Torjan.PSW.Win32.....这个病毒要怎么办？ bbs.ikaka.com

嫣香落 - 2007-10-9 14:57:00

这些天被这个病毒搞得好烦，每天被瑞星查出，每天杀不干净，好烦，哪位大虾帮帮忙啊．现把日志放下：
瑞星卡卡电脑诊断日志 v1.30 (2007-10-9 14:15:50) 北京瑞星科技股份有限公司

注释: [A]表示该文件存在自启动关联;
[M]表示该文件在内存中;

+ 注册表自运行项目
+ 系统服务
+ HKLM\System\CurrentControlSet\Services
RfwProxySrv
[A ] 1. c:\rising\rfw\rfwproxy.exe

RfwService
[A ] 2. c:\rising\rfw\rfwsrv.exe

RsCCenter
[A ] 3. c:\rising\rav\ccenter.exe

RsRavMon
[A ] 4. c:\rising\rav\ravmond.exe

WMPNetworkSvc
[A ] 5. c:\program files\windows media player\wmpnetwk.exe

WudfSvc
[A ] 6. c:\windows\system32\wudfsvc.dll

+ 内核驱动
+ HKLM\System\CurrentControlSet\Services
BaseTDI
[A ] 7. c:\windows\system32\drivers\basetdi.sys

ExpScaner
[A ] 8. c:\rising\rav\expscan.sys

ft2kEnum
[A ] 9. c:\windows\system32\drivers\ic2kenum.sys

GDBaseSmc
[A ] 10. c:\windows\system32\drivers\chip_smc.sys

HookCont
[A ] 11. c:\rising\rav\hookcont.sys

HookReg
[A ] 12. c:\rising\rav\hookreg.sys

HookSys
[A ] 13. c:\rising\rav\hooksys.sys

HookUrl
[A ] 14. c:\rising\rfw\hookurl.sys

MEMSCAN
[A ] 15. c:\rising\rav\memscan.sys

mProcRs
[A ] 16. c:\rising\rfw\mprocrs.sys

npkcrypt
[A ] 17. c:\windows\system32\npkcrypt.sys

npkycryp
[A ] 18. c:\windows\system32\npkycryp.sys

Reader_Device
[A ] 19. c:\windows\system32\drivers\usbic2k.sys

RsAntiSpyware
[A ] 20. c:\windows\system32\drivers\rsboot.sys

RsFwDrv
[A ] 21. c:\rising\rfw\rsfwdrv.sys

RsNTGDI
[A ] 22. c:\windows\system32\drivers\rsntgdi.sys

RSPPSYS
[A ] 23. c:\rising\rav\rsppsys.sys

Secdrv
[A ] 24. c:\windows\system32\drivers\secdrv.sys

WudfPf
[A ] 25. c:\windows\system32\drivers\wudfpf.sys

WudfRd
[A ] 26. c:\windows\system32\drivers\wudfrd.sys

+ IE浏览器加载模块
+ HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C}
[AM] 27. c:\windows\system32\kakatool.dll

[用户系统信息]Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; TencentTraveler )

嫣香落 - 2007-10-9 14:58:00

+ 资源管理器加载模块
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
HyperTerminal Icon Ext
[A ] 28. c:\windows\system32\hticons.dll

WinRAR shell extension
[AM] 29. c:\program files\winrar\rarext.dll

Portable Media Devices
[A ] 30. c:\windows\system32\audiodev.dll

Portable Devices
[A ] 31. c:\windows\system32\wpdshext.dll

Portable Devices Menu
[A ] 31. c:\windows\system32\wpdshext.dll

RISING
[AM] 32. c:\windows\system32\ravext.dll

+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
{2D561258-45F3-A451-F908-A258458226D2}
[AM] 33. c:\windows\system32\kvdxsbma.dll

{5D47B341-43DF-4563-753F-345FFA3157D5}
[AM] 34. c:\windows\system32\kvmxema.dll

{3C87A354-ABC3-DEDE-FF33-3213FD7447C3}
[AM] 35. c:\windows\system32\kvdxcma.dll

{2A321487-4977-D98A-C8D5-6488257545A2}
[AM] 36. c:\windows\system32\kapjbzy.dll

{334345F1-DACF-3452-CB7D-4620F34A1533}
[AM] 37. c:\windows\system32\rsztcpm.dll

{2960356A-458E-DE24-BD50-268F589A56A2}
[AM] 38. c:\windows\system32\avwlbmn.dll

{4859245F-345D-BC13-AC4F-145D47DA34F4}
[AM] 39. c:\windows\system32\avzxdmn.dll

{28907901-1416-3389-9981-372178569982}
[AM] 40. c:\windows\system32\kawdbzy.dll

{32CD708B-60A7-4C00-9377-D73EAA495F0F}
[AM] 32. c:\windows\system32\ravext.dll

+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
WPDShServiceObj
[AM] 41. c:\windows\system32\wpdshserviceobj.dll

+ 用户登陆自运行项目
+ HKLM\Software\Microsoft\Windows\CurrentVersion\Run
RfwMain
[AM] 42. c:\rising\rfw\rfwmain.exe

CertificateRegistration
[AM] 43. c:\windows\system32\safesigncertreg.exe

runeip
[AM] 44. c:\rising\antispyware\runiep.exe

RavTask
[A ] 45. c:\rising\rav\ravtask.exe

+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
KKDelay
[A ] 46. c:\rising\antispyware\runonce.exe

+ 开机执行
+ HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order
BootExecute
[A ] 47. c:\windows\system32\bsmain.exe

[A ] 48. c:\windows\system32\kknative.exe

+ 映像劫持
+ HKCR\.html
htmlfile\open\Command
[AM] 49. e:\program files\tencent\qq\tt\ttraveler.exe

htmlfile\TencentTraveler\Command
[AM] 49. e:\program files\tencent\qq\tt\ttraveler.exe

+ HKCR\.htm
htmlfile\open\Command
[AM] 49. e:\program files\tencent\qq\tt\ttraveler.exe

htmlfile\TencentTraveler\Command
[AM] 49. e:\program files\tencent\qq\tt\ttraveler.exe

+ 程序初始化和已知动态连接库
+ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
AppInit_DLLs
[AM] 34. c:\windows\system32\kvmxema.dll

+ 其他自启动项目
+ C:\Documents and Settings\lili\「开始」菜单\程序\启动
QQ游戏启动加速程序.lnk
[A ] 50. e:\program files\tencent\qq\qqgame\accel.exe

嫣香落 - 2007-10-9 14:59:00

正在运行的进程
+ 000000a4(164) hypmain.exe
00400000[004B6000]
[ M] 51. f:\dzh\internet\hypmain.exe

41000000[0000C000]
[ M] 52. f:\dzh\internet\borlndmm.dll

10000000[00012000]
[ M] 53. f:\dzh\internet\zlib.dll

00370000[0004B000]
[ M] 54. f:\dzh\internet\tcpip.dll

003C0000[0002A000]
[ M] 55. f:\dzh\internet\hypdown.dll

5F400000[000F2000]
[ M] 56. f:\dzh\internet\mfc42.dll

008C0000[0004F000]
[ M] 57. f:\dzh\internet\investdll.dll

00910000[00097000]
[ M] 58. f:\dzh\internet\wgdll.dll

012C0000[0000C000]
[AM] 35. c:\windows\system32\kvdxcma.dll

78C00000[00029000]
[ M] 59. f:\dzh\internet\olepro32.dll

30000000[002EF000]
[ M] 60. c:\windows\system32\macromed\flash\flash9d.ocx

72C80000[00008000]
[ M] 61. c:\windows\system32\msacm32.drv

052F0000[0001B000]
[ M] 62. c:\rising\antispyware\ieprot.dll

05360000[0000C000]
[AM] 36. c:\windows\system32\kapjbzy.dll

05370000[0000C000]
[AM] 33. c:\windows\system32\kvdxsbma.dll

05710000[0000C000]
[AM] 37. c:\windows\system32\rsztcpm.dll

05820000[0000C000]
[AM] 34. c:\windows\system32\kvmxema.dll

05930000[0000C000]
[AM] 38. c:\windows\system32\avwlbmn.dll

05A40000[0000C000]
[AM] 40. c:\windows\system32\kawdbzy.dll

05B50000[0000C000]
[AM] 39. c:\windows\system32\avzxdmn.dll

+ 00000124(292) smss.exe

+ 0000015c(348) csrss.exe

+ 00000174(372) winlogon.exe
004D0000[0000C000]
[AM] 36. c:\windows\system32\kapjbzy.dll

72C80000[00008000]
[ M] 61. c:\windows\system32\msacm32.drv

+ 000001a4(420) services.exe
47260000[0000F000]
[ M] 63. c:\windows\apppatch\acadproc.dll

003C0000[0000C000]
[AM] 36. c:\windows\system32\kapjbzy.dll

+ 000001b0(432) lsass.exe
003C0000[0000C000]
[AM] 36. c:\windows\system32\kapjbzy.dll

+ 00000254(596) svchost.exe
003C0000[0000C000]
[AM] 36. c:\windows\system32\kapjbzy.dll

+ 00000288(648) svchost.exe
003C0000[0000C000]
[AM] 36. c:\windows\system32\kapjbzy.dll

+ 000002c4(708) svchost.exe
003C0000[0000C000]
[AM] 36. c:\windows\system32\kapjbzy.dll

+ 000002f0(752) svchost.exe
003C0000[0000C000]
[AM] 36. c:\windows\system32\kapjbzy.dll

+ 00000324(804) svchost.exe
003C0000[0000C000]
[AM] 36. c:\windows\system32\kapjbzy.dll

+ 000003fc(1020) hypwise.exe
00400000[0002B000]
[ M] 64. f:\dzh\internet\hypwise.exe

5F400000[000F2000]
[ M] 56. f:\dzh\internet\mfc42.dll

003C0000[0000C000]
[AM] 36. c:\windows\system32\kapjbzy.dll

10000000[0001B000]
[ M] 62. c:\rising\antispyware\ieprot.dll

+ 00000410(1040) RavStub.exe
00400000[00018000]
[ M] 65. c:\rising\rav\ravstub.exe

10000000[0001B000]
[ M] 66. c:\rising\rav\rscommx.dll

23700000[0001A000]
[ M] 67. c:\rising\rav\rscommon.dll

+ 0000041c(1052) Explorer.EXE
003D0000[0000C000]
[AM] 36. c:\windows\system32\kapjbzy.dll

10000000[0003E000]
[ M] 68. c:\documents and settings\lili\application data\ppstream\bin\1.0.0.2\vodrc.dll

00D80000[0000C000]
[AM] 33. c:\windows\system32\kvdxsbma.dll

00D90000[0000C000]
[AM] 34. c:\windows\system32\kvmxema.dll

00DA0000[0000C000]
[AM] 35. c:\windows\system32\kvdxcma.dll

00DB0000[0000C000]
[AM] 37. c:\windows\system32\rsztcpm.dll

00EE0000[0000C000]
[AM] 38. c:\windows\system32\avwlbmn.dll

00F30000[0000C000]
[AM] 39. c:\windows\system32\avzxdmn.dll

00F80000[0000C000]
[AM] 40. c:\windows\system32\kawdbzy.dll

00FD0000[0001B000]
[AM] 32. c:\windows\system32\ravext.dll

164A0000[00023000]
[AM] 41. c:\windows\system32\wpdshserviceobj.dll

109C0000[0002C000]
[ M] 69. c:\windows\system32\portabledevicetypes.dll

10930000[00049000]
[ M] 70. c:\windows\system32\portabledeviceapi.dll

013E0000[0001B000]
[ M] 62. c:\rising\antispyware\ieprot.dll

72C80000[00008000]
[ M] 61. c:\windows\system32\msacm32.drv

028B0000[0002D000]
[AM] 29. c:\program files\winrar\rarext.dll

23700000[0001A000]
[ M] 67. c:\rising\rav\rscommon.dll

+ 000004b4(1204) spoolsv.exe
003C0000[0000C000]
[AM] 36. c:\windows\system32\kapjbzy.dll

+ 000004f4(1268) SCardSvr.exe

+ 000005e8(1512) RfwMain.exe
00400000[00073000]
[AM] 42. c:\rising\rfw\rfwmain.exe

26600000[0007D000]
[ M] 71. c:\rising\rfw\rsguilib.dll

23700000[0001A000]
[ M] 72. c:\rising\rfw\rscommon.dll

10000000[0000F000]
[ M] 73. c:\rising\rfw\rfwctrl.dll

23800000[0001A000]
[ M] 74. c:\rising\rfw\rsxml.dll

23900000[00031000]
[ M] 75. c:\rising\rfw\pngdll.dll

01320000[0001B000]
[ M] 62. c:\rising\antispyware\ieprot.dll

72C80000[00008000]
[ M] 61. c:\windows\system32\msacm32.drv

+ 0000069c(1692) SafeSignCertReg.exe
00400000[00007000]
[AM] 43. c:\windows\system32\safesigncertreg.exe

003C0000[0000C000]
[AM] 36. c:\windows\system32\kapjbzy.dll

+ 000006d4(1748) runiep.exe
00400000[00013000]
[AM] 44. c:\rising\antispyware\runiep.exe

00C00000[0001B000]
[ M] 62. c:\rising\antispyware\ieprot.dll

嫣香落 - 2007-10-9 15:06:00

+ 00000740(1856) ctfmon.exe
003D0000[0000C000]
[AM] 36. c:\windows\system32\kapjbzy.dll

10000000[0001B000]
[ M] 62. c:\rising\antispyware\ieprot.dll

+ 00000810(2064) alg.exe

+ 00000970(2416) RsAgent.exe
00400000[0003A000]
[ M] 76. c:\rising\rav\rsagent.exe

10000000[0001B000]
[ M] 66. c:\rising\rav\rscommx.dll

00E60000[0001B000]
[ M] 62. c:\rising\antispyware\ieprot.dll

+ 0000098c(2444) AgentSvr.exe
007E0000[0000C000]
[AM] 34. c:\windows\system32\kvmxema.dll

10000000[0001B000]
[ M] 62. c:\rising\antispyware\ieprot.dll

72C80000[00008000]
[ M] 61. c:\windows\system32\msacm32.drv

009A0000[0000C000]
[AM] 38. c:\windows\system32\avwlbmn.dll

009B0000[0000C000]
[AM] 33. c:\windows\system32\kvdxsbma.dll

009C0000[0000C000]
[AM] 36. c:\windows\system32\kapjbzy.dll

009D0000[0000C000]
[AM] 40. c:\windows\system32\kawdbzy.dll

+ 00000c70(3184) iexplore.exe
10000000[0003E000]
[ M] 68. c:\documents and settings\lili\application data\ppstream\bin\1.0.0.2\vodrc.dll

01130000[0001B000]
[ M] 62. c:\rising\antispyware\ieprot.dll

02A50000[0000C000]
[AM] 34. c:\windows\system32\kvmxema.dll

02B60000[0000C000]
[AM] 33. c:\windows\system32\kvdxsbma.dll

02D40000[0000C000]
[AM] 40. c:\windows\system32\kawdbzy.dll

02E50000[0000C000]
[AM] 36. c:\windows\system32\kapjbzy.dll

02FE0000[0000C000]
[AM] 38. c:\windows\system32\avwlbmn.dll

03A70000[00019000]
[ M] 77. c:\rising\rav\ravscrch.dll

30000000[002EF000]
[ M] 60. c:\windows\system32\macromed\flash\flash9d.ocx

72C80000[00008000]
[ M] 61. c:\windows\system32\msacm32.drv

+ 00000cc0(3264) RfwCfg.exe
00400000[00159000]
[ M] 78. c:\rising\rfw\rfwcfg.exe

26600000[0007D000]
[ M] 71. c:\rising\rfw\rsguilib.dll

003C0000[0000C000]
[AM] 33. c:\windows\system32\kvdxsbma.dll

10000000[0000E000]
[ M] 79. c:\rising\rfw\rsappmgr.dll

00CC0000[0002F000]
[ M] 80. c:\rising\rfw\cfgdll.dll

23700000[0001A000]
[ M] 72. c:\rising\rfw\rscommon.dll

00FE0000[0000F000]
[ M] 73. c:\rising\rfw\rfwctrl.dll

00FF0000[00007000]
[ M] 81. c:\rising\rfw\proxyctr.dll

23800000[0001A000]
[ M] 74. c:\rising\rfw\rsxml.dll

23900000[00031000]
[ M] 75. c:\rising\rfw\pngdll.dll

01890000[00012000]
[ M] 82. c:\rising\rfw\mports.dll

01720000[0001B000]
[ M] 62. c:\rising\antispyware\ieprot.dll

01990000[0000C000]
[AM] 38. c:\windows\system32\avwlbmn.dll

028A0000[0000C000]
[AM] 40. c:\windows\system32\kawdbzy.dll

029B0000[0000C000]
[AM] 36. c:\windows\system32\kapjbzy.dll

02AC0000[0000C000]
[AM] 34. c:\windows\system32\kvmxema.dll

02CF0000[00008000]
[ M] 83. c:\rising\rfw\rfwlog.dll

+ 00000db4(3508) QQ.exe
00400000[001B6000]
[ M] 84. e:\program files\tencent\qq\qq\qq.exe

10000000[00022000]
[ M] 85. e:\program files\tencent\qq\qq\coralassist.dll

005D0000[0007E000]
[ M] 86. e:\program files\tencent\qq\qq\coralqq.dll

003B0000[00029000]
[ M] 87. e:\program files\tencent\qq\qq\kql.dll

7C420000[00087000]
[ M] 88. e:\program files\tencent\qq\qq\msvcp80.dll

78130000[0009B000]
[ M] 89. e:\program files\tencent\qq\qq\msvcr80.dll

60A80000[000F2000]
[ M] 90. e:\program files\tencent\qq\qq\mfc42.dll

003F0000[00009000]
[ M] 91. e:\program files\tencent\qq\qq\ipsearcher.dll

00660000[00261000]
[ M] 92. e:\program files\tencent\qq\qq\qqbaseclassindll.dll

61740000[000A7000]
[ M] 93. e:\program files\tencent\qq\qq\qqhelperdll.dll

600A0000[00072000]
[ M] 94. e:\program files\tencent\qq\qq\basicctrldll.dll

00EF0000[0000C000]
[AM] 35. c:\windows\system32\kvdxcma.dll

01D90000[0000B000]
[ M] 95. e:\program files\tencent\qq\qq\nodisturbfilter.cqx

01E20000[00006000]
[ M] 96. e:\program files\tencent\qq\qq\confighotkey.cqx

62250000[00005000]
[ M] 97. e:\program files\tencent\qq\qq\riched32.dll

621E0000[00068000]

嫣香落 - 2007-10-9 15:06:00

62250000[00005000]
[ M] 97. e:\program files\tencent\qq\qq\riched32.dll

621E0000[00068000]
[ M] 98. e:\program files\tencent\qq\qq\riched20.dll

61310000[0003A000]
[ M] 99. e:\program files\tencent\qq\qq\qqapi.dll

623A0000[00007000]
[ M] 100. e:\program files\tencent\qq\qq\timproxy.dll

025A0000[0001B000]
[ M] 62. c:\rising\antispyware\ieprot.dll

02840000[00006000]
[ M] 101. e:\program files\tencent\qq\qq\autoreconnect.cqx

60890000[00038000]
[ M] 102. e:\program files\tencent\qq\qq\loginctrl.dll

608D0000[00099000]
[ M] 103. e:\program files\tencent\qq\qq\loginctrlres.dll

04250000[0000C000]
[AM] 39. c:\windows\system32\avzxdmn.dll

04360000[0000C000]
[AM] 40. c:\windows\system32\kawdbzy.dll

04470000[0000C000]
[AM] 38. c:\windows\system32\avwlbmn.dll

04580000[0000C000]
[AM] 34. c:\windows\system32\kvmxema.dll

04690000[0000C000]
[AM] 37. c:\windows\system32\rsztcpm.dll

047A0000[0000C000]
[AM] 33. c:\windows\system32\kvdxsbma.dll

048B0000[0000C000]
[AM] 36. c:\windows\system32\kapjbzy.dll

02E90000[004DE000]
[ M] 104. e:\program files\tencent\qq\qq\qqres.dll

62860000[0003C000]
[ M] 105. e:\program files\tencent\qq\qq\wizardctrl.dll

61840000[00093000]
[ M] 106. e:\program files\tencent\qq\qq\qqmainframe.dll

603C0000[001A3000]
[ M] 107. e:\program files\tencent\qq\qq\gdiplus.dll

04C50000[00123000]
[ M] 108. e:\program files\tencent\qq\qq\cqqapplication.dll

60380000[0003F000]
[ M] 109. e:\program files\tencent\qq\qq\flashavatardll.dll

60C20000[0005E000]
[ M] 110. e:\program files\tencent\qq\qq\newskin.dll

04F80000[000BD000]
[ M] 111. e:\program files\tencent\qq\qq\hostingmgr.dll

60140000[00034000]
[ M] 112. e:\program files\tencent\qq\qq\cameradll.dll

60A40000[00032000]
[ M] 113. e:\program files\tencent\qq\qq\mailsummary.dll

03D90000[0000F000]
[ M] 114. e:\program files\tencent\qq\qq\coralhotkey.cqx

617F0000[00017000]
[ M] 115. e:\program files\tencent\qq\qq\qqknowledgesearch.dll

051A0000[001F4000]
[ M] 116. e:\program files\tencent\qq\qq\qqallinone.dll

62280000[0002B000]
[ M] 117. e:\program files\tencent\qq\qq\sccore.dll

62090000[00024000]
[ M] 118. e:\program files\tencent\qq\qq\qqspace.dll

623F0000[00071000]
[ M] 119. e:\program files\tencent\qq\qq\vbscript.dll

616C0000[00071000]
[ M] 120. e:\program files\tencent\qq\qq\qqgroupmng.dll

623D0000[00017000]
[ M] 121. e:\program files\tencent\qq\qq\userdefinedhead.dll

61A10000[000D7000]
[ M] 122. e:\program files\tencent\qq\qq\qqplugin.dll

620C0000[0003D000]
[ M] 123. e:\program files\tencent\qq\qq\qqsysmsgmng.dll

61600000[0000C000]
[ M] 124. e:\program files\tencent\qq\qq\qqconfigplugin.dll

61350000[0003D000]
[ M] 125. e:\program files\tencent\qq\qq\qqavatar.dll

03470000[00051000]
[ M] 126. e:\program files\tencent\qq\qq\qqcustomface.dll

621C0000[00016000]
[ M] 127. e:\program files\tencent\qq\qq\qringmng.dll

60970000[000A8000]
[ M] 128. e:\program files\tencent\qq\qq\longconnection.dll

60D20000[00026000]
[ M] 129. e:\program files\tencent\qq\qq\phoneapi.dll

60330000[0000D000]
[ M] 130. e:\program files\tencent\qq\qq\dialerallinone.dll

72C80000[00008000]
[ M] 61. c:\windows\system32\msacm32.drv

619E0000[0002A000]
[ M] 131. e:\program files\tencent\qq\qq\qqpet.dll

60120000[0001F000]
[ M] 132. e:\program files\tencent\qq\qq\bqqapplication.dll

60CA0000[0000F000]
[ M] 133. e:\program files\tencent\qq\qq\personaldesktop.dll

62000000[00072000]
[ M] 134. e:\program files\tencent\qq\qq\qqsettingctrl.dll

60180000[0004F000]
[ M] 135. e:\program files\tencent\qq\qq\commercesmng.dll

06060000[00286000]
[ M] 136. e:\program files\tencent\qq\qq\qqaddr.dll

61FD0000[0002C000]
[ M] 137. e:\program files\tencent\qq\qq\qqscenemng.dll

021A0000[0002B000]
[ M] 138. e:\program files\tencent\qq\qq\addrsearch.dll

+ 00000dc4(3524) TIMPlatform.exe
00400000[00013000]
[ M] 139. e:\program files\tencent\qq\qq\timplatform.exe

10000000[0001B000]
[ M] 62. c:\rising\antispyware\ieprot.dll

623A0000[00007000]
[ M] 100. e:\program files\tencent\qq\qq\timproxy.dll

+ 00000e28(3624) TTraveler.exe
00400000[00321000]
[AM] 49. e:\program files\tencent\qq\tt\ttraveler.exe

10000000[0003E000]
[ M] 68. c:\documents and settings\lili\application data\ppstream\bin\1.0.0.2\vodrc.dll

01CF0000[00057000]
[AM] 27. c:\windows\system32\kakatool.dll

07460000[0002E000]
[ M] 140. e:\program files\tencent\qq\tt\plugins\qqfloatbar\qqfloatbar4tt2.dll

074C0000[0002F000]
[ M] 141. e:\program files\tencent\qq\tt\plugins\tweather\tweather.dll

07620000[0001B000]
[ M] 62. c:\rising\antispyware\ieprot.dll

07760000[00050000]
[ M] 142. e:\program files\tencent\qq\tt\ttnetfavor.dll

012E0000[00019000]
[ M] 77. c:\rising\rav\ravscrch.dll

72C80000[00008000]
[ M] 61. c:\windows\system32\msacm32.drv

09310000[0000C000]
[AM] 36. c:\windows\system32\kapjbzy.dll

09320000[0000C000]
[AM] 33. c:\windows\system32\kvdxsbma.dll

09330000[0000C000]
[AM] 37. c:\windows\system32\rsztcpm.dll

09340000[0000C000]
[AM] 34. c:\windows\system32\kvmxema.dll

09350000[0000C000]
[AM] 38. c:\windows\system32\avwlbmn.dll

09360000[0000C000]
[AM] 40. c:\windows\system32\kawdbzy.dll

09370000[0000C000]
[AM] 39. c:\windows\system32\avzxdmn.dll

09380000[0000C000]
[AM] 35. c:\windows\system32\kvdxcma.dll

73200000[00031000]
[ M] 143. c:\windows\system32\winwb86.ime

30000000[002EF000]
[ M] 60. c:\windows\system32\macromed\flash\flash9d.ocx

+ 00000ea8(3752) Ras.exe
00400000[00160000]
[ M] 144. c:\rising\antispyware\ras.exe

10000000[00013000]
[ M] 145. c:\rising\antispyware\topsoft.dll

7C140000[00103000]
[ M] 146. c:\rising\antispyware\mfc71.dll

7C340000[00056000]
[ M] 147. c:\rising\antispyware\msvcr71.dll

7C3A0000[0007B000]
[ M] 148. c:\rising\antispyware\msvcp71.dll

003D0000[0000C000]
[AM] 40. c:\windows\system32\kawdbzy.dll

00F20000[000BD000]
[ M] 149. c:\rising\antispyware\rasgui.dll

01740000[0001B000]
[ M] 62. c:\rising\antispyware\ieprot.dll

01860000[0000C000]
[AM] 36. c:\windows\system32\kapjbzy.dll

01970000[0000C000]
[AM] 34. c:\windows\system32\kvmxema.dll

01A90000[0000C000]
[AM] 38. c:\windows\system32\avwlbmn.dll

01BA0000[0000C000]
[AM] 33. c:\windows\system32\kvdxsbma.dll

02B20000[0002F000]
[ M] 150. c:\rising\antispyware\engine.dll

02B50000[00012000]
[ M] 151. c:\rising\antispyware\zip.dll

瑞星卡卡安全论坛