杀不掉病毒！ - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛杀不掉病毒！

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

12

1 / 2 页

跳转页

杀不掉病毒！

最后一片树叶初生襁褓狮帖子:13 注册: 2007-07-09 来自:	发表于： 2007-07-09 10:37 \| 显示全部短消息资料字号：小中大 1楼杀不掉病毒！我中了不知道什么病毒杀完了一重启还有，请大家看看啊！ 2007-09-21 00:03:42
最后一片树叶初生襁褓狮帖子:13 注册: 2007-07-09 来自:	分享到：

最后一片树叶初生襁褓狮帖子:13 注册: 2007-07-09 来自:	发表于： 2007-07-09 10:40 \| 显示全部短消息资料字号：小中大 2楼病毒名称处理结果发现日期扫描方式路径文件病毒来源 Trojan.PSW.Win32.LMir.hru删除成功2007-07-08 19:08手动扫描c:\documents and settings\localservice\local settings\temporary internet files\content.ie5\8xyz0p2310[1].exe>>upack0.39本机 Dropper.Win32.OnlineGames.n删除成功2007-07-08 19:08手动扫描C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\CPEF45I70[1].exe本机 Trojan.PSW.Win32.XYOnline.an删除成功2007-07-08 19:08手动扫描c:\documents and settings\localservice\local settings\temporary internet files\content.ie5\cpef45i73[1].exe>>upack0.39本机 Trojan.PSW.Win32.Agent.pk删除成功2007-07-08 19:08手动扫描C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\CPEF45I79[1].exe本机 Trojan.PSW.Win32.Agent.pk删除成功2007-07-08 19:08手动扫描C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\LJHXGH9P2[1].exe本机 Trojan.PSW.Win32.RocOnline.t删除成功2007-07-08 19:08手动扫描C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\LJHXGH9P4[1].exe本机 Dropper.Win32.ArpCheater.a删除成功2007-07-08 19:08手动扫描c:\documents and settings\localservice\local settings\temporary internet files\content.ie5\pt37q9pn11[1].exe>>upack0.34本机 Trojan.PSW.Win32.OnlineGames.dau删除成功2007-07-08 19:08手动扫描C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\PT37Q9PN6[1].exe本机 Trojan.PSW.Win32.QQPass.qlc删除成功2007-07-08 19:08手动扫描c:\documents and settings\localservice\local settings\temporary internet files\content.ie5\pt37q9pn8[1].exe>>upx_c本机 Trojan.PSW.Win32.RocOnline.t重新启动计算机后删除文件2007-07-08 19:34手动扫描C:\WINDOWS\system32cxfrru.dll本机 Trojan.PSW.Win32.RocOnline.t重新启动计算机后删除文件2007-07-08 19:36手动扫描C:\WINDOWS\system32TIMHost.dll本机 Trojan.PSW.Win32.QQPass.qlc删除成功2007-07-08 19:43手动扫描e:sysauto.exe>>upx_c本机 Trojan.DL.Win32.Agent.wnn清除成功2007-07-08 19:51手动扫描svchost.exe>>C:\WINDOWS\system32\svchost.exe本机 Dropper.Win32.ArpCheater.a删除成功2007-07-08 19:54手动扫描c:\documents and settings\localservice\local settings\temporary internet files\content.ie5\8xyz0p2311[1].exe>>upack0.34本机 Trojan.DL.Win32.Agent.wnn清除成功2007-07-09 08:25手动扫描svchost.exe>>C:\WINDOWS\system32\svchost.exe本机 Trojan.PSW.Win32.Agent.pk删除成功2007-07-09 08:42手动扫描C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\8XYZ0P232[1].exe本机 Trojan.IMMSG.Win32.TBMSG.gp删除成功2007-07-09 08:42手动扫描C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\8XYZ0P237[1].exe本机 Trojan.IMMSG.Win32.TBMSG.gp删除成功2007-07-09 08:42手动扫描C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\8XYZ0P237[2].exe本机 Trojan.PSW.Win32.XYOnline.an删除成功2007-07-09 08:42手动扫描c:\documents and settings\localservice\local settings\temporary internet files\content.ie5\cpef45i73[1].exe>>upack0.39本机 Trojan.PSW.Win32.AskTao.r删除成功2007-07-09 08:42手动扫描c:\documents and settings\localservice\local settings\temporary internet files\content.ie5\cpef45i75[1].exe>>upx_c本机 Trojan.PSW.Win32.AskTao.r删除成功2007-07-09 08:42手动扫描c:\documents and settings\localservice\local settings\temporary internet files\content.ie5\cpef45i75[2].exe>>upx_c本机 Trojan.PSW.Win32.Agent.pk删除成功2007-07-09 08:42手动扫描C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\CPEF45I79[1].exe本机 Trojan.PSW.Win32.RocOnline.t删除成功2007-07-09 08:42手动扫描C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\LJHXGH9P4[1].exe本机 Trojan.PSW.Win32.RocOnline.t删除成功2007-07-09 08:42手动扫描C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\LJHXGH9P4[2].exe本机 Trojan.PSW.Win32.OnlineGames.dcv删除成功2007-07-09 08:42手动扫描C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\LJHXGH9P6[1].exe本机 Trojan.PSW.Win32.OnlineGames.dcv删除成功2007-07-09 08:42手动扫描C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\LJHXGH9P6[2].exe本机 Dropper.Win32.OnlineGames.n删除成功2007-07-09 08:42手动扫描C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\PT37Q9PN0[1].exe本机 Trojan.PSW.Win32.RocOnline.t删除成功2007-07-09 09:03手动扫描C:\WINDOWS\system324.exe本机 Trojan.PSW.Win32.AskTao.r删除成功2007-07-09 09:03手动扫描c:\windows\system325.exe>>upx_c本机
最后一片树叶初生襁褓狮帖子:13 注册: 2007-07-09 来自:

最后一片树叶初生襁褓狮帖子:13 注册: 2007-07-09 来自:	发表于： 2007-07-09 11:34 \| 显示全部短消息资料字号：小中大 3楼瑞星卡卡电脑诊断日志 v1.20 (2007-7-9 11:8:56) 北京瑞星科技股份有限公司注释:[A]表示该文件存在自启动关联; [M]表示该文件在内存中; + 注册表自运行项目 + Win32 Services + HKLM\System\CurrentControlSet\Services AcPrfMgrSvc [AM] 1. c:\program files\thinkpad\connectutilities\acprfmgrsvc.exe .text,.rdata,.data, 6A 28 68 C8 6A 40 00 E8 FA 01 00 00 33 FF 57 FF AcSvc [AM] 2. c:\program files\thinkpad\connectutilities\acsvc.exe Lenovo ThinkVantage Access Connections Main Service Module .text,.rdata,.data,.rsrc, 6A 74 68 20 BD 41 00 E8 36 03 00 00 33 FF 89 7D Adobe LM Service [A ] 3. c:\program files\common files\adobe systems shared\service\adobelmsvc.exe Adobe Systems System Level Service Utility .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 20 E2 40 00 68 08 75 40 00 64 aspnet_state [A ] 4. c:\windows\microsoft.net\framework\v1.1.4322\aspnet_state.exe Microsoft Corporation aspnet_state.exe .text,.data,.rsrc, 6A 28 68 F0 11 42 00 E8 D3 02 00 00 33 FF 57 FF Ati HotKey Poller [AM] 5. c:\windows\system32\ati2evxx.exe ATI Technologies Inc. ATI External Event Utility EXE Module .text,.rdata,.data,.rsrc, 6A 60 68 B8 D4 45 00 E8 E6 24 00 00 83 65 FC 00 Autodesk Licensing Service [A ] 6. c:\program files\common files\autodesk shared\service\adskscsrv.exe Autodesk System Level Service Utility .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 20 E2 40 00 68 08 75 40 00 64 btwdins [AM] 7. c:\program files\thinkpad\bluetooth software\bin\btwdins.exe Broadcom Corporation. Bluetooth Support Server .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 58 A1 42 00 68 18 97 41 00 64 Diskeeper [AM] 8. c:\program files\diskeeper corporation\diskeeper\dkservice.exe Diskeeper Corporation DKSERVICE.EXE .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 10 B4 47 00 68 C0 3B 46 00 64 EvtEng [AM] 9. c:\program files\intel\wireless\bin\evteng.exe Intel Corporation Intel(R) PROSet/Wireless Event Log .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 F0 34 41 00 68 B4 84 40 00 64 gusvc [A ] 10. c:\program files\google\common\google updater\googleupdaterservice.exe Google gusvc .text,.rdata,.data,.rsrc, 6A 60 68 20 95 41 00 E8 40 03 00 00 BF 94 00 00 IBMPMSVC [AM] 11. c:\windows\system32\ibmpmsvc.exe .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 80 B3 40 00 68 60 86 40 00 64 IDriverT [A ] 12. c:\program files\common files\installshield\driver\1050\intel 32\idrivert.exe Macrovision Corporation IDriverT Module .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 30 A3 40 00 68 E4 67 40 00 64 IPSSVC [AM] 13. c:\windows\system32\ipssvc.exe Lenovo Group Limited IPS Core Service .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 E0 B5 40 00 68 E0 5C 40 00 64 ose
最后一片树叶初生襁褓狮帖子:13 注册: 2007-07-09 来自:

最后一片树叶初生襁褓狮帖子:13 注册: 2007-07-09 来自:	发表于： 2007-07-09 11:35 \| 显示全部短消息资料字号：小中大 4楼 [A ] 14. c:\program files\common files\microsoft shared\source engine\ose.exe Microsoft Corporation Office Source Engine .text,.data,.rsrc, 6A 74 68 60 2E 00 30 E8 23 04 00 00 33 DB 89 5D RegSrvc [AM] 15. c:\program files\intel\wireless\bin\regsrvc.exe Intel Corporation Intel(R) PROSet/Wireless Registry Service .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 A0 6B 42 00 68 A0 AA 40 00 64 RfwProxySrv [A ] 16. d:\program files\rising\rfw\rfwproxy.exe Beijing Rising Technology Co., Ltd. Rising Personal Proxy Service .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 60 94 40 00 68 40 85 40 00 64 RfwService [A ] 17. d:\program files\rising\rfw\rfwsrv.exe Beijing Rising Technology Co., Ltd. Rising Personal FireWall Service .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 70 AC 41 00 68 80 94 41 00 64 RsCCenter [A ] 18. d:\program files\rising\rav\ccenter.exe Beijing Rising Technology Co., Ltd. CCenter .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 C8 26 41 00 68 D8 AB 40 00 64 RsRavMon [A ] 19. d:\program files\rising\rav\ravmond.exe Beijing Rising Technology Co., Ltd. RavMond .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 F8 D7 42 00 68 C4 E4 41 00 64 S24EventMonitor [AM] 20. c:\program files\intel\wireless\bin\s24evmon.exe Intel Corporation Wireless Management Service .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 30 E0 46 00 68 C0 AC 44 00 64 TPHDEXLGSVC [AM] 21. c:\windows\system32\tphdexlg.exe Lenovo. ThinkVantage Active Protection System - HDD Logger Module .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 90 E1 40 00 68 3C 82 40 00 64 TpKmpSVC [AM] 22. c:\windows\system32\tpkmpsvc.exe .text,.rdata,.data, 55 8B EC 6A FF 68 48 61 40 00 68 DC 3C 40 00 64 TSSCoreService [AM] 23. c:\program files\ibm thinkvantage\client security solution\ibmtcsd.exe IBM ibmtcsd Application .text,.rdata,.data,.rsrc, 6A 18 68 98 09 4A 00 E8 FD 05 00 00 BF 94 00 00 TVT Backup Service [AM] 24. c:\program files\ibm thinkvantage\rescue and recovery\rrservice.exe rrservice Module .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 D8 76 43 00 68 32 0F 41 00 64 TVT Scheduler [AM] 25. c:\program files\ibm thinkvantage\common\scheduler\tvtsched.exe tvtsched Module .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 28 C7 40 00 68 56 73 40 00 64 UCLauncherService [AM] 26. c:\program files\thinkvantage\systemupdate\uclauncherservice.exe .text,.rdata,.data, 6A 60 68 A8 71 40 00 E8 03 06 00 00 BF 94 00 00 UMWdf [AM] 27. c:\windows\system32\wdfmgr.exe Microsoft Corporation Windows User Mode Driver Manager .text,.data,.rsrc, 6A 28 68 30 26 00 01 E8 A5 01 00 00 66 81 3D 00 WmcCds [A ] 28. c:\program files\windows media connect\mswmccds.exe Microsoft Corporation Windows Media Connect .text,.rsrc,.reloc, FF 25 00 20 40 00 00 00 00 00 00 00 00 00 00 00 WmcCdsLs [A ] 29. c:\program files\windows media connect\mswmcls.exe Microsoft Corporation Windows Media Connect .text,.data,.rsrc, 6A 28 68 48 33 00 01 E8 A2 01 00 00 66 81 3D 00 + Kernel Drivers + HKLM\System\CurrentControlSet\Services ADIHdAudAddService [A ] 30. c:\windows\system32\drivers\adihdaud.sys Analog Devices, Inc. High Definition Audio Function Driver(Release Candidate 1) .text,CODE,.rdata,.data,PAGE,INIT,.rsrc,.reloc, A1 88 DA 01 00 85 C0 B9 4E E6 40 BB 74 04 3B C1 AEAudioService [A ] 31. c:\windows\system32\drivers\aeaudio.sys Andrea Electronics Corporation Audio Noise Filtering Driver .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, 55 8B EC 83 EC 14 53 56 8B 35 14 DA 02 00 57 68 AegisP [A ] 32. c:\windows\system32\drivers\aegisp.sys Meetinghouse Data Communications IEEE 802.1X Protocol Driver .text,.rdata,.data,INIT,.rsrc,.reloc, 55 8B EC 81 EC 90 00 00 00 8B 45 08 53 56 8B 35 ANC [A ] 33. c:\windows\system32\drivers\anc.sys IBM Corp. IBM Access Connections - ANC .text,.rdata,INIT,.rsrc,.reloc, 55 8B EC 81 EC 80 00 00 00 53 57 6A 1B 59 33 C0 atmeltpm
最后一片树叶初生襁褓狮帖子:13 注册: 2007-07-09 来自:

最后一片树叶初生襁褓狮帖子:13 注册: 2007-07-09 来自:	发表于： 2007-07-09 11:38 \| 显示全部短消息资料字号：小中大 5楼 [A ] 34. c:\windows\system32\drivers\atmeltpm.sys Atmel, Inc. Atmel TPM Driver .text,.rdata,.data,INIT,.rsrc,.reloc, BaseTDI [A ] 35. c:\windows\system32\drivers\basetdi.sys Beijing Rising Technology Co., Ltd. basetdi .text,.rdata,.data,INIT,.rsrc,.reloc, 55 8B EC 83 EC 14 53 56 57 E8 13 04 00 00 8B 35 btaudio [A ] 36. c:\windows\system32\drivers\btaudio.sys Broadcom Corporation. Bluetooth Audio Device .text,.rdata,.data,INIT,.rsrc,.reloc, 68 92 A6 01 00 FF 74 24 0C FF 74 24 0C E8 52 D6 BTDriver [A ] 37. c:\windows\system32\drivers\btport.sys Broadcom Corporation. Bluetooth BTPORT Driver for Windows 2000 .text,.rdata,.data,INIT,.rsrc,.reloc, 56 8B 74 24 0C 57 68 43 4F 4D 58 66 8B 46 02 66 BTKRNL [A ] 38. c:\windows\system32\drivers\btkrnl.sys Broadcom Corporation. Bluetooth Bus Enumerator .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, 56 8B 74 24 0C 68 42 74 6B 72 66 8B 06 66 05 02 BTWDNDIS [A ] 39. c:\windows\system32\drivers\btwdndis.sys Broadcom Corporation. Bluetooth LAN Access Server Driver .text,PNP,.data,INIT,.rsrc,.reloc, 55 8B EC 83 EC 60 53 56 33 DB 57 53 8D 45 0C FF BTWUSB [A ] 40. c:\windows\system32\drivers\btwusb.sys Broadcom Corporation. Driver for Bluetooth USB Devices .text,PNP,.data,INIT,.rsrc,.reloc, 55 8B EC 51 6A 00 6A 01 FF 15 A0 03 01 00 25 FF e1express [A ] 41. c:\windows\system32\drivers\e1e5132.sys Intel Corporation Intel(R) PRO/1000 Adapter NDIS 5.1 deserialized driver .text,.rdata,.data,INIT,.rsrc,.reloc, E9 27 FF FF FF CC 55 8B EC 53 33 DB 66 39 5D 0C EGATHDRV [A ] 42. c:\windows\system32\egathdrv.sys IBM Corporation IBM eGatherer Kernel Module .text,.rdata,INIT,.rsrc,.reloc, 55 8B EC 83 EC 64 53 56 57 6A 08 59 BE 80 02 01 ExpScaner [A ] 43. d:\program files\rising\rav\expscan.sys ExpScan.sys .text,.rdata,.data,INIT,.rsrc,.reloc, 55 8B EC 51 68 88 38 02 00 FF 15 70 1F 01 00 83 HDAudBus [A ] 44. c:\windows\system32\drivers\hdaudbus.sys Windows (R) Server 2003 DDK provider High Definition Audio Bus Driver v1.0a .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, A1 C0 D0 02 00 85 C0 B9 4E E6 40 BB 74 04 3B C1 HookCont [A ] 45. d:\program files\rising\rav\hookcont.sys Rising HookCont .text,.rdata,.data,INIT,.rsrc,.reloc, 55 8B EC 83 EC 14 53 56 57 68 70 20 00 00 E8 F7 HookReg [A ] 46. d:\program files\rising\rav\hookreg.sys .text,.rdata,.data,INIT,.rsrc,.reloc, 55 8B EC 83 EC 64 56 57 C7 45 AC 00 00 00 00 B9 HookSys [A ] 47. d:\program files\rising\rav\hooksys.sys Rising Hooksys .text,.rdata,.data,INIT,.rsrc,.reloc, 55 8B EC 83 EC 14 53 56 57 E8 8A 08 00 00 68 FC HookUrl [A ] 48. d:\program files\rising\rfw\hookurl.sys Beijing Rising Technology Co., Ltd. HookUrl .text,.rdata,.data,INIT,.rsrc,.reloc, 55 8B EC 83 EC 10 53 56 8B 75 08 57 6A 1B B8 8C HSF_DPV [A ] 49. c:\windows\system32\drivers\hsx_dpv.sys Conexant Systems, Inc. HSF_DP driver .text,_PARA_DA,.rdata,.data,.STL,.CRT,PAGE,INIT,.rsrc,.reloc, A1 60 C0 0D 00 85 C0 B9 4E E6 40 BB 74 04 3B C1 HSXHWAZL [A ] 50. c:\windows\system32\drivers\hsxhwazl.sys Conexant Systems, Inc. HSF_HWAZL WDM driver .text,GLOBAL_I,.rdata,.data,.CRT,GLOBAL_I,.STL,PAGE,INIT,.rsrc,.reloc, A1 0C A7 03 00 85 C0 B9 4E E6 40 BB 74 04 3B C1 ibmfilter [A ] 51. c:\windows\system32\drivers\ibmfilter.sys IBM IBM Rescue and Recovery filter driver .text,.rdata,.data,INIT,.rsrc,.reloc, 81 EC A0 00 00 00 53 56 57 6A 09 59 6A 0B BE 02 IBMPMDRV [A ] 52. c:\windows\system32\drivers\ibmpmdrv.sys Lenovo. ThinkPad Power Management Driver .text,.rdata,.data,INIT,.rsrc,.reloc, 8B 44 24 04 B9 42 03 01 00 89 48 40 89 48 38 8B IBMTPCHK [A ] 53. c:\windows\system32\drivers\ibmbldid.sys .text,.rdata,INIT,.reloc, 55 8B EC 83 EC 0C 8B 45 08 C7 40 70 6A 05 01 00 mdmxsdk [A ] 54. c:\windows\system32\drivers\mdmxsdk.sys Conexant Diagnostic Interface DRIVER .text,.rdata,.data,INIT,.rsrc,.reloc, A1 04 27 01 00 85 C0 B9 4E E6 40 BB 74 04 3B C1 MEMSCAN
最后一片树叶初生襁褓狮帖子:13 注册: 2007-07-09 来自:

最后一片树叶初生襁褓狮帖子:13 注册: 2007-07-09 来自:	发表于： 2007-07-09 11:39 \| 显示全部短消息资料字号：小中大 6楼 [A ] 55. d:\program files\rising\rav\memscan.sys 瑞星软件有限公司 MemScan Driver .text,.rdata,.data,INIT,.rsrc,.reloc, 55 8B EC 83 EC 14 56 8B 35 DC 0C 01 00 57 8D 45 mProcRs [A ] 56. d:\program files\rising\rfw\mprocrs.sys Beijing Rising Technology Co., Ltd. Rising Personal FireWall mprocrs.sys .text,.rdata,.data,INIT,.rsrc,.reloc, 55 8B EC 83 EC 10 56 57 E8 29 02 00 00 85 C0 75 NPF [A ] 57. c:\windows\system32\drivers\npf.sys CACE Technologies npf .text,.rdata,.data,INIT,.rsrc,.reloc, 55 8B EC 81 EC 80 00 00 00 53 56 57 8B 7D 0C 33 npkcrypt [A ] 58. d:\qqdownload\qq2007\qq\npkcrypt.sys pmem [A ] 59. c:\windows\system32\drivers\pmemnt.sys Microsoft Corporation Physical Memory Driver .text,.edata,INIT,.rsrc,.reloc, 55 8B EC 8B 45 08 B9 86 05 01 00 89 48 38 89 48 PrivateDisk [A ] 60. c:\program files\ibm thinkvantage\safeguard privatedisk\privatediskm.sys Utimaco Safeware AG SafeGuard? PrivateDisk Driver .text,INITPD,.data,PAGEPD,INIT,.rsrc,.reloc, 55 8B EC 83 EC 0C 6A 00 6A 00 68 00 46 01 00 68 PROCDD [A ] 61. c:\windows\system32\drivers\procdd.sys Lenovo Group Limited IPS Helper Driver .text,.rdata,.data,INIT,.rsrc,.reloc, psadd [A ] 62. c:\windows\system32\drivers\psadd.sys Lenovo SMI Driver .text,.rdata,.data,PAGE,PAGELOCK,INIT,.rsrc,.reloc, 8B 44 24 04 B9 83 0C 01 00 6A 00 50 89 48 38 89 PxHelp20 [A ] 63. c:\windows\system32\drivers\pxhelp20.sys Sonic Solutions Px Engine Device Driver for Windows 2000/XP .text,.rdata,.data,INIT,.rsrc,.reloc, 55 8B EC 83 EC 10 53 56 57 33 DB 33 C0 8D 7D FA RsAntiSpyware [A ] 64. c:\windows\system32\drivers\rsboot.sys Beijing Rising Technology Co., Ltd. Anti-RootKit Driver .text,.rdata,.data,INIT,.rsrc,.reloc, 55 8B EC 83 EC 20 53 56 33 F6 57 89 75 F4 60 8D RsFwDrv [A ] 65. d:\program files\rising\rfw\rsfwdrv.sys Beijing Rising Technology Co., Ltd. nt_fwdrv .text,.rdata,.data,INIT,.rsrc,.reloc, 55 8B EC 83 EC 14 53 56 57 E8 74 CA FF FF 84 C0 RsNTGDI [A ] 66. c:\windows\system32\drivers\rsntgdi.sys Beijing Rising Technology Co., Ltd. RsNTGDI .text,.rdata,INIT,.rsrc,.reloc, 55 8B EC 83 EC 10 56 8B 75 08 57 8B 3D 58 05 01 RSPPSYS [A ] 67. d:\program files\rising\rav\rsppsys.sys Rising RSPPSYS.SYS .text,.rdata,.data,INIT,.rsrc,.reloc, 55 8B EC 83 EC 14 53 6A 5C E8 EE FB FF FF 33 DB s24trans [A ] 68. c:\windows\system32\drivers\s24trans.sys Intel Corporation Intel WLAN Packet Driver .text,.rdata,.data,INIT,.rsrc,.reloc, 8B FF 55 8B EC A1 04 28 01 00 85 C0 B9 40 BB 00 Secdrv [A ] 69. c:\windows\system32\drivers\secdrv.sys .text,.data,INIT,.reloc, 55 8B EC 83 EC 10 53 56 57 E8 E4 A3 FF FF 89 45 ShockMgr [A ] 70. c:\windows\system32\drivers\shockmgr.sys Lenovo. ShockMgr Device Driver .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, 56 8B 74 24 0C 66 8B 06 66 05 02 00 66 A3 0A 08 Shockprf [A ] 71. c:\windows\system32\drivers\shockprf.sys Lenovo Shockproof Disk Driver .text,.rdata,.data,PAGE,PAGE_DAT,INIT,.rsrc,.reloc, 33 C0 39 44 24 08 74 05 E9 87 FE FF FF C2 08 00 Smapint [A ] 72. c:\windows\system32\drivers\smapint.sys Microsoft Corporation SMAPI I/O .text,.rdata,.data,.idata,.rsrc,.reloc, 55 B8 2A 11 01 00 8B EC 83 EC 04 56 8B 4D 08 8D smi2 [A ] 73. c:\program files\smi2\smi2.sys IBM Corp. SMI BIOS driver .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, FF 74 24 08 68 CC 09 01 00 E8 13 F9 FF FF 8B 44 smihlp [A ] 74. c:\program files\thinkvantage fingerprint software\smihlp.sys UPEK Inc. SMI helper driver .text,.rdata,INIT,.rsrc,.reloc, 55 8B EC 83 EC 14 80 65 FF 00 53 56 8B 75 08 57 SYMIDSCO [A ] 75. c:\progra~1\common~1\symant~1\symcdata\scfids~1\20070702.003\symidsco.sys SynTP [A ] 76. c:\windows\system32\drivers\syntp.sys Synaptics, Inc. Synaptics Touchpad Driver .text,.data,INIT,.rsrc,.reloc, E8 0B E7 FF FF 8B 44 24 08 8B 0D 90 89 03 00 50 TcUsb [A ] 77. c:\windows\system32\drivers\tcusb.sys UPEK Inc. TouchChip USB Kernel Driver .text,.rdata,.data,INIT,.rsrc,.reloc, 55 8B EC 83 EC 38 53 56 57 6A 06 59 6A 08 BE 5E TDSMAPI [A ] 78. c:\windows\system32\drivers\tdsmapi.sys .text,.rdata,.data,.reloc, TPHKDRV [A ] 79. c:\windows\system32\drivers\tphkdrv.sys IBM Corporation ThinkPad Hotkey Driver .text,.rdata,.data,INIT,.rsrc,.reloc, 55 8B EC 8B 45 08 B9 CA 03 01 00 89 48 70 89 48 TPPWRIF [A ] 80. c:\windows\system32\drivers\tppwrif.sys .text,.rdata,.data,.reloc, TSMAPIP [A ] 81. c:\windows\system32\drivers\tsmapip.sys .text,.rdata,.data,.reloc, w39n51 [A ] 82. c:\windows\system32\drivers\w39n51.sys Intel? Corporation Intel? Wireless LAN Driver .text,.rdata,.data,INIT,.rsrc,.reloc, 81 EC 80 00 00 00 8B 94 24 84 00 00 00 57 33 C0 winachsf [A ] 83. c:\windows\system32\drivers\hsx_cnxt.sys Conexant Systems, Inc. HSF_CNXT driver .text,_LTEXT,.rdata,.data,_LDATA,PAGESER,INIT,.rsrc,.reloc, ZSMC303 [A ] 84. c:\windows\system32\drivers\usbvm303.sys VM Video streaming and Capture Device Driver .text,.data,.data1,PAGECONS,INIT,.rsrc,.reloc, 68 74 1B 01 00 6A 04 68 88 05 00 00 FF 74 24 14 + Winlogon + HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify ACNotify [AM] 85. c:\program files\thinkpad\connectutilities\acnotify.dll Lenovo ThinkVantage Access Connections Notify component .text,.rdata,.data,.rsrc,.reloc, 6A 0C 68 E8 3C 00 10 E8 0A 02 00 00 33 C0 40 89 AtiExtEvent [AM] 86. c:\windows\system32\ati2evxx.dll ATI Technologies Inc. ATI External Event Utility DLL Module .text,.rdata,.data,.rsrc,.reloc, 8B FF 55 8B EC 53 8B 5D 08 56 8B 75 0C 85 F6 57 psfus [AM] 87. c:\windows\system32\psqlpwd.dll UPEK Inc. Logon stub .text,.rdata,.data,.rsrc,.reloc, 6A 0C 68 E8 71 40 31 E8 F5 04 00 00 33 C0 40 89 tpfnf2 [A ] 88. c:\windows\system32\notifyf2.dll .text,.rdata,.data,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 tphotkey [AM] 89. c:\windows\system32\tphklock.dll .text,.rdata,.data,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 + Internet Explorer + HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar {2318C2B1-4965-11d4-9B18-009027A5CD4F} [A ] 90. c:\program files\google\googletoolbar2.dll Google Inc. Google IE 客户端工具栏 .text,.rdata,.data,shared,.rsrc,.reloc, 6A 0C 68 40 31 10 10 E8 98 EC FF FF 33 C0 40 89 {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} [A ] 91. c:\windows\system32\kakatool.dll Beijing Rising Technology Co., Ltd. Rising AntiSpyware Toolbar .text,.rdata,.data,MonitorS,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 + HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} [A ] 92. c:\program files\tencent\ssplus\saddr.dll Tencent .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects {01443AEC-0FD1-40fd-9C87-E93D1494C233} [A ] 93. d:\qqdownload\thunder.v5.6.2.300.noad-ayu\thunder.v5.6.2.300.noad-ayu\comdlls\tdatonce_now.dll Thunder Networking Technologies,LTD 迅雷浏览器高级特性支持模块 .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 56 8B 75 0C 83 FE 01 74 05 83 FE 02 75 {06849E9E-C8D7-4D59-B87D-784B7D6BE0B3} [A ] 94. d:\qqdownload\thunder.v5.6.2.300.noad-ayu\thunder.v5.6.2.300.noad-ayu\comdlls\xunleibho_now.dll Thunder Networking Technologies,LTD XunLeiBHO .text,.rdata,.data,.rsrc,.reloc, 6A 0C 68 80 0D 01 10 E8 2A F5 FF FF 33 C0 40 89 {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [AM] 95. c:\program files\adobe\acrobat 7.0\activex\acroiehelper.dll Adobe Systems Incorporated Adobe Acrobat IE Helper Version 7.0 for ActiveX .text,.rdata,.data,.rsrc,.reloc, 6A 0C 68 08 89 00 10 E8 62 FC FF FF 33 C0 40 89 {0C7C23EF-A848-485B-873C-0ED954731014} [A ] 92. c:\program files\tencent\ssplus\saddr.dll Tencent .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 {AA58ED58-01DD-4d91-8333-CF10577473F7} [A ] 90. c:\program files\google\googletoolbar2.dll Google Inc. Google IE 客户端工具栏
最后一片树叶初生襁褓狮帖子:13 注册: 2007-07-09 来自:

最后一片树叶初生襁褓狮帖子:13 注册: 2007-07-09 来自:	发表于： 2007-07-09 11:41 \| 显示全部短消息资料字号：小中大 7楼 .text,.rdata,.data,shared,.rsrc,.reloc, 6A 0C 68 40 31 10 10 E8 98 EC FF FF 33 C0 40 89 {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [AM] 96. c:\program files\google\googletoolbarnotifier\2.0.301.7164\swg.dll Google Inc. GoogleToolbarNotifier .text,.rdata,.data,.rsrc,.reloc, 6A 0C 68 78 C1 03 10 E8 37 02 00 00 33 C0 40 89 + HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions Exec [A ] 97. c:\program files\lenovo\pkgmgr\pkgmgr.exe Lenovo Group Limited Software Installer .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 00 D3 41 00 68 F8 77 41 00 64 Exec [A ] 98. c:\program files\messenger\msmsgs.exe Microsoft Corporation Windows Messenger .text,.data,.rsrc, 6A 70 68 10 98 00 01 E8 BF 01 00 00 33 DB 53 8B + Explorer + HKLM\SOFTWARE\Classes\PROTOCOLS\Filter application/octet-stream [AM] 99. c:\windows\system32\mscoree.dll Microsoft Corporation Microsoft .NET Runtime Execution Engine .text,.data,.rsrc,.reloc, 6A 0C 68 B8 21 17 79 E8 84 FF FF FF 33 C0 40 89 application/x-complus [AM] 99. c:\windows\system32\mscoree.dll Microsoft Corporation Microsoft .NET Runtime Execution Engine .text,.data,.rsrc,.reloc, 6A 0C 68 B8 21 17 79 E8 84 FF FF FF 33 C0 40 89 application/x-msdownload [AM] 99. c:\windows\system32\mscoree.dll Microsoft Corporation Microsoft .NET Runtime Execution Engine .text,.data,.rsrc,.reloc, 6A 0C 68 B8 21 17 79 E8 84 FF FF FF 33 C0 40 89 text/xml [A ] 100. c:\program files\common files\microsoft shared\office11\msoxmlmf.dll Microsoft Corporation Microsoft Office XML MIME Filter .text,.data,.rsrc,.reloc, 6A 0C 68 70 22 40 00 E8 FD 01 00 00 33 C0 40 89 + HKLM\SOFTWARE\Classes\PROTOCOLS\Handler cetihpz [A ] 101. c:\program files\hp\hpcoretech\comp\hpuiprot.dll Hewlett-Packard Company HPCETIUI Protocol Handler Module .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 85 F6 57 8B 7D mso-offdap [A ] 102. c:\program files\common files\microsoft shared\web components\10\owc10.dll Microsoft Corporation Microsoft Office XP Web Components .text,.data,.rtext,.bootdat,msoconst,Shared,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 + HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers {F9DB5320-233E-11D1-9F84-707F02C10627} [AM] 103. c:\program files\adobe\acrobat 7.0\activex\pdfshell.dll Adobe Systems, Inc. PDF Shell Extension .text,.rdata,.data,.rsrc,.reloc, 6A 0C 68 E8 DD 00 10 E8 F5 EF FF FF 33 C0 40 89 + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved HyperTerminal Icon Ext [A ] 104. c:\windows\system32\hticons.dll Hilgraeve, Inc. HyperTerminal Applet Library .text,.data,.rsrc,.reloc, Fusion Cache [AM] 99. c:\windows\system32\mscoree.dll Microsoft Corporation Microsoft .NET Runtime Execution Engine .text,.data,.rsrc,.reloc, 6A 0C 68 B8 21 17 79 E8 84 FF FF FF 33 C0 40 89 Portable Media Devices [A ] 105. c:\windows\system32\audiodev.dll Microsoft Corporation 便携媒体设备命令行解释器扩展 .text,.data,.rsrc,.reloc, 8B FF 55 8B EC 53 8B 5D 08 56 8B 75 0C 85 F6 57 Portable Media Devices Menu [A ] 105. c:\windows\system32\audiodev.dll Microsoft Corporation 便携媒体设备命令行解释器扩展 .text,.data,.rsrc,.reloc, 8B FF 55 8B EC 53 8B 5D 08 56 8B 75 0C 85 F6 57 My Bluetooth Places [A ] 106. c:\windows\system32\btneighborhood.dll Broadcom Corporation. BTNeighborhood DLL .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 Catalyst Context Menu extension [AM] 107. c:\program files\ati technologies\ati.ace\atiacmxx.dll ACE Context Menu .text,.rdata,.data,.rsrc,.reloc, 8B FF 55 8B EC 53 8B 5D 08 56 8B 75 0C 85 F6 57 SafeGuard PrivateDisk extension [A ] 108. c:\program files\ibm thinkvantage\safeguard privatedisk\pdshell.dll Utimaco Safeware AG SafeGuard PrivateDisk Shell Extension DLL .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 Microsoft Office HTML Icon Handler [A ] 109. c:\program files\microsoft office\office11\msohev.dll Microsoft Corporation Microsoft Office 2003 component .text,.data,.rsrc,.reloc, 6A 0C 68 A8 41 5C 32 E8 B5 00 00 00 33 C0 40 89 Web Folders [A ] 110. c:\program files\common files\microsoft shared\web folders\msonsext.dll Microsoft Corporation Microsoft Web Folders .text,.data,.rsrc,.reloc, 6A 0C 68 B0 AC 0A 49 E8 DA 00 00 00 33 C0 40 89 Microsoft Office Outlook Custom Icon Handler [A ] 111. c:\program files\microsoft office\office11\olkfstub.dll Microsoft Corporation Outlook Shell Hook for Start/Find .text,.data,.rsrc,.reloc, 6A 0C 68 E0 1B 75 35 E8 FC 01 00 00 33 C0 40 89 Microsoft Office Outlook Desktop Icon Handler [A ] 112. c:\program files\microsoft office\office11\mlshext.dll Microsoft Corporation Microsoft Shell Extension Library .text,.data,.cdata,.rsrc,.reloc, 6A 0C 68 98 13 A2 35 E8 10 02 00 00 33 C0 40 89 WinRAR shell extension [A ] 113. d:\program files\winrar\rarext.dll .text,.data,.tls,.idata,.edata,.rsrc,.reloc, RISING [AM] 114. c:\windows\system32\ravext.dll Beijing Rising Technology Co., Ltd. Rising Shell Ext Module .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks {32CD708B-60A7-4C00-9377-D73EAA495F0F} [AM] 114. c:\windows\system32\ravext.dll Beijing Rising Technology Co., Ltd. Rising Shell Ext Module
最后一片树叶初生襁褓狮帖子:13 注册: 2007-07-09 来自:

最后一片树叶初生襁褓狮帖子:13 注册: 2007-07-09 来自:	发表于： 2007-07-09 11:42 \| 显示全部短消息资料字号：小中大 8楼 .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 {AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A} [AM] 115. c:\windows\system32\shlhook.dll Beijing Rising Technology Co., Ltd. shlhook Module .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 + Logon + HKCU\Software\Microsoft\Windows\CurrentVersion\Run swg [AM] 116. c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe Google Inc. GoogleToolbarNotifier .text,.rdata,.data,.rsrc, + HKLM\Software\Microsoft\Windows\CurrentVersion\Run TpShocks [AM] 117. c:\windows\system32\tpshocks.exe Lenovo, Ltd. and IBM Corporation. ThinkVantage Active Protection System .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 40 92 40 00 68 E4 4A 40 00 64 TP4EX [A ] 118. c:\windows\system32\tp4ex.exe Lenovo Group Limited TrackPoint Accessibility Features .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 68 71 40 00 68 40 42 40 00 64 EZEJMNAP [AM] 119. c:\program files\thinkpad\utilities\ezejmnap.exe Lenovo Group Limited ThinkPad EasyEject Support Application .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 50 99 42 00 68 24 18 41 00 64 TPHOTKEY [AM] 120. c:\program files\lenovo\pkgmgr\hotkey\tphkmgr.exe .text,.rdata,.data, 55 8B EC 6A FF 68 18 F2 40 00 68 84 C1 40 00 64 文件名和"taskmgr.exe"类似 SynTPLpr [AM] 121. c:\program files\synaptics\syntp\syntplpr.exe Synaptics, Inc. TouchPad Driver Helper Application .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 90 C3 40 00 68 14 8D 40 00 64 SynTPEnh [AM] 122. c:\program files\synaptics\syntp\syntpenh.exe Synaptics, Inc. Synaptics TouchPad Enhancements .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 48 DF 44 00 68 A4 46 44 00 64 SoundMAXPnP [AM] 123. c:\program files\analog devices\core\smax4pnp.exe Analog Devices, Inc. SMax4PNP .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 B0 9F 41 00 68 E0 5B 41 00 64 ATICCC [AM] 124. c:\program files\ati technologies\ati.ace\cli.exe ATI Technologies Inc. CLI Application (Command Line Interface) .text,.rsrc,.reloc, LPManager [AM] 125. c:\program files\thinkvantage\prdctr\lpmgr.exe Lenovo Group Limited ThinkVantage Productivity Center Manager .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 00 EA 40 00 68 70 C4 40 00 64 AMSG [AM] 126. c:\program files\thinkvantage\amsg\amsg.exe LENOVO Message Center .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 48 09 45 00 68 18 95 42 00 64 cssauth [AM] 127. c:\program files\ibm thinkvantage\client security solution\cssauth.exe Lenovo Group Limited cssauth .text,.rdata,.data,.data1,.rsrc, 6A 60 68 10 7C 58 00 E8 D7 2A 00 00 BF 94 00 00 PDService.exe [AM] 128. c:\program files\ibm thinkvantage\safeguard privatedisk\pdservice.exe Utimaco Safeware AG PrivateDisk Service .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 38 57 40 1C 68 12 47 40 1C 64 Picasa Media Detector [A ] 129. c:\program files\picasa2\picasamediadetector.exe Google Inc. Picasa .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 60 36 43 00 68 A8 D4 40 00 64 DiskeeperSystray [A ] 130. c:\program files\diskeeper corporation\diskeeper\dkicon.exe Diskeeper Corporation DKICON.EXE .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 A0 D5 41 00 68 68 E7 40 00 64 ACTray [AM] 131. c:\program files\thinkpad\connectutilities\actray.exe Lenovo ThinkVantage Access Connections Status Icon .text,.rdata,.data,.rsrc, 6A 74 68 68 8A 40 00 E8 EE 03 00 00 33 FF 89 7D ACWLIcon [AM] 132. c:\program files\thinkpad\connectutilities\acwlicon.exe Lenovo ThinkVantage Access Connections Wireless Status Icon .text,.rdata,.data,.rsrc, 6A 74 68 18 DF 40 00 E8 8D 05 00 00 33 FF 89 7D BigDog303 [AM] 133. c:\windows\vm303_sti.exe Vimicro Vimicro .text,.rdata,.data,.sxdata,.rsrc, 6A 60 68 70 82 40 00 E8 E1 1D 00 00 83 65 FC 00 runeip [AM] 134. c:\program files\rising\antispyware\runiep.exe Beijing Rising Technology Co., Ltd. Rising AntiSpyware Monitor .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 E0 6B 40 00 68 40 52 40 00 64 RavTask [A ] 135. d:\program files\rising\rav\ravtask.exe Beijing Rising Technology Co., Ltd. RavTimer .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 50 E3 40 00 68 D4 90 40 00 64 RfwMain [AM] 136. d:\program files\rising\rfw\rfwmain.exe Beijing Rising Technology Co., Ltd. Rising Personal FireWall Main Program .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 38 EB 41 00 68 20 B0 41 00 64 + HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run MSDMG32 [A ] 137. c:\windows\system32\lyloadmr.exe VL橸谚?_Y??G,QV?褤瑒, + Boot Execute + HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order BootExecute [A ] 138. c:\windows\system32\bsmain.exe Beijing Rising Technology Co., Ltd. BootScan .text,.data,.rsrc,.reloc, 55 8B EC 6A FF 68 F0 27 00 01 68 74 9E 00 01 64 + Image Hijacks + HKCR\.html htmlfile\Edit\Command [A ] 139. c:\program files\microsoft office\office11\msohtmed.exe Microsoft Corporation Microsoft Office 2003 component .text,.data,.rsrc, 6A 74 68 58 26 00 30 E8 A8 FF FF FF 33 DB 89 5D htmlfile\open\Command [A ] 140. d:\program files\tencent\tt\ttraveler.exe 腾讯公司 Tencent Traveler .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 E0 10 5A 00 68 EC 37 55 00 64 htmlfile\Print\Command [A ] 139. c:\program files\microsoft office\office11\msohtmed.exe Microsoft Corporation Microsoft Office 2003 component .text,.data,.rsrc, 6A 74 68 58 26 00 30 E8 A8 FF FF FF 33 DB 89 5D htmlfile\TencentTraveler\Command [A ] 140. d:\program files\tencent\tt\ttraveler.exe 腾讯公司 Tencent Traveler .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 E0 10 5A 00 68 EC 37 55 00 64 + HKCR\.htm htmlfile\Edit\Command [A ] 139. c:\program files\microsoft office\office11\msohtmed.exe Microsoft Corporation Microsoft Office 2003 component .text,.data,.rsrc, 6A 74 68 58 26 00 30 E8 A8 FF FF FF 33 DB 89 5D htmlfile\open\Command [A ] 140. d:\program files\tencent\tt\ttraveler.exe 腾讯公司 Tencent Traveler .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 E0 10 5A 00 68 EC 37 55 00 64 htmlfile\Print\Command [A ] 139. c:\program files\microsoft office\office11\msohtmed.exe Microsoft Corporation Microsoft Office 2003 component .text,.data,.rsrc, 6A 74 68 58 26 00 30 E8 A8 FF FF FF 33 DB 89 5D htmlfile\TencentTraveler\Command [A ] 140. d:\program files\tencent\tt\ttraveler.exe
最后一片树叶初生襁褓狮帖子:13 注册: 2007-07-09 来自:

最后一片树叶初生襁褓狮帖子:13 注册: 2007-07-09 来自:	发表于： 2007-07-09 11:43 \| 显示全部短消息资料字号：小中大 9楼腾讯公司 Tencent Traveler .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 E0 10 5A 00 68 EC 37 55 00 64 + Print Monitor + HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors Bluetooth 打印机端口 [AM] 141. c:\windows\system32\bthcrp.dll Broadcom Corporation. bthcrp DLL .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 hpzsnt10 [AM] 142. c:\windows\system32\hpzsnt10.dll HP .text,.rdata,.data,.idata,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 + LSA Providers + HKLM\SYSTEM\CurrentControlSet\Control\Lsa Notification Packages [AM] 87. c:\windows\system32\psqlpwd.dll UPEK Inc. Logon stub .text,.rdata,.data,.rsrc,.reloc, 6A 0C 68 E8 71 40 31 E8 F5 04 00 00 33 C0 40 89 [AM] 143. c:\program files\ibm thinkvantage\client security solution\csspwntfy.dll Lenovo Group Limited Password change notification .text,.rdata,.data,.data1,.rsrc,.reloc, 6A 0C 68 D8 9D 0E 10 E8 45 28 00 00 33 C0 40 89 + 其他自启动项目 + C:\Documents and Settings\Owner\「开始」菜单\程序\启动腾讯QQ.lnk [A ] 144. d:\qqdownload\qq2007\qq\qq.exe TENCENT QQ .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 D0 63 53 00 68 48 EF 48 00 64 + C:\Documents and Settings\All Users\「开始」菜单\程序\启动 Adobe Reader Speed Launch.lnk [AM] 145. c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe Adobe Systems Incorporated Adobe Acrobat SpeedLauncher .text,.rdata,.data,.rsrc, 6A 74 68 48 67 40 00 E8 08 02 00 00 33 DB 89 5D Digital Line Detect.lnk [AM] 146. c:\program files\digital line detect\dlg.exe BVRP Software Digital Line Detection .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 58 31 40 00 68 B0 27 40 00 64 蓝牙控制盘.lnk [AM] 147. c:\program files\thinkpad\bluetooth software\bttray.exe Broadcom Corporation. Bluetooth Tray Application .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 58 F5 45 00 68 8C 49 45 00 64 + C:\WINDOWS\Tasks PMTask.job [A ] 148. c:\program files\thinkpad\utilities\pwmidtsk.exe .text,.rdata,.data, 55 8B EC 6A FF 68 68 34 40 00 68 E0 2B 40 00 64 + 系统活动模块 + 00000090(144) ibmtcsd.exe 00400000[000B0000] [AM] 23. c:\program files\ibm thinkvantage\client security solution\ibmtcsd.exe IBM ibmtcsd Application .text,.rdata,.data,.rsrc, 6A 18 68 98 09 4A 00 E8 FD 05 00 00 BF 94 00 00 10000000[0001A000] [ M] 149. c:\windows\system32\tpmddl.dll Atmel, Inc. Atmel TDDL (x86) .text,.rdata,.data,.rsrc,.reloc, 6A 0C 68 D8 40 01 10 E8 1D 17 00 00 33 C0 40 89 + 000000a4(164) rrservice.exe 00400000[00167000] [AM] 24. c:\program files\ibm thinkvantage\rescue and recovery\rrservice.exe rrservice Module .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 D8 76 43 00 68 32 0F 41 00 64 10000000[000A6000] [ M] 150. c:\program files\ibm thinkvantage\rescue and recovery\rr_res.dll Language DLL .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 00370000[00045000] [ M] 151. c:\program files\ibm thinkvantage\rescue and recovery\pui.dll International Business Machines Corporation pui DLL .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 003C0000[00029000] [ M] 152. c:\program files\ibm thinkvantage\rescue and recovery\ui.dll ui DLL .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 00570000[00026000] [ M] 153. c:\program files\ibm thinkvantage\rescue and recovery\cdrecord.dll .text,.rdata,.data,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 005A0000[00011000] [ M] 154. c:\program files\ibm thinkvantage\rescue and recovery\zlib.dll zlib data compression library .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 01240000[00023000] [ M] 155. c:\windows\system32\prochlp.dll Lenovo Group Limited IPS Helper DLL .text,.rdata,.data,._PROCHL,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 01270000[0001B000] [AM] 114. c:\windows\system32\ravext.dll Beijing Rising Technology Co., Ltd. Rising Shell Ext Module .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 012A0000[00011000] [AM] 115. c:\windows\system32\shlhook.dll Beijing Rising Technology Co., Ltd. shlhook Module .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 + 00000198(408) spoolsv.exe 10000000[0001C000] [AM] 141. c:\windows\system32\bthcrp.dll Broadcom Corporation. bthcrp DLL .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 00EA0000[000FB000] [ M] 156. c:\windows\system32\widcommsdk.dll Broadcom Corporation. WidcommSdk DLL .text,.rdata,.data,.idata,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 01010000[000CB000] [ M] 157. c:\windows\system32\wbtapi.dll Broadcom Corporation. WBTApi DLL .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 00FA0000[0002E000] [AM] 142. c:\windows\system32\hpzsnt10.dll HP .text,.rdata,.data,.idata,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 + 000001d8(472) svchost.exe
最后一片树叶初生襁褓狮帖子:13 注册: 2007-07-09 来自:

最后一片树叶初生襁褓狮帖子:13 注册: 2007-07-09 来自:	发表于： 2007-07-09 11:44 \| 显示全部短消息资料字号：小中大 10楼 + 00000218(536) IPSSVC.EXE 00400000[00013000] [AM] 13. c:\windows\system32\ipssvc.exe Lenovo Group Limited IPS Core Service .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 E0 B5 40 00 68 E0 5C 40 00 64 10000000[00023000] [ M] 155. c:\windows\system32\prochlp.dll Lenovo Group Limited IPS Helper DLL .text,.rdata,.data,._PROCHL,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 00B00000[00022000] [ M] 158. c:\program files\lenovo\awaytask\awaydb.dll Lenovo Group Limited AWAYDB DLL .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 + 00000228(552) AcPrfMgrSvc.exe 00400000[0000A000] [AM] 1. c:\program files\thinkpad\connectutilities\acprfmgrsvc.exe .text,.rdata,.data, 6A 28 68 C8 6A 40 00 E8 FA 01 00 00 33 FF 57 FF 0A000000[00025000] [ M] 159. c:\program files\thinkpad\connectutilities\aclocsettings.dll .text,.rdata,.data,.reloc, 6A 0C 68 F8 41 01 0A E8 F1 00 00 00 33 C0 40 89 7C3A0000[0007B000] [ M] 160. c:\windows\system32\msvcp71.dll Microsoft Corporation Microsoft? C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 6A 0C 68 E8 1C 3D 7C E8 EB EA FF FF 33 C0 40 89 7C340000[00056000] [ M] 161. c:\windows\system32\msvcr71.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 8B 45 0C 83 F8 01 56 57 0F 84 50 FB FF 08000000[00023000] [ M] 162. c:\program files\thinkpad\connectutilities\acprfmgr.dll .text,.rdata,.data,.reloc, 6A 0C 68 90 6F 01 08 E8 15 02 00 00 33 C0 40 89 10000000[00013000] [ M] 163. c:\program files\thinkpad\connectutilities\accrypthlpr.dll .text,.rdata,.data,.SlNum,.reloc, 6A 0C 68 A0 E5 00 10 E8 EA 01 00 00 33 C0 40 89 00370000[00012000] [ M] 164. c:\program files\thinkpad\connectutilities\achelper.dll .text,.rdata,.data,.reloc, 6A 0C 68 10 AE 00 10 E8 4B 01 00 00 33 C0 40 89 09000000[0007C000] [ M] 165. c:\program files\thinkpad\connectutilities\acon.dll .text,.rdata,.data,.reloc, 6A 0C 68 48 D7 05 09 E8 DE 00 00 00 33 C0 40 89 00390000[00005000] [ M] 166. c:\program files\thinkpad\connectutilities\acturinsupport.dll .text,.rdata,.data,.reloc, 00DF0000[0001C000] [ M] 167. c:\program files\thinkpad\connectutilities\aclocmigrator.dll .text,.rdata,.data,.reloc, 6A 0C 68 50 39 01 10 E8 E4 00 00 00 33 C0 40 89 00E10000[00017000] [ M] 168. c:\program files\thinkpad\connectutilities\thinqcon.dll .text,.rdata,.data,.QconDll,.reloc, 6A 0C 68 B0 2E 01 10 E8 95 01 00 00 33 C0 40 89 + 00000250(592) btwdins.exe 00400000[00058000] [AM] 7. c:\program files\thinkpad\bluetooth software\bin\btwdins.exe Broadcom Corporation. Bluetooth Support Server .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 58 A1 42 00 68 18 97 41 00 64 + 00000264(612) DkService.exe 00400000[000BE000] [AM] 8. c:\program files\diskeeper corporation\diskeeper\dkservice.exe Diskeeper Corporation DKSERVICE.EXE .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 10 B4 47 00 68 C0 3B 46 00 64 10000000[00034000] [ M] 169. c:\program files\diskeeper corporation\diskeeper\dklib.dll Diskeeper Corporation DKLIB.LIB .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 00370000[00017000] [ M] 170. c:\program files\diskeeper corporation\diskeeper\tab.dll Executive Software International, Inc. TAB .text,.rdata,.data,.sign,.rsrc,.reloc, 6A 0C 68 50 02 01 10 E8 46 01 00 00 33 C0 40 89 7C340000[00056000] [ M] 171. c:\program files\diskeeper corporation\diskeeper\msvcr71.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 8B 45 0C 83 F8 01 56 57 0F 84 50 FB FF 00390000[00008000] [ M] 172. c:\program files\diskeeper corporation\diskeeper\getfatextents.dll Diskeeper Corporation GETFATEXTENTS.DLL .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 4B4F0000[00006000] [ M] 173. c:\windows\system32\odbcbcp.dll Microsoft Corporation Microsoft BCP for ODBC .text,.data,.rsrc,.reloc, 8B FF 55 8B EC 53 8B 5D 08 56 8B 75 0C 85 F6 57 009C0000[0008C000] [ M] 174. c:\program files\diskeeper corporation\diskeeper\2052\dkres.dll Diskeeper Corporation DKRES.DLL .text,.rdata,.data,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 00EE0000[00017000] [ M] 175. c:\program files\diskeeper corporation\diskeeper\dktabprovider.dll Diskeeper Corporation DKTABPROVIDER.EXE .text,.rdata,.data,.sign,.rsrc,.reloc, 55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85 + 000002cc(716) RegSrvc.exe 00400000[00038000] [AM] 15. c:\program files\intel\wireless\bin\regsrvc.exe Intel Corporation Intel(R) PROSet/Wireless Registry Service .text,.rdata,.data,.rsrc, 55 8B EC 6A FF 68 A0 6B 42 00 68 A0 AA 40 00 64 + 000002d8(728) reader_sl.exe 00400000[0000A000] [AM] 145. c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe Adobe Systems Incorporated Adobe Acrobat SpeedLauncher .text,.rdata,.data,.rsrc, 6A 74 68 48 67 40 00 E8 08 02 00 00 33 DB 89 5D 7C3A0000[0007B000]
最后一片树叶初生襁褓狮帖子:13 注册: 2007-07-09 来自:

<<上一主题|下一主题>>

12

1 / 2 页

跳转页

页面顶部

Powered by Discuz!NT