瑞星卡卡电脑诊断日志 v1.30 (2009-10-18 11:38:47) 北京瑞星信息技术有限公司 注释: [A]表示该文件存在自启动关联; [M]表示该文件在内存中; + 注册表自运行项目 + 系统服务 + HKLM\System\CurrentControlSet\Services aspnet_state [A ] 1. c:\windows\microsoft.net\framework\v2.0.50727\aspnet_state.exe Microsoft Corporation Microsoft ASP.NET State Server .text,.data,.rsrc, Bonjour Service [A ] 2. c:\program files\bonjour\mdnsresponder.exe Apple Inc. Bonjour Service .text,.rdata,.data,.rsrc, clr_optimization_v2.0.50727_32 [A ] 3. c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe Microsoft Corporation .NET Runtime Optimization Service .text,.data,.rsrc, FontCache3.0.0.0 [A ] 4. c:\windows\microsoft.net\framework\v3.0\wpf\presentationfontcache.exe Microsoft Corporation Windows Presentation Foundation Font Cache Service .text,.rsrc,.reloc, gusvc [A ] 5. c:\program files\google\common\google updater\googleupdaterservice.exe Google gusvc .text,.rdata,.data,.rsrc, IDriverT [A ] 6. c:\program files\common files\installshield\driver\11\intel 32\idrivert.exe Macrovision Corporation IDriverT Module .text,.rdata,.data,.rsrc, idsvc [A ] 7. c:\windows\microsoft.net\framework\v3.0\windows communication foundation\infocard.exe Microsoft Corporation Windows CardSpace .text,.rdata,.data,.rsrc, kaccore [AM] 8. c:\program files\kingsoft\kac\service\kaccore.exe Kingsoft Corporation Kingsoft Basic Service Module .text,.orpc,.rdata,.data,.rsrc, NetTcpPortSharing [A ] 9. c:\windows\microsoft.net\framework\v3.0\windows communication foundation\smsvchost.exe Microsoft Corporation SMSvcHost.exe .text,.rsrc,.reloc, 文件名和"svchost.exe"类似 odserv [A ] 10. c:\program files\common files\microsoft shared\office12\odserv.exe Microsoft Corporation Microsoft Office Diagnostics .text,.data,.rsrc,.reloc, ose [A ] 11. c:\program files\common files\microsoft shared\source engine\ose.exe Microsoft Corporation Office Source Engine .text,.data,.rsrc,.reloc, RavCCenter [A ] 12. e:\program files\rising\rav\ccenter.exe Beijing Rising Information Technology Co., Ltd. CCenter Application .text,.rdata,.data,.rsrc, RavTask [A ] 13. e:\program files\rising\rav\ravtask.exe Beijing Rising Information Technology Co., Ltd. ravtask .text,.rdata,.data,.rsrc, RsScanSrv [AM] 14. e:\program files\rising\rav\scanfrm.exe Beijing Rising Information Technology Co., Ltd. Rising Scan Service Framework .text,.rdata,.data,.rsrc, TSUSVC [A ] 15. c:\program files\tencent\qqsoftmgr\tencentupdatesvc.exe Tencent Tencent Software Update Service UPX0,UPX1,.rsrc, UMWdf [A ] 16. c:\windows\system32\wdfmgr.exe Microsoft Corporation Windows User Mode Driver Manager .text,.data,.rsrc, WSearch [AM] 17. c:\windows\system32\searchindexer.exe Microsoft Corporation Microsoft Windows Search Indexer .text,.data,.rsrc,.reloc, ZhuDongFangYu [AM] 18. c:\program files\360\360safe\deepscan\zhudongfangyu.exe 360安全中心 360主动防御服务模块 .text,.rdata,.data,.rsrc, + 内核驱动 + HKLM\System\CurrentControlSet\Services 360SelfProtection [A ] 19. c:\windows\system32\drivers\360selfprotection.sys 360安全中心 360安全卫士 - SelfProtection .text,.rdata,.data,INIT,.rsrc,.reloc, AmdK8 [A ] 20. c:\windows\system32\drivers\amdk8.sys Advanced Micro Devices AMD Processor Driver .text,.rdata,.data,PAGE,PAGELK,INIT,.rsrc,.reloc, BFSDRV [A ] 21. c:\windows\system32\drivers\bfsdrv.sys 360安全中心 bfsdrv .text,.rdata,.data,INIT,.rsrc,.reloc, BREGDRV [A ] 22. c:\windows\system32\drivers\bregdrv.sys 360安全中心 bregdrv .text,.rdata,.data,INIT,.rsrc,.reloc, DKbFltr [A ] 23. c:\windows\system32\drivers\dkbfltr.sys Dritek System Inc. Dritek PS2 Keyboard Filter Driver .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, EagleNT [A ] 24. c:\windows\system32\drivers\eaglent.sys eamon [A ] 25. c:\windows\system32\drivers\eamon.sys ESET Amon monitor .text,.rdata,.data,.edata,INIT,.rsrc,.reloc, easdrv [A ] 26. c:\windows\system32\drivers\easdrv.sys ESET Eset AntiStealth driver .text,.rdata,.data,INIT,.rsrc,.reloc, EfiMon [A ] 27. c:\windows\system32\drivers\efimon.sys 奇虎网 360Efimon Driver .text,.rdata,.data,INIT,.rsrc,.reloc, epfwtdir [A ] 28. c:\windows\system32\drivers\epfwtdir.sys .text,.rdata,.data,.edata,INIT,.rsrc,.reloc, HDAudBus [A ] 29. c:\windows\system32\drivers\hdaudbus.sys Windows (R) Server 2003 DDK provider High Definition Audio Bus Driver v1.0a .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, HookPort [A ] 30. c:\windows\system32\drivers\hookport.sys 360安全中心 360安全卫士 - HookPort .text,.rdata,.data,INIT,.rsrc,.reloc, ialm [A ] 31. c:\windows\system32\drivers\igxpmp32.sys Intel Corporation Intel Graphics Miniport Driver .text,.rdata,.data,PAGE,.edata,INIT,.rsrc,.reloc, IntcAzAudAddService [A ] 32. c:\windows\system32\drivers\rtkhdaud.sys Realtek Semiconductor Corp. Realtek(r) High Definition Audio Function Driver .text,CODE,.rdata,.data,.data1,PAGE,INIT,.rsrc,.reloc, NPF [A ] 33. c:\windows\system32\drivers\npf.sys CACE Technologies npf.sys (NT5/6 x86) Kernel Driver .text,.rdata,.data,INIT,.rsrc,.reloc, npkcrypt [A ] 34. c:\windows\system32\npkcrypt.sys npkycryp [A ] 35. c:\windows\system32\npkycryp.sys p2pfilter [A ] 36. c:\program files\p2pover\p2pfilter.sys .text,.data,INIT,.reloc, PxHelp20 [A ] 37. c:\windows\system32\drivers\pxhelp20.sys Sonic Solutions Px Engine Device Driver for Windows 2000/XP .text,.rdata,.data,INIT,.rsrc,.reloc, qutmdserv [A ] 38. c:\windows\system32\drivers\qutmdrv.sys 360安全中心 qutmdrv .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, RTLE8023xp [A ] 39. c:\windows\system32\drivers\rtenicxp.sys Realtek Semiconductor Corporation Realtek 10/100/1000 NDIS 5.1 Driver .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, SafeBoxKrnl [A ] 40. c:\windows\system32\drivers\safeboxkrnl.sys 360安全中心 360安全卫士 - 保险箱 .text,.rdata,.data,INIT,.rsrc,.reloc, Secdrv [A ] 41. c:\windows\system32\drivers\secdrv.sys Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. Macrovision SECURITY Driver .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, TesDrvPt [A ] 42. c:\windows\system32\tesdrvpt.sys TENCENT Kernel helper of the Tencent's game trojan killer .text,.rdata,.data,INIT,.rsrc,.reloc, TesSafe [A ] 43. c:\windows\system32\tessafe.sys TENCENT TesSafe NT Driver .text,.rdata,.data,INIT,.rsrc,.tvm, + 文件系统驱动 + HKLM\System\CurrentControlSet\Services ADProt [A ] 44. c:\windows\system32\drivers\adprot.sys 腾讯科技(深圳)有限公司 .text,.rdata,.data,INIT,.rsrc,.reloc, BdGuard [A ] 45. c:\windows\system32\drivers\bdguard.sys BDGUARD Dynamic Link Library .text,.rdata,.data,INIT,.rsrc,.reloc, exFat [A ] 46. c:\windows\system32\drivers\exfat.sys Microsoft Corporation Microsoft Extended FAT File System .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, + 系统登陆自运行 + HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify igfxcui [A ] 47. c:\windows\system32\igfxdev.dll Intel Corporation igfxdev Module .text,.rdata,.data,.rsrc,.reloc, + IE浏览器加载模块 + HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar {B580CF65-E151-49C3-B73F-70B13FCA8E86} [AM] 48. c:\program files\baidu\bar\baidubar.dll Baidu.com, Inc. BaiduBar Module .text,.rdata,.data,.idata,.Shared,.rsrc,.reloc, {29CF293A-1E7D-4069-9E11-E39698D0AF95} [AM] 49. c:\program files\tencent\qqtoolbar\iebar.dll TENCENT QQ工具栏 .text,.rdata,.data,.toolbar,.webslic,.rsrc,.reloc, {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} [A ] 50. c:\windows\system32\kakatool.dll Beijing Rising Information Technology Co., Ltd. ToolBar .text,.rdata,.data,.rsrc,.reloc, + HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks {CFBFAE00-17A6-11D0-99CB-00C04FD64497} [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects {0A0DDBD3-6641-40B9-873F-BBDD26D6C14E} [AM] 52. e:\verycd\easymule\modules\ie2em.dll VeryCD.com eMule BHO (电驴浏览器辅助对象) .text,.rdata,.data,.rsrc,.reloc, {29CF293A-1E7D-4069-9E11-E39698D0AF95} [AM] 49. c:\program files\tencent\qqtoolbar\iebar.dll TENCENT QQ工具栏 .text,.rdata,.data,.toolbar,.webslic,.rsrc,.reloc, {53AC8551-0DE0-4606-8A1E-A51AF20ADD60} [AM] 53. e:\qvodplayer\qvodextend.dll Shenzhen QVOD Technology Co.,Ltd QvodExtend .text,.rdata,.data,.rsrc,.reloc, {669751ED-D558-49AE-B01A-3B374CC7910E} [AM] 54. c:\windows\system32\ssup.dll 腾讯 腾讯中文搜搜 .text,.rdata,.data,.rsrc,.reloc, {77FEF28E-EB96-44FF-B511-3185DEA48697} [AM] 48. c:\program files\baidu\bar\baidubar.dll Baidu.com, Inc. BaiduBar Module .text,.rdata,.data,.idata,.Shared,.rsrc,.reloc, {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [AM] 55. c:\windows\system32\urlfilter.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware UrlFilter Module .text,.rdata,.data,.rsrc,.reloc, {C7B76B90-3455-4AE6-A752-EAC4D19689E5} [AM] 56. c:\program files\eorezo\eoadv\eorezobho.dll EoRezo Aide à la Navitagion .text,.rdata,.data,.rsrc,.reloc, + 资源管理器加载模块 + HKLM\SOFTWARE\Classes\PROTOCOLS\Filter application/octet-stream [AM] 57. c:\windows\system32\mscoree.dll Microsoft Corporation Microsoft .NET Runtime Execution Engine .text,.data,.rsrc,.reloc, application/x-complus [AM] 57. c:\windows\system32\mscoree.dll Microsoft Corporation Microsoft .NET Runtime Execution Engine .text,.data,.rsrc,.reloc, application/x-msdownload [AM] 57. c:\windows\system32\mscoree.dll Microsoft Corporation Microsoft .NET Runtime Execution Engine .text,.data,.rsrc,.reloc, text/xml [A ] 58. c:\program files\common files\microsoft shared\office12\msoxmlmf.dll Microsoft Corporation Microsoft Office XML MIME Filter .text,.data,.rsrc,.reloc, + HKLM\SOFTWARE\Classes\PROTOCOLS\Handler livecall [A ] 59. c:\program files\windows live\messenger\msgrapp.14.0.8089.0726.dll Microsoft Corporation Windows Live Messenger Protocol Handler Module .text,.data,.rsrc,.reloc, ms-help [A ] 60. c:\program files\common files\microsoft shared\help\hxds.dll Microsoft Corporation Microsoft? Help Data Services Module .text,.data,.rsrc,.reloc, ms-itss [A ] 61. c:\program files\common files\microsoft shared\information retrieval\msitss.dll Microsoft Corporation Microsoft? InfoTech Storage System Library .text,.data,.rsrc,.reloc, msnim [A ] 59. c:\program files\windows live\messenger\msgrapp.14.0.8089.0726.dll Microsoft Corporation Windows Live Messenger Protocol Handler Module .text,.data,.rsrc,.reloc, mso-offdap [A ] 62. c:\program files\common files\microsoft shared\web components\10\owc10.dll Microsoft Corporation Microsoft Office XP Web Components .text,.data,.rtext,.bootdat,msoconst,Shared,.rsrc,.reloc, wlmailhtml [A ] 63. c:\program files\windows live\mail\mailcomm.dll Microsoft Corporation Windows Live Mail .text,.data,.rsrc,.reloc, + HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} [A ] 64. c:\windows\system32\ieudinit.exe Microsoft Corporation IE Per User Active Setup Uninstall Utility .text,.data,.rsrc,.reloc, + HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers {F9DB5320-233E-11D1-9F84-707F02C10627} [AM] 65. c:\program files\common files\adobe\acrobat\activex\pdfshell.dll Adobe Systems, Inc. PDF Shell Extension .text,.orpc,.rdata,.data,.rsrc,.reloc, + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved HyperTerminal Icon Ext [A ] 66. c:\windows\system32\hticons.dll Hilgraeve, Inc. HyperTerminal Applet Library .text,.data,.rsrc,.reloc, IE Search Band [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, IE AutoComplete [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, Shell DocObject Viewer [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, InternetShortcut [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, Microsoft Url History Service [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, History [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, Temporary Internet Files [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, Temporary Internet Files [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, Microsoft Url Search Hook [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, The Internet [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, Internet Name Space [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, WinRAR shell extension [AM] 67. c:\program files\winrar\rarext.dll .text,.rdata,.data,.rsrc,.reloc, Portable Media Devices [A ] 68. c:\windows\system32\audiodev.dll Microsoft Corporation 便携媒体设备命令行解释器扩展 .text,.data,.rsrc,.reloc, Portable Media Devices Menu [A ] 68. c:\windows\system32\audiodev.dll Microsoft Corporation 便携媒体设备命令行解释器扩展 .text,.data,.rsrc,.reloc, Web Folders [A ] 69. c:\program files\common files\microsoft shared\web folders\msonsext.dll Microsoft Corporation Windows executable .text,.data,.rsrc,.reloc, Fusion Cache [AM] 57. c:\windows\system32\mscoree.dll Microsoft Corporation Microsoft .NET Runtime Execution Engine .text,.data,.rsrc,.reloc, Sorcerer Shell Extension [A ] 70. c:\windows\system32\spool\drivers\w32x86\3\hp1006sx.dll Software 2000 Limited Sorcerer Shell Extension .text,.data,.rsrc,.reloc, Microsoft Office HTML Icon Handler [A ] 71. d:\office12\msohevi.dll Microsoft Corporation 2007 Microsoft Office component .text,.data,.rsrc,.reloc, Microsoft Office Outlook Custom Icon Handler [A ] 72. d:\新建文件夹 (3)\office11\olkfstub.dll Microsoft Corporation Outlook Shell Hook for Start/Find .text,.data,.cdata,.rsrc,.reloc, Microsoft Office Outlook Desktop Icon Handler [A ] 73. d:\新建文件夹 (3)\office11\mlshext.dll Microsoft Corporation Microsoft Shell Extension Library .text,.data,.cdata,.rsrc,.reloc, ShellLink for Application References [A ] 74. c:\windows\system32\dfshim.dll Microsoft Corporation Application Deployment Support Library .text,.data,.rsrc,.reloc, Shell Icon Handler for Application References [A ] 74. c:\windows\system32\dfshim.dll Microsoft Corporation Application Deployment Support Library .text,.data,.rsrc,.reloc, Microsoft.XPS.Shell.Metadata.1 [A ] 75. c:\windows\system32\xpsshhdr.dll Microsoft Corporation Package Document Shell Extension Handler .text,.data,.rsrc,.reloc, Microsoft.XPS.Shell.Thumbnail.1 [A ] 75. c:\windows\system32\xpsshhdr.dll Microsoft Corporation Package Document Shell Extension Handler .text,.data,.rsrc,.reloc, WLMD Message Handler [A ] 63. c:\program files\windows live\mail\mailcomm.dll Microsoft Corporation Windows Live Mail .text,.data,.rsrc,.reloc, IE Microsoft BrowserBand [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, IE Fade Task [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, IE Menu Desk Bar [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, IE Navigation Bar [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, IE Menu Site [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, IE Menu Band [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, IE Microsoft History AutoComplete List [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, IE Tracking Shell Menu [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, IE IShellFolderBand [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, IE BandProxy [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, IE MRU AutoComplete List [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, IE RSS Feeder Folder [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, IE Microsoft Shell Folder AutoComplete List [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, IE Microsoft Multiple AutoComplete List Container [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, Microsoft Browser Architecture [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, IE Shell Rebar BandSite [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, IE Shell Band Site Menu [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, &Links [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, IE Registry Tree Options Utility [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, IE User Assist [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, IE Custom MRU AutoCompleted List [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, IE History and Feeds Shell Data Source for Windows Search [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, Microsoft Web Browser [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, Microsoft Office Metadata Handler [A ] 76. c:\program files\common files\microsoft shared\office12\msoshext.dll Microsoft Corporation Microsoft Office Shell Extension Handlers .text,.data,.rsrc,.reloc, Microsoft Office Thumbnail Handler [A ] 76. c:\program files\common files\microsoft shared\office12\msoshext.dll Microsoft Corporation Microsoft Office Shell Extension Handlers .text,.data,.rsrc,.reloc, Office Document Property Handler [AM] 77. c:\windows\system32\propsys.dll Microsoft Corporation Microsoft Property System .text,.orpc,.data,.rsrc,.reloc, Windows Search Deskbar [A ] 78. c:\program files\windows desktop search\deskbar.dll Microsoft Corporation Windows Search Deskbar extension .text,.data,.rsrc,.reloc, Windows Desktop Search [A ] 79. c:\program files\windows desktop search\msnlext.dll Microsoft Corporation Windows Search Results View .text,.data,.rsrc,.reloc, DllRegShlExt extension [AM] 80. c:\windows\system32\tudouupload.dll www.Tudou.com DLL registration shell extension .text,.rdata,.data,.rsrc,.reloc, + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks {335A9BAE-19FA-42F2-AFD2-20C3275EF392} [AM] 81. c:\windows\system32\qfk6ys52myexkxpwmdmhq.inf UPX0,UPX1,UPX2, {122B901E-493F-4AD9-BC69-7DE8C3E52FCC} [AM] 82. c:\windows\system32\122b901e.dll UPX0,UPX1,UPX2, {827E2FB4-1047-43DE-848D-E12BB0C97AAB} [AM] 83. c:\windows\tasks\sbrmpxjdcrgrafhz4ghh.inf UPX0,UPX1,.rsrc, {8708994F-1758-4C2C-9A3F-FA22D6CCCB41} [AM] 84. c:\windows\fonts\a97cracb.fon UPX0,UPX1,UPX2, {24144CB8-10ED-4BFC-843F-68A9F3369947} [AM] 85. c:\windows\fonts\sd78dgc7hd2sktqhyau.fon UPX0,UPX1,UPX2, {CD478099-014D-4B3A-A4BB-B518F1019BC7} [AM] 86. c:\windows\system32\scevfjrcmab7.dll UPX0,UPX1,UPX2, {36AC68E6-0C26-4D39-B98E-54B49DAB6BAA} [AM] 87. c:\windows\system32\dhdhws7ffw.dll UPX0,UPX1,UPX2, {8A6A5B34-D995-4C5D-9338-B5E264B4A87} [AM] 88. c:\windows\system32\nxe2grrknzf9dxykmqg.inf UPX0,UPX1,UPX2, {4F5EEDE5-1687-49D2-8A17-FF0B454FB37B} [AM] 89. c:\windows\system32\qzp3jtzcsfsh.dll UPX0,UPX1,UPX2, {6B1604E2-A839-463C-906A-27A129781E93} [AM] 90. c:\windows\downloaded program files\rjaekv7ccbwszhqbdu.cur UPX0,UPX1,.rsrc, {B9D0F4D7-C809-4C27-9CB4-63201DFB3D05} [AM] 91. c:\windows\tasks\c2nh4numz9kny5zqnc.inf UPX0,UPX1,.rsrc, {1719B301-B494-4185-9379-242461F9CF02} [AM] 92. c:\windows\system32\btmband89jc9pspq5eknj.inf UPX0,UPX1,UPX2, + 用户登陆自运行项目 + HKCU\Software\Microsoft\Windows\CurrentVersion\Run QvodPlayer [A ] 93. e:\qvodplayer\qvodterminal.exe Shenzhen QVOD Technology Co.,Ltd QvodTerminal .text,.rdata,.data,.rsrc, + HKLM\Software\Microsoft\Windows\CurrentVersion\Run Persistence [A ] 94. c:\windows\system32\igfxpers.exe Intel Corporation persistence Module .text,.rdata,.data,.rsrc, AANM [AM] 95. c:\program files\彩影软件\arp防火墙管理端\antiarpserver.exe CODE,DATA,BSS,.idata,.tls,.rdata,.vmp0,.rsrc,.vmp1,.reloc, RavTray [AM] 96. e:\program files\rising\rav\rstray.exe Beijing Rising Information Technology Co., Ltd. Rising tray framework .text,.rdata,.data,.rsrc, EoEngine [AM] 97. c:\program files\eorezo\eoengine.exe Application MFC EoEngine .text,.rdata,.data,.rsrc, SoftwareHelper [A ] 98. c:\documents and settings\administrator\application data\eorezo\softwareupdate\softwareupdatehp.exe EoRezo SoftwareHelper .text,.rdata,.data,HelperSi,.rsrc, Trough [A ] 99. c:\windows\system32\troughclient.exe .text,.rdata,.data, Grid Service [AM] 100. c:\program files\gridservice\peer.exe FS2YOU Grid Service .text,.rdata,.data,.rsrc, runeip [AM] 101. e:\program files\瑞星卡卡\rstray.exe Beijing Rising Information Technology Co., Ltd. RSTray .text,.rdata,.data,.rsrc, system [A ] 102. c:\windows\system32\system.exe .text,.rdata,.rsrc, + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce KASTask [A ] 103. c:\program files\kingsoft antispy\kastask.exe Kingsoft Corporation Kingsoft Antispyware Reboot Task .text,.rdata,.data,.rsrc, KKDelay [A ] 104. e:\program files\瑞星卡卡\runonce.exe Beijing Rising Information Technology Co., Ltd. RunOnce Application .text,.rdata,.data,.rsrc, + 开机执行 + HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order BootExecute [A ] 105. c:\windows\system32\kknative.exe Beijing Rising Information Technology Co., Ltd. NativeAp .text,.data,.rsrc,.reloc, + 映像劫持 + HKCR\Folder\shell 伊神加密(&E) [A ] 106. c:\windows\伊神软件\伊神加密文件夹\eefolder.exe 伊神软件 最好用的文件夹加密工具软件! ,,,,.rsrc,.t1,.adata, + HKCR\.html 360seURL\Edit\Command [A ] 107. d:\office12\msohtmed.exe Microsoft Corporation 2007 Microsoft Office component .text,.data,.rsrc,.reloc, 360seURL\open\Command [A ] 108. c:\program files\360\360se3\360se.exe 360安全中心 360se .text,.rdata,.data,.taihang,.rsrc, 360seURL\Print\Command [A ] 107. d:\office12\msohtmed.exe Microsoft Corporation 2007 Microsoft Office component .text,.data,.rsrc,.reloc, + HKCR\.htm 360seURL\Edit\Command [A ] 107. d:\office12\msohtmed.exe Microsoft Corporation 2007 Microsoft Office component .text,.data,.rsrc,.reloc, 360seURL\open\Command [A ] 108. c:\program files\360\360se3\360se.exe 360安全中心 360se .text,.rdata,.data,.taihang,.rsrc, 360seURL\Print\Command [A ] 107. d:\office12\msohtmed.exe Microsoft Corporation 2007 Microsoft Office component .text,.data,.rsrc,.reloc, + HKCR\.mp3 qvodplayer.mp3\open\Command [A ] 109. e:\qvodplayer\qvodplayer.exe Shenzhen QVOD Technology Co.,Ltd QvodPlayer .text,.rdata,.data,.rsrc, + 程序初始化和已知动态连接库 + HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows AppInit_DLLs [AM] 90. c:\windows\downloaded program files\rjaekv7ccbwszhqbdu.cur UPX0,UPX1,.rsrc, + 打印机监控 + HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors EPSON BiD Monitor1 [AM] 110. c:\windows\system32\ebpmon2.dll SEIKO EPSON CORPORATION EPSON Bidirectional Monitor .text,.data,.rsrc,.reloc, Microsoft Document Imaging Writer Monitor [AM] 111. c:\windows\system32\mdimon.dll Microsoft Corporation Microsoft? Document Imaging .text,.data,.rsrc,.reloc, + 其他自启动项目 + c:\autorun.inf shellexecute [A ] 112. c:\autorun.vbs shell\Auto\command [A ] 112. c:\autorun.vbs + d:\autorun.inf shellexecute [A ] 113. d:\autorun.vbs shell\Auto\command [A ] 113. d:\autorun.vbs + e:\autorun.inf shellexecute [A ] 114. e:\autorun.vbs shell\Auto\command [A ] 114. e:\autorun.vbs + C:\WINDOWS\Tasks SogouImeMgr.job [A ] 115. c:\program files\sogouinput\4.2.3.2813\pinyinrepair.exe Sogou.com Inc. 搜狗拼音输入法 输入法修复程序 .text,.rdata,.data,.rsrc, User_Feed_Synchronization-{3B03BA6F-CC6D-4FFE-8D3B-53811B320AF6}.job [A ] 116. c:\windows\system32\msfeedssync.exe Microsoft Corporation Microsoft Feeds Synchronization .text,.data,.rsrc,.reloc, + 正在运行的进程 + 000000dc(220) peer.exe 00400000[00356000] [AM] 100. c:\program files\gridservice\peer.exe FS2YOU Grid Service .text,.rdata,.data,.rsrc, 00390000[00009000] [ M] 117. c:\windows\system32\normaliz.dll Microsoft Corporation Unicode Normalization DLL .text,.data,.rsrc,.reloc, 5DCA0000[001E8000] [ M] 118. c:\windows\system32\iertutil.dll Microsoft Corporation Run time utility for Internet Explorer .text,.data,.rsrc,.reloc, 16080000[00025000] [ M] 119. c:\program files\bonjour\mdnsnsp.dll Apple Inc. Bonjour Namespace Provider .text,.rdata,.data,.rsrc,.reloc, 77020000[0009A000] [ M] 120. c:\windows\system32\dfc8ac3ed7da.dll Microsoft Corporation .text,.data,.rsrc,.reloc, 01D20000[00016000] [AM] 81. c:\windows\system32\qfk6ys52myexkxpwmdmhq.inf UPX0,UPX1,UPX2, + 000000ec(236) locator.exe + 00000168(360) ctfmon.exe 00C20000[00016000] [AM] 81. c:\windows\system32\qfk6ys52myexkxpwmdmhq.inf UPX0,UPX1,UPX2, 00C40000[00011000] [AM] 84. c:\windows\fonts\a97cracb.fon UPX0,UPX1,UPX2, 00C60000[00013000] [AM] 88. c:\windows\system32\nxe2grrknzf9dxykmqg.inf UPX0,UPX1,UPX2, 00C80000[00012000] [AM] 89. c:\windows\system32\qzp3jtzcsfsh.dll UPX0,UPX1,UPX2, 00CA0000[00014000] [AM] 90. c:\windows\downloaded program files\rjaekv7ccbwszhqbdu.cur UPX0,UPX1,.rsrc, 00CC0000[00013000] [AM] 91. c:\windows\tasks\c2nh4numz9kny5zqnc.inf UPX0,UPX1,.rsrc, 00CE0000[00010000] [AM] 92. c:\windows\system32\btmband89jc9pspq5eknj.inf UPX0,UPX1,UPX2, + 000001b4(436) scanfrm.exe 00400000[0000B000] [AM] 14. e:\program files\rising\rav\scanfrm.exe Beijing Rising Information Technology Co., Ltd. Rising Scan Service Framework .text,.rdata,.data,.rsrc, 7C3A0000[0007B000] [ M] 121. c:\windows\system32\msvcp71.dll Microsoft Corporation Microsoft? C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 7C340000[00056000] [ M] 122. c:\windows\system32\msvcr71.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 10000000[00029000] [ M] 123. e:\program files\rising\rav\combase.dll Beijing Rising Information Technology Co., Ltd. combase .text,.rdata,.data,.rsrc,.reloc, 003E0000[00019000] [ M] 124. e:\program files\rising\rav\moncomm.dll Beijing Rising Information Technology Co., Ltd. MonComm .text,.rdata,.data,.rsrc,.reloc, 00900000[00008000] [ M] 125. e:\program files\rising\rav\scansrvp.dll Beijing Rising Information Technology Co., Ltd. ScanSrvP Module .text,.rdata,.data,.rsrc,.reloc, 00910000[00010000] [ M] 126. e:\program files\rising\rav\proccomm.dll Beijing Rising Information Technology Co., Ltd. ProcComm Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00C20000[0000E000] [ M] 127. e:\program files\rising\rav\scansrv.dll Beijing Rising Information Technology Co., Ltd. ScanSrv Module .text,.rdata,.data,.rsrc,.reloc, 01230000[0002D000] [ M] 128. e:\program files\rising\rav\comx3.dll Beijing Rising Information Technology Co., Ltd. comx3 Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01260000[00019000] [ M] 129. e:\program files\rising\rav\syslay.dll Beijing Rising Information Technology Co., Ltd. Syslay .text,.rdata,.data,.rsrc,.reloc, 01790000[0000F000] [ M] 130. e:\program files\rising\rav\scanravt.dll Beijing Rising Information Technology Co., Ltd. ScanRavT Module .text,.rdata,.data,.rsrc,.reloc, 017A0000[00072000] [ M] 131. e:\program files\rising\rav\scanbt.dll Beijing Rising Information Technology Co., Ltd. ScanBT Module .text,.rdata,.data,.rsrc,.reloc, 01820000[0000D000] [ M] 132. e:\program files\rising\rav\scanstub.dll Beijing Rising Information Technology Co., Ltd. ScanStub Module .text,.rdata,.data,.rsrc,.reloc, 01830000[0006A000] [ M] 133. e:\program files\rising\rav\rslog.dll Beijing Rising Information Technology Co., Ltd. rslog Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 018C0000[0000D000] [ M] 134. e:\program files\rising\rav\scanadd.dll Beijing Rising Information Technology Co., Ltd. Rising Scan Service Addon .text,.rdata,.data,.rsrc,.reloc, 018D0000[0000E000] [ M] 135. e:\program files\rising\rav\rsappmgr.dll Beijing Rising Information Technology Co., Ltd. Rising Application Manager .text,.rdata,.data,.rsrc,.reloc, 018F0000[00031000] [ M] 136. e:\program files\rising\rav\cfgdll.dll Beijing Rising Information Technology Co., Ltd. CfgDll .text,.rdata,.data,.rsrc,.reloc, 01A30000[00027000] [ M] 137. e:\program files\rising\rav\scanner.dll Beijing Rising Information Technology Co., Ltd. RsScanner Module .text,.rdata,.data,.rsrc,.reloc, 01A60000[0003C000] [ M] 138. e:\program files\rising\rav\recomp.dll Beijing Rising Information Technology Co., Ltd. component manager Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01AB0000[00038000] [ M] 139. e:\program files\rising\rav\refs.dll Beijing Rising Information Technology Co., Ltd. filesystem Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01D10000[00030000] [ M] 140. e:\program files\rising\rav\viruslib.dll Beijing Rising Information Technology Co., Ltd. VirusLib Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01E50000[00029000] [ M] 141. e:\program files\rising\rav\relibldr.dll Beijing Rising Information Technology Co., Ltd. libloader Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 02290000[00030000] [ M] 142. e:\program files\rising\rav\mvengine.dll Beijing Rising Information Technology Co., Ltd. mvengine Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 022D0000[0000D000] [ M] 143. e:\program files\rising\rav\sysmail.dll Beijing Rising Information Technology Co., Ltd. SysMail Module .text,.rdata,.data,.rsrc,.reloc, 022E0000[00045000] [ M] 144. e:\program files\rising\rav\posttrt.dll Beijing Rising Information Technology Co., Ltd. PostTrt .text,.rdata,.data,.rsrc,.reloc, 02ED0000[00022000] [ M] 145. e:\program files\rising\rav\ffr.dll Beijing Rising Information Technology Co., Ltd. ffr Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 02F10000[00021000] [ M] 146. e:\program files\rising\rav\nvfile.dll Beijing Rising Information Technology Co., Ltd. NVFile .text,.rdata,.data,.rsrc,.reloc, 13AB0000[00045000] [ M] 147. e:\program files\rising\rav\scanexec.dll Beijing Rising Information Technology Co., Ltd. ScanExec .text,.rdata,.data,.rsrc,.reloc, 037B0000[002DD000] [ M] 148. e:\program files\rising\rav\unexe.dll Beijing Rising Information Technology Co., Ltd. UnExe .text,.rdata,.data,.rsrc,.reloc, 03AA0000[000C3000] [ M] 149. e:\program files\rising\rav\scanex.dll Beijing Rising Information Technology Co., Ltd. ScanEx .text,.rdata,.data,.rsrc,.reloc, 03FD0000[00029000] [ M] 150. e:\program files\rising\rav\pearc.dll Beijing Rising Information Technology Co., Ltd. pearchive Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 04010000[0002A000] [ M] 151. e:\program files\rising\rav\scanpe.dll Beijing Rising Information Technology Co., Ltd. scanpe Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 043F0000[0001B000] [ M] 152. e:\program files\rising\rav\ur000.dat Beijing Rising Information Technology Co., Ltd. Unpack Routine .text,.rdata,.data,.rsrc,.reloc, 04420000[00035000] [ M] 153. e:\program files\rising\rav\urutils.dll Beijing Rising Information Technology Co., Ltd. urutils Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 04470000[00085000] [ M] 154. e:\program files\rising\rav\methodex.dll Beijing Rising Information Technology Co., Ltd. MethodEx .text,.rdata,.data,.rsrc,.reloc, 05130000[000B9000] [ M] 155. e:\program files\rising\rav\revm.dll Beijing Rising Information Technology Co., Ltd. REVM Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 04F30000[00034000] [ M] 156. e:\program files\rising\rav\heurex.dll Beijing Rising Information Technology Co., Ltd. HeurEx .text,.rdata,.data,.rsrc,.reloc, 04F80000[00023000] [ M] 157. e:\program files\rising\rav\pecompd.dll Beijing Rising Information Technology Co., Ltd. PeCompdEx .text,.rdata,.data,.rsrc,.reloc, 05320000[000FF000] [ M] 158. e:\program files\rising\rav\extfile.dll Beijing Rising Information Technology Co., Ltd. extfile Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 07DE0000[00023000] [ M] 159. e:\program files\rising\rav\scansct.dll Beijing Rising Information Technology Co., Ltd. ScanSct Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 77020000[0009A000] [ M] 120. c:\windows\system32\dfc8ac3ed7da.dll Microsoft Corporation .text,.data,.rsrc,.reloc, 0C5B0000[0002B000] [ M] 160. e:\program files\rising\rav\rsstore.dll Beijing Rising Information Technology Co., Ltd. RSStore .text,.rdata,.data,.rsrc,.reloc, 0C830000[00012000] [ M] 161. e:\program files\rising\rav\ur001.dat Beijing Rising Information Technology Co., Ltd. Unpack Routine .text,.rdata,.data,.rsrc,.reloc, 0DB60000[00087000] [ M] 162. e:\program files\rising\rav\ur027.dat Beijing Rising Information Technology Co., Ltd. Unpack Routine .text,.rdata,.data,.rsrc,.reloc, 0E100000[00015000] [ M] 163. e:\program files\rising\rav\ur023.dat Beijing Rising Information Technology Co., Ltd. Unpack Routine .text,.rdata,.data,.rsrc,.reloc, 115D0000[0003A000] [ M] 164. e:\program files\rising\rav\scriptci.dll Beijing Rising Information Technology Co., Ltd. scriptci Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, + 00000210(528) SearchIndexer.exe 01000000[0006E000] [AM] 17. c:\windows\system32\searchindexer.exe Microsoft Corporation Microsoft Windows Search Indexer .text,.data,.rsrc,.reloc, 60000000[00185000] [ M] 165. c:\windows\system32\tquery.dll Microsoft Corporation tquery.dll .text,.data,.rsrc,.reloc, 00400000[000BB000] [AM] 77. c:\windows\system32\propsys.dll Microsoft Corporation Microsoft Property System .text,.orpc,.data,.rsrc,.reloc, 004C0000[0015E000] [ M] 166. c:\windows\system32\mssrch.dll Microsoft Corporation mssrch.dll .text,.data,.tls,.rsrc,.reloc, 77020000[0009A000] [ M] 120. c:\windows\system32\dfc8ac3ed7da.dll Microsoft Corporation .text,.data,.rsrc,.reloc, 47060000[00021000] [ M] 167. c:\windows\system32\xmllite.dll Microsoft Corporation Microsoft XmlLite Library .text,.data,.rsrc,.reloc, 01A40000[00019000] [ M] 168. c:\windows\system32\zh-cn\tquery.dll.mui Microsoft Corporation tquery.dll .rsrc,.reloc, 01E60000[0000B000] [ M] 169. c:\windows\system32\msscb.dll Microsoft Corporation msscb.dll .text,.data,.rsrc,.reloc, 0C2C0000[0000B000] [ M] 170. c:\windows\system32\mssprxy.dll Microsoft Corporation Microsoft Search Proxy .orpc,.text,.data,.rsrc,.reloc, + 00000288(648) smss.exe + 000002c8(712) csrss.exe + 000002e0(736) winlogon.exe 72C80000[00008000] [ M] 171. c:\windows\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, 77020000[0009A000] [ M] 120. c:\windows\system32\dfc8ac3ed7da.dll Microsoft Corporation .text,.data,.rsrc,.reloc, + 0000030c(780) services.exe 46040000[0000F000] [ M] 172. c:\windows\apppatch\acadproc.dll Microsoft Corporation Windows Compatibility DLL .text,.data,.rsrc,.reloc, + 00000318(792) lsass.exe + 000003b8(952) svchost.exe 77020000[0009A000] [ M] 120. c:\windows\system32\dfc8ac3ed7da.dll Microsoft Corporation .text,.data,.rsrc,.reloc, + 00000404(1028) svchost.exe 16080000[00025000] [ M] 119. c:\program files\bonjour\mdnsnsp.dll Apple Inc. Bonjour Namespace Provider .text,.rdata,.data,.rsrc,.reloc, 77020000[0009A000] [ M] 120. c:\windows\system32\dfc8ac3ed7da.dll Microsoft Corporation .text,.data,.rsrc,.reloc, + 00000480(1152) svchost.exe 77020000[0009A000] [ M] 120. c:\windows\system32\dfc8ac3ed7da.dll Microsoft Corporation .text,.data,.rsrc,.reloc, 00E20000[00009000] [ M] 117. c:\windows\system32\normaliz.dll Microsoft Corporation Unicode Normalization DLL .text,.data,.rsrc,.reloc, 5DCA0000[001E8000] [ M] 118. c:\windows\system32\iertutil.dll Microsoft Corporation Run time utility for Internet Explorer .text,.data,.rsrc,.reloc, + 000004f8(1272) svchost.exe + 00000574(1396) svchost.exe 77020000[0009A000] [ M] 120. c:\windows\system32\dfc8ac3ed7da.dll Microsoft Corporation .text,.data,.rsrc,.reloc, 16080000[00025000] [ M] 119. c:\program files\bonjour\mdnsnsp.dll Apple Inc. Bonjour Namespace Provider .text,.rdata,.data,.rsrc,.reloc, + 0000058c(1420) zhudongfangyu.exe 00400000[00033000] [AM] 18. c:\program files\360\360safe\deepscan\zhudongfangyu.exe 360安全中心 360主动防御服务模块 .text,.rdata,.data,.rsrc, 10000000[00053000] [ M] 173. c:\program files\360\360safe\deepscan\cloudcom2.dll 360安全中心 360木马云查杀查询模块 .text,.rdata,.data,.rsrc,.reloc, 003D0000[00009000] [ M] 117. c:\windows\system32\normaliz.dll Microsoft Corporation Unicode Normalization DLL .text,.data,.rsrc,.reloc, 5DCA0000[001E8000] [ M] 118. c:\windows\system32\iertutil.dll Microsoft Corporation Run time utility for Internet Explorer .text,.data,.rsrc,.reloc, 60900000[0006C000] [ M] 174. c:\program files\360\360safe\deepscan\heavygate.dll 360安全中心 360木马云查杀查询模块 .text,.data,.bss,.edata,.idata,.reloc,.stab,.stabstr,.rsrc, 00CE0000[00030000] [ M] 175. c:\program files\360\360safe\softmgr\360softmgrs.dll 奇虎网 360软件管家服务模块 .text,.rdata,.data,.rsrc,.reloc, 01370000[00011000] [ M] 176. c:\program files\360\360safe\deepscan\qutmload.dll 360.CN 360安全卫士关键位置保护模块 .text,.rdata,.data,.rsrc,.reloc, + 000005f0(1520) QQ.exe 00400000[00023000] [ M] 177. e:\qq\bin\qq.exe Tencent QQ2009 .text,.rdata,.data,.rsrc, 30000000[0020D000] [ M] 178. e:\qq\bin\common.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 003B0000[00009000] [ M] 117. c:\windows\system32\normaliz.dll Microsoft Corporation Unicode Normalization DLL .text,.data,.rsrc,.reloc, 5DCA0000[001E8000] [ M] 118. c:\windows\system32\iertutil.dll Microsoft Corporation Run time utility for Internet Explorer .text,.data,.rsrc,.reloc, 31800000[0008C000] [ M] 179. e:\qq\bin\kernelutil.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 30800000[0029E000] [ M] 180. e:\qq\bin\gf.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 10000000[0000B000] [ M] 181. e:\qq\bin\xgraphic32.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 61210000[001D6000] [ M] 182. e:\qq\bin\apputil.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 77020000[0009A000] [ M] 120. c:\windows\system32\dfc8ac3ed7da.dll Microsoft Corporation .text,.data,.rsrc,.reloc, 61C00000[001FF000] [ M] 183. e:\qq\bin\mainframe.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 02A50000[004A3000] [ M] 184. c:\windows\system32\macromed\flash\flash10c.ocx Adobe Systems, Inc. Adobe Flash Player 10.0 r32 .text,.rdata,.data,.rodata,.rsrc,.reloc, 04180000[00010000] [AM] 92. c:\windows\system32\btmband89jc9pspq5eknj.inf UPX0,UPX1,UPX2, 04290000[00013000] [AM] 91. c:\windows\tasks\c2nh4numz9kny5zqnc.inf UPX0,UPX1,.rsrc, 042B0000[00014000] [AM] 90. c:\windows\downloaded program files\rjaekv7ccbwszhqbdu.cur UPX0,UPX1,.rsrc, 042D0000[00012000] [AM] 89. c:\windows\system32\qzp3jtzcsfsh.dll UPX0,UPX1,UPX2, 042F0000[00013000] [AM] 88. c:\windows\system32\nxe2grrknzf9dxykmqg.inf UPX0,UPX1,UPX2, 04310000[00011000] [AM] 84. c:\windows\fonts\a97cracb.fon UPX0,UPX1,UPX2, 04330000[00016000] [AM] 81. c:\windows\system32\qfk6ys52myexkxpwmdmhq.inf UPX0,UPX1,UPX2, 72C80000[00008000] [ M] 171. c:\windows\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, 60B30000[00061000] [ M] 185. e:\qq\bin\msvcp60.dll Microsoft Corporation Microsoft (R) C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 31000000[0032D000] [ M] 186. e:\qq\bin\im.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 61FE0000[00040000] [ M] 187. e:\qq\bin\tasktray.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 32000000[0000A000] [ M] 188. e:\qq\bin\txpfproxy.dll Tencent QQ2009 .text,.orpc,.rdata,.data,.rsrc,.reloc, 054F0000[00057000] [ M] 189. e:\qq\plugin\com.tencent.qqshow\bin\flashavatardll.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 31400000[0004F000] [ M] 190. e:\qq\bin\kernelmisc.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 610A0000[00146000] [ M] 191. e:\qq\bin\appmisc.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 61030000[00069000] [ M] 192. e:\qq\bin\appctrl.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 61500000[0012C000] [ M] 193. e:\qq\bin\chatframe.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 61700000[000A9000] [ M] 194. e:\qq\bin\configcenter.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 61A00000[00083000] [ M] 195. e:\qq\bin\customface.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 31C00000[000E6000] [ M] 196. e:\qq\bin\longcnn.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 61900000[000BB000] [ M] 197. e:\qq\bin\contactinfoframe.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 65000000[000DB000] [ M] 198. e:\qq\bin\msgmgr.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 61F20000[0003E000] [ M] 199. e:\qq\bin\skinmgr.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 61F00000[0001A000] [ M] 200. e:\qq\bin\qinterlive.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 65100000[00083000] [ M] 201. e:\qq\bin\systemmsg.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 62E00000[000F5000] [ M] 202. e:\qq\plugin\com.tencent.paipai\bin\paipai.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 62100000[00137000] [ M] 203. e:\qq\plugin\com.tencent.audiovideo\bin\audiovideo.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 62A00000[00045000] [ M] 204. e:\qq\plugin\com.tencent.mmog\bin\mmog.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 64100000[00055000] [ M] 205. e:\qq\plugin\com.tencent.soso\bin\soso.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 63D00000[000A5000] [ M] 206. e:\qq\plugin\com.tencent.qzone\bin\qzone.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 64700000[00030000] [ M] 207. e:\qq\plugin\com.tencent.weather\bin\weather.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 64000000[00018000] [ M] 208. e:\qq\plugin\com.tencent.sobar\bin\sobar.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 62F00000[00048000] [ M] 209. e:\qq\plugin\com.tencent.paipaigift\bin\paipaigift.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 63500000[00018000] [ M] 210. e:\qq\plugin\com.tencent.qqlive\bin\qqlive.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 63600000[00051000] [ M] 211. e:\qq\plugin\com.tencent.qqmusic\bin\qqmusic.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 64300000[0001B000] [ M] 212. e:\qq\plugin\com.tencent.taotao\bin\taotao.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 05700000[0007F000] [ M] 213. c:\program files\common files\tencent\txsso\bin\ssoplatform.dll Tencent Tencent SSO Platform DLL .text,.rdata,.data,.rsrc,.reloc, 05790000[000B1000] [ M] 214. c:\program files\common files\tencent\txsso\bin\ssocommon.dll Tencent Tencent SSO Common DLL .text,.rdata,.data,.rsrc,.reloc, 05990000[00070000] [ M] 215. e:\qq\bin\basicctrldll.dll TENCENT BasicCtrlDll DLL .text,.rdata,.data,.rsrc,.reloc, 16080000[00025000] [ M] 119. c:\program files\bonjour\mdnsnsp.dll Apple Inc. Bonjour Namespace Provider .text,.rdata,.data,.rsrc,.reloc, 39700000[000EB000] [ M] 216. e:\qq\bin\riched20.dll Microsoft Corporation Rich Text Edit Control, v5.0 .text,.rdata,.data,.rsrc,.reloc, 09310000[00A91000] [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, 61B00000[000CE000] [ M] 217. e:\qq\bin\groupapp.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 63F00000[0003A000] [ M] 218. e:\qq\plugin\com.tencent.snsapp\bin\snsapp.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 0B680000[0003A000] [ M] 219. e:\qq\plugin\com.tencent.paycenter\bin\paycenter.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 63100000[00022000] [ M] 220. e:\qq\plugin\com.tencent.qbar\bin\qbar.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 63B00000[00024000] [ M] 221. e:\qq\plugin\com.tencent.qqvipmisc\bin\qqvipmisc.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 64800000[0003B000] [ M] 222. e:\qq\plugin\com.tencent.wenwen\bin\wenwen.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 62B00000[00015000] [ M] 223. e:\qq\plugin\com.tencent.netbar\bin\netbar.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 64A00000[0007C000] [ M] 224. e:\qq\plugin\com.tencent.wireless\bin\wireless.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 63900000[000B8000] [ M] 225. e:\qq\plugin\com.tencent.qqshow\bin\qqshow.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 62300000[00035000] [ M] 226. e:\qq\plugin\com.tencent.crm\bin\crm.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 64600000[0001F000] [ M] 227. e:\qq\plugin\com.tencent.vas\bin\vas.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 0C020000[00091000] [ M] 228. e:\qq\bin\informationbox.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 63A00000[0001C000] [ M] 229. e:\qq\plugin\com.tencent.qqvip\bin\qqvip.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 62400000[000C2000] [ M] 230. e:\qq\plugin\com.tencent.filetransfer\bin\filetransfer.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 62900000[00059000] [ M] 231. e:\qq\plugin\com.tencent.memo\bin\memo.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 63700000[00036000] [ M] 232. e:\qq\plugin\com.tencent.qqpet\bin\qqpet.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 04BC0000[0005D000] [ M] 233. e:\qq\plugin\com.tencent.advertisement\bin\advertisement.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 64400000[0001D000] [ M] 234. e:\qq\plugin\com.tencent.today\bin\today.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 63300000[00067000] [ M] 235. e:\qq\plugin\com.tencent.qqgame\bin\qqgame.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 63800000[0003A000] [ M] 236. e:\qq\plugin\com.tencent.qqring\bin\qqring.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 62700000[00030000] [ M] 237. e:\qq\plugin\com.tencent.mail\bin\mail.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 63C00000[0002B000] [ M] 238. e:\qq\plugin\com.tencent.qqwebsite\bin\qqwebsite.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 0E330000[00016000] [ M] 239. c:\documents and settings\joewoo\application data\tencent\qq\safebase\tseh.dat TENCENT TSEH DLL UPX0,UPX1,.rsrc, 0E350000[00011000] [ M] 240. c:\documents and settings\joewoo\application data\tencent\qq\safebase\tseloder.dat Tencent TSELoder UPX0,UPX1,.rsrc, 72C60000[00007000] [ M] 241. c:\windows\system32\msadp32.acm Microsoft Corporation Microsoft ADPCM CODEC for MSACM .text,.data,.rsrc,.reloc, 62500000[0003A000] [ M] 242. e:\qq\plugin\com.tencent.gamelife\bin\gamelife.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 112D0000[00036000] [ M] 243. e:\qq\bin\camera.dll Tencent QQ2009 .text,.rdata,.data,.rsrc,.reloc, 11580000[00038000] [ M] 244. e:\qq\bin\sccore.dll Tencent SCCore.dll .text,.rodata,.rdata,.data,.shareds,.rsrc,.reloc, + 00000614(1556) spoolsv.exe 50400000[0000F000] [AM] 110. c:\windows\system32\ebpmon2.dll SEIKO EPSON CORPORATION EPSON Bidirectional Monitor .text,.data,.rsrc,.reloc, 009F0000[00008000] [AM] 111. c:\windows\system32\mdimon.dll Microsoft Corporation Microsoft? Document Imaging .text,.data,.rsrc,.reloc, 683A0000[0004F000] [ M] 245. c:\windows\system32\spool\prtprocs\w32x86\hp1006s.dll Hewlett-Packard Hewlett-Packard : Print Processor .text,.data,.rsrc,.reloc, 00A10000[00008000] [ M] 246. c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll Microsoft Corporation Microsoft? Document Imaging .text,.data,.rsrc,.reloc, 3F420000[0001B000] [ M] 247. c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll Microsoft Corporation Print Filter Pipeline Proxy .text,.orpc,.data,.rsrc,.reloc, 16080000[00025000] [ M] 119. c:\program files\bonjour\mdnsnsp.dll Apple Inc. Bonjour Namespace Provider .text,.rdata,.data,.rsrc,.reloc, 77020000[0009A000] [ M] 120. c:\windows\system32\dfc8ac3ed7da.dll Microsoft Corporation .text,.data,.rsrc,.reloc, + 000006f0(1776) Explorer.EXE 00400000[00009000] [ M] 117. c:\windows\system32\normaliz.dll Microsoft Corporation Unicode Normalization DLL .text,.data,.rsrc,.reloc, 5DCA0000[001E8000] [ M] 118. c:\windows\system32\iertutil.dll Microsoft Corporation Run time utility for Internet Explorer .text,.data,.rsrc,.reloc, 77020000[0009A000] [ M] 120. c:\windows\system32\dfc8ac3ed7da.dll Microsoft Corporation .text,.data,.rsrc,.reloc, 01650000[00A91000] [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, 72C80000[00008000] [ M] 171. c:\windows\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, 02C90000[0005B000] [AM] 65. c:\program files\common files\adobe\acrobat\activex\pdfshell.dll Adobe Systems, Inc. PDF Shell Extension .text,.orpc,.rdata,.data,.rsrc,.reloc, 02CF0000[0004C000] [ M] 248. c:\program files\common files\adobe\acrobat\activex\pdfshell.chs .rsrc,.reloc, 025E0000[00016000] [AM] 81. c:\windows\system32\qfk6ys52myexkxpwmdmhq.inf UPX0,UPX1,UPX2, 02C60000[00011000] [AM] 82. c:\windows\system32\122b901e.dll UPX0,UPX1,UPX2, 04350000[00012000] [AM] 83. c:\windows\tasks\sbrmpxjdcrgrafhz4ghh.inf UPX0,UPX1,.rsrc, 043F0000[00011000] [AM] 84. c:\windows\fonts\a97cracb.fon UPX0,UPX1,UPX2, 04290000[00011000] [AM] 85. c:\windows\fonts\sd78dgc7hd2sktqhyau.fon UPX0,UPX1,UPX2, 042B0000[00011000] [AM] 86. c:\windows\system32\scevfjrcmab7.dll UPX0,UPX1,UPX2, 04610000[00011000] [AM] 87. c:\windows\system32\dhdhws7ffw.dll UPX0,UPX1,UPX2, 009F0000[00013000] [AM] 88. c:\windows\system32\nxe2grrknzf9dxykmqg.inf UPX0,UPX1,UPX2, 00A10000[00012000] [AM] 89. c:\windows\system32\qzp3jtzcsfsh.dll UPX0,UPX1,UPX2, 02620000[00014000] [AM] 90. c:\windows\downloaded program files\rjaekv7ccbwszhqbdu.cur UPX0,UPX1,.rsrc, 03CF0000[00013000] [AM] 91. c:\windows\tasks\c2nh4numz9kny5zqnc.inf UPX0,UPX1,.rsrc, 03D90000[00010000] [AM] 92. c:\windows\system32\btmband89jc9pspq5eknj.inf UPX0,UPX1,UPX2, 04C80000[0002C000] [AM] 67. c:\program files\winrar\rarext.dll .text,.rdata,.data,.rsrc,.reloc, 04D00000[00024000] [ M] 249. c:\windows\system32\kakaext.dll Beijing Rising Information Technology Co., Ltd. Rising Shell Ext Module .text,.rdata,.data,.rsrc,.reloc, 04D30000[00015000] [ M] 250. e:\qvodplayer\qvodband.dll Shenzhen QVOD Technology Co.,Ltd QvodBand .text,.rdata,.data,.rsrc,.reloc, 04D60000[00028000] [ M] 251. c:\program files\aliwangwang\aliimext.dll Alibaba software (Shanghai) Corporation. 阿里旺旺发送文件辅助模块. .text,.rdata,.data,.rsrc,.reloc, 04DB0000[0001F000] [AM] 80. c:\windows\system32\tudouupload.dll www.Tudou.com DLL registration shell extension .text,.rdata,.data,.rsrc,.reloc, 05580000[001FE000] [ M] 252. c:\windows\system32\qqpinyin.ime Tencent QQ拼音输入法 2.2 .text,.rdata,.data,.ShareDa,.rsrc,.reloc, + 00000794(1940) AntiARPServer.exe 00400000[004D0000] [AM] 95. c:\program files\彩影软件\arp防火墙管理端\antiarpserver.exe CODE,DATA,BSS,.idata,.tls,.rdata,.vmp0,.rsrc,.vmp1,.reloc, 77020000[0009A000] [ M] 120. c:\windows\system32\dfc8ac3ed7da.dll Microsoft Corporation .text,.data,.rsrc,.reloc, 01AE0000[00016000] [AM] 81. c:\windows\system32\qfk6ys52myexkxpwmdmhq.inf UPX0,UPX1,UPX2, 01B00000[00011000] [AM] 84. c:\windows\fonts\a97cracb.fon UPX0,UPX1,UPX2, 01B20000[00013000] [AM] 88. c:\windows\system32\nxe2grrknzf9dxykmqg.inf UPX0,UPX1,UPX2, 084B0000[00012000] [AM] 89. c:\windows\system32\qzp3jtzcsfsh.dll UPX0,UPX1,UPX2, 084D0000[00014000] [AM] 90. c:\windows\downloaded program files\rjaekv7ccbwszhqbdu.cur UPX0,UPX1,.rsrc, 084F0000[00013000] [AM] 91. c:\windows\tasks\c2nh4numz9kny5zqnc.inf UPX0,UPX1,.rsrc, 08510000[00010000] [AM] 92. c:\windows\system32\btmband89jc9pspq5eknj.inf UPX0,UPX1,UPX2, + 000007c4(1988) svchost.exe 006C0000[00009000] [ M] 117. c:\windows\system32\normaliz.dll Microsoft Corporation Unicode Normalization DLL .text,.data,.rsrc,.reloc, 5DCA0000[001E8000] [ M] 118. c:\windows\system32\iertutil.dll Microsoft Corporation Run time utility for Internet Explorer .text,.data,.rsrc,.reloc, + 000007e4(2020) EoEngine.exe 00400000[00072000] [AM] 97. c:\program files\eorezo\eoengine.exe Application MFC EoEngine .text,.rdata,.data,.rsrc, 10000000[00075000] [ M] 253. c:\program files\eorezo\eorezotools_30.dll .text,.rdata,.data,.reloc, 003A0000[00009000] [ M] 117. c:\windows\system32\normaliz.dll Microsoft Corporation Unicode Normalization DLL .text,.data,.rsrc,.reloc, 5DCA0000[001E8000] [ M] 118. c:\windows\system32\iertutil.dll Microsoft Corporation Run time utility for Internet Explorer .text,.data,.rsrc,.reloc, 003B0000[0000D000] [ M] 254. c:\program files\eorezo\eomultilanguage.dll EoMultiLanguage DLL .text,.rdata,.data,.rsrc,.reloc, 00E20000[00006000] [ M] 255. c:\program files\eorezo\eorezocomm.dll EoRezoComm DLL .text,.rdata,.data,.rsrc,.reloc, 77020000[0009A000] [ M] 120. c:\windows\system32\dfc8ac3ed7da.dll Microsoft Corporation .text,.data,.rsrc,.reloc, 01430000[00016000] [ M] 256. c:\program files\eorezo\eoadv\eoadv.dll EoAdv DLL .text,.rdata,.data,.rsrc,.reloc, 01870000[000EF000] [ M] 257. c:\program files\eorezo\freeimage.dll FreeImage FreeImage library .text,.rdata,.data,.rsrc,.reloc, 16080000[00025000] [ M] 119. c:\program files\bonjour\mdnsnsp.dll Apple Inc. Bonjour Namespace Provider .text,.rdata,.data,.rsrc,.reloc, 01EF0000[00016000] [AM] 81. c:\windows\system32\qfk6ys52myexkxpwmdmhq.inf UPX0,UPX1,UPX2, + 00000a1c(2588) alg.exe 77020000[0009A000] [ M] 120. c:\windows\system32\dfc8ac3ed7da.dll Microsoft Corporation .text,.data,.rsrc,.reloc, + 00000a78(2680) knownsvr.exe 00400000[00072000] [ M] 258. e:\program files\瑞星卡卡\knownsvr.exe Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc, 10000000[00034000] [ M] 259. e:\program files\瑞星卡卡\ncomm.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 003A0000[00009000] [ M] 117. c:\windows\system32\normaliz.dll Microsoft Corporation Unicode Normalization DLL .text,.data,.rsrc,.reloc, 5DCA0000[001E8000] [ M] 118. c:\windows\system32\iertutil.dll Microsoft Corporation Run time utility for Internet Explorer .text,.data,.rsrc,.reloc, 00BC0000[0002D000] [ M] 260. e:\program files\瑞星卡卡\comx3.dll Beijing Rising Information Technology Co., Ltd. comx3 Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00BF0000[00019000] [ M] 261. e:\program files\瑞星卡卡\syslay.dll Beijing Rising Information Technology Co., Ltd. Syslay .text,.rdata,.data,.rsrc,.reloc, + 00000af0(2800) RsTray.exe 00400000[00023000] [AM] 96. e:\program files\rising\rav\rstray.exe Beijing Rising Information Technology Co., Ltd. Rising tray framework .text,.rdata,.data,.rsrc, 10000000[00023000] [ M] 262. e:\program files\rising\rav\comserv.dll Beijing Rising Information Technology Co., Ltd. Rising tray common service .text,.rdata,.data,.rsrc,.reloc, 7C3A0000[0007B000] [ M] 121. c:\windows\system32\msvcp71.dll Microsoft Corporation Microsoft? C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 7C340000[00056000] [ M] 122. c:\windows\system32\msvcr71.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 23700000[00023000] [ M] 263. e:\program files\rising\rav\rslang.dll Beijing Rising Information Technology Co., Ltd. Rising Common Function Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 009E0000[0002D000] [ M] 128. e:\program files\rising\rav\comx3.dll Beijing Rising Information Technology Co., Ltd. comx3 Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00A10000[00019000] [ M] 129. e:\program files\rising\rav\syslay.dll Beijing Rising Information Technology Co., Ltd. Syslay .text,.rdata,.data,.rsrc,.reloc, 23800000[00025000] [ M] 264. e:\program files\rising\rav\rsxml.dll Beijing Rising Information Technology Co., Ltd. RsXML .text,.rdata,.data,.rsrc,.reloc, 00D10000[00010000] [ M] 126. e:\program files\rising\rav\proccomm.dll Beijing Rising Information Technology Co., Ltd. ProcComm Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01020000[0000B000] [ M] 265. e:\program files\rising\rav\scanevnt.dll Beijing Rising Information Technology Co., Ltd. Rising Scan Service Event Handler .text,.rdata,.data,.rsrc,.reloc, 26600000[000C3000] [ M] 266. e:\program files\rising\rav\rsguilib.dll Beijing Rising Information Technology Co., Ltd. Rising GUI Library Loader .text,.rdata,.data,.rsrc,.reloc, 7C140000[00103000] [ M] 267. c:\windows\system32\mfc71.dll Microsoft Corporation MFCDLL Shared Library - Retail Version .text,.data,.rsrc,.reloc, 01170000[00017000] [ M] 268. e:\program files\rising\rav\rsconf.dll Beijing Rising Information Technology Co., Ltd. rsconf Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 011A0000[0000E000] [ M] 135. e:\program files\rising\rav\rsappmgr.dll Beijing Rising Information Technology Co., Ltd. Rising Application Manager .text,.rdata,.data,.rsrc,.reloc, 011D0000[00031000] [ M] 136. e:\program files\rising\rav\cfgdll.dll Beijing Rising Information Technology Co., Ltd. CfgDll .text,.rdata,.data,.rsrc,.reloc, 01310000[00030000] [ M] 269. e:\program files\rising\rav\rspalvd.dll Beijing Rising Information Technology Co., Ltd. rspalvd .text,.rdata,.data,.rsrc,.reloc, 33000000[00025000] [ M] 270. e:\program files\rising\rav\ravbintl.dll Beijing Rising Information Technology Co., Ltd. ravbintl Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01350000[00009000] [ M] 117. c:\windows\system32\normaliz.dll Microsoft Corporation Unicode Normalization DLL .text,.data,.rsrc,.reloc, 5DCA0000[001E8000] [ M] 118. c:\windows\system32\iertutil.dll Microsoft Corporation Run time utility for Internet Explorer .text,.data,.rsrc,.reloc, 015B0000[0006D000] [ M] 271. e:\program files\rising\rav\montray.dll Beijing Rising Information Technology Co., Ltd. Rising AntiVirus 2009 .text,.rdata,.data,.rsrc,.reloc, 23900000[00040000] [ M] 272. e:\program files\rising\rav\pngdll.dll Beijing Rising Information Technology Co., Ltd. Rising .Png File Loader Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 34500000[00020000] [ M] 273. e:\program files\rising\rav\ravitray.dll Beijing Rising Information Technology Co., Ltd. ravitray Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01B80000[00059000] [ M] 274. e:\program files\rising\rav\scanprxy.dll Beijing Rising Information Technology Co., Ltd. ScanPrxy Module .text,.rdata,.data,.rsrc,.reloc, 01BE0000[00044000] [ M] 275. e:\program files\rising\rav\rsmginfo.dll Beijing Rising Information Technology Co., Ltd. rsmginfo .text,.rdata,.data,.rsrc,.reloc, 02040000[00010000] [AM] 92. c:\windows\system32\btmband89jc9pspq5eknj.inf UPX0,UPX1,UPX2, 02090000[00013000] [AM] 91. c:\windows\tasks\c2nh4numz9kny5zqnc.inf UPX0,UPX1,.rsrc, 020B0000[00014000] [AM] 90. c:\windows\downloaded program files\rjaekv7ccbwszhqbdu.cur UPX0,UPX1,.rsrc, 021D0000[00012000] [AM] 89. c:\windows\system32\qzp3jtzcsfsh.dll UPX0,UPX1,UPX2, 02300000[00013000] [AM] 88. c:\windows\system32\nxe2grrknzf9dxykmqg.inf UPX0,UPX1,UPX2, 02320000[00011000] [AM] 84. c:\windows\fonts\a97cracb.fon UPX0,UPX1,UPX2, 02340000[00016000] [AM] 81. c:\windows\system32\qfk6ys52myexkxpwmdmhq.inf UPX0,UPX1,UPX2, 16080000[00025000] [ M] 119. c:\program files\bonjour\mdnsnsp.dll Apple Inc. Bonjour Namespace Provider .text,.rdata,.data,.rsrc,.reloc, + 00000b74(2932) Rundll32.exe 10000000[00009000] [ M] 276. c:\windows\system32\edhj.dll .text,.rdata,.data,.CRT,.rsrc,.reloc, 00A80000[00009000] [ M] 117. c:\windows\system32\normaliz.dll Microsoft Corporation Unicode Normalization DLL .text,.data,.rsrc,.reloc, 5DCA0000[001E8000] [ M] 118. c:\windows\system32\iertutil.dll Microsoft Corporation Run time utility for Internet Explorer .text,.data,.rsrc,.reloc, 16080000[00025000] [ M] 119. c:\program files\bonjour\mdnsnsp.dll Apple Inc. Bonjour Namespace Provider .text,.rdata,.data,.rsrc,.reloc, + 00000bb4(2996) RSTray.exe 00400000[00023000] [AM] 101. e:\program files\瑞星卡卡\rstray.exe Beijing Rising Information Technology Co., Ltd. RSTray .text,.rdata,.data,.rsrc, 10000000[00044000] [ M] 277. e:\program files\瑞星卡卡\rsmginfo.dll Beijing Rising Information Technology Co., Ltd. rsmginfo .text,.rdata,.data,.rsrc,.reloc, 00910000[00009000] [ M] 117. c:\windows\system32\normaliz.dll Microsoft Corporation Unicode Normalization DLL .text,.data,.rsrc,.reloc, 5DCA0000[001E8000] [ M] 118. c:\windows\system32\iertutil.dll Microsoft Corporation Run time utility for Internet Explorer .text,.data,.rsrc,.reloc, 23800000[00022000] [ M] 278. e:\program files\瑞星卡卡\rsxml.dll Beijing Rising Information Technology Co., Ltd. RsXML .text,.rdata,.data,.rsrc,.reloc, 7C3A0000[0007B000] [ M] 279. e:\program files\瑞星卡卡\msvcp71.dll Microsoft Corporation Microsoft? C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 7C340000[00056000] [ M] 280. e:\program files\瑞星卡卡\msvcr71.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 00D30000[00024000] [ M] 281. e:\program files\瑞星卡卡\comserv.dll Beijing Rising Information Technology Co., Ltd. .text,.rdata,.data,.rsrc,.reloc, 00D60000[00019000] [ M] 261. e:\program files\瑞星卡卡\syslay.dll Beijing Rising Information Technology Co., Ltd. Syslay .text,.rdata,.data,.rsrc,.reloc, 23700000[00026000] [ M] 282. e:\program files\瑞星卡卡\rscommon.dll Beijing Rising Information Technology Co., Ltd. Rising Common Function Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00DA0000[0002D000] [ M] 260. e:\program files\瑞星卡卡\comx3.dll Beijing Rising Information Technology Co., Ltd. comx3 Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 23900000[00040000] [ M] 283. e:\program files\瑞星卡卡\pngdll.dll Beijing Rising Information Technology Co., Ltd. Rising .Png File Loader Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01120000[00067000] [ M] 284. e:\program files\瑞星卡卡\runiep.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware tray .text,.rdata,.data,.rsrc,.reloc, 010B0000[00034000] [ M] 259. e:\program files\瑞星卡卡\ncomm.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 01190000[0001F000] [ M] 285. e:\program files\rising\rav\proccom.dll Beijing Rising Information Technology Co., Ltd. ProcessC Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 011B0000[00024000] [ M] 286. e:\program files\瑞星卡卡\rscommx2.dll Beijing Rising Information Technology Co., Ltd. RsCommX2 .text,.rdata,.data,.rsrc,.reloc, 01700000[00010000] [AM] 92. c:\windows\system32\btmband89jc9pspq5eknj.inf UPX0,UPX1,UPX2, 02240000[00013000] [AM] 91. c:\windows\tasks\c2nh4numz9kny5zqnc.inf UPX0,UPX1,.rsrc, 02360000[00014000] [AM] 90. c:\windows\downloaded program files\rjaekv7ccbwszhqbdu.cur UPX0,UPX1,.rsrc, 02380000[00012000] [AM] 89. c:\windows\system32\qzp3jtzcsfsh.dll UPX0,UPX1,UPX2, 023A0000[00013000] [AM] 88. c:\windows\system32\nxe2grrknzf9dxykmqg.inf UPX0,UPX1,UPX2, 023C0000[00011000] [AM] 84. c:\windows\fonts\a97cracb.fon UPX0,UPX1,UPX2, 023E0000[00016000] [AM] 81. c:\windows\system32\qfk6ys52myexkxpwmdmhq.inf UPX0,UPX1,UPX2, 16080000[00025000] [ M] 119. c:\program files\bonjour\mdnsnsp.dll Apple Inc. Bonjour Namespace Provider .text,.rdata,.data,.rsrc,.reloc, 77020000[0009A000] [ M] 120. c:\windows\system32\dfc8ac3ed7da.dll Microsoft Corporation .text,.data,.rsrc,.reloc, 02AA0000[00011000] [AM] 82. c:\windows\system32\122b901e.dll UPX0,UPX1,UPX2, 02AC0000[00012000] [AM] 83. c:\windows\tasks\sbrmpxjdcrgrafhz4ghh.inf UPX0,UPX1,.rsrc, 02AE0000[00011000] [AM] 85. c:\windows\fonts\sd78dgc7hd2sktqhyau.fon UPX0,UPX1,UPX2, 02B10000[00011000] [AM] 86. c:\windows\system32\scevfjrcmab7.dll UPX0,UPX1,UPX2, 02B30000[00011000] [AM] 87. c:\windows\system32\dhdhws7ffw.dll UPX0,UPX1,UPX2, + 00000cf0(3312) ras.exe 00400000[0000B000] [ M] 287. e:\program files\瑞星卡卡\ras.exe Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc, 7C140000[00103000] [ M] 288. e:\program files\瑞星卡卡\mfc71.dll Microsoft Corporation MFCDLL Shared Library - Retail Version .text,.data,.rsrc,.reloc, 7C340000[00056000] [ M] 280. e:\program files\瑞星卡卡\msvcr71.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 10000000[00047000] [ M] 289. e:\program files\瑞星卡卡\kakamgr.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 7C3A0000[0007B000] [ M] 279. e:\program files\瑞星卡卡\msvcp71.dll Microsoft Corporation Microsoft? C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 00A50000[00019000] [ M] 261. e:\program files\瑞星卡卡\syslay.dll Beijing Rising Information Technology Co., Ltd. Syslay .text,.rdata,.data,.rsrc,.reloc, 00A80000[0001F000] [ M] 285. e:\program files\rising\rav\proccom.dll Beijing Rising Information Technology Co., Ltd. ProcessC Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00AA0000[00024000] [ M] 286. e:\program files\瑞星卡卡\rscommx2.dll Beijing Rising Information Technology Co., Ltd. RsCommX2 .text,.rdata,.data,.rsrc,.reloc, 00BF0000[0002D000] [ M] 260. e:\program files\瑞星卡卡\comx3.dll Beijing Rising Information Technology Co., Ltd. comx3 Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00D60000[00058000] [ M] 290. e:\program files\瑞星卡卡\dbmgr.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 23800000[00022000] [ M] 278. e:\program files\瑞星卡卡\rsxml.dll Beijing Rising Information Technology Co., Ltd. RsXML .text,.rdata,.data,.rsrc,.reloc, 00EC0000[0002E000] [ M] 291. e:\program files\瑞星卡卡\pweb.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 00F30000[000C2000] [ M] 292. e:\program files\瑞星卡卡\pscan.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 01000000[00009000] [ M] 117. c:\windows\system32\normaliz.dll Microsoft Corporation Unicode Normalization DLL .text,.data,.rsrc,.reloc, 5DCA0000[001E8000] [ M] 118. c:\windows\system32\iertutil.dll Microsoft Corporation Run time utility for Internet Explorer .text,.data,.rsrc,.reloc, 01010000[00034000] [ M] 259. e:\program files\瑞星卡卡\ncomm.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 011B0000[00070000] [ M] 293. e:\program files\瑞星卡卡\pset.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 01220000[00027000] [ M] 294. e:\program files\瑞星卡卡\pdefend.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 01370000[000B7000] [ M] 295. e:\program files\瑞星卡卡\ptools.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 01530000[00075000] [ M] 296. e:\program files\瑞星卡卡\psysinfo.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 77020000[0009A000] [ M] 120. c:\windows\system32\dfc8ac3ed7da.dll Microsoft Corporation .text,.data,.rsrc,.reloc, 015E0000[00A91000] [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, 021A0000[00016000] [AM] 81. c:\windows\system32\qfk6ys52myexkxpwmdmhq.inf UPX0,UPX1,UPX2, 022C0000[00011000] [AM] 82. c:\windows\system32\122b901e.dll UPX0,UPX1,UPX2, 022E0000[00012000] [AM] 83. c:\windows\tasks\sbrmpxjdcrgrafhz4ghh.inf UPX0,UPX1,.rsrc, 02300000[00011000] [AM] 84. c:\windows\fonts\a97cracb.fon UPX0,UPX1,UPX2, 02320000[00011000] [AM] 85. c:\windows\fonts\sd78dgc7hd2sktqhyau.fon UPX0,UPX1,UPX2, 02340000[00011000] [AM] 86. c:\windows\system32\scevfjrcmab7.dll UPX0,UPX1,UPX2, 02360000[00011000] [AM] 87. c:\windows\system32\dhdhws7ffw.dll UPX0,UPX1,UPX2, 02380000[00012000] [AM] 89. c:\windows\system32\qzp3jtzcsfsh.dll UPX0,UPX1,UPX2, 023A0000[00014000] [AM] 90. c:\windows\downloaded program files\rjaekv7ccbwszhqbdu.cur UPX0,UPX1,.rsrc, 023C0000[00013000] [AM] 91. c:\windows\tasks\c2nh4numz9kny5zqnc.inf UPX0,UPX1,.rsrc, 023E0000[00010000] [AM] 92. c:\windows\system32\btmband89jc9pspq5eknj.inf UPX0,UPX1,UPX2, 23900000[00040000] [ M] 283. e:\program files\瑞星卡卡\pngdll.dll Beijing Rising Information Technology Co., Ltd. Rising .Png File Loader Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 03390000[00013000] [AM] 88. c:\windows\system32\nxe2grrknzf9dxykmqg.inf UPX0,UPX1,UPX2, 16080000[00025000] [ M] 119. c:\program files\bonjour\mdnsnsp.dll Apple Inc. Bonjour Namespace Provider .text,.rdata,.data,.rsrc,.reloc, 044B0000[004A3000] [ M] 184. c:\windows\system32\macromed\flash\flash10c.ocx Adobe Systems, Inc. Adobe Flash Player 10.0 r32 .text,.rdata,.data,.rodata,.rsrc,.reloc, 72C80000[00008000] [ M] 171. c:\windows\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, 05DF0000[00086000] [ M] 297. e:\program files\瑞星卡卡\kengine.dll Beijing Rising Information Technology Co., Ltd. KEngine .text,.rdata,.data,.rsrc,.reloc, 05E80000[00045000] [ M] 298. e:\program files\瑞星卡卡\posttrt.dll Beijing Rising Information Technology Co., Ltd. PostTrt .text,.rdata,.data,.rsrc,.reloc, 05B50000[00010000] [ M] 299. e:\program files\瑞星卡卡\kscanex.dll Beijing Rising Information Technology Co., Ltd. KEngine ScanEx .text,.rdata,.data,.rsrc,.reloc, 05ED0000[0002F000] [ M] 300. e:\program files\瑞星卡卡\engine.dll Beijing Rising Information Technology Co., Ltd. kaka engine .text,.rdata,.data,.rsrc,.reloc, 05F00000[00033000] [ M] 301. e:\program files\瑞星卡卡\rsdialog.dll Beijing Rising Information Technology Co., Ltd. Rsdiaglo DLL .text,.rdata,.data,.rsrc,.reloc, + 00000d64(3428) kaccore.exe 00400000[00063000] [AM] 8. c:\program files\kingsoft\kac\service\kaccore.exe Kingsoft Corporation Kingsoft Basic Service Module .text,.orpc,.rdata,.data,.rsrc, 10000000[00036000] [ M] 302. c:\program files\kingsoft\kac\service\corehelper.dll Kingsoft Corporation Kingsoft Basic Service Module .text,.rdata,.data,.rsrc,.reloc, 77020000[0009A000] [ M] 120. c:\windows\system32\dfc8ac3ed7da.dll Microsoft Corporation .text,.data,.rsrc,.reloc, 01330000[00009000] [ M] 117. c:\windows\system32\normaliz.dll Microsoft Corporation Unicode Normalization DLL .text,.data,.rsrc,.reloc, 5DCA0000[001E8000] [ M] 118. c:\windows\system32\iertutil.dll Microsoft Corporation Run time utility for Internet Explorer .text,.data,.rsrc,.reloc, 16080000[00025000] [ M] 119. c:\program files\bonjour\mdnsnsp.dll Apple Inc. Bonjour Namespace Provider .text,.rdata,.data,.rsrc,.reloc, + 00000d80(3456) conime.exe 10000000[00016000] [AM] 81. c:\windows\system32\qfk6ys52myexkxpwmdmhq.inf UPX0,UPX1,UPX2, + 00000e60(3680) TXPlatform.exe 00400000[00025000] [ M] 303. e:\qq\bin\txplatform.exe Tencent QQ2009 .text,.rdata,.data,.rsrc, 77020000[0009A000] [ M] 120. c:\windows\system32\dfc8ac3ed7da.dll Microsoft Corporation .text,.data,.rsrc,.reloc, 01440000[00010000] [AM] 92. c:\windows\system32\btmband89jc9pspq5eknj.inf UPX0,UPX1,UPX2, 01450000[00013000] [AM] 91. c:\windows\tasks\c2nh4numz9kny5zqnc.inf UPX0,UPX1,.rsrc, 01570000[00014000] [AM] 90. c:\windows\downloaded program files\rjaekv7ccbwszhqbdu.cur UPX0,UPX1,.rsrc, 01590000[00012000] [AM] 89. c:\windows\system32\qzp3jtzcsfsh.dll UPX0,UPX1,UPX2, 015B0000[00013000] [AM] 88. c:\windows\system32\nxe2grrknzf9dxykmqg.inf UPX0,UPX1,UPX2, 015D0000[00011000] [AM] 84. c:\windows\fonts\a97cracb.fon UPX0,UPX1,UPX2, 015F0000[00016000] [AM] 81. c:\windows\system32\qfk6ys52myexkxpwmdmhq.inf UPX0,UPX1,UPX2, 32000000[0000A000] [ M] 188. e:\qq\bin\txpfproxy.dll Tencent QQ2009 .text,.orpc,.rdata,.data,.rsrc,.reloc, + 00000ea8(3752) WINWORD.EXE 30000000[00BEF000] [ M] 304. d:\新建文件夹 (3)\office11\winword.exe Microsoft Corporation Microsoft Office Word .text,.data,.tls,.cdata,.rsrc, 30C90000[00BBC000] [ M] 305. c:\program files\common files\microsoft shared\office11\mso.dll Microsoft Corporation Microsoft Office 2003 component .text,.data,.cdata,.rsrc,.reloc, 10000000[00010000] [AM] 92. c:\windows\system32\btmband89jc9pspq5eknj.inf UPX0,UPX1,UPX2, 00F60000[00013000] [AM] 91. c:\windows\tasks\c2nh4numz9kny5zqnc.inf UPX0,UPX1,.rsrc, 00F80000[00014000] [AM] 90. c:\windows\downloaded program files\rjaekv7ccbwszhqbdu.cur UPX0,UPX1,.rsrc, 00FB0000[00012000] [AM] 89. c:\windows\system32\qzp3jtzcsfsh.dll UPX0,UPX1,UPX2, 010D0000[00013000] [AM] 88. c:\windows\system32\nxe2grrknzf9dxykmqg.inf UPX0,UPX1,UPX2, 010F0000[00011000] [AM] 84. c:\windows\fonts\a97cracb.fon UPX0,UPX1,UPX2, 01110000[00016000] [AM] 81. c:\windows\system32\qfk6ys52myexkxpwmdmhq.inf UPX0,UPX1,UPX2, 77020000[0009A000] [ M] 120. c:\windows\system32\dfc8ac3ed7da.dll Microsoft Corporation .text,.data,.rsrc,.reloc, 79000000[00046000] [AM] 57. c:\windows\system32\mscoree.dll Microsoft Corporation Microsoft .NET Runtime Execution Engine .text,.data,.rsrc,.reloc, 79E70000[0058F000] [ M] 306. c:\windows\microsoft.net\framework\v2.0.50727\mscorwks.dll Microsoft Corporation Microsoft .NET Runtime Common Language Runtime - WorkStation .text,.CLR_UEF,.data,.rsrc,.reloc, 39700000[000EB000] [ M] 307. c:\program files\common files\microsoft shared\office11\riched20.dll Microsoft Corporation Rich Text Edit Control, v5.0 .text,.rdata,.data,.rsrc,.reloc, 02980000[00047000] [ M] 308. d:\office12\calligra.dll Microsoft Corporation Microsoft Word Calligraphy Add-in .text,.data,.rsrc,.reloc, 029D0000[0005D000] [ M] 309. d:\office12\genko.dll Microsoft Corporation Microsoft Word Genko Add-in .text,.data,.rsrc,.reloc, 11000000[0003A000] [ M] 310. d:\新建文件夹 (3)\office11\addins\syminput.dll Microsoft Corporation Office Symbol Input Add-In .text,.data,.rsrc,.reloc, 73390000[00153000] [ M] 311. c:\windows\system32\msvbvm60.dll Microsoft Corporation Visual Basic Virtual Machine .text,ENGINE,.data,.rsrc,.reloc, 66630000[0001C000] [ M] 312. c:\windows\system32\vb6chs.dll Microsoft Corporation Visual Basic Environment International Resources .rdata,.rsrc,.reloc, 02FA0000[00050000] [ M] 313. d:\office12\addins\syminput.dll Microsoft Corporation Office Special Symbol Input Add-in .text,.data,.rsrc,.reloc, 65000000[00278000] [ M] 314. c:\program files\common files\microsoft shared\vba\vba6\vbe6.dll Microsoft Corporation Visual Basic Design Time Environment .text,.data,.rsrc,.reloc, 65300000[00026000] [ M] 315. c:\program files\common files\microsoft shared\vba\vba6\2052\vbe6intl.dll Microsoft Corporation Visual Basic Environment 的国际资源 .rsrc,.reloc, 03DE0000[0007D000] [ M] 316. c:\program files\common files\microsoft shared\smart tag\intlname.dll Microsoft Corporation Microsoft Office 2003 component .text,.rdata,.data,.rsrc,.reloc, 042A0000[00086000] [ M] 317. c:\program files\common files\microsoft shared\smart tag\chdatest.dll Microsoft Corporation Chinese Date Smart Tag .text,.data,.rsrc,.reloc, 7E5A0000[000BA000] [ M] 318. c:\windows\system32\spool\drivers\w32x86\3\unidrvui.dll Microsoft Corporation UniDriver 用户界面 .text,.data,.rsrc,.reloc, 7E540000[0005E000] [ M] 319. c:\windows\system32\spool\drivers\w32x86\3\unidrv.dll Microsoft Corporation Unidrv Printer Driver .text,.data,.rsrc,.reloc, 04650000[00009000] [ M] 117. c:\windows\system32\normaliz.dll Microsoft Corporation Unicode Normalization DLL .text,.data,.rsrc,.reloc, 04660000[001E8000] [ M] 118. c:\windows\system32\iertutil.dll Microsoft Corporation Run time utility for Internet Explorer .text,.data,.rsrc,.reloc, 048F0000[0005B000] [AM] 65. c:\program files\common files\adobe\acrobat\activex\pdfshell.dll Adobe Systems, Inc. PDF Shell Extension .text,.orpc,.rdata,.data,.rsrc,.reloc, 04E00000[0004C000] [ M] 248. c:\program files\common files\adobe\acrobat\activex\pdfshell.chs .rsrc,.reloc, 05A20000[00032000] [ M] 320. c:\program files\common files\microsoft shared\proof\2052\msgr3sc.dll Microsoft Corporation Microsoft (R) Simplified Chinese Grammar Checker .text,.rdata,.data,.rsrc,.reloc, 3C2C0000[000E4000] [ M] 321. c:\program files\common files\microsoft shared\ime12\imesc\imsccore.dll Microsoft Corporation Microsoft Office Pinyin IME Core .text,.data,.rsrc,.reloc, 3C290000[00026000] [ M] 322. c:\program files\common files\microsoft shared\ime12\imesc\imsccfg.dll Microsoft Corporation Microsoft Office Pinyin IME Configure Manager .text,.data,.rsrc,.reloc, 3C0E0000[00042000] [ M] 323. c:\program files\common files\microsoft shared\ime12\shared\imelm.dll Microsoft Corporation Microsoft Office IME 2007 .text,.data,.rsrc,.reloc, + 00000eb4(3764) IEXPLORE.EXE 5DCA0000[001E8000] [ M] 118. c:\windows\system32\iertutil.dll Microsoft Corporation Run time utility for Internet Explorer .text,.data,.rsrc,.reloc, 00C30000[00A91000] [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, 451F0000[00006000] [ M] 324. c:\program files\internet explorer\xpshims.dll Microsoft Corporation Internet Explorer Compatibility Shims for XP .text,.data,.rsrc,.reloc, 77020000[0009A000] [ M] 120. c:\windows\system32\dfc8ac3ed7da.dll Microsoft Corporation .text,.data,.rsrc,.reloc, 43EE0000[00040000] [ M] 325. c:\program files\internet explorer\ieproxy.dll Microsoft Corporation IE ActiveX Interface Marshaling Library .text,.orpc,.data,.rsrc,.reloc, 02980000[00009000] [ M] 117. c:\windows\system32\normaliz.dll Microsoft Corporation Unicode Normalization DLL .text,.data,.rsrc,.reloc, 02F40000[00010000] [AM] 92. c:\windows\system32\btmband89jc9pspq5eknj.inf UPX0,UPX1,UPX2, 03050000[00013000] [AM] 91. c:\windows\tasks\c2nh4numz9kny5zqnc.inf UPX0,UPX1,.rsrc, 03070000[00014000] [AM] 90. c:\windows\downloaded program files\rjaekv7ccbwszhqbdu.cur UPX0,UPX1,.rsrc, 03090000[00012000] [AM] 89. c:\windows\system32\qzp3jtzcsfsh.dll UPX0,UPX1,UPX2, 030B0000[00013000] [AM] 88. c:\windows\system32\nxe2grrknzf9dxykmqg.inf UPX0,UPX1,UPX2, 030D0000[00011000] [AM] 84. c:\windows\fonts\a97cracb.fon UPX0,UPX1,UPX2, 030F0000[00016000] [AM] 81. c:\windows\system32\qfk6ys52myexkxpwmdmhq.inf UPX0,UPX1,UPX2, 16080000[00025000] [ M] 119. c:\program files\bonjour\mdnsnsp.dll Apple Inc. Bonjour Namespace Provider .text,.rdata,.data,.rsrc,.reloc, 03330000[0018D000] [AM] 48. c:\program files\baidu\bar\baidubar.dll Baidu.com, Inc. BaiduBar Module .text,.rdata,.data,.idata,.Shared,.rsrc,.reloc, 037B0000[000FE000] [AM] 49. c:\program files\tencent\qqtoolbar\iebar.dll TENCENT QQ工具栏 .text,.rdata,.data,.toolbar,.webslic,.rsrc,.reloc, 038D0000[000FE000] [ M] 326. c:\documents and settings\joewoo\application data\tencent\qqtoolbar\buttons\toolbar.dll TENCENT QQ工具栏 .text,.rdata,.data,.toolbar,.webslic,.rsrc,.reloc, 039F0000[000AC000] [ M] 327. c:\documents and settings\joewoo\application data\tencent\qqtoolbar\buttons\tbaddr.dll Tencent QQ工具栏—搜索 .text,.rdata,.data,.toolbar,.rsrc,.reloc, 04010000[0001B000] [ M] 328. c:\documents and settings\joewoo\application data\tencent\qqtoolbar\buttons\qqmail.dll TENCENT QQ工具栏-邮件 .text,.rdata,.data,.toolbar,.rsrc,.reloc, 04130000[00112000] [ M] 329. c:\documents and settings\joewoo\application data\tencent\qqtoolbar\buttons\shuqian.dll TENCENT QQ工具栏—书签 .text,.rdata,.data,.toolbar,.webslic,.rsrc,.reloc, 04260000[0001A000] [ M] 330. c:\documents and settings\joewoo\application data\tencent\qqtoolbar\buttons\wenwen.dll TENCENT QQ工具栏—问问 .text,.rdata,.data,.toolbar,.rsrc,.reloc, 042A0000[00029000] [ M] 331. c:\documents and settings\joewoo\application data\tencent\qqtoolbar\buttons\weather.dll TENCENT QQ工具栏-天气 .text,.rdata,.data,.toolbar,.webslic,.rsrc,.reloc, 042E0000[00021000] [ M] 332. c:\documents and settings\joewoo\application data\tencent\qqtoolbar\buttons\qqnews.dll TENCENT QQ工具栏—QQ新闻 .text,.rdata,.data,.webslic,.rsrc,.reloc, 04520000[00067000] [ M] 333. c:\documents and settings\joewoo\application data\tencent\qqtoolbar\buttons\prscrn.dll TENCENT QQ工具栏-截屏 .text,.rdata,.data,.PrScrn_,.toolbar,.rsrc,.reloc, 045C0000[00038000] [ M] 334. c:\documents and settings\joewoo\application data\tencent\qqtoolbar\buttons\qzone.dll TENCENT QQ工具栏—QQ空间 .text,.rdata,.data,.toolbar,.webslic,.rsrc,.reloc, 04640000[00024000] [AM] 52. e:\verycd\easymule\modules\ie2em.dll VeryCD.com eMule BHO (电驴浏览器辅助对象) .text,.rdata,.data,.rsrc,.reloc, 046B0000[00014000] [AM] 53. e:\qvodplayer\qvodextend.dll Shenzhen QVOD Technology Co.,Ltd QvodExtend .text,.rdata,.data,.rsrc,.reloc, 046E0000[00031000] [AM] 54. c:\windows\system32\ssup.dll 腾讯 腾讯中文搜搜 .text,.rdata,.data,.rsrc,.reloc, 04820000[00018000] [AM] 55. c:\windows\system32\urlfilter.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware UrlFilter Module .text,.rdata,.data,.rsrc,.reloc, 04850000[00011000] [ M] 335. e:\program files\瑞星卡卡\urlrule.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware UrlRule Library .text,.rdata,.data,.rsrc,.reloc, 04880000[0000C000] [AM] 56. c:\program files\eorezo\eoadv\eorezobho.dll EoRezo Aide à la Navitagion .text,.rdata,.data,.rsrc,.reloc, 785E0000[0011D000] [ M] 336. c:\program files\eorezo\eoadv\mfc90.dll Microsoft Corporation MFCDLL Shared Library - Retail Version .text,.data,.rsrc,.reloc, 78E20000[0002A000] [ M] 337. c:\program files\eorezo\eoadv\atl90.dll Microsoft Corporation ATL Module for Windows (Unicode) .text,.data,.rsrc,.reloc, 053D0000[004A3000] [ M] 184. c:\windows\system32\macromed\flash\flash10c.ocx Adobe Systems, Inc. Adobe Flash Player 10.0 r32 .text,.rdata,.data,.rodata,.rsrc,.reloc, 72C80000[00008000] [ M] 171. c:\windows\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, 32000000[0000A000] [ M] 188. e:\qq\bin\txpfproxy.dll Tencent QQ2009 .text,.orpc,.rdata,.data,.rsrc,.reloc, + 00000ee8(3816) msiexec.exe 77020000[0009A000] [ M] 120. c:\windows\system32\dfc8ac3ed7da.dll Microsoft Corporation .text,.data,.rsrc,.reloc, 79000000[00046000] [AM] 57. c:\windows\system32\mscoree.dll Microsoft Corporation Microsoft .NET Runtime Execution Engine .text,.data,.rsrc,.reloc, 79E70000[0058F000] [ M] 306. c:\windows\microsoft.net\framework\v2.0.50727\mscorwks.dll Microsoft Corporation Microsoft .NET Runtime Common Language Runtime - WorkStation .text,.CLR_UEF,.data,.rsrc,.reloc, + 00000f24(3876) IEXPLORE.EXE 5DCA0000[001E8000] [ M] 118. c:\windows\system32\iertutil.dll Microsoft Corporation Run time utility for Internet Explorer .text,.data,.rsrc,.reloc, 00C30000[00A91000] [AM] 51. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, 009C0000[00009000] [ M] 117. c:\windows\system32\normaliz.dll Microsoft Corporation Unicode Normalization DLL .text,.data,.rsrc,.reloc, 16080000[00025000] [ M] 119. c:\program files\bonjour\mdnsnsp.dll Apple Inc. Bonjour Namespace Provider .text,.rdata,.data,.rsrc,.reloc, 77020000[0009A000] [ M] 120. c:\windows\system32\dfc8ac3ed7da.dll Microsoft Corporation .text,.data,.rsrc,.reloc, 02C40000[0002A000] [ M] 338. c:\windows\system32\ieui.dll Microsoft Corporation Internet Explorer UI Engine .text,.data,.rsrc,.reloc, 43EE0000[00040000] [ M] 325. c:\program files\internet explorer\ieproxy.dll Microsoft Corporation IE ActiveX Interface Marshaling Library .text,.orpc,.data,.rsrc,.reloc, 47060000[00021000] [ M] 167. c:\windows\system32\xmllite.dll Microsoft Corporation Microsoft XmlLite Library .text,.data,.rsrc,.reloc, 039F0000[00010000] [AM] 92. c:\windows\system32\btmband89jc9pspq5eknj.inf UPX0,UPX1,UPX2, 03A00000[00013000] [AM] 91. c:\windows\tasks\c2nh4numz9kny5zqnc.inf UPX0,UPX1,.rsrc, 03D60000[00014000] [AM] 90. c:\windows\downloaded program files\rjaekv7ccbwszhqbdu.cur UPX0,UPX1,.rsrc, 03D80000[00012000] [AM] 89. c:\windows\system32\qzp3jtzcsfsh.dll UPX0,UPX1,UPX2, 03DA0000[00013000] [AM] 88. c:\windows\system32\nxe2grrknzf9dxykmqg.inf UPX0,UPX1,UPX2, 03DC0000[00011000] [AM] 84. c:\windows\fonts\a97cracb.fon UPX0,UPX1,UPX2, 03DE0000[00016000] [AM] 81. c:\windows\system32\qfk6ys52myexkxpwmdmhq.inf UPX0,UPX1,UPX2, 03E00000[00094000] [ M] 339. c:\windows\system32\msfeeds.dll Microsoft Corporation Microsoft Feeds Manager .text,.data,.rsrc,.reloc, 04090000[000AC000] [ M] 327. c:\documents and settings\joewoo\application data\tencent\qqtoolbar\buttons\tbaddr.dll Tencent QQ工具栏—搜索 .text,.rdata,.data,.toolbar,.rsrc,.reloc, 041E0000[000BB000] [AM] 77. c:\windows\system32\propsys.dll Microsoft Corporation Microsoft Property System .text,.orpc,.data,.rsrc,.reloc, 60000000[0000B000] [ M] 170. c:\windows\system32\mssprxy.dll Microsoft Corporation Microsoft Search Proxy .orpc,.text,.data,.rsrc,.reloc,