瑞星卡卡安全论坛
老爱中毒的机器 - 2007-9-4 15:38:00
粘贴上日志请帮忙看看
瑞星卡卡电脑诊断日志 v1.30 (2007-9-4 15:20:58) 北京瑞星科技股份有限公司
注释: [A]表示该文件存在自启动关联;
[M]表示该文件在内存中;
+ 注册表自运行项目
+ 系统服务
+ HKLM\System\CurrentControlSet\Services
Adobe LM Service
[A ] 1. c:\program files\common files\adobe systems shared\service\adobelmsvc.exe
Adobe Systems
System Level Service Utility
.text,.rdata,.data,.rsrc,
aspnet_state
[A ] 2. c:\windows\microsoft.net\framework\v1.1.4322\aspnet_state.exe
Microsoft Corporation
aspnet_state.exe
.text,.data,.rsrc,
C-DillaCdaC11BA
[AM] 3. c:\windows\system32\drivers\cdac11ba.exe
Macrovision
Macrovision RTS Service
.text,.rdata,.data,.rsrc,
Macromedia Licensing Service
[A ] 4. c:\program files\common files\macromedia shared\service\macromedia licensing.exe
System Level Service Utilty
.text,.rdata,.data,.rsrc,
ms_2fax
[AM] 5. c:\windows\system32\4dad1.exe
.text,.rdata,.data,.rsrc,
ose
[A ] 6. c:\program files\common files\microsoft shared\source engine\ose.exe
Microsoft Corporation
Office Source Engine
.text,.data,.rsrc,
RfwProxySrv
[A ] 7. c:\program files\rising\rfw\rfwproxy.exe
Beijing Rising Technology Co., Ltd.
Rising Personal Proxy Service
.text,.rdata,.data,.rsrc,
RfwService
[A ] 8. c:\program files\rising\rfw\rfwsrv.exe
Beijing Rising Technology Co., Ltd.
Rising Personal FireWall Service
.text,.rdata,.data,.rsrc,
RsCCenter
[A ] 9. c:\program files\rising\rav\ccenter.exe
Beijing Rising Technology Co., Ltd.
CCenter
.text,.rdata,.data,.rsrc,
RsRavMon
[A ] 10. c:\program files\rising\rav\ravmond.exe
Beijing Rising Technology Co., Ltd.
RavMond
.text,.rdata,.data,.rsrc,
[用户系统信息]Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
老爱中毒的机器 - 2007-9-4 15:39:00
+ 内核驱动
+ HKLM\System\CurrentControlSet\Services
a320raid
[A ] 11. c:\windows\system32\drivers\a320raid.sys
Adaptec, Inc.
Adaptec HostRAID for Ultra320 SCSI
.text,.rdata,.data,INIT,.rsrc,.reloc,
aar1210
[A ] 12. c:\windows\system32\drivers\aar1210.sys
Adaptec, Inc.
Adaptec HostRAID for Serial ATA
.text,.rdata,.data,INIT,.rsrc,.reloc,
adpu320
[A ] 13. c:\windows\system32\drivers\adpu320.sys
Adaptec, Inc.
Adaptec Win2K/XP/Server2003 Ultra320 SCSI Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
aec6210
[A ] 14. c:\windows\system32\drivers\aec6210.sys
ACARD Technology Corp.
.text,.data,.idata,.rsrc,.reloc,
aec6260
[A ] 15. c:\windows\system32\drivers\aec6260.sys
ACARD Technology Corp.
ID=0006, 0007
.text,.rdata,.data,INIT,.rsrc,.reloc,
aec6280
[A ] 16. c:\windows\system32\drivers\aec6280.sys
ACARD Technology Corp.
AEC6280 Miniport Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
AEC6890
[A ] 17. c:\windows\system32\drivers\aec6890.sys
ACARD Technology Corp.
AEC6880/90 PCI Ultra ATA133 RAID Adapter Driver
.text,.rdata,INIT,.rsrc,.reloc,
aec68x5
[A ] 18. c:\windows\system32\drivers\aec68x5.sys
ACARD Technology Corp.
AEC6885/95/96 PCI ATA133 4 Channel RAID Adapter Driver
.text,.rdata,INIT,.rsrc,.reloc,
ALCXSENS
[A ] 19. c:\windows\system32\drivers\alcxsens.sys
Sensaura Ltd
Sensaura WDM 3D Audio Driver
.text,page,init,.data,init,INIT,.rsrc,.reloc,
ALCXWDM
[A ] 20. c:\windows\system32\drivers\alcxwdm.sys
Realtek Semiconductor Corp.
Realtek AC'97 Audio Driver (WDM)
.text,.rdata,.data,.CRT,.data1,PAGE,INIT,.rsrc,.reloc,
BaseTDI
[A ] 21. c:\windows\system32\drivers\basetdi.sys
Beijing Rising Technology Co., Ltd.
basetdi
.text,.rdata,.data,INIT,.rsrc,.reloc,
CdaC15BA
[A ] 22. c:\windows\system32\drivers\cdac15ba.sys
Macrovision Europe Ltd
Macrovision SECURITY Driver
.text,.data,INIT,.rsrc,.reloc,
cnprov
[A ] 23. c:\windows\system32\drivers\cnprov.sys
中国互联网络信息中心(CNNIC)
国际化域名辅助模块
.text,.data,INIT,.rsrc,.reloc,
ExpScaner
[A ] 24. c:\program files\rising\rav\expscan.sys
ExpScan.sys
.text,.rdata,.data,INIT,.rsrc,.reloc,
fasttrak
[A ] 25. c:\windows\system32\drivers\fasttrak.sys
Promise Technology, Inc.
Promise FastTrak Series Driver for WinXP
.text,.rdata,.data,INIT,.rsrc,.reloc,
老爱中毒的机器 - 2007-9-4 15:40:00
fasttx2k
[A ] 26. c:\windows\system32\drivers\fasttx2k.sys
Promise Technology, Inc.
Promise Driver for Windows XP
.text,.rdata,.data,INIT,.rsrc,.reloc,
fasttx2k2
[A ] 27. c:\windows\system32\drivers\fasttx2k2.sys
Promise Technology, Inc.
Promise FastTrak Series Driver for WindowsXP
.text,.rdata,.data,INIT,.rsrc,.reloc,
HookCont
[A ] 28. c:\program files\rising\rav\hookcont.sys
Rising
HookCont
.text,.rdata,.data,INIT,.rsrc,.reloc,
HookReg
[A ] 29. c:\program files\rising\rav\hookreg.sys
.text,.rdata,.data,INIT,.rsrc,.reloc,
HookSys
[A ] 30. c:\program files\rising\rav\hooksys.sys
Rising
Hooksys
.text,.rdata,.data,INIT,.rsrc,.reloc,
HookUrl
[A ] 31. c:\program files\rising\rfw\hookurl.sys
Beijing Rising Technology Co., Ltd.
HookUrl
.text,.rdata,.data,INIT,.rsrc,.reloc,
Hpt366
[A ] 32. c:\windows\system32\drivers\hpt366.sys
Microsoft Corporation
ATAPI IDE Miniport Driver
.text,.data,INIT,.rsrc,.reloc,
HPT371
[A ] 33. c:\windows\system32\drivers\hpt371.sys
HighPoint Technologies, Inc.
HPT3xx Miniport Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
hpt374
[A ] 34. c:\windows\system32\drivers\hpt374.sys
HighPoint Technologies, Inc.
HPT374 Miniport Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
hpt3xx
[A ] 35. c:\windows\system32\drivers\hpt3xx.sys
HighPoint Technologies, Inc.
HPT3xx Miniport Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
hptmv
[A ] 36. c:\windows\system32\drivers\hptmv.sys
HighPoint Technologies, Inc.
hptmv Miniport Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
hptpro
[A ] 37. c:\windows\system32\drivers\hptpro.sys
HighPoint Technologies, Inc.
Hptpro
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
ialm
[A ] 38. c:\windows\system32\drivers\ialmnt5.sys
Intel Corporation
Intel Graphics Miniport Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
iaStor
[A ] 39. c:\windows\system32\drivers\iastor.sys
Intel Corporation
Intel Application Accelerator driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
iteraid
[A ] 40. c:\windows\system32\drivers\iteraid.sys
Integrated Technology Express, Inc.
ITE IT8212 ATA RAID SCSI miniport
.text,.rdata,.data,INIT,.rsrc,.reloc,
m5228
[A ] 41. c:\windows\system32\drivers\m5228.sys
ALi Corporation.
M5228 ATA RAID Controller Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
m5281
[A ] 42. c:\windows\system32\drivers\m5281.sys
ALi Corporation
M5281 SATA RAID Controller Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
MegaIDE
[A ] 43. c:\windows\system32\drivers\megaide.sys
LSI Logic Corporation.
LSI MegaRAID IDE Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
老爱中毒的机器 - 2007-9-4 15:41:00
MEMSCAN
[A ] 44. c:\program files\rising\rav\memscan.sys
Beijing Rising Technology Co., Ltd.
MemScan Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
mProcRs
[A ] 45. c:\program files\rising\rfw\mprocrs.sys
Beijing Rising Technology Co., Ltd.
Rising Personal FireWall mprocrs.sys
.text,.rdata,.data,INIT,.rsrc,.reloc,
mraid2k
[A ] 46. c:\windows\system32\drivers\mraid2k.sys
American Megatrends, Inc.
MEGARAID SCSI Controller Driver for Windows 2000 PAE
.text,.rdata,.data,INIT,.rsrc,.reloc,
mxdispdr
[A ] 47. c:\windows\system32\drivers\mxdispdr.sys
.text,.rdata,.data,INIT,.reloc,
nmpkg
[A ] 48. c:\windows\system32\drivers\nmpkg.sys
Pnp680
[A ] 49. c:\windows\system32\drivers\pnp680.sys
Silicon Image, Inc.
DMA capable ATA miniport driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
Pnp680r
[A ] 50. c:\windows\system32\drivers\pnp680r.sys
Silicon Image, Inc
DMA capable ATA RAID miniport driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
RsAntiSpyware
[A ] 51. c:\windows\system32\drivers\rsboot.sys
Beijing Rising Technology Co., Ltd.
Anti-RootKit Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
RsFwDrv
[A ] 52. c:\program files\rising\rfw\rsfwdrv.sys
Beijing Rising Technology Co., Ltd.
nt_fwdrv
.text,.rdata,.data,INIT,.rsrc,.reloc,
RsNTGDI
[A ] 53. c:\windows\system32\drivers\rsntgdi.sys
Beijing Rising Technology Co., Ltd.
RsNTGDI
.text,.rdata,INIT,.rsrc,.reloc,
RSPPSYS
[A ] 54. c:\program files\rising\rav\rsppsys.sys
Rising
RSPPSYS.SYS
.text,.rdata,.data,INIT,.rsrc,.reloc,
Secdrv
[A ] 55. c:\windows\system32\drivers\secdrv.sys
Macrovision Europe Ltd
Macrovision SECURITY Driver
.text,.data,INIT,.rsrc,.reloc,
shrgj
[A ] 56. c:\windows\system32\drivers\shrgj.sys
北京三七二一科技有限公司
sys 应用程序
.text,.rdata,.data,INIT,.rsrc,.reloc,
SI3112
[A ] 57. c:\windows\system32\drivers\si3112.sys
Silicon Image, Inc.
Serial ATA miniport driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
SI3112r
[A ] 58. c:\windows\system32\drivers\si3112r.sys
Silicon Image, Inc
Serial ATA RAID Miniport Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
SI3114
[A ] 59. c:\windows\system32\drivers\si3114.sys
Silicon Image, Inc.
Serial ATA miniport driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
SI3114r
[A ] 60. c:\windows\system32\drivers\si3114r.sys
Silicon Image, Inc
SATARAID Miniport Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
SI3124
[A ] 61. c:\windows\system32\drivers\si3124.sys
Silicon Image, Inc.
Serial ATA miniport driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
SI3124r
[A ] 62. c:\windows\system32\drivers\si3124r.sys
Silicon Image, Inc
SATARAID miniport driver (PRE-RELEASE)
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
SiFilter
[A ] 63. c:\windows\system32\drivers\siwinacc.sys
Silicon Image, Inc.
Windows Accelerator Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
SiSRaid
[A ] 64. c:\windows\system32\drivers\sisraid.sys
Silicon Integrated Systems
SiS RAID Miniport Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
SiSRaid1
[A ] 65. c:\windows\system32\drivers\sisraid1.sys
Silicon Integrated Systems
SiS RAID Miniport Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
sptrak
[A ] 66. c:\windows\system32\drivers\sptrak.sys
Promise Technology, Inc.
Promise SuperTrak Family Driver for WindowsNT
.text,.rdata,.data,INIT,.rsrc,.reloc,
UlSata
[A ] 67. c:\windows\system32\drivers\ulsata.sys
Promise Technology, Inc.
Promise Ultra/Sata Series Driver for WinXP
.text,.rdata,.data,INIT,.rsrc,.reloc,
老爱中毒的机器 - 2007-9-4 15:42:00
viapdsk
[A ] 68. c:\windows\system32\drivers\viapdsk.sys
VIA Technologies, Inc.
VIA VT4149 PATA Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
viaraid
[A ] 69. c:\windows\system32\drivers\viaraid.sys
VIA Technologies inc,.ltd
VT6410 RAID DRIVER FOR WINXP
.text,.rdata,.data,INIT,.rsrc,.reloc,
viasraid
[A ] 70. c:\windows\system32\drivers\viasraid.sys
VIA Technologies inc,.ltd
VIA SATA RAID DRIVER FOR WINXP
.text,.rdata,.data,INIT,.rsrc,.reloc,
vmscsi
[A ] 71. c:\windows\system32\drivers\vmscsi.sys
VMware, Inc.
VMware SCSI Controller
.text,.rdata,.data,INIT,.rsrc,.reloc,
zqf9f
[A ] 72. c:\windows\system32\drivers\zqf9f.sys
+ 系统登陆自运行
+ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
igfxcui
[AM] 73. c:\windows\system32\igfxsrvc.dll
Intel Corporation
igfxsrvc Module
.text,.rdata,.data,.rsrc,.reloc,
+ IE浏览器加载模块
+ HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C}
[A ] 74. c:\windows\system32\kakatool.dll
Beijing Rising Technology Co., Ltd.
Rising AntiSpyware Toolbar
.text,.rdata,.data,MonitorS,.rsrc,.reloc,
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
{95279A0A-B7FA-4877-9571-BF0F27F79272}
[A ] 75. c:\windows\system32\e4d1.dll
TODO: <公司名>
TODO: <文件说明>
.text,.rdata,.data,.rsrc,.reloc,
+ 资源管理器加载模块
+ HKLM\SOFTWARE\Classes\PROTOCOLS\Filter
application/octet-stream
[A ] 76. c:\windows\system32\mscoree.dll
Microsoft Corporation
Microsoft .NET Runtime Execution Engine
.text,.data,.rsrc,.reloc,
application/x-complus
[A ] 76. c:\windows\system32\mscoree.dll
Microsoft Corporation
Microsoft .NET Runtime Execution Engine
.text,.data,.rsrc,.reloc,
application/x-msdownload
[A ] 76. c:\windows\system32\mscoree.dll
Microsoft Corporation
Microsoft .NET Runtime Execution Engine
.text,.data,.rsrc,.reloc,
text/xml
[A ] 77. c:\program files\common files\microsoft shared\office11\msoxmlmf.dll
Microsoft Corporation
Microsoft Office XML MIME Filter
.text,.data,.rsrc,.reloc,
+ HKLM\SOFTWARE\Classes\PROTOCOLS\Handler
mso-offdap11
[A ] 78. c:\program files\common files\microsoft shared\web components\11\owc11.dll
Microsoft Corporation
Microsoft Office Web Components 2003
.text,.data,.rtext,Shared,.rsrc,.reloc,
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
HyperTerminal Icon Ext
[A ] 79. c:\windows\system32\hticons.dll
Hilgraeve, Inc.
HyperTerminal Applet Library
.text,.data,.rsrc,.reloc,
WinRAR shell extension
[AM] 80. c:\program files\winrar\rarext.dll
.text,.data,.tls,.idata,.edata,.rsrc,.reloc,
老爱中毒的机器 - 2007-9-4 15:44:00
Web Folders
[A ] 81. c:\program files\common files\microsoft shared\web folders\msonsext.dll
Microsoft Corporation
Microsoft Web Folders
.text,.data,.rsrc,.reloc,
Microsoft Office HTML Icon Handler
[A ] 82. c:\program files\microsoft office\office11\msohev.dll
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,.reloc,
AutoCAD 数字签名图标覆盖处理程序
[AM] 83. c:\windows\system32\acsignicon.dll
Autodesk
AcSignIcon Module
.text,.rdata,.data,.rsrc,.reloc,
Autodesk Drawing Preview
[A ] 84. c:\program files\common files\autodesk shared\thumbnail\acthumbnail16.dll
Autodesk
AcThumbnail Module
.text,.rdata,.data,.rsrc,.reloc,
RISING
[AM] 85. c:\windows\system32\ravext.dll
Beijing Rising Technology Co., Ltd.
Rising Shell Ext Module
.text,.rdata,.data,.rsrc,.reloc,
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
{32CD708B-60A7-4C00-9377-D73EAA495F0F}
[AM] 85. c:\windows\system32\ravext.dll
Beijing Rising Technology Co., Ltd.
Rising Shell Ext Module
.text,.rdata,.data,.rsrc,.reloc,
+ 用户登陆自运行项目
+ HKLM\Software\Microsoft\Windows\CurrentVersion\Run
runeip
[AM] 86. c:\program files\rising\antispyware\runiep.exe
Beijing Rising Technology Co., Ltd.
Rising AntiSpyware Monitor
.text,.rdata,.data,.rsrc,
IgfxTray
[AM] 87. c:\windows\system32\igfxtray.exe
Intel Corporation
igfxTray Module
.text,.rdata,.data,.rsrc,
HotKeysCmds
[AM] 88. c:\windows\system32\hkcmd.exe
Intel Corporation
hkcmd Module
.text,.rdata,.data,.rsrc,
RfwMain
[AM] 89. c:\program files\rising\rfw\rfwmain.exe
Beijing Rising Technology Co., Ltd.
Rising Personal FireWall Main Program
.text,.rdata,.data,.rsrc,
RavTask
[A ] 90. c:\program files\rising\rav\ravtask.exe
Beijing Rising Technology Co., Ltd.
RavTimer
.text,.rdata,.data,.rsrc,
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
KKDelay
[A ] 91. c:\program files\rising\antispyware\runonce.exe
Beijing Rising Technology Co., Ltd.
RunOnce Application
.text,.rdata,.data,.rsrc,
+ 开机执行
+ HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order
BootExecute
[A ] 92. c:\windows\system32\bsmain.exe
Beijing Rising Technology Co., Ltd.
BootScan
.text,.data,.rsrc,.reloc,
[A ] 93. c:\windows\system32\kknative.exe
Beijing Rising Technology Co., Ltd.
NativeAp
.text,.data,.rsrc,.reloc,
+ 映像劫持
+ HKCR\.exe
exefile\启用/禁用数字签名图标\Command
[A ] 94. c:\windows\system32\acsignopt.exe
Autodesk
AcSignOpt Module
.text,.rdata,.data,.rsrc,
+ HKCR\.html
htmlfile\Edit\Command
[A ] 95. c:\program files\microsoft office\office11\msohtmed.exe
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,
htmlfile\Print\Command
[A ] 95. c:\program files\microsoft office\office11\msohtmed.exe
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,
+ HKCR\.htm
htmlfile\Edit\Command
[A ] 95. c:\program files\microsoft office\office11\msohtmed.exe
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,
htmlfile\Print\Command
[A ] 95. c:\program files\microsoft office\office11\msohtmed.exe
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,
+ 打印机监控
+ HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
Microsoft Document Imaging Writer Monitor
[AM] 96. c:\windows\system32\mdimon.dll
Microsoft Corporation
Microsoft? Document Imaging
.text,.data,.rsrc,.reloc,
+ 其他自启动项目
+ C:\Documents and Settings\Administrator\「开始」菜单\程序\启动
金山词霸 2006.lnk
[AM] 97. c:\program files\kingsoft\powerword 2006\xdictoem.exe
Kingsoft Co, Ltd.
Kingsoft PowerWord 2006
UPX0,UPX1,.rsrc,
Foxmail.lnk
[AM] 98. c:\program files\tencent\foxmail\foxmail.exe
Tencent Inc.
Internet Mail Client
CODE,DATA,BSS,.idata,.edata,.tls,.rdata,.reloc,.rsrc,
+ C:\Documents and Settings\Administrator\「开始」菜单\程序\启动
金山词霸 2006.lnk
[AM] 97. c:\program files\kingsoft\powerword 2006\xdictoem.exe
Kingsoft Co, Ltd.
Kingsoft PowerWord 2006
UPX0,UPX1,.rsrc,
Foxmail.lnk
[AM] 98. c:\program files\tencent\foxmail\foxmail.exe
Tencent Inc.
Internet Mail Client
CODE,DATA,BSS,.idata,.edata,.tls,.rdata,.reloc,.rsrc,
+ C:\Documents and Settings\Administrator\「开始」菜单\程序\启动
金山词霸 2006.lnk
[AM] 97. c:\program files\kingsoft\powerword 2006\xdictoem.exe
Kingsoft Co, Ltd.
Kingsoft PowerWord 2006
UPX0,UPX1,.rsrc,
Foxmail.lnk
[AM] 98. c:\program files\tencent\foxmail\foxmail.exe
Tencent Inc.
Internet Mail Client
CODE,DATA,BSS,.idata,.edata,.tls,.rdata,.reloc,.rsrc,
+ 正在运行的进程
+ 000000c8(200) RfwMain.exe
00400000[00073000]
[AM] 89. c:\program files\rising\rfw\rfwmain.exe
Beijing Rising Technology Co., Ltd.
Rising Personal FireWall Main Program
.text,.rdata,.data,.rsrc,
26600000[0007D000]
[ M] 99. c:\program files\rising\rfw\rsguilib.dll
Beijing Rising Technology Co., Ltd.
Rising GUI Library Loader
.text,.rdata,.data,.rsrc,.reloc,
23700000[0001A000]
[ M] 100. c:\program files\rising\rfw\rscommon.dll
Beijing Rising Technology Co., Ltd.
Rising Common Function Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
10000000[0000F000]
[ M] 101. c:\program files\rising\rfw\rfwctrl.dll
Beijing Rising Technology Co., Ltd.
RfwCtrl DLL
.text,.rdata,.data,.rsrc,.reloc,
23800000[0001A000]
[ M] 102. c:\program files\rising\rfw\rsxml.dll
Beijing Rising Technology Co., Ltd.
RsXML
.text,.rdata,.data,.rsrc,.reloc,
23900000[00031000]
[ M] 103. c:\program files\rising\rfw\pngdll.dll
Beijing Rising Technology Co., Ltd.
Rising .Png File Loader Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
01330000[0001B000]
[ M] 104. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 000001b0(432) smss.exe
+ 000001f8(504) csrss.exe
+ 00000210(528) winlogon.exe
72C80000[00008000]
[ M] 105. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
027F0000[00058000]
[AM] 73. c:\windows\system32\igfxsrvc.dll
Intel Corporation
igfxsrvc Module
.text,.rdata,.data,.rsrc,.reloc,
00D80000[0001E000]
[ M] 106. c:\windows\system32\hccutils.dll
Intel Corporation
hccutils Module
.text,.rdata,.data,.rsrc,.reloc,
+ 0000023c(572) services.exe
+ 00000248(584) lsass.exe
+ 000002b8(696) alg.exe
+ 000002dc(732) svchost.exe
+ 00000308(776) svchost.exe
+ 00000378(888) svchost.exe
+ 000003b0(944) hkcmd.exe
00400000[00022000]
[AM] 88. c:\windows\system32\hkcmd.exe
Intel Corporation
hkcmd Module
.text,.rdata,.data,.rsrc,
10000000[0001E000]
[ M] 106. c:\windows\system32\hccutils.dll
Intel Corporation
hccutils Module
.text,.rdata,.data,.rsrc,.reloc,
00A80000[00024000]
[ M] 107. c:\windows\system32\igfxdev.dll
Intel Corporation
igfxdev Module
.text,.rdata,.data,.rsrc,.reloc,
00B50000[00058000]
[AM] 73. c:\windows\system32\igfxsrvc.dll
Intel Corporation
igfxsrvc Module
.text,.rdata,.data,.rsrc,.reloc,
00BD0000[0001B000]
[ M] 104. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
00D10000[00022000]
[ M] 108. c:\windows\system32\igfxhk.dll
Intel Corporation
igfxhk Module
.text,.rdata,.data,.rsrc,.reloc,
00D50000[00024000]
[ M] 109. c:\windows\system32\igfxres.dll
Intel Corporation
xxxxres Module
.text,.rdata,.data,.rsrc,.reloc,
+ 000003d4(980) svchost.exe
+ 00000438(1080) svchost.exe
+ 00000564(1380) spoolsv.exe
00AE0000[00008000]
[AM] 96. c:\windows\system32\mdimon.dll
Microsoft Corporation
Microsoft? Document Imaging
.text,.data,.rsrc,.reloc,
00AF0000[00008000]
[ M] 110. c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll
Microsoft Corporation
Microsoft? Document Imaging
.text,.data,.rsrc,.reloc,
老爱中毒的机器 - 2007-9-4 15:50:00
+ 000005c0(1472) RavStub.exe
00400000[00018000]
[ M] 111. c:\program files\rising\rav\ravstub.exe
Beijing Rising Technology Co., Ltd.
Rising RavStub
.text,.rdata,.data,.rsrc,
10000000[0001B000]
[ M] 112. c:\program files\rising\rav\rscommx.dll
rising
RsCommX
.text,.rdata,.data,.rsrc,.reloc,
23700000[0001A000]
[ M] 113. c:\program files\rising\rav\rscommon.dll
Beijing Rising Technology Co., Ltd.
Rising Common Function Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
+ 00000610(1552) runiep.exe
00400000[00013000]
[AM] 86. c:\program files\rising\antispyware\runiep.exe
Beijing Rising Technology Co., Ltd.
Rising AntiSpyware Monitor
.text,.rdata,.data,.rsrc,
00C10000[0001B000]
[ M] 104. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 00000620(1568) igfxtray.exe
00400000[0002B000]
[AM] 87. c:\windows\system32\igfxtray.exe
Intel Corporation
igfxTray Module
.text,.rdata,.data,.rsrc,
10000000[0001E000]
[ M] 106. c:\windows\system32\hccutils.dll
Intel Corporation
hccutils Module
.text,.rdata,.data,.rsrc,.reloc,
00AA0000[00024000]
[ M] 107. c:\windows\system32\igfxdev.dll
Intel Corporation
igfxdev Module
.text,.rdata,.data,.rsrc,.reloc,
00B70000[0001B000]
[ M] 104. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
00CA0000[00058000]
[AM] 73. c:\windows\system32\igfxsrvc.dll
Intel Corporation
igfxsrvc Module
.text,.rdata,.data,.rsrc,.reloc,
00D20000[00024000]
[ M] 109. c:\windows\system32\igfxres.dll
Intel Corporation
xxxxres Module
.text,.rdata,.data,.rsrc,.reloc,
00D60000[00131000]
[ M] 114. c:\windows\system32\igfxress.dll
Intel Corporation
igfxress Module
.text,.rdata,.data,.rsrc,.reloc,
+ 000006a4(1700) CDAC11BA.EXE
00400000[00012000]
[AM] 3. c:\windows\system32\drivers\cdac11ba.exe
Macrovision
Macrovision RTS Service
.text,.rdata,.data,.rsrc,
+ 000007f4(2036) Explorer.EXE
62830000[00026000]
[AM] 83. c:\windows\system32\acsignicon.dll
Autodesk
AcSignIcon Module
.text,.rdata,.data,.rsrc,.reloc,
10000000[0001B000]
[AM] 85. c:\windows\system32\ravext.dll
Beijing Rising Technology Co., Ltd.
Rising Shell Ext Module
.text,.rdata,.data,.rsrc,.reloc,
00FD0000[00015000]
[ M] 115. c:\windows\system32\bu72.dll
.text,.rdata,.data,.reloc,
628E0000[00039000]
[ M] 116. c:\program files\common files\autodesk shared\acsigncore16.dll
Autodesk
AcSignCore Module
.text,.orpc,.rdata,.data,.rsrc,.reloc,
01AA0000[0001B000]
[ M] 104. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
72C80000[00008000]
[ M] 105. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
23700000[0001A000]
[ M] 113. c:\program files\rising\rav\rscommon.dll
Beijing Rising Technology Co., Ltd.
Rising Common Function Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
00F60000[0003C000]
[ M] 117. c:\windows\system32\igfxpph.dll
Intel Corporation
igfxpph Module
.text,.rdata,.data,.rsrc,.reloc,
01290000[0001E000]
[ M] 106. c:\windows\system32\hccutils.dll
Intel Corporation
hccutils Module
.text,.rdata,.data,.rsrc,.reloc,
018A0000[00024000]
[ M] 109. c:\windows\system32\igfxres.dll
Intel Corporation
xxxxres Module
.text,.rdata,.data,.rsrc,.reloc,
02C60000[00058000]
[AM] 73. c:\windows\system32\igfxsrvc.dll
Intel Corporation
igfxsrvc Module
.text,.rdata,.data,.rsrc,.reloc,
01CA0000[00024000]
[ M] 107. c:\windows\system32\igfxdev.dll
Intel Corporation
igfxdev Module
.text,.rdata,.data,.rsrc,.reloc,
019F0000[0002B000]
[AM] 80. c:\program files\winrar\rarext.dll
.text,.data,.tls,.idata,.edata,.rsrc,.reloc,
+ 0000080c(2060) ctfmon.exe
10000000[0001B000]
[ M] 104. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 00000854(2132) xdictOEM.exe
00400000[00146000]
[AM] 97. c:\program files\kingsoft\powerword 2006\xdictoem.exe
Kingsoft Co, Ltd.
Kingsoft PowerWord 2006
UPX0,UPX1,.rsrc,
10000000[00010000]
[ M] 118. c:\program files\kingsoft\powerword 2006\accountactivate.dll
Kingsoft
AccountActivate
.text,.rdata,.data,.rsrc,.reloc,
780C0000[00061000]
[ M] 119. c:\program files\kingsoft\powerword 2006\msvcp60.dll
Microsoft Corporation
Microsoft (R) C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
00380000[0004F000]
[ M] 120. c:\program files\kingsoft\powerword 2006\doshow.dll
.text,.rdata,.data,.idata,.rsrc,.reloc,
003D0000[00025000]
[ M] 121. c:\program files\kingsoft\powerword 2006\itextout.dll
Kingsoft
Kingsoft Text Output Service
.text,.rdata,.data,.idata,.rsrc,.reloc,
00550000[0002F000]
[ M] 122. c:\program files\kingsoft\powerword 2006\kpic10.dll
.text,.rdata,.data,.idata,.reloc,
60000000[0002E000]
[ M] 123. c:\program files\kingsoft\powerword 2006\ijl11.dll
Intel Corporation
Intel? JPEG Library - Retail Version
.text,.rdata,.data,.rsrc,.reloc,
00580000[00013000]
[ M] 124. c:\program files\kingsoft\powerword 2006\normgrab.dll
Kingsoft Co, Ltd.
Powerword Normal Grab Plugin
.text,.rdata,.data,.rsrc,.reloc,
005A0000[00043000]
[ M] 125. c:\program files\kingsoft\powerword 2006\tottsengine50.dll
Kingsoft Corporation
Interface of TTS 5 for Kingsoft Powerword
.text,.rdata,.data,.idata,.rsrc,.reloc,
老爱中毒的机器 - 2007-9-4 15:51:00
005F0000[00042000]
[ M] 126. c:\program files\kingsoft\powerword 2006\xfile.dll
.text,.rdata,.data,.idata,.reloc,
00FB0000[00033000]
[ M] 127. c:\program files\kingsoft\powerword 2006\dbcore10.dll
Kingsoft Corp.
PowerWord Database Engine
.text,.rdata,.data,.rsrc,.reloc,
01000000[0001F000]
[ M] 128. c:\program files\kingsoft\powerword 2006\xdictgrb.dll
Kingsoft Co, Ltd.
Powerword Grab Word Proxy
.text,.rdata,.data,.rsrc,.reloc,
01050000[0003A000]
[ M] 129. c:\program files\kingsoft\powerword 2006\dictionarymanager.dll
DictionaryManager Module
.text,.rdata,.data,.rsrc,.reloc,
72C80000[00008000]
[ M] 105. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
02F80000[0006B000]
[ M] 130. c:\program files\kingsoft\powerword 2006\kavpassport.dll
Kingsoft Corporation
Kingsoft Online Passport Support
.text,.rdata,.data,.rsrc,.reloc,
03000000[0001B000]
[ M] 104. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 00000874(2164) Foxmail.exe
00400000[0048E000]
[AM] 98. c:\program files\tencent\foxmail\foxmail.exe
Tencent Inc.
Internet Mail Client
CODE,DATA,BSS,.idata,.edata,.tls,.rdata,.reloc,.rsrc,
62060000[0001F000]
[ M] 131. c:\windows\system32\mapi32.dll
Microsoft Corporation
Extended MAPI 1.0 for Windows NT
.text,.data,.rsrc,.reloc,
10000000[00036000]
[ M] 132. c:\program files\tencent\foxmail\foxantispam.dll
.text,.rdata,.data,.reloc,
65000000[00010000]
[ M] 133. c:\program files\tencent\foxmail\pcre.dll
.text,.rdata,.data,.idata,.reloc,
02020000[0001B000]
[ M] 104. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
01870000[0000D000]
[ M] 134. c:\program files\tencent\foxmail\3rdparty\punylib.dll
CNNIC
CodeLib
.text,.rdata,.data,.rsrc,.reloc,
+ 000008a4(2212) svchost.exe
+ 00000a7c(2684) conime.exe
10000000[0001B000]
[ M] 104. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 00000b4c(2892) rundll32.exe
10000000[00115000]
[ M] 135. c:\windows\system32\9e1.dll
Player 动态链接库
.text,.rdata,.data,.rsrc,.reloc,
+ 00000c48(3144) Ras.exe
00400000[0013F000]
[ M] 136. c:\program files\rising\antispyware\ras.exe
Beijing Rising Technology Co., Ltd.
Rising AntiSpyware
.text,.rdata,.data,.rsrc,
10000000[000A3000]
[ M] 137. c:\program files\rising\antispyware\rasgui.dll
Beijing Rising Technology Co., Ltd.
RasGUI
.text,.rdata,.data,.rsrc,.reloc,
014F0000[0001B000]
[ M] 104. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
01880000[0002F000]
[ M] 138. c:\program files\rising\antispyware\engine.dll
Beijing Rising Technology Co., Ltd.
kaka engine
.text,.rdata,.data,.rsrc,.reloc,
017A0000[00012000]
[ M] 139. c:\program files\rising\antispyware\zip.dll
rising
zip
UPX0,UPX1,.rsrc,
62830000[00026000]
[AM] 83. c:\windows\system32\acsignicon.dll
Autodesk
AcSignIcon Module
.text,.rdata,.data,.rsrc,.reloc,
02390000[0001B000]
[AM] 85. c:\windows\system32\ravext.dll
Beijing Rising Technology Co., Ltd.
Rising Shell Ext Module
.text,.rdata,.data,.rsrc,.reloc,
030A0000[00019000]
[ M] 140. c:\program files\rising\rav\ravscrch.dll
Beijing Rising Technology Co., Ltd.
RavScrCh Module
.text,.rdata,.data,.rsrc,.reloc,
+ 00000de0(3552) 4dad1.exe
00400000[0001E000]
[AM] 5. c:\windows\system32\4dad1.exe
.text,.rdata,.data,.rsrc,
流星陨落 - 2007-9-4 17:26:00
看置顶帖,日志不对
1
© 2000 - 2026 Rising Corp. Ltd.