瑞星防火墙不能启动，用瑞星听诊器扫描的
未知家族病毒分析
扫描结果:

无可疑文件

系统活动进程
C:\WINDOWS\SYSTEM32\SPOOLSV.EXE

C:\WINDOWS\SYSTEM32\TCPSVCS.EXE

C:\WINDOWS\SYSTEM32\KMON.DLL
C:\WINDOWS\SYSTEM32\IERTUTIL.DLL

C:\WINDOWS\SYSTEM32\CTFMON.EXE

C:\WINDOWS\SYSTEM32\KMON.DLL
C:\WINDOWS\SYSTEM32\IERTUTIL.DLL

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\windows\SYSTEM32\SMSS.EXE

C:\PROGRAM FILES\RISING\ANTISPYWARE\RSTRAY.EXE

C:\WINDOWS\SYSTEM32\KMON.DLL
C:\WINDOWS\SYSTEM32\IERTUTIL.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\RSMGINFO.DLL
C:\WINDOWS\SYSTEM32\NORMALIZ.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\RSXML.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\MSVCP71.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\MSVCR71.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\COMSERV.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\SYSLAY.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\RSCOMMON.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\COMX3.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\PNGDLL.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\RUNIEP.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\NCOMM.DLL
C:\PROGRAM FILES\RISING\RAV\PROCCOM.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\RSCOMMX2.DLL
C:\WINDOWS\SYSTEM32\RAVEXT.DLL

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\SYSTEM32\KMON.DLL
C:\WINDOWS\SYSTEM32\IERTUTIL.DLL

C:\WINDOWS\SYSTEM32\CSRSS.EXE

C:\WINDOWS\SYSTEM32\WINLOGON.EXE

C:\WINDOWS\SYSTEM32\ATI2EVXX.DLL
C:\WINDOWS\SYSTEM32\MSACM32.DRV

C:\WINDOWS\SYSTEM32\SERVICES.EXE

C:\WINDOWS\APPPATCH\ACADPROC.DLL

C:\WINDOWS\SYSTEM32\LSASS.EXE

C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE

C:\WINDOWS\SYSTEM32\KMON.DLL
C:\WINDOWS\SYSTEM32\IERTUTIL.DLL
C:\WINDOWS\SYSTEM32\ATI2EDXX.DLL
C:\WINDOWS\SYSTEM32\ATIPDLXX.DLL

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\PROGRAM FILES\ASUS\GAMEROSD\GAMEROSD.EXE

C:\WINDOWS\SYSTEM32\KMON.DLL
C:\WINDOWS\SYSTEM32\IERTUTIL.DLL
C:\WINDOWS\SYSTEM32\MSACM32.DRV
C:\PROGRAM FILES\ASUS\GAMEROSD\IMAGETRANSFORM.DLL
C:\WINDOWS\SYSTEM32\IMAADP32.ACM
C:\WINDOWS\SYSTEM32\MSADP32.ACM
C:\WINDOWS\SYSTEM32\MSG711.ACM
C:\WINDOWS\SYSTEM32\MSGSM32.ACM
C:\WINDOWS\SYSTEM32\TSSOFT32.ACM
C:\WINDOWS\SYSTEM32\MSG723.ACM
C:\WINDOWS\SYSTEM32\MSAUD32.ACM
C:\WINDOWS\SYSTEM32\SL_ANET.ACM
C:\WINDOWS\SYSTEM32\IAC25_32.AX
C:\WINDOWS\SYSTEM32\L3CODECA.ACM

C:\WINDOWS\ATKKBSERVICE.EXE

C:\WINDOWS\SYSTEM32\KMON.DLL
C:\WINDOWS\SYSTEM32\IERTUTIL.DLL
C:\WINDOWS\SYSTEM32\ATIPDLXX.DLL

C:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE

C:\PROGRAM FILES\RISING\RAV\PROCCOM.DLL
C:\PROGRAM FILES\RISING\RAV\RSCOMMX2.DLL
C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL
C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.DLL
C:\PROGRAM FILES\RISING\RAV\CFGDLL.DLL

C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE

C:\WINDOWS\SYSTEM32\IERTUTIL.DLL
C:\WINDOWS\SYSTEM32\KMON.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\COMX3.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\SYSLAY.DLL
C:\WINDOWS\SYSTEM32\IEFRAME.DLL
C:\WINDOWS\SYSTEM32\IEUI.DLL
C:\WINDOWS\SYSTEM32\XMLLITE.DLL
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE12\MSOHEVI.DLL
C:\PROGRAM FILES\INTERNET EXPLORER\IEPROXY.DLL
C:\WINDOWS\SYSTEM32\NORMALIZ.DLL
C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL
D:\PROGRAM FILES\TENCENT\QQDOWNLOAD\QQIEHELPER01.DLL
C:\PROGRAM FILES\THUNDER NETWORK\WEBTHUNDER\WEBTHUNDERBHO_NOW.DLL
C:\WINDOWS\SYSTEM32\URLFILTER.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\URLRULE.DLL
C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBARNOTIFIER\2.0.301.7164\SWG.DLL
C:\PROGRAM FILES\INTERNET EXPLORER\CONNECTION WIZARD\TDATONCE_NOW.DLL
C:\WINDOWS\SYSTEM32\MSVCR71.DLL
C:\WINDOWS\SYSTEM32\IEAPFLTR.DLL
C:\PROGRAM FILES\RISING\RAV\RAVSCRCH.DLL
C:\WINDOWS\SYSTEM32\MACROMED\FLASH\FLDBG10A.OCX
C:\WINDOWS\SYSTEM32\MSACM32.DRV
D:\PROGRAM FILES\TENCENT\QQMUSIC\QZONEMUSIC.DLL
C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\NORMALIZ.DLL
C:\WINDOWS\SYSTEM32\IERTUTIL.DLL
C:\WINDOWS\SYSTEM32\WUPS2.DLL

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE

C:\WINDOWS\SYSTEM32\KMON.DLL
C:\WINDOWS\SYSTEM32\IERTUTIL.DLL
C:\WINDOWS\SYSTEM32\ATI2EDXX.DLL
C:\WINDOWS\SYSTEM32\ATIPDLXX.DLL
C:\WINDOWS\SYSTEM32\ATI2EVXX.DLL

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\NORMALIZ.DLL
C:\WINDOWS\SYSTEM32\IERTUTIL.DLL

C:\PROGRAM FILES\STORMII\STORMLIV.EXE

C:\PROGRAM FILES\STORMII\MSVCP60.DLL
C:\WINDOWS\SYSTEM32\NORMALIZ.DLL
C:\WINDOWS\SYSTEM32\IERTUTIL.DLL
C:\WINDOWS\SYSTEM32\KMON.DLL
C:\PROGRAM FILES\STORMII\BFOPTDLL.DLL
C:\PROGRAM FILES\STORMII\BOX\BOXLOG.DLL

C:\WINDOWS\EXPLORER.EXE

C:\WINDOWS\SYSTEM32\NORMALIZ.DLL
C:\WINDOWS\SYSTEM32\IERTUTIL.DLL
C:\WINDOWS\SYSTEM32\KMON.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\COMX3.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\SYSLAY.DLL
C:\WINDOWS\SYSTEM32\IEFRAME.DLL
C:\WINDOWS\SYSTEM32\MSACM32.DRV
C:\PROGRAM FILES\RISING\RAV\RAVSCRCH.DLL
C:\WINDOWS\SYSTEM32\QQPINYIN.IME
D:\PROGRAM FILES\NOKIA\NOKIA PC SUITE 7\PHONEBROWSER.DLL
D:\PROGRAM FILES\NOKIA\NOKIA PC SUITE 7\NGSCM.DLL
D:\PROGRAM FILES\NOKIA\NOKIA PC SUITE 7\LANG\PHONEBROWSER_CHI-SC.NLR
D:\PROGRAM FILES\NOKIA\NOKIA PC SUITE 7\RESOURCE\PHONEBROWSER_NOKIA.NGR
C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL
C:\WINDOWS\SYSTEM32\RAVEXT.DLL
C:\PROGRAM FILES\WINRAR\RAREXT.DLL

C:\PROGRAM FILES\RISING\RAV\RAVMOND.EXE

C:\PROGRAM FILES\RISING\RAV\BWLIST.DLL
C:\WINDOWS\SYSTEM32\MFC71.DLL
C:\WINDOWS\SYSTEM32\MSVCR71.DLL
C:\WINDOWS\SYSTEM32\MSVCP71.DLL
C:\WINDOWS\SYSTEM32\KMON.DLL
C:\WINDOWS\SYSTEM32\IERTUTIL.DLL
C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.DLL
C:\PROGRAM FILES\RISING\RAV\CFGDLL.DLL
C:\PROGRAM FILES\RISING\RAV\RSLOG.DLL
C:\PROGRAM FILES\RISING\RAV\PROCCOM.DLL
C:\PROGRAM FILES\RISING\RAV\RSCOMMX2.DLL
C:\PROGRAM FILES\RISING\RAV\MONRULE.DLL
C:\PROGRAM FILES\RISING\RAV\HOOKSYS.DLL
C:\PROGRAM FILES\RISING\RAV\HOOKREG.DLL
C:\PROGRAM FILES\RISING\RAV\HOOKNTOS.DLL
C:\PROGRAM FILES\RISING\RAV\RSWALMON.DLL
C:\PROGRAM FILES\RISING\RAV\RECOMP.DLL
C:\PROGRAM FILES\RISING\RAV\REFS.DLL
C:\PROGRAM FILES\RISING\RAV\FFR.DLL
C:\PROGRAM FILES\RISING\RAV\RSSTORE.DLL
C:\PROGRAM FILES\RISING\RAV\HOOKCONT.DLL
C:\PROGRAM FILES\RISING\RAV\FAKESCAN.DLL
C:\PROGRAM FILES\RISING\RAV\SCANNER.DLL
C:\PROGRAM FILES\RISING\RAV\VIRUSLIB.DLL
C:\PROGRAM FILES\RISING\RAV\RELIBLDR.DLL
C:\PROGRAM FILES\RISING\RAV\HOOKWEB.DLL
C:\PROGRAM FILES\RISING\RAV\NVFILE.DLL
C:\PROGRAM FILES\RISING\RAV\SCANEXEC.DLL
C:\PROGRAM FILES\RISING\RAV\UNEXE.DLL
C:\PROGRAM FILES\RISING\RAV\SCANEX.DLL
C:\PROGRAM FILES\RISING\RAV\PEARC.DLL
C:\PROGRAM FILES\RISING\RAV\SCANPACK.DLL
C:\PROGRAM FILES\RISING\RAV\REVM.DLL
C:\PROGRAM FILES\RISING\RAV\URUTILS.DLL
C:\PROGRAM FILES\RISING\RAV\UR000.DAT
C:\PROGRAM FILES\RISING\RAV\SCANSCT.DLL
C:\PROGRAM FILES\RISING\RAV\EXTFILE.DLL
C:\PROGRAM FILES\RISING\RAV\EXTOLE.DLL
C:\PROGRAM FILES\RISING\RAV\EXTMAIL.DLL
C:\PROGRAM FILES\RISING\RAV\SCRIPTCI.DLL
C:\PROGRAM FILES\RISING\RAV\UR011.DAT
C:\PROGRAM FILES\RISING\RAV\UR001.DAT

D:\PROGRAM FILES\TENCENT\QQ\TXPLATFORM.EXE

C:\WINDOWS\SYSTEM32\KMON.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\COMX3.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\SYSLAY.DLL
C:\WINDOWS\SYSTEM32\IERTUTIL.DLL

C:\WINDOWS\SYSTEM32\SOL.EXE

C:\WINDOWS\SYSTEM32\KMON.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\COMX3.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\SYSLAY.DLL
C:\WINDOWS\SYSTEM32\IERTUTIL.DLL

C:\PROGRAM FILES\RISING\RAV\RAVMON.EXE

C:\WINDOWS\SYSTEM32\MFC71.DLL
C:\WINDOWS\SYSTEM32\MSVCR71.DLL
C:\WINDOWS\SYSTEM32\MSVCP71.DLL
C:\PROGRAM FILES\RISING\RAV\PROCCOM.DLL
C:\PROGRAM FILES\RISING\RAV\RSCOMMX2.DLL
C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL
C:\PROGRAM FILES\RISING\RAV\RECOMP.DLL
C:\PROGRAM FILES\RISING\RAV\REFS.DLL
C:\PROGRAM FILES\RISING\RAV\VIRUSLIB.DLL
C:\PROGRAM FILES\RISING\RAV\RELIBLDR.DLL
C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.DLL
C:\PROGRAM FILES\RISING\RAV\CFGDLL.DLL
C:\PROGRAM FILES\RISING\RAV\MONRULE.DLL
C:\PROGRAM FILES\RISING\RAV\PNGDLL.DLL
C:\PROGRAM FILES\RISING\RAV\RSGUILIB.DLL
C:\PROGRAM FILES\RISING\RAV\RSXML.DLL

C:\PROGRAM FILES\PC CONNECTIVITY SOLUTION\SERVICELAYER.EXE

C:\PROGRAM FILES\PC CONNECTIVITY SOLUTION\PCCS_DBENGINE.DLL
C:\WINDOWS\SYSTEM32\KMON.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\COMX3.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\SYSLAY.DLL
C:\WINDOWS\SYSTEM32\IERTUTIL.DLL

C:\WINDOWS\SYSTEM32\ALG.EXE

C:\WINDOWS\SYSTEM32\KMON.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\COMX3.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\SYSLAY.DLL
C:\WINDOWS\SYSTEM32\IERTUTIL.DLL

C:\PROGRAM FILES\PC CONNECTIVITY SOLUTION\TRANSPORTS\NCLUSBSRV.EXE

C:\WINDOWS\SYSTEM32\KMON.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\COMX3.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\SYSLAY.DLL
C:\WINDOWS\SYSTEM32\IERTUTIL.DLL

D:\PROGRAM FILES\TENCENT\QQMUSIC\QZONEMUSIC.EXE

C:\WINDOWS\SYSTEM32\NORMALIZ.DLL
C:\WINDOWS\SYSTEM32\IERTUTIL.DLL
C:\WINDOWS\SYSTEM32\KMON.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\COMX3.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\SYSLAY.DLL
D:\PROGRAM FILES\TENCENT\QQMUSIC\QQMUSICPLAYER.DLL
D:\PROGRAM FILES\TENCENT\QQMUSIC\QQMEDIAPLAYER.DLL
D:\PROGRAM FILES\TENCENT\QQMUSIC\MSDMO.DLL
D:\PROGRAM FILES\TENCENT\QQMUSIC\VQQSDL.DLL
D:\PROGRAM FILES\TENCENT\QQMUSIC\TNPROXY.DLL
D:\PROGRAM FILES\TENCENT\QQMUSIC\CMINTERNET.DLL
C:\WINDOWS\SYSTEM32\MSACM32.DRV
D:\PROGRAM FILES\TENCENT\QQMUSIC\QQPLAYER.DLL
D:\PROGRAM FILES\TENCENT\QQMUSIC\QQMUSICADDIN\WMADMOD.DLL

C:\PROGRAM FILES\PC CONNECTIVITY SOLUTION\TRANSPORTS\NCLRSSRV.EXE

C:\WINDOWS\SYSTEM32\KMON.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\COMX3.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\SYSLAY.DLL
C:\WINDOWS\SYSTEM32\IERTUTIL.DLL

C:\PROGRAM FILES\RISING\RAV\RAVSTUB.EXE

C:\PROGRAM FILES\RISING\RAV\PROCCOM.DLL
C:\PROGRAM FILES\RISING\RAV\RSCOMMX2.DLL
C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL

C:\PROGRAM FILES\RISING\ANTISPYWARE\KNOWNSVR.EXE

C:\PROGRAM FILES\RISING\ANTISPYWARE\NCOMM.DLL
C:\WINDOWS\SYSTEM32\NORMALIZ.DLL
C:\WINDOWS\SYSTEM32\IERTUTIL.DLL
C:\WINDOWS\SYSTEM32\KMON.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\COMX3.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\SYSLAY.DLL

D:\QQDOWNLOAD\RSDETECT.EXE

C:\WINDOWS\SYSTEM32\KMON.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\COMX3.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\SYSLAY.DLL
C:\WINDOWS\SYSTEM32\IERTUTIL.DLL

普通自启动项
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

SoundMan = SOUNDMAN.EXE
runeip = "C:\PROGRAM FILES\RISING\ANTISPYWARE\RSTRAY.EXE" /STARTUP
Microsoft Pinyin IME Migration = C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL
ASUSGamerOSD = C:\PROGRAM FILES\ASUS\GAMEROSD\GAMEROSD.EXE
amd_dc_opt = C:\PROGRAM FILES\AMD\DUAL-CORE OPTIMIZER\AMD_DC_OPT.EXE
RavTask = "C:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE" -SYSTEM
RfwMain = "C:\PROGRAM FILES\RISING\RFW\RFWMAIN.EXE" -STARTUP

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

ctfmon.exe = C:\WINDOWS\SYSTEM32\CTFMON.EXE
PC Suite Tray = "D:\PROGRAM FILES\NOKIA\NOKIA PC SUITE 7\PCSUITE.EXE" -ONLYTRAY

AppInit_DLLs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows

AppInit_DLLs = kmon.dll

系统文件关联
.exe ==> exefile = "%1" %*
.com ==> comfile = "%1" %*
.cmd ==> cmdfile = "%1" %*
.bat ==> batfile = "%1" %*
.txt ==> txtfile = C:\windows\notepad.exe %1
.scr ==> scrfile = "%1" /S
.reg ==> regfile = regedit.exe "%1"
.doc ==> Word.Document.8 = "c:\Program Files\Microsoft Office\Office12\WINWORD.EXE" /n /dde

用户系统信息：Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; QQDownload 1.7; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; InfoPath.2)

其它启动项
WIN.INI

无信息

SYSTEM.INI

SHELL = Explorer.exe
SCRNSAVE.EXE = C:\WINDOWS\system32\logon.scr

Winlogon 启动项
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify

AtiExtEvent = ATI2EVXX.DLL
crypt32chain = CRYPT32.DLL
cryptnet = CRYPTNET.DLL
cscdll = CSCDLL.DLL
dimsntfy = C:\windows\SYSTEM32\DIMSNTFY.DLL
ScCertProp = WLNOTIFY.DLL
Schedule = WLNOTIFY.DLL
sclgntfy = SCLGNTFY.DLL
SensLogn = WLNOTIFY.DLL
termsrv = WLNOTIFY.DLL
wlballoon = WLNOTIFY.DLL

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

Userinit = C:\WINDOWS\SYSTEM32\USERINIT.EXE,
shell = EXPLORER.EXE

IE - BHO
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

{00000AA9-A363-466E-BEF5-9BB68697AA7F} = D:\Program Files\Tencent\QQDownload\QQIEHelper01.dll
{00000AAA-A363-466E-BEF5-9BB68697AA7F} = C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll
{98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} = C:\WINDOWS\system32\UrlFilter.dll
{AA58ED58-01DD-4d91-8333-CF10577473F7} = c:\program files\google\googletoolbar1.dll
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} = C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
{ED6A25E8-08F5-4937-948D-3E10C4F47FAA} = C:\Program Files\Internet Explorer\Connection Wizard\TDAtOnce_Now.dll

Winsock SPI
MSAFD Tcpip [TCP/IP] = C:\windows\SYSTEM32\MSWSOCK.DLL
MSAFD Tcpip [UDP/IP] = C:\windows\SYSTEM32\MSWSOCK.DLL
MSAFD Tcpip [RAW/IP] = C:\windows\SYSTEM32\MSWSOCK.DLL
RSVP UDP Service Provider = C:\windows\SYSTEM32\RSVPSP.DLL
RSVP TCP Service Provider = C:\windows\SYSTEM32\RSVPSP.DLL
MSAFD Tcpip [TCP/IPv6] = C:\windows\SYSTEM32\MSWSOCK.DLL
MSAFD Tcpip [UDP/IPv6] = C:\windows\SYSTEM32\MSWSOCK.DLL
MSAFD Tcpip [RAW/IPv6] = C:\windows\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip6_{D5AE84F7-A62F-49C8-8E37-CAB0F9C9815A}] SEQPACKET 6 = C:\windows\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip6_{D5AE84F7-A62F-49C8-8E37-CAB0F9C9815A}] DATAGRAM 6 = C:\windows\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip6_{C3FD7772-F890-4B4F-A9A4-977C740EE1DE}] SEQPACKET 7 = C:\windows\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip6_{C3FD7772-F890-4B4F-A9A4-977C740EE1DE}] DATAGRAM 7 = C:\windows\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip6_{9D506019-6E7A-493F-9889-EDC1437C93DA}] SEQPACKET 8 = C:\windows\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip6_{9D506019-6E7A-493F-9889-EDC1437C93DA}] DATAGRAM 8 = C:\windows\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{D5AE84F7-A62F-49C8-8E37-CAB0F9C9815A}] SEQPACKET 0 = C:\windows\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{D5AE84F7-A62F-49C8-8E37-CAB0F9C9815A}] DATAGRAM 0 = C:\windows\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{C3FD7772-F890-4B4F-A9A4-977C740EE1DE}] SEQPACKET 1 = C:\windows\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{C3FD7772-F890-4B4F-A9A4-977C740EE1DE}] DATAGRAM 1 = C:\windows\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{1986253B-FE12-4C79-8DB9-D6B986B93069}] SEQPACKET 2 = C:\windows\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{1986253B-FE12-4C79-8DB9-D6B986B93069}] DATAGRAM 2 = C:\windows\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{42BE53EE-5FE8-43F5-8B21-883D237E1A5C}] SEQPACKET 3 = C:\windows\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{42BE53EE-5FE8-43F5-8B21-883D237E1A5C}] DATAGRAM 3 = C:\windows\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{DAC2689E-B061-4C47-8871-5F400DC65E69}] SEQPACKET 4 = C:\windows\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{DAC2689E-B061-4C47-8871-5F400DC65E69}] DATAGRAM 4 = C:\windows\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{8AB30B49-C28C-41F3-B191-D3280479E0B7}] SEQPACKET 5 = C:\windows\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{8AB30B49-C28C-41F3-B191-D3280479E0B7}] DATAGRAM 5 = C:\windows\SYSTEM32\MSWSOCK.DLL
系统服务项
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services

6to4 = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS
Alerter = C:\windows\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE
ALG = C:\windows\SYSTEM32\ALG.EXE
AppMgmt = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS
Ati HotKey Poller = C:\windows\SYSTEM32\ATI2EVXX.EXE
ATKKeyboardService = C:\WINDOWS\ATKKBSERVICE.EXE
AudioSrv = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS
BITS = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS
Browser = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS
ccosm = C:\PROGRAM FILES\STORMII\STORMLIV.EXE /ASSERVICE
CiSvc = C:\windows\SYSTEM32\CISVC.EXE
ClipSrv = C:\windows\SYSTEM32\CLIPSRV.EXE
COMSysApp = C:\WINDOWS\SYSTEM32\DLLHOST.EXE /PROCESSID:{02D4B3F1-FD88-11D1-960D-00805FC79235}
CryptSvc = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS
DcomLaunch = C:\windows\SYSTEM32\SVCHOST -K DCOMLAUNCH
Dhcp = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS
dmadmin = C:\windows\SYSTEM32\DMADMIN.EXE /COM
dmserver = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS
Dnscache = C:\windows\SYSTEM32\SVCHOST.EXE -K NETWORKSERVICE
Dot3svc = C:\windows\SYSTEM32\SVCHOST.EXE -K DOT3SVC
EapHost = C:\windows\SYSTEM32\SVCHOST.EXE -K EAPSVCS
ERSvc = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS
Eventlog = C:\windows\SYSTEM32\SERVICES.EXE
EventSystem = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
FastUserSwitchingCompatibility = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS
gusvc = "C:\PROGRAM FILES\GOOGLE\COMMON\GOOGLE UPDATER\GOOGLEUPDATERSERVICE.EXE"
helpsvc = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS
HidServ = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS
hkmsvc = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS
HTTPFilter = C:\windows\SYSTEM32\SVCHOST.EXE -K HTTPFILTER
IDriverT = "C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\DRIVER\11\INTEL 32\IDRIVERT.EXE"
ImapiService = C:\WINDOWS\SYSTEM32\IMAPI.EXE
lanmanserver = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS
lanmanworkstation = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS
LmHosts = C:\windows\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE
Messenger = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS
mnmsrvc = C:\WINDOWS\SYSTEM32\MNMSRVC.EXE
MSDTC = C:\WINDOWS\SYSTEM32\MSDTC.EXE
MSIServer = C:\WINDOWS\SYSTEM32\MSIEXEC.EXE /V
napagent = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS
NetDDE = C:\windows\SYSTEM32\NETDDE.EXE
NetDDEdsdm = C:\windows\SYSTEM32\NETDDE.EXE
Netlogon = C:\windows\SYSTEM32\LSASS.EXE
Netman = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS
Nla = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS
NtLmSsp = C:\windows\SYSTEM32\LSASS.EXE
NtmsSvc = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS
odserv = "C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\OFFICE12\ODSERV.EXE"
ose = "C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\SOURCE ENGINE\OSE.EXE"
p2pgasvc = C:\windows\SYSTEM32\SVCHOST.EXE -K P2PSVC
p2pimsvc = C:\windows\SYSTEM32\SVCHOST.EXE -K P2PSVC
p2psvc = C:\windows\SYSTEM32\SVCHOST.EXE -K P2PSVC
PlugPlay = C:\windows\SYSTEM32\SERVICES.EXE
PNRPSvc = C:\windows\SYSTEM32\SVCHOST.EXE -K P2PSVC
PolicyAgent = C:\windows\SYSTEM32\LSASS.EXE
ProtectedStorage = C:\windows\SYSTEM32\LSASS.EXE
RasAuto = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS
RasMan = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS
RDSessMgr = C:\WINDOWS\SYSTEM32\SESSMGR.EXE
RemoteAccess = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS
RemoteRegistry = C:\windows\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE
RfwProxySrv = C:\PROGRAM FILES\RISING\RFW\RFWPROXY.EXE
RfwService = C:\PROGRAM FILES\RISING\RFW\RFWSRV.EXE
RisCCenter = C:\PROGRAM FILES\RISING\RIS\CCENTER.EXE
RisTask = "C:\PROGRAM FILES\RISING\RIS\RAVTASK.EXE" RISTASK
RpcLocator = C:\windows\SYSTEM32\LOCATOR.EXE
RpcSs = C:\windows\SYSTEM32\SVCHOST -K RPCSS
RsCCenter = "C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE"
RsRavMon = "C:\PROGRAM FILES\RISING\RAV\RAVMOND.EXE"
RsScanSrv = C:\PROGRAM FILES\RISING\RIS\SCANFRM.EXE
RSVP = C:\windows\SYSTEM32\RSVP.EXE
SamSs = C:\windows\SYSTEM32\LSASS.EXE
SCardSvr = C:\windows\SYSTEM32\SCARDSVR.EXE
Schedule = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS
seclogon = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS
SENS = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS
ServiceLayer = "C:\PROGRAM FILES\PC CONNECTIVITY SOLUTION\SERVICELAYER.EXE"
SharedAccess = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS
ShellHWDetection = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS
SimpTcp = C:\windows\SYSTEM32\TCPSVCS.EXE
Spooler = C:\windows\SYSTEM32\SPOOLSV.EXE
srservice = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS
SSDPSRV = C:\windows\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE
stisvc = C:\windows\SYSTEM32\SVCHOST.EXE -K IMGSVC
SwPrv = C:\WINDOWS\SYSTEM32\DLLHOST.EXE /PROCESSID:{A7AC933B-67B0-434C-8261-BCF3A8B63C30}
SysmonLog = C:\windows\SYSTEM32\SMLOGSVC.EXE
TapiSrv = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS
TermService = C:\windows\SYSTEM32\SVCHOST -K DCOMLAUNCH
Themes = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS
TlntSvr = C:\WINDOWS\SYSTEM32\TLNTSVR.EXE
TrkWks = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS
upnphost = C:\windows\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE
UPS = C:\windows\SYSTEM32\UPS.EXE
VSS = C:\windows\SYSTEM32\VSSVC.EXE
W32Time = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS
WebClient = C:\windows\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE
winmgmt = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS
WmdmPmSN = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS
Wmi = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS
WmiApSrv = C:\WINDOWS\SYSTEM32\WBEM\WMIAPSRV.EXE
wscsvc = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS
wuauserv = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS
WZCSVC = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS
xmlprov = C:\windows\SYSTEM32\SVCHOST.EXE -K NETSVCS

文件驱动
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services

FltMgr = C:\windows\SYSTEM32\DRIVERS\FLTMGR.SYS
MRxDAV = C:\windows\SYSTEM32\DRIVERS\MRXDAV.SYS
MRxSmb = C:\windows\SYSTEM32\DRIVERS\MRXSMB.SYS
NetBIOS = C:\windows\SYSTEM32\DRIVERS\NETBIOS.SYS
Rdbss = C:\windows\SYSTEM32\DRIVERS\RDBSS.SYS
sr = C:\windows\SYSTEM32\DRIVERS\SR.SYS
Srv = C:\windows\SYSTEM32\DRIVERS\SRV.SYS

系统驱动项
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services

ACPI = C:\windows\SYSTEM32\DRIVERS\ACPI.SYS
aec = C:\windows\SYSTEM32\DRIVERS\AEC.SYS
AFD = C:\windows\SYSTEM32\DRIVERS\AFD.SYS
ALCXWDM = C:\windows\SYSTEM32\DRIVERS\ALCXWDM.SYS
AmdK8 = C:\windows\SYSTEM32\DRIVERS\AMDK8.SYS
AmdLLD = C:\windows\SYSTEM32\DRIVERS\AMDLLD.SYS
asusgsb = C:\windows\SYSTEM32\DRIVERS\ASUSGSB.SYS
asuskbnt = C:\windows\SYSTEM32\DRIVERS\ATKKBNT.SYS
ASUSVRC = C:\windows\SYSTEM32\DRIVERS\ASUSVRC.SYS
AsyncMac = C:\windows\SYSTEM32\DRIVERS\ASYNCMAC.SYS
atapi = C:\windows\SYSTEM32\DRIVERS\ATAPI.SYS
ati2mtag = C:\windows\SYSTEM32\DRIVERS\ATI2MTAG.SYS
Atmarpc = C:\windows\SYSTEM32\DRIVERS\ATMARPC.SYS
audstub = C:\windows\SYSTEM32\DRIVERS\AUDSTUB.SYS
CCDECODE = C:\windows\SYSTEM32\DRIVERS\CCDECODE.SYS
Cdrom = C:\windows\SYSTEM32\DRIVERS\CDROM.SYS
Disk = C:\windows\SYSTEM32\DRIVERS\DISK.SYS
dmboot = C:\windows\SYSTEM32\DRIVERS\DMBOOT.SYS
dmio = C:\windows\SYSTEM32\DRIVERS\DMIO.SYS
dmload = C:\windows\SYSTEM32\DRIVERS\DMLOAD.SYS
DMusic = C:\windows\SYSTEM32\DRIVERS\DMUSIC.SYS
drmkaud = C:\windows\SYSTEM32\DRIVERS\DRMKAUD.SYS
FsVga = C:\windows\SYSTEM32\DRIVERS\FSVGA.SYS
Ftdisk = C:\windows\SYSTEM32\DRIVERS\FTDISK.SYS
gagp30kx = C:\windows\SYSTEM32\DRIVERS\GAGP30KX.SYS
Gpc = C:\windows\SYSTEM32\DRIVERS\MSGPC.SYS
HDAudBus = C:\windows\SYSTEM32\DRIVERS\HDAUDBUS.SYS
hookcont = C:\windows\SYSTEM32\DRIVERS\HOOKCONT.SYS
HookNtos = C:\windows\SYSTEM32\DRIVERS\HOOKNTOS.SYS
HookReg = C:\windows\SYSTEM32\DRIVERS\HOOKREG.SYS
hooksys = C:\windows\SYSTEM32\DRIVERS\HOOKSYS.SYS
HookUrl = C:\PROGRAM FILES\RISING\RFW\HOOKURL.SYS
HTTP = C:\windows\SYSTEM32\DRIVERS\HTTP.SYS
i8042prt = C:\windows\SYSTEM32\DRIVERS\I8042PRT.SYS
Imapi = C:\windows\SYSTEM32\DRIVERS\IMAPI.SYS
Ip6Fw = C:\windows\SYSTEM32\DRIVERS\IP6FW.SYS
IpFilterDriver = C:\windows\SYSTEM32\DRIVERS\IPFLTDRV.SYS
IpInIp = C:\windows\SYSTEM32\DRIVERS\IPINIP.SYS
IpNat = C:\windows\SYSTEM32\DRIVERS\IPNAT.SYS
IPSec = C:\windows\SYSTEM32\DRIVERS\IPSEC.SYS
IRENUM = C:\windows\SYSTEM32\DRIVERS\IRENUM.SYS
isapnp = C:\windows\SYSTEM32\DRIVERS\ISAPNP.SYS
Kbdclass = C:\windows\SYSTEM32\DRIVERS\KBDCLASS.SYS
kmixer = C:\windows\SYSTEM32\DRIVERS\KMIXER.SYS
Mouclass = C:\windows\SYSTEM32\DRIVERS\MOUCLASS.SYS
MSKSSRV = C:\windows\SYSTEM32\DRIVERS\MSKSSRV.SYS
MSPCLOCK = C:\windows\SYSTEM32\DRIVERS\MSPCLOCK.SYS
MSPQM = C:\windows\SYSTEM32\DRIVERS\MSPQM.SYS
mssmbios = C:\windows\SYSTEM32\DRIVERS\MSSMBIOS.SYS
MSTEE = C:\windows\SYSTEM32\DRIVERS\MSTEE.SYS
NABTSFEC = C:\windows\SYSTEM32\DRIVERS\NABTSFEC.SYS
NdisIP = C:\windows\SYSTEM32\DRIVERS\NDISIP.SYS
NdisTapi = C:\windows\SYSTEM32\DRIVERS\NDISTAPI.SYS
Ndisuio = C:\windows\SYSTEM32\DRIVERS\NDISUIO.SYS
NdisWan = C:\windows\SYSTEM32\DRIVERS\NDISWAN.SYS
NetBT = C:\windows\SYSTEM32\DRIVERS\NETBT.SYS
nmwcd = C:\windows\SYSTEM32\DRIVERS\CCDCMB.SYS
nmwcdc = C:\windows\SYSTEM32\DRIVERS\CCDCMBO.SYS
NwlnkFlt = C:\windows\SYSTEM32\DRIVERS\NWLNKFLT.SYS
NwlnkFwd = C:\windows\SYSTEM32\DRIVERS\NWLNKFWD.SYS
Parport = C:\windows\SYSTEM32\DRIVERS\PARPORT.SYS
pccsmcfd = C:\windows\SYSTEM32\DRIVERS\PCCSMCFD.SYS
PCI = C:\windows\SYSTEM32\DRIVERS\PCI.SYS
PCIIde = C:\windows\SYSTEM32\DRIVERS\PCIIDE.SYS
PptpMiniport = C:\windows\SYSTEM32\DRIVERS\RASPPTP.SYS
Processor = C:\windows\SYSTEM32\DRIVERS\PROCESSR.SYS
PSched = C:\windows\SYSTEM32\DRIVERS\PSCHED.SYS
Ptilink = C:\windows\SYSTEM32\DRIVERS\PTILINK.SYS
RamDiskXP = C:\windows\SYSTEM32\DRIVERS\RAMDISKXP.SYS
RasAcd = C:\windows\SYSTEM32\DRIVERS\RASACD.SYS
Rasl2tp = C:\windows\SYSTEM32\DRIVERS\RASL2TP.SYS
RasPppoe = C:\windows\SYSTEM32\DRIVERS\RASPPPOE.SYS
Raspti = C:\windows\SYSTEM32\DRIVERS\RASPTI.SYS
RDPCDD = C:\windows\SYSTEM32\DRIVERS\RDPCDD.SYS
rdpdr = C:\windows\SYSTEM32\DRIVERS\RDPDR.SYS
redbook = C:\windows\SYSTEM32\DRIVERS\REDBOOK.SYS
RfwBase = C:\windows\SYSTEM32\DRIVERS\RFWBASE.SYS
RfwBase9 = C:\windows\SYSTEM32\DRIVERS\RFWBASE.SYS
rfwtdi = C:\PROGRAM FILES\RISING\RIS\RFWTDI.SYS
RRamdisk = C:\windows\SYSTEM32\DRIVERS\RRAMDISK.SYS
RsFwDrv = C:\PROGRAM FILES\RISING\RFW\RSFWDRV.SYS
RsNTGDI = C:\windows\SYSTEM32\DRIVERS\RSNTGDI.SYS
RTHDMIAzAudService = C:\windows\SYSTEM32\DRIVERS\RTHDMI.SYS
RTL8023xp = C:\windows\SYSTEM32\DRIVERS\RTNICXP.SYS
rtl8139 = C:\windows\SYSTEM32\DRIVERS\RTL8139.SYS
S3GIGP = C:\windows\SYSTEM32\DRIVERS\S3GIGPM.SYS
ScsiPort = C:\windows\SYSTEM32\DRIVERS\SCSIPORT.SYS
Secdrv = C:\windows\SYSTEM32\DRIVERS\SECDRV.SYS
serenum = C:\windows\SYSTEM32\DRIVERS\SERENUM.SYS
Serial = C:\windows\SYSTEM32\DRIVERS\SERIAL.SYS
SLIP = C:\windows\SYSTEM32\DRIVERS\SLIP.SYS
splitter = C:\windows\SYSTEM32\DRIVERS\SPLITTER.SYS
streamip = C:\windows\SYSTEM32\DRIVERS\STREAMIP.SYS
swenum = C:\windows\SYSTEM32\DRIVERS\SWENUM.SYS
swmidi = C:\windows\SYSTEM32\DRIVERS\SWMIDI.SYS
sysaudio = C:\windows\SYSTEM32\DRIVERS\SYSAUDIO.SYS
Tcpip = C:\windows\SYSTEM32\DRIVERS\TCPIP.SYS
Tcpip6 = C:\windows\SYSTEM32\DRIVERS\TCPIP6.SYS
TermDD = C:\windows\SYSTEM32\DRIVERS\TERMDD.SYS
TesDrvPt = C:\WINDOWS\SYSTEM32\TESDRVPT.SYS
TesSafe = C:\WINDOWS\SYSTEM32\TESSAFE.SYS
tunmp = C:\windows\SYSTEM32\DRIVERS\TUNMP.SYS
Update = C:\windows\SYSTEM32\DRIVERS\UPDATE.SYS
upperdev = C:\windows\SYSTEM32\DRIVERS\USBSER_LOWERFLT.SYS
usbccgp = C:\windows\SYSTEM32\DRIVERS\USBCCGP.SYS
usbehci = C:\windows\SYSTEM32\DRIVERS\USBEHCI.SYS
usbhub = C:\windows\SYSTEM32\DRIVERS\USBHUB.SYS
usbser = C:\windows\SYSTEM32\DRIVERS\USBSER.SYS
UsbserFilt = C:\windows\SYSTEM32\DRIVERS\USBSER_LOWERFLTJ.SYS
USBSTOR = C:\windows\SYSTEM32\DRIVERS\USBSTOR.SYS
usbuhci = C:\windows\SYSTEM32\DRIVERS\USBUHCI.SYS
usbvideo = C:\windows\SYSTEM32\DRIVERS\USBVIDEO.SYS
VgaSave = C:\windows\SYSTEM32\DRIVERS\VGA.SYS
viaagp1 = C:\windows\SYSTEM32\DRIVERS\VIAAGP1.SYS
ViaIde = C:\windows\SYSTEM32\DRIVERS\VIAIDE.SYS
Video3D = C:\windows\SYSTEM32\DRIVERS\VIDEO3D32.SYS
videX32 = C:\windows\SYSTEM32\DRIVERS\VIDEX32.SYS
Wanarp = C:\windows\SYSTEM32\DRIVERS\WANARP.SYS
Wdf01000 = C:\windows\SYSTEM32\DRIVERS\WDF01000.SYS
wdmaud = C:\windows\SYSTEM32\DRIVERS\WDMAUD.SYS
WSTCODEC = C:\windows\SYSTEM32\DRIVERS\WSTCODEC.SYS

安装了双系统，在vista下正常的

呵呵，修复不管用的，换2009就好了

晕死，xp下可以了vista安装重启就变成删除