【求助】中最新的灰鸽子变种 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛【求助】中最新的灰鸽子变种

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

【求助】中最新的灰鸽子变种

百里冰璃初生襁褓狮帖子:12 注册: 2006-08-14 来自:	发表于： 2006-08-14 09:57 \| 显示全部短消息资料字号：小中大 1楼【求助】中最新的灰鸽子变种中最新的灰鸽子变种！杀毒软件被强行关闭！实时监控也被关闭！欢迎界面的杀毒按钮也被关闭！用最新版瑞星在安全模式下杀毒能查到backdoor.Gpigeon但杀不掉！浏览器不时的自动关闭！病毒的地址在IE浏览器文件夹里！哪位大虾救救我的电脑啊？ 2006-08-14 13:04:23
百里冰璃初生襁褓狮帖子:12 注册: 2006-08-14 来自:	分享到：

百里冰璃初生襁褓狮帖子:12 注册: 2006-08-14 来自:	发表于： 2006-08-14 12:04 \| 显示全部短消息资料字号：小中大 2楼这个是HijackThis的日志： HijackThis_815汉化版扫描日志 V1.99.1 保存于 11:51:20, 日期 2006-8-14 操作系统： Windows XP SP2 (WinNT 5.01.2600) 浏览器： Internet Explorer v6.00 SP2 (6.00.2900.2180) 当前运行的进程： D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\csrss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\system32\spoolsv.exe D:\WINDOWS\Explorer.EXE D:\WINDOWS\system32\UpdateService.exe D:\Program Files\Internet Explorer\IEXPLORE.EXE D:\Program Files\Common Files\Real\Update_OB\realsched.exe D:\WINDOWS\system32\SVOHOST.exe D:\WINDOWS\system32\ctfmon.exe D:\WINDOWS\system32\conime.exe D:\Program Files\Internet Explorer\IEXPLORE.EXE H:\Downloads\新建文件夹 (2)\RsDetect.exe D:\Program Files\Internet Explorer\IEXPLORE.EXE D:\Program Files\HelloNet\HNMainUI.exe E:\Tencent\QQ\QQ.exe E:\Tencent\QQ\TMDlls\TIMPlatform.exe D:\WINDOWS\system32\winmer.exe D:\Program Files\Internet Explorer\IEXPLORE.EXE H:\download\心然\Hijackthis1991zww\HijackThis1991zww.exe O2 - BHO: WebThunderBHO - {00000AAA-A363-466E-BEF5-9BB68697AA7F} - e:\Program Files\Thunder Network\WebThunder\WebThunderBHO_011.dll O2 - BHO: MonitorURL Class - {08A312BB-5409-49FC-9347-54BB7D069AC6} - D:\PROGRA~1\DESKAD~1\deskipn.dll (file missing) O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - e:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - 启动项HKLM\\Run: [PHIME2002ASync] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - 启动项HKLM\\Run: [PHIME2002A] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - 启动项HKLM\\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - 启动项HKLM\\Run: [IMSCMIG40W] D:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40W\IMSCMIG.EXE /SetPreload /Log O4 - 启动项HKLM\\Run: [SoundMam] D:\WINDOWS\system32\SVOHOST.exe O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe O4 - Startup: ADSL拨号王.lnk = D:\Program Files\HelloNet\HelloNet.exe O8 - IE右键菜单中的新增项目: &使用迅雷下载 - e:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm O8 - IE右键菜单中的新增项目: &使用迅雷下载全部链接 - e:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm O8 - IE右键菜单中的新增项目: 使用Web迅雷下载 - e:\Program Files\Thunder Network\WebThunder\GetUrl.htm O8 - IE右键菜单中的新增项目: 使用Web迅雷下载全部链接 - e:\Program Files\Thunder Network\WebThunder\GetAllUrl.htm O8 - IE右键菜单中的新增项目: 导出到 Microsoft Office Excel(&X) - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - 浏览器额外的按钮: 启动Web迅雷 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - http://my.xunlei.com (file missing) O9 - 浏览器额外的“工具”菜单项: 启动Web迅雷 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - http://my.xunlei.com (file missing) O9 - 浏览器额外的按钮: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O9 - 浏览器额外的“工具”菜单项: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O10 - 未知的文件在 Winsock LSP: d:\windows\system32\quartz32.dll O10 - 未知的文件在 Winsock LSP: d:\windows\system32\quartz32.dll O14 - IERESET.INF: START_PAGE_URL=about:blank O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://cbscdjbb.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {A96C48EA-AA88-4BBD-B58C-7B41146A6EAC} (PhotoUploadCtrl Control) - http://qz-photo.qq.com/qzone3/QzoneMediaTools.cab O16 - DPF: {F138084D-84D7-48CD-BEA8-04772457516E} (VqqSpeedDlProxy Class) - http://59.36.97.38/jsxz/vqqsdl1009.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{9275D930-D188-4270-8775-15DA1FFE9EC1}: NameServer = 202.102.200.101 202.102.192.68 O18 - 列举现有的协议: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - 列举现有的协议: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll O23 - NT 服务: Macromedia Licensing Service - Unknown owner - D:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - NT 服务: Network Logon (NetWorkLogon) - Unknown owner - rundll32.exe (file missing) O23 - NT 服务: Univeral Service - Unknown owner - D:\WINDOWS\cftmon.exe O23 - NT 服务: UpdateService - Unknown owner - D:\WINDOWS\system32\UpdateService.exe
百里冰璃初生襁褓狮帖子:12 注册: 2006-08-14 来自:

百里冰璃初生襁褓狮帖子:12 注册: 2006-08-14 来自:	发表于： 2006-08-14 12:07 \| 显示全部短消息资料字号：小中大 3楼这是瑞星在安全模式下的报告瑞星病毒查杀结果报告提交者：Rav 系统版本：Microsoft Windows XP Professional 补丁版本：Service Pack 2 Build 2600 IE版本：6.0.2900.2180 IP地址：127.0.0.1 本次扫描文件数： 114449 个本次扫描时间：2445 秒发现病毒种类： 1 种查杀病毒种类： 1 种未清除病毒种类列表：发现病毒种类列表：病毒： Trojan.PSW.LMir.atc 次数： 2
百里冰璃初生襁褓狮帖子:12 注册: 2006-08-14 来自:

百里冰璃初生襁褓狮帖子:12 注册: 2006-08-14 来自:	发表于： 2006-08-14 13:01 \| 显示全部短消息资料字号：小中大 4楼这是瑞星听诊器的日志未知家族病毒分析扫描结果: D:\Program Files\Internet Explorer\IEXPLORE.EXE --> 与 Backdoor.Gpigeon 61%相似. D:\WINDOWS\system32\SVOHOST.exe --> 与 Trojan.PSW.QQPass 53%相似. D:\WINDOWS\system32\winscok.dll --> 与 Trojan.PSW.QQPass 46%相似. 系统活动进程 D:\PROGRAM FILES\RISING\RFW\RFWMAIN.EXE D:\PROGRAM FILES\RISING\RFW\RSGUILIB.DLL D:\WINDOWS\SYSTEM32\KB896425.LOG D:\PROGRAM FILES\RISING\RFW\RSCOMMON.DLL D:\PROGRAM FILES\RISING\RFW\PNGDLL.DLL D:\WINDOWS\SYSTEM32\WINSCOK.DLL D:\WINDOWS\SYSTEM32\UPDATESERVICE.EXE D:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE D:\WINDOWS\SYSTEM32\QUARTZ32.DLL D:\WINDOWS\SYSTEM32\SMSS.EXE D:\WINDOWS\SYSTEM32\CSRSS.EXE D:\WINDOWS\SYSTEM32\WINLOGON.EXE D:\WINDOWS\SYSTEM32\MSACM32.DRV D:\WINDOWS\SYSTEM32\SERVICES.EXE D:\WINDOWS\SYSTEM32\UPDATEMODULE.DLL D:\WINDOWS\SYSTEM32\QUARTZ32.DLL D:\WINDOWS\SYSTEM32\LSASS.EXE D:\WINDOWS\SYSTEM32\SVCHOST.EXE D:\WINDOWS\SYSTEM32\SVCHOST.EXE D:\WINDOWS\SYSTEM32\QUARTZ32.DLL D:\WINDOWS\SYSTEM32\CONIME.EXE D:\WINDOWS\SYSTEM32\WINSCOK.DLL D:\WINDOWS\SYSTEM32\KB896425.LOG D:\WINDOWS\SYSTEM32\SVCHOST.EXE D:\WINDOWS\SYSTEM32\QUARTZ32.DLL D:\WINDOWS\SYSTEM32\SVCHOST.EXE D:\WINDOWS\SYSTEM32\SVCHOST.EXE D:\PROGRAM FILES\HELLONET\HNMAINUI.EXE D:\PROGRAM FILES\HELLONET\HNKERNEL.DLL D:\PROGRAM FILES\HELLONET\HNUTILS.DLL D:\WINDOWS\SYSTEM32\WINSCOK.DLL D:\WINDOWS\SYSTEM32\KB896425.LOG D:\PROGRAM FILES\HELLONET\HNRES_0804.DLL D:\PROGRAM FILES\HELLONET\PLUGINS\DIAGNOSE.DLL D:\PROGRAM FILES\RISING\RFW\RFWSRV.EXE D:\PROGRAM FILES\RISING\RFW\RFWRULE.DLL D:\PROGRAM FILES\RISING\RFW\RFWLOG.DLL D:\PROGRAM FILES\RISING\RFW\RFWDRV.DLL D:\PROGRAM FILES\RISING\RFW\PSAPI.DLL D:\PROGRAM FILES\RISING\RFW\MONDRV.DLL D:\PROGRAM FILES\RISING\RFW\PROCLIB.DLL D:\PROGRAM FILES\RISING\RFW\MPORTS.DLL D:\WINDOWS\EXPLORER.EXE D:\WINDOWS\SYSTEM32\WINSCOK.DLL D:\WINDOWS\SYSTEM32\KB896425.LOG D:\WINDOWS\SYSTEM32\WPDSHSERVICEOBJ.DLL D:\WINDOWS\SYSTEM32\PORTABLEDEVICETYPES.DLL D:\WINDOWS\SYSTEM32\PORTABLEDEVICEAPI.DLL D:\WINDOWS\SYSTEM32\MSACM32.DRV D:\WINDOWS\SYSTEM32\SPOOLSV.EXE D:\WINDOWS\SYSTEM32\MDIMON.DLL D:\WINDOWS\SYSTEM32\SPOOL\PRTPROCS\W32X86\MDIPPR.DLL D:\WINDOWS\SYSTEM32\SPOOL\PRTPROCS\W32X86\VPRPROC.DLL D:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE D:\WINDOWS\SYSTEM32\KB896425.LOG D:\WINDOWS\SYSTEM32\WINSCOK.DLL D:\WINDOWS\SYSTEM32\SVOHOST.EXE D:\WINDOWS\SYSTEM32\WINSCOK.DLL D:\WINDOWS\SYSTEM32\KB896425.LOG D:\WINDOWS\SYSTEM32\CTFMON.EXE D:\WINDOWS\SYSTEM32\WINSCOK.DLL D:\WINDOWS\SYSTEM32\KB896425.LOG E:\PROGRAM FILES\MAXTHON\MAXTHON.EXE E:\PROGRAM FILES\MAXTHON\MAXZLIB.DLL D:\WINDOWS\SYSTEM32\KB896425.LOG D:\WINDOWS\SYSTEM32\WINSCOK.DLL D:\WINDOWS\SYSTEM32\ODBCBCP.DLL D:\WINDOWS\SYSTEM32\MSCOREE.DLL D:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V1.1.4322\CORPERFMONEXT.DLL D:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V1.1.4322\MSVCR71.DLL E:\PROGRAM FILES\MAXTHON\SERVICES\REALTIME\REAL_TIME.DLL D:\PROGRAM FILES\RISING\RAV\RAVSCRCH.DLL D:\WINDOWS\SYSTEM32\QUARTZ32.DLL D:\WINDOWS\SYSTEM32\MSACM32.DRV D:\WINDOWS\SYSTEM32\UNISPIM5.IME D:\WINDOWS\SYSTEM32\MACROMED\FLASH\FLASH9.OCX D:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V1.1.4322\MSCORIE.DLL D:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V1.1.4322\MSCORLD.DLL D:\WINDOWS\SYSTEM32\ALG.EXE D:\WINDOWS\SYSTEM32\QUARTZ32.DLL E:\PROGRAM FILES\THUNDER NETWORK\THUNDER\PROGRAM\THUNDER5.EXE E:\PROGRAM FILES\THUNDER NETWORK\THUNDER\PROGRAM\UPDATEDOWNLOAD.DLL E:\PROGRAM FILES\THUNDER NETWORK\THUNDER\PROGRAM\DOWNLOAD_INTERFACE.DLL E:\PROGRAM FILES\THUNDER NETWORK\THUNDER\PROGRAM\LOG4CPLUS.DLL E:\PROGRAM FILES\THUNDER NETWORK\THUNDER\PROGRAM\STLPORT_VC646.DLL E:\PROGRAM FILES\THUNDER NETWORK\THUNDER\PROGRAM\ASYN_DNS.DLL E:\PROGRAM FILES\THUNDER NETWORK\THUNDER\PROGRAM\MSGMANAGE.DLL E:\PROGRAM FILES\THUNDER NETWORK\THUNDER\PROGRAM\HISTORYINFO_MANAGE.DLL D:\WINDOWS\SYSTEM32\KB896425.LOG D:\WINDOWS\SYSTEM32\WINSCOK.DLL E:\PROGRAM FILES\THUNDER NETWORK\THUNDER\PROGRAM\REGISTERDLL.DLL E:\PROGRAM FILES\THUNDER NETWORK\THUNDER\PROGRAM\FLOATBAR.DLL D:\WINDOWS\SYSTEM32\QUARTZ32.DLL E:\PROGRAM FILES\THUNDER NETWORK\THUNDER\COMPONENTS\INMEDIA\IEMBEDSHELL.DLL E:\PROGRAM FILES\THUNDER NETWORK\WEBTHUNDER\IEMBED03.DLL E:\PROGRAM FILES\THUNDER NETWORK\THUNDER\COMPONENTS\P4PCLIENT\P4PCLIENT.DLL D:\WINDOWS\SYSTEM32\RAVEXT.DLL E:\PROGRAM FILES\THUNDER NETWORK\THUNDER\PROGRAM\ITARGETAD.DLL D:\PROGRAM FILES\RISING\RAV\RAVSCRCH.DLL D:\WINDOWS\SYSTEM32\MACROMED\FLASH\FLASH9.OCX D:\WINDOWS\SYSTEM32\MSACM32.DRV H:\DOWNLOADS\新建文件夹 (2)\RSDETECT.EXE D:\WINDOWS\SYSTEM32\KB896425.LOG D:\WINDOWS\SYSTEM32\WINSCOK.DLL 普通自启动项 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run IMJPMIG8.1 = "D:\WINDOWS\IME\IMJP8_1\IMJPMIG.EXE" /SPOIL /REMADVDEF /MIGRATION32 PHIME2002ASync = D:\WINDOWS\SYSTEM32\IME\TINTLGNT\TINTSETP.EXE /SYNC PHIME2002A = D:\WINDOWS\SYSTEM32\IME\TINTLGNT\TINTSETP.EXE /IMENAME RfwMain = "D:\PROGRAM FILES\RISING\RFW\RFWMAIN.EXE" -STARTUP TkBellExe = "D:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE" -OSBOOT IMSCMIG40W = D:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40W\IMSCMIG.EXE /SETPRELOAD /LOG SoundMam = D:\WINDOWS\SYSTEM32\SVOHOST.EXE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run CheckFaultKernel = D:\WINDOWS\SYSTEM32\MSWDM.EXE KernelFaultCheck = D:\WINDOWS\SYSTEM32\WDM.EXE HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ctfmon.exe = D:\WINDOWS\SYSTEM32\CTFMON.EXE Xplus_spy = "E:\PROGRAM FILES\XPLUS\XVCCLIP.EXE" /MIN AppInit_DLLs HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows AppInit_DLLs = 系统文件关联 .exe ==> exefile = "%1" %* .com ==> comfile = "%1" %* .cmd ==> cmdfile = "%1" %* .bat ==> batfile = "%1" %* .txt ==> txtfile = %SystemRoot%\system32\NOTEPAD.EXE %1 .scr ==> scrfile = "%1" /S .reg ==> regfile = regedit.exe "%1" .doc ==> Word.Document.8 = "D:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /n /dde 其它启动项 D:\Autorun.inf AUTORUN = sxs.exe E:\Autorun.inf AUTORUN = sxs.exe F:\Autorun.inf AUTORUN = sxs.exe G:\Autorun.inf AUTORUN = sxs.exe H:\Autorun.inf AUTORUN = sxs.exe WIN.INI 无信息 SYSTEM.INI SHELL = Explorer.exe
百里冰璃初生襁褓狮帖子:12 注册: 2006-08-14 来自:

百里冰璃初生襁褓狮帖子:12 注册: 2006-08-14 来自:	发表于： 2006-08-14 13:04 \| 显示全部短消息资料字号：小中大 5楼接楼上 Winlogon 启动项 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify crypt32chain = CRYPT32.DLL cryptnet = CRYPTNET.DLL cscdll = CSCDLL.DLL ScCertProp = WLNOTIFY.DLL Schedule = WLNOTIFY.DLL sclgntfy = SCLGNTFY.DLL SensLogn = WLNOTIFY.DLL termsrv = WLNOTIFY.DLL wlballoon = WLNOTIFY.DLL HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Userinit = D:\WINDOWS\SYSTEM32\USERINIT.EXE, shell = EXPLORER.EXE IE - BHO HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects {00000AAA-A363-466E-BEF5-9BB68697AA7F} = e:\Program Files\Thunder Network\WebThunder\WebThunderBHO_011.dll {08A312BB-5409-49FC-9347-54BB7D069AC6} = D:\PROGRA~1\DESKAD~1\deskipn.dll {889D2FEB-5411-4565-8998-1DD2C5261283} = e:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll Winsock SPI MSTCPChain Provider = D:\WINDOWS\SYSTEM32\QUARTZ32.DLL MSAFD Tcpip [TCP/IP] = D:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD Tcpip [UDP/IP] = D:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD Tcpip [RAW/IP] = D:\WINDOWS\SYSTEM32\MSWSOCK.DLL RSVP UDP Service Provider = D:\WINDOWS\SYSTEM32\RSVPSP.DLL RSVP TCP Service Provider = D:\WINDOWS\SYSTEM32\RSVPSP.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{15403DF9-8096-4DFB-BDA5-585991FB8764}] SEQPACKET 0 = D:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{15403DF9-8096-4DFB-BDA5-585991FB8764}] DATAGRAM 0 = D:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{E3A59E9D-D8C3-4735-B222-464E99777B38}] SEQPACKET 1 = D:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{E3A59E9D-D8C3-4735-B222-464E99777B38}] DATAGRAM 1 = D:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{977E7C90-4631-45AE-9633-972537640478}] SEQPACKET 2 = D:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{977E7C90-4631-45AE-9633-972537640478}] DATAGRAM 2 = D:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{053298AC-B181-41CC-B1F6-DA90B98C0F5F}] SEQPACKET 3 = D:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{053298AC-B181-41CC-B1F6-DA90B98C0F5F}] DATAGRAM 3 = D:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{9275D930-D188-4270-8775-15DA1FFE9EC1}] SEQPACKET 4 = D:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{9275D930-D188-4270-8775-15DA1FFE9EC1}] DATAGRAM 4 = D:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSTCP Provider = D:\WINDOWS\SYSTEM32\QUARTZ32.DLL 系统服务项 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services Alerter = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE ALG = D:\WINDOWS\SYSTEM32\ALG.EXE AppMgmt = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS aspnet_state = D:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V1.1.4322\ASPNET_STATE.EXE AudioSrv = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS BITS = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS Browser = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS CiSvc = D:\WINDOWS\SYSTEM32\CISVC.EXE ClipSrv = D:\WINDOWS\SYSTEM32\CLIPSRV.EXE COMSysApp = D:\WINDOWS\SYSTEM32\DLLHOST.EXE /PROCESSID:{02D4B3F1-FD88-11D1-960D-00805FC79235} CryptSvc = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS DcomLaunch = D:\WINDOWS\SYSTEM32\SVCHOST -K DCOMLAUNCH Dhcp = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS dmadmin = D:\WINDOWS\SYSTEM32\DMADMIN.EXE /COM dmserver = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS Dnscache = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETWORKSERVICE ERSvc = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS Eventlog = D:\WINDOWS\SYSTEM32\SERVICES.EXE EventSystem = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS FastUserSwitchingCompatibility = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS helpsvc = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS HidServ = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS HTTPFilter = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K HTTPFILTER ImapiService = D:\WINDOWS\SYSTEM32\IMAPI.EXE lanmanserver = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS lanmanworkstation = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS LmHosts = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE Macromedia Licensing Service = "D:\PROGRAM FILES\COMMON FILES\MACROMEDIA SHARED\SERVICE\MACROMEDIA LICENSING.EXE" Messenger = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS mnmsrvc = D:\WINDOWS\SYSTEM32\MNMSRVC.EXE MSDTC = D:\WINDOWS\SYSTEM32\MSDTC.EXE MSIServer = D:\WINDOWS\SYSTEM32\MSIEXEC.EXE /V NetDDE = D:\WINDOWS\SYSTEM32\NETDDE.EXE NetDDEdsdm = D:\WINDOWS\SYSTEM32\NETDDE.EXE Netlogon = D:\WINDOWS\SYSTEM32\LSASS.EXE Netman = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS NetWorkLogon = RUNDLL32.EXE KB896425.LOG,START Nla = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS NtLmSsp = D:\WINDOWS\SYSTEM32\LSASS.EXE NtmsSvc = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS ose = "D:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\SOURCE ENGINE\OSE.EXE" PlugPlay = D:\WINDOWS\SYSTEM32\SERVICES.EXE PolicyAgent = D:\WINDOWS\SYSTEM32\LSASS.EXE ProtectedStorage = D:\WINDOWS\SYSTEM32\LSASS.EXE RasAuto = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS RasMan = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS RDSessMgr = D:\WINDOWS\SYSTEM32\SESSMGR.EXE RemoteAccess = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS RemoteRegistry = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE RfwProxySrv = D:\PROGRAM FILES\RISING\RFW\RFWPROXY.EXE RfwService = D:\PROGRAM FILES\RISING\RFW\RFWSRV.EXE RpcLocator = D:\WINDOWS\SYSTEM32\LOCATOR.EXE RpcSs = D:\WINDOWS\SYSTEM32\SVCHOST -K RPCSS RsCCenter = "D:\PROGRAM FILES\RISING\RAV\CCENTER.EXE" RsRavMon = "D:\PROGRAM FILES\RISING\RAV\RAVMOND.EXE" RSVP = D:\WINDOWS\SYSTEM32\RSVP.EXE SamSs = D:\WINDOWS\SYSTEM32\LSASS.EXE SCardSvr = D:\WINDOWS\SYSTEM32\SCARDSVR.EXE Schedule = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS seclogon = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS SENS = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS SharedAccess = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS ShellHWDetection = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS Spooler = D:\WINDOWS\SYSTEM32\SPOOLSV.EXE srservice = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS SSDPSRV = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE stisvc = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K IMGSVC SwPrv = D:\WINDOWS\SYSTEM32\DLLHOST.EXE /PROCESSID:{DC760633-1564-4A91-A4AC-A1966BD02CD4} SysmonLog = D:\WINDOWS\SYSTEM32\SMLOGSVC.EXE TapiSrv = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS TermService = D:\WINDOWS\SYSTEM32\SVCHOST -K DCOMLAUNCH Themes = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS TlntSvr = D:\WINDOWS\SYSTEM32\TLNTSVR.EXE TrkWks = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS Univeral Service = D:\WINDOWS\CFTMON.EXE UpdateService = D:\WINDOWS\SYSTEM32\UPDATESERVICE.EXE upnphost = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE UPS = D:\WINDOWS\SYSTEM32\UPS.EXE usnsvc = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K USNSVC VSS = D:\WINDOWS\SYSTEM32\VSSVC.EXE W32Time = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS WebClient = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE winmgmt = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS WmdmPmSN = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS Wmi = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS WmiApSrv = D:\WINDOWS\SYSTEM32\WBEM\WMIAPSRV.EXE WMPNetworkSvc = D:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPNETWK.EXE wscsvc = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS wuauserv = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS WudfSvc = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K WUDFSERVICEGROUP WZCSVC = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS xmlprov = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
百里冰璃初生襁褓狮帖子:12 注册: 2006-08-14 来自:

百里冰璃初生襁褓狮帖子:12 注册: 2006-08-14 来自:	发表于： 2006-08-14 13:05 \| 显示全部短消息资料字号：小中大 6楼接楼上 Winlogon 启动项 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify crypt32chain = CRYPT32.DLL cryptnet = CRYPTNET.DLL cscdll = CSCDLL.DLL ScCertProp = WLNOTIFY.DLL Schedule = WLNOTIFY.DLL sclgntfy = SCLGNTFY.DLL SensLogn = WLNOTIFY.DLL termsrv = WLNOTIFY.DLL wlballoon = WLNOTIFY.DLL HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Userinit = D:\WINDOWS\SYSTEM32\USERINIT.EXE, shell = EXPLORER.EXE IE - BHO HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects {00000AAA-A363-466E-BEF5-9BB68697AA7F} = e:\Program Files\Thunder Network\WebThunder\WebThunderBHO_011.dll {08A312BB-5409-49FC-9347-54BB7D069AC6} = D:\PROGRA~1\DESKAD~1\deskipn.dll {889D2FEB-5411-4565-8998-1DD2C5261283} = e:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll Winsock SPI MSTCPChain Provider = D:\WINDOWS\SYSTEM32\QUARTZ32.DLL MSAFD Tcpip [TCP/IP] = D:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD Tcpip [UDP/IP] = D:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD Tcpip [RAW/IP] = D:\WINDOWS\SYSTEM32\MSWSOCK.DLL RSVP UDP Service Provider = D:\WINDOWS\SYSTEM32\RSVPSP.DLL RSVP TCP Service Provider = D:\WINDOWS\SYSTEM32\RSVPSP.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{15403DF9-8096-4DFB-BDA5-585991FB8764}] SEQPACKET 0 = D:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{15403DF9-8096-4DFB-BDA5-585991FB8764}] DATAGRAM 0 = D:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{E3A59E9D-D8C3-4735-B222-464E99777B38}] SEQPACKET 1 = D:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{E3A59E9D-D8C3-4735-B222-464E99777B38}] DATAGRAM 1 = D:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{977E7C90-4631-45AE-9633-972537640478}] SEQPACKET 2 = D:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{977E7C90-4631-45AE-9633-972537640478}] DATAGRAM 2 = D:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{053298AC-B181-41CC-B1F6-DA90B98C0F5F}] SEQPACKET 3 = D:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{053298AC-B181-41CC-B1F6-DA90B98C0F5F}] DATAGRAM 3 = D:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{9275D930-D188-4270-8775-15DA1FFE9EC1}] SEQPACKET 4 = D:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{9275D930-D188-4270-8775-15DA1FFE9EC1}] DATAGRAM 4 = D:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSTCP Provider = D:\WINDOWS\SYSTEM32\QUARTZ32.DLL
百里冰璃初生襁褓狮帖子:12 注册: 2006-08-14 来自:

百里冰璃初生襁褓狮帖子:12 注册: 2006-08-14 来自:	发表于： 2006-08-14 13:07 \| 显示全部短消息资料字号：小中大 7楼接六楼系统服务项 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services Alerter = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE ALG = D:\WINDOWS\SYSTEM32\ALG.EXE AppMgmt = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS aspnet_state = D:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V1.1.4322\ASPNET_STATE.EXE AudioSrv = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS BITS = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS Browser = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS CiSvc = D:\WINDOWS\SYSTEM32\CISVC.EXE ClipSrv = D:\WINDOWS\SYSTEM32\CLIPSRV.EXE COMSysApp = D:\WINDOWS\SYSTEM32\DLLHOST.EXE /PROCESSID:{02D4B3F1-FD88-11D1-960D-00805FC79235} CryptSvc = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS DcomLaunch = D:\WINDOWS\SYSTEM32\SVCHOST -K DCOMLAUNCH Dhcp = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS dmadmin = D:\WINDOWS\SYSTEM32\DMADMIN.EXE /COM dmserver = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS Dnscache = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETWORKSERVICE ERSvc = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS Eventlog = D:\WINDOWS\SYSTEM32\SERVICES.EXE EventSystem = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS FastUserSwitchingCompatibility = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS helpsvc = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS HidServ = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS HTTPFilter = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K HTTPFILTER ImapiService = D:\WINDOWS\SYSTEM32\IMAPI.EXE lanmanserver = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS lanmanworkstation = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS LmHosts = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE Macromedia Licensing Service = "D:\PROGRAM FILES\COMMON FILES\MACROMEDIA SHARED\SERVICE\MACROMEDIA LICENSING.EXE" Messenger = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS mnmsrvc = D:\WINDOWS\SYSTEM32\MNMSRVC.EXE MSDTC = D:\WINDOWS\SYSTEM32\MSDTC.EXE MSIServer = D:\WINDOWS\SYSTEM32\MSIEXEC.EXE /V NetDDE = D:\WINDOWS\SYSTEM32\NETDDE.EXE NetDDEdsdm = D:\WINDOWS\SYSTEM32\NETDDE.EXE Netlogon = D:\WINDOWS\SYSTEM32\LSASS.EXE Netman = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS NetWorkLogon = RUNDLL32.EXE KB896425.LOG,START Nla = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS NtLmSsp = D:\WINDOWS\SYSTEM32\LSASS.EXE NtmsSvc = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS ose = "D:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\SOURCE ENGINE\OSE.EXE" PlugPlay = D:\WINDOWS\SYSTEM32\SERVICES.EXE PolicyAgent = D:\WINDOWS\SYSTEM32\LSASS.EXE ProtectedStorage = D:\WINDOWS\SYSTEM32\LSASS.EXE RasAuto = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS RasMan = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS RDSessMgr = D:\WINDOWS\SYSTEM32\SESSMGR.EXE RemoteAccess = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS RemoteRegistry = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE RfwProxySrv = D:\PROGRAM FILES\RISING\RFW\RFWPROXY.EXE RfwService = D:\PROGRAM FILES\RISING\RFW\RFWSRV.EXE RpcLocator = D:\WINDOWS\SYSTEM32\LOCATOR.EXE RpcSs = D:\WINDOWS\SYSTEM32\SVCHOST -K RPCSS RsCCenter = "D:\PROGRAM FILES\RISING\RAV\CCENTER.EXE" RsRavMon = "D:\PROGRAM FILES\RISING\RAV\RAVMOND.EXE" RSVP = D:\WINDOWS\SYSTEM32\RSVP.EXE SamSs = D:\WINDOWS\SYSTEM32\LSASS.EXE SCardSvr = D:\WINDOWS\SYSTEM32\SCARDSVR.EXE Schedule = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS seclogon = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS SENS = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS SharedAccess = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS ShellHWDetection = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS Spooler = D:\WINDOWS\SYSTEM32\SPOOLSV.EXE srservice = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS SSDPSRV = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE stisvc = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K IMGSVC SwPrv = D:\WINDOWS\SYSTEM32\DLLHOST.EXE /PROCESSID:{DC760633-1564-4A91-A4AC-A1966BD02CD4} SysmonLog = D:\WINDOWS\SYSTEM32\SMLOGSVC.EXE TapiSrv = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS TermService = D:\WINDOWS\SYSTEM32\SVCHOST -K DCOMLAUNCH Themes = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS TlntSvr = D:\WINDOWS\SYSTEM32\TLNTSVR.EXE TrkWks = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS Univeral Service = D:\WINDOWS\CFTMON.EXE UpdateService = D:\WINDOWS\SYSTEM32\UPDATESERVICE.EXE upnphost = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE UPS = D:\WINDOWS\SYSTEM32\UPS.EXE usnsvc = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K USNSVC VSS = D:\WINDOWS\SYSTEM32\VSSVC.EXE W32Time = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS WebClient = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE winmgmt = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS WmdmPmSN = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS Wmi = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS WmiApSrv = D:\WINDOWS\SYSTEM32\WBEM\WMIAPSRV.EXE WMPNetworkSvc = D:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPNETWK.EXE wscsvc = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS wuauserv = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS WudfSvc = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K WUDFSERVICEGROUP WZCSVC = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS xmlprov = D:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS 文件驱动 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services FltMgr = D:\WINDOWS\SYSTEM32\DRIVERS\FLTMGR.SYS MRxDAV = D:\WINDOWS\SYSTEM32\DRIVERS\MRXDAV.SYS MRxSmb = D:\WINDOWS\SYSTEM32\DRIVERS\MRXSMB.SYS NetBIOS = D:\WINDOWS\SYSTEM32\DRIVERS\NETBIOS.SYS Rdbss = D:\WINDOWS\SYSTEM32\DRIVERS\RDBSS.SYS sr = D:\WINDOWS\SYSTEM32\DRIVERS\SR.SYS Srv = D:\WINDOWS\SYSTEM32\DRIVERS\SRV.SYS 系统驱动项 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services ACPI = D:\WINDOWS\SYSTEM32\DRIVERS\ACPI.SYS aec = D:\WINDOWS\SYSTEM32\DRIVERS\AEC.SYS AFD = D:\WINDOWS\SYSTEM32\DRIVERS\AFD.SYS AsyncMac = D:\WINDOWS\SYSTEM32\DRIVERS\ASYNCMAC.SYS atapi = D:\WINDOWS\SYSTEM32\DRIVERS\ATAPI.SYS ati2mtag = D:\WINDOWS\SYSTEM32\DRIVERS\ATI2MTAG.SYS Atmarpc = D:\WINDOWS\SYSTEM32\DRIVERS\ATMARPC.SYS audstub = D:\WINDOWS\SYSTEM32\DRIVERS\AUDSTUB.SYS BaseTDI = D:\WINDOWS\SYSTEM32\DRIVERS\BASETDI.SYS BRPPPOE = D:\WINDOWS\SYSTEM32\DRIVERS\BRPPPOE.SYS Cdrom = D:\WINDOWS\SYSTEM32\DRIVERS\CDROM.SYS Disk = D:\WINDOWS\SYSTEM32\DRIVERS\DISK.SYS dmboot = D:\WINDOWS\SYSTEM32\DRIVERS\DMBOOT.SYS dmio = D:\WINDOWS\SYSTEM32\DRIVERS\DMIO.SYS dmload = D:\WINDOWS\SYSTEM32\DRIVERS\DMLOAD.SYS DMusic = D:\WINDOWS\SYSTEM32\DRIVERS\DMUSIC.SYS drmkaud = D:\WINDOWS\SYSTEM32\DRIVERS\DRMKAUD.SYS ExpScaner = D:\PROGRAM FILES\RISING\RAV\EXPSCAN.SYS Fdc = D:\WINDOWS\SYSTEM32\DRIVERS\FDC.SYS FETNDIS = D:\WINDOWS\SYSTEM32\DRIVERS\FETND5.SYS FETNDISB = D:\WINDOWS\SYSTEM32\DRIVERS\FETND5B.SYS Flpydisk = D:\WINDOWS\SYSTEM32\DRIVERS\FLPYDISK.SYS FsVga = D:\WINDOWS\SYSTEM32\DRIVERS\FSVGA.SYS Ftdisk = D:\WINDOWS\SYSTEM32\DRIVERS\FTDISK.SYS Gpc = D:\WINDOWS\SYSTEM32\DRIVERS\MSGPC.SYS HookCont = D:\PROGRAM FILES\RISING\RAV\HOOKCONT.SYS HookReg = D:\PROGRAM FILES\RISING\RAV\HOOKREG.SYS HookSys = D:\PROGRAM FILES\RISING\RAV\HOOKSYS.SYS HookUrl = D:\PROGRAM FILES\RISING\RFW\HOOKURL.SYS HTTP = D:\WINDOWS\SYSTEM32\DRIVERS\HTTP.SYS i8042prt = D:\WINDOWS\SYSTEM32\DRIVERS\I8042PRT.SYS Imapi = D:\WINDOWS\SYSTEM32\DRIVERS\IMAPI.SYS intelppm = D:\WINDOWS\SYSTEM32\DRIVERS\INTELPPM.SYS Ip6Fw = D:\WINDOWS\SYSTEM32\DRIVERS\IP6FW.SYS IpFilterDriver = D:\WINDOWS\SYSTEM32\DRIVERS\IPFLTDRV.SYS IpInIp = D:\WINDOWS\SYSTEM32\DRIVERS\IPINIP.SYS IpNat = D:\WINDOWS\SYSTEM32\DRIVERS\IPNAT.SYS IPSec = D:\WINDOWS\SYSTEM32\DRIVERS\IPSEC.SYS IRENUM = D:\WINDOWS\SYSTEM32\DRIVERS\IRENUM.SYS isapnp = D:\WINDOWS\SYSTEM32\DRIVERS\ISAPNP.SYS Kbdclass = D:\WINDOWS\SYSTEM32\DRIVERS\KBDCLASS.SYS kmixer = D:\WINDOWS\SYSTEM32\DRIVERS\KMIXER.SYS mchInjDrv = D:\WINDOWS\TEMP\MC21.TMP MEMSCAN = D:\PROGRAM FILES\RISING\RAV\MEMSCAN.SYS Mouclass = D:\WINDOWS\SYSTEM32\DRIVERS\MOUCLASS.SYS mProcRs = D:\PROGRAM FILES\RISING\RFW\MPROCRS.SYS MSKSSRV = D:\WINDOWS\SYSTEM32\DRIVERS\MSKSSRV.SYS MSPCLOCK = D:\WINDOWS\SYSTEM32\DRIVERS\MSPCLOCK.SYS MSPQM = D:\WINDOWS\SYSTEM32\DRIVERS\MSPQM.SYS mssmbios = D:\WINDOWS\SYSTEM32\DRIVERS\MSSMBIOS.SYS NdisTapi = D:\WINDOWS\SYSTEM32\DRIVERS\NDISTAPI.SYS Ndisuio = D:\WINDOWS\SYSTEM32\DRIVERS\NDISUIO.SYS NdisWan = D:\WINDOWS\SYSTEM32\DRIVERS\NDISWAN.SYS NetBT = D:\WINDOWS\SYSTEM32\DRIVERS\NETBT.SYS npkcrypt = E:\TENCENT\QQ\NPKCRYPT.SYS NTSIM = D:\WINDOWS\SYSTEM32\NTSIM.SYS NwlnkFlt = D:\WINDOWS\SYSTEM32\DRIVERS\NWLNKFLT.SYS NwlnkFwd = D:\WINDOWS\SYSTEM32\DRIVERS\NWLNKFWD.SYS Parport = D:\WINDOWS\SYSTEM32\DRIVERS\PARPORT.SYS PCI = D:\WINDOWS\SYSTEM32\DRIVERS\PCI.SYS PptpMiniport = D:\WINDOWS\SYSTEM32\DRIVERS\RASPPTP.SYS PSched = D:\WINDOWS\SYSTEM32\DRIVERS\PSCHED.SYS Ptilink = D:\WINDOWS\SYSTEM32\DRIVERS\PTILINK.SYS PxHelp20 = D:\WINDOWS\SYSTEM32\DRIVERS\PXHELP20.SYS RasAcd = D:\WINDOWS\SYSTEM32\DRIVERS\RASACD.SYS Rasl2tp = D:\WINDOWS\SYSTEM32\DRIVERS\RASL2TP.SYS RasPppoe = D:\WINDOWS\SYSTEM32\DRIVERS\RASPPPOE.SYS Raspti = D:\WINDOWS\SYSTEM32\DRIVERS\RASPTI.SYS RDPCDD = D:\WINDOWS\SYSTEM32\DRIVERS\RDPCDD.SYS rdpdr = D:\WINDOWS\SYSTEM32\DRIVERS\RDPDR.SYS redbook = D:\WINDOWS\SYSTEM32\DRIVERS\REDBOOK.SYS RsFwDrv = D:\PROGRAM FILES\RISING\RFW\RSFWDRV.SYS Secdrv = D:\WINDOWS\SYSTEM32\DRIVERS\SECDRV.SYS ser2pl = D:\WINDOWS\SYSTEM32\DRIVERS\SER2PL.SYS serenum = D:\WINDOWS\SYSTEM32\DRIVERS\SERENUM.SYS Serial = D:\WINDOWS\SYSTEM32\DRIVERS\SERIAL.SYS splitter = D:\WINDOWS\SYSTEM32\DRIVERS\SPLITTER.SYS swenum = D:\WINDOWS\SYSTEM32\DRIVERS\SWENUM.SYS swmidi = D:\WINDOWS\SYSTEM32\DRIVERS\SWMIDI.SYS sysaudio = D:\WINDOWS\SYSTEM32\DRIVERS\SYSAUDIO.SYS Tcpip = D:\WINDOWS\SYSTEM32\DRIVERS\TCPIP.SYS TermDD = D:\WINDOWS\SYSTEM32\DRIVERS\TERMDD.SYS Update = D:\WINDOWS\SYSTEM32\DRIVERS\UPDATE.SYS usbehci = D:\WINDOWS\SYSTEM32\DRIVERS\USBEHCI.SYS usbhub = D:\WINDOWS\SYSTEM32\DRIVERS\USBHUB.SYS USBSTOR = D:\WINDOWS\SYSTEM32\DRIVERS\USBSTOR.SYS usbuhci = D:\WINDOWS\SYSTEM32\DRIVERS\USBUHCI.SYS VgaSave = D:\WINDOWS\SYSTEM32\DRIVERS\VGA.SYS viaagp = D:\WINDOWS\SYSTEM32\DRIVERS\VIAAGP.SYS viaagp1 = D:\WINDOWS\SYSTEM32\DRIVERS\VIAAGP1.SYS ViaIde = D:\WINDOWS\SYSTEM32\DRIVERS\VIAIDE.SYS VIAudio = D:\WINDOWS\SYSTEM32\DRIVERS\VIAUDIOS.SYS Wanarp = D:\WINDOWS\SYSTEM32\DRIVERS\WANARP.SYS wdmaud = D:\WINDOWS\SYSTEM32\DRIVERS\WDMAUD.SYS WS2IFSL = D:\WINDOWS\SYSTEM32\DRIVERS\WS2IFSL.SYS WudfPf = D:\WINDOWS\SYSTEM32\DRIVERS\WUDFPF.SYS WudfRd = D:\WINDOWS\SYSTEM32\DRIVERS\WUDFRD.SYS
百里冰璃初生襁褓狮帖子:12 注册: 2006-08-14 来自:

百里冰璃初生襁褓狮帖子:12 注册: 2006-08-14 来自:	发表于： 2006-08-14 13:08 \| 显示全部短消息资料字号：小中大 8楼五楼作废！六楼接四楼！谢谢大虾救救小弟啊！
百里冰璃初生襁褓狮帖子:12 注册: 2006-08-14 来自:

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT