瑞星卡卡安全论坛
歪歪胡萝卜 - 2007-9-3 9:36:00
Trojan.PSW.Win32.OnlineGames.yds
Trojan.PSW.Win32.Agent.vcx
这2个病毒每次杀毒都说重新启动后计算机后删除文件,但是每次启动后又出现了
[用户系统信息]Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Leoooo - 2007-9-3 9:49:00
http://download.rising.com.cn/for_down/kakatool/kakasetupv4.exe下载卡卡上网安全助手4.0
1 运行瑞星卡卡上网安全助手
2 诊断求助=》电脑诊断日志
3
选择"文件详细信息"、"文件名相似分析"2个选项4 开始扫描=》导出信息,导成txt格式(也可以是htm格式方便自己看,不过论坛不能上传htm格式)
5 把日志中的报告完整拷贝贴上来(附件形式发上来也可以),不要修改(一次发不完请分次发上来)
6
扫日志的时候尽量把不必要的软件关闭 如QQ TM 迅雷等7 把扫描出来的可疑文件上传给瑞星
http://up.rising.com.cn/webmail/uploadnew.htm
歪歪胡萝卜 - 2007-9-3 10:05:00
瑞星卡卡电脑诊断日志 v1.30 (2007-9-3 9:46:35) 北京瑞星科技股份有限公司
注释:[A]表示该文件存在自启动关联;
[M]表示该文件在内存中;
+ 注册表自运行项目
+ 系统服务
+ HKLM\System\CurrentControlSet\Services
9B10846E
[A ] 1. c:\windows\system32\a1f05791.exe
Microsoft Corporation
.text,.rdata,.data,.rsrc,.aspack,.adata,
RfwProxySrv
[A ] 2. c:\program files\rising\rfw\rfwproxy.exe
Beijing Rising Technology Co., Ltd.
Rising Personal Proxy Service
.text,.rdata,.data,.rsrc,
RfwService
[A ] 3. c:\program files\rising\rfw\rfwsrv.exe
Beijing Rising Technology Co., Ltd.
Rising Personal FireWall Service
.text,.rdata,.data,.rsrc,
rpcapd
[A ] 4. c:\program files\winpcap\rpcapd.exe
.text,.rdata,.data,
RsCCenter
[A ] 5. c:\program files\rising\rav\ccenter.exe
Beijing Rising Technology Co., Ltd.
CCenter
.text,.rdata,.data,.rsrc,
RsRavMon
[A ] 6. c:\program files\rising\rav\ravmond.exe
Beijing Rising Technology Co., Ltd.
RavMond
.text,.rdata,.data,.rsrc,
+ 内核驱动
+ HKLM\System\CurrentControlSet\Services
BaseTDI
[A ] 7. c:\windows\system32\drivers\basetdi.sys
Beijing Rising Technology Co., Ltd.
basetdi
.text,.rdata,.data,INIT,.rsrc,.reloc,
ExpScaner
[A ] 8. c:\program files\rising\rav\expscan.sys
ExpScan.sys
.text,.rdata,.data,INIT,.rsrc,.reloc,
HookCont
[A ] 9. c:\program files\rising\rav\hookcont.sys
Rising
HookCont
.text,.rdata,.data,INIT,.rsrc,.reloc,
HookReg
[A ] 10. c:\program files\rising\rav\hookreg.sys
.text,.rdata,.data,INIT,.rsrc,.reloc,
HookSys
[A ] 11. c:\program files\rising\rav\hooksys.sys
Rising
Hooksys
.text,.rdata,.data,INIT,.rsrc,.reloc,
HookUrl
[A ] 12. c:\program files\rising\rfw\hookurl.sys
Beijing Rising Technology Co., Ltd.
HookUrl
.text,.rdata,.data,INIT,.rsrc,.reloc,
MEMSCAN
[A ] 13. c:\program files\rising\rav\memscan.sys
瑞星软件有限公司
MemScan Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
mProcRs
[A ] 14. c:\program files\rising\rfw\mprocrs.sys
Beijing Rising Technology Co., Ltd.
Rising Personal FireWall mprocrs.sys
.text,.rdata,.data,INIT,.rsrc,.reloc,
NPF
[A ] 15. c:\windows\system32\drivers\npf.sys
CACE Technologies
npf
.text,.rdata,.data,INIT,.rsrc,.reloc,
RsAntiSpyware
[A ] 16. c:\windows\system32\drivers\rsboot.sys
Beijing Rising Technology Co., Ltd.
Anti-RootKit Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
RsFwDrv
[A ] 17. c:\program files\rising\rfw\rsfwdrv.sys
Beijing Rising Technology Co., Ltd.
nt_fwdrv
.text,.rdata,.data,INIT,.rsrc,.reloc,
RsNTGDI
[A ] 18. c:\windows\system32\drivers\rsntgdi.sys
Beijing Rising Technology Co., Ltd.
RsNTGDI
.text,.rdata,INIT,.rsrc,.reloc,
RSPPSYS
[A ] 19. c:\program files\rising\rav\rsppsys.sys
Rising
RSPPSYS
.text,.rdata,.data,INIT,.rsrc,.reloc,
Secdrv
[A ] 20. c:\windows\system32\drivers\secdrv.sys
.text,.data,INIT,.reloc,
+ IE浏览器加载模块
+ HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C}
[A ] 21. c:\windows\system32\kakatool.dll
Beijing Rising Technology Co., Ltd.
Rising AntiSpyware Toolbar
.text,.rdata,.data,MonitorS,.rsrc,.reloc,
+ 资源管理器加载模块
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
HyperTerminal Icon Ext
[A ] 22. c:\windows\system32\hticons.dll
Hilgraeve, Inc.
HyperTerminal Applet Library
.text,.data,.rsrc,.reloc,
RISING
[AM] 23. c:\windows\system32\ravext.dll
Beijing Rising Technology Co., Ltd.
Rising Shell Ext Module
.text,.rdata,.data,.rsrc,.reloc,
WinRAR shell extension
[A ] 24. c:\program files\winrar\rarext.dll
.text,.data,.tls,.idata,.edata,.rsrc,.reloc,
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
{32CD708B-60A7-4C00-9377-D73EAA495F0F}
[AM] 23. c:\windows\system32\ravext.dll
Beijing Rising Technology Co., Ltd.
Rising Shell Ext Module
.text,.rdata,.data,.rsrc,.reloc,
{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}
[AM] 25. c:\windows\system32\shlhook.dll
Beijing Rising Technology Co., Ltd.
shlhook Module
.text,.rdata,.data,.rsrc,.reloc,
+ 用户登陆自运行项目
+ HKLM\Software\Microsoft\Windows\CurrentVersion\Run
RavTask
[A ] 26. c:\program files\rising\rav\ravtask.exe
Beijing Rising Technology Co., Ltd.
RavTimer
.text,.rdata,.data,.rsrc,
RfwMain
[A ] 27. c:\program files\rising\rfw\rfwmain.exe
Beijing Rising Technology Co., Ltd.
Rising Personal FireWall Main Program
.text,.rdata,.data,.rsrc,
mppds
[A ] 28. c:\windows\mppds.exe
.text,.rdata,.data,.rsrc,
Kvsc3
[A ] 29. c:\windows\kvsc3.exe
UPX0,UPX1,.rsrc,
AVPSrv
[A ] 30. c:\windows\avpsrv.exe
UPX0,UPX1,.rsrc,
DiskMan32
[A ] 31. c:\windows\diskman32.exe
UPX0,UPX1,.rsrc,
cmdbcs
[A ] 32. c:\windows\cmdbcs.exe
UPX0,UPX1,.rsrc,
upxdnd
[A ] 33. c:\windows\upxdnd.exe
.text,.rdata,.data,.rsrc,
msccrt
[A ] 34. c:\windows\msccrt.exe
UPX0,UPX1,.rsrc,
runeip
[A ] 35. c:\program files\rising\antispyware\runiep.exe
Beijing Rising Technology Co., Ltd.
Rising AntiSpyware Monitor
.text,.rdata,.data,.rsrc,
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
KKDelay
[A ] 36. c:\program files\rising\antispyware\runonce.exe
Beijing Rising Technology Co., Ltd.
RunOnce Application
.text,.rdata,.data,.rsrc,
+ 开机执行
+ HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order
BootExecute
[A ] 37. c:\windows\system32\bsmain.exe
Beijing Rising Technology Co., Ltd.
BootScan
.text,.data,.rsrc,.reloc,
[A ] 38. c:\windows\system32\kknative.exe
Beijing Rising Technology Co., Ltd.
NativeAp
.text,.data,.rsrc,.reloc,
歪歪胡萝卜 - 2007-9-3 10:06:00
+ 其他自启动项目
+ c:\autorun.inf
open
[A ] 39. c:\auto.exe
Microsoft Corporation
.text,.rdata,.data,.rsrc,.aspack,.adata,
shellexecute
[A ] 39. c:\auto.exe
Microsoft Corporation
.text,.rdata,.data,.rsrc,.aspack,.adata,
shell\Auto\command
[A ] 39. c:\auto.exe
Microsoft Corporation
.text,.rdata,.data,.rsrc,.aspack,.adata,
+ d:\autorun.inf
open
[A ] 40. d:\auto.exe
Microsoft Corporation
.text,.rdata,.data,.rsrc,.aspack,.adata,
shellexecute
[A ] 40. d:\auto.exe
Microsoft Corporation
.text,.rdata,.data,.rsrc,.aspack,.adata,
shell\Auto\command
[A ] 40. d:\auto.exe
Microsoft Corporation
.text,.rdata,.data,.rsrc,.aspack,.adata,
+ e:\autorun.inf
open
[A ] 41. e:\auto.exe
Microsoft Corporation
.text,.rdata,.data,.rsrc,.aspack,.adata,
shellexecute
[A ] 41. e:\auto.exe
Microsoft Corporation
.text,.rdata,.data,.rsrc,.aspack,.adata,
shell\Auto\command
[A ] 41. e:\auto.exe
Microsoft Corporation
.text,.rdata,.data,.rsrc,.aspack,.adata,
+ 正在运行的进程
+ 0000019c(412) smss.exe
+ 000001dc(476) csrss.exe
10000000[0000C000]
[ M] 42. c:\windows\system32\fd2b3792.dll
Microsoft Corporation
.text,.rdata,.data,.rsrc,.reloc,
037A0000[00019000]
[ M] 43. c:\documents and settings\wj\local settings\temp\rsv3.tmp
Beijing Rising Tech. Co., Ltd.
Protect ApiHook Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
+ 000001f4(500) winlogon.exe
72C80000[00008000]
[ M] 44. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
10000000[0000C000]
[ M] 42. c:\windows\system32\fd2b3792.dll
Microsoft Corporation
.text,.rdata,.data,.rsrc,.reloc,
00B80000[00019000]
[ M] 43. c:\documents and settings\wj\local settings\temp\rsv3.tmp
Beijing Rising Tech. Co., Ltd.
Protect ApiHook Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
+ 00000220(544) services.exe
10000000[0000C000]
[ M] 42. c:\windows\system32\fd2b3792.dll
Microsoft Corporation
.text,.rdata,.data,.rsrc,.reloc,
007C0000[00019000]
[ M] 43. c:\documents and settings\wj\local settings\temp\rsv3.tmp
Beijing Rising Tech. Co., Ltd.
Protect ApiHook Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
+ 0000022c(556) lsass.exe
10000000[0004E000]
[ M] 45. c:\windows\system32\tcpipdog0.dll
.text,.rdata,.data,.idata,.inidata,.reloc,
00FF0000[0000C000]
[ M] 42. c:\windows\system32\fd2b3792.dll
Microsoft Corporation
.text,.rdata,.data,.rsrc,.reloc,
00920000[00019000]
[ M] 43. c:\documents and settings\wj\local settings\temp\rsv3.tmp
Beijing Rising Tech. Co., Ltd.
Protect ApiHook Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
+ 000002c4(708) svchost.exe
10000000[0000C000]
[ M] 42. c:\windows\system32\fd2b3792.dll
Microsoft Corporation
.text,.rdata,.data,.rsrc,.reloc,
00D60000[00019000]
[ M] 43. c:\documents and settings\wj\local settings\temp\rsv3.tmp
Beijing Rising Tech. Co., Ltd.
Protect ApiHook Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
+ 000002f0(752) svchost.exe
10000000[0004E000]
[ M] 45. c:\windows\system32\tcpipdog0.dll
.text,.rdata,.data,.idata,.inidata,.reloc,
00B60000[0000C000]
[ M] 42. c:\windows\system32\fd2b3792.dll
Microsoft Corporation
.text,.rdata,.data,.rsrc,.reloc,
009E0000[00019000]
[ M] 43. c:\documents and settings\wj\local settings\temp\rsv3.tmp
Beijing Rising Tech. Co., Ltd.
Protect ApiHook Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
+ 00000330(816) CCenter.exe
10000000[0000C000]
[ M] 42. c:\windows\system32\fd2b3792.dll
Microsoft Corporation
.text,.rdata,.data,.rsrc,.reloc,
00970000[00019000]
[ M] 43. c:\documents and settings\wj\local settings\temp\rsv3.tmp
Beijing Rising Tech. Co., Ltd.
Protect ApiHook Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
+ 00000344(836) svchost.exe
10000000[0004E000]
[ M] 45. c:\windows\system32\tcpipdog0.dll
.text,.rdata,.data,.idata,.inidata,.reloc,
01ED0000[0000C000]
[ M] 42. c:\windows\system32\fd2b3792.dll
Microsoft Corporation
.text,.rdata,.data,.rsrc,.reloc,
00D20000[00019000]
[ M] 43. c:\documents and settings\wj\local settings\temp\rsv3.tmp
Beijing Rising Tech. Co., Ltd.
Protect ApiHook Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
+ 0000036c(876) svchost.exe
10000000[0000C000]
[ M] 42. c:\windows\system32\fd2b3792.dll
Microsoft Corporation
.text,.rdata,.data,.rsrc,.reloc,
00930000[0004E000]
[ M] 45. c:\windows\system32\tcpipdog0.dll
.text,.rdata,.data,.idata,.inidata,.reloc,
00CD0000[00019000]
[ M] 43. c:\documents and settings\wj\local settings\temp\rsv3.tmp
Beijing Rising Tech. Co., Ltd.
Protect ApiHook Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
+ 0000039c(924) runiep.exe
00BF0000[0001B000]
[ M] 46. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
10000000[0000A000]
[ M] 47. c:\windows\system32\fphgxx.dll
.text,.rdata,.data,sdt,.reloc,
00D20000[0000A000]
[ M] 48. c:\windows\system32\mppds.dll
.text,.rdata,.data,sdt,.reloc,
00D40000[0000B000]
[ M] 49. c:\windows\system32\dtkakp.dll
.text,.rdata,.data,sdata,.reloc,
00D60000[0000A000]
[ M] 50. c:\windows\system32\brlxjg.dll
.text,.rdata,.data,sdt,.reloc,
00DA0000[0000A000]
[ M] 51. c:\windows\system32\msimms32.dll
00D70000[00008000]
[ M] 52. c:\windows\system32\dbghlp32.dll
00DB0000[0000A000]
[ M] 53. c:\windows\system32\cmdbcs.dll
.text,.rdata,.data,sdt,.reloc,
00DC0000[0000B000]
[ M] 54. c:\windows\system32\tdtgam.dll
.text,.rdata,.data,sdata,.reloc,
00D50000[0000A000]
[ M] 55. c:\windows\system32\gvindu.dll
.text,.rdata,.data,sdt,.reloc,
00ED0000[00019000]
[ M] 43. c:\documents and settings\wj\local settings\temp\rsv3.tmp
Beijing Rising Tech. Co., Ltd.
Protect ApiHook Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
歪歪胡萝卜 - 2007-9-3 10:07:00
+ 000003b8(952) svchost.exe
10000000[0000C000]
[ M] 42. c:\windows\system32\fd2b3792.dll
Microsoft Corporation
.text,.rdata,.data,.rsrc,.reloc,
00AF0000[0004E000]
[ M] 45. c:\windows\system32\tcpipdog0.dll
.text,.rdata,.data,.idata,.inidata,.reloc,
00E60000[00019000]
[ M] 43. c:\documents and settings\wj\local settings\temp\rsv3.tmp
Beijing Rising Tech. Co., Ltd.
Protect ApiHook Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
+ 00000400(1024) Ravmond.exe
10000000[0002E000]
[ M] 56. c:\program files\rising\rav\bwlist.dll
Beijing Rising Technology Co., Ltd.
BWList DLL
.text,.rdata,.data,.rsrc,.reloc,
00730000[0001B000]
[ M] 57. c:\program files\rising\rav\rscommx.dll
rising
RsCommX
.text,.rdata,.data,.rsrc,.reloc,
00B60000[0000F000]
[ M] 58. c:\program files\rising\rav\rfwctrl.dll
Beijing Rising Technology Co., Ltd.
RfwCtrl DLL
.text,.rdata,.data,.rsrc,.reloc,
00B70000[0000D000]
[ M] 59. c:\program files\rising\rav\rsppsys.dll
Beijing Rising Technology Co., Ltd.
RSPPSYS Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
00B90000[0000E000]
[ M] 60. c:\program files\rising\rav\rsappmgr.dll
Beijing Rising Technology Co., Ltd.
Rising Application Manager
.text,.rdata,.data,.rsrc,.reloc,
08CC0000[0002F000]
[ M] 61. c:\program files\rising\rav\cfgdll.dll
Beijing Rising Technology Co., Ltd.
CfgDll
.text,.rdata,.data,.rsrc,.reloc,
23700000[0001A000]
[ M] 62. c:\program files\rising\rav\rscommon.dll
Beijing Rising Technology Co., Ltd.
Rising Common Function Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
08F50000[0000B000]
[ M] 63. c:\program files\rising\rav\rslog.dll
Beijing Rising Technology Co., Ltd.
RsLog DLL
.text,.rdata,.data,.rsrc,.reloc,
08F60000[0000D000]
[ M] 64. c:\program files\rising\rav\hooksys.dll
Beijing Rising Technology Co., Ltd.
HOOKSYS Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
09090000[00029000]
[ M] 65. c:\program files\rising\rav\scanner.dll
Beijing Rising Technology Co., Ltd.
RsScanner
.text,.rdata,.data,.rsrc,.reloc,
13100000[0002E000]
[ M] 66. c:\program files\rising\rav\libload.dll
Beijing Rising Technology Co., Ltd.
LibLoad
.text,.rdata,.data,.rsrc,.reloc,
091F0000[0002C000]
[ M] 67. c:\program files\rising\rav\viruslib.dll
Beijing Rising Technology Co., Ltd.
VirusLib
.text,.rdata,.data,.rsrc,.reloc,
09330000[00010000]
[ M] 68. c:\program files\rising\rav\regmon.dll
Beijing Rising Technology Co., Ltd.
regmon
.text,.rdata,.data,.rsrc,.reloc,
731B0000[0000A000]
[ M] 69. c:\program files\rising\rav\psapi.dll
Microsoft Corporation
Process Status Helper
.text,.rdata,.data,.rsrc,.reloc,
09580000[0000D000]
[ M] 70. c:\program files\rising\rav\hookweb.dll
Beijing Rising Technology Co., Ltd.
HookWeb
.text,.rdata,.data,.rsrc,.reloc,
096A0000[00014000]
[ M] 71. c:\program files\rising\rav\memmon.dll
Beijing Rising Technology Co., Ltd.
MemMon
.text,.rdata,.data,.rsrc,.reloc,
096D0000[0000E000]
[ M] 72. c:\program files\rising\rav\expscan.dll
Beijing Rising Technology Co., Ltd.
ExpScan.dll
.text,.rdata,.data,.rsrc,.reloc,
096F0000[00012000]
[ M] 73. c:\program files\rising\rav\mports.dll
Beijing Rising Technology Co., Ltd.
mPorts.dll
.text,.rdata,.data,.rsrc,.reloc,
09900000[0000D000]
[ M] 74. c:\program files\rising\rav\hookcont.dll
Rising
HookCont Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
09920000[00085000]
[ M] 75. c:\program files\rising\rav\spameng.dll
SpamEng Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
099C0000[0003C000]
[ M] 76. c:\program files\rising\rav\engine.dll
Beijing Rising Technology Co., Ltd.
engine
.text,.rdata,.data,.rsrc,.reloc,
09B10000[0004E000]
[ M] 45. c:\windows\system32\tcpipdog0.dll
.text,.rdata,.data,.idata,.inidata,.reloc,
0A5C0000[0002B000]
[ M] 77. c:\program files\rising\rav\posttrt.dll
Beijing Rising Technology Co., Ltd.
PostTrt
.text,.rdata,.data,.rsrc,.reloc,
0A600000[002DC000]
[ M] 78. c:\program files\rising\rav\unexe.dll
Beijing Rising Technology Co., Ltd.
UnExe
.text,.rdata,.data,.rsrc,.reloc,
13AB0000[00038000]
[ M] 79. c:\program files\rising\rav\scanexec.dll
Beijing Rising Technology Co., Ltd.
ScanExec
.text,.rdata,.data,.rsrc,.reloc,
0AB20000[0003C000]
[ M] 80. c:\program files\rising\rav\scanex.dll
Beijing Rising Technology Co., Ltd.
ScanEX
.text,.rdata,.data,.rsrc,.reloc,
0B060000[000D6000]
[ M] 81. c:\program files\rising\rav\extfile.dll
Beijing Rising Technology Co., Ltd.
extFile Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
0B150000[0001C000]
[ M] 82. c:\program files\rising\rav\nvfile.dll
Beijing Rising Technology Co., Ltd.
NVFile
.text,.rdata,.data,.rsrc,.reloc,
歪歪胡萝卜 - 2007-9-3 10:08:00
13AF0000[00020000]
[ M] 83. c:\program files\rising\rav\scanmac.dll
Beijing Rising Technology Co., Ltd.
ScanMac
.text,.rdata,.data,.rsrc,.reloc,
0B1D0000[00029000]
[ M] 84. c:\program files\rising\rav\scansct.dll
Beijing Rising Technology Co., Ltd.
ScanSct
.text,.rdata,.data,.rsrc,.reloc,
0C390000[0003A000]
[ M] 85. c:\program files\rising\rav\scanpack.dll
Beijing Rising Technology Co., Ltd.
Unpack Engine
.text,.rdata,.data,.rsrc,.reloc,
0C4C0000[000B5000]
[ M] 86. c:\program files\rising\rav\rsvm.dll
RSVM Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
0E750000[000F4000]
[ M] 87. c:\program files\rising\rav\uroutine.dll
Beijing Rising Technology Co., Ltd.
Unpack Routine
.text,.rdata,.data,.rsrc,.reloc,
0F870000[00063000]
[ M] 88. c:\program files\rising\rav\uscript.dll
Beijing Rising Technology Co., Ltd.
Unpack Script
.text,.rdata,.data,.rsrc,.reloc,
0A310000[00014000]
[ M] 89. c:\program files\rising\rav\rsstore.dll
Beijing Rising Technology Co., Ltd.
RSStore
.text,.rdata,.data,.rsrc,.reloc,
10A60000[00013000]
[ M] 90. c:\program files\rising\rav\scannet.dll
Beijing Rising Technology Co., Ltd.
ScanNet
.text,.rdata,.data,.rsrc,.reloc,
+ 0000046c(1132) rfwsrv.exe
10000000[0000B000]
[ M] 91. c:\program files\rising\rfw\rfwrule.dll
Beijing Rising Technology Co., Ltd.
rule DLL
.text,.rdata,.data,.rsrc,.reloc,
003E0000[00008000]
[ M] 92. c:\program files\rising\rfw\rfwlog.dll
Beijing Rising Technology Co., Ltd.
Rising Personal FireWall Logfile DLL
.text,.rdata,.data,.rsrc,.reloc,
00810000[00011000]
[ M] 93. c:\program files\rising\rfw\rfwdrv.dll
Beijing Rising Technology Co., Ltd.
Rising Personal FireWall Driver DLL
.text,.rdata,.data,.rsrc,.reloc,
731B0000[0000A000]
[ M] 94. c:\program files\rising\rfw\psapi.dll
Microsoft Corporation
Process Status Helper
.text,.rdata,.data,.rsrc,.reloc,
00930000[00011000]
[ M] 95. c:\program files\rising\rfw\mondrv.dll
rs
MonDrv
.text,.rdata,.data,.rsrc,.reloc,
00B60000[00010000]
[ M] 96. c:\program files\rising\rfw\proclib.dll
Beijing Rising Technology Co., Ltd.
Rising Personal FireWall ProcLib.dll
.text,.rdata,.data,.rsrc,.reloc,
01550000[00012000]
[ M] 97. c:\program files\rising\rfw\mports.dll
Beijing Rising Technology Co., Ltd.
mPorts.dll
.text,.rdata,.data,.rsrc,.reloc,
01920000[0000C000]
[ M] 42. c:\windows\system32\fd2b3792.dll
Microsoft Corporation
.text,.rdata,.data,.rsrc,.reloc,
01940000[00019000]
[ M] 43. c:\documents and settings\wj\local settings\temp\rsv3.tmp
Beijing Rising Tech. Co., Ltd.
Protect ApiHook Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
+ 000004b0(1200) ctfmon.exe
00A90000[0001B000]
[ M] 46. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
10000000[0000A000]
[ M] 48. c:\windows\system32\mppds.dll
.text,.rdata,.data,sdt,.reloc,
00A60000[0000A000]
[ M] 47. c:\windows\system32\fphgxx.dll
.text,.rdata,.data,sdt,.reloc,
00AC0000[0000B000]
[ M] 49. c:\windows\system32\dtkakp.dll
.text,.rdata,.data,sdata,.reloc,
00AD0000[0000A000]
[ M] 50. c:\windows\system32\brlxjg.dll
.text,.rdata,.data,sdt,.reloc,
00B40000[0000A000]
[ M] 51. c:\windows\system32\msimms32.dll
00A70000[00008000]
[ M] 52. c:\windows\system32\dbghlp32.dll
00B50000[0000A000]
[ M] 53. c:\windows\system32\cmdbcs.dll
.text,.rdata,.data,sdt,.reloc,
00A80000[0000B000]
[ M] 54. c:\windows\system32\tdtgam.dll
.text,.rdata,.data,sdata,.reloc,
00A50000[0000A000]
[ M] 55. c:\windows\system32\gvindu.dll
.text,.rdata,.data,sdt,.reloc,
00C70000[00019000]
[ M] 43. c:\documents and settings\wj\local settings\temp\rsv3.tmp
Beijing Rising Tech. Co., Ltd.
Protect ApiHook Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
+ 00000530(1328) Explorer.EXE
72C80000[00008000]
[ M] 44. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
01770000[0000C000]
[ M] 42. c:\windows\system32\fd2b3792.dll
Microsoft Corporation
.text,.rdata,.data,.rsrc,.reloc,
01B90000[0001B000]
[ M] 46. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
01C00000[0004E000]
[ M] 45. c:\windows\system32\tcpipdog0.dll
.text,.rdata,.data,.idata,.inidata,.reloc,
10000000[0000A000]
[ M] 48. c:\windows\system32\mppds.dll
.text,.rdata,.data,sdt,.reloc,
歪歪胡萝卜 - 2007-9-3 10:08:00
01B70000[0000A000]
[ M] 47. c:\windows\system32\fphgxx.dll
.text,.rdata,.data,sdt,.reloc,
01F40000[0000A000]
[ M] 50. c:\windows\system32\brlxjg.dll
.text,.rdata,.data,sdt,.reloc,
01F50000[0000B000]
[ M] 49. c:\windows\system32\dtkakp.dll
.text,.rdata,.data,sdata,.reloc,
01250000[0000A000]
[ M] 51. c:\windows\system32\msimms32.dll
01F90000[0000A000]
[ M] 53. c:\windows\system32\cmdbcs.dll
.text,.rdata,.data,sdt,.reloc,
02060000[00008000]
[ M] 52. c:\windows\system32\dbghlp32.dll
02090000[0000B000]
[ M] 54. c:\windows\system32\tdtgam.dll
.text,.rdata,.data,sdata,.reloc,
01260000[0000A000]
[ M] 55. c:\windows\system32\gvindu.dll
.text,.rdata,.data,sdt,.reloc,
01600000[00019000]
[ M] 43. c:\documents and settings\wj\local settings\temp\rsv3.tmp
Beijing Rising Tech. Co., Ltd.
Protect ApiHook Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
23700000[0001A000]
[ M] 62. c:\program files\rising\rav\rscommon.dll
Beijing Rising Technology Co., Ltd.
Rising Common Function Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
00B80000[0001B000]
[AM] 23. c:\windows\system32\ravext.dll
Beijing Rising Technology Co., Ltd.
Rising Shell Ext Module
.text,.rdata,.data,.rsrc,.reloc,
00BA0000[00011000]
[AM] 25. c:\windows\system32\shlhook.dll
Beijing Rising Technology Co., Ltd.
shlhook Module
.text,.rdata,.data,.rsrc,.reloc,
+ 000005a4(1444) spoolsv.exe
10000000[0000C000]
[ M] 42. c:\windows\system32\fd2b3792.dll
Microsoft Corporation
.text,.rdata,.data,.rsrc,.reloc,
00980000[00019000]
[ M] 43. c:\documents and settings\wj\local settings\temp\rsv3.tmp
Beijing Rising Tech. Co., Ltd.
Protect ApiHook Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
+ 000006a8(1704) RfwMain.exe
26600000[0007D000]
[ M] 98. c:\program files\rising\rfw\rsguilib.dll
Beijing Rising Technology Co., Ltd.
Rising GUI Library Loader
.text,.rdata,.data,.rsrc,.reloc,
23700000[0001A000]
[ M] 99. c:\program files\rising\rfw\rscommon.dll
Beijing Rising Technology Co., Ltd.
Rising Common Function Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
10000000[0000F000]
[ M] 100. c:\program files\rising\rfw\rfwctrl.dll
Beijing Rising Technology Co., Ltd.
RfwCtrl DLL
.text,.rdata,.data,.rsrc,.reloc,
23800000[0001A000]
[ M] 101. c:\program files\rising\rfw\rsxml.dll
Beijing Rising Technology Co., Ltd.
RsXML
.text,.rdata,.data,.rsrc,.reloc,
23900000[00031000]
[ M] 102. c:\program files\rising\rfw\pngdll.dll
Beijing Rising Technology Co., Ltd.
Rising .Png File Loader Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
011F0000[0001B000]
[ M] 46. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
01370000[0000A000]
[ M] 47. c:\windows\system32\fphgxx.dll
.text,.rdata,.data,sdt,.reloc,
01380000[0000A000]
[ M] 48. c:\windows\system32\mppds.dll
.text,.rdata,.data,sdt,.reloc,
01320000[0000B000]
[ M] 49. c:\windows\system32\dtkakp.dll
.text,.rdata,.data,sdata,.reloc,
01340000[0000A000]
[ M] 50. c:\windows\system32\brlxjg.dll
.text,.rdata,.data,sdt,.reloc,
015E0000[0000A000]
[ M] 51. c:\windows\system32\msimms32.dll
01350000[0000A000]
[ M] 53. c:\windows\system32\cmdbcs.dll
.text,.rdata,.data,sdt,.reloc,
015F0000[00008000]
[ M] 52. c:\windows\system32\dbghlp32.dll
01600000[0000B000]
[ M] 54. c:\windows\system32\tdtgam.dll
.text,.rdata,.data,sdata,.reloc,
01330000[0000A000]
[ M] 55. c:\windows\system32\gvindu.dll
.text,.rdata,.data,sdt,.reloc,
+ 00000750(1872) RavTask.exe
23700000[0001A000]
[ M] 62. c:\program files\rising\rav\rscommon.dll
Beijing Rising Technology Co., Ltd.
Rising Common Function Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
10000000[0000E000]
[ M] 60. c:\program files\rising\rav\rsappmgr.dll
Beijing Rising Technology Co., Ltd.
Rising Application Manager
.text,.rdata,.data,.rsrc,.reloc,
08A00000[0002F000]
[ M] 61. c:\program files\rising\rav\cfgdll.dll
Beijing Rising Technology Co., Ltd.
CfgDll
.text,.rdata,.data,.rsrc,.reloc,
08C90000[0001B000]
[ M] 57. c:\program files\rising\rav\rscommx.dll
rising
RsCommX
.text,.rdata,.data,.rsrc,.reloc,
08E20000[0001B000]
[ M] 46. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
08DF0000[0000A000]
[ M] 47. c:\windows\system32\fphgxx.dll
.text,.rdata,.data,sdt,.reloc,
08E50000[0000A000]
[ M] 48. c:\windows\system32\mppds.dll
.text,.rdata,.data,sdt,.reloc,
08E80000[0000B000]
[ M] 49. c:\windows\system32\dtkakp.dll
.text,.rdata,.data,sdata,.reloc,
08FB0000[0000A000]
[ M] 50. c:\windows\system32\brlxjg.dll
.text,.rdata,.data,sdt,.reloc,
08FE0000[0000A000]
[ M] 51. c:\windows\system32\msimms32.dll
08FC0000[0000A000]
[ M] 53. c:\windows\system32\cmdbcs.dll
.text,.rdata,.data,sdt,.reloc,
09270000[00008000]
[ M] 52. c:\windows\system32\dbghlp32.dll
08FD0000[0000B000]
[ M] 54. c:\windows\system32\tdtgam.dll
.text,.rdata,.data,sdata,.reloc,
08E90000[0000A000]
[ M] 55. c:\windows\system32\gvindu.dll
.text,.rdata,.data,sdt,.reloc,
+ 00000778(1912) Ravmon.exe
26600000[0007C000]
[ M] 103. c:\program files\rising\rav\rsguilib.dll
Beijing Rising Technology Co., Ltd.
Rising GUI Library Loader
.text,.rdata,.data,.rsrc,.reloc,
10000000[0002E000]
[ M] 56. c:\program files\rising\rav\bwlist.dll
Beijing Rising Technology Co., Ltd.
BWList DLL
.text,.rdata,.data,.rsrc,.reloc,
003E0000[0000E000]
[ M] 60. c:\program files\rising\rav\rsappmgr.dll
Beijing Rising Technology Co., Ltd.
Rising Application Manager
.text,.rdata,.data,.rsrc,.reloc,
08A10000[0002F000]
[ M] 61. c:\program files\rising\rav\cfgdll.dll
Beijing Rising Technology Co., Ltd.
CfgDll
.text,.rdata,.data,.rsrc,.reloc,
23700000[0001A000]
[ M] 62. c:\program files\rising\rav\rscommon.dll
Beijing Rising Technology Co., Ltd.
Rising Common Function Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
08CB0000[0001B000]
[ M] 57. c:\program files\rising\rav\rscommx.dll
rising
RsCommX
.text,.rdata,.data,.rsrc,.reloc,
23800000[0001A000]
[ M] 104. c:\program files\rising\rav\rsxml.dll
Beijing Rising Technology Co., Ltd.
RsXML
.text,.rdata,.data,.rsrc,.reloc,
23900000[00031000]
[ M] 105. c:\program files\rising\rav\pngdll.dll
Beijing Rising Technology Co., Ltd.
Rising .Png File Loader Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
09940000[0001B000]
[ M] 46. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
09A80000[0000A000]
[ M] 48. c:\windows\system32\mppds.dll
.text,.rdata,.data,sdt,.reloc,
歪歪胡萝卜 - 2007-9-3 10:09:00
09AA0000[0000A000]
[ M] 47. c:\windows\system32\fphgxx.dll
.text,.rdata,.data,sdt,.reloc,
09AD0000[0000B000]
[ M] 49. c:\windows\system32\dtkakp.dll
.text,.rdata,.data,sdata,.reloc,
09AE0000[0000A000]
[ M] 50. c:\windows\system32\brlxjg.dll
.text,.rdata,.data,sdt,.reloc,
09B10000[0000A000]
[ M] 51. c:\windows\system32\msimms32.dll
09AB0000[00008000]
[ M] 52. c:\windows\system32\dbghlp32.dll
09B20000[0000A000]
[ M] 53. c:\windows\system32\cmdbcs.dll
.text,.rdata,.data,sdt,.reloc,
09AC0000[0000B000]
[ M] 54. c:\windows\system32\tdtgam.dll
.text,.rdata,.data,sdata,.reloc,
09A90000[0000A000]
[ M] 55. c:\windows\system32\gvindu.dll
.text,.rdata,.data,sdt,.reloc,
+ 00000884(2180) wscntfy.exe
10000000[0001B000]
[ M] 46. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
00900000[0000A000]
[ M] 47. c:\windows\system32\fphgxx.dll
.text,.rdata,.data,sdt,.reloc,
00920000[0000A000]
[ M] 48. c:\windows\system32\mppds.dll
.text,.rdata,.data,sdt,.reloc,
00950000[0000B000]
[ M] 49. c:\windows\system32\dtkakp.dll
.text,.rdata,.data,sdata,.reloc,
00960000[0000A000]
[ M] 50. c:\windows\system32\brlxjg.dll
.text,.rdata,.data,sdt,.reloc,
00980000[0000A000]
[ M] 51. c:\windows\system32\msimms32.dll
00930000[00008000]
[ M] 52. c:\windows\system32\dbghlp32.dll
00990000[0000A000]
[ M] 53. c:\windows\system32\cmdbcs.dll
.text,.rdata,.data,sdt,.reloc,
00940000[0000B000]
[ M] 54. c:\windows\system32\tdtgam.dll
.text,.rdata,.data,sdata,.reloc,
00910000[0000A000]
[ M] 55. c:\windows\system32\gvindu.dll
.text,.rdata,.data,sdt,.reloc,
00AC0000[00019000]
[ M] 43. c:\documents and settings\wj\local settings\temp\rsv3.tmp
Beijing Rising Tech. Co., Ltd.
Protect ApiHook Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
+ 00000924(2340) alg.exe
10000000[0004E000]
[ M] 45. c:\windows\system32\tcpipdog0.dll
.text,.rdata,.data,.idata,.inidata,.reloc,
006E0000[00019000]
[ M] 43. c:\documents and settings\wj\local settings\temp\rsv3.tmp
Beijing Rising Tech. Co., Ltd.
Protect ApiHook Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
+ 00000a00(2560) conime.exe
10000000[0000A000]
[ M] 55. c:\windows\system32\gvindu.dll
.text,.rdata,.data,sdt,.reloc,
00AA0000[0001B000]
[ M] 46. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
00B10000[0000B000]
[ M] 54. c:\windows\system32\tdtgam.dll
.text,.rdata,.data,sdata,.reloc,
00B20000[00008000]
[ M] 52. c:\windows\system32\dbghlp32.dll
00B30000[0000A000]
[ M] 53. c:\windows\system32\cmdbcs.dll
.text,.rdata,.data,sdt,.reloc,
00B50000[0000A000]
[ M] 51. c:\windows\system32\msimms32.dll
00B60000[0000B000]
[ M] 49. c:\windows\system32\dtkakp.dll
.text,.rdata,.data,sdata,.reloc,
00B70000[0000A000]
[ M] 50. c:\windows\system32\brlxjg.dll
.text,.rdata,.data,sdt,.reloc,
00B80000[0000A000]
[ M] 47. c:\windows\system32\fphgxx.dll
.text,.rdata,.data,sdt,.reloc,
00B90000[0000A000]
[ M] 48. c:\windows\system32\mppds.dll
.text,.rdata,.data,sdt,.reloc,
00CC0000[00019000]
[ M] 43. c:\documents and settings\wj\local settings\temp\rsv3.tmp
Beijing Rising Tech. Co., Ltd.
Protect ApiHook Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
+ 00000aa8(2728) ishare_user.exe
00400000[00025000]
[ M] 106. c:\program files\dr.com宽带认证客户端\ishare_user.exe
.text,.rdata,.data,.rsrc,
10000000[0004E000]
[ M] 45. c:\windows\system32\tcpipdog0.dll
.text,.rdata,.data,.idata,.inidata,.reloc,
00CF0000[0001B000]
[ M] 46. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
00E50000[0000A000]
[ M] 48. c:\windows\system32\mppds.dll
.text,.rdata,.data,sdt,.reloc,
00E20000[0000A000]
[ M] 47. c:\windows\system32\fphgxx.dll
.text,.rdata,.data,sdt,.reloc,
00E80000[0000B000]
[ M] 49. c:\windows\system32\dtkakp.dll
.text,.rdata,.data,sdata,.reloc,
00E90000[0000A000]
[ M] 50. c:\windows\system32\brlxjg.dll
.text,.rdata,.data,sdt,.reloc,
01100000[0000A000]
[ M] 51. c:\windows\system32\msimms32.dll
00E60000[0000A000]
[ M] 53. c:\windows\system32\cmdbcs.dll
.text,.rdata,.data,sdt,.reloc,
01110000[00008000]
[ M] 52. c:\windows\system32\dbghlp32.dll
00E70000[0000B000]
[ M] 54. c:\windows\system32\tdtgam.dll
.text,.rdata,.data,sdata,.reloc,
00E40000[0000A000]
[ M] 55. c:\windows\system32\gvindu.dll
.text,.rdata,.data,sdt,.reloc,
01230000[00019000]
[ M] 43. c:\documents and settings\wj\local settings\temp\rsv3.tmp
Beijing Rising Tech. Co., Ltd.
Protect ApiHook Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
+ 00000ae8(2792) iexplore.exe
10000000[00019000]
[ M] 43. c:\documents and settings\wj\local settings\temp\rsv3.tmp
Beijing Rising Tech. Co., Ltd.
Protect ApiHook Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
歪歪胡萝卜 - 2007-9-3 10:09:00
01D60000[0001B000]
[ M] 46. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
01E80000[0000A000]
[ M] 55. c:\windows\system32\gvindu.dll
.text,.rdata,.data,sdt,.reloc,
01E90000[0000B000]
[ M] 54. c:\windows\system32\tdtgam.dll
.text,.rdata,.data,sdata,.reloc,
01EB0000[0000A000]
[ M] 53. c:\windows\system32\cmdbcs.dll
.text,.rdata,.data,sdt,.reloc,
01EC0000[0000B000]
[ M] 49. c:\windows\system32\dtkakp.dll
.text,.rdata,.data,sdata,.reloc,
01ED0000[0000A000]
[ M] 50. c:\windows\system32\brlxjg.dll
.text,.rdata,.data,sdt,.reloc,
01EE0000[0000A000]
[ M] 47. c:\windows\system32\fphgxx.dll
.text,.rdata,.data,sdt,.reloc,
01EF0000[0000A000]
[ M] 48. c:\windows\system32\mppds.dll
.text,.rdata,.data,sdt,.reloc,
72C80000[00008000]
[ M] 44. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
02250000[0004E000]
[ M] 45. c:\windows\system32\tcpipdog0.dll
.text,.rdata,.data,.idata,.inidata,.reloc,
022D0000[00019000]
[ M] 107. c:\program files\rising\rav\ravscrch.dll
Beijing Rising Technology Co., Ltd.
RavScrCh Module
.text,.rdata,.data,.rsrc,.reloc,
03D50000[0018D000]
[ M] 108. c:\windows\system32\macromed\flash\flash.ocx
Macromedia, Inc.
Macromedia Flash Player 6.0 r79
.text,.rdata,.data,.data1,.CRT,.rsrc,.reloc,
+ 00000c50(3152) SREngPS.EXE
00400000[0040D000]
[ M] 109. e:\下载\sreng2\srengps.exe
Smallfrogs Studio
System Repair Engineer
.text,.rsrc,
10000000[00019000]
[ M] 43. c:\documents and settings\wj\local settings\temp\rsv3.tmp
Beijing Rising Tech. Co., Ltd.
Protect ApiHook Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
012B0000[0001B000]
[ M] 46. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
013D0000[0000A000]
[ M] 55. c:\windows\system32\gvindu.dll
.text,.rdata,.data,sdt,.reloc,
013E0000[0000B000]
[ M] 54. c:\windows\system32\tdtgam.dll
.text,.rdata,.data,sdata,.reloc,
01400000[0000A000]
[ M] 53. c:\windows\system32\cmdbcs.dll
.text,.rdata,.data,sdt,.reloc,
01410000[0000B000]
[ M] 49. c:\windows\system32\dtkakp.dll
.text,.rdata,.data,sdata,.reloc,
01420000[0000A000]
[ M] 50. c:\windows\system32\brlxjg.dll
.text,.rdata,.data,sdt,.reloc,
01430000[0000A000]
[ M] 47. c:\windows\system32\fphgxx.dll
.text,.rdata,.data,sdt,.reloc,
01440000[0000A000]
[ M] 48. c:\windows\system32\mppds.dll
.text,.rdata,.data,sdt,.reloc,
01660000[00015000]
[ M] 110. e:\下载\sreng2\upload\3rdupd.dll
Smallfrogs Studio
System Repair Engineer 3rd Upload Module Demo
.text,.rdata,.data,.rsrc,.reloc,
01C80000[0004E000]
[ M] 45. c:\windows\system32\tcpipdog0.dll
.text,.rdata,.data,.idata,.inidata,.reloc,
+ 00000c54(3156) Ras.exe
10000000[00019000]
[ M] 43. c:\documents and settings\wj\local settings\temp\rsv3.tmp
Beijing Rising Tech. Co., Ltd.
Protect ApiHook Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
00D80000[000A3000]
[ M] 111. c:\program files\rising\antispyware\rasgui.dll
Beijing Rising Technology Co., Ltd.
RasGUI
.text,.rdata,.data,.rsrc,.reloc,
015A0000[0001B000]
[ M] 46. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
016C0000[0000A000]
[ M] 55. c:\windows\system32\gvindu.dll
.text,.rdata,.data,sdt,.reloc,
016F0000[0000B000]
[ M] 54. c:\windows\system32\tdtgam.dll
.text,.rdata,.data,sdata,.reloc,
01700000[0000A000]
[ M] 53. c:\windows\system32\cmdbcs.dll
.text,.rdata,.data,sdt,.reloc,
01710000[0000B000]
[ M] 49. c:\windows\system32\dtkakp.dll
.text,.rdata,.data,sdata,.reloc,
01720000[0000A000]
[ M] 50. c:\windows\system32\brlxjg.dll
.text,.rdata,.data,sdt,.reloc,
01730000[0000A000]
[ M] 47. c:\windows\system32\fphgxx.dll
.text,.rdata,.data,sdt,.reloc,
01740000[0000A000]
[ M] 48. c:\windows\system32\mppds.dll
.text,.rdata,.data,sdt,.reloc,
01DA0000[0004E000]
[ M] 45. c:\windows\system32\tcpipdog0.dll
.text,.rdata,.data,.idata,.inidata,.reloc,
+ 00000f20(3872) nslookupi.exe
00400000[0004E000]
[ M] 112. c:\windows\system32\nslookupi.exe
10000000[00041000]
[ M] 113. c:\windows\system32\wpcap.dll
CACE Technologies
wpcap - Based on libpcap 0.9.3
.text,.rdata,.data,.rsrc,.reloc,
00390000[00015000]
[ M] 114. c:\windows\system32\packet.dll
CACE Technologies
Packet
.text,.rdata,.data,.rsrc,.reloc,
003B0000[00010000]
[ M] 115. c:\windows\system32\wanpacket.dll
CACE Technologies
WanPacket
.text,.rdata,.data,.rsrc,.reloc,
0FFA0000[00019000]
[ M] 43. c:\documents and settings\wj\local settings\temp\rsv3.tmp
Beijing Rising Tech. Co., Ltd.
Protect ApiHook Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
Leoooo - 2007-9-3 10:22:00
c:\windows\system32\a1f05791.exe
c:\program files\winpcap\rpcapd.exe
c:\windows\kvsc3.exe
c:\windows\mppds.exe
c:\windows\avpsrv.exe
c:\windows\diskman32.exe
c:\windows\cmdbcs.exe
c:\windows\upxdnd.exe
c:\windows\msccrt.exe
c:\auto.exe
d:\auto.exe
e:\auto.exe
c:\windows\system32\fd2b3792.dll
c:\windows\system32\tcpipdog0.dll
c:\windows\system32\fphgxx.dll
c:\windows\system32\mppds.dll
c:\windows\system32\dtkakp.dll
c:\windows\system32\brlxjg.dll
c:\windows\system32\msimms32.dll
c:\windows\system32\dbghlp32.dll
c:\windows\system32\cmdbcs.dll
c:\windows\system32\tdtgam.dll
c:\windows\system32\gvindu.dll
先将这些可疑文件上传给瑞星
http://up.rising.com.cn/webmail/uploadnew.htm确认
然后自己隔离这些文件或者慎重删除。
1
© 2000 - 2026 Rising Corp. Ltd.