天涯剑1992 - 2008-8-13 15:44:00
瑞星卡卡电脑诊断日志 v1.30 (2008-8-13 15:28:49) 北京瑞星信息技术有限公司
注释: [A]表示该文件存在自启动关联;
[M]表示该文件在内存中;
+ 注册表自运行项目
+ 系统服务
+ HKLM\System\CurrentControlSet\Services
Msnetsvcs
[A ] 1. c:\program files\common files\wincba\winpac.exe
ose
[A ] 2. c:\program files\common files\microsoft shared\source engine\ose.exe
RfwProxySrv
[AM] 3. c:\program files\rising\rfw\rfwproxy.exe
RfwService
[AM] 4. c:\program files\rising\rfw\rfwsrv.exe
RsCCenter
[AM] 5. c:\program files\rising\rav\ccenter.exe
RsRavMon
[AM] 6. c:\program files\rising\rav\ravmond.exe
ServiceLayer
[A ] 7. c:\program files\pc connectivity solution\servicelayer.exe
UiPlayer
[AM] 8. c:\program files\uitv\uiplayer\msrv.exe
UMWdf
[A ] 9. c:\windows\system32\wdfmgr.exe
+ 内核驱动
+ HKLM\System\CurrentControlSet\Services
360AntiArp
[A ] 10. c:\windows\system32\drivers\360antiarp.sys
BeatTrojanHelperOne
[A ] 11. d:\game\新建文件夹\0726\木马清除大师2008\beattrojanhelperone.sys
cmuda
[A ] 12. c:\windows\system32\drivers\cmuda.sys
FTCkillfile
[A ] 13. c:\windows\system32\drivers\ftckillfile.sys
FTCProtect
[A ] 14. c:\windows\system32\drivers\ftcprotect.sys
HDAudBus
[A ] 15. c:\windows\system32\drivers\hdaudbus.sys
HookCont
[A ] 16. c:\windows\system32\drivers\hookcont.sys
HookNtos
[A ] 17. c:\windows\system32\drivers\hookntos.sys
HookReg
[A ] 18. c:\windows\system32\drivers\hookreg.sys
HookSys
[A ] 19. c:\windows\system32\drivers\hooksys.sys
HookUrl
[A ] 20. c:\program files\rising\rfw\hookurl.sys
ialm
[A ] 21. c:\windows\system32\drivers\igxpmp32.sys
IntcAzAudAddService
[A ] 22. c:\windows\system32\drivers\rtkhdaud.sys
Packet
[A ] 23. c:\windows\system32\drivers\protodrv.sys
pccsmcfd
[A ] 24. c:\windows\system32\drivers\pccsmcfd.sys
RfwBase
[A ] 25. c:\windows\system32\drivers\rfwbase.sys
RsFwDrv
[A ] 26. c:\program files\rising\rfw\rsfwdrv.sys
RsNTGDI
[A ] 27. c:\windows\system32\drivers\rsntgdi.sys
RTL8023xp
[A ] 28. c:\windows\system32\drivers\rtlnicxp.sys
SafeBoxKrnl
[A ] 29. c:\program files\360safebox\safeboxkrnl.sys
Secdrv
[A ] 30. c:\windows\system32\drivers\secdrv.sys
TesSafe
[A ] 31. c:\windows\system32\tessafe.sys
upperdev
[A ] 32. c:\windows\system32\drivers\usbser_lowerflt.sys
Wdf01000
[A ] 33. c:\windows\system32\drivers\wdf01000.sys
+ 系统登陆自运行
+ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
igfxcui
[A ] 34. c:\windows\system32\igfxdev.dll
+ IE浏览器加载模块
+ HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar
{29CF293A-1E7D-4069-9E11-E39698D0AF95}
[AM] 35. c:\program files\tencent\qqtoolbar\iebar.dll
+ HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks
{DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9}
[AM] 36. c:\program files\tencent\ssplus\saddr.dll
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
{00000000-12C9-4305-82F9-43058F20E8D2}
[AM] 37. d:\game\qqdownload\qqiehelper01.dll
{01443AEC-0FD1-40fd-9C87-E93D1494C233}
[AM] 38. d:\program files\thunder network\thunder\comdlls\tdatonce_now.dll
{0C7C23EF-A848-485B-873C-0ED954731014}
[AM] 36. c:\program files\tencent\ssplus\saddr.dll
{29CF293A-1E7D-4069-9E11-E39698D0AF95}
[AM] 35. c:\program files\tencent\qqtoolbar\iebar.dll
{889D2FEB-5411-4565-8998-1DD2C5261283}
[AM] 39. d:\program files\thunder network\thunder\comdlls\xunleibho_now.dll
{98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}
[AM] 40. c:\windows\system32\urlfilter.dll
{B69F34DD-F0F9-42DC-9EDD-957187DA688D}
[AM] 41. c:\program files\360safe\safemon\safemon.dll
+ HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions
Exec
[A ] 42. d:\program files\thunder network\thunder\thunder.exe
Exec
[A ] 43. c:\program files\messenger\msmsgs.exe
+ 资源管理器加载模块
+ HKLM\SOFTWARE\Classes\PROTOCOLS\Filter
text/xml
[AM] 44. c:\program files\common files\microsoft shared\office11\msoxmlmf.dll
+ HKLM\SOFTWARE\Classes\PROTOCOLS\Handler
KuGoo
[A ] 45. c:\windows\system32\kugoo3downxcontrol.ocx
KuGoo3
[A ] 45. c:\windows\system32\kugoo3downxcontrol.ocx
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
Portable Media Devices
[A ] 46. c:\windows\system32\audiodev.dll
Portable Media Devices Menu
[A ] 46. c:\windows\system32\audiodev.dll
WinRAR shell extension
[A ] 47. c:\program files\winrar\rarext.dll
Microsoft Office HTML Icon Handler
[AM] 48. c:\program files\microsoft office\office11\msohev.dll
Web Folders
[A ] 49. c:\program files\common files\microsoft shared\web folders\msonsext.dll
RISING
[AM] 50. c:\windows\system32\ravext.dll
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
{32CD708B-60A7-4C00-9377-D73EAA495F0F}
[AM] 50. c:\windows\system32\ravext.dll
+ 用户登陆自运行项目
+ HKCU\Software\Microsoft\Windows\CurrentVersion\Run
QQDownload
[AM] 51. d:\game\qqdownload\qqdownload.exe
+ HKLM\Software\Microsoft\Windows\CurrentVersion\Run
RTHDCPL
[AM] 52. c:\windows\rthdcpl.exe
RfwMain
[AM] 53. c:\program files\rising\rfw\rfwmain.exe
Persistence
[AM] 54. c:\windows\system32\igfxpers.exe
Alcmtr
[A ] 55. c:\windows\alcmtr.exe
RavTask
[AM] 56. c:\program files\rising\rav\ravtask.exe
runeip
[AM] 57. c:\program files\rising\antispyware\rstray.exe
+ 开机执行
+ HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order
BootExecute
[A ] 58. c:\windows\system32\bsmain.exe
+ 映像劫持
+ HKCR\.bat
batfile\np2open\Command
[A ] 59. c:\windows\notepad2.exe
文件名和"notepad.exe"类似
+ HKCR\.html
htmlfile\Edit\Command
[A ] 60. c:\program files\microsoft office\office11\msohtmed.exe
htmlfile\np2open\Command
[A ] 59. c:\windows\notepad2.exe
文件名和"notepad.exe"类似
htmlfile\Print\Command
[A ] 60. c:\program files\microsoft office\office11\msohtmed.exe
+ HKCR\.htm
htmlfile\Edit\Command
[A ] 60. c:\program files\microsoft office\office11\msohtmed.exe
htmlfile\np2open\Command
[A ] 59. c:\windows\notepad2.exe
文件名和"notepad.exe"类似
htmlfile\Print\Command
[A ] 60. c:\program files\microsoft office\office11\msohtmed.exe
+ HKCR\.log
Notepad2.log\Open\Command
[A ] 59. c:\windows\notepad2.exe
文件名和"notepad.exe"类似
+ HKCR\.cmd
cmdfile\np2open\Command
[A ] 59. c:\windows\notepad2.exe
文件名和"notepad.exe"类似
+ HKCR\.reg
regfile\np2open\Command
[A ] 59. c:\windows\notepad2.exe
文件名和"notepad.exe"类似
+ HKCR\.vbs
VBSFile\np2open\Command
[A ] 59. c:\windows\notepad2.exe
文件名和"notepad.exe"类似
+ HKCR\.js
JSFile\np2open\Command
[A ] 59. c:\windows\notepad2.exe
文件名和"notepad.exe"类似
+ HKCR\.mp3
kwfile\open\Command
[A ] 61. d:\game\新建文件夹\kwmusic\kwmusic.exe
+ 程序初始化和已知动态连接库
+ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
AppInit_DLLs
[AM] 62. c:\windows\system32\kmon.dll
+ 打印机监控
+ HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
Microsoft Document Imaging Writer Monitor
[AM] 63. c:\windows\system32\mdimon.dll
+ 其他自启动项目
+ C:\Documents and Settings\Administrator\「开始」菜单\程序\启动
腾讯QQ.lnk
[A ] 64. d:\game\腾讯qq\qq.exe
+ 正在运行的进程
+ 000000fc(252) RsAgent.exe
00400000[00045000]
[ M] 65. c:\program files\rising\rav\rsagent.exe
7C140000[00103000]
[ M] 66. c:\windows\system32\mfc71.dll
7C340000[00056000]
[ M] 67. c:\windows\system32\msvcr71.dll
7C3A0000[0007B000]
[ M] 68. c:\windows\system32\msvcp71.dll
10000000[0001F000]
[ M] 69. c:\program files\rising\rav\proccom.dll
00AA0000[00024000]
[ M] 70. c:\program files\rising\rav\rscommx2.dll
+ 00000188(392) RTHDCPL.EXE
00400000[01076000]
[AM] 52. c:\windows\rthdcpl.exe
60000000[00074000]
[AM] 62. c:\windows\system32\kmon.dll
10000000[00029000]
[AM] 41. c:\program files\360safe\safemon\safemon.dll
72C80000[00008000]
[ M] 71. c:\windows\system32\msacm32.drv
01BB0000[0002D000]
[ M] 72. c:\program files\tencent\ssplus\splus.dll
+ 000001e0(480) smss.exe
+ 00000200(512) igfxpers.exe
00400000[00019000]
[AM] 54. c:\windows\system32\igfxpers.exe
60000000[00074000]
[AM] 62. c:\windows\system32\kmon.dll
70000000[00019000]
[ M] 73. c:\program files\rising\rfw\ijt_base.dll
75000000[0000F000]
[ M] 74. c:\program files\rising\rfw\olemon.dll
10000000[0000F000]
[ M] 75. c:\windows\system32\igfxsrvc.dll
00F50000[0002D000]
[ M] 72. c:\program files\tencent\ssplus\splus.dll
+ 0000021c(540) csrss.exe
70000000[00019000]
[ M] 73. c:\program files\rising\rfw\ijt_base.dll
75000000[0000F000]
[ M] 74. c:\program files\rising\rfw\olemon.dll
+ 00000234(564) winlogon.exe
70000000[00019000]
[ M] 73. c:\program files\rising\rfw\ijt_base.dll
75000000[0000F000]
[ M] 74. c:\program files\rising\rfw\olemon.dll
72C80000[00008000]
[ M] 71. c:\windows\system32\msacm32.drv
+ 00000260(608) services.exe
46040000[0000F000]
[ M] 76. c:\windows\apppatch\acadproc.dll
70000000[00019000]
[ M] 73. c:\program files\rising\rfw\ijt_base.dll
75000000[0000F000]
[ M] 74. c:\program files\rising\rfw\olemon.dll
+ 0000026c(620) lsass.exe
70000000[00019000]
[ M] 73. c:\program files\rising\rfw\ijt_base.dll
75000000[0000F000]
[ M] 74. c:\program files\rising\rfw\olemon.dll
+ 00000298(664) QQDownload.exe
00400000[0015B000]
[AM] 51. d:\game\qqdownload\qqdownload.exe
60000000[00074000]
[AM] 62. c:\windows\system32\kmon.dll
70000000[00019000]
[ M] 73. c:\program files\rising\rfw\ijt_base.dll
75000000[0000F000]
[ M] 74. c:\program files\rising\rfw\olemon.dll
10000000[00029000]
[AM] 41. c:\program files\360safe\safemon\safemon.dll
01D30000[00203000]
[ M] 77. d:\game\qqdownload\xmain.dll
030D0000[0005D000]
[ M] 78. d:\game\qqdownload\xcore.dll
02FF0000[00028000]
[ M] 79. c:\program files\rising\rav\ravscrch.dll
72C80000[00008000]
[ M] 71. c:\windows\system32\msacm32.drv
00D40000[0002D000]
[ M] 72. c:\program files\tencent\ssplus\splus.dll
72C60000[00007000]
[ M] 80. c:\windows\system32\msadp32.acm
038B0000[0001C000]
[AM] 50. c:\windows\system32\ravext.dll
+ 00000304(772) AgentSvr.exe
60000000[00074000]
[AM] 62. c:\windows\system32\kmon.dll
10000000[0002E000]
[ M] 81. c:\program files\rising\antispyware\comx3.dll
00810000[00019000]
[ M] 82. c:\program files\rising\antispyware\syslay.dll
70000000[00019000]
[ M] 73. c:\program files\rising\rfw\ijt_base.dll
75000000[0000F000]
[ M] 74. c:\program files\rising\rfw\olemon.dll
008F0000[0002D000]
[ M] 72. c:\program files\tencent\ssplus\splus.dll
00A10000[00029000]
[AM] 41. c:\program files\360safe\safemon\safemon.dll
72C80000[00008000]
[ M] 71. c:\windows\system32\msacm32.drv
+ 0000030c(780) svchost.exe
70000000[00019000]
[ M] 73. c:\program files\rising\rfw\ijt_base.dll
75000000[0000F000]
[ M] 74. c:\program files\rising\rfw\olemon.dll
+ 00000354(852) svchost.exe
70000000[00019000]
[ M] 73. c:\program files\rising\rfw\ijt_base.dll
75000000[0000F000]
[ M] 74. c:\program files\rising\rfw\olemon.dll
+ 0000037c(892) rundll32.exe
60000000[00074000]
[AM] 62. c:\windows\system32\kmon.dll
10000000[0002E000]
[ M] 81. c:\program files\rising\antispyware\comx3.dll
00A20000[00019000]
[ M] 82. c:\program files\rising\antispyware\syslay.dll
70000000[00019000]
[ M] 73. c:\program files\rising\rfw\ijt_base.dll
75000000[0000F000]
[ M] 74. c:\program files\rising\rfw\olemon.dll
00AE0000[0002D000]
[ M] 72. c:\program files\tencent\ssplus\splus.dll
00CF0000[00029000]
[AM] 41. c:\program files\360safe\safemon\safemon.dll
+ 0000038c(908) AntiArp.exe
00400000[00074000]
[ M] 83. c:\program files\360safe\antiarp\antiarp.exe
60000000[00074000]
[AM] 62. c:\windows\system32\kmon.dll
70000000[00019000]
[ M] 73. c:\program files\rising\rfw\ijt_base.dll
75000000[0000F000]
[ M] 74. c:\program files\rising\rfw\olemon.dll
10000000[00029000]
[AM] 41. c:\program files\360safe\safemon\safemon.dll
00AD0000[0002D000]
[ M] 72. c:\program files\tencent\ssplus\splus.dll
+ 000003a8(936) CCenter.exe
00400000[0002A000]
[AM] 5. c:\program files\rising\rav\ccenter.exe
70000000[00019000]
[ M] 73. c:\program files\rising\rfw\ijt_base.dll
75000000[0000F000]
[ M] 74. c:\program files\rising\rfw\olemon.dll
+ 000003bc(956) svchost.exe
70000000[00019000]
[ M] 73. c:\program files\rising\rfw\ijt_base.dll
75000000[0000F000]
[ M] 74. c:\program files\rising\rfw\olemon.dll
50E60000[0000C000]
[ M] 84. c:\windows\system32\wups2.dll
10000000[00028000]
[ M] 79. c:\program files\rising\rav\ravscrch.dll
+ 000003f0(1008) rstray.exe
00400000[00023000]
[AM] 57. c:\program files\rising\antispyware\rstray.exe
60000000[00074000]
[AM] 62. c:\windows\system32\kmon.dll
10000000[0003C000]
[ M] 85. c:\program files\rising\antispyware\rsmginfo.dll
00AD0000[00029000]
[AM] 41. c:\program files\360safe\safemon\safemon.dll
23800000[00022000]
[ M] 86. c:\program files\rising\antispyware\rsxml.dll
7C3A0000[0007B000]
[ M] 87. c:\program files\rising\antispyware\msvcp71.dll
7C340000[00056000]
[ M] 88. c:\program files\rising\antispyware\msvcr71.dll
00BE0000[00024000]
[ M] 89. c:\program files\rising\antispyware\comserv.dll
00C10000[00019000]
[ M] 82. c:\program files\rising\antispyware\syslay.dll
23700000[00026000]
[ M] 90. c:\program files\rising\antispyware\rscommon.dll
00C50000[0002E000]
[ M] 81. c:\program files\rising\antispyware\comx3.dll
23900000[00040000]
[ M] 91. c:\program files\rising\antispyware\pngdll.dll
01060000[0005C000]
[ M] 92. c:\program files\rising\antispyware\runiep.dll
010D0000[0001F000]
[ M] 69. c:\program files\rising\rav\proccom.dll
010F0000[00024000]
[ M] 70. c:\program files\rising\rav\rscommx2.dll
02520000[0001C000]
[AM] 50. c:\windows\system32\ravext.dll
00B00000[0002D000]
[ M] 72. c:\program files\tencent\ssplus\splus.dll
+ 000003f4(1012) RavTask.exe
00400000[00034000]
[AM] 56. c:\program files\rising\rav\ravtask.exe
10000000[0001F000]
[ M] 69. c:\program files\rising\rav\proccom.dll
用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; QQDownload 1.7)
天涯剑1992 - 2008-8-13 15:45:00
00940000[00024000]
[ M] 70. c:\program files\rising\rav\rscommx2.dll
23700000[00028000]
[ M] 93. c:\program files\rising\rav\rscommon.dll
00BA0000[0000E000]
[ M] 94. c:\program files\rising\rav\rsappmgr.dll
08BC0000[00030000]
[ M] 95. c:\program files\rising\rav\cfgdll.dll
+ 00000408(1032) svchost.exe
70000000[00019000]
[ M] 73. c:\program files\rising\rfw\ijt_base.dll
75000000[0000F000]
[ M] 74. c:\program files\rising\rfw\olemon.dll
+ 00000410(1040) Ravmon.exe
00400000[00067000]
[ M] 96. c:\program files\rising\rav\ravmon.exe
7C140000[00103000]
[ M] 66. c:\windows\system32\mfc71.dll
7C340000[00056000]
[ M] 67. c:\windows\system32\msvcr71.dll
7C3A0000[0007B000]
[ M] 68. c:\windows\system32\msvcp71.dll
10000000[0001F000]
[ M] 69. c:\program files\rising\rav\proccom.dll
00A30000[00024000]
[ M] 70. c:\program files\rising\rav\rscommx2.dll
23700000[00028000]
[ M] 93. c:\program files\rising\rav\rscommon.dll
00C80000[00035000]
[ M] 97. c:\program files\rising\rav\recomp.dll
00CD0000[00036000]
[ M] 98. c:\program files\rising\rav\refs.dll
00F30000[0002F000]
[ M] 99. c:\program files\rising\rav\viruslib.dll
01070000[00028000]
[ M] 100. c:\program files\rising\rav\relibldr.dll
010F0000[0000E000]
[ M] 94. c:\program files\rising\rav\rsappmgr.dll
01110000[00030000]
[ M] 95. c:\program files\rising\rav\cfgdll.dll
01270000[00075000]
[ M] 101. c:\program files\rising\rav\monrule.dll
23900000[00040000]
[ M] 102. c:\program files\rising\rav\pngdll.dll
26600000[000A8000]
[ M] 103. c:\program files\rising\rav\rsguilib.dll
23800000[00022000]
[ M] 104. c:\program files\rising\rav\rsxml.dll
+ 00000428(1064) wuauclt.exe
60000000[00074000]
[AM] 62. c:\windows\system32\kmon.dll
10000000[0002E000]
[ M] 81. c:\program files\rising\antispyware\comx3.dll
003D0000[00019000]
[ M] 82. c:\program files\rising\antispyware\syslay.dll
70000000[00019000]
[ M] 73. c:\program files\rising\rfw\ijt_base.dll
75000000[0000F000]
[ M] 74. c:\program files\rising\rfw\olemon.dll
00BA0000[00029000]
[AM] 41. c:\program files\360safe\safemon\safemon.dll
00BD0000[0002D000]
[ M] 105. c:\program files\tencent\ssplus\splus1.dll
50E60000[0000C000]
[ M] 84. c:\windows\system32\wups2.dll
+ 00000450(1104) ctfmon.exe
60000000[00074000]
[AM] 62. c:\windows\system32\kmon.dll
70000000[00019000]
[ M] 73. c:\program files\rising\rfw\ijt_base.dll
75000000[0000F000]
[ M] 74. c:\program files\rising\rfw\olemon.dll
10000000[00029000]
[AM] 41. c:\program files\360safe\safemon\safemon.dll
00A80000[0002D000]
[ M] 72. c:\program files\tencent\ssplus\splus.dll
+ 0000045c(1116) svchost.exe
70000000[00019000]
[ M] 73. c:\program files\rising\rfw\ijt_base.dll
75000000[0000F000]
[ M] 74. c:\program files\rising\rfw\olemon.dll
+ 000004a0(1184) ravmond.exe
00400000[00069000]
[AM] 6. c:\program files\rising\rav\ravmond.exe
10000000[00042000]
[ M] 106. c:\program files\rising\rav\bwlist.dll
7C140000[00103000]
[ M] 66. c:\windows\system32\mfc71.dll
7C340000[00056000]
[ M] 67. c:\windows\system32\msvcr71.dll
7C3A0000[0007B000]
[ M] 68. c:\windows\system32\msvcp71.dll
00A70000[0000E000]
[ M] 94. c:\program files\rising\rav\rsappmgr.dll
00A90000[00030000]
[ M] 95. c:\program files\rising\rav\cfgdll.dll
00D00000[00067000]
[ M] 107. c:\program files\rising\rav\rslog.dll
00D70000[0001F000]
[ M] 69. c:\program files\rising\rav\proccom.dll
00D90000[00024000]
[ M] 70. c:\program files\rising\rav\rscommx2.dll
00DE0000[00075000]
[ M] 101. c:\program files\rising\rav\monrule.dll
00E70000[00013000]
[ M] 108. c:\program files\rising\rav\hooksys.dll
70000000[00019000]
[ M] 73. c:\program files\rising\rfw\ijt_base.dll
75000000[0000F000]
[ M] 74. c:\program files\rising\rfw\olemon.dll
00FE0000[00013000]
[ M] 109. c:\program files\rising\rav\hookreg.dll
01040000[00013000]
[ M] 110. c:\program files\rising\rav\hookntos.dll
010A0000[0001D000]
[ M] 111. c:\program files\rising\rav\rswalmon.dll
01F00000[00035000]
[ M] 97. c:\program files\rising\rav\recomp.dll
01F40000[00036000]
[ M] 98. c:\program files\rising\rav\refs.dll
01F90000[00023000]
[ M] 112. c:\program files\rising\rav\ffr.dll
01FD0000[00020000]
[ M] 113. c:\program files\rising\rav\rsstore.dll
02000000[00013000]
[ M] 114. c:\program files\rising\rav\hookcont.dll
02030000[00028000]
[ M] 115. c:\program files\rising\rav\fakescan.dll
02070000[00022000]
[ M] 116. c:\program files\rising\rav\scanner.dll
026B0000[0002F000]
[ M] 99. c:\program files\rising\rav\viruslib.dll
027F0000[00028000]
[ M] 100. c:\program files\rising\rav\relibldr.dll
02F20000[00012000]
[ M] 117. c:\program files\rising\rav\hookweb.dll
03ED0000[00021000]
[ M] 118. c:\program files\rising\rav\nvfile.dll
13AB0000[0004A000]
[ M] 119. c:\program files\rising\rav\scanexec.dll
05F10000[002DC000]
[ M] 120. c:\program files\rising\rav\unexe.dll
061F0000[000D3000]
[ M] 121. c:\program files\rising\rav\scanex.dll
06670000[00027000]
[ M] 122. c:\program files\rising\rav\pearc.dll
099D0000[000DC000]
[ M] 123. c:\program files\rising\rav\extfile.dll
067C0000[00036000]
[ M] 124. c:\program files\rising\rav\scanpack.dll
06810000[000B7000]
[ M] 125. c:\program files\rising\rav\revm.dll
06A00000[00020000]
[ M] 126. c:\program files\rising\rav\urutils.dll
077F0000[00018000]
[ M] 127. c:\program files\rising\rav\ur000.dat
02C10000[00038000]
[ M] 128. c:\program files\rising\rav\scriptci.dll
02C60000[00017000]
[ M] 129. c:\program files\rising\rav\ur023.dat
04F30000[000F3000]
[ M] 130. c:\program files\rising\rav\uroutine.dll
02CA0000[0001D000]
[ M] 131. c:\program files\rising\rav\ur001.dat
02CD0000[00023000]
[ M] 132. c:\program files\rising\rav\scansct.dll
068D0000[00045000]
[ M] 133. c:\program files\rising\rav\extole.dll
14210000[00038000]
[ M] 134. c:\program files\rising\rav\extmail.dll
+ 000004b4(1204) rfwsrv.exe
00400000[00037000]
[AM] 4. c:\program files\rising\rfw\rfwsrv.exe
7C140000[00103000]
[ M] 66. c:\windows\system32\mfc71.dll
7C340000[00056000]
[ M] 67. c:\windows\system32\msvcr71.dll
7C3A0000[0007B000]
[ M] 68. c:\windows\system32\msvcp71.dll
60000000[00074000]
[AM] 62. c:\windows\system32\kmon.dll
10000000[0001F000]
[ M] 135. c:\program files\rising\rfw\proccom.dll
007C0000[00024000]
[ M] 136. c:\program files\rising\rfw\rscommx2.dll
00810000[0000E000]
[ M] 137. c:\program files\rising\rfw\rsappmgr.dll
00830000[00030000]
[ M] 138. c:\program files\rising\rfw\cfgdll.dll
00B50000[0000F000]
[ M] 139. c:\program files\rising\rfw\rfwrule.dll
00B60000[0000C000]
[ M] 140. c:\program files\rising\rfw\rfwlog.dll
00B70000[00018000]
[ M] 141. c:\program files\rising\rfw\rfwdrv.dll
00B90000[0000E000]
[ M] 142. c:\program files\rising\rfw\ijt_ctrl.dll
70000000[00019000]
[ M] 73. c:\program files\rising\rfw\ijt_base.dll
75000000[0000F000]
[ M] 74. c:\program files\rising\rfw\olemon.dll
00BC0000[00016000]
[ M] 143. c:\program files\rising\rfw\unvdet.dll
00C10000[0001B000]
[ M] 144. c:\program files\rising\rfw\mports.dll
+ 000004ec(1260) rfwProxy.exe
00400000[00236000]
[AM] 3. c:\program files\rising\rfw\rfwproxy.exe
7C140000[00103000]
[ M] 66. c:\windows\system32\mfc71.dll
7C340000[00056000]
[ M] 67. c:\windows\system32\msvcr71.dll
60000000[00074000]
[AM] 62. c:\windows\system32\kmon.dll
10000000[0001F000]
[ M] 135. c:\program files\rising\rfw\proccom.dll
009D0000[00024000]
[ M] 136. c:\program files\rising\rfw\rscommx2.dll
00A10000[0000F000]
[ M] 139. c:\program files\rising\rfw\rfwrule.dll
00A20000[00011000]
[ M] 145. c:\program files\rising\rfw\urlrule.dll
70000000[00019000]
[ M] 73. c:\program files\rising\rfw\ijt_base.dll
75000000[0000F000]
[ M] 74. c:\program files\rising\rfw\olemon.dll
011C0000[00016000]
[ M] 146. c:\program files\rising\rfw\monmid.dll
+ 00000600(1536) Explorer.EXE
60000000[00074000]
[AM] 62. c:\windows\system32\kmon.dll
70000000[00019000]
[ M] 73. c:\program files\rising\rfw\ijt_base.dll
75000000[0000F000]
[ M] 74. c:\program files\rising\rfw\olemon.dll
72C80000[00008000]
[ M] 71. c:\windows\system32\msacm32.drv
020D0000[00029000]
[AM] 41. c:\program files\360safe\safemon\safemon.dll
10000000[0001C000]
[AM] 50. c:\windows\system32\ravext.dll
01AB0000[0002D000]
[ M] 72. c:\program files\tencent\ssplus\splus.dll
03760000[0002C000]
[AM] 38. d:\program files\thunder network\thunder\comdlls\tdatonce_now.dll
03790000[00031000]
[AM] 39. d:\program files\thunder network\thunder\comdlls\xunleibho_now.dll
24070000[0000E000]
[ M] 147. d:\program files\thunder network\thunder\components\resworker\dsbho_00.dll
天涯剑1992 - 2008-8-13 15:46:00
24020000[0001E000]
[ M] 148. d:\program files\thunder network\thunder\components\resworker\dataprocessor_00.dll
23700000[00028000]
[ M] 93. c:\program files\rising\rav\rscommon.dll
+ 00000614(1556) rfwstub.exe
00400000[00017000]
[ M] 149. c:\program files\rising\rfw\rfwstub.exe
7C3A0000[0007B000]
[ M] 68. c:\windows\system32\msvcp71.dll
7C340000[00056000]
[ M] 67. c:\windows\system32\msvcr71.dll
60000000[00074000]
[AM] 62. c:\windows\system32\kmon.dll
23700000[00028000]
[ M] 150. c:\program files\rising\rfw\rscommon.dll
70000000[00019000]
[ M] 73. c:\program files\rising\rfw\ijt_base.dll
75000000[0000F000]
[ M] 74. c:\program files\rising\rfw\olemon.dll
+ 000006cc(1740) spoolsv.exe
70000000[00019000]
[ M] 73. c:\program files\rising\rfw\ijt_base.dll
75000000[0000F000]
[ M] 74. c:\program files\rising\rfw\olemon.dll
00A10000[00008000]
[AM] 63. c:\windows\system32\mdimon.dll
00A20000[00008000]
[ M] 151. c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll
+ 00000788(1928) RavStub.exe
00400000[00021000]
[ M] 152. c:\program files\rising\rav\ravstub.exe
10000000[0001F000]
[ M] 69. c:\program files\rising\rav\proccom.dll
00620000[00024000]
[ M] 70. c:\program files\rising\rav\rscommx2.dll
23700000[00028000]
[ M] 93. c:\program files\rising\rav\rscommon.dll
70000000[00019000]
[ M] 73. c:\program files\rising\rfw\ijt_base.dll
75000000[0000F000]
[ M] 74. c:\program files\rising\rfw\olemon.dll
+ 000007a8(1960) RfwMain.exe
00400000[00092000]
[AM] 53. c:\program files\rising\rfw\rfwmain.exe
7C140000[00103000]
[ M] 66. c:\windows\system32\mfc71.dll
7C340000[00056000]
[ M] 67. c:\windows\system32\msvcr71.dll
7C3A0000[0007B000]
[ M] 68. c:\windows\system32\msvcp71.dll
26600000[000A8000]
[ M] 153. c:\program files\rising\rfw\rsguilib.dll
10000000[0001F000]
[ M] 135. c:\program files\rising\rfw\proccom.dll
00A60000[00024000]
[ M] 136. c:\program files\rising\rfw\rscommx2.dll
00BA0000[0000E000]
[ M] 137. c:\program files\rising\rfw\rsappmgr.dll
00BC0000[00030000]
[ M] 138. c:\program files\rising\rfw\cfgdll.dll
23700000[00028000]
[ M] 150. c:\program files\rising\rfw\rscommon.dll
00E10000[00014000]
[ M] 154. c:\program files\rising\rfw\rfwctrl.dll
23800000[00022000]
[ M] 155. c:\program files\rising\rfw\rsxml.dll
23900000[00040000]
[ M] 156. c:\program files\rising\rfw\pngdll.dll
70000000[00019000]
[ M] 73. c:\program files\rising\rfw\ijt_base.dll
75000000[0000F000]
[ M] 74. c:\program files\rising\rfw\olemon.dll
01300000[0000F000]
[ M] 139. c:\program files\rising\rfw\rfwrule.dll
+ 0000099c(2460) stormliv.exe
00400000[00077000]
[ M] 157. c:\program files\stormii\stormliv.exe
75FF0000[00065000]
[ M] 158. c:\program files\stormii\msvcp60.dll
60000000[00074000]
[AM] 62. c:\windows\system32\kmon.dll
01E20000[0000D000]
[AM] 44. c:\program files\common files\microsoft shared\office11\msoxmlmf.dll
+ 00000ab4(2740) msrv.exe
00400000[0002D000]
[AM] 8. c:\program files\uitv\uiplayer\msrv.exe
60000000[00074000]
[AM] 62. c:\windows\system32\kmon.dll
10000000[0002E000]
[ M] 81. c:\program files\rising\antispyware\comx3.dll
00730000[00019000]
[ M] 82. c:\program files\rising\antispyware\syslay.dll
00950000[00115000]
[ M] 159. c:\program files\uitv\uiplayer\uiplay.dll
+ 00000b2c(2860) iexplore.exe
60000000[00074000]
[AM] 62. c:\windows\system32\kmon.dll
10000000[0002E000]
[ M] 81. c:\program files\rising\antispyware\comx3.dll
00920000[00019000]
[ M] 82. c:\program files\rising\antispyware\syslay.dll
70000000[00019000]
[ M] 73. c:\program files\rising\rfw\ijt_base.dll
75000000[0000F000]
[ M] 74. c:\program files\rising\rfw\olemon.dll
00B30000[0002D000]
[ M] 72. c:\program files\tencent\ssplus\splus.dll
00BB0000[00047000]
[AM] 36. c:\program files\tencent\ssplus\saddr.dll
00ED0000[00029000]
[AM] 41. c:\program files\360safe\safemon\safemon.dll
01450000[000D7000]
[AM] 35. c:\program files\tencent\qqtoolbar\iebar.dll
02000000[000D7000]
[ M] 160. c:\documents and settings\administrator\application data\tencent\qqtoolbar\buttons\toolbar.dll
02110000[00018000]
[ M] 161. c:\documents and settings\administrator\application data\tencent\qqtoolbar\buttons\tbaddr.dll
02170000[00014000]
[ M] 162. c:\documents and settings\administrator\application data\tencent\qqtoolbar\buttons\qqmail.dll
021A0000[00036000]
[ M] 163. c:\documents and settings\administrator\application data\tencent\qqtoolbar\buttons\shuqian.dll
021F0000[00013000]
[ M] 164. c:\documents and settings\administrator\application data\tencent\qqtoolbar\buttons\wenwen.dll
02230000[00021000]
[ M] 165. c:\documents and settings\administrator\application data\tencent\qqtoolbar\buttons\weather.dll
02260000[00018000]
[ M] 166. c:\documents and settings\administrator\application data\tencent\qqtoolbar\buttons\popupblocker.dll
02290000[0000B000]
[ M] 167. c:\documents and settings\administrator\application data\tencent\qqtoolbar\buttons\highlight.dll
022B0000[0000B000]
[ M] 168. c:\documents and settings\administrator\application data\tencent\qqtoolbar\buttons\qqdoctor.dll
022D0000[00027000]
[ M] 169. c:\documents and settings\administrator\application data\tencent\qqtoolbar\buttons\musicbox.dll
02220000[00009000]
[ M] 170. c:\documents and settings\administrator\application data\tencent\qqtoolbar\buttons\schedule.dll
02330000[00019000]
[ M] 171. c:\documents and settings\administrator\application data\tencent\qqtoolbar\buttons\hot.dll
02380000[00032000]
[AM] 37. d:\game\qqdownload\qqiehelper01.dll
024D0000[0002C000]
[AM] 38. d:\program files\thunder network\thunder\comdlls\tdatonce_now.dll
02710000[00031000]
[AM] 39. d:\program files\thunder network\thunder\comdlls\xunleibho_now.dll
24070000[0000E000]
[ M] 147. d:\program files\thunder network\thunder\components\resworker\dsbho_00.dll
24020000[0001E000]
[ M] 148. d:\program files\thunder network\thunder\components\resworker\dataprocessor_00.dll
027B0000[00018000]
[AM] 40. c:\windows\system32\urlfilter.dll
027E0000[00011000]
[ M] 172. c:\program files\rising\antispyware\urlrule.dll
325C0000[00012000]
[AM] 48. c:\program files\microsoft office\office11\msohev.dll
03590000[00028000]
[ M] 79. c:\program files\rising\rav\ravscrch.dll
72C80000[00008000]
[ M] 71. c:\windows\system32\msacm32.drv
30000000[003AF000]
[ M] 173. c:\windows\system32\macromed\flash\flash9f.ocx
+ 00000bd0(3024) Ras.exe
00400000[0000B000]
[ M] 174. c:\program files\rising\antispyware\ras.exe
7C140000[00103000]
[ M] 175. c:\program files\rising\antispyware\mfc71.dll
7C340000[00056000]
[ M] 88. c:\program files\rising\antispyware\msvcr71.dll
10000000[00047000]
[ M] 176. c:\program files\rising\antispyware\kakamgr.dll
7C3A0000[0007B000]
[ M] 87. c:\program files\rising\antispyware\msvcp71.dll
00A50000[00019000]
[ M] 82. c:\program files\rising\antispyware\syslay.dll
00A80000[0001F000]
[ M] 69. c:\program files\rising\rav\proccom.dll
00AA0000[00024000]
[ M] 70. c:\program files\rising\rav\rscommx2.dll
00BF0000[0002E000]
[ M] 81. c:\program files\rising\antispyware\comx3.dll
00E60000[00058000]
[ M] 177. c:\program files\rising\antispyware\dbmgr.dll
23800000[00022000]
[ M] 86. c:\program files\rising\antispyware\rsxml.dll
00FC0000[0002D000]
[ M] 178. c:\program files\rising\antispyware\pweb.dll
01030000[000C1000]
[ M] 179. c:\program files\rising\antispyware\pscan.dll
01100000[0002F000]
[ M] 180. c:\program files\rising\antispyware\ncomm.dll
01150000[00070000]
[ M] 181. c:\program files\rising\antispyware\pset.dll
011E0000[0002A000]
[ M] 182. c:\program files\rising\antispyware\pdefend.dll
01270000[000B6000]
[ M] 183. c:\program files\rising\antispyware\ptools.dll
01430000[0008C000]
[ M] 184. c:\program files\rising\antispyware\psysinfo.dll
01240000[0001C000]
[AM] 50. c:\windows\system32\ravext.dll
23900000[00040000]
[ M] 91. c:\program files\rising\antispyware\pngdll.dll
031B0000[00028000]
[ M] 79. c:\program files\rising\rav\ravscrch.dll
30000000[003AF000]
[ M] 173. c:\windows\system32\macromed\flash\flash9f.ocx
72C80000[00008000]
[ M] 71. c:\windows\system32\msacm32.drv
052B0000[00085000]
[ M] 185. c:\program files\rising\antispyware\kengine.dll
05340000[00045000]
[ M] 186. c:\program files\rising\antispyware\posttrt.dll
05590000[00010000]
[ M] 187. c:\program files\rising\antispyware\kscanex.dll
055B0000[0002F000]
[ M] 188. c:\program files\rising\antispyware\engine.dll
055F0000[00033000]
[ M] 189. c:\program files\rising\antispyware\rsdialog.dll
02EB0000[0000F000]
[ M] 190. c:\program files\rising\antispyware\zip.dll
06870000[00047000]
[AM] 36. c:\program files\tencent\ssplus\saddr.dll
+ 00000be8(3048) zdsj.exe
00400000[000B2000]
[ M] 191. c:\同花顺核新\zdsj.exe
60000000[00074000]
[AM] 62. c:\windows\system32\kmon.dll
10000000[0002E000]
[ M] 81. c:\program files\rising\antispyware\comx3.dll
00AA0000[00019000]
[ M] 82. c:\program files\rising\antispyware\syslay.dll
70000000[00019000]
[ M] 73. c:\program files\rising\rfw\ijt_base.dll
75000000[0000F000]
[ M] 74. c:\program files\rising\rfw\olemon.dll
00BD0000[00076000]
[ M] 192. c:\同花顺核新\riched20.dll
00C90000[00029000]
[AM] 41. c:\program files\360safe\safemon\safemon.dll
00CC0000[0002D000]
[ M] 72. c:\program files\tencent\ssplus\splus.dll
+ 00000ccc(3276) Sevcha.exe
00400000[00099000]
[ M] 193. c:\program files\common files\wincba\sevcha.exe
60000000[00074000]
[AM] 62. c:\windows\system32\kmon.dll
10000000[0002E000]
[ M] 81. c:\program files\rising\antispyware\comx3.dll
00990000[00019000]
[ M] 82. c:\program files\rising\antispyware\syslay.dll
00BF0000[00029000]
[AM] 41. c:\program files\360safe\safemon\safemon.dll
00C30000[0002D000]
[ M] 72. c:\program files\tencent\ssplus\splus.dll
+ 00000e74(3700) knownsvr.exe
00400000[00072000]
[ M] 194. c:\program files\rising\antispyware\knownsvr.exe
10000000[0002F000]
[ M] 180. c:\program files\rising\antispyware\ncomm.dll
60000000[00074000]
[AM] 62. c:\windows\system32\kmon.dll
009A0000[0002E000]
[ M] 81. c:\program files\rising\antispyware\comx3.dll
009D0000[00019000]
[ M] 82. c:\program files\rising\antispyware\syslay.dll
010B0000[0002D000]
[ M] 72. c:\program files\tencent\ssplus\splus.dll
01170000[00029000]
[AM] 41. c:\program files\360safe\safemon\safemon.dll
+ 00000e90(3728) alg.exe
60000000[00074000]
[AM] 62. c:\windows\system32\kmon.dll
10000000[0002E000]
[ M] 81. c:\program files\rising\antispyware\comx3.dll
00710000[00019000]
[ M] 82. c:\program files\rising\antispyware\syslay.dll
+ 00000f70(3952) 360hotfix.exe
00400000[0006F000]
[ M] 195. c:\program files\360safe\360hotfix.exe
60000000[00074000]
[AM] 62. c:\windows\system32\kmon.dll
10000000[0002E000]
[ M] 81. c:\program files\rising\antispyware\comx3.dll
00A30000[00019000]
[ M] 82. c:\program files\rising\antispyware\syslay.dll
70000000[00019000]
[ M] 73. c:\program files\rising\rfw\ijt_base.dll
75000000[0000F000]
[ M] 74. c:\program files\rising\rfw\olemon.dll
00B90000[00029000]
[AM] 41. c:\program files\360safe\safemon\safemon.dll
36200000[0003C000]
[ M] 196. c:\program files\360safe\leakcheck.dll
00BD0000[0002D000]
[ M] 72. c:\program files\tencent\ssplus\splus.dll
© 2000 - 2024 Rising Corp. Ltd.