瑞星卡卡安全论坛
UFO哈哈 - 2007-9-29 20:25:00
上卡卡社区老是没有响应,关一个网站就把所有的网站关完了。呜呜
下列是我扫描的卡卡日志
瑞星卡卡电脑诊断日志 v1.30 (2007-9-29 20:5:20) 北京瑞星科技股份有限公司
注释: [A]表示该文件存在自启动关联;
[M]表示该文件在内存中;
+ 注册表自运行项目
+ 系统服务
+ HKLM\System\CurrentControlSet\Services
aspnet_state
[A ] 1. c:\windows\microsoft.net\framework\v1.1.4322\aspnet_state.exe
Microsoft Corporation
aspnet_state.exe
.text,.data,.rsrc,
Ati HotKey Poller
[AM] 2. c:\windows\system32\ati2evxx.exe
ATI Technologies Inc.
ATI External Event Utility EXE Module
.text,.rdata,.data,.rsrc,
C-DillaCdaC11BA
[AM] 3. c:\windows\system32\drivers\cdac11ba.exe
Macrovision
Macrovision RTS Service
.text,.rdata,.data,.rsrc,
EvtEng
[AM] 4. c:\program files\intel\wireless\bin\evteng.exe
Intel Corporation
EvtEng Module
.text,.rdata,.data,.rsrc,
IBM Rapid Restore Ultra Service
[AM] 5. c:\program files\ibm\ibm rapid restore ultra\rrpcsb.exe
rrpcsb Module
.text,.rdata,.data,.rsrc,
IBMPMSVC
[AM] 6. c:\windows\system32\ibmpmsvc.exe
.text,.rdata,.data,.rsrc,
IDriverT
[A ] 7. c:\program files\common files\installshield\driver\1050\intel 32\idrivert.exe
Macrovision Corporation
IDriverT Module
.text,.rdata,.data,.rsrc,
McAfeeFramework
[AM] 8. c:\program files\network associates\common framework\frameworkservice.exe
McAfee, Inc.
Framework Service
.text,.rdata,.data,.rsrc,
McShield
[AM] 9. c:\program files\network associates\virusscan\mcshield.exe
McAfee, Inc.
On-Access Scanner service
.text,.rdata,.data,.tls,.rsrc,
McTaskManager
[AM] 10. c:\program files\network associates\virusscan\vstskmgr.exe
Network Associates, Inc.
Task Manager : scheduling and OAS alerting service
.text,.rdata,.data,.rsrc,
文件名和"taskmgr.exe"类似;
ose
[A ] 11. c:\program files\common files\microsoft shared\source engine\ose.exe
Microsoft Corporation
Office Source Engine
.text,.data,.rsrc,
P4P Service
[AM] 12. c:\program files\common files\sogou pxp\p2psvr.exe
Sohu.com Inc.
Sogou PXP Streaming Service
.text,.rdata,.data,.rsrc,
QCONSVC
[AM] 13. c:\windows\system32\qconsvc.exe
IBM Corp.
IBM Access Connections - Service Component.
.text,.rdata,.data,.rsrc,
RegSrvc
[AM] 14. c:\program files\intel\wireless\bin\regsrvc.exe
Intel Corporation
RegSrvc Module
.text,.rdata,.data,.rsrc,
S24EventMonitor
[AM] 15. c:\program files\intel\wireless\bin\s24evmon.exe
Intel Corporation
Event Monitor - Supports driver extensions to NIC Driver for wireless adapters.
.text,.rdata,.data,.rsrc,
SoundMAX Agent Service (default)
[AM] 16. c:\program files\analog devices\soundmax\smagent.exe
Analog Devices, Inc.
SoundMAX service agent component
.text,.rdata,.data,.rsrc,
StarWindService
[AM] 17. c:\program files\alcohol soft\alcohol 120\starwind\starwindservice.exe
Rocket Division Software
StarWind iSCSI Target (Alcohol Edition)
.text,.data,.rsrc,
TPHDEXLGSVC
[AM] 18. c:\windows\system32\tphdexlg.exe
IBM Corporation
IBM Active Protection System - HDD Logger Module
.text,.rdata,.data,.rsrc,
TpKmpSVC
[AM] 19. c:\windows\system32\tpkmpsvc.exe
.text,.rdata,.data,
usnjsvc
[A ] 20. c:\program files\msn messenger\usnsvc.exe
Microsoft Corporation
Messenger Sharing USN Journal Reader Service
.text,.data,.rsrc,
vtserver
[AM] 21. c:\program files\common files\virtual token\vtserver.exe
UPEK Inc.
Passport Server Module
.text,.rdata,.data,.rsrc,
WMPNetworkSvc
[A ] 22. c:\program files\windows media player\wmpnetwk.exe
Microsoft Corporation
Windows Media Player Network Sharing Service
.text,.data,.rsrc,.reloc,
WudfSvc
[A ] 23. c:\windows\system32\wudfsvc.dll
Microsoft Corporation
Windows Driver Foundation - User-mode Driver Framework Service
.text,.data,.rsrc,.reloc,
+ 内核驱动
+ HKLM\System\CurrentControlSet\Services
aeaudio
[A ] 24. c:\windows\system32\drivers\aeaudio.sys
Andrea Electronics Corporation
Andrea Audio Noise Cancellation Driver
.text,.rdata,.data,.data1,PAGE,INIT,.rsrc,.reloc,
AegisP
[A ] 25. c:\windows\system32\drivers\aegisp.sys
Meetinghouse Data Communications
IEEE 802.1X Protocol Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
ANC
[A ] 26. c:\windows\system32\drivers\anc.sys
IBM Corp.
IBM Access Connections - ANC
.text,.rdata,INIT,.rsrc,.reloc,
btaudio
[A ] 27. c:\windows\system32\drivers\btaudio.sys
BTDriver
[A ] 28. c:\windows\system32\drivers\btport.sys
BTWDNDIS
[A ] 29. c:\windows\system32\drivers\btwdndis.sys
BTWUSB
[A ] 30. c:\windows\system32\drivers\btwusb.sys
CdaC15BA
[A ] 31. c:\windows\system32\drivers\cdac15ba.sys
Macrovision Europe Ltd
Macrovision SECURITY Driver
.text,.data,INIT,.rsrc,.reloc,
DgiVecp
[A ] 32. c:\windows\system32\drivers\dgivecp.sys
DeviceGuys, Inc.
Windows NT 4.0 IEEE-1284 parallel class driver for ECP, Byte, and Nibble modes
.text,INIT,.rdata,.data,.rsrc,.reloc,
EGATHDRV
[A ] 33. c:\windows\system32\egathdrv.sys
IBM Corporation
IBM eGatherer Kernel Module
.text,.rdata,INIT,.rsrc,.reloc,
EntDrv51
[A ] 34. c:\windows\system32\drivers\entdrv51.sys
McAfee, Inc
EntDrv
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
fcdabus
[A ] 35. c:\windows\system32\drivers\fcdabus.sys
fsRamDsk
[A ] 36. c:\windows\system32\drivers\fsramdsk.sys
FarStone
RamDisk
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
FVDSCSI
[A ] 37. c:\windows\system32\drivers\fvdscsi.sys
HSFHWICH
[A ] 38. c:\windows\system32\drivers\hsfhwich.sys
Conexant Systems, Inc.
HSFHWICH WDM driver
.text,GLOBAL_I,.rdata,.data,.CRT,GLOBAL_I,.STL,PAGE,INIT,.rsrc,.reloc,
HSF_DP
[A ] 39. c:\windows\system32\drivers\hsf_dp.sys
Conexant Systems, Inc.
HSF_DP driver
.text,_PARA_DA,.rdata,.data,.STL,.CRT,PAGE,INIT,.rsrc,.reloc,
ibmfilter
[A ] 40. c:\windows\system32\drivers\ibmfilter.sys
IBM
IBM FFE and RRU filter driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
IBMPMDRV
[A ] 41. c:\windows\system32\drivers\ibmpmdrv.sys
IBM Corp.
IBM ThinkPad Power Management Driver
.text,.rdata,.data,.rsrc,.reloc,
IBMTPCHK
[A ] 42. c:\windows\system32\drivers\ibmbldid.sys
.text,.rdata,INIT,.reloc,
mdmxsdk
[A ] 43. c:\windows\system32\drivers\mdmxsdk.sys
Conexant
Diagnostic Interface DRIVER
.text,.rdata,.data,INIT,.rsrc,.reloc,
NaiAvFilter1
[A ] 44. c:\windows\system32\drivers\naiavf5x.sys
McAfee Inc.
Anti-Virus File System Filter Driver
.text,.rdata,.data,.CRT,INIT,.rsrc,.reloc,
NaiAvTdi1
[A ] 45. c:\windows\system32\drivers\mvstdi5x.sys
McAfee Inc.
Anti-Virus Mini-Firewall Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
npkcrypt
[A ] 46. d:\qq\npkcrypt.sys
INCA Internet Co., Ltd.
nProtect KeyCrypt Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
npkycryp
[A ] 47. d:\qq\npkycryp.sys
PMEM
[A ] 48. c:\windows\system32\drivers\pmemnt.sys
Microsoft Corporation
Physical Memory Driver
.text,.edata,INIT,.rsrc,.reloc,
psadd
[A ] 49. c:\windows\system32\drivers\psadd.sys
IBM Corporation
SMI Driver
.text,.rdata,.data,PAGE,PAGELOCK,INIT,.rsrc,.reloc,
PxHelp20
[A ] 50. c:\windows\system32\drivers\pxhelp20.sys
Sonic Solutions
Px Engine Device Driver for Windows 2000/XP
.text,.rdata,.data,INIT,.rsrc,.reloc,
QCNDISIF
[A ] 51. c:\windows\system32\drivers\qcndisif.sys
IBM Corporation.
IBM Access Connections - Intermediate Protocol Driver.
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
RsAntiSpyware
[A ] 52. c:\windows\system32\drivers\rsboot.sys
Beijing Rising Technology Co., Ltd.
Anti-RootKit Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
s24trans
[A ] 53. c:\windows\system32\drivers\s24trans.sys
Intel Corporation
Intel WLAN Packet Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
Secdrv
[A ] 54. c:\windows\system32\drivers\secdrv.sys
Macrovision Europe Ltd
Macrovision SECURITY Driver
.text,.data,INIT,.rsrc,.reloc,
ShockMgr
[A ] 55. c:\windows\system32\drivers\shockmgr.sys
IBM Corporation
ShockMgr Device Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
Shockprf
[A ] 56. c:\windows\system32\drivers\shockprf.sys
IBM Corporation
Shockproof Disk Driver
.text,.rdata,.data,PAGE,PAGE_DAT,INIT,.rsrc,.reloc,
Smapint
[A ] 57. c:\windows\system32\drivers\smapint.sys
Microsoft Corporation
SMAPI I/O
.text,.rdata,.data,.idata,.rsrc,.reloc,
SmiHlp
[A ] 58. c:\program files\ibm fingerprint software\smihlp.sys
UPEK Inc.
SMI helper driver
.text,.rdata,INIT,.rsrc,.reloc,
smwdm
[A ] 59. c:\windows\system32\drivers\smwdm.sys
Analog Devices, Inc.
SoundMAX Integrated Digital Audio
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
UFO哈哈 - 2007-9-29 20:27:00
SynTP
[A ] 60. c:\windows\system32\drivers\syntp.sys
Synaptics, Inc.
Synaptics Touchpad Driver
.text,.data,INIT,.rsrc,.reloc,
TcUsb
[A ] 61. c:\windows\system32\drivers\tcusb.sys
UPEK Inc.
TouchChip USB Kernel Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
TDSMAPI
[A ] 62. c:\windows\system32\drivers\tdsmapi.sys
.text,.rdata,.data,.reloc,
TesSafe
[A ] 63. c:\windows\system32\tessafe.sys
.text,.rdata,.data,INIT,.reloc,
TPDiskPM
[A ] 64. c:\windows\system32\drivers\tpdiskpm.sys
IBM Corporation
IBM SATA Power Management Driver
.text,.rdata,INIT,.rsrc,.reloc,
TPHKDRV
[A ] 65. c:\windows\system32\drivers\tphkdrv.sys
IBM Corporation
ThinkPad Hotkey Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
TPInput
[A ] 66. c:\windows\system32\drivers\tpinput.sys
IBM Corporation
IBM SATA Power Management Driver
.text,.rdata,PAGE,INIT,.rsrc,.reloc,
TPM11
[A ] 67. c:\windows\system32\drivers\nsctpm11.sys
National Semiconductor Corp.
TPM Device Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
TPPWRIF
[A ] 68. c:\windows\system32\drivers\tppwrif.sys
.text,.rdata,.data,.reloc,
TSMAPIP
[A ] 69. c:\windows\system32\drivers\tsmapip.sys
.text,.rdata,.data,.reloc,
vax347b
[A ] 70. c:\windows\system32\drivers\vax347b.sys
Plug and Play BIOS Extension
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
vax347s
[A ] 71. c:\windows\system32\drivers\vax347s.sys
SCSI miniport
.text,.rdata,.data,INIT,.rsrc,.reloc,
vcddev
[A ] 72. c:\windows\system32\drivers\vcdvnic.sys
VNN B.J.
Virtual Native Network Driver
.text,.data,INIT,.rsrc,.reloc,
w29n51
[A ] 73. c:\windows\system32\drivers\w29n51.sys
Intel? Corporation
Intel? Wireless LAN Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
winachsf
[A ] 74. c:\windows\system32\drivers\hsf_cnxt.sys
Conexant Systems, Inc.
HSF_CNXT driver
.text,_LTEXT,.rdata,.data,_LDATA,PAGESER,INIT,.rsrc,.reloc,
WudfPf
[A ] 75. c:\windows\system32\drivers\wudfpf.sys
Microsoft Corporation
Windows Driver Foundation - User-mode Driver Framework Platform Driver
.text,.rdata,.data,PAGE,.edata,INIT,.rsrc,.reloc,
WudfRd
[A ] 76. c:\windows\system32\drivers\wudfrd.sys
Microsoft Corporation
Windows Driver Foundation - User-mode Driver Framework Reflector
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
ZSMC0305
[A ] 77. c:\windows\system32\drivers\usbvm305.sys
Vimicro Corporation
Video streaming and Capture Device Driver
.text,.data,.data1,PAGECONS,INIT,.rsrc,.reloc,
+ 系统登陆自运行
+ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
GinaDLL
[AM] 78. c:\windows\system32\vrlogon.dll
UPEK Inc.
Logon Protector library
.text,.rdata,.data,.edata,.rsrc,.reloc,
+ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
AtiExtEvent
[AM] 79. c:\windows\system32\ati2evxx.dll
ATI Technologies Inc.
ATI External Event Utility DLL Module
.text,.rdata,.data,.rsrc,.reloc,
psfus
[AM] 80. c:\program files\ibm fingerprint software\psfus.dll
UPEK Inc.
Fast User Switching library
.text,.rdata,.data,.rsrc,.reloc,
QConGina
[A ] 81. c:\windows\system32\qcongina.dll
IBM Corp.
IBM Access Connections - GINA Component.
.text,.rdata,.data,.QCONGIN,.rsrc,.reloc,
tphotkey
[AM] 82. c:\windows\system32\tphklock.dll
.text,.rdata,.data,.reloc,
WgaLogon
[AM] 83. c:\windows\system32\wgalogon.dll
Microsoft Corporation
Windows Genuine Advantage Notification
.text,.data,.rsrc,.reloc,
+ IE浏览器加载模块
+ HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar
{07B18EA9-A523-4961-B6BB-170DE4475CCA}
[AM] 84. c:\program files\mywebsearch\bar\1.bin\mwsbar.dll
MyWebSearch.com
My Web Search Bar
.text,.rdata,.data,MyWebSea,MyWebSea,.rsrc,.reloc,
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C}
[A ] 85. c:\windows\system32\kakatool.dll
Beijing Rising Technology Co., Ltd.
Rising AntiSpyware Toolbar
.text,.rdata,.data,MonitorS,.rsrc,.reloc,
+ HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks
{00A6FAF6-072E-44cf-8957-5838F569A31D}
[AM] 86. c:\program files\mywebsearch\srchastt\1.bin\mwssrcas.dll
MyWebSearch.com
MyWebSearch Search Assistant
.text,.rdata,.data,MyWebSea,.rsrc,.reloc,
{DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9}
[AM] 87. c:\program files\tencent\ssplus\saddr.dll
Tencent
.text,.rdata,.data,.rsrc,.reloc,
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
{00000000-12C9-4305-82F9-43058F20E8D2}
[AM] 88. d:\qqdownload\qqiehelper02.dll
腾讯公司
超级旋风下载组件
.text,.rdata,.data,.rsrc,.reloc,
{00A6FAF1-072E-44cf-8957-5838F569A31D}
[AM] 86. c:\program files\mywebsearch\srchastt\1.bin\mwssrcas.dll
MyWebSearch.com
MyWebSearch Search Assistant
.text,.rdata,.data,MyWebSea,.rsrc,.reloc,
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
[AM] 89. c:\program files\adobe\acrobat 7.0\activex\acroiehelper.dll
Adobe Systems Incorporated
Adobe Acrobat IE Helper Version 7.0 for ActiveX
.text,.rdata,.data,.rsrc,.reloc,
{07B18EA1-A523-4961-B6BB-170DE4475CCA}
[AM] 84. c:\program files\mywebsearch\bar\1.bin\mwsbar.dll
MyWebSearch.com
My Web Search Bar
.text,.rdata,.data,MyWebSea,MyWebSea,.rsrc,.reloc,
{0C7C23EF-A848-485B-873C-0ED954731014}
[AM] 87. c:\program files\tencent\ssplus\saddr.dll
Tencent
.text,.rdata,.data,.rsrc,.reloc,
{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}
[AM] 90. d:\others can be deleted late\jccatch.dll
www.flashget.com
Flashget CatchUrl Module
.text,.rdata,.data,.rsrc,.reloc,
{49E0E0F0-5C30-11D4-945D-000000008811}
[AM] 91. c:\windows\system32\ieseven.dll
微软安全Internet Explorer插件
CODE,DATA,BSS,.idata,.edata,.reloc,.rsrc,.aspack,.adata,
{9030D464-4C02-4ABF-8ECC-5164760863C6}
[AM] 92. c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
Microsoft Corporation
WindowsLiveLogin.dll
.text,.data,.rsrc,.reloc,
{AA2F655A-7618-499D-B0A5-4F84B91D2C5F}
[AM] 93. c:\windows\system32\pceggs.dll
杭州弈天网络技术有限公司
PC蛋蛋
.text,.rdata,.data,.rsrc,.reloc,
{F156768E-81EF-470C-9057-481BA8380DBA}
[AM] 94. d:\others can be deleted late\getflash.dll
www.flashget.com
Flashget GetFlash Module
.text,.rdata,.data,.rsrc,.reloc,
+ HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions
Exec
[A ] 95. c:\program files\lenovo\pkgmgr\pkgmgr.exe
Lenovo Group Limited
Software Installer
.text,.rdata,.data,.rsrc,
Exec
[A ] 96. d:\others can be deleted late\flashget.exe
FlashGet.com
FlashGet
.text,.rdata,.data,.rsrc,
Exec
[A ] 97. c:\program files\messenger\msmsgs.exe
Microsoft Corporation
Windows Messenger
.text,.data,.rsrc,
+ HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars
{182EC0BE-5110-49C8-A062-BEB1D02A220B}
[A ] 98. c:\program files\adobe\acrobat 6.0\acrobat\acroiefavclient.dll
.text,.rdata,.data,.rsrc,.reloc,
+ 资源管理器加载模块
+ HKLM\SOFTWARE\Classes\PROTOCOLS\Filter
application/octet-stream
[A ] 99. c:\windows\system32\mscoree.dll
Microsoft Corporation
Microsoft .NET Runtime Execution Engine
.text,.data,.rsrc,.reloc,
application/x-complus
[A ] 99. c:\windows\system32\mscoree.dll
Microsoft Corporation
Microsoft .NET Runtime Execution Engine
.text,.data,.rsrc,.reloc,
application/x-msdownload
[A ] 99. c:\windows\system32\mscoree.dll
Microsoft Corporation
Microsoft .NET Runtime Execution Engine
.text,.data,.rsrc,.reloc,
UFO哈哈 - 2007-9-29 20:28:00
text/xml
[A ] 100. c:\program files\common files\microsoft shared\office11\msoxmlmf.dll
Microsoft Corporation
Microsoft Office XML MIME Filter
.text,.data,.rsrc,.reloc,
+ HKLM\SOFTWARE\Classes\PROTOCOLS\Handler
ic32pp
[A ] 101. c:\windows\wc98pp.dll
CODE,DATA,BSS,.idata,.edata,.reloc,.rsrc,
livecall
[A ] 102. c:\program files\msn messenger\msgrapp.8.1.0178.00.dll
Microsoft Corporation
MSN Messenger Protocol Handler
.text,.data,.rsrc,.reloc,
msnim
[A ] 102. c:\program files\msn messenger\msgrapp.8.1.0178.00.dll
Microsoft Corporation
MSN Messenger Protocol Handler
.text,.data,.rsrc,.reloc,
mso-offdap
[A ] 103. c:\program files\common files\microsoft shared\web components\10\owc10.dll
Microsoft Corporation
Microsoft Office XP Web Components
.text,.data,.rtext,.bootdat,msoconst,Shared,.rsrc,.reloc,
mso-offdap11
[A ] 104. c:\program files\common files\microsoft shared\web components\11\owc11.dll
Microsoft Corporation
Microsoft Office Web Components 2003
.text,.data,.rtext,Shared,.cdata,.rsrc,.reloc,
skype4com
[A ] 105. c:\program files\common files\skype\skype4com.dll
Skype Technologies
Skype for COM API
.text,.rdata,.data,.rsrc,.reloc,
+ HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
{4b218e3e-bc98-4770-93d3-2731b9329278}
[A ] 106. c:\windows\inf\ie.inf
+ HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers
{F9DB5320-233E-11D1-9F84-707F02C10627}
[AM] 107. c:\program files\adobe\acrobat 7.0\activex\pdfshell.dll
Adobe Systems, Inc.
PDF Shell Extension
.text,.rdata,.data,.rsrc,.reloc,
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
HyperTerminal Icon Ext
[A ] 108. c:\windows\system32\hticons.dll
Hilgraeve, Inc.
HyperTerminal Applet Library
.text,.data,.rsrc,.reloc,
Fusion Cache
[A ] 99. c:\windows\system32\mscoree.dll
Microsoft Corporation
Microsoft .NET Runtime Execution Engine
.text,.data,.rsrc,.reloc,
WinRAR shell extension
[A ] 109. c:\program files\winrar\rarext.dll
.text,.data,.tls,.idata,.edata,.rsrc,.reloc,
Web Folders
[A ] 110. c:\program files\common files\microsoft shared\web folders\msonsext.dll
Microsoft Corporation
Microsoft Web Folders
.text,.data,.rsrc,.reloc,
PicaView
[A ] 111. c:\program files\acdsee\picaview.dll
ACD Systems, Ltd.
PicaView 系统扩展 DLL
.text,.rdata,.data,.tls,.rsrc,.reloc,
Adobe.Acrobat.ContextMenu
[A ] 112. c:\program files\adobe\acrobat 6.0\acrobat elements\contextmenu.dll
Adobe Systems Inc.
Adobe Acrobat Elements
.text,.rdata,.data,.idata,.rsrc,.reloc,
AlcoholShellEx
[A ] 113. c:\program files\alcohol soft\alcohol 120\axshlex.dll
Alcohol Soft Development Team
AXShlEx.dll
UPX0,UPX1,.rsrc,
Messenger Sharing Folders
[A ] 114. c:\program files\msn messenger\fsshext.8.1.0178.00.dll
Microsoft Corporation
Messenger File Sharing Shell Extensions
.text,.data,.rsrc,.reloc,
CuteFTP Shell Extension
[A ] 115. d:\tools\cuteftp xp v5.0.2 简体中文版\setup\cuteshell.dll
GlobalSCAPE, Inc.
.text,.rdata,.data,.rsrc,.reloc,
Microsoft Office HTML Icon Handler
[AM] 116. c:\program files\microsoft office\office11\msohev.dll
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,.reloc,
Portable Media Devices
[A ] 117. c:\windows\system32\audiodev.dll
Microsoft Corporation
Portable Media Devices Shell Extension
.text,.data,.rsrc,.reloc,
Portable Devices
[A ] 118. c:\windows\system32\wpdshext.dll
Microsoft Corporation
Portable Devices Shell Extension
.text,.data,.rsrc,.reloc,
Portable Devices Menu
[A ] 118. c:\windows\system32\wpdshext.dll
Microsoft Corporation
Portable Devices Shell Extension
.text,.data,.rsrc,.reloc,
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}
[AM] 119. c:\windows\system32\shlhook.dll
Beijing Rising Technology Co., Ltd.
shlhook Module
.text,.rdata,.data,.rsrc,.reloc,
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
WPDShServiceObj
[AM] 120. c:\windows\system32\wpdshserviceobj.dll
Microsoft Corporation
Windows Portable Device Shell Service Object
.text,.data,.rsrc,.reloc,
+ 用户登陆自运行项目
+ HKCU\Software\Microsoft\Windows\CurrentVersion\Run
MyWebSearch Email Plugin
[AM] 121. c:\program files\mywebsearch\bar\1.bin\mwsoemon.exe
MyWebSearch.com
My Web Search Plugin Loader
.text,.rdata,.data,.rsrc,
WMPNSCFG
[AM] 122. c:\program files\windows media player\wmpnscfg.exe
Microsoft Corporation
Windows Media Player Network Sharing Service Configuration Application
.text,.data,.rsrc,.reloc,
MsnMsgr
[AM] 123. c:\program files\msn messenger\msnmsgr.exe
Microsoft Corporation
Messenger
.text,.data,.rsrc,
+ HKLM\Software\Microsoft\Windows\CurrentVersion\Run
SynTPLpr
[AM] 124. c:\program files\synaptics\syntp\syntplpr.exe
Synaptics, Inc.
TouchPad Driver Helper Application
.text,.rdata,.data,.rsrc,
TpShocks
[AM] 125. c:\windows\system32\tpshocks.exe
IBM Corp.
IBM Active Protection System
.text,.rdata,.data,.rsrc,
TPHOTKEY
[AM] 126. c:\program files\thinkpad\pkgmgr\hotkey\tphkmgr.exe
.text,.rdata,.data,
文件名和"taskmgr.exe"类似;
ControlCenter
[A ] 127. c:\program files\ibm fingerprint software\ctlcntr.exe
UPEK Inc.
PSuite Control Center
.text,.rdata,.data,.rsrc,
TP4EX
[A ] 128. c:\windows\system32\tp4ex.exe
IBM Corporation
IBM TrackPoint Accessibility Features
.text,.rdata,.data,.rsrc,
EZEJMNAP
[AM] 129. c:\program files\thinkpad\utilities\ezejmnap.exe
IBM Corp.
IBM ThinkPad EasyEject Support Application
.text,.rdata,.data,.rsrc,
SoundMAXPnP
[AM] 130. c:\program files\analog devices\soundmax\smax4pnp.exe
Analog Devices, Inc.
SMax4PNP MFC Application
.text,.rdata,.data,.rsrc,
UpdateManager
[A ] 131. c:\program files\common files\sonic\update manager\sgtray.exe
Sonic Solutions
Sonic Update Manager
.text,.rdata,.data,.rsrc,
IBMPRC
[AM] 132. c:\ibmtools\utils\ibmprc.exe
IBM Corp.
ibmprc Application
.text,.rdata,.data,.rsrc,
QCWLICON
[AM] 133. c:\program files\thinkpad\connectutilities\qcwlicon.exe
IBM Corp.
IBM Access Connections - Wireless Status Icon.
.text,.rdata,.data,.idata,.rsrc,.reloc,
NeroFilterCheck
[A ] 134. c:\windows\system32\nerocheck.exe
Ahead Software Gmbh
NeroCheck
.text,.rdata,.data,.rsrc,
StormCodec_Helper
[A ] 135. c:\program files\ringz studio\storm codec\stormset.exe
.text,.rdata,.data,.ndata,.rsrc,
BigDog305
[AM] 136. c:\windows\vm305_sti.exe
Vimicro
Vimicro
.text,.rdata,.data,.rsrc,
McAfeeUpdaterUI
[AM] 137. c:\program files\network associates\common framework\updaterui.exe
McAfee, Inc.
Common User Interface
.text,.rdata,.data,.rsrc,
Network Associates Error Reporting Service
[AM] 138. c:\program files\common files\network associates\talkback\tbmon.exe
Network Associates, Inc.
TalkBack Monitor
.text,.rdata,.data,.rsrc,
文件名和"ctfmon.exe"类似;
ShStatEXE
[AM] 139. c:\program files\network associates\virusscan\shstat.exe
McAfee, Inc.
On-access scanner statistics
.text,.rdata,.data,.rsrc,
MyWebSearch Email Plugin
[AM] 121. c:\program files\mywebsearch\bar\1.bin\mwsoemon.exe
MyWebSearch.com
My Web Search Plugin Loader
.text,.rdata,.data,.rsrc,
UFO哈哈 - 2007-9-29 20:30:00
IMSCMig
[A ] 140. c:\program files\common files\microsoft shared\ime\imsc40a\imscmig.exe
Microsoft Corporation
微软拼音输入法安装工具
.text,.data,.rsrc,
Samsung Common SM
[AM] 141. c:\windows\samsung\comsmmgr\ssmmgr.exe
Samsung Electronics.
Samsung Status Monitor Manager
.text,.rdata,.data,.rsrc,
runeip
[AM] 142. f:\ufo771至尊星\新建文件夹\runiep.exe
Beijing Rising Technology Co., Ltd.
Rising AntiSpyware Monitor
.text,.rdata,.data,.rsrc,
+ 映像劫持
+ HKCR\Folder\shell
Super Rabbit CDROM Eject
[A ] 143. c:\program files\super rabbit\magicset\srcd2.exe
Super Rabbit Software
UPX0,UPX1,.rsrc,
+ HKCR\.html
htmlfile\Edit\Command
[A ] 144. c:\program files\microsoft office\office11\msohtmed.exe
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,
htmlfile\Print\Command
[A ] 144. c:\program files\microsoft office\office11\msohtmed.exe
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,
+ HKCR\.htm
htmlfile\Edit\Command
[A ] 144. c:\program files\microsoft office\office11\msohtmed.exe
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,
htmlfile\Print\Command
[A ] 144. c:\program files\microsoft office\office11\msohtmed.exe
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,
+ 打印机监控
+ HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
Adobe PDF Port
[AM] 145. c:\windows\system32\adobepdf.dll
Adobe Systems Incorporated.
Acrobat ? PDF Port
.text,.data,.edata,.rsrc,.reloc,
Microsoft Document Imaging Writer Monitor
[AM] 146. c:\windows\system32\mdimon.dll
Microsoft Corporation
Microsoft? Document Imaging
.text,.data,.rsrc,.reloc,
SUGS2 Langmon
[AM] 147. c:\windows\system32\sugs2lmk.dll
Samsung Electronics.
Language Monitor for Status Monitor
.text,.data,.rsrc,.reloc,
+ 安全验证
+ HKLM\SYSTEM\CurrentControlSet\Control\Lsa
Notification Packages
[AM] 148. c:\windows\system32\pwdmon.dll
.text,.rdata,.data,.reloc,
+ 其他自启动项目
+ C:\Documents and Settings\yenki ng\Start Menu\Programs\Startup
腾讯QQ.lnk
[A ] 149. d:\qq\qq.exe
TENCENT
QQ
.text,.rdata,.data,.rsrc,
+ C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Acrobat Assistant.lnk
[AM] 150. c:\program files\adobe\acrobat 6.0\distillr\acrotray.exe
Adobe Systems Inc.
AcroTray
.text,.rdata,.data,.rsrc,
Adobe Reader Speed Launch.lnk
[A ] 151. c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
Adobe Systems Incorporated
Adobe Acrobat SpeedLauncher
.text,.rdata,.data,.rsrc,
Digital Line Detect.lnk
[A ] 152. c:\program files\digital line detect\dlg.exe
BVRP Software
Digital Line Detection
.text,.rdata,.data,.rsrc,
+ C:\WINDOWS\Tasks
PMTask.job
[A ] 153. c:\program files\thinkpad\utilities\pwmidtsk.exe
.text,.rdata,.data,
+ 正在运行的进程
+ 000000b0(176) spoolsv.exe
50400000[00009000]
[AM] 145. c:\windows\system32\adobepdf.dll
Adobe Systems Incorporated.
Acrobat ? PDF Port
.text,.data,.edata,.rsrc,.reloc,
65000000[00026000]
[ M] 154. c:\program files\adobe\acrobat 6.0\distillr\adistres.dll
Adobe Systems Incorporated.
Acrobat Distiller
.text,.rdata,.data,.rsrc,.reloc,
00F30000[00008000]
[AM] 146. c:\windows\system32\mdimon.dll
Microsoft Corporation
Microsoft? Document Imaging
.text,.data,.rsrc,.reloc,
00F40000[00009000]
[AM] 147. c:\windows\system32\sugs2lmk.dll
Samsung Electronics.
Language Monitor for Status Monitor
.text,.data,.rsrc,.reloc,
00F90000[00008000]
[ M] 155. c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll
Microsoft Corporation
Microsoft? Document Imaging
.text,.data,.rsrc,.reloc,
+ 0000011c(284) taskmgr.exe
10000000[00029000]
[ M] 156. c:\program files\tencent\ssplus\splus.dll
TENCENT
.text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc,
00C40000[0001B000]
[ M] 157. f:\ufo771至尊星\新建文件夹\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
00D50000[0000A000]
[ M] 158. c:\program files\mywebsearch\bar\1.bin\mwsoestb.dll
MyWebSearch.com
My Web Search Plugin Loader
.text,.rdata,.data,.rsrc,.reloc,
+ 000001a8(424) SMAgent.exe
00400000[0000B000]
[AM] 16. c:\program files\analog devices\soundmax\smagent.exe
Analog Devices, Inc.
SoundMAX service agent component
.text,.rdata,.data,.rsrc,
+ 00000248(584) CDAC11BA.EXE
00400000[00012000]
[AM] 3. c:\windows\system32\drivers\cdac11ba.exe
Macrovision
Macrovision RTS Service
.text,.rdata,.data,.rsrc,
+ 00000280(640) svchost.exe
0A000000[00012000]
[ M] 159. c:\windows\system32\entapi.dll
McAfee, Inc
EntAPI
.text,.rdata,.data,.rsrc,.reloc,
+ 0000028c(652) rrpcsb.exe
00400000[00074000]
[AM] 5. c:\program files\ibm\ibm rapid restore ultra\rrpcsb.exe
rrpcsb Module
.text,.rdata,.data,.rsrc,
+ 000002cc(716) FrameworkService.exe
00400000[00018000]
[AM] 8. c:\program files\network associates\common framework\frameworkservice.exe
McAfee, Inc.
Framework Service
.text,.rdata,.data,.rsrc,
642C0000[00007000]
[ M] 160. c:\program files\network associates\common framework\nailog.dll
McAfee, Inc.
Debug Logging
.text,.rdata,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 161. c:\program files\network associates\common framework\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
64360000[00036000]
[ M] 162. c:\program files\network associates\common framework\naxml71.dll
.text,.rdata,.data,.reloc,
7C3A0000[0007B000]
[ M] 163. c:\program files\network associates\common framework\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
64250000[00032000]
[ M] 164. c:\program files\network associates\common framework\nacmnlib71.dll
McAfee, Inc.
Common Library
.text,.rdata,.data,.rsrc,.reloc,
64080000[00028000]
[ M] 165. c:\program files\network associates\common framework\applib.dll
McAfee, Inc.
CMA Application Library
.text,.rdata,.data,.rsrc,.reloc,
64060000[00019000]
[ M] 166. c:\program files\network associates\common framework\0409\agentres.dll
McAfee, Inc.
Agent Subsystem Resources
.text,.rdata,.data,.rsrc,.reloc,
64200000[0000E000]
[ M] 167. c:\program files\network associates\common framework\logging.dll
McAfee, Inc.
Logging Subsystem
.text,.rdata,.data,.rsrc,.reloc,
64180000[00031000]
[ M] 168. c:\program files\network associates\common framework\internetmanager.dll
McAfee, Inc.
Intennet Manager Subsystem
.text,.rdata,.data,.rsrc,.reloc,
642D0000[0001F000]
[ M] 169. c:\program files\network associates\common framework\nainet.dll
McAfee, Inc.
Internet Protocol Library
.text,.rdata,.data,.rsrc,.reloc,
64540000[00012000]
[ M] 170. c:\program files\network associates\common framework\userspace.dll
McAfee, Inc.
User Space Controller Subsystem
.text,.rdata,.data,.rsrc,.reloc,
64460000[00010000]
[ M] 171. c:\program files\network associates\common framework\secureframeworkfactory.dll
McAfee, Inc.
Secure Framework Factory
.text,.rdata,.data,.rsrc,.reloc,
64210000[00026000]
[ M] 172. c:\program files\network associates\common framework\management.dll
McAfee, Inc.
Management Subsystem
.text,.rdata,.data,.rsrc,.reloc,
640C0000[0000A000]
[ M] 173. c:\program files\network associates\common framework\cmalib.dll
McAfee, Inc.
CMA Library
.text,.rdata,.data,.rsrc,.reloc,
64300000[0001D000]
[ M] 174. c:\program files\network associates\common framework\napolicymanager.dll
McAfee, Inc.
Policy Manager
.text,.rdata,.data,.rsrc,.reloc,
UFO哈哈 - 2007-9-29 20:31:00
731B0000[0000A000]
[ M] 175. c:\program files\network associates\common framework\psapi.dll
Microsoft Corporation
Process Status Helper
.text,.rdata,.data,.rsrc,.reloc,
64430000[00016000]
[ M] 176. c:\program files\network associates\common framework\scriptsubsys.dll
McAfee, Inc.
McAfee Script Subsystem
.text,.rdata,.data,.rsrc,.reloc,
644C0000[00041000]
[ M] 177. c:\program files\network associates\common framework\updatesubsys.dll
McAfee, Inc.
McAfee Update Subsystem
.text,.rdata,.data,.rsrc,.reloc,
643E0000[0004C000]
[ M] 178. c:\program files\network associates\common framework\scheduler.dll
McAfee, Inc.
Scheduler Subsystem
.text,.rdata,.data,.rsrc,.reloc,
64000000[0003F000]
[ M] 179. c:\program files\network associates\common framework\agent.dll
McAfee, Inc.
Agent Subsystem
.text,.rdata,.data,.rsrc,.reloc,
64320000[00034000]
[ M] 180. c:\program files\network associates\common framework\naspipe.dll
McAfee, Inc.
Secure Pipe Library
.text,.rdata,.data,.rsrc,.reloc,
641C0000[00023000]
[ M] 181. c:\program files\network associates\common framework\listenserver.dll
McAfee, Inc.
Listen Server Subsystem
.text,.rdata,.data,.rsrc,.reloc,
64480000[00031000]
[ M] 182. c:\program files\network associates\common framework\tcsubsys.dll
McAfee, Inc.
TC Subsystem
.text,.rdata,.data,.rsrc,.reloc,
64160000[00016000]
[ M] 183. c:\program files\network associates\common framework\genevtinf.dll
McAfee, Inc.
GenEvtInf Module
.text,.rdata,.data,.rsrc,.reloc,
0A000000[00012000]
[ M] 159. c:\windows\system32\entapi.dll
McAfee, Inc
EntAPI
.text,.rdata,.data,.rsrc,.reloc,
+ 00000304(772) StarWindService.exe
00400000[0003A000]
[AM] 17. c:\program files\alcohol soft\alcohol 120\starwind\starwindservice.exe
Rocket Division Software
StarWind iSCSI Target (Alcohol Edition)
.text,.data,.rsrc,
+ 0000031c(796) mcshield.exe
00400000[00079000]
[AM] 9. c:\program files\network associates\virusscan\mcshield.exe
McAfee, Inc.
On-Access Scanner service
.text,.rdata,.data,.tls,.rsrc,
12580000[00005000]
[ M] 184. c:\program files\network associates\virusscan\res09\mcshield.dll
Network Associates, Inc.
English (09) resources for McShield
.rsrc,.reloc,
22500000[0000F000]
[ M] 185. c:\program files\network associates\virusscan\ftl.dll
Network Associates, Inc.
File Filter Library
.text,.rdata,.data,.rsrc,.reloc,
124D0000[00055000]
[ M] 186. c:\program files\network associates\virusscan\naiann.dll
Network Associates, Inc.
McShield Announcer (VirusScan Enterprise : messages and TaskManager interfaces).
.text,.rdata,.data,.rsrc,.reloc,
12400000[00066000]
[ M] 187. c:\program files\network associates\virusscan\mytilus.dll
McAfee, Inc.
Common Shell - Scanners' interface to the engine
.text,.rdata,.data,.rsrc,.reloc,
64160000[00016000]
[ M] 183. c:\program files\network associates\common framework\genevtinf.dll
McAfee, Inc.
GenEvtInf Module
.text,.rdata,.data,.rsrc,.reloc,
7C3A0000[0007B000]
[ M] 163. c:\program files\network associates\common framework\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 161. c:\program files\network associates\common framework\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
24700000[0004D000]
[ M] 188. c:\program files\network associates\virusscan\naeventu.dll
Network Associates, Inc.
Client Event Interface DLL
.text,.rdata,.data,.rsrc,.reloc,
24800000[00015000]
[ M] 189. c:\program files\network associates\virusscan\res09\naevtres.dll
Network Associates, Inc.
Client Event Interface Resources
.rsrc,.reloc,
12550000[00007000]
[ M] 190. c:\program files\network associates\virusscan\vsidsvr.dll
Network Associates, Inc.
Virus Source Information Database.
.text,.rdata,.data,.rsrc,.reloc,
12000000[002AF000]
[ M] 191. c:\program files\common files\network associates\engine\mcscan32.dll
McAfee, Inc.
AV Scanning Engine
.text,.rdata,.data,.rsrc,.reloc,
39000000[0003A000]
[ M] 192. c:\program files\network associates\virusscan\entsrv.dll
McAfee, Inc
EntSrv
.text,.rdata,.data,.rsrc,.reloc,
69B10000[0013C000]
[ M] 193. c:\windows\system32\msxml4.dll
Microsoft Corporation
MSXML 4.0 SP 2
.text,.data,.rsrc,.reloc,
+ 0000033c(828) smss.exe
+ 00000354(852) naPrdMgr.exe
00400000[00039000]
[ M] 194. c:\program files\network associates\common framework\naprdmgr.exe
McAfee, Inc.
NAI Product Manager
.text,.rdata,.data,.rsrc,
64360000[00036000]
[ M] 162. c:\program files\network associates\common framework\naxml71.dll
.text,.rdata,.data,.reloc,
7C3A0000[0007B000]
[ M] 163. c:\program files\network associates\common framework\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 161. c:\program files\network associates\common framework\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
642C0000[00007000]
[ M] 160. c:\program files\network associates\common framework\nailog.dll
McAfee, Inc.
Debug Logging
.text,.rdata,.data,.rsrc,.reloc,
64250000[00032000]
[ M] 164. c:\program files\network associates\common framework\nacmnlib71.dll
McAfee, Inc.
Common Library
.text,.rdata,.data,.rsrc,.reloc,
64080000[00028000]
[ M] 165. c:\program files\network associates\common framework\applib.dll
McAfee, Inc.
CMA Application Library
.text,.rdata,.data,.rsrc,.reloc,
64060000[00019000]
[ M] 166. c:\program files\network associates\common framework\0409\agentres.dll
McAfee, Inc.
Agent Subsystem Resources
.text,.rdata,.data,.rsrc,.reloc,
64040000[00015000]
[ M] 195. c:\program files\network associates\common framework\agentplugin.dll
McAfee, Inc.
ePO Agent Plugin
.text,.rdata,.data,.rsrc,.reloc,
64290000[00023000]
[ M] 196. c:\program files\network associates\common framework\nagshr32.dll
McAfee, Inc.
McAfee ASaP Shared Library
.text,.rdata,.data,.rsrc,.reloc,
188C0000[00026000]
[ M] 197. c:\program files\network associates\virusscan\vsplugin.dll
McAfee, Inc.
VirusScan Updater Notification Plugin
.text,.rdata,.data,.rsrc,.reloc,
0A000000[00012000]
[ M] 159. c:\windows\system32\entapi.dll
McAfee, Inc
EntAPI
.text,.rdata,.data,.rsrc,.reloc,
+ 00000370(880) csrss.exe
+ 00000388(904) winlogon.exe
10000000[0002C000]
[AM] 78. c:\windows\system32\vrlogon.dll
UPEK Inc.
Logon Protector library
.text,.rdata,.data,.edata,.rsrc,.reloc,
00FD0000[00021000]
[ M] 198. c:\program files\ibm fingerprint software\extvapi.dll
UPEK Inc.
Logon Protector Verification Library
.text,.rdata,.data,.rsrc,.reloc,
011D0000[0002B000]
[ M] 199. c:\program files\common files\virtual token\psutil.dll
UPEK Inc.
PSuite utility library
.text,.rdata,.data,.rsrc,.reloc,
01260000[0000A000]
[ M] 200. c:\program files\common files\virtual token\resmgr.dll
UPEK Inc.
PSuite resource manager
.text,.rdata,.data,.rsrc,.reloc,
014B0000[0002C000]
[ M] 201. c:\program files\common files\virtual token\remote.dll
UPEK Inc.
RemoteManager library
.text,.rdata,.data,.rsrc,.reloc,
014E0000[0002D000]
[ M] 202. c:\program files\common files\virtual token\passport.dll
UPEK Inc.
Passport Manager Implementation
.text,.rdata,.data,.rsrc,.reloc,
01550000[00010000]
[AM] 79. c:\windows\system32\ati2evxx.dll
ATI Technologies Inc.
ATI External Event Utility DLL Module
.text,.rdata,.data,.rsrc,.reloc,
01630000[0001D000]
[AM] 80. c:\program files\ibm fingerprint software\psfus.dll
UPEK Inc.
Fast User Switching library
.text,.rdata,.data,.rsrc,.reloc,
01660000[00006000]
[AM] 82. c:\windows\system32\tphklock.dll
.text,.rdata,.data,.reloc,
01710000[0003B000]
[AM] 83. c:\windows\system32\wgalogon.dll
Microsoft Corporation
Windows Genuine Advantage Notification
.text,.data,.rsrc,.reloc,
016D0000[00019000]
[ M] 203. c:\program files\common files\virtual token\config.dll
UPEK Inc.
Passport configuration manager
.text,.rdata,.data,.rsrc,.reloc,
01790000[00049000]
[ M] 204. c:\program files\common files\virtual token\locpass.dll
UPEK Inc.
Local Passport implementation
.text,.rdata,.data,.rsrc,.reloc,
UFO哈哈 - 2007-9-29 20:31:00
017E0000[00049000]
[ M] 205. c:\program files\common files\virtual token\sbiopass.dll
UPEK Inc.
Server Bio Passport implementation
.text,.rdata,.data,.rsrc,.reloc,
01920000[00031000]
[ M] 206. c:\program files\common files\virtual token\psdlg.dll
UPEK Inc.
Protector Suite common dialogs
.text,.rdata,.data,.rsrc,.reloc,
72D10000[00008000]
[ M] 207. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
+ 000003b4(948) services.exe
47260000[0000F000]
[ M] 208. c:\windows\apppatch\acadproc.dll
Microsoft Corporation
Windows Compatibility DLL
.text,.data,.rsrc,.reloc,
0A000000[00012000]
[ M] 159. c:\windows\system32\entapi.dll
McAfee, Inc
EntAPI
.text,.rdata,.data,.rsrc,.reloc,
+ 000003c0(960) lsass.exe
10000000[0000C000]
[AM] 148. c:\windows\system32\pwdmon.dll
.text,.rdata,.data,.reloc,
0A000000[00012000]
[ M] 159. c:\windows\system32\entapi.dll
McAfee, Inc
EntAPI
.text,.rdata,.data,.rsrc,.reloc,
+ 00000450(1104) Ras.exe
00400000[00160000]
[ M] 209. f:\ufo771至尊星\新建文件夹\ras.exe
Beijing Rising Technology Co., Ltd.
Rising AntiSpyware
.text,.rdata,.data,.rsrc,
10000000[00013000]
[ M] 210. f:\ufo771至尊星\新建文件夹\topsoft.dll
Beijing Rising Technology Co., Ltd.
Rising AntiSpyware TopSoft
.text,.rdata,.data,.rsrc,.reloc,
7C140000[00103000]
[ M] 211. f:\ufo771至尊星\新建文件夹\mfc71.dll
Microsoft Corporation
MFCDLL Shared Library - Retail Version
.text,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 212. f:\ufo771至尊星\新建文件夹\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
7C3A0000[0007B000]
[ M] 213. f:\ufo771至尊星\新建文件夹\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
5FD00000[00009000]
[ M] 214. c:\windows\system32\mfc42loc.dll
Microsoft Corporation
MFC Language Specific Resources
.rsrc,.reloc,
5D360000[0000A000]
[ M] 215. c:\windows\system32\mfc71chs.dll
Microsoft Corporation
MFC Language Specific Resources
.rsrc,.reloc,
00DE0000[00029000]
[ M] 156. c:\program files\tencent\ssplus\splus.dll
TENCENT
.text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc,
00E60000[000BD000]
[ M] 216. f:\ufo771至尊星\新建文件夹\rasgui.dll
Beijing Rising Technology Co., Ltd.
RasGUI
.text,.rdata,.data,.rsrc,.reloc,
01580000[00011000]
[AM] 119. c:\windows\system32\shlhook.dll
Beijing Rising Technology Co., Ltd.
shlhook Module
.text,.rdata,.data,.rsrc,.reloc,
01790000[0001B000]
[ M] 157. f:\ufo771至尊星\新建文件夹\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
01B20000[0000A000]
[ M] 158. c:\program files\mywebsearch\bar\1.bin\mwsoestb.dll
MyWebSearch.com
My Web Search Plugin Loader
.text,.rdata,.data,.rsrc,.reloc,
+ 00000460(1120) vtserver.exe
00400000[0000D000]
[AM] 21. c:\program files\common files\virtual token\vtserver.exe
UPEK Inc.
Passport Server Module
.text,.rdata,.data,.rsrc,
10000000[0002B000]
[ M] 199. c:\program files\common files\virtual token\psutil.dll
UPEK Inc.
PSuite utility library
.text,.rdata,.data,.rsrc,.reloc,
00940000[0001D000]
[AM] 80. c:\program files\ibm fingerprint software\psfus.dll
UPEK Inc.
Fast User Switching library
.text,.rdata,.data,.rsrc,.reloc,
00980000[0002D000]
[ M] 202. c:\program files\common files\virtual token\passport.dll
UPEK Inc.
Passport Manager Implementation
.text,.rdata,.data,.rsrc,.reloc,
009B0000[0004F000]
[ M] 217. c:\program files\common files\virtual token\devtc.dll
UPEK Inc.
PSuite fingerprint sensor device driver
.text,.rdata,.data,.rsrc,.reloc,
00A40000[0001F000]
[ M] 218. c:\program files\common files\virtual token\btcver.dll
UPEK Inc.
PSuite biometric module
.text,.rdata,.data,.rsrc,.reloc,
00A60000[0002C000]
[ M] 201. c:\program files\common files\virtual token\remote.dll
UPEK Inc.
RemoteManager library
.text,.rdata,.data,.rsrc,.reloc,
00C90000[00019000]
[ M] 203. c:\program files\common files\virtual token\config.dll
UPEK Inc.
Passport configuration manager
.text,.rdata,.data,.rsrc,.reloc,
00CB0000[00049000]
[ M] 204. c:\program files\common files\virtual token\locpass.dll
UPEK Inc.
Local Passport implementation
.text,.rdata,.data,.rsrc,.reloc,
00D00000[00049000]
[ M] 205. c:\program files\common files\virtual token\sbiopass.dll
UPEK Inc.
Server Bio Passport implementation
.text,.rdata,.data,.rsrc,.reloc,
00D50000[0002C000]
[ M] 219. c:\program files\common files\virtual token\algver.dll
UPEK Inc.
PSuite Algorithms driver
.text,.rdata,.data,.rsrc,.reloc,
01190000[00031000]
[ M] 206. c:\program files\common files\virtual token\psdlg.dll
UPEK Inc.
Protector Suite common dialogs
.text,.rdata,.data,.rsrc,.reloc,
+ 00000474(1140) ibmpmsvc.exe
00400000[0000F000]
[AM] 6. c:\windows\system32\ibmpmsvc.exe
.text,.rdata,.data,.rsrc,
+ 00000498(1176) Ati2evxx.exe
00400000[0005E000]
[AM] 2. c:\windows\system32\ati2evxx.exe
ATI Technologies Inc.
ATI External Event Utility EXE Module
.text,.rdata,.data,.rsrc,
003E0000[0000F000]
[ M] 220. c:\windows\system32\ati2edxx.dll
ATI Technologies, Inc.
ati2edxx
.text,.data,.SHAREDS,.rsrc,.reloc,
+ 000004a4(1188) svchost.exe
0A000000[00012000]
[ M] 159. c:\windows\system32\entapi.dll
McAfee, Inc
EntAPI
.text,.rdata,.data,.rsrc,.reloc,
+ 000004f8(1272) svchost.exe
0A000000[00012000]
[ M] 159. c:\windows\system32\entapi.dll
McAfee, Inc
EntAPI
.text,.rdata,.data,.rsrc,.reloc,
+ 00000558(1368) vstskmgr.exe
00400000[0000B000]
[AM] 10. c:\program files\network associates\virusscan\vstskmgr.exe
Network Associates, Inc.
Task Manager : scheduling and OAS alerting service
.text,.rdata,.data,.rsrc,
文件名和"taskmgr.exe"类似;
18200000[0002A000]
[ M] 221. c:\program files\network associates\virusscan\shutil.dll
McAfee, Inc.
VirusScan Shared Utility Library
.text,.rdata,.data,.rsrc,.reloc,
18440000[00006000]
[ M] 222. c:\program files\network associates\virusscan\naiwmain.dll
Network Associates, Inc.
Shared Library
.text,.rdata,.data,.rsrc,.reloc,
186C0000[0000F000]
[ M] 223. c:\program files\network associates\virusscan\naicondl.dll
Network Associates, Inc.
VirusScan Console Data Layer
.text,.rdata,.data,.rsrc,.reloc,
19340000[00003000]
[ M] 224. c:\program files\network associates\virusscan\res09\vstskmgr.dll
Network Associates, Inc.
English(09) resources for VsTskMgr
.rsrc,.reloc,
180F0000[0001B000]
[ M] 225. c:\program files\network associates\virusscan\bbcpl.dll
McAfee, Inc.
Access Protection Console Plugin
.text,.rdata,.data,.rsrc,.reloc,
187F0000[0001F000]
[ M] 226. c:\program files\network associates\virusscan\coptcpl.dll
Network Associates, Inc.
Virus Scan Console Options
.text,.rdata,.data,.rsrc,.reloc,
18620000[00017000]
[ M] 227. c:\program files\network associates\virusscan\emcfgcpl.dll
McAfee, Inc.
VirusScan e-mail Scan
.text,.rdata,.data,.rsrc,.reloc,
19200000[00009000]
[ M] 228. c:\program files\network associates\virusscan\res09\semalres.dll
Network Associates, Inc.
Resources for VirusScan Mapi Mail Scanner
.rsrc,.reloc,
19250000[00004000]
[ M] 229. c:\program files\network associates\virusscan\res09\product.dll
Network Associates, Inc.
English(09) common resources
.rsrc,.reloc,
18190000[0000F000]
[ M] 230. c:\program files\network associates\virusscan\nvpcpl.dll
Network Associates, Inc.
VirusScan Unwanted Programs Policy Console Plugin
.text,.rdata,.data,.rsrc,.reloc,
18300000[0001C000]
[ M] 231. c:\program files\network associates\virusscan\ftcfg.dll
Network Associates, Inc.
Filter Configuration Resource Library
.text,.rdata,.data,.rsrc,.reloc,
12400000[00066000]
[ M] 187. c:\program files\network associates\virusscan\mytilus.dll
McAfee, Inc.
Common Shell - Scanners' interface to the engine
.text,.rdata,.data,.rsrc,.reloc,
12580000[00005000]
[ M] 184. c:\program files\network associates\virusscan\res09\mcshield.dll
Network Associates, Inc.
English (09) resources for McShield
.rsrc,.reloc,
18090000[0000B000]
[ M] 232. c:\program files\network associates\virusscan\oascpl.dll
Network Associates, Inc.
VirusScan On-Access Scanner Console Plugin
.text,.rdata,.data,.rsrc,.reloc,
18480000[00038000]
[ M] 233. c:\program files\network associates\virusscan\vsodscpl.dll
McAfee, Inc.
VirusScan On-Demand Console Plugin
.text,.rdata,.data,.rsrc,.reloc,
UFO哈哈 - 2007-9-29 20:39:00
22500000[0000F000]
[ M] 185. c:\program files\network associates\virusscan\ftl.dll
Network Associates, Inc.
File Filter Library
.text,.rdata,.data,.rsrc,.reloc,
18980000[00012000]
[ M] 234. c:\program files\network associates\virusscan\vsupdcpl.dll
Network Associates, Inc.
VirusScan Update Console Plugin
.text,.rdata,.data,.rsrc,.reloc,
10000000[0001D000]
[ M] 235. c:\program files\network associates\virusscan\midutil.dll
McAfee, Inc.
MID Config Applicator
.text,.rdata,.data,.rsrc,.reloc,
+ 00000588(1416) svchost.exe
0A000000[00012000]
[ M] 159. c:\windows\system32\entapi.dll
McAfee, Inc
EntAPI
.text,.rdata,.data,.rsrc,.reloc,
50E60000[0000C000]
[ M] 236. c:\windows\system32\wups2.dll
Microsoft Corporation
Windows Update client proxy stub 2
.text,.orpc,.data,.rsrc,.reloc,
+ 000005bc(1468) p2psvr.exe
00400000[00016000]
[AM] 12. c:\program files\common files\sogou pxp\p2psvr.exe
Sohu.com Inc.
Sogou PXP Streaming Service
.text,.rdata,.data,.rsrc,
10000000[00032000]
[ M] 237. c:\program files\sogou pxp\vodsvr.dll
Sohu.com Inc.
Sogou VOD Service Plugin
.text,.rdata,.data,.rsrc,.reloc,
00BA0000[00025000]
[ M] 238. c:\program files\sogou pxp\pxpnet.dll
Sohu.com Inc.
Sogou PXP Network Plugin
.text,.rdata,.data,.rsrc,.reloc,
00BE0000[00037000]
[ M] 239. c:\program files\sogou pxp\p2pclient.dll
Sohu.com Inc.
P2P Client Plugin
.text,.rdata,.data,.rsrc,.reloc,
+ 000005dc(1500) EvtEng.exe
00400000[00016000]
[AM] 4. c:\program files\intel\wireless\bin\evteng.exe
Intel Corporation
EvtEng Module
.text,.rdata,.data,.rsrc,
10000000[00030000]
[ M] 240. c:\program files\intel\wireless\bin\psregapi.dll
Intel Corporation
PsRegApi
.text,.rdata,.data,.rsrc,.reloc,
00370000[00023000]
[ M] 241. c:\program files\intel\wireless\bin\traceapi.dll
Intel Corporation
TraceAPI Module
.text,.rdata,.data,.rsrc,.reloc,
+ 000005f0(1520) S24EvMon.exe
00400000[00063000]
[AM] 15. c:\program files\intel\wireless\bin\s24evmon.exe
Intel Corporation
Event Monitor - Supports driver extensions to NIC Driver for wireless adapters.
.text,.rdata,.data,.rsrc,
10000000[00023000]
[ M] 241. c:\program files\intel\wireless\bin\traceapi.dll
Intel Corporation
TraceAPI Module
.text,.rdata,.data,.rsrc,.reloc,
00370000[00030000]
[ M] 240. c:\program files\intel\wireless\bin\psregapi.dll
Intel Corporation
PsRegApi
.text,.rdata,.data,.rsrc,.reloc,
+ 00000620(1568) svchost.exe
0A000000[00012000]
[ M] 159. c:\windows\system32\entapi.dll
McAfee, Inc
EntAPI
.text,.rdata,.data,.rsrc,.reloc,
+ 0000067c(1660) SynTPLpr.exe
00400000[0001B000]
[AM] 124. c:\program files\synaptics\syntp\syntplpr.exe
Synaptics, Inc.
TouchPad Driver Helper Application
.text,.rdata,.data,.rsrc,
63000000[00014000]
[ M] 242. c:\windows\system32\syntpfcs.dll
Synaptics, Inc.
SynTPFcs
.text,.rdata,.data,.idata,.rsrc,.reloc,
10000000[0001B000]
[ M] 157. f:\ufo771至尊星\新建文件夹\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
010B0000[00029000]
[ M] 156. c:\program files\tencent\ssplus\splus.dll
TENCENT
.text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc,
+ 00000684(1668) QCONSVC.EXE
00400000[00015000]
[AM] 13. c:\windows\system32\qconsvc.exe
IBM Corp.
IBM Access Connections - Service Component.
.text,.rdata,.data,.rsrc,
+ 000006b0(1712) svchost.exe
0A000000[00012000]
[ M] 159. c:\windows\system32\entapi.dll
McAfee, Inc
EntAPI
.text,.rdata,.data,.rsrc,.reloc,
+ 000007c4(1988) RegSrvc.exe
00400000[00026000]
[AM] 14. c:\program files\intel\wireless\bin\regsrvc.exe
Intel Corporation
RegSrvc Module
.text,.rdata,.data,.rsrc,
+ 00000808(2056) TpShocks.exe
00400000[0001C000]
[AM] 125. c:\windows\system32\tpshocks.exe
IBM Corp.
IBM Active Protection System
.text,.rdata,.data,.rsrc,
10000000[00015000]
[ M] 243. c:\program files\thinkpad\tpshocks\mui\0804\tpshocks.dll
IBM Corp.
IBM Active Protection System
.text,.rdata,.data,.rsrc,.reloc,
00A20000[0000F000]
[ M] 244. c:\windows\system32\sensor.dll
IBM Corporation
IBM Active Protection System - Shock Sensor Module
.text,.rdata,.data,.rsrc,.reloc,
00BA0000[0001B000]
[ M] 157. f:\ufo771至尊星\新建文件夹\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
00CF0000[00029000]
[ M] 156. c:\program files\tencent\ssplus\splus.dll
TENCENT
.text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc,
+ 00000818(2072) TPHKMGR.exe
00400000[00019000]
[AM] 126. c:\program files\thinkpad\pkgmgr\hotkey\tphkmgr.exe
.text,.rdata,.data,
文件名和"taskmgr.exe"类似;
72D10000[00008000]
[ M] 207. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
10000000[00006000]
[ M] 245. c:\program files\thinkpad\pkgmgr\hotkey_2\tphk_2k.dll
.text,.rdata,.data,.reloc,
00DF0000[00012000]
[ M] 246. c:\windows\system32\oemdspif.dll
ATI Technologies, Inc.
ATI Driver Interface DLL
.text,.rdata,.data,.rsrc,.reloc,
00E20000[00037000]
[ M] 247. c:\program files\thinkpad\pkgmgr\hotkey\tpfnf7.dll
.text,.rdata,.data,.rsrc,.reloc,
01160000[0001B000]
[ M] 157. f:\ufo771至尊星\新建文件夹\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
012B0000[00029000]
[ M] 156. c:\program files\tencent\ssplus\splus.dll
TENCENT
.text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc,
+ 00000864(2148) svchost.exe
0A000000[00012000]
[ M] 159. c:\windows\system32\entapi.dll
McAfee, Inc
EntAPI
.text,.rdata,.data,.rsrc,.reloc,
+ 00000878(2168) TPHDEXLG.EXE
00400000[0001E000]
[AM] 18. c:\windows\system32\tphdexlg.exe
IBM Corporation
IBM Active Protection System - HDD Logger Module
.text,.rdata,.data,.rsrc,
+ 000008b8(2232) EzEjMnAp.Exe
00400000[00039000]
[AM] 129. c:\program files\thinkpad\utilities\ezejmnap.exe
IBM Corp.
IBM ThinkPad EasyEject Support Application
.text,.rdata,.data,.rsrc,
10000000[00009000]
[ M] 248. c:\program files\thinkpad\utilities\us\ezmapres.dll
.text,.rdata,.data,.rsrc,.reloc,
00E50000[0001B000]
[ M] 157. f:\ufo771至尊星\新建文件夹\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
00FA0000[00029000]
[ M] 156. c:\program files\tencent\ssplus\splus.dll
TENCENT
.text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc,
+ 000008dc(2268) SMax4PNP.exe
00400000[00153000]
[AM] 130. c:\program files\analog devices\soundmax\smax4pnp.exe
Analog Devices, Inc.
SMax4PNP MFC Application
.text,.rdata,.data,.rsrc,
10000000[0004C000]
[ M] 249. c:\program files\analog devices\soundmax\smwdmif.dll
Analog Devices, Inc.
SMWDM Interface DLL
.text,.rdata,.data,.idata,.rsrc,.reloc,
5FD00000[00009000]
[ M] 214. c:\windows\system32\mfc42loc.dll
Microsoft Corporation
MFC Language Specific Resources
.rsrc,.reloc,
00D30000[00029000]
[ M] 156. c:\program files\tencent\ssplus\splus.dll
TENCENT
.text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc,
72D10000[00008000]
[ M] 207. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
01530000[0001B000]
[ M] 157. f:\ufo771至尊星\新建文件夹\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 000008e4(2276) TpKmpSVC.exe
00400000[0000A000]
[AM] 19. c:\windows\system32\tpkmpsvc.exe
.text,.rdata,.data,
+ 000008f4(2292) ibmprc.exe
00400000[00018000]
[AM] 132. c:\ibmtools\utils\ibmprc.exe
IBM Corp.
ibmprc Application
.text,.rdata,.data,.rsrc,
10000000[0001B000]
[ M] 157. f:\ufo771至尊星\新建文件夹\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
00AA0000[00029000]
[ M] 156. c:\program files\tencent\ssplus\splus.dll
TENCENT
.text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc,
+ 000008fc(2300) QCWLICON.EXE
00400000[00017000]
[AM] 133. c:\program files\thinkpad\connectutilities\qcwlicon.exe
IBM Corp.
IBM Access Connections - Wireless Status Icon.
.text,.rdata,.data,.idata,.rsrc,.reloc,
20000000[0011B000]
[ M] 250. c:\program files\thinkpad\connectutilities\qcon.dll
IBM Corp.
IBM Access Connections - Core DLL.
.text,.rdata,.data,.QconDll,QCWLStat,QCTrayIF,QCState,.rsrc,.reloc,
10000000[0002B000]
[ M] 251. c:\program files\thinkpad\connectutilities\merlinc201.dll
Novatel Wireless Inc.
MerlinC201
.text,.rdata,.data,.shared,_TEXT_HA,.rsrc,.reloc,
5FD00000[00009000]
[ M] 214. c:\windows\system32\mfc42loc.dll
Microsoft Corporation
MFC Language Specific Resources
.rsrc,.reloc,
00A50000[00006000]
[ M] 252. c:\program files\thinkpad\connectutilities\res\sc\iconres.dll
.text,.rdata,.data,.rsrc,.reloc,
UFO哈哈 - 2007-9-29 20:42:00
01220000[00029000]
[ M] 156. c:\program files\tencent\ssplus\splus.dll
TENCENT
.text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc,
012A0000[0001B000]
[ M] 157. f:\ufo771至尊星\新建文件夹\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 00000924(2340) rundll32.exe
10000000[00024000]
[ M] 253. c:\program files\thinkpad\utilities\pwrmgrtr.dll
IBM Corp.
IBM ThinkPad Power Manager Background Monitor and Tray Battery Gauge
.text,.rdata,.data,.pm_shar,.rsrc,.reloc,
5FD00000[00009000]
[ M] 214. c:\windows\system32\mfc42loc.dll
Microsoft Corporation
MFC Language Specific Resources
.rsrc,.reloc,
5D360000[0000A000]
[ M] 215. c:\windows\system32\mfc71chs.dll
Microsoft Corporation
MFC Language Specific Resources
.rsrc,.reloc,
00DE0000[00029000]
[ M] 156. c:\program files\tencent\ssplus\splus.dll
TENCENT
.text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc,
00E60000[000BD000]
[ M] 216. f:\ufo771至尊星\新建文件夹\rasgui.dll
Beijing Rising Technology Co., Ltd.
RasGUI
.text,.rdata,.data,.rsrc,.reloc,
01580000[00011000]
[AM] 119. c:\windows\system32\shlhook.dll
Beijing Rising Technology Co., Ltd.
shlhook Module
.text,.rdata,.data,.rsrc,.reloc,
01790000[0001B000]
[ M] 157. f:\ufo771至尊星\新建文件夹\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
01B20000[0000A000]
[ M] 158. c:\program files\mywebsearch\bar\1.bin\mwsoestb.dll
MyWebSearch.com
My Web Search Plugin Loader
.text,.rdata,.data,.rsrc,.reloc,
+ 00000460(1120) vtserver.exe
00400000[0000D000]
[AM] 21. c:\program files\common files\virtual token\vtserver.exe
UPEK Inc.
Passport Server Module
.text,.rdata,.data,.rsrc,
10000000[0002B000]
[ M] 199. c:\program files\common files\virtual token\psutil.dll
UPEK Inc.
PSuite utility library
.text,.rdata,.data,.rsrc,.reloc,
00940000[0001D000]
[AM] 80. c:\program files\ibm fingerprint software\psfus.dll
UPEK Inc.
Fast User Switching library
.text,.rdata,.data,.rsrc,.reloc,
00980000[0002D000]
[ M] 202. c:\program files\common files\virtual token\passport.dll
UPEK Inc.
Passport Manager Implementation
.text,.rdata,.data,.rsrc,.reloc,
009B0000[0004F000]
[ M] 217. c:\program files\common files\virtual token\devtc.dll
UPEK Inc.
PSuite fingerprint sensor device driver
.text,.rdata,.data,.rsrc,.reloc,
00A40000[0001F000]
[ M] 218. c:\program files\common files\virtual token\btcver.dll
UPEK Inc.
PSuite biometric module
.text,.rdata,.data,.rsrc,.reloc,
00A60000[0002C000]
[ M] 201. c:\program files\common files\virtual token\remote.dll
UPEK Inc.
RemoteManager library
.text,.rdata,.data,.rsrc,.reloc,
00C90000[00019000]
[ M] 203. c:\program files\common files\virtual token\config.dll
UPEK Inc.
Passport configuration manager
.text,.rdata,.data,.rsrc,.reloc,
00CB0000[00049000]
[ M] 204. c:\program files\common files\virtual token\locpass.dll
UPEK Inc.
Local Passport implementation
.text,.rdata,.data,.rsrc,.reloc,
00D00000[00049000]
[ M] 205. c:\program files\common files\virtual token\sbiopass.dll
UPEK Inc.
Server Bio Passport implementation
.text,.rdata,.data,.rsrc,.reloc,
00D50000[0002C000]
[ M] 219. c:\program files\common files\virtual token\algver.dll
UPEK Inc.
PSuite Algorithms driver
.text,.rdata,.data,.rsrc,.reloc,
01190000[00031000]
[ M] 206. c:\program files\common files\virtual token\psdlg.dll
UPEK Inc.
Protector Suite common dialogs
.text,.rdata,.data,.rsrc,.reloc,
+ 00000474(1140) ibmpmsvc.exe
00400000[0000F000]
[AM] 6. c:\windows\system32\ibmpmsvc.exe
.text,.rdata,.data,.rsrc,
+ 00000498(1176) Ati2evxx.exe
00400000[0005E000]
[AM] 2. c:\windows\system32\ati2evxx.exe
ATI Technologies Inc.
ATI External Event Utility EXE Module
.text,.rdata,.data,.rsrc,
003E0000[0000F000]
[ M] 220. c:\windows\system32\ati2edxx.dll
ATI Technologies, Inc.
ati2edxx
.text,.data,.SHAREDS,.rsrc,.reloc,
+ 000004a4(1188) svchost.exe
0A000000[00012000]
[ M] 159. c:\windows\system32\entapi.dll
McAfee, Inc
EntAPI
.text,.rdata,.data,.rsrc,.reloc,
+ 000004f8(1272) svchost.exe
0A000000[00012000]
[ M] 159. c:\windows\system32\entapi.dll
McAfee, Inc
EntAPI
.text,.rdata,.data,.rsrc,.reloc,
+ 00000558(1368) vstskmgr.exe
00400000[0000B000]
[AM] 10. c:\program files\network associates\virusscan\vstskmgr.exe
Network Associates, Inc.
Task Manager : scheduling and OAS alerting service
.text,.rdata,.data,.rsrc,
文件名和"taskmgr.exe"类似;
18200000[0002A000]
[ M] 221. c:\program files\network associates\virusscan\shutil.dll
McAfee, Inc.
VirusScan Shared Utility Library
.text,.rdata,.data,.rsrc,.reloc,
18440000[00006000]
[ M] 222. c:\program files\network associates\virusscan\naiwmain.dll
Network Associates, Inc.
Shared Library
.text,.rdata,.data,.rsrc,.reloc,
186C0000[0000F000]
[ M] 223. c:\program files\network associates\virusscan\naicondl.dll
Network Associates, Inc.
VirusScan Console Data Layer
.text,.rdata,.data,.rsrc,.reloc,
19340000[00003000]
[ M] 224. c:\program files\network associates\virusscan\res09\vstskmgr.dll
Network Associates, Inc.
English(09) resources for VsTskMgr
.rsrc,.reloc,
180F0000[0001B000]
[ M] 225. c:\program files\network associates\virusscan\bbcpl.dll
McAfee, Inc.
Access Protection Console Plugin
.text,.rdata,.data,.rsrc,.reloc,
187F0000[0001F000]
[ M] 226. c:\program files\network associates\virusscan\coptcpl.dll
Network Associates, Inc.
Virus Scan Console Options
.text,.rdata,.data,.rsrc,.reloc,
18620000[00017000]
[ M] 227. c:\program files\network associates\virusscan\emcfgcpl.dll
McAfee, Inc.
VirusScan e-mail Scan
UFO哈哈 - 2007-9-29 20:44:00
.text,.rdata,.data,.rsrc,.reloc,
19200000[00009000]
[ M] 228. c:\program files\network associates\virusscan\res09\semalres.dll
Network Associates, Inc.
Resources for VirusScan Mapi Mail Scanner
.rsrc,.reloc,
19250000[00004000]
[ M] 229. c:\program files\network associates\virusscan\res09\product.dll
Network Associates, Inc.
English(09) common resources
.rsrc,.reloc,
18190000[0000F000]
[ M] 230. c:\program files\network associates\virusscan\nvpcpl.dll
Network Associates, Inc.
VirusScan Unwanted Programs Policy Console Plugin
.text,.rdata,.data,.rsrc,.reloc,
18300000[0001C000]
[ M] 231. c:\program files\network associates\virusscan\ftcfg.dll
Network Associates, Inc.
Filter Configuration Resource Library
.text,.rdata,.data,.rsrc,.reloc,
12400000[00066000]
[ M] 187. c:\program files\network associates\virusscan\mytilus.dll
McAfee, Inc.
Common Shell - Scanners' interface to the engine
.text,.rdata,.data,.rsrc,.reloc,
12580000[00005000]
[ M] 184. c:\program files\network associates\virusscan\res09\mcshield.dll
Network Associates, Inc.
English (09) resources for McShield
.rsrc,.reloc,
18090000[0000B000]
[ M] 232. c:\program files\network associates\virusscan\oascpl.dll
Network Associates, Inc.
VirusScan On-Access Scanner Console Plugin
.text,.rdata,.data,.rsrc,.reloc,
18480000[00038000]
[ M] 233. c:\program files\network associates\virusscan\vsodscpl.dll
McAfee, Inc.
VirusScan On-Demand Console Plugin
.text,.rdata,.data,.rsrc,.reloc,
22500000[0000F000]
[ M] 185. c:\program files\network associates\virusscan\ftl.dll
Network Associates, Inc.
File Filter Library
.text,.rdata,.data,.rsrc,.reloc,
18980000[00012000]
[ M] 234. c:\program files\network associates\virusscan\vsupdcpl.dll
Network Associates, Inc.
VirusScan Update Console Plugin
.text,.rdata,.data,.rsrc,.reloc,
10000000[0001D000]
[ M] 235. c:\program files\network associates\virusscan\midutil.dll
McAfee, Inc.
MID Config Applicator
.text,.rdata,.data,.rsrc,.reloc,
+ 00000588(1416) svchost.exe
0A000000[00012000]
[ M] 159. c:\windows\system32\entapi.dll
McAfee, Inc
EntAPI
.text,.rdata,.data,.rsrc,.reloc,
50E60000[0000C000]
[ M] 236. c:\windows\system32\wups2.dll
Microsoft Corporation
Windows Update client proxy stub 2
.text,.orpc,.data,.rsrc,.reloc,
+ 000005bc(1468) p2psvr.exe
00400000[00016000]
[AM] 12. c:\program files\common files\sogou pxp\p2psvr.exe
Sohu.com Inc.
Sogou PXP Streaming Service
.text,.rdata,.data,.rsrc,
10000000[00032000]
[ M] 237. c:\program files\sogou pxp\vodsvr.dll
Sohu.com Inc.
Sogou VOD Service Plugin
.text,.rdata,.data,.rsrc,.reloc,
00BA0000[00025000]
[ M] 238. c:\program files\sogou pxp\pxpnet.dll
Sohu.com Inc.
Sogou PXP Network Plugin
.text,.rdata,.data,.rsrc,.reloc,
00BE0000[00037000]
[ M] 239. c:\program files\sogou pxp\p2pclient.dll
Sohu.com Inc.
P2P Client Plugin
.text,.rdata,.data,.rsrc,.reloc,
+ 000005dc(1500) EvtEng.exe
00400000[00016000]
[AM] 4. c:\program files\intel\wireless\bin\evteng.exe
Intel Corporation
EvtEng Module
.text,.rdata,.data,.rsrc,
10000000[00030000]
[ M] 240. c:\program files\intel\wireless\bin\psregapi.dll
Intel Corporation
PsRegApi
.text,.rdata,.data,.rsrc,.reloc,
00370000[00023000]
[ M] 241. c:\program files\intel\wireless\bin\traceapi.dll
Intel Corporation
TraceAPI Module
.text,.rdata,.data,.rsrc,.reloc,
+ 000005f0(1520) S24EvMon.exe
00400000[00063000]
[AM] 15. c:\program files\intel\wireless\bin\s24evmon.exe
Intel Corporation
Event Monitor - Supports driver extensions to NIC Driver for wireless adapters.
.text,.rdata,.data,.rsrc,
10000000[00023000]
[ M] 241. c:\program files\intel\wireless\bin\traceapi.dll
Intel Corporation
TraceAPI Module
.text,.rdata,.data,.rsrc,.reloc,
00370000[00030000]
[ M] 240. c:\program files\intel\wireless\bin\psregapi.dll
Intel Corporation
PsRegApi
.text,.rdata,.data,.rsrc,.reloc,
+ 00000620(1568) svchost.exe
0A000000[00012000]
[ M] 159. c:\windows\system32\entapi.dll
McAfee, Inc
EntAPI
.text,.rdata,.data,.rsrc,.reloc,
+ 0000067c(1660) SynTPLpr.exe
00400000[0001B000]
[AM] 124. c:\program files\synaptics\syntp\syntplpr.exe
Synaptics, Inc.
TouchPad Driver Helper Application
.text,.rdata,.data,.rsrc,
63000000[00014000]
[ M] 242. c:\windows\system32\syntpfcs.dll
Synaptics, Inc.
SynTPFcs
.text,.rdata,.data,.idata,.rsrc,.reloc,
10000000[0001B000]
[ M] 157. f:\ufo771至尊星\新建文件夹\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
010B0000[00029000]
[ M] 156. c:\program files\tencent\ssplus\splus.dll
TENCENT
.text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc,
+ 00000684(1668) QCONSVC.EXE
00400000[00015000]
[AM] 13. c:\windows\system32\qconsvc.exe
IBM Corp.
IBM Access Connections - Service Component.
.text,.rdata,.data,.rsrc,
+ 000006b0(1712) svchost.exe
0A000000[00012000]
[ M] 159. c:\windows\system32\entapi.dll
McAfee, Inc
EntAPI
.text,.rdata,.data,.rsrc,.reloc,
+ 000007c4(1988) RegSrvc.exe
00400000[00026000]
[AM] 14. c:\program files\intel\wireless\bin\regsrvc.exe
Intel Corporation
RegSrvc Module
.text,.rdata,.data,.rsrc,
+ 00000808(2056) TpShocks.exe
00400000[0001C000]
[AM] 125. c:\windows\system32\tpshocks.exe
IBM Corp.
IBM Active Protection System
.text,.rdata,.data,.rsrc,
10000000[00015000]
[ M] 243. c:\program files\thinkpad\tpshocks\mui\0804\tpshocks.dll
IBM Corp.
IBM Active Protection System
.text,.rdata,.data,.rsrc,.reloc,
00A20000[0000F000]
[ M] 244. c:\windows\system32\sensor.dll
IBM Corporation
IBM Active Protection System - Shock Sensor Module
.text,.rdata,.data,.rsrc,.reloc,
00BA0000[0001B000]
[ M] 157. f:\ufo771至尊星\新建文件夹\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
00CF0000[00029000]
[ M] 156. c:\program files\tencent\ssplus\splus.dll
TENCENT
.text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc,
+ 00000818(2072) TPHKMGR.exe
00400000[00019000]
[AM] 126. c:\program files\thinkpad\pkgmgr\hotkey\tphkmgr.exe
.text,.rdata,.data,
文件名和"taskmgr.exe"类似;
72D10000[00008000]
[ M] 207. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
UFO哈哈 - 2007-9-29 20:45:00
10000000[00006000]
[ M] 245. c:\program files\thinkpad\pkgmgr\hotkey_2\tphk_2k.dll
.text,.rdata,.data,.reloc,
00DF0000[00012000]
[ M] 246. c:\windows\system32\oemdspif.dll
ATI Technologies, Inc.
ATI Driver Interface DLL
.text,.rdata,.data,.rsrc,.reloc,
00E20000[00037000]
[ M] 247. c:\program files\thinkpad\pkgmgr\hotkey\tpfnf7.dll
.text,.rdata,.data,.rsrc,.reloc,
01160000[0001B000]
[ M] 157. f:\ufo771至尊星\新建文件夹\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
012B0000[00029000]
[ M] 156. c:\program files\tencent\ssplus\splus.dll
TENCENT
.text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc,
+ 00000864(2148) svchost.exe
0A000000[00012000]
[ M] 159. c:\windows\system32\entapi.dll
McAfee, Inc
EntAPI
.text,.rdata,.data,.rsrc,.reloc,
+ 00000878(2168) TPHDEXLG.EXE
00400000[0001E000]
[AM] 18. c:\windows\system32\tphdexlg.exe
IBM Corporation
IBM Active Protection System - HDD Logger Module
.text,.rdata,.data,.rsrc,
+ 000008b8(2232) EzEjMnAp.Exe
00400000[00039000]
[AM] 129. c:\program files\thinkpad\utilities\ezejmnap.exe
IBM Corp.
IBM ThinkPad EasyEject Support Application
.text,.rdata,.data,.rsrc,
10000000[00009000]
[ M] 248. c:\program files\thinkpad\utilities\us\ezmapres.dll
.text,.rdata,.data,.rsrc,.reloc,
00E50000[0001B000]
[ M] 157. f:\ufo771至尊星\新建文件夹\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
00FA0000[00029000]
[ M] 156. c:\program files\tencent\ssplus\splus.dll
TENCENT
.text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc,
+ 000008dc(2268) SMax4PNP.exe
00400000[00153000]
[AM] 130. c:\program files\analog devices\soundmax\smax4pnp.exe
Analog Devices, Inc.
SMax4PNP MFC Application
.text,.rdata,.data,.rsrc,
10000000[0004C000]
[ M] 249. c:\program files\analog devices\soundmax\smwdmif.dll
Analog Devices, Inc.
SMWDM Interface DLL
.text,.rdata,.data,.idata,.rsrc,.reloc,
5FD00000[00009000]
[ M] 214. c:\windows\system32\mfc42loc.dll
Microsoft Corporation
MFC Language Specific Resources
.rsrc,.reloc,
00D30000[00029000]
[ M] 156. c:\program files\tencent\ssplus\splus.dll
TENCENT
.text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc,
72D10000[00008000]
[ M] 207. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
01530000[0001B000]
[ M] 157. f:\ufo771至尊星\新建文件夹\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 000008e4(2276) TpKmpSVC.exe
00400000[0000A000]
[AM] 19. c:\windows\system32\tpkmpsvc.exe
.text,.rdata,.data,
+ 000008f4(2292) ibmprc.exe
00400000[00018000]
[AM] 132. c:\ibmtools\utils\ibmprc.exe
IBM Corp.
ibmprc Application
.text,.rdata,.data,.rsrc,
10000000[0001B000]
[ M] 157. f:\ufo771至尊星\新建文件夹\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
00AA0000[00029000]
[ M] 156. c:\program files\tencent\ssplus\splus.dll
TENCENT
.text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc,
+ 000008fc(2300) QCWLICON.EXE
00400000[00017000]
[AM] 133. c:\program files\thinkpad\connectutilities\qcwlicon.exe
IBM Corp.
IBM Access Connections - Wireless Status Icon.
.text,.rdata,.data,.idata,.rsrc,.reloc,
20000000[0011B000]
[ M] 250. c:\program files\thinkpad\connectutilities\qcon.dll
IBM Corp.
IBM Access Connections - Core DLL.
.text,.rdata,.data,.QconDll,QCWLStat,QCTrayIF,QCState,.rsrc,.reloc,
10000000[0002B000]
[ M] 251. c:\program files\thinkpad\connectutilities\merlinc201.dll
Novatel Wireless Inc.
MerlinC201
.text,.rdata,.data,.shared,_TEXT_HA,.rsrc,.reloc,
5FD00000[00009000]
[ M] 214. c:\windows\system32\mfc42loc.dll
Microsoft Corporation
MFC Language Specific Resources
.rsrc,.reloc,
00A50000[00006000]
[ M] 252. c:\program files\thinkpad\connectutilities\res\sc\iconres.dll
.text,.rdata,.data,.rsrc,.reloc,
01220000[00029000]
[ M] 156. c:\program files\tencent\ssplus\splus.dll
TENCENT
.text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc,
012A0000[0001B000]
[ M] 157. f:\ufo771至尊星\新建文件夹\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 00000924(2340) rundll32.exe
10000000[00024000]
[ M] 253. c:\program files\thinkpad\utilities\pwrmgrtr.dll
IBM Corp.
IBM ThinkPad Power Manager Background Monitor and Tray Battery Gauge
.text,.rdata,.data,.pm_shar,.rsrc,.reloc,
5FD00000[00009000]
[ M] 214. c:\windows\system32\mfc42loc.dll
Microsoft Corporation
MFC Language Specific Resources
.rsrc,.reloc,
00A90000[00029000]
[ M] 156. c:\program files\tencent\ssplus\splus.dll
TENCENT
.text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc,
00D20000[00008000]
[ M] 254. c:\program files\thinkpad\utilities\us\pwrmgrrt.dll
.text,.rdata,.data,.rsrc,.reloc,
00D30000[00012000]
[ M] 255. c:\program files\thinkpad\utilities\pwrmgrif.dll
.text,.rdata,.data,.sh_data,.reloc,
00E60000[0000F000]
[ M] 244. c:\windows\system32\sensor.dll
IBM Corporation
IBM Active Protection System - Shock Sensor Module
.text,.rdata,.data,.rsrc,.reloc,
00E80000[00012000]
[ M] 246. c:\windows\system32\oemdspif.dll
ATI Technologies, Inc.
ATI Driver Interface DLL
.text,.rdata,.data,.rsrc,.reloc,
00F50000[0001B000]
[ M] 157. f:\ufo771至尊星\新建文件夹\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 00000970(2416) runiep.exe
00400000[00013000]
[AM] 142. f:\ufo771至尊星\新建文件夹\runiep.exe
Beijing Rising Technology Co., Ltd.
Rising AntiSpyware Monitor
.text,.rdata,.data,.rsrc,
5FD00000[00009000]
[ M] 214. c:\windows\system32\mfc42loc.dll
Microsoft Corporation
MFC Language Specific Resources
.rsrc,.reloc,
10000000[00029000]
[ M] 156. c:\program files\tencent\ssplus\splus.dll
TENCENT
.text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc,
00C70000[0001B000]
[ M] 157. f:\ufo771至尊星\新建文件夹\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 000009d8(2520) VM305_STI.EXE
00400000[00013000]
[AM] 136. c:\windows\vm305_sti.exe
Vimicro
Vimicro
.text,.rdata,.data,.rsrc,
10000000[0001B000]
[ M] 157. f:\ufo771至尊星\新建文件夹\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
01070000[00029000]
[ M] 156. c:\program files\tencent\ssplus\splus.dll
TENCENT
.text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc,
+ 000009f0(2544) UpdaterUI.exe
00400000[00021000]
[AM] 137. c:\program files\network associates\common framework\updaterui.exe
McAfee, Inc.
Common User Interface
.text,.rdata,.data,.rsrc,
642C0000[00007000]
[ M] 160. c:\program files\network associates\common framework\nailog.dll
McAfee, Inc.
Debug Logging
.text,.rdata,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 161. c:\program files\network associates\common framework\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
64250000[00032000]
[ M] 164. c:\program files\network associates\common framework\nacmnlib71.dll
McAfee, Inc.
Common Library
.text,.rdata,.data,.rsrc,.reloc,
64360000[00036000]
[ M] 162. c:\program files\network associates\common framework\naxml71.dll
.text,.rdata,.data,.reloc,
7C3A0000[0007B000]
[ M] 163. c:\program files\network associates\common framework\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
640C0000[0000A000]
[ M] 173. c:\program files\network associates\common framework\cmalib.dll
McAfee, Inc.
CMA Library
.text,.rdata,.data,.rsrc,.reloc,
UFO哈哈 - 2007-9-29 20:46:00
64080000[00028000]
[ M] 165. c:\program files\network associates\common framework\applib.dll
McAfee, Inc.
CMA Application Library
.text,.rdata,.data,.rsrc,.reloc,
64520000[00014000]
[ M] 256. c:\program files\network associates\common framework\0409\updres.dll
McAfee, Inc.
Common UI Resources
.text,.rdata,.data,.rsrc,.reloc,
64060000[00019000]
[ M] 166. c:\program files\network associates\common framework\0409\agentres.dll
McAfee, Inc.
Agent Subsystem Resources
.text,.rdata,.data,.rsrc,.reloc,
10000000[00029000]
[ M] 156. c:\program files\tencent\ssplus\splus.dll
TENCENT
.text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc,
64460000[00010000]
[ M] 171. c:\program files\network associates\common framework\secureframeworkfactory.dll
McAfee, Inc.
Secure Framework Factory
.text,.rdata,.data,.rsrc,.reloc,
01100000[0000A000]
[ M] 158. c:\program files\mywebsearch\bar\1.bin\mwsoestb.dll
MyWebSearch.com
My Web Search Plugin Loader
.text,.rdata,.data,.rsrc,.reloc,
01340000[0001B000]
[ M] 157. f:\ufo771至尊星\新建文件夹\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 000009f8(2552) tbmon.exe
00400000[00028000]
[AM] 138. c:\program files\common files\network associates\talkback\tbmon.exe
Network Associates, Inc.
TalkBack Monitor
.text,.rdata,.data,.rsrc,
文件名和"ctfmon.exe"类似;
10000000[0001B000]
[ M] 157. f:\ufo771至尊星\新建文件夹\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
00EC0000[00029000]
[ M] 156. c:\program files\tencent\ssplus\splus.dll
TENCENT
.text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc,
+ 00000a0c(2572) SHSTAT.EXE
00400000[0001B000]
[AM] 139. c:\program files\network associates\virusscan\shstat.exe
McAfee, Inc.
On-access scanner statistics
.text,.rdata,.data,.rsrc,
18200000[0002A000]
[ M] 221. c:\program files\network associates\virusscan\shutil.dll
McAfee, Inc.
VirusScan Shared Utility Library
.text,.rdata,.data,.rsrc,.reloc,
18440000[00006000]
[ M] 222. c:\program files\network associates\virusscan\naiwmain.dll
Network Associates, Inc.
Shared Library
.text,.rdata,.data,.rsrc,.reloc,
19300000[00005000]
[ M] 257. c:\program files\network associates\virusscan\res09\shstat.dll
Network Associates, Inc.
English(09) resources for ShStat
.rsrc,.reloc,
19250000[00004000]
[ M] 229. c:\program files\network associates\virusscan\res09\product.dll
Network Associates, Inc.
English(09) common resources
.rsrc,.reloc,
12580000[00005000]
[ M] 184. c:\program files\network associates\virusscan\res09\mcshield.dll
Network Associates, Inc.
English (09) resources for McShield
.rsrc,.reloc,
19320000[00006000]
[ M] 258. c:\program files\network associates\virusscan\res09\shutilrc.dll
Network Associates, Inc.
English(09) resources for ShUtil
.rsrc,.reloc,
19000000[000DC000]
[ M] 259. c:\program files\network associates\virusscan\graphics.dll
Network Associates, Inc.
VirusScan Graphics
.rdata,.rsrc,.reloc,
10000000[0001B000]
[ M] 157. f:\ufo771至尊星\新建文件夹\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
01340000[00029000]
[ M] 156. c:\program files\tencent\ssplus\splus.dll
TENCENT
.text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc,
+ 00000a24(2596) mwsoemon.exe
00400000[00007000]
[AM] 121. c:\program files\mywebsearch\bar\1.bin\mwsoemon.exe
MyWebSearch.com
My Web Search Plugin Loader
.text,.rdata,.data,.rsrc,
10000000[0000A000]
[ M] 158. c:\program files\mywebsearch\bar\1.bin\mwsoestb.dll
MyWebSearch.com
My Web Search Plugin Loader
.text,.rdata,.data,.rsrc,.reloc,
00A60000[0001B000]
[ M] 157. f:\ufo771至尊星\新建文件夹\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
00BC0000[00029000]
[ M] 156. c:\program files\tencent\ssplus\splus.dll
TENCENT
.text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc,
+ 00000a34(2612) ssmmgr.exe
00400000[0005F000]
[AM] 141. c:\windows\samsung\comsmmgr\ssmmgr.exe
Samsung Electronics.
Samsung Status Monitor Manager
.text,.rdata,.data,.rsrc,
10000000[0001B000]
[ M] 157. f:\ufo771至尊星\新建文件夹\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
00C90000[00029000]
[ M] 156. c:\program files\tencent\ssplus\splus.dll
TENCENT
.text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc,
+ 00000a60(2656) ctfmon.exe
10000000[00029000]
[ M] 156. c:\program files\tencent\ssplus\splus.dll
TENCENT
.text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc,
00AD0000[0001B000]
[ M] 157. f:\ufo771至尊星\新建文件夹\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
00C90000[0000A000]
[ M] 158. c:\program files\mywebsearch\bar\1.bin\mwsoestb.dll
MyWebSearch.com
My Web Search Plugin Loader
.text,.rdata,.data,.rsrc,.reloc,
+ 00000a78(2680) Rundll32.exe
10000000[00029000]
[ M] 156. c:\program files\tencent\ssplus\splus.dll
TENCENT
.text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc,
00CC0000[0001B000]
[ M] 157. f:\ufo771至尊星\新建文件夹\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 00000ad8(2776) WMPNSCFG.exe
01000000[00034000]
[AM] 122. c:\program files\windows media player\wmpnscfg.exe
Microsoft Corporation
Windows Media Player Network Sharing Service Configuration Application
.text,.data,.rsrc,.reloc,
13FE0000[00034000]
[ M] 260. c:\program files\windows media player\wmpnssci.dll
Microsoft Corporation
Windows Media Player Network Sharing Service Control Interface DLL
.text,.data,.rsrc,.reloc,
10000000[0001B000]
[ M] 157. f:\ufo771至尊星\新建文件夹\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
00E40000[00029000]
[ M] 156. c:\program files\tencent\ssplus\splus.dll
TENCENT
.text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc,
+ 00000ae0(2784) MsnMsgr.Exe
00400000[0056A000]
[AM] 123. c:\program files\msn messenger\msnmsgr.exe
Microsoft Corporation
Messenger
.text,.data,.rsrc,
10000000[00006000]
[ M] 261. c:\program files\msn messenger\msimg32.dll
FunWebProducts.com
Smiley Central MSN and IE GDI Ext DLL
.text,.rdata,.data,.rsrc,.reloc,
59100000[000F7000]
[ M] 262. c:\program files\msn messenger\msncore.dll
Microsoft Corporation
Windows Live Client Code Module
.text,.data,.rsrc,.reloc,
27500000[000C8000]
[ M] 263. c:\program files\msn messenger\msidcrl40.dll
Microsoft Corporation
IDCRL Dynamic Link Library
.text,.data,.rsrc,.reloc,
5A700000[00055000]
[ M] 264. c:\program files\msn messenger\contactsux.dll
Microsoft Corporation
Contact UX
.text,.data,.rsrc,.reloc,
012A0000[00029000]
[ M] 156. c:\program files\tencent\ssplus\splus.dll
TENCENT
.text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc,
59300000[00185000]
[ M] 265. c:\program files\msn messenger\msgslang.8.1.0178.00.dll
Microsoft Corporation
Messenger Language Specific Resources
.rsrc,.reloc,
5B200000[0023E000]
[ M] 266. c:\program files\msn messenger\msgsres.dll
Microsoft Corporation
Messenger Resources
.rsrc,.reloc,
79000000[001A4000]
[ M] 267. c:\program files\msn messenger\lcapi.dll
Microsoft Corporation
LC User Agent DLL
.text,.data,.rsrc,.reloc,
7A100000[0005F000]
[ M] 268. c:\program files\msn messenger\lcres.dll
Microsoft Corporation
LC Resource DLL
.rsrc,.reloc,
UFO哈哈 - 2007-9-29 20:47:00
01980000[003DB000]
[ M] 269. c:\program files\msn messenger\rtmpltfm.dll
Microsoft Corporation
Microsoft Real Time Media Stack
.text,IACODE1,IACODE2,EDTQ,MMXCODE1,.no_bbt,RT_CODE,.data,MMXMEDAT,IADATA1,IARDATA2,MMXDATA1,H26xColo,RT_DATA,.rsrc,.reloc,
72D10000[00008000]
[ M] 207. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
01FC0000[0001B000]
[ M] 157. f:\ufo771至尊星\新建文件夹\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
5B500000[000A4000]
[ M] 270. c:\program files\msn messenger\msgswcam.dll
Microsoft Corporation
Messenger WebCam Library
.text,.data,.rsrc,.reloc,
5A600000[00013000]
[ M] 271. c:\windows\system32\sirenacm.dll
Microsoft Corp.
Messenger Audio Codec
.text,.data,.rsrc,.reloc,
07980000[00017000]
[ M] 272. c:\program files\mywebsearch\bar\1.bin\f3reprox.dll
FunWebProducts.com
Smiley Central Rich Edit DLL
.text,.rdata,.data,.rsrc,.reloc,
07C60000[0000A000]
[ M] 158. c:\program files\mywebsearch\bar\1.bin\mwsoestb.dll
MyWebSearch.com
My Web Search Plugin Loader
.text,.rdata,.data,.rsrc,.reloc,
+ 00000b74(2932) TPONSCR.exe
00400000[00015000]
[ M] 273. c:\program files\thinkpad\pkgmgr\hotkey\tponscr.exe
.text,.rdata,.data,.rsrc,
10000000[00029000]
[ M] 156. c:\program files\tencent\ssplus\splus.dll
TENCENT
.text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc,
00B00000[0001B000]
[ M] 157. f:\ufo771至尊星\新建文件夹\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 00000b80(2944) wuauclt.exe
0A000000[00012000]
[ M] 159. c:\windows\system32\entapi.dll
McAfee, Inc
EntAPI
.text,.rdata,.data,.rsrc,.reloc,
50E60000[0000C000]
[ M] 236. c:\windows\system32\wups2.dll
Microsoft Corporation
Windows Update client proxy stub 2
.text,.orpc,.data,.rsrc,.reloc,
+ 00000ba0(2976) wmiprvse.exe
+ 00000bdc(3036) TpScrex.exe
00400000[00017000]
[ M] 274. c:\program files\thinkpad\pkgmgr\hotkey_1\tpscrex.exe
IBM Corporation
ThinkPad UltraZoom
.text,.rdata,.data,.rsrc,
10000000[00029000]
[ M] 156. c:\program files\tencent\ssplus\splus.dll
TENCENT
.text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc,
00A80000[0001B000]
[ M] 157. f:\ufo771至尊星\新建文件夹\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 00000c74(3188) Ati2evxx.exe
00400000[0005E000]
[AM] 2. c:\windows\system32\ati2evxx.exe
ATI Technologies Inc.
ATI External Event Utility EXE Module
.text,.rdata,.data,.rsrc,
003F0000[0000F000]
[ M] 220. c:\windows\system32\ati2edxx.dll
ATI Technologies, Inc.
ati2edxx
.text,.data,.SHAREDS,.rsrc,.reloc,
10000000[0001B000]
[ M] 157. f:\ufo771至尊星\新建文件夹\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
00DF0000[00029000]
[ M] 156. c:\program files\tencent\ssplus\splus.dll
TENCENT
.text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc,
+ 00000cf0(3312) alg.exe
+ 00000d90(3472) wmiprvse.exe
+ 00000df8(3576) acrotray.exe
00400000[00039000]
[AM] 150. c:\program files\adobe\acrobat 6.0\distillr\acrotray.exe
Adobe Systems Inc.
AcroTray
.text,.rdata,.data,.rsrc,
10000000[00007000]
[ M] 275. c:\program files\adobe\acrobat 6.0\distillr\acrotray.chs
Adobe Systems Inc.
AcroTray
.rsrc,.reloc,
00A90000[00029000]
[ M] 156. c:\program files\tencent\ssplus\splus.dll
TENCENT
.text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc,
00B30000[0001B000]
[ M] 157. f:\ufo771至尊星\新建文件夹\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 00000e30(3632) Explorer.EXE
0A000000[00012000]
[ M] 159. c:\windows\system32\entapi.dll
McAfee, Inc
EntAPI
.text,.rdata,.data,.rsrc,.reloc,
164A0000[00023000]
[AM] 120. c:\windows\system32\wpdshserviceobj.dll
Microsoft Corporation
Windows Portable Device Shell Service Object
.text,.data,.rsrc,.reloc,
109C0000[0002C000]
[ M] 276. c:\windows\system32\portabledevicetypes.dll
Microsoft Corporation
Windows Portable Device (Parameter) Types Component
.text,.orpc,.data,.rsrc,.reloc,
10930000[00049000]
[ M] 277. c:\windows\system32\portabledeviceapi.dll
Microsoft Corporation
Windows Portable Device API Components
.text,.orpc,.data,.rsrc,.reloc,
72D10000[00008000]
[ M] 207. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
00CC0000[0001C000]
[AM] 107. c:\program files\adobe\acrobat 7.0\activex\pdfshell.dll
Adobe Systems, Inc.
PDF Shell Extension
.text,.rdata,.data,.rsrc,.reloc,
00D00000[0000A000]
[ M] 158. c:\program files\mywebsearch\bar\1.bin\mwsoestb.dll
MyWebSearch.com
My Web Search Plugin Loader
.text,.rdata,.data,.rsrc,.reloc,
00D20000[0001B000]
[ M] 157. f:\ufo771至尊星\新建文件夹\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
5FD00000[00009000]
[ M] 214. c:\windows\system32\mfc42loc.dll
Microsoft Corporation
MFC Language Specific Resources
.rsrc,.reloc,
00E70000[00029000]
[ M] 156. c:\program files\tencent\ssplus\splus.dll
TENCENT
.text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc,
10000000[00024000]
[ M] 253. c:\program files\thinkpad\utilities\pwrmgrtr.dll
IBM Corp.
IBM ThinkPad Power Manager Background Monitor and Tray Battery Gauge
.text,.rdata,.data,.pm_shar,.rsrc,.reloc,
01790000[00008000]
[ M] 254. c:\program files\thinkpad\utilities\us\pwrmgrrt.dll
.text,.rdata,.data,.rsrc,.reloc,
01830000[00012000]
[ M] 255. c:\program files\thinkpad\utilities\pwrmgrif.dll
.text,.rdata,.data,.sh_data,.reloc,
01850000[0000F000]
[ M] 244. c:\windows\system32\sensor.dll
IBM Corporation
IBM Active Protection System - Shock Sensor Module
.text,.rdata,.data,.rsrc,.reloc,
01D10000[00012000]
[ M] 246. c:\windows\system32\oemdspif.dll
ATI Technologies, Inc.
ATI Driver Interface DLL
.text,.rdata,.data,.rsrc,.reloc,
UFO哈哈 - 2007-9-29 20:49:00
760E0000[00088000]
[ M] 278. c:\program files\internet explorer\mui\0804\shdoclc.dll
Microsoft Corporation
Shell Doc Object and Control Library
.rsrc,.reloc,
00DE0000[00011000]
[AM] 119. c:\windows\system32\shlhook.dll
Beijing Rising Technology Co., Ltd.
shlhook Module
.text,.rdata,.data,.rsrc,.reloc,
+ 00000f08(3848) IEXPLORE.EXE
0A000000[00012000]
[ M] 159. c:\windows\system32\entapi.dll
McAfee, Inc
EntAPI
.text,.rdata,.data,.rsrc,.reloc,
10000000[00029000]
[ M] 156. c:\program files\tencent\ssplus\splus.dll
TENCENT
.text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc,
00AE0000[00037000]
[AM] 87. c:\program files\tencent\ssplus\saddr.dll
Tencent
.text,.rdata,.data,.rsrc,.reloc,
723C0000[00012000]
[ M] 279. c:\program files\internet explorer\mui\0804\browselc.dll
Microsoft Corporation
Shell Browser UI Library
.rsrc,.reloc,
01DA0000[00059000]
[AM] 84. c:\program files\mywebsearch\bar\1.bin\mwsbar.dll
MyWebSearch.com
My Web Search Bar
.text,.rdata,.data,MyWebSea,MyWebSea,.rsrc,.reloc,
023E0000[0001F000]
[ M] 280. c:\program files\mywebsearch\bar\1.bin\f3htmlmu.dll
FunWebProducts.com
Fun Web Products HTML Menu
.text,.rdata,.data,.rsrc,.reloc,
760E0000[00088000]
[ M] 278. c:\program files\internet explorer\mui\0804\shdoclc.dll
Microsoft Corporation
Shell Doc Object and Control Library
.rsrc,.reloc,
026A0000[00037000]
[AM] 88. d:\qqdownload\qqiehelper02.dll
腾讯公司
超级旋风下载组件
.text,.rdata,.data,.rsrc,.reloc,
02780000[0000E000]
[AM] 86. c:\program files\mywebsearch\srchastt\1.bin\mwssrcas.dll
MyWebSearch.com
MyWebSearch Search Assistant
.text,.rdata,.data,MyWebSea,.rsrc,.reloc,
027E0000[0000E000]
[AM] 89. c:\program files\adobe\acrobat 7.0\activex\acroiehelper.dll
Adobe Systems Incorporated
Adobe Acrobat IE Helper Version 7.0 for ActiveX
.text,.rdata,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 281. c:\windows\system32\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
02A00000[00017000]
[AM] 90. d:\others can be deleted late\jccatch.dll
www.flashget.com
Flashget CatchUrl Module
.text,.rdata,.data,.rsrc,.reloc,
02A20000[0002D000]
[AM] 91. c:\windows\system32\ieseven.dll
微软安全Internet Explorer插件
CODE,DATA,BSS,.idata,.edata,.reloc,.rsrc,.aspack,.adata,
29500000[00051000]
[AM] 92. c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
Microsoft Corporation
WindowsLiveLogin.dll
.text,.data,.rsrc,.reloc,
02D70000[0001D000]
[AM] 93. c:\windows\system32\pceggs.dll
杭州弈天网络技术有限公司
PC蛋蛋
.text,.rdata,.data,.rsrc,.reloc,
02EA0000[00029000]
[AM] 94. d:\others can be deleted late\getflash.dll
www.flashget.com
Flashget GetFlash Module
.text,.rdata,.data,.rsrc,.reloc,
27500000[000C9000]
[ M] 282. c:\program files\common files\microsoft shared\windows live\msidcrl40.dll
Microsoft Corporation
IDCRL Dynamic Link Library
.text,.data,.rsrc,.reloc,
03020000[0001B000]
[ M] 157. f:\ufo771至尊星\新建文件夹\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
04010000[0000A000]
[ M] 158. c:\program files\mywebsearch\bar\1.bin\mwsoestb.dll
MyWebSearch.com
My Web Search Plugin Loader
.text,.rdata,.data,.rsrc,.reloc,
04930000[0001C000]
[AM] 107. c:\program files\adobe\acrobat 7.0\activex\pdfshell.dll
Adobe Systems, Inc.
PDF Shell Extension
.text,.rdata,.data,.rsrc,.reloc,
18030000[0000B000]
[ M] 283. c:\program files\network associates\virusscan\scriptproxy.dll
Network Associates, Inc.
VirusScan Script Proxy
.text,.rdata,.data,.rsrc,.reloc,
12400000[00066000]
[ M] 187. c:\program files\network associates\virusscan\mytilus.dll
McAfee, Inc.
Common Shell - Scanners' interface to the engine
.text,.rdata,.data,.rsrc,.reloc,
12580000[00005000]
[ M] 184. c:\program files\network associates\virusscan\res09\mcshield.dll
Network Associates, Inc.
English (09) resources for McShield
.rsrc,.reloc,
12000000[002AF000]
[ M] 191. c:\program files\common files\network associates\engine\mcscan32.dll
McAfee, Inc.
AV Scanning Engine
.text,.rdata,.data,.rsrc,.reloc,
5FD00000[00009000]
[ M] 214. c:\windows\system32\mfc42loc.dll
Microsoft Corporation
MFC Language Specific Resources
.rsrc,.reloc,
72D10000[00008000]
[ M] 207. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
325C0000[00012000]
[AM] 116. c:\program files\microsoft office\office11\msohev.dll
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,.reloc,
30000000[002EE000]
[ M] 284. c:\windows\system32\macromed\flash\flash9b.ocx
Adobe Systems, Inc.
Adobe Flash Player 9.0 r28
.text,.rdata,.data,.rsrc,.reloc,
haohe的fans - 2007-9-29 20:52:00
下载 System Repair Engineer系统扫描工具软件,下载地址如下:
http://www.kztechs.com/sreng/download.html
扫描和上传日志的方法:
1、解压缩所下载的sreng2.zip压缩包;
2、打开已经解压缩的SRENG文件夹,双击运行其中的SREngPS.exe;
3、依次按“智能扫描”、“扫描”、“保存报告”,将日志保存到硬盘上;
4、找到并打开日志,把日志中的内容用“复制”--“粘贴”命令拷贝到帖子上,不要修改地传上来(日志很长,一个帖子搞不完,请手动将全部内容在同一个主题帖下分多个回复帖子传上来)。
友情提示:
1、扫描日志前请先关闭所有打开的软件(如QQ、迅雷等下载程序什么的程序)和IE窗口(请注意,是关闭而不是最小化窗口)
2、注意在没有进一步提示前,请勿用SRENG工具胡乱修复,否则系统可能变的情况更糟。
3、SRENG操作图文详解:http://forum.ikaka.com/topic.asp?board=67&artid=8125594
UFO哈哈 - 2007-9-29 20:55:00
早知道卡卡日志这么难发,我还不如发SRE日志呢
菜菜瓜瓜 - 2007-9-29 23:07:00
| 引用: |
【UFO哈哈的贴子】早知道卡卡日志这么难发,我还不如发SRE日志呢
……………… |
病的不轻 似乎
UFO哈哈 - 2007-9-30 2:47:00
| 引用: |
【haohe的fans的贴子】下载 System Repair Engineer系统扫描工具软件,下载地址如下:
http://www.kztechs.com/sreng/download.html
扫描和上传日志的方法:
1、解压缩所下载的sreng2.zip压缩包;
2、打开已经解压缩的SRENG文件夹,双击运行其中的SREngPS.exe;
3、依次按“智能扫描”、“扫描”、“保存报告”,将日志保存到硬盘上;
4、找到并打开日志,把日志中的内容用“复制”--“粘贴”命令拷贝到帖子上,不要修改地传上来(日志很长,一个帖子搞不完,请手动将全部内容在同一个主题帖下分多个回复帖子传上来)。
友情提示:
1、扫描日志前请先关闭所有打开的软件(如QQ、迅雷等下载程序什么的程序)和IE窗口(请注意,是关闭而不是最小化窗口)
2、注意在没有进一步提示前,请勿用SRENG工具胡乱修复,否则系统可能变的情况更糟。
3、SRENG操作图文详解:http://forum.ikaka.com/topic.asp?board=67&artid=8125594
……………… |
先帮我看看卡卡日志吧
UFO哈哈 - 2007-9-30 20:54:00
这是SRE日志
[CODE]
2007-09-30,20:37:56
System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher]
<MyWebSearch Email Plugin><C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe> [MyWebSearch.com]
<WMPNSCFG><C:\Program Files\Windows Media Player\WMPNSCFG.exe> [(Verified)Microsoft Windows Component Publisher]
<MsnMsgr><"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background> [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<SynTPLpr><C:\Program Files\Synaptics\SynTP\SynTPLpr.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<SynTPEnh><; C:\Program Files\Synaptics\SynTP\SynTPEnh.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<TPKMAPHELPER><; C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper> [IBM Corp.]
<TpShocks><TpShocks.exe> [IBM Corp.]
<TPHOTKEY><C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe> []
<ControlCenter><"C:\Program Files\IBM fingerprint software\ctlcntr.exe" /startup> [UPEK Inc.]
<TP4EX><tp4ex.exe> [IBM Corporation]
<EZEJMNAP><C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe> [IBM Corp.]
<SoundMAXPnP><C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe> [Analog Devices, Inc.]
<SoundMAX><C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray> [Analog Devices, Inc.]
<ATIPTA><; C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe> [ATI Technologies, Inc.]
<UpdateManager><; "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r> [Sonic Solutions]
<IBMPRC><C:\IBMTOOLS\UTILS\ibmprc.exe> [IBM Corp.]
<QCWLICON><C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE> [IBM Corp.]
<PWRMGRTR><rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor> [IBM Corp.]
<BLOG><rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog> []
<IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Windows Publisher]
<MSPY2002><C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC> [(Verified)Microsoft Windows Publisher]
<PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [(Verified)Microsoft Windows Publisher]
<PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [(Verified)Microsoft Windows Publisher]
<NeroFilterCheck><; C:\WINDOWS\system32\NeroCheck.exe> [Ahead Software Gmbh]
<StormCodec_Helper><; "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti> []
<BigDog305><C:\WINDOWS\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305)> [N/A]
<McAfeeUpdaterUI><"C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey> [McAfee, Inc.]
<Network Associates Error Reporting Service><"C:\Program Files\Common Files\Network Associates\TalkBack\tbmon.exe"> [Network Associates, Inc.]
<ShStatEXE><"C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE> [McAfee, Inc.]
<My Web Search Bar><rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\MWSBAR.DLL,S> [MyWebSearch.com]
<MyWebSearch Email Plugin><C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe> [MyWebSearch.com]
<IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload> [(Verified)Microsoft Corporation]
<Samsung Common SM><"C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe" /autorun> [Samsung Electronics.]
<stup.exe><Rundll32.exe C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll,Rundll32 R> [TENCENT]
<runeip><"F:\UFO771至尊星\新建文件夹\runiep.exe" /startup> [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<GinaDLL><vrlogon.dll> [UPEK Inc.]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellService
ObjectDelayLoad]
<WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
<WinlogonNotify: psfus><C:\Program Files\IBM fingerprint software\psfus.dll> [UPEK Inc.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\QConGina]
<WinlogonNotify: QConGina><QConGina.dll> [IBM Corp.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tphotkey]
<WinlogonNotify: tphotkey><tphklock.dll> []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
<WinlogonNotify: WgaLogon><WgaLogon.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{4b218e3e-bc98-4770-93d3-2731b9329278}]
<Internet Explorer><%SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection MarketplaceLinkInstall 896 %systemroot%\inf\ie.inf> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<Address Book 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install> [Microsoft Corporation]
==================================
启动文件夹
[Acrobat Assistant]
<C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk --> C:\PROGRA~1\Adobe\ACROBA~1.0\Distillr\acrotray.exe [Adobe Systems Inc.]><N>
[Adobe Reader Speed Launch]
<C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk --> C:\PROGRA~1\Adobe\ACROBA~2.0\Reader\READER~1.EXE [Adobe Systems Incorporated]><H>
[Digital Line Detect]
<C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk --> C:\PROGRA~1\DIGITA~1\DLG.exe [BVRP Software]><H>
[腾讯QQ]
<C:\Documents and Settings\yenki ng\Start Menu\Programs\Startup\腾讯QQ.lnk --> D:\qq\QQ.exe [TENCENT]><N>
UFO哈哈 - 2007-9-30 20:57:00
==================================
服务
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
<C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
<C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[C-DillaCdaC11BA / C-DillaCdaC11BA][Running/Auto Start]
<C:\WINDOWS\system32\drivers\CDAC11BA.EXE><Macrovision>
[EvtEng / EvtEng][Running/Auto Start]
<C:\Program Files\Intel\Wireless\Bin\EvtEng.exe><Intel Corporation>
[Human Interface Device Access / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[IBM Rapid Restore Ultra Service / IBM Rapid Restore Ultra Service][Running/Auto Start]
<"C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe"><>
[IBM PM Service / IBMPMSVC][Running/Auto Start]
<C:\WINDOWS\system32\ibmpmsvc.exe><N/A>
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
<"C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe"><Macrovision Corporation>
[McAfee Framework Service / McAfeeFramework][Running/Auto Start]
<"C:\Program Files\Network Associates\Common Framework\FrameworkService.exe" /ServiceStart><McAfee, Inc.>
[Network Associates McShield / McShield][Running/Auto Start]
<"C:\Program Files\Network Associates\VirusScan\mcshield.exe"><McAfee, Inc.>
[Network Associates Task Manager / McTaskManager][Running/Auto Start]
<"C:\Program Files\Network Associates\VirusScan\vstskmgr.exe"><Network Associates, Inc.>
[P4P Service / P4P Service][Running/Auto Start]
<C:\Program Files\Common Files\Sogou PXP\p2psvr.exe><Sohu.com Inc.>
[IBM PSA Access Driver Control / PsaSrv][Stopped/Manual Start]
<><N/A>
[QCONSVC / QCONSVC][Running/Auto Start]
<System32\QCONSVC.EXE><N/A>
[RegSrvc / RegSrvc][Running/Auto Start]
<C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe><Intel Corporation>
[Spectrum24 Event Monitor / S24EventMonitor][Running/Auto Start]
<C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe><Intel Corporation>
[SoundMAX Agent Service / SoundMAX Agent Service (default)][Running/Auto Start]
<C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe><Analog Devices, Inc.>
[StarWind iSCSI Service / StarWindService][Running/Auto Start]
<C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe><Rocket Division Software>
[IBM HDD APS Logging Service / TPHDEXLGSVC][Running/Auto Start]
<System32\TPHDEXLG.EXE><N/A>
[IBM KCU Service / TpKmpSVC][Running/Auto Start]
<C:\WINDOWS\system32\TpKmpSVC.exe><N/A>
[Protector Suite Virtual Token / vtserver][Running/Auto Start]
<"C:\Program Files\Common Files\Virtual Token\vtserver.exe"><UPEK Inc.>
==================================
驱动程序
[abp480n5 / abp480n5][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\ABP480N5.SYS><Microsoft Corporation>
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
<system32\drivers\ac97intc.sys><Intel Corporation>
[adpu160m / adpu160m][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\adpu160m.sys><Microsoft Corporation>
[aeaudio / aeaudio][Running/Manual Start]
<system32\drivers\aeaudio.sys><Andrea Electronics Corporation>
[AEGIS Protocol (IEEE 802.1x) v3.1.6.0 / AegisP][Running/Auto Start]
<system32\DRIVERS\AegisP.sys><Meetinghouse Data Communications>
[Aha154x / Aha154x][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\aha154x.sys><Microsoft Corporation>
[aic78u2 / aic78u2][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\aic78u2.sys><Microsoft Corporation>
[aic78xx / aic78xx][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\aic78xx.sys><Microsoft Corporation>
[AliIde / AliIde][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AMD AGP Bus Filter Driver / amdagp][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\amdagp.sys><Advanced Micro Devices, Inc.>
[ANC / ANC][Running/System Start]
<System32\drivers\ANC.SYS><IBM Corp.>
[asc / asc][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\asc.sys><Advanced System Products, Inc.>
[asc3350p / asc3350p][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\asc3350p.sys><Microsoft Corporation>
[asc3550 / asc3550][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\asc3550.sys><Advanced System Products, Inc.>
[ati2mtag / ati2mtag][Running/Manual Start]
<system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[Broadcom NetXtreme Gigabit Ethernet / b57w2k][Running/Manual Start]
<system32\DRIVERS\b57xp32.sys><Broadcom Corporation>
[Bluetooth Audio Device / btaudio][Stopped/Manual Start]
<system32\drivers\btaudio.sys><N/A>
[Bluetooth Virtual Communications Driver / BTDriver][Stopped/Manual Start]
<system32\DRIVERS\btport.sys><N/A>
[Bluetooth LAN Access Server / BTWDNDIS][Stopped/Manual Start]
<system32\DRIVERS\btwdndis.sys><N/A>
[WIDCOMM USB Bluetooth Driver / BTWUSB][Stopped/Manual Start]
<System32\Drivers\btwusb.sys><N/A>
[cd20xrnt / cd20xrnt][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\cd20xrnt.sys><Microsoft Corporation>
[CdaC15BA / CdaC15BA][Running/Auto Start]
<\??\C:\WINDOWS\system32\drivers\CdaC15BA.SYS><Macrovision Europe Ltd>
[CmdIde / CmdIde][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[dac2w2k / dac2w2k][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\dac2w2k.sys><Mylex Corporation>
[Team MFP Comm Driver / DgiVecp][Running/Auto Start]
<System32\Drivers\DgiVecp.sys><DeviceGuys, Inc.>
[dpti2o / dpti2o][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\dpti2o.sys><Microsoft Corporation>
[Intel(R) PRO Adapter Driver / E100B][Stopped/Manual Start]
<system32\DRIVERS\e100b325.sys><Intel Corporation>
[IBM Access Support / EGATHDRV][Running/Auto Start]
<\??\C:\WINDOWS\SYSTEM32\EGATHDRV.SYS><IBM Corporation>
[fcdabus / fcdabus][Stopped/Boot Start]
<\SystemRoot\system32\DRIVERS\fcdabus.sys><N/A>
[RamDisk Drive Service / fsRamDsk][Stopped/Manual Start]
<System32\Drivers\fsRamDsk.sys><FarStone>
[FVDSCSI / FVDSCSI][Stopped/Boot Start]
<\SystemRoot\system32\DRIVERS\fvdscsi.sys><N/A>
[HSFHWICH / HSFHWICH][Running/Manual Start]
<system32\DRIVERS\HSFHWICH.sys><Conexant Systems, Inc.>
[HSF_DP / HSF_DP][Running/Manual Start]
<system32\DRIVERS\HSF_DP.sys><Conexant Systems, Inc.>
[ibmfilter / ibmfilter][Running/Auto Start]
<\??\C:\WINDOWS\system32\drivers\ibmfilter.sys><IBM>
[IBMPMDRV / IBMPMDRV][Running/Manual Start]
<system32\DRIVERS\ibmpmdrv.sys><IBM Corp.>
[IBMTPCHK / IBMTPCHK][Running/System Start]
<System32\drivers\IBMBLDID.SYS><N/A>
[ini910u / ini910u][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\ini910u.sys><Microsoft Corporation>
UFO哈哈 - 2007-9-30 20:59:00
[mdmxsdk / mdmxsdk][Running/Auto Start]
<system32\DRIVERS\mdmxsdk.sys><Conexant>
[mraid35x / mraid35x][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\mraid35x.sys><American Megatrends Inc.>
[NaiAvFilter1 / NaiAvFilter1][Running/Manual Start]
<system32\drivers\naiavf5x.sys><McAfee Inc.>
[NaiAvTdi1 / NaiAvTdi1][Running/System Start]
<system32\drivers\mvstdi5x.sys><McAfee Inc.>
[npkcrypt / npkcrypt][Running/Auto Start]
<\??\D:\qq\npkcrypt.sys><INCA Internet Co., Ltd.>
[npkycryp / npkycryp][Stopped/Manual Start]
<\??\D:\qq\npkycryp.sys><N/A>
[NSC Infrared Device Driver / NSCIRDA][Running/Manual Start]
<system32\DRIVERS\nscirda.sys><National Semiconductor Corporation>
[nv / nv][Stopped/Manual Start]
<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[PMEM / PMEM][Running/Auto Start]
<\??\C:\WINDOWS\SYSTEM32\Drivers\PMEMNT.SYS><Microsoft Corporation>
[IBM PSA Access Driver / psadd][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\Drivers\psadd.sys><IBM Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
<\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[QCNDISIF / QCNDISIF][Stopped/Manual Start]
<System32\drivers\qcndisif.SYS><IBM Corporation.>
[ql1080 / ql1080][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\ql1080.sys><QLogic Corporation>
[Ql10wnt / Ql10wnt][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\ql10wnt.sys><Microsoft Corporation>
[ql12160 / ql12160][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\ql12160.sys><QLogic Corporation>
[ql1280 / ql1280][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\ql1280.sys><QLogic Corporation>
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
<\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising Technology Co., Ltd.>
[WLAN Transport / s24trans][Running/Auto Start]
<system32\DRIVERS\s24trans.sys><Intel Corporation>
[Secdrv / Secdrv][Running/Auto Start]
<system32\DRIVERS\secdrv.sys><Macrovision Europe Ltd>
[SIS AGP Bus Filter / sisagp][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\sisagp.sys><Silicon Integrated Systems Corporation>
[Smapint / Smapint][Running/System Start]
<System32\drivers\Smapint.sys><Microsoft Corporation>
[SMI helper driver / SmiHlp][Running/Auto Start]
<\??\C:\Program Files\IBM fingerprint software\smihlp.sys><UPEK Inc.>
[smwdm / smwdm][Running/Manual Start]
<system32\drivers\smwdm.sys><Analog Devices, Inc.>
[Sparrow / Sparrow][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\sparrow.sys><Adaptec, Inc.>
[symc810 / symc810][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\symc810.sys><Symbios Logic Inc.>
[symc8xx / symc8xx][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\symc8xx.sys><LSI Logic>
[sym_hi / sym_hi][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\sym_hi.sys><LSI Logic>
[sym_u3 / sym_u3][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\sym_u3.sys><LSI Logic>
[Synaptics TouchPad Driver / SynTP][Running/Manual Start]
<system32\DRIVERS\SynTP.sys><Synaptics, Inc.>
[TC USB Kernel Driver / TcUsb][Running/Manual Start]
<System32\Drivers\tcusb.sys><UPEK Inc.>
[TDSMAPI / TDSMAPI][Running/System Start]
<System32\drivers\TDSMAPI.SYS><N/A>
[TesSafe / TesSafe][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\TesSafe.sys><N/A>
[TosIde / TosIde][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\toside.sys><Microsoft Corporation>
[TPInput / TPInput][Running/Manual Start]
<System32\DRIVERS\TPInput.sys><IBM Corporation>
[NSC Integrated Trusted Platform Module 1.1 / TPM11][Running/Manual Start]
<system32\DRIVERS\nsctpm11.sys><National Semiconductor Corp.>
[TPPWRIF / TPPWRIF][Running/System Start]
<System32\drivers\Tppwrif.sys><N/A>
[TSMAPIP / TSMAPIP][Running/System Start]
<System32\drivers\TSMAPIP.SYS><N/A>
[ultra / ultra][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\ultra.sys><Promise Technology, Inc.>
[vax347b / vax347b][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\vax347b.sys><>
[vax347s / vax347s][Running/Boot Start]
<\SystemRoot\System32\Drivers\vax347s.sys><>
[VCD VNC Virtual Network Adapter / vcddev][Running/Manual Start]
<system32\DRIVERS\vcdvnic.sys><VNN B.J.>
[ViaIde / ViaIde][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>
[Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP / w29n51][Stopped/Manual Start]
<system32\DRIVERS\w29n51.sys><Intel? Corporation>
[winachsf / winachsf][Running/Manual Start]
<system32\DRIVERS\HSF_CNXT.sys><Conexant Systems, Inc.>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
<system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[10moons USB PC Camera (VM305) / ZSMC0305][Stopped/Manual Start]
<System32\Drivers\usbVM305.sys><Vimicro Corporation>
[EntDrv51 / EntDrv51][Running/Manual Start]
<\??\C:\WINDOWS\system32\drivers\EntDrv51.sys><McAfee, Inc>
UFO哈哈 - 2007-9-30 21:01:00
==================================
浏览器加载项
[QQCycloneHelper Class]
{00000000-12C9-4305-82F9-43058F20E8D2} <D:\QQDownload\QQIEHelper02.dll, 腾讯公司>
[MyWebSearch Search Assistant BHO]
{00A6FAF1-072E-44cf-8957-5838F569A31D} <C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL, MyWebSearch.com>
[Adobe PDF Reader Link Helper]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[mwsBar BHO]
{07B18EA1-A523-4961-B6BB-170DE4475CCA} <C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL, MyWebSearch.com>
[Tencent Browser Helper]
{0C7C23EF-A848-485B-873C-0ED954731014} <C:\Program Files\TENCENT\SSPlus\SAddr.dll, Tencent>
[FGCatchUrl]
{2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <D:\others can be deleted late\jccatch.dll, www.flashget.com>
[Internet System]
{49E0E0F0-5C30-11D4-945D-000000008811} <C:\WINDOWS\system32\IESeven.dll, >
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <F:\p00p(覃正益的文件夹)\其他\打字\ComDlls\XunLeiBHO_002.dll, N/A>
[Windows Live Sign-in Helper]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[BHObject Class]
{AA2F655A-7618-499D-B0A5-4F84B91D2C5F} <C:\WINDOWS\system32\PCEggs.dll, 杭州弈天网络技术有限公司>
[FlashGet GetFlash Class]
{F156768E-81EF-470C-9057-481BA8380DBA} <D:\others can be deleted late\getflash.dll, www.flashget.com>
[启动迅雷]
{0062C9BD-B349-40DE-91A0-755F37ACD559} <, N/A>
[信息检索(&R)]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[BHObject Class]
{AA2F655A-7618-499D-B0A5-4F84B91D2C5F} <C:\WINDOWS\system32\PCEggs.dll, 杭州弈天网络技术有限公司>
[Software Installer]
{D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} <C:\Program Files\Lenovo\PkgMgr\\PkgMgr.exe, Lenovo Group Limited>
[快车]
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <D:\others can be deleted late\FlashGet.exe, FlashGet.com>
[易趣购物]
{DE607145-AC19-425e-864A-4D70ABDF119A} <http://click2.ad4all.net/url2/urlmanage/url.asp?id=5, N/A>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[访问瑞星网站]
{FF2DE7A6-ECB1-4CBC-9C0E-D92A9E66E444} <http://www.rising.com.cn/?u=RSTB, N/A>
[访问卡卡社区]
{FF2DE7A6-ECB1-4CBC-9C0E-D92A9E66E445} <http://www.ikaka.com/?u=RSTB, N/A>
[My &Web Search]
{07B18EA9-A523-4961-B6BB-170DE4475CCA} <C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL, MyWebSearch.com>
[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[MMCPlayer Class]
{05C1004E-2596-48E5-8E26-39362985EEB9} <C:\WINDOWS\Downloaded Program Files\MMCShell.dll, Sohu.com Inc.>
[Internet System]
{49E0E0F0-5C30-11D4-945D-000000008811} <C:\WINDOWS\system32\IESeven.dll, >
[Java Plug-in 1.4.2]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\IBM\Java142\jre\bin\NPJPI142.dll, IBM.>
[AxSubmitControl Class]
{8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\system32\SUBMIT~1.DLL, >
[VqqSpeedDlProxy Class]
{9ADACAA6-533E-4383-AFA7-F0A66650B6D8} <C:\WINDOWS\vqqsdl10.dll, Tencent Technology (Shenzhen) Company Limited>
[Java Plug-in 1.4.2]
{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} <C:\Program Files\IBM\Java142\jre\bin\NPJPI142.dll, IBM.>
[UEANetTeam.Scanner]
{D1BDCFB6-22F8-4CBF-A080-85675F2466A2} <C:\WINDOWS\Downloaded Program Files\UEANetTeam.ocx, University of East Anglia WebTeam>
[UpdateC2 Control]
{DC7094C6-8F61-42ED-AECE-63F5EEF647C5} <C:\PROGRA~1\UUSee\updateC2.ocx, uusee.com>
[QQCycloneHelper Class]
{00000000-12C9-4305-82F9-43058F20E8D2} <D:\QQDownload\QQIEHelper02.dll, 腾讯公司>
[MyWebSearch Search Assistant BHO]
{00A6FAF1-072E-44CF-8957-5838F569A31D} <C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL, MyWebSearch.com>
[QuickTime Object]
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} <C:\Program Files\Ringz Studio\Storm Codec\QTSystem\QTPlugin.ocx, Apple Computer, Inc.>
[MMCPlayer Class]
{05C1004E-2596-48E5-8E26-39362985EEB9} <C:\WINDOWS\Downloaded Program Files\MMCShell.dll, Sohu.com Inc.>
[Adobe PDF Reader Link Helper]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[mwsBar BHO]
{07B18EA1-A523-4961-B6BB-170DE4475CCA} <C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL, MyWebSearch.com>
[My &Web Search]
{07B18EA9-A523-4961-B6BB-170DE4475CCA} <C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL, MyWebSearch.com>
[MyWebSearch Settings]
{07B18EAB-A523-4961-B6BB-170DE4475CCA} <C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL, MyWebSearch.com>
[Tencent Browser Helper]
{0C7C23EF-A848-485B-873C-0ED954731014} <C:\Program Files\TENCENT\SSPlus\SAddr.dll, Tencent>
[DjVuCtl Class]
{0E8D0700-75DF-11D3-8B4A-0008C7450C4A} <C:\Program Files\Internet Explorer\PLUGINS\DjVuCntl.dll, LizardTech>
[Windows Genuine Advantage Validation Tool]
{17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, Microsoft Corporation>
[PowerList Control]
{20C2C286-BDE8-441B-B73D-AFA22D914DA5} <C:\DOCUME~1\YENKIN~1\APPLIC~1\ppStream\203~1.400\POWERL~1.OCX, PPStream.com>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[FGCatchUrl]
{2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <D:\others can be deleted late\jccatch.dll, www.flashget.com>
[HtmlDlgSafeHelper Class]
{3050F819-98B5-11CF-BB82-00AA00BDCE0B} <C:\WINDOWS\system32\mshtmled.dll, Microsoft Corporation>
[Tabular Data Control]
{333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\WINDOWS\system32\tdc.ocx, Microsoft Corporation>
[SSReaderPlug Control]
{3359C0B1-2363-40B3-AFCA-1ABC799AC486} <C:\WINDOWS\system32\SSREAD~1.OCX, CX>
[IETag Factory]
{38481807-CA0E-42D2-BF39-B33AF135CC4D} <C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL, Microsoft Corporation>
[Internet System]
{49E0E0F0-5C30-11D4-945D-000000008811} <C:\WINDOWS\system32\IESeven.dll, >
[HHCtrl Object]
{52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[Shell Name Space]
{55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
[PowerPlayer Control]
{5EC7C511-CD0F-42E6-830C-1BD9882F3458} <C:\DOCUME~1\YENKIN~1\APPLIC~1\ppStream\203~1.400\POWERP~1.DLL, PPStream Inc.>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Active Desktop Mover]
{72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[AxInputControl Class]
{73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\system32\INPUTC~1.DLL, >
[Microsoft Web Browser]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
[AxSubmitControl Class]
{8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\system32\SUBMIT~1.DLL, >
[Windows Live Sign-in Helper]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[VqqSpeedDlProxy Class]
{9ADACAA6-533E-4383-AFA7-F0A66650B6D8} <C:\WINDOWS\vqqsdl10.dll, Tencent Technology (Shenzhen) Company Limited>
[RMGetLicense Class]
UFO哈哈 - 2007-9-30 21:04:00
==================================
正在运行的进程
[PID: 832 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 884 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 912 / SYSTEM][\??\C:\WINDOWS\SYSTEM32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\SYSTEM32\vrlogon.dll] [UPEK Inc., 4.5.5.1108]
[C:\Program Files\IBM fingerprint software\ExtVapi.dll] [UPEK Inc., 4.5.5.1108]
[C:\Program Files\Common Files\Virtual Token\psutil.dll] [UPEK Inc., 4.5.5.1108]
[C:\Program Files\Common Files\Virtual Token\resmgr.dll] [UPEK Inc., 4.5.5.1108]
[C:\Program Files\Common Files\Virtual Token\Remote.dll] [UPEK Inc., 4.5.5.1108]
[C:\Program Files\Common Files\Virtual Token\passport.dll] [UPEK Inc., 4.5.5.1108]
[C:\WINDOWS\SYSTEM32\Ati2evxx.dll] [ATI Technologies Inc., 6.14.10.4115]
[C:\Program Files\IBM fingerprint software\psfus.dll] [UPEK Inc., 4.5.5.1108]
[C:\WINDOWS\SYSTEM32\tphklock.dll] [N/A, ]
[C:\WINDOWS\SYSTEM32\WgaLogon.dll] [Microsoft Corporation, 1.7.0018.5]
[C:\Program Files\Common Files\Virtual Token\psdlg.dll] [UPEK Inc., 4.5.5.1108]
[C:\WINDOWS\SYSTEM32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 956 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\AppPatch\AcAdProc.dll] [Microsoft Corporation, 5.1.2600.3008 (xpsp.061004-0027)]
[C:\WINDOWS\system32\EntApi.dll] [McAfee, Inc, 8.0.0.453]
[PID: 968 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\pwdmon.dll] [N/A, ]
[C:\WINDOWS\system32\EntApi.dll] [McAfee, Inc, 8.0.0.453]
[PID: 1128 / SYSTEM][C:\Program Files\Common Files\Virtual Token\vtserver.exe] [UPEK Inc., 4.5.5.1108]
[C:\Program Files\Common Files\Virtual Token\psutil.dll] [UPEK Inc., 4.5.5.1108]
[C:\Program Files\IBM fingerprint software\psfus.dll] [UPEK Inc., 4.5.5.1108]
[C:\Program Files\Common Files\Virtual Token\passport.dll] [UPEK Inc., 4.5.5.1108]
[C:\Program Files\Common Files\Virtual Token\DevTc.dll] [UPEK Inc., 4.5.5.1108]
[C:\Program Files\Common Files\Virtual Token\BTcVer.dll] [UPEK Inc., 4.5.5.1108]
[C:\Program Files\Common Files\Virtual Token\Remote.dll] [UPEK Inc., 4.5.5.1108]
[C:\Program Files\Common Files\Virtual Token\LocPass.dll] [UPEK Inc., 4.5.5.1108]
[C:\Program Files\Common Files\Virtual Token\AlgVer.dll] [UPEK Inc., 4.5.5.1108]
[PID: 1148 / SYSTEM][C:\WINDOWS\system32\ibmpmsvc.exe] [N/A, ]
[PID: 1172 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe] [ATI Technologies Inc., 6.14.10.4115]
[C:\WINDOWS\system32\Ati2edxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2497]
[PID: 1196 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\EntApi.dll] [McAfee, Inc, 8.0.0.453]
[PID: 1280 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\EntApi.dll] [McAfee, Inc, 8.0.0.453]
[PID: 1316 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\EntApi.dll] [McAfee, Inc, 8.0.0.453]
[PID: 1400 / SYSTEM][C:\Program Files\Intel\Wireless\Bin\EvtEng.exe] [Intel Corporation, 9, 0, 1, 83]
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 9, 0, 1, 83]
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 9, 0, 1, 83]
[PID: 1420 / SYSTEM][C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe] [Intel Corporation , 9, 0, 1, 83]
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 9, 0, 1, 83]
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 9, 0, 1, 83]
[PID: 1452 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\EntApi.dll] [McAfee, Inc, 8.0.0.453]
[PID: 1544 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\EntApi.dll] [McAfee, Inc, 8.0.0.453]
[PID: 1880 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[C:\WINDOWS\system32\AdobePDF.dll] [Adobe Systems Incorporated., 6.0.000]
[C:\Program Files\Adobe\Acrobat 6.0\Distillr\adistres.dll] [Adobe Systems Incorporated., 6.0.0.2003051500]
[C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.2175.0]
[C:\WINDOWS\system32\SUGS2LMK.DLL] [Samsung Electronics., 1.1.2.0]
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.2175.0]
[PID: 1980 / SYSTEM][C:\WINDOWS\system32\drivers\CDAC11BA.EXE] [Macrovision, 4.20.0]
[PID: 2044 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\EntApi.dll] [McAfee, Inc, 8.0.0.453]
[PID: 212 / SYSTEM][C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe] [, 4,1,0,4074]
[PID: 268 / SYSTEM][C:\Program Files\Network Associates\Common Framework\FrameworkService.exe] [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\nailog.dll] [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Network Associates\Common Framework\naXML71.dll] [N/A, ]
[C:\Program Files\Network Associates\Common Framework\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Network Associates\Common Framework\naCmnLib71.dll] [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\applib.dll] [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\0409\AgentRes.dll] [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\Logging.dll] [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\InternetManager.dll] [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\naInet.dll] [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\UserSpace.dll] [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\SecureFrameworkFactory.dll] [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\Management.dll] [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\cmalib.dll] [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\naPolicyManager.dll] [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\PsApi.dll] [Microsoft Corporation, 4.00]
[C:\Program Files\Network Associates\Common Framework\ScriptSubSys.dll] [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\UpdateSubSys.dll] [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\Scheduler.dll] [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\Agent.dll] [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\naSPIPE.dll] [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\ListenServer.dll] [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\TCSubSys.dll] [McAfee, Inc., 3.5.5.438]
[C:\WINDOWS\system32\EntApi.dll] [McAfee, Inc, 8.0.0.453]
[C:\Program Files\Network Associates\Common Framework\GenEvtInf.dll] [McAfee, Inc., 3.5.5.438]
[PID: 376 / SYSTEM][C:\Program Files\Network Associates\VirusScan\mcshield.exe] [McAfee, Inc., 8.0.0.336]
[C:\Program Files\Network Associates\VirusScan\Res09\McShield.DLL] [Network Associates, Inc., 8.0.0.251]
[C:\Program Files\Network Associates\VirusScan\FTL.Dll] [Network Associates, Inc., 8.0.0.135]
[C:\Program Files\Network Associates\VirusScan\naiann.dll] [Network Associates, Inc., 8.0.0.308]
[C:\Program Files\Network Associates\VirusScan\mytilus.dll] [McAfee, Inc., 8.0.0.337]
[C:\Program Files\Network Associates\Common Framework\GenEvtInf.dll] [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Network Associates\Common Framework\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Network Associates\VirusScan\NaEventU.DLL] [Network Associates, Inc., 8.0.0.356]
UFO哈哈 - 2007-9-30 21:04:00
[C:\Program Files\Network Associates\VirusScan\Res09\naEvtRes.dll] [Network Associates, Inc., 8.0.0.342]
[C:\Program Files\Network Associates\VirusScan\VSIDSvr.dll] [Network Associates, Inc., 8.0.0.291]
[C:\Program Files\Common Files\Network Associates\Engine\MCSCAN32.DLL] [McAfee, Inc., 5.2.00]
[C:\Program Files\Network Associates\VirusScan\EntSrv.Dll] [McAfee, Inc, 8.0.0.453]
[c:\WINDOWS\system32\msxml4.dll] [Microsoft Corporation, 4.20.9848.0]
[PID: 396 / SYSTEM][C:\Program Files\Network Associates\VirusScan\vstskmgr.exe] [Network Associates, Inc., 8.0.0.1004]
[C:\Program Files\Network Associates\VirusScan\SHUTIL.dll] [McAfee, Inc., 8.0.0.1036]
[C:\Program Files\Network Associates\VirusScan\naiwmain.dll] [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\naicondl.dll] [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\RES09\VsTskMgr.dll] [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\MIDUtil.Dll] [McAfee, Inc., 8.0.0.155]
[C:\Program Files\Network Associates\VirusScan\bbcpl.dll] [McAfee, Inc., 8.0.0.1036]
[C:\Program Files\Network Associates\VirusScan\coptcpl.dll] [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\emcfgcpl.dll] [McAfee, Inc., 8.0.0.1019]
[C:\Program Files\Network Associates\VirusScan\RES09\SEmalRes.dll] [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\RES09\Product.dll] [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\nvpcpl.dll] [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\ftcfg.dll] [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\mytilus.dll] [McAfee, Inc., 8.0.0.337]
[C:\Program Files\Network Associates\VirusScan\Res09\McShield.dll] [Network Associates, Inc., 8.0.0.251]
[C:\Program Files\Network Associates\VirusScan\oascpl.dll] [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\vsodscpl.dll] [McAfee, Inc., 8.0.0.1037]
[C:\Program Files\Network Associates\VirusScan\ftl.dll] [Network Associates, Inc., 8.0.0.135]
[C:\Program Files\Network Associates\VirusScan\vsupdcpl.dll] [Network Associates, Inc., 8.0.0.912]
[PID: 520 / SYSTEM][C:\Program Files\Common Files\Sogou PXP\p2psvr.exe] [Sohu.com Inc., 2, 0, 0, 28]
[C:\Program Files\Sogou PXP\vodsvr.dll] [Sohu.com Inc., 2, 3, 0, 1]
[C:\Program Files\Sogou PXP\pxpnet.dll] [Sohu.com Inc., 1, 0, 0, 9]
[C:\Program Files\Sogou PXP\p2pclient.dll] [Sohu.com Inc., 2, 9, 1, 4]
[PID: 628 / SYSTEM][C:\WINDOWS\System32\QCONSVC.EXE] [IBM Corp., 3, 7, 1, 0]
[PID: 652 / SYSTEM][C:\Program Files\Network Associates\Common Framework\naPrdMgr.exe] [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\naXML71.dll] [N/A, ]
[C:\Program Files\Network Associates\Common Framework\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Network Associates\Common Framework\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Network Associates\Common Framework\nailog.dll] [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\naCmnLib71.dll] [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\applib.dll] [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\0409\AgentRes.dll] [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\AgentPlugin.dll] [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\NAGSHR32.DLL] [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\VirusScan\VsPlugin.dll] [McAfee, Inc., 8.0.0.1039]
[C:\WINDOWS\system32\EntApi.dll] [McAfee, Inc, 8.0.0.453]
[C:\Program Files\Network Associates\McAfeeAvertStinger2451\SNGPlug.dll] [Network Associates, Inc., 1, 0, 0, 1]
UFO哈哈 - 2007-9-30 21:08:00
[C:\Program Files\Network Associates\Common Framework\PCRPlug.dll] [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\System Compliance Profiler\PtchScan.dll] [Networks Associates Technology, Inc., 1.1.0.156]
[C:\Program Files\Network Associates\Common Framework\UpdPlug.dll] [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\SecureFrameworkFactory.dll] [McAfee, Inc., 3.5.5.438]
[PID: 708 / SYSTEM][C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe] [Intel Corporation, 9, 0, 1, 83]
[PID: 760 / SYSTEM][C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe] [Analog Devices, Inc., 3, 2, 6, 0]
[PID: 824 / SYSTEM][C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe] [Rocket Division Software, 2.6.1 Build 0x20050401]
[PID: 860 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\EntApi.dll] [McAfee, Inc, 8.0.0.453]
[PID: 868 / SYSTEM][C:\WINDOWS\System32\TPHDEXLG.EXE] [IBM Corporation, 1.0.0.1]
[PID: 172 / SYSTEM][C:\WINDOWS\system32\TpKmpSVC.exe] [N/A, ]
[PID: 2520 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 344 / fan][C:\WINDOWS\SYSTEM32\Ati2evxx.exe] [ATI Technologies Inc., 6.14.10.4115]
[C:\WINDOWS\SYSTEM32\Ati2edxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2497]
[F:\UFO771至尊星\新建文件夹\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 3052 / SYSTEM][C:\WINDOWS\system32\wbem\wmiprvse.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3084 / fan][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
[C:\WINDOWS\system32\EntApi.dll] [McAfee, Inc, 8.0.0.453]
[C:\WINDOWS\system32\WPDShServiceObj.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\PortableDeviceTypes.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\PortableDeviceApi.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL] [IBM Corp., 1, 0, 0, 0]
[C:\WINDOWS\system32\MFC42LOC.DLL] [Microsoft Corporation, 6.00.8168.0]
[C:\PROGRA~1\ThinkPad\UTILIT~1\US\PWRMGRRT.DLL] [N/A, ]
[C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRIF.DLL] [N/A, ]
[C:\WINDOWS\system32\Sensor.dll] [IBM Corporation, 1.30.1.0]
[C:\WINDOWS\system32\OEMDSPIF.DLL] [ATI Technologies, Inc., 6.14.0012]
[C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [TENCENT, 5, 0, 1, 22]
[F:\UFO771至尊星\新建文件夹\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoestb.dll] [MyWebSearch.com, 1,2,3,2]
[C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
[C:\Program Files\Internet Explorer\mui\0804\shdoclc.dll] [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 7.0.0.0]
[C:\Program Files\WinRAR\rarext.dll] [N/A, ]
[C:\Program Files\Network Associates\VirusScan\shext.dll] [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\RES09\ShExtRes.dll] [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Internet Explorer\mui\0804\browselc.dll] [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)]
[C:\Program Files\TENCENT\SSPlus\SAddr.dll] [Tencent, 5, 0, 1, 18]
[C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL] [MyWebSearch.com, 1, 0, 2, 3]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 7.0.7.2006011200]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL] [MyWebSearch.com, 2, 2, 60, 1]
[C:\WINDOWS\system32\IESeven.dll] [, 1.0.0.8]
[C:\WINDOWS\system32\PCEggs.dll] [杭州弈天网络技术有限公司, 1, 0, 2, 1]
[C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
[D:\Tools\CuteFTP XP V5.0.2 简体中文版\setup\Cuteshell.dll] [GlobalSCAPE, Inc., 50, 6, 3, 2]
[C:\Program Files\Adobe\Acrobat 6.0\Acrobat Elements\ContextMenu.dll] [Adobe Systems Inc., 1.0.0.2003051500]
[PID: 564 / fan][C:\Program Files\Synaptics\SynTP\SynTPLpr.exe] [Synaptics, Inc., 7.5.17.13 08Nov04]
[C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.5.17.13 08Nov04]
[F:\UFO771至尊星\新建文件夹\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 1372 / fan][C:\WINDOWS\system32\TpShocks.exe] [IBM Corp., 1, 3, 2, 0]
[C:\Program Files\ThinkPad\TpShocks\MUI\0804\TpShocks.dll] [IBM Corp., 1, 3, 2, 0]
[C:\WINDOWS\system32\Sensor.dll] [IBM Corporation, 1.30.1.0]
[F:\UFO771至尊星\新建文件夹\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [TENCENT, 5, 0, 1, 22]
[PID: 1244 / fan][C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe] [N/A, ]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\ThinkPad\PkgMgr\HOTKEY_2\tphk_2k.dll] [N/A, ]
[C:\WINDOWS\system32\Oemdspif.dll] [ATI Technologies, Inc., 6.14.0012]
[C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\tpfnf7.dll] [N/A, ]
[F:\UFO771至尊星\新建文件夹\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 1696 / fan][C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe] [N/A, ]
[F:\UFO771至尊星\新建文件夹\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 2064 / fan][C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe] [IBM Corp., 1, 0, 0, 0]
[C:\PROGRA~1\ThinkPad\UTILIT~1\US\EzMApRes.dll] [N/A, ]
[F:\UFO771至尊星\新建文件夹\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 2132 / fan][C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe] [IBM Corporation, 1.14]
[F:\UFO771至尊星\新建文件夹\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 2200 / fan][C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe] [Analog Devices, Inc., 5, 0, 2, 2]
[C:\Program Files\Analog Devices\SoundMAX\SMWDMIF.dll] [Analog Devices, Inc., 5, 0, 2, 008]
[C:\WINDOWS\system32\MFC42LOC.DLL] [Microsoft Corporation, 6.00.8168.0]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[F:\UFO771至尊星\新建文件夹\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 4012 / fan][C:\IBMTOOLS\UTILS\ibmprc.exe] [IBM Corp., 1, 0, 0, 3]
[F:\UFO771至尊星\新建文件夹\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 2336 / fan][C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE] [IBM Corp., 3, 7, 1, 0]
[C:\Program Files\ThinkPad\ConnectUtilities\QCON.dll] [IBM Corp., 3, 7, 1, 0]
[C:\Program Files\ThinkPad\ConnectUtilities\MerlinC201.dll] [Novatel Wireless Inc., 1, 0, 0, 1]
[C:\WINDOWS\system32\MFC42LOC.DLL] [Microsoft Corporation, 6.00.8168.0]
[C:\Program Files\ThinkPad\ConnectUtilities\Res\SC\IconRes.dll] [N/A, ]
[F:\UFO771至尊星\新建文件夹\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 3380 / fan][C:\WINDOWS\system32\rundll32.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL] [IBM Corp., 1, 0, 0, 0]
[C:\WINDOWS\system32\MFC42LOC.DLL] [Microsoft Corporation, 6.00.8168.0]
[C:\PROGRA~1\ThinkPad\UTILIT~1\US\PWRMGRRT.DLL] [N/A, ]
[C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRIF.DLL] [N/A, ]
[C:\WINDOWS\system32\Sensor.dll] [IBM Corporation, 1.30.1.0]
[C:\WINDOWS\system32\OEMDSPIF.DLL] [ATI Technologies, Inc., 6.14.0012]
[F:\UFO771至尊星\新建文件夹\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 2768 / fan][C:\WINDOWS\VM305_STI.EXE] [Vimicro, 4, 3, 625, 61]
[C:\WINDOWS\system32\msdmo.dll] [, ]
[C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [TENCENT, 5, 0, 1, 22]
[F:\UFO771至尊星\新建文件夹\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 2788 / fan][C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe] [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\nailog.dll] [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Network Associates\Common Framework\naCmnLib71.dll] [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\naXML71.dll] [N/A, ]
[C:\Program Files\Network Associates\Common Framework\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Network Associates\Common Framework\cmalib.dll] [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\applib.dll] [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\0409\UpdRes.dll] [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\0409\AgentRes.dll] [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\SecureFrameworkFactory.dll] [McAfee, Inc., 3.5.5.438]
UFO哈哈 - 2007-9-30 21:09:00
[C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoestb.dll] [MyWebSearch.com, 1,2,3,2]
[F:\UFO771至尊星\新建文件夹\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [TENCENT, 5, 0, 1, 22]
[PID: 2832 / fan][C:\Program Files\Common Files\Network Associates\TalkBack\tbmon.exe] [Network Associates, Inc., 2.0.275.0]
[F:\UFO771至尊星\新建文件夹\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 2880 / fan][C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE] [McAfee, Inc., 8.0.0.1040]
[C:\Program Files\Network Associates\VirusScan\SHUTIL.dll] [McAfee, Inc., 8.0.0.1036]
[C:\Program Files\Network Associates\VirusScan\naiwmain.dll] [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\RES09\shstat.dll] [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\RES09\Product.dll] [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\RES09\McShield.dll] [Network Associates, Inc., 8.0.0.251]
[C:\Program Files\Network Associates\VirusScan\RES09\Shutilrc.dll] [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\Graphics.dll] [Network Associates, Inc., 8.0.0.912]
[F:\UFO771至尊星\新建文件夹\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [TENCENT, 5, 0, 1, 22]
[PID: 2928 / fan][C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe] [MyWebSearch.com, 1,2,2,4]
[C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoestb.dll] [MyWebSearch.com, 1,2,3,2]
[F:\UFO771至尊星\新建文件夹\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 3100 / fan][C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe] [Samsung Electronics., 1, 3, 0, 0]
[F:\UFO771至尊星\新建文件夹\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [TENCENT, 5, 0, 1, 22]
[PID: 3104 / fan][C:\WINDOWS\system32\Rundll32.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [TENCENT, 5, 0, 1, 22]
[F:\UFO771至尊星\新建文件夹\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 3136 / fan][F:\UFO771至尊星\新建文件夹\runiep.exe] [Beijing Rising Technology Co., Ltd., 4.0.0.18]
[C:\WINDOWS\system32\MFC42LOC.DLL] [Microsoft Corporation, 6.00.8168.0]
[F:\UFO771至尊星\新建文件夹\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [TENCENT, 5, 0, 1, 22]
[PID: 3188 / fan][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [TENCENT, 5, 0, 1, 22]
[F:\UFO771至尊星\新建文件夹\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 3232 / fan][C:\Program Files\Windows Media Player\WMPNSCFG.exe] [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
[C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [TENCENT, 5, 0, 1, 22]
[C:\Program Files\Windows Media Player\wmpnssci.dll] [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
[F:\UFO771至尊星\新建文件夹\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 3596 / fan][C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe] [Adobe Systems Inc., 6.0.0.2003051500]
[C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.chs] [Adobe Systems Inc., 6.0.0.0]
[C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [TENCENT, 5, 0, 1, 22]
[F:\UFO771至尊星\新建文件夹\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 2136 / fan][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\EntApi.dll] [McAfee, Inc, 8.0.0.453]
[C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [TENCENT, 5, 0, 1, 22]
[C:\Program Files\TENCENT\SSPlus\SAddr.dll] [Tencent, 5, 0, 1, 18]
[C:\Program Files\Internet Explorer\mui\0804\browselc.dll] [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)]
[C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL] [MyWebSearch.com, 2, 2, 60, 1]
[C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL] [FunWebProducts.com, 1,1,1,21]
[C:\Program Files\Internet Explorer\mui\0804\shdoclc.dll] [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)]
[D:\QQDownload\QQIEHelper02.dll] [腾讯公司, 1, 1, 0, 5]
[C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL] [MyWebSearch.com, 1, 0, 2, 3]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 7.0.7.2006011200]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[D:\others can be deleted late\jccatch.dll] [www.flashget.com, 1, 8, 4, 1007]
[C:\WINDOWS\system32\IESeven.dll] [, 1.0.0.8]
[C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll] [Microsoft Corporation, 4.000.248.1]
[C:\WINDOWS\system32\PCEggs.dll] [杭州弈天网络技术有限公司, 1, 0, 2, 1]
[D:\others can be deleted late\getflash.dll] [www.flashget.com, 1, 8, 4, 1003]
[C:\Program Files\Common Files\Microsoft Shared\Windows Live\msidcrl40.dll] [Microsoft Corporation, 4.000.248.1]
[C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoestb.dll] [MyWebSearch.com, 1,2,3,2]
[F:\UFO771至尊星\新建文件夹\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[C:\Program Files\Network Associates\VirusScan\scriptproxy.dll] [Network Associates, Inc., 8.0.0.1012]
[C:\Program Files\Network Associates\VirusScan\mytilus.dll] [McAfee, Inc., 8.0.0.337]
[C:\Program Files\Network Associates\VirusScan\Res09\McShield.dll] [Network Associates, Inc., 8.0.0.251]
[C:\Program Files\Common Files\Network Associates\Engine\mcscan32.dll] [McAfee, Inc., 5.2.00]
[C:\WINDOWS\system32\MFC42LOC.DLL] [Microsoft Corporation, 6.00.8168.0]
[C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 7.0.0.0]
[C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL] [Microsoft Corporation, 11.0.5510]
[C:\WINDOWS\system32\PortableDeviceApi.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
[C:\WINDOWS\system32\UNISPIM6.IME] [北京紫光华宇软件股份有限公司, 6.0.0.6138]
[C:\WINDOWS\system32\IMSC40A.IME] [Microsoft Corporation, 6.0.0.2527]
[C:\PROGRA~1\COMMON~1\MICROS~1\IME\SHARED2.0\MSCAND20.DLL] [Microsoft Corporation, 9.0.5510.0]
[PID: 3212 / fan][D:\QQDownload\QQDownload.exe] [Tencent Technology (Shenzhen) Company Limited, 1, 5, 115, 115]
[C:\WINDOWS\system32\MFC42LOC.DLL] [Microsoft Corporation, 6.00.8168.0]
[C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [TENCENT, 5, 0, 1, 22]
[D:\QQDownload\QQDownload.dll] [Tencent Technology (Shenzhen) Company Limited, 1, 5, 117, 117]
[D:\QQDownload\TNProxy.dll] [Tencent Technology(Shenzhen) Company Limited, 2, 1, 101, 90]
[F:\UFO771至尊星\新建文件夹\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoestb.dll] [MyWebSearch.com, 1,2,3,2]
[C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
[C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
[D:\qq\TIMProxy.dll] [tencent, 0, 3, 2, 4]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\system32\msadp32.acm] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3500 / fan][C:\WINDOWS\SYSTEM32\taskmgr.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [TENCENT, 5, 0, 1, 22]
[F:\UFO771至尊星\新建文件夹\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoestb.dll] [MyWebSearch.com, 1,2,3,2]
[PID: 2448 / fan][F:\XXX\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
[C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll] [TENCENT, 5, 0, 1, 22]
[F:\UFO771至尊星\新建文件夹\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoestb.dll] [MyWebSearch.com, 1,2,3,2]
[F:\XXX\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
==================================
UFO哈哈 - 2007-9-30 21:10:00
文件关联
.TXT Error. [C:\WINDOWS\notepad.exe %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM Error. ["hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
RSVP UDP Service Provider
C:\WINDOWS\system32\TcpIpDogR0.dll(, N/A)
RSVP TCP Service Provider
C:\WINDOWS\system32\TcpIpDogR0.dll(, N/A)
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1 localhost
==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 1128, C:\PROGRAM FILES\COMMON FILES\VIRTUAL TOKEN\VTSERVER.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 212, C:\PROGRAM FILES\IBM\IBM RAPID RESTORE ULTRA\RRPCSB.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1372, C:\WINDOWS\SYSTEM32\TPSHOCKS.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1244, C:\PROGRA~1\THINKPAD\PKGMGR\HOTKEY\TPHKMGR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1696, C:\PROGRAM FILES\THINKPAD\PKGMGR\HOTKEY\TPONSCR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2064, C:\PROGRA~1\THINKPAD\UTILIT~1\EZEJMNAP.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2132, C:\PROGRAM FILES\THINKPAD\PKGMGR\HOTKEY_1\TPSCREX.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2200, C:\PROGRAM FILES\ANALOG DEVICES\SOUNDMAX\SMAX4PNP.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 4012, C:\IBMTOOLS\UTILS\IBMPRC.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2336, C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\QCWLICON.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2768, C:\WINDOWS\VM305_STI.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2788, C:\PROGRAM FILES\NETWORK ASSOCIATES\COMMON FRAMEWORK\UPDATERUI.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2832, C:\PROGRAM FILES\COMMON FILES\NETWORK ASSOCIATES\TALKBACK\TBMON.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2880, C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN\SHSTAT.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2928, C:\PROGRA~1\MYWEBS~1\BAR\1.BIN\MWSOEMON.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3100, C:\WINDOWS\SAMSUNG\COMSMMGR\SSMMGR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3136, F:\UFO771至尊星\新建文件夹\RUNIEP.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3596, C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\DISTILLR\ACROTRAY.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3212, D:\QQDOWNLOAD\QQDOWNLOAD.EXE]
==================================
API HOOK
N/A
==================================
隐藏进程
N/A
==================================
[/CODE]
UFO哈哈 - 2007-9-30 21:14:00
SRE日志都那么长,我可能中了超级大毒
我没上QQ,就打开了几个卡卡社区而已。
菜菜瓜瓜 - 2007-9-30 22:29:00
| 引用: |
【UFO哈哈的贴子】SRE日志都那么长,我可能中了超级大毒
我没上QQ,就打开了几个卡卡社区而已。
……………… |
得住院了~
UFO哈哈 - 2007-10-3 22:56:00
1
© 2000 - 2026 Rising Corp. Ltd.