瑞星卡卡电脑诊断日志 v1.30 (2008-6-8 18:18:54) 北京瑞星科技股份有限公司 注释: [A]表示该文件存在自启动关联; [M]表示该文件在内存中; + 注册表自运行项目 + 系统服务 + HKLM\System\CurrentControlSet\Services RsCCenter [AM] 1. c:\program files\rising\rav\ccenter.exe Beijing Rising Technology Co., Ltd. CCenter .text,.rdata,.data,.rsrc, RsRavMon [AM] 2. c:\program files\rising\rav\ravmond.exe Beijing Rising Technology Co., Ltd. Rising Realtime Moniter .text,.rdata,.data,.rsrc, + 内核驱动 + HKLM\System\CurrentControlSet\Services ALCXSENS [A ] 3. c:\windows\system32\drivers\alcxsens.sys Sensaura Sensaura WDM 3D Audio Driver .text,page,init,.data,.CRT,init,INIT,.rsrc,.reloc, ALCXWDM [A ] 4. c:\windows\system32\drivers\alcxwdm.sys Realtek Semiconductor Corp. Realtek AC'97 Audio Driver (WDM) .text,.rdata,.data,.CRT,.data1,PAGE,INIT,.rsrc,.reloc, HookCont [A ] 5. c:\windows\system32\drivers\hookcont.sys Beijing Rising Technology Co., Ltd HookCont .text,.rdata,.data,INIT,.rsrc,.reloc, HookNtos [A ] 6. c:\windows\system32\drivers\hookntos.sys Beijing Rising Technology Co., Ltd HookNtos .text,.rdata,.data,INIT,.rsrc,.reloc, HookReg [A ] 7. c:\windows\system32\drivers\hookreg.sys Beijing Rising Technology Co., Ltd HookReg .text,.rdata,.data,INIT,.rsrc,.reloc, HookSys [A ] 8. c:\windows\system32\drivers\hooksys.sys Beijing Rising Technology Co., Ltd Hooksys .text,.rdata,.data,INIT,.rsrc,.reloc, HWiNFO32 [A ] 9. c:\program files\hwinfo32\hwinfo32.sys REALiX(tm) HWiNFO32 Kernel Driver .text,.rdata,.data,INIT,.rsrc,.reloc, IdeBusDr [A ] 10. c:\windows\system32\drivers\idebusdr.sys Intel Corporation Intel Application Accelerator Driver .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, IdeChnDr [A ] 11. c:\windows\system32\drivers\idechndr.sys Intel Corporation Intel Application Accelerator Driver .text,.rdata,.data,INIT,.rsrc,.reloc, MegaIDE [A ] 12. c:\windows\system32\drivers\megaide.sys LSI Logic Corporation. LSI MegaRAID IDE Driver .text,.rdata,.data,INIT,.rsrc,.reloc, Nbf [A ] 13. c:\windows\system32\drivers\nbf.sys Microsoft Corporation NetBEUI Frames Protocol Driver .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, RsAntiSpyware [A ] 14. c:\windows\system32\drivers\rsboot.sys Beijing Rising Technology Co., Ltd. Anti-RootKit Driver .text,.rdata,.data,INIT,.rsrc,.reloc, RsNTGDI [A ] 15. c:\windows\system32\drivers\rsntgdi.sys Beijing Rising Technology Co., Ltd. RsNTGDI .text,.rdata,INIT,.rsrc,.reloc, Secdrv [A ] 16. c:\windows\system32\drivers\secdrv.sys .text,.data,INIT,.reloc, urspmk [A ] 17. c:\windows\system32\urspmk viagfx [A ] 18. c:\windows\system32\drivers\vtmini.sys Copyright (C) VIA/S3 Graphics Co, Ltd. VIA/S3G Miniport Driver .text,_TVBIOSD,_MISC,_FOCUSTV,.rdata,.data,PAGE,PAGE,INIT,.rsrc,.reloc, + IE浏览器加载模块 + HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} [A ] 19. c:\windows\system32\kakatool.dll Beijing Rising Technology Co., Ltd. Rising AntiSpyware Toolbar .text,.rdata,.data,MonitorS,.rsrc,.reloc, + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects {00000000-12C9-4305-82F9-43058F20E8D2} [A ] 20. c:\program files\tencent\qqdownload\qqiehelper01.dll 腾讯公司 超级旋风下载组件 .text,.rdata,.data,.rsrc,.reloc, + HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions Exec [A ] 21. c:\program files\messenger\msmsgs.exe Microsoft Corporation Windows Messenger .text,.data,.rsrc, + 资源管理器加载模块 + HKLM\SOFTWARE\Classes\PROTOCOLS\Handler cdo [A ] 22. c:\program files\common files\microsoft shared\web folders\pkmcdo.dll Microsoft Corporation Microsoft SharePoint Portal Server Object Model .text,.data,.rsrc,.reloc, KuGoo [A ] 23. c:\windows\system32\kugoo3downxcontrol.ocx 酷狗 酷狗音乐控件 .text,.itext,.data,.bss,.idata,.edata,.reloc,.rsrc, KuGoo3 [A ] 23. c:\windows\system32\kugoo3downxcontrol.ocx 酷狗 酷狗音乐控件 .text,.itext,.data,.bss,.idata,.edata,.reloc,.rsrc, + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved HyperTerminal Icon Ext [A ] 24. c:\windows\system32\hticons.dll Hilgraeve, Inc. HyperTerminal Applet Library .text,.data,.rsrc,.reloc, WinRAR shell extension [A ] 25. c:\program files\winrar\rarext.dll .text,.data,.tls,.idata,.edata,.rsrc,.reloc, Shell Extensions for RealOne Player [A ] 26. c:\program files\real\realplayer\rpshell.dll RealNetworks, Inc. RealPlayer Shell Extensions .text,.rdata,.data,.rsrc,.reloc, Web Folders [A ] 27. c:\program files\common files\microsoft shared\web folders\msonsext.dll Microsoft Corporation Microsoft Web Folders .text,.data,.bootdat,.rsrc,.reloc, Microsoft Office HTML Icon Handler [A ] 28. c:\program files\microsoft office\office10\msohev.dll Microsoft Corporation Microsoft Office XP component .text,.data,.rsrc,.reloc, RISING [AM] 29. c:\windows\system32\ravext.dll Beijing Rising Technology Co., Ltd. Rising Shell Ext Module .text,.rdata,.data,.rsrc,.reloc, + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks {32CD708B-60A7-4C00-9377-D73EAA495F0F} [AM] 29. c:\windows\system32\ravext.dll Beijing Rising Technology Co., Ltd. Rising Shell Ext Module .text,.rdata,.data,.rsrc,.reloc, {AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A} [AM] 30. c:\windows\system32\shlhook.dll Beijing Rising Technology Co., Ltd. shlhook Module .text,.rdata,.data,.rsrc,.reloc, + 用户登陆自运行项目 + HKCU\Software\Microsoft\Windows\CurrentVersion\Run OlympicExpress [AM] 31. c:\program files\sogouinput\olympicnews.exe Sogou.com Inc. 搜狐奥运快讯 .text,.rdata,.data,.rsrc, + HKLM\Software\Microsoft\Windows\CurrentVersion\Run TkBellExe [AM] 32. c:\program files\common files\real\update_ob\realsched.exe RealNetworks, Inc. RealNetworks Scheduler .text,.rdata,.data,.rsrc, VTTimer [AM] 33. c:\windows\system32\vttimer.exe S3 Graphics, Inc. .text,.rdata,.data,.rsrc, SoundMan [AM] 34. c:\windows\soundman.exe Realtek Semiconductor Corp. Realtek Sound Manager .text,.rdata,.data,.rsrc, RavTask [AM] 35. c:\program files\rising\rav\ravtask.exe Beijing Rising Technology Co., Ltd. RavTimer .text,.rdata,.data,.rsrc, runeip [AM] 36. c:\program files\rising\antispyware\runiep.exe Beijing Rising Technology Co., Ltd. Rising AntiSpyware Monitor .text,.rdata,.data,.rsrc, + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce KKDelay [A ] 37. c:\program files\rising\antispyware\runonce.exe Beijing Rising Technology Co., Ltd. RunOnce Application .text,.rdata,.data,.rsrc, + 开机执行 + HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order BootExecute [A ] 38. c:\windows\system32\bsmain.exe Beijing Rising Technology Co., Ltd. Rising Antivirus 2008 .text,.rdata,.data,.rsrc,.reloc, [A ] 39. c:\windows\system32\kknative.exe Beijing Rising Technology Co., Ltd. NativeAp .text,.data,.rsrc,.reloc, + 映像劫持 + HKCR\.html htmlfile\Edit\Command [A ] 40. c:\program files\microsoft office\office10\msohtmed.exe Microsoft Corporation Microsoft Office XP component .text,.data,.rsrc, htmlfile\open\Command [AM] 41. c:\program files\tencent\tt\bin\ttraveler.exe Tencent .text,.rdata,.data,Shared,.rsrc, htmlfile\Print\Command [A ] 40. c:\program files\microsoft office\office10\msohtmed.exe Microsoft Corporation Microsoft Office XP component .text,.data,.rsrc, htmlfile\TencentTraveler\Command [AM] 41. c:\program files\tencent\tt\bin\ttraveler.exe Tencent .text,.rdata,.data,Shared,.rsrc, + HKCR\.htm htmlfile\Edit\Command [A ] 40. c:\program files\microsoft office\office10\msohtmed.exe Microsoft Corporation Microsoft Office XP component .text,.data,.rsrc, htmlfile\open\Command [AM] 41. c:\program files\tencent\tt\bin\ttraveler.exe Tencent .text,.rdata,.data,Shared,.rsrc, htmlfile\Print\Command [A ] 40. c:\program files\microsoft office\office10\msohtmed.exe Microsoft Corporation Microsoft Office XP component .text,.data,.rsrc, htmlfile\TencentTraveler\Command [AM] 41. c:\program files\tencent\tt\bin\ttraveler.exe Tencent .text,.rdata,.data,Shared,.rsrc, + HKCR\.mp3 KuGoo.MP3\Open\Command [A ] 42. e:\kugou\kugoo.exe 酷狗音乐 酷狗音乐2008 .text,.itext,.data,.bss,.idata,.tls,.rdata,.reloc,.rsrc, KuGoo.MP3\PlayList\Command [A ] 42. e:\kugou\kugoo.exe 酷狗音乐 酷狗音乐2008 .text,.itext,.data,.bss,.idata,.tls,.rdata,.reloc,.rsrc, + 程序初始化和已知动态连接库 + HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows AppInit_DLLs [AM] 43. c:\windows\system32\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, + 正在运行的进程 + 0000010c(268) RavStub.exe 00400000[00021000] [ M] 44. c:\program files\rising\rav\ravstub.exe Beijing Rising Technology Co., Ltd. Rising RavStub .text,.rdata,.data,.rsrc, 10000000[0001F000] [ M] 45. c:\program files\rising\rav\proccom.dll Beijing Rising Technology Co., Ltd. ProcessC Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00610000[00024000] [ M] 46. c:\program files\rising\rav\rscommx2.dll Beijing Rising Technology Co., Ltd. RsCommX2 .text,.rdata,.data,.rsrc,.reloc, 23700000[00028000] [ M] 47. c:\program files\rising\rav\rscommon.dll Beijing Rising Technology Co., Ltd. Rising Common Function Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, + 00000160(352) runiep.exe 00400000[00020000] [AM] 36. c:\program files\rising\antispyware\runiep.exe Beijing Rising Technology Co., Ltd. Rising AntiSpyware Monitor .text,.rdata,.data,.rsrc, 7C140000[00103000] [ M] 48. c:\program files\rising\antispyware\mfc71.dll Microsoft Corporation MFCDLL Shared Library - Retail Version .text,.data,.rsrc,.reloc, 7C340000[00056000] [ M] 49. c:\program files\rising\antispyware\msvcr71.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 10000000[00020000] [AM] 43. c:\windows\system32\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, + 000001e4(484) realsched.exe 00400000[0002E000] [AM] 32. c:\program files\common files\real\update_ob\realsched.exe RealNetworks, Inc. RealNetworks Scheduler .text,.rdata,.data,.rsrc, 10000000[00020000] [AM] 43. c:\windows\system32\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, + 000001f4(500) VTTimer.exe 00400000[0000C000] [AM] 33. c:\windows\system32\vttimer.exe S3 Graphics, Inc. .text,.rdata,.data,.rsrc, 10000000[00020000] [AM] 43. c:\windows\system32\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, + 000001fc(508) SOUNDMAN.EXE 00400000[00015000] [AM] 34. c:\windows\soundman.exe Realtek Semiconductor Corp. Realtek Sound Manager .text,.rdata,.data,.rsrc, 10000000[00020000] [AM] 43. c:\windows\system32\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, + 00000248(584) smss.exe + 00000264(612) RavTask.exe 00400000[00034000] [AM] 35. c:\program files\rising\rav\ravtask.exe Beijing Rising Technology Co., Ltd. RavTimer .text,.rdata,.data,.rsrc, 10000000[0001F000] [ M] 45. c:\program files\rising\rav\proccom.dll Beijing Rising Technology Co., Ltd. ProcessC Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00A20000[00024000] [ M] 46. c:\program files\rising\rav\rscommx2.dll Beijing Rising Technology Co., Ltd. RsCommX2 .text,.rdata,.data,.rsrc,.reloc, 23700000[00028000] [ M] 47. c:\program files\rising\rav\rscommon.dll Beijing Rising Technology Co., Ltd. Rising Common Function Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00C80000[0000E000] [ M] 50. c:\program files\rising\rav\rsappmgr.dll Beijing Rising Technology Co., Ltd. Rising Application Manager .text,.rdata,.data,.rsrc,.reloc, 08CA0000[00030000] [ M] 51. c:\program files\rising\rav\cfgdll.dll Beijing Rising Technology Co., Ltd. CfgDll .text,.rdata,.data,.rsrc,.reloc, + 00000288(648) csrss.exe + 000002a0(672) winlogon.exe 10000000[00020000] [AM] 43. c:\windows\system32\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, 72C80000[00008000] [ M] 52. c:\windows\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, + 000002d0(720) services.exe + 000002dc(732) lsass.exe + 00000310(784) Ravmon.exe 00400000[00067000] [ M] 53. c:\program files\rising\rav\ravmon.exe Beijing Rising Technology Co., Ltd. Rising realtime monitor shell .text,.rdata,.data,.rsrc, 7C140000[00103000] [ M] 54. c:\windows\system32\mfc71.dll Microsoft Corporation MFCDLL Shared Library - Retail Version .text,.data,.rsrc,.reloc, 7C340000[00056000] [ M] 55. c:\windows\system32\msvcr71.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 7C3A0000[0007B000] [ M] 56. c:\windows\system32\msvcp71.dll Microsoft Corporation Microsoft? C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 10000000[0001F000] [ M] 45. c:\program files\rising\rav\proccom.dll Beijing Rising Technology Co., Ltd. ProcessC Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00B20000[00024000] [ M] 46. c:\program files\rising\rav\rscommx2.dll Beijing Rising Technology Co., Ltd. RsCommX2 .text,.rdata,.data,.rsrc,.reloc, 23700000[00028000] [ M] 47. c:\program files\rising\rav\rscommon.dll Beijing Rising Technology Co., Ltd. Rising Common Function Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00D70000[00035000] [ M] 57. c:\program files\rising\rav\recomp.dll Beijing Rising Technology Co., Ltd. component manager Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00DC0000[00036000] [ M] 58. c:\program files\rising\rav\refs.dll Beijing Rising Technology Co., Ltd. filesystem Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01020000[0002F000] [ M] 59. c:\program files\rising\rav\viruslib.dll Beijing Rising Technology Co., Ltd. VirusLib Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01160000[00028000] [ M] 60. c:\program files\rising\rav\relibldr.dll Beijing Rising Technology Co., Ltd. libloader Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 011E0000[0000E000] [ M] 50. c:\program files\rising\rav\rsappmgr.dll Beijing Rising Technology Co., Ltd. Rising Application Manager .text,.rdata,.data,.rsrc,.reloc, 01200000[00030000] [ M] 51. c:\program files\rising\rav\cfgdll.dll Beijing Rising Technology Co., Ltd. CfgDll .text,.rdata,.data,.rsrc,.reloc, 01360000[00075000] [ M] 61. c:\program files\rising\rav\monrule.dll Beijing Rising Technology Co., Ltd. MonRule .text,.rdata,.data,.rsrc,.reloc, 23900000[00040000] [ M] 62. c:\program files\rising\rav\pngdll.dll Beijing Rising Technology Co., Ltd. Rising .Png File Loader Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 26600000[000B8000] [ M] 63. c:\program files\rising\rav\rsguilib.dll Beijing Rising Technology Co., Ltd. Rising GUI Library Loader .text,.rdata,.data,.rsrc,.reloc, 23800000[00018000] [ M] 64. c:\program files\rising\rav\rsxml.dll Beijing Rising Technology Co., Ltd. RsXML .text,.rdata,.data,.rsrc,.reloc, + 00000370(880) svchost.exe + 000003b4(948) svchost.exe + 0000040c(1036) CCenter.exe 00400000[00029000] [AM] 1. c:\program files\rising\rav\ccenter.exe Beijing Rising Technology Co., Ltd. CCenter .text,.rdata,.data,.rsrc, + 0000041c(1052) svchost.exe + 0000045c(1116) svchost.exe + 00000474(1140) OlympicNews.exe 00400000[00068000] [AM] 31. c:\program files\sogouinput\olympicnews.exe Sogou.com Inc. 搜狐奥运快讯 .text,.rdata,.data,.rsrc, 10000000[00020000] [AM] 43. c:\windows\system32\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, 65100000[000DD000] [ M] 65. c:\program files\sogouinput\pxpnet.dll Sohu.com Inc. Sogou pxpnet Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, + 00000594(1428) svchost.exe + 00000694(1684) Explorer.EXE 10000000[00020000] [AM] 43. c:\windows\system32\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, 72C80000[00008000] [ M] 52. c:\windows\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, 23700000[00028000] [ M] 47. c:\program files\rising\rav\rscommon.dll Beijing Rising Technology Co., Ltd. Rising Common Function Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, + 000006ac(1708) ravmond.exe 00400000[00069000] [AM] 2. c:\program files\rising\rav\ravmond.exe Beijing Rising Technology Co., Ltd. Rising Realtime Moniter .text,.rdata,.data,.rsrc, 10000000[00042000] [ M] 66. c:\program files\rising\rav\bwlist.dll Beijing Rising Technology Co., Ltd. BWList DLL .text,.rdata,.data,.rsrc,.reloc, 7C140000[00103000] [ M] 54. c:\windows\system32\mfc71.dll Microsoft Corporation MFCDLL Shared Library - Retail Version .text,.data,.rsrc,.reloc, 7C340000[00056000] [ M] 55. c:\windows\system32\msvcr71.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 7C3A0000[0007B000] [ M] 56. c:\windows\system32\msvcp71.dll Microsoft Corporation Microsoft? C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 00C20000[0000E000] [ M] 50. c:\program files\rising\rav\rsappmgr.dll Beijing Rising Technology Co., Ltd. Rising Application Manager .text,.rdata,.data,.rsrc,.reloc, 00C40000[00030000] [ M] 51. c:\program files\rising\rav\cfgdll.dll Beijing Rising Technology Co., Ltd. CfgDll .text,.rdata,.data,.rsrc,.reloc, 00DA0000[00066000] [ M] 67. c:\program files\rising\rav\rslog.dll Beijing Rising Technology Co., Ltd. RsLog DLL .text,.rdata,.data,.rsrc,.reloc, 00E10000[0001F000] [ M] 45. c:\program files\rising\rav\proccom.dll Beijing Rising Technology Co., Ltd. ProcessC Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00E30000[00024000] [ M] 46. c:\program files\rising\rav\rscommx2.dll Beijing Rising Technology Co., Ltd. RsCommX2 .text,.rdata,.data,.rsrc,.reloc, 00FC0000[00075000] [ M] 61. c:\program files\rising\rav\monrule.dll Beijing Rising Technology Co., Ltd. MonRule .text,.rdata,.data,.rsrc,.reloc, 00E90000[00013000] [ M] 68. c:\program files\rising\rav\hooksys.dll Beijing Rising Technology Co., Ltd Hooksys Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01170000[00013000] [ M] 69. c:\program files\rising\rav\hookreg.dll Beijing Rising Technology Co., Ltd HookReg Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 011D0000[00013000] [ M] 70. c:\program files\rising\rav\hookntos.dll Beijing Rising Technology Co., Ltd SysMon Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01230000[0001C000] [ M] 71. c:\program files\rising\rav\rswalmon.dll Beijing Rising Technology Co., Ltd. Rising WAL Monitor DLL .text,.rdata,.data,.rsrc,.reloc, 02060000[00035000] [ M] 57. c:\program files\rising\rav\recomp.dll Beijing Rising Technology Co., Ltd. component manager Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 020B0000[00036000] [ M] 58. c:\program files\rising\rav\refs.dll Beijing Rising Technology Co., Ltd. filesystem Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 02100000[00023000] [ M] 72. c:\program files\rising\rav\ffr.dll Beijing Rising Technology Co., Ltd. ffr Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 02140000[00020000] [ M] 73. c:\program files\rising\rav\rsstore.dll Beijing Rising Technology Co., Ltd. RSStore .text,.rdata,.data,.rsrc,.reloc, 02170000[00013000] [ M] 74. c:\program files\rising\rav\hookcont.dll Beijing Rising Technology Co., Ltd HookCont Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 021A0000[00027000] [ M] 75. c:\program files\rising\rav\fakescan.dll Beijing Rising Technology Co., Ltd. FakeScan Module .text,.rdata,.data,.rsrc,.reloc, 021E0000[00022000] [ M] 76. c:\program files\rising\rav\scanner.dll Beijing Rising Technology Co., Ltd. RsScanner Module .text,.rdata,.data,.rsrc,.reloc, 02820000[0002F000] [ M] 59. c:\program files\rising\rav\viruslib.dll Beijing Rising Technology Co., Ltd. VirusLib Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 02960000[00028000] [ M] 60. c:\program files\rising\rav\relibldr.dll Beijing Rising Technology Co., Ltd. libloader Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 02E50000[0000D000] [ M] 77. c:\program files\rising\rav\hookweb.dll Beijing Rising Technology Co., Ltd. Rising HookWeb Dll .text,.rdata,.data,.rsrc,.reloc, 03F00000[00021000] [ M] 78. c:\program files\rising\rav\nvfile.dll Beijing Rising Technology Co., Ltd. NVFile .text,.rdata,.data,.rsrc,.reloc, 13AB0000[0004A000] [ M] 79. c:\program files\rising\rav\scanexec.dll Beijing Rising Technology Co., Ltd. ScanExec .text,.rdata,.data,.rsrc,.reloc, 05BC0000[002DC000] [ M] 80. c:\program files\rising\rav\unexe.dll Beijing Rising Technology Co., Ltd. UnExe .text,.rdata,.data,.rsrc,.reloc, 05A00000[000CB000] [ M] 81. c:\program files\rising\rav\scanex.dll Beijing Rising Technology Co., Ltd. ScanEx .text,.rdata,.data,.rsrc,.reloc, 049D0000[000DC000] [ M] 82. c:\program files\rising\rav\extfile.dll Beijing Rising Technology Co., Ltd. extFile Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 04AC0000[00027000] [ M] 83. c:\program files\rising\rav\pearc.dll Beijing Rising Technology Co., Ltd. pearchive Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 03E40000[00023000] [ M] 84. c:\program files\rising\rav\scansct.dll Beijing Rising Technology Co., Ltd. ScanSct Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, + 000006c4(1732) spoolsv.exe 10000000[00020000] [AM] 43. c:\windows\system32\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, + 000007a0(1952) TTraveler.exe 00400000[00066000] [AM] 41. c:\program files\tencent\tt\bin\ttraveler.exe Tencent .text,.rdata,.data,Shared,.rsrc, 10000000[00066000] [ M] 85. c:\program files\tencent\tt\bin\ttutilwidget.dll Tencent Tencent Traveler .text,.rdata,.data,.rsrc,.reloc, 7C630000[0001B000] [ M] 86. c:\program files\tencent\tt\bin\atl80.dll Microsoft Corporation ATL Module for Windows (Unicode) .text,.rdata,.data,.rsrc,.reloc, 7C420000[00087000] [ M] 87. c:\program files\tencent\tt\bin\msvcp80.dll Microsoft Corporation Microsoft? C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 78130000[0009B000] [ M] 88. c:\program files\tencent\tt\bin\msvcr80.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 0F000000[00006000] [ M] 89. c:\program files\tencent\tt\bin\detoured.dll Microsoft Corporation Marks process modified by Detours technology. .text,.rdata,.data,.rsrc,.reloc, 003D0000[00020000] [AM] 43. c:\windows\system32\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, 00C10000[00025000] [ M] 90. c:\program files\tencent\tt\bin\ttstore.dll Tencent Tencent Traveler .text,.rdata,.data,.rsrc,.reloc, 60900000[00048000] [ M] 91. c:\program files\tencent\tt\bin\sqlite3.dll .text,.data,.bss,.edata,.idata,.reloc,.stab,.stabstr, 00C40000[00028000] [ M] 92. c:\program files\tencent\tt\bin\platformwidget.dll Tencent Tencent Traveler .text,.rdata,.data,.rsrc,.reloc, 00C70000[00074000] [ M] 93. c:\program files\tencent\tt\bin\ttmainframe.dll Tencent Tencent Traveler .text,.rdata,.data,.rsrc,.reloc, 01740000[0003F000] [ M] 94. c:\program files\tencent\tt\bin\ttmbrowser.dll Tencent Tencent Traveler .text,.rdata,.data,.rsrc,.reloc, 018C0000[00027000] [ M] 95. c:\program files\tencent\tt\bin\ttabmgr.dll Tencent Tencent Traveler .text,.rdata,.data,.rsrc,.reloc, 01D20000[00011000] [ M] 96. c:\program files\tencent\tt\bin\ttpluginmng.dll Tencent Tencent Traveler .text,.rdata,.data,.rsrc,.reloc, 01D40000[00036000] [ M] 97. c:\program files\tencent\tt\plugins\3ttweather\ttweather.dll TODO: <公司名> TODO: <文件说明> .text,.rdata,.data,.rsrc,.reloc, 01D80000[0003D000] [ M] 98. c:\program files\tencent\tt\bin\ttskin.dll Tencent .text,.rdata,.data,.rsrc,.reloc, 6F2B0000[00065000] [ M] 99. c:\program files\tencent\tt\bin\vbscript.dll Microsoft Corporation Microsoft (R) VBScript .text,.data,.rsrc,.reloc, 01FE0000[00033000] [ M] 100. c:\program files\tencent\tt\bin\favoritelogical.dll Tencent Tencent Traveler .text,.rdata,.data,.rsrc,.reloc, 02330000[00049000] [ M] 101. c:\program files\tencent\tt\bin\tthtmlapp.dll Tencent Tencent Traveler .text,.rdata,.data,.rsrc,.reloc, 02290000[0001A000] [ M] 102. c:\program files\tencent\tt\bin\ttfilter.dll Tencent Tencent Traveler .text,.rdata,.data,.rsrc,.reloc, 022B0000[00041000] [ M] 103. c:\program files\tencent\tt\bin\ttnetwork.dll Tencent Tencent Traveler .text,.rdata,.data,.rsrc,.reloc, 02300000[00014000] [ M] 104. c:\program files\tencent\tt\bin\updateutil.dll .text,.rdata,.data,.reloc, 07280000[0003F000] [ M] 105. c:\program files\tencent\tt\bin\ttsidebar.dll Tencent Tencent Traveler .text,.rdata,.data,.rsrc,.reloc, 073C0000[00017000] [ M] 106. c:\program files\tencent\tt\bin\tsupport.dll TENCENT Inc. .text,.rdata,.data,.rsrc,.reloc, 07B30000[00028000] [ M] 107. c:\program files\rising\rav\ravscrch.dll Beijing Rising Technology Co., Ltd. RavScrCh Module .text,.rdata,.data,.rsrc,.reloc, 07D60000[00138000] [ M] 108. c:\windows\system32\sogoupy.ime Sogou.com Inc. 搜狗拼音输入法 .text,.rdata,.data,.rsrc,.reloc, 09690000[00042000] [ M] 109. c:\program files\sogouinput\plugin\sgimeword.dll Sogou.com Inc. 搜狗拼音输入法 酷字 .text,.rdata,.data,.rsrc,.reloc, 02390000[0001C000] [AM] 29. c:\windows\system32\ravext.dll Beijing Rising Technology Co., Ltd. Rising Shell Ext Module .text,.rdata,.data,.rsrc,.reloc, 023C0000[00011000] [AM] 30. c:\windows\system32\shlhook.dll Beijing Rising Technology Co., Ltd. shlhook Module .text,.rdata,.data,.rsrc,.reloc, 30000000[003AF000] [ M] 110. c:\windows\system32\macromed\flash\flash9f.ocx Adobe Systems, Inc. Adobe Flash Player 9.0 r124 .text,.rdata,.data,.rodata,.rsrc,.reloc, 72C80000[00008000] [ M] 52. c:\windows\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, + 00000a5c(2652) alg.exe 10000000[00020000] [AM] 43. c:\windows\system32\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, + 00000bec(3052) Ras.exe 00400000[001FF000] [ M] 111. c:\program files\rising\antispyware\ras.exe Beijing Rising Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc, 7C140000[00103000] [ M] 48. c:\program files\rising\antispyware\mfc71.dll Microsoft Corporation MFCDLL Shared Library - Retail Version .text,.data,.rsrc,.reloc, 7C340000[00056000] [ M] 49. c:\program files\rising\antispyware\msvcr71.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 7C3A0000[0007B000] [ M] 112. c:\program files\rising\antispyware\msvcp71.dll Microsoft Corporation Microsoft? C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 10000000[00013000] [ M] 113. c:\program files\rising\antispyware\topsoft.dll Beijing Rising Technology Co., Ltd. Rising AntiSpyware TopSoft .text,.rdata,.data,.rsrc,.reloc, 00370000[00032000] [ M] 114. c:\program files\rising\antispyware\ncomm.dll Beijing Rising Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 00D50000[0001F000] [ M] 45. c:\program files\rising\rav\proccom.dll Beijing Rising Technology Co., Ltd. ProcessC Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00D70000[00024000] [ M] 46. c:\program files\rising\rav\rscommx2.dll Beijing Rising Technology Co., Ltd. RsCommX2 .text,.rdata,.data,.rsrc,.reloc, 00EC0000[0014D000] [ M] 115. c:\program files\rising\antispyware\rasgui.dll Beijing Rising Technology Co., Ltd. RasGUI .text,.rdata,.data,.rsrc,.reloc, 23800000[00022000] [ M] 116. c:\program files\rising\antispyware\rsxml.dll Beijing Rising Technology Co., Ltd. RsXML .text,.rdata,.data,.rsrc,.reloc, 02C30000[00018000] [ M] 117. c:\program files\rising\antispyware\ktrojan.dll Beijing Rising Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 02C50000[0002F000] [ M] 118. c:\program files\rising\antispyware\engine.dll Beijing Rising Technology Co., Ltd. kaka engine .text,.rdata,.data,.rsrc,.reloc, 02C90000[00040000] [ M] 119. c:\program files\rising\antispyware\rsdialog.dll Beijing Rising Technology Co., Ltd. Rsdiaglo DLL .text,.rdata,.data,.rsrc,.reloc, 02CE0000[00024000] [ M] 120. c:\program files\rising\antispyware\scanunv.dll Beijing Rising Technology Co., Ltd. .text,.rdata,.data,.rsrc,.reloc, 02D20000[0001F000] [ M] 121. c:\program files\rising\antispyware\secscan.dll Copyright(c) 1998-2006 Beijing Rising Technology Corporation Limited SecScan Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 02E00000[00015000] [ M] 122. c:\program files\rising\antispyware\secex.dll Copyright(c) 1998-2006 Beijing Rising Technology Corporation Limited SecScanE Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 034F0000[00012000] [ M] 123. c:\program files\rising\antispyware\zip.dll rising zip UPX0,UPX1,.rsrc, 02B40000[00028000] [ M] 107. c:\program files\rising\rav\ravscrch.dll Beijing Rising Technology Co., Ltd. RavScrCh Module .text,.rdata,.data,.rsrc,.reloc, 30000000[003AF000] [ M] 110. c:\windows\system32\macromed\flash\flash9f.ocx Adobe Systems, Inc. Adobe Flash Player 9.0 r124 .text,.rdata,.data,.rodata,.rsrc,.reloc, 72C80000[00008000] [ M] 52. c:\windows\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, 620B0000[00356000] [ M] 124. c:\program files\common files\microsoft shared\cdo\cdoex.dll Microsoft Corporation Microsoft CDO for Microsoft Exchange Library .text,.orpc,.data,.rsrc,.reloc,