瑞星卡卡安全论坛
safhsdyhfgdsagyg - 2008-3-1 13:13:00
各位高手:
非常感谢您留心我这份系统诊断报告,小菜鸟十万火急等待您的帮助!
该诊断报告由360安全卫士提供 http://www.360safe.com
诊断时间: 2008-03-01 13:05:08
诊断平台: Microsoft Windows XP Service Pack 2
IE版本: Internet Explorer V6.0.2900.2180 Build:62900.2180
计算机物理内存:255.49MB - 当前可用内存:62.70MB
O6 - 低危险 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel
100 - 未知 - Process: WgaTray.exe [Windows 正版增值计划通知] - C:\windows\system32\WgaTray.exe
100 - 未知 - Process: CameraFixer.exe [CameraFixer MFC Application] - C:\WINDOWS\CameraFixer.exe
100 - 未知 - Process: RavTask.exe [RavTimer] - G:\Program Files\Rising\Rav\RavTask.exe
100 - 未知 - Process: QQ.exe [QQ] - G:\新建文件夹\QQ.exe
100 - 未知 - Process: TXPlatform.exe [TM2008] - G:\新建文件夹\TXPlatform.exe
100 - 未知 - Process: QQPenguin.exe [QQ宠物] - G:\新建文件夹\qqpet\QQPenguin\QQPenguin.exe 514401010A00041200BDA8B9B2BD8C9F8C80B2899AA58C8389818804000000F4030400040F00A0B5A4AFA091829
100 - 未知 - Process: RavCopy.exe [RavCopy] - G:\Program Files\Rising\Rav\CopyRun\RavCopy.exe
100 - 未知 - Process: Setup.exe [Rising Installation Program] - G:\PROGRAM FILES\RISING\RAV\Update\Setup.exe
R0 - 未知 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL=about:blank
O1 - 未知 - Host: 127.0.0.1 yu.8s7.net
O1 - 未知 - Host: 127.0.0.1 1.jopanqc.com
O1 - 未知 - Host: 127.0.0.1 2.joppnqq.com
O1 - 未知 - Host: 127.0.0.1 wg.47255.com
O1 - 未知 - Host: 127.0.0.1 1.joppnqq.com
O1 - 未知 - Host: 127.0.0.1 xxx.m111.biz
O1 - 未知 - Host: 127.0.0.1 1.jopenqc.com
O1 - 未知 - Host: 127.0.0.1 1.jopenkk.com
O1 - 未知 - Host: 127.0.0.1 xxx.vh7.biz
O1 - 未知 - Host: 127.0.0.1 xxx.j41m.com
O1 - 未知 - Host: 127.0.0.1 3.joppnqq.com
O1 - 未知 - Host: 127.0.0.1 d.93se.com
O1 - 未知 - Host: 127.0.0.1 www.868wg.com
O1 - 未知 - Host: 127.0.0.1 xxx.mmma.biz
O1 - 未知 - Host: 127.0.0.1 ilove.com
O1 - 未知 - Host: 127.0.0.1 tp.shpzhan.cn
O1 - 未知 - Host: 127.0.0.1 www.tomwg.com
O1 - 未知 - Host: 127.0.0.1 www.cike007.cn
O1 - 未知 - Host: 127.0.0.1 www.22aaa.com
O1 - 未知 - Host: 127.0.0.1 xx.exiao01.com
O1 - 未知 - Host: 127.0.0.1 www.exiao01.com
O1 - 未知 - Host: 127.0.0.1 www.exiao01.com
O1 - 未知 - Host: 127.0.0.1 new.749571.com
O1 - 未知 - Host: 127.0.0.1 xtx.kv8.info
O1 - 未知 - Host: 127.0.0.1 cao.kv8.info
O1 - 未知 - Host: 127.0.0.1 1.jopmmqq.com
O1 - 未知 - Host: 127.0.0.1 171817.171817.com
O1 - 未知 - Host: 127.0.0.1 d2.llsging.com
O1 - 未知 - Host: 127.0.0.1 down.malasc.cn
O1 - 未知 - Host: 127.0.0.1 llboss.com
O1 - 未知 - Host: 127.0.0.1 nx.51ylb.cn
O1 - 未知 - Host: 127.0.0.1 my.531jx.cn
O1 - 未知 - Host: 127.0.0.1 qqq.dzydhx.com
O1 - 未知 - Host: 127.0.0.1 qqq.hao1658.com
O1 - 未知 - Host: 127.0.0.1 www.333292.com
O1 - 未知 - Host: 127.0.0.1 down.18dd.net
O1 - 未知 - Host: 127.0.0.1 up.22x44.com
O2 - 未知 - BHO: (浏览器辅助对象(BHO)) - [无效的CLSID:RsAutorunsDisabled] - RsAutorunsDisabled -
O2 - 未知 - BHO: (ThunderAtOnce Class) - [迅雷浏览器高级特性支持模块] - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - F:\迅雷\ComDlls\TDAtOnce_Now.dll
O3 - 未知 - Toolbar: (第三方IE工具栏) - [无效的CLSID:{1E796980-9CC5-11D1-A83F-00C04FC99D61}] - {1E796980-9CC5-11D1-A83F-00C04FC99D61} -
O4 - 未知 - HKLM\..\Run: [CameraFixer] [CameraFixer MFC Application] C:\WINDOWS\CameraFixer.exe
O4 - 未知 - HKLM\..\RunOnce: [KKDelay] [RunOnce Application] C:\Program Files\Rising\KakaToolBar\RunOnce.exe
O4 - 未知 - Startup folder: [adsl.lnk] [] C:\Documents and Settings\liu\「开始」菜单\程序\启动\adsl.lnk
O8 - 未知 - Extra context menu item: 使用迅雷下载 - F:\迅雷\Program\geturl.htm
O8 - 未知 - Extra context menu item: 使用迅雷下载全部链接 - F:\迅雷\Program\getallurl.htm
O8 - 未知 - Extra context menu item: 添加到QQ表情 - G:\新建文件夹\AddEmotion.htm
O9 - 未知 - Extra button: 启动迅雷5(HKLM) - F:\迅雷\Thunder.exe
O9 - 未知 - Extra button: 金山网页防挂马模块设置(HKLM) - G:\Kingsoft Antispy\IEBuddyExt.DLL
O9 - 未知 - Extra button: 东方卫士工具条(HKLM) - F:\Hercules\DFVSIEBR2.dll
O9 - 未知 - Extra button: 东方卫士(HKLM) -
O11 - 未知 - Options Group: Java (Sun)
O15 - 未知 - Trusted Zone: http:localhost
O16 - 未知 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - 未知 - DPF: {2375BEE5-F175-4F1C-81EC-8E4E2E72E2DD} (PhotoDraw) - http://qz-photo.qq.com/qzone_v4/QzoneMediaTools.cab
O16 - 未知 - DPF: {3F618E1F-D981-4905-A757-4D237441B5B3} (GolfInstallCheck2) - http://download.ourgame.com/GolfInstallCheck2.cab
O16 - 未知 - DPF: {BE9535B7-76FB-4572-AD20-B32BADB3643B} (TV Stream Source) - http://image2.sina.com.cn/cctv/Chaos203b.cab
O16 - 未知 - DPF: {C09B522F-8AED-4E21-A65C-DC1AB652BAEE} (Tencent Safety Online Base Module) - http://safe.qq.com/cgi-bin/tso/TSOBase.ocx
O16 - 未知 - DPF: {C661F36D-DF85-4EF4-83C7-E107B83D04B1} (WebActivater Control) - http://dl_dir.qq.com/3dshow/3DShowVM.cab
O16 - 未知 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} (Java Plug-in 1.4.2_05) - http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
[用户系统信息]Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
safhsdyhfgdsagyg - 2008-3-1 13:15:00
O16 - 未知 - DPF: {E847C78C-C210-4195-8799-FBF3BF89797D} (金山毒霸在线产品升级) - http://www.duba.net/cab/KOSInit.cab
O16 - 未知 - DPF: {F138084D-84D7-48CD-BEA8-04772457516E} (VqqSpeedDlProxy) - http://218.85.138.27/vqqsdl1009.cab
O21 - 未知 - Protocol Icons: HKCR\htmlfile\shell\open\command - "G:\新建文件夹\TTraveler.exe" "%1"
O22 - 未知 - Filename Extention: .hlp - winhlp32.exe %1
O23 - 未知 - Service: beorsyb [beorsyb] - C:\PROGRA~1\COMMON~1\oeoryyb\oeoryyb.dll - (not running)
O23 - 未知 - Service: RsCCenter [Rising Process Communication Center] - "G:\Program Files\Rising\Rav\CCenter.exe" - (running)
O23 - 未知 - Service: RsRavMon [Rising RealTime Monitor] - "G:\PROGRAM FILES\RISING\RAV\Ravmond.exe" - (not running)
O23 - 未知 - Service: vjjh [Vsn vjjh Service] - C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\COMMON~1\bppn\iwwu.dll,Service - (not running)
O23 - 未知 - Service: WMConnectCDS [使用“通用即插即用”与媒体设备共享媒体] - C:\Program Files\Windows Media Connect 2\wmccds.exe - (not running)
=======================================
100 - 安全 - Process: smss.exe [进程为会话管理子系统用以初始化系统变量,ms-dos驱动名称类似lpt1以及com,调用win32壳子系统和运行在windows登陆过程。] - C:\windows\System32\smss.exe
100 - 安全 - Process: csrss.exe [客户端服务子系统,用以控制windows图形相关子系统。] - C:\windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=base
100 - 安全 - Process: winlogon.exe [windows nt用户登陆程序。] - C:\windows\system32\winlogon.exe
100 - 安全 - Process: services.exe [用于管理windows服务系统进程。] - C:\windows\system32\services.exe
100 - 安全 - Process: lsass.exe [本地安全权限服务控制windows安全机制。] - C:\windows\system32\lsass.exe
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\windows\system32\svchost -k DcomLaunch
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\windows\system32\svchost -k rpcss
100 - 安全 - Process: CCenter.exe [瑞星杀毒软件控制台相关程序。] - G:\Program Files\Rising\Rav\CCenter.exe
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\windows\System32\svchost.exe -k netsvcs
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\windows\system32\svchost.exe -k LocalService
100 - 安全 - Process: spoolsv.exe [windows打印任务控制程序,用以打印机就绪。] - C:\windows\system32\spoolsv.exe
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\windows\system32\svchost.exe -k imgsvc
100 - 安全 - Process: jusched.exe [用于检测sun的站点是否有更新的java版本的提醒软件。] - C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
100 - 安全 - Process: soundman.exe [一个软声卡控制台软件。] - C:\windows\SOUNDMAN.EXE
100 - 安全 - Process: wdfmgr.exe [windows media player播放器相关程序。] - C:\WINDOWS\system32\wdfmgr.exe
100 - 安全 - Process: IEXPLORE.EXE [microsoft internet explorer浏览器用于浏览网页。] - C:\Program Files\Internet Explorer\iexplore.exe
100 - 安全 - Process: conime.exe [console ime ime输入法控制台软件。] - C:\windows\system32\conime.exe
100 - 安全 - Process: explorer.exe [windows program manager或者windows explorer用于控制windows图形shell,包括开始菜单、任务栏,桌面和文件管理。] - C:\windows\explorer.exe
100 - 安全 - Process: 360安全卫士诊断工具.exe [诊断报告工具] - C:\Documents and Settings\liu\桌面\杀毒工具\360安全卫士诊断工具.exe
O2 - 安全 - BHO: (QQCycloneHelper Class) - [腾讯出品的超级旋风下载组件相关文件。] - {00000000-12C9-4305-82F9-43058F20E8D2} - C:\Program Files\Tencent\QQDownload\QQIEHelper01.dll
O2 - 安全 - BHO: (Thunder Browser Helper) - [迅雷附带下载监视器相关文件。] - {889D2FEB-5411-4565-8998-1DD2C5261283} - F:\迅雷\ComDlls\xunleiBHO_Now.dll
O3 - 安全 - Toolbar: (第三方IE工具栏) - [FlashGet IE工具条。] - {E0E899AB-F487-11D5-8D29-0050BA6940E3} -
O3 - 安全 - Toolbar: (卡卡上网安全助手) - [卡卡安全助手工具条软件相关程序。] - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\windows\system32\KakaTool.dll
O4 - 安全 - HKLM\..\Run: [IMJPMIG8.1] [微软Microsoft输入法编辑器程序。] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 安全 - HKLM\..\Run: [SunJavaUpdateSched] [java升级相关软件。] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - 安全 - HKLM\..\Run: [TkBellExe] [是Real Networks产品定时升级检测程序。] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - 安全 - HKLM\..\Run: [RavTask] [瑞星杀毒软件的任务计划程序。] "G:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 安全 - HKLM\..\Run: [runeip] [卡卡上网安全助手相关程序。] "C:\Program Files\Rising\KakaToolBar\runiep.exe" /startup
O4 - 安全 - HKLM\..\Run: [Thunder] [迅雷下载器软件相关程序。] "F:\迅雷\Thunder.exe" /s
O4 - 安全 - HKLM\..\Run: [SoundMan] [Realtek声卡相关程序。] SOUNDMAN.EXE
O4 - 安全 - HKLM\..\RunOnce: [Rav] [瑞星杀毒软件。] "G:\Program Files\Rising\Rav\Update\Setup.exe" /UPDATE /S /ONCE
O4 - 安全 - Startup folder: [腾讯QQ.lnk] [qq:即时通讯软件] C:\Documents and Settings\liu\「开始」菜单\程序\启动\腾讯QQ.lnk
O16 - 安全 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in) - http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
O16 - 安全 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Flash播放器) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - 安全 - DPF: {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (瑞星免费在线查毒插件) - http://download.rising.com.cn/register/pcver/autoupgradepad/pcver2006new/OL2006.cab
O18 - 安全 - Protocol: DuDu网络协议处理器 - {7DEE9D05-FA0A-4416-A6F3-6537D0EAB6A6} - C:\WINDOWS\system32\mbprot.dll
O21 - 安全 - Protocol Icons: HKCR\http\shell\open\command - C:\PROGRA~1\MOZILL~1\FIREFOX.EXE -url "%1"
O21 - 安全 - Protocol Icons: HKCR\ftp\shell\open\command - C:\PROGRA~1\MOZILL~1\FIREFOX.EXE -url "%1"
O21 - 安全 - Protocol Icons: HKCR\https\shell\open\command - C:\PROGRA~1\MOZILL~1\FIREFOX.EXE -url "%1"
O21 - 安全 - Protocol Icons: HKCR\http\DefaultIcon - C:\PROGRA~1\MOZILL~1\FIREFOX.EXE,1
O21 - 安全 - Protocol Icons: HKCR\ftp\DefaultIcon - C:\PROGRA~1\MOZILL~1\FIREFOX.EXE,1
O21 - 安全 - Protocol Icons: HKCR\https\DefaultIcon - C:\PROGRA~1\MOZILL~1\FIREFOX.EXE,1
O22 - 安全 - Filename Extention: FIREFOX第三方浏览器 - FirefoxHTML
O22 - 安全 - Filename Extention: FIREFOX第三方浏览器 - FirefoxHTML
=======================================
O31 - 未知 - SEApproved: {42071714-76d4-11d1-8b24-00a0c9068ff3} - deskpan.dll - - - - 0 -
O31 - 未知 - SEApproved: 无效的CLSID:Shell extensions for file compression - - - - - 0 -
O31 - 未知 - SEApproved: 无效的CLSID:加密上下文菜单 - - - - - 0 -
O31 - 未知 - SEApproved: {0DF44EAA-FF21-4412-828E-260A8728E7F1} - - - - - 0 -
safhsdyhfgdsagyg - 2008-3-1 13:15:00
O31 - 未知 - SEApproved: {00E7B358-F65B-4dcf-83DF-CD026B94BFD4} - - - - - 0 -
O31 - 未知 - SEApproved: {7A9D77BD-5403-11d2-8785-2E0420524153} - - - - - 0 -
O31 - 未知 - SEApproved: {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} - C:\Program Files\Real\RealPlayer\rpshell.dll - RealNetworks, Inc. - RealPlayer Shell Extensions - 1.0.1.2021 - 49198 - 18a19d75c6d5e3a3b899f5f6564fa817
O31 - 未知 - SEApproved: {59850401-6664-101B-B21C-00AA004BA90B} - C:\PROGRA~1\MICROS~2\Office\2052\UNBIND.DLL - Microsoft Corporation - “Microsoft Office 活页夹”文档拆散程序 - 9.0.0.2720 - 32768 - 4da4e58f52d5adb711b91ced08912213
O31 - 未知 - SEApproved: {0006F045-0000-0000-C000-000000000046} - C:\PROGRA~1\MICROS~2\Office\OLKFSTUB.DLL - Microsoft Corporation - Microsoft Outlook Shell Hook for Start/Find - 9.0.0.2416 - 49202 - aea9e41eed49e0b95d9d5078fc84d8e6
O31 - 未知 - SEApproved: {BAB470F3-592A-4BD2-94A2-0CF123E768BD} - F:\ske\contmenu.dll - - - - 56832 - 5f635161a9494952faf6b64f91a60fd5
O31 - 未知 - SEApproved: {1D2680C9-0E2A-469d-B787-065558BC7D43} - C:\WINDOWS\system32\mscoree.dll - Microsoft Corporation - Microsoft .NET Runtime Execution Engine - 1.1.4322.573 - 155648 - 4c702aea1c11d15c176c2c276d0907dd
O31 - 未知 - SEApproved: {B41DB860-8EE4-11D2-9906-E49FADC173CA} - F:\刘召港专用文档\rarext.dll - - - - 119808 - 220ef3d407a71f851a7c0deb3a0394c3
O31 - 未知 - SEApproved: 无效的CLSID:粉碎文件 - - - - - 0 -
O31 - 未知 - SEApproved: {E0D79304-84BE-11CE-9641-444553540000} - F:\WINZIP\WZSHLSTB.DLL - WinZip Computing, Inc. - WinZip Shell Extension DLL - 4.1.0.0 - 5120 - 66da6f6a67d238721a3fceb70c8dc2d0
O31 - 未知 - SEApproved: {E0D79305-84BE-11CE-9641-444553540000} - F:\WINZIP\WZSHLSTB.DLL - WinZip Computing, Inc. - WinZip Shell Extension DLL - 4.1.0.0 - 5120 - 66da6f6a67d238721a3fceb70c8dc2d0
O31 - 未知 - SEApproved: {E0D79306-84BE-11CE-9641-444553540000} - F:\WINZIP\WZSHLSTB.DLL - WinZip Computing, Inc. - WinZip Shell Extension DLL - 4.1.0.0 - 5120 - 66da6f6a67d238721a3fceb70c8dc2d0
O31 - 未知 - SEApproved: {E0D79307-84BE-11CE-9641-444553540000} - F:\WINZIP\WZSHLSTB.DLL - WinZip Computing, Inc. - WinZip Shell Extension DLL - 4.1.0.0 - 5120 - 66da6f6a67d238721a3fceb70c8dc2d0
O31 - 未知 - SEApproved: 无效的CLSID: - - - - - 0 -
O31 - 未知 - SEApproved: 无效的CLSID:Foxy - - - - - 0 -
O31 - 未知 - Directory Menu: {BAB470F3-592A-4BD2-94A2-0CF123E768BD} - F:\ske\contmenu.dll - - - - 56832 - 5f635161a9494952faf6b64f91a60fd5
O31 - 未知 - Directory Menu: {B41DB860-8EE4-11D2-9906-E49FADC173CA} - F:\刘召港专用文档\rarext.dll - - - - 119808 - 220ef3d407a71f851a7c0deb3a0394c3
O31 - 未知 - Directory Menu: {E0D79304-84BE-11CE-9641-444553540000} - F:\WINZIP\WZSHLSTB.DLL - WinZip Computing, Inc. - WinZip Shell Extension DLL - 4.1.0.0 - 5120 - 66da6f6a67d238721a3fceb70c8dc2d0
O31 - 未知 - BootExecute: bsmain - - - - 0 -
O31 - 未知 - BootExecute: KNative.exe - - - - 0 -
O31 - 未知 - LSA: Security Packages - sv1_0.dll - - - - 0 -
O31 - 未知 - LSA: Security Packages - channel.dll - - - - 0 -
=======================================
O40 - winlogon.exe - 北京清华紫光软件股份有限公司 - C:\windows\system32\upengine.dll - 紫光拼音输入法引擎 - 57f23e2b283da94fd79195859351be10
O40 - explorer.exe - 北京清华紫光软件股份有限公司 - C:\windows\system32\upengine.dll - 紫光拼音输入法引擎 - 57f23e2b283da94fd79195859351be10
O40 - explorer.exe - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\KakaToolBar\ieprot.dll - IE Protector - c03fc56e7d933a2478f65ddb371353bb
O40 - explorer.exe - Beijing Rising Technology Co., Ltd. - C:\windows\system32\KakaTool.dll - Rising AntiSpyware Toolbar - 5509c97c9ebdfb4b297f3357b225e7d1
O40 - explorer.exe - - F:\迅雷\Components\ResWorker\DsBho_01.dll - DsBho - 0b48495affc8b146f18b196f63bae41c
O40 - explorer.exe - Thunder Networking Technologies,LTD - F:\迅雷\Components\ResWorker\DataProcessor_01.dll - DataProcessor - 0ab42ab02efbaa96afa49960dd0e6ea3
O40 - explorer.exe - 奇虎网 - F:\360safe\safemon\safemon.dll - 360安全卫士实时保护模块 - 50d7a08e437e4924f39fee78a91c93b9
=======================================
O41 - 360AntiArp - 360AntiARP - C:\WINDOWS\system32\drivers\360AntiArp.sys - (running) - 360AntiARP - 奇虎网 - d9b35fe7ef8fc06069a026a56351faa3
O41 - BaseTDI - basetdi - C:\WINDOWS\system32\drivers\basetdi.sys - (running) - basetdi - Beijing Rising Technology Co., Ltd. - 0064810c1b03f2c889130b669a4ce937
O41 - npkcrypt - nProtect KeyCrypt Driver - G:\新建文件夹\npkcrypt.sys - (running) - nProtect KeyCrypt Driver - INCA Internet Co., Ltd. - 8bcb281a2540e7aff0cd00f9878fe21f
O41 - prodrv06 - StarForce Protection Environment Driver - C:\WINDOWS\system32\drivers\prodrv06.sys - (running) - StarForce Protection Environment Driver - StarForce Technologies, Inc. - 6c1f735ac47dd97369cba67400fe2d75
O41 - prohlp02 - StarForce Protection Helper Driver - C:\WINDOWS\system32\drivers\prohlp02.sys - (running) - StarForce Protection Helper Driver - StarForce Technologies, Inc. - ca0193b2b57da95cc6310b833e1ee965
O41 - prosync1 - StarForce Protection Synchronization Driver - C:\WINDOWS\system32\drivers\prosync1.sys - (running) - StarForce Protection Synchronization Driver - StarForce Technologies, Inc. - cc3d1bb199cbb576b0fbaaba626b6714
O41 - QKeyService - KeyCrypt - C:\WINDOWS\system32\KeyCrypt.sys - (running) - KeyCrypt - Tencent Technology (Shenzhen) Company Limited - aaf7625ba1cd1047a310dcdf25317e2e
O41 - RsAntiSpyware - Anti-RootKit Driver - C:\WINDOWS\system32\drivers\RsBoot.sys - (running) - Anti-RootKit Driver - Beijing Rising Technology Co., Ltd. - f9edc97f228c046832a24b5a76017912
O41 - sfhlp01 - StarForce Protection Helper Driver - C:\WINDOWS\system32\drivers\sfhlp01.sys - (running) - StarForce Protection Helper Driver - StarForce Technologies, Inc. - 95654a66531b8a198d0d5d153cc95f8e
O41 - SVKP - SVKP driver for NT - C:\WINDOWS\system32\SVKP.sys - (running) - SVKP driver for NT - AntiCracking - f05028b163b92c302a74409d683ac9b0
O41 - ALCXSENS - Sensaura WDM 3D Audio Driver - C:\WINDOWS\system32\drivers\ALCXSENS.SYS - (not running) - Sensaura WDM 3D Audio Driver - Sensaura - ba88534a3ceb6161e7432438b9ea4f54
O41 - dump_wmimmc - dump_wmimmc - G:\M01\GameGuard\dump_wmimmc.sys - (not running) - - -
O41 - HookSys - HookSys - C:\WINDOWS\system32\drivers\HookSys.sys - (not running) - - -
O41 - New0 - New0 - C:\WINDOWS\system32\new.sys - (not running) - - -
O41 - NPPTNT2 - nProtect NPSC Kernel Mode Driver for NT - C:\WINDOWS\system32\npptNT2.sys - (not running) - nProtect NPSC Kernel Mode Driver for NT - INCA Internet Co., Ltd. - 9131fe60adfab595c8da53ad6a06aa31
O41 - PProtect - PProtect - F:\KV2006\PProtect.sys - (not running) - - -
O41 - SNPSTD3 - PC Camera driver - C:\WINDOWS\system32\drivers\snpstd3.sys - (not running) - PC Camera driver - -
O41 - SSIKRNL - SSIKRNL - C:\Program Files\DFVSX\net\SSIKRNL.sys - (not running) - - -
O41 - TesSafe - TesSafe NT Driver - C:\WINDOWS\system32\TesSafe.sys - (not running) - TesSafe NT Driver - TENCENT - 66173c8fed7f28075a6a41b164da5e0a
O41 - WINIO - WINIO - F:\QQ堂\winio.sys - (not running) - - -
=======================================
safhsdyhfgdsagyg - 2008-3-1 13:17:00
瑞星卡卡电脑诊断日志 v1.30 (2008-3-1 12:53:8) 北京瑞星科技股份有限公司
注释:[A]表示该文件存在自启动关联;
[M]表示该文件在内存中;
+ 注册表自运行项目
+ 系统服务
+ HKLM\System\CurrentControlSet\Services
aspnet_state
[A ] 1. c:\windows\microsoft.net\framework\v1.1.4322\aspnet_state.exe
Microsoft Corporation
aspnet_state.exe
.text,.data,.rsrc,
IDriverT
[A ] 2. c:\program files\common files\installshield\driver\1050\intel 32\idrivert.exe
Macrovision Corporation
IDriverT Module
.text,.rdata,.data,.rsrc,
RsCCenter
[AM] 3. g:\program files\rising\rav\ccenter.exe
Beijing Rising Technology Co., Ltd.
CCenter
.text,.rdata,.data,.rsrc,
RsRavMon
[A ] 4. g:\program files\rising\rav\ravmond.exe
Beijing Rising Technology Co., Ltd.
Rising Realtime Moniter
.text,.rdata,.data,.rsrc,
UMWdf
[AM] 5. c:\windows\system32\wdfmgr.exe
Microsoft Corporation
Windows User Mode Driver Manager
.text,.data,.rsrc,
WMConnectCDS
[A ] 6. c:\program files\windows media connect 2\wmccds.exe
Microsoft Corporation
Windows Media Connect
.text,.data,.rsrc,
+ 内核驱动
+ HKLM\System\CurrentControlSet\Services
360AntiArp
[A ] 7. c:\windows\system32\drivers\360antiarp.sys
奇虎网
360AntiARP
.text,.rdata,.data,INIT,.rsrc,.reloc,
ALCXSENS
[A ] 8. c:\windows\system32\drivers\alcxsens.sys
Sensaura
Sensaura WDM 3D Audio Driver
.text,page,init,.data,.CRT,init,INIT,.rsrc,.reloc,
ALCXWDM
[A ] 9. c:\windows\system32\drivers\alcxwdm.sys
Realtek Semiconductor Corp.
Realtek AC'97 Audio Driver (WDM)
.text,CODE,.rdata,.data,.data1,PAGE,INIT,.rsrc,.reloc,
BaseTDI
[A ] 10. c:\windows\system32\drivers\basetdi.sys
Beijing Rising Technology Co., Ltd.
basetdi
.text,.rdata,.data,INIT,.rsrc,.reloc,
dump_wmimmc
[A ] 11. g:\m01\gameguard\dump_wmimmc.sys
HookCont
[A ] 12. c:\windows\system32\drivers\hookcont.sys
Beijing Rising Technology Co., Ltd
HookCont
.text,.rdata,.data,INIT,.rsrc,.reloc,
HookNtos
[A ] 13. c:\windows\system32\drivers\hookntos.sys
Beijing Rising Technology Co., Ltd
HookNtos
.text,.rdata,.data,INIT,.rsrc,.reloc,
HookReg
[A ] 14. c:\windows\system32\drivers\hookreg.sys
Beijing Rising Technology Co., Ltd
HookReg
.text,.rdata,.data,INIT,.rsrc,.reloc,
HookSys
[A ] 15. c:\windows\system32\drivers\hooksys.sys
KAVBootC
[A ] 16. c:\windows\system32\drivers\kavbootc.sys
Kingsoft Corporation
Kingsoft Boot Clean
.text,.data,.CRT,INIT,.rsrc,.reloc,
KAVSafe
[A ] 17. c:\windows\system32\drivers\kavsafe.sys
Kingsoft Corporation
KAVSafe Application
.text,.data,.CRT,INIT,.rsrc,.reloc,
New0
[A ] 18. c:\windows\system32\new.sys
npkcrypt
[A ] 19. g:\新建文件夹\npkcrypt.sys
INCA Internet Co., Ltd.
nProtect KeyCrypt Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
NPPTNT2
[A ] 20. c:\windows\system32\npptnt2.sys
INCA Internet Co., Ltd.
nProtect NPSC Kernel Mode Driver for NT
.text,.rdata,.data,.rsrc,.reloc,
PProtect
[A ] 21. f:\kv2006\pprotect.sys
prodrv06
[A ] 22. c:\windows\system32\drivers\prodrv06.sys
StarForce Technologies, Inc.
StarForce Protection Environment Driver
.text,.data,.rsrc,.reloc,
prohlp02
[A ] 23. c:\windows\system32\drivers\prohlp02.sys
StarForce Technologies, Inc.
StarForce Protection Helper Driver
.text,.data,.rsrc,.reloc,
prosync1
[A ] 24. c:\windows\system32\drivers\prosync1.sys
StarForce Technologies, Inc.
StarForce Protection Synchronization Driver
.text,.data,INIT,.rsrc,.reloc,
QKeyService
[A ] 25. c:\windows\system32\keycrypt.sys
Tencent Technology (Shenzhen) Company Limited
KeyCrypt
.text,.rdata,.data,INIT,.rsrc,.reloc,
RsAntiSpyware
[A ] 26. c:\windows\system32\drivers\rsboot.sys
Beijing Rising Technology Co., Ltd.
Anti-RootKit Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
RsNTGDI
[A ] 27. c:\windows\system32\drivers\rsntgdi.sys
Beijing Rising Technology Co., Ltd.
RsNTGDI
.text,.rdata,INIT,.rsrc,.reloc,
Secdrv
[A ] 28. c:\windows\system32\drivers\secdrv.sys
Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.
Macrovision SECURITY Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
sfhlp01
[A ] 29. c:\windows\system32\drivers\sfhlp01.sys
StarForce Technologies, Inc.
StarForce Protection Helper Driver
.text,.data,PAGE,INIT,.rsrc,.reloc,
SNPSTD3
[A ] 30. c:\windows\system32\drivers\snpstd3.sys
PC Camera driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
SSIKRNL
[A ] 31. c:\program files\dfvsx\net\ssikrnl.sys
SVKP
[A ] 32. c:\windows\system32\svkp.sys
AntiCracking
SVKP driver for NT
.text,.data,INIT,.rsrc,.reloc,
TesSafe
[A ] 33. c:\windows\system32\tessafe.sys
TENCENT
TesSafe NT Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
WINIO
[A ] 34. f:\qq堂\winio.sys
+ 系统登陆自运行
+ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
WgaLogon
[AM] 35. c:\windows\system32\wgalogon.dll
Microsoft Corporation
Windows 正版增值计划通知
.text,.data,.rsrc,.reloc,
+ IE浏览器加载模块
+ HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C}
[AM] 36. c:\windows\system32\kakatool.dll
Beijing Rising Technology Co., Ltd.
Rising AntiSpyware Toolbar
.text,.rdata,.data,MonitorS,.rsrc,.reloc,
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
{00000000-12C9-4305-82F9-43058F20E8D2}
[AM] 37. c:\program files\tencent\qqdownload\qqiehelper01.dll
腾讯公司
超级旋风下载组件
.text,.rdata,.data,.rsrc,.reloc,
{01443AEC-0FD1-40fd-9C87-E93D1494C233}
[AM] 38. f:\迅雷\comdlls\tdatonce_now.dll
Thunder Networking Technologies,LTD
迅雷浏览器高级特性支持模块
.text,.rdata,.data,.rsrc,.reloc,
{889D2FEB-5411-4565-8998-1DD2C5261283}
[AM] 39. f:\迅雷\comdlls\xunleibho_now.dll
Thunder Networking Technologies,LTD
XunLeiBHO
.text,.rdata,.data,.rsrc,.reloc,
{B69F34DD-F0F9-42DC-9EDD-957187DA688D}
[AM] 40. f:\360safe\safemon\safemon.dll
奇虎网
360安全卫士实时保护模块
.text,.rdata,.data,.share,.rsrc,.reloc,
+ HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions
Exec
[A ] 41. f:\迅雷\thunder.exe
Thunder Networking Technologies,LTD
.text,.rdata,.data,.rsrc,
+ 资源管理器加载模块
+ HKLM\SOFTWARE\Classes\PROTOCOLS\Filter
application/octet-stream
[A ] 42. c:\windows\system32\mscoree.dll
Microsoft Corporation
Microsoft .NET Runtime Execution Engine
.text,.data,.rsrc,.reloc,
application/x-complus
[A ] 42. c:\windows\system32\mscoree.dll
Microsoft Corporation
Microsoft .NET Runtime Execution Engine
.text,.data,.rsrc,.reloc,
application/x-msdownload
[A ] 42. c:\windows\system32\mscoree.dll
Microsoft Corporation
Microsoft .NET Runtime Execution Engine
.text,.data,.rsrc,.reloc,
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
HyperTerminal Icon Ext
[A ] 43. c:\windows\system32\hticons.dll
Hilgraeve, Inc.
HyperTerminal Applet Library
.text,.data,.rsrc,.reloc,
Shell Extensions for RealOne Player
[A ] 44. c:\program files\real\realplayer\rpshell.dll
RealNetworks, Inc.
RealPlayer Shell Extensions
.text,.rdata,.data,.rsrc,.reloc,
Microsoft Office Binder Unbind
[A ] 45. c:\program files\microsoft office\office\2052\unbind.dll
Microsoft Corporation
“Microsoft Office 活页夹”文档拆散程序
.text,.data,.rsrc,.reloc,
Microsoft Outlook Custom Icon Handler
[A ] 46. c:\program files\microsoft office\office\olkfstub.dll
Microsoft Corporation
Microsoft Outlook Shell Hook for Start/Find
.text,.data,.rsrc,.reloc,
Yahoo Trojan Cleanner
[A ] 47. f:\ske\contmenu.dll
UPX0,UPX1,.rsrc,
Fusion Cache
[A ] 42. c:\windows\system32\mscoree.dll
Microsoft Corporation
Microsoft .NET Runtime Execution Engine
.text,.data,.rsrc,.reloc,
Portable Media Devices
[A ] 48. c:\windows\system32\audiodev.dll
Microsoft Corporation
便携媒体设备命令行解释器扩展
.text,.data,.rsrc,.reloc,
safhsdyhfgdsagyg - 2008-3-1 13:21:00
Portable Media Devices Menu
[A ] 48. c:\windows\system32\audiodev.dll
Microsoft Corporation
便携媒体设备命令行解释器扩展
.text,.data,.rsrc,.reloc,
WinRAR shell extension
[A ] 49. f:\刘召港专用文档\rarext.dll
.text,.data,.tls,.idata,.edata,.rsrc,.reloc,
WinZip
[A ] 50. f:\winzip\wzshlstb.dll
WinZip Computing, Inc.
WinZip Shell Extension DLL
.text,.rdata,.data,.rsrc,.reloc,
WinZip
[A ] 50. f:\winzip\wzshlstb.dll
WinZip Computing, Inc.
WinZip Shell Extension DLL
.text,.rdata,.data,.rsrc,.reloc,
WinZip
[A ] 50. f:\winzip\wzshlstb.dll
WinZip Computing, Inc.
WinZip Shell Extension DLL
.text,.rdata,.data,.rsrc,.reloc,
WinZip
[A ] 50. f:\winzip\wzshlstb.dll
WinZip Computing, Inc.
WinZip Shell Extension DLL
.text,.rdata,.data,.rsrc,.reloc,
RISING
[AM] 51. c:\windows\system32\ravext.dll
Beijing Rising Technology Co., Ltd.
Rising Shell Ext Module
.text,.rdata,.data,.rsrc,.reloc,
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
{32CD708B-60A7-4C00-9377-D73EAA495F0F}
[AM] 51. c:\windows\system32\ravext.dll
Beijing Rising Technology Co., Ltd.
Rising Shell Ext Module
.text,.rdata,.data,.rsrc,.reloc,
+ 用户登陆自运行项目
+ HKLM\Software\Microsoft\Windows\CurrentVersion\Run
SunJavaUpdateSched
[AM] 52. c:\program files\java\j2re1.4.2_05\bin\jusched.exe
.text,.rdata,.data,
CameraFixer
[AM] 53. c:\windows\camerafixer.exe
CameraFixer MFC Application
.text,.rdata,.data,.rsrc,
TkBellExe
[A ] 54. c:\program files\common files\real\update_ob\realsched.exe
RealNetworks, Inc.
RealNetworks Scheduler
.text,.rdata,.data,.rsrc,
RavTask
[AM] 55. g:\program files\rising\rav\ravtask.exe
Beijing Rising Technology Co., Ltd.
RavTimer
.text,.rdata,.data,.rsrc,
runeip
[A ] 56. c:\program files\rising\kakatoolbar\runiep.exe
Beijing Rising Technology Co., Ltd.
Rising AntiSpyware Monitor
.text,.rdata,.data,.rsrc,
Thunder
[A ] 41. f:\迅雷\thunder.exe
Thunder Networking Technologies,LTD
.text,.rdata,.data,.rsrc,
SoundMan
[AM] 57. c:\windows\soundman.exe
Realtek Semiconductor Corp.
Realtek Sound Manager
.text,.rdata,.data,.sxdata,.rsrc,
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
KKDelay
[A ] 58. c:\program files\rising\kakatoolbar\runonce.exe
Beijing Rising Technology Co., Ltd.
RunOnce Application
.text,.rdata,.data,.rsrc,
Rav
[AM] 59. g:\program files\rising\rav\update\setup.exe
Beijing Rising Technology Co., Ltd.
Rising Installation Program
.text,.rdata,.data,.rsrc,
+ 开机执行
+ HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order
BootExecute
[A ] 60. c:\windows\system32\bsmain.exe
Beijing Rising Technology Co., Ltd.
Rising Antivirus 2008
.text,.rdata,.data,.rsrc,.reloc,
[A ] 61. c:\windows\system32\kknative.exe
Beijing Rising Technology Co., Ltd.
NativeAp
.text,.data,.rsrc,.reloc,
+ 映像劫持
+ HKCR\.html
FirefoxHTML\Edit\Command
[A ] 62. c:\program files\microsoft office\office\msohtmed.exe
Microsoft Corporation
Microsoft Office 2000 component
.text,.data,.idata,.rsrc,
FirefoxHTML\open\Command
[A ] 63. c:\program files\mozilla firefox\firefox.exe
Mozilla Corporation
Firefox
.text,.rdata,.data,.rsrc,
FirefoxHTML\Print\Command
[A ] 62. c:\program files\microsoft office\office\msohtmed.exe
Microsoft Corporation
Microsoft Office 2000 component
.text,.data,.idata,.rsrc,
+ HKCR\.htm
FirefoxHTML\Edit\Command
[A ] 62. c:\program files\microsoft office\office\msohtmed.exe
Microsoft Corporation
Microsoft Office 2000 component
.text,.data,.idata,.rsrc,
FirefoxHTML\open\Command
[A ] 63. c:\program files\mozilla firefox\firefox.exe
Mozilla Corporation
Firefox
.text,.rdata,.data,.rsrc,
FirefoxHTML\Print\Command
[A ] 62. c:\program files\microsoft office\office\msohtmed.exe
Microsoft Corporation
Microsoft Office 2000 component
.text,.data,.idata,.rsrc,
+ HKCR\.mp3
RealPlayer.MP3.6\open\Command
[A ] 64. c:\program files\real\realplayer\realplay.exe
RealNetworks, Inc.
RealPlayer
.text,.rdata,.data,.rsrc,
+ 打印机监控
+ HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
Fax & Color print Port
[AM] 65. c:\windows\system32\imgcl7mn.dll
Windows (R) Server 2003 DDK provider
Fax Monitor DLL
.text,.data,.rsrc,.reloc,
OLFax Ports
[AM] 66. c:\windows\system32\olfmnt40.dll
Microsoft Corporation
Symantec Fax Starter Edition Monitor DLL
.text,.data,.edata,.rsrc,.reloc,
+ 其他自启动项目
+
TSCC.exe
[A ] 67. c:\tscc.exe
.text,.rdata,.data,.rsrc,
RealPlayer10-5GOLD_cn_skycn.exe
[A ] 68. c:\realplayer10-5gold_cn_skycn.exe
RealNetworks, Inc.
Shell executable of Setup program
.text,.rdata,.data,.rsrc,
+ C:\Documents and Settings\liu\「开始」菜单\程序\启动
腾讯QQ.lnk
[AM] 69. g:\新建文件夹\qq.exe
TENCENT
QQ
.text,.rdata,.data,.rsrc,
+
TSCC.exe
[A ] 67. c:\tscc.exe
.text,.rdata,.data,.rsrc,
RealPlayer10-5GOLD_cn_skycn.exe
[A ] 68. c:\realplayer10-5gold_cn_skycn.exe
RealNetworks, Inc.
Shell executable of Setup program
.text,.rdata,.data,.rsrc,
+ 正在运行的进程
+ 000000d0(208) conime.exe
10000000[0001C000]
[ M] 70. c:\windows\system32\unispim.ime
北京清华紫光软件股份有限公司
紫光拼音输入法3.0
.text,.rdata,.data,.SharedD,.rsrc,.reloc,
00BA0000[00053000]
[ M] 71. c:\windows\system32\upengine.dll
北京清华紫光软件股份有限公司
紫光拼音输入法引擎
.text,.rdata,.data,.idata,.share_d,.rsrc,.reloc,
00F80000[0001B000]
[ M] 72. c:\program files\rising\kakatoolbar\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 00000104(260) jusched.exe
00400000[00008000]
[AM] 52. c:\program files\java\j2re1.4.2_05\bin\jusched.exe
.text,.rdata,.data,
+ 0000010c(268) CameraFixer.exe
00400000[00005000]
[AM] 53. c:\windows\camerafixer.exe
CameraFixer MFC Application
.text,.rdata,.data,.rsrc,
safhsdyhfgdsagyg - 2008-3-1 13:23:00
07F80000[0001D000]
[AM] 40. f:\360safe\safemon\safemon.dll
奇虎网
360安全卫士实时保护模块
.text,.rdata,.data,.share,.rsrc,.reloc,
090B0000[00028000]
[ M] 94. g:\program files\rising\rav\ravscrch.dll
Beijing Rising Technology Co., Ltd.
RavScrCh Module
.text,.rdata,.data,.rsrc,.reloc,
30000000[002EF000]
[ M] 95. c:\windows\system32\macromed\flash\flash9c.ocx
Adobe Systems, Inc.
Adobe Flash Player 9.0 r45
.text,.rdata,.data,.rsrc,.reloc,
02960000[0009C000]
[ M] 99. c:\windows\system32\xpsp3res.dll
Microsoft Corporation
Service Pack 3 Messages
.rsrc,
41F00000[00007000]
[ M] 100. c:\windows\system32\asfsipc.dll
Microsoft Corporation
ASFSipc Object
.text,.data,.rsrc,.reloc,
+ 000006b8(1720) WgaTray.exe
01000000[00052000]
[ M] 101. c:\windows\system32\wgatray.exe
Microsoft Corporation
Windows 正版增值计划通知
.text,.data,.rsrc,
10000000[0001C000]
[ M] 70. c:\windows\system32\unispim.ime
北京清华紫光软件股份有限公司
紫光拼音输入法3.0
.text,.rdata,.data,.SharedD,.rsrc,.reloc,
00F80000[0001B000]
[ M] 72. c:\program files\rising\kakatoolbar\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
01CC0000[00053000]
[ M] 71. c:\windows\system32\upengine.dll
北京清华紫光软件股份有限公司
紫光拼音输入法引擎
.text,.rdata,.data,.idata,.share_d,.rsrc,.reloc,
+ 000007a0(1952) svchost.exe
+ 000008f8(2296) QQPenguin.exe
00400000[0027D000]
[ M] 102. g:\新建文件夹\qqpet\qqpenguin\qqpenguin.exe
腾讯公司
QQ宠物
.text,.rdata,.data,.rsrc,
10000000[0000E000]
[ M] 103. g:\新建文件夹\qqpet\qqpenguin\pnet.dll
.text,.rdata,.data,.reloc,
00CF0000[00045000]
[ M] 104. g:\新建文件夹\qqpet\qqpenguin\prm.dll
ResourceManager Module
.text,.rdata,.data,.idata,.rsrc,.reloc,
4B4F0000[00006000]
[ M] 105. c:\windows\system32\odbcbcp.dll
Microsoft Corporation
Microsoft BCP for ODBC
.text,.data,.rsrc,.reloc,
01350000[0001C000]
[ M] 70. c:\windows\system32\unispim.ime
北京清华紫光软件股份有限公司
紫光拼音输入法3.0
.text,.rdata,.data,.SharedD,.rsrc,.reloc,
016A0000[000E4000]
[ M] 106. g:\新建文件夹\qqpet\qqpenguin\tersafe.dll
tencent
TerSafe
.text,.rdata,.data,.rsrc,.text$t0,.text$t1,.reloc,
018D0000[00053000]
[ M] 71. c:\windows\system32\upengine.dll
北京清华紫光软件股份有限公司
紫光拼音输入法引擎
.text,.rdata,.data,.idata,.share_d,.rsrc,.reloc,
01CC0000[0002B000]
[ M] 107. g:\新建文件夹\qqpet\qqpenguin\qqpetresdownloadpet.dll
QQPetResDownload DLL
.text,.rdata,.data,.rsrc,.reloc,
01CF0000[00149000]
[ M] 108. g:\新建文件夹\qqpet\qqpenguin\qqpetcommunity.dll
QQPetCommunity DLL
.text,.rdata,.data,.rsrc,.reloc,
02460000[0001B000]
[ M] 72. c:\program files\rising\kakatoolbar\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
30000000[002EF000]
[ M] 95. c:\windows\system32\macromed\flash\flash9c.ocx
Adobe Systems, Inc.
Adobe Flash Player 9.0 r45
.text,.rdata,.data,.rsrc,.reloc,
05670000[00028000]
[ M] 94. g:\program files\rising\rav\ravscrch.dll
Beijing Rising Technology Co., Ltd.
RavScrCh Module
.text,.rdata,.data,.rsrc,.reloc,
+ 00000a9c(2716) QQ.exe
00400000[001D9000]
[AM] 69. g:\新建文件夹\qq.exe
TENCENT
QQ
.text,.rdata,.data,.rsrc,
10000000[002F6000]
[ M] 109. g:\新建文件夹\qqbaseclassindll.dll
TENCENT
QQBaseClassInDll DLL
.text,.rdata,.data,.rsrc,.reloc,
61820000[000E1000]
[ M] 110. g:\新建文件夹\qqhelperdll.dll
TENCENT
QQHelperDll DLL
.text,.rdata,.data,.rsrc,.reloc,
600A0000[00070000]
[ M] 111. g:\新建文件夹\basicctrldll.dll
TENCENT
BasicCtrlDll DLL
.text,.rdata,.data,.rsrc,.reloc,
60A90000[000F2000]
[ M] 112. g:\新建文件夹\mfc42.dll
Microsoft Corporation
MFCDLL Shared Library - Retail Version
.text,.rdata,.data,.rsrc,.reloc,
00CB0000[0001C000]
[ M] 70. c:\windows\system32\unispim.ime
北京清华紫光软件股份有限公司
紫光拼音输入法3.0
.text,.rdata,.data,.SharedD,.rsrc,.reloc,
61D30000[00005000]
[ M] 113. g:\新建文件夹\riched32.dll
Microsoft Corporation
Wrapper Dll for Richedit 1.0
.text,.data,.rsrc,.reloc,
00EF0000[00022000]
[ M] 114. g:\新建文件夹\riched20.dll
Jiangmin Co Ltd
Special implement of RichEd20
.text,.rdata,.data,.rsrc,.reloc,
61CC0000[00068000]
[ M] 115. g:\新建文件夹\riched20_.dll
Microsoft Corporation
Rich Text Edit Control, v3.1
.text,.data,.rsrc,.reloc,
61360000[0003A000]
[ M] 116. g:\新建文件夹\qqapi.dll
TENCENT
ModuleSample DLL
.text,.rdata,.data,.rsrc,.reloc,
01480000[0001B000]
[ M] 72. c:\program files\rising\kakatoolbar\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
016C0000[00053000]
[ M] 71. c:\windows\system32\upengine.dll
北京清华紫光软件股份有限公司
紫光拼音输入法引擎
.text,.rdata,.data,.idata,.share_d,.rsrc,.reloc,
60860000[00044000]
[ M] 117. g:\新建文件夹\loginctrl.dll
TENCENT
NewSkin
.text,.rdata,.data,.rsrc,.reloc,
01EC0000[0009B000]
[ M] 118. g:\新建文件夹\loginctrlres.dll
TENCENT
LoginCtrl DLL
.rsrc,.reloc,
01F80000[0063C000]
[ M] 119. g:\新建文件夹\qqres.dll
TENCENT
QQRes
.rsrc,.reloc,
62BA0000[00021000]
[ M] 120. g:\新建文件夹\wizardctrl.dll
TENCENT
WizardCtrl DLL
.text,.rdata,.data,.rsrc,.reloc,
01170000[000D7000]
[ M] 121. g:\新建文件夹\qqmainframe.dll
.text,.rdata,.data,.reloc,
60450000[001A3000]
[ M] 122. g:\新建文件夹\gdiplus.dll
Microsoft Corporation
Microsoft GDI+
.text,.data,Shared,.rsrc,.reloc,
02AC0000[00124000]
[ M] 123. g:\新建文件夹\qqplugin.dll
.text,.rdata,.data,.reloc,
02600000[00020000]
[ M] 124. g:\新建文件夹\unreadmsgmgr.dll
.text,.rdata,.data,.reloc,
03B20000[00174000]
[ M] 125. g:\新建文件夹\cqqapplication.dll
.text,.rdata,.data,.reloc,
60410000[00040000]
[ M] 126. g:\新建文件夹\flashavatardll.dll
FlashAvatarDll DLL
.text,.rdata,.data,.rsrc,.reloc,
60C10000[0005F000]
[ M] 127. g:\新建文件夹\newskin.dll
TENCENT
NewSkin Module
.text,.rdata,.data,.rsrc,.reloc,
03F10000[00036000]
[ M] 128. g:\新建文件夹\mailsummary.dll
TENCENT
MailSummary DLL
.text,.rdata,.data,.rsrc,.reloc,
623A0000[00027000]
[ M] 129. g:\新建文件夹\qqspace.dll
TENCENT
QQSpace DLL
.text,.rdata,.data,.rsrc,.reloc,
62020000[00071000]
[ M] 130. g:\新建文件夹\vbscript.dll
Microsoft Corporation
Microsoft (r) VBScript
.text,.rdata,.data,.rsrc,.reloc,
safhsdyhfgdsagyg - 2008-3-1 13:24:00
60C70000[00014000]
[ M] 131. g:\新建文件夹\oemapplication.dll
TENCENT
OEMApplication DLL
.text,.rdata,.data,.rsrc,.reloc,
61910000[00018000]
[ M] 132. g:\新建文件夹\qqknowledgesearch.dll
TENCENT
QQKnowledgeSearch DLL
.text,.rdata,.data,.rsrc,.reloc,
617A0000[00071000]
[ M] 133. g:\新建文件夹\qqgroupmng.dll
TENCENT
QQGroupMng DLL
.text,.rdata,.data,.rsrc,.reloc,
04930000[00255000]
[ M] 134. g:\新建文件夹\qqallinone.dll
TENCENT
NewSkin
.text,.rdata,.data,.rsrc,.reloc,
625A0000[0002B000]
[ M] 135. g:\新建文件夹\sccore.dll
TENCENT
SCCore.dll
.text,.rdata,.data,.shareds,.rsrc,.reloc,
60130000[00034000]
[ M] 136. g:\新建文件夹\cameradll.dll
TENCENT
CameraDll DLL
.text,.rdata,.data,.MYSHARE,.rsrc,.reloc,
623D0000[00048000]
[ M] 137. g:\新建文件夹\qqsysmsgmng.dll
.text,.rdata,.data,.reloc,
62700000[00017000]
[ M] 138. g:\新建文件夹\userdefinedhead.dll
TENCENT
UserDefinedHead DLL
.text,.rdata,.data,.rsrc,.reloc,
613A0000[00040000]
[ M] 139. g:\新建文件夹\qqavatar.dll
.text,.rdata,.data,.reloc,
616E0000[0000E000]
[ M] 140. g:\新建文件夹\qqconfigplugin.dll
TENCENT
QQConfigPlugin DLL
.text,.rdata,.data,.rsrc,.reloc,
04820000[00055000]
[ M] 141. g:\新建文件夹\qqcustomface.dll
.text,.rdata,.data,.reloc,
624F0000[00016000]
[ M] 142. g:\新建文件夹\qringmng.dll
.text,.rdata,.data,.reloc,
61B50000[0002B000]
[ M] 143. g:\新建文件夹\qqpet.dll
TENCENT
QQPet DLL
.text,.rdata,.data,.rsrc,.reloc,
60950000[000B8000]
[ M] 144. g:\新建文件夹\longconnection.dll
TENCENT
LongConnection
.text,.rdata,.data,.rsrc,.reloc,
60D10000[00027000]
[ M] 145. g:\新建文件夹\phoneapi.dll
TENCENT
PhoneAPI DLL
.text,.rdata,.data,.rsrc,.reloc,
603C0000[0000D000]
[ M] 146. g:\新建文件夹\dialerallinone.dll
tencent
DialerAllInOne
.text,.rdata,.data,Shared,.rsrc,.reloc,
60110000[0001F000]
[ M] 147. g:\新建文件夹\bqqapplication.dll
.text,.rdata,.data,.reloc,
60170000[0004F000]
[ M] 148. g:\新建文件夹\commercesmng.dll
TENCENT
CommercesMng DLL
.text,.rdata,.data,.rsrc,.reloc,
60C90000[0000F000]
[ M] 149. g:\新建文件夹\personaldesktop.dll
TENCENT
QQ个人桌面
.text,.rdata,.data,.rsrc,.reloc,
06610000[00287000]
[ M] 150. g:\新建文件夹\qqaddr.dll
深圳市腾讯计算机系统有限公司
腾讯通讯录
.text,.rdata,.data,.rsrc,.reloc,
622F0000[0002D000]
[ M] 151. g:\新建文件夹\qqscenemng.dll
.text,.rdata,.data,.reloc,
03070000[00036000]
[ M] 152. g:\新建文件夹\addrsearch.dll
腾讯科技(深圳)有限公司
AddrSearch
UPX0,UPX1,.rsrc,
01040000[0000F000]
[ M] 153. g:\新建文件夹\qqdoctor\tsvulmdw.dat
TENCENT
TSVulMdw
UPX0,UPX1,.rsrc,
+ 00000c14(3092) RavCopy.exe
00400000[00018000]
[ M] 154. g:\program files\rising\rav\copyrun\ravcopy.exe
Beijing Rising Technology Co., Ltd.
RavCopy
.text,.rdata,.data,.rsrc,
10000000[00064000]
[ M] 155. g:\program files\rising\rav\copyrun\update.dll
Beijing Rising Technology Co., Ltd.
Update Module
.text,.rdata,.data,.rsrc,.reloc,
+ 00000e18(3608) iexplore.exe
10000000[0001B000]
[ M] 72. c:\program files\rising\kakatoolbar\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 00000e38(3640) TXPlatform.exe
00400000[00026000]
[ M] 156. g:\新建文件夹\txplatform.exe
Tencent
TM2008
.text,.rdata,.data,.rsrc,
10000000[0001B000]
[ M] 72. c:\program files\rising\kakatoolbar\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 00000f38(3896) Setup.exe
00400000[00096000]
[AM] 59. g:\program files\rising\rav\update\setup.exe
Beijing Rising Technology Co., Ltd.
Rising Installation Program
.text,.rdata,.data,.rsrc,
00B80000[0001F000]
[ M] 157. g:\program files\rising\rav\update\proccom.dll
Beijing Rising Technology Co., Ltd.
ProcessC Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
00BA0000[00024000]
[ M] 158. g:\program files\rising\rav\update\rscommx2.dll
Beijing Rising Technology Co., Ltd.
RsCommX2
.text,.rdata,.data,.rsrc,.reloc,
00D50000[0002B000]
[ M] 159. g:\program files\rising\rav\update\setup.dll
Beijing Rising Technology Co., Ltd.
Module install implement
.text,.rdata,.data,.rsrc,.reloc,
23700000[00028000]
[ M] 160. g:\program files\rising\rav\update\rscommon.dll
Beijing Rising Technology Co., Ltd.
Rising Common Function Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
10000000[0001C000]
[ M] 70. c:\windows\system32\unispim.ime
北京清华紫光软件股份有限公司
紫光拼音输入法3.0
.text,.rdata,.data,.SharedD,.rsrc,.reloc,
01810000[00053000]
[ M] 71. c:\windows\system32\upengine.dll
北京清华紫光软件股份有限公司
紫光拼音输入法引擎
.text,.rdata,.data,.idata,.share_d,.rsrc,.reloc,
01C00000[0001B000]
[ M] 72. c:\program files\rising\kakatoolbar\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
safhsdyhfgdsagyg - 2008-3-1 13:43:00
哪位大哥来帮帮忙看看??
1
© 2000 - 2026 Rising Corp. Ltd.