瑞星卡卡安全论坛
莜瞳 - 2008-1-30 19:09:00
请高手帮忙~~~今天用瑞星怎么也杀不掉.
这是报告:
瑞星病毒查杀结果报告
清除病毒种类列表:
病毒: Trojan.PSW.Win32.ZeroOnline.dc
病毒: Trojan.PSW.Win32.GameOL.lji
病毒: Trojan.PSW.Win32.QQGame.bu
病毒: Trojan.PSW.Win32.GameOL.GEN
病毒: Trojan.PSW.Win32.OnlineGames.GEN
病毒: Malicious Code
病毒: Trojan.PSW.Win32.GamesOnline.ip
病毒: RootKit.Win32.CallGate.n
这是用sreng扫的:[CODE]
2008-01-30,18:22:00
System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)
Windows XP Home Edition Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher]
<swg><C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe>
[N/A]
<PictureShow><"C:\Program Files\PictureShow\poco_tools.exe" -p PictureShow> [(Verified)
Guangzhou ShuLian Software Technology Ltd]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)
Microsoft Windows Publisher]
<PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [(Verified)Microsoft
Windows Publisher]
<PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [(Verified)Microsoft
Windows Component Publisher]
<IgfxTray><C:\WINDOWS\system32\igfxtray.exe> [(Verified)Microsoft Windows Component Publisher]
<HotKeysCmds><C:\WINDOWS\system32\hkcmd.exe> [(Verified)Microsoft Windows Publisher]
<SoundMan><SOUNDMAN.EXE> [(Verified)Microsoft Windows Publisher]
<AGRSMMSG><AGRSMMSG.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<fscp><C:\Program Files\AVC Finger-sensing Pad Driver\fscp.exe> []
<EnergyUtility><C:\Program Files\Lenovo\EnergyCut\utilty.exe> [TODO: <Company name>]
<EnergyCut><C:\Program Files\Lenovo\EnergyCut\EnergyCut.exe> []
<QkOnBtn><C:\Program Files\QBU\QkOnBtn.EXE> [Dritek System Inc.]
<RemoteControl><"C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"> [Cyberlink Corp.]
<IgrsSignal><"C:\Program Files\lenovo\IGRS\Ext\IgrsSignal.exe"> [Lenovo Group Limited]
<IgrsNotify><"C:\Program Files\lenovo\IGRS\Ext\IgrsNotify.exe"> [Lenovo Group Limited]
<IgrsPortal><"C:\Program Files\lenovo\IGRS EasyShare\IgrsPortal.exe"> [Lenovo Group Limited]
<NeroFilterCheck><C:\WINDOWS\system32\NeroCheck.exe> [Ahead Software Gmbh]
<RavTimer><D:\瑞星\RISING\RAV\RAVTIMER.EXE> [Beijing Rising Technology Co., Ltd.]
<RavMon><D:\瑞星\RISING\RAV\RAVMON.EXE -SYSTEM> [(Verified)Beijing Rising Science and
Technology Corporation Limited]
<TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot>
[RealNetworks, Inc.]
<BIE><RUNDLL32.EXE C:\PROGRA~1\baidu\iexp\BDSrHook.dll,Rundll32> []
<StormCodec_Helper><"D:\播放器\Storm Codec\StormSet.exe" /S /opti> []
<Knight V><> [N/A]
<MenuOrder><C:\Program Files\ICBCPe~1\ICBC\Gemplus(Personal)\MenuOrder\MenuOrder.exe> []
<gemstrmw><C:\WINDOWS\system32\gemstrmw.exe /r> [Gemplus]
<Regtool><C:\Program Files\Gemplus\GemSafe Libraries\BIN\Regtool.exe> []
<RavTask><"D:\瑞星\Rising\Rav\RavTask.exe" -system> [(Verified)Beijing Rising Science and
Technology Corporation Limited]
<RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup> [(Verified)Beijing Rising
Science and Technology Corporation Limited]
<NVDispDrv><C:\WINDOWS\NVDispDRV.EXE> []
<WSockDrv32><C:\WINDOWS\WSockDrv32.exe> []
<upxdnd><C:\WINDOWS\upxdnd.exe> []
<DbgHlp32><C:\WINDOWS\DbgHlp32.exe> []
<LotusHlp><C:\WINDOWS\LotusHlp.exe> []
<PTSShell><C:\WINDOWS\PTSShell.exe> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<MSDEG32><LYLoader.exe> []
<MSDWG32><LYLoadbr.exe> [N/A]
<MSDCG32 ><LYLeador.exe> [N/A]
<MSDOG32><LYLoador.exe> [N/A]
<MSDSG32><LYLoadar.exe> [N/A]
<MSDMG32><LYLoadmr.exe> [N/A]
<MSDHG32><LYLoadhr.exe> [N/A]
<MSDQG32><LYLoadqr.exe> [N/A]
<Wisin><C:\WINDOWS\system32\Wisin.exe> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Publisher]
<Userinit><C:\WINDOWS\system32\UserInit.exe,> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll> [(Verified)Beijing
Rising Science and Technology Corporation Limited]
<{fb7b7d12-095f-41a2-89a0-fb652a14689d}><C:\WINDOWS\system32\OAA_OAA_1009.dll> []
<{22FAACDE-34DA-CCD4-AB4D-DA34485A3422}><C:\WINDOWS\Fonts\rsjzbpm.dll> []
<{882b9d3d-0b9e-4398-89b8-8b65ea04e904}><C:\WINDOWS\system32\IGB_CQSJ_1018.dll> []
<{57034a0c-a6c1-4209-a47f-14c3b826dd1e}><C:\WINDOWS\system32\IGB_TMZ_1025.dll> []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igrswn]
<WinlogonNotify: igrswn><C:\Program Files\lenovo\IGRS\Ext\igrswn.dll> [Lenovo Group Limited]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e
-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061
-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-
F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32
\themeui.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-
00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE
/CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-
00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection
C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-
00c04fd912be}]
<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection
C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-
00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection
C:\WINDOWS\INF\wmp.inf,PerUserStub> []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-
00C04FA35D02}]
<通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>
[N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-
5476DBF70820}]
<N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install> [Microsoft
Corporation]
[用户系统信息]Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
莜瞳 - 2008-1-30 19:11:00
接上:
=================================
启动文件夹
N/A
==================================
服务
[Application Management / AppMgmt][Stopped/Manual Start]
<C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
<C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[FspadSvc / FspadSvc][Running/Auto Start]
<C:\Program Files\AVC Finger-sensing Pad Driver\FspadSvr.exe><N/A>
[General Updater/AutoUpdater Service / GUA][Running/Auto Start]
<"C:\Program Files\lenovo\GUA\GUA.exe"><lenovo>
[Google Updater Service / gusvc][Stopped/Manual Start]
<"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[IGRS / IGRS][Running/Auto Start]
<C:\Program Files\lenovo\IGRS\IGRS.exe><Lenovo Group Limited>
[IGRSFILE / IGRSFILE][Running/Auto Start]
<C:\Program Files\lenovo\IGRS Profiles\File Profile\IgrsFile.exe><Lenovo Group Limited>
[IgrsFileShare / IgrsFileShare][Running/Auto Start]
<"C:\Program Files\lenovo\IGRS EasyShare\FileShare.exe"><联想集团有限公司>
[IgrsMonitor / IgrsMonitor][Running/Auto Start]
<"C:\Program Files\lenovo\IGRS\Ext\IgrsMonitor.exe"><Lenovo Group Limited>
[MicroGrid DirectRouter / MicroGrid.DirectRouter][Running/Auto Start]
<C:\Program Files\lenovo\IGRS\Ext\router.exe><Lenovo Group Limited>
[Rising Proxy Service / RfwProxySrv][Stopped/Auto Start]
<c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Stopped/Auto Start]
<c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter][Stopped/Auto Start]
<"D:\瑞星\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
<"D:\瑞星\RISING\RAV\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[WMCSVC / WMCSVC][Running/Auto Start]
<C:\Program Files\lenovo\IGRS\Ext\wmcsvc.exe><Lenovo Group Limited>
==================================
驱动程序
[Lenovo Virtual Power Controller Driver / ACPIVPC][Running/Manual Start]
<system32\DRIVERS\AcpiVpc.sys><Lenovo Corporation>
[ADProt / ADProt][Stopped/System Start]
<\SystemRoot\system32\drivers\ADProt.sys><N/A>
[adsrsvc / adsrsvc][Running/Boot Start]
<\SystemRoot\system32\drivers\adsrsvc.sys><>
[Agere Systems Soft Modem / AgereSoftModem][Running/Manual Start]
<system32\DRIVERS\AGRSM.sys><Agere Systems>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
<system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[Atheros Wireless Network Adapter Service / AR5211][Stopped/Manual Start]
<system32\DRIVERS\ar5211.sys><Atheros Communications, Inc.>
[ATI2HDDSRV / ATI2HDDSRV][Running/Manual Start]
<\??\C:\WINDOWS\system32\drivers\ati32srv.sys><N/A>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
<System32\DRIVERS\BaseTDI.SYS><Rising>
[Broadcom 440x 10/100 Integrated Controller XP Driver / bcm4sbxp][Running/Manual Start]
<system32\DRIVERS\bcm4sbxp.sys><Broadcom Corporation>
[BdGuard / BdGuard][Running/Boot Start]
<\SystemRoot\system32\drivers\BDGuard.SYS><>
[DeepFree Update / DeepFree Update][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\drivers\pcihdd2.sys><N/A>
[Dritek HotKey Keyboard Filter Driver / DKbFltr][Running/Manual Start]
<System32\Drivers\DKbFltr.sys><Dritek System Inc.>
[Rising Exploit Scaner 1.0 / ExpScaner][Stopped/Manual Start]
<\??\D:\瑞星\RISING\RAV\ExpScan.sys><N/A>
[AVC Finger-sensing Pad Driver for Windows 2000/XP / fspad][Running/Manual Start]
<system32\DRIVERS\fspad.sys><Asia Vital Components Co.,Ltd.>
[GKeyUSB / GKeyUSB][Stopped/Manual Start]
<System32\Drivers\GKeyUSB.sys><Gemplus>
[HookCont / HookCont][Running/System Start]
<\SystemRoot\system32\drivers\HookCont.sys><Beijing Rising Technology Co., Ltd>
[HookNtos / HookNtos][Running/System Start]
<\SystemRoot\system32\drivers\HookNtos.sys><Beijing Rising Technology Co., Ltd>
[HookReg / HookReg][Running/System Start]
<\SystemRoot\system32\drivers\HookReg.sys><Beijing Rising Technology Co., Ltd>
[HookSys / HookSys][Running/System Start]
<\SystemRoot\system32\drivers\HookSys.sys><Beijing Rising Technology Co., Ltd>
[HookUrl / HookUrl][Running/Auto Start]
<\??\C:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[ialm / ialm][Running/Manual Start]
<system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[msskye / msskye][Running/Auto Start]
<system32\DRIVERS\msaclue.sys><N/A>
[npkcrypt / npkcrypt][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\npkcrypt.sys><N/A>
[npkycryp / npkycryp][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\npkycryp.sys><N/A>
[StarForce Protection Environment Driver v6 / prodrv06][Running/System Start]
<\SystemRoot\System32\drivers\prodrv06.sys><StarForce Technologies, Inc.>
[StarForce Protection Helper Driver v2 / prohlp02][Running/Boot Start]
<\SystemRoot\System32\drivers\prohlp02.sys><StarForce Technologies, Inc.>
[StarForce Protection Synchronization Driver v1 / prosync1][Running/Boot Start]
<\SystemRoot\System32\drivers\prosync1.sys><StarForce Technologies, Inc.>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Rising Rfwbase Driver / RfwBase][Running/Auto Start]
<System32\DRIVERS\rfwbase.SYS><Beijing Rising Technology Co., Ltd.>
[rgga / rgga][Stopped/Auto Start]
<\??\C:\WINDOWS\system32\drivers\rgga.sys><SafeNet China Ltd.>
[RsFwDrv / RsFwDrv][Running/System Start]
<\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
<\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><N/A>
[Prolific Serial port driver / Ser2pl][Stopped/Manual Start]
<system32\DRIVERS\ser2pl.sys><Prolific Technology Inc.>
[StarForce Protection Helper Driver / sfhlp01][Running/Boot Start]
<\SystemRoot\System32\drivers\sfhlp01.sys><StarForce Technologies, Inc.>
[sptd / sptd][Running/Boot Start]
<\SystemRoot\System32\Drivers\sptd.sys><N/A>
[tifm21 / tifm21][Running/Manual Start]
<system32\drivers\tifm21.sys><Texas Instruments>
[SafeNet China UGA Driver / UGA][Stopped/Manual Start]
<System32\Drivers\rcugawdm.sys><SafeNet China Ltd.>
[vaxscsi / vaxscsi][Stopped/Manual Start]
<\SystemRoot\System32\Drivers\vaxscsi.sys><Alcohol Soft Co., Ltd.>
[用于 Windows XP 的英特尔(R) PRO/无线 2200BG 网络连接驱动程序 / w29n51][Stopped/Manual Start]
<system32\DRIVERS\w29n51.sys><Intel? Corporation>
[Intel(R) PRO/Wireless 7100 Adapter 驱动程序 / w70n51][Stopped/Manual Start]
<system32\DRIVERS\w70n51.sys><Intel? Corporation>
[Wireless Monitor & Config Protocol Driver / WMCDRV][Running/Auto Start]
<system32\DRIVERS\wmcdrv.sys><Lenovo Group Limited>
莜瞳 - 2008-1-30 19:12:00
接上:
==================================
浏览器加载项
[ThunderAtOnce Class]
{01443AEC-0FD1-40fd-9C87-E93D1494C233} <D:\下载器\讯雷\ComDlls\TDAtOnce_Now.dll, Thunder
Networking Technologies,LTD>
[BdSearchHook Class]
{02496EBD-8455-48db-B3C7-5DAC97D9F5A7} <C:\PROGRA~1\baidu\iexp\BDSrHook.dll, >
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 6.0
\Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[NaviHelperObj Class]
{3E422F49-1566-40D3-B43D-077EF739AC32} <C:\WINDOWS\system32\NaviHelper.dll, N/A>
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <D:\QQ\QQIEHelper.dll, N/A>
[BandIE Class]
{77FEF28E-EB96-44FF-B511-3185DEA48697} <C:\Progra~1\Baidu\bar\BaiDuBar.dll, Baidu.com, Inc.>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <D:\下载器\讯雷\ComDlls\xunleiBHO_Now.dll, Thunder
Networking Technologies,LTD>
[IeCatch2 Class]
{A5366673-E8CA-11D3-9CD9-0090271D075B} <D:\PROGRA~1\FlashGet\jccatch.dll, N/A>
[Google Toolbar Helper]
{AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar3.dll, Google Inc.>
[Google Toolbar Notifier BHO]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program
Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
[百度首页]
{02496EBD-8455-48db-B3C7-5DAC97D9F5A7} <http://baidu.com/index.php?tn=winstonzh_dg, N/A>
[启动迅雷5]
{09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <D:\下载器\讯雷\Thunder.exe, Thunder Networking
Technologies,LTD>
[扑克]
{12341234-1234-5678-9012-123456789012} <C:\Documents and Settings\user\My Documents\开心斗地主\开
心斗地主.exe, 飞碟网络>
[联想]
{6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.lenovo.com, N/A>
[FlashGet]
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <D:\PROGRA~1\FlashGet\flashget.exe, N/A>
[QQIEFloatBarCfgCmd Class]
{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <D:\QQ\QQIEHelper.dll, N/A>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft
Corporation>
[闪联任意通]
{0C9B3AB9-DEDF-11D8-A2D4-0050FC464B19} <C:\Program Files\lenovo\IGRS EasyShare\IgrsAnywhere.dll,
Lenovo Group Limited>
[FlashGet Bar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} <D:\PROGRA~1\FlashGet\fgiebar.dll, N/A>
[百度超级搜霸]
{B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\Progra~1\Baidu\bar\BaiDuBar.dll, Baidu.com, Inc.>
[&Google]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar3.dll, Google Inc.>
[Edit Class]
{0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINDOWS\system32\CMBEdit.dll, >
[InfoSecNetSign Class]
{5CB840B5-A94E-4AD9-B785-4866E3B04476} <C:\WINDOWS\DOWNLO~1\ICBCNE~1.DLL, Infosec Technologies
Co., Ltd.>
[ICBCOCX Public Key Check]
{7AEA10C5-B38F-4D72-A8F0-ED2D43D2A59E} <C:\WINDOWS\system32\ICBCPK~1.OCX, Goldpac>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx, Adobe
Systems, Inc.>
[ThunderAtOnce Class]
{01443AEC-0FD1-40FD-9C87-E93D1494C233} <D:\下载器\讯雷\ComDlls\TDAtOnce_Now.dll, Thunder
Networking Technologies,LTD>
[BdSearchHook Class]
{02496EBD-8455-48DB-B3C7-5DAC97D9F5A7} <C:\PROGRA~1\baidu\iexp\BDSrHook.dll, >
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 6.0
\Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[闪联任意通]
{0C9B3AB9-DEDF-11D8-A2D4-0050FC464B19} <C:\Program Files\lenovo\IGRS EasyShare\IgrsAnywhere.dll,
Lenovo Group Limited>
[NaviHelperObj Class]
{3E422F49-1566-40D3-B43D-077EF739AC32} <C:\WINDOWS\system32\NaviHelper.dll, N/A>
[Thunder Agent Class]
{485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <D:\下载器\讯雷\ComDlls\ThunderAgent_Now.dll, Thunder
Networking Technologies,LTD>
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <D:\QQ\QQIEHelper.dll, N/A>
[BandIE Class]
{77FEF28E-EB96-44FF-B511-3185DEA48697} <C:\Progra~1\Baidu\bar\BaiDuBar.dll, Baidu.com, Inc.>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <D:\下载器\讯雷\ComDlls\xunleiBHO_Now.dll, Thunder
Networking Technologies,LTD>
[IeCatch2 Class]
{A5366673-E8CA-11D3-9CD9-0090271D075B} <D:\PROGRA~1\FlashGet\jccatch.dll, N/A>
[Google Toolbar Helper]
{AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar3.dll, Google Inc.>
[Google Toolbar Notifier BHO]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program
Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[百度超级搜霸]
{B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\Progra~1\Baidu\bar\BaiDuBar.dll, Baidu.com, Inc.>
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll,
Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx, Adobe
Systems, Inc.>
[使用网际快车下载]
<D:\下载器\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
<D:\下载器\Program Files\FlashGet\jc_all.htm, N/A>
[使用迅雷下载]
<D:\下载器\讯雷\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
<D:\下载器\讯雷\Program\getallurl.htm, N/A>
[添加到QQ表情]
<D:\QQ2007\AddEmotion.htm, N/A>
==================================
莜瞳 - 2008-1-30 19:20:00
正在运行的进程
[PID: 424 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180
(xpsp_sp2_rtm.040803-2158)]
[PID: 708 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180
(xpsp_sp2_rtm.040803-2158)]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[PID: 732 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180
(xpsp_sp2_rtm.040803-2158)]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[PID: 780 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180
(xpsp_sp2_rtm.040803-2158)]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[PID: 792 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180
(xpsp_sp2_rtm.040803-2158)]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[PID: 940 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180
(xpsp_sp2_rtm.040803-2158)]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[C:\PROGRA~1\baidu\iexp\BDSrHook.dll] [, 1, 0, 0, 45]
[C:\WINDOWS\system32\HDDGuard.dll] [N/A, ]
[C:\WINDOWS\system32\xowoao.dll] [N/A, ]
[C:\WINDOWS\system32\dfeyxz.dll] [N/A, ]
[C:\WINDOWS\system32\ajjjaw.dll] [N/A, ]
[C:\WINDOWS\system32\fltajpxwow.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\lryfpwdzx.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\cmdbcs.dll] [N/A, ]
[C:\WINDOWS\system32\MsIMMs32.dll] [N/A, ]
[C:\WINDOWS\system32\lrubxn.dll] [N/A, ]
[C:\WINDOWS\system32\ptdpif.dll] [N/A, ]
[C:\WINDOWS\system32\AVPSrv.dll] [N/A, ]
[C:\WINDOWS\system32\bioxgnuwm.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\pniwxf.dll] [N/A, ]
[C:\WINDOWS\system32\ryenyfmqj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\owckucizyzj.dll] [Microsoft Corporation, 5.1.2600.3099]
[PID: 1020 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation,
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[PID: 1132 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180
(xpsp_sp2_rtm.040803-2158)]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[PID: 1188 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation,
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[PID: 1300 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180
(xpsp_sp2_rtm.040803-2158)]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[PID: 1888 / user][C:\WINDOWS\system32\userinit.exe] [N/A, ]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[C:\WINDOWS\system32\HDDGuard.dll] [N/A, ]
[PID: 1916 / user][C:\windows\explorer.exe] [Microsoft Corporation, 6.00.2900.2180
(xpsp_sp2_rtm.040803-2158)]
莜瞳 - 2008-1-30 19:22:00
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[C:\Program Files\lenovo\IGRS EasyShare\IgrsAnywhere.dll] [Lenovo Group Limited, 1, 0, 2, 60]
[C:\WINDOWS\system32\OAA_OAA_1009.dll] [N/A, ]
[C:\WINDOWS\system32\IGB_CQSJ_1018.dll] [N/A, ]
[C:\WINDOWS\system32\IGB_TMZ_1025.dll] [N/A, ]
[C:\PROGRA~1\baidu\iexp\BDSrHook.dll] [, 1, 0, 0, 45]
[C:\Program Files\Lenovo\EnergyCut\HookLib.dll] [N/A, ]
[C:\WINDOWS\system32\HDDGuard.dll] [N/A, ]
[C:\WINDOWS\system32\igfxpph.dll] [Intel Corporation, 3.0.0.4291]
[C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation, 3.0.0.4291]
[C:\WINDOWS\system32\igfxres.dll] [Intel Corporation, 3.0.0.4291]
[C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4291]
[C:\WINDOWS\system32\igfxdev.dll] [Intel Corporation, 3.0.0.4291]
[C:\WINDOWS\system32\LYMANGR.DLL] [N/A, ]
[C:\WINDOWS\system32\dfeyxz.dll] [N/A, ]
[C:\WINDOWS\system32\xowoao.dll] [N/A, ]
[C:\WINDOWS\system32\ajjjaw.dll] [N/A, ]
[C:\WINDOWS\system32\fltajpxwow.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\lryfpwdzx.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\cmdbcs.dll] [N/A, ]
[C:\WINDOWS\system32\MsIMMs32.dll] [N/A, ]
[C:\WINDOWS\system32\lrubxn.dll] [N/A, ]
[C:\WINDOWS\system32\ptdpif.dll] [N/A, ]
[C:\WINDOWS\system32\AVPSrv.dll] [N/A, ]
[C:\WINDOWS\Fonts\rsjzbpm.dll] [N/A, ]
[C:\WINDOWS\system32\bioxgnuwm.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\pniwxf.dll] [N/A, ]
[C:\WINDOWS\system32\ryenyfmqj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\owckucizyzj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\Progra~1\Baidu\bar\BaiDuBar.dll] [Baidu.com, Inc., 2, 0, 2, 159]
[D:\下载器\讯雷\Components\ResWorker\DsBho_00.dll] [, 1, 0, 0, 17]
[D:\下载器\讯雷\Components\ResWorker\DataProcessor_00.dll] [Thunder Networking
Technologies,LTD, 1, 0, 0, 16]
[D:\下载器\讯雷\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.5.16]
[C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll] [Adobe Systems
Incorporated, 6.0.0.2003051500]
[D:\下载器\讯雷\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 61]
[D:\解压器\rarext.dll] [N/A, ]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.17]
[D:\瑞星\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
[C:\Program Files\lenovo\IGRS\Ext\IgrsMonitorPS.dll] [N/A, ]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\LgdGuard.dll] [, ]
[D:\下载器\讯雷\ComDlls\ThunderAgent_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 4,
23]
[D:\瑞星\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
[PID: 360 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696
(xpsp_sp2_gdr.050610-1519)]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\vprproc.dll] [Windows (R) 2000 DDK provider,
5.00.2195.1620]
[PID: 472 / LOCAL SERVICE][C:\WINDOWS\System32\SCardSvr.exe] [Microsoft Corporation, 5.1.2600.2180
(xpsp_sp2_rtm.040803-2158)]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[PID: 696 / SYSTEM][C:\Program Files\AVC Finger-sensing Pad Driver\FspadSvr.exe] [N/A, ]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[PID: 712 / SYSTEM][C:\Program Files\lenovo\GUA\GUA.exe] [lenovo, 1.0.0.19]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[PID: 960 / SYSTEM][C:\Program Files\lenovo\IGRS\IGRS.exe] [Lenovo Group Limited, 1.0.0.174]
[C:\Program Files\lenovo\IGRS\framework.dll] [Lenovo Group Limited, 1.0.0.174]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[C:\Program Files\lenovo\IGRS\ReliablePlugin.dll] [Lenovo Group Limited, 1.0.0.174]
[C:\WINDOWS\system32\WMCAPI.dll] [Lenovo Group Limited, 2, 0, 2, 19]
[C:\WINDOWS\system32\wmcdrv.dll] [Lenovo Group Limited, 3, 1, 0, 10]
[C:\WINDOWS\system32\wmcinst.dll] [Lenovo Group Limited, 2, 0, 1, 3]
[C:\Program Files\lenovo\IGRS\CorePlugin.dll] [Lenovo Group Limited, 1.0.0.174]
[C:\Program Files\lenovo\IGRS\SocketPlugin.dll] [Lenovo Group Limited, 1.0.0.174]
[C:\Program Files\lenovo\IGRS\BTComPlugin.dll] [Lenovo Group Limited, 1.0.0.174]
[C:\Program Files\lenovo\IGRS\SerialPortMonitor.dll] [lenovo, 1, 0, 1, 19]
[C:\Program Files\lenovo\IGRS\ProxyPlugin.dll] [Lenovo Group Limited, 1.0.0.174]
[C:\Program Files\lenovo\IGRS\LoggingPlugin.dll] [Lenovo Group Limited, 1.0.0.174]
[C:\Program Files\lenovo\IGRS\DebugPlugin.dll] [Lenovo Group Limited, 1.0.0.174]
[PID: 1060 / SYSTEM][C:\Program Files\lenovo\IGRS\Ext\IgrsMonitor.exe] [Lenovo Group Limited, 1,
0, 1, 13]
[C:\WINDOWS\system32\IgrsApi.dll] [Lenovo Group Limited, 1.0.0.174]
[C:\WINDOWS\system32\WMCAPI.dll] [Lenovo Group Limited, 2, 0, 2, 19]
[C:\WINDOWS\system32\wmcdrv.dll] [Lenovo Group Limited, 3, 1, 0, 10]
[C:\WINDOWS\system32\wmcinst.dll] [Lenovo Group Limited, 2, 0, 1, 3]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[C:\Program Files\lenovo\IGRS\Ext\IgrsMonitorPS.dll] [N/A, ]
[PID: 1100 / SYSTEM][C:\Program Files\lenovo\IGRS\Ext\router.exe] [Lenovo Group Limited, 1, 3, 0,
12]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[C:\WINDOWS\system32\WMCAPI.DLL] [Lenovo Group Limited, 2, 0, 2, 19]
[C:\WINDOWS\system32\wmcdrv.dll] [Lenovo Group Limited, 3, 1, 0, 10]
[C:\WINDOWS\system32\wmcinst.dll] [Lenovo Group Limited, 2, 0, 1, 3]
[PID: 1284 / SYSTEM][C:\Program Files\lenovo\IGRS\Ext\wmcsvc.exe] [Lenovo Group Limited, 2, 0, 2,
17]
[C:\WINDOWS\system32\wmcdrv.dll] [Lenovo Group Limited, 3, 1, 0, 10]
[C:\WINDOWS\system32\wmcinst.dll] [Lenovo Group Limited, 2, 0, 1, 3]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[PID: 2104 / SYSTEM][C:\Program Files\lenovo\IGRS Profiles\File Profile\IgrsFile.exe] [Lenovo
Group Limited, 1, 0, 0, 4]
[C:\WINDOWS\system32\IgrsApi.dll] [Lenovo Group Limited, 1.0.0.174]
[C:\Program Files\lenovo\IGRS Profiles\File Profile\Util.dll] [, 1, 0, 1, 1]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\lenovo\IGRS Profiles\File Profile\FrameWork.dll] [Lenovo, 1, 0, 1, 1]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[C:\Program Files\lenovo\IGRS Profiles\File Profile\FileProfileModule.dll] [Lenovo Group
Limited, 2, 0, 2, 35]
[C:\Program Files\lenovo\IGRS Profiles\File Profile\BFileDialog.dll] [Lenovo Group Limited, 2,
0, 1, 32]
[C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[PID: 2304 / SYSTEM][C:\Program Files\lenovo\IGRS EasyShare\FileShare.exe] [联想集团有限公司, 1,
0, 2, 23]
[C:\Program Files\lenovo\IGRS EasyShare\IGRSAVSDK.dll] [联想集团有限公司, 1, 0, 1, 50204
莜瞳 - 2008-1-30 19:23:00
[C:\WINDOWS\system32\IgrsApi.dll] [Lenovo Group Limited, 1.0.0.174]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\lenovo\IGRS EasyShare\QuickDB.dll] [N/A, ]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[PID: 3216 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180
(xpsp_sp2_rtm.040803-2158)]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[PID: 3304 / user][C:\WINDOWS\system32\igfxtray.exe] [Intel Corporation, 3.0.0.4291]
[C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation, 3.0.0.4291]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[C:\WINDOWS\system32\igfxdev.dll] [Intel Corporation, 3.0.0.4291]
[C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4291]
[C:\WINDOWS\system32\igfxres.dll] [Intel Corporation, 3.0.0.4291]
[C:\WINDOWS\system32\igfxress.dll] [Intel Corporation, 3.0.0.4291]
[C:\PROGRA~1\baidu\iexp\BDSrHook.dll] [, 1, 0, 0, 45]
[C:\WINDOWS\system32\HDDGuard.dll] [N/A, ]
[C:\WINDOWS\system32\owckucizyzj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\ryenyfmqj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\bioxgnuwm.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\lryfpwdzx.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\fltajpxwow.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\pniwxf.dll] [N/A, ]
[C:\WINDOWS\system32\AVPSrv.dll] [N/A, ]
[C:\WINDOWS\system32\ptdpif.dll] [N/A, ]
[C:\WINDOWS\system32\lrubxn.dll] [N/A, ]
[C:\WINDOWS\system32\MsIMMs32.dll] [N/A, ]
[C:\WINDOWS\system32\cmdbcs.dll] [N/A, ]
[C:\WINDOWS\system32\ajjjaw.dll] [N/A, ]
[C:\WINDOWS\system32\xowoao.dll] [N/A, ]
[C:\WINDOWS\system32\dfeyxz.dll] [N/A, ]
[PID: 3372 / user][C:\WINDOWS\system32\hkcmd.exe] [Intel Corporation, 3.0.0.4291]
[C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation, 3.0.0.4291]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[C:\WINDOWS\system32\igfxdev.dll] [Intel Corporation, 3.0.0.4291]
[C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4291]
[C:\WINDOWS\system32\igfxhk.dll] [Intel Corporation, 3.0.0.4291]
[C:\WINDOWS\system32\igfxres.dll] [Intel Corporation, 3.0.0.4291]
[C:\PROGRA~1\baidu\iexp\BDSrHook.dll] [, 1, 0, 0, 45]
[C:\WINDOWS\system32\HDDGuard.dll] [N/A, ]
[C:\WINDOWS\system32\owckucizyzj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\ryenyfmqj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\bioxgnuwm.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\lryfpwdzx.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\fltajpxwow.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\pniwxf.dll] [N/A, ]
[C:\WINDOWS\system32\AVPSrv.dll] [N/A, ]
[C:\WINDOWS\system32\ptdpif.dll] [N/A, ]
[C:\WINDOWS\system32\lrubxn.dll] [N/A, ]
[C:\WINDOWS\system32\MsIMMs32.dll] [N/A, ]
[C:\WINDOWS\system32\cmdbcs.dll] [N/A, ]
[C:\WINDOWS\system32\ajjjaw.dll] [N/A, ]
[C:\WINDOWS\system32\xowoao.dll] [N/A, ]
[C:\WINDOWS\system32\dfeyxz.dll] [N/A, ]
[PID: 3420 / user][C:\WINDOWS\SOUNDMAN.EXE] [Realtek Semiconductor Corp., 5, 1, 0, 43]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[C:\PROGRA~1\baidu\iexp\BDSrHook.dll] [, 1, 0, 0, 45]
[C:\WINDOWS\system32\HDDGuard.dll] [N/A, ]
[C:\WINDOWS\system32\owckucizyzj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\ryenyfmqj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\bioxgnuwm.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\lryfpwdzx.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\fltajpxwow.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\pniwxf.dll] [N/A, ]
[C:\WINDOWS\system32\AVPSrv.dll] [N/A, ]
[C:\WINDOWS\system32\ptdpif.dll] [N/A, ]
[C:\WINDOWS\system32\lrubxn.dll] [N/A, ]
[C:\WINDOWS\system32\MsIMMs32.dll] [N/A, ]
[C:\WINDOWS\system32\cmdbcs.dll] [N/A, ]
[C:\WINDOWS\system32\ajjjaw.dll] [N/A, ]
[C:\WINDOWS\system32\xowoao.dll] [N/A, ]
[C:\WINDOWS\system32\dfeyxz.dll] [N/A, ]
[PID: 3560 / user][C:\WINDOWS\AGRSMMSG.exe] [Agere Systems, 2.1.49 2.1.49 12/20/2004 15:10:02]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[C:\PROGRA~1\baidu\iexp\BDSrHook.dll] [, 1, 0, 0, 45]
[C:\WINDOWS\system32\HDDGuard.dll] [N/A, ]
[C:\WINDOWS\system32\xowoao.dll] [N/A, ]
[C:\WINDOWS\system32\dfeyxz.dll] [N/A, ]
[C:\WINDOWS\system32\ajjjaw.dll] [N/A, ]
[C:\WINDOWS\system32\fltajpxwow.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\lryfpwdzx.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\cmdbcs.dll] [N/A, ]
[C:\WINDOWS\system32\MsIMMs32.dll] [N/A, ]
[C:\WINDOWS\system32\lrubxn.dll] [N/A, ]
[C:\WINDOWS\system32\ptdpif.dll] [N/A, ]
[C:\WINDOWS\system32\AVPSrv.dll] [N/A, ]
[C:\WINDOWS\system32\bioxgnuwm.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\pniwxf.dll] [N/A, ]
[C:\WINDOWS\system32\ryenyfmqj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\owckucizyzj.dll] [Microsoft Corporation, 5.1.2600.3099]
[PID: 3572 / user][C:\Program Files\AVC Finger-sensing Pad Driver\fscp.exe] [N/A, ]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[C:\PROGRA~1\baidu\iexp\BDSrHook.dll] [, 1, 0, 0, 45]
[C:\WINDOWS\system32\HDDGuard.dll] [N/A, ]
[C:\WINDOWS\system32\owckucizyzj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\ryenyfmqj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\bioxgnuwm.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\lryfpwdzx.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\fltajpxwow.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\pniwxf.dll] [N/A, ]
[C:\WINDOWS\system32\AVPSrv.dll] [N/A, ]
[C:\WINDOWS\system32\ptdpif.dll] [N/A, ]
[C:\WINDOWS\system32\lrubxn.dll] [N/A, ]
[C:\WINDOWS\system32\MsIMMs32.dll] [N/A, ]
[C:\WINDOWS\system32\cmdbcs.dll] [N/A, ]
[C:\WINDOWS\system32\ajjjaw.dll] [N/A, ]
[C:\WINDOWS\system32\xowoao.dll] [N/A, ]
[C:\WINDOWS\system32\dfeyxz.dll] [N/A, ]
[PID: 3588 / user][C:\Program Files\Lenovo\EnergyCut\utilty.exe] [TODO: <Company name>, 1.0.0.1]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[C:\PROGRA~1\baidu\iexp\BDSrHook.dll] [, 1, 0, 0, 45]
[C:\WINDOWS\system32\HDDGuard.dll] [N/A, ]
[C:\WINDOWS\system32\lryfpwdzx.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\fltajpxwow.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\ajjjaw.dll] [N/A, ]
[C:\WINDOWS\system32\xowoao.dll] [N/A, ]
[C:\WINDOWS\system32\dfeyxz.dll] [N/A, ]
[C:\WINDOWS\system32\cmdbcs.dll] [N/A, ]
[C:\WINDOWS\system32\AVPSrv.dll] [N/A, ]
[C:\WINDOWS\system32\ptdpif.dll] [N/A, ]
[C:\WINDOWS\system32\lrubxn.dll] [N/A, ]
[C:\WINDOWS\system32\MsIMMs32.dll] [N/A, ]
[C:\WINDOWS\system32\bioxgnuwm.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\owckucizyzj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\ryenyfmqj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\pniwxf.dll] [N/A, ]
[PID: 3608 / user][C:\Program Files\Lenovo\EnergyCut\EnergyCut.exe] [N/A, ]
[C:\Program Files\Lenovo\EnergyCut\HookLib.dll] [N/A, ]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[C:\PROGRA~1\baidu\iexp\BDSrHook.dll] [, 1, 0, 0, 45]
[C:\WINDOWS\system32\HDDGuard.dll] [N/A, ]
[C:\WINDOWS\system32\xowoao.dll] [N/A, ]
[C:\WINDOWS\system32\dfeyxz.dll] [N/A, ]
[C:\WINDOWS\system32\cmdbcs.dll] [N/A, ]
[C:\WINDOWS\system32\lryfpwdzx.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\fltajpxwow.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\ajjjaw.dll] [N/A, ]
[C:\WINDOWS\system32\lrubxn.dll] [N/A, ]
[C:\WINDOWS\system32\MsIMMs32.dll] [N/A, ]
[C:\WINDOWS\system32\AVPSrv.dll] [N/A, ]
[C:\WINDOWS\system32\ptdpif.dll] [N/A, ]
[C:\WINDOWS\system32\bioxgnuwm.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\ryenyfmqj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\pniwxf.dll] [N/A, ]
[C:\WINDOWS\system32\owckucizyzj.dll] [Microsoft Corporation, 5.1.2600.3099]
[PID: 3708 / user][C:\Program Files\QBU\QkOnBtn.EXE] [Dritek System Inc., 1, 0, 0, 921]
[C:\Program Files\QBU\ComFnUtl.dll] [Dritek System Inc., 1.00]
[C:\Program Files\QBU\Wnd2File.dll] [Dritek System Inc., 3.00]
[C:\Program Files\QBU\SzUPFUtl.dll] [Dritek System Inc., 1.00]
[C:\Program Files\QBU\OSDUtl.dll] [Dritek System Inc., 1, 0, 0, 312]
[C:\Program Files\QBU\RgnMaker.dll] [Dritek System Inc., 12.07.1999 ( VC60 )]
[C:\Program Files\QBU\CDRomUtl.dll] [Dritek System Inc., 1.00]
[C:\Program Files\QBU\MixerUtl.dll] [Dritek System Inc., 1.00]
[C:\Program Files\QBU\LgKCUtl.dll] [Dritek System Inc., 2, 0, 1, 1]
[C:\Program Files\QBU\MMDUtl.dll] [Dritek System Inc., 1, 2, 3, 2719]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[C:\PROGRA~1\baidu\iexp\BDSrHook.dll] [, 1, 0, 0, 45]
莜瞳 - 2008-1-30 19:25:00
[C:\WINDOWS\system32\HDDGuard.dll] [N/A, ]
[C:\WINDOWS\system32\dfeyxz.dll] [N/A, ]
[C:\WINDOWS\system32\xowoao.dll] [N/A, ]
[C:\WINDOWS\system32\ajjjaw.dll] [N/A, ]
[C:\WINDOWS\system32\fltajpxwow.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\lryfpwdzx.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\cmdbcs.dll] [N/A, ]
[C:\WINDOWS\system32\MsIMMs32.dll] [N/A, ]
[C:\WINDOWS\system32\lrubxn.dll] [N/A, ]
[C:\WINDOWS\system32\ptdpif.dll] [N/A, ]
[C:\WINDOWS\system32\AVPSrv.dll] [N/A, ]
[C:\WINDOWS\system32\bioxgnuwm.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\pniwxf.dll] [N/A, ]
[C:\WINDOWS\system32\ryenyfmqj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\owckucizyzj.dll] [Microsoft Corporation, 5.1.2600.3099]
[PID: 3736 / user][C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe] [Cyberlink Corp., 5.00.0000]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[C:\Program Files\CyberLink\Shared Files\CLRCEngine2.dll] [CyberLink Corp., 3.20.0000]
[C:\PROGRA~1\baidu\iexp\BDSrHook.dll] [, 1, 0, 0, 45]
[C:\WINDOWS\system32\HDDGuard.dll] [N/A, ]
[C:\WINDOWS\system32\owckucizyzj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\ryenyfmqj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\bioxgnuwm.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\lryfpwdzx.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\fltajpxwow.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\pniwxf.dll] [N/A, ]
[C:\WINDOWS\system32\AVPSrv.dll] [N/A, ]
[C:\WINDOWS\system32\ptdpif.dll] [N/A, ]
[C:\WINDOWS\system32\lrubxn.dll] [N/A, ]
[C:\WINDOWS\system32\MsIMMs32.dll] [N/A, ]
[C:\WINDOWS\system32\cmdbcs.dll] [N/A, ]
[C:\WINDOWS\system32\ajjjaw.dll] [N/A, ]
[C:\WINDOWS\system32\xowoao.dll] [N/A, ]
[C:\WINDOWS\system32\dfeyxz.dll] [N/A, ]
[PID: 3756 / user][C:\Program Files\lenovo\IGRS\Ext\IgrsSignal.exe] [Lenovo Group Limited, 1, 0,
0, 4]
[C:\WINDOWS\system32\WMCAPI.dll] [Lenovo Group Limited, 2, 0, 2, 19]
[C:\WINDOWS\system32\wmcdrv.dll] [Lenovo Group Limited, 3, 1, 0, 10]
[C:\WINDOWS\system32\wmcinst.dll] [Lenovo Group Limited, 2, 0, 1, 3]
[C:\WINDOWS\system32\igrsrt.dll] [Lenovo Group Limited, 1, 0, 0, 13]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[C:\Program Files\lenovo\IGRS\Ext\IgrsNotifyPS.dll] [N/A, ]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\lenovo\IGRS\Ext\IgrsMonitorPS.dll] [N/A, ]
[C:\PROGRA~1\baidu\iexp\BDSrHook.dll] [, 1, 0, 0, 45]
[C:\WINDOWS\system32\HDDGuard.dll] [N/A, ]
[C:\WINDOWS\system32\owckucizyzj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\ryenyfmqj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\bioxgnuwm.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\lryfpwdzx.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\fltajpxwow.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\pniwxf.dll] [N/A, ]
[C:\WINDOWS\system32\AVPSrv.dll] [N/A, ]
[C:\WINDOWS\system32\ptdpif.dll] [N/A, ]
[C:\WINDOWS\system32\lrubxn.dll] [N/A, ]
[C:\WINDOWS\system32\MsIMMs32.dll] [N/A, ]
[C:\WINDOWS\system32\cmdbcs.dll] [N/A, ]
[C:\WINDOWS\system32\ajjjaw.dll] [N/A, ]
[C:\WINDOWS\system32\xowoao.dll] [N/A, ]
[C:\WINDOWS\system32\dfeyxz.dll] [N/A, ]
[PID: 3784 / user][C:\Program Files\lenovo\IGRS\Ext\IgrsNotify.exe] [Lenovo Group Limited, 1, 0,
0, 8]
[C:\Program Files\lenovo\IGRS\Ext\NotifyUI.dll] [Lenovo Group Limited, 1, 0, 0, 7]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[C:\Program Files\lenovo\IGRS\Ext\IgrsNotifyPS.dll] [N/A, ]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\PROGRA~1\baidu\iexp\BDSrHook.dll] [, 1, 0, 0, 45]
[C:\WINDOWS\system32\HDDGuard.dll] [N/A, ]
[C:\WINDOWS\system32\owckucizyzj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\ryenyfmqj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\bioxgnuwm.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\lryfpwdzx.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\fltajpxwow.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\pniwxf.dll] [N/A, ]
[C:\WINDOWS\system32\AVPSrv.dll] [N/A, ]
[C:\WINDOWS\system32\ptdpif.dll] [N/A, ]
[C:\WINDOWS\system32\lrubxn.dll] [N/A, ]
[C:\WINDOWS\system32\MsIMMs32.dll] [N/A, ]
[C:\WINDOWS\system32\cmdbcs.dll] [N/A, ]
[C:\WINDOWS\system32\ajjjaw.dll] [N/A, ]
[C:\WINDOWS\system32\xowoao.dll] [N/A, ]
[C:\WINDOWS\system32\dfeyxz.dll] [N/A, ]
[PID: 3860 / user][C:\Program Files\lenovo\IGRS EasyShare\IgrsPortal.exe] [Lenovo Group Limited,
1, 0, 3, 32]
[C:\Program Files\lenovo\IGRS EasyShare\IgrsTray.dll] [Lenovo Group Limited, 1, 0, 1, 19]
[C:\WINDOWS\system32\igrsrt.dll] [Lenovo Group Limited, 1, 0, 0, 13]
[C:\Program Files\lenovo\IGRS EasyShare\IgrsIM.dll] [Lenovo Group Limited, 1, 0, 0, 71]
[C:\WINDOWS\system32\IgrsApi.dll] [Lenovo Group Limited, 1.0.0.174]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[C:\Program Files\lenovo\IGRS\Ext\IgrsNotifyPS.dll] [N/A, ]
[C:\Program Files\lenovo\IGRS\Ext\IgrsMonitorPS.dll] [N/A, ]
[C:\PROGRA~1\baidu\iexp\BDSrHook.dll] [, 1, 0, 0, 45]
[C:\WINDOWS\system32\HDDGuard.dll] [N/A, ]
[C:\WINDOWS\system32\cmdbcs.dll] [N/A, ]
[C:\WINDOWS\system32\lryfpwdzx.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\fltajpxwow.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\ajjjaw.dll] [N/A, ]
[C:\WINDOWS\system32\xowoao.dll] [N/A, ]
[C:\WINDOWS\system32\dfeyxz.dll] [N/A, ]
[C:\WINDOWS\system32\owckucizyzj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\ryenyfmqj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\bioxgnuwm.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\pniwxf.dll] [N/A, ]
[C:\WINDOWS\system32\AVPSrv.dll] [N/A, ]
[C:\WINDOWS\system32\ptdpif.dll] [N/A, ]
[C:\WINDOWS\system32\lrubxn.dll] [N/A, ]
[C:\WINDOWS\system32\MsIMMs32.dll] [N/A, ]
[PID: 4076 / user][D:\瑞星\RISING\RAV\RAVMON.EXE] [Beijing Rising Technology Co., Ltd.,
20.0.01.10]
[C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[D:\瑞星\RISING\RAV\ProcCom.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
[D:\瑞星\RISING\RAV\RsCommX2.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
[D:\瑞星\RISING\RAV\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
[D:\瑞星\RISING\RAV\recomp.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 22]
[D:\瑞星\RISING\RAV\refs.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 12]
[D:\瑞星\RISING\RAV\viruslib.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
[D:\瑞星\RISING\RAV\relibldr.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 13]
[D:\瑞星\RISING\RAV\RSAPPMGR.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.0]
[D:\瑞星\RISING\RAV\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.10]
[D:\瑞星\RISING\RAV\MonRule.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.24]
[D:\瑞星\RISING\RAV\PngDll.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4]
[D:\瑞星\RISING\RAV\Rsguilib.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 88]
[D:\瑞星\RISING\RAV\RsXML.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 0]
莜瞳 - 2008-1-30 19:26:00
[C:\PROGRA~1\baidu\iexp\BDSrHook.dll] [, 1, 0, 0, 45]
[C:\WINDOWS\system32\HDDGuard.dll] [N/A, ]
[C:\WINDOWS\system32\xowoao.dll] [N/A, ]
[C:\WINDOWS\system32\dfeyxz.dll] [N/A, ]
[C:\WINDOWS\system32\lryfpwdzx.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\fltajpxwow.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\ajjjaw.dll] [N/A, ]
[C:\WINDOWS\system32\cmdbcs.dll] [N/A, ]
[C:\WINDOWS\system32\MsIMMs32.dll] [N/A, ]
[C:\WINDOWS\system32\ptdpif.dll] [N/A, ]
[C:\WINDOWS\system32\lrubxn.dll] [N/A, ]
[C:\WINDOWS\system32\AVPSrv.dll] [N/A, ]
[C:\WINDOWS\system32\bioxgnuwm.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\pniwxf.dll] [N/A, ]
[C:\WINDOWS\system32\owckucizyzj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\ryenyfmqj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\Fonts\rsjzbpm.dll] [N/A, ]
[PID: 548 / user][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] [RealNetworks, Inc.,
0.1.0.3208]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[C:\PROGRA~1\baidu\iexp\BDSrHook.dll] [, 1, 0, 0, 45]
[C:\WINDOWS\system32\HDDGuard.dll] [N/A, ]
[C:\WINDOWS\system32\owckucizyzj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\ryenyfmqj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\bioxgnuwm.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\lryfpwdzx.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\fltajpxwow.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\pniwxf.dll] [N/A, ]
[C:\WINDOWS\system32\AVPSrv.dll] [N/A, ]
[C:\WINDOWS\system32\ptdpif.dll] [N/A, ]
[C:\WINDOWS\system32\lrubxn.dll] [N/A, ]
[C:\WINDOWS\system32\MsIMMs32.dll] [N/A, ]
[C:\WINDOWS\system32\cmdbcs.dll] [N/A, ]
[C:\WINDOWS\system32\ajjjaw.dll] [N/A, ]
[C:\WINDOWS\system32\xowoao.dll] [N/A, ]
[C:\WINDOWS\system32\dfeyxz.dll] [N/A, ]
[PID: 1212 / user][C:\WINDOWS\system32\RUNDLL32.EXE] [Microsoft Corporation, 5.1.2600.2180
(xpsp_sp2_rtm.040803-2158)]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[C:\PROGRA~1\baidu\iexp\BDSrHook.dll] [, 1, 0, 0, 45]
[C:\WINDOWS\system32\HDDGuard.dll] [N/A, ]
[C:\WINDOWS\system32\owckucizyzj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\ryenyfmqj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\pniwxf.dll] [N/A, ]
[C:\WINDOWS\system32\bioxgnuwm.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\AVPSrv.dll] [N/A, ]
[C:\WINDOWS\system32\ptdpif.dll] [N/A, ]
[C:\WINDOWS\system32\lrubxn.dll] [N/A, ]
[C:\WINDOWS\system32\MsIMMs32.dll] [N/A, ]
[C:\WINDOWS\system32\cmdbcs.dll] [N/A, ]
[C:\WINDOWS\system32\lryfpwdzx.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\fltajpxwow.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\ajjjaw.dll] [N/A, ]
[C:\WINDOWS\system32\xowoao.dll] [N/A, ]
[C:\WINDOWS\system32\dfeyxz.dll] [N/A, ]
[PID: 3096 / user][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180
(xpsp_sp2_rtm.040803-2158)]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[C:\PROGRA~1\baidu\iexp\BDSrHook.dll] [, 1, 0, 0, 45]
[C:\WINDOWS\system32\HDDGuard.dll] [N/A, ]
[C:\WINDOWS\system32\dfeyxz.dll] [N/A, ]
[C:\WINDOWS\system32\xowoao.dll] [N/A, ]
[C:\WINDOWS\system32\ajjjaw.dll] [N/A, ]
[C:\WINDOWS\system32\fltajpxwow.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\lryfpwdzx.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\cmdbcs.dll] [N/A, ]
[C:\WINDOWS\system32\MsIMMs32.dll] [N/A, ]
[C:\WINDOWS\system32\lrubxn.dll] [N/A, ]
[C:\WINDOWS\system32\ptdpif.dll] [N/A, ]
[C:\WINDOWS\system32\AVPSrv.dll] [N/A, ]
[C:\WINDOWS\system32\bioxgnuwm.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\pniwxf.dll] [N/A, ]
[C:\WINDOWS\system32\ryenyfmqj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\owckucizyzj.dll] [Microsoft Corporation, 5.1.2600.3099]
[PID: 3456 / user][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation,
6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[C:\PROGRA~1\baidu\iexp\BDSrHook.dll] [, 1, 0, 0, 45]
[C:\Program Files\lenovo\IGRS EasyShare\IgrsAnywhere.dll] [Lenovo Group Limited, 1, 0, 2, 60]
[D:\下载器\讯雷\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.5.16]
[C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll] [Adobe Systems
Incorporated, 6.0.0.2003051500]
[C:\Progra~1\Baidu\bar\BaiDuBar.dll] [Baidu.com, Inc., 2, 0, 2, 159]
[D:\下载器\讯雷\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 61]
[D:\下载器\讯雷\Components\ResWorker\DsBho_00.dll] [, 1, 0, 0, 17]
[D:\下载器\讯雷\Components\ResWorker\DataProcessor_00.dll] [Thunder Networking
Technologies,LTD, 1, 0, 0, 16]
[c:\program files\google\googletoolbar3.dll] [Google Inc., 4, 0, 1601, 4978]
[C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301,
7164]
[D:\瑞星\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
[C:\WINDOWS\system32\HDDGuard.dll] [N/A, ]
[C:\WINDOWS\system32\owckucizyzj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\ryenyfmqj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\bioxgnuwm.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\lryfpwdzx.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\fltajpxwow.dll] [Microsoft Corporation, 5.1.2600.3099]
莜瞳 - 2008-1-30 19:27:00
[C:\WINDOWS\system32\pniwxf.dll] [N/A, ]
[C:\WINDOWS\system32\AVPSrv.dll] [N/A, ]
[C:\WINDOWS\system32\ptdpif.dll] [N/A, ]
[C:\WINDOWS\system32\lrubxn.dll] [N/A, ]
[C:\WINDOWS\system32\MsIMMs32.dll] [N/A, ]
[C:\WINDOWS\system32\cmdbcs.dll] [N/A, ]
[C:\WINDOWS\system32\ajjjaw.dll] [N/A, ]
[C:\WINDOWS\system32\xowoao.dll] [N/A, ]
[C:\WINDOWS\system32\dfeyxz.dll] [N/A, ]
[PID: 3476 / user][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation,
6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[C:\PROGRA~1\baidu\iexp\BDSrHook.dll] [, 1, 0, 0, 45]
[C:\Program Files\lenovo\IGRS EasyShare\IgrsAnywhere.dll] [Lenovo Group Limited, 1, 0, 2, 60]
[D:\下载器\讯雷\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.5.16]
[C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll] [Adobe Systems
Incorporated, 6.0.0.2003051500]
[C:\Progra~1\Baidu\bar\BaiDuBar.dll] [Baidu.com, Inc., 2, 0, 2, 159]
[D:\下载器\讯雷\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 61]
[D:\下载器\讯雷\Components\ResWorker\DsBho_00.dll] [, 1, 0, 0, 17]
[D:\下载器\讯雷\Components\ResWorker\DataProcessor_00.dll] [Thunder Networking
Technologies,LTD, 1, 0, 0, 16]
[c:\program files\google\googletoolbar3.dll] [Google Inc., 4, 0, 1601, 4978]
[C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301,
7164]
[C:\WINDOWS\system32\HDDGuard.dll] [N/A, ]
[D:\瑞星\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
[C:\WINDOWS\system32\xowoao.dll] [N/A, ]
[C:\WINDOWS\system32\dfeyxz.dll] [N/A, ]
[C:\WINDOWS\system32\fltajpxwow.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\ajjjaw.dll] [N/A, ]
[C:\WINDOWS\system32\lryfpwdzx.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\cmdbcs.dll] [N/A, ]
[C:\WINDOWS\system32\MsIMMs32.dll] [N/A, ]
[C:\WINDOWS\system32\lrubxn.dll] [N/A, ]
[C:\WINDOWS\system32\ptdpif.dll] [N/A, ]
[C:\WINDOWS\system32\AVPSrv.dll] [N/A, ]
[C:\WINDOWS\system32\bioxgnuwm.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\pniwxf.dll] [N/A, ]
[C:\WINDOWS\system32\ryenyfmqj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\owckucizyzj.dll] [Microsoft Corporation, 5.1.2600.3099]
[PID: 476 / user][C:\WINDOWS\system32\conime.exe] [Microsoft Corporation, 5.1.2600.2180
(xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\baidu\iexp\BDSrHook.dll] [, 1, 0, 0, 45]
[C:\WINDOWS\system32\lryfpwdzx.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\fltajpxwow.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\bioxgnuwm.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\ryenyfmqj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\owckucizyzj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\pniwxf.dll] [N/A, ]
[C:\WINDOWS\system32\AVPSrv.dll] [N/A, ]
[C:\WINDOWS\system32\ptdpif.dll] [N/A, ]
[C:\WINDOWS\system32\lrubxn.dll] [N/A, ]
[C:\WINDOWS\system32\MsIMMs32.dll] [N/A, ]
[C:\WINDOWS\system32\cmdbcs.dll] [N/A, ]
[C:\WINDOWS\system32\ajjjaw.dll] [N/A, ]
[C:\WINDOWS\system32\xowoao.dll] [N/A, ]
[C:\WINDOWS\system32\dfeyxz.dll] [N/A, ]
[C:\WINDOWS\system32\HDDGuard.dll] [N/A, ]
[PID: 5792 / user][c:\program files\internet explorer\iexplore.exe] [Microsoft Corporation,
6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\baidu\iexp\BDSrHook.dll] [, 1, 0, 0, 45]
[C:\WINDOWS\system32\owckucizyzj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\ryenyfmqj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\bioxgnuwm.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\lryfpwdzx.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\fltajpxwow.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\Program Files\lenovo\IGRS EasyShare\IgrsAnywhere.dll] [Lenovo Group Limited, 1, 0, 2, 60]
[D:\下载器\讯雷\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.5.16]
[C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll] [Adobe Systems
Incorporated, 6.0.0.2003051500]
[C:\Progra~1\Baidu\bar\BaiDuBar.dll] [Baidu.com, Inc., 2, 0, 2, 159]
[D:\下载器\讯雷\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 61]
[D:\下载器\讯雷\Components\ResWorker\DsBho_00.dll] [, 1, 0, 0, 17]
[D:\下载器\讯雷\Components\ResWorker\DataProcessor_00.dll] [Thunder Networking
Technologies,LTD, 1, 0, 0, 16]
[c:\program files\google\googletoolbar3.dll] [Google Inc., 4, 0, 1601, 4978]
[C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301,
7164]
[C:\WINDOWS\system32\pniwxf.dll] [N/A, ]
[C:\WINDOWS\system32\AVPSrv.dll] [N/A, ]
[C:\WINDOWS\system32\ptdpif.dll] [N/A, ]
[C:\WINDOWS\system32\lrubxn.dll] [N/A, ]
[C:\WINDOWS\system32\MsIMMs32.dll] [N/A, ]
[C:\WINDOWS\system32\cmdbcs.dll] [N/A, ]
[C:\WINDOWS\system32\ajjjaw.dll] [N/A, ]
[C:\WINDOWS\system32\xowoao.dll] [N/A, ]
[C:\WINDOWS\system32\dfeyxz.dll] [N/A, ]
[C:\WINDOWS\system32\HDDGuard.dll] [N/A, ]
[C:\WINDOWS\Fonts\rsjzbpm.dll] [N/A, ]
[D:\瑞星\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
[PID: 5880 / user][C:\WINDOWS\notepad.exe] [Microsoft Corporation, 5.1.2600.2180
(xpsp_sp2_rtm.040803-2158)]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[C:\PROGRA~1\baidu\iexp\BDSrHook.dll] [, 1, 0, 0, 45]
[C:\WINDOWS\system32\owckucizyzj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\ryenyfmqj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\bioxgnuwm.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\lryfpwdzx.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\fltajpxwow.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\pniwxf.dll] [N/A, ]
[C:\WINDOWS\system32\AVPSrv.dll] [N/A, ]
[C:\WINDOWS\system32\ptdpif.dll] [N/A, ]
[C:\WINDOWS\system32\lrubxn.dll] [N/A, ]
[C:\WINDOWS\system32\MsIMMs32.dll] [N/A, ]
[C:\WINDOWS\system32\cmdbcs.dll] [N/A, ]
[C:\WINDOWS\system32\ajjjaw.dll] [N/A, ]
[C:\WINDOWS\system32\xowoao.dll] [N/A, ]
[C:\WINDOWS\system32\dfeyxz.dll] [N/A, ]
[C:\WINDOWS\system32\HDDGuard.dll] [N/A, ]
[C:\WINDOWS\Fonts\rsjzbpm.dll] [N/A, ]
莜瞳 - 2008-1-30 19:28:00
[PID: 5256 / user][D:\下载器\讯雷\Program\Thunder5.exe] [Thunder Networking Technologies,LTD,
5.7.7.435]
[D:\下载器\讯雷\Program\BugReport.dll] [迅雷网络, 1, 0, 1, 4]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[C:\PROGRA~1\baidu\iexp\BDSrHook.dll] [, 1, 0, 0, 45]
[C:\WINDOWS\system32\owckucizyzj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\ryenyfmqj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\bioxgnuwm.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\lryfpwdzx.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\fltajpxwow.dll] [Microsoft Corporation, 5.1.2600.3099]
[D:\下载器\讯雷\Program\TaskManager.dll] [Thunder Networking Technologies,LTD, 1, 3, 1, 56]
[D:\下载器\讯雷\Program\download_interface.dll] [Thunder Networking Technologies,LTD, 2, 21,
2, 213]
[D:\下载器\讯雷\Program\stlport_vc646.dll] [STLport Consulting, Inc., 4.6.2003.1031]
[D:\下载器\讯雷\Program\asyn_dns.dll] [Thunder Networking Technologies,LTD, 2, 21, 2, 213]
[D:\下载器\讯雷\Program\streammedialib.dll] [, 1, 3, 2, 117]
[D:\下载器\讯雷\Program\al.dll] [, 1, 0, 1, 3]
[D:\下载器\讯雷\Program\xldc.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 14]
[D:\下载器\讯雷\Program\bd.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 6]
[D:\下载器\讯雷\Program\XLNet.Dll] [Thunder Networking Technologies,LTD, 1, 3, 4, 18]
[D:\下载器\讯雷\Program\BHOStub.dll] [Thunder Networking Technologies,LTD, 1, 1, 0, 8]
[D:\下载器\讯雷\Components\DownAndPlay\DownAndPlay.dll] [, 1, 0, 8, 26]
[C:\WINDOWS\system32\pniwxf.dll] [N/A, ]
[C:\WINDOWS\system32\AVPSrv.dll] [N/A, ]
[C:\WINDOWS\system32\ptdpif.dll] [N/A, ]
[C:\WINDOWS\system32\lrubxn.dll] [N/A, ]
[C:\WINDOWS\system32\MsIMMs32.dll] [N/A, ]
[C:\WINDOWS\system32\cmdbcs.dll] [N/A, ]
[C:\WINDOWS\system32\ajjjaw.dll] [N/A, ]
[C:\WINDOWS\system32\xowoao.dll] [N/A, ]
[C:\WINDOWS\system32\dfeyxz.dll] [N/A, ]
[C:\WINDOWS\system32\HDDGuard.dll] [N/A, ]
[D:\下载器\讯雷\Program\iTargetAD.dll] [Thunder Networking Technologies,LTD, 1, 0, 3, 34]
[C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx] [Adobe Systems, Inc., 9,0,47,0]
[C:\WINDOWS\Fonts\rsjzbpm.dll] [N/A, ]
[D:\瑞星\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
[C:\Program Files\lenovo\IGRS EasyShare\IgrsAnywhere.dll] [Lenovo Group Limited, 1, 0, 2, 60]
[D:\下载器\讯雷\Components\InMedia\iEmbedShell.dll] [ , 1, 0, 2, 24]
[D:\下载器\讯雷\Components\InMedia\iEmbed15.dll] [Thunder Networking Technologies,LTD, 3, 4,
6, 99]
[D:\下载器\讯雷\Components\InMedia\PlayerHelper.dll] [thunder, 1, 1, 4, 37]
[D:\下载器\讯雷\Components\InMedia\XLNet.dll] [Thunder Networking Technologies,LTD, 1, 3, 4,
18]
[D:\下载器\讯雷\Components\InMedia\XLIPC.DLL] [Thunder Networking Technologies,LTD, 1, 0, 0,
2]
[D:\下载器\讯雷\Components\P4PClient\P4PClient.dll] [Thunder Networking Technologies,LTD, 2,
2, 5, 70]
[D:\下载器\讯雷\Components\Community\XLCommunity.dll] [Thunder Networking Technologies,LTD, 1,
5, 0, 16]
[D:\下载器\讯雷\Program\RegisterDll.dll] [Thunder Networking Technologies,LTD, 2, 16, 5, 63]
[D:\下载器\讯雷\Program\MSVCIRT.dll] [Microsoft Corporation, 7.0.2600.2180
(xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\OAA_OAA_1009.dll] [N/A, ]
[C:\WINDOWS\system32\IGB_CQSJ_1018.dll] [N/A, ]
[C:\WINDOWS\system32\IGB_TMZ_1025.dll] [N/A, ]
[D:\下载器\讯雷\Components\Security\ThunderSafe.dll] [深圳市迅雷网络技术有限公司, 1, 0, 7, 71]
[D:\下载器\讯雷\Program\ATL71.DLL] [Microsoft Corporation, 7.10.3077.0]
[D:\下载器\讯雷\Components\Security\XLSafeUI.dll] [深圳市迅雷网络技术有限公司, 1, 0, 7, 71]
[D:\下载器\讯雷\Components\Search\XLSearch.dll] [Thunder Networking Technologies,LTD, 1, 1, 6,
20]
[D:\下载器\讯雷\Program\LiveUpdate.dll] [Thunder Networking Technologies,LTD, 1, 2, 2, 22]
[D:\下载器\讯雷\Plugins\XLSafeHost\XLSafeHost.dll] [深圳市迅雷网络技术有限公司, 1, 0, 7, 57]
[D:\下载器\讯雷\Plugins\XLSafeHost\ThunderRAV\ThunderRAV.dll] [N/A, ]
[D:\下载器\讯雷\Plugins\XLSafeHost\ThunderRAV\bin\rsscan.dll] [Beijing Rising Technology Co.,
Ltd., 20, 0, 0, 3]
[D:\下载器\讯雷\Plugins\XLSafeHost\ThunderRAV\bin\recomp.dll] [Beijing Rising Technology Co.,
Ltd., 20, 0, 0, 22]
[D:\下载器\讯雷\Plugins\XLSafeHost\ThunderRAV\bin\refs.dll] [Beijing Rising Technology Co.,
Ltd., 20, 0, 0, 12]
[D:\下载器\讯雷\Plugins\XLSafeHost\ThunderRAV\bin\viruslib.dll] [Beijing Rising Technology
Co., Ltd., 20, 0, 0, 16]
[D:\下载器\讯雷\Plugins\XLSafeHost\ThunderRAV\bin\relibldr.dll] [Beijing Rising Technology
Co., Ltd., 20, 0, 0, 13]
[D:\下载器\讯雷\Plugins\KanKanTop\KanKanTop.dll] [Thunder Networking Technologies,LTD, 1, 0,
0, 2]
[D:\下载器\讯雷\Components\ExplorerHelper\ExplorerHelper.dll] [Thunder Networking
Technologies,LTD, 1, 0, 4, 16]
[D:\下载器\讯雷\ComDlls\ThunderAgent_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 4,
23]
[D:\下载器\讯雷\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 61]
[D:\下载器\讯雷\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.5.16]
[D:\下载器\讯雷\Components\Tips\TipsClient.dll] [Thunder Networking Technologies,LTD, 2, 2,
11, 106]
[D:\下载器\讯雷\Components\VPSHELL\VPSHELL.dll] [迅雷网络, 3, 0, 1, 32]
[D:\下载器\讯雷\Components\UserExperience\UserExperience.dll] [Thunder Networking
Technologies,LTD, 1, 0, 0, 1]
[D:\下载器\讯雷\Components\ResWorker\DsXlCom.dll] [, 1, 0, 0, 28]
[D:\下载器\讯雷\Components\ResWorker\DataProcessor_00.dll] [Thunder Networking
Technologies,LTD, 1, 0, 0, 16]
[D:\下载器\讯雷\Components\ResWorker\MediaWorker.dll] [Thunder Networking Technologies,LTD, 1,
2, 0, 22]
[C:\WINDOWS\system32\msdmo.dll] [, ]
[D:\下载器\讯雷\Components\Tips\XLIPC.DLL] [Thunder Networking Technologies,LTD, 1, 0, 0, 2]
[D:\下载器\讯雷\Components\DownloadStat\DownloadStat.dll] [深圳市迅雷网络技术有限公司, 1, 3,
1, 4]
[PID: 1676 / user][c:\windows\notepad.exe] [Microsoft Corporation, 5.1.2600.2180
(xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\baidu\iexp\BDSrHook.dll] [, 1, 0, 0, 45]
[C:\WINDOWS\system32\owckucizyzj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\ryenyfmqj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\bioxgnuwm.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\lryfpwdzx.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\fltajpxwow.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\pniwxf.dll] [N/A, ]
[C:\WINDOWS\system32\AVPSrv.dll] [N/A, ]
[C:\WINDOWS\system32\ptdpif.dll] [N/A, ]
[C:\WINDOWS\system32\lrubxn.dll] [N/A, ]
[C:\WINDOWS\system32\MsIMMs32.dll] [N/A, ]
[C:\WINDOWS\system32\cmdbcs.dll] [N/A, ]
[C:\WINDOWS\system32\ajjjaw.dll] [N/A, ]
[C:\WINDOWS\system32\xowoao.dll] [N/A, ]
[C:\WINDOWS\system32\dfeyxz.dll] [N/A, ]
[C:\WINDOWS\system32\HDDGuard.dll] [N/A, ]
[C:\WINDOWS\Fonts\rsjzbpm.dll] [N/A, ]
[PID: 348 / user][D:\aa\sreng2\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
[c:\program files\rising\rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10]
[c:\program files\rising\rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4]
[C:\PROGRA~1\baidu\iexp\BDSrHook.dll] [, 1, 0, 0, 45]
[C:\WINDOWS\system32\owckucizyzj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\ryenyfmqj.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\bioxgnuwm.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\lryfpwdzx.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\fltajpxwow.dll] [Microsoft Corporation, 5.1.2600.3099]
[C:\WINDOWS\system32\pniwxf.dll] [N/A, ]
[C:\WINDOWS\system32\AVPSrv.dll] [N/A, ]
[C:\WINDOWS\system32\ptdpif.dll] [N/A, ]
[C:\WINDOWS\system32\lrubxn.dll] [N/A, ]
[C:\WINDOWS\system32\MsIMMs32.dll] [N/A, ]
[C:\WINDOWS\system32\cmdbcs.dll] [N/A, ]
[C:\WINDOWS\system32\ajjjaw.dll] [N/A, ]
[C:\WINDOWS\system32\xowoao.dll] [N/A, ]
[C:\WINDOWS\system32\dfeyxz.dll] [N/A, ]
[C:\WINDOWS\system32\HDDGuard.dll] [N/A, ]
[C:\WINDOWS\Fonts\rsjzbpm.dll] [N/A, ]
[D:\aa\sreng2\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
莜瞳 - 2008-1-30 19:28:00
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1 localhost
==================================
进程特权扫描
特殊特权被允许: SeDebugPrivilege [PID = 1888, C:\WINDOWS\SYSTEM32\USERINIT.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 3572, C:\PROGRAM FILES\AVC FINGER-SENSING PAD
DRIVER\FSCP.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3572, C:\PROGRAM FILES\AVC FINGER-SENSING PAD
DRIVER\FSCP.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 3588, C:\PROGRAM FILES\LENOVO\ENERGYCUT\UTILTY.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3588, C:\PROGRAM FILES\LENOVO\ENERGYCUT\UTILTY.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 3608, C:\PROGRAM FILES\LENOVO\ENERGYCUT\ENERGYCUT.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3608, C:\PROGRAM
FILES\LENOVO\ENERGYCUT\ENERGYCUT.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 3708, C:\PROGRAM FILES\QBU\QKONBTN.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3708, C:\PROGRAM FILES\QBU\QKONBTN.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 3736, C:\PROGRAM FILES\CYBERLINK\POWERDVD\PDVDSERV.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3736, C:\PROGRAM
FILES\CYBERLINK\POWERDVD\PDVDSERV.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 3756, C:\PROGRAM FILES\LENOVO\IGRS\EXT\IGRSSIGNAL.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3756, C:\PROGRAM
FILES\LENOVO\IGRS\EXT\IGRSSIGNAL.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 3784, C:\PROGRAM FILES\LENOVO\IGRS\EXT\IGRSNOTIFY.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3784, C:\PROGRAM
FILES\LENOVO\IGRS\EXT\IGRSNOTIFY.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 3860, C:\PROGRAM FILES\LENOVO\IGRS
EASYSHARE\IGRSPORTAL.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3860, C:\PROGRAM FILES\LENOVO\IGRS
EASYSHARE\IGRSPORTAL.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 548, C:\PROGRAM FILES\COMMON
FILES\REAL\UPDATE_OB\REALSCHED.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 548, C:\PROGRAM FILES\COMMON
FILES\REAL\UPDATE_OB\REALSCHED.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 5256, D:\下载器\讯雷\PROGRAM\THUNDER5.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 5256, D:\下载器\讯雷\PROGRAM\THUNDER5.EXE]
==================================
API HOOK
入口点错误:CreateProcessA (危险等级: 高, 被下面模块所HOOK: 0x00E8212D)
入口点错误:CreateProcessW (危险等级: 高, 被下面模块所HOOK: 0x00E82215)
==================================
隐藏进程
N/A
==================================
[/CODE]
1
© 2000 - 2026 Rising Corp. Ltd.