瑞星卡卡安全论坛
明明如月儿 - 2010-2-23 22:48:00
每次开机都出现以下提示:
主动防御截获到一个程序正在访问被保护的注册表项,请选择操作方式。
程序名称:c:\windows\system32\reg.exe
杀了好几次都没用,在安全模式下杀也没用,用卡卡修复也不行,在网也没搜到有用的办法,请各位老大帮下我哈,谢谢啦。
用户系统信息:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)
辛达星郁 - 2010-2-23 22:57:00
这个是主动防御在保护你的注册表,防止别恶意程序修改
但是也可能会是正常软件的访问
要想确定是否是病毒行为
就看看日志,是哪个程序在尝试访问注册表
或者截图看看
明明如月儿 - 2010-2-23 23:12:00
哦,谢谢。可是每次开机都出现这样的提示呀,下面是用卡扫到的日志,帮看下哈!
瑞星卡卡电脑诊断日志 v1.30 (2010-2-23 23:9:27) 北京瑞星信息技术有限公司
注释: [A]表示该文件存在自启动关联;
[M]表示该文件在内存中;
+ 注册表自运行项目
+ 系统服务
+ HKLM\System\CurrentControlSet\Services
ose
[A ] 1. c:\program files\common files\microsoft shared\source engine\ose.exe
Microsoft Corporation
Office Source Engine
.text,.data,.rsrc,
QQDrRtpSvc
[AM] 2. c:\program files\tencent\qqdoctor\qqdrrtpsvc.exe
Tencent
QQ医生实时防护服务
UPX0,UPX1,.rsrc,
RsRavMon
[AM] 3. c:\program files\rising\rav\ravmond.exe
Beijing Rising Information Technology Co., Ltd.
ravmond
.text,.rdata,.data,.rsrc,
RsRFWMon
[AM] 4. c:\program files\rising\rfw\ravmond.exe
Beijing Rising Information Technology Co., Ltd.
ravmond
.text,.rdata,.data,.rsrc,
+ 内核驱动
+ HKLM\System\CurrentControlSet\Services
AcpiPmi
[A ] 5. c:\windows\system32\drivers\acpipmi.sys
Microsoft Corporation
ACPI Power Metering Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
adp94xx
[A ] 6. c:\windows\system32\drivers\adp94xx.sys
Adaptec, Inc.
Adaptec Windows SAS/SATA Storport Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
adpahci
[A ] 7. c:\windows\system32\drivers\adpahci.sys
Adaptec, Inc.
Adaptec Windows SATA Storport Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
adpu320
[A ] 8. c:\windows\system32\drivers\adpu320.sys
Adaptec, Inc.
Adaptec StorPort Ultra320 SCSI Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
agp440
[A ] 9. c:\windows\system32\drivers\agp440.sys
Microsoft Corporation
440 NT AGP 筛选器
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
aic78xx
[A ] 10. c:\windows\system32\drivers\djsvs.sys
Adaptec, Inc.
Adaptec Ultra SCSI miniport
.text,.rdata,.data,INIT,.rsrc,.reloc,
aliide
[A ] 11. c:\windows\system32\drivers\aliide.sys
Acer Laboratories Inc.
ALi mini IDE Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
amdagp
[A ] 12. c:\windows\system32\drivers\amdagp.sys
Microsoft Corporation
AMD NT AGP 筛选器
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
amdide
[A ] 13. c:\windows\system32\drivers\amdide.sys
Microsoft Corporation
AMD IDE 驱动程序
.text,.rdata,.data,INIT,.rsrc,.reloc,
AmdK8
[A ] 14. c:\windows\system32\drivers\amdk8.sys
Microsoft Corporation
Processor Device Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
AmdPPM
[A ] 15. c:\windows\system32\drivers\amdppm.sys
Microsoft Corporation
Processor Device Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
amdsata
[A ] 16. c:\windows\system32\drivers\amdsata.sys
Advanced Micro Devices
AHCI 1.2 Device Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
amdsbs
[A ] 17. c:\windows\system32\drivers\amdsbs.sys
AMD Technologies Inc.
AMD Technology AHCI Compatible Controller Driver for Windows family
.text,.rdata,.data,INIT,.rsrc,.reloc,
amdxata
[A ] 18. c:\windows\system32\drivers\amdxata.sys
Advanced Micro Devices
Storage Filter Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
arc
[A ] 19. c:\windows\system32\drivers\arc.sys
Adaptec, Inc.
Adaptec RAID Storport Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
arcsas
[A ] 20. c:\windows\system32\drivers\arcsas.sys
Adaptec, Inc.
Adaptec SAS RAID WS03 Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
b06bdrv
[A ] 21. c:\windows\system32\drivers\bxvbdx.sys
Broadcom Corporation
Broadcom NetXtreme II GigE VBD
.text,.rdata,.data,INIT,.rsrc,.reloc,
b57nd60x
[A ] 22. c:\windows\system32\drivers\b57nd60x.sys
Broadcom Corporation
Broadcom NetXtreme Gigabit Ethernet NDIS6.x 统一驱动程序。
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
blbdrive
[A ] 23. c:\windows\system32\drivers\blbdrive.sys
Microsoft Corporation
BLB Drive Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
BrFiltLo
[A ] 24. c:\windows\system32\drivers\brfiltlo.sys
Brother Industries, Ltd.
Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
BrFiltUp
[A ] 25. c:\windows\system32\drivers\brfiltup.sys
Brother Industries, Ltd.
Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
Brserid
[A ] 26. c:\windows\system32\drivers\brserid.sys
Brother Industries Ltd.
Brotehr 串行 I/F 驱动程序(WDM)
.text,.rdata,.data,PAGESRP0,PAGESER,INIT,.rsrc,.reloc,
BrSerWdm
[A ] 27. c:\windows\system32\drivers\brserwdm.sys
Brother Industries Ltd.
Brother Serial driver (WDM version)
.text,.rdata,.data,PAGESER,INIT,.rsrc,.reloc,
BrUsbMdm
[A ] 28. c:\windows\system32\drivers\brusbmdm.sys
Brother Industries Ltd.
Brother USB MDM Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
BrUsbSer
[A ] 29. c:\windows\system32\drivers\brusbser.sys
Brother Industries Ltd.
Brother USB Serial Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
BTHMODEM
[A ] 30. c:\windows\system32\drivers\bthmodem.sys
Microsoft Corporation
Bluetooth Communications Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
circlass
[A ] 31. c:\windows\system32\drivers\circlass.sys
Microsoft Corporation
Consumer IR Class Driver for eHome
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
cmdide
[A ] 32. c:\windows\system32\drivers\cmdide.sys
CMD Technology, Inc.
CMD PCI IDE Bus Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
Compbatt
[A ] 33. c:\windows\system32\drivers\compbatt.sys
Microsoft Corporation
Composite Battery Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
crcdisk
[A ] 34. c:\windows\system32\drivers\crcdisk.sys
Microsoft Corporation
Disk Block Verification Filter Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
ebdrv
[A ] 35. c:\windows\system32\drivers\evbdx.sys
Broadcom Corporation
Broadcom NetXtreme II 10 GigE VBD
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
elxstor
[A ] 36. c:\windows\system32\drivers\elxstor.sys
Emulex
Storport Miniport Driver for LightPulse HBAs
.text,.rdata,.data,.edata,INIT,.rsrc,.reloc,
ErrDev
[A ] 37. c:\windows\system32\drivers\errdev.sys
Microsoft Corporation
Error Device Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
fdc
[A ] 38. c:\windows\system32\drivers\fdc.sys
Microsoft Corporation
Floppy Disk Controller Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
flpydisk
[A ] 39. c:\windows\system32\drivers\flpydisk.sys
Microsoft Corporation
Floppy Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
gagp30kx
[A ] 40. c:\windows\system32\drivers\gagp30kx.sys
Microsoft Corporation
用于 K8/9 处理器平台的 MS 通用 AGPv3.0 筛选器
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
ggghost
[A ] 41. j:\gghost\ggghost.sys
hcw85cir
[A ] 42. c:\windows\system32\drivers\hcw85cir.sys
Hauppauge Computer Works, Inc.
Hauppauge WinTV 885 Consumer IR Driver for eHome
.text,.rdata,.data,INIT,.rsrc,.reloc,
HidBatt
[A ] 43. c:\windows\system32\drivers\hidbatt.sys
Microsoft Corporation
Hid Battery Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
HidBth
[A ] 44. c:\windows\system32\drivers\hidbth.sys
Microsoft Corporation
HID 设备的 Bluetooth 微型端口驱动程序
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
HidIr
[A ] 45. c:\windows\system32\drivers\hidir.sys
Microsoft Corporation
Infrared Miniport Driver for Input Devices
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
hookcont
[A ] 46. c:\windows\system32\drivers\hookcont.sys
Beijing Rising Information Technology Co., Ltd.
HookCont Driver for x86
.text,.rdata,.data,INIT,.rsrc,.reloc,
hooksys
[A ] 47. c:\windows\system32\drivers\hooksys.sys
Beijing Rising Information Technology Co., Ltd.
Hooksys.sys
.text,.rdata,.data,INIT,.rsrc,.reloc,
HpSAMD
[A ] 48. c:\windows\system32\drivers\hpsamd.sys
Hewlett-Packard Company
Smart Array SAS/SATA Controller Media Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
iaStorV
[A ] 49. c:\windows\system32\drivers\iastorv.sys
Intel Corporation
Intel Matrix Storage Manager driver - ia32
.text,.rdata,.data,INIT,.rsrc,.reloc,
igfx
[A ] 50. c:\windows\system32\drivers\igdkmd32.sys
Intel Corporation
Intel Graphics Kernel Mode Driver
.text,.rdata,.data,PAGE,.edata,INIT,.rsrc,.reloc,
iirsp
[A ] 51. c:\windows\system32\drivers\iirsp.sys
Intel Corp./ICP vortex GmbH
Intel/ICP Raid Storport Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
明明如月儿 - 2010-2-23 23:13:00
intelide
[A ] 52. c:\windows\system32\drivers\intelide.sys
Microsoft Corporation
Intel PCI IDE Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
IPMIDRV
[A ] 53. c:\windows\system32\drivers\ipmidrv.sys
Microsoft Corporation
WMI IPMI 驱动程序
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
isapnp
[A ] 54. c:\windows\system32\drivers\isapnp.sys
Microsoft Corporation
PNP ISA 总线驱动程序
.text,.rdata,.data,PAGE,PAGEDATA,INIT,.rsrc,.reloc,
iScsiPrt
[A ] 55. c:\windows\system32\drivers\msiscsi.sys
Microsoft Corporation
Microsoft iSCSI Initiator Driver
.text,.rdata,.data,PAGE,PAGELK,INIT,.rsrc,.reloc,
kbdhid
[A ] 56. c:\windows\system32\drivers\kbdhid.sys
Microsoft Corporation
HID 键盘筛选器驱动程序
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
LSI_FC
[A ] 57. c:\windows\system32\drivers\lsi_fc.sys
LSI Corporation
LSI Fusion-MPT FC Driver (StorPort)
.text,.rdata,.data,INIT,.rsrc,.reloc,
LSI_SAS
[A ] 58. c:\windows\system32\drivers\lsi_sas.sys
LSI Corporation
LSI Fusion-MPT SAS Driver (StorPort)
.text,.rdata,.data,INIT,.rsrc,.reloc,
LSI_SAS2
[A ] 59. c:\windows\system32\drivers\lsi_sas2.sys
LSI Corporation
LSI SAS Gen2 Driver (StorPort)
.text,.rdata,.data,INIT,.rsrc,.reloc,
LSI_SCSI
[A ] 60. c:\windows\system32\drivers\lsi_scsi.sys
LSI Corporation
LSI Fusion-MPT SCSI Driver (StorPort)
.text,.rdata,.data,INIT,.rsrc,.reloc,
megasas
[A ] 61. c:\windows\system32\drivers\megasas.sys
LSI Corporation
MEGASAS RAID Controller Driver for Windows 7 for x86
.text,.rdata,.data,INIT,.rsrc,.reloc,
MegaSR
[A ] 62. c:\windows\system32\drivers\megasr.sys
LSI Corporation, Inc.
LSI MegaRAID Software RAID Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
mpio
[A ] 63. c:\windows\system32\drivers\mpio.sys
Microsoft Corporation
多路支持总线驱动程序
.text,.rdata,.data,PAGE,.edata,INIT,.rsrc,.reloc,
msahci
[A ] 64. c:\windows\system32\drivers\msahci.sys
Microsoft Corporation
MS AHCI 1.0 Standard Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
msdsm
[A ] 65. c:\windows\system32\drivers\msdsm.sys
Microsoft Corporation
Microsoft 设备特定模块
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
MTConfig
[A ] 66. c:\windows\system32\drivers\mtconfig.sys
Microsoft Corporation
Microsoft 多点触控 HID 驱动程序
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
netw5v32
[A ] 67. c:\windows\system32\drivers\netw5v32.sys
Intel Corporation
Intel? Wireless WiFi Link Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
nfrd960
[A ] 68. c:\windows\system32\drivers\nfrd960.sys
IBM Corporation
IBM ServeRAID Controller Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
NVENETFD
[A ] 69. c:\windows\system32\drivers\nvm62x32.sys
NVIDIA Corporation
NVIDIA MCP Networking Function Driver.
.text,.rdata,.data,.edata,INIT,.rsrc,.reloc,
nvlddmkm
[A ] 70. c:\windows\system32\drivers\nvlddmkm.sys
NVIDIA Corporation
NVIDIA Windows Kernel Mode Driver, Version 185.93
.text,page,_NVTEXT3,.rdata,.data,PAGE,init,INIT,.rsrc,.reloc,
nvraid
[A ] 71. c:\windows\system32\drivers\nvraid.sys
NVIDIA Corporation
NVIDIA? nForce(TM) RAID Driver
.text,.rdata,.data,PAGE,INIT,DUMPDATA,.rsrc,.reloc,
nvstor
[A ] 72. c:\windows\system32\drivers\nvstor.sys
NVIDIA Corporation
NVIDIA? nForce(TM) Sata Performance Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
nv_agp
[A ] 73. c:\windows\system32\drivers\nv_agp.sys
Microsoft Corporation
NForce NT AGP 筛选器
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
ohci1394
[A ] 74. c:\windows\system32\drivers\ohci1394.sys
Microsoft Corporation
1394 OpenHCI Port Driver
.text,.rdata,.data,.guids,PAGE,INIT,.rsrc,.reloc,
Parport
[A ] 75. c:\windows\system32\drivers\parport.sys
Microsoft Corporation
并行端口驱动程序
.text,.rdata,.data,PAGEPARW,INIT,.rsrc,.reloc,
Parvdm
[A ] 76. c:\windows\system32\drivers\parvdm.sys
Microsoft Corporation
VDM 并行驱动程序
.text,.rdata,.data,INIT,.rsrc,.reloc,
pciide
[A ] 77. c:\windows\system32\drivers\pciide.sys
Microsoft Corporation
Generic PCI IDE Bus Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
pcmcia
[A ] 78. c:\windows\system32\drivers\pcmcia.sys
Microsoft Corporation
PCMCIA 总线驱动程序
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
Processor
[A ] 79. c:\windows\system32\drivers\processr.sys
Microsoft Corporation
Processor Device Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
ql2300
[A ] 80. c:\windows\system32\drivers\ql2300.sys
QLogic Corporation
QLogic Fibre Channel Stor Miniport Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
ql40xx
[A ] 81. c:\windows\system32\drivers\ql40xx.sys
QLogic Corporation
QLogic iSCSI Storport Miniport Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
RFWARP
[A ] 82. c:\windows\system32\drivers\rfwarp.sys
Beijing Rising Information Technology Co., Ltd.
rfwarp.sys
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
RfwBase9
[A ] 83. c:\windows\system32\drivers\rfwbase.sys
Beijing Rising Information Technology Co., Ltd.
rfwbase6.sys
.text,.rdata,.data,INIT,.rsrc,.reloc,
rfwtdi
[A ] 84. c:\program files\rising\rfw\rfwtdi.sys
Beijing Rising Information Technology Co., Ltd.
rfwtdi.sys
.text,.rdata,.data,INIT,.rsrc,.reloc,
rsassist
[A ] 85. c:\windows\system32\drivers\rsassist.sys
Beijing Rising Information Technology Co., Ltd.
RsAssist.sys
.text,.rdata,.data,INIT,.rsrc,.reloc,
rsfwdrv
[A ] 86. c:\program files\rising\rfw\rsfwdrv.sys
Beijing Rising Information Technology Co., Ltd.
rsfwdrv.sys
.text,.rdata,.data,INIT,.rsrc,.reloc,
RsNTGDI
[A ] 87. c:\windows\system32\drivers\rsntgdi.sys
Beijing Rising Information Technology Co., Ltd.
RsNTGDI
.text,.rdata,INIT,.rsrc,.reloc,
RTL8167
[A ] 88. c:\windows\system32\drivers\rt86win7.sys
Realtek Corporation
Realtek 8101E/8168/8169 NDIS 6.20 32-bit Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
s3cap
[A ] 89. c:\windows\system32\drivers\vms3cap.sys
Microsoft Corporation
Microsoft S3 Emulated Device Cap Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
sbp2port
[A ] 90. c:\windows\system32\drivers\sbp2port.sys
Microsoft Corporation
SBP-2 Protocol Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
secdrv
[A ] 91. c:\windows\system32\drivers\secdrv.sys
Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.
Macrovision SECURITY Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
Serenum
[A ] 92. c:\windows\system32\drivers\serenum.sys
Microsoft Corporation
Serial Port Enumerator
.text,.rdata,.data,PAGE,PAGESENM,INIT,.rsrc,.reloc,
Serial
[A ] 93. c:\windows\system32\drivers\serial.sys
Microsoft Corporation
串行设备驱动程序
.text,.rdata,.data,PAGESRP0,PAGESER,INIT,.rsrc,.reloc,
sffdisk
[A ] 94. c:\windows\system32\drivers\sffdisk.sys
Microsoft Corporation
Small Form Factor Disk Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
sffp_mmc
[A ] 95. c:\windows\system32\drivers\sffp_mmc.sys
Microsoft Corporation
Small Form Factor MMC Protocol Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
sffp_sd
[A ] 96. c:\windows\system32\drivers\sffp_sd.sys
Microsoft Corporation
Small Form Factor SD Protocol Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
sfloppy
[A ] 97. c:\windows\system32\drivers\sfloppy.sys
Microsoft Corporation
SCSI Floppy Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
sisagp
[A ] 98. c:\windows\system32\drivers\sisagp.sys
Microsoft Corporation
SIS NT AGP 筛选器
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
SiSRaid2
[A ] 99. c:\windows\system32\drivers\sisraid2.sys
Silicon Integrated Systems Corp.
SiS RAID Stor Miniport Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
SiSRaid4
[A ] 100. c:\windows\system32\drivers\sisraid4.sys
Silicon Integrated Systems
SiS AHCI Stor-Miniport Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
stexstor
[A ] 101. c:\windows\system32\drivers\stexstor.sys
Promise Technology
Promise SuperTrak EX Series Driver for Windows
.text,.rdata,.data,INIT,.rsrc,.reloc,
storflt
[A ] 102. c:\windows\system32\drivers\vmstorfl.sys
Microsoft Corporation
Virtual Storage Filter Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
storvsc
[A ] 103. c:\windows\system32\drivers\storvsc.sys
Microsoft Corporation
Storage VSC Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
swenum
[A ] 104. c:\windows\system32\drivers\swenum.sys
Microsoft Corporation
Plug and Play Software Device Enumerator
.text,.rdata,.data,.guids,PAGE,INIT,.rsrc,.reloc,
明明如月儿 - 2010-2-23 23:14:00
tcphoc
[A ] 105. c:\program files\thunder network\thunder\program\tcphoc.sys
.rdata,PAGE,INIT,.reloc,
TSKSP
[A ] 106. c:\program files\tencent\qqdoctor\tsksp.sys
Tencent
TSKSP
.text,.rdata,.data,INIT,.rsrc,.reloc,
uagp35
[A ] 107. c:\windows\system32\drivers\uagp35.sys
Microsoft Corporation
MS AGPv3.5 筛选器
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
uliagpkx
[A ] 108. c:\windows\system32\drivers\uliagpkx.sys
Microsoft Corporation
用于 K8/9 处理器平台的 ULi AGPv3.0 筛选器
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
UmPass
[A ] 109. c:\windows\system32\drivers\umpass.sys
Microsoft Corporation
Generic pass-through driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
usbccgp
[A ] 110. c:\windows\system32\drivers\usbccgp.sys
Microsoft Corporation
USB Common Class Generic Parent Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
usbcir
[A ] 111. c:\windows\system32\drivers\usbcir.sys
Microsoft Corporation
USB Consumer IR Driver for eHome
.text,.rdata,.data,PAGE,PAGEDATA,INIT,.rsrc,.reloc,
usbohci
[A ] 112. c:\windows\system32\drivers\usbohci.sys
Microsoft Corporation
OHCI USB Miniport Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
usbprint
[A ] 113. c:\windows\system32\drivers\usbprint.sys
Microsoft Corporation
USB Printer driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
USBSTOR
[A ] 114. c:\windows\system32\drivers\usbstor.sys
Microsoft Corporation
USB Mass Storage Class Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
vga
[A ] 115. c:\windows\system32\drivers\vgapnp.sys
Microsoft Corporation
VGA/Super VGA Video Driver
.text,.rdata,.data,PAGE,PAGE_DAT,INIT,.rsrc,.reloc,
vhdmp
[A ] 116. c:\windows\system32\drivers\vhdmp.sys
Microsoft Corporation
VHD Miniport Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
viaagp
[A ] 117. c:\windows\system32\drivers\viaagp.sys
Microsoft Corporation
VIA NT AGP 筛选器
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
ViaC7
[A ] 118. c:\windows\system32\drivers\viac7.sys
Microsoft Corporation
Processor Device Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
viaide
[A ] 119. c:\windows\system32\drivers\viaide.sys
VIA Technologies, Inc.
VIA Generic PCI IDE Bus Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
vmbus
[A ] 120. c:\windows\system32\drivers\vmbus.sys
Microsoft Corporation
Virtual Machine Bus
.text,.rdata,.data,PAGE,PAGEP,PAGEC,INIT,.rsrc,.reloc,
VMBusHID
[A ] 121. c:\windows\system32\drivers\vmbushid.sys
Microsoft Corporation
Microsoft VMBus HID Miniport
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
vsmraid
[A ] 122. c:\windows\system32\drivers\vsmraid.sys
VIA Technologies Inc.,Ltd
VIA RAID DRIVER FOR AMD-X86-64
.text,.rdata,.data,INIT,.rsrc,.reloc,
WacomPen
[A ] 123. c:\windows\system32\drivers\wacompen.sys
Microsoft Corporation
Wacom Serial Pen Tablet HID Driver
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
Wd
[A ] 124. c:\windows\system32\drivers\wd.sys
Microsoft Corporation
Microsoft Watchdog Timer Driver
.text,.rdata,.data,INIT,.rsrc,.reloc,
WmiAcpi
[A ] 125. c:\windows\system32\drivers\wmiacpi.sys
Microsoft Corporation
Windows Management Interface for ACPI
.text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,
+ IE浏览器加载模块
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
{01443AEC-0FD1-40fd-9C87-E93D1494C233}
[AM] 126. c:\program files\thunder network\thunder\comdlls\tdatonce_now.dll
深圳市迅雷网络技术有限公司
TDAtOnce
.text,.rdata,.data,sharedda,.rsrc,.reloc,
{2D90D33C-DE76-42D0-9040-E4466DDC24AC}
[AM] 127. c:\program files\thunder network\thunder\program\embeddetectnow.dll
Xunlei
迅雷网页图片浏览器
.text,.orpc,.rdata,.data,.rsrc,.reloc,
{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}
[AM] 128. c:\program files\tencent\qqdoctor\tswebmon.dat
Tencent
Tencent TSWebMon
.text,.rdata,.data,QQDrUrlF,.rsrc,.reloc,
{889D2FEB-5411-4565-8998-1DD2C5261283}
[AM] 129. c:\program files\thunder network\thunder\comdlls\xunleibho_now.dll
深圳市迅雷网络技术有限公司
XunLeiBHO
.text,.rdata,.data,.rsrc,.reloc,
{98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}
[AM] 130. c:\windows\system32\urlfilter.dll
Beijing Rising Information Technology Co., Ltd.
Rising AntiSpyware UrlFilter Module
.text,.rdata,.data,.rsrc,.reloc,
+ 资源管理器加载模块
+ HKLM\SOFTWARE\Classes\PROTOCOLS\Filter
text/xml
[AM] 131. c:\program files\common files\microsoft shared\office11\msoxmlmf.dll
Microsoft Corporation
Microsoft Office XML MIME Filter
.text,.data,.cdata,.rsrc,.reloc,
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
HaoZip Shell Extension
[A ] 132. c:\program files\haozip\haozipext.dll
好压软件工作室
好压(HaoZip) Windows资源管理器扩展模块
.text,.rdata,.data,.rsrc,.reloc,
Microsoft Office HTML Icon Handler
[A ] 133. c:\program files\microsoft office\office11\msohev.dll
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.rsrc,.reloc,
Web Folders
[A ] 134. c:\program files\common files\microsoft shared\web folders\msonxxxt.dll
Microsoft Corporation
Microsoft Web Folders
.text,.data,.rsrc,.reloc,
RISING
[A ] 135. c:\windows\system32\ravext.dll
Beijing Rising Information Technology Co., Ltd.
Rising Shell Ext Module
.text,.rdata,.data,.rsrc,.reloc,
+ 用户登陆自运行项目
+ HKLM\Software\Microsoft\Windows\CurrentVersion\Run
RavTray
[AM] 136. c:\program files\rising\rav\rstray.exe
Beijing Rising Information Technology Co., Ltd.
Rising tray framework
.text,.rdata,.data,.rsrc,
RFWTray
[AM] 137. c:\program files\rising\rfw\rstray.exe
Beijing Rising Information Technology Co., Ltd.
Rising tray framework
.text,.rdata,.data,.rsrc,
runeip
[AM] 138. c:\program files\rising\antispyware\rstray.exe
Beijing Rising Information Technology Co., Ltd.
RSTray
.text,.rdata,.data,.rsrc,
+ 开机执行
+ HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order
BootExecute
[A ] 139. c:\windows\system32\bsmain.exe
Beijing Rising Information Technology Co., Ltd.
Rising Antivirus 2010
.text,.rdata,.data,.rsrc,.reloc,
+ 映像劫持
+ HKCR\.html
htmlfile\Edit\Command
[A ] 140. c:\program files\microsoft office\office11\msohtmed.exe
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.cdata,.rsrc,
htmlfile\Print\Command
[A ] 140. c:\program files\microsoft office\office11\msohtmed.exe
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.cdata,.rsrc,
+ HKCR\.htm
htmlfile\Edit\Command
[A ] 140. c:\program files\microsoft office\office11\msohtmed.exe
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.cdata,.rsrc,
htmlfile\Print\Command
[A ] 140. c:\program files\microsoft office\office11\msohtmed.exe
Microsoft Corporation
Microsoft Office 2003 component
.text,.data,.cdata,.rsrc,
+ HKCR\.mp3
QQPlayer.mp3\open\Command
[A ] 141. c:\program files\tencent\qqplayer\qqplayer.exe
Tencent
QQ影音
UPX0,UPX1,.rsrc,
+ 其他自启动项目
+ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
QQ游戏启动加速程序.lnk
[A ] 142. d:\program files\腾讯游戏\qqgame\accel.exe
深圳市腾讯计算机系统有限公司
QQ游戏
.text,.rdata,.data,.rsrc,
明明如月儿 - 2010-2-23 23:14:00
+ 正在运行的进程
+ 000000dc(220) smss.exe
+ 00000134(308) csrss.exe
+ 00000168(360) wininit.exe
+ 00000174(372) csrss.exe
+ 000001a4(420) services.exe
+ 000001b4(436) lsass.exe
+ 000001bc(444) lsm.exe
+ 000001d4(468) winlogon.exe
+ 00000244(580) svchost.exe
+ 0000028c(652) svchost.exe
+ 000002bc(700) RavMonD.exe
00400000[00048000]
[AM] 3. c:\program files\rising\rav\ravmond.exe
Beijing Rising Information Technology Co., Ltd.
ravmond
.text,.rdata,.data,.rsrc,
10000000[00032000]
[ M] 143. c:\program files\rising\rav\combase.dll
Beijing Rising Information Technology Co., Ltd.
combase
.text,.rdata,.data,.rsrc,.reloc,
02070000[00086000]
[ M] 144. c:\program files\rising\rav\cnt09.dll
Beijing Rising Information Technology Co., Ltd.
cnt09 Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
001E0000[00019000]
[ M] 145. c:\program files\rising\rav\moncomm.dll
Beijing Rising Information Technology Co., Ltd.
MonComm
.text,.rdata,.data,.rsrc,.reloc,
00210000[0001D000]
[ M] 146. c:\program files\rising\rav\monbase.dll
Beijing Rising Information Technology Co., Ltd.
MonBase
.text,.rdata,.data,.rsrc,.reloc,
026C0000[00084000]
[ M] 147. c:\program files\rising\rav\rslog.dll
Beijing Rising Information Technology Co., Ltd.
rslog Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
00390000[00018000]
[ M] 148. c:\program files\rising\rav\mondrv.dll
Beijing Rising Information Technology Co., Ltd.
mondrv
.text,.rdata,.data,.rsrc,.reloc,
003B0000[0002E000]
[ M] 149. c:\program files\rising\rav\defmon.dll
Beijing Rising Information Technology Co., Ltd.
DefMon
.text,.rdata,.data,.rsrc,.reloc,
00230000[00010000]
[ M] 150. c:\program files\rising\rav\moncom08.dll
Beijing Rising Information Technology Co., Ltd.
MonCom08
.text,.rdata,.data,.rsrc,.reloc,
02530000[0007E000]
[ M] 151. c:\program files\rising\rav\monrule.dll
Beijing Rising Information Technology Co., Ltd.
MonRule
.text,.rdata,.data,.rsrc,.reloc,
01650000[00027000]
[ M] 152. c:\program files\rising\rav\filemon.dll
Beijing Rising Information Technology Co., Ltd.
Filemon
.text,.rdata,.data,.rsrc,.reloc,
01680000[0002F000]
[ M] 153. c:\program files\rising\rav\mailmon.dll
Beijing Rising Information Technology Co., Ltd.
MailMon
.text,.rdata,.data,.rsrc,.reloc,
016E0000[00015000]
[ M] 154. c:\program files\rising\rav\hookweb.dll
Beijing Rising Information Technology Co., Ltd.
hookweb
.text,.rdata,.data,.rsrc,.reloc,
02750000[0008C000]
[ M] 155. c:\program files\rising\rav\rsindent.dll
Beijing Rising Information Technology Co., Ltd.
rsindent
.text,.rdata,.data,.rsrc,.reloc,
01720000[00019000]
[ M] 156. c:\program files\rising\rav\syslay.dll
Beijing Rising Information Technology Co., Ltd.
Syslay
.text,.rdata,.data,.rsrc,.reloc,
01740000[00018000]
[ M] 157. c:\program files\rising\rav\taskplug.dll
Beijing Rising Information Technology Co., Ltd.
TaskPlug
.text,.rdata,.data,.rsrc,.reloc,
02100000[00012000]
[ M] 158. c:\program files\rising\rav\scansrvp.dll
Beijing Rising Information Technology Co., Ltd.
ScanSrvP Module
.text,.rdata,.data,.rsrc,.reloc,
027F0000[0001D000]
[ M] 159. c:\program files\rising\rav\cnt08.dll
Beijing Rising Information Technology Co., Ltd.
cnt08 Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
02830000[00019000]
[ M] 160. c:\program files\rising\rav\proccomm.dll
Beijing Rising Information Technology Co., Ltd.
ProcComm Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
00280000[0000E000]
[ M] 161. c:\program files\rising\rav\rsappmgr.dll
Beijing Rising Information Technology Co., Ltd.
Rising Application Manager
.text,.rdata,.data,.rsrc,.reloc,
02C90000[00044000]
[ M] 162. c:\program files\rising\rav\cfgdll.dll
Beijing Rising Information Technology Co., Ltd.
CfgDll
.text,.rdata,.data,.rsrc,.reloc,
02870000[0002D000]
[ M] 163. c:\program files\rising\rav\comx3.dll
Beijing Rising Information Technology Co., Ltd.
comx3 Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
02A00000[00020000]
[ M] 164. c:\program files\rising\rav\hooksys.dll
Beijing Rising Information Technology Co., Ltd.
Hooksys.dll
.text,.rdata,.data,.idata,.rsrc,.reloc,
02B40000[0001F000]
[ M] 165. c:\program files\rising\rav\proccom.dll
Beijing Rising Information Technology Co., Ltd.
ProcessC Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
02D10000[00024000]
[ M] 166. c:\program files\rising\rav\rscommx2.dll
Beijing Rising Information Technology Co., Ltd.
RsCommX2
.text,.rdata,.data,.rsrc,.reloc,
02CE0000[00013000]
[ M] 167. c:\program files\rising\rav\hookcont.dll
Beijing Rising Information Technology Co., Ltd.
HookCont Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
02D90000[00077000]
[ M] 168. c:\program files\rising\rav\bacore.dll
Beijing Rising Information Technology Co., Ltd.
Rising MBA DLL
.text,.rdata,.data,.rsrc,.reloc,
03050000[0003B000]
[ M] 169. c:\program files\rising\rav\recomp.dll
Beijing Rising Information Technology Co., Ltd.
component manager Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
03090000[00038000]
[ M] 170. c:\program files\rising\rav\refs.dll
Beijing Rising Information Technology Co., Ltd.
filesystem Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
030F0000[00030000]
[ M] 171. c:\program files\rising\rav\viruslib.dll
Beijing Rising Information Technology Co., Ltd.
VirusLib Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
03440000[00029000]
[ M] 172. c:\program files\rising\rav\relibldr.dll
Beijing Rising Information Technology Co., Ltd.
libloader Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
03C80000[0007E000]
[ M] 173. c:\program files\rising\rav\rsnetsvr.dll
Beijing Rising Information Technology Co., Ltd.
rsnetsvr
.text,.rdata,.data,.rsrc,.reloc,
034E0000[00016000]
[ M] 174. c:\program files\rising\rav\bawhite.dll
Beijing Rising Information Technology Co., Ltd.
bawhite Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
03B40000[0002B000]
[ M] 175. c:\program files\rising\rav\rsstore.dll
Beijing Rising Information Technology Co., Ltd.
RSStore
.text,.rdata,.data,.rsrc,.reloc,
03D00000[00043000]
[ M] 176. c:\program files\rising\rav\scanner.dll
Beijing Rising Information Technology Co., Ltd.
RsScanner Module
.text,.rdata,.data,.rsrc,.reloc,
04290000[0001B000]
[ M] 177. c:\program files\rising\rav\scanadd.dll
Beijing Rising Information Technology Co., Ltd.
Rising Scan Service Addon
.text,.rdata,.data,.rsrc,.reloc,
04710000[00028000]
[ M] 178. c:\program files\rising\rav\rstask.dll
Beijing Rising Information Technology Co., Ltd.
RsTask Control
.text,.rdata,.data,.rsrc,.reloc,
04740000[00018000]
[ M] 179. c:\program files\rising\rav\rsstub.dll
Beijing Rising Information Technology Co., Ltd.
rsstub Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
71DB0000[00084000]
[ M] 180. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16400_none_ebf9dccf6c73e561\comctl32.dll
Microsoft Corporation
用户体验控件库
.text,.data,.rsrc,.reloc,
049F0000[0001A000]
[ M] 181. c:\program files\rising\rav\scansrv.dll
Beijing Rising Information Technology Co., Ltd.
ScanSrv Module
.text,.rdata,.data,.rsrc,.reloc,
04A70000[0002B000]
[ M] 182. c:\program files\rising\rav\scanpe.dll
Beijing Rising Information Technology Co., Ltd.
scanpe Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
05600000[00029000]
[ M] 183. c:\program files\rising\rav\pearc.dll
Beijing Rising Information Technology Co., Ltd.
pearchive Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
07C10000[0001B000]
[ M] 184. c:\program files\rising\rav\ur000.dat
Beijing Rising Information Technology Co., Ltd.
Unpack Routine
.text,.rdata,.data,.rsrc,.reloc,
07C30000[00035000]
[ M] 185. c:\program files\rising\rav\urutils.dll
Beijing Rising Information Technology Co., Ltd.
urutils Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
09FA0000[000B9000]
[ M] 186. c:\program files\rising\rav\revm.dll
Beijing Rising Information Technology Co., Ltd.
REVM Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
0A270000[00032000]
[ M] 187. c:\program files\rising\rav\ffr.dll
Beijing Rising Information Technology Co., Ltd.
ffr Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
09E60000[00022000]
[ M] 188. c:\program files\rising\rav\nvfile.dll
Beijing Rising Information Technology Co., Ltd.
NVFile
.text,.rdata,.data,.rsrc,.reloc,
13AB0000[00045000]
[ M] 189. c:\program files\rising\rav\scanexec.dll
Beijing Rising Information Technology Co., Ltd.
ScanExec
.text,.rdata,.data,.rsrc,.reloc,
0B490000[002DD000]
[ M] 190. c:\program files\rising\rav\unexe.dll
Beijing Rising Information Technology Co., Ltd.
UnExe
.text,.rdata,.data,.rsrc,.reloc,
0B770000[000E0000]
[ M] 191. c:\program files\rising\rav\scanex.dll
Beijing Rising Information Technology Co., Ltd.
ScanEx
.text,.rdata,.data,.rsrc,.reloc,
07C70000[00011000]
[ M] 192. c:\program files\rising\rav\ur001.dat
Beijing Rising Information Technology Co., Ltd.
Unpack Routine
.text,.rdata,.data,.rsrc,.reloc,
0A3D0000[00011000]
[ M] 193. c:\program files\rising\rav\scantj.dll
Beijing Rising Information Technology Co., Ltd.
scantj Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
0B960000[00085000]
[ M] 194. c:\program files\rising\rav\methodex.dll
Beijing Rising Information Technology Co., Ltd.
MethodEx
.text,.rdata,.data,.rsrc,.reloc,
0BA30000[0003E000]
[ M] 195. c:\program files\rising\rav\heurex.dll
Beijing Rising Information Technology Co., Ltd.
HeurEx
.text,.rdata,.data,.rsrc,.reloc,
0BA70000[00022000]
[ M] 196. c:\program files\rising\rav\pecompd.dll
Beijing Rising Information Technology Co., Ltd.
PeCompdEx
.text,.rdata,.data,.rsrc,.reloc,
0CBF0000[00023000]
[ M] 197. c:\program files\rising\rav\scansct.dll
Beijing Rising Information Technology Co., Ltd.
ScanSct Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
14210000[0003A000]
[ M] 198. c:\program files\rising\rav\extmail.dll
Beijing Rising Information Technology Co., Ltd.
ExtMail
.text,.rdata,.data,.rsrc,.reloc,
+ 000002f8(760) RavMonD.exe
00400000[00048000]
[AM] 4. c:\program files\rising\rfw\ravmond.exe
Beijing Rising Information Technology Co., Ltd.
ravmond
.text,.rdata,.data,.rsrc,
10000000[00032000]
[ M] 199. c:\program files\rising\rfw\combase.dll
Beijing Rising Information Technology Co., Ltd.
combase
.text,.rdata,.data,.rsrc,.reloc,
01E30000[00086000]
[ M] 200. c:\program files\rising\rfw\cnt09.dll
Beijing Rising Information Technology Co., Ltd.
cnt09 Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
01160000[0001D000]
[ M] 201. c:\program files\rising\rfw\monbase.dll
Beijing Rising Information Technology Co., Ltd.
MonBase
.text,.rdata,.data,.rsrc,.reloc,
01180000[00019000]
[ M] 202. c:\program files\rising\rfw\moncomm.dll
Beijing Rising Information Technology Co., Ltd.
MonComm
.text,.rdata,.data,.rsrc,.reloc,
02500000[00082000]
[ M] 203. c:\program files\rising\rfw\rfwlog.dll
Beijing Rising Information Technology Co., Ltd.
rfwlog Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
003D0000[0000C000]
[ M] 204. c:\program files\rising\rfw\rfwrule.dll
Beijing Rising Information Technology Co., Ltd.
TODO: <File description>
.text,.rdata,.data,.rsrc,.reloc,
明明如月儿 - 2010-2-23 23:15:00
7C3A0000[0007B000]
[ M] 205. c:\windows\system32\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 206. c:\windows\system32\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
012F0000[0004A000]
[ M] 207. c:\program files\rising\rfw\rfwsrv.dll
Beijing Rising Information Technology Co., Ltd.
Rising Personal FireWall Service
.text,.rdata,.data,.rsrc,.reloc,
011A0000[00019000]
[ M] 208. c:\program files\rising\rfw\syslay.dll
Beijing Rising Information Technology Co., Ltd.
Syslay
.text,.rdata,.data,.rsrc,.reloc,
01FE0000[0001B000]
[ M] 209. c:\program files\rising\rfw\mports.dll
Beijing Rising Information Technology Co., Ltd.
get ports list
.text,.rdata,.data,.rsrc,.reloc,
02590000[00011000]
[ M] 210. c:\program files\rising\rfw\rfwdrvc.dll
Beijing Rising Information Technology Co., Ltd.
rfwdrvc Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
025D0000[00011000]
[ M] 211. c:\program files\rising\rfw\rfwdrv.dll
Beijing Rising Information Technology Co., Ltd.
rfwdrv.dll
.text,.rdata,.data,.rsrc,.reloc,
02710000[0007E000]
[ M] 212. c:\program files\rising\rfw\rsnetsvr.dll
Beijing Rising Information Technology Co., Ltd.
rsnetsvr
.text,.rdata,.data,.rsrc,.reloc,
025F0000[00011000]
[ M] 213. c:\program files\rising\rfw\rfwarp.dll
Beijing Rising Information Technology Co., Ltd.
rfwarp.dll
.text,.rdata,.data,.rsrc,.reloc,
02630000[0002D000]
[ M] 214. c:\program files\rising\rfw\comx3.dll
Beijing Rising Information Technology Co., Ltd.
comx3 Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
02670000[00014000]
[ M] 215. c:\program files\rising\rfw\urlrule.dll
Beijing Rising Information Technology Co., Ltd.
Rising AntiSpyware UrlRule Library
.text,.rdata,.data,.rsrc,.reloc,
028D0000[0003B000]
[ M] 216. c:\program files\rising\rfw\recomp.dll
Beijing Rising Information Technology Co., Ltd.
component manager Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
02910000[00038000]
[ M] 217. c:\program files\rising\rfw\refs.dll
Beijing Rising Information Technology Co., Ltd.
filesystem Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
026D0000[00030000]
[ M] 218. c:\program files\rising\rfw\viruslib.dll
Beijing Rising Information Technology Co., Ltd.
VirusLib Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
02790000[00029000]
[ M] 219. c:\program files\rising\rfw\relibldr.dll
Beijing Rising Information Technology Co., Ltd.
libloader Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
029D0000[0003F000]
[ M] 220. c:\program files\rising\rfw\rfwproxy.dll
Beijing Rising Information Technology Co., Ltd.
tcpproxy Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
23700000[00023000]
[ M] 221. c:\program files\rising\rfw\rslang.dll
Beijing Rising Information Technology Co., Ltd.
Rising Common Function Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
03650000[0008C000]
[ M] 222. c:\program files\rising\rfw\rsindent.dll
Beijing Rising Information Technology Co., Ltd.
rsindent
.text,.rdata,.data,.rsrc,.reloc,
02A10000[00018000]
[ M] 223. c:\program files\rising\rfw\taskplug.dll
Beijing Rising Information Technology Co., Ltd.
TaskPlug
.text,.rdata,.data,.rsrc,.reloc,
02980000[0000E000]
[ M] 224. c:\program files\rising\rfw\rsappmgr.dll
Beijing Rising Information Technology Co., Ltd.
Rising Application Manager
.text,.rdata,.data,.rsrc,.reloc,
02A30000[00044000]
[ M] 225. c:\program files\rising\rfw\cfgdll.dll
Beijing Rising Information Technology Co., Ltd.
CfgDll
.text,.rdata,.data,.rsrc,.reloc,
02BD0000[00019000]
[ M] 226. c:\program files\rising\rfw\proccomm.dll
Beijing Rising Information Technology Co., Ltd.
ProcComm Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
02FB0000[0001C000]
[ M] 227. c:\program files\rising\rfw\ncomm2.dll
Beijing Rising Information Technology Co., Ltd.
NComm2 Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
036E0000[00028000]
[ M] 228. c:\program files\rising\rfw\rstask.dll
Beijing Rising Information Technology Co., Ltd.
RsTask Control
.text,.rdata,.data,.rsrc,.reloc,
03510000[00018000]
[ M] 229. c:\program files\rising\rfw\rsstub.dll
Beijing Rising Information Technology Co., Ltd.
rsstub Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
71DB0000[00084000]
[ M] 180. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16400_none_ebf9dccf6c73e561\comctl32.dll
Microsoft Corporation
用户体验控件库
.text,.data,.rsrc,.reloc,
033F0000[0000E000]
[ M] 230. c:\program files\rising\rfw\urllib.dll
Beijing Rising Information Technology Co., Ltd.
Urllib Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
+ 0000031c(796) svchost.exe
+ 00000340(832) svchost.exe
+ 00000360(864) svchost.exe
742B0000[0019E000]
[ M] 231. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16400_none_4209f94e2b866170\comctl32.dll
Microsoft Corporation
用户体验控件库
.text,.data,.rsrc,.reloc,
+ 000003a8(936) RsTray.exe
00400000[0002C000]
[AM] 136. c:\program files\rising\rav\rstray.exe
Beijing Rising Information Technology Co., Ltd.
Rising tray framework
.text,.rdata,.data,.rsrc,
742B0000[0019E000]
[ M] 231. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16400_none_4209f94e2b866170\comctl32.dll
Microsoft Corporation
用户体验控件库
.text,.data,.rsrc,.reloc,
10000000[00031000]
[ M] 232. c:\program files\rising\rav\comserv.dll
Beijing Rising Information Technology Co., Ltd.
Rising tray common service
.text,.rdata,.data,.rsrc,.reloc,
23700000[00023000]
[ M] 233. c:\program files\rising\rav\rslang.dll
Beijing Rising Information Technology Co., Ltd.
Rising Common Function Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
00540000[0002D000]
[ M] 163. c:\program files\rising\rav\comx3.dll
Beijing Rising Information Technology Co., Ltd.
comx3 Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
003D0000[00019000]
[ M] 156. c:\program files\rising\rav\syslay.dll
Beijing Rising Information Technology Co., Ltd.
Syslay
.text,.rdata,.data,.rsrc,.reloc,
005A0000[00019000]
[ M] 160. c:\program files\rising\rav\proccomm.dll
Beijing Rising Information Technology Co., Ltd.
ProcComm Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
23800000[00039000]
[ M] 234. c:\program files\rising\rav\rsxml.dll
Beijing Rising Information Technology Co., Ltd.
RsXML
.text,.rdata,.data,.rsrc,.reloc,
005C0000[00013000]
[ M] 235. c:\program files\rising\rav\monstate.dll
Beijing Rising Information Technology Co., Ltd.
MonState
.text,.rdata,.data,.rsrc,.reloc,
01300000[00016000]
[ M] 236. c:\program files\rising\rav\scanevnt.dll
Beijing Rising Information Technology Co., Ltd.
Rising Scan Service Event Handler
.text,.rdata,.data,.rsrc,.reloc,
26600000[00078000]
[ M] 237. c:\program files\rising\rav\rsguilib.dll
Beijing Rising Information Technology Co., Ltd.
Rising GUI Library Loader
.text,.rdata,.data,.rsrc,.reloc,
01330000[00017000]
[ M] 238. c:\program files\rising\rav\rsconf.dll
Beijing Rising Information Technology Co., Ltd.
rsconf Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
01370000[00022000]
[ M] 239. c:\program files\rising\rav\rspalvd.dll
Beijing Rising Information Technology Co., Ltd.
rspalvd
.text,.rdata,.data,.rsrc,.reloc,
33000000[00026000]
[ M] 240. c:\program files\rising\rav\ravbintl.dll
Beijing Rising Information Technology Co., Ltd.
ravbintl Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
01FC0000[0007D000]
[ M] 241. c:\program files\rising\rav\mruleui.dll
Beijing Rising Information Technology Co., Ltd.
mruleui
.text,.rdata,.data,.rsrc,.reloc,
022B0000[0007D000]
[ M] 242. c:\program files\rising\rav\montray.dll
Beijing Rising Information Technology Co., Ltd.
Rising AntiVirus 2010
.text,.rdata,.data,.rsrc,.reloc,
34500000[00020000]
[ M] 243. c:\program files\rising\rav\ravitray.dll
Beijing Rising Information Technology Co., Ltd.
ravitray Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
01B50000[0004C000]
[ M] 244. c:\program files\rising\rav\rsmginfo.dll
Beijing Rising Information Technology Co., Ltd.
rsmginfo
.text,.rdata,.data,.rsrc,.reloc,
明明如月儿 - 2010-2-23 23:15:00
013A0000[00013000]
[ M] 245. c:\program files\rising\rav\scanleak.dll
Beijing Rising Information Technology Co., Ltd.
scanleak
.text,.rdata,.data,.rsrc,.reloc,
32000000[00088000]
[ M] 246. c:\program files\rising\rav\ravppops.dll
Beijing Rising Information Technology Co., Ltd.
ravppops Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
01350000[0000E000]
[ M] 161. c:\program files\rising\rav\rsappmgr.dll
Beijing Rising Information Technology Co., Ltd.
Rising Application Manager
.text,.rdata,.data,.rsrc,.reloc,
01F40000[00044000]
[ M] 162. c:\program files\rising\rav\cfgdll.dll
Beijing Rising Information Technology Co., Ltd.
CfgDll
.text,.rdata,.data,.rsrc,.reloc,
23900000[00040000]
[ M] 247. c:\program files\rising\rav\pngdll.dll
Beijing Rising Information Technology Co., Ltd.
Rising .Png File Loader Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
02830000[00080000]
[ M] 248. c:\program files\rising\rav\scanprxy.dll
Beijing Rising Information Technology Co., Ltd.
ScanPrxy Module
.text,.rdata,.data,.rsrc,.reloc,
+ 0000046c(1132) svchost.exe
6D590000[004D1000]
[ M] 249. c:\programdata\microsoft\windows defender\definition updates\{cd6a9204-f961-49dc-ac06-6d0fc1b8b88c}\mpengine.dll
Microsoft Corporation
Microsoft Malware Protection Engine
.text,.data,.rsrc,.reloc,
+ 00000480(1152) svchost.exe
+ 00000498(1176) RsTray.exe
00400000[0002C000]
[AM] 137. c:\program files\rising\rfw\rstray.exe
Beijing Rising Information Technology Co., Ltd.
Rising tray framework
.text,.rdata,.data,.rsrc,
742B0000[0019E000]
[ M] 231. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16400_none_4209f94e2b866170\comctl32.dll
Microsoft Corporation
用户体验控件库
.text,.data,.rsrc,.reloc,
10000000[00031000]
[ M] 250. c:\program files\rising\rfw\comserv.dll
Beijing Rising Information Technology Co., Ltd.
Rising tray common service
.text,.rdata,.data,.rsrc,.reloc,
23700000[00023000]
[ M] 221. c:\program files\rising\rfw\rslang.dll
Beijing Rising Information Technology Co., Ltd.
Rising Common Function Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
00210000[0002D000]
[ M] 214. c:\program files\rising\rfw\comx3.dll
Beijing Rising Information Technology Co., Ltd.
comx3 Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
00370000[00019000]
[ M] 208. c:\program files\rising\rfw\syslay.dll
Beijing Rising Information Technology Co., Ltd.
Syslay
.text,.rdata,.data,.rsrc,.reloc,
01210000[00019000]
[ M] 226. c:\program files\rising\rfw\proccomm.dll
Beijing Rising Information Technology Co., Ltd.
ProcComm Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
23800000[00039000]
[ M] 251. c:\program files\rising\rfw\rsxml.dll
Beijing Rising Information Technology Co., Ltd.
RsXML
.text,.rdata,.data,.rsrc,.reloc,
01230000[00013000]
[ M] 252. c:\program files\rising\rfw\monstate.dll
Beijing Rising Information Technology Co., Ltd.
MonState
.text,.rdata,.data,.rsrc,.reloc,
003D0000[0000C000]
[ M] 204. c:\program files\rising\rfw\rfwrule.dll
Beijing Rising Information Technology Co., Ltd.
TODO: <File description>
.text,.rdata,.data,.rsrc,.reloc,
7C3A0000[0007B000]
[ M] 205. c:\windows\system32\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 206. c:\windows\system32\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
01250000[00017000]
[ M] 253. c:\program files\rising\rfw\rsconf.dll
Beijing Rising Information Technology Co., Ltd.
rsconf Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
01390000[00022000]
[ M] 254. c:\program files\rising\rfw\rspalvd.dll
Beijing Rising Information Technology Co., Ltd.
rspalvd
.text,.rdata,.data,.rsrc,.reloc,
26600000[00078000]
[ M] 255. c:\program files\rising\rfw\rsguilib.dll
Beijing Rising Information Technology Co., Ltd.
Rising GUI Library Loader
.text,.rdata,.data,.rsrc,.reloc,
33000000[00026000]
[ M] 256. c:\program files\rising\rfw\ravbintl.dll
Beijing Rising Information Technology Co., Ltd.
ravbintl Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
02040000[0007E000]
[ M] 212. c:\program files\rising\rfw\rsnetsvr.dll
Beijing Rising Information Technology Co., Ltd.
rsnetsvr
.text,.rdata,.data,.rsrc,.reloc,
022D0000[0004C000]
[ M] 257. c:\program files\rising\rfw\rsmginfo.dll
Beijing Rising Information Technology Co., Ltd.
rsmginfo
.text,.rdata,.data,.rsrc,.reloc,
02320000[00052000]
[ M] 258. c:\program files\rising\rfw\rfwtray.dll
Beijing Rising Information Technology Co., Ltd.
rfwtray Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
32000000[00088000]
[ M] 259. c:\program files\rising\rfw\ravppops.dll
Beijing Rising Information Technology Co., Ltd.
ravppops Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
013C0000[0000E000]
[ M] 224. c:\program files\rising\rfw\rsappmgr.dll
Beijing Rising Information Technology Co., Ltd.
Rising Application Manager
.text,.rdata,.data,.rsrc,.reloc,
024C0000[00044000]
[ M] 225. c:\program files\rising\rfw\cfgdll.dll
Beijing Rising Information Technology Co., Ltd.
CfgDll
.text,.rdata,.data,.rsrc,.reloc,
23900000[00040000]
[ M] 260. c:\program files\rising\rfw\pngdll.dll
Beijing Rising Information Technology Co., Ltd.
Rising .Png File Loader Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
02C00000[00082000]
[ M] 203. c:\program files\rising\rfw\rfwlog.dll
Beijing Rising Information Technology Co., Ltd.
rfwlog Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
+ 000004a4(1188) svchost.exe
+ 000005d4(1492) QQDoctorRTP.exe
00400000[001B0000]
[ M] 261. c:\program files\tencent\qqdoctor\qqdoctorrtp.exe
Tencent
QQ医生实时防护
UPX0,UPX1,.rsrc,
742B0000[0019E000]
[ M] 231. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16400_none_4209f94e2b866170\comctl32.dll
Microsoft Corporation
用户体验控件库
.text,.data,.rsrc,.reloc,
6F280000[0010F000]
[ M] 262. c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\mfc80u.dll
Microsoft Corporation
MFCDLL Shared Library - Retail Version
.text,.data,.rsrc,.reloc,
6F1E0000[0009B000]
[ M] 263. c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcr80.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
6EE90000[00087000]
[ M] 264. c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcp80.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
30000000[00189000]
[ M] 265. c:\program files\tencent\qqdoctor\safecommon.dll
Tencent
QQ2010
UPX0,UPX1,.rsrc,
6EC70000[0001B000]
[ M] 266. c:\windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\atl80.dll
Microsoft Corporation
ATL Module for Windows (Unicode)
.text,.rdata,.data,.rsrc,.reloc,
73D30000[0000A000]
[ M] 267. c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_03ca5532205cb096\mfc80chs.dll
Microsoft Corporation
MFC Language Specific Resources
.rsrc,.reloc,
10000000[00035000]
[ M] 268. c:\program files\tencent\qqdoctor\tsfsengine.dat
Tencent
TSFSEngine
UPX0,UPX1,.rsrc,
006C0000[0001A000]
[ M] 269. c:\program files\tencent\qqdoctor\tsfilefilter.dat
tencent
TSFileFilter
UPX0,UPX1,.rsrc,
014C0000[00028000]
[ M] 270. c:\program files\tencent\qqdoctor\tsvulmon.dat
Tencent
Tencent TSVulMon
.text,.rdata,.data,.shared,.rsrc,.reloc,
01A30000[00013000]
[ M] 271. c:\program files\tencent\qqdoctor\tsksplib.dat
Tencent
TSKSPLIB
UPX0,UPX1,.rsrc,
01A50000[00019000]
[AM] 128. c:\program files\tencent\qqdoctor\tswebmon.dat
Tencent
Tencent TSWebMon
.text,.rdata,.data,QQDrUrlF,.rsrc,.reloc,
+ 00000624(1572) spoolsv.exe
+ 00000660(1632) svchost.exe
+ 000006cc(1740) Dwm.exe
70EA0000[00272000]
[ M] 272. c:\windows\system32\igd10umd32.dll
Intel Corporation
LDDM User Mode Driver for Intel(R) Graphics Technology
.text,.rdata,.data,.rsrc,.reloc,
10000000[00028000]
[ M] 270. c:\program files\tencent\qqdoctor\tsvulmon.dat
Tencent
Tencent TSVulMon
.text,.rdata,.data,.shared,.rsrc,.reloc,
+ 000006e8(1768) RSTray.exe
00400000[00034000]
[AM] 138. c:\program files\rising\antispyware\rstray.exe
Beijing Rising Information Technology Co., Ltd.
RSTray
.text,.rdata,.data,.rsrc,
742B0000[0019E000]
[ M] 231. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16400_none_4209f94e2b866170\comctl32.dll
Microsoft Corporation
用户体验控件库
.text,.data,.rsrc,.reloc,
10000000[0004C000]
[ M] 273. c:\program files\rising\antispyware\rsmginfo.dll
Beijing Rising Information Technology Co., Ltd.
rsmginfo
.text,.rdata,.data,.rsrc,.reloc,
23800000[00022000]
[ M] 274. c:\program files\rising\antispyware\rsxml.dll
Beijing Rising Information Technology Co., Ltd.
RsXML
.text,.rdata,.data,.rsrc,.reloc,
7C3A0000[0007B000]
[ M] 275. c:\program files\rising\antispyware\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 276. c:\program files\rising\antispyware\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
00200000[00024000]
[ M] 277. c:\program files\rising\antispyware\comserv.dll
Beijing Rising Information Technology Co., Ltd.
.text,.rdata,.data,.rsrc,.reloc,
00330000[00019000]
[ M] 278. c:\program files\rising\antispyware\syslay.dll
Beijing Rising Information Technology Co., Ltd.
Syslay
.text,.rdata,.data,.rsrc,.reloc,
23700000[00026000]
[ M] 279. c:\program files\rising\antispyware\rscommon.dll
Beijing Rising Information Technology Co., Ltd.
Rising Common Function Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
00350000[0002D000]
[ M] 280. c:\program files\rising\antispyware\comx3.dll
Beijing Rising Information Technology Co., Ltd.
comx3 Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
23900000[00040000]
[ M] 281. c:\program files\rising\antispyware\pngdll.dll
Beijing Rising Information Technology Co., Ltd.
Rising .Png File Loader Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
02560000[00067000]
[ M] 282. c:\program files\rising\antispyware\runiep.dll
Beijing Rising Information Technology Co., Ltd.
Rising AntiSpyware tray
.text,.rdata,.data,.rsrc,.reloc,
01220000[00034000]
[ M] 283. c:\program files\rising\antispyware\ncomm.dll
Beijing Rising Information Technology Co., Ltd.
Rising AntiSpyware
.text,.rdata,.data,.rsrc,.reloc,
01260000[0001F000]
[ M] 165. c:\program files\rising\rav\proccom.dll
Beijing Rising Information Technology Co., Ltd.
ProcessC Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
01340000[00024000]
[ M] 284. c:\program files\rising\antispyware\rscommx2.dll
Beijing Rising Information Technology Co., Ltd.
RsCommX2
.text,.rdata,.data,.rsrc,.reloc,
+ 000006ec(1772) Explorer.EXE
740E0000[00190000]
[ M] 285. c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll
Microsoft Corporation
Microsoft GDI+
.text,.data,Shared,.rsrc,.reloc,
742B0000[0019E000]
[ M] 231. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16400_none_4209f94e2b866170\comctl32.dll
Microsoft Corporation
用户体验控件库
.text,.data,.rsrc,.reloc,
10000000[00028000]
[ M] 270. c:\program files\tencent\qqdoctor\tsvulmon.dat
Tencent
Tencent TSVulMon
.text,.rdata,.data,.shared,.rsrc,.reloc,
03BC0000[0003C000]
[AM] 126. c:\program files\thunder network\thunder\comdlls\tdatonce_now.dll
深圳市迅雷网络技术有限公司
TDAtOnce
.text,.rdata,.data,sharedda,.rsrc,.reloc,
7C120000[00019000]
[ M] 286. c:\program files\thunder network\thunder\comdlls\atl71.dll
Microsoft Corporation
ATL Module for Windows (Unicode)
.text,.rdata,.data,.rsrc,.reloc,
7C3C0000[0007C000]
[ M] 287. c:\program files\thunder network\thunder\comdlls\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
明明如月儿 - 2010-2-23 23:16:00
7C360000[00056000]
[ M] 288. c:\program files\thunder network\thunder\comdlls\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
03C30000[00040000]
[AM] 129. c:\program files\thunder network\thunder\comdlls\xunleibho_now.dll
深圳市迅雷网络技术有限公司
XunLeiBHO
.text,.rdata,.data,.rsrc,.reloc,
025F0000[0000E000]
[ M] 289. c:\users\public\thunder network\thunder_72dc43c7-1a38-47d9-9da8-768c397d4529_\components\resworker\dsbho_00.dll
Thunder Networking Technologies,LTD
DsBho
.text,.rdata,.data,.rsrc,.reloc,
03C00000[0001E000]
[ M] 290. c:\users\public\thunder network\thunder_72dc43c7-1a38-47d9-9da8-768c397d4529_\components\resworker\dataprocessor_00.dll
Thunder Networking Technologies,LTD
DataProcessor
.text,.rdata,.data,.rsrc,.reloc,
729E0000[0000D000]
[AM] 131. c:\program files\common files\microsoft shared\office11\msoxmlmf.dll
Microsoft Corporation
Microsoft Office XML MIME Filter
.text,.data,.cdata,.rsrc,.reloc,
+ 000006f8(1784) taskhost.exe
10000000[00028000]
[ M] 270. c:\program files\tencent\qqdoctor\tsvulmon.dat
Tencent
Tencent TSVulMon
.text,.rdata,.data,.shared,.rsrc,.reloc,
+ 00000730(1840) svchost.exe
742B0000[0019E000]
[ M] 231. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16400_none_4209f94e2b866170\comctl32.dll
Microsoft Corporation
用户体验控件库
.text,.data,.rsrc,.reloc,
+ 00000788(1928) sidebar.exe
742B0000[0019E000]
[ M] 231. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16400_none_4209f94e2b866170\comctl32.dll
Microsoft Corporation
用户体验控件库
.text,.data,.rsrc,.reloc,
740E0000[00190000]
[ M] 285. c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll
Microsoft Corporation
Microsoft GDI+
.text,.data,Shared,.rsrc,.reloc,
10000000[00019000]
[ M] 291. c:\program files\rising\rav\ravscrch.dll
Beijing Rising Information Technology Co., Ltd.
webmon module
.text,.rdata,.data,.rsrc,.reloc,
7C3A0000[0007B000]
[ M] 205. c:\windows\system32\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 206. c:\windows\system32\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
02020000[00028000]
[ M] 270. c:\program files\tencent\qqdoctor\tsvulmon.dat
Tencent
Tencent TSVulMon
.text,.rdata,.data,.shared,.rsrc,.reloc,
+ 000007d0(2000) QQDrRtpSvc.exe
00400000[000C2000]
[AM] 2. c:\program files\tencent\qqdoctor\qqdrrtpsvc.exe
Tencent
QQ医生实时防护服务
UPX0,UPX1,.rsrc,
+ 000008fc(2300) iexplore.exe
742B0000[0019E000]
[ M] 231. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16400_none_4209f94e2b866170\comctl32.dll
Microsoft Corporation
用户体验控件库
.text,.data,.rsrc,.reloc,
10000000[00028000]
[ M] 270. c:\program files\tencent\qqdoctor\tsvulmon.dat
Tencent
Tencent TSVulMon
.text,.rdata,.data,.shared,.rsrc,.reloc,
01C70000[0003C000]
[AM] 126. c:\program files\thunder network\thunder\comdlls\tdatonce_now.dll
深圳市迅雷网络技术有限公司
TDAtOnce
.text,.rdata,.data,sharedda,.rsrc,.reloc,
7C120000[00019000]
[ M] 286. c:\program files\thunder network\thunder\comdlls\atl71.dll
Microsoft Corporation
ATL Module for Windows (Unicode)
.text,.rdata,.data,.rsrc,.reloc,
71DB0000[00084000]
[ M] 180. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16400_none_ebf9dccf6c73e561\comctl32.dll
Microsoft Corporation
用户体验控件库
.text,.data,.rsrc,.reloc,
7C3C0000[0007C000]
[ M] 287. c:\program files\thunder network\thunder\comdlls\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
7C360000[00056000]
[ M] 288. c:\program files\thunder network\thunder\comdlls\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
01DC0000[0001C000]
[AM] 127. c:\program files\thunder network\thunder\program\embeddetectnow.dll
Xunlei
迅雷网页图片浏览器
.text,.orpc,.rdata,.data,.rsrc,.reloc,
02240000[00019000]
[AM] 128. c:\program files\tencent\qqdoctor\tswebmon.dat
Tencent
Tencent TSWebMon
.text,.rdata,.data,QQDrUrlF,.rsrc,.reloc,
6EC70000[0001B000]
[ M] 266. c:\windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\atl80.dll
Microsoft Corporation
ATL Module for Windows (Unicode)
.text,.rdata,.data,.rsrc,.reloc,
6EE90000[00087000]
[ M] 264. c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcp80.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
6F1E0000[0009B000]
[ M] 263. c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcr80.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
02A30000[00040000]
[AM] 129. c:\program files\thunder network\thunder\comdlls\xunleibho_now.dll
深圳市迅雷网络技术有限公司
XunLeiBHO
.text,.rdata,.data,.rsrc,.reloc,
01DF0000[0000E000]
[ M] 289. c:\users\public\thunder network\thunder_72dc43c7-1a38-47d9-9da8-768c397d4529_\components\resworker\dsbho_00.dll
Thunder Networking Technologies,LTD
DsBho
.text,.rdata,.data,.rsrc,.reloc,
02260000[0001E000]
[ M] 290. c:\users\public\thunder network\thunder_72dc43c7-1a38-47d9-9da8-768c397d4529_\components\resworker\dataprocessor_00.dll
Thunder Networking Technologies,LTD
DataProcessor
.text,.rdata,.data,.rsrc,.reloc,
729E0000[0000D000]
[AM] 131. c:\program files\common files\microsoft shared\office11\msoxmlmf.dll
Microsoft Corporation
Microsoft Office XML MIME Filter
.text,.data,.cdata,.rsrc,.reloc,
02AB0000[00018000]
[AM] 130. c:\windows\system32\urlfilter.dll
Beijing Rising Information Technology Co., Ltd.
Rising AntiSpyware UrlFilter Module
.text,.rdata,.data,.rsrc,.reloc,
02CF0000[00014000]
[ M] 292. c:\program files\rising\antispyware\urlrule.dll
Beijing Rising Information Technology Co., Ltd.
Rising AntiSpyware UrlRule Library
.text,.rdata,.data,.rsrc,.reloc,
01980000[00019000]
[ M] 291. c:\program files\rising\rav\ravscrch.dll
Beijing Rising Information Technology Co., Ltd.
webmon module
.text,.rdata,.data,.rsrc,.reloc,
69A80000[004A3000]
[ M] 293. c:\windows\system32\macromed\flash\flash10c.ocx
Adobe Systems, Inc.
Adobe Flash Player 10.0 r32
.text,.rdata,.data,.rodata,.rsrc,.reloc,
6C820000[003B1000]
[ M] 294. c:\windows\system32\igdumd32.dll
Intel Corporation
LDDM User Mode Driver for Intel(R) Graphics Technology
.text,.rdata,.data,.rsrc,.reloc,
740E0000[00190000]
[ M] 285. c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll
Microsoft Corporation
Microsoft GDI+
.text,.data,Shared,.rsrc,.reloc,
+ 00000d08(3336) ras.exe
00400000[0000B000]
[ M] 295. c:\program files\rising\antispyware\ras.exe
Beijing Rising Information Technology Co., Ltd.
Rising AntiSpyware
.text,.rdata,.data,.rsrc,
7C140000[00103000]
[ M] 296. c:\program files\rising\antispyware\mfc71.dll
Microsoft Corporation
MFCDLL Shared Library - Retail Version
.text,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 276. c:\program files\rising\antispyware\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
742B0000[0019E000]
[ M] 231. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16400_none_4209f94e2b866170\comctl32.dll
Microsoft Corporation
用户体验控件库
.text,.data,.rsrc,.reloc,
10000000[00028000]
[ M] 270. c:\program files\tencent\qqdoctor\tsvulmon.dat
Tencent
Tencent TSVulMon
.text,.rdata,.data,.shared,.rsrc,.reloc,
005F0000[00047000]
[ M] 297. c:\program files\rising\antispyware\kakamgr.dll
Beijing Rising Information Technology Co., Ltd.
Rising AntiSpyware
.text,.rdata,.data,.rsrc,.reloc,
7C3A0000[0007B000]
[ M] 275. c:\program files\rising\antispyware\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
00190000[00019000]
[ M] 278. c:\program files\rising\antispyware\syslay.dll
Beijing Rising Information Technology Co., Ltd.
Syslay
.text,.rdata,.data,.rsrc,.reloc,
01330000[0001F000]
[ M] 165. c:\program files\rising\rav\proccom.dll
Beijing Rising Information Technology Co., Ltd.
ProcessC Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
01350000[00024000]
[ M] 284. c:\program files\rising\antispyware\rscommx2.dll
Beijing Rising Information Technology Co., Ltd.
RsCommX2
.text,.rdata,.data,.rsrc,.reloc,
01380000[0002D000]
[ M] 280. c:\program files\rising\antispyware\comx3.dll
Beijing Rising Information Technology Co., Ltd.
comx3 Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
01960000[00058000]
[ M] 298. c:\program files\rising\antispyware\dbmgr.dll
Beijing Rising Information Technology Co., Ltd.
Rising AntiSpyware
.text,.rdata,.data,.rsrc,.reloc,
23800000[00022000]
[ M] 274. c:\program files\rising\antispyware\rsxml.dll
Beijing Rising Information Technology Co., Ltd.
RsXML
.text,.rdata,.data,.rsrc,.reloc,
013D0000[0002E000]
[ M] 299. c:\program files\rising\antispyware\pweb.dll
Beijing Rising Information Technology Co., Ltd.
Rising AntiSpyware
.text,.rdata,.data,.rsrc,.reloc,
01FC0000[0010D000]
[ M] 300. c:\program files\rising\antispyware\pscan.dll
Beijing Rising Information Technology Co., Ltd.
Rising AntiSpyware
.text,.rdata,.data,.rsrc,.reloc,
020D0000[00034000]
[ M] 283. c:\program files\rising\antispyware\ncomm.dll
Beijing Rising Information Technology Co., Ltd.
Rising AntiSpyware
.text,.rdata,.data,.rsrc,.reloc,
02110000[00070000]
[ M] 301. c:\program files\rising\antispyware\pset.dll
Beijing Rising Information Technology Co., Ltd.
Rising AntiSpyware
.text,.rdata,.data,.rsrc,.reloc,
022C0000[00027000]
[ M] 302. c:\program files\rising\antispyware\pdefend.dll
Beijing Rising Information Technology Co., Ltd.
Rising AntiSpyware
.text,.rdata,.data,.rsrc,.reloc,
022F0000[000B7000]
[ M] 303. c:\program files\rising\antispyware\ptools.dll
Beijing Rising Information Technology Co., Ltd.
Rising AntiSpyware
.text,.rdata,.data,.rsrc,.reloc,
023B0000[00075000]
[ M] 304. c:\program files\rising\antispyware\psysinfo.dll
Beijing Rising Information Technology Co., Ltd.
Rising AntiSpyware
.text,.rdata,.data,.rsrc,.reloc,
23900000[00040000]
[ M] 281. c:\program files\rising\antispyware\pngdll.dll
Beijing Rising Information Technology Co., Ltd.
Rising .Png File Loader Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
014F0000[00019000]
[ M] 291. c:\program files\rising\rav\ravscrch.dll
Beijing Rising Information Technology Co., Ltd.
webmon module
.text,.rdata,.data,.rsrc,.reloc,
69A80000[004A3000]
[ M] 293. c:\windows\system32\macromed\flash\flash10c.ocx
Adobe Systems, Inc.
Adobe Flash Player 10.0 r32
.text,.rdata,.data,.rodata,.rsrc,.reloc,
+ 00000eb8(3768) iexplore.exe
742B0000[0019E000]
[ M] 231. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16400_none_4209f94e2b866170\comctl32.dll
Microsoft Corporation
用户体验控件库
.text,.data,.rsrc,.reloc,
10000000[00028000]
[ M] 270. c:\program files\tencent\qqdoctor\tsvulmon.dat
Tencent
Tencent TSVulMon
.text,.rdata,.data,.shared,.rsrc,.reloc,
71DB0000[00084000]
[ M] 180. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16400_none_ebf9dccf6c73e561\comctl32.dll
Microsoft Corporation
用户体验控件库
.text,.data,.rsrc,.reloc,
+ 00000f2c(3884) wmplayer.exe
740E0000[00190000]
[ M] 285. c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll
Microsoft Corporation
Microsoft GDI+
.text,.data,Shared,.rsrc,.reloc,
10000000[00028000]
[ M] 270. c:\program files\tencent\qqdoctor\tsvulmon.dat
Tencent
Tencent TSVulMon
.text,.rdata,.data,.shared,.rsrc,.reloc,
742B0000[0019E000]
[ M] 231. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16400_none_4209f94e2b866170\comctl32.dll
Microsoft Corporation
用户体验控件库
.text,.data,.rsrc,.reloc,
005D0000[00019000]
[ M] 291. c:\program files\rising\rav\ravscrch.dll
Beijing Rising Information Technology Co., Ltd.
webmon module
.text,.rdata,.data,.rsrc,.reloc,
7C3A0000[0007B000]
[ M] 205. c:\windows\system32\msvcp71.dll
Microsoft Corporation
Microsoft? C++ Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
7C340000[00056000]
[ M] 206. c:\windows\system32\msvcr71.dll
Microsoft Corporation
Microsoft? C Runtime Library
.text,.rdata,.data,.rsrc,.reloc,
729E0000[0000D000]
[AM] 131. c:\program files\common files\microsoft shared\office11\msoxmlmf.dll
Microsoft Corporation
Microsoft Office XML MIME Filter
.text,.data,.cdata,.rsrc,.reloc,
+ 00000f48(3912) DllHost.exe
10000000[00028000]
[ M] 270. c:\program files\tencent\qqdoctor\tsvulmon.dat
Tencent
Tencent TSVulMon
.text,.rdata,.data,.shared,.rsrc,.reloc,
740E0000[00190000]
[ M] 285. c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll
Microsoft Corporation
Microsoft GDI+
.text,.data,Shared,.rsrc,.reloc,
742B0000[0019E000]
[ M] 231. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16400_none_4209f94e2b866170\comctl32.dll
Microsoft Corporation
用户体验控件库
.text,.data,.rsrc,.reloc,
6C820000[003B1000]
[ M] 294. c:\windows\system32\igdumd32.dll
Intel Corporation
LDDM User Mode Driver for Intel(R) Graphics Technology
.text,.rdata,.data,.rsrc,.reloc,
+ 00000fdc(4060) knownsvr.exe
00400000[00072000]
[ M] 305. c:\program files\rising\antispyware\knownsvr.exe
Beijing Rising Information Technology Co., Ltd.
Rising AntiSpyware
.text,.rdata,.data,.rsrc,
10000000[00034000]
[ M] 283. c:\program files\rising\antispyware\ncomm.dll
Beijing Rising Information Technology Co., Ltd.
Rising AntiSpyware
.text,.rdata,.data,.rsrc,.reloc,
001E0000[0002D000]
[ M] 280. c:\program files\rising\antispyware\comx3.dll
Beijing Rising Information Technology Co., Ltd.
comx3 Dynamic Link Library
.text,.rdata,.data,.rsrc,.reloc,
00210000[00019000]
[ M] 278. c:\program files\rising\antispyware\syslay.dll
Beijing Rising Information Technology Co., Ltd.
Syslay
.text,.rdata,.data,.rsrc,.reloc,
00390000[00028000]
[ M] 270. c:\program files\tencent\qqdoctor\tsvulmon.dat
Tencent
Tencent TSVulMon
.text,.rdata,.data,.shared,.rsrc,.reloc,
742B0000[0019E000]
[ M] 231. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16400_none_4209f94e2b866170\comctl32.dll
Microsoft Corporation
用户体验控件库
.text,.data,.rsrc,.reloc,
辛达星郁 - 2010-2-23 23:24:00
你误解我的意思了
我的意思是你把开机提示截图
或者杀毒软件的日志,因为那个提示杀毒软件都会记录下来的
找到杀毒软件提示的日志,主要因为那里有详细的记录,可以查看到哪个程序在访问注册表
明明如月儿 - 2010-2-23 23:24:00
这是截图: [img]file:///C:/Users/ADMINI~1/AppData/Local/Temp/~T_HPUC3M[%60L00S%60PE[7JJ4.jpg[/img]
传不上来呀。
辛达星郁 - 2010-2-23 23:32:00
点击下边的引用
以附件上传就行
辛达星郁 - 2010-2-23 23:34:00
原帖由 明明如月儿 于 2010-2-23 23:24:00 发表
这是截图: [img]file:///C:/Users/ADMINI~1/AppData/Local/Temp/~T_HPUC3M[%60L00S%60PE[7JJ4.jpg[/img]
传不上来呀。
还有找到杀毒软件的日志
看看是哪个程序在访问注册表
明明如月儿 - 2010-2-23 23:38:00
不知道怎么弄,导不出来日志。:kaka6: 不过还是谢谢啦:kaka1:
明明如月儿 - 2010-2-23 23:45:00
规则 ID: 42
防护类型: 修改
进程: C:\WINDOWS\SYSTEM32\REG.EXE
数值名称: HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\START PAGE
旧值:
新值:
http://www.yl234.com/?27
明明如月儿 - 2010-2-23 23:47:00
下面这个是从杀毒日记里复制出来的,老大再帮看下哈
规则 ID: 42
防护类型: 修改
进程: C:\WINDOWS\SYSTEM32\REG.EXE
数值名称: HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\START PAGE
旧值:
新值:
http://www.yl234.com/?27
辛达星郁 - 2010-2-23 23:54:00
看样子应该是这个网址,想修改注册表
篡改你的主页
辛达星郁 - 2010-2-23 23:59:00
现在你的主页有什么异常吗??
最近安装过什么软件吗??
这个提示开机会出现,应该是开机自启动项有问题
这个开机自启动项应该和这个网站有关系
辛达星郁 - 2010-2-24 0:02:00
下载sre日志工具进行扫描日志,
http://bbs.ikaka.com/attachment.aspx?attachmentid=462487SRENG工具的各项操作看这里:
http://bbs.ikaka.com/showtopic-8545446.aspx把扫描的日志以附件的形式上传论坛
不要在直接复制到帖子里,要以附件的形式上传
注意:扫描前请尽量关闭QQ、游戏、下载工具、媒体播放器等应用程序
明明如月儿 - 2010-2-24 0:19:00
谢谢,下面是扫描的结果::kaka1:
附件:
SREngLOG.log
wanghy11111 - 2010-2-24 10:00:00
我没有找出守护的进程,但日志里有些地方应该改下
********************************************************************
★ 『建议您删除的文件』 ★
☆ HELP ☆前置信息2
http://www.999w.com/?13
★ *********************************************** ★
★ 『建议您清理的浏览器加载项项目』 ★
☆ HELP ☆前置信息3
【名称:999W网址大全】,【映像路径:
http://www.999w.com/?13】
★ *********************************************** ★
J:\gghost\ggghost.sys,不知道是否是正常的,如果不是你用的到的建议删除
还有进程里有许多关于迅雷的没有签名,建议你卸载迅雷,彻底删除C:\Program Files\Thunder Network\后重新安装迅雷
明明如月儿 - 2010-2-24 10:39:00
:default7: :default7: 谢谢,问题好像解决了
明明如月儿 - 2010-2-24 11:27:00
:kaka6: 怎么重启又有啦
Luke8 - 2010-2-24 14:56:00
把你的计划任务清理下,记住,尽量全部删除掉。
辛达星郁 - 2010-2-24 17:21:00
删除文件工具SmtDel
http://bbs.ikaka.com/attachment.aspx?attachmentid=445131使用SmtDdl删除以下文件
j:\gghost\ggghost.sys
2.删除重启后使用SREng修复下面各项: 启动项目 -- 服务-- 驱动程序之如下项禁用:
[ggghost / ggghost] <\??\J:\gghost\ggghost.sys>
:kaka17: 注意,你在运行SRE扫描日志工具进行删除驱动操作的时候,右键以管理员身份运行
删除工具在运行时也有右键以管理身份运行
还有不要忘记把这个月的补丁大全
明明如月儿 - 2010-2-24 23:52:00
j:\gghost\ggghost.sys
这个文件在电脑里搜不出来呀:kaka6:
明明如月儿 - 2010-2-24 23:55:00
删除文件工具SmtDel
用上面这个软件也提示找不到这个文件呵:kaka6:
辛达星郁 - 2010-2-25 8:26:00
提示找不到没有大碍,直接重启
在操作的时候,工具不是提示你重启了吗
你一步一步往下做
夲號ヱ被ジ盜 - 2010-2-25 8:57:00
提示实习生
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vb.vbs
1
© 2000 - 2025 Rising Corp. Ltd.