菜鸟求救:不知道为什么系统变得好慢..有日志 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛菜鸟求救:不知道为什么系统变得好慢..有日志

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

菜鸟求救:不知道为什么系统变得好慢..有日志

lukare 初生襁褓狮帖子:18 注册: 2007-07-31 来自:	发表于： 2007-07-31 10:27 \| 显示全部短消息资料字号：小中大 1楼菜鸟求救:不知道为什么系统变得好慢..有日志第一次扫日志..不知道对不对.. 日志文件: 趋势科技 HijackThis v2.0.0 (BETA) 保存时间: 10:13:26, on 2007-7-31 操作系统: Windows XP SP2 (WinNT 5.01.2600) 启动模式: 正常正在运行的进程: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Rising\Rav\CCenter.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Rising\Rav\Ravmond.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Rising\Rav\RavStub.exe C:\Program Files\Rising\Rav\RavTask.exe C:\Program Files\Rising\Rav\Ravmon.exe C:\WINDOWS\system32\ctfmon.exe F:\Program Files\TTPlayer\TTPlayer.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\ChinaNet\VnetClient.exe C:\Documents and Settings\Administrator\桌面\HiJackThis_v2.exe F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll (file missing) O2 - BHO: AddTask Class - {24F06550-65E3-4D1C-8CFE-839C296B5530} - D:\动漫\新建文件夹 (2)\eREAD6.0\IEeREAD.dll (file missing) O2 - BHO: VnetCookie Class - {4E83D567-4697-4F7B-B1F0-A513B01DB89A} - c:\PROGRA~1\chinanet\VNETTR~1.DLL O2 - BHO: AddTask Class - {6A19C29D-ED45-4483-8999-9F939C8161F2} - D:\动漫\新建文件夹 (2)\eREAD6.0\WebHook.dll (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - 工具栏: IE搜索工具条 - {BE830FD4-E393-417F-9F4B-CC70ABB3384C} - C:\WINDOWS\system32\IETool.dll (file missing) O3 - 工具栏: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system O4 - HKLM\..\Run: [switch] c:\windows\system32\壁纸自动换.exe O4 - HKLM\..\RunOnce: [RavStub] "C:\Program Files\Rising\Rav\ravstub.exe" /RUNONCE O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Policies\Explorer\Run: [333] C:\Syswm1j\svchost.exe O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user') O8 - 扩展右键菜单项: Google 搜索(&G) - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - 扩展右键菜单项: 上传到QQ网络硬盘 - C:\Program Files\Tencent\QQ\AddToNetDisk.htm O8 - 扩展右键菜单项: 反向链接 - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - 扩展右键菜单项: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - 扩展右键菜单项: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm O8 - 扩展右键菜单项: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm O8 - 扩展右键菜单项: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm O8 - 扩展右键菜单项: 类似网页 - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O8 - 扩展右键菜单项: 缓存的网页快照 - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O8 - 扩展右键菜单项: 翻译英文字词(&T) - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html O9 - Extra button: (未命名) - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - (没有文件) O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE O16 - DPF: {20C2C286-BDE8-441B-B73D-AFA22D914DA5} - http://download.ppstream.com/bin/powerplayer.cab O16 - DPF: {2375BEE5-F175-4F1C-81EC-8E4E2E72E2DD} (PhotoDraw Class) - http://qz-photo.qq.com/qzone_v4/QzoneMediaTools.cab O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (CEditCtrl Object) - https://img.alipay.com/download/1009/aliedit.cab O16 - DPF: {8686F2A6-DC01-4E8F-BDE3-DCC7DBBAD6AE} (163Uploader Control) - http://photo.163.com/163Uploader.cab O16 - DPF: {C09B522F-8AED-4E21-A65C-DC1AB652BAEE} (Tencent Safety Online Base Module) - http://safe.qq.com/cgi-bin/tso/TSOBase.ocx O16 - DPF: {EF6205C1-3F17-4829-BCB5-1336ED89E356} (KvScanOnline Control) - http://online.jiangmin.com/KvDown.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{94B1044F-2F5E-4215-B59C-7B8275489BFD}: NameServer = 202.96.128.166 202.96.128.86 O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll O18 - Protocol: cdl - {3DD53D40-7B8B-11D0-B013-00AA0059CE02} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll O18 - Protocol: file - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: ftp - {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: gopher - {79EAC9E4-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: http - {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: https - {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: ipp - (无 CLSID) - (没有文件) O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll O18 - Protocol: local - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: mailto - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll O18 - Protocol: mhtml - {05300401-BCBC-11D0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll O18 - Protocol: mk - {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll O18 - Protocol: msdaipp - (无 CLSID) - (没有文件) O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll O18 - Protocol: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll O18 - Protocol: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll O22 - SharedTaskScheduler: Browseui 预加载程序 - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: 组件类别缓存程序 - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: AVG Anti-Spyware Guard - Unknown owner - D:\动漫\新建文件夹 (2)\AVG Anti-Spyware\guard.exe (file missing) O23 - Service: PigeonServer - Unknown owner - C:\WINDOWS\system32\msinc3.exe O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe O23 - Service: Rising RealTime Monitor (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe -- 文件结束 - 7096 字节 [用户系统信息]Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) 2007-07-31 11:09:25
lukare 初生襁褓狮帖子:18 注册: 2007-07-31 来自:	分享到：

lukare 初生襁褓狮帖子:18 注册: 2007-07-31 来自:	发表于： 2007-07-31 10:59 \| 显示全部短消息资料字号：小中大 2楼瑞星卡卡电脑诊断日志 v1.30 (2007-7-31 10:42:26) 北京瑞星科技股份有限公司注释:[A]表示该文件存在自启动关联; [M]表示该文件在内存中; + 注册表自运行项目 + 系统服务 + HKLM\System\CurrentControlSet\Services ose [A ] 1. c:\program files\common files\microsoft shared\source engine\ose.exe Microsoft Corporation Office Source Engine .text,.data,.rsrc, PigeonServer [A ] 2. c:\windows\system32\msinc3.exe CODE,DATA,BSS,.idata,.tls,.rdata,.reloc,.rsrc,.MaskPE,pep,.Mybr, 入口点在最后一个节; RsCCenter [A ] 3. c:\program files\rising\rav\ccenter.exe Beijing Rising Technology Co., Ltd. CCenter .text,.rdata,.data,.rsrc, RsRavMon [A ] 4. c:\program files\rising\rav\ravmond.exe Beijing Rising Technology Co., Ltd. RavMond .text,.rdata,.data,.rsrc, UMWdf [AM] 5. c:\windows\system32\wdfmgr.exe Microsoft Corporation Windows User Mode Driver Manager .text,.data,.rsrc, + 内核驱动 + HKLM\System\CurrentControlSet\Services aeaudio [A ] 6. c:\windows\system32\drivers\aeaudio.sys Andrea Electronics Corporation Andrea Audio Noise Cancellation Driver .text,.rdata,.data,.data1,PAGE,INIT,.rsrc,.reloc, ALCXWDM [A ] 7. c:\windows\system32\drivers\alcxwdm.sys AmdK8 [A ] 8. c:\windows\system32\drivers\amdk8.sys Advanced Micro Devices AMD Processor Driver .text,.rdata,.data,PAGE,PAGELK,INIT,.rsrc,.reloc, BaseTDI [A ] 9. c:\windows\system32\drivers\basetdi.sys Beijing Rising Technology Co., Ltd. basetdi .text,.rdata,.data,INIT,.rsrc,.reloc, ExpScaner [A ] 10. c:\program files\rising\rav\expscan.sys ExpScan.sys .text,.rdata,.data,INIT,.rsrc,.reloc, HookCont [A ] 11. c:\program files\rising\rav\hookcont.sys Rising HookCont .text,.rdata,.data,INIT,.rsrc,.reloc, HookReg [A ] 12. c:\program files\rising\rav\hookreg.sys .text,.rdata,.data,INIT,.rsrc,.reloc, HookSys [A ] 13. c:\program files\rising\rav\hooksys.sys Rising Hooksys .text,.rdata,.data,INIT,.rsrc,.reloc, ialm [A ] 14. c:\windows\system32\drivers\ialmnt5.sys Intel Corporation Intel Graphics Miniport Driver .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, kdpfmjj [A ] 15. c:\windows\system32\drivers\kdpfmjj.sys 北京三七二一科技有限公司 sys 应用程序 .text,.rdata,.data,INIT,.rsrc,.reloc, kmsinput [A ] 16. c:\windows\system32\drivers\kmsinput.sys .text,.data,INIT,.reloc, MEMSCAN [A ] 17. c:\program files\rising\rav\memscan.sys 瑞星软件有限公司 MemScan Driver .text,.rdata,.data,INIT,.rsrc,.reloc, NPF [A ] 18. c:\windows\system32\drivers\npf.sys Politecnico di Torino NPF Driver - TME extensions .text,.rdata,.data,INIT,.rsrc,.reloc, npkcrypt [A ] 19. c:\program files\tencent\qq\npkcrypt.sys INCA Internet Co., Ltd. nProtect KeyCrypt Driver .text,.rdata,.data,INIT,.rsrc,.reloc, pvjmpnq [A ] 20. c:\windows\system32\drivers\pvjmpnq.sys .text,.rdata,.data,INIT,.rsrc,.reloc, RsAntiSpyware [A ] 21. c:\windows\system32\drivers\rsboot.sys Beijing Rising Technology Co., Ltd. Anti-RootKit Driver .text,.rdata,.data,INIT,.rsrc,.reloc, RsNTGDI [A ] 22. c:\windows\system32\drivers\rsntgdi.sys Beijing Rising Technology Co., Ltd. RsNTGDI .text,.rdata,INIT,.rsrc,.reloc, RSPPSYS [A ] 23. c:\program files\rising\rav\rsppsys.sys Rising RSPPSYS.SYS .text,.rdata,.data,INIT,.rsrc,.reloc, RTL8023xp [A ] 24. c:\windows\system32\drivers\rtnicxp.sys Realtek Semiconductor Corporation Realtek 10/100/1000 NDIS 5.1 Driver .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, Secdrv [A ] 25. c:\windows\system32\drivers\secdrv.sys .text,.data,INIT,.reloc, SiS7012 [A ] 26. c:\windows\system32\drivers\sis7012.sys Silicon Integrated Systems Corporation SiS 7012 Audio Device WDM Driver .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, SiSkp [A ] 27. c:\windows\system32\drivers\srvkp.sys Silicon Integrated Systems Corporation SiS VGA Driver Manager .text,.rdata,.data,INIT,.rsrc,.reloc, SISNICXP [A ] 28. c:\windows\system32\drivers\sisnicxp.sys SiS Corporation SiS PCI Fast Ethernet Adapter Driver .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, smwdm [A ] 29. c:\windows\system32\drivers\smwdm.sys Analog Devices, Inc. SoundMAX Integrated Digital Audio .text,_LTEXT,_PTEXT,.rdata,.data,_LDATA,_PDATA,.data1,.CRT,PAGE,PAGED,INIT,.rsrc,.reloc, + 文件系统驱动 + HKLM\System\CurrentControlSet\Services ADProt [A ] 30. c:\windows\system32\drivers\adprot.sys 腾讯科技（深圳）有限公司 SSProt .text,.rdata,.data,INIT,.rsrc,.reloc,
lukare 初生襁褓狮帖子:18 注册: 2007-07-31 来自:

lukare 初生襁褓狮帖子:18 注册: 2007-07-31 来自:	发表于： 2007-07-31 10:59 \| 显示全部短消息资料字号：小中大 3楼 + 系统登陆自运行 + HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify igfxcui [A ] 31. c:\windows\system32\igfxsrvc.dll Intel Corporation igfxsrvc Module .text,.rdata,.data,.rsrc,.reloc, WgaLogon [AM] 32. c:\windows\system32\wgalogon.dll Microsoft Corporation Windows 正版增值计划通知 .text,.data,.rsrc,.reloc, + IE浏览器加载模块 + HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar {2318C2B1-4965-11d4-9B18-009027A5CD4F} [AM] 33. c:\program files\google\googletoolbar1.dll Google Inc. Google IE 客户端工具栏 .text,.rdata,.data,.rsrc,.reloc, + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects {4E83D567-4697-4F7B-B1F0-A513B01DB89A} [AM] 34. c:\program files\chinanet\vnettransfer.dll VnetTransfer Module .text,.rdata,.data,.rsrc,.reloc, {AA58ED58-01DD-4d91-8333-CF10577473F7} [AM] 33. c:\program files\google\googletoolbar1.dll Google Inc. Google IE 客户端工具栏 .text,.rdata,.data,.rsrc,.reloc, + HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions Exec [A ] 35. c:\program files\tencent\qq\qq.exe TENCENT QQ .text,.rdata,.data,.rsrc, + 资源管理器加载模块 + HKLM\SOFTWARE\Classes\PROTOCOLS\Filter text/xml [AM] 36. c:\program files\common files\microsoft shared\office11\msoxmlmf.dll Microsoft Corporation Microsoft Office XML MIME Filter .text,.data,.rsrc,.reloc, + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved HyperTerminal Icon Ext [A ] 37. c:\windows\system32\hticons.dll Hilgraeve, Inc. HyperTerminal Applet Library .text,.data,.rsrc,.reloc, WinRAR shell extension [AM] 38. c:\program files\winrar\rarext.dll .text,.data,.tls,.idata,.edata,.rsrc,.reloc, Shell Extensions for RealOne Player [A ] 39. c:\program files\real\realplayer\rpshell.dll RealNetworks, Inc. RealPlayer Shell Extensions .text,.rdata,.data,.rsrc,.reloc, Microsoft Office HTML Icon Handler [AM] 40. c:\program files\microsoft office\office11\msohev.dll Microsoft Corporation Microsoft Office 2003 component .text,.data,.rsrc,.reloc, Web Folders [A ] 41. c:\program files\common files\microsoft shared\web folders\msonsext.dll Microsoft Corporation Microsoft Web Folders .text,.data,.rsrc,.reloc,
lukare 初生襁褓狮帖子:18 注册: 2007-07-31 来自:

lukare 初生襁褓狮帖子:18 注册: 2007-07-31 来自:	发表于： 2007-07-31 11:00 \| 显示全部短消息资料字号：小中大 4楼 Portable Media Devices [A ] 42. c:\windows\system32\audiodev.dll Microsoft Corporation 便携媒体设备命令行解释器扩展 .text,.data,.rsrc,.reloc, Portable Media Devices Menu [A ] 42. c:\windows\system32\audiodev.dll Microsoft Corporation 便携媒体设备命令行解释器扩展 .text,.data,.rsrc,.reloc, RISING [AM] 43. c:\windows\system32\ravext.dll Beijing Rising Technology Co., Ltd. Rising Shell Ext Module .text,.rdata,.data,.rsrc,.reloc, + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks {32CD708B-60A7-4C00-9377-D73EAA495F0F} [AM] 43. c:\windows\system32\ravext.dll Beijing Rising Technology Co., Ltd. Rising Shell Ext Module .text,.rdata,.data,.rsrc,.reloc, {AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A} [AM] 44. c:\windows\system32\shlhook.dll Beijing Rising Technology Co., Ltd. shlhook Module .text,.rdata,.data,.rsrc,.reloc, + 用户登陆自运行项目 + HKLM\Software\Microsoft\Windows\CurrentVersion\Run RavTask [A ] 45. c:\program files\rising\rav\ravtask.exe Beijing Rising Technology Co., Ltd. RavTimer .text,.rdata,.data,.rsrc, switch [A ] 46. c:\windows\system32\壁纸自动换.exe .text,.data,.rsrc, runeip [AM] 47. d:\动漫\新建文件夹 (2)\新建文件夹\runiep.exe Beijing Rising Technology Co., Ltd. Rising AntiSpyware Monitor .text,.rdata,.data,.rsrc, + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce RavStub [AM] 48. c:\program files\rising\rav\ravstub.exe Beijing Rising Technology Co., Ltd. Rising RavStub .text,.rdata,.data,.rsrc, KKDelay [A ] 49. d:\动漫\新建文件夹 (2)\新建文件夹\runonce.exe Beijing Rising Technology Co., Ltd. RunOnce Application .text,.rdata,.data,.rsrc, + 开机执行 + HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order BootExecute [A ] 50. c:\windows\system32\bsmain.exe Beijing Rising Technology Co., Ltd. BootScan .text,.data,.rsrc,.reloc, [A ] 51. c:\windows\system32\kknative.exe Beijing Rising Technology Co., Ltd. NativeAp .text,.data,.rsrc,.reloc, + 映像劫持 + HKCR\.html htmlfile\Edit\Command [A ] 52. c:\program files\microsoft office\office11\msohtmed.exe Microsoft Corporation Microsoft Office 2003 component .text,.data,.rsrc, htmlfile\open\Command [A ] 53. c:\program files\tencent\tt\ttraveler.exe 腾讯公司 Tencent Traveler .text,.rdata,.data,.rsrc, htmlfile\Print\Command [A ] 52. c:\program files\microsoft office\office11\msohtmed.exe Microsoft Corporation Microsoft Office 2003 component .text,.data,.rsrc, htmlfile\TencentTraveler\Command [A ] 53. c:\program files\tencent\tt\ttraveler.exe 腾讯公司 Tencent Traveler .text,.rdata,.data,.rsrc, + HKCR\.htm htmlfile\Edit\Command [A ] 52. c:\program files\microsoft office\office11\msohtmed.exe Microsoft Corporation Microsoft Office 2003 component .text,.data,.rsrc, htmlfile\open\Command [A ] 53. c:\program files\tencent\tt\ttraveler.exe 腾讯公司 Tencent Traveler .text,.rdata,.data,.rsrc,
lukare 初生襁褓狮帖子:18 注册: 2007-07-31 来自:

lukare 初生襁褓狮帖子:18 注册: 2007-07-31 来自:	发表于： 2007-07-31 11:00 \| 显示全部短消息资料字号：小中大 5楼 htmlfile\Print\Command [A ] 52. c:\program files\microsoft office\office11\msohtmed.exe Microsoft Corporation Microsoft Office 2003 component .text,.data,.rsrc, htmlfile\TencentTraveler\Command [A ] 53. c:\program files\tencent\tt\ttraveler.exe 腾讯公司 Tencent Traveler .text,.rdata,.data,.rsrc, + 正在运行的进程 + 00000070(112) alg.exe + 0000018c(396) ctfmon.exe 10000000[0001B000] [ M] 54. d:\动漫\新建文件夹 (2)\新建文件夹\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, + 000001ac(428) smss.exe + 000001f4(500) csrss.exe + 0000020c(524) winlogon.exe 011E0000[0003B000] [AM] 32. c:\windows\system32\wgalogon.dll Microsoft Corporation Windows 正版增值计划通知 .text,.data,.rsrc,.reloc, 72C80000[00008000] [ M] 55. c:\windows\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, + 00000238(568) services.exe + 00000244(580) lsass.exe + 000002d0(720) svchost.exe + 00000300(768) svchost.exe + 00000338(824) svchost.exe + 000003ac(940) svchost.exe + 0000045c(1116) svchost.exe + 00000470(1136) Explorer.EXE 10000000[0001B000] [AM] 43. c:\windows\system32\ravext.dll Beijing Rising Technology Co., Ltd. Rising Shell Ext Module .text,.rdata,.data,.rsrc,.reloc, 72C80000[00008000] [ M] 55. c:\windows\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, 01840000[0002C000] [AM] 38. c:\program files\winrar\rarext.dll .text,.data,.tls,.idata,.edata,.rsrc,.reloc, 23700000[0001A000] [ M] 56. c:\program files\rising\rav\rscommon.dll Beijing Rising Technology Co., Ltd. Rising Common Function Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01CB0000[0001B000] [ M] 54. d:\动漫\新建文件夹 (2)\新建文件夹\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, 024D0000[00011000] [AM] 44. c:\windows\system32\shlhook.dll Beijing Rising Technology Co., Ltd. shlhook Module .text,.rdata,.data,.rsrc,.reloc, + 00000528(1320) spoolsv.exe + 00000564(1380) RavStub.exe 00400000[00018000] [AM] 48. c:\program files\rising\rav\ravstub.exe Beijing Rising Technology Co., Ltd. Rising RavStub .text,.rdata,.data,.rsrc, 10000000[0001B000] [ M] 57. c:\program files\rising\rav\rscommx.dll rising RsCommX .text,.rdata,.data,.rsrc,.reloc, 23700000[0001A000] [ M] 56. c:\program files\rising\rav\rscommon.dll Beijing Rising Technology Co., Ltd. Rising Common Function Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, + 00000680(1664) wdfmgr.exe 01000000[0000C000] [AM] 5. c:\windows\system32\wdfmgr.exe Microsoft Corporation Windows User Mode Driver Manager .text,.data,.rsrc, + 00000748(1864) TTPlayer.exe 00400000[000E0000] [ M] 58. f:\program files\ttplayer\ttplayer.exe Alen Soft 千千静听 .text,.rdata,.data,.rsrc, 60000000[00055000] [ M] 59. f:\program files\ttplayer\ttpcomm.dll .text,text,.rdata,.data,.tls,.reloc, 6FF50000[0003F000] [ M] 60. f:\program files\ttplayer\ttpres.dll Alen Soft 千千静听 .rsrc,.reloc, 00C70000[00006000] [ M] 61. f:\program files\ttplayer\msdmo.dll Microsoft Corporation DMO Runtime .text,.data,.rsrc,.reloc, 10000000[0001B000] [ M] 54. d:\动漫\新建文件夹 (2)\新建文件夹\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, 60150000[0000D000] [ M] 62. f:\program files\ttplayer\addin\ttp_asf.dll .text,.rdata,.data,.rsrc,.reloc, 016C0000[0004B000] [ M] 63. f:\program files\ttplayer\addin\ttp_aac.dll .text,.rdata,.data,.rsrc,.reloc,
lukare 初生襁褓狮帖子:18 注册: 2007-07-31 来自:

lukare 初生襁褓狮帖子:18 注册: 2007-07-31 来自:	发表于： 2007-07-31 11:01 \| 显示全部短消息资料字号：小中大 6楼 01710000[00021000] [ M] 64. f:\program files\ttplayer\addin\ttp_ac3dts.dll .text,.rdata,.data,.rsrc,.reloc, 08120000[00060000] [ M] 65. f:\program files\ttplayer\wmadmod.dll Microsoft Corporation Windows Media Audio Decoder .text,RT_CODE,.data,RT_DATA,.rsrc,.reloc, 72C80000[00008000] [ M] 55. c:\windows\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, + 000007ac(1964) runiep.exe 00400000[00012000] [AM] 47. d:\动漫\新建文件夹 (2)\新建文件夹\runiep.exe Beijing Rising Technology Co., Ltd. Rising AntiSpyware Monitor .text,.rdata,.data,.rsrc, 00C40000[0001B000] [ M] 54. d:\动漫\新建文件夹 (2)\新建文件夹\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, + 00000814(2068) iexplore.exe 10000000[00127000] [AM] 33. c:\program files\google\googletoolbar1.dll Google Inc. Google IE 客户端工具栏 .text,.rdata,.data,.rsrc,.reloc, 01330000[00018000] [AM] 34. c:\program files\chinanet\vnettransfer.dll VnetTransfer Module .text,.rdata,.data,.rsrc,.reloc, 01350000[0000D000] [ M] 66. c:\program files\chinanet\communicate.dll GDCN Common Communicate Module .text,.rdata,.data,.rsrc,.reloc, 013C0000[0002D000] [ M] 67. c:\program files\chinanet\clientapi.dll ClientAPI Module .text,.rdata,.data,.rsrc,.reloc, 325C0000[00012000] [AM] 40. c:\program files\microsoft office\office11\msohev.dll Microsoft Corporation Microsoft Office 2003 component .text,.data,.rsrc,.reloc, 73900000[0002D000] [ M] 68. c:\windows\system32\vcdxp.ime 风清扬风清扬五笔输入法版本6.0 .text,.data,.sgroup,.ShareDa,.rsrc,.reloc, 72C80000[00008000] [ M] 55. c:\windows\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, 02410000[00019000] [ M] 69. c:\program files\rising\rav\ravscrch.dll Beijing Rising Technology Co., Ltd. RavScrCh Module .text,.rdata,.data,.rsrc,.reloc, 30000000[002EE000] [ M] 70. c:\windows\system32\macromed\flash\flash9b.ocx Adobe Systems, Inc. Adobe Flash Player 9.0 r28 .text,.rdata,.data,.rsrc,.reloc, 05E80000[0000B000] [AM] 36. c:\program files\common files\microsoft shared\office11\msoxmlmf.dll Microsoft Corporation Microsoft Office XML MIME Filter .text,.data,.rsrc,.reloc, 23700000[0001A000] [ M] 56. c:\program files\rising\rav\rscommon.dll Beijing Rising Technology Co., Ltd. Rising Common Function Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 07090000[00035000] [ M] 71. c:\windows\system32\xpsp3res.dll Microsoft Corporation Service Pack 3 Messages .rsrc, 04340000[0001B000] [ M] 54. d:\动漫\新建文件夹 (2)\新建文件夹\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, + 00000884(2180) VnetClient.exe 00400000[00043000] [ M] 72. c:\program files\chinanet\vnetclient.exe 星空极速客户端 .text,.rdata,.data,.rsrc, 10000000[0000D000] [ M] 66. c:\program files\chinanet\communicate.dll GDCN Common Communicate Module .text,.rdata,.data,.rsrc,.reloc, 00380000[00077000] [ M] 73. c:\program files\chinanet\dialmodule.dll GDCN DialModule DLL .text,.rdata,.data,.rsrc,.reloc, 6BC40000[000F2000] [ M] 74. c:\program files\chinanet\mfc42.dll Microsoft Corporation MFCDLL Shared Library - Retail Version .text,.rdata,.data,.rsrc,.reloc, 01320000[0002D000] [ M] 67. c:\program files\chinanet\clientapi.dll ClientAPI Module .text,.rdata,.data,.rsrc,.reloc, 01210000[00024000] [ M] 75. c:\program files\chinanet\plugincontainer.ocx PlugInContainer ActiveX Control Module .text,.rdata,.data,.rsrc,.reloc, 01240000[0000E000] [ M] 76. c:\program files\chinanet\sign.dll 0 sign .text,.rdata,.data,.rsrc,.reloc,
lukare 初生襁褓狮帖子:18 注册: 2007-07-31 来自:

lukare 初生襁褓狮帖子:18 注册: 2007-07-31 来自:	发表于： 2007-07-31 11:01 \| 显示全部短消息资料字号：小中大 7楼 01260000[00015000] [ M] 77. c:\program files\chinanet\webplugin.dll WebPlugin Module .text,.rdata,.data,.rsrc,.reloc, 012C0000[00011000] [ M] 78. c:\program files\chinanet\sysplug\93d07ada-d3ac-485a-85eb-12ca3cee8375\vnetsafe114.dll Vnetsafe114 Module .text,.rdata,.data,.rsrc,.reloc, 01B70000[00017000] [ M] 79. c:\program files\chinanet\advertise.ocx Advertise ActiveX Control Module .text,.rdata,.data,.rsrc,.reloc, 01B90000[0005D000] [ M] 80. c:\program files\chinanet\vnetbs.ocx VnetBs ActiveX Control Module .text,.rdata,.data,.rsrc,.reloc, 01BF0000[0004B000] [ M] 81. c:\program files\chinanet\vnetskin.ocx GDDC VnetSkin ActiveX Control Module .text,.rdata,.data,.rsrc,.reloc, 01C40000[00085000] [ M] 82. c:\program files\chinanet\dialogstyle.dll DialogStyle DLL .text,.rdata,.data,.rsrc,.reloc, 01EF0000[0000E000] [ M] 83. c:\program files\chinanet\bdsearch.ocx gdcn BDSearch ActiveX Control Module .text,.rdata,.data,.rsrc,.reloc, 01F00000[00012000] [ M] 84. c:\program files\chinanet\pagefram.ocx Workgroup PageFram ActiveX Control Module .text,.rdata,.data,.rsrc,.reloc, 02050000[00018000] [ M] 85. c:\program files\chinanet\accountpage.ocx Workgroup AccountPage ActiveX Control Module .text,.rdata,.data,.rsrc,.reloc, 02070000[00027000] [ M] 86. c:\program files\chinanet\accountmgr.dll AccountMgr DLL .text,.rdata,.data,.rsrc,.reloc, 02130000[0000F000] [ M] 87. c:\program files\chinanet\gif89a.dll Gif89a Module .text,.rdata,.data,.rsrc,.reloc, 02720000[00011000] [ M] 88. c:\program files\chinanet\notifybar.ocx Workgroup NotifyBar ActiveX Control Module .text,.rdata,.data,.rsrc,.reloc, 02770000[0000C000] [ M] 89. c:\program files\chinanet\icosbar.ocx Workgroup IcosBar ActiveX Control Module .text,.rdata,.data,.rsrc,.reloc, 027D0000[00025000] [ M] 90. c:\program files\chinanet\timer.ocx Timer ActiveX Control Module .text,.rdata,.data,.rsrc,.reloc, 02800000[00083000] [ M] 91. c:\program files\chinanet\pluginman.ocx Manage VnetClient Plugin Components .text,.rdata,.data,.rsrc,.reloc, 028C0000[0005A000] [ M] 92. c:\program files\chinanet\newmessage.dll NewMessage Module .text,.rdata,.data,.rsrc,.reloc, 02920000[00011000] [ M] 93. c:\program files\chinanet\passctrl.dll GDCN PassCtrl Module .text,.rdata,.data,.rsrc,.reloc, 02940000[0003B000] [ M] 94. c:\windows\system32\wpcap.dll Politecnico di Torino wpcap - Based on libpcap 0.7 snapshot feb 03, 2003 .text,.rdata,.data,.rsrc,.reloc, 028A0000[0000D000] [ M] 95. c:\windows\system32\pthreadvc.dll .text,.rdata,.data,.idata,.reloc, 02980000[0000F000] [ M] 96. c:\windows\system32\packet.dll Politecnico di Torino Packet .text,.rdata,.data,.rsrc,.reloc, 029C0000[00011000] [ M] 97. c:\program files\chinanet\plugpush.dll PlugPush Module .text,.rdata,.data,.rsrc,.reloc, 029F0000[0001A000] [ M] 98. c:\program files\chinanet\allinterface.dll AllInterface Module .text,.rdata,.data,.rsrc,.reloc, 02B20000[00015000] [ M] 99. c:\program files\chinanet\vnetlogin.ocx VNetLogin ActiveX Control Module .text,.rdata,.data,.rsrc,.reloc, 02B50000[00011000] [ M] 100. c:\program files\chinanet\statnum.dll StatNum Module .text,.rdata,.data,.rsrc,.reloc, 02CB0000[00021000] [ M] 101. c:\program files\chinanet\vnetonlineupdate.ocx VNetOnlineUpdate ActiveX Control Module .text,.rdata,.data,.rsrc,.reloc, 02DE0000[0005D000] [ M] 102. c:\program files\chinanet\allfunctions.dll GDCN AllFunctions Module .text,.rdata,.data,.rsrc,.reloc, 02E40000[00025000] [ M] 103. c:\program files\chinanet\vnetoptlog.dll VnetOptLog DLL .text,.rdata,.data,.rsrc,.reloc, 02CF0000[0000C000] [ M] 104. c:\program files\chinanet\favorite.ocx Favorite ActiveX Control Module .text,.rdata,.data,.rsrc,.reloc, 02A20000[00048000] [ M] 105. c:\program files\chinanet\vnetsettings.ocx VNetSettings ActiveX Control Module .text,.rdata,.data,.rsrc,.reloc, 02EB0000[00032000] [ M] 106. c:\program files\chinanet\base64.dll .text,.rdata,.data,.idata,.reloc, 02EF0000[0001B000] [ M] 54. d:\动漫\新建文件夹 (2)\新建文件夹\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, + 00000988(2440) Ras.exe 00400000[0013F000] [ M] 107. d:\动漫\新建文件夹 (2)\新建文件夹\ras.exe Beijing Rising Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc, 10000000[000A3000] [ M] 108. d:\动漫\新建文件夹 (2)\新建文件夹\rasgui.dll Beijing Rising Technology Co., Ltd. RasGUI .text,.rdata,.data,.rsrc,.reloc, 016C0000[0001B000] [AM] 43. c:\windows\system32\ravext.dll Beijing Rising Technology Co., Ltd. Rising Shell Ext Module .text,.rdata,.data,.rsrc,.reloc, 016F0000[00011000] [AM] 44. c:\windows\system32\shlhook.dll Beijing Rising Technology Co., Ltd. shlhook Module .text,.rdata,.data,.rsrc,.reloc, 01780000[0001B000] [ M] 54. d:\动漫\新建文件夹 (2)\新建文件夹\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, 02FE0000[0002F000] [ M] 109. d:\动漫\新建文件夹 (2)\新建文件夹\engine.dll Beijing Rising Technology Co., Ltd. kaka engine .text,.rdata,.data,.rsrc,.reloc, 01500000[00012000] [ M] 110. d:\动漫\新建文件夹 (2)\新建文件夹\zip.dll rising zip UPX0,UPX1,.rsrc, 完了
lukare 初生襁褓狮帖子:18 注册: 2007-07-31 来自:

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT