.sys |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
119 |
watchdog.sys |
C:\WINDOWS\System32\watchdog.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
120 |
dxg.sys |
C:\WINDOWS\System32\drivers\dxg.sys |
5.1.2600.5512 (xpsp.080413-2105) |
Microsoft Corporation |
121 |
dxgthk.sys |
C:\WINDOWS\System32\drivers\dxgthk.sys |
5.1.2600.0 (xpclient.010817-1148) |
Microsoft Corporation |
122 |
nv4_disp.dll |
C:\WINDOWS\System32\nv4_disp.dll |
6.14.11.7519 |
NVIDIA Corporation |
123 |
ndisuio.sys |
C:\WINDOWS\system32\DRIVERS\ndisuio.sys |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
124 |
rfwarp.sys |
C:\WINDOWS\system32\DRIVERS\rfwarp.sys |
25.0.0.1 |
Beijing Rising Information Technology Co., Ltd. |
125 |
wdmaud.sys |
C:\WINDOWS\system32\drivers\wdmaud.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
126 |
sysaudio.sys |
C:\WINDOWS\system32\drivers\sysaudio.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
127 |
srv.sys |
C:\WINDOWS\system32\DRIVERS\srv.sys |
5.1.2600.6031 (xpsp_sp3_gdr.100826-1646) |
Microsoft Corporation |
128 |
rfwtdi.sys |
C:\Program Files\Rising\RFW\rfwtdi.sys |
25.0.0.6 |
Beijing Rising Information Technology Co., Ltd. |
129 |
rsfwdrv.sys |
C:\Program Files\Rising\RFW\rsfwdrv.sys |
25.0.0.14 |
Beijing Rising Information Technology Co., Ltd. |
130 |
HTTP.sys |
C:\WINDOWS\System32\Drivers\HTTP.sys |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
131 |
kmixer.sys |
C:\WINDOWS\system32\drivers\kmixer.sys |
5.1.2600.5512 (xpsp.080413-2108) |
Microsoft Corporation |
132 |
SDDrv.sys |
C:\Documents and Settings\shan\桌面\SystemDetector\SDDrv.sys |
|
|
133 |
ntdll.dll |
C:\WINDOWS\System32\ntdll.dll |
5.1.2600.6007 (xpsp_sp3_gdr.100630-1644) |
Microsoft Corporation |
134 |
NTKRNLPA.EXE |
C:\WINDOWS\SYSTEM32\NTKRNLPA.EXE |
5.1.2600.5973 (xpsp_sp3_gdr.100427-1636) |
Microsoft Corporation |
连接状态检测[TCP] |
进程ID |
本机地址 |
远程地址 |
文件路径 |
版本 |
发行商 |
1300 |
0.0.0.0:135 |
0.0.0.0:45145 |
C:\WINDOWS\System32\SVCHOST.EXE |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
4 |
0.0.0.0:445 |
0.0.0.0:36982 |
system |
|
|
1452 |
0.0.0.0:1028 |
0.0.0.0:38942 |
C:\Program Files\Rising\RFW\RavMonD.exe |
23, 0, 0, 12 |
Beijing Rising Information Technology Co., Ltd. |
4076 |
0.0.0.0:1433 |
0.0.0.0:30951 |
D:\MSSQL\Binn\sqlservr.exe |
2000.080.0760.00 |
Microsoft Corporation |
2960 |
0.0.0.0:2638 |
0.0.0.0:39006 |
D:\海德商业管理系统普及版\DBENG8.EXE |
8.0.1.2600 |
iAnywhere Solutions, Inc. |
1436 |
0.0.0.0:6059 |
0.0.0.0:28916 |
C:\Program Files\Rising\Rav\RavMonD.exe |
23, 0, 0, 12 |
Beijing Rising Information Technology Co., Ltd. |
716 |
0.0.0.0:6160 |
0.0.0.0:28707 |
C:\WINDOWS\System32\SPOOLSV.EXE |
5.1.2600.6024 (xpsp_sp3_gdr.100817-1626) |
Microsoft Corporation |
1452 |
127.0.0.1:1028 |
127.0.0.1:1718 |
C:\Program Files\Rising\RFW\RavMonD.exe |
23, 0, 0, 12 |
Beijing Rising Information Technology Co., Ltd. |
1452 |
127.0.0.1:1028 |
127.0.0.1:1720 |
C:\Program Files\Rising\RFW\RavMonD.exe |
23, 0, 0, 12 |
Beijing Rising Information Technology Co., Ltd. |
0 |
127.0.0.1:1028 |
127.0.0.1:1722 |
[System Process] |
|
|
0 |
127.0.0.1:1028 |
127.0.0.1:1724 |
[System Process] |
|
|
1452 |
127.0.0.1:1028 |
127.0.0.1:1726 |
C:\Program Files\Rising\RFW\RavMonD.exe |
23, 0, 0, 12 |
Beijing Rising Information Technology Co., Ltd. |
1452 |
127.0.0.1:1028 |
127.0.0.1:1728 |
C:\Program Files\Rising\RFW\RavMonD.exe |
23, 0, 0, 12 |
Beijing Rising Information Technology Co., Ltd. |
1452 |
127.0.0.1:1028 |
127.0.0.1:1729 |
C:\Program Files\Rising\RFW\RavMonD.exe |
23, 0, 0, 12 |
Beijing Rising Information Technology Co., Ltd. |
1452 |
127.0.0.1:1028 |
127.0.0.1:1732 |
C:\Program Files\Rising\RFW\RavMonD.exe |
23, 0, 0, 12 |
Beijing Rising Information Technology Co., Ltd. |
0 |
127.0.0.1:1028 |
127.0.0.1:1734 |
[System Process] |
|
|
0 |
127.0.0.1:1716 |
127.0.0.1:1028 |
[System Process] |
|
|
4112 |
127.0.0.1:1718 |
127.0.0.1:1028 |
C:\Program Files\Internet Explorer\IEXPLORE.EXE |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
4112 |
127.0.0.1:1720 |
127.0.0.1:1028 |
C:\Program Files\Internet Explorer\IEXPLORE.EXE |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
4768 |
127.0.0.1:1726 |
127.0.0.1:1028 |
C:\Documents and Settings\SHAN\桌面\SystemDetector\SystemDetector.exe |
1.2 |
WALKER05 |
4112 |
127.0.0.1:1728 |
127.0.0.1:1028 |
C:\Program Files\Internet Explorer\IEXPLORE.EXE |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
4112 |
127.0.0.1:1729 |
127.0.0.1:1028 |
C:\Program Files\Internet Explorer\IEXPLORE.EXE |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
4112 |
127.0.0.1:1732 |
127.0.0.1:1028 |
C:\Program Files\Internet Explorer\IEXPLORE.EXE |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
420 |
127.0.0.1:4463 |
127.0.0.1:1028 |
C:\Program Files\KSafe\KSafeTray.exe |
2.0.2.1213 |
Kingsoft Corporation. |
4 |
169.254.26.228:139 |
0.0.0.0:2218 |
system |
|
|
1452 |
222.84.105.202:1497 |
113.108.86.51:80 |
C:\Program Files\Rising\RFW\RavMonD.exe |
23, 0, 0, 12 |
Beijing Rising Information Technology Co., Ltd. |
0 |
222.84.105.202:1717 |
121.14.11.70:80 |
[System Process] |
|
|
1452 |
222.84.105.202:1719 |
203.208.37.22:80 |
C:\Program Files\Rising\RFW\RavMonD.exe |
23, 0, 0, 12 |
Beijing Rising Information Technology Co., Ltd. |
1452 |
222.84.105.202:1721 |
219.159.91.57:80 |
C:\Program Files\Rising\RFW\RavMonD.exe |
23, 0, 0, 12 |
Beijing Rising Information Technology Co., Ltd. |
1452 |
222.84.105.202:1727 |
96.17.155.90:80 |
C:\Program Files\Rising\RFW\RavMonD.exe |
23, 0, 0, 12 |
Beijing Rising Information Technology Co., Ltd. |
1452 |
222.84.105.202:1730 |
219.238.235.114:80 |
C:\Program Files\Rising\RFW\RavMonD.exe |
23, 0, 0, 12 |
Beijing Rising Information Technology Co., Ltd. |
1452 |
222.84.105.202:1731 |
219.238.235.114:80 |
C:\Program Files\Rising\RFW\RavMonD.exe |
23, 0, 0, 12 |
Beijing Rising Information Technology Co., Ltd. |
1452 |
222.84.105.202:1733 |
219.159.91.57:80 |
C:\Program Files\Rising\RFW\RavMonD.exe |
23, 0, 0, 12 |
Beijing Rising Information Technology Co., Ltd. |
连接状态检测[UDP] |
4 |
0.0.0.0:445 |
|
system |
|
|
248 |
0.0.0.0:1036 |
|
C:\Program Files\360\360SAFE\SAFEMON\360TRAY.EXE |
7, 3, 1, 1012 |
360.cn |
2004 |
0.0.0.0:1157 |
|
D:\Program Files\QQ2009\Bin\QQ.exe |
1, 25, 660, 0 |
Tencent |
2004 |
0.0.0.0:1158 |
|
D:\Program Files\QQ2009\Bin\QQ.exe |
1, 25, 660, 0 |
Tencent |
2004 |
0.0.0.0:1159 |
|
D:\Program Files\QQ2009\Bin\QQ.exe |
1, 25, 660, 0 |
Tencent |
2004 |
0.0.0.0:1160 |
|
D:\Program Files\QQ2009\Bin\QQ.exe |
1, 25, 660, 0 |
Tencent |
2004 |
0.0.0.0:1161 |
|
D:\Program Files\QQ2009\Bin\QQ.exe |
1, 25, 660, 0 |
Tencent |
2004 |
0.0.0.0:1162 |
|
D:\Program Files\QQ2009\Bin\QQ.exe |
1, 25, 660, 0 |
Tencent |
2004 |
0.0.0.0:1163 |
|
D:\Program Files\QQ2009\Bin\QQ.exe |
1, 25, 660, 0 |
Tencent |
2004 |
0.0.0.0:1170 |
|
D:\Program Files\QQ2009\Bin\QQ.exe |
1, 25, 660, 0 |
Tencent |
2004 |
0.0.0.0:1171 |
|
D:\Program Files\QQ2009\Bin\QQ.exe |
1, 25, 660, 0 |
Tencent |
2004 |
0.0.0.0:1194 |
|
D:\Program Files\QQ2009\Bin\QQ.exe |
1, 25, 660, 0 |
Tencent |
4076 |
0.0.0.0:1434 |
|
D:\MSSQL\Binn\sqlservr.exe |
2000.080.0760.00 |
Microsoft Corporation |
3020 |
0.0.0.0:2760 |
|
D:\Program Files\QQ2009\Bin\QQ.exe |
1, 25, 660, 0 |
Tencent |
3020 |
0.0.0.0:2761 |
|
D:\Program Files\QQ2009\Bin\QQ.exe |
1, 25, 660, 0 |
Tencent |
3020 |
0.0.0.0:2762 |
|
D:\Program Files\QQ2009\Bin\QQ.exe |
1, 25, 660, 0 |
Tencent |
3020 |
0.0.0.0:2763 |
|
D:\Program Files\QQ2009\Bin\QQ.exe |
1, 25, 660, 0 |
Tencent |
3020 |
0.0.0.0:2764 |
|
D:\Program Files\QQ2009\Bin\QQ.exe |
1, 25, 660, 0 |
Tencent |
3020 |
0.0.0.0:2765 |
|
D:\Program Files\QQ2009\Bin\QQ.exe |
1, 25, 660, 0 |
Tencent |
3020 |
0.0.0.0:2766 |
|
D:\Program Files\QQ2009\Bin\QQ.exe |
1, 25, 660, 0 |
Tencent |
3020 |
0.0.0.0:2769 |
|
D:\Program Files\QQ2009\Bin\QQ.exe |
1, 25, 660, 0 |
Tencent |
3020 |
0.0.0.0:2772 |
|
D:\Program Files\QQ2009\Bin\QQ.exe |
1, 25, 660, 0 |
Tencent |
248 |
0.0.0.0:3600 |
|
C:\Program Files\360\360SAFE\SAFEMON\360TRAY.EXE |
7, 3, 1, 1012 |
360.cn |
2004 |
0.0.0.0:4000 |
|
D:\Program Files\QQ2009\Bin\QQ.exe |
1, 25, 660, 0 |
Tencent |
2004 |
0.0.0.0:4001 |
|
D:\Program Files\QQ2009\Bin\QQ.exe |
1, 25, 660, 0 |
Tencent |
3020 |
0.0.0.0:4002 |
|
D:\Program Files\QQ2009\Bin\QQ.exe |
1, 25, 660, 0 |
Tencent |
3020 |
0.0.0.0:4003 |
|
D:\Program Files\QQ2009\Bin\QQ.exe |
1, 25, 660, 0 |
Tencent |
2216 |
0.0.0.0:4514 |
|
C:\Program Files\Internet Explorer\IEXPLORE.EXE |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
4112 |
0.0.0.0:4999 |
|
C:\Program Files\Internet Explorer\IEXPLORE.EXE |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
2004 |
0.0.0.0:9000 |
|
D:\Program Files\QQ2009\Bin\QQ.exe |
1, 25, 660, 0 |
Tencent |
1536 |
127.0.0.1:123 |
|
C:\WINDOWS\System32\SVCHOST.EXE |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
248 |
127.0.0.1:1025 |
|
C:\Program Files\360\360SAFE\SAFEMON\360TRAY.EXE |
7, 3, 1, 1012 |
360.cn |
336 |
127.0.0.1:1027 |
|
C:\Program Files\Rising\RFW\RsTray.exe |
23.0.0.8 |
Beijing Rising Information Technology Co., Ltd. |
2004 |
127.0.0.1:1165 |
|
D:\Program Files\QQ2009\Bin\QQ.exe |
1, 25, 660, 0 |
Tencent |
1804 |
127.0.0.1:1900 |
|
C:\WINDOWS\System32\SVCHOST.EXE |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
2960 |
127.0.0.1:2638 |
|
D:\海德商业管理系统普及版\DBENG8.EXE |
8.0.1.2600 |
iAnywhere Solutions, Inc. |
2960 |
127.0.0.1:2638 |
|
D:\海德商业管理系统普及版\DBENG8.EXE |
8.0.1.2600 |
iAnywhere Solutions, Inc. |
3020 |
127.0.0.1:2759 |
|
D:\Program Files\QQ2009\Bin\QQ.exe |
1, 25, 660, 0 |
Tencent |
268 |
127.0.0.1:4382 |
|
C:\Program Files\Rising\Rav\RsTray.exe |
23.0.0.8 |
Beijing Rising Information Technology Co., Ltd. |
2216 |
127.0.0.1:4515 |
|
C:\Program Files\Internet Explorer\IEXPLORE.EXE |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
4112 |
127.0.0.1:5000 |
|
C:\Program Files\Internet Explorer\IEXPLORE.EXE |
6.00.2900.5512 (xpsp.080413-2105) |
Microsoft Corporation |
1536 |
169.254.26.228:123 |
|
C:\WINDOWS\System32\SVCHOST.EXE |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
4 |
169.254.26.228:137 |
|
system |
|
|
4 |
169.254.26.228:138 |
|
system |
|
|
1804 |
169.254.26.228:1900 |
|
C:\WINDOWS\System32\SVCHOST.EXE |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
1536 |
222.84.105.202:123 |
|
C:\WINDOWS\System32\SVCHOST.EXE |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
1804 |
222.84.105.202:1900 |
|
C:\WINDOWS\System32\SVCHOST.EXE |
5.1.2600.5512 (xpsp.080413-2111) |
Microsoft Corporation |
Sock提供者检测 |
协议类型 |
CLSID |
路径 |
版本 |
发行商 |
MSAFD Tcpip [TCP/IP] |
{E70F1AA0-AB8B-11CF-8CA3-00805F48A192} |
C:\WINDOWS\system32\mswsock.dll |
5.1.2600.5625 (xpsp_sp3_qfe.080620-1309) |
Microsoft Corporation |
MSAFD Tcpip [UDP/IP] |
{E70F1AA0-AB8B-11CF-8CA3-00805F48A192} |
C:\WINDOWS\system32\mswsock.dll |
5.1.2600.5625 (xpsp_sp3_qfe.080620-1309) |
Microsoft Corporation |
MSAFD Tcpip [RAW/IP] |
{E70F1AA0-AB8B-11CF-8CA3-00805F48A192} |
C:\WINDOWS\system32\mswsock.dll |
5.1.2600.5625 (xpsp_sp3_qfe.080620-1309) |
Microsoft Corporation |
RSVP UDP Service Provider |
{9D60A9E0-337A-11D0-BD88-0000C082E69A} |
C:\WINDOWS\system32\rsvpsp.dll |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
RSVP TCP Service Provider |
{9D60A9E0-337A-11D0-BD88-0000C082E69A} |
C:\WINDOWS\system32\rsvpsp.dll |
5.1.2600.5512 (xpsp.080413-0852) |
Microsoft Corporation |
MSAFD NetBIOS [\Device\NetBT_Tcpip_{EC63A3FE-601B-456A-BCA8-EE0FFC6A1627}] SEQPACKET 0 |
{8D5F1830-C273-11CF-95C8-00805F48A192} |
C:\WINDOWS\system32\mswsock.dll |
5.1.2600.5625 (xpsp_sp3_qfe.080620-1309) |
Microsoft Corporation |
MSAFD NetBIOS [\Device\NetBT_Tcpip_{EC63A3FE-601B-456A-BCA8-EE0FFC6A1627}] DATAGRAM 0 |
{8D5F1830-C273-11CF-95C8-00805F48A192} |
C:\WINDOWS\system32\mswsock.dll |
5.1.2600.5625 (xpsp_sp3_qfe.080620-1309) |
Microsoft Corporation |
MSAFD NetBIOS [\Device\NetBT_Tcpip_{532A58EB-524D-4DA7-9E59-6C84917CFD51}] SEQPACKET 1 |
{8D5F1830-C273-11CF-95C8-00805F48A192} |
C:\WINDOWS\system32\mswsock.dll |
5.1.2600.5625 (xpsp_sp3_qfe.080620-1309) |
Microsoft Corporation |
MSAFD NetBIOS [\Device\NetBT_Tcpip_{532A58EB-524D-4DA7-9E59-6C84917CFD51}] DATAGRAM 1 |
{8D5F1830-C273-11CF-95C8-00805F48A192} |
C:\WINDOWS\system32\mswsock.dll |
5.1.2600.5625 (xpsp_sp3_qfe.080620-1309) |
Microsoft Corporation |
MSAFD NetBIOS [\Device\NetBT_Tcpip_{2EB931CC-CCC8-4756-8DD9-FAD0959B804B}] SEQPACKET 2 |
{8D5F1830-C273-11CF-95C8-00805F48A192} |
C:\WINDOWS\system32\mswsock.dll |
5.1.2600.5625 (xpsp_sp3_qfe.080620-1309) |
Microsoft Corporation |
MSAFD NetBIOS [\Device\NetBT_Tcpip_{2EB931CC-CCC8-4756-8DD9-FAD0959B804B}] DATAGRAM 2 |
{8D5F1830-C273-11CF-95C8-00805F48A192} |
C:\WINDOWS\system32\mswsock.dll |
5.1.2600.5625 (xpsp_sp3_qfe.080620-1309) |
Microsoft Corporation |
MSAFD NetBIOS [\Device\NetBT_Tcpip_{7E533F1A-116A-468B-AEB5-BA986996CBCA}] SEQPACKET 3 |
{8D5F1830-C273-11CF-95C8-00805F48A192} |
C:\WINDOWS\system32\mswsock.dll |
5.1.2600.5625 (xpsp_sp3_qfe.080620-1309) |
Microsoft Corporation |
MSAFD NetBIOS [\Device\NetBT_Tcpip_{7E533F1A-116A-468B-AEB5-BA986996CBCA}] DATAGRAM 3 |
{8D5F1830-C273-11CF-95C8-00805F48A192} |
C:\WINDOWS\system32\mswsock.dll |
5.1.2600.5625 (xpsp_sp3_qfe.080620-1309) |
Microsoft Corporation |
MSAFD NetBIOS [\Device\NetBT_Tcpip_{7117B932-7CC4-40EA-A7C8-49906A62A743}] SEQPACKET 4 |
{8D5F1830-C273-11CF-95C8-00805F48A192} |
C:\WINDOWS\system32\mswsock.dll |
5.1.2600.5625 (xpsp_sp3_qfe.080620-1309) |
Microsoft Corporation |
MSAFD NetBIOS [\Device\NetBT_Tcpip_{7117B932-7CC4-40EA-A7C8-49906A62A743}] DATAGRAM 4 |
{8D5F1830-C273-11CF-95C8-00805F48A192} |
C:\WINDOWS\system32\mswsock.dll |
5.1.2600.5625 (xpsp_sp3_qfe.080620-1309) |
Microsoft Corporation |
SSDT TABLE HOOK检测 |
API NAME |
原始地址 |
当前地址 |
HOOK路径 |
版本 |
发行商 |
NtAssignProcessToJobObject |
0x805D75E2 |
0xBA414831 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |
NtConnectPort |
0x805A5596 |
0xBA341E0C |
C:\Program Files\Rising\RFW\rfwtdi.sys |
25.0.0.6 |
Beijing Rising Information Technology Co., Ltd. |
NtCreateKey |
0x806247C8 |
0xBA4149DE |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |
NtCreateMutant |
0x80617D76 |
0xBA4148B5 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |
NtCreateProcess |
0x805D21EA |
0xBA41499C |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |
NtCreateProcessEx |
0x805D2134 |
0xBA41497B |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |
NtCreateSection |
0x805AC38E |
0xBA414D38 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |
NtCreateSymbolicLinkObject |
0x805C49A6 |
0xBA4149BD |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |
NtCreateThread |
0x805D1FD2 |
0xBA414663 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |
NtDebugActiveProcess |
0x8064420E |
0xBA4147AD |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |
NtDeleteKey |
0x80624C64 |
0xBA414A41 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |
NtDeleteValueKey |
0x80624E34 |
0xBA414A20 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |
NtDeviceIoControlFile |
0x8057A24A |
0xBA414852 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |
NtDuplicateObject |
0x805BEFB4 |
0xBA41495A |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |
NtLoadDriver |
0x8058513A |
0xBA414621 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |
NtLockVirtualMemory |
0x805B78FE |
0xBA41476B |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |
NtOpenKey |
0x80625BA6 |
0xBA414AC5 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |
NtOpenProcess |
0x805CC3FA |
0xBA4148F7 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |
NtOpenSection |
0x805AB3B2 |
0xBA414684 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |
NtProtectVirtualMemory |
0x805B93CA |
0xBA41474A |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |
NtQueryDirectoryFile |
0x8057AE64 |
0xBA414894 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |
NtQuerySystemInformation |
0x806120BE |
0xBA414939 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |
NtQueryValueKey |
0x806229EC |
0xBA414810 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |
NtQueueApcThread |
0x805D2230 |
0xBA414729 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |
NtRenameKey |
0x806241EA |
0xBA414A62 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |
NtRequestWaitReplyPort |
0x805A3D3C |
0xBA4147EF |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |
NtRestoreKey |
0x806261A8 |
0xBA414AA4 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |
NtSetContextThread |
0x805D26F4 |
0xBA4146E7 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |
NtSetInformationProcess |
0x805CEE44 |
0xBA414918 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |
NtSetSecurityObject |
0x805C15DA |
0xBA414A83 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |
NtSetSystemInformation |
0x806103EC |
0xBA41478C |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |
NtSetSystemTime |
0x80614B86 |
0xBA414873 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |
NtSetValueKey |
0x80622D3A |
0xBA4149FF |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |
NtSuspendProcess |
0x805D5A22 |
0xBA414708 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |
NtSuspendThread |
0x805D5894 |
0xBA4146C6 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |
NtSystemDebugControl |
0x80618792 |
0xBA4147CE |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |
NtTerminateProcess |
0x805D3982 |
0xBA414600 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |
NtTerminateThread |
0x805D3B7C |
0xBA4146A5 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |
NtUnmapViewOfSection |
0x805B3DF4 |
0xBA4148D6 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |
NtWriteVirtualMemory |
0x805B5378 |
0xBA414642 |
C:\WINDOWS\system32\drivers\HOOKHELP.sys |
25, 0, 0, 6 |
Beijing Rising Information Technology Co., Ltd. |