瑞星卡卡电脑诊断日志 v1.30 (2008-5-3 19:49:27) 北京瑞星科技股份有限公司 注释: [A]表示该文件存在自启动关联; [M]表示该文件在内存中; + 注册表自运行项目 + 系统服务 + HKLM\System\CurrentControlSet\Services Ati HotKey Poller [AM] 1. c:\windows\system32\ati2evxx.exe ATI Technologies Inc. ATI External Event Utility EXE Module .text,.rdata,.data,.rsrc, AVP [A ] 2. c:\program files\kaspersky lab\kaspersky anti-virus 6.0\avp.exe Kaspersky Lab Kaspersky Anti-Virus .text,.rdata,.data,.rsrc,.reloc, gusvc [A ] 3. c:\program files\google\common\google updater\googleupdaterservice.exe Google gusvc .text,.rdata,.data,.rsrc, ose [A ] 4. c:\program files\common files\microsoft shared\source engine\ose.exe Microsoft Corporation Office Source Engine .text,.data,.rsrc, UMWdf [AM] 5. c:\windows\system32\wdfmgr.exe Microsoft Corporation Windows User Mode Driver Manager .text,.data,.rsrc, + 内核驱动 + HKLM\System\CurrentControlSet\Services 0072930e [A ] 6. c:\windows\system32\drivers\0072930e.sys .text,.rdata,.data,INIT,.reloc, 100133 [A ] 7. c:\windows\system32\drivers\100133.sys 34w63ljb [A ] 8. c:\windows\system32\drivers\34w63ljb.sys 360AntiArp [A ] 9. c:\windows\system32\drivers\360antiarp.sys 360安全中心 360AntiARP .text,.rdata,.data,INIT,.rsrc,.reloc, 93m397p [A ] 10. c:\windows\system32\drivers\93m397p.sys ALCXWDM [A ] 11. c:\windows\system32\drivers\alcxwdm.sys Realtek Semiconductor Corp. Realtek AC'97 Audio Driver (WDM) .text,CODE,.rdata,.data,.data1,PAGE,INIT,.rsrc,.reloc, AmdK8 [A ] 12. c:\windows\system32\drivers\amdk8.sys Advanced Micro Devices AMD Processor Driver .text,.rdata,.data,PAGE,PAGELK,INIT,.rsrc,.reloc, AsyncMac [A ] 13. c:\windows\system32\drivers\msconkt.sys ATSpy [A ] 14. c:\windows\system32\atspy.sys CCDECODE [A ] 13. c:\windows\system32\drivers\msconkt.sys fekdlh04 [A ] 15. c:\windows\system32\\drivers\\fekdlh04.sys kl1 [A ] 16. c:\windows\system32\drivers\kl1.sys Kaspersky Lab Kaspersky Unified Driver .text,.data,INIT,.rsrc,.reloc, klif [A ] 17. c:\windows\system32\drivers\klif.sys Kaspersky Lab spuper-ptor .text,.data,.user,INIT,.rsrc,.reloc, ngaw20 [A ] 18. c:\windows\system32\drivers\ngaw20.sys nxdz [A ] 19. c:\windows\system32\drivers\nxdz.sys pmp8 [A ] 20. c:\windows\system32\drivers\pmp8.sys RsAntiSpyware [A ] 21. c:\windows\system32\drivers\rsboot.sys Beijing Rising Technology Co., Ltd. Anti-RootKit Driver .text,.rdata,.data,INIT,.rsrc,.reloc, RTL8023xp [A ] 22. c:\windows\system32\drivers\rtnicxp.sys Realtek Semiconductor Corporation Realtek 10/100/1000 NDIS 5.1 Driver .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, SafeBoxKrnl [A ] 23. c:\program files\360safebox\safeboxkrnl.sys 360安全中心 360安全卫士 - 保险箱 .text,.rdata,.data,INIT,.rsrc,.reloc, Secdrv [A ] 24. c:\windows\system32\drivers\secdrv.sys Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. Macrovision SECURITY Driver .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, TesSafe [A ] 25. c:\windows\system32\tessafe.sys TENCENT TesSafe NT Driver .text,.rdata,.data,INIT,.rsrc,.reloc, + 系统登陆自运行 + HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify AtiExtEvent [AM] 26. c:\windows\system32\ati2evxx.dll ATI Technologies Inc. ATI External Event Utility DLL Module .text,.rdata,.data,.rsrc,.reloc, klogon [AM] 27. c:\windows\system32\klogon.dll Kaspersky Lab Logon Visualizer .text,.rdata,.data,.rsrc,.reloc, WgaLogon [AM] 28. c:\windows\system32\wgalogon.dll Microsoft Corporation Windows 正版增值计划通知 .text,.data,.rsrc,.reloc, + IE浏览器加载模块 + HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar {29CF293A-1E7D-4069-9E11-E39698D0AF95} [A ] 29. c:\program files\tencent\qqtoolbar\iebar.dll TENCENT QQ工具栏 .text,.rdata,.data,.toolbar,.rsrc,.reloc, {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} [A ] 30. c:\windows\system32\kakatool.dll Beijing Rising Technology Co., Ltd. Rising AntiSpyware Toolbar .text,.rdata,.data,MonitorS,.rsrc,.reloc, + HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} [A ] 31. c:\program files\tencent\ssplus\saddr1.dll Tencent .text,.rdata,.data,.rsrc,.reloc, + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects {00000000-12C9-4305-82F9-43058F20E8D2} [A ] 32. c:\program files\tencent\qqdownload\qqiehelper01.dll 腾讯公司 超级旋风下载组件 .text,.rdata,.data,.rsrc,.reloc, {0005A87D-D626-4B3A-84F9-1D9571695F55} [A ] 33. c:\windows\system32\xunleibho_v11.dll Thunder Networking Technologies,LTD xunleibho BHO .text,.rdata,.data,.rsrc,.reloc, {0C7C23EF-A848-485B-873C-0ED954731014} [A ] 31. c:\program files\tencent\ssplus\saddr1.dll Tencent .text,.rdata,.data,.rsrc,.reloc, {29CF293A-1E7D-4069-9E11-E39698D0AF95} [A ] 29. c:\program files\tencent\qqtoolbar\iebar.dll TENCENT QQ工具栏 .text,.rdata,.data,.toolbar,.rsrc,.reloc, {3049C3E9-B461-4BC5-8870-4C09146192CA} [A ] 34. c:\program files\real\realplayer\rpbrowserrecordplugin.dll RealPlayer RealPlayer Download and Record Plugin for Internet Explorer .text,.rdata,.data,.rsrc,.reloc, {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} [A ] 35. c:\documents and settings\administrator\桌面\未使用的桌面快捷方式\新建文件夹 (8)\bitcomet\tools\bitcometbho_1.2.2.28.dll BitComet BitCometBHO .text,.rdata,.data,.rsrc,.reloc, {669751ED-D558-49AE-B01A-3B374CC7910E} [A ] 36. c:\windows\system32\ssup.dll TENCENT SSup .text,.rdata,.data,.rsrc,.reloc, {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [AM] 37. c:\program files\google\googletoolbarnotifier\2.0.301.7164\swg.dll Google Inc. GoogleToolbarNotifier .text,.rdata,.data,.rsrc,.reloc, {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [AM] 38. c:\program files\360safe\safemon\safemon.dll 360.CN 360安全卫士实时保护模块 .text,.rdata,.data,.share,.rsrc,.reloc, + 资源管理器加载模块 + HKLM\SOFTWARE\Classes\PROTOCOLS\Filter text/xml [A ] 39. c:\program files\common files\microsoft shared\office11\msoxmlmf.dll Microsoft Corporation Microsoft Office XML MIME Filter .text,.data,.cdata,.rsrc,.reloc, + HKLM\SOFTWARE\Classes\PROTOCOLS\Handler skype4com [A ] 40. c:\program files\common files\skype\skype4com.dll Skype Technologies Skype for COM API .text,.rdata,.data,.rsrc,.reloc, + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved HyperTerminal Icon Ext [A ] 41. c:\windows\system32\hticons.dll Hilgraeve, Inc. HyperTerminal Applet Library .text,.data,.rsrc,.reloc, WinRAR shell extension [AM] 42. c:\program files\winrar\rarext.dll .text,.data,.tls,.idata,.edata,.rsrc,.reloc, Microsoft Office HTML Icon Handler [A ] 43. c:\program files\microsoft office\office11\msohev.dll Microsoft Corporation Microsoft Office 2003 component .text,.data,.rsrc,.reloc, Web Folders [A ] 44. c:\program files\common files\microsoft shared\web folders\msonsext.dll Microsoft Corporation Microsoft Web Folders .text,.data,.rsrc,.reloc, Portable Media Devices [A ] 45. c:\windows\system32\audiodev.dll Microsoft Corporation 便携媒体设备命令行解释器扩展 .text,.data,.rsrc,.reloc, Portable Media Devices Menu [A ] 45. c:\windows\system32\audiodev.dll Microsoft Corporation 便携媒体设备命令行解释器扩展 .text,.data,.rsrc,.reloc, DllRegShlExt extension [AM] 46. c:\windows\system32\tudouupload.dll www.Tudou.com DLL registration shell extension .text,.rdata,.data,.rsrc,.reloc, Web反病毒统计 [A ] 47. c:\program files\kaspersky lab\kaspersky anti-virus 6.0\scieplugin.dll Kaspersky Lab Script Monitor Internet Explorer plugin .text,.rdata,.data,.rsrc,.reloc, Shell Extensions for RealOne Player [A ] 48. c:\program files\real\realplayer\rpshell.dll RealNetworks, Inc. RealPlayer Shell Extensions .text,.rdata,.data,.rsrc,.reloc, + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks {AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A} [AM] 49. c:\windows\system32\shlhook.dll Beijing Rising Technology Co., Ltd. shlhook Module .text,.rdata,.data,.rsrc,.reloc, + 用户登陆自运行项目 + HKCU\Software\Microsoft\Windows\CurrentVersion\Run eMuleAutoStart [A ] 50. d:\tddownload\emule\emule.exe http://www.emule-project.net eMule .text,.rdata,.data,.rsrc, swg [AM] 51. c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe Google Inc. GoogleToolbarNotifier .text,.rdata,.data,.rsrc, BitComet [A ] 52. c:\documents and settings\administrator\桌面\未使用的桌面快捷方式\新建文件夹 (8)\bitcomet\bitcomet.exe www.BitComet.com BitComet - a BitTorrent Client .text,.rsrc, + HKLM\Software\Microsoft\Windows\CurrentVersion\Run AVP [A ] 2. c:\program files\kaspersky lab\kaspersky anti-virus 6.0\avp.exe Kaspersky Lab Kaspersky Anti-Virus .text,.rdata,.data,.rsrc,.reloc, iResearchiClick [AM] 53. e:\新建文件夹 (5)\iclick\iresearchiclick.exe iResearch iClick 调研通 .text,.rdata,.data,.rsrc, Grid Service [AM] 54. c:\program files\gridservice\peer.exe Mercury Grid Service UPX0,UPX1,.rsrc, TkBellExe [AM] 55. c:\program files\common files\real\update_ob\realsched.exe RealNetworks, Inc. RealNetworks Scheduler .text,.rdata,.data,.rsrc, 360Safebox [A ] 56. c:\program files\360safebox\safeboxtray.exe 360安全中心 360保险箱 .text,.rdata,.data,.rsrc, runeip [AM] 57. d:\新建文件夹 (2)\runiep.exe Beijing Rising Technology Co., Ltd. Rising AntiSpyware Monitor .text,.rdata,.data,.rsrc, + 开机执行 + HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order BootExecute [A ] 58. c:\windows\system32\kknative.exe Beijing Rising Technology Co., Ltd. NativeAp .text,.data,.rsrc,.reloc, + 映像劫持 + HKCR\.html htmlfile\Edit\Command [A ] 59. c:\program files\microsoft office\office11\msohtmed.exe Microsoft Corporation Microsoft Office 2003 component .text,.data,.cdata,.rsrc, htmlfile\Maxthon\Command [A ] 60. c:\documents and settings\administrator\桌面\未使用的桌面快捷方式\新建文件夹 (7)\新建文件夹 (3)\maxthon2\maxthon.exe Maxthon International ltd. Maxthon Browser .text,.rdata,.data,.rsrc,.reloc, htmlfile\open\Command [A ] 60. c:\documents and settings\administrator\桌面\未使用的桌面快捷方式\新建文件夹 (7)\新建文件夹 (3)\maxthon2\maxthon.exe Maxthon International ltd. Maxthon Browser .text,.rdata,.data,.rsrc,.reloc, htmlfile\Print\Command [A ] 59. c:\program files\microsoft office\office11\msohtmed.exe Microsoft Corporation Microsoft Office 2003 component .text,.data,.cdata,.rsrc, + HKCR\.htm htmlfile\Edit\Command [A ] 59. c:\program files\microsoft office\office11\msohtmed.exe Microsoft Corporation Microsoft Office 2003 component .text,.data,.cdata,.rsrc, htmlfile\Maxthon\Command [A ] 60. c:\documents and settings\administrator\桌面\未使用的桌面快捷方式\新建文件夹 (7)\新建文件夹 (3)\maxthon2\maxthon.exe Maxthon International ltd. Maxthon Browser .text,.rdata,.data,.rsrc,.reloc, htmlfile\open\Command [A ] 60. c:\documents and settings\administrator\桌面\未使用的桌面快捷方式\新建文件夹 (7)\新建文件夹 (3)\maxthon2\maxthon.exe Maxthon International ltd. Maxthon Browser .text,.rdata,.data,.rsrc,.reloc, htmlfile\Print\Command [A ] 59. c:\program files\microsoft office\office11\msohtmed.exe Microsoft Corporation Microsoft Office 2003 component .text,.data,.cdata,.rsrc, + HKCR\.mp3 RealPlayer.MP3.6\open\Command [A ] 61. c:\program files\real\realplayer\realplay.exe RealNetworks, Inc. RealPlayer .text,.rdata,.data,.rsrc, + 其他自启动项目 + onlineinstallkb1.exe [A ] 62. c:\onlineinstallkb1.exe Tencent Technology (Shenzhen) Company Limited QQ在线安装 UPX0,UPX1,.rsrc, + C:\Documents and Settings\Administrator\「开始」菜单\程序\启动 腾讯QQ.lnk [A ] 63. c:\program files\tencent\qq\qq.exe TENCENT QQ .text,.rdata,.data,.rsrc, QQ游戏启动加速程序.lnk [A ] 64. c:\program files\tencent\qqgame\accel.exe 深圳市腾讯计算机系统有限公司 QQ游戏 .text,.rdata,.data,.rsrc, + onlineinstallkb1.exe [A ] 62. c:\onlineinstallkb1.exe Tencent Technology (Shenzhen) Company Limited QQ在线安装 UPX0,UPX1,.rsrc, + 正在运行的进程 + 00000090(144) wdfmgr.exe 01000000[0000C000] [AM] 5. c:\windows\system32\wdfmgr.exe Microsoft Corporation Windows User Mode Driver Manager .text,.data,.rsrc, + 000000d8(216) peer.exe 00400000[002B7000] [AM] 54. c:\program files\gridservice\peer.exe Mercury Grid Service UPX0,UPX1,.rsrc, 10000000[0002B000] [ M] 65. c:\program files\tencent\ssplus\splus1.dll TENCENT .text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc, 00D30000[00028000] [AM] 38. c:\program files\360safe\safemon\safemon.dll 360.CN 360安全卫士实时保护模块 .text,.rdata,.data,.share,.rsrc,.reloc, 023B0000[00099000] [ M] 66. c:\windows\system32\googlepinyin.ime Google Inc. 谷歌拼音输入法 1.0 .text,.rdata,.data,.rsrc,.reloc, + 000001cc(460) realsched.exe 00400000[0002F000] [AM] 55. c:\program files\common files\real\update_ob\realsched.exe RealNetworks, Inc. RealNetworks Scheduler .text,.rdata,.data,.rsrc, 10000000[0002B000] [ M] 65. c:\program files\tencent\ssplus\splus1.dll TENCENT .text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc, 00AD0000[00028000] [AM] 38. c:\program files\360safe\safemon\safemon.dll 360.CN 360安全卫士实时保护模块 .text,.rdata,.data,.share,.rsrc,.reloc, 00B10000[00099000] [ M] 66. c:\windows\system32\googlepinyin.ime Google Inc. 谷歌拼音输入法 1.0 .text,.rdata,.data,.rsrc,.reloc, + 00000278(632) smss.exe + 000002b8(696) runiep.exe 00400000[00020000] [AM] 57. d:\新建文件夹 (2)\runiep.exe Beijing Rising Technology Co., Ltd. Rising AntiSpyware Monitor .text,.rdata,.data,.rsrc, 7C140000[00103000] [ M] 67. d:\新建文件夹 (2)\mfc71.dll Microsoft Corporation MFCDLL Shared Library - Retail Version .text,.data,.rsrc,.reloc, 7C340000[00056000] [ M] 68. d:\新建文件夹 (2)\msvcr71.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 5D360000[0000A000] [ M] 69. c:\windows\system32\mfc71chs.dll Microsoft Corporation MFC Language Specific Resources .rsrc,.reloc, 10000000[0002B000] [ M] 65. c:\program files\tencent\ssplus\splus1.dll TENCENT .text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc, 00C70000[00028000] [AM] 38. c:\program files\360safe\safemon\safemon.dll 360.CN 360安全卫士实时保护模块 .text,.rdata,.data,.share,.rsrc,.reloc, 00CC0000[00099000] [ M] 66. c:\windows\system32\googlepinyin.ime Google Inc. 谷歌拼音输入法 1.0 .text,.rdata,.data,.rsrc,.reloc, 033C0000[0001E000] [ M] 70. c:\windows\system32\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, + 000002c8(712) csrss.exe + 000002e4(740) winlogon.exe 10000000[00018000] [AM] 26. c:\windows\system32\ati2evxx.dll ATI Technologies Inc. ATI External Event Utility DLL Module .text,.rdata,.data,.rsrc,.reloc, 01400000[00033000] [AM] 27. c:\windows\system32\klogon.dll Kaspersky Lab Logon Visualizer .text,.rdata,.data,.rsrc,.reloc, 01620000[0003B000] [AM] 28. c:\windows\system32\wgalogon.dll Microsoft Corporation Windows 正版增值计划通知 .text,.data,.rsrc,.reloc, 01A00000[00099000] [ M] 66. c:\windows\system32\googlepinyin.ime Google Inc. 谷歌拼音输入法 1.0 .text,.rdata,.data,.rsrc,.reloc, 72C80000[00008000] [ M] 71. c:\windows\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, + 00000310(784) services.exe + 0000031c(796) lsass.exe + 0000039c(924) ctfmon.exe 10000000[0002B000] [ M] 65. c:\program files\tencent\ssplus\splus1.dll TENCENT .text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc, 00A30000[00028000] [AM] 38. c:\program files\360safe\safemon\safemon.dll 360.CN 360安全卫士实时保护模块 .text,.rdata,.data,.share,.rsrc,.reloc, 00A80000[00099000] [ M] 66. c:\windows\system32\googlepinyin.ime Google Inc. 谷歌拼音输入法 1.0 .text,.rdata,.data,.rsrc,.reloc, + 000003c4(964) Ati2evxx.exe 00400000[0006E000] [AM] 1. c:\windows\system32\ati2evxx.exe ATI Technologies Inc. ATI External Event Utility EXE Module .text,.rdata,.data,.rsrc, 00CA0000[00010000] [ M] 72. c:\windows\system32\ati2edxx.dll ATI Technologies, Inc. ati2edxx .text,.data,.SHAREDS,.rsrc,.reloc, + 000003e4(996) svchost.exe + 0000044c(1100) svchost.exe + 0000048c(1164) GoogleToolbarNotifier.exe 00400000[00013000] [AM] 51. c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe Google Inc. GoogleToolbarNotifier .text,.rdata,.data,.rsrc, 10000000[0002E000] [ M] 73. c:\program files\google\googletoolbarnotifier\2.0.301.7164\gtn.dll Google Inc. GoogleToolbarNotifier .text,.rdata,.data,.rsrc,.reloc, 00B90000[0002B000] [ M] 65. c:\program files\tencent\ssplus\splus1.dll TENCENT .text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc, 00BC0000[00028000] [AM] 38. c:\program files\360safe\safemon\safemon.dll 360.CN 360安全卫士实时保护模块 .text,.rdata,.data,.share,.rsrc,.reloc, 00C00000[0000E000] [ M] 74. c:\program files\google\googletoolbarnotifier\2.0.301.7164\res_zh-cn.dll Google Inc. GoogleToolbarNotifier .rdata,.rsrc,.reloc, 00C10000[00054000] [AM] 37. c:\program files\google\googletoolbarnotifier\2.0.301.7164\swg.dll Google Inc. GoogleToolbarNotifier .text,.rdata,.data,.rsrc,.reloc, 00D90000[00099000] [ M] 66. c:\windows\system32\googlepinyin.ime Google Inc. 谷歌拼音输入法 1.0 .text,.rdata,.data,.rsrc,.reloc, + 000004b0(1200) Ras.exe 00400000[001FF000] [ M] 75. d:\新建文件夹 (2)\ras.exe Beijing Rising Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc, 7C140000[00103000] [ M] 67. d:\新建文件夹 (2)\mfc71.dll Microsoft Corporation MFCDLL Shared Library - Retail Version .text,.data,.rsrc,.reloc, 7C340000[00056000] [ M] 68. d:\新建文件夹 (2)\msvcr71.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 7C3A0000[0007B000] [ M] 76. d:\新建文件夹 (2)\msvcp71.dll Microsoft Corporation Microsoft? C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 10000000[00013000] [ M] 77. d:\新建文件夹 (2)\topsoft.dll Beijing Rising Technology Co., Ltd. Rising AntiSpyware TopSoft .text,.rdata,.data,.rsrc,.reloc, 00370000[00032000] [ M] 78. d:\新建文件夹 (2)\ncomm.dll Beijing Rising Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 5D360000[0000A000] [ M] 69. c:\windows\system32\mfc71chs.dll Microsoft Corporation MFC Language Specific Resources .rsrc,.reloc, 00EF0000[0002B000] [ M] 65. c:\program files\tencent\ssplus\splus1.dll TENCENT .text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc, 00F20000[00028000] [AM] 38. c:\program files\360safe\safemon\safemon.dll 360.CN 360安全卫士实时保护模块 .text,.rdata,.data,.share,.rsrc,.reloc, 00F60000[0014D000] [ M] 79. d:\新建文件夹 (2)\rasgui.dll Beijing Rising Technology Co., Ltd. RasGUI .text,.rdata,.data,.rsrc,.reloc, 23800000[00022000] [ M] 80. d:\新建文件夹 (2)\rsxml.dll Beijing Rising Technology Co., Ltd. RsXML .text,.rdata,.data,.rsrc,.reloc, 018C0000[00099000] [ M] 66. c:\windows\system32\googlepinyin.ime Google Inc. 谷歌拼音输入法 1.0 .text,.rdata,.data,.rsrc,.reloc, 04100000[00025000] [ M] 81. c:\program files\kaspersky lab\kaspersky anti-virus 6.0\scrchpg.dll Kaspersky Lab Script Checker .text,.rdata,.data,.rsrc,.reloc, 05260000[00018000] [ M] 82. d:\新建文件夹 (2)\ktrojan.dll Beijing Rising Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 05290000[0002F000] [ M] 83. d:\新建文件夹 (2)\engine.dll Beijing Rising Technology Co., Ltd. kaka engine .text,.rdata,.data,.rsrc,.reloc, 052D0000[00040000] [ M] 84. d:\新建文件夹 (2)\rsdialog.dll Beijing Rising Technology Co., Ltd. Rsdiaglo DLL .text,.rdata,.data,.rsrc,.reloc, 05320000[00024000] [ M] 85. d:\新建文件夹 (2)\scanunv.dll Beijing Rising Technology Co., Ltd. .text,.rdata,.data,.rsrc,.reloc, 05360000[0001F000] [ M] 86. d:\新建文件夹 (2)\secscan.dll Copyright(c) 1998-2006 Beijing Rising Technology Corporation Limited SecScan Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 05440000[00015000] [ M] 87. d:\新建文件夹 (2)\secex.dll Copyright(c) 1998-2006 Beijing Rising Technology Corporation Limited SecScanE Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 05B20000[00012000] [ M] 88. d:\新建文件夹 (2)\zip.dll rising zip UPX0,UPX1,.rsrc, 780C0000[00061000] [ M] 89. d:\新建文件夹 (2)\msvcp60.dll Microsoft Corporation Microsoft (R) C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 72C80000[00008000] [ M] 71. c:\windows\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, 06440000[0000B000] [ M] 90. c:\program files\kaspersky lab\kaspersky anti-virus 6.0\klscav.dll Kaspersky Lab Script Checker AV Plugin .text,.rdata,.data,.rsrc,.reloc, 78130000[0009B000] [ M] 91. c:\program files\kaspersky lab\kaspersky anti-virus 6.0\msvcr80.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 66600000[00017000] [ M] 92. c:\program files\kaspersky lab\kaspersky anti-virus 6.0\prremote.dll Kaspersky Lab PR_REMOTE .text,.rdata,.data,.rsrc,.reloc, 7C420000[00087000] [ M] 93. c:\program files\kaspersky lab\kaspersky anti-virus 6.0\msvcp80.dll Microsoft Corporation Microsoft? C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 06C90000[00048000] [ M] 94. c:\program files\kaspersky lab\kaspersky anti-virus 6.0\prloader.dll Kaspersky Lab Prague Loader .text,.rdata,.data,.rsrc,.reloc, 64A00000[00030000] [ M] 95. c:\program files\kaspersky lab\kaspersky anti-virus 6.0\prkernel.ppl Kaspersky Lab Prague kernel .text,.rdata,.data,.rsrc,.reloc, 07000000[00061000] [ M] 96. c:\program files\kaspersky lab\kaspersky anti-virus 6.0\params.ppl Kaspersky Lab Structure Serializer .text,.rdata,.data,.rsrc,.reloc, 07070000[00009000] [ M] 97. c:\program files\kaspersky lab\kaspersky anti-virus 6.0\pxstub.ppl Kaspersky Lab Proxy Stubs .text,.rdata,.data,.rsrc,.reloc, 67F00000[00007000] [ M] 98. c:\program files\kaspersky lab\kaspersky anti-virus 6.0\tempfile.ppl Kaspersky Lab Temporary IO .text,.rdata,.data,.rsrc,.reloc, 30000000[003AF000] [ M] 99. c:\windows\system32\macromed\flash\flash9f.ocx Adobe Systems, Inc. Adobe Flash Player 9.0 r124 .text,.rdata,.data,.rodata,.rsrc,.reloc, + 000004b8(1208) svchost.exe 50E60000[0000C000] [ M] 100. c:\windows\system32\wups2.dll Microsoft Corporation Windows Update client proxy stub 2 .text,.orpc,.data,.rsrc,.reloc, 10000000[00025000] [ M] 81. c:\program files\kaspersky lab\kaspersky anti-virus 6.0\scrchpg.dll Kaspersky Lab Script Checker .text,.rdata,.data,.rsrc,.reloc, 05AE0000[0000B000] [ M] 90. c:\program files\kaspersky lab\kaspersky anti-virus 6.0\klscav.dll Kaspersky Lab Script Checker AV Plugin .text,.rdata,.data,.rsrc,.reloc, 78130000[0009B000] [ M] 91. c:\program files\kaspersky lab\kaspersky anti-virus 6.0\msvcr80.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 66600000[00017000] [ M] 92. c:\program files\kaspersky lab\kaspersky anti-virus 6.0\prremote.dll Kaspersky Lab PR_REMOTE .text,.rdata,.data,.rsrc,.reloc, 7C420000[00087000] [ M] 93. c:\program files\kaspersky lab\kaspersky anti-virus 6.0\msvcp80.dll Microsoft Corporation Microsoft? C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 05B90000[00048000] [ M] 94. c:\program files\kaspersky lab\kaspersky anti-virus 6.0\prloader.dll Kaspersky Lab Prague Loader .text,.rdata,.data,.rsrc,.reloc, 64A00000[00030000] [ M] 95. c:\program files\kaspersky lab\kaspersky anti-virus 6.0\prkernel.ppl Kaspersky Lab Prague kernel .text,.rdata,.data,.rsrc,.reloc, 05DD0000[00061000] [ M] 96. c:\program files\kaspersky lab\kaspersky anti-virus 6.0\params.ppl Kaspersky Lab Structure Serializer .text,.rdata,.data,.rsrc,.reloc, 05E40000[00009000] [ M] 97. c:\program files\kaspersky lab\kaspersky anti-virus 6.0\pxstub.ppl Kaspersky Lab Proxy Stubs .text,.rdata,.data,.rsrc,.reloc, 67F00000[00007000] [ M] 98. c:\program files\kaspersky lab\kaspersky anti-virus 6.0\tempfile.ppl Kaspersky Lab Temporary IO .text,.rdata,.data,.rsrc,.reloc, + 0000050c(1292) Ati2evxx.exe 00400000[0006E000] [AM] 1. c:\windows\system32\ati2evxx.exe ATI Technologies Inc. ATI External Event Utility EXE Module .text,.rdata,.data,.rsrc, 00C50000[00010000] [ M] 72. c:\windows\system32\ati2edxx.dll ATI Technologies, Inc. ati2edxx .text,.data,.SHAREDS,.rsrc,.reloc, 10000000[00018000] [AM] 26. c:\windows\system32\ati2evxx.dll ATI Technologies Inc. ATI External Event Utility DLL Module .text,.rdata,.data,.rsrc,.reloc, + 00000518(1304) svchost.exe + 000005dc(1500) svchost.exe + 000006a4(1700) spoolsv.exe + 0000072c(1836) Explorer.EXE 10000000[00099000] [ M] 66. c:\windows\system32\googlepinyin.ime Google Inc. 谷歌拼音输入法 1.0 .text,.rdata,.data,.rsrc,.reloc, 03580000[00011000] [AM] 49. c:\windows\system32\shlhook.dll Beijing Rising Technology Co., Ltd. shlhook Module .text,.rdata,.data,.rsrc,.reloc, 03650000[00025000] [ M] 81. c:\program files\kaspersky lab\kaspersky anti-virus 6.0\scrchpg.dll Kaspersky Lab Script Checker .text,.rdata,.data,.rsrc,.reloc, 03BE0000[00028000] [AM] 38. c:\program files\360safe\safemon\safemon.dll 360.CN 360安全卫士实时保护模块 .text,.rdata,.data,.share,.rsrc,.reloc, 03F20000[0002B000] [ M] 65. c:\program files\tencent\ssplus\splus1.dll TENCENT .text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc, 72C80000[00008000] [ M] 71. c:\windows\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, 04530000[0002C000] [AM] 42. c:\program files\winrar\rarext.dll .text,.data,.tls,.idata,.edata,.rsrc,.reloc, 03370000[0000C000] [ M] 101. c:\program files\kaspersky lab\kaspersky anti-virus 6.0\shellex.dll Kaspersky Lab Windows Shell Extension .text,.rdata,.data,.rsrc,.reloc, 78130000[0009B000] [ M] 91. c:\program files\kaspersky lab\kaspersky anti-virus 6.0\msvcr80.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 7C420000[00087000] [ M] 93. c:\program files\kaspersky lab\kaspersky anti-virus 6.0\msvcp80.dll Microsoft Corporation Microsoft? C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 04470000[00017000] [AM] 46. c:\windows\system32\tudouupload.dll www.Tudou.com DLL registration shell extension .text,.rdata,.data,.rsrc,.reloc, 66600000[00017000] [ M] 92. c:\program files\kaspersky lab\kaspersky anti-virus 6.0\prremote.dll Kaspersky Lab PR_REMOTE .text,.rdata,.data,.rsrc,.reloc, 05980000[00048000] [ M] 94. c:\program files\kaspersky lab\kaspersky anti-virus 6.0\prloader.dll Kaspersky Lab Prague Loader .text,.rdata,.data,.rsrc,.reloc, + 000007d8(2008) iResearchiClick.exe 00400000[0007F000] [AM] 53. e:\新建文件夹 (5)\iclick\iresearchiclick.exe iResearch iClick 调研通 .text,.rdata,.data,.rsrc, 10000000[0002B000] [ M] 65. c:\program files\tencent\ssplus\splus1.dll TENCENT .text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc, 00A00000[00028000] [AM] 38. c:\program files\360safe\safemon\safemon.dll 360.CN 360安全卫士实时保护模块 .text,.rdata,.data,.share,.rsrc,.reloc, 00A60000[00099000] [ M] 66. c:\windows\system32\googlepinyin.ime Google Inc. 谷歌拼音输入法 1.0 .text,.rdata,.data,.rsrc,.reloc, 03370000[00025000] [ M] 81. c:\program files\kaspersky lab\kaspersky anti-virus 6.0\scrchpg.dll Kaspersky Lab Script Checker .text,.rdata,.data,.rsrc,.reloc, + 000007e4(2020) Rundll32.exe 10000000[0002B000] [ M] 65. c:\program files\tencent\ssplus\splus1.dll TENCENT .text,.rdata,.data,Shared_T,Shared_H,.rsrc,.reloc, 00BA0000[00028000] [AM] 38. c:\program files\360safe\safemon\safemon.dll 360.CN 360安全卫士实时保护模块 .text,.rdata,.data,.share,.rsrc,.reloc, 00BE0000[00099000] [ M] 66. c:\windows\system32\googlepinyin.ime Google Inc. 谷歌拼音输入法 1.0 .text,.rdata,.data,.rsrc,.reloc, + 00000a70(2672) alg.exe