中木马了,有日志大虾来看 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛中木马了,有日志大虾来看

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

12 3

1 / 3 页

跳转页

中木马了,有日志大虾来看

sftc19900416 初生襁褓狮帖子:18 注册: 2007-08-02 来自:	发表于： 2007-08-29 10:17 \| 只看楼主短消息资料字号：小中大 1楼中木马了,有日志大虾来看 HijackThis_zww汉化版扫描日志 V1.99.1 保存于 10:03:27, 日期 2005-8-29 操作系统： Windows XP SP1 (WinNT 5.01.2600) 浏览器： Internet Explorer v6.00 SP1 (6.00.2800.1106) 当前运行的进程： C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Rising\Rav\CCenter.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Rising\Rav\Ravmond.exe C:\Program Files\Rising\Rfw\rfwsrv.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Rising\Rav\RavStub.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Rising\Rfw\RfwMain.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Rising\Rav\RavTask.exe C:\Program Files\Rising\Rav\Ravmon.exe C:\WINDOWS\VM_STI.EXE C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\System32\ctfmon.exe E:\Program Files\KuGoo3\KuGoo.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\wuauclt.exe C:\WINDOWS\System32\WgaTray.exe C:\Program Files\HelloNet\HNMainUI.exe C:\Program Files\Tencent\QQ\QQ.exe C:\Program Files\Tencent\QQ\TIMPlatform.exe C:\WINDOWS\System32\conime.exe C:\Program Files\Tencent\QQ\QQ.exe D:\游戏\浩方对战平台\GameClient.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\OCINS\idnsvr.exe C:\program files\internet explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe D:\游戏\梦幻西游\my.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\HijackThis1991汉化版\HijackThis1991zww.exe R3 - URLSearchHook: SrchspHook Class - {22F86F33-9CBB-49a8-BB12-CDBE51B4C294} - C:\PROGRA~1\OCINS\srchsp.dll O2 - BHO: WebThunderBHO - {00000AAA-A363-466E-BEF5-9BB68697AA7F} - C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll O2 - BHO: AdPopup - {11F09AFD-75AD-4E51-AB43-E09E9351CE16} - C:\Program Files\Common Files\CPUSH\cpush.dll O2 - BHO: IEAux Class - {7605CC7C-00FD-4A5F-BAFD-828342DE6279} - C:\PROGRA~1\OCINS\ieaux.dll O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - 启动项HKLM\\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - 启动项HKLM\\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - 启动项HKLM\\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - 启动项HKLM\\Run: [PRONoMgrWired] C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe O4 - 启动项HKLM\\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - 启动项HKLM\\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup O4 - 启动项HKLM\\Run: [RavScanBD] "C:\Program Files\Rising\Rav\ScanBD.exe" /INST O4 - 启动项HKLM\\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system O4 - 启动项HKLM\\Run: [popo2004] C:\Program Files\Netease\popo2004\start.exe O4 - 启动项HKLM\\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - 启动项HKLM\\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE USB PC Camera 301P O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - 启动项HKLM\\Run: [KuGoo3] E:\Program Files\KuGoo3\KuGoo.exe O4 - 启动项HKLM\\Run: [runeip] "C:\Program Files\Rising\AntiSpyware\runiep.exe" /startup O4 - 启动项HKLM\\Run: [DAEMON Tools-1033] "D:\游戏\三国志\daemon.exe" -lang 1033 -lock O4 - 启动项HKLM\\Run: [Storm2Set] C:\WINDOWS\System32\rundll32.exe "E:\PROGRA~1\StormSet.dll",CheckEnv O4 - 启动项HKLM\\Run: [WebThunder] "C:\Program Files\Thunder Network\WebThunder\WebThunder.exe" /autostart O4 - 启动项HKLM\\Run: [IdnSvr] C:\Program Files\OCINS\idnsvr.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [KuGoo3] "E:\Program Files\KuGoo3\KuGoo.exe" O4 - Startup: QQ游戏启动加速程序.lnk = C:\Program Files\Tencent\QQGame\Accel.exe O8 - IE右键菜单中的新增项目: &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\geturl.htm O8 - IE右键菜单中的新增项目: &使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\getallurl.htm O8 - IE右键菜单中的新增项目: &访问通用网址 - C:\Program Files\OCINS\cnrbtn.html O8 - IE右键菜单中的新增项目: 使用Web迅雷下载 - C:\Program Files\Thunder Network\WebThunder\GetUrl.htm O8 - IE右键菜单中的新增项目: 使用Web迅雷下载全部链接 - C:\Program Files\Thunder Network\WebThunder\GetAllUrl.htm O8 - IE右键菜单中的新增项目: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm O8 - IE右键菜单中的新增项目: 珊瑚虫超级搜索 - C:\PROGRA~1\yok\yoksch.htm O9 - 浏览器额外的按钮: 浩方对战平台 - {0A155D3C-68E2-4215-A47A-E800A446447A} - D:\游戏\浩方对战平台\GameClient.exe O9 - 浏览器额外的按钮: 启动WEB迅雷 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - http://my.xunlei.com (file missing) O9 - 浏览器额外的“工具”菜单项: 启动WEB迅雷 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - http://my.xunlei.com (file missing) O9 - 浏览器额外的按钮: 中文上网 - {B012491E-8FA4-4851-AA9B-22E33784FBAD} - C:\Program Files\OCINS\config.exe O9 - 浏览器额外的“工具”菜单项: 中文上网 - {B012491E-8FA4-4851-AA9B-22E33784FBAD} - C:\Program Files\OCINS\config.exe O9 - 浏览器额外的按钮: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - 浏览器额外的“工具”菜单项: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - 浏览器额外的按钮: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll (file missing) O9 - 浏览器额外的“工具”菜单项: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll (file missing) O9 - 浏览器额外的按钮: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll O9 - 浏览器额外的“工具”菜单项: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - https://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2375BEE5-F175-4F1C-81EC-8E4E2E72E2DD} (PhotoDraw Class) - http://photo.qq.com/qzone_v4/QzoneMediaTools.cab O16 - DPF: {32D72994-45B9-42B5-8980-FB561D1BE2D0} (nEdit Control) - https://ekey.163.com/nEdit.cab O16 - DPF: {BAC112DD-C51E-4712-A622-77C1D8075072} (ChinaCache加速下载客户端) - http://p2spdownload.chinacache.com/p2spcp4ie.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{8C9E79BE-2E42-4AA8-BA92-ADD8915866F0}: NameServer = 202.101.172.35 202.101.172.47 O18 - 列举现有的协议: KuGoo3 - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - E:\PROGRA~1\KuGoo3\InExtend\KUGOO3~1.OCX O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - NT 服务: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - NT 服务: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - NT 服务: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe O23 - NT 服务: Rising Proxy Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rfw\rfwsrv.exe O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe O23 - NT 服务: Rising RealTime Monitor (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe [用户系统信息]Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Poco 0.31; KuGooSoft) 2007-08-29 12:54:53
sftc19900416 初生襁褓狮帖子:18 注册: 2007-08-02 来自:	分享到：

sftc19900416 初生襁褓狮帖子:18 注册: 2007-08-02 来自:	发表于： 2007-08-29 10:53 \| 只看楼主短消息资料字号：小中大 2楼谁来看下啊经常乱跳出网站
sftc19900416 初生襁褓狮帖子:18 注册: 2007-08-02 来自:

╰☆不留名シ健康舞勺狮帖子:285 注册: 2007-04-30 来自:	发表于： 2007-08-29 11:08 \| 短消息资料字号：小中大 3楼请说清楚自己的症状
╰☆不留名シ健康舞勺狮帖子:285 注册: 2007-04-30 来自:

sftc19900416 初生襁褓狮帖子:18 注册: 2007-08-02 来自:	发表于： 2007-08-29 11:28 \| 只看楼主短消息资料字号：小中大 4楼【回复“╰☆不留名シ”的帖子】有网站经常跳出来瑞星监控跳出删除文件但是没用过会还是会出现相同情况
sftc19900416 初生襁褓狮帖子:18 注册: 2007-08-02 来自:

Leoooo 大版主帖子:2163 注册: 2007-06-05 来自:	发表于： 2007-08-29 11:38 \| 短消息资料字号：小中大 5楼 http://download.rising.com.cn/for_down/kakatool/kakasetupv4.exe下载卡卡上网安全助手4.0 1 运行瑞星卡卡上网安全助手 2 诊断求助=》电脑诊断日志 3 选择"文件详细信息"、"文件名相似分析"2个选项 4 开始扫描＝》导出信息，导成txt格式（也可以是htm格式方便自己看，不过论坛不能上传htm格式） 5 把日志中的报告完整拷贝贴上来(附件形式发上来也可以)，不要修改（一次发不完请分次发上来） 6 扫日志的时候尽量把不必要的软件关闭如QQ TM 迅雷等 7 把扫描出来的可疑文件上传给瑞星http://up.rising.com.cn/webmail/uploadnew.htm
Leoooo 大版主帖子:2163 注册: 2007-06-05 来自:

sftc19900416 初生襁褓狮帖子:18 注册: 2007-08-02 来自:	发表于： 2007-08-29 11:47 \| 只看楼主短消息资料字号：小中大 6楼瑞星卡卡电脑诊断日志 v1.30 (2005-8-29 11:31:31) 北京瑞星科技股份有限公司注释:[A]表示该文件存在自启动关联; [M]表示该文件在内存中; + 注册表自运行项目 + 系统服务 + HKLM\System\CurrentControlSet\Services 35BD4A64 [A ] 1. c:\windows\system32\9b6cff74.exe Microsoft Corporation 賞鵦0,賞鵦1,賞鵦2, Ati HotKey Poller [AM] 2. c:\windows\system32\ati2evxx.exe ATI Technologies Inc. ATI External Event Utility EXE Module .text,.rdata,.data,.rsrc, ATI Smart [A ] 3. c:\windows\system32\ati2sgag.exe ATI Smart .text,.rdata,.data,.rsrc, NetSvc [A ] 4. c:\program files\intel\prosetwired\ncs\sync\netsvc.exe Intel(R) Corporation NetSvc Module .text,.rdata,.data,.rsrc, ose [A ] 5. c:\program files\common files\microsoft shared\source engine\ose.exe Microsoft Corporation Office Source Engine .text,.data,.rsrc, RfwProxySrv [A ] 6. c:\program files\rising\rfw\rfwproxy.exe Beijing Rising Technology Co., Ltd. Rising Personal Proxy Service .text,.rdata,.data,.rsrc, RfwService [A ] 7. c:\program files\rising\rfw\rfwsrv.exe Beijing Rising Technology Co., Ltd. Rising Personal FireWall Service .text,.rdata,.data,.rsrc, RsCCenter [A ] 8. c:\program files\rising\rav\ccenter.exe Beijing Rising Technology Co., Ltd. CCenter .text,.rdata,.data,.rsrc, RsRavMon [A ] 9. c:\program files\rising\rav\ravmond.exe Beijing Rising Technology Co., Ltd. RavMond .text,.rdata,.data,.rsrc, svchost [A ] 10. c:\windows\system32\dllcache\svchost.exe Microsoft Corporation 燿8D0,燿8D1,燿8D2, UMWdf [AM] 11. c:\windows\system32\wdfmgr.exe Microsoft Corporation Windows User Mode Driver Manager .text,.data,.rsrc, WmdmPmSN [A ] 12. c:\windows\system32\mspmsnsv.dll Microsoft Corporation Microsoft Media Device Service Provider .text,.data,.rsrc,.reloc, + 内核驱动 + HKLM\System\CurrentControlSet\Services ADIHdAudAddService [A ] 13. c:\windows\system32\drivers\adihdaud.sys Analog Devices, Inc. High Definition Audio Function Driver(Release Candidate 1) .text,CODE,.rdata,.data,PAGE,INIT,.rsrc,.reloc, AEAudioService [A ] 14. c:\windows\system32\drivers\aeaudio.sys Andrea Electronics Corporation Andrea Audio Noise Cancellation Driver .text,.rdata,.data,.data1,PAGE,INIT,.rsrc,.reloc, aslm75 [A ] 15. c:\windows\system32\drivers\aslm75.sys .text,INIT,.reloc, BaseTDI [A ] 16. c:\windows\system32\drivers\basetdi.sys Beijing Rising Technology Co., Ltd. basetdi .text,.rdata,.data,INIT,.rsrc,.reloc, BRPPPOE [A ] 17. c:\windows\system32\drivers\brpppoe.sys .text,.rdata,.data,INIT,.reloc, cnprov [A ] 18. c:\windows\system32\drivers\cnprov.sys 中国互联网络信息中心(CNNIC) 国际化域名辅助模块 .text,.data,INIT,.rsrc,.reloc, d347bus [A ] 19. c:\windows\system32\drivers\d347bus.sys PnP BIOS Extension .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, d347prt [A ] 20. c:\windows\system32\drivers\d347prt.sys SCSI miniport .text,.rdata,.data,INIT,.rsrc,.reloc, E1000 [A ] 21. c:\windows\system32\drivers\e1000325.sys Intel Corporation Intel(R) PRO/1000 Adapter NDIS 5.1 deserialized driver .text,.rdata,.data,INIT,.rsrc,.reloc, EagleNT [A ] 22. c:\windows\system32\drivers\eaglent.sys ExpScaner [A ] 23. c:\program files\rising\rav\expscan.sys ExpScan.sys .text,.rdata,.data,INIT,.rsrc,.reloc, Firitie [A ] 24. c:\windows\system32\drivers\firitie.sys .text,.data,INIT,.rsrc,.reloc, gwiopm [A ] 25. c:\program files\wom\gwiopm.sys HdAudAddService [A ] 26. c:\windows\system32\drivers\hdaudio.sys Windows (R) Server 2003 DDK provider High Definition Audio Function Driver v1.0a .text,CODE,.rdata,.data,PAGE,PAGED,INIT,.rsrc,.reloc, HDAudBus [A ] 27. c:\windows\system32\drivers\hdaudbus.sys Windows (R) Server 2003 DDK provider High Definition Audio Bus Driver v1.0a .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, HookCont [A ] 28. c:\program files\rising\rav\hookcont.sys Rising HookCont .text,.rdata,.data,INIT,.rsrc,.reloc,
sftc19900416 初生襁褓狮帖子:18 注册: 2007-08-02 来自:

sftc19900416 初生襁褓狮帖子:18 注册: 2007-08-02 来自:	发表于： 2007-08-29 11:47 \| 只看楼主短消息资料字号：小中大 7楼 HookReg [A ] 29. c:\program files\rising\rav\hookreg.sys .text,.rdata,.data,INIT,.rsrc,.reloc, HookSys [A ] 30. c:\program files\rising\rav\hooksys.sys Rising Hooksys .text,.rdata,.data,INIT,.rsrc,.reloc, HookUrl [A ] 31. c:\program files\rising\rfw\hookurl.sys Beijing Rising Technology Co., Ltd. HookUrl .text,.rdata,.data,INIT,.rsrc,.reloc, idnaux [A ] 32. c:\windows\system32\drivers\idnaux.sys 中国互联网络信息中心(CNNIC) 国际化域名支持模块 .text,.data,INIT,.rsrc,.reloc, MEMSCAN [A ] 33. c:\program files\rising\rav\memscan.sys Beijing Rising Technology Co., Ltd. MemScan Driver .text,.rdata,.data,INIT,.rsrc,.reloc, mProcRs [A ] 34. c:\program files\rising\rfw\mprocrs.sys Beijing Rising Technology Co., Ltd. Rising Personal FireWall mprocrs.sys .text,.rdata,.data,INIT,.rsrc,.reloc, npkcrypt [A ] 35. c:\program files\tencent\qq\npkcrypt.sys INCA Internet Co., Ltd. nProtect KeyCrypt Driver .text,.rdata,.data,INIT,.rsrc,.reloc, npkycryp [A ] 36. c:\program files\tencent\qq\npkycryp.sys oreans32 [A ] 37. c:\windows\system32\drivers\oreans32.sys .text,.rdata,.data,INIT,.reloc, RsAntiSpyware [A ] 38. c:\windows\system32\drivers\rsboot.sys Beijing Rising Technology Co., Ltd. Anti-RootKit Driver .text,.rdata,.data,INIT,.rsrc,.reloc, RsFwDrv [A ] 39. c:\program files\rising\rfw\rsfwdrv.sys Beijing Rising Technology Co., Ltd. nt_fwdrv .text,.rdata,.data,INIT,.rsrc,.reloc, RsNTGDI [A ] 40. c:\windows\system32\drivers\rsntgdi.sys Beijing Rising Technology Co., Ltd. RsNTGDI .text,.rdata,INIT,.rsrc,.reloc, RSPPSYS [A ] 41. c:\program files\rising\rav\rsppsys.sys Rising RSPPSYS.SYS .text,.rdata,.data,INIT,.rsrc,.reloc, Secdrv [A ] 42. c:\windows\system32\drivers\secdrv.sys Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. Macrovision SECURITY Driver .text,.rdata,.data,INIT,.rsrc,.reloc, SenFiltService [A ] 43. c:\windows\system32\drivers\senfilt.sys Sensaura Sensaura WDM 3D Audio Driver .text,page,init,.data,.CRT,init,INIT,.rsrc,.reloc, usbehci [A ] 44. c:\windows\system32\drivers\usbehci.sys Microsoft Corporation EHCI eUSB Miniport Driver .text,.rdata,.data,INIT,.rsrc,.reloc, Voso667 [A ] 45. c:\windows\system32\drivers\voso667.sys .text,.data,INIT,.rsrc,.reloc, ZSMC301b [A ] 46. c:\windows\system32\drivers\usbvm31b.sys VM Video streaming and Capture Device Driver .text,.data,PAGECONS,INIT,.rsrc,.reloc, + 系统登陆自运行 + HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify AtiExtEvent [AM] 47. c:\windows\system32\ati2evxx.dll ATI Technologies Inc. ATI External Event Utility DLL Module .text,.rdata,.data,.rsrc,.reloc, WgaLogon [AM] 48. c:\windows\system32\wgalogon.dll Microsoft Corporation Windows 正版增值计划通知 .text,.data,.rsrc,.reloc, + HKCU\Control Panel\Desktop Scrnsave.exe [A ] 49. c:\windows\system32\梦幻西游ii屏保.scr Acme Photo Software 梦想之巅屏保播放器 pec1,.rsrc,.rsrc, + IE浏览器加载模块 + HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks {22F86F33-9CBB-49a8-BB12-CDBE51B4C294} [A ] 50. c:\program files\ocins\srchsp.dll 中国互联网络信息中心(CNNIC) 国际化域名支持模块 .text,.rdata,.data,.rsrc,.reloc, + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects {00000AAA-A363-466E-BEF5-9BB68697AA7F} [AM] 51. c:\program files\thunder network\webthunder\webthunderbho_now.dll Thunder Networking Technologies,LTD XunLeiBHO .text,.rdata,.data,.rsrc,.reloc, {7605CC7C-00FD-4A5F-BAFD-828342DE6279} [AM] 52. c:\program files\ocins\ieaux.dll 中国互联网络信息中心(CNNIC) 国际化域名解析模块 .text,.rdata,.data,Shared,.rsrc,.reloc, + HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions Exec [A ] 53. d:\游戏\浩方对战平台\gameclient.exe 上海浩方在线信息技术有限公司浩方对战平台 .text,.rdata,.data,.rsrc, Exec [A ] 54. c:\program files\ocins\config.exe 中国互联网络信息中心(CNNIC) config .text,.rdata,.data,.rsrc, Script [A ] 55. c:\windows\web\related.htm + 资源管理器加载模块 + HKLM\SOFTWARE\Classes\PROTOCOLS\Handler KuGoo3 [A ] 56. e:\program files\kugoo3\inextend\kugoo3downxcontrol.ocx CODE,DATA,BSS,.idata,.edata,.reloc,.rsrc, + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved HyperTerminal Icon Ext [A ] 57. c:\windows\system32\hticons.dll Hilgraeve, Inc. HyperTerminal Applet Library .text,.data,.rsrc,.reloc, Auto Update Property Sheet Extension [A ] 58. c:\windows\system32\wuaucpl.cpl Microsoft Corporation Automatic Updates Control Panel .text,.data,.rsrc,.reloc, WinRAR shell extension [A ] 59. c:\program files\winrar\rarext.dll .text,.data,.tls,.idata,.edata,.rsrc,.reloc, Shell Extensions for RealOne Player [A ] 60. c:\program files\real\realplayer\rpshell.dll RealNetworks, Inc. RealPlayer Shell Extensions .text,.rdata,.data,.rsrc,.reloc, Portable Media Devices [A ] 61. c:\windows\system32\audiodev.dll Microsoft Corporation 便携媒体设备命令行解释器扩展 .text,.data,.rsrc,.reloc, Portable Media Devices Menu [A ] 61. c:\windows\system32\audiodev.dll Microsoft Corporation 便携媒体设备命令行解释器扩展 .text,.data,.rsrc,.reloc, RISING [A ] 62. c:\windows\system32\ravext.dll Beijing Rising Technology Co., Ltd. Rising Shell Ext Module .text,.rdata,.data,.rsrc,.reloc, Microsoft Office HTML Icon Handler [AM] 63. c:\program files\microsoft office\office11\msohev.dll Microsoft Corporation Microsoft Office 2003 component .text,.data,.rsrc,.reloc, + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks {AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A} [AM] 64. c:\windows\system32\shlhook.dll Beijing Rising Technology Co., Ltd. shlhook Module .text,.rdata,.data,.rsrc,.reloc,
sftc19900416 初生襁褓狮帖子:18 注册: 2007-08-02 来自:

sftc19900416 初生襁褓狮帖子:18 注册: 2007-08-02 来自:	发表于： 2007-08-29 11:48 \| 只看楼主短消息资料字号：小中大 8楼 + 用户登陆自运行项目 + HKCU\Software\Microsoft\Windows\CurrentVersion\Run KuGoo3 [AM] 65. e:\program files\kugoo3\kugoo.exe 专业音乐P2P传输软件 CODE,DATA,BSS,.idata,.tls,.rdata,.reloc,.rsrc, + HKLM\Software\Microsoft\Windows\CurrentVersion\Run High Definition Audio Property Page Shortcut [A ] 66. c:\windows\system32\hdashcut.exe Windows (R) Server 2003 DDK provider High Definition Audio Property Page Shortcut v1.0a .text,.data,.rsrc, SoundMAXPnP [AM] 67. c:\program files\analog devices\core\smax4pnp.exe Analog Devices, Inc. SMax4PNP .text,.rdata,.data,.rsrc, SoundMAX [A ] 68. c:\program files\analog devices\soundmax\smax4.exe Analog Devices, Inc. Audio Control Panel .text,.rdata,.data,.rsrc, PRONoMgrWired [A ] 69. c:\program files\intel\prosetwired\ncs\proset\pronomgr.exe Intel(R) Corporation PRONotifyMgr Module .text,.rdata,.data,.rsrc, ATIPTA [AM] 70. c:\program files\ati technologies\ati control panel\atiptaxx.exe ATI Technologies, Inc. ATI Desktop Control Panel .text,.rdata,.data,.rsrc, RfwMain [AM] 71. c:\program files\rising\rfw\rfwmain.exe Beijing Rising Technology Co., Ltd. Rising Personal FireWall Main Program .text,.rdata,.data,.rsrc, RavScanBD [A ] 72. c:\program files\rising\rav\scanbd.exe Beijing Rising Technology Co., Ltd. ScanBD Application .text,.rdata,.data,.rsrc, RavTask [A ] 73. c:\program files\rising\rav\ravtask.exe Beijing Rising Technology Co., Ltd. RavTimer .text,.rdata,.data,.rsrc, popo2004 [A ] 74. c:\program files\netease\popo2004\start.exe 网易(163.com) .text,.rdata,.data,.idata,.rsrc,.reloc, BigDogPath [AM] 75. c:\windows\vm_sti.exe VM. Still Image (STI) Driver .text,.rdata,.data,.rsrc, TkBellExe [AM] 76. c:\program files\common files\real\update_ob\realsched.exe RealNetworks, Inc. RealNetworks Scheduler .text,.rdata,.data,.rsrc, KuGoo3 [AM] 65. e:\program files\kugoo3\kugoo.exe 专业音乐P2P传输软件 CODE,DATA,BSS,.idata,.tls,.rdata,.reloc,.rsrc, runeip [AM] 77. c:\program files\rising\antispyware\runiep.exe Beijing Rising Technology Co., Ltd. Rising AntiSpyware Monitor .text,.rdata,.data,.rsrc, WebThunder [A ] 78. c:\program files\thunder network\webthunder\webthunder.exe 深圳市迅雷网络技术有限公司 Web 迅雷 .text,.rdata,.data,.rsrc, IdnSvr [AM] 79. c:\program files\ocins\idnsvr.exe 中国互联网信息中心(CNNIC) 国际化域名支持模块 .text,.rdata,.data,.rsrc, + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce KKDelay [A ] 80. c:\program files\rising\antispyware\runonce.exe Beijing Rising Technology Co., Ltd. RunOnce Application .text,.rdata,.data,.rsrc, + 开机执行 + HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order BootExecute [A ] 81. c:\windows\system32\bsmain.exe Beijing Rising Technology Co., Ltd. BootScan .text,.data,.rsrc,.reloc, [A ] 82. c:\windows\system32\kknative.exe Beijing Rising Technology Co., Ltd. NativeAp .text,.data,.rsrc,.reloc, + 映像劫持 + HKCR\Folder\shell Super Rabbit CDROM Eject [A ] 83. c:\program files\super rabbit\magicset\srcd2.exe Super Rabbit Software UPX0,UPX1,.rsrc, + HKCR\.bat batfile\edit\Command [A ] 84. c:\windows\system32\notepad.exe Microsoft Corporation 记事本 .text,.data,.rsrc, batfile\print\Command [A ] 84. c:\windows\system32\notepad.exe Microsoft Corporation 记事本 .text,.data,.rsrc, + HKCR\.html htmlfile\Edit\Command [A ] 85. c:\program files\microsoft office\office11\msohtmed.exe Microsoft Corporation Microsoft Office 2003 component .text,.data,.rsrc, htmlfile\Print\Command [A ] 85. c:\program files\microsoft office\office11\msohtmed.exe Microsoft Corporation Microsoft Office 2003 component .text,.data,.rsrc, + HKCR\.htm htmlfile\Edit\Command [A ] 85. c:\program files\microsoft office\office11\msohtmed.exe Microsoft Corporation Microsoft Office 2003 component .text,.data,.rsrc, htmlfile\Print\Command [A ] 85. c:\program files\microsoft office\office11\msohtmed.exe Microsoft Corporation Microsoft Office 2003 component .text,.data,.rsrc, + HKCR\.log txtfile\print\Command [A ] 84. c:\windows\system32\notepad.exe Microsoft Corporation 记事本 .text,.data,.rsrc, txtfile\printto\Command [A ] 84. c:\windows\system32\notepad.exe Microsoft Corporation 记事本 .text,.data,.rsrc, + HKCR\.txt txtfile\print\Command [A ] 84. c:\windows\system32\notepad.exe Microsoft Corporation 记事本 .text,.data,.rsrc, txtfile\printto\Command [A ] 84. c:\windows\system32\notepad.exe Microsoft Corporation 记事本 .text,.data,.rsrc, + HKCR\.cmd cmdfile\edit\Command [A ] 84. c:\windows\system32\notepad.exe Microsoft Corporation 记事本 .text,.data,.rsrc, cmdfile\print\Command [A ] 84. c:\windows\system32\notepad.exe Microsoft Corporation 记事本 .text,.data,.rsrc, + HKCR\.reg regfile\edit\Command [A ] 84. c:\windows\system32\notepad.exe Microsoft Corporation 记事本 .text,.data,.rsrc, regfile\print\Command [A ] 84. c:\windows\system32\notepad.exe Microsoft Corporation 记事本 .text,.data,.rsrc, + HKCR\.vbs VBSFile\Edit\Command [A ] 84. c:\windows\system32\notepad.exe Microsoft Corporation 记事本 .text,.data,.rsrc, VBSFile\Print\Command [A ] 84. c:\windows\system32\notepad.exe Microsoft Corporation 记事本 .text,.data,.rsrc, + HKCR\.js JSFile\Edit\Command [A ] 84. c:\windows\system32\notepad.exe Microsoft Corporation 记事本 .text,.data,.rsrc, JSFile\Print\Command [A ] 84. c:\windows\system32\notepad.exe Microsoft Corporation 记事本 .text,.data,.rsrc, + HKCR\.mp3 RealPlayer.MP3.6\open\Command [A ] 86. c:\program files\real\realplayer\realplay.exe RealNetworks, Inc. RealPlayer .text,.rdata,.data,.rsrc, + HKCR\.ini inifile\open\Command [A ] 84. c:\windows\system32\notepad.exe Microsoft Corporation 记事本 .text,.data,.rsrc, inifile\print\Command [A ] 84. c:\windows\system32\notepad.exe Microsoft Corporation 记事本 .text,.data,.rsrc, + HKCR\.inf inffile\open\Command [A ] 84. c:\windows\system32\notepad.exe Microsoft Corporation 记事本 .text,.data,.rsrc, inffile\print\Command [A ] 84. c:\windows\system32\notepad.exe Microsoft Corporation 记事本 .text,.data,.rsrc, + 其他自启动项目 + C:\Documents and Settings\tcsf\「开始」菜单\程序\启动 QQ游戏启动加速程序.lnk [A ] 87. c:\program files\tencent\qqgame\accel.exe 深圳市腾讯计算机系统有限公司 QQ游戏 .text,.rdata,.data,.rsrc,
sftc19900416 初生襁褓狮帖子:18 注册: 2007-08-02 来自:

sftc19900416 初生襁褓狮帖子:18 注册: 2007-08-02 来自:	发表于： 2007-08-29 11:49 \| 只看楼主短消息资料字号：小中大 9楼 + 正在运行的进程 + 00000200(512) smax4pnp.exe 00400000[000E3000] [AM] 67. c:\program files\analog devices\core\smax4pnp.exe Analog Devices, Inc. SMax4PNP .text,.rdata,.data,.rsrc, 10000000[00057000] [ M] 88. c:\program files\analog devices\core\smwdmif.dll Analog Devices, Inc. SMWDM Interface DLL .text,.rdata,.data,.idata,.rsrc,.reloc, 72C90000[00009000] [ M] 89. c:\windows\system32\wdmaud.drv Microsoft Corporation WDM Audio driver mapper .text,.data,.rsrc,.reloc, 72C80000[00008000] [ M] 90. c:\windows\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, 00C50000[0001B000] [ M] 91. c:\program files\rising\antispyware\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, + 0000023c(572) atiptaxx.exe 00400000[00054000] [AM] 70. c:\program files\ati technologies\ati control panel\atiptaxx.exe ATI Technologies, Inc. ATI Desktop Control Panel .text,.rdata,.data,.rsrc, 10000000[00041000] [ M] 92. c:\program files\ati technologies\ati control panel\atipdsxx.dll ATI Technologies, Inc. ATI Desktop Control Panel .text,.rdata,.data,.sdata,.rsrc,.reloc, 00AD0000[0001A000] [ M] 93. c:\program files\ati technologies\ati control panel\atrpuixx.chs ATI Technologies, Inc. ATI Desktop Control Panel .rsrc,.reloc, 00C30000[00013000] [ M] 94. c:\program files\ati technologies\ati control panel\atipdxxx.dll ATI Technologies, Inc. ATI Desktop Control Panel .text,.rdata,.data,.rsrc,.reloc, 00DF0000[0001B000] [ M] 91. c:\program files\rising\antispyware\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, + 00000248(584) QQ.exe 00400000[001A6000] [ M] 95. c:\program files\tencent\qq\qq.exe TENCENT QQ .text,.rdata,.data,.rsrc, 10000000[00022000] [ M] 96. c:\program files\tencent\qq\coralassist.dll Coral Team 珊瑚虫增强包加载库 .text,.rdata,.data,.rsrc,.reloc, 005C0000[0007C000] [ M] 97. c:\program files\tencent\qq\coralqq.dll Coral Team CoralQQ Core DLL ,,,,.rsrc,,,.data,.adata, 003B0000[0002F000] [ M] 98. c:\program files\tencent\qq\kql.dll Coral Team Kwafu QQ Library (KQL) .text,.rsrc,.reloc, 7C420000[00087000] [ M] 99. c:\program files\tencent\qq\msvcp80.dll Microsoft Corporation Microsoft? C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 78130000[0009B000] [ M] 100. c:\program files\tencent\qq\msvcr80.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 60A80000[000F2000] [ M] 101. c:\program files\tencent\qq\mfc42.dll Microsoft Corporation MFCDLL Shared Library - Retail Version .text,.rdata,.data,.rsrc,.reloc, 003F0000[00009000] [ M] 102. c:\program files\tencent\qq\ipsearcher.dll 珊瑚虫 IP 地址查询工具 .text,.rsrc,.reloc, 00650000[0025A000] [ M] 103. c:\program files\tencent\qq\qqbaseclassindll.dll TENCENT QQBaseClassInDll DLL .text,.rdata,.data,.rsrc,.reloc, 008B0000[0009F000] [ M] 104. c:\program files\tencent\qq\qqhelperdll.dll TENCENT QQHelperDll DLL .text,.rdata,.data,.rsrc,.reloc, 00950000[00071000] [ M] 105. c:\program files\tencent\qq\basicctrldll.dll TENCENT BasicCtrlDll DLL .text,.rdata,.data,.rsrc,.reloc, 01D80000[00008000] [ M] 106. c:\program files\tencent\qq\nodisturbfilter.cqx Coral Team 拒绝视频打扰的珊瑚虫扩展 .text,.rdata,.data,.rsrc,.reloc, 01E00000[00006000] [ M] 107. c:\program files\tencent\qq\confighotkey.cqx Coral Team 热键激活珊瑚虫参数定制器的扩展 .text,.rdata,.data,.rsrc,.reloc, 621E0000[00005000] [ M] 108. c:\program files\tencent\qq\riched32.dll Microsoft Corporation Wrapper Dll for Richedit 1.0 .text,.data,.rsrc,.reloc, 62170000[00068000] [ M] 109. c:\program files\tencent\qq\riched20.dll Microsoft Corporation Rich Text Edit Control, v3.1 .text,.data,.rsrc,.reloc, 61310000[0003A000] [ M] 110. c:\program files\tencent\qq\qqapi.dll TENCENT ModuleSample DLL .text,.rdata,.data,.rsrc,.reloc, 62330000[00007000] [ M] 111. c:\program files\tencent\qq\timproxy.dll tencent TIMProxy .text,.orpc,.rdata,.data,.rsrc,.reloc, 02600000[0001B000] [ M] 91. c:\program files\rising\antispyware\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, 02780000[00006000] [ M] 112. c:\program files\tencent\qq\autoreconnect.cqx Coral Team 掉线后自动重新连接的珊瑚虫扩展 .text,.rdata,.data,.rsrc,.reloc, 027A0000[00038000] [ M] 113. c:\program files\tencent\qq\loginctrl.dll TENCENT NewSkin .text,.rdata,.data,.rsrc,.reloc, 608D0000[00099000] [ M] 114. c:\program files\tencent\qq\loginctrlres.dll TENCENT LoginCtrl DLL .rsrc,.reloc, 03260000[004A9000] [ M] 115. c:\program files\tencent\qq\qqres.dll TENCENT QQRes .rsrc,.reloc, 60A40000[00032000] [ M] 116. c:\program files\tencent\qq\mailsummary.dll TENCENT MailSummary DLL .text,.rdata,.data,.rsrc,.reloc, 61800000[00095000] [ M] 117. c:\program files\tencent\qq\qqmainframe.dll .text,.rdata,.data,.reloc, 603C0000[001A3000] [ M] 118. c:\program files\tencent\qq\gdiplus.dll Microsoft Corporation Microsoft GDI+ .text,.data,Shared,.rsrc,.reloc, 04040000[00124000] [ M] 119. c:\program files\tencent\qq\cqqapplication.dll .text,.rdata,.data,.reloc, 60380000[0003E000] [ M] 120. c:\program files\tencent\qq\flashavatardll.dll FlashAvatarDll DLL .text,.rdata,.data,.rsrc,.reloc, 60C20000[0005E000] [ M] 121. c:\program files\tencent\qq\newskin.dll TENCENT NewSkin Module .text,.rdata,.data,.rsrc,.reloc, 04360000[000BD000] [ M] 122. c:\program files\tencent\qq\hostingmgr.dll TENCENT HostingMgr DLL .text,.rdata,.data,.rsrc,.reloc, 60140000[00034000] [ M] 123. c:\program files\tencent\qq\cameradll.dll TENCENT CameraDll DLL .text,.rdata,.data,.MYSHARE,.rsrc,.reloc, 045E0000[0000C000] [ M] 124. c:\program files\tencent\qq\coralhotkey.cqx Coral Team “老板键”和“一键锁定”珊瑚虫扩展 .text,.rdata,.data,.rsrc,.reloc, 617B0000[00017000] [ M] 125. c:\program files\tencent\qq\qqknowledgesearch.dll TENCENT QQKnowledgeSearch DLL .text,.rdata,.data,.rsrc,.reloc, 048D0000[001F1000] [ M] 126. c:\program files\tencent\qq\qqallinone.dll TENCENT NewSkin .text,.rdata,.data,.rsrc,.reloc, 62210000[0002B000] [ M] 127. c:\program files\tencent\qq\sccore.dll TENCENT SCCore.dll .text,.rdata,.data,.shareds,.rsrc,.reloc, 62020000[00022000] [ M] 128. c:\program files\tencent\qq\qqspace.dll TENCENT QQSpace DLL .text,.rdata,.data,.rsrc,.reloc, 62380000[00071000] [ M] 129. c:\program files\tencent\qq\vbscript.dll Microsoft Corporation Microsoft (r) VBScript .text,.rdata,.data,.rsrc,.reloc, 61690000[00071000] [ M] 130. c:\program files\tencent\qq\qqgroupmng.dll TENCENT QQGroupMng DLL .text,.rdata,.data,.rsrc,.reloc,
sftc19900416 初生襁褓狮帖子:18 注册: 2007-08-02 来自:

sftc19900416 初生襁褓狮帖子:18 注册: 2007-08-02 来自:	发表于： 2007-08-29 11:49 \| 只看楼主短消息资料字号：小中大 10楼 62360000[00017000] [ M] 131. c:\program files\tencent\qq\userdefinedhead.dll TENCENT UserDefinedHead DLL .text,.rdata,.data,.rsrc,.reloc, 619D0000[000D9000] [ M] 132. c:\program files\tencent\qq\qqplugin.dll .text,.rdata,.data,.reloc, 615F0000[0000C000] [ M] 133. c:\program files\tencent\qq\qqconfigplugin.dll TENCENT QQConfigPlugin DLL .text,.rdata,.data,.rsrc,.reloc, 61350000[0003D000] [ M] 134. c:\program files\tencent\qq\qqavatar.dll .text,.rdata,.data,.reloc, 62050000[0003D000] [ M] 135. c:\program files\tencent\qq\qqsysmsgmng.dll .text,.rdata,.data,.reloc, 61F90000[00071000] [ M] 136. c:\program files\tencent\qq\qqsettingctrl.dll TENCENT QQSettingCtrl DLL .text,.rdata,.data,.rsrc,.reloc, 62150000[00016000] [ M] 137. c:\program files\tencent\qq\qringmng.dll .text,.rdata,.data,.reloc, 61600000[00034000] [ M] 138. c:\program files\tencent\qq\qqcustomface.dll .text,.rdata,.data,.reloc, 02900000[0002A000] [ M] 139. c:\program files\tencent\qq\qqpet.dll TENCENT QQPet DLL .text,.rdata,.data,.rsrc,.reloc, 60970000[000A8000] [ M] 140. c:\program files\tencent\qq\longconnection.dll TENCENT LongConnection .text,.rdata,.data,.rsrc,.reloc, 60680000[00024000] [ M] 141. c:\program files\tencent\qq\groupconnection.dll TENCENT GroupConnection DLL .text,.rdata,.data,.rsrc,.reloc, 60D20000[00026000] [ M] 142. c:\program files\tencent\qq\phoneapi.dll TENCENT PhoneAPI DLL .text,.rdata,.data,.rsrc,.reloc, 60330000[0000D000] [ M] 143. c:\program files\tencent\qq\dialerallinone.dll tencent DialerAllInOne .text,.rdata,.data,Shared,.rsrc,.reloc, 72C90000[00009000] [ M] 89. c:\windows\system32\wdmaud.drv Microsoft Corporation WDM Audio driver mapper .text,.data,.rsrc,.reloc, 72C80000[00008000] [ M] 90. c:\windows\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, 72C60000[00006000] [ M] 144. c:\windows\system32\msadp32.acm Microsoft Corporation Microsoft ADPCM CODEC for MSACM .text,.rsrc,.reloc, 60770000[0001A000] [ M] 145. c:\program files\tencent\qq\imageole.dll TENCENT TODO: <File description> .text,.rdata,.data,.rsrc,.reloc, 617D0000[00015000] [ M] 146. c:\program files\tencent\qq\qqliveqmng.dll TENCENT QQLiveQMng DLL .text,.rdata,.data,.rsrc,.reloc, 06820000[00019000] [ M] 147. c:\program files\rising\rav\ravscrch.dll Beijing Rising Technology Co., Ltd. RavScrCh Module .text,.rdata,.data,.rsrc,.reloc, 60120000[0001F000] [ M] 148. c:\program files\tencent\qq\bqqapplication.dll .text,.rdata,.data,.reloc, 60CA0000[0000F000] [ M] 149. c:\program files\tencent\qq\personaldesktop.dll TENCENT QQ个人桌面 .text,.rdata,.data,.rsrc,.reloc, 60180000[0004F000] [ M] 150. c:\program files\tencent\qq\commercesmng.dll TENCENT CommercesMng DLL .text,.rdata,.data,.rsrc,.reloc, 60E80000[00286000] [ M] 151. c:\program files\tencent\qq\qqaddr.dll 深圳市腾讯计算机系统有限公司腾讯通讯录 .text,.rdata,.data,.rsrc,.reloc, 620F0000[0005B000] [ M] 152. c:\program files\tencent\qq\qqzip.dll TENCENT QQZip .text,.rdata,.data,.rsrc,.reloc, 61F60000[0002C000] [ M] 153. c:\program files\tencent\qq\qqscenemng.dll .text,.rdata,.data,.reloc, 30000000[002EE000] [ M] 154. c:\windows\system32\macromed\flash\flash9b.ocx Adobe Systems, Inc. Adobe Flash Player 9.0 r28 .text,.rdata,.data,.rsrc,.reloc, 617F0000[0000E000] [ M] 155. c:\program files\tencent\qq\qqmagicface.dll TENCENT QQMagicFace DLL .text,.rdata,.data,.rsrc,.reloc, 02430000[0002B000] [ M] 156. c:\program files\tencent\qq\addrsearch.dll 腾讯科技（深圳）有限公司 QQPhoneHelper UPX0,UPX1,.rsrc, 07DA0000[001D0000] [ M] 157. c:\windows\system32\unispim5.ime 北京紫光华宇软件股份有限公司紫光华宇拼音输入法V5 .text,.rdata,.data,.share_d,.rsrc,.reloc, 61650000[0002A000] [ M] 158. c:\program files\tencent\qq\qqfiletransfer.dll TENCENT QQFileTransfer DLL .text,.rdata,.data,.rsrc,.reloc, + 0000027c(636) smss.exe + 000002c4(708) csrss.exe + 000002e8(744) winlogon.exe 10000000[00010000] [AM] 47. c:\windows\system32\ati2evxx.dll ATI Technologies Inc. ATI External Event Utility DLL Module .text,.rdata,.data,.rsrc,.reloc, 01440000[0003B000] [AM] 48. c:\windows\system32\wgalogon.dll Microsoft Corporation Windows 正版增值计划通知 .text,.data,.rsrc,.reloc, 72C90000[00009000] [ M] 89. c:\windows\system32\wdmaud.drv Microsoft Corporation WDM Audio driver mapper .text,.data,.rsrc,.reloc, 72C80000[00008000] [ M] 90. c:\windows\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, 01A90000[00018000] [ M] 159. c:\windows\system32\svchost.dll Microsoft Corporation .text,.rdata,.data,.rsrc,.reloc, + 00000314(788) services.exe + 00000320(800) lsass.exe + 000003bc(956) VM_STI.EXE 00400000[0000D000] [AM] 75. c:\windows\vm_sti.exe VM. Still Image (STI) Driver .text,.rdata,.data,.rsrc, 10000000[0001B000] [ M] 91. c:\program files\rising\antispyware\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, + 000003c4(964) Ati2evxx.exe 00400000[00059000] [AM] 2. c:\windows\system32\ati2evxx.exe ATI Technologies Inc. ATI External Event Utility EXE Module .text,.rdata,.data,.rsrc, 00B50000[0000F000] [ M] 160. c:\windows\system32\ati2edxx.dll ATI Technologies, Inc. ati2edxx .text,.data,.SHAREDS,.rsrc,.reloc, + 000003e4(996) realsched.exe 00400000[0002F000] [AM] 76. c:\program files\common files\real\update_ob\realsched.exe RealNetworks, Inc. RealNetworks Scheduler .text,.rdata,.data,.rsrc, 10000000[0001B000] [ M] 91. c:\program files\rising\antispyware\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, + 000003f0(1008) svchost.exe + 0000044c(1100) runiep.exe 00400000[00013000] [AM] 77. c:\program files\rising\antispyware\runiep.exe Beijing Rising Technology Co., Ltd. Rising AntiSpyware Monitor .text,.rdata,.data,.rsrc, 00C20000[0001B000] [ M] 91. c:\program files\rising\antispyware\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, + 00000464(1124) svchost.exe 50E60000[0000C000] [ M] 161. c:\windows\system32\wups2.dll Microsoft Corporation Windows Update client proxy stub 2 .text,.orpc,.data,.rsrc,.reloc,
sftc19900416 初生襁褓狮帖子:18 注册: 2007-08-02 来自:

<<上一主题|下一主题>>

12 3

1 / 3 页

跳转页

页面顶部

Powered by Discuz!NT