瑞星卡卡安全论坛
無限 - 2007-8-30 13:25:00
瑞星卡卡电脑诊断日志 v1.30 (2007-8-30 13:1:14) 北京瑞星科技股份有限公司
注释: [A]表示该文件存在自启动关联;
[M]表示该文件在内存中;
+ 注册表自运行项目
+ 系统服务
+ HKLM\System\CurrentControlSet\Services
Navoct
[AM] 1. c:\program files\iesnap\navoct.dll
NAVOCT Module
.text,.rdata,.data,.rsrc,.reloc,
ose
[A ] 2. c:\program files\common files\microsoft shared\source engine\ose.exe
Microsoft Corporation
Office Source Engine
.text,.data,.rsrc,
paof
[AM] 3. c:\program files\kvja\uftk.dll
AdDm
.text,.rdata,.data,.idata,.didat,.rsrc,.reloc,
RsCCenter
[A ] 4. d:\program files\rising\rav\ccenter.exe
Beijing Rising Technology Co., Ltd.
CCenter
.text,.rdata,.data,.rsrc,
RsRavMon
[A ] 5. d:\program files\rising\rav\ravmond.exe
Beijing Rising Technology Co., Ltd.
RavMond
.text,.rdata,.data,.rsrc,
UMWdf
[AM] 6. c:\windows\system32\wdfmgr.exe
Microsoft Corporation
Windows User Mode Driver Manager
.text,.data,.rsrc,
+ 内核驱动
+ HKLM\System\CurrentControlSet\Services
2310_00
[A ] 7. c:\windows\system32\bird\2310_00.sys
HighPoint Technologies, Inc.
rr2310/2300 Miniport Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
3WAREDRV
[A ] 8. c:\windows\system32\bird\3waredrv.sys
.text,.rdata,.data,INIT,.rsrc,.reloc,
3WAREGSM
[A ] 9. c:\windows\system32\bird\3waregsm.sys
.text,.rdata,.data,INIT,.rsrc,.reloc,
3WDRV100
[A ] 10. c:\windows\system32\bird\3wdrv100.sys
.text,.rdata,.data,INIT,.rsrc,.reloc,
A320RAID
[A ] 11. c:\windows\system32\bird\a320raid.sys
Adaptec, Inc.
Adaptec HostRAID for Ultra320 SCSI
.text,.rdata,.data,INIT,.rsrc,.reloc,
AAC
[A ] 12. c:\windows\system32\bird\aac.sys
Adaptec, Inc.
Adaptec RAID Miniport Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
AACSAS
[A ] 13. c:\windows\system32\bird\aacsas.sys
Adaptec, Inc.
Adaptec SAS RAID Miniport Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
AAR81XX
[A ] 14. c:\windows\system32\bird\aar81xx.sys
Adaptec, Inc.
Adaptec Windows SATA Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
AARSI3X
[A ] 15. c:\windows\system32\bird\aarsi3x.sys
Adaptec, Inc.
Adaptec HostRAID for Serial ATA
.text,.rdata,.data,INIT,.rsrc,.reloc,
ADP94XX
[A ] 16. c:\windows\system32\bird\adp94xx.sys
Adaptec, Inc.
Adaptec Windows SAS/SATA Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
adpu160m
[A ] 17. c:\windows\system32\bird\adpu160m.sys
Microsoft Corporation
Adaptec Ultra160 SCSI miniport
.text,.rdata,.data,INIT,.rsrc,.reloc,
ADPU320
[A ] 18. c:\windows\system32\bird\adpu320.sys
Adaptec, Inc.
Adaptec Win2K/XP/Server2003 Ultra320 SCSI Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
AEC6210
[A ] 19. c:\windows\system32\bird\aec6210.sys
ACARD Technology Corp.
.text,.data,.idata,.rsrc,.reloc,
AEC6260
[A ] 20. c:\windows\system32\bird\aec6260.sys
ACARD Technology Corp.
ID=0006, 0007
.text,.rdata,.data,INIT,.rsrc,.reloc,
AEC6280
[A ] 21. c:\windows\system32\bird\aec6280.sys
ACARD Technology Corp.
Miniport driver for AEC6280
.text,.rdata,.data,INIT,.rsrc,.reloc,
AEC67160
[A ] 22. c:\windows\system32\bird\aec67160.sys
ACARD Technology Corp.
AEC67160 PCI Ultra3 LVD/SE Adapter Driver
.text,.rdata,INIT,.rsrc,.reloc,
AEC67162
[A ] 23. c:\windows\system32\bird\aec67162.sys
ACARD Technology Corp.
AEC67162 PCI Ultra3 LVD Adapter Driver
.text,.rdata,INIT,.rsrc,.reloc,
AEC671X
[A ] 24. c:\windows\system32\bird\aec671x.sys
ACARD Technology Corp.
AEC671X PCI Ultra/W SCSI3 Adapter Driver
.text,.rdata,INIT,.rsrc,.reloc,
AEC6880
[A ] 25. c:\windows\system32\bird\aec6880.sys
ACARD Technology Corp.
AEC6880/90 PCI Ultra ATA133 RAID Adapter Driver
.text,.rdata,INIT,.rsrc,.reloc,
AEC6897
[A ] 26. c:\windows\system32\bird\aec6897.sys
ACARD Technology Corp.
RAID miniport driver for AEC6897/AEC6898
.text,.rdata,.data,INIT,.rsrc,.reloc,
AEC68X5
[A ] 27. c:\windows\system32\bird\aec68x5.sys
ACARD Technology Corp.
AEC6885/95/96 PCI ATA133 4 Channel RAID Adapter Driver
.text,.rdata,INIT,.rsrc,.reloc,
aic78u2
[A ] 28. c:\windows\system32\bird\aic78u2.sys
Microsoft Corporation
Adaptec Ultra2 SCSI miniport
.text,.rdata,.data,INIT,.rsrc,.reloc,
aic78xx
[A ] 29. c:\windows\system32\bird\aic78xx.sys
Microsoft Corporation
Adaptec Ultra SCSI miniport
.text,.rdata,.data,INIT,.rsrc,.reloc,
ALCXWDM
[A ] 30. c:\windows\system32\drivers\alcxwdm.sys
Realtek Semiconductor Corp.
Realtek AC'97 Audio Driver (WDM)
.text,CODE,.rdata,.data,.data1,PAGE,INIT,.rsrc,.reloc,
amsint
無限 - 2007-8-30 13:26:00
[A ] 31. c:\windows\system32\bird\amsint.sys
Microsoft Corporation
AMD SCSI/NET Controller
.text,.rdata,INIT,.rsrc,.reloc,
ARCM_X86
[A ] 32. c:\windows\system32\bird\arcm_x86.sys
ARECA Technology Corporation
WINDOWS X86-32 SCSIPORT DRIVER for ARECA SATA RAID host controller
.text,.data,INIT,.rsrc,.reloc,
asc
[A ] 33. c:\windows\system32\bird\asc.sys
Advanced System Products, Inc.
AdvanSys SCSI Controller Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
BaseTDI
[A ] 34. c:\windows\system32\drivers\basetdi.sys
Beijing Rising Technology Co., Ltd.
basetdi
.text,.rdata,.data,INIT,.rsrc,.reloc,
BCHTSW32
[A ] 35. c:\windows\system32\bird\bchtsw32.sys
Broadcom Corporation
Broadcom HT1000 SATA Raid Controller driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
bootdrv
[A ] 36. c:\windows\system32\drivers\bootdrv.sys
buslogic
[A ] 37. c:\windows\system32\bird\buslogic.sys
Microsoft Corporation
BusLogic SCSI Controller Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
CDA1000
[A ] 38. c:\windows\system32\bird\cda1000.sys
Adaptec, Inc.
Adaptec Array1000Ultra160 Family Manager Set
.text,.rdata,.data,INIT,.rsrc,.reloc,
CmdIde
[A ] 39. c:\windows\system32\bird\cmdide.sys
CMD Technology, Inc.
CMD PCI IDE Bus Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
Cpqarray
[A ] 40. c:\windows\system32\bird\cpqarray.sys
Microsoft Corporation
Compaq Drive Array Controllers SCSI Miniport Driver
.text,.rdata,INIT,.rsrc,.reloc,
CPQARRY2
[A ] 41. c:\windows\system32\bird\cpqarry2.sys
Compaq Computer Corporation
Compaq Smart Array Controllers SCSI Miniport Driver
.text,.rdata,INIT,.rsrc,.reloc,
CPQCISSM
[A ] 42. c:\windows\system32\bird\cpqcissm.sys
Hewlett-Packard Company
Smart Array 5x and 6x Controllers SCSI Miniport Driver
.text,.rdata,INIT,.rsrc,.reloc,
CSB6IDE
[A ] 43. c:\windows\system32\bird\csb6ide.sys
ServerWorks Corporation
ServerWorks CSB6 PCI IDE Bus Driver
.text,.rdata,INIT,.rsrc,.reloc,
dac2w2k
[A ] 44. c:\windows\system32\bird\dac2w2k.sys
Mylex Corporation
Mylex Disk Array Controller Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
dac960nt
[A ] 45. c:\windows\system32\bird\dac960nt.sys
Microsoft Corporation
Mylex Disk Array Controller Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
DMX3191
[A ] 46. c:\windows\system32\bird\dmx3191.sys
Microsoft Corporation
DMX 3191 PCI SCSI Controller Driver
.text,.data,INIT,.rsrc,.reloc,
DMX3194
[A ] 47. c:\windows\system32\bird\dmx3194.sys
Microsoft Corporation
INITIO ini910u SCSI miniport
.text,.data,INIT,.rsrc,.reloc,
dpti2o
[A ] 48. c:\windows\system32\bird\dpti2o.sys
Microsoft Corporation
DPT SmartRAID miniport
.text,.rdata,.data,INIT,.rsrc,.reloc,
DPTSCSI
[A ] 49. c:\windows\system32\bird\dptscsi.sys
Distributed Processing Technology Corp.
DPT SCSI Host Adapter Miniport Driver
.text,.data,INIT,.rsrc,.reloc,
ExpScaner
[A ] 50. d:\program files\rising\rav\expscan.sys
ExpScan.sys
.text,.rdata,.data,INIT,.rsrc,.reloc,
FASTSX
[A ] 51. c:\windows\system32\bird\fastsx.sys
Promise Technology, Inc.
Promise FastTRAK SX4/SX4000 Driver for Windows
.text,.rdata,.data,INIT,.rsrc,.reloc,
FASTTRAK
[A ] 52. c:\windows\system32\bird\fasttrak.sys
Promise Technology, Inc.
Promise FastTrak Series Driver for Win2000
.text,.rdata,.data,INIT,.rsrc,.reloc,
FASTTX2K
[A ] 53. c:\windows\system32\bird\fasttx2k.sys
Promise Technology, Inc.
Promise Driver for Windows 2000
.text,.rdata,.data,INIT,.rsrc,.reloc,
fd16_700
[A ] 54. c:\windows\system32\bird\fd16_700.sys
Microsoft Corporation
FD 1660/1680/600/700 SCSI Controller Driver
.text,.rdata,INIT,.rsrc,.reloc,
fireport
[A ] 55. c:\windows\system32\bird\fireport.sys
Microsoft Corporation
Diamond Multimedia Systems, Inc. SCSI Miniport Driver Version FLINT-4.04.01a.2-DIAMOND
.text,.rdata,.data,INIT,.rsrc,.reloc,
flashpnt
[A ] 56. c:\windows\system32\bird\flashpnt.sys
Mylex,Corp.
FlashPoint Adapter Miniport Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
FT8300
[A ] 57. c:\windows\system32\bird\ft8300.sys
Promise Technology, Inc.
Promise FastTRAK SX4300/8300 Driver for Windows family
.text,.rdata,.data,INIT,.rsrc,.reloc,
FTSATA2
[A ] 58. c:\windows\system32\drivers\ftsata2.sys
GD31244
[A ] 59. c:\windows\system32\bird\gd31244.sys
Intel Corporation
Intel GD31244 SATA Miniport
.text,.rdata,.data,INIT,.rsrc,.reloc,
HookCont
[A ] 60. d:\program files\rising\rav\hookcont.sys
Rising
HookCont
.text,.rdata,.data,INIT,.rsrc,.reloc,
HookReg
9876532 - 2007-8-30 13:26:00
用超级兔子清理
無限 - 2007-8-30 13:27:00
[A ] 61. d:\program files\rising\rav\hookreg.sys
.text,.rdata,.data,INIT,.rsrc,.reloc,
HookSys
[A ] 62. d:\program files\rising\rav\hooksys.sys
Rising
Hooksys
.text,.rdata,.data,INIT,.rsrc,.reloc,
HPCISSS2
[A ] 63. c:\windows\system32\bird\hpcisss2.sys
Hewlett-Packard Company
Smart Array SAS/SATA Controller Storport Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
HPT371
[A ] 64. c:\windows\system32\bird\hpt371.sys
HighPoint Technologies, Inc.
HPT3xx Miniport Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
HPT374
[A ] 65. c:\windows\system32\bird\hpt374.sys
HighPoint Technologies, Inc.
HPT374 Miniport Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
HPT3XX
[A ] 66. c:\windows\system32\bird\hpt3xx.sys
HighPoint Technologies, Inc.
HPT3xx Miniport Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
i2omp
[A ] 67. c:\windows\system32\bird\i2omp.sys
Microsoft Corporation
I2O Miniport Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
ialm
[A ] 68. c:\windows\system32\drivers\ialmnt5.sys
Intel Corporation
Intel Graphics Miniport Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
IASTOR
[A ] 69. c:\windows\system32\bird\iastor.sys
Intel Corporation
Intel Matrix Storage Manager driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
IFT2000
[A ] 70. c:\windows\system32\bird\ift2000.sys
Infortrend Technology, Inc.
Infortrend IFT-2000 Series RAID Adapter Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
ini910u
[A ] 71. c:\windows\system32\bird\ini910u.sys
Microsoft Corporation
INITIO ini910u SCSI miniport
.text,.rdata,.data,INIT,.rsrc,.reloc,
INIA100
[A ] 72. c:\windows\system32\bird\inia100.sys
Initio corp.
INITIO INI-A10XU2W SCSI miniport
.text,.rdata,.data,INIT,.rsrc,.reloc,
IPSRAIDN
[A ] 73. c:\windows\system32\bird\ipsraidn.sys
IBM Corporation
IBM ServeRAID Controller Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
ITERAID
[A ] 74. c:\windows\system32\bird\iteraid.sys
Integrated Technology Express, Inc.
ITE IT8212 ATA RAID SCSI miniport
.text,.rdata,.data,INIT,.rsrc,.reloc,
JRAID
[A ] 75. c:\windows\system32\bird\jraid.sys
JMicron Technology Corp.
JMicron JR036X RAID Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
kmsinput
[A ] 76. c:\windows\system32\drivers\kmsinput.sys
.text,.data,INIT,.reloc,
M5228
[A ] 77. c:\windows\system32\bird\m5228.sys
ALi Corporation.
M5228 ATA RAID Controller Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
M5281
[A ] 78. c:\windows\system32\bird\m5281.sys
ALi Corporation
ALi SATA RAID Controller Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
M5287
[A ] 79. c:\windows\system32\bird\m5287.sys
ULi Electronics Inc.
ULi SATA Controller Driver
.text,.rdata,.data,.idata,.rsrc,.reloc,
M5288
[A ] 80. c:\windows\system32\bird\m5288.sys
ULi Electronics Inc.
ULi SATA Controller Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
M5289
[A ] 81. c:\windows\system32\bird\m5289.sys
ULi Electronics Inc.
ULi SATA RAID Controller Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
MEGAIDE
[A ] 82. c:\windows\system32\bird\megaide.sys
LSI Logic Corporation.
LSI MegaRAID IDE Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
MEMSCAN
[A ] 83. d:\program files\rising\rav\memscan.sys
Beijing Rising Technology Co., Ltd.
MemScan Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
mraid35x
[A ] 84. c:\windows\system32\bird\mraid35x.sys
LSI Logic Corporation
MegaRAID RAID Controller Driver for XP 32
.text,.rdata,.data,INIT,.rsrc,.reloc,
MSAHCI
[A ] 85. c:\windows\system32\bird\msahci.sys
Microsoft Corporation
MS AHCI 1.0 Standard Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
NFRD960
[A ] 86. c:\windows\system32\bird\nfrd960.sys
IBM Corporation
IBM ServeRAID Controller Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
npkcrypt
[A ] 87. d:\program files\tencent\qq\npkcrypt.sys
INCA Internet Co., Ltd.
nProtect KeyCrypt Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
npkycryp
[A ] 88. d:\program files\tencent\qq\npkycryp.sys
NVATABUS
[A ] 89. c:\windows\system32\bird\nvatabus.sys
NVIDIA Corporation
NVIDIA? nForce(TM) IDE Performance Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
NVRAID
[A ] 90. c:\windows\system32\bird\nvraid.sys
NVIDIA Corporation
NVIDIA? nForce(TM) RAID Driver
.text,.rdata,.data,PAGE,INIT,DUMPDATA,.rsrc,.reloc,
perc2
[A ] 91. c:\windows\system32\bird\perc2.sys
Adaptec, Inc.
Dell PERC 2 Miniport Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
PNP649R
[A ] 92. c:\windows\system32\bird\pnp649r.sys
CMD Technology, Inc.
IDE RAID miniport driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
PNP680
[A ] 93. c:\windows\system32\bird\pnp680.sys
Silicon Image, Inc.
DMA capable ATA miniport driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
PNP680R
[A ] 94. c:\windows\system32\bird\pnp680r.sys
Silicon Image, Inc
DMA capable ATA RAID miniport driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
ql1080
[A ] 95. c:\windows\system32\bird\ql1080.sys
QLogic Corporation
Miniport Driver for QLogic ISP PCI Adapters
.text,.rdata,.data,INIT,.rsrc,.reloc,
Ql10wnt
[A ] 96. c:\windows\system32\bird\ql10wnt.sys
Microsoft Corporation
Miniport Driver for QLogic ISP PCI Adapters
.text,.rdata,.data,INIT,.rsrc,.reloc,
ql12160
[A ] 97. c:\windows\system32\bird\ql12160.sys
QLogic Corporation
Miniport Driver for QLogic ISP PCI Adapters
.text,.rdata,.data,INIT,.rsrc,.reloc,
ql1240
[A ] 98. c:\windows\system32\bird\ql1240.sys
Microsoft Corporation
QLogic ISP PCI Adapters
.text,.rdata,.data,INIT,.rsrc,.reloc,
ql1280
[A ] 99. c:\windows\system32\bird\ql1280.sys
QLogic Corporation
Miniport Driver for QLogic ISP PCI Adapters
.text,.rdata,.data,INIT,.rsrc,.reloc,
RAIDSRC
[A ] 100. c:\windows\system32\bird\raidsrc.sys
Intel/ICP
Intel(r)/ICP Miniport Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
RR232X
無限 - 2007-8-30 13:28:00
[A ] 101. c:\windows\system32\bird\rr232x.sys
HighPoint Technologies, Inc.
RR232x Miniport Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
RsAntiSpyware
[A ] 102. c:\windows\system32\drivers\rsboot.sys
Beijing Rising Technology Co., Ltd.
Anti-RootKit Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
RsNTGDI
[A ] 103. c:\windows\system32\drivers\rsntgdi.sys
Beijing Rising Technology Co., Ltd.
RsNTGDI
.text,.rdata,INIT,.rsrc,.reloc,
RSPPSYS
[A ] 104. d:\program files\rising\rav\rsppsys.sys
Rising
RSPPSYS.SYS
.text,.rdata,.data,INIT,.rsrc,.reloc,
RTL8023xp
[A ] 105. c:\windows\system32\drivers\rtlnicxp.sys
Realtek Semiconductor Corporation
Realtek 10/100/1000 NDIS 5.1 Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
S150SX8
[A ] 106. c:\windows\system32\bird\s150sx8.sys
Promise Technology, Inc.
Promise SATAII150 SX8 Driver for WindowsXP
.text,.rdata,.data,INIT,.rsrc,.reloc,
Secdrv
[A ] 107. c:\windows\system32\drivers\secdrv.sys
.text,.data,INIT,.reloc,
SI3112
[A ] 108. c:\windows\system32\bird\si3112.sys
Silicon Image, Inc.
Serial ATA miniport driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
SI3112R
[A ] 109. c:\windows\system32\bird\si3112r.sys
Silicon Image, Inc
Serial ATA RAID miniport driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
SI3114
[A ] 110. c:\windows\system32\bird\si3114.sys
Silicon Image, Inc.
Serial ATA miniport driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
SI3114R
[A ] 111. c:\windows\system32\bird\si3114r.sys
Silicon Image, Inc
SATARAID miniport driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
SI3114R5
[A ] 112. c:\windows\system32\bird\si3114r5.sys
Silicon Image, Inc
SATA SoftRAID 5 miniport driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
SI3124
[A ] 113. c:\windows\system32\bird\si3124.sys
Silicon Image, Inc.
Serial ATA miniport driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
SI3124R
[A ] 114. c:\windows\system32\bird\si3124r.sys
Silicon Image, Inc
SATARAID miniport driver (PRE-RELEASE)
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
SI3124R5
[A ] 115. c:\windows\system32\bird\si3124r5.sys
Silicon Image, Inc
SATA SoftRAID 5 miniport driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
SI3132
[A ] 116. c:\windows\system32\bird\si3132.sys
Silicon Image, Inc.
Serial ATA miniport driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
SI3132R5
[A ] 117. c:\windows\system32\bird\si3132r5.sys
Silicon Image, Inc
SATA SoftRAID 5 miniport driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
SISRAID
[A ] 118. c:\windows\system32\bird\sisraid.sys
Silicon Integrated Systems
SiS RAID Miniport Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
SISRAID2
[A ] 119. c:\windows\system32\bird\sisraid2.sys
Silicon Integrated Systems Corp
SiS RAID Miniport Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
SISRAID4
[A ] 120. c:\windows\system32\bird\sisraid4.sys
Silicon Integrated Systems
SiS AHCI Miniport Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
SPTRAK
[A ] 121. c:\windows\system32\bird\sptrak.sys
Promise Technology, Inc.
Promise SuperTrak Family Driver for WindowsNT
.text,.rdata,.data,INIT,.rsrc,.reloc,
ST8350
[A ] 122. c:\windows\system32\bird\st8350.sys
Promise Technology, Inc.
Promise SuperTrak EX8350/EX8300 for Windows Family
.text,.rdata,.data,INIT,.rsrc,.reloc,
symc810
[A ] 123. c:\windows\system32\bird\symc810.sys
Symbios Logic Inc.
Symbios Logic Inc. SCSI Miniport Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
symc8xx
[A ] 124. c:\windows\system32\bird\symc8xx.sys
LSI Logic
Symbios 8XX SCSI Miniport Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
SYMMPI
[A ] 125. c:\windows\system32\bird\symmpi.sys
LSI Logic
LSI Logic Fusion-MPT MiniPort Driver (ScsiPort)
.text,.rdata,.data,INIT,.rsrc,.reloc,
sym_hi
[A ] 126. c:\windows\system32\bird\sym_hi.sys
LSI Logic
Symbios Hi-Perf SCSI Miniport Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
sym_u3
[A ] 127. c:\windows\system32\bird\sym_u3.sys
LSI Logic
Symbios Ultra3 SCSI Miniport Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
TRM3X5
[A ] 128. c:\windows\system32\bird\trm3x5.sys
Tekram Technology Co., Ltd.
Miniport Driver
.text,.rdata,.data,.idata,.rsrc,.reloc,
ULSATA
[A ] 129. c:\windows\system32\bird\ulsata.sys
Promise Technology, Inc.
Promise Ultra/Sata Series Driver for Win2000
.text,.rdata,.data,INIT,.rsrc,.reloc,
ULSATA2
[A ] 130. c:\windows\system32\bird\ulsata2.sys
Promise Technology, Inc.
Promise SATAII150 Series Driver for Windows
.text,.rdata,.data,INIT,.rsrc,.reloc,
ULTIMA
[A ] 131. c:\windows\system32\bird\ultima.sys
Aralion INC.
build(291)
.text,.rdata,.data,INIT,.rsrc,.reloc,
ULTIMARX
[A ] 132. c:\windows\system32\bird\ultimarx.sys
Aralion INC.
build(306)
.text,.data,INIT,.rsrc,.reloc,
ultra
[A ] 133. c:\windows\system32\bird\ultra.sys
Promise Technology, Inc.
Promise Ultra Series Driver for Windows2000
.text,.rdata,.data,INIT,.rsrc,.reloc,
VIAMRAID
[A ] 134. c:\windows\system32\bird\viamraid.sys
VIA Technologies inc,.ltd
VIA AHCI RAID DRIVER FOR WIN 2000/XP
.text,.rdata,.data,INIT,.rsrc,.reloc,
W2KADV
[A ] 135. c:\windows\system32\bird\w2kadv.sys
ConnectCom Solutions, Inc.
AdvanSys SCSI Controller Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
WD7296A
[A ] 136. c:\windows\system32\bird\wd7296a.sys
Western Digital Corporation
WD7296a SCSI Driver
.text,.data,.idata,.rsrc,.reloc,
+ 系统登陆自运行
+ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
igfxcui
[A ] 137. c:\windows\system32\igfxdev.dll
Intel Corporation
igfxdev Module
.text,.rdata,.data,.rsrc,.reloc,
無限 - 2007-8-30 13:30:00
+ IE浏览器加载模块
+ HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions
Exec
[A ] 138. c:\program files\thunder network\thunder\thunder.exe
Thunder Networking Technologies,LTD
CODE,DATA,BSS,.idata,.tls,.rdata,.reloc,.rsrc,
+ 资源管理器加载模块
+ HKLM\SOFTWARE\Classes\PROTOCOLS\Filter
text/xml
[A ] 139. c:\program files\common files\microsoft shared\office11\msoxmlmf.dll
Microsoft Corporation
Microsoft Office XML MIME Filter
.text,.data,.rsrc,.reloc,
+ HKLM\SOFTWARE\Classes\PROTOCOLS\Handler
KuGoo
[A ] 140. c:\windows\system32\kugoo3downxcontrol.ocx
CODE,DATA,BSS,.idata,.edata,.reloc,.rsrc,
KuGoo3
[A ] 140. c:\windows\system32\kugoo3downxcontrol.ocx
CODE,DATA,BSS,.idata,.edata,.reloc,.rsrc,
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
HyperTerminal Icon Ext
[A ] 141. c:\windows\system32\hticons.dll
Hilgraeve, Inc.
HyperTerminal Applet Library
.text,.data,.rsrc,.reloc,
Portable Media Devices
[AM] 142. c:\windows\system32\audiodev.dll
Microsoft Corporation
便携媒体设备命令行解释器扩展
.text,.data,.rsrc,.reloc,
Portable Media Devices Menu
[AM] 142. c:\windows\system32\audiodev.dll
Microsoft Corporation
便携媒体设备命令行解释器扩展
.text,.data,.rsrc,.reloc,
WinRAR shell extension
[AM] 143. c:\program files\winrar\rarext.dll
.text,.data,.tls,.idata,.edata,.rsrc,.reloc,
Microsoft Office HTML Icon Handler
[AM] 144. c:\program files\microsoft office\office11\msohev.dll
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,.reloc,
Web Folders
[A ] 145. c:\program files\common files\microsoft shared\web folders\msonsext.dll
Microsoft Corporation
Microsoft Web Folders
.text,.data,.rsrc,.reloc,
Shell Extensions for RealOne Player
[A ] 146. c:\program files\real\realone player\rpshellext.dll
RealNetworks
RealOne Player Shell Extensions
.text,.rdata,.data,.rsrc,.reloc,
RISING
[AM] 147. c:\windows\system32\ravext.dll
Beijing Rising Technology Co., Ltd.
Rising Shell Ext Module
.text,.rdata,.data,.rsrc,.reloc,
+ 用户登陆自运行项目
+ HKCU\Software\Microsoft\Windows\CurrentVersion\Run
bgswitch
[A ] 148. c:\windows\system32\bgswitch.exe
.text,.data,.rsrc,
+ HKLM\Software\Microsoft\Windows\CurrentVersion\Run
SoundMan
[AM] 149. c:\windows\soundman.exe
Realtek Semiconductor Corp.
Realtek Sound Manager
.text,.rdata,.data,.sxdata,.rsrc,
igfxtray
[A ] 150. c:\windows\system32\igfxtray.exe
Intel Corporation
igfxTray Module
.text,.rdata,.data,.rsrc,
igfxhkcmd
[AM] 151. c:\windows\system32\hkcmd.exe
Intel Corporation
hkcmd Module
.text,.rdata,.data,.rsrc,
igfxpers
[AM] 152. c:\windows\system32\igfxpers.exe
Intel Corporation
persistence Module
.text,.rdata,.data,.idata,.rsrc,.reloc,
RavTask
[A ] 153. d:\program files\rising\rav\ravtask.exe
Beijing Rising Technology Co., Ltd.
RavTimer
.text,.rdata,.data,.rsrc,
TkBellExe
[AM] 154. c:\program files\common files\real\update_ob\realsched.exe
RealNetworks, Inc.
RealNetworks Scheduler
.text,.rdata,.data,.rsrc,
runeip
[AM] 155. d:\program files\rising\antispyware\runiep.exe
Beijing Rising Technology Co., Ltd.
Rising AntiSpyware Monitor
.text,.rdata,.data,.rsrc,
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
RavStub
[AM] 156. d:\program files\rising\rav\ravstub.exe
Beijing Rising Technology Co., Ltd.
Rising RavStub
.text,.rdata,.data,.rsrc,
+ 开机执行
+ HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order
BootExecute
[A ] 157. c:\windows\system32\bsmain.exe
Beijing Rising Technology Co., Ltd.
BootScan
.text,.data,.rsrc,.reloc,
+ 映像劫持
+ HKCR\.html
htmlfile\Edit\Command
[A ] 158. c:\program files\microsoft office\office11\msohtmed.exe
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,
htmlfile\Print\Command
[A ] 158. c:\program files\microsoft office\office11\msohtmed.exe
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,
+ HKCR\.htm
htmlfile\Edit\Command
[A ] 158. c:\program files\microsoft office\office11\msohtmed.exe
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,
htmlfile\Print\Command
[A ] 158. c:\program files\microsoft office\office11\msohtmed.exe
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,
+ HKCR\.mp3
RealPlayer.MP3.6\open\Command
[A ] 159. c:\program files\real\realone player\realplay.exe
RealNetworks, Inc.
RealOne Player
.text,.rdata,.data,.rsrc,
無限 - 2007-8-30 13:31:00
+ 正在运行的进程
+ 0000012c(300) wdfmgr.exe
01000000[0000C000]
[AM] 6. c:\windows\system32\wdfmgr.exe
Microsoft Corporation
Windows User Mode Driver Manager
.text,.data,.rsrc,
+ 00000158(344) svchost.exe
10000000[0007B000]
[AM] 3. c:\program files\kvja\uftk.dll
AdDm
.text,.rdata,.data,.idata,.didat,.rsrc,.reloc,
00A50000[00020000]
[ M] 160. c:\program files\iesnap\navstub.dll
NAVSTUB
.text,.rdata,.data,.Shared,.rsrc,.reloc,
00DA0000[00041200]
[ M] 161. c:\windows\system32\wbjju.ime
北京六合源软件技术有限公司
五笔加加Plus 2.4
.text,.rdata,.data,.rsrc,.reloc,
00DF0000[0006FB0C]
[ M] 162. c:\windows\system32\wbcodeu.dll
WbCodeU
.text,.rdata,.data,.rsrc,.reloc,
00E60000[00044000]
[ M] 163. c:\windows\system32\wbjju.dll
UPX0,UPX1,.rsrc,
017B0000[0001D000]
[ M] 164. c:\program files\kvja\xiwn.dll
stdstub
.text,.rdata,.data,.Shared,.rsrc,.reloc,
017D0000[00036000]
[ M] 165. c:\program files\kvja\cnbs.dll
stdplay
.text,.rdata,.data,.rsrc,.reloc,
01810000[00019000]
[ M] 166. c:\program files\kvja\zkyp.dll
stdvote
.text,.rdata,.data,.rsrc,.reloc,
01830000[0002B000]
[ M] 167. c:\program files\kvja\qbpg.dll
stdseg
.text,.rdata,.data,.rsrc,.reloc,
+ 000001b8(440) smss.exe
+ 000001c8(456) svchost.exe
+ 00000208(520) csrss.exe
+ 00000220(544) winlogon.exe
10000000[00041200]
[ M] 161. c:\windows\system32\wbjju.ime
北京六合源软件技术有限公司
五笔加加Plus 2.4
.text,.rdata,.data,.rsrc,.reloc,
01350000[0006FB0C]
[ M] 162. c:\windows\system32\wbcodeu.dll
WbCodeU
.text,.rdata,.data,.rsrc,.reloc,
013C0000[00044000]
[ M] 163. c:\windows\system32\wbjju.dll
UPX0,UPX1,.rsrc,
72C80000[00008000]
[ M] 168. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
+ 0000024c(588) services.exe
+ 00000258(600) lsass.exe
+ 000002a8(680) conime.exe
10000000[0001D000]
[ M] 164. c:\program files\kvja\xiwn.dll
stdstub
.text,.rdata,.data,.Shared,.rsrc,.reloc,
00AA0000[00036000]
[ M] 165. c:\program files\kvja\cnbs.dll
stdplay
.text,.rdata,.data,.rsrc,.reloc,
00AF0000[00020000]
[ M] 160. c:\program files\iesnap\navstub.dll
NAVSTUB
.text,.rdata,.data,.Shared,.rsrc,.reloc,
00B50000[00041200]
[ M] 161. c:\windows\system32\wbjju.ime
北京六合源软件技术有限公司
五笔加加Plus 2.4
.text,.rdata,.data,.rsrc,.reloc,
00BA0000[0006FB0C]
[ M] 162. c:\windows\system32\wbcodeu.dll
WbCodeU
.text,.rdata,.data,.rsrc,.reloc,
00C10000[00044000]
[ M] 163. c:\windows\system32\wbjju.dll
UPX0,UPX1,.rsrc,
00F30000[0001B000]
[ M] 169. d:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 000002e8(744) svchost.exe
+ 00000324(804) navplay.exe
00400000[0000B000]
[ M] 170. c:\program files\iesnap\navplay.exe
NAVPLAY
.text,.rdata,.data,.rsrc,
10000000[0001D000]
[ M] 164. c:\program files\kvja\xiwn.dll
stdstub
.text,.rdata,.data,.Shared,.rsrc,.reloc,
00990000[00036000]
[ M] 165. c:\program files\kvja\cnbs.dll
stdplay
.text,.rdata,.data,.rsrc,.reloc,
009E0000[00020000]
[ M] 160. c:\program files\iesnap\navstub.dll
NAVSTUB
.text,.rdata,.data,.Shared,.rsrc,.reloc,
00A40000[00041200]
[ M] 161. c:\windows\system32\wbjju.ime
北京六合源软件技术有限公司
五笔加加Plus 2.4
.text,.rdata,.data,.rsrc,.reloc,
00A90000[0006FB0C]
[ M] 162. c:\windows\system32\wbcodeu.dll
WbCodeU
.text,.rdata,.data,.rsrc,.reloc,
00B00000[00044000]
[ M] 163. c:\windows\system32\wbjju.dll
UPX0,UPX1,.rsrc,
011A0000[0001B000]
[ M] 169. d:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 00000328(808) svchost.exe
+ 00000378(888) svchost.exe
10000000[00015000]
[AM] 1. c:\program files\iesnap\navoct.dll
NAVOCT Module
.text,.rdata,.data,.rsrc,.reloc,
01D90000[00041200]
[ M] 161. c:\windows\system32\wbjju.ime
北京六合源软件技术有限公司
五笔加加Plus 2.4
.text,.rdata,.data,.rsrc,.reloc,
01DE0000[0006FB0C]
[ M] 162. c:\windows\system32\wbcodeu.dll
WbCodeU
.text,.rdata,.data,.rsrc,.reloc,
01E50000[00044000]
[ M] 163. c:\windows\system32\wbjju.dll
UPX0,UPX1,.rsrc,
02360000[00020000]
[ M] 160. c:\program files\iesnap\navstub.dll
NAVSTUB
.text,.rdata,.data,.Shared,.rsrc,.reloc,
50E60000[0000C000]
[ M] 171. c:\windows\system32\wups2.dll
Microsoft Corporation
Windows Update client proxy stub 2
.text,.orpc,.data,.rsrc,.reloc,
+ 000003a0(928) svchost.exe
+ 00000418(1048) svchost.exe
+ 000004ec(1260) Explorer.EXE
10000000[00041200]
[ M] 161. c:\windows\system32\wbjju.ime
北京六合源软件技术有限公司
五笔加加Plus 2.4
.text,.rdata,.data,.rsrc,.reloc,
00C00000[0006FB0C]
[ M] 162. c:\windows\system32\wbcodeu.dll
WbCodeU
.text,.rdata,.data,.rsrc,.reloc,
00BA0000[00044000]
[ M] 163. c:\windows\system32\wbjju.dll
UPX0,UPX1,.rsrc,
72C80000[00008000]
[ M] 168. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
01C10000[0001B000]
[ M] 169. d:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
020F0000[00020000]
[ M] 160. c:\program files\iesnap\navstub.dll
NAVSTUB
.text,.rdata,.data,.Shared,.rsrc,.reloc,
01940000[0001D000]
[ M] 164. c:\program files\kvja\xiwn.dll
stdstub
.text,.rdata,.data,.Shared,.rsrc,.reloc,
019A0000[00036000]
[ M] 165. c:\program files\kvja\cnbs.dll
stdplay
.text,.rdata,.data,.rsrc,.reloc,
01340000[0002B000]
[AM] 143. c:\program files\winrar\rarext.dll
.text,.data,.tls,.idata,.edata,.rsrc,.reloc,
015D0000[0001B000]
[AM] 147. c:\windows\system32\ravext.dll
Beijing Rising Technology Co., Ltd.
Rising Shell Ext Module
.text,.rdata,.data,.rsrc,.reloc,
021C0000[00026000]
[ M] 172. c:\windows\system32\igfxpph.dll
Intel Corporation
igfxpph Module
.text,.rdata,.data,.rsrc,.reloc,
02180000[00013000]
[ M] 173. c:\windows\system32\hccutils.dll
Intel Corporation
hccutils Module
.text,.rdata,.data,.rsrc,.reloc,
02C50000[00014000]
[ M] 174. c:\windows\system32\igfxres.dll
Intel Corporation
igfxres Module
.text,.rdata,.data,.rsrc,.reloc,
03560000[0016F000]
[ M] 175. c:\windows\system32\igfxress.dll
Intel Corporation
igfxress Module
.text,.rdata,.data,.rsrc,.reloc,
021F0000[0000E000]
[ M] 176. c:\windows\system32\igfxsrvc.dll
Intel Corporation
igfxsrvc Module
.text,.orpc,.rdata,.data,.rsrc,.reloc,
60DF0000[0001B000]
[ M] 177. d:\program files\tencent\qq\qdshm.dll
QQDiskShellMenu Module
.text,.rdata,.data,.rsrc,.reloc,
60A10000[000F2000]
[ M] 178. d:\program files\tencent\qq\mfc42.dll
Microsoft Corporation
MFCDLL Shared Library - Retail Version
.text,.rdata,.data,.rsrc,.reloc,
23700000[0001A000]
[ M] 179. d:\program files\rising\rav\rscommon.dll
Beijing Rising Technology Co., Ltd.
Rising Common Function Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
096C0000[0007A000]
[AM] 142. c:\windows\system32\audiodev.dll
Microsoft Corporation
便携媒体设备命令行解释器扩展
.text,.data,.rsrc,.reloc,
無限 - 2007-8-30 13:32:00
+ 00000554(1364) spoolsv.exe
00E60000[00005000]
[ M] 180. c:\windows\system32\spool\prtprocs\w32x86\vprproc.dll
Windows (R) 2000 DDK provider
Windows DDK Print DLL
.text,.data,.rsrc,.reloc,
+ 000005e0(1504) RavStub.exe
00400000[00018000]
[AM] 156. d:\program files\rising\rav\ravstub.exe
Beijing Rising Technology Co., Ltd.
Rising RavStub
.text,.rdata,.data,.rsrc,
10000000[0001B000]
[ M] 181. d:\program files\rising\rav\rscommx.dll
rising
RsCommX
.text,.rdata,.data,.rsrc,.reloc,
23700000[0001A000]
[ M] 179. d:\program files\rising\rav\rscommon.dll
Beijing Rising Technology Co., Ltd.
Rising Common Function Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
+ 00000668(1640) SOUNDMAN.EXE
00400000[00015000]
[AM] 149. c:\windows\soundman.exe
Realtek Semiconductor Corp.
Realtek Sound Manager
.text,.rdata,.data,.sxdata,.rsrc,
10000000[00041200]
[ M] 161. c:\windows\system32\wbjju.ime
北京六合源软件技术有限公司
五笔加加Plus 2.4
.text,.rdata,.data,.rsrc,.reloc,
00AF0000[0006FB0C]
[ M] 162. c:\windows\system32\wbcodeu.dll
WbCodeU
.text,.rdata,.data,.rsrc,.reloc,
00B60000[00044000]
[ M] 163. c:\windows\system32\wbjju.dll
UPX0,UPX1,.rsrc,
012A0000[0001B000]
[ M] 169. d:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 00000690(1680) hkcmd.exe
00400000[00013000]
[AM] 151. c:\windows\system32\hkcmd.exe
Intel Corporation
hkcmd Module
.text,.rdata,.data,.rsrc,
10000000[00013000]
[ M] 173. c:\windows\system32\hccutils.dll
Intel Corporation
hccutils Module
.text,.rdata,.data,.rsrc,.reloc,
003F0000[0000E000]
[ M] 176. c:\windows\system32\igfxsrvc.dll
Intel Corporation
igfxsrvc Module
.text,.orpc,.rdata,.data,.rsrc,.reloc,
00D60000[00041200]
[ M] 161. c:\windows\system32\wbjju.ime
北京六合源软件技术有限公司
五笔加加Plus 2.4
.text,.rdata,.data,.rsrc,.reloc,
00DB0000[0006FB0C]
[ M] 162. c:\windows\system32\wbcodeu.dll
WbCodeU
.text,.rdata,.data,.rsrc,.reloc,
00E20000[00044000]
[ M] 163. c:\windows\system32\wbjju.dll
UPX0,UPX1,.rsrc,
00EF0000[00014000]
[ M] 174. c:\windows\system32\igfxres.dll
Intel Corporation
igfxres Module
.text,.rdata,.data,.rsrc,.reloc,
01590000[0001B000]
[ M] 169. d:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 00000698(1688) igfxpers.exe
00400000[0001D000]
[AM] 152. c:\windows\system32\igfxpers.exe
Intel Corporation
persistence Module
.text,.rdata,.data,.idata,.rsrc,.reloc,
10000000[0000E000]
[ M] 176. c:\windows\system32\igfxsrvc.dll
Intel Corporation
igfxsrvc Module
.text,.orpc,.rdata,.data,.rsrc,.reloc,
00D50000[00041200]
[ M] 161. c:\windows\system32\wbjju.ime
北京六合源软件技术有限公司
五笔加加Plus 2.4
.text,.rdata,.data,.rsrc,.reloc,
00DA0000[0006FB0C]
[ M] 162. c:\windows\system32\wbcodeu.dll
WbCodeU
.text,.rdata,.data,.rsrc,.reloc,
00E10000[00044000]
[ M] 163. c:\windows\system32\wbjju.dll
UPX0,UPX1,.rsrc,
00ED0000[0001B000]
[ M] 169. d:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 000006d8(1752) realsched.exe
00400000[00027000]
[AM] 154. c:\program files\common files\real\update_ob\realsched.exe
RealNetworks, Inc.
RealNetworks Scheduler
.text,.rdata,.data,.rsrc,
10000000[00041200]
[ M] 161. c:\windows\system32\wbjju.ime
北京六合源软件技术有限公司
五笔加加Plus 2.4
.text,.rdata,.data,.rsrc,.reloc,
00960000[0006FB0C]
[ M] 162. c:\windows\system32\wbcodeu.dll
WbCodeU
.text,.rdata,.data,.rsrc,.reloc,
009D0000[00044000]
[ M] 163. c:\windows\system32\wbjju.dll
UPX0,UPX1,.rsrc,
011A0000[0001B000]
[ M] 169. d:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 000007b8(1976) runiep.exe
00400000[00013000]
[AM] 155. d:\program files\rising\antispyware\runiep.exe
Beijing Rising Technology Co., Ltd.
Rising AntiSpyware Monitor
.text,.rdata,.data,.rsrc,
10000000[00041200]
[ M] 161. c:\windows\system32\wbjju.ime
北京六合源软件技术有限公司
五笔加加Plus 2.4
.text,.rdata,.data,.rsrc,.reloc,
00AE0000[0006FB0C]
[ M] 162. c:\windows\system32\wbcodeu.dll
WbCodeU
.text,.rdata,.data,.rsrc,.reloc,
00B50000[00044000]
[ M] 163. c:\windows\system32\wbjju.dll
UPX0,UPX1,.rsrc,
011C0000[0001B000]
[ M] 169. d:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
012F0000[0001D000]
[ M] 164. c:\program files\kvja\xiwn.dll
stdstub
.text,.rdata,.data,.Shared,.rsrc,.reloc,
01310000[00036000]
[ M] 165. c:\program files\kvja\cnbs.dll
stdplay
.text,.rdata,.data,.rsrc,.reloc,
01360000[00020000]
[ M] 160. c:\program files\iesnap\navstub.dll
NAVSTUB
.text,.rdata,.data,.Shared,.rsrc,.reloc,
無限 - 2007-8-30 13:32:00
+ 000007dc(2012) ctfmon.exe
10000000[00041200]
[ M] 161. c:\windows\system32\wbjju.ime
北京六合源软件技术有限公司
五笔加加Plus 2.4
.text,.rdata,.data,.rsrc,.reloc,
00A00000[0006FB0C]
[ M] 162. c:\windows\system32\wbcodeu.dll
WbCodeU
.text,.rdata,.data,.rsrc,.reloc,
00A70000[00044000]
[ M] 163. c:\windows\system32\wbjju.dll
UPX0,UPX1,.rsrc,
01000000[0001B000]
[ M] 169. d:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 000008b4(2228) alg.exe
+ 00000d10(3344) IEXPLORE.EXE
10000000[0001D000]
[ M] 164. c:\program files\kvja\xiwn.dll
stdstub
.text,.rdata,.data,.Shared,.rsrc,.reloc,
00AC0000[00036000]
[ M] 165. c:\program files\kvja\cnbs.dll
stdplay
.text,.rdata,.data,.rsrc,.reloc,
00B10000[00020000]
[ M] 160. c:\program files\iesnap\navstub.dll
NAVSTUB
.text,.rdata,.data,.Shared,.rsrc,.reloc,
00B80000[00041200]
[ M] 161. c:\windows\system32\wbjju.ime
北京六合源软件技术有限公司
五笔加加Plus 2.4
.text,.rdata,.data,.rsrc,.reloc,
00BD0000[0006FB0C]
[ M] 162. c:\windows\system32\wbcodeu.dll
WbCodeU
.text,.rdata,.data,.rsrc,.reloc,
00C70000[00044000]
[ M] 163. c:\windows\system32\wbjju.dll
UPX0,UPX1,.rsrc,
01A80000[0001B000]
[ M] 169. d:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
02D50000[0005C000]
[ M] 182. c:\program files\iesnap\navpref.dll
NAVPREF Module
.text,.rdata,.data,.rsrc,.reloc,
02FB0000[00028000]
[ M] 183. c:\program files\iesnap\navseg.dll
NAVSEG
.text,.rdata,.data,.rsrc,.reloc,
035E0000[0000D000]
[ M] 184. c:\program files\iesnap\navneg.dll
NAVNEG
.text,.rdata,.data,.rsrc,.reloc,
325C0000[00012000]
[AM] 144. c:\program files\microsoft office\office11\msohev.dll
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,.reloc,
03730000[00019000]
[ M] 185. d:\program files\rising\rav\ravscrch.dll
Beijing Rising Technology Co., Ltd.
RavScrCh Module
.text,.rdata,.data,.rsrc,.reloc,
72C80000[00008000]
[ M] 168. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
06190000[00035000]
[ M] 186. c:\windows\system32\xpsp3res.dll
Microsoft Corporation
Service Pack 3 Messages
.rsrc,
30000000[002EE000]
[ M] 187. c:\windows\system32\macromed\flash\flash9b.ocx
Adobe Systems, Inc.
Adobe Flash Player 9.0 r28
.text,.rdata,.data,.rsrc,.reloc,
+ 00000d98(3480) Ras.exe
00400000[0013F000]
[ M] 188. d:\program files\rising\antispyware\ras.exe
Beijing Rising Technology Co., Ltd.
Rising AntiSpyware
.text,.rdata,.data,.rsrc,
10000000[0001D000]
[ M] 164. c:\program files\kvja\xiwn.dll
stdstub
.text,.rdata,.data,.Shared,.rsrc,.reloc,
00EA0000[00036000]
[ M] 165. c:\program files\kvja\cnbs.dll
stdplay
.text,.rdata,.data,.rsrc,.reloc,
00EE0000[00020000]
[ M] 160. c:\program files\iesnap\navstub.dll
NAVSTUB
.text,.rdata,.data,.Shared,.rsrc,.reloc,
00F00000[000A3000]
[ M] 189. d:\program files\rising\antispyware\rasgui.dll
Beijing Rising Technology Co., Ltd.
RasGUI
.text,.rdata,.data,.rsrc,.reloc,
01440000[00041200]
[ M] 161. c:\windows\system32\wbjju.ime
北京六合源软件技术有限公司
五笔加加Plus 2.4
.text,.rdata,.data,.rsrc,.reloc,
01490000[0006FB0C]
[ M] 162. c:\windows\system32\wbcodeu.dll
WbCodeU
.text,.rdata,.data,.rsrc,.reloc,
01500000[00044000]
[ M] 163. c:\windows\system32\wbjju.dll
UPX0,UPX1,.rsrc,
01C00000[0001B000]
[ M] 169. d:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 00000f2c(3884) iexplore.exe
10000000[0001D000]
[ M] 164. c:\program files\kvja\xiwn.dll
stdstub
.text,.rdata,.data,.Shared,.rsrc,.reloc,
00AC0000[00036000]
[ M] 165. c:\program files\kvja\cnbs.dll
stdplay
.text,.rdata,.data,.rsrc,.reloc,
00B10000[00020000]
[ M] 160. c:\program files\iesnap\navstub.dll
NAVSTUB
.text,.rdata,.data,.Shared,.rsrc,.reloc,
00B80000[00041200]
[ M] 161. c:\windows\system32\wbjju.ime
北京六合源软件技术有限公司
五笔加加Plus 2.4
.text,.rdata,.data,.rsrc,.reloc,
00BD0000[0006FB0C]
[ M] 162. c:\windows\system32\wbcodeu.dll
WbCodeU
.text,.rdata,.data,.rsrc,.reloc,
00C70000[00044000]
[ M] 163. c:\windows\system32\wbjju.dll
UPX0,UPX1,.rsrc,
02320000[0001B000]
[ M] 169. d:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
02D30000[0005C000]
[ M] 182. c:\program files\iesnap\navpref.dll
NAVPREF Module
.text,.rdata,.data,.rsrc,.reloc,
02F90000[00028000]
[ M] 183. c:\program files\iesnap\navseg.dll
NAVSEG
.text,.rdata,.data,.rsrc,.reloc,
035C0000[0000D000]
[ M] 184. c:\program files\iesnap\navneg.dll
NAVNEG
.text,.rdata,.data,.rsrc,.reloc,
325C0000[00012000]
[AM] 144. c:\program files\microsoft office\office11\msohev.dll
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,.reloc,
036E0000[00019000]
[ M] 185. d:\program files\rising\rav\ravscrch.dll
Beijing Rising Technology Co., Ltd.
RavScrCh Module
.text,.rdata,.data,.rsrc,.reloc,
無限 - 2007-8-30 13:33:00
Logfile of HijackThis v1.99.1
Scan saved at 13:19:47, on 2007-8-30
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
D:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
D:\Program Files\Rising\Rav\Ravmond.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Rising\Rav\RavStub.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
D:\Program Files\Rising\Rav\RavTask.exe
D:\Program Files\Rising\Rav\Ravmon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Program Files\Rising\AntiSpyware\runiep.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
c:\PROGRA~1\iesnap\navplay.exe
C:\PROGRA~1\INTERN~1\IEXPLORE.EXE
C:\WINDOWS\system32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
d:\Program Files\Rising\AntiSpyware\Ras.exe
D:\HijackThis.exe
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=userinit.exe,
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RavTask] "D:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [runeip] "d:\Program Files\Rising\AntiSpyware\runiep.exe" /startup
O4 - HKLM\..\RunOnce: [RavStub] "D:\Program Files\Rising\Rav\ravstub.exe" /RUNONCE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [bgswitch] C:\WINDOWS\system32\bgswitch.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ表情 - D:\Program Files\Tencent\QQ\AddEmotion.htm
O9 - Extra button: 启动迅雷 - {0062C9BD-B349-40DE-91A0-755F37ACD559} - C:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra 'Tools' menuitem: 启动迅雷 - {0062C9BD-B349-40DE-91A0-755F37ACD559} - C:\Program Files\Thunder Network\Thunder\Thunder.exe
O16 - DPF: {2354A44B-3CEB-4829-9940-545B03103538} (PowerPlr Control) - http://bb.008vod.com/plugin/PowerPlr.ocx
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (CEditCtrl Object) - https://img.alipay.com/download/1009/aliedit.cab
O16 - DPF: {5EC7C511-CD0F-42E6-830C-1BD9882F3458} (PowerPlayer Control) - http://download.ppstream.com/bin/powerplayer.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1150832215049
O16 - DPF: {A3CD7F74-93C9-4BC4-B892-CCDF1514F714} (Submit Class) - https://pbank.95559.com.cn/personbank/ocx/safe.cab
O16 - DPF: {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (Rising Web Scan Object) - http://download.rising.com.cn/register/pcver/autoupgradepad/pcver2007/OL2006.cab
O16 - DPF: {EC0978ED-24E3-403C-AB7A-060E388553E6} (BoBoControl Class) - http://www.17bobo.com/Software/BoBo_ActiveX_V3.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{271C8D3C-DC02-46DE-8533-85580BA07FE7}: NameServer = 202.103.44.150,202.103.24.68
O18 - Protocol: KuGoo - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - C:\WINDOWS\system32\KuGoo3DownXControl.ocx
O18 - Protocol: KuGoo3 - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - C:\WINDOWS\system32\KuGoo3DownXControl.ocx
O20 - AppInit_DLLs: APIHookDll.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - D:\Program Files\Rising\Rav\CCenter.exe
O23 - Service: Rising RealTime Monitor (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\Program Files\Rising\Rav\Ravmond.exe
1
© 2000 - 2026 Rising Corp. Ltd.