系统诊断报告 本报告由提供 http://www.fygsoft.com 报告生成时间:[2011-09-13 09:45:17] 操作系统为:WindowsXP 5.1.2600.2 Service Pack 3 Internet Explorer版本为:V8.0.6001.18702 Build:86001 木马清道夫版本:11.07.1150 总共内存为:479M 剩余内存为:113M 进程模块信息: 1 (安全进程):C:\WINDOWS\system32\smss.exe 命令行: \SystemRoot\System32\smss.exe 2 (安全进程):c:\WINDOWS\system32\csrss.exe 命令行: C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 3 (安全进程):c:\WINDOWS\system32\winlogon.exe 命令行: winlogon.exe 4 (安全进程):c:\WINDOWS\system32\services.exe 命令行: C:\WINDOWS\system32\services.exe 5 (安全进程):c:\WINDOWS\system32\lsass.exe 命令行: C:\WINDOWS\system32\lsass.exe 6 (安全进程):c:\WINDOWS\system32\svchost.exe 命令行: C:\WINDOWS\system32\svchost -k DcomLaunch 7 (安全进程):c:\WINDOWS\system32\svchost.exe 命令行: C:\WINDOWS\system32\svchost -k rpcss 8 未知进程:c:\program files\Rising\RSD\RsMgrSvc.exe 命令行: "C:\Program Files\Rising\RSD\RsMgrSvc.exe" 9 未知进程:c:\program files\Rising\RAV\RavMonD.exe 命令行: "C:\Program Files\Rising\RAV\RavMonD.exe" 10 - 未知模块:c:\program files\Rising\RAV\combase.dll 11 - 未知模块:c:\program files\Rising\RAV\rsconf.dll 12 - 未知模块:c:\program files\Rising\RAV\rslog.dll 13 - 未知模块:c:\program files\Rising\RAV\rsstore.dll 14 - 未知模块:c:\program files\Rising\RAV\mondrvd.dll 15 - 未知模块:c:\program files\Rising\RAV\defmon.dll 16 - 未知模块:c:\program files\Rising\RAV\mondrvm.dll 17 - 未知模块:c:\program files\Rising\RAV\MonRule.dll 18 - 未知模块:c:\program files\Rising\RAV\Filemon.dll 19 - 未知模块:c:\program files\Rising\RAV\MailMon.dll 20 - 未知模块:c:\program files\Rising\RAV\rsindent.dll 21 - 未知模块:c:\program files\Rising\RAV\bacore.dll 22 - 未知模块:c:\program files\Rising\RAV\rsnetsvr.dll 23 - 未知模块:c:\program files\Rising\RAV\Scanner.dll 24 - 未知模块:c:\program files\Rising\RAV\recomp.dll 25 - 未知模块:c:\program files\Rising\RAV\refs.dll 26 - 未知模块:c:\program files\Rising\RAV\VirusLib.dll 27 - 未知模块:c:\program files\Rising\RAV\ScanSrv.dll 28 - 未知模块:c:\program files\Rising\RAV\scanpe.dll 29 - 未知模块:c:\program files\Rising\RAV\pearc.dll 30 - 未知模块:c:\program files\Rising\RAV\vmicore.dll 31 - 未知模块:c:\program files\Rising\RAV\engext.dll 32 - 未知模块:c:\program files\Rising\RAV\scantj.dll 33 - 未知模块:c:\program files\Rising\RAV\extsfx.dll 34 - 未知模块:c:\program files\Rising\RAV\scanex.dll 35 - 未知模块:c:\program files\Rising\RAV\ScanExec.dll 36 - 未知模块:c:\program files\Rising\RAV\ExtOLE.dll 37 - 未知模块:c:\program files\Rising\RAV\extarch.dll 38 - 未知模块:c:\program files\Rising\RAV\extcomp.dll 39 - 未知模块:c:\program files\Rising\RAV\ur025.dat 40 - 未知模块:c:\program files\Rising\RAV\ScanRavT.dll 41 - 未知模块:c:\program files\Rising\RAV\ScanBT.dll 42 - 未知模块:c:\program files\Rising\RAV\ScanStub.dll 43 未知进程:c:\program files\Rising\RFW\RavMonD.exe 命令行: "C:\Program Files\Rising\RFW\RavMonD.exe" 44 - 未知模块:c:\program files\Rising\RFW\combase.dll 45 - 未知模块:c:\program files\Rising\RFW\rsconf.dll 46 - 未知模块:c:\program files\Rising\RFW\rfwlog.dll 47 - 未知模块:c:\program files\Rising\RFW\rfwrule.dll 48 - 未知模块:c:\program files\Rising\RFW\rfwsrv.dll 49 - 未知模块:c:\program files\Rising\RFW\mports.dll 50 - 未知模块:c:\program files\Rising\RFW\rfwdrvc.dll 51 - 未知模块:c:\program files\Rising\RFW\fishweb.dll 52 - 未知模块:c:\program files\Rising\RFW\rsindent.dll 53 - 未知模块:c:\program files\Rising\RFW\rfwPgDef.dll 54 - 未知模块:c:\program files\Rising\RFW\rfwdrv.dll 55 - 未知模块:c:\program files\Rising\RFW\recomp.dll 56 - 未知模块:c:\program files\Rising\RFW\refs.dll 57 - 未知模块:c:\program files\Rising\RFW\VirusLib.dll 58 - 未知模块:c:\program files\Rising\RFW\rfwproxy.dll 59 - 未知模块:c:\program files\Rising\RFW\fwfish.dll 60 - 未知模块:c:\program files\Rising\RFW\fwcomp.dll 61 - 未知模块:c:\program files\Rising\RFW\fwfs.dll 62 - 未知模块:c:\program files\Rising\RFW\fwvirlib.dll 63 - 未知模块:c:\program files\Rising\RFW\fwlibldr.dll 64 (安全进程):c:\WINDOWS\system32\svchost.exe 命令行: C:\WINDOWS\System32\svchost.exe -k netsvcs 65 (安全进程):c:\WINDOWS\system32\svchost.exe 命令行: C:\WINDOWS\system32\svchost.exe -k NetworkService 66 (安全进程):c:\program files\common files\microsoft shared\IME14WR\SHARED\imedictupdate.exe 命令行: "C:\Program Files\Common Files\Microsoft Shared\IME14WR\SHARED\IMEDICTUPDATE.EXE" 67 (安全进程):c:\WINDOWS\system32\svchost.exe 命令行: C:\WINDOWS\system32\svchost -k DoctorService 68 - 未知模块:c:\program files\thunder network\Thunder\Program\DctSer.dll 69 (安全进程):c:\WINDOWS\explorer.exe 命令行: C:\WINDOWS\Explorer.EXE 70 - 未知模块:c:\program files\Rising\RSA\regcall.dll 71 (安全进程):c:\ftc2010\trojanwall.exe 命令行: "C:\ftc2010\Trojanwall.exe" 72 - 未知模块:c:\program files\Rising\RSA\regcall.dll 73 未知进程:c:\program files\Rising\RFW\RsTray.exe 命令行: "C:\Program Files\Rising\RFW\RSTRAY.EXE" -system 74 - 未知模块:c:\program files\Rising\RFW\ComServ.dll 75 - 未知模块:c:\program files\Rising\RFW\rfwrule.dll 76 - 未知模块:c:\program files\Rising\RFW\rsconf.dll 77 - 未知模块:c:\program files\Rising\RFW\RsGuiLib.dll 78 - 未知模块:c:\program files\Rising\RFW\rsnetsvr.dll 79 - 未知模块:c:\program files\Rising\RFW\rsmginfo.dll 80 - 未知模块:c:\program files\Rising\RFW\rfwtray.dll 81 - 未知模块:c:\program files\Rising\RFW\rfwlog.dll 82 未知进程:c:\program files\Rising\RAV\RsTray.exe 命令行: "C:\Program Files\Rising\RAV\RSTRAY.EXE" -system 83 - 未知模块:c:\program files\Rising\RAV\ComServ.dll 84 - 未知模块:c:\program files\Rising\RAV\RsGuiLib.dll 85 - 未知模块:c:\program files\Rising\RAV\rsconf.dll 86 - 未知模块:c:\program files\Rising\RAV\mruleui.dll 87 - 未知模块:c:\program files\Rising\RAV\MonTray.dll 88 - 未知模块:c:\program files\Rising\RAV\rsmginfo.dll 89 - 未知模块:c:\program files\Rising\RAV\UsbServ.dll 90 - 未知模块:c:\program files\Rising\RAV\scantray.dll 91 - 未知模块:c:\program files\Rising\RAV\dfw.dll 92 - 未知模块:c:\program files\Rising\RAV\Gcompt.dll 93 - 未知模块:c:\program files\Rising\RAV\Isol.dll 94 - 未知模块:c:\program files\Rising\RAV\rsstore.dll 95 未知进程:c:\program files\Rising\RSA\tray.exe 命令行: "C:\Program Files\Rising\RSA\tray.exe" -system 96 - 未知模块:c:\program files\Rising\RSA\rscom.dll 97 - 未知模块:c:\program files\Rising\RSA\rsxml3w.dll 98 - 未知模块:c:\program files\Rising\RSA\procenv.dll 99 - 未知模块:c:\program files\Rising\RSA\pubcomm.dll 100 - 未知模块:c:\program files\Rising\RSA\rscfgmgr.dll 101 - 未知模块:c:\program files\Rising\RSA\traywnd.dll 102 - 未知模块:c:\program files\Rising\RSA\katray.dll 103 - 未知模块:c:\program files\Rising\RSA\regcall.dll 104 - 未知模块:c:\program files\Rising\RSA\comx3.dll 105 - 未知模块:c:\program files\Rising\RSA\BRScan.dll 106 - 未知模块:c:\program files\Rising\RSA\dfw.dll 107 - 未知模块:c:\program files\Rising\RSA\ProcMgr.dll 108 - 未知模块:c:\program files\Rising\RSA\rsktdi.dll 109 - 未知模块:c:\program files\Rising\RSA\callsrv.dll 110 - 未知模块:c:\program files\Rising\RSA\BDScan.dll 111 - 未知模块:c:\program files\Rising\RSA\rsp2pclient.dll 112 - 未知模块:c:\program files\Rising\RSA\kkdb.dll 113 - 未知模块:c:\program files\Rising\RSA\rsdbmgr.dll 114 - 未知模块:c:\program files\Rising\RSA\SecScan.dll 115 - 未知模块:c:\program files\Rising\RSA\Ntlib.dll 116 - 未知模块:c:\program files\Rising\RSA\BDStub.dll 117 - 未知模块:c:\program files\Rising\RSA\rstask.dll 118 - 未知模块:c:\program files\Rising\RSA\cloudqry.dll 119 - 未知模块:c:\program files\Rising\RSA\fixldr.dll 120 - 未知模块:c:\program files\Rising\RSA\cloudcom.dll 121 - 未知模块:c:\program files\Rising\RSA\rslogweb.dll 122 - 未知模块:c:\program files\Rising\RSA\pearc.dll 123 - 未知模块:c:\program files\Rising\RSA\RsStore.dll 124 - 未知模块:c:\program files\Rising\RSA\cloudnet.dll 125 - 未知模块:c:\program files\Rising\RSA\cloudqry2.dll 126 - 未知模块:c:\program files\Rising\RSA\cloudtfc.dll 127 - 未知模块:c:\program files\Rising\RSA\wkset.dll 128 - 未知模块:c:\program files\Rising\RSA\sysfirewall.dll 129 - 未知模块:c:\program files\Rising\RSA\syssecuritymon.dll 130 - 未知模块:c:\program files\Rising\RSA\sysleakmon.dll 131 - 未知模块:c:\program files\Rising\RSA\balewebmon.dll 132 - 未知模块:c:\program files\Rising\RSA\balefilemon.dll 133 - 未知模块:c:\program files\Rising\RSA\UDiskUim.dll 134 - 未知模块:c:\program files\Rising\RAV\ravscrch.dll 135 (安全进程):c:\WINDOWS\system32\ctfmon.exe 命令行: "C:\WINDOWS\system32\ctfmon.exe" 136 (安全进程):c:\WINDOWS\system32\svchost.exe 命令行: C:\WINDOWS\system32\svchost.exe -k LocalService 137 未知进程:c:\program files\thunder network\Thunder\Program\Thunder.exe 命令行: "C:\Program Files\Thunder Network\Thunder\Program\Thunder.exe" /AgentFile:C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Age14.tmp -StartType:BHO_Context 138 - 未知模块:c:\program files\thunder network\Thunder\Program\XLUE.dll 139 - 未知模块:c:\program files\thunder network\Thunder\Program\xlgraphic.dll 140 - 未知模块:c:\program files\thunder network\Thunder\Program\libpng13.dll 141 - 未知模块:c:\program files\thunder network\Thunder\Program\zlib1.dll 142 - 未知模块:c:\program files\thunder network\Thunder\Program\XLFSIO.dll 143 - 未知模块:c:\program files\thunder network\Thunder\Program\minizip.dll 144 - 未知模块:c:\program files\thunder network\Thunder\Program\xlluaruntime.dll 145 - 未知模块:c:\program files\thunder network\Thunder\Program\libexpat.dll 146 - 未知模块:c:\program files\thunder network\Thunder\Program\xlbughandler.dll 147 - 未知模块:c:\program files\thunder network\Thunder\Program\sqlite3.dll 148 - 未知模块:c:\program files\Rising\RSA\regcall.dll 149 - 未知模块:c:\program files\thunder network\Thunder\Program\xl_data.dll 150 - 未知模块:c:\program files\thunder network\Thunder\Program\downloadkernel.dll 151 - 未知模块:c:\program files\thunder network\Thunder\Program\asyn_download_interface.dll 152 - 未知模块:c:\program files\thunder network\Thunder\Program\tp_proxy.dll 153 - 未知模块:c:\program files\thunder network\Thunder\Program\xl_stat_client.dll 154 - 未知模块:c:\program files\thunder network\Thunder\Program\dl_peer_id.dll 155 - 未知模块:c:\program files\thunder network\Thunder\Program\xl_client.dll 156 - 未知模块:c:\program files\thunder network\Thunder\Program\asyn_frame.dll 157 - 未知模块:c:\program files\thunder network\Thunder\Program\dl_uac_tool.dll 158 - 未知模块:c:\program files\thunder network\Thunder\Program\mp.dll 159 - 未知模块:c:\program files\thunder network\Thunder\Program\XLUserAX.dll 160 - 未知模块:c:\program files\thunder network\Thunder\Program\basecommunity.dll 161 - 未知模块:c:\program files\thunder network\Thunder\Program\superdownloadinfo.dll 162 - 未知模块:c:\program files\thunder network\Thunder\addins\community\xlcpaddinmanager.dll 163 - 未知模块:c:\program files\thunder network\Thunder\addins\community\community.dll 164 - 未知模块:c:\program files\thunder network\Thunder\addins\community\http.dll 165 - 未知模块:c:\program files\thunder network\Thunder\addins\community\XLCP.dll 166 - 未知模块:c:\program files\thunder network\Thunder\addins\community\BaseIM.dll 167 - 未知模块:c:\program files\thunder network\Thunder\addins\community\tipsmanager.dll 168 - 未知模块:c:\program files\thunder network\Thunder\addins\adtipsaddin\tipsclient.dll 169 - 未知模块:c:\program files\thunder network\Thunder\addins\mallassistantaddin\mallassistantaddin.dll 170 - 未知模块:c:\program files\thunder network\Thunder\addins\adtipsaddin\XLSkin.dll 171 - 未知模块:c:\program files\thunder network\Thunder\addins\doctoraddin\doctoraddin.dll 172 - 未知模块:c:\program files\thunder network\Thunder\addins\adtipsaddin\XLNetU.dll 173 - 未知模块:c:\program files\thunder network\Thunder\XLDoctor\7.2.1.3136_2\Program\XLDoctor.dll 174 - 未知模块:c:\program files\thunder network\Thunder\XLDoctor\7.2.1.3136_2\Program\xluploadinfo.dll 175 - 未知模块:c:\program files\thunder network\Thunder\addins\inmediaaddin\iEmbed.dll 176 - 未知模块:c:\program files\thunder network\Thunder\addins\DS\xlds.dll 177 - 未知模块:c:\program files\thunder network\Thunder\addins\DS\xldp.dll 178 - 未知模块:c:\program files\thunder network\Thunder\addins\DS\XLNetU.dll 179 - 未知模块:c:\program files\thunder network\Thunder\addins\DS\xlmw.dll 180 - 未知模块:c:\program files\thunder network\Thunder\XLDoctor\7.2.1.3136_2\Program\tp_proxy.dll 181 - 未知模块:c:\program files\thunder network\Thunder\addins\P2pShare\P2pShare.dll 182 - 未知模块:c:\program files\thunder network\Thunder\addins\urlshareaddin\urlsharecpp.dll 183 - 未知模块:c:\program files\thunder network\Thunder\addins\tipsaddin\tipsaddin.dll 184 - 未知模块:c:\program files\thunder network\Thunder\addins\videoaddin\videoaddin.dll 185 - 未知模块:c:\program files\thunder network\Thunder\addins\XLMC\xlmc.dll 186 - 未知模块:c:\program files\thunder network\Thunder\addins\XLMC\XLNetU.dll 187 未知进程:c:\program files\common files\thunder network\TP\Ver1\1.1.2.76_1111\thunderplatform.exe 命令行: "c:\program files\common files\thunder network\tp\ver1\1.1.2.76_1111\thunderplatform.exe" -StartTP 188 - 未知模块:c:\program files\common files\thunder network\TP\Ver1\1.1.2.76_1111\minizip.dll 189 - 未知模块:c:\program files\common files\thunder network\TP\Ver1\1.1.2.76_1111\zlib1.dll 190 - 未知模块:c:\program files\common files\thunder network\TP\Ver1\1.1.2.76_1111\xlbughandler.dll 191 - 未知模块:c:\program files\common files\thunder network\TP\Ver1\1.1.2.76_1111\dl_uac_tool.dll 192 - 未知模块:c:\program files\common files\thunder network\TP\Ver1\1.1.2.76_1111\download_engine.dll 193 - 未知模块:c:\program files\common files\thunder network\TP\Ver1\1.1.2.76_1111\mp.dll 194 - 未知模块:c:\program files\common files\thunder network\TP\Ver1\1.1.2.76_1111\asyn_frame.dll 195 - 未知模块:c:\program files\common files\thunder network\TP\Ver1\1.1.2.76_1111\ts.dll 196 - 未知模块:c:\program files\common files\thunder network\TP\Ver1\1.1.2.76_1111\TA.dll 197 - 未知模块:c:\program files\common files\thunder network\TP\Ver1\1.1.2.76_1111\backend_agent.dll 198 - 未知模块:c:\program files\common files\thunder network\TP\Ver1\1.1.2.76_1111\XLCrypto.dll 199 - 未知模块:c:\program files\common files\thunder network\TP\Ver1\1.1.2.76_1111\ptl.dll 200 - 未知模块:c:\program files\common files\thunder network\TP\Ver1\1.1.2.76_1111\dl_peer_id.dll 201 - 未知模块:c:\program files\common files\thunder network\TP\Ver1\1.1.2.76_1111\xl_data.dll 202 - 未知模块:c:\program files\common files\thunder network\TP\Ver1\1.1.2.76_1111\xlluaruntime.dll 203 - 未知模块:c:\program files\common files\thunder network\TP\Ver1\1.1.2.76_1111\xlfsio.dll 204 - 未知模块:c:\program files\common files\thunder network\TP\Ver1\1.1.2.76_1111\libexpat.dll 205 - 未知模块:c:\program files\common files\thunder network\TP\Ver1\1.1.2.76_1111\xl_client.dll 206 - 未知模块:c:\documents and settings\all users\application data\thunder network\thunderplatform\thunderplatform_1.1.2.76_1111_a\components\downloadlibdll\md_p_1.0.247\xl_stat.dll 207 - 未知模块:c:\program files\Rising\RSA\regcall.dll 208 - 未知模块:c:\program files\common files\thunder network\TP\Ver1\1.1.2.76_1111\p2p_upload.dll 209 - 未知模块:c:\program files\common files\thunder network\TP\Ver1\1.1.2.76_1111\dphubt.dll 210 - 未知模块:c:\program files\common files\thunder network\TP\Ver1\1.1.2.76_1111\stream.dll 211 - 未知模块:c:\program files\common files\thunder network\TP\Ver1\1.1.2.76_1111\p2p.dll 212 - 未知模块:c:\program files\common files\thunder network\TP\Ver1\1.1.2.76_1111\fs.dll 213 - 未知模块:c:\program files\common files\thunder network\TP\Ver1\1.1.2.76_1111\p2sp.dll 214 - 未知模块:c:\program files\common files\thunder network\TP\Ver1\1.1.2.76_1111\down_dispatcher.dll 215 - 未知模块:c:\documents and settings\all users\application data\thunder network\thunderplatform\thunderplatform_1.1.2.76_1111_a\components\downloadlibdll\md_p_1.0.247\member_stat.dll 216 - 未知模块:c:\program files\common files\thunder network\TP\Ver1\1.1.2.76_1111\al.dll 217 - 未知模块:c:\program files\common files\thunder network\TP\Ver1\1.1.2.76_1111\xlnet_manager.dll 218 - 未知模块:c:\program files\common files\thunder network\TP\Ver1\1.1.2.76_1111\p2p_local_res.dll 219 - 未知模块:c:\program files\common files\thunder network\TP\Ver1\1.1.2.76_1111\media_data.dll 220 - 未知模块:c:\program files\common files\thunder network\TP\Ver1\1.1.2.76_1111\sl.dll 221 - 未知模块:c:\program files\common files\thunder network\TP\Ver1\1.1.2.76_1111\module_downloader.dll 222 - 未知模块:c:\program files\common files\thunder network\TP\Ver1\1.1.2.76_1111\mini_unzip_dll.dll 223 - 未知模块:c:\program files\common files\thunder network\TP\Ver1\1.1.2.76_1111\task_report.dll 224 - 未知模块:c:\program files\common files\thunder network\TP\Ver1\1.1.2.76_1111\p2p_session_com.dll 225 - 未知模块:c:\program files\common files\thunder network\TP\Ver1\1.1.2.76_1111\p2ptl2.dll 226 - 未知模块:c:\program files\common files\thunder network\TP\Ver1\1.1.2.76_1111\p2p_cloud.dll 227 - 未知模块:c:\program files\common files\thunder network\TP\Ver1\1.1.2.76_1111\dtnet.dll 228 - 未知模块:c:\documents and settings\all users\application data\thunder network\thunderplatform\thunderplatform_1.1.2.76_1111_a\components\downloadlibdll\md_p_1.0.247\bd.dll 229 未知进程:c:\program files\Rising\RAV\RsAgent.exe 命令行: "C:\Program Files\Rising\RAV\RsAgent.exe" 230 - 未知模块:c:\WINDOWS\system32\Macromed\Flash\Flash10t.ocx 231 (安全进程):c:\ftc2010\ftcleaner.exe 命令行: "C:\ftc2010\FTCleaner.exe" 232 - 未知模块:c:\program files\Rising\RSA\regcall.dll 233 (安全进程):c:\ftc2010\fyganalyze.exe 命令行: C:\ftc2010\FygAnalyze.exe 234 - 未知模块:c:\program files\Rising\RSA\regcall.dll 启动信息: 235 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] (安全) 236 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 未知<"C:\Program Files\Rising\RFW\RSTRAY.EXE" -system> 237 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 未知<"C:\Program Files\Rising\RAV\RSTRAY.EXE" -system> 238 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 未知<"C:\Program Files\Rising\RSA\tray.exe" -system> 239 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] (安全) 240 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] 241 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] 242 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] 243 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] <> 244 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] 245 [C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\] 246 [C:\Documents and Settings\All Users\「开始」菜单\程序\启动\] IE辅助对象BHO信息: 无可疑 IE右键菜单信息: 247 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt] <使用迅雷下载全部链接> 248 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt] <导出到 Microsoft Office Excel(&X)> IE工具栏项信息: 无可疑 ActiveX对象DPF信息: 249 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units] <{D27CDB6E-AE6D-11CF-96B8-444553540000}> 网络服务SPI信息: 无可疑 映像劫持IFEO信息: 250 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] 系统服务信息: 251 [ COM+ System Application | COMSysApp | 停用 ] c:\windows\system32\dllhost.exe /processid:{02d4b3f1-fd88-11d1-960d-00805fc79235} 252 [ Human Interface Device Access | HidServ | 停用 ] c:\windows\system32\svchost.exe - c:\windows\system32\hidserv.dll 253 [ Rsd Service | RsMgrSvc | 启动 ] c:\program files\rising\rsd\rsmgrsvc.exe 254 [ Rav Service | RsRavMon | 启动 ] c:\program files\rising\rav\ravmond.exe 255 [ RFW Service | RsRFWMon | 启动 ] c:\program files\rising\rfw\ravmond.exe 256 [ XLDoctor Service | XLDoctor Service | 启动 ] c:\windows\system32\svchost.exe - c:\program files\thunder network\thunder\program\dctser.dll 系统驱动信息: 257 [ hooksys | hooksys | 启动 ] c:\windows\system32\drivers\hooksys.sys 258 [ HookTdi | HookTdi | 启动 ] c:\windows\system32\drivers\hooktdi.sys 259 [ rfwaf | rfwaf | 启动 ] c:\program files\rising\rfw\rfwaf.sys 260 [ rfwtdi | rfwtdi | 启动 ] c:\program files\rising\rfw\rfwtdi.sys 261 [ rsd protect | rsdsys | 启动 ] c:\windows\system32\drivers\protreg.sys 262 [ rsfwdrv | rsfwdrv | 启动 ] c:\program files\rising\rfw\rsfwdrv.sys 263 [ rsktdi | rsktdi | 启动 ] c:\windows\system32\drivers\rsktdi.sys 已经加载的驱动信息: 264 c:\windows\system32\drivers\rsktdi.sys 265 c:\windows\system32\drivers\hooktdi.sys 266 c:\windows\system32\drivers\hookhelp.sys 267 c:\windows\system32\drivers\hooksys.sys 268 C:\WINDOWS\system32\drivers\dump_diskdump.sys 269 C:\WINDOWS\system32\drivers\dump_nvgts.sys 270 c:\program files\rising\rfw\rfwaf.sys 271 c:\program files\rising\rfw\rfwtdi.sys 272 c:\windows\system32\drivers\protreg.sys 273 c:\program files\rising\rfw\rsfwdrv.sys ============================================== 木马清道夫,最受欢迎的木马查杀软件,超强查杀各类木马病毒 下载地址:http://www.fygsoft.com