瑞星卡卡安全论坛
醋酷的悲哀 - 2007-7-11 9:21:00
数次查杀 老杀不完 是同一中(应该是杀不掉吧)我用的是瑞星2007 进程显示 96a71.exe 还有一开机才有的进程立刻消失无法记下来!在安全模式下查杀 瑞星显示无病毒 正常模式永远杀不完! 下面是该病毒的种类所在文件位置!大家帮帮我
附件:
897743200771191121.jpg
Leoooo - 2007-7-11 9:34:00
【回复“醋酷的悲哀”的帖子】
http://download.rising.com.cn/for_down/kakatool/kakasetupv4.exe下载卡卡上网安全助手4.0
1 运行瑞星卡卡上网安全助手
2 诊断求助=》电脑诊断日志
3 选择"忽略系统文件"、"文件详细信息"、"文件名相似分析"3个选项
4 开始扫描=》导出信息,导成txt格式(也可以是htm格式方便自己看,不过论坛不能上传htm格式)
5 把日志中的报告完整拷贝贴上来,不要修改(一次发不完请分次发上来)
6 扫日志的时候尽量把不必要的软件关闭 如QQ TM等
7 把扫描出来的可疑文件上传给瑞星http://up.rising.com.cn/webmail/uploadnew.htm
醋酷的悲哀 - 2007-7-11 10:05:00
+ 注册表自运行项目
+ Win32 Services
+ HKLM\System\CurrentControlSet\Services
E01FA41F
[A ] 1. c:\windows\system32\8a4cd76b.exe
Microsoft Corporation
??0,??1,??2,
ms_2fax
[AM] 2. c:\windows\system32\96a71.exe
.text,.rdata,.data,.rsrc,
6A 18 68 80 4A 41 00 E8 3C 19 00 00 BF 94 00 00
NVSvc
[A ] 3. c:\windows\system32\nvsvc32.exe
NVIDIA Corporation
NVIDIA Driver Helper Service, Version 60.85
.text,.rdata,.data,.rsrc,
55 8B EC 6A FF 68 00 34 41 00 68 58 75 40 00 64
ose
[A ] 4. c:\program files\common files\microsoft shared\source engine\ose.exe
Microsoft Corporation
Office Source Engine
.text,.data,.rsrc,
6A 74 68 60 2E 00 30 E8 23 04 00 00 33 DB 89 5D
RsCCenter
[A ] 5. d:\瑞星杀毒软件\rising\rav\ccenter.exe
Beijing Rising Technology Co., Ltd.
CCenter
.text,.rdata,.data,.rsrc,
55 8B EC 6A FF 68 C8 26 41 00 68 D8 AB 40 00 64
RsRavMon
[A ] 6. d:\瑞星杀毒软件\rising\rav\ravmond.exe
Beijing Rising Technology Co., Ltd.
RavMond
.text,.rdata,.data,.rsrc,
55 8B EC 6A FF 68 F8 D7 42 00 68 C4 E4 41 00 64
UMWdf
[A ] 7. c:\windows\system32\wdfmgr.exe
Microsoft Corporation
Windows User Mode Driver Manager
.text,.data,.rsrc,
6A 28 68 30 26 00 01 E8 A5 01 00 00 66 81 3D 00
+ Kernel Drivers
+ HKLM\System\CurrentControlSet\Services
589wv8qfs
[A ] 8. c:\windows\system32\drivers\589wv8qfs.sys
.text,.data,INIT,.reloc,
55 8B EC 83 EC 1C 53 56 57 68 C8 0B 01 00 E8 F8
A320RAID
[A ] 9. c:\windows\system32\drivers\a320raid.sys
Adaptec, Inc.
Adaptec HostRAID for Ultra320 SCSI
.text,.rdata,.data,INIT,.rsrc,.reloc,
8B FF 55 8B EC A1 A4 A1 04 00 85 C0 B9 40 BB 00
ADPU320
[A ] 10. c:\windows\system32\drivers\adpu320.sys
Adaptec, Inc.
Adaptec Windows Ultra320 Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
8B FF 55 8B EC A1 20 1D 03 00 85 C0 B9 40 BB 00
ahci8086
[A ] 11. c:\windows\system32\drivers\ahci8086.sys
ATI Technologies Inc.
ATI Technology AHCI Compatible Controller Driver for Windows family
.text,.rdata,.data,INIT,.rsrc,.reloc,
8B FF 55 8B EC A1 2C D0 02 00 85 C0 B9 40 BB 00
ALCXWDM
[A ] 12. c:\windows\system32\drivers\alcxwdm.sys
Realtek Semiconductor Corp.
Realtek AC'97 Audio Driver (WDM)
.text,CODE,.rdata,.data,.data1,PAGE,INIT,.rsrc,.reloc,
A1 00 E0 1B 00 85 C0 B9 4E E6 40 BB 74 04 3B C1
AmdK8
[A ] 13. c:\windows\system32\drivers\amdk8.sys
Advanced Micro Devices
AMD Processor Driver
.text,.rdata,.data,PAGE,PAGELK,INIT,.rsrc,.reloc,
8B FF 55 8B EC A1 B4 50 01 00 85 C0 B9 40 BB 00
BaseTDI
[A ] 14. c:\windows\system32\drivers\basetdi.sys
Beijing Rising Technology Co., Ltd.
basetdi
.text,.rdata,.data,INIT,.rsrc,.reloc,
55 8B EC 83 EC 14 53 56 57 E8 13 04 00 00 8B 35
CSB6IDE
[A ] 15. c:\windows\system32\drivers\csb6ide.sys
ServerWorks Corporation
ServerWorks CSB6 PCI IDE Bus Driver
.text,.rdata,INIT,.rsrc,.reloc,
68 54 04 00 00 68 BB 02 01 00 FF 74 24 10 FF 74
EagleNT
[A ] 16. c:\windows\system32\drivers\eaglent.sys
AhnLab, Inc.
Ahnlab HackShield KernelMode Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
55 8B EC 83 EC 34 C7 45 F0 00 00 00 00 8B 45 08
ExpScaner
[A ] 17. d:\瑞星杀毒软件\rising\rav\expscan.sys
ExpScan.sys
.text,.rdata,.data,INIT,.rsrc,.reloc,
55 8B EC 51 68 88 38 02 00 FF 15 70 1F 01 00 83
FASTTRAK
[A ] 18. c:\windows\system32\drivers\fasttrak.sys
Promise Technology, Inc.
Promise FastTrak Series Driver for Win2000
.text,.rdata,.data,INIT,.rsrc,.reloc,
55 8B EC 83 EC 50 53 56 8B 75 08 57 FF 75 0C 89
FETNDISB
[A ] 19. c:\windows\system32\drivers\fetnd5b.sys
VIA Technologies, Inc.
NDIS 5.0 miniport driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
55 8B EC 83 EC 60 53 56 57 33 DB 53 FF 75 0C 8D
FTSATA2
[A ] 20. c:\windows\system32\drivers\ftsata2.sys
Promise Technology, Inc.
Promise Driver for Windows Server 2003
.text,.rdata,.data,INIT,.rsrc,.reloc,
8B FF 55 8B EC A1 74 90 03 00 85 C0 B9 40 BB 00
g1252je
[A ] 21. c:\windows\system32\drivers\g1252je.sys
.text,.data,INIT,.reloc,
55 8B EC 83 EC 20 53 56 57 6A 71 FF 15 B4 02 01
HookCont
[A ] 22. d:\瑞星杀毒软件\rising\rav\hookcont.sys
Rising
HookCont
.text,.rdata,.data,INIT,.rsrc,.reloc,
55 8B EC 83 EC 14 53 56 57 68 70 20 00 00 E8 F7
HookReg
[A ] 23. d:\瑞星杀毒软件\rising\rav\hookreg.sys
.text,.rdata,.data,INIT,.rsrc,.reloc,
55 8B EC 83 EC 64 56 57 C7 45 AC 00 00 00 00 B9
HookSys
[A ] 24. d:\瑞星杀毒软件\rising\rav\hooksys.sys
Rising
醋酷的悲哀 - 2007-7-11 10:06:00
Hooksys
.text,.rdata,.data,INIT,.rsrc,.reloc,
55 8B EC 83 EC 14 53 56 57 E8 8A 08 00 00 68 FC
ialm
[A ] 25. c:\windows\system32\drivers\ialmnt5.sys
Intel Corporation
Intel Graphics Miniport Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
55 8B EC 83 EC 54 68 18 6A 08 10 68 00 00 00 80
IASTOR
[A ] 26. c:\windows\system32\drivers\iastor.sys
Intel Corporation
Intel Matrix Storage Manager driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
ITERAID
[A ] 27. c:\windows\system32\drivers\iteraid.sys
Integrated Technology Express, Inc.
ITE IT8212 ATA RAID SCSI miniport
.text,.rdata,.data,INIT,.rsrc,.reloc,
55 8B EC 83 EC 54 53 56 57 6A 50 5E 56 8D 45 AC
iw79gsdo8
[A ] 28. c:\windows\system32\drivers\iw79gsdo8.sys
.text,.data,INIT,.reloc,
55 8B EC 83 EC 1C 53 56 57 68 C8 0B 01 00 E8 F8
JRAID
[A ] 29. c:\windows\system32\drivers\jraid.sys
JMicron Technology Corp.
JMicron JR036X RAID Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
55 8B EC 83 EC 58 53 56 6A 50 5E 56 8D 45 A8 50
M5228
[A ] 30. c:\windows\system32\drivers\m5228.sys
ALi Corporation.
M5228 ATA RAID Controller Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
55 8B EC 83 EC 50 57 6A 14 59 33 C0 8D 7D B0 6A
M5281
[A ] 31. c:\windows\system32\drivers\m5281.sys
ALi Corporation
ALi SATA RAID Controller Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
55 8B EC 83 EC 50 56 57 6A 14 59 6A 04 33 C0 8D
M5289
[A ] 32. c:\windows\system32\drivers\m5289.sys
ULi Electronics Inc.
ULi SATA RAID Controller Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
8B FF 55 8B EC 83 EC 50 56 57 6A 14 59 6A 04 33
MEMSCAN
[A ] 33. d:\瑞星杀毒软件\rising\rav\memscan.sys
瑞星软件有限公司
MemScan Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
55 8B EC 83 EC 14 56 8B 35 DC 0C 01 00 57 8D 45
npkcrypt
[A ] 34. e:\qq软件\qq\npkcrypt.sys
INCA Internet Co., Ltd.
nProtect KeyCrypt Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
51 53 56 E8 6F 2C 00 00 A3 28 46 01 00 E8 EC 2B
NVATABUS
[A ] 35. c:\windows\system32\drivers\nvatabus.sys
NVIDIA Corporation
NVIDIA? nForce(TM) IDE Performance Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
8B 54 24 04 85 D2 75 0E FF 74 24 08 E8 03 09 01
nvmpu401
[A ] 36. c:\windows\system32\drivers\nvmpu401.sys
NVIDIA Corporation
NVIDIA? nForce(TM) MPU401 Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
68 1C 15 01 00 FF 74 24 0C FF 74 24 0C E8 0E ED
NVRAID
[A ] 37. c:\windows\system32\drivers\nvraid.sys
NVIDIA Corporation
NVIDIA? nForce(TM) RAID Driver
.text,.rdata,.data,PAGE,INIT,DUMPDATA,.rsrc,.reloc,
55 8D 6C 24 90 81 EC D4 00 00 00 56 8B 75 78 85
QKeyService
[A ] 38. c:\windows\system32\keycrypt.sys
Tencent Technology (Shenzhen) Company Limited
KeyCrypt Device Driver
.text,.rdata,.data,.CRT,.STL,INIT,.rsrc,.reloc,
55 8B EC 81 EC A0 01 00 00 56 8B 75 08 57 8B 3D
RsAntiSpyware
[A ] 39. c:\windows\system32\drivers\rsboot.sys
Beijing Rising Technology Co., Ltd.
Anti-RootKit Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
55 8B EC 83 EC 20 53 56 33 F6 57 89 75 F4 60 8D
RsNTGDI
[A ] 40. c:\windows\system32\drivers\rsntgdi.sys
Beijing Rising Technology Co., Ltd.
RsNTGDI
.text,.rdata,INIT,.rsrc,.reloc,
55 8B EC 83 EC 10 56 8B 75 08 57 8B 3D 58 05 01
RSPPSYS
[A ] 41. d:\瑞星杀毒软件\rising\rav\rsppsys.sys
Rising
RSPPSYS.SYS
.text,.rdata,.data,INIT,.rsrc,.reloc,
55 8B EC 83 EC 14 53 6A 5C E8 EE FB FF FF 33 DB
RTL8023xp
[A ] 42. c:\windows\system32\drivers\rtnicxp.sys
rtl8139
[A ] 43. c:\windows\system32\drivers\r8139n51.sys
Realtek Semiconductor Corporation
Realtek RTL8139/810x Family NDIS 5.1 Drv
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
55 8B EC 83 EC 7C 57 6A 00 FF 75 0C 8D 45 0C FF
Secdrv
[A ] 44. c:\windows\system32\drivers\secdrv.sys
.text,.data,INIT,.reloc,
55 8B EC 83 EC 10 53 56 57 E8 E4 A3 FF FF 89 45
SI3112R
[A ] 45. c:\windows\system32\drivers\si3112r.sys
Silicon Image, Inc
Serial ATA RAID miniport driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
55 8B EC 83 EC 7C 83 4D FC FF 53 57 6A 15 59 33
SI3114R
[A ] 46. c:\windows\system32\drivers\si3114r.sys
Silicon Image, Inc
SATARAID miniport driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
55 8B EC 83 EC 7C 83 4D FC FF 53 57 6A 15 59 33
SI3114R5
醋酷的悲哀 - 2007-7-11 10:07:00
[A ] 47. c:\windows\system32\drivers\si3114r5.sys
Silicon Image, Inc
SATA SoftRAID 5 miniport driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
A1 D0 96 03 00 85 C0 B9 4E E6 40 BB 74 04 3B C1
SI3124
[A ] 48. c:\windows\system32\drivers\si3124.sys
Silicon Image, Inc.
Serial ATA miniport driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
55 8B EC 83 EC 5C 83 4D FC FF 53 57 6A 15 59 33
SI3124R
[A ] 49. c:\windows\system32\drivers\si3124r.sys
Silicon Image, Inc
SATARAID miniport driver (PRE-RELEASE)
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
55 8B EC 83 EC 74 53 83 4D FC FF 56 57 6A 15 33
SI3124R5
[A ] 50. c:\windows\system32\drivers\si3124r5.sys
Silicon Image, Inc
SATA SoftRAID 5 miniport driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
A1 D0 A6 03 00 85 C0 B9 4E E6 40 BB 74 04 3B C1
SI3132
[A ] 51. c:\windows\system32\drivers\si3132.sys
Silicon Image, Inc.
Serial ATA miniport driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
55 8B EC 83 EC 5C 83 4D FC FF 53 57 6A 15 59 33
SI3132R5
[A ] 52. c:\windows\system32\drivers\si3132r5.sys
Silicon Image, Inc
SATA SoftRAID 5 miniport driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
A1 D0 A6 03 00 85 C0 B9 4E E6 40 BB 74 04 3B C1
SISRAID2
[A ] 53. c:\windows\system32\drivers\sisraid2.sys
Silicon Integrated Systems Corp
SiS RAID Miniport Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
55 8B EC 83 EC 5C 56 6A 50 5E 56 8D 45 A4 50 C6
SISRAID4
[A ] 54. c:\windows\system32\drivers\sisraid4.sys
Silicon Integrated Systems
SiS AHCI Miniport Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
8B FF 55 8B EC A1 3C F0 01 00 85 C0 B9 40 BB 00
SYMMPI
[A ] 55. c:\windows\system32\drivers\symmpi.sys
LSI Logic
LSI Logic Fusion-MPT MiniPort Driver (ScsiPort)
.text,.rdata,.data,INIT,.rsrc,.reloc,
8B FF 55 8B EC 81 EC 80 00 00 00 53 8B 1D 10 70
ULSATA
[A ] 56. c:\windows\system32\drivers\ulsata.sys
Promise Technology, Inc.
Promise Ultra/Sata Series Driver for Win2003
.text,.rdata,.data,INIT,.rsrc,.reloc,
8B FF 55 8B EC A1 80 60 02 00 85 C0 B9 4E E6 40
ULSATA2
[A ] 57. c:\windows\system32\drivers\ulsata2.sys
Promise Technology, Inc.
Promise SATAII150 Series Windows Drivers
.text,.rdata,.data,INIT,.rsrc,.reloc,
8B FF 55 8B EC A1 B0 90 02 00 85 C0 B9 4E E6 40
VIAMRAID
[A ] 58. c:\windows\system32\drivers\viamraid.sys
VIA Technologies inc,.ltd
VIA RAID DRIVER FOR WIN 2000/XP/2003IA32
.text,.rdata,.data,INIT,.rsrc,.reloc,
55 8B EC 83 EC 54 57 33 FF 39 7D 08 75 09 C6 05
vmscsi
[A ] 59. c:\windows\system32\drivers\vmscsi.sys
VMware, Inc.
VMware SCSI Controller
.text,.rdata,.data,INIT,.rsrc,.reloc,
55 8B EC 83 EC 5C 57 6A 14 59 33 C0 8D 7D A4 83
+ Winlogon
+ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
igfxcui
[AM] 60. c:\windows\system32\igfxsrvc.dll
Intel Corporation
igfxsrvc Module
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
+ Internet Explorer
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
{01443AEC-0FD1-40fd-9C87-E93D1494C233}
[AM] 61. e:\迅雷\安装包\迅雷\comdlls\tdatonce_now.dll
Thunder Networking Technologies,LTD
迅雷浏览器高级特性支持模块
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 56 8B 75 0C 83 FE 01 74 05 83 FE 02 75
{889D2FEB-5411-4565-8998-1DD2C5261283}
[AM] 62. e:\迅雷\安装包\迅雷\comdlls\xunleibho_now.dll
Thunder Networking Technologies,LTD
XunLeiBHO
.text,.rdata,.data,.rsrc,.reloc,
6A 0C 68 B8 FD 00 10 E8 92 F4 FF FF 33 C0 40 89
{FAAAC0F6-94BE-4466-934B-7C53666A2F41}
[AM] 63. c:\windows\system32\5961.dll
TODO: <公司名>
TODO: <文件说明>
.text,.rdata,.data,.rsrc,.reloc,
6A 0C 68 B8 5B 01 10 E8 F3 0C 00 00 33 C0 40 89
+ HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions
Exec
[A ] 64. e:\迅雷\安装包\迅雷\thunder.exe
Thunder Networking Technologies,LTD
.text,.rdata,.data,.rsrc,
55 8B EC 6A FF 68 08 37 40 00 68 70 29 40 00 64
Exec
[AM] 65. e:\qq软件\qq\qq.exe
TENCENT
QQ
.text,.rdata,.data,.rsrc,
55 8B EC 6A FF 68 18 43 52 00 68 5E 4A 48 00 64
+ Explorer
+ HKLM\SOFTWARE\Classes\PROTOCOLS\Filter
text/xml
[AM] 66. c:\program files\common files\microsoft shared\office11\msoxmlmf.dll
Microsoft Corporation
Microsoft Office XML MIME Filter
.text,.data,.rsrc,.reloc,
6A 0C 68 70 22 40 00 E8 FD 01 00 00 33 C0 40 89
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
HyperTerminal Icon Ext
[A ] 67. c:\windows\system32\hticons.dll
Hilgraeve, Inc.
HyperTerminal Applet Library
.text,.data,.rsrc,.reloc,
Portable Media Devices
[AM] 68. c:\windows\system32\audiodev.dll
Microsoft Corporation
便携媒体设备命令行解释器扩展
.text,.data,.rsrc,.reloc,
8B FF 55 8B EC 53 8B 5D 08 56 8B 75 0C 85 F6 57
Portable Media Devices Menu
[AM] 68. c:\windows\system32\audiodev.dll
Microsoft Corporation
便携媒体设备命令行解释器扩展
.text,.data,.rsrc,.reloc,
8B FF 55 8B EC 53 8B 5D 08 56 8B 75 0C 85 F6 57
WinRAR shell extension
[A ] 69. c:\program files\winrar\rarext.dll
.text,.data,.tls,.idata,.edata,.rsrc,.reloc,
Microsoft Office HTML Icon Handler
[AM] 70. c:\program files\microsoft office\office11\msohev.dll
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,.reloc,
6A 0C 68 A8 41 5C 32 E8 B5 00 00 00 33 C0 40 89
Web Folders
[A ] 71. c:\program files\common files\microsoft shared\web folders\msonsext.dll
Microsoft Corporation
Microsoft Web Folders
.text,.data,.rsrc,.reloc,
6A 0C 68 B0 AC 0A 49 E8 DA 00 00 00 33 C0 40 89
Shell Extensions for RealOne Player
[A ] 72. c:\program files\real\realplayer\rpshell.dll
RealNetworks, Inc.
RealPlayer Shell Extensions
.text,.rdata,.data,.rsrc,.reloc,
53 55 56 8B 74 24 14 85 F6 57 B8 01 00 00 00 75
RISING
[AM] 73. c:\windows\system32\ravext.dll
Beijing Rising Technology Co., Ltd.
Rising Shell Ext Module
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
NvCpl DesktopContext Class
[AM] 74. c:\windows\system32\nvcpl.dll
NVIDIA Corporation
NVIDIA Display Properties Extension
.text,.rdata,.data,.rsrc,.reloc,
6A 0C 68 F0 36 17 10 E8 26 0E 00 00 33 C0 40 89
Desktop Explorer
[AM] 75. c:\windows\system32\nvshell.dll
NVIDIA Corporation
醋酷的悲哀 - 2007-7-11 10:08:00
NVIDIA Desktop Explorer, Version 60.85
.text,.rdata,.data,.idata,.shared,.rsrc,.reloc,
6A 0C 68 E8 84 02 10 E8 B2 34 00 00 33 C0 40 89
Desktop Explorer Menu
[AM] 75. c:\windows\system32\nvshell.dll
NVIDIA Corporation
NVIDIA Desktop Explorer, Version 60.85
.text,.rdata,.data,.idata,.shared,.rsrc,.reloc,
6A 0C 68 E8 84 02 10 E8 B2 34 00 00 33 C0 40 89
nView Desktop Context Menu
[AM] 75. c:\windows\system32\nvshell.dll
NVIDIA Corporation
NVIDIA Desktop Explorer, Version 60.85
.text,.rdata,.data,.idata,.shared,.rsrc,.reloc,
6A 0C 68 E8 84 02 10 E8 B2 34 00 00 33 C0 40 89
Play on my TV helper
[AM] 74. c:\windows\system32\nvcpl.dll
NVIDIA Corporation
NVIDIA Display Properties Extension
.text,.rdata,.data,.rsrc,.reloc,
6A 0C 68 F0 36 17 10 E8 26 0E 00 00 33 C0 40 89
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}
[AM] 76. c:\windows\system32\shlhook.dll
Beijing Rising Technology Co., Ltd.
shlhook Module
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
+ Logon
+ HKLM\Software\Microsoft\Windows\CurrentVersion\Run
SoundMan
[AM] 77. c:\windows\soundman.exe
Realtek Semiconductor Corp.
Realtek Sound Manager
.text,.rdata,.data,.rsrc,
55 8B EC 6A FF 68 B8 A2 40 00 68 28 8C 40 00 64
TkBellExe
[AM] 78. c:\program files\common files\real\update_ob\realsched.exe
RealNetworks, Inc.
RealNetworks Scheduler
.text,.rdata,.data,.rsrc,
55 8B EC 6A FF 68 F0 30 42 00 68 08 97 41 00 64
nwiz
[A ] 79. c:\windows\system32\nwiz.exe
NVIDIA Corporation
NVIDIA nView Wizard, Version 60.85
.text,.rdata,.data,.rsrc,
6A 60 68 80 3A 42 00 E8 61 30 00 00 BF 94 00 00
runeip
[AM] 80. c:\program files\rising\antispyware\runiep.exe
Beijing Rising Technology Co., Ltd.
Rising AntiSpyware Monitor
.text,.rdata,.data,.rsrc,
55 8B EC 6A FF 68 E0 6B 40 00 68 40 52 40 00 64
RavTask
[A ] 81. d:\瑞星杀毒软件\rising\rav\ravtask.exe
Beijing Rising Technology Co., Ltd.
RavTimer
.text,.rdata,.data,.rsrc,
55 8B EC 6A FF 68 50 E3 40 00 68 D4 90 40 00 64
+ Boot Execute
+ HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order
BootExecute
[A ] 82. c:\windows\system32\bsmain.exe
Beijing Rising Technology Co., Ltd.
BootScan
.text,.data,.rsrc,.reloc,
55 8B EC 6A FF 68 F0 27 00 01 68 74 9E 00 01 64
+ Image Hijacks
+ HKCR\.html
htmlfile\Edit\Command
[A ] 83. c:\program files\microsoft office\office11\msohtmed.exe
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,
6A 74 68 58 26 00 30 E8 A8 FF FF FF 33 DB 89 5D
htmlfile\Print\Command
[A ] 83. c:\program files\microsoft office\office11\msohtmed.exe
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,
6A 74 68 58 26 00 30 E8 A8 FF FF FF 33 DB 89 5D
+ HKCR\.htm
htmlfile\Edit\Command
[A ] 83. c:\program files\microsoft office\office11\msohtmed.exe
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,
6A 74 68 58 26 00 30 E8 A8 FF FF FF 33 DB 89 5D
htmlfile\Print\Command
[A ] 83. c:\program files\microsoft office\office11\msohtmed.exe
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,
6A 74 68 58 26 00 30 E8 A8 FF FF FF 33 DB 89 5D
+ 系统活动模块
+ 0000007c(124) ctfmon.exe
10000000[0001B000]
[ M] 84. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
6A 0C 68 00 CD B0 01 E8 BD 02 00 00 33 C0 40 89
+ 000000c0(192) iexplore.exe
10000000[00012000]
[ M] 85. c:\windows\system32\xpdhcp.dll
.text,.rsrc,.reloc,
94 24 50 01 00 00 52 FF 54 24 28 8D 84 24 4C 01
01580000[00022000]
[AM] 61. e:\迅雷\安装包\迅雷\comdlls\tdatonce_now.dll
Thunder Networking Technologies,LTD
迅雷浏览器高级特性支持模块
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 56 8B 75 0C 83 FE 01 74 05 83 FE 02 75
015B0000[00019000]
[AM] 62. e:\迅雷\安装包\迅雷\comdlls\xunleibho_now.dll
Thunder Networking Technologies,LTD
XunLeiBHO
.text,.rdata,.data,.rsrc,.reloc,
6A 0C 68 B8 FD 00 10 E8 92 F4 FF FF 33 C0 40 89
223F0000[00009000]
[ M] 86. e:\迅雷\安装包\迅雷\components\resworker\dsbho_00.dll
DsBho
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
223C0000[0000C000]
[ M] 87. e:\迅雷\安装包\迅雷\components\resworker\dataprocessor_00.dll
Thunder Networking Technologies,LTD
DataProcessor
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
01620000[00022000]
[AM] 63. c:\windows\system32\5961.dll
TODO: <公司名>
TODO: <文件说明>
.text,.rdata,.data,.rsrc,.reloc,
6A 0C 68 B8 5B 01 10 E8 F3 0C 00 00 33 C0 40 89
325C0000[00012000]
[AM] 70. c:\program files\microsoft office\office11\msohev.dll
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,.reloc,
6A 0C 68 A8 41 5C 32 E8 B5 00 00 00 33 C0 40 89
092D0000[00079000]
[AM] 68. c:\windows\system32\audiodev.dll
Microsoft Corporation
便携媒体设备命令行解释器扩展
.text,.data,.rsrc,.reloc,
8B FF 55 8B EC 53 8B 5D 08 56 8B 75 0C 85 F6 57
72C80000[00008000]
[ M] 88. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
8B 44 24 08 83 E8 00 74 30 48 75 3A 56 8B 74 24
02920000[00019000]
[ M] 89. d:\瑞星杀毒软件\rising\rav\ravscrch.dll
Beijing Rising Technology Co., Ltd.
RavScrCh Module
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
30000000[002EE000]
[ M] 90. c:\windows\system32\macromed\flash\flash9b.ocx
Adobe Systems, Inc.
Adobe Flash Player 9.0 r28
.text,.rdata,.data,.rsrc,.reloc,
6A 0C 68 C8 B9 1C 30 E8 67 EB FF FF 33 C0 40 89
05940000[0000B000]
[AM] 66. c:\program files\common files\microsoft shared\office11\msoxmlmf.dll
Microsoft Corporation
Microsoft Office XML MIME Filter
.text,.data,.rsrc,.reloc,
6A 0C 68 70 22 40 00 E8 FD 01 00 00 33 C0 40 89
03B40000[00019000]
[ M] 91. e:\迅雷\安装包\迅雷\comdlls\thunderagent_now.dll
Thunder Networking Technologies,LTD
ThunderAgent Module
.text,.rdata,.data,.rsrc,.reloc,
6A 0C 68 B0 ED 00 10 E8 4B EB FF FF 33 C0 40 89
02D60000[0001B000]
[AM] 73. c:\windows\system32\ravext.dll
Beijing Rising Technology Co., Ltd.
Rising Shell Ext Module
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
02D90000[00011000]
[AM] 76. c:\windows\system32\shlhook.dll
Beijing Rising Technology Co., Ltd.
shlhook Module
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
02DD0000[0001B000]
[ M] 84. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
6A 0C 68 00 CD B0 01 E8 BD 02 00 00 33 C0 40 89
+ 00000158(344) taskmgr.exe
10000000[00012000]
[ M] 85. c:\windows\system32\xpdhcp.dll
.text,.rsrc,.reloc,
94 24 50 01 00 00 52 FF 54 24 28 8D 84 24 4C 01
011E0000[0001B000]
[ M] 84. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
6A 0C 68 00 CD B0 01 E8 BD 02 00 00 33 C0 40 89
+ 000001cc(460) smss.exe
+ 000001e0(480) runiep.exe
00400000[00012000]
[AM] 80. c:\program files\rising\antispyware\runiep.exe
Beijing Rising Technology Co., Ltd.
Rising AntiSpyware Monitor
.text,.rdata,.data,.rsrc,
55 8B EC 6A FF 68 E0 6B 40 00 68 40 52 40 00 64
10000000[00012000]
[ M] 85. c:\windows\system32\xpdhcp.dll
.text,.rsrc,.reloc,
94 24 50 01 00 00 52 FF 54 24 28 8D 84 24 4C 01
01070000[0001B000]
醋酷的悲哀 - 2007-7-11 10:08:00
[ M] 84. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
6A 0C 68 00 CD B0 01 E8 BD 02 00 00 33 C0 40 89
+ 00000208(520) csrss.exe
+ 00000220(544) winlogon.exe
72C80000[00008000]
[ M] 88. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
8B 44 24 08 83 E8 00 74 30 48 75 3A 56 8B 74 24
10000000[00014000]
[ M] 92. c:\windows\system32\94879a32.dll
Microsoft Corporation
`Q40,`Q41,`Q42,
+ 0000024c(588) services.exe
+ 00000258(600) lsass.exe
+ 000002ec(748) svchost.exe
+ 00000328(808) svchost.exe
+ 00000388(904) svchost.exe
+ 000003c0(960) svchost.exe
+ 00000404(1028) svchost.exe
+ 000004b8(1208) Thunder5.exe
00400000[001A0000]
[ M] 93. e:\迅雷\安装包\迅雷\program\thunder5.exe
Thunder Networking Technologies,LTD
Thunder
.text,.rdata,.data,.rsrc,
55 8B EC 6A FF 68 78 3B 4C 00 68 08 48 4A 00 64
10000000[00012000]
[ M] 85. c:\windows\system32\xpdhcp.dll
.text,.rsrc,.reloc,
94 24 50 01 00 00 52 FF 54 24 28 8D 84 24 4C 01
21EA0000[0002F000]
[ M] 94. e:\迅雷\安装包\迅雷\program\taskmanager.dll
Thunder Networking Technologies,LTD
TaskManager DLL
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
21160000[0044D000]
[ M] 95. e:\迅雷\安装包\迅雷\program\download_interface.dll
Thunder Networking Technologies,LTD
Thunder
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
21A00000[000CB000]
[ M] 96. e:\迅雷\安装包\迅雷\program\stlport_vc646.dll
STLport Consulting, Inc.
STLport
.text,.rdata,.data,STLPORT_,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
21110000[0001B000]
[ M] 97. e:\迅雷\安装包\迅雷\program\asyn_dns.dll
Thunder Networking Technologies,LTD
asyn_dns
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
21BB0000[0000A000]
[ M] 98. e:\迅雷\安装包\迅雷\program\bhostub.dll
Thunder Networking Technologies,LTD
BHOStub DLL
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
22160000[00013000]
[ M] 99. e:\迅雷\安装包\迅雷\components\downandplay\downandplay.dll
DownAndPlay Module
.text,.rdata,.data,.idata,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
21CD0000[0002A000]
[ M] 100. e:\迅雷\安装包\迅雷\program\itargetad.dll
Thunder Networking Technologies,LTD
iTargetAD DLL
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
30000000[002EE000]
[ M] 90. c:\windows\system32\macromed\flash\flash9b.ocx
Adobe Systems, Inc.
Adobe Flash Player 9.0 r28
.text,.rdata,.data,.rsrc,.reloc,
6A 0C 68 C8 B9 1C 30 E8 67 EB FF FF 33 C0 40 89
72C80000[00008000]
[ M] 88. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
8B 44 24 08 83 E8 00 74 30 48 75 3A 56 8B 74 24
21F00000[00019000]
[ M] 101. e:\迅雷\安装包\迅雷\program\xlnet.dll
Thunder Networking Technologies,LTD
Xunlei internet API
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
222A0000[00017000]
[ M] 102. e:\迅雷\安装包\迅雷\components\inmedia\iembedshell.dll
iEmbedShell
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
21F40000[0008C000]
[ M] 103. e:\迅雷\安装包\迅雷\components\community\xlcommunity.dll
Thunder Networking Technologies,LTD
XLCommunity DLL
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
224F0000[00079000]
[ M] 104. e:\迅雷\安装包\迅雷\components\security\thundersafe.dll
深圳市迅雷网络技术有限公司
迅雷安全中心
.text,.rdata,.data,.rsrc,.reloc,
6A 0C 68 88 B7 51 22 E8 8F E6 FF FF 33 C0 40 89
22490000[00021000]
[ M] 105. e:\迅雷\安装包\迅雷\components\search\xlsearch.dll
Thunder Networking Technologies,LTD
XLSearch DLL
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
22370000[0001E000]
[ M] 106. e:\迅雷\安装包\迅雷\components\p4pclient\p4pclient.dll
Thunder Networking Technologies,LTD
Thunder P4P Client
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
21D40000[0003F000]
[ M] 107. e:\迅雷\安装包\迅雷\program\liveupdate.dll
Thunder Networking Technologies,LTD
LiveUpdate DLL
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
221B0000[00010000]
[ M] 108. e:\迅雷\安装包\迅雷\components\explorerhelper\explorerhelper.dll
Thunder Networking Technologies,LTD
ExplorerHelper DLL
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
22680000[00012000]
[ M] 109. e:\迅雷\安装包\迅雷\components\tips\tipsclient.dll
Thunder Networking Technologies,LTD
TipsClient Module
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
227E0000[00009000]
[ M] 110. e:\迅雷\安装包\迅雷\components\vpshell\vpshell.dll
XunLei
VPShell DLL
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
226C0000[0000B000]
[ M] 111. e:\迅雷\安装包\迅雷\components\userexperience\userexperience.dll
Thunder Networking Technologies,LTD
UserExperience DLL
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
22410000[00013000]
[ M] 112. e:\迅雷\安装包\迅雷\components\resworker\dsxlcom.dll
DsXlCom DLL
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
22210000[0003F000]
[ M] 113. e:\迅雷\安装包\迅雷\components\inmedia\iembed10.dll
iEmbed Module
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
21E10000[0003E000]
[ M] 114. e:\迅雷\安装包\迅雷\program\registerdll.dll
Thunder Networking Technologies,LTD
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
21DD0000[00011000]
[ M] 115. e:\迅雷\安装包\迅雷\program\msvcirt.dll
Microsoft Corporation
Windows NT IOStreams DLL
.text,.data,.rsrc,.reloc,
8B FF 55 8B EC 53 8B 5D 08 56 8B 75 0C 85 F6 57
21000000[00020000]
[ M] 116. e:\迅雷\安装包\迅雷\plugins\bhoadv\bho_adv.dll
深圳市迅雷网络技术有限公司
迅雷FLV地址解析插件
.text,.rdata,.data,.rsrc,.reloc,
6A 0C 68 48 67 01 21 E8 6D 01 00 00 33 C0 40 89
227B0000[00009000]
[ M] 117. e:\迅雷\安装包\迅雷\components\vpshell\videopicture.dll
XunLei
VideoPicture DLL ( Use XLNet )
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
012A0000[00019000]
[ M] 89. d:\瑞星杀毒软件\rising\rav\ravscrch.dll
Beijing Rising Technology Co., Ltd.
RavScrCh Module
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
223C0000[0000C000]
[ M] 87. e:\迅雷\安装包\迅雷\components\resworker\dataprocessor_00.dll
Thunder Networking Technologies,LTD
DataProcessor
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
22450000[00011000]
[ M] 118. e:\迅雷\安装包\迅雷\components\resworker\mediaworker.dll
Thunder Networking Technologies,LTD
ExtractMediaTag DLL
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
04560000[0001B000]
[ M] 84. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
6A 0C 68 00 CD B0 01 E8 BD 02 00 00 33 C0 40 89
+ 00000510(1296) Explorer.EXE
015B0000[00014000]
[ M] 92. c:\windows\system32\94879a32.dll
Microsoft Corporation
`Q40,`Q41,`Q42,
72C80000[00008000]
[ M] 88. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
8B 44 24 08 83 E8 00 74 30 48 75 3A 56 8B 74 24
10000000[003A2000]
[AM] 74. c:\windows\system32\nvcpl.dll
NVIDIA Corporation
NVIDIA Display Properties Extension
.text,.rdata,.data,.rsrc,.reloc,
6A 0C 68 F0 36 17 10 E8 26 0E 00 00 33 C0 40 89
023E0000[0003C000]
[ M] 119. c:\windows\system32\igfxpph.dll
Intel Corporation
igfxpph Module
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
01C90000[0001E000]
[ M] 120. c:\windows\system32\hccutils.dll
Intel Corporation
hccutils Module
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7
醋酷的悲哀 - 2007-7-11 10:09:00
02420000[00028000]
[ M] 121. c:\windows\system32\igfxres.dll
Intel Corporation
xxxxres Module
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
026A0000[00057000]
[AM] 60. c:\windows\system32\igfxsrvc.dll
Intel Corporation
igfxsrvc Module
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
02450000[00024000]
[ M] 122. c:\windows\system32\igfxdev.dll
Intel Corporation
igfxdev Module
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
028A0000[00070000]
[AM] 75. c:\windows\system32\nvshell.dll
NVIDIA Corporation
NVIDIA Desktop Explorer, Version 60.85
.text,.rdata,.data,.idata,.shared,.rsrc,.reloc,
6A 0C 68 E8 84 02 10 E8 B2 34 00 00 33 C0 40 89
02930000[0001B000]
[AM] 73. c:\windows\system32\ravext.dll
Beijing Rising Technology Co., Ltd.
Rising Shell Ext Module
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
029A0000[00011000]
[AM] 76. c:\windows\system32\shlhook.dll
Beijing Rising Technology Co., Ltd.
shlhook Module
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
01FB0000[00022000]
[AM] 61. e:\迅雷\安装包\迅雷\comdlls\tdatonce_now.dll
Thunder Networking Technologies,LTD
迅雷浏览器高级特性支持模块
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 56 8B 75 0C 83 FE 01 74 05 83 FE 02 75
01FE0000[00019000]
[AM] 62. e:\迅雷\安装包\迅雷\comdlls\xunleibho_now.dll
Thunder Networking Technologies,LTD
XunLeiBHO
.text,.rdata,.data,.rsrc,.reloc,
6A 0C 68 B8 FD 00 10 E8 92 F4 FF FF 33 C0 40 89
223F0000[00009000]
[ M] 86. e:\迅雷\安装包\迅雷\components\resworker\dsbho_00.dll
DsBho
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
223C0000[0000C000]
[ M] 87. e:\迅雷\安装包\迅雷\components\resworker\dataprocessor_00.dll
Thunder Networking Technologies,LTD
DataProcessor
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
031C0000[00022000]
[AM] 63. c:\windows\system32\5961.dll
TODO: <公司名>
TODO: <文件说明>
.text,.rdata,.data,.rsrc,.reloc,
6A 0C 68 B8 5B 01 10 E8 F3 0C 00 00 33 C0 40 89
325C0000[00012000]
[AM] 70. c:\program files\microsoft office\office11\msohev.dll
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,.reloc,
6A 0C 68 A8 41 5C 32 E8 B5 00 00 00 33 C0 40 89
029E0000[0001B000]
[ M] 84. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
6A 0C 68 00 CD B0 01 E8 BD 02 00 00 33 C0 40 89
+ 00000538(1336) spoolsv.exe
+ 0000058c(1420) alg.exe
+ 00000600(1536) SOUNDMAN.EXE
00400000[00016000]
[AM] 77. c:\windows\soundman.exe
Realtek Semiconductor Corp.
Realtek Sound Manager
.text,.rdata,.data,.rsrc,
55 8B EC 6A FF 68 B8 A2 40 00 68 28 8C 40 00 64
+ 00000608(1544) realsched.exe
00400000[0002F000]
[AM] 78. c:\program files\common files\real\update_ob\realsched.exe
RealNetworks, Inc.
RealNetworks Scheduler
.text,.rdata,.data,.rsrc,
55 8B EC 6A FF 68 F0 30 42 00 68 08 97 41 00 64
+ 0000072c(1836) 96a71.exe
00400000[0001E000]
[AM] 2. c:\windows\system32\96a71.exe
.text,.rdata,.data,.rsrc,
6A 18 68 80 4A 41 00 E8 3C 19 00 00 BF 94 00 00
+ 00000c1c(3100) QQ.exe
00400000[00187000]
[AM] 65. e:\qq软件\qq\qq.exe
TENCENT
QQ
.text,.rdata,.data,.rsrc,
55 8B EC 6A FF 68 18 43 52 00 68 5E 4A 48 00 64
10000000[00251000]
[ M] 123. e:\qq软件\qq\qqbaseclassindll.dll
QQBaseClassInDll DLL
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
616C0000[00099000]
[ M] 124. e:\qq软件\qq\qqhelperdll.dll
QQHelperDll DLL
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
60090000[00040000]
[ M] 125. e:\qq软件\qq\basicctrldll.dll
Tencent
BasicCtrlDll DLL
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
60A00000[000F2000]
[ M] 126. e:\qq软件\qq\mfc42.dll
Microsoft Corporation
MFCDLL Shared Library - Retail Version
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
00ED0000[00012000]
[ M] 85. c:\windows\system32\xpdhcp.dll
.text,.rsrc,.reloc,
94 24 50 01 00 00 52 FF 54 24 28 8D 84 24 4C 01
620F0000[00005000]
[ M] 127. e:\qq软件\qq\riched32.dll
Microsoft Corporation
Wrapper Dll for Richedit 1.0
.text,.data,.rsrc,.reloc,
62080000[00068000]
[ M] 128. e:\qq软件\qq\riched20.dll
Microsoft Corporation
Rich Text Edit Control, v3.1
.text,.data,.rsrc,.reloc,
55 8B EC 81 EC 0C 02 00 00 83 7D 0C 00 A1 08 C3
612D0000[00038000]
[ M] 129. e:\qq软件\qq\qqapi.dll
ModuleSample DLL
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
62230000[00007000]
[ M] 130. e:\qq软件\qq\timproxy.dll
tencent
TIMProxy
.text,.orpc,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
60870000[00088000]
[ M] 131. e:\qq软件\qq\loginctrl.dll
LoginCtrl DLL
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
01860000[00044000]
[ M] 132. e:\qq软件\qq\npkcntc.dll
INCA Internet Co., Ltd.
nProtect KeyCrypt Driver Support Dll
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
00F30000[0000E000]
[ M] 133. e:\qq软件\qq\npkpdb.dll
INCA Internet Co., Ltd.
nProtect KeyCrypt Program Database DLL
.text,.NUMEGAB,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
02140000[00464000]
[ M] 134. e:\qq软件\qq\qqres.dll
tencent
QQRes
.rsrc,.reloc,
61790000[0008A000]
[ M] 135. e:\qq软件\qq\qqmainframe.dll
.text,.rdata,.data,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
02BB0000[00118000]
[ M] 136. e:\qq软件\qq\cqqapplication.dll
.text,.rdata,.data,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
60BA0000[0005D000]
[ M] 137. e:\qq软件\qq\newskin.dll
NewSkin Module
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
03670000[000C4000]
[ M] 138. e:\qq软件\qq\hostingmgr.dll
HostingMgr DLL
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
600F0000[00022000]
[ M] 139. e:\qq软件\qq\cameradll.dll
CameraDll DLL
.text,.rdata,.data,.MYSHARE,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
609D0000[0002F000]
[ M] 140. e:\qq软件\qq\mailsummary.dll
MailSummary DLL
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
61760000[00015000]
[ M] 141. e:\qq软件\qq\qqknowledgesearch.dll
QQKnowledgeSearch DLL
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
03AB0000[001DB000]
[ M] 142. e:\qq软件\qq\qqallinone.dll
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
60640000[00034000]
[ M] 143. e:\qq软件\qq\grouplive.dll
.text,.rdata,.data,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
62110000[0002A000]
[ M] 144. e:\qq软件\qq\sccore.dll
TENCENT
SCCore.dll
.text,.rdata,.data,.shareds,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
60350000[001A3000]
[ M] 145. e:\qq软件\qq\gdiplus.dll
Microsoft Corporation
Microsoft GDI+
.text,.data,Shared,.rsrc,.reloc,
8B FF 55 8B EC 53 8B 5D 08 56 8B 75 0C 85 F6 57
61F50000[0001E000]
[ M] 146. e:\qq软件\qq\qqspace.dll
QQSpace DLL
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
62290000[00071000]
[ M] 147. e:\qq软件\qq\vbscript.dll
Microsoft Corporation
Microsoft (r) VBScript
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
61650000[0006B000]
[ M] 148. e:\qq软件\qq\qqgroupmng.dll
QQGroupMng DLL
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
61F70000[0003D000]
[ M] 149. e:\qq软件\qq\qqsysmsgmng.dll
.text,.rdata,.data,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
62260000[00017000]
[ M] 150. e:\qq软件\qq\userdefinedhead.dll
醋酷的悲哀 - 2007-7-11 10:10:00
UserDefinedHead DLL
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
61960000[000CE000]
[ M] 151. e:\qq软件\qq\qqplugin.dll
.text,.rdata,.data,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
60900000[000A6000]
[ M] 152. e:\qq软件\qq\longconnection.dll
tencent
LongConnection
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
615B0000[0000C000]
[ M] 153. e:\qq软件\qq\qqconfigplugin.dll
QQConfigPlugin DLL
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
61820000[0006C000]
[ M] 154. e:\qq软件\qq\qqmmsender.dll
.text,.rdata,.data,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
615C0000[00032000]
[ M] 155. e:\qq软件\qq\qqcustomface.dll
.text,.rdata,.data,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
60310000[0003E000]
[ M] 156. e:\qq软件\qq\flashavatardll.dll
FlashAvatarDll DLL
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
30000000[002EE000]
[ M] 90. c:\windows\system32\macromed\flash\flash9b.ocx
Adobe Systems, Inc.
Adobe Flash Player 9.0 r28
.text,.rdata,.data,.rsrc,.reloc,
6A 0C 68 C8 B9 1C 30 E8 67 EB FF FF 33 C0 40 89
72C80000[00008000]
[ M] 88. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
8B 44 24 08 83 E8 00 74 30 48 75 3A 56 8B 74 24
61310000[00032000]
[ M] 157. e:\qq软件\qq\qqavatar.dll
.text,.rdata,.data,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
62060000[00016000]
[ M] 158. e:\qq软件\qq\qringmng.dll
.text,.rdata,.data,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
054A0000[0028B000]
[ M] 159. e:\qq软件\qq\qqaddr.dll
深圳市腾讯计算机系统有限公司
腾讯通讯录
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
61920000[00029000]
[ M] 160. e:\qq软件\qq\qqpet.dll
QQPet DLL
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
60D00000[00028000]
[ M] 161. e:\qq软件\qq\phoneapi.dll
PhoneAPI DLL
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
602C0000[0000D000]
[ M] 162. e:\qq软件\qq\dialerallinone.dll
tencent
DialerAllInOne
.text,.rdata,.data,Shared,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
600D0000[0001F000]
[ M] 163. e:\qq软件\qq\bqqapplication.dll
.text,.rdata,.data,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
60750000[0001A000]
[ M] 164. e:\qq软件\qq\imageole.dll
TODO: <Company name>
TODO: <File description>
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
60120000[0004F000]
[ M] 165. e:\qq软件\qq\commercesmng.dll
CommercesMng DLL
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
60C80000[0000F000]
[ M] 166. e:\qq软件\qq\personaldesktop.dll
深圳市腾讯计算机系统公司QQ工作小组
QQ个人桌面
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
61EA0000[0002D000]
[ M] 167. e:\qq软件\qq\qqscenemng.dll
.text,.rdata,.data,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
092D0000[00079000]
[AM] 68. c:\windows\system32\audiodev.dll
Microsoft Corporation
便携媒体设备命令行解释器扩展
.text,.data,.rsrc,.reloc,
8B FF 55 8B EC 53 8B 5D 08 56 8B 75 0C 85 F6 57
60610000[00024000]
[ M] 168. e:\qq软件\qq\groupconnection.dll
Tencent
GroupConnection DLL
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
01560000[0002A000]
[ M] 169. e:\qq软件\qq\qqphonehelper.dll
腾讯科技(深圳)有限公司
QQPhoneHelper
UPX0,UPX1,.rsrc,
80 7C 24 08 01 0F 85 86 01 00 00 60 BE 00 90 01
61610000[0002A000]
[ M] 170. e:\qq软件\qq\qqfiletransfer.dll
Tencent
QQFileTransfer DLL
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
62000000[0005B000]
[ M] 171. e:\qq软件\qq\qqzip.dll
tencent
QQZip
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
01520000[0001B000]
[ M] 84. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
6A 0C 68 00 CD B0 01 E8 BD 02 00 00 33 C0 40 89
+ 00000c54(3156) TIMPlatform.exe
00400000[00013000]
[ M] 172. e:\qq软件\qq\timplatform.exe
tencent
TIMPlatform
.text,.rdata,.data,.rsrc,
55 8B EC 6A FF 68 70 B2 40 00 68 88 6D 40 00 64
10000000[00012000]
[ M] 85. c:\windows\system32\xpdhcp.dll
.text,.rsrc,.reloc,
94 24 50 01 00 00 52 FF 54 24 28 8D 84 24 4C 01
62230000[00007000]
[ M] 130. e:\qq软件\qq\timproxy.dll
tencent
TIMProxy
.text,.orpc,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
+ 00000d90(3472) Rsaupd.exe
00400000[0001E000]
[ M] 173. c:\program files\rising\antispyware\update\rsaupd.exe
Beijing Rising Technology Co., Ltd.
Rising AntiSpyware Update
.text,.rdata,.data,.rsrc,
55 8B EC 6A FF 68 98 60 41 00 68 00 22 41 00 64
10000000[00012000]
[ M] 85. c:\windows\system32\xpdhcp.dll
.text,.rsrc,.reloc,
94 24 50 01 00 00 52 FF 54 24 28 8D 84 24 4C 01
00F30000[000A3000]
[ M] 174. c:\program files\rising\antispyware\temp\rasgui.dll
Beijing Rising Technology Co., Ltd.
RasGUI
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
01820000[0001B000]
[ M] 84. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
6A 0C 68 00 CD B0 01 E8 BD 02 00 00 33 C0 40 89
+ 00000dc8(3528) Ras.exe
00400000[0013E000]
[ M] 175. c:\program files\rising\antispyware\ras.exe
Beijing Rising Technology Co., Ltd.
Rising AntiSpyware
.text,.rdata,.data,.rsrc,
55 8B EC 6A FF 68 B8 3A 4C 00 68 F0 B8 4A 00 64
10000000[00012000]
[ M] 85. c:\windows\system32\xpdhcp.dll
.text,.rsrc,.reloc,
94 24 50 01 00 00 52 FF 54 24 28 8D 84 24 4C 01
013A0000[000A3000]
[ M] 176. c:\program files\rising\antispyware\rasgui.dll
Beijing Rising Technology Co., Ltd.
RasGUI
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
01A80000[00011000]
[AM] 76. c:\windows\system32\shlhook.dll
Beijing Rising Technology Co., Ltd.
shlhook Module
.text,.rdata,.data,.rsrc,.reloc,
55 8B EC 53 8B 5D 08 56 8B 75 0C 57 8B 7D 10 85
01B00000[0001B000]
[ M] 84. c:\program files\rising\antispyware\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
6A 0C 68 00 CD B0 01 E8 BD 02 00 00 33 C0 40 89
+ 00000e14(3604) rundll32.exe
10000000[00012000]
[ M] 85. c:\windows\system32\xpdhcp.dll
.text,.rsrc,.reloc,
94 24 50 01 00 00 52 FF 54 24 28 8D 84 24 4C 01
00EA0000[00115000]
[ M] 177. c:\windows\system32\751.dll
Player 动态链接库
.text,.rdata,.data,.rsrc,.reloc,
6A 0C 68 D8 94 09 10 E8 EA 21 00 00 33 C0 40 89
醋酷的悲哀 - 2007-7-11 10:10:00
大哥发完了 咋那么多捏
1
© 2000 - 2026 Rising Corp. Ltd.