瑞星卡卡安全论坛
走一走 - 2009-3-23 13:06:00
1.开机时,说加载CEZ77.DLL失败,杀毒提示是Trojan.Dl.WIN32.Undef.vt病毒.位于C:\WINDOWS\SYSTEM32\CEZ77.DLL,但删除失败.
2.有Rootkit.win32.agent.bfp病毒.位于C:\WINDOWS\SYSTEM32\dz50u7b2ya.sys,删除失败.
病毒库版本是21.21.62.00
这两个病毒在安全模式杀不死的.
能否详细介绍如何杀死病毒,
用户系统信息:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727; .NET CLR 1.1.4322)
帅哥阿福 - 2009-3-23 13:08:00
rootkit病毒是作为驱动存在系统中的,有可能加载在系统进程上,被系统调用的文件是无法被杀毒软件清除的 。
建议采取以下几种方式:
1.安装卡卡助手,之后重启动计算机,计算机启动后,再使用升级到最新版本的杀毒软件来杀毒。
2.使用瑞星引导光盘来引导计算机启动杀毒。
3.将硬盘摘下来,作为从盘,挂在其他计算机上,使用瑞星最新版本来杀毒。
4.在设备管理器上,显示所有隐藏设备后,找到病毒文件对应的驱动,将其停用和卸载后,直接删除染毒文件。
关于开机加载组件失败,建议使用卡卡助手修复,每项功能都执行一遍,应该是可以解决问题的。
超级游戏迷 - 2009-3-23 13:08:00
请按照版规要求,提供SRENG扫描日志。
走一走 - 2009-3-23 13:33:00
瑞星卡卡电脑诊断日志 v1.30 (2009-3-23 13:29:0) 北京瑞星信息技术有限公司
注释: [A]表示该文件存在自启动关联;
[M]表示该文件在内存中;
+ 注册表自运行项目
+ 系统服务
+ HKLM\System\CurrentControlSet\Services
aspnet_state
[A ] 1. c:\windows\microsoft.net\framework\v2.0.50727\aspnet_state.exe
Microsoft Corporation
Microsoft ASP.NET State Server
.text,.data,.rsrc,
clr_optimization_v2.0.50727_32
[A ] 2. c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe
Microsoft Corporation
.NET Runtime Optimization Service
.text,.data,.rsrc,
gupdate1c990099e41091c
[AM] 3. c:\program files\google\update\googleupdate.exe
Google Inc.
Google 安装程序
.text,.data,.rsrc,
MSSQLServerADHelper
[A ] 4. c:\program files\microsoft sql server\80\tools\binn\sqladhlp.exe
Microsoft Corporation
Microsoft SQL Server Active Directory Helper Service
.text,.rdata,.data,.rsrc,
NVSvc
[AM] 5. c:\windows\system32\nvsvc32.exe
NVIDIA Corporation
NVIDIA Driver Helper Service, Version 91.31
.text,.rdata,.data,.rsrc,
RavCCenter
[AM] 6. d:\program files\rising\rav\ccenter.exe
Beijing Rising Information Technology Co., Ltd.
CCenter Application
.text,.rdata,.data,.rsrc,
RavTask
[AM] 7. d:\program files\rising\rav\ravtask.exe
Beijing Rising Information Technology Co., Ltd.
ravtask
.text,.rdata,.data,.rsrc,
RfwCCenter
[AM] 8. d:\program files\rising\rfw\ccenter.exe
Beijing Rising Information Technology Co., Ltd.
CCenter Application
.text,.rdata,.data,.rsrc,
RfwService
[AM] 9. d:\program files\rising\rfw\rfwsrv.exe
Beijing Rising Information Technology Co., Ltd.
rfwsrvex Application
.text,.rdata,.data,.rsrc,
RfwTask
[AM] 10. d:\program files\rising\rfw\ravtask.exe
Beijing Rising Information Technology Co., Ltd.
ravtask
.text,.rdata,.data,.rsrc,
RsRavMon
[AM] 11. d:\program files\rising\rav\ravmond.exe
Beijing Rising Information Technology Co., Ltd.
ravmond
.text,.rdata,.data,.rsrc,
RsScanSrv
[AM] 12. d:\program files\rising\rav\scanfrm.exe
Beijing Rising Information Technology Co., Ltd.
Rising Scan Service Framework
.text,.rdata,.data,.rsrc,
UFNet
[AM] 13. c:\windows\system32\servernt.exe
.text,.rdata,.data,
usnjsvc
[A ] 14. c:\program files\windows live\messenger\usnsvc.exe
Microsoft Corporation
Messenger Sharing USN Journal Reader Service
.text,.data,.rsrc,
WLSetupSvc
[A ] 15. c:\program files\windows live\installer\wlsetupsvc.exe
Microsoft Corporation
Windows Live Setup Service
.text,.data,.rsrc,.reloc,
WMPNetworkSvc
[A ] 16. c:\program files\windows media player\wmpnetwk.exe
Microsoft Corporation
Windows Media Player 网络共享服务
.text,.data,.rsrc,.reloc,
WudfSvc
[A ] 17. c:\windows\system32\wudfsvc.dll
Microsoft Corporation
Windows Driver Foundation - User-mode Driver Framework Service
.text,.data,.rsrc,.reloc,
帅哥阿福 - 2009-3-23 13:34:00
走一走 - 2009-3-23 13:34:00
+ 内核驱动
+ HKLM\System\CurrentControlSet\Services
ALCXWDM
[A ] 18. c:\windows\system32\drivers\alcxwdm.sys
Realtek Semiconductor Corp.
Realtek AC'97 Audio Driver (WDM)
.text,CODE,.rdata,.data,.data1,PAGE,INIT,.rsrc,.reloc,
BIOS
[A ] 19. c:\windows\system32\drivers\bios.sys
BIOSTAR Group
I/O Interface driver file
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
dz50u7b2ya
[A ] 20. c:\windows\system32\drivers\dz50u7b2ya.sys
File System Driver
.text,.data,PAGE,INIT,.rsrc,.reloc,
hookcont
[A ] 21. c:\windows\system32\drivers\hookcont.sys
Beijing Rising Information Technology Co., Ltd.
HookCont Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
hooksys
[A ] 22. c:\windows\system32\drivers\hooksys.sys
Beijing Rising Information Technology Co., Ltd.
Hooksys.sys
.text,.rdata,.data,INIT,.rsrc,.reloc,
nvcap
[A ] 23. c:\windows\system32\drivers\nvcap.sys
NVIDIA Corporation
NVIDIA WDM Video Capture (universal)
.text,.rdata,.data,INIT,.rsrc,.reloc,
NVXBAR
[A ] 24. c:\windows\system32\drivers\nvxbar.sys
NVIDIA Corporation
NVIDIA WDM A/V Crossbar
.text,.rdata,.data,INIT,.rsrc,.reloc,
RfwBase9
[A ] 25. c:\windows\system32\drivers\rfwbase.sys
Beijing Rising Information Technology Co., Ltd.
rfwbase.sys
.text,.rdata,.data,INIT,.rsrc,.reloc,
rfwtdi
[A ] 26. d:\program files\rising\rfw\rfwtdi.sys
Beijing Rising Information Technology Co., Ltd.
rfwtdi5.sys
.text,.rdata,.data,INIT,.rsrc,.reloc,
rsfwdrv
[A ] 27. d:\program files\rising\rfw\rsfwdrv.sys
Beijing Rising Information Technology Co., Ltd.
rsfwdrv.sys
.text,.rdata,.data,INIT,.rsrc,.reloc,
RsNTGDI
[A ] 28. c:\windows\system32\drivers\rsntgdi.sys
Beijing Rising Information Technology Co., Ltd.
RsNTGDI
.text,.rdata,INIT,.rsrc,.reloc,
RT73
[A ] 29. c:\windows\system32\drivers\rt73.sys
Ralink Technology, Corp.
Ralink 802.11 USB Wireless Adapter Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
RTL8023xp
[A ] 30. c:\windows\system32\drivers\rtlnicxp.sys
Realtek Semiconductor Corporation
Realtek 10/100/1000 NDIS 5.1 Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
Secdrv
[A ] 31. c:\windows\system32\drivers\secdrv.sys
Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.
Macrovision SECURITY Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
Sense3
[A ] 32. c:\windows\system32\drivers\sense3.sys
Beijing Senselock
SENSE3 Driver for NT
.text,.rdata,.data,INIT,.rsrc,.reloc,
Sentinel
[A ] 33. c:\windows\system32\drivers\sentinel.sys
.text,.bss,.rsrc,.data,.idata,.reloc,
Superk53
[A ] 34. c:\windows\system32\drivers\superk53.sys
Microsoft Corporation
Superk53 I/O
.text,.data,.idata,.rsrc,.reloc,
WudfPf
[A ] 35. c:\windows\system32\drivers\wudfpf.sys
Microsoft Corporation
Windows Driver Foundation - User-mode Driver Framework Platform Driver
.text,.rdata,.data,PAGE,.edata,INIT,.rsrc,.reloc,
WudfRd
[A ] 36. c:\windows\system32\drivers\wudfrd.sys
Microsoft Corporation
Windows Driver Foundation - User-mode Driver Framework Reflector
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
走一走 - 2009-3-23 13:35:00
+ IE浏览器加载模块
+ HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
[AM] 37. c:\program files\windows live toolbar\msntb.dll
Microsoft Corporation
Windows Live Toolbar for Internet Explorer
.text,.data,.rsrc,.reloc,
{43869BB3-22FD-4F15-9B46-238106BA2F4E}
[AM] 38. c:\tddownload\magicset\haokanbar.dll
Xiang Feng Technology
HaoKanBar Toolbar Module
.text,.rdata,.data,.SHARED,.rsrc,.reloc,
+ HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks
{CFBFAE00-17A6-11D0-99CB-00C04FD64497}
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
{01443AEC-0FD1-40fd-9C87-E93D1494C233}
[AM] 40. d:\program files\thunder network\thunder\comdlls\tdatonce_now.dll
Thunder Networking Technologies,LTD
迅雷浏览器高级特性支持模块
.text,.rdata,.data,.rsrc,.reloc,
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
[AM] 41. c:\program files\adobe\acrobat 7.0\activex\acroiehelper.dll
Adobe Systems Incorporated
Adobe Acrobat IE Helper Version 7.0 for ActiveX
.text,.rdata,.data,.rsrc,.reloc,
{7369D35A-5B70-4A5B-B789-B25FE09B4AF3}
[AM] 38. c:\tddownload\magicset\haokanbar.dll
Xiang Feng Technology
HaoKanBar Toolbar Module
.text,.rdata,.data,.SHARED,.rsrc,.reloc,
{889D2FEB-5411-4565-8998-1DD2C5261283}
[AM] 42. d:\program files\thunder network\thunder\comdlls\xunleibho_now.dll
Thunder Networking Technologies,LTD
XunLeiBHO
.text,.rdata,.data,.rsrc,.reloc,
{9030D464-4C02-4ABF-8ECC-5164760863C6}
[AM] 43. c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
Microsoft Corporation
WindowsLiveLogin.dll
.text,.data,.rsrc,.reloc,
{98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}
[AM] 44. c:\windows\system32\urlfilter.dll
Beijing Rising Information Technology Co., Ltd.
Rising AntiSpyware UrlFilter Module
.text,.rdata,.data,.rsrc,.reloc,
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
[AM] 37. c:\program files\windows live toolbar\msntb.dll
Microsoft Corporation
Windows Live Toolbar for Internet Explorer
.text,.data,.rsrc,.reloc,
+ HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions
Exec
[A ] 45. d:\program files\thunder network\thunder\thunder.exe
Thunder Networking Technologies,LTD
.text,.rdata,.data,.rsrc,
Exec
[A ] 46. e:\uf2000\desktop\runie.exe
.text,.rdata,.data,.rsrc,
Exec
[A ] 47. c:\windows\network diagnostic\xpnetdiag.exe
Microsoft Corporation
Network Diagnostic for Windows XP
.text,.data,.rsrc,
Exec
[A ] 48. c:\program files\messenger\msmsgs.exe
Microsoft Corporation
Windows Messenger
.text,.data,.rsrc,
走一走 - 2009-3-23 13:35:00
资源管理器加载模块
+ HKLM\SOFTWARE\Classes\PROTOCOLS\Filter
application/octet-stream
[A ] 49. c:\windows\system32\mscoree.dll
Microsoft Corporation
Microsoft .NET Runtime Execution Engine
.text,.data,.rsrc,.reloc,
application/x-complus
[A ] 49. c:\windows\system32\mscoree.dll
Microsoft Corporation
Microsoft .NET Runtime Execution Engine
.text,.data,.rsrc,.reloc,
application/x-msdownload
[A ] 49. c:\windows\system32\mscoree.dll
Microsoft Corporation
Microsoft .NET Runtime Execution Engine
.text,.data,.rsrc,.reloc,
+ HKLM\SOFTWARE\Classes\PROTOCOLS\Handler
livecall
[A ] 50. c:\program files\windows live\messenger\msgrapp.8.5.1302.1018.dll
Microsoft Corporation
Windows Live Messenger Protocol Handler
.text,.data,.rsrc,.reloc,
msnim
[A ] 50. c:\program files\windows live\messenger\msgrapp.8.5.1302.1018.dll
Microsoft Corporation
Windows Live Messenger Protocol Handler
.text,.data,.rsrc,.reloc,
wlmailhtml
[A ] 51. c:\program files\windows live\mail\mailcomm.dll
Microsoft Corporation
Microsoft Internet Messaging API Resources
.text,.data,.rsrc,.reloc,
+ HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}
[A ] 52. c:\windows\system32\ieudinit.exe
Microsoft Corporation
IE Per User Active Setup Uninstall Utility
.text,.data,.rsrc,.reloc,
+ HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers
{F9DB5320-233E-11D1-9F84-707F02C10627}
[AM] 53. c:\program files\adobe\acrobat 7.0\activex\pdfshell.dll
Adobe Systems, Inc.
PDF Shell Extension
.text,.rdata,.data,.rsrc,.reloc,
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
HyperTerminal Icon Ext
[A ] 54. c:\windows\system32\hticons.dll
Hilgraeve, Inc.
HyperTerminal Applet Library
.text,.data,.rsrc,.reloc,
IE Search Band
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
IE AutoComplete
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
Shell DocObject Viewer
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
InternetShortcut
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
Microsoft Url History Service
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
History
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
Temporary Internet Files
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
Temporary Internet Files
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
Microsoft Url Search Hook
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
The Internet
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
Internet Name Space
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
IE Microsoft BrowserBand
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
IE Fade Task
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
IE Menu Desk Bar
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
IE Navigation Bar
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
IE Menu Site
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
IE Menu Band
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
IE Microsoft History AutoComplete List
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
IE Tracking Shell Menu
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
IE IShellFolderBand
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
IE BandProxy
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
IE MRU AutoComplete List
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
IE RSS Feeder Folder
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
IE Microsoft Shell Folder AutoComplete List
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
IE Microsoft Multiple AutoComplete List Container
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
Microsoft Browser Architecture
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
IE Shell Rebar BandSite
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
IE Shell Band Site Menu
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
&Links
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
IE Registry Tree Options Utility
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
IE User Assist
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
IE Custom MRU AutoCompleted List
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
Portable Media Devices
[A ] 55. c:\windows\system32\audiodev.dll
Microsoft Corporation
Portable Media Devices Shell Extension
.text,.data,.rsrc,.reloc,
Portable Devices
[A ] 56. c:\windows\system32\wpdshext.dll
Microsoft Corporation
Portable Devices Shell Extension
.text,.data,.rsrc,.reloc,
Portable Devices Menu
[A ] 56. c:\windows\system32\wpdshext.dll
Microsoft Corporation
Portable Devices Shell Extension
.text,.data,.rsrc,.reloc,
NvCpl DesktopContext Class
[A ] 57. c:\windows\system32\nvcpl.dll
NVIDIA Corporation
NVIDIA Display Properties Extension
.text,.rdata,.data,CONST,.rsrc,.reloc,
Play on my TV helper
[A ] 57. c:\windows\system32\nvcpl.dll
NVIDIA Corporation
NVIDIA Display Properties Extension
.text,.rdata,.data,CONST,.rsrc,.reloc,
Desktop Explorer
[A ] 58. c:\windows\system32\nvshell.dll
.text,.rdata,.data,.idata,.shared,.rsrc,.reloc,
Desktop Explorer Menu
[A ] 58. c:\windows\system32\nvshell.dll
.text,.rdata,.data,.idata,.shared,.rsrc,.reloc,
nView Desktop Context Menu
[A ] 58. c:\windows\system32\nvshell.dll
.text,.rdata,.data,.idata,.shared,.rsrc,.reloc,
WinRAR shell extension
[A ] 59. c:\program files\winrar\rarext.dll
.text,.data,.tls,.idata,.edata,.rsrc,.reloc,
Messenger Sharing Folders
[AM] 60. c:\program files\windows live\messenger\fsshext.8.5.1302.1018.dll
Microsoft Corporation
Messenger File Sharing Shell Extensions
.text,.data,.rsrc,.reloc,
ShellLink for Application References
[A ] 61. c:\windows\system32\dfshim.dll
Microsoft Corporation
Application Deployment Support Library
.text,.data,.rsrc,.reloc,
Shell Icon Handler for Application References
[A ] 61. c:\windows\system32\dfshim.dll
Microsoft Corporation
Application Deployment Support Library
.text,.data,.rsrc,.reloc,
WLMD Message Handler
[A ] 51. c:\program files\windows live\mail\mailcomm.dll
Microsoft Corporation
Microsoft Internet Messaging API Resources
.text,.data,.rsrc,.reloc,
Microsoft Outlook Custom Icon Handler
[A ] 62. c:\program files\microsoft office\office\olkfstub.dll
Microsoft Corporation
Microsoft Outlook Shell Hook for Start/Find
.text,.data,.rsrc,.reloc,
RISING
[AM] 63. c:\windows\system32\ravext.dll
Beijing Rising Information Technology Co., Ltd.
Rising Shell Ext Module
.text,.rdata,.data,.rsrc,.reloc,
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
{32CD708B-60A7-4C00-9377-D73EAA495F0F}
[AM] 63. c:\windows\system32\ravext.dll
Beijing Rising Information Technology Co., Ltd.
Rising Shell Ext Module
.text,.rdata,.data,.rsrc,.reloc,
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
WPDShServiceObj
[AM] 64. c:\windows\system32\wpdshserviceobj.dll
Microsoft Corporation
Windows Portable Device Shell Service Object
.text,.data,.rsrc,.reloc,
+ 用户登陆自运行项目
+ HKCU\Software\Microsoft\Windows\CurrentVersion\Run
MsnMsgr
[AM] 65. c:\program files\windows live\messenger\msnmsgr.exe
Microsoft Corporation
Windows Live Messenger
.text,.data,.rsrc,
+ HKLM\Software\Microsoft\Windows\CurrentVersion\Run
RavTray
[AM] 66. d:\program files\rising\rav\rstray.exe
Beijing Rising Information Technology Co., Ltd.
Rising tray framework
.text,.rdata,.data,.rsrc,
SoundMan
[AM] 67. c:\windows\soundman.exe
Realtek Semiconductor Corp.
Realtek Sound Manager
.text,.rdata,.data,.sxdata,.rsrc,
runeip
[AM] 68. d:\program files\rising\antispyware\rstray.exe
Beijing Rising Information Technology Co., Ltd.
RSTray
.text,.rdata,.data,.rsrc,
RFWTray
[AM] 69. d:\program files\rising\rfw\rstray.exe
Beijing Rising Information Technology Co., Ltd.
Rising tray framework
.text,.rdata,.data,.rsrc,
nwiz
[A ] 70. c:\windows\system32\nwiz.exe
.text,.rdata,.data,.rsrc,
TaxInfo
[AM] 71. d:\program files\nbctaistax\taxinfo.exe
CODE,DATA,BSS,.idata,.tls,.rdata,.reloc,.rsrc,.aspack,.adata,
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
KKDelay
[A ] 72. d:\program files\rising\antispyware\runonce.exe
Beijing Rising Information Technology Co., Ltd.
RunOnce Application
.text,.rdata,.data,.rsrc,
走一走 - 2009-3-23 13:38:00
+ 开机执行
+ HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order
BootExecute
[A ] 73. c:\windows\system32\bsmain.exe
Beijing Rising Information Technology Co., Ltd.
Rising Antivirus 2008
.text,.rdata,.data,.rsrc,.reloc,
[A ] 74. c:\windows\system32\kknative.exe
Beijing Rising Information Technology Co., Ltd.
NativeAp
.text,.data,.rsrc,.reloc,
+ 映像劫持
+ HKCR\.html
htmlfile\Edit\Command
[A ] 75. c:\program files\microsoft office\office\msohtmed.exe
Microsoft Corporation
Microsoft Office 2000 component
.text,.data,.idata,.rsrc,
htmlfile\Print\Command
[A ] 75. c:\program files\microsoft office\office\msohtmed.exe
Microsoft Corporation
Microsoft Office 2000 component
.text,.data,.idata,.rsrc,
+ HKCR\.htm
htmlfile\Edit\Command
[A ] 75. c:\program files\microsoft office\office\msohtmed.exe
Microsoft Corporation
Microsoft Office 2000 component
.text,.data,.idata,.rsrc,
htmlfile\Print\Command
[A ] 75. c:\program files\microsoft office\office\msohtmed.exe
Microsoft Corporation
Microsoft Office 2000 component
.text,.data,.idata,.rsrc,
+ 程序初始化和已知动态连接库
+ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
AppInit_DLLs
[AM] 76. c:\windows\system32\kmon.dll
Beijing Rising Information Technology Co., Ltd.
KaKa Monitors
.text,.rdata,.data,.rsrc,.reloc,
+ 其他自启动项目
+ C:\Documents and Settings\All Users\「开始」菜单\程序\启动
Adobe Reader Speed Launch.lnk
[A ] 77. c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
Adobe Systems Incorporated
Adobe Acrobat SpeedLauncher
.text,.rdata,.data,.rsrc,
Service Manager.lnk
[AM] 78. c:\program files\microsoft sql server\80\tools\binn\sqlmangr.exe
Microsoft Corporation
SQL Server Service Manager
.text,.rdata,.data,.rsrc,
+ C:\WINDOWS\Tasks
GoogleUpdateTaskMachine.job
[AM] 3. c:\program files\google\update\googleupdate.exe
Google Inc.
Google 安装程序
.text,.data,.rsrc,
查看 Windows Live Toolbar 更新.job
[A ] 79. c:\program files\windows live toolbar\msntbup.exe
Microsoft Corporation
MSN Search Toolbar Scheduled Update Utility
.text,.data,.rsrc,
+ 正在运行的进程
+ 00000154(340) spoolsv.exe
+ 00000244(580) sqlservr.exe
00400000[0071A000]
[ M] 80. c:\program files\microsoft sql server\mssql\binn\sqlservr.exe
Microsoft Corporation
SQL Server Windows NT
.text,.rdata,.data,.tls,.rsrc,.reloc,
41060000[00006000]
[ M] 81. c:\program files\microsoft sql server\mssql\binn\opends60.dll
Microsoft Corporation
SQL Open Data Services DLL
.text,.rdata,.data,.rsrc,.reloc,
41070000[0000D000]
[ M] 82. c:\program files\microsoft sql server\mssql\binn\ums.dll
Microsoft Corporation
SQL User Mode Scheduler DLL
.text,.rdata,.data,.tls,.rsrc,.reloc,
42AE0000[00090000]
[ M] 83. c:\program files\microsoft sql server\mssql\binn\sqlsort.dll
Microsoft Corporation
SQL Sorting DLL
.text,.data,.rsrc,.reloc,
60000000[00074000]
[AM] 76. c:\windows\system32\kmon.dll
Beijing Rising Information Technology Co., Ltd.
KaKa Monitors
.text,.rdata,.data,.rsrc,.reloc,
5DCA0000[00045000]
[ M] 84. c:\windows\system32\iertutil.dll
Microsoft Corporation
Run time utility for Internet Explorer
.text,.data,.rsrc,.reloc,
41080000[00007000]
[ M] 85. c:\program files\microsoft sql server\mssql\binn\resources\2052\sqlevn70.rll
Microsoft Corporation
SQL Event Messages DLL
.rsrc,.reloc,
42CF0000[00016000]
[ M] 86. c:\program files\microsoft sql server\mssql\binn\ssnetlib.dll
Microsoft Corporation
Winsock Oriented Net DLL for SQL Server
.text,.rdata,.data,.rsrc,.reloc,
410D0000[00006000]
[ M] 87. c:\program files\microsoft sql server\mssql\binn\ssnmpn70.dll
Microsoft Corporation
Named Pipes Net DLL for SQL Server
.text,.rdata,.data,.rsrc,.reloc,
42CD0000[00007000]
[ M] 88. c:\program files\microsoft sql server\mssql\binn\ssmslpcn.dll
Microsoft Corporation
Client-Side Local Inter-Process Communication (LPC) Net Library
.text,.rdata,.data,.rsrc,.reloc,
+ 00000254(596) wuauclt.exe
60000000[00074000]
[AM] 76. c:\windows\system32\kmon.dll
Beijing Rising Information Technology Co., Ltd.
KaKa Monitors
.text,.rdata,.data,.rsrc,.reloc,
10000000[0002E000]
[ M] 89. d:\program files\rising\antispyware\comx3.dll
Beijing Rising Information Technology Co., Ltd.
comx3 Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
003C0000[00019000]
[ M] 90. d:\program files\rising\antispyware\syslay.dll
Beijing Rising Information Technology Co., Ltd.
Syslay
.text,.rdata,.data,.rsrc,.reloc,
5DCA0000[00045000]
[ M] 84. c:\windows\system32\iertutil.dll
Microsoft Corporation
Run time utility for Internet Explorer
.text,.data,.rsrc,.reloc,
50E60000[0000C000]
[ M] 91. c:\windows\system32\wups2.dll
Microsoft Corporation
Windows Update client proxy stub 2
.text,.orpc,.data,.rsrc,.reloc,
509E0000[00042000]
[ M] 92. c:\windows\system32\mucltui.dll
Microsoft Corporation
Microsoft Update Client UI Plugin
.text,.data,.rsrc,.reloc,
+ 000002a8(680) smss.exe
+ 000002f0(752) GoogleUpdate.exe
00400000[00023000]
[AM] 3. c:\program files\google\update\googleupdate.exe
Google Inc.
Google 安装程序
.text,.data,.rsrc,
60000000[00074000]
[AM] 76. c:\windows\system32\kmon.dll
Beijing Rising Information Technology Co., Ltd.
KaKa Monitors
.text,.rdata,.data,.rsrc,.reloc,
5DCA0000[00045000]
[ M] 84. c:\windows\system32\iertutil.dll
Microsoft Corporation
Run time utility for Internet Explorer
.text,.data,.rsrc,.reloc,
18000000[000A5000]
[ M] 93. c:\program files\google\update\1.2.141.5\goopdate.dll
Google Inc.
Google Update
.text,.orpc,.rdata,.data,.rsrc,.reloc,
+ 0000032c(812) nvsvc32.exe
00400000[0002C000]
[AM] 5. c:\windows\system32\nvsvc32.exe
NVIDIA Corporation
NVIDIA Driver Helper Service, Version 91.31
.text,.rdata,.data,.rsrc,
60000000[00074000]
[AM] 76. c:\windows\system32\kmon.dll
Beijing Rising Information Technology Co., Ltd.
KaKa Monitors
.text,.rdata,.data,.rsrc,.reloc,
5DCA0000[00045000]
[ M] 84. c:\windows\system32\iertutil.dll
Microsoft Corporation
Run time utility for Internet Explorer
.text,.data,.rsrc,.reloc,
+ 000003ac(940) RsTray.exe
00400000[00023000]
[AM] 66. d:\program files\rising\rav\rstray.exe
Beijing Rising Information Technology Co., Ltd.
Rising tray framework
.text,.rdata,.data,.rsrc,
10000000[00023000]
[ M] 94. d:\program files\rising\rav\comserv.dll
Beijing Rising Information Technology Co., Ltd.
Rising tray common service
.text,.rdata,.data,.rsrc,.reloc,
7C3A0000[0007B000]
[ M] 95. c:\windows\system32\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 96. c:\windows\system32\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
23700000[00023000]
[ M] 97. d:\program files\rising\rav\rslang.dll
Beijing Rising Information Technology Co., Ltd.
Rising Common Function Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
00990000[0002D000]
[ M] 98. d:\program files\rising\rav\comx3.dll
Beijing Rising Information Technology Co., Ltd.
comx3 Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
009C0000[00019000]
[ M] 99. d:\program files\rising\rav\syslay.dll
Beijing Rising Information Technology Co., Ltd.
Syslay
.text,.rdata,.data,.rsrc,.reloc,
23800000[00025000]
[ M] 100. d:\program files\rising\rav\rsxml.dll
Beijing Rising Information Technology Co., Ltd.
RsXML
.text,.rdata,.data,.rsrc,.reloc,
00CC0000[00010000]
[ M] 101. d:\program files\rising\rav\proccomm.dll
Beijing Rising Information Technology Co., Ltd.
ProcComm Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
00ED0000[00013000]
[ M] 102. d:\program files\rising\rav\monstate.dll
Beijing Rising Information Technology Co., Ltd.
MonState
.text,.rdata,.data,.rsrc,.reloc,
00F00000[0000B000]
[ M] 103. d:\program files\rising\rav\scanevnt.dll
Beijing Rising Information Technology Co., Ltd.
Rising Scan Service Event Handler
.text,.rdata,.data,.rsrc,.reloc,
26600000[000C3000]
[ M] 104. d:\program files\rising\rav\rsguilib.dll
Beijing Rising Information Technology Co., Ltd.
Rising GUI Library Loader
.text,.rdata,.data,.rsrc,.reloc,
7C140000[00103000]
[ M] 105. c:\windows\system32\mfc71.dll
Microsoft Corporation
MFCDLL Shared Library - Retail Version
.text,.data,.rsrc,.reloc,
走一走 - 2009-3-23 13:40:00
01050000[00017000]
[ M] 106. d:\program files\rising\rav\rsconf.dll
Beijing Rising Information Technology Co., Ltd.
rsconf Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
01080000[0000E000]
[ M] 107. d:\program files\rising\rav\rsappmgr.dll
Beijing Rising Information Technology Co., Ltd.
Rising Application Manager
.text,.rdata,.data,.rsrc,.reloc,
010A0000[00031000]
[ M] 108. d:\program files\rising\rav\cfgdll.dll
Beijing Rising Information Technology Co., Ltd.
CfgDll
.text,.rdata,.data,.rsrc,.reloc,
010F0000[00030000]
[ M] 109. d:\program files\rising\rav\rspalvd.dll
Beijing Rising Information Technology Co., Ltd.
rspalvd
.text,.rdata,.data,.rsrc,.reloc,
33000000[00025000]
[ M] 110. d:\program files\rising\rav\ravbintl.dll
Beijing Rising Information Technology Co., Ltd.
ravbintl Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
01130000[00009000]
[ M] 111. c:\windows\system32\normaliz.dll
Microsoft Corporation
Unicode Normalization DLL
.text,.data,.rsrc,.reloc,
5DCA0000[00045000]
[ M] 84. c:\windows\system32\iertutil.dll
Microsoft Corporation
Run time utility for Internet Explorer
.text,.data,.rsrc,.reloc,
01530000[0006C000]
[ M] 112. d:\program files\rising\rav\mruleui.dll
Beijing Rising Information Technology Co., Ltd.
mruleui
.text,.rdata,.data,.rsrc,.reloc,
015B0000[0006B000]
[ M] 113. d:\program files\rising\rav\montray.dll
Beijing Rising Information Technology Co., Ltd.
Rising AntiVirus 2009
.text,.rdata,.data,.rsrc,.reloc,
23900000[00040000]
[ M] 114. d:\program files\rising\rav\pngdll.dll
Beijing Rising Information Technology Co., Ltd.
Rising .Png File Loader Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
34500000[00020000]
[ M] 115. d:\program files\rising\rav\ravitray.dll
Beijing Rising Information Technology Co., Ltd.
ravitray Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
01B80000[00059000]
[ M] 116. d:\program files\rising\rav\scanprxy.dll
Beijing Rising Information Technology Co., Ltd.
ScanPrxy Module
.text,.rdata,.data,.rsrc,.reloc,
01BE0000[00044000]
[ M] 117. d:\program files\rising\rav\rsmginfo.dll
Beijing Rising Information Technology Co., Ltd.
rsmginfo
.text,.rdata,.data,.rsrc,.reloc,
+ 000003b0(944) RavTask.exe
00400000[00020000]
[AM] 7. d:\program files\rising\rav\ravtask.exe
Beijing Rising Information Technology Co., Ltd.
ravtask
.text,.rdata,.data,.rsrc,
10000000[00017000]
[ M] 106. d:\program files\rising\rav\rsconf.dll
Beijing Rising Information Technology Co., Ltd.
rsconf Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
003E0000[0000E000]
[ M] 107. d:\program files\rising\rav\rsappmgr.dll
Beijing Rising Information Technology Co., Ltd.
Rising Application Manager
.text,.rdata,.data,.rsrc,.reloc,
00780000[00031000]
[ M] 108. d:\program files\rising\rav\cfgdll.dll
Beijing Rising Information Technology Co., Ltd.
CfgDll
.text,.rdata,.data,.rsrc,.reloc,
008D0000[00010000]
[ M] 101. d:\program files\rising\rav\proccomm.dll
Beijing Rising Information Technology Co., Ltd.
ProcComm Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 96. c:\windows\system32\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
7C3A0000[0007B000]
[ M] 95. c:\windows\system32\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
008F0000[00018000]
[ M] 118. d:\program files\rising\rav\rsstub.dll
Beijing Rising Information Technology Co., Ltd.
rsstub Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
00DF0000[00029000]
[ M] 119. d:\program files\rising\rav\rstask.dll
Beijing Rising Information Technology Co., Ltd.
RsTask Control
.text,.rdata,.data,.rsrc,.reloc,
+ 000003c4(964) RavTask.exe
00400000[00020000]
[AM] 10. d:\program files\rising\rfw\ravtask.exe
Beijing Rising Information Technology Co., Ltd.
ravtask
.text,.rdata,.data,.rsrc,
10000000[00017000]
[ M] 120. d:\program files\rising\rfw\rsconf.dll
Beijing Rising Information Technology Co., Ltd.
rsconf Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
003E0000[0000E000]
[ M] 121. d:\program files\rising\rfw\rsappmgr.dll
Beijing Rising Information Technology Co., Ltd.
Rising Application Manager
.text,.rdata,.data,.rsrc,.reloc,
00780000[00031000]
[ M] 122. d:\program files\rising\rfw\cfgdll.dll
Beijing Rising Information Technology Co., Ltd.
CfgDll
.text,.rdata,.data,.rsrc,.reloc,
009B0000[00010000]
[ M] 123. d:\program files\rising\rfw\proccomm.dll
Beijing Rising Information Technology Co., Ltd.
ProcComm Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 96. c:\windows\system32\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
7C3A0000[0007B000]
[ M] 95. c:\windows\system32\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
009D0000[00018000]
[ M] 124. d:\program files\rising\rfw\rsstub.dll
Beijing Rising Information Technology Co., Ltd.
rsstub Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
00CD0000[00029000]
[ M] 125. d:\program files\rising\rfw\rstask.dll
Beijing Rising Information Technology Co., Ltd.
RsTask Control
.text,.rdata,.data,.rsrc,.reloc,
731B0000[0000A000]
[ M] 126. d:\program files\rising\rfw\psapi.dll
Microsoft Corporation
Process Status Helper
.text,.rdata,.data,.rsrc,.reloc,
+ 00000410(1040) csrss.exe
+ 00000438(1080) winlogon.exe
72C80000[00008000]
[ M] 127. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
+ 00000464(1124) services.exe
46040000[0000F000]
[ M] 128. c:\windows\apppatch\acadproc.dll
Microsoft Corporation
Windows Compatibility DLL
.text,.data,.rsrc,.reloc,
+ 00000470(1136) lsass.exe
+ 00000514(1300) svchost.exe
+ 00000544(1348) svchost.exe
+ 00000580(1408) CCENTER.EXE
00400000[0001B000]
[AM] 6. d:\program files\rising\rav\ccenter.exe
Beijing Rising Information Technology Co., Ltd.
CCenter Application
.text,.rdata,.data,.rsrc,
10000000[00029000]
[ M] 129. d:\program files\rising\rav\combase.dll
Beijing Rising Information Technology Co., Ltd.
combase
.text,.rdata,.data,.rsrc,.reloc,
00680000[00027000]
[ M] 130. d:\program files\rising\rav\cnt09.dll
Beijing Rising Information Technology Co., Ltd.
cnt09 Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
009C0000[0001D000]
[ M] 131. d:\program files\rising\rav\cnt08.dll
Beijing Rising Information Technology Co., Ltd.
cnt08 Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
+ 0000058c(1420) CCENTER.EXE
00400000[0001B000]
[AM] 8. d:\program files\rising\rfw\ccenter.exe
Beijing Rising Information Technology Co., Ltd.
CCenter Application
.text,.rdata,.data,.rsrc,
10000000[00029000]
[ M] 132. d:\program files\rising\rfw\combase.dll
Beijing Rising Information Technology Co., Ltd.
combase
.text,.rdata,.data,.rsrc,.reloc,
00680000[00027000]
[ M] 133. d:\program files\rising\rfw\cnt09.dll
Beijing Rising Information Technology Co., Ltd.
cnt09 Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
+ 00000594(1428) svchost.exe
018B0000[00009000]
[ M] 111. c:\windows\system32\normaliz.dll
Microsoft Corporation
Unicode Normalization DLL
.text,.data,.rsrc,.reloc,
5DCA0000[00045000]
[ M] 84. c:\windows\system32\iertutil.dll
Microsoft Corporation
Run time utility for Internet Explorer
.text,.data,.rsrc,.reloc,
50E60000[0000C000]
[ M] 91. c:\windows\system32\wups2.dll
Microsoft Corporation
Windows Update client proxy stub 2
.text,.orpc,.data,.rsrc,.reloc,
+ 000005e4(1508) svchost.exe
+ 000005fc(1532) ScanFrm.exe
00400000[0000B000]
[AM] 12. d:\program files\rising\rav\scanfrm.exe
Beijing Rising Information Technology Co., Ltd.
Rising Scan Service Framework
.text,.rdata,.data,.rsrc,
7C3A0000[0007B000]
[ M] 95. c:\windows\system32\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 96. c:\windows\system32\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
10000000[00029000]
[ M] 129. d:\program files\rising\rav\combase.dll
Beijing Rising Information Technology Co., Ltd.
combase
.text,.rdata,.data,.rsrc,.reloc,
003E0000[00019000]
[ M] 134. d:\program files\rising\rav\moncomm.dll
Beijing Rising Information Technology Co., Ltd.
MonComm
.text,.rdata,.data,.rsrc,.reloc,
00900000[0000A000]
[ M] 135. d:\program files\rising\rav\scansrvp.dll
Beijing Rising Information Technology Co., Ltd.
ScanSrvP Module
.text,.rdata,.data,.rsrc,.reloc,
走一走 - 2009-3-23 13:40:00
00910000[00010000]
[ M] 101. d:\program files\rising\rav\proccomm.dll
Beijing Rising Information Technology Co., Ltd.
ProcComm Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
00C20000[0000E000]
[ M] 136. d:\program files\rising\rav\scansrv.dll
Beijing Rising Information Technology Co., Ltd.
ScanSrv Module
.text,.rdata,.data,.rsrc,.reloc,
01130000[0002D000]
[ M] 98. d:\program files\rising\rav\comx3.dll
Beijing Rising Information Technology Co., Ltd.
comx3 Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
01160000[00019000]
[ M] 99. d:\program files\rising\rav\syslay.dll
Beijing Rising Information Technology Co., Ltd.
Syslay
.text,.rdata,.data,.rsrc,.reloc,
+ 00000660(1632) svchost.exe
00710000[00009000]
[ M] 111. c:\windows\system32\normaliz.dll
Microsoft Corporation
Unicode Normalization DLL
.text,.data,.rsrc,.reloc,
5DCA0000[00045000]
[ M] 84. c:\windows\system32\iertutil.dll
Microsoft Corporation
Run time utility for Internet Explorer
.text,.data,.rsrc,.reloc,
+ 00000678(1656) ras.exe
00400000[0000B000]
[ M] 137. d:\program files\rising\antispyware\ras.exe
Beijing Rising Information Technology Co., Ltd.
Rising AntiSpyware
.text,.rdata,.data,.rsrc,
7C140000[00103000]
[ M] 138. d:\program files\rising\antispyware\mfc71.dll
Microsoft Corporation
MFCDLL Shared Library - Retail Version
.text,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 139. d:\program files\rising\antispyware\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
60000000[00074000]
[AM] 76. c:\windows\system32\kmon.dll
Beijing Rising Information Technology Co., Ltd.
KaKa Monitors
.text,.rdata,.data,.rsrc,.reloc,
5DCA0000[00045000]
[ M] 84. c:\windows\system32\iertutil.dll
Microsoft Corporation
Run time utility for Internet Explorer
.text,.data,.rsrc,.reloc,
10000000[00047000]
[ M] 140. d:\program files\rising\antispyware\kakamgr.dll
Beijing Rising Information Technology Co., Ltd.
Rising AntiSpyware
.text,.rdata,.data,.rsrc,.reloc,
7C3A0000[0007B000]
[ M] 141. d:\program files\rising\antispyware\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
00A90000[00019000]
[ M] 90. d:\program files\rising\antispyware\syslay.dll
Beijing Rising Information Technology Co., Ltd.
Syslay
.text,.rdata,.data,.rsrc,.reloc,
00AC0000[0001F000]
[ M] 142. d:\program files\rising\rav\proccom.dll
Beijing Rising Information Technology Co., Ltd.
ProcessC Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
00AE0000[00024000]
[ M] 143. d:\program files\rising\rav\rscommx2.dll
Beijing Rising Information Technology Co., Ltd.
RsCommX2
.text,.rdata,.data,.rsrc,.reloc,
00C30000[0002E000]
[ M] 89. d:\program files\rising\antispyware\comx3.dll
Beijing Rising Information Technology Co., Ltd.
comx3 Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
00EA0000[00058000]
[ M] 144. d:\program files\rising\antispyware\dbmgr.dll
Beijing Rising Information Technology Co., Ltd.
Rising AntiSpyware
.text,.rdata,.data,.rsrc,.reloc,
23800000[00022000]
[ M] 145. d:\program files\rising\antispyware\rsxml.dll
Beijing Rising Information Technology Co., Ltd.
RsXML
.text,.rdata,.data,.rsrc,.reloc,
01000000[0002D000]
[ M] 146. d:\program files\rising\antispyware\pweb.dll
Beijing Rising Information Technology Co., Ltd.
Rising AntiSpyware
.text,.rdata,.data,.rsrc,.reloc,
01070000[000C1000]
[ M] 147. d:\program files\rising\antispyware\pscan.dll
Beijing Rising Information Technology Co., Ltd.
Rising AntiSpyware
.text,.rdata,.data,.rsrc,.reloc,
01210000[00009000]
[ M] 111. c:\windows\system32\normaliz.dll
Microsoft Corporation
Unicode Normalization DLL
.text,.data,.rsrc,.reloc,
01220000[0002F000]
[ M] 148. d:\program files\rising\antispyware\ncomm.dll
Beijing Rising Information Technology Co., Ltd.
Rising AntiSpyware
.text,.rdata,.data,.rsrc,.reloc,
014B0000[00070000]
[ M] 149. d:\program files\rising\antispyware\pset.dll
Beijing Rising Information Technology Co., Ltd.
Rising AntiSpyware
.text,.rdata,.data,.rsrc,.reloc,
01520000[0002A000]
[ M] 150. d:\program files\rising\antispyware\pdefend.dll
Beijing Rising Information Technology Co., Ltd.
Rising AntiSpyware
.text,.rdata,.data,.rsrc,.reloc,
01550000[000B6000]
[ M] 151. d:\program files\rising\antispyware\ptools.dll
Beijing Rising Information Technology Co., Ltd.
Rising AntiSpyware
.text,.rdata,.data,.rsrc,.reloc,
01710000[0008C000]
[ M] 152. d:\program files\rising\antispyware\psysinfo.dll
Beijing Rising Information Technology Co., Ltd.
Rising AntiSpyware
.text,.rdata,.data,.rsrc,.reloc,
7E1E0000[005C9000]
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
017B0000[00024000]
[AM] 63. c:\windows\system32\ravext.dll
Beijing Rising Information Technology Co., Ltd.
Rising Shell Ext Module
.text,.rdata,.data,.rsrc,.reloc,
23900000[00040000]
[ M] 153. d:\program files\rising\antispyware\pngdll.dll
Beijing Rising Information Technology Co., Ltd.
Rising .Png File Loader Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
02F50000[00017000]
[ M] 154. d:\program files\rising\rav\ravscrch.dll
Beijing Rising Information Technology Co., Ltd.
webmon module
.text,.rdata,.data,.rsrc,.reloc,
040A0000[00475000]
[ M] 155. c:\windows\system32\macromed\flash\flash10a.ocx
Adobe Systems, Inc.
Adobe Flash Player 10.0 r12
.text,.rdata,.data,.rodata,.rsrc,.reloc,
72C80000[00008000]
[ M] 127. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
5A500000[00050000]
[AM] 60. c:\program files\windows live\messenger\fsshext.8.5.1302.1018.dll
Microsoft Corporation
Messenger File Sharing Shell Extensions
.text,.data,.rsrc,.reloc,
+ 000006c0(1728) rfwsrv.exe
00400000[00016000]
[AM] 9. d:\program files\rising\rfw\rfwsrv.exe
Beijing Rising Information Technology Co., Ltd.
rfwsrvex Application
.text,.rdata,.data,.rsrc,
10000000[00029000]
[ M] 132. d:\program files\rising\rfw\combase.dll
Beijing Rising Information Technology Co., Ltd.
combase
.text,.rdata,.data,.rsrc,.reloc,
60000000[00074000]
[AM] 76. c:\windows\system32\kmon.dll
Beijing Rising Information Technology Co., Ltd.
KaKa Monitors
.text,.rdata,.data,.rsrc,.reloc,
7C3A0000[0007B000]
[ M] 95. c:\windows\system32\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 96. c:\windows\system32\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
00900000[0001D000]
[ M] 156. d:\program files\rising\rfw\monbase.dll
Beijing Rising Information Technology Co., Ltd.
MonBase
.text,.rdata,.data,.rsrc,.reloc,
00930000[00019000]
[ M] 157. d:\program files\rising\rfw\moncomm.dll
Beijing Rising Information Technology Co., Ltd.
MonComm
.text,.rdata,.data,.rsrc,.reloc,
00960000[00064000]
[ M] 158. d:\program files\rising\rfw\rfwlog.dll
Beijing Rising Information Technology Co., Ltd.
rfwlog Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
009F0000[0000C000]
[ M] 159. d:\program files\rising\rfw\rfwrule.dll
Beijing Rising Information Technology Co., Ltd.
TODO: <File description>
.text,.rdata,.data,.rsrc,.reloc,
00A00000[00040000]
[ M] 160. d:\program files\rising\rfw\rfwsrv.dll
Beijing Rising Information Technology Co., Ltd.
Rising Personal FireWall Service
.text,.rdata,.data,.rsrc,.reloc,
00A40000[00019000]
[ M] 161. d:\program files\rising\rfw\syslay.dll
Beijing Rising Information Technology Co., Ltd.
Syslay
.text,.rdata,.data,.rsrc,.reloc,
00AD0000[0001B000]
[ M] 162. d:\program files\rising\rfw\mports.dll
Beijing Rising Information Technology Co., Ltd.
get ports list
.text,.rdata,.data,.rsrc,.reloc,
00B00000[00010000]
[ M] 163. d:\program files\rising\rfw\rfwdrvc.dll
Beijing Rising Information Technology Co., Ltd.
rfwdrvc Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
00B20000[00014000]
[ M] 164. d:\program files\rising\rfw\rfwdrv.dll
Beijing Rising Information Technology Co., Ltd.
rfwdrv.dll
.text,.rdata,.data,.rsrc,.reloc,
731B0000[0000A000]
[ M] 126. d:\program files\rising\rfw\psapi.dll
Microsoft Corporation
Process Status Helper
.text,.rdata,.data,.rsrc,.reloc,
00E50000[00067000]
[ M] 165. d:\program files\rising\rfw\rsnetsvr.dll
Beijing Rising Information Technology Co., Ltd.
rsnetsvr
.text,.rdata,.data,.rsrc,.reloc,
00FD0000[0002D000]
[ M] 166. d:\program files\rising\rfw\comx3.dll
Beijing Rising Information Technology Co., Ltd.
comx3 Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
01420000[00014000]
[ M] 167. d:\program files\rising\rfw\urlrule.dll
Beijing Rising Information Technology Co., Ltd.
Rising AntiSpyware UrlRule Library
.text,.rdata,.data,.rsrc,.reloc,
01450000[0003C000]
[ M] 168. d:\program files\rising\rfw\recomp.dll
Beijing Rising Information Technology Co., Ltd.
component manager Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
014A0000[00036000]
[ M] 169. d:\program files\rising\rfw\refs.dll
Beijing Rising Information Technology Co., Ltd.
filesystem Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
01700000[00030000]
[ M] 170. d:\program files\rising\rfw\viruslib.dll
Beijing Rising Information Technology Co., Ltd.
VirusLib Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
01770000[00028000]
[ M] 171. d:\program files\rising\rfw\relibldr.dll
Beijing Rising Information Technology Co., Ltd.
libloader Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
017F0000[0022A000]
[ M] 172. d:\program files\rising\rfw\rfwproxy.dll
Beijing Rising Information Technology Co., Ltd.
rfwproxy Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
01D70000[0000E000]
[ M] 121. d:\program files\rising\rfw\rsappmgr.dll
Beijing Rising Information Technology Co., Ltd.
Rising Application Manager
.text,.rdata,.data,.rsrc,.reloc,
01D90000[00031000]
[ M] 122. d:\program files\rising\rfw\cfgdll.dll
Beijing Rising Information Technology Co., Ltd.
CfgDll
.text,.rdata,.data,.rsrc,.reloc,
01EB0000[00010000]
[ M] 123. d:\program files\rising\rfw\proccomm.dll
Beijing Rising Information Technology Co., Ltd.
ProcComm Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
034E0000[0000E000]
[ M] 173. d:\program files\rising\rfw\urllib.dll
Beijing Rising Information Technology Co., Ltd.
Urllib Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
+ 000006ec(1772) RavMonD.exe
00400000[00020000]
[AM] 11. d:\program files\rising\rav\ravmond.exe
Beijing Rising Information Technology Co., Ltd.
ravmond
.text,.rdata,.data,.rsrc,
10000000[00029000]
[ M] 129. d:\program files\rising\rav\combase.dll
Beijing Rising Information Technology Co., Ltd.
combase
.text,.rdata,.data,.rsrc,.reloc,
7C3A0000[0007B000]
[ M] 95. c:\windows\system32\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 96. c:\windows\system32\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
00A00000[00019000]
[ M] 134. d:\program files\rising\rav\moncomm.dll
Beijing Rising Information Technology Co., Ltd.
MonComm
.text,.rdata,.data,.rsrc,.reloc,
00A20000[0001D000]
[ M] 174. d:\program files\rising\rav\monbase.dll
Beijing Rising Information Technology Co., Ltd.
MonBase
.text,.rdata,.data,.rsrc,.reloc,
00A50000[00067000]
[ M] 175. d:\program files\rising\rav\rslog.dll
Beijing Rising Information Technology Co., Ltd.
rslog Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
00AE0000[00018000]
[ M] 176. d:\program files\rising\rav\mondrv.dll
Beijing Rising Information Technology Co., Ltd.
mondrv
.text,.rdata,.data,.rsrc,.reloc,
00B10000[00023000]
[ M] 177. d:\program files\rising\rav\defmon.dll
Beijing Rising Information Technology Co., Ltd.
DefMon
.text,.rdata,.data,.rsrc,.reloc,
00B50000[00010000]
[ M] 178. d:\program files\rising\rav\moncom08.dll
Beijing Rising Information Technology Co., Ltd.
MonCom08
.text,.rdata,.data,.rsrc,.reloc,
00B70000[0006C000]
[ M] 179. d:\program files\rising\rav\monrule.dll
Beijing Rising Information Technology Co., Ltd.
MonRule
.text,.rdata,.data,.rsrc,.reloc,
00C20000[00028000]
[ M] 180. d:\program files\rising\rav\filemon.dll
Beijing Rising Information Technology Co., Ltd.
Filemon
.text,.rdata,.data,.rsrc,.reloc,
00C60000[0002B000]
[ M] 181. d:\program files\rising\rav\mailmon.dll
Beijing Rising Information Technology Co., Ltd.
MailMon
.text,.rdata,.data,.rsrc,.reloc,
00CA0000[00012000]
[ M] 182. d:\program files\rising\rav\hookweb.dll
Beijing Rising Information Technology Co., Ltd.
hookweb
.text,.rdata,.data,.rsrc,.reloc,
00D20000[00010000]
[ M] 101. d:\program files\rising\rav\proccomm.dll
Beijing Rising Information Technology Co., Ltd.
ProcComm Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
00F30000[0000E000]
[ M] 107. d:\program files\rising\rav\rsappmgr.dll
Beijing Rising Information Technology Co., Ltd.
Rising Application Manager
.text,.rdata,.data,.rsrc,.reloc,
00F50000[00031000]
[ M] 108. d:\program files\rising\rav\cfgdll.dll
Beijing Rising Information Technology Co., Ltd.
CfgDll
.text,.rdata,.data,.rsrc,.reloc,
01090000[0002D000]
[ M] 98. d:\program files\rising\rav\comx3.dll
Beijing Rising Information Technology Co., Ltd.
comx3 Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
010C0000[00019000]
[ M] 99. d:\program files\rising\rav\syslay.dll
Beijing Rising Information Technology Co., Ltd.
Syslay
超级游戏迷 - 2009-3-23 13:42:00
请按步骤做:
1、进入注册表编辑器,删除HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\dz50u7b2ya这个注册表子项;
2、关闭注册表编辑器,然后直接重启电脑。
超级游戏迷 - 2009-3-23 13:45:00
e:\uf2000\desktop\runie.exe
不知道是什么东西……:default21:
【注】发帖前请先阅读置顶版规……
走一走 - 2009-3-23 13:47:00
.text,.rdata,.data,.rsrc,.reloc,
01230000[00020000]
[ M] 183. d:\program files\rising\rav\hooksys.dll
Beijing Rising Information Technology Co., Ltd.
Hooksys.dll
.text,.rdata,.data,.idata,.rsrc,.reloc,
012E0000[0001F000]
[ M] 142. d:\program files\rising\rav\proccom.dll
Beijing Rising Information Technology Co., Ltd.
ProcessC Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
01300000[00024000]
[ M] 143. d:\program files\rising\rav\rscommx2.dll
Beijing Rising Information Technology Co., Ltd.
RsCommX2
.text,.rdata,.data,.rsrc,.reloc,
01350000[00013000]
[ M] 184. d:\program files\rising\rav\hookcont.dll
Beijing Rising Information Technology Co., Ltd.
HookCont Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
01500000[00067000]
[ M] 185. d:\program files\rising\rav\rsnetsvr.dll
Beijing Rising Information Technology Co., Ltd.
rsnetsvr
.text,.rdata,.data,.rsrc,.reloc,
01870000[00070000]
[ M] 186. d:\program files\rising\rav\bacore.dll
Beijing Rising Information Technology Co., Ltd.
Rising MBA DLL
.text,.rdata,.data,.rsrc,.reloc,
019E0000[0003C000]
[ M] 187. d:\program files\rising\rav\recomp.dll
Beijing Rising Information Technology Co., Ltd.
component manager Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
01A30000[00036000]
[ M] 188. d:\program files\rising\rav\refs.dll
Beijing Rising Information Technology Co., Ltd.
filesystem Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
01A80000[0002A000]
[ M] 189. d:\program files\rising\rav\rsstore.dll
Beijing Rising Information Technology Co., Ltd.
RSStore
.text,.rdata,.data,.rsrc,.reloc,
01AC0000[0000D000]
[ M] 190. d:\program files\rising\rav\scanadd.dll
Beijing Rising Information Technology Co., Ltd.
Rising Scan Service Addon
.text,.rdata,.data,.rsrc,.reloc,
01AD0000[00026000]
[ M] 191. d:\program files\rising\rav\scanner.dll
Beijing Rising Information Technology Co., Ltd.
RsScanner Module
.text,.rdata,.data,.rsrc,.reloc,
01D10000[00030000]
[ M] 192. d:\program files\rising\rav\viruslib.dll
Beijing Rising Information Technology Co., Ltd.
VirusLib Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
01E50000[00028000]
[ M] 193. d:\program files\rising\rav\relibldr.dll
Beijing Rising Information Technology Co., Ltd.
libloader Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
03FD0000[00022000]
[ M] 194. d:\program files\rising\rav\ffr.dll
Beijing Rising Information Technology Co., Ltd.
ffr Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
04010000[00021000]
[ M] 195. d:\program files\rising\rav\nvfile.dll
Beijing Rising Information Technology Co., Ltd.
NVFile
.text,.rdata,.data,.rsrc,.reloc,
048A0000[000F7000]
[ M] 196. d:\program files\rising\rav\extfile.dll
Beijing Rising Information Technology Co., Ltd.
extfile Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
13AB0000[00045000]
[ M] 197. d:\program files\rising\rav\scanexec.dll
Beijing Rising Information Technology Co., Ltd.
ScanExec
.text,.rdata,.data,.rsrc,.reloc,
049C0000[002DD000]
[ M] 198. d:\program files\rising\rav\unexe.dll
Beijing Rising Information Technology Co., Ltd.
UnExe
.text,.rdata,.data,.rsrc,.reloc,
04CB0000[000DB000]
[ M] 199. d:\program files\rising\rav\scanex.dll
Beijing Rising Information Technology Co., Ltd.
ScanEx
.text,.rdata,.data,.rsrc,.reloc,
02710000[00029000]
[ M] 200. d:\program files\rising\rav\pearc.dll
Beijing Rising Information Technology Co., Ltd.
pearchive Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
036E0000[00028000]
[ M] 201. d:\program files\rising\rav\scanpe.dll
Beijing Rising Information Technology Co., Ltd.
scanpe Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
03680000[0001B000]
[ M] 202. d:\program files\rising\rav\ur000.dat
Beijing Rising Information Technology Co., Ltd.
Unpack Routine
.text,.rdata,.data,.rsrc,.reloc,
03710000[00035000]
[ M] 203. d:\program files\rising\rav\urutils.dll
Beijing Rising Information Technology Co., Ltd.
urutils Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
09DA0000[00023000]
[ M] 204. d:\program files\rising\rav\scansct.dll
Beijing Rising Information Technology Co., Ltd.
ScanSct Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
+ 0000071c(1820) rsnetsvr.exe
00400000[00079000]
[ M] 205. d:\program files\rising\rav\rsnetsvr.exe
Beijing Rising Information Technology Co., Ltd.
rsnetsvr
.text,.rdata,.data,.rsrc,
10000000[00035000]
[ M] 206. d:\program files\rising\rav\ncomm.dll
Beijing Rising Information Technology Co., Ltd.
Rising AntiSpyware
.text,.rdata,.data,.rsrc,.reloc,
00390000[00009000]
[ M] 111. c:\windows\system32\normaliz.dll
Microsoft Corporation
Unicode Normalization DLL
.text,.data,.rsrc,.reloc,
5DCA0000[00045000]
[ M] 84. c:\windows\system32\iertutil.dll
Microsoft Corporation
Run time utility for Internet Explorer
.text,.data,.rsrc,.reloc,
003A0000[00019000]
[ M] 99. d:\program files\rising\rav\syslay.dll
Beijing Rising Information Technology Co., Ltd.
Syslay
.text,.rdata,.data,.rsrc,.reloc,
00DD0000[0002D000]
[ M] 98. d:\program files\rising\rav\comx3.dll
Beijing Rising Information Technology Co., Ltd.
comx3 Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
00F40000[00010000]
[ M] 101. d:\program files\rising\rav\proccomm.dll
Beijing Rising Information Technology Co., Ltd.
ProcComm Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 96. c:\windows\system32\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
7C3A0000[0007B000]
[ M] 95. c:\windows\system32\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
+ 0000076c(1900) ServerNT.exe
00400000[0000A000]
[AM] 13. c:\windows\system32\servernt.exe
.text,.rdata,.data,
60000000[00074000]
[AM] 76. c:\windows\system32\kmon.dll
Beijing Rising Information Technology Co., Ltd.
KaKa Monitors
.text,.rdata,.data,.rsrc,.reloc,
5DCA0000[00045000]
[ M] 84. c:\windows\system32\iertutil.dll
Microsoft Corporation
Run time utility for Internet Explorer
.text,.data,.rsrc,.reloc,
10000000[00008000]
[ M] 207. c:\windows\system32\umiscnt.dll
UMiscell DLL
.text,.rdata,.data,.rsrc,.reloc,
00980000[0000F000]
[ M] 208. c:\windows\system32\sgv.dll
M80SGV DLL
.text,.rdata,.data,.rsrc,.reloc,
00990000[0007B000]
[ M] 209. c:\windows\system32\sense3.dll
翔讯软件.
用友ERP-U8管理软件加密狗虚拟程序.
,,.rsrc,
00A30000[00007000]
[ M] 210. c:\windows\system32\secucomm.dll
.text,.rdata,.data,.reloc,
42400000[00401000]
[ M] 211. c:\program files\microsoft sql server\80\tools\binn\sqldmo.dll
Microsoft Corporation
Distributed Management Objects OLE DLL for SQL Enterprise Manager
.text,.rdata,.data,.rsrc,.reloc,
42AC0000[00007000]
[ M] 212. c:\program files\microsoft sql server\80\tools\binn\sqlresld.dll
Microsoft Corporation
SQL Enterprise Manager Reesource DLL Loader
.text,.rdata,.data,.rsrc,.reloc,
42C40000[00017000]
[ M] 213. c:\program files\microsoft sql server\80\tools\binn\sqlsvc.dll
Microsoft Corporation
Service Layer DLL for SQL Enterprise Workbench
.text,.rdata,.data,.rsrc,.reloc,
4B4F0000[00006000]
[ M] 214. c:\windows\system32\odbcbcp.dll
Microsoft Corporation
Microsoft BCP for ODBC
.text,.data,.rsrc,.reloc,
走一走 - 2009-3-23 13:48:00
41140000[0000C000]
[ M] 215. c:\program files\microsoft sql server\80\tools\binn\w95scm.dll
Microsoft Corporation
SQL Server Windows 95 Lite SCM
.text,.rdata,.data,.rsrc,.reloc,
43970000[00006000]
[ M] 216. c:\program files\microsoft sql server\80\tools\binn\resources\2052\sqlsvc.rll
Microsoft Corporation
SQLSVC70 Resource DLL
.text,.rdata,.data,.rsrc,.reloc,
436D0000[00092000]
[ M] 217. c:\program files\microsoft sql server\80\tools\binn\resources\2052\sqldmo.rll
Microsoft Corporation
Distributed Management Objects OLE Resource DLL for SQL Enterprise Manager
.text,.rdata,.data,.rsrc,.reloc,
4DDE0000[00081000]
[ M] 218. c:\program files\common files\system\ole db\sqloledb.dll
Microsoft Corporation
Microsoft OLE DB Provider for SQL Server
.text,.data,.sdbid,.rsrc,.reloc,
74CD0000[00007000]
[ M] 219. c:\windows\system32\dbmslpcn.dll
Microsoft Corporation
Client-Side Local Inter-Process Communication (LPC) Net Library
.text,.rdata,.data,.rsrc,.reloc,
753F0000[0000F000]
[ M] 220. c:\program files\common files\system\ole db\sqloledb.rll
Microsoft Corporation
Microsoft OLE DB Provider for SQL Server
.rsrc,.reloc,
+ 000007f4(2036) SOUNDMAN.EXE
00400000[0008F000]
[AM] 67. c:\windows\soundman.exe
Realtek Semiconductor Corp.
Realtek Sound Manager
.text,.rdata,.data,.sxdata,.rsrc,
60000000[00074000]
[AM] 76. c:\windows\system32\kmon.dll
Beijing Rising Information Technology Co., Ltd.
KaKa Monitors
.text,.rdata,.data,.rsrc,.reloc,
5DCA0000[00045000]
[ M] 84. c:\windows\system32\iertutil.dll
Microsoft Corporation
Run time utility for Internet Explorer
.text,.data,.rsrc,.reloc,
+ 00000804(2052) rstray.exe
00400000[00023000]
[AM] 68. d:\program files\rising\antispyware\rstray.exe
Beijing Rising Information Technology Co., Ltd.
RSTray
.text,.rdata,.data,.rsrc,
10000000[0003C000]
[ M] 221. d:\program files\rising\antispyware\rsmginfo.dll
Beijing Rising Information Technology Co., Ltd.
rsmginfo
.text,.rdata,.data,.rsrc,.reloc,
009E0000[00009000]
[ M] 111. c:\windows\system32\normaliz.dll
Microsoft Corporation
Unicode Normalization DLL
.text,.data,.rsrc,.reloc,
5DCA0000[00045000]
[ M] 84. c:\windows\system32\iertutil.dll
Microsoft Corporation
Run time utility for Internet Explorer
.text,.data,.rsrc,.reloc,
23800000[00022000]
[ M] 145. d:\program files\rising\antispyware\rsxml.dll
Beijing Rising Information Technology Co., Ltd.
RsXML
.text,.rdata,.data,.rsrc,.reloc,
7C3A0000[0007B000]
[ M] 141. d:\program files\rising\antispyware\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 139. d:\program files\rising\antispyware\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
00D80000[00024000]
[ M] 222. d:\program files\rising\antispyware\comserv.dll
Beijing Rising Information Technology Co., Ltd.
.text,.rdata,.data,.rsrc,.reloc,
00DB0000[00019000]
[ M] 90. d:\program files\rising\antispyware\syslay.dll
Beijing Rising Information Technology Co., Ltd.
Syslay
.text,.rdata,.data,.rsrc,.reloc,
23700000[00026000]
[ M] 223. d:\program files\rising\antispyware\rscommon.dll
Beijing Rising Information Technology Co., Ltd.
Rising Common Function Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
00DF0000[0002E000]
[ M] 89. d:\program files\rising\antispyware\comx3.dll
Beijing Rising Information Technology Co., Ltd.
comx3 Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
23900000[00040000]
[ M] 153. d:\program files\rising\antispyware\pngdll.dll
Beijing Rising Information Technology Co., Ltd.
Rising .Png File Loader Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
01270000[00061000]
[ M] 224. d:\program files\rising\antispyware\runiep.dll
Beijing Rising Information Technology Co., Ltd.
Rising AntiSpyware tray
.text,.rdata,.data,.rsrc,.reloc,
01180000[0002F000]
[ M] 148. d:\program files\rising\antispyware\ncomm.dll
Beijing Rising Information Technology Co., Ltd.
Rising AntiSpyware
.text,.rdata,.data,.rsrc,.reloc,
012E0000[0001F000]
[ M] 142. d:\program files\rising\rav\proccom.dll
Beijing Rising Information Technology Co., Ltd.
ProcessC Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
01300000[00024000]
[ M] 143. d:\program files\rising\rav\rscommx2.dll
Beijing Rising Information Technology Co., Ltd.
RsCommX2
.text,.rdata,.data,.rsrc,.reloc,
+ 0000080c(2060) RsTray.exe
00400000[00023000]
[AM] 69. d:\program files\rising\rfw\rstray.exe
Beijing Rising Information Technology Co., Ltd.
Rising tray framework
.text,.rdata,.data,.rsrc,
10000000[00023000]
[ M] 225. d:\program files\rising\rfw\comserv.dll
Beijing Rising Information Technology Co., Ltd.
Rising tray common service
.text,.rdata,.data,.rsrc,.reloc,
7C3A0000[0007B000]
[ M] 95. c:\windows\system32\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 96. c:\windows\system32\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
23700000[00023000]
[ M] 226. d:\program files\rising\rfw\rslang.dll
Beijing Rising Information Technology Co., Ltd.
Rising Common Function Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
00990000[0002D000]
[ M] 166. d:\program files\rising\rfw\comx3.dll
Beijing Rising Information Technology Co., Ltd.
comx3 Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
009C0000[00019000]
[ M] 161. d:\program files\rising\rfw\syslay.dll
Beijing Rising Information Technology Co., Ltd.
Syslay
.text,.rdata,.data,.rsrc,.reloc,
23800000[00025000]
[ M] 227. d:\program files\rising\rfw\rsxml.dll
Beijing Rising Information Technology Co., Ltd.
RsXML
.text,.rdata,.data,.rsrc,.reloc,
00CC0000[00010000]
[ M] 123. d:\program files\rising\rfw\proccomm.dll
Beijing Rising Information Technology Co., Ltd.
ProcComm Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
00FD0000[00013000]
[ M] 228. d:\program files\rising\rfw\monstate.dll
Beijing Rising Information Technology Co., Ltd.
MonState
.text,.rdata,.data,.rsrc,.reloc,
01000000[0000C000]
[ M] 159. d:\program files\rising\rfw\rfwrule.dll
Beijing Rising Information Technology Co., Ltd.
TODO: <File description>
.text,.rdata,.data,.rsrc,.reloc,
01010000[00017000]
[ M] 120. d:\program files\rising\rfw\rsconf.dll
Beijing Rising Information Technology Co., Ltd.
rsconf Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
01040000[0000E000]
[ M] 121. d:\program files\rising\rfw\rsappmgr.dll
Beijing Rising Information Technology Co., Ltd.
Rising Application Manager
.text,.rdata,.data,.rsrc,.reloc,
01060000[00031000]
[ M] 122. d:\program files\rising\rfw\cfgdll.dll
Beijing Rising Information Technology Co., Ltd.
CfgDll
.text,.rdata,.data,.rsrc,.reloc,
010B0000[00030000]
[ M] 229. d:\program files\rising\rfw\rspalvd.dll
Beijing Rising Information Technology Co., Ltd.
rspalvd
.text,.rdata,.data,.rsrc,.reloc,
26600000[000C3000]
[ M] 230. d:\program files\rising\rfw\rsguilib.dll
Beijing Rising Information Technology Co., Ltd.
Rising GUI Library Loader
.text,.rdata,.data,.rsrc,.reloc,
7C140000[00103000]
[ M] 105. c:\windows\system32\mfc71.dll
Microsoft Corporation
MFCDLL Shared Library - Retail Version
.text,.data,.rsrc,.reloc,
33000000[00025000]
[ M] 231. d:\program files\rising\rfw\ravbintl.dll
Beijing Rising Information Technology Co., Ltd.
ravbintl Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
01130000[00009000]
[ M] 111. c:\windows\system32\normaliz.dll
Microsoft Corporation
Unicode Normalization DLL
.text,.data,.rsrc,.reloc,
5DCA0000[00045000]
[ M] 84. c:\windows\system32\iertutil.dll
Microsoft Corporation
Run time utility for Internet Explorer
.text,.data,.rsrc,.reloc,
01510000[00067000]
[ M] 165. d:\program files\rising\rfw\rsnetsvr.dll
Beijing Rising Information Technology Co., Ltd.
rsnetsvr
.text,.rdata,.data,.rsrc,.reloc,
01590000[00044000]
[ M] 232. d:\program files\rising\rfw\rsmginfo.dll
Beijing Rising Information Technology Co., Ltd.
rsmginfo
.text,.rdata,.data,.rsrc,.reloc,
015F0000[0004B000]
[ M] 233. d:\program files\rising\rfw\rfwtray.dll
Beijing Rising Information Technology Co., Ltd.
rfwtray Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
23900000[00040000]
[ M] 234. d:\program files\rising\rfw\pngdll.dll
Beijing Rising Information Technology Co., Ltd.
Rising .Png File Loader Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
01BF0000[00064000]
[ M] 158. d:\program files\rising\rfw\rfwlog.dll
Beijing Rising Information Technology Co., Ltd.
rfwlog Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
+ 00000844(2116) RunDLL32.exe
60000000[00074000]
[AM] 76. c:\windows\system32\kmon.dll
Beijing Rising Information Technology Co., Ltd.
KaKa Monitors
.text,.rdata,.data,.rsrc,.reloc,
5DCA0000[00045000]
[ M] 84. c:\windows\system32\iertutil.dll
Microsoft Corporation
Run time utility for Internet Explorer
.text,.data,.rsrc,.reloc,
10000000[00017000]
[ M] 235. c:\windows\system32\nvmctray.dll
NVIDIA Corporation
NVIDIA Media Center Library
.text,.rdata,.data,.shared,.rsrc,.reloc,
00B40000[00037000]
[ M] 236. c:\windows\system32\nvrszhc.dll
NVIDIA Corporation
NVIDIA Simplified Chinese language resource library
.rsrc,.reloc,
+ 00000850(2128) knownsvr.exe
00400000[00072000]
[ M] 237. d:\program files\rising\antispyware\knownsvr.exe
Beijing Rising Information Technology Co., Ltd.
Rising AntiSpyware
.text,.rdata,.data,.rsrc,
10000000[0002F000]
[ M] 148. d:\program files\rising\antispyware\ncomm.dll
Beijing Rising Information Technology Co., Ltd.
Rising AntiSpyware
.text,.rdata,.data,.rsrc,.reloc,
003A0000[00009000]
[ M] 111. c:\windows\system32\normaliz.dll
Microsoft Corporation
Unicode Normalization DLL
.text,.data,.rsrc,.reloc,
5DCA0000[00045000]
[ M] 84. c:\windows\system32\iertutil.dll
Microsoft Corporation
Run time utility for Internet Explorer
.text,.data,.rsrc,.reloc,
60000000[00074000]
[AM] 76. c:\windows\system32\kmon.dll
Beijing Rising Information Technology Co., Ltd.
KaKa Monitors
.text,.rdata,.data,.rsrc,.reloc,
00CE0000[0002E000]
[ M] 89. d:\program files\rising\antispyware\comx3.dll
Beijing Rising Information Technology Co., Ltd.
comx3 Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
00D10000[00019000]
[ M] 90. d:\program files\rising\antispyware\syslay.dll
Beijing Rising Information Technology Co., Ltd.
Syslay
.text,.rdata,.data,.rsrc,.reloc,
+ 00000908(2312) TaxInfo.exe
00400000[0016C000]
[AM] 71. d:\program files\nbctaistax\taxinfo.exe
CODE,DATA,BSS,.idata,.tls,.rdata,.reloc,.rsrc,.aspack,.adata,
00390000[00009000]
[ M] 111. c:\windows\system32\normaliz.dll
Microsoft Corporation
Unicode Normalization DLL
.text,.data,.rsrc,.reloc,
走一走 - 2009-3-23 13:48:00
5DCA0000[00045000]
[ M] 84. c:\windows\system32\iertutil.dll
Microsoft Corporation
Run time utility for Internet Explorer
.text,.data,.rsrc,.reloc,
60000000[00074000]
[AM] 76. c:\windows\system32\kmon.dll
Beijing Rising Information Technology Co., Ltd.
KaKa Monitors
.text,.rdata,.data,.rsrc,.reloc,
7E1E0000[005C9000]
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
+ 00000990(2448) ctfmon.exe
60000000[00074000]
[AM] 76. c:\windows\system32\kmon.dll
Beijing Rising Information Technology Co., Ltd.
KaKa Monitors
.text,.rdata,.data,.rsrc,.reloc,
10000000[0002E000]
[ M] 89. d:\program files\rising\antispyware\comx3.dll
Beijing Rising Information Technology Co., Ltd.
comx3 Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
003D0000[00019000]
[ M] 90. d:\program files\rising\antispyware\syslay.dll
Beijing Rising Information Technology Co., Ltd.
Syslay
.text,.rdata,.data,.rsrc,.reloc,
5DCA0000[00045000]
[ M] 84. c:\windows\system32\iertutil.dll
Microsoft Corporation
Run time utility for Internet Explorer
.text,.data,.rsrc,.reloc,
+ 00000a1c(2588) alg.exe
60000000[00074000]
[AM] 76. c:\windows\system32\kmon.dll
Beijing Rising Information Technology Co., Ltd.
KaKa Monitors
.text,.rdata,.data,.rsrc,.reloc,
5DCA0000[00045000]
[ M] 84. c:\windows\system32\iertutil.dll
Microsoft Corporation
Run time utility for Internet Explorer
.text,.data,.rsrc,.reloc,
+ 00000b78(2936) msnmsgr.exe
00400000[00575000]
[AM] 65. c:\program files\windows live\messenger\msnmsgr.exe
Microsoft Corporation
Windows Live Messenger
.text,.data,.rsrc,
59100000[000F9000]
[ M] 238. c:\program files\windows live\messenger\msncore.dll
Microsoft Corporation
Windows Live Client Code Module
.text,.data,.rsrc,.reloc,
5DCA0000[00045000]
[ M] 84. c:\windows\system32\iertutil.dll
Microsoft Corporation
Run time utility for Internet Explorer
.text,.data,.rsrc,.reloc,
002F0000[00009000]
[ M] 111. c:\windows\system32\normaliz.dll
Microsoft Corporation
Unicode Normalization DLL
.text,.data,.rsrc,.reloc,
27500000[000C8000]
[ M] 239. c:\program files\windows live\messenger\msidcrl40.dll
Microsoft Corporation
IDCRL Dynamic Link Library
.text,.data,.rsrc,.reloc,
5A700000[00054000]
[ M] 240. c:\program files\windows live\messenger\contactsux.dll
Microsoft Corporation
Windows Live Contact User Experience Module
.text,.data,.rsrc,.reloc,
60000000[00074000]
[AM] 76. c:\windows\system32\kmon.dll
Beijing Rising Information Technology Co., Ltd.
KaKa Monitors
.text,.rdata,.data,.rsrc,.reloc,
10000000[0002E000]
[ M] 89. d:\program files\rising\antispyware\comx3.dll
Beijing Rising Information Technology Co., Ltd.
comx3 Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
013F0000[00019000]
[ M] 90. d:\program files\rising\antispyware\syslay.dll
Beijing Rising Information Technology Co., Ltd.
Syslay
.text,.rdata,.data,.rsrc,.reloc,
59300000[00184000]
[ M] 241. c:\program files\windows live\messenger\msgslang.8.5.1302.1018.dll
Microsoft Corporation
Windows Live Messenger Language Specific Resources
.rsrc,
5B200000[0025F000]
[ M] 242. c:\program files\windows live\messenger\msgsres.dll
Microsoft Corporation
Windows Live Messenger Non Language Specific Resources
.rsrc,
01560000[0000B000]
[ M] 243. c:\program files\windows live\messenger\custsat.dll
Microsoft Corporation
custsat
.text,.data,.rsrc,.reloc,
5B500000[000A5000]
[ M] 244. c:\program files\windows live\messenger\msgswcam.dll
Microsoft Corporation
Messenger WebCam Library
.text,.data,.rsrc,.reloc,
5A600000[00013000]
[ M] 245. c:\windows\system32\sirenacm.dll
Microsoft Corporation
Messenger Audio Codec
.text,.data,.rsrc,.reloc,
+ 00000c04(3076) Explorer.EXE
00400000[00009000]
[ M] 111. c:\windows\system32\normaliz.dll
Microsoft Corporation
Unicode Normalization DLL
.text,.data,.rsrc,.reloc,
5DCA0000[00045000]
[ M] 84. c:\windows\system32\iertutil.dll
Microsoft Corporation
Run time utility for Internet Explorer
.text,.data,.rsrc,.reloc,
60000000[00074000]
[AM] 76. c:\windows\system32\kmon.dll
Beijing Rising Information Technology Co., Ltd.
KaKa Monitors
.text,.rdata,.data,.rsrc,.reloc,
10000000[00024000]
[AM] 63. c:\windows\system32\ravext.dll
Beijing Rising Information Technology Co., Ltd.
Rising Shell Ext Module
.text,.rdata,.data,.rsrc,.reloc,
01B50000[005C9000]
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
164A0000[00023000]
[AM] 64. c:\windows\system32\wpdshserviceobj.dll
Microsoft Corporation
Windows Portable Device Shell Service Object
.text,.data,.rsrc,.reloc,
109C0000[0002C000]
[ M] 246. c:\windows\system32\portabledevicetypes.dll
Microsoft Corporation
Windows Portable Device (Parameter) Types Component
.text,.orpc,.data,.rsrc,.reloc,
10930000[00049000]
[ M] 247. c:\windows\system32\portabledeviceapi.dll
Microsoft Corporation
Windows Portable Device API Components
.text,.orpc,.data,.rsrc,.reloc,
72C80000[00008000]
[ M] 127. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
+ 00000d2c(3372) sqlmangr.exe
00400000[00012000]
[AM] 78. c:\program files\microsoft sql server\80\tools\binn\sqlmangr.exe
Microsoft Corporation
SQL Server Service Manager
.text,.rdata,.data,.rsrc,
41140000[0000C000]
[ M] 215. c:\program files\microsoft sql server\80\tools\binn\w95scm.dll
Microsoft Corporation
SQL Server Windows 95 Lite SCM
.text,.rdata,.data,.rsrc,.reloc,
42C40000[00017000]
[ M] 213. c:\program files\microsoft sql server\80\tools\binn\sqlsvc.dll
Microsoft Corporation
Service Layer DLL for SQL Enterprise Workbench
.text,.rdata,.data,.rsrc,.reloc,
4B4F0000[00006000]
[ M] 214. c:\windows\system32\odbcbcp.dll
Microsoft Corporation
Microsoft BCP for ODBC
.text,.data,.rsrc,.reloc,
42AC0000[00007000]
[ M] 212. c:\program files\microsoft sql server\80\tools\binn\sqlresld.dll
Microsoft Corporation
SQL Enterprise Manager Reesource DLL Loader
.text,.rdata,.data,.rsrc,.reloc,
60000000[00074000]
[AM] 76. c:\windows\system32\kmon.dll
Beijing Rising Information Technology Co., Ltd.
KaKa Monitors
.text,.rdata,.data,.rsrc,.reloc,
43970000[00006000]
[ M] 216. c:\program files\microsoft sql server\80\tools\binn\resources\2052\sqlsvc.rll
Microsoft Corporation
SQLSVC70 Resource DLL
.text,.rdata,.data,.rsrc,.reloc,
10000000[0002E000]
[ M] 89. d:\program files\rising\antispyware\comx3.dll
Beijing Rising Information Technology Co., Ltd.
comx3 Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
00A60000[00019000]
[ M] 90. d:\program files\rising\antispyware\syslay.dll
Beijing Rising Information Technology Co., Ltd.
Syslay
.text,.rdata,.data,.rsrc,.reloc,
5DCA0000[00045000]
[ M] 84. c:\windows\system32\iertutil.dll
Microsoft Corporation
Run time utility for Internet Explorer
.text,.data,.rsrc,.reloc,
43790000[00018000]
[ M] 248. c:\program files\microsoft sql server\80\tools\binn\resources\2052\sqlmangr.rll
Microsoft Corporation
SQL Server Service Manager Resource DLL
.text,.rdata,.data,.rsrc,.reloc,
+ 00000d4c(3404) TDXW.EXE
00400000[00496000]
[ M] 249. d:\jcb_tyzq\tdxw.exe
.text,.rdata,.data,.rsrc,
10000000[00B65000]
[ M] 250. d:\jcb_tyzq\tcalc.dll
TCalc DLL
.text,.rdata,.data,.rsrc,.reloc,
6BC40000[000F2000]
[ M] 251. d:\jcb_tyzq\mfc42.dll
Microsoft Corporation
MFCDLL Shared Library - Retail Version
.text,.rdata,.data,.rsrc,.reloc,
780C0000[00061000]
[ M] 252. d:\jcb_tyzq\msvcp60.dll
Microsoft Corporation
Microsoft (R) C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
008A0000[000B7000]
[ M] 253. d:\jcb_tyzq\viewthem.dll
Viewthem DLL
.text,.rdata,.data,.rsrc,.reloc,
00960000[00094000]
[ M] 254. d:\jcb_tyzq\invest.dll
个人理财动态链接库
.text,.rdata,.data,.rsrc,.reloc,
00390000[00014000]
[ M] 255. d:\jcb_tyzq\dbf.dll
.text,.rdata,.data,.reloc,
003B0000[00017000]
[ M] 256. d:\jcb_tyzq\secure.dll
通达信
Secure
.text,.rdata,.data,.rsrc,.reloc,
003D0000[00017000]
[ M] 257. d:\jcb_tyzq\ttools.dll
TTools DLL
.text,.rdata,.data,.rsrc,.reloc,
00A00000[00036000]
[ M] 258. d:\jcb_tyzq\tlist.dll
TDXListCtrlExR DLL
.text,.rdata,.data,.rsrc,.reloc,
60000000[00074000]
[AM] 76. c:\windows\system32\kmon.dll
Beijing Rising Information Technology Co., Ltd.
KaKa Monitors
.text,.rdata,.data,.rsrc,.reloc,
013A0000[0002E000]
[ M] 89. d:\program files\rising\antispyware\comx3.dll
Beijing Rising Information Technology Co., Ltd.
comx3 Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
013D0000[00019000]
[ M] 90. d:\program files\rising\antispyware\syslay.dll
Beijing Rising Information Technology Co., Ltd.
Syslay
.text,.rdata,.data,.rsrc,.reloc,
5DCA0000[00045000]
[ M] 84. c:\windows\system32\iertutil.dll
Microsoft Corporation
Run time utility for Internet Explorer
.text,.data,.rsrc,.reloc,
014F0000[00019000]
[ M] 259. d:\jcb_tyzq\calcer.dll
Calcer DLL
.text,.rdata,.data,.rsrc,.reloc,
01510000[0001E000]
[ M] 260. d:\jcb_tyzq\advhq.dll
Advhq DLL
.text,.rdata,.data,.rsrc,.reloc,
7E1E0000[005C9000]
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
02540000[00009000]
[ M] 111. c:\windows\system32\normaliz.dll
Microsoft Corporation
Unicode Normalization DLL
.text,.data,.rsrc,.reloc,
035B0000[00017000]
[ M] 154. d:\program files\rising\rav\ravscrch.dll
Beijing Rising Information Technology Co., Ltd.
webmon module
.text,.rdata,.data,.rsrc,.reloc,
7C3A0000[0007B000]
[ M] 95. c:\windows\system32\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 96. c:\windows\system32\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
+ 00000e38(3640) iexplore.exe
5DCA0000[00045000]
[ M] 84. c:\windows\system32\iertutil.dll
Microsoft Corporation
Run time utility for Internet Explorer
.text,.data,.rsrc,.reloc,
60000000[00074000]
[AM] 76. c:\windows\system32\kmon.dll
Beijing Rising Information Technology Co., Ltd.
KaKa Monitors
.text,.rdata,.data,.rsrc,.reloc,
10000000[0002E000]
[ M] 89. d:\program files\rising\antispyware\comx3.dll
Beijing Rising Information Technology Co., Ltd.
comx3 Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
009C0000[00019000]
[ M] 90. d:\program files\rising\antispyware\syslay.dll
Beijing Rising Information Technology Co., Ltd.
Syslay
.text,.rdata,.data,.rsrc,.reloc,
7E1E0000[005C9000]
[AM] 39. c:\windows\system32\ieframe.dll
Microsoft Corporation
Internet Explorer
.text,.data,.rsrc,.reloc,
5DFF0000[0002F000]
[ M] 261. c:\windows\system32\ieui.dll
Microsoft Corporation
Internet Explorer UI Engine
.text,.data,.rsrc,.reloc,
45D40000[00021000]
[ M] 262. c:\windows\system32\xmllite.dll
Microsoft Corporation
Microsoft XmlLite Library
.text,.data,.rsrc,.reloc,
61930000[0004A000]
[ M] 263. c:\program files\internet explorer\ieproxy.dll
Microsoft Corporation
IE ActiveX Interface Marshaling Library
.text,.orpc,.data,.rsrc,.reloc,
02050000[00009000]
[ M] 111. c:\windows\system32\normaliz.dll
Microsoft Corporation
Unicode Normalization DLL
.text,.data,.rsrc,.reloc,
02D90000[00108000]
[AM] 38. c:\tddownload\magicset\haokanbar.dll
Xiang Feng Technology
HaoKanBar Toolbar Module
.text,.rdata,.data,.SHARED,.rsrc,.reloc,
68EF0000[0001F000]
[ M] 264. c:\tddownload\magicset\oleacc.dll
Microsoft Corporation
Active Accessibility Core Component
.text,.data,Shared,.rsrc,.reloc,
02060000[0002C000]
[AM] 40. d:\program files\thunder network\thunder\comdlls\tdatonce_now.dll
Thunder Networking Technologies,LTD
迅雷浏览器高级特性支持模块
.text,.rdata,.data,.rsrc,.reloc,
01B60000[0000E000]
[AM] 41. c:\program files\adobe\acrobat 7.0\activex\acroiehelper.dll
Adobe Systems Incorporated
Adobe Acrobat IE Helper Version 7.0 for ActiveX
.text,.rdata,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 96. c:\windows\system32\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
02FD0000[00031000]
[AM] 42. d:\program files\thunder network\thunder\comdlls\xunleibho_now.dll
Thunder Networking Technologies,LTD
XunLeiBHO
.text,.rdata,.data,.rsrc,.reloc,
24240000[0000E000]
[ M] 265. d:\program files\thunder network\thunder\components\resworker\dsbho_00.dll
Thunder Networking Technologies,LTD
DsBho
.text,.rdata,.data,.rsrc,.reloc,
241F0000[0001E000]
[ M] 266. d:\program files\thunder network\thunder\components\resworker\dataprocessor_00.dll
Thunder Networking Technologies,LTD
DataProcessor
.text,.rdata,.data,.rsrc,.reloc,
29500000[00067000]
[AM] 43. c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
Microsoft Corporation
WindowsLiveLogin.dll
.text,.data,.rsrc,.reloc,
27500000[0011A000]
[ M] 267. c:\program files\common files\microsoft shared\windows live\msidcrl40.dll
Microsoft Corporation
IDCRL Dynamic Link Library
.text,.data,.rsrc,.reloc,
03290000[00018000]
[AM] 44. c:\windows\system32\urlfilter.dll
Beijing Rising Information Technology Co., Ltd.
Rising AntiSpyware UrlFilter Module
.text,.rdata,.data,.rsrc,.reloc,
032C0000[00011000]
[ M] 268. d:\program files\rising\antispyware\urlrule.dll
Beijing Rising Information Technology Co., Ltd.
Rising AntiSpyware UrlRule Library
.text,.rdata,.data,.rsrc,.reloc,
472B0000[00087000]
[AM] 37. c:\program files\windows live toolbar\msntb.dll
Microsoft Corporation
Windows Live Toolbar for Internet Explorer
.text,.data,.rsrc,.reloc,
03D90000[00004000]
[ M] 269. c:\program files\windows live toolbar\zh-cn\mtbres.dll.mui
Microsoft Corporation
Windows Live Toolbar 资源库
.rsrc,
03DA0000[0000A000]
[ M] 270. c:\program files\windows live toolbar\mtbres.dll
Microsoft Corporation
Windows Live Toolbar resource library
.rsrc,
72EA0000[00060000]
[ M] 271. c:\windows\system32\ieapfltr.dll
Microsoft Corporation
Microsoft Phishing Filter
.text,.data,.rsrc,.reloc,
5A900000[00071000]
[ M] 272. c:\windows\system32\msfeeds.dll
Microsoft Corporation
Microsoft Feeds Manager
.text,.data,.rsrc,.reloc,
05C00000[0001C000]
[AM] 53. c:\program files\adobe\acrobat 7.0\activex\pdfshell.dll
Adobe Systems, Inc.
PDF Shell Extension
.text,.rdata,.data,.rsrc,.reloc,
72C80000[00008000]
[ M] 127. c:\windows\system32\msacm32.drv
Microsoft Corporation
Microsoft Sound Mapper
.text,.data,.rsrc,.reloc,
05E80000[00017000]
[ M] 154. d:\program files\rising\rav\ravscrch.dll
Beijing Rising Information Technology Co., Ltd.
webmon module
.text,.rdata,.data,.rsrc,.reloc,
7C3A0000[0007B000]
[ M] 95. c:\windows\system32\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
06500000[00475000]
[ M] 155. c:\windows\system32\macromed\flash\flash10a.ocx
Adobe Systems, Inc.
Adobe Flash Player 10.0 r12
.text,.rdata,.data,.rodata,.rsrc,.reloc,
73200000[00031000]
[ M] 273. c:\windows\system32\winwb86.ime
Microsoft Corporation
王码五笔型输入法86版
.text,.rdata,.data,.ShareDa,.sgroup,.rsrc,.reloc,
走一走 - 2009-3-23 13:51:00
用瑞星光盘启动杀毒竟然没杀出来,但一扫描竟然发现病毒.
走一走 - 2009-3-23 15:30:00
上传日志
走一走 - 2009-3-23 15:33:00
上传日志,另外四种方法,前二种方法试了一下,没用,硬盘拆下来一看,是串行口,其他电脑都是并行口,不能挂
附件:
SREngLOG.log
走一走 - 2009-3-23 15:39:00
e:\uf2000\desktop\runie.exe是用友软件,另外注册表能够删除dz50u7b2ya.sys,但退出重新启动后,就在了.
badboyhhz - 2009-3-23 15:49:00
使用XDelBox删除以下文件
复制所有要删除文件的路径,在待删除文件列表里点击右键选择从剪贴板导入,重启删除
c:\windows\system32\drivers\dz50u7b2ya.sys
2.删除重启后使用SREng修复下面各项:
启动项目 -- 服务-- 驱动程序之如下项禁用:
[hookcont / hookcont] <system32\drivers\HookCont.sys>
超级游戏迷 - 2009-3-23 16:04:00
以下是一些可疑的地方,需要楼主的反馈:
=================================
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<1><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<TaxInfo><D:\Program Files\NBCTAISTax\TaxInfo.exe> []
==================================
驱动程序
[dz50u7b2y / dz50u7b2ya][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\dz50u7b2ya.sys><>
这就是问题的主要原因所在,请利用SRENG扫描工具将其启动方式从“BOOT START”修改为“DISABLE”后,重启电脑再看看……
==================================
浏览器加载项
[DownLoad Object]
{96257D11-1C98-4BD8-8CE7-8269ACFC36C0} <c:\taxClient\DownLoadM.dll, N/A>
从名称上看象是报税客户端的BHO,需楼主核实。
==================================
正在运行的进程
[PID: 2152 / xujq][D:\Program Files\NBCTAISTax\TaxInfo.exe] [N/A, ]
以上进程,请楼主自己看看都是什么东西,貌似是个报税软件的进程。
==================================
总体来看,没有找到恢复已删服务注册表项的进程所在,如果对瑞星杀软主动防御规则设置比较清楚,可以设置监控注册表子项【HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\dz50u7b2ya】的创建,搞清楚该项被删除后是什么进程又创建了它。
走一走 - 2009-3-23 16:17:00
taxinfo.exe是报税系统
21楼只能删除CEZ77.DLL,扫描了一下,TROJAN。DL。WIN32。UNDEF。VT这个病毒到没有了
走一走 - 2009-3-23 16:37:00
“BOOT START”修改为“DISABLE”后,重启后,还是不行,一扫描就跳出来这个病毒.
天月来了 - 2009-3-23 16:50:00
C:\WINDOWS\SYSTEM32\CEZ77.DLL
C:\WINDOWS\SYSTEM32\dz50u7b2ya.sys
如果一直没变是这两个文件,那么考虑我置顶工具贴里找删除工具抑制再生删除吧
XDelBox工具首选下载。
走一走 - 2009-3-23 16:53:00
试过了,只能删除CEZ77.DLL,下面一个不能删除
走一走 - 2009-3-23 17:03:00
删除不了,C:\WINDOWS\SYSTEM32\dz50u7b2ya.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dz50u7b2ya,注册表里删除,刷新后又会出现的
哎,明天再说了
天月来了 - 2009-3-23 17:04:00
肯定可以删除,除非你操作不对
要不你找个PE光盘,进去删除试试
走一走 - 2009-3-26 9:46:00
终于清除了
1
© 2000 - 2025 Rising Corp. Ltd.
