瑞星卡卡安全论坛
wopti - 2007-8-27 14:31:00
瑞星卡卡电脑诊断日志 v1.30 (2007-8-27 14:10:15) 北京瑞星科技股份有限公司
注释: [A]表示该文件存在自启动关联;
[M]表示该文件在内存中;
+ 注册表自运行项目
+ 系统服务
+ HKLM\System\CurrentControlSet\Services
ose
[A ] 1. c:\program files\common files\microsoft shared\source engine\ose.exe
Microsoft Corporation
Office Source Engine
.text,.data,.rsrc,
RfwProxySrv
[AM] 2. d:\ss\rising\rfw\rfwproxy.exe
Beijing Rising Technology Co., Ltd.
Rising Personal Proxy Service
.text,.rdata,.data,.rsrc,
RfwService
[AM] 3. d:\ss\rising\rfw\rfwsrv.exe
Beijing Rising Technology Co., Ltd.
Rising Personal FireWall Service
.text,.rdata,.data,.rsrc,
RsCCenter
[AM] 4. d:\ss\rising\rav\ccenter.exe
Beijing Rising Technology Co., Ltd.
CCenter
.text,.rdata,.data,.rsrc,
RsRavMon
[AM] 5. d:\ss\rising\rav\ravmond.exe
Beijing Rising Technology Co., Ltd.
RavMond
.text,.rdata,.data,.rsrc,
WMPNetworkSvc
[A ] 6. c:\program files\windows media player\wmpnetwk.exe
Microsoft Corporation
Windows Media Player 网络共享服务
.text,.data,.rsrc,.reloc,
WudfSvc
[A ] 7. c:\windows\system32\wudfsvc.dll
Microsoft Corporation
Windows Driver Foundation - User-mode Driver Framework Service
.text,.data,.rsrc,.reloc,
+ 内核驱动
+ HKLM\System\CurrentControlSet\Services
ajed5
[A ] 8. c:\windows\system32\drivers\ajed5.sys
.text,.data,INIT,.reloc,
ajfs68d
[A ] 9. c:\windows\system32\drivers\ajfs68d.sys
.text,.data,INIT,.reloc,
ALCXWDM
[A ] 10. c:\windows\system32\drivers\alcxwdm.sys
Realtek Semiconductor Corp.
Realtek AC'97 Audio Driver (WDM)
.text,CODE,.rdata,.data,.data1,PAGE,INIT,.rsrc,.reloc,
AmdK8
[A ] 11. c:\windows\system32\drivers\amdk8.sys
Advanced Micro Devices
AMD Processor Driver
.text,.rdata,.data,PAGE,PAGELK,INIT,.rsrc,.reloc,
BaseTDI
[A ] 12. c:\windows\system32\drivers\basetdi.sys
Beijing Rising Technology Co., Ltd.
basetdi
.text,.rdata,.data,INIT,.rsrc,.reloc,
Cdsys
[A ] 13. c:\windows\system32\cdcd.sys
EagleNT
[A ] 14. c:\windows\system32\drivers\eaglent.sys
ExpScaner
[A ] 15. d:\ss\rising\rav\expscan.sys
ExpScan.sys
.text,.rdata,.data,INIT,.rsrc,.reloc,
HookCont
[A ] 16. d:\ss\rising\rav\hookcont.sys
Rising
HookCont
.text,.rdata,.data,INIT,.rsrc,.reloc,
HookReg
[A ] 17. d:\ss\rising\rav\hookreg.sys
.text,.rdata,.data,INIT,.rsrc,.reloc,
HookSys
[A ] 18. d:\ss\rising\rav\hooksys.sys
Rising
Hooksys
.text,.rdata,.data,INIT,.rsrc,.reloc,
[用户系统信息]Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)附件:
9308772007827142119.bmp
wopti - 2007-8-27 14:35:00
HookUrl
[A ] 19. d:\ss\rising\rfw\hookurl.sys
Beijing Rising Technology Co., Ltd.
URL Filter Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
ialm
[A ] 20. c:\windows\system32\drivers\ialmnt5.sys
Intel Corporation
Intel Graphics Miniport Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
MEMSCAN
[A ] 21. d:\ss\rising\rav\memscan.sys
Beijing Rising Technology Co., Ltd.
MemScan Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
npkcrypt
[A ] 22. c:\windows\system32\npkcrypt.sys
npkycryp
[A ] 23. c:\windows\system32\npkycryp.sys
oreans32
[A ] 24. c:\windows\system32\drivers\oreans32.sys
.text,.rdata,.data,INIT,.reloc,
RfwBase
[A ] 25. c:\windows\system32\drivers\rfwbase.sys
Beijing Rising Technology Co., Ltd.
net base driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
RsAntiSpyware
[A ] 26. c:\windows\system32\drivers\rsboot.sys
Beijing Rising Technology Co., Ltd.
Anti-RootKit Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
RsFwDrv
[A ] 27. d:\ss\rising\rfw\rsfwdrv.sys
Beijing Rising Technology Co., Ltd.
Rules Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
RsNTGDI
[A ] 28. c:\windows\system32\drivers\rsntgdi.sys
Beijing Rising Technology Co., Ltd.
RsNTGDI
.text,.rdata,INIT,.rsrc,.reloc,
RSPPSYS
[A ] 29. d:\ss\rising\rav\rsppsys.sys
Rising
RSPPSYS.SYS
.text,.rdata,.data,INIT,.rsrc,.reloc,
RTL8023xp
[A ] 30. c:\windows\system32\drivers\rtnicxp.sys
Realtek Semiconductor Corporation
Realtek 10/100/1000 NDIS 5.1 Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
Secdrv
[A ] 31. c:\windows\system32\drivers\secdrv.sys
.text,.data,INIT,.reloc,
WINIO
[A ] 32. d:\按键精灵3.0\按键精灵\hknms.sys
WudfPf
[A ] 33. c:\windows\system32\drivers\wudfpf.sys
Microsoft Corporation
Windows Driver Foundation - User-mode Driver Framework Platform Driver
.text,.rdata,.data,PAGE,.edata,INIT,.rsrc,.reloc,
WudfRd
[A ] 34. c:\windows\system32\drivers\wudfrd.sys
Microsoft Corporation
Windows Driver Foundation - User-mode Driver Framework Reflector
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
ZSMC303
[A ] 35. c:\windows\system32\drivers\usbvm303.sys
VM
Video streaming and Capture Device Driver
.text,.data,.data1,PAGECONS,INIT,.rsrc,.reloc,
+ 系统登陆自运行
+ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
UIHost
[A ] 36. c:\windows\system32\xpstyle_themepackage\logonui.exe
Microsoft Corporation
Windows Logon UI
.text,.data,.rsrc,
+ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
igfxcui
[A ] 37. c:\windows\system32\igfxsrvc.dll
Intel Corporation
igfxsrvc Module
.text,.rdata,.data,.rsrc,.reloc,
+ IE浏览器加载模块
+ HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C}
[A ] 38. c:\windows\system32\kakatool.dll
Beijing Rising Technology Co., Ltd.
Rising AntiSpyware Toolbar
.text,.rdata,.data,MonitorS,.rsrc,.reloc,
+ HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks
{CFBFAE00-17A6-11D0-99CB-00C04FD64497}
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
{01443AEC-0FD1-40fd-9C87-E93D1494C233}
[AM] 40. d:\thunder\comdlls\tdatonce_now.dll
Thunder Networking Technologies,LTD
迅雷浏览器高级特性支持模块
.text,.rdata,.data,.rsrc,.reloc,
{889D2FEB-5411-4565-8998-1DD2C5261283}
[AM] 41. d:\thunder\comdlls\xunleibho_now.dll
Thunder Networking Technologies,LTD
XunLeiBHO
.text,.rdata,.data,.rsrc,.reloc,
wopti - 2007-8-27 14:36:00
+ HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions
Exec
[A ] 42. c:\windows\network diagnostic\xpnetdiag.exe
Microsoft Corporation
Network Diagnostic for Windows XP
.text,.data,.rsrc,
+ 资源管理器加载模块
+ HKLM\SOFTWARE\Classes\PROTOCOLS\Filter
text/xml
[AM] 43. c:\program files\common files\microsoft shared\office11\msoxmlmf.dll
Microsoft Corporation
Microsoft Office XML MIME Filter
.text,.data,.rsrc,.reloc,
+ HKLM\SOFTWARE\Classes\PROTOCOLS\Handler
KuGoo
[A ] 44. c:\windows\system32\kugoo3downxcontrol.ocx
CODE,DATA,BSS,.idata,.edata,.reloc,.rsrc,
KuGoo3
[A ] 44. c:\windows\system32\kugoo3downxcontrol.ocx
CODE,DATA,BSS,.idata,.edata,.reloc,.rsrc,
+ HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}
[A ] 45. c:\windows\system32\ieudinit.exe
Microsoft Corporation
IE Per User Active Setup Uninstall Utility
.text,.data,.rsrc,.reloc,
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
HyperTerminal Icon Ext
[A ] 46. c:\windows\system32\hticons.dll
Hilgraeve, Inc.
HyperTerminal Applet Library
.text,.data,.rsrc,.reloc,
IE Search Band
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
Shell DocObject Viewer
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
InternetShortcut
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
Microsoft Url History Service
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
History
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
Temporary Internet Files
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
Temporary Internet Files
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
Microsoft Url Search Hook
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
The Internet
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
Internet Name Space
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
WinRAR shell extension
[AM] 47. c:\program files\winrar\rarext.dll
.text,.data,.tls,.idata,.edata,.rsrc,.reloc,
Shell Extensions for RealOne Player
[A ] 48. c:\program files\real\realplayer\rpshell.dll
RealNetworks, Inc.
RealPlayer Shell Extensions
.text,.rdata,.data,.rsrc,.reloc,
Microsoft Office HTML Icon Handler
[AM] 49. c:\program files\microsoft office\office11\msohev.dll
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,.reloc,
Web Folders
[A ] 50. c:\program files\common files\microsoft shared\web folders\msonsext.dll
Microsoft Corporation
Microsoft Web Folders
.text,.data,.rsrc,.reloc,
Portable Media Devices
[A ] 51. c:\windows\system32\audiodev.dll
Microsoft Corporation
Portable Media Devices Shell Extension
.text,.data,.rsrc,.reloc,
Portable Devices
[A ] 52. c:\windows\system32\wpdshext.dll
Microsoft Corporation
Portable Devices Shell Extension
.text,.data,.rsrc,.reloc,
Portable Devices Menu
[A ] 52. c:\windows\system32\wpdshext.dll
Microsoft Corporation
Portable Devices Shell Extension
.text,.data,.rsrc,.reloc,
IE Microsoft BrowserBand
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
IE Fade Task
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
IE Menu Desk Bar
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
IE AutoComplete
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
IE Navigation Bar
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
IE Menu Site
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
IE Menu Band
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
IE Microsoft History AutoComplete List
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
IE Tracking Shell Menu
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
IE IShellFolderBand
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
wopti - 2007-8-27 14:37:00
IE BandProxy
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
IE MRU AutoComplete List
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
IE RSS Feeder Folder
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
IE Microsoft Shell Folder AutoComplete List
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
IE Microsoft Multiple AutoComplete List Container
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
Microsoft Browser Architecture
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
IE Shell Rebar BandSite
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
IE Shell Band Site Menu
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
&Links
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
IE Registry Tree Options Utility
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
IE User Assist
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
IE Custom MRU AutoCompleted List
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
RISING
[AM] 53. c:\windows\system32\ravext.dll
Beijing Rising Technology Co., Ltd.
Rising Shell Ext Module
.text,.rdata,.data,.rsrc,.reloc,
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}
[AM] 54. c:\windows\system32\shlhook.dll
Beijing Rising Technology Co., Ltd.
shlhook Module
.text,.rdata,.data,.rsrc,.reloc,
{32CD708B-60A7-4C00-9377-D73EAA495F0F}
[AM] 53. c:\windows\system32\ravext.dll
Beijing Rising Technology Co., Ltd.
Rising Shell Ext Module
.text,.rdata,.data,.rsrc,.reloc,
+ 用户登陆自运行项目
+ HKLM\Software\Microsoft\Windows\CurrentVersion\Run
BigDog303
[AM] 55. c:\windows\vm303_sti.exe
Vimicro
Vimicro
.text,.rdata,.data,.sxdata,.rsrc,
runeip
[AM] 56. d:\360\runiep.exe
Beijing Rising Technology Co., Ltd.
Rising AntiSpyware Monitor
.text,.rdata,.data,.rsrc,
RavTask
[AM] 57. d:\ss\rising\rav\ravtask.exe
Beijing Rising Technology Co., Ltd.
RavTimer
.text,.rdata,.data,.rsrc,
+ 开机执行
+ HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order
BootExecute
[A ] 58. c:\windows\system32\bsmain.exe
Beijing Rising Technology Co., Ltd.
BootScan
.text,.data,.rsrc,.reloc,
+ 映像劫持
+ HKCR\.html
htmlfile\Edit\Command
[A ] 59. c:\program files\microsoft office\office11\msohtmed.exe
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,
htmlfile\Print\Command
[A ] 59. c:\program files\microsoft office\office11\msohtmed.exe
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,
+ HKCR\.htm
htmlfile\Edit\Command
[A ] 59. c:\program files\microsoft office\office11\msohtmed.exe
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,
htmlfile\Print\Command
[A ] 59. c:\program files\microsoft office\office11\msohtmed.exe
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,
+ HKCR\.mp3
Audio.MP3\open\Command
[A ] 60. c:\program files\ttplayer\ttplayer.exe
Alen Soft
千千静听
.text,.rdata,.data,.rsrc,
Audio.MP3\PlayList\Command
[A ] 60. c:\program files\ttplayer\ttplayer.exe
Alen Soft
千千静听
.text,.rdata,.data,.rsrc,
+ 正在运行的进程
+ 0000010c(268) svchost.exe
10000000[00012000]
[ M] 61. d:\ss\rising\rfw\ijt_base.dll
Beijing Rising Technology Co., Ltd.
Inject Base
.text,.rdata,.data,.rsrc,.reloc,
007E0000[0000F000]
[ M] 62. d:\ss\rising\rfw\olemon.dll
Beijing Rising Technology Co., Ltd.
Ole Mon Dll
.text,.rdata,.data,.rsrc,.reloc,
+ 000001c4(452) smss.exe
+ 00000204(516) csrss.exe
10000000[00012000]
[ M] 61. d:\ss\rising\rfw\ijt_base.dll
Beijing Rising Technology Co., Ltd.
Inject Base
.text,.rdata,.data,.rsrc,.reloc,
03560000[0000F000]
[ M] 62. d:\ss\rising\rfw\olemon.dll
Beijing Rising Technology Co., Ltd.
Ole Mon Dll
.text,.rdata,.data,.rsrc,.reloc,
+ 0000021c(540) winlogon.exe
10000000[00012000]
[ M] 61. d:\ss\rising\rfw\ijt_base.dll
Beijing Rising Technology Co., Ltd.
Inject Base
.text,.rdata,.data,.rsrc,.reloc,
01300000[0000F000]
[ M] 62. d:\ss\rising\rfw\olemon.dll
Beijing Rising Technology Co., Ltd.
Ole Mon Dll
.text,.rdata,.data,.rsrc,.reloc,
72C80000[00008000]
[ M] 63. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
+ 00000248(584) services.exe
47260000[0000F000]
[ M] 64. c:\windows\apppatch\acadproc.dll
Microsoft Corporation
Windows Compatibility DLL
.text,.data,.rsrc,.reloc,
wopti - 2007-8-27 14:38:00
10000000[00012000]
[ M] 61. d:\ss\rising\rfw\ijt_base.dll
Beijing Rising Technology Co., Ltd.
Inject Base
.text,.rdata,.data,.rsrc,.reloc,
00C10000[0000F000]
[ M] 62. d:\ss\rising\rfw\olemon.dll
Beijing Rising Technology Co., Ltd.
Ole Mon Dll
.text,.rdata,.data,.rsrc,.reloc,
+ 00000254(596) lsass.exe
10000000[00012000]
[ M] 61. d:\ss\rising\rfw\ijt_base.dll
Beijing Rising Technology Co., Ltd.
Inject Base
.text,.rdata,.data,.rsrc,.reloc,
00CC0000[0000F000]
[ M] 62. d:\ss\rising\rfw\olemon.dll
Beijing Rising Technology Co., Ltd.
Ole Mon Dll
.text,.rdata,.data,.rsrc,.reloc,
+ 000002e8(744) svchost.exe
10000000[00012000]
[ M] 61. d:\ss\rising\rfw\ijt_base.dll
Beijing Rising Technology Co., Ltd.
Inject Base
.text,.rdata,.data,.rsrc,.reloc,
008E0000[0000F000]
[ M] 62. d:\ss\rising\rfw\olemon.dll
Beijing Rising Technology Co., Ltd.
Ole Mon Dll
.text,.rdata,.data,.rsrc,.reloc,
+ 00000314(788) svchost.exe
10000000[00012000]
[ M] 61. d:\ss\rising\rfw\ijt_base.dll
Beijing Rising Technology Co., Ltd.
Inject Base
.text,.rdata,.data,.rsrc,.reloc,
00970000[0000F000]
[ M] 62. d:\ss\rising\rfw\olemon.dll
Beijing Rising Technology Co., Ltd.
Ole Mon Dll
.text,.rdata,.data,.rsrc,.reloc,
+ 00000354(852) CCenter.exe
00400000[0001E000]
[AM] 4. d:\ss\rising\rav\ccenter.exe
Beijing Rising Technology Co., Ltd.
CCenter
.text,.rdata,.data,.rsrc,
10000000[00012000]
[ M] 61. d:\ss\rising\rfw\ijt_base.dll
Beijing Rising Technology Co., Ltd.
Inject Base
.text,.rdata,.data,.rsrc,.reloc,
00970000[0000F000]
[ M] 62. d:\ss\rising\rfw\olemon.dll
Beijing Rising Technology Co., Ltd.
Ole Mon Dll
.text,.rdata,.data,.rsrc,.reloc,
+ 00000378(888) svchost.exe
10000000[00012000]
[ M] 61. d:\ss\rising\rfw\ijt_base.dll
Beijing Rising Technology Co., Ltd.
Inject Base
.text,.rdata,.data,.rsrc,.reloc,
009B0000[00009000]
[ M] 65. c:\windows\system32\normaliz.dll
Microsoft Corporation
Unicode Normalization DLL
.text,.data,.rsrc,.reloc,
5DCA0000[00045000]
[ M] 66. c:\windows\system32\iertutil.dll
Microsoft Corporation
Run time utility for Internet Explorer
.text,.data,.rsrc,.reloc,
00FE0000[0000F000]
[ M] 62. d:\ss\rising\rfw\olemon.dll
Beijing Rising Technology Co., Ltd.
Ole Mon Dll
.text,.rdata,.data,.rsrc,.reloc,
50E60000[0000C000]
[ M] 67. c:\windows\system32\wups2.dll
Microsoft Corporation
Windows Update client proxy stub 2
.text,.orpc,.data,.rsrc,.reloc,
+ 000003a4(932) svchost.exe
10000000[00012000]
[ M] 61. d:\ss\rising\rfw\ijt_base.dll
Beijing Rising Technology Co., Ltd.
Inject Base
.text,.rdata,.data,.rsrc,.reloc,
007A0000[0000F000]
[ M] 62. d:\ss\rising\rfw\olemon.dll
Beijing Rising Technology Co., Ltd.
Ole Mon Dll
.text,.rdata,.data,.rsrc,.reloc,
+ 000003c4(964) VM303_STI.EXE
00400000[00010000]
[AM] 55. c:\windows\vm303_sti.exe
Vimicro
Vimicro
.text,.rdata,.data,.sxdata,.rsrc,
10000000[00012000]
[ M] 61. d:\ss\rising\rfw\ijt_base.dll
Beijing Rising Technology Co., Ltd.
Inject Base
.text,.rdata,.data,.rsrc,.reloc,
003F0000[0000F000]
[ M] 62. d:\ss\rising\rfw\olemon.dll
Beijing Rising Technology Co., Ltd.
Ole Mon Dll
.text,.rdata,.data,.rsrc,.reloc,
00D30000[0003A000]
[ M] 68. c:\windows\system32\vm303prp.ax
Vimicro
DirectShow Extension Page
.text,.rdata,.data,.idata,.CRT,.rsrc,.reloc,
00D80000[0001B000]
[ M] 69. d:\360\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 000003dc(988) runiep.exe
00400000[00013000]
[AM] 56. d:\360\runiep.exe
Beijing Rising Technology Co., Ltd.
Rising AntiSpyware Monitor
.text,.rdata,.data,.rsrc,
10000000[00012000]
[ M] 61. d:\ss\rising\rfw\ijt_base.dll
Beijing Rising Technology Co., Ltd.
Inject Base
.text,.rdata,.data,.rsrc,.reloc,
009A0000[0000F000]
[ M] 62. d:\ss\rising\rfw\olemon.dll
Beijing Rising Technology Co., Ltd.
Ole Mon Dll
.text,.rdata,.data,.rsrc,.reloc,
00D60000[0001B000]
[ M] 69. d:\360\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 00000420(1056) svchost.exe
10000000[00012000]
[ M] 61. d:\ss\rising\rfw\ijt_base.dll
Beijing Rising Technology Co., Ltd.
Inject Base
.text,.rdata,.data,.rsrc,.reloc,
00820000[0000F000]
[ M] 62. d:\ss\rising\rfw\olemon.dll
Beijing Rising Technology Co., Ltd.
Ole Mon Dll
.text,.rdata,.data,.rsrc,.reloc,
00880000[00009000]
[ M] 65. c:\windows\system32\normaliz.dll
Microsoft Corporation
Unicode Normalization DLL
.text,.data,.rsrc,.reloc,
5DCA0000[00045000]
[ M] 66. c:\windows\system32\iertutil.dll
Microsoft Corporation
Run time utility for Internet Explorer
.text,.data,.rsrc,.reloc,
+ 00000434(1076) RavTask.exe
00400000[0001F000]
[AM] 57. d:\ss\rising\rav\ravtask.exe
Beijing Rising Technology Co., Ltd.
RavTimer
.text,.rdata,.data,.rsrc,
10000000[00012000]
[ M] 61. d:\ss\rising\rfw\ijt_base.dll
Beijing Rising Technology Co., Ltd.
Inject Base
.text,.rdata,.data,.rsrc,.reloc,
00A10000[0000F000]
[ M] 62. d:\ss\rising\rfw\olemon.dll
Beijing Rising Technology Co., Ltd.
Ole Mon Dll
.text,.rdata,.data,.rsrc,.reloc,
23700000[0001A000]
[ M] 70. d:\ss\rising\rav\rscommon.dll
Beijing Rising Technology Co., Ltd.
Rising Common Function Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
00B50000[0000E000]
[ M] 71. d:\ss\rising\rav\rsappmgr.dll
Beijing Rising Technology Co., Ltd.
Rising Application Manager
.text,.rdata,.data,.rsrc,.reloc,
08B70000[0002F000]
[ M] 72. d:\ss\rising\rav\cfgdll.dll
Beijing Rising Technology Co., Ltd.
CfgDll
.text,.rdata,.data,.rsrc,.reloc,
08E00000[0001B000]
[ M] 73. d:\ss\rising\rav\rscommx.dll
rising
RsCommX
.text,.rdata,.data,.rsrc,.reloc,
09000000[0001B000]
[ M] 69. d:\360\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 0000044c(1100) rfwsrv.exe
00400000[00032000]
[AM] 3. d:\ss\rising\rfw\rfwsrv.exe
Beijing Rising Technology Co., Ltd.
Rising Personal FireWall Service
.text,.rdata,.data,.rsrc,
7C140000[00103000]
[ M] 74. c:\windows\system32\mfc71.dll
Microsoft Corporation
MFCDLL Shared Library - Retail Version
.text,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 75. c:\windows\system32\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
7C3A0000[0007B000]
[ M] 76. c:\windows\system32\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
wopti - 2007-8-27 14:38:00
10000000[0000E000]
[ M] 77. d:\ss\rising\rfw\rsappmgr.dll
Beijing Rising Technology Co., Ltd.
Rising Application Manager
.text,.rdata,.data,.rsrc,.reloc,
00870000[0002F000]
[ M] 78. d:\ss\rising\rfw\cfgdll.dll
Beijing Rising Technology Co., Ltd.
CfgDll
.text,.rdata,.data,.rsrc,.reloc,
00980000[0000F000]
[ M] 79. d:\ss\rising\rfw\rfwrule.dll
Beijing Rising Technology Co., Ltd.
rule DLL
.text,.rdata,.data,.rsrc,.reloc,
00990000[0000C000]
[ M] 80. d:\ss\rising\rfw\rfwlog.dll
Beijing Rising Technology Co., Ltd.
Rising Personal FireWall Logfile DLL
.text,.rdata,.data,.rsrc,.reloc,
009A0000[00017000]
[ M] 81. d:\ss\rising\rfw\rfwdrv.dll
Beijing Rising Technology Co., Ltd.
Rising Personal FireWall Driver DLL
.text,.rdata,.data,.rsrc,.reloc,
731B0000[0000A000]
[ M] 82. d:\ss\rising\rfw\psapi.dll
Microsoft Corporation
Process Status Helper
.text,.rdata,.data,.rsrc,.reloc,
00AC0000[0000E000]
[ M] 83. d:\ss\rising\rfw\ijt_ctrl.dll
Beijing Rising Technology Co., Ltd.
Injector Controller
.text,.rdata,.data,.rsrc,.reloc,
00D00000[00012000]
[ M] 61. d:\ss\rising\rfw\ijt_base.dll
Beijing Rising Technology Co., Ltd.
Inject Base
.text,.rdata,.data,.rsrc,.reloc,
00C00000[00016000]
[ M] 84. d:\ss\rising\rfw\unvdet.dll
Beijing Rising Technology Co., Ltd.
ScanUnv
.text,.rdata,.data,.rsrc,.reloc,
00C30000[0000F000]
[ M] 62. d:\ss\rising\rfw\olemon.dll
Beijing Rising Technology Co., Ltd.
Ole Mon Dll
.text,.rdata,.data,.rsrc,.reloc,
00C60000[00013000]
[ M] 85. d:\ss\rising\rfw\mports.dll
Beijing Rising Technology Co., Ltd.
get ports list
.text,.rdata,.data,.rsrc,.reloc,
+ 00000474(1140) ctfmon.exe
10000000[00012000]
[ M] 61. d:\ss\rising\rfw\ijt_base.dll
Beijing Rising Technology Co., Ltd.
Inject Base
.text,.rdata,.data,.rsrc,.reloc,
00980000[0000F000]
[ M] 62. d:\ss\rising\rfw\olemon.dll
Beijing Rising Technology Co., Ltd.
Ole Mon Dll
.text,.rdata,.data,.rsrc,.reloc,
00AE0000[0001B000]
[ M] 69. d:\360\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 0000049c(1180) Ravmond.exe
00400000[0004E000]
[AM] 5. d:\ss\rising\rav\ravmond.exe
Beijing Rising Technology Co., Ltd.
RavMond
.text,.rdata,.data,.rsrc,
10000000[0002E000]
[ M] 86. d:\ss\rising\rav\bwlist.dll
Beijing Rising Technology Co., Ltd.
BWList DLL
.text,.rdata,.data,.rsrc,.reloc,
00740000[0001B000]
[ M] 73. d:\ss\rising\rav\rscommx.dll
rising
RsCommX
.text,.rdata,.data,.rsrc,.reloc,
00980000[00012000]
[ M] 61. d:\ss\rising\rfw\ijt_base.dll
Beijing Rising Technology Co., Ltd.
Inject Base
.text,.rdata,.data,.rsrc,.reloc,
00BC0000[0000F000]
[ M] 87. d:\ss\rising\rav\rfwctrl.dll
Beijing Rising Technology Co., Ltd.
RfwCtrl DLL
.text,.rdata,.data,.rsrc,.reloc,
00DF0000[0000F000]
[ M] 62. d:\ss\rising\rfw\olemon.dll
Beijing Rising Technology Co., Ltd.
Ole Mon Dll
.text,.rdata,.data,.rsrc,.reloc,
00CD0000[0000E000]
[ M] 71. d:\ss\rising\rav\rsappmgr.dll
Beijing Rising Technology Co., Ltd.
Rising Application Manager
.text,.rdata,.data,.rsrc,.reloc,
08E10000[0002F000]
[ M] 72. d:\ss\rising\rav\cfgdll.dll
Beijing Rising Technology Co., Ltd.
CfgDll
.text,.rdata,.data,.rsrc,.reloc,
23700000[0001A000]
[ M] 70. d:\ss\rising\rav\rscommon.dll
Beijing Rising Technology Co., Ltd.
Rising Common Function Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
090B0000[0000B000]
[ M] 88. d:\ss\rising\rav\rslog.dll
Beijing Rising Technology Co., Ltd.
RsLog DLL
.text,.rdata,.data,.rsrc,.reloc,
090C0000[0000D000]
[ M] 89. d:\ss\rising\rav\hooksys.dll
Beijing Rising Technology Co., Ltd.
HOOKSYS Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
091F0000[00029000]
[ M] 90. d:\ss\rising\rav\scanner.dll
Beijing Rising Technology Co., Ltd.
RsScanner
.text,.rdata,.data,.rsrc,.reloc,
13100000[0002E000]
[ M] 91. d:\ss\rising\rav\libload.dll
Beijing Rising Technology Co., Ltd.
LibLoad
.text,.rdata,.data,.rsrc,.reloc,
09350000[0002C000]
[ M] 92. d:\ss\rising\rav\viruslib.dll
Beijing Rising Technology Co., Ltd.
VirusLib
.text,.rdata,.data,.rsrc,.reloc,
09490000[00010000]
[ M] 93. d:\ss\rising\rav\regmon.dll
Beijing Rising Technology Co., Ltd.
regmon
.text,.rdata,.data,.rsrc,.reloc,
731B0000[0000A000]
[ M] 94. d:\ss\rising\rav\psapi.dll
Microsoft Corporation
Process Status Helper
.text,.rdata,.data,.rsrc,.reloc,
096E0000[0000D000]
[ M] 95. d:\ss\rising\rav\hookweb.dll
Beijing Rising Technology Co., Ltd.
HookWeb
.text,.rdata,.data,.rsrc,.reloc,
09800000[00014000]
[ M] 96. d:\ss\rising\rav\memmon.dll
Beijing Rising Technology Co., Ltd.
MemMon
.text,.rdata,.data,.rsrc,.reloc,
09830000[0000E000]
[ M] 97. d:\ss\rising\rav\expscan.dll
Beijing Rising Technology Co., Ltd.
ExpScan.dll
.text,.rdata,.data,.rsrc,.reloc,
09850000[00012000]
[ M] 98. d:\ss\rising\rav\mports.dll
Beijing Rising Technology Co., Ltd.
mPorts.dll
.text,.rdata,.data,.rsrc,.reloc,
09A60000[0000D000]
[ M] 99. d:\ss\rising\rav\hookcont.dll
Rising
HookCont Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
09A80000[00085000]
[ M] 100. d:\ss\rising\rav\spameng.dll
SpamEng Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
09C20000[0003C000]
[ M] 101. d:\ss\rising\rav\engine.dll
Beijing Rising Technology Co., Ltd.
engine
.text,.rdata,.data,.rsrc,.reloc,
0A6C0000[0002B000]
[ M] 102. d:\ss\rising\rav\posttrt.dll
Beijing Rising Technology Co., Ltd.
PostTrt
.text,.rdata,.data,.rsrc,.reloc,
0A700000[002DC000]
[ M] 103. d:\ss\rising\rav\unexe.dll
Beijing Rising Technology Co., Ltd.
UnExe
.text,.rdata,.data,.rsrc,.reloc,
wopti - 2007-8-27 14:39:00
3AB0000[00038000]
[ M] 104. d:\ss\rising\rav\scanexec.dll
Beijing Rising Technology Co., Ltd.
ScanExec
.text,.rdata,.data,.rsrc,.reloc,
0AF90000[0003C000]
[ M] 105. d:\ss\rising\rav\scanex.dll
Beijing Rising Technology Co., Ltd.
ScanEX
.text,.rdata,.data,.rsrc,.reloc,
0AD20000[000D6000]
[ M] 106. d:\ss\rising\rav\extfile.dll
Beijing Rising Technology Co., Ltd.
extFile Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
0AB10000[0001C000]
[ M] 107. d:\ss\rising\rav\nvfile.dll
Beijing Rising Technology Co., Ltd.
NVFile
.text,.rdata,.data,.rsrc,.reloc,
13AF0000[00020000]
[ M] 108. d:\ss\rising\rav\scanmac.dll
Beijing Rising Technology Co., Ltd.
ScanMac
.text,.rdata,.data,.rsrc,.reloc,
0AE00000[00029000]
[ M] 109. d:\ss\rising\rav\scansct.dll
Beijing Rising Technology Co., Ltd.
ScanSct
.text,.rdata,.data,.rsrc,.reloc,
0BB90000[0003A000]
[ M] 110. d:\ss\rising\rav\scanpack.dll
Beijing Rising Technology Co., Ltd.
Unpack Engine
.text,.rdata,.data,.rsrc,.reloc,
0BBD0000[000B5000]
[ M] 111. d:\ss\rising\rav\rsvm.dll
RSVM Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
0A110000[0001A000]
[ M] 112. d:\ss\rising\rav\scanelf.dll
Beijing Rising Technology Co., Ltd.
ScanElf
.text,.rdata,.data,.rsrc,.reloc,
0C6B0000[0003B000]
[ M] 113. d:\ss\rising\rav\extole.dll
Beijing Rising Technology Co., Ltd.
ExtOLE
.text,.rdata,.data,.rsrc,.reloc,
0CF60000[000F4000]
[ M] 114. d:\ss\rising\rav\uroutine.dll
Beijing Rising Technology Co., Ltd.
Unpack Routine
.text,.rdata,.data,.rsrc,.reloc,
0B570000[00063000]
[ M] 115. d:\ss\rising\rav\uscript.dll
Beijing Rising Technology Co., Ltd.
Unpack Script
.text,.rdata,.data,.rsrc,.reloc,
+ 000004d4(1236) Explorer.EXE
00400000[00009000]
[ M] 65. c:\windows\system32\normaliz.dll
Microsoft Corporation
Unicode Normalization DLL
.text,.data,.rsrc,.reloc,
5DCA0000[00045000]
[ M] 66. c:\windows\system32\iertutil.dll
Microsoft Corporation
Run time utility for Internet Explorer
.text,.data,.rsrc,.reloc,
10000000[00012000]
[ M] 61. d:\ss\rising\rfw\ijt_base.dll
Beijing Rising Technology Co., Ltd.
Inject Base
.text,.rdata,.data,.rsrc,.reloc,
00FE0000[0000F000]
[ M] 62. d:\ss\rising\rfw\olemon.dll
Beijing Rising Technology Co., Ltd.
Ole Mon Dll
.text,.rdata,.data,.rsrc,.reloc,
01460000[00011000]
[AM] 54. c:\windows\system32\shlhook.dll
Beijing Rising Technology Co., Ltd.
shlhook Module
.text,.rdata,.data,.rsrc,.reloc,
014B0000[0001B000]
[AM] 53. c:\windows\system32\ravext.dll
Beijing Rising Technology Co., Ltd.
Rising Shell Ext Module
.text,.rdata,.data,.rsrc,.reloc,
01520000[005C9000]
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
01B60000[00015000]
[ M] 116. c:\windows\system32\umkjbfmnr.dll
.text,.rdata,.data,.reloc,
72C80000[00008000]
[ M] 63. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
021B0000[0001B000]
[ M] 69. d:\360\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
23700000[0001A000]
[ M] 70. d:\ss\rising\rav\rscommon.dll
Beijing Rising Technology Co., Ltd.
Rising Common Function Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
02570000[0002B000]
[AM] 47. c:\program files\winrar\rarext.dll
.text,.data,.tls,.idata,.edata,.rsrc,.reloc,
10930000[00049000]
[ M] 117. c:\windows\system32\portabledeviceapi.dll
Microsoft Corporation
Windows Portable Device API Components
.text,.orpc,.data,.rsrc,.reloc,
+ 00000500(1280) rfwproxy.exe
00400000[0023B000]
[AM] 2. d:\ss\rising\rfw\rfwproxy.exe
Beijing Rising Technology Co., Ltd.
Rising Personal Proxy Service
.text,.rdata,.data,.rsrc,
7C140000[00103000]
[ M] 74. c:\windows\system32\mfc71.dll
Microsoft Corporation
MFCDLL Shared Library - Retail Version
.text,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 75. c:\windows\system32\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
731B0000[0000A000]
[ M] 82. d:\ss\rising\rfw\psapi.dll
Microsoft Corporation
Process Status Helper
.text,.rdata,.data,.rsrc,.reloc,
00CB0000[00012000]
[ M] 61. d:\ss\rising\rfw\ijt_base.dll
Beijing Rising Technology Co., Ltd.
Inject Base
.text,.rdata,.data,.rsrc,.reloc,
00B90000[0000F000]
[ M] 62. d:\ss\rising\rfw\olemon.dll
Beijing Rising Technology Co., Ltd.
Ole Mon Dll
.text,.rdata,.data,.rsrc,.reloc,
10000000[0000F000]
[ M] 79. d:\ss\rising\rfw\rfwrule.dll
Beijing Rising Technology Co., Ltd.
rule DLL
.text,.rdata,.data,.rsrc,.reloc,
00B70000[00016000]
[ M] 118. d:\ss\rising\rfw\monmid.dll
Beijing Rising Technology Co., Ltd.
URL filter dll
.text,.rdata,.data,.rsrc,.reloc,
+ 000005f8(1528) rfwstub.exe
00400000[00017000]
[ M] 119. d:\ss\rising\rfw\rfwstub.exe
Beijing Rising Technology Co., Ltd.
Rising Personal FireWall Service Rfwstub
.text,.rdata,.data,.rsrc,
7C3A0000[0007B000]
[ M] 76. c:\windows\system32\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 75. c:\windows\system32\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
23700000[00028000]
[ M] 120. d:\ss\rising\rfw\rscommon.dll
Beijing Rising Technology Co., Ltd.
Rising Common Function Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
+ 000006a4(1700) RfwMain.exe
00400000[00088000]
[ M] 121. d:\ss\rising\rfw\rfwmain.exe
Beijing Rising Technology Co., Ltd.
Rising Personal FireWall Main Program
.text,.rdata,.data,.rsrc,
7C140000[00103000]
[ M] 74. c:\windows\system32\mfc71.dll
Microsoft Corporation
MFCDLL Shared Library - Retail Version
.text,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 75. c:\windows\system32\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
7C3A0000[0007B000]
[ M] 76. c:\windows\system32\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
26600000[000B2000]
[ M] 122. d:\ss\rising\rfw\rsguilib.dll
Beijing Rising Technology Co., Ltd.
Rising GUI Library Loader
.text,.rdata,.data,.rsrc,.reloc,
10000000[0000E000]
[ M] 77. d:\ss\rising\rfw\rsappmgr.dll
Beijing Rising Technology Co., Ltd.
Rising Application Manager
.text,.rdata,.data,.rsrc,.reloc,
00B40000[0002F000]
[ M] 78. d:\ss\rising\rfw\cfgdll.dll
Beijing Rising Technology Co., Ltd.
CfgDll
.text,.rdata,.data,.rsrc,.reloc,
23700000[00028000]
[ M] 120. d:\ss\rising\rfw\rscommon.dll
Beijing Rising Technology Co., Ltd.
Rising Common Function Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
00D80000[00014000]
[ M] 123. d:\ss\rising\rfw\rfwctrl.dll
Beijing Rising Technology Co., Ltd.
RfwCtrl DLL
.text,.rdata,.data,.rsrc,.reloc,
wopti - 2007-8-27 14:39:00
1
23800000[00018000]
[ M] 124. d:\ss\rising\rfw\rsxml.dll
Beijing Rising Technology Co., Ltd.
RsXML
.text,.rdata,.data,.rsrc,.reloc,
23900000[00040000]
[ M] 125. d:\ss\rising\rfw\pngdll.dll
Beijing Rising Technology Co., Ltd.
Rising .Png File Loader Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
01BA0000[0001B000]
[ M] 69. d:\360\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 000006e8(1768) spoolsv.exe
10000000[00012000]
[ M] 61. d:\ss\rising\rfw\ijt_base.dll
Beijing Rising Technology Co., Ltd.
Inject Base
.text,.rdata,.data,.rsrc,.reloc,
00A60000[0000F000]
[ M] 62. d:\ss\rising\rfw\olemon.dll
Beijing Rising Technology Co., Ltd.
Ole Mon Dll
.text,.rdata,.data,.rsrc,.reloc,
+ 000008fc(2300) RavStub.exe
00400000[00018000]
[ M] 126. d:\ss\rising\rav\ravstub.exe
Beijing Rising Technology Co., Ltd.
Rising RavStub
.text,.rdata,.data,.rsrc,
10000000[00012000]
[ M] 61. d:\ss\rising\rfw\ijt_base.dll
Beijing Rising Technology Co., Ltd.
Inject Base
.text,.rdata,.data,.rsrc,.reloc,
00720000[0000F000]
[ M] 62. d:\ss\rising\rfw\olemon.dll
Beijing Rising Technology Co., Ltd.
Ole Mon Dll
.text,.rdata,.data,.rsrc,.reloc,
00750000[0001B000]
[ M] 73. d:\ss\rising\rav\rscommx.dll
rising
RsCommX
.text,.rdata,.data,.rsrc,.reloc,
23700000[0001A000]
[ M] 70. d:\ss\rising\rav\rscommon.dll
Beijing Rising Technology Co., Ltd.
Rising Common Function Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
+ 000009a0(2464) alg.exe
+ 000009b8(2488) conime.exe
10000000[0001B000]
[ M] 69. d:\360\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 00000bf0(3056) iexplore.exe
5DCA0000[00045000]
[ M] 66. c:\windows\system32\iertutil.dll
Microsoft Corporation
Run time utility for Internet Explorer
.text,.data,.rsrc,.reloc,
10000000[00012000]
[ M] 61. d:\ss\rising\rfw\ijt_base.dll
Beijing Rising Technology Co., Ltd.
Inject Base
.text,.rdata,.data,.rsrc,.reloc,
00AD0000[0000F000]
[ M] 62. d:\ss\rising\rfw\olemon.dll
Beijing Rising Technology Co., Ltd.
Ole Mon Dll
.text,.rdata,.data,.rsrc,.reloc,
7E1E0000[005C9000]
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
5DFF0000[0002F000]
[ M] 127. c:\windows\system32\ieui.dll
Microsoft Corporation
Internet Explorer UI Engine
.text,.data,.rsrc,.reloc,
47060000[00021000]
[ M] 128. c:\windows\system32\xmllite.dll
Microsoft Corporation
Microsoft XmlLite Library
.text,.data,.rsrc,.reloc,
325C0000[00012000]
[AM] 49. c:\program files\microsoft office\office11\msohev.dll
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,.reloc,
61930000[0004A000]
[ M] 129. c:\program files\internet explorer\ieproxy.dll
Microsoft Corporation
IE ActiveX Interface Marshaling Library
.text,.orpc,.data,.rsrc,.reloc,
01AF0000[0001B000]
[ M] 69. d:\360\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
01F40000[00009000]
[ M] 65. c:\windows\system32\normaliz.dll
Microsoft Corporation
Unicode Normalization DLL
.text,.data,.rsrc,.reloc,
020D0000[00024000]
[AM] 40. d:\thunder\comdlls\tdatonce_now.dll
Thunder Networking Technologies,LTD
迅雷浏览器高级特性支持模块
.text,.rdata,.data,.rsrc,.reloc,
02100000[00044000]
[AM] 41. d:\thunder\comdlls\xunleibho_now.dll
Thunder Networking Technologies,LTD
XunLeiBHO
.text,.rdata,.data,.rsrc,.reloc,
22A30000[0000A000]
[ M] 130. d:\thunder\components\resworker\dsbho_00.dll
DsBho
.text,.rdata,.data,.rsrc,.reloc,
22A10000[0000D000]
[ M] 131. d:\thunder\components\resworker\dataprocessor_00.dll
Thunder Networking Technologies,LTD
DataProcessor
.text,.rdata,.data,.rsrc,.reloc,
72EA0000[00060000]
[ M] 132. c:\windows\system32\ieapfltr.dll
Microsoft Corporation
Microsoft Phishing Filter
.text,.data,.rsrc,.reloc,
035B0000[00019000]
[ M] 133. d:\ss\rising\rav\ravscrch.dll
Beijing Rising Technology Co., Ltd.
RavScrCh Module
.text,.rdata,.data,.rsrc,.reloc,
30000000[002EE000]
[ M] 134. c:\windows\system32\macromed\flash\flash9b.ocx
Adobe Systems, Inc.
Adobe Flash Player 9.0 r28
.text,.rdata,.data,.rsrc,.reloc,
72C80000[00008000]
[ M] 63. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
05880000[0000B000]
[AM] 43. c:\program files\common files\microsoft shared\office11\msoxmlmf.dll
Microsoft Corporation
Microsoft Office XML MIME Filter
.text,.data,.rsrc,.reloc,
73200000[00031000]
[ M] 135. c:\windows\system32\winwb86.ime
Microsoft Corporation
王码五笔型输入法86版
.text,.rdata,.data,.ShareDa,.sgroup,.rsrc,.reloc,
+ 00000e1c(3612) QQ.exe
00400000[001B6000]
[ M] 136. d:\qq\cmqq2007beta4v19\qq\qq.exe
TENCENT
QQ
.text,.rdata,.data,.rsrc,
10000000[00261000]
[ M] 137. d:\qq\cmqq2007beta4v19\qq\qqbaseclassindll.dll
TENCENT
QQBaseClassInDll DLL
.text,.rdata,.data,.rsrc,.reloc,
61740000[000A7000]
[ M] 138. d:\qq\cmqq2007beta4v19\qq\qqhelperdll.dll
TENCENT
QQHelperDll DLL
.text,.rdata,.data,.rsrc,.reloc,
600A0000[00072000]
[ M] 139. d:\qq\cmqq2007beta4v19\qq\basicctrldll.dll
TENCENT
BasicCtrlDll DLL
.text,.rdata,.data,.rsrc,.reloc,
60A80000[000F2000]
[ M] 140. d:\qq\cmqq2007beta4v19\qq\mfc42.dll
Microsoft Corporation
MFCDLL Shared Library - Retail Version
.text,.rdata,.data,.rsrc,.reloc,
00390000[00009000]
[ M] 65. c:\windows\system32\normaliz.dll
Microsoft Corporation
Unicode Normalization DLL
.text,.data,.rsrc,.reloc,
5DCA0000[00045000]
[ M] 66. c:\windows\system32\iertutil.dll
Microsoft Corporation
Run time utility for Internet Explorer
.text,.data,.rsrc,.reloc,
01240000[00012000]
[ M] 61. d:\ss\rising\rfw\ijt_base.dll
Beijing Rising Technology Co., Ltd.
Inject Base
.text,.rdata,.data,.rsrc,.reloc,
01370000[0000F000]
[ M] 62. d:\ss\rising\rfw\olemon.dll
Beijing Rising Technology Co., Ltd.
Ole Mon Dll
.text,.rdata,.data,.rsrc,.reloc,
62250000[00005000]
[ M] 141. d:\qq\cmqq2007beta4v19\qq\riched32.dll
Microsoft Corporation
Wrapper Dll for Richedit 1.0
.text,.data,.rsrc,.reloc,
621E0000[00068000]
[ M] 142. d:\qq\cmqq2007beta4v19\qq\riched20.dll
Microsoft Corporation
Rich Text Edit Control, v3.1
.text,.data,.rsrc,.reloc,
61310000[0003A000]
[ M] 143. d:\qq\cmqq2007beta4v19\qq\qqapi.dll
TENCENT
ModuleSample DLL
.text,.rdata,.data,.rsrc,.reloc,
623A0000[00007000]
[ M] 144. d:\qq\cmqq2007beta4v19\qq\timproxy.dll
tencent
TIMProxy
.text,.orpc,.rdata,.data,.rsrc,.reloc,
017C0000[0001B000]
[ M] 69. d:\360\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
60890000[00038000]
[ M] 145. d:\qq\cmqq2007beta4v19\qq\loginctrl.dll
TENCENT
NewSkin
.text,.rdata,.data,.rsrc,.reloc,
608D0000[000A0000]
[ M] 146. d:\qq\cmqq2007beta4v19\qq\loginctrlres.dll
TENCENT
LoginCtrl DLL
.rsrc,.reloc,
wopti - 2007-8-27 14:40:00
02210000[004DC000]
[ M] 147. d:\qq\cmqq2007beta4v19\qq\qqres.dll
TENCENT
QQRes
.rsrc,.reloc,
61840000[00093000]
[ M] 148. d:\qq\cmqq2007beta4v19\qq\qqmainframe.dll
.text,.rdata,.data,.reloc,
603C0000[001A3000]
[ M] 149. d:\qq\cmqq2007beta4v19\qq\gdiplus.dll
Microsoft Corporation
Microsoft GDI+
.text,.data,Shared,.rsrc,.reloc,
02ED0000[00123000]
[ M] 150. d:\qq\cmqq2007beta4v19\qq\cqqapplication.dll
.text,.rdata,.data,.reloc,
60380000[0003F000]
[ M] 151. d:\qq\cmqq2007beta4v19\qq\flashavatardll.dll
FlashAvatarDll DLL
.text,.rdata,.data,.rsrc,.reloc,
60C20000[0005E000]
[ M] 152. d:\qq\cmqq2007beta4v19\qq\newskin.dll
TENCENT
NewSkin Module
.text,.rdata,.data,.rsrc,.reloc,
03310000[000BD000]
[ M] 153. d:\qq\cmqq2007beta4v19\qq\hostingmgr.dll
TENCENT
HostingMgr DLL
.text,.rdata,.data,.rsrc,.reloc,
60140000[00034000]
[ M] 154. d:\qq\cmqq2007beta4v19\qq\cameradll.dll
TENCENT
CameraDll DLL
.text,.rdata,.data,.MYSHARE,.rsrc,.reloc,
60A40000[00032000]
[ M] 155. d:\qq\cmqq2007beta4v19\qq\mailsummary.dll
TENCENT
MailSummary DLL
.text,.rdata,.data,.rsrc,.reloc,
617F0000[00017000]
[ M] 156. d:\qq\cmqq2007beta4v19\qq\qqknowledgesearch.dll
TENCENT
QQKnowledgeSearch DLL
.text,.rdata,.data,.rsrc,.reloc,
03A20000[001F4000]
[ M] 157. d:\qq\cmqq2007beta4v19\qq\qqallinone.dll
TENCENT
NewSkin
.text,.rdata,.data,.rsrc,.reloc,
62280000[0002B000]
[ M] 158. d:\qq\cmqq2007beta4v19\qq\sccore.dll
TENCENT
SCCore.dll
.text,.rdata,.data,.shareds,.rsrc,.reloc,
62090000[00024000]
[ M] 159. d:\qq\cmqq2007beta4v19\qq\qqspace.dll
TENCENT
QQSpace DLL
.text,.rdata,.data,.rsrc,.reloc,
62000000[00072000]
[ M] 160. d:\qq\cmqq2007beta4v19\qq\qqsettingctrl.dll
TENCENT
QQSettingCtrl DLL
.text,.rdata,.data,.rsrc,.reloc,
039B0000[0004E000]
[ M] 161. d:\qq\cmqq2007beta4v19\qq\vbscript.dll
,,,,,.data,.adata,
73460000[0006B000]
[ M] 162. d:\qq\cmqq2007beta4v19\qq\aqing.dll
Microsoft Corporation
Microsoft (r) VBScript
.text,.data,.rsrc,.reloc,
616C0000[00071000]
[ M] 163. d:\qq\cmqq2007beta4v19\qq\qqgroupmng.dll
TENCENT
QQGroupMng DLL
.text,.rdata,.data,.rsrc,.reloc,
72C80000[00008000]
[ M] 63. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
61350000[0003D000]
[ M] 164. d:\qq\cmqq2007beta4v19\qq\qqavatar.dll
.text,.rdata,.data,.reloc,
621C0000[00016000]
[ M] 165. d:\qq\cmqq2007beta4v19\qq\qringmng.dll
.text,.rdata,.data,.reloc,
58050000[0008A000]
[ M] 166. c:\windows\system32\l3codeca.acm
Fraunhofer Institut Integrierte Schaltungen IIS
MPEG Layer-3 Audio Codec for MSACM
.text,.rdata,.data,.rsrc,.reloc,
620C0000[0003D000]
[ M] 167. d:\qq\cmqq2007beta4v19\qq\qqsysmsgmng.dll
.text,.rdata,.data,.reloc,
01B80000[00051000]
[ M] 168. d:\qq\cmqq2007beta4v19\qq\qqcustomface.dll
.text,.rdata,.data,.reloc,
623D0000[00017000]
[ M] 169. d:\qq\cmqq2007beta4v19\qq\userdefinedhead.dll
TENCENT
UserDefinedHead DLL
.text,.rdata,.data,.rsrc,.reloc,
61A10000[000D7000]
[ M] 170. d:\qq\cmqq2007beta4v19\qq\qqplugin.dll
.text,.rdata,.data,.reloc,
60970000[000A8000]
[ M] 171. d:\qq\cmqq2007beta4v19\qq\longconnection.dll
TENCENT
LongConnection
.text,.rdata,.data,.rsrc,.reloc,
61600000[0000C000]
[ M] 172. d:\qq\cmqq2007beta4v19\qq\qqconfigplugin.dll
TENCENT
QQConfigPlugin DLL
.text,.rdata,.data,.rsrc,.reloc,
7E1E0000[005C9000]
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
619E0000[0002A000]
[ M] 173. d:\qq\cmqq2007beta4v19\qq\qqpet.dll
TENCENT
QQPet DLL
.text,.rdata,.data,.rsrc,.reloc,
60120000[0001F000]
[ M] 174. d:\qq\cmqq2007beta4v19\qq\bqqapplication.dll
.text,.rdata,.data,.reloc,
60CA0000[0000F000]
[ M] 175. d:\qq\cmqq2007beta4v19\qq\personaldesktop.dll
深圳市腾讯计算机系统公司QQ工作小组
QQ个人桌面
.text,.rdata,.data,.rsrc,.reloc,
60180000[0004F000]
[ M] 176. d:\qq\cmqq2007beta4v19\qq\commercesmng.dll
TENCENT
CommercesMng DLL
.text,.rdata,.data,.rsrc,.reloc,
04BD0000[00286000]
[ M] 177. d:\qq\cmqq2007beta4v19\qq\qqaddr.dll
深圳市腾讯计算机系统有限公司
腾讯通讯录
.text,.rdata,.data,.rsrc,.reloc,
60770000[0001A000]
[ M] 178. d:\qq\cmqq2007beta4v19\qq\imageole.dll
TENCENT
TODO: <File description>
.text,.rdata,.data,.rsrc,.reloc,
61810000[00015000]
[ M] 179. d:\qq\cmqq2007beta4v19\qq\qqliveqmng.dll
TENCENT
QQLiveQMng DLL
.text,.rdata,.data,.rsrc,.reloc,
01680000[00019000]
[ M] 133. d:\ss\rising\rav\ravscrch.dll
Beijing Rising Technology Co., Ltd.
RavScrCh Module
.text,.rdata,.data,.rsrc,.reloc,
60680000[00024000]
[ M] 180. d:\qq\cmqq2007beta4v19\qq\groupconnection.dll
TENCENT
GroupConnection DLL
.text,.rdata,.data,.rsrc,.reloc,
wopti - 2007-8-27 14:40:00
28E0000[0002B000]
[ M] 181. d:\qq\cmqq2007beta4v19\qq\addrsearch.dll
腾讯科技(深圳)有限公司
QQPhoneHelper
UPX0,UPX1,.rsrc,
61FD0000[0002C000]
[ M] 182. d:\qq\cmqq2007beta4v19\qq\qqscenemng.dll
.text,.rdata,.data,.reloc,
62160000[0005B000]
[ M] 183. d:\qq\cmqq2007beta4v19\qq\qqzip.dll
TENCENT
QQZip
.text,.rdata,.data,.rsrc,.reloc,
73200000[00031000]
[ M] 135. c:\windows\system32\winwb86.ime
Microsoft Corporation
王码五笔型输入法86版
.text,.rdata,.data,.ShareDa,.sgroup,.rsrc,.reloc,
619C0000[00015000]
[ M] 184. d:\qq\cmqq2007beta4v19\qq\qqoneclick.dll
TENCENT
QQOneClick DLL
.text,.rdata,.data,.rsrc,.reloc,
61830000[0000E000]
[ M] 185. d:\qq\cmqq2007beta4v19\qq\qqmagicface.dll
TENCENT
QQMagicFace DLL
.text,.rdata,.data,.rsrc,.reloc,
61680000[0002A000]
[ M] 186. d:\qq\cmqq2007beta4v19\qq\qqfiletransfer.dll
TENCENT
QQFileTransfer DLL
.text,.rdata,.data,.rsrc,.reloc,
30000000[002EE000]
[ M] 134. c:\windows\system32\macromed\flash\flash9b.ocx
Adobe Systems, Inc.
Adobe Flash Player 9.0 r28
.text,.rdata,.data,.rsrc,.reloc,
+ 00000e38(3640) wuauclt.exe
50E60000[0000C000]
[ M] 67. c:\windows\system32\wups2.dll
Microsoft Corporation
Windows Update client proxy stub 2
.text,.orpc,.data,.rsrc,.reloc,
10000000[0001B000]
[ M] 69. d:\360\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
+ 00000ea0(3744) Ras.exe
00400000[0013F000]
[ M] 187. d:\360\ras.exe
Beijing Rising Technology Co., Ltd.
Rising AntiSpyware
.text,.rdata,.data,.rsrc,
00380000[00009000]
[ M] 65. c:\windows\system32\normaliz.dll
Microsoft Corporation
Unicode Normalization DLL
.text,.data,.rsrc,.reloc,
5DCA0000[00045000]
[ M] 66. c:\windows\system32\iertutil.dll
Microsoft Corporation
Run time utility for Internet Explorer
.text,.data,.rsrc,.reloc,
10000000[00012000]
[ M] 61. d:\ss\rising\rfw\ijt_base.dll
Beijing Rising Technology Co., Ltd.
Inject Base
.text,.rdata,.data,.rsrc,.reloc,
00F20000[0000F000]
[ M] 62. d:\ss\rising\rfw\olemon.dll
Beijing Rising Technology Co., Ltd.
Ole Mon Dll
.text,.rdata,.data,.rsrc,.reloc,
01320000[000A3000]
[ M] 188. d:\360\rasgui.dll
Beijing Rising Technology Co., Ltd.
RasGUI
.text,.rdata,.data,.rsrc,.reloc,
01B00000[0001B000]
[ M] 69. d:\360\ieprot.dll
Beijing Rising Technology Co., Ltd.
IE Protector
.text,.rdata,.data,.rsrc,.reloc,
7E1E0000[005C9000]
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
超级游戏迷 - 2007-8-27 15:45:00
c:\windows\system32\drivers\ajed5.sys
c:\windows\system32\drivers\ajfs68d.sys
删除这两个文件对应的驱动项目,重启进入安全模式删除该两个文件。
PS:好象我回答过了?
超级游戏迷 - 2007-8-27 15:48:00
最好卸载QQ,删除QQ安装目录及其所有文件,重装QQ。
1
© 2000 - 2026 Rising Corp. Ltd.